2 * Copyright (c) 2010-2018 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #ifndef NETLOGON_NETLOGON_H
37 #define NETLOGON_NETLOGON_H
48 #include <gssapi_mech.h>
49 #include <gssapi_netlogon.h>
54 #include <heim_threads.h>
56 #define HC_DEPRECATED_CRYPTO
57 #include "crypto-headers.h"
64 #define NL_NEGOTIATE_REQUEST_MESSAGE 0x00000000
65 #define NL_NEGOTIATE_RESPONSE_MESSAGE 0x00000001
67 #define NL_FLAG_NETBIOS_DOMAIN_NAME 0x00000001
68 #define NL_FLAG_NETBIOS_COMPUTER_NAME 0x00000002
69 #define NL_FLAG_DNS_DOMAIN_NAME 0x00000004
70 #define NL_FLAG_DNS_HOST_NAME 0x00000008 /* not used */
71 #define NL_FLAG_UTF8_COMPUTER_NAME 0x00000010
76 #define NL_AUTH_MESSAGE_LENGTH 8
78 /* SignatureAlgorithm */
79 #define NL_SIGN_ALG_HMAC_MD5 0x0077
80 #define NL_SIGN_ALG_SHA256 0x0013
83 #define NL_SEAL_ALG_RC4 0x007A
84 #define NL_SEAL_ALG_AES128 0x001A
85 #define NL_SEAL_ALG_NONE 0xFFFF
88 uint16_t SignatureAlgorithm
;
89 uint16_t SealAlgorithm
;
92 uint8_t SequenceNumber
[8];
94 uint8_t Confounder
[8];
97 #define NL_AUTH_SIGNATURE_HEADER_LENGTH 8
98 #define NL_AUTH_SIGNATURE_COMMON_LENGTH 16
99 #define NL_AUTH_SIGNATURE_LENGTH 32
102 uint16_t SignatureAlgorithm
;
103 uint16_t SealAlgorithm
;
106 uint8_t SequenceNumber
[8];
107 uint8_t Checksum
[32];
108 uint8_t Confounder
[8];
109 } NL_AUTH_SHA2_SIGNATURE
;
111 #define NL_AUTH_SHA2_SIGNATURE_LENGTH 56
114 NL_AUTH_SIGNATURE Signature
;
115 NL_AUTH_SHA2_SIGNATURE SHA2Signature
;
116 } NL_AUTH_SIGNATURE_U
;
118 #define NL_AUTH_SIGNATURE_P(_u) (&(_u)->Signature)
120 typedef struct gssnetlogon_name
{
121 gss_buffer_desc NetbiosName
;
122 gss_buffer_desc DnsName
;
124 typedef const struct gssnetlogon_name
*gssnetlogon_const_name
;
126 typedef struct gssnetlogon_cred
{
127 gssnetlogon_name
*Name
;
128 uint16_t SignatureAlgorithm
;
129 uint16_t SealAlgorithm
;
130 uint8_t SessionKey
[16];
132 typedef const struct gssnetlogon_cred
*gssnetlogon_const_cred
;
134 typedef struct gssnetlogon_ctx
{
136 enum { NL_AUTH_NEGOTIATE
, NL_AUTH_ESTABLISHED
} State
;
138 uint8_t LocallyInitiated
;
139 uint32_t MessageBlockSize
;
140 uint16_t SignatureAlgorithm
;
141 uint16_t SealAlgorithm
;
142 uint64_t SequenceNumber
;
143 gssnetlogon_name SourceName
;
144 gssnetlogon_name TargetName
;
145 uint8_t SessionKey
[16];
148 #include <netlogon-private.h>
150 #endif /* NETLOGON_NETLOGON_H */