source3/librpc/crypto/gse.h

   1 /*
   2  *  GSSAPI Security Extensions
   3  *  Copyright (C) Simo Sorce 2010.
   4  *
   5  *  This program is free software; you can redistribute it and/or modify
   6  *  it under the terms of the GNU General Public License as published by
   7  *  the Free Software Foundation; either version 3 of the License, or
   8  *  (at your option) any later version.
   9  *
  10  *  This program is distributed in the hope that it will be useful,
  11  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  *  GNU General Public License for more details.
  14  *
  15  *  You should have received a copy of the GNU General Public License
  16  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
  17  */
  18
  19 #ifndef _GSE_H_
  20 #define _GSE_H_
  21
  22 struct gse_context;
  23
  24 #ifndef GSS_C_DCE_STYLE
  25 #define GSS_C_DCE_STYLE 0x1000
  26 #endif
  27
  28 NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx,
  29                           bool do_sign, bool do_seal,
  30                           const char *ccache_name,
  31                           const char *server,
  32                           const char *service,
  33                           const char *username,
  34                           const char *password,
  35                           uint32_t add_gss_c_flags,
  36                           struct gse_context **_gse_ctx);
  37 NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
  38                                    struct gse_context *gse_ctx,
  39                                    DATA_BLOB *token_in,
  40                                    DATA_BLOB *token_out);
  41
  42 NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx,
  43                          bool do_sign, bool do_seal,
  44                          uint32_t add_gss_c_flags,
  45                          struct gse_context **_gse_ctx);
  46 NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx,
  47                                    struct gse_context *gse_ctx,
  48                                    DATA_BLOB *token_in,
  49                                    DATA_BLOB *token_out);
  50 NTSTATUS gse_verify_server_auth_flags(struct gse_context *gse_ctx);
  51
  52 bool gse_require_more_processing(struct gse_context *gse_ctx);
  53 DATA_BLOB gse_get_session_key(TALLOC_CTX *mem_ctx,
  54                                 struct gse_context *gse_ctx);
  55 NTSTATUS gse_get_client_name(struct gse_context *gse_ctx,
  56                              TALLOC_CTX *mem_ctx, char **client_name);
  57 NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx,
  58                             TALLOC_CTX *mem_ctx, DATA_BLOB *pac);
  59 NTSTATUS gse_get_pac_blob(struct gse_context *gse_ctx,
  60                           TALLOC_CTX *mem_ctx, DATA_BLOB *pac_blob);
  61
  62 size_t gse_get_signature_length(struct gse_context *gse_ctx,
  63                                 int seal, size_t payload_size);
  64 NTSTATUS gse_seal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  65                   DATA_BLOB *data, DATA_BLOB *signature);
  66 NTSTATUS gse_unseal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  67                     DATA_BLOB *data, DATA_BLOB *signature);
  68 NTSTATUS gse_sign(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  69                   DATA_BLOB *data, DATA_BLOB *signature);
  70 NTSTATUS gse_sigcheck(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx,
  71                       DATA_BLOB *data, DATA_BLOB *signature);
  72
  73 #endif /* _GSE_H_ */