2 * secur32 private definitions.
4 * Copyright (C) 2004 Juan Lang
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 #ifndef __SECUR32_PRIV_H__
22 #define __SECUR32_PRIV_H__
24 #include <sys/types.h>
26 #include "wine/list.h"
29 typedef struct _SecureProvider
35 SecurityFunctionTableA fnTableA
;
36 SecurityFunctionTableW fnTableW
;
39 typedef struct _SecurePackage
43 SecureProvider
*provider
;
46 typedef enum _helper_mode
{
52 typedef struct tag_arc4_info
{
54 unsigned char state
[256];
57 typedef struct _NegoHelper
{
86 } NegoHelper
, *PNegoHelper
;
88 typedef struct _NtlmCredentials
92 /* these are all in the Unix codepage */
95 char *password
; /* not nul-terminated */
97 int no_cached_credentials
; /* don't try to use cached Samba credentials */
98 } NtlmCredentials
, *PNtlmCredentials
;
100 typedef enum _sign_direction
{
105 /* Allocates space for and initializes a new provider. If fnTableA or fnTableW
106 * is non-NULL, assumes the provider is built-in, and if moduleName is non-NULL,
107 * means must load the LSA/user mode functions tables from external SSP/AP module.
108 * Otherwise moduleName must not be NULL.
109 * Returns a pointer to the stored provider entry, for use adding packages.
111 SecureProvider
*SECUR32_addProvider(const SecurityFunctionTableA
*fnTableA
,
112 const SecurityFunctionTableW
*fnTableW
, PCWSTR moduleName
) DECLSPEC_HIDDEN
;
114 /* Allocates space for and adds toAdd packages with the given provider.
115 * provider must not be NULL, and either infoA or infoW may be NULL, but not
118 void SECUR32_addPackages(SecureProvider
*provider
, ULONG toAdd
,
119 const SecPkgInfoA
*infoA
, const SecPkgInfoW
*infoW
) DECLSPEC_HIDDEN
;
121 /* Tries to find the package named packageName. If it finds it, implicitly
122 * loads the package if it isn't already loaded.
124 SecurePackage
*SECUR32_findPackageW(PCWSTR packageName
) DECLSPEC_HIDDEN
;
126 /* Tries to find the package named packageName. (Thunks to _findPackageW)
128 SecurePackage
*SECUR32_findPackageA(PCSTR packageName
) DECLSPEC_HIDDEN
;
130 /* A few string helpers; will return NULL if str is NULL. Free return with
132 PWSTR
SECUR32_AllocWideFromMultiByte(PCSTR str
) DECLSPEC_HIDDEN
;
133 PSTR
SECUR32_AllocMultiByteFromWide(PCWSTR str
) DECLSPEC_HIDDEN
;
135 /* Initialization functions for built-in providers */
136 void SECUR32_initSchannelSP(void) DECLSPEC_HIDDEN
;
137 void SECUR32_initNegotiateSP(void) DECLSPEC_HIDDEN
;
138 void SECUR32_initNTLMSP(void) DECLSPEC_HIDDEN
;
140 /* Cleanup functions for built-in providers */
141 void SECUR32_deinitSchannelSP(void) DECLSPEC_HIDDEN
;
143 /* Functions from dispatcher.c used elsewhere in the code */
144 SECURITY_STATUS
fork_helper(PNegoHelper
*new_helper
, const char *prog
,
145 char * const argv
[]) DECLSPEC_HIDDEN
;
147 SECURITY_STATUS
run_helper(PNegoHelper helper
, char *buffer
,
148 unsigned int max_buflen
, int *buflen
) DECLSPEC_HIDDEN
;
150 void cleanup_helper(PNegoHelper helper
) DECLSPEC_HIDDEN
;
152 void check_version(PNegoHelper helper
) DECLSPEC_HIDDEN
;
154 /* Functions from base64_codec.c used elsewhere */
155 SECURITY_STATUS
encodeBase64(PBYTE in_buf
, int in_len
, char* out_buf
,
156 int max_len
, int *out_len
) DECLSPEC_HIDDEN
;
158 SECURITY_STATUS
decodeBase64(char *in_buf
, int in_len
, BYTE
*out_buf
,
159 int max_len
, int *out_len
) DECLSPEC_HIDDEN
;
161 /* Functions from util.c */
162 ULONG
ComputeCrc32(const BYTE
*pData
, INT iLen
, ULONG initial_crc
) DECLSPEC_HIDDEN
;
163 SECURITY_STATUS
SECUR32_CreateNTLM1SessionKey(PBYTE password
, int len
, PBYTE session_key
) DECLSPEC_HIDDEN
;
164 SECURITY_STATUS
SECUR32_CreateNTLM2SubKeys(PNegoHelper helper
) DECLSPEC_HIDDEN
;
165 arc4_info
*SECUR32_arc4Alloc(void) DECLSPEC_HIDDEN
;
166 void SECUR32_arc4Init(arc4_info
*a4i
, const BYTE
*key
, unsigned int keyLen
) DECLSPEC_HIDDEN
;
167 void SECUR32_arc4Process(arc4_info
*a4i
, BYTE
*inoutString
, unsigned int length
) DECLSPEC_HIDDEN
;
168 void SECUR32_arc4Cleanup(arc4_info
*a4i
) DECLSPEC_HIDDEN
;
170 /* NTLMSSP flags indicating the negotiated features */
171 #define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
172 #define NTLMSSP_NEGOTIATE_OEM 0x00000002
173 #define NTLMSSP_REQUEST_TARGET 0x00000004
174 #define NTLMSSP_NEGOTIATE_SIGN 0x00000010
175 #define NTLMSSP_NEGOTIATE_SEAL 0x00000020
176 #define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE 0x00000040
177 #define NTLMSSP_NEGOTIATE_LM_SESSION_KEY 0x00000080
178 #define NTLMSSP_NEGOTIATE_NTLM 0x00000200
179 #define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000
180 #define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000
181 #define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x00004000
182 #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
183 #define NTLMSSP_NEGOTIATE_TARGET_TYPE_DOMAIN 0x00010000
184 #define NTLMSSP_NEGOTIATE_TARGET_TYPE_SERVER 0x00020000
185 #define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
186 #define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
187 #define NTLMSSP_NEGOTIATE_128 0x20000000
188 #define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
189 #define NTLMSSP_NEGOTIATE_56 0x80000000
191 SECURITY_STATUS SEC_ENTRY
ntlm_AcquireCredentialsHandleW(SEC_WCHAR
*, SEC_WCHAR
*,
192 ULONG
, PLUID
, PVOID
, SEC_GET_KEY_FN
, PVOID
, PCredHandle
, PTimeStamp
) DECLSPEC_HIDDEN
;
193 SECURITY_STATUS SEC_ENTRY
ntlm_InitializeSecurityContextW(PCredHandle
, PCtxtHandle
,
194 SEC_WCHAR
*, ULONG fContextReq
, ULONG
, ULONG
, PSecBufferDesc
, ULONG
, PCtxtHandle
,
195 PSecBufferDesc
, ULONG
*, PTimeStamp
) DECLSPEC_HIDDEN
;
196 SECURITY_STATUS SEC_ENTRY
ntlm_AcceptSecurityContext(PCredHandle
, PCtxtHandle
, PSecBufferDesc
,
197 ULONG
, ULONG
, PCtxtHandle
, PSecBufferDesc
, ULONG
*, PTimeStamp
) DECLSPEC_HIDDEN
;
198 SECURITY_STATUS SEC_ENTRY
ntlm_QueryContextAttributesA(PCtxtHandle
, ULONG
, void *) DECLSPEC_HIDDEN
;
199 SECURITY_STATUS SEC_ENTRY
ntlm_QueryContextAttributesW(PCtxtHandle
, ULONG
, void *) DECLSPEC_HIDDEN
;
200 SECURITY_STATUS SEC_ENTRY
ntlm_EncryptMessage(PCtxtHandle
, ULONG
, PSecBufferDesc
, ULONG
) DECLSPEC_HIDDEN
;
201 SECURITY_STATUS SEC_ENTRY
ntlm_DecryptMessage(PCtxtHandle
, PSecBufferDesc
, ULONG
, PULONG
) DECLSPEC_HIDDEN
;
202 SECURITY_STATUS SEC_ENTRY
ntlm_FreeCredentialsHandle(PCredHandle
) DECLSPEC_HIDDEN
;
203 SECURITY_STATUS SEC_ENTRY
ntlm_DeleteSecurityContext(PCtxtHandle
) DECLSPEC_HIDDEN
;
204 SECURITY_STATUS SEC_ENTRY
ntlm_MakeSignature(PCtxtHandle
, ULONG
, PSecBufferDesc
, ULONG
) DECLSPEC_HIDDEN
;
205 SECURITY_STATUS SEC_ENTRY
ntlm_VerifySignature(PCtxtHandle
, PSecBufferDesc
, ULONG
, PULONG
) DECLSPEC_HIDDEN
;
207 SecPkgInfoW
*ntlm_package_infoW DECLSPEC_HIDDEN
;
208 SecPkgInfoA
*ntlm_package_infoA DECLSPEC_HIDDEN
;
210 /* schannel internal interface */
211 typedef struct schan_imp_session_opaque
*schan_imp_session
;
213 typedef struct schan_credentials
215 ULONG credential_use
;
217 DWORD enabled_protocols
;
220 struct schan_transport
;
226 const SecBufferDesc
*desc
;
227 int current_buffer_idx
;
228 BOOL allow_buffer_resize
;
229 int (*get_next_buffer
)(const struct schan_transport
*, struct schan_buffers
*);
232 struct schan_transport
234 struct schan_context
*ctx
;
235 struct schan_buffers in
;
236 struct schan_buffers out
;
239 char *schan_get_buffer(const struct schan_transport
*t
, struct schan_buffers
*s
, SIZE_T
*count
) DECLSPEC_HIDDEN
;
240 extern int schan_pull(struct schan_transport
*t
, void *buff
, size_t *buff_len
) DECLSPEC_HIDDEN
;
241 extern int schan_push(struct schan_transport
*t
, const void *buff
, size_t *buff_len
) DECLSPEC_HIDDEN
;
243 extern schan_imp_session
schan_session_for_transport(struct schan_transport
* t
) DECLSPEC_HIDDEN
;
245 /* schannel implementation interface */
246 extern BOOL
schan_imp_create_session(schan_imp_session
*session
, schan_credentials
*cred
) DECLSPEC_HIDDEN
;
247 extern void schan_imp_dispose_session(schan_imp_session session
) DECLSPEC_HIDDEN
;
248 extern void schan_imp_set_session_transport(schan_imp_session session
,
249 struct schan_transport
*t
) DECLSPEC_HIDDEN
;
250 extern void schan_imp_set_session_target(schan_imp_session session
, const char *target
) DECLSPEC_HIDDEN
;
251 extern SECURITY_STATUS
schan_imp_handshake(schan_imp_session session
) DECLSPEC_HIDDEN
;
252 extern unsigned int schan_imp_get_session_cipher_block_size(schan_imp_session session
) DECLSPEC_HIDDEN
;
253 extern unsigned int schan_imp_get_max_message_size(schan_imp_session session
) DECLSPEC_HIDDEN
;
254 extern SECURITY_STATUS
schan_imp_get_connection_info(schan_imp_session session
,
255 SecPkgContext_ConnectionInfo
*info
) DECLSPEC_HIDDEN
;
256 extern SECURITY_STATUS
schan_imp_get_session_peer_certificate(schan_imp_session session
, HCERTSTORE
,
257 PCCERT_CONTEXT
*cert
) DECLSPEC_HIDDEN
;
258 extern SECURITY_STATUS
schan_imp_send(schan_imp_session session
, const void *buffer
,
259 SIZE_T
*length
) DECLSPEC_HIDDEN
;
260 extern SECURITY_STATUS
schan_imp_recv(schan_imp_session session
, void *buffer
,
261 SIZE_T
*length
) DECLSPEC_HIDDEN
;
262 extern BOOL
schan_imp_allocate_certificate_credentials(schan_credentials
*) DECLSPEC_HIDDEN
;
263 extern void schan_imp_free_certificate_credentials(schan_credentials
*) DECLSPEC_HIDDEN
;
264 extern DWORD
schan_imp_enabled_protocols(void) DECLSPEC_HIDDEN
;
265 extern BOOL
schan_imp_init(void) DECLSPEC_HIDDEN
;
266 extern void schan_imp_deinit(void) DECLSPEC_HIDDEN
;
269 #endif /* ndef __SECUR32_PRIV_H__ */