src/sip-sec.h

   1 /**
   2  * @file sip-sec.h
   3  *
   4  * pidgin-sipe
   5  *
   6  * Copyright (C) 2009 pier11 <pier11@kinozal.tv>
   7  *
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License
  20  * along with this program; if not, write to the Free Software
  21  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  22  */
  23
  24 /* Opaque type definition for security context */
  25 typedef struct sip_sec_context *SipSecContext;
  26
  27 typedef enum
  28 {
  29         AUTH_TYPE_UNSET = 0,
  30         AUTH_TYPE_DIGEST,
  31         AUTH_TYPE_NTLM,
  32         AUTH_TYPE_KERBEROS
  33 } SipSecAuthType;
  34
  35 //// Sipe convenience methods ////
  36
  37 /**
  38  * A convenience method for sipe.
  39  * Initializes security context.
  40  * Obtains cashed initial credentials (TGT for Kerberos) or requests new ones if required. In former case domain/username/password information is unnecessary.
  41  * Then obtains Service ticket (for Kerberos) , base64 encodes it and provide as output.
  42  *
  43  * @param context (in,out) security context to store and pass between security method invocations
  44  * @param mech (in) security mechanism - NTLM or Kerberos
  45  * @param domain (in) NTLM Domain/Kerberos Realm.
  46  * @param target (in) security target. Service principal name on case of Kerberos.
  47  * @param input_toked_base64 (in) base64 encoded input security token. This is Type2 NTLM message or NULL for Kerberos.
  48  *
  49  * @return base64 encoded output token to send to server.
  50  */
  51 char *sip_sec_init_context(SipSecContext *context,
  52                            SipSecAuthType type,
  53                            const char *domain,
  54                            const char *username,
  55                            const char *password,
  56                            const char *target,
  57                            const char *input_toked_base64);
  58
  59 /**
  60  * A convenience method for sipe.
  61  * Destroys security context.
  62  *
  63  * @param context (in,out) security context to destroy
  64  */
  65 void sip_sec_destroy_context(SipSecContext context);
  66
  67 /**
  68  * A convenience method for sipe.
  69  * Signs incoming message.
  70  *
  71  * @param message (in) a message to sign.
  72  *
  73  * @return signature for the message. Converted to Hex null terminated string;
  74  */
  75 char *sip_sec_make_signature(SipSecContext context,
  76                              const char *message);
  77
  78 /**
  79  * A convenience method for sipe.
  80  * Verifies signature for the message.
  81  *
  82  * @param mesage (in) which signature to verify. Null terminated string.
  83  * @param signature_hex (in) signature to test in Hex representation. Null terminated string. Example: "602306092A864886F71201020201011100FFFFFFFF1A306ACB7BE311827BBF7208D80D15E3"
  84  *
  85  * @return FALSE on error
  86  */
  87 int sip_sec_verify_signature(SipSecContext context,
  88                              const char *message,
  89                              const char *signature_hex);