s4-backupkey: IDL for ServerWrap subprotocol
[Samba.git] / librpc / idl / backupkey.idl
blob18098cd0a6a2770ff896a2da2c95a67ebcbb059d
1 #include "idl_types.h"
3 import "misc.idl", "security.idl";
5 uuid("3dde7c30-165d-11d1-ab8f-00805f14db40"),
6 version(1.0),
7 endpoint("ncacn_np:[\\pipe\\protected_storage]","ncacn_np:[\\pipe\\ntsvcs]" ,"ncacn_ip_tcp:"),
8 helpstring("Remote Backup Key Storage"),
9 helper("../librpc/ndr/ndr_backupkey.h"),
10 pointer_default(unique)
12 interface backupkey
14 const string BACKUPKEY_RESTORE_GUID = "47270C64-2FC7-499B-AC5B-0E37CDCE899A";
15 const string BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID = "018FF48A-EABA-40C6-8F6D-72370240E967";
17 const string BACKUPKEY_RESTORE_GUID_WIN2K = "7FE94D50-178E-11D1-AB8F-00805F14DB40";
18 const string BACKUPKEY_BACKUP_GUID = "7F752B10-178E-11D1-AB8F-00805F14DB40";
21 * The magic values are really what they are there is no name it's just remarkable values
22 * that are here to check that what is transmited or decoded is really what the client or
23 * the server expect.
25 [public] typedef struct {
26 [value(0x00000002)] uint32 header1;
27 [value(0x00000494)] uint32 header2;
28 uint32 certificate_len;
29 [value(0x00000207)] uint32 magic1;
30 [value(0x0000A400)] uint32 magic2;
31 [value(0x32415352)] uint32 magic3;
32 [value(0x00000800)] uint32 magic4;
33 [subcontext(0),subcontext_size(4),flag(NDR_REMAINING)] DATA_BLOB public_exponent;
35 [subcontext(0),subcontext_size(256),flag(NDR_REMAINING)] DATA_BLOB modulus;
36 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB prime1;
37 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB prime2;
38 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB exponent1;
39 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB exponent2;
40 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB coefficient;
41 [subcontext(0),subcontext_size(256),flag(NDR_REMAINING)] DATA_BLOB private_exponent;
42 [subcontext(0),subcontext_size(certificate_len),flag(NDR_REMAINING)] DATA_BLOB cert;
43 } bkrp_exported_RSA_key_pair;
45 [public] typedef struct {
46 [value(0x00000001)] uint32 magic;
47 uint8 key[256];
48 } bkrp_dc_serverwrap_key;
50 [public] typedef struct {
51 } bkrp_empty;
53 [public,gensize] typedef struct {
54 uint32 version;
55 uint32 encrypted_secret_len;
56 uint32 access_check_len;
57 GUID guid;
58 uint8 encrypted_secret[encrypted_secret_len];
59 uint8 access_check[access_check_len];
60 } bkrp_client_side_wrapped;
62 [public] typedef struct {
63 [value(0x00000000)] uint32 magic;
64 [subcontext(0),flag(NDR_REMAINING)] DATA_BLOB secret;
65 } bkrp_client_side_unwrapped;
67 [public] typedef struct {
68 uint32 secret_len;
69 [value(0x00000020)] uint32 magic;
70 uint8 secret[secret_len];
71 uint8 payload_key[32];
72 } bkrp_encrypted_secret_v2;
74 [public] typedef struct {
75 uint32 secret_len;
76 [value(0x00000030)] uint32 magic1;
77 [value(0x00006610)] uint32 magic2;
78 [value(0x0000800e)] uint32 magic3;
79 uint8 secret[secret_len];
80 uint8 payload_key[48];
81 } bkrp_encrypted_secret_v3;
83 /* Due to alignement constraint we can generate the structure only via pidl*/
84 [public, nopush, nopull] typedef struct {
85 [value(0x00000001)] uint32 magic;
86 uint32 nonce_len;
87 uint8 nonce[nonce_len];
88 dom_sid sid;
89 uint8 hash[20];
90 } bkrp_access_check_v2;
92 /* Due to alignement constraint we can generate the structure only via pidl*/
93 [public,nopush,nopull] typedef struct {
94 [value(0x00000001)] uint32 magic;
95 uint32 nonce_len;
96 uint8 nonce[nonce_len];
97 dom_sid sid;
98 uint8 hash[64];
99 } bkrp_access_check_v3;
101 [public] typedef struct {
102 [subcontext(0),subcontext_size(32),flag(NDR_REMAINING)] DATA_BLOB r3;
103 [subcontext(0),subcontext_size(20),flag(NDR_REMAINING)] DATA_BLOB mac;
104 dom_sid sid;
105 [subcontext(0),flag(NDR_REMAINING)] DATA_BLOB secret;
106 } bkrp_rc4encryptedpayload;
108 [public] typedef struct {
109 [value(0x00000001)] uint32 magic;
110 uint32 payload_length;
111 uint32 cyphertext_length;
112 [subcontext(0),subcontext_size(16),flag(NDR_REMAINING)] DATA_BLOB guid_of_wrapping_key;
113 [subcontext(0),subcontext_size(68),flag(NDR_REMAINING)] DATA_BLOB r2;
114 [subcontext(0),flag(NDR_REMAINING)] DATA_BLOB rc4encryptedpayload;
115 } bkrp_server_side_wrapped;
117 [public] typedef struct {
118 [flag(NDR_REMAINING)] DATA_BLOB opaque;
119 } bkrp_opaque_blob;
121 typedef enum {
122 BACKUPKEY_INVALID_GUID_INTEGER = 0xFFFF,
123 BACKUPKEY_RESTORE_GUID_INTEGER = 0x0000,
124 BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID_INTEGER = 0x0001,
125 BACKUPKEY_RESTORE_GUID_WIN2K_INTEGER = 0x0002,
126 BACKUPKEY_BACKUP_GUID_INTEGER = 0x0003
127 } bkrp_guid_to_integer;
129 [public] typedef [nodiscriminant] union {
130 [case(BACKUPKEY_RESTORE_GUID_INTEGER)] bkrp_client_side_wrapped restore_req;
131 [case(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID_INTEGER)] bkrp_empty empty;
132 [case(BACKUPKEY_RESTORE_GUID_WIN2K_INTEGER)] bkrp_server_side_wrapped unsign_req;
133 [case(BACKUPKEY_BACKUP_GUID_INTEGER)] bkrp_opaque_blob sign_req;
134 } bkrp_data_in_blob;
136 /******************/
137 /* Function: 0x00 */
139 [public, noprint] WERROR bkrp_BackupKey (
140 [in,ref] GUID *guidActionAgent,
141 [in,ref] [size_is(data_in_len)] uint8 *data_in,
142 [in] uint32 data_in_len,
143 [out,ref] [size_is(,*data_out_len)] uint8 **data_out,
144 [out,ref] uint32 *data_out_len,
145 [in] uint32 param