"Fossies" - the Fresh Open Source Software Archive

Member "spnegohelp/spnego.h" (10 Apr 2005, 6942 Bytes) of package /linux/www/apache_httpd_modules/old/modgssapache-0.0.5.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 // Copyright (C) 2002 Microsoft Corporation
    2 // All rights reserved.
    3 //
    4 // THIS CODE AND INFORMATION IS PROVIDED "AS IS"
    5 // WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
    6 // OR IMPLIED, INCLUDING BUT NOT LIMITED
    7 // TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY
    8 // AND/OR FITNESS FOR A PARTICULAR PURPOSE.
    9 //
   10 // Date    - 10/08/2002
   11 // Author  - Sanj Surati
   12 
   13 /////////////////////////////////////////////////////////////
   14 //
   15 // SPNEGO.H
   16 //
   17 // SPNEGO Token Handler Header File
   18 //
   19 // Contains the definitions required to interpret and create
   20 // SPNEGO tokens so that Kerberos GSS tokens can be
   21 // Unpackaged/packaged.
   22 //
   23 /////////////////////////////////////////////////////////////
   24 
   25 #ifndef __SPNEGO_H__
   26 #define __SPNEGO_H__
   27 
   28 // C++ Specific
   29 #if defined(__cplusplus)
   30 extern "C"
   31 {
   32 #endif
   33 
   34 // Type Definitions
   35 
   36 //
   37 // Users of SPNEGO Token Handler API will request
   38 // these as well as free them,
   39 //
   40 typedef void*  SPNEGO_TOKEN_HANDLE;
   41 
   42 //
   43 // Defines the element types that are found
   44 // in each of the tokens.
   45 //
   46 
   47 typedef enum spnego_element_type
   48 {
   49    spnego_element_min,  // Lower bound
   50 
   51    // Init token elements
   52    spnego_init_mechtypes, 
   53    spnego_init_reqFlags,
   54    spnego_init_mechToken,
   55    spnego_init_mechListMIC,
   56 
   57    // Targ token elements
   58    spnego_targ_negResult,
   59    spnego_targ_supportedMech,
   60    spnego_targ_responseToken,
   61    spnego_targ_mechListMIC,
   62 
   63    spnego_element_max   // Upper bound
   64 
   65 } SPNEGO_ELEMENT_TYPE;
   66 
   67 //
   68 // Token Element Availability.  Elements in both
   69 // token types are optional.  Since there are only
   70 // 4 elements in each Token, we will allocate space
   71 // to hold the information, but we need a way to
   72 // indicate whether or not an element is available
   73 //
   74 
   75 #define SPNEGO_TOKEN_ELEMENT_UNAVAILABLE 0
   76 #define SPNEGO_TOKEN_ELEMENT_AVAILABLE 1
   77 
   78 //
   79 // Token type values.  SPNEGO has 2 token types:
   80 // NegTokenInit and NegTokenTarg
   81 //
   82 
   83 #define SPNEGO_TOKEN_INIT 0
   84 #define SPNEGO_TOKEN_TARG 1
   85 
   86 //
   87 // GSS Mechanism OID enumeration.  We only really handle
   88 // 3 different OIDs.  These are stored in an array structure
   89 // defined in the parsing code.
   90 //
   91 
   92 typedef enum spnego_mech_oid
   93 {
   94    // Init token elements
   95    spnego_mech_oid_Kerberos_V5_Legacy, // Really V5, but OID off by 1 bit
   96    spnego_mech_oid_Kerberos_V5,
   97    spnego_mech_oid_Spnego,
   98    spnego_mech_oid_NotUsed = -1
   99 
  100 } SPNEGO_MECH_OID;
  101 
  102 //
  103 // Defines the negResult values.
  104 //
  105 
  106 typedef enum spnego_negResult
  107 {
  108    spnego_negresult_success,
  109    spnego_negresult_incomplete,
  110    spnego_negresult_rejected,
  111    spnego_negresult_NotUsed = -1
  112 } SPNEGO_NEGRESULT;
  113 
  114 //
  115 // Context Flags in NegTokenInit
  116 //
  117 
  118 //
  119 // ContextFlags values MUST be zero or a combination
  120 // of the below
  121 //
  122 
  123 #define SPNEGO_NEGINIT_CONTEXT_DELEG_FLAG    0x80
  124 #define SPNEGO_NEGINIT_CONTEXT_MUTUAL_FLAG   0x40
  125 #define SPNEGO_NEGINIT_CONTEXT_REPLAY_FLAG   0x20
  126 #define SPNEGO_NEGINIT_CONTEXT_SEQUENCE_FLAG 0x10
  127 #define SPNEGO_NEGINIT_CONTEXT_ANON_FLAG     0x8
  128 #define SPNEGO_NEGINIT_CONTEXT_CONF_FLAG     0x4
  129 #define SPNEGO_NEGINIT_CONTEXT_INTEG_FLAG    0x2
  130 
  131 //
  132 // Mask to retrieve valid values.
  133 //
  134 
  135 #define SPNEGO_NEGINIT_CONTEXT_MASK          0xFE  // Logical combination of above flags
  136 
  137 //
  138 // SPNEGO API return codes.
  139 //
  140 
  141 // API function was successful
  142 #define SPNEGO_E_SUCCESS               0
  143 
  144 // The supplied Token was invalid
  145 #define SPNEGO_E_INVALID_TOKEN         -1
  146 
  147 // An invalid length was encountered
  148 #define SPNEGO_E_INVALID_LENGTH        -2
  149 
  150 // The Token Parse failed
  151 #define SPNEGO_E_PARSE_FAILED          -3
  152 
  153 // The requested value was not found
  154 #define SPNEGO_E_NOT_FOUND             -4
  155 
  156 // The requested element is not available
  157 #define SPNEGO_E_ELEMENT_UNAVAILABLE   -5
  158 
  159 // Out of Memory
  160 #define SPNEGO_E_OUT_OF_MEMORY         -6
  161 
  162 // Not Implemented
  163 #define SPNEGO_E_NOT_IMPLEMENTED       -7
  164 
  165 // Invalid Parameter
  166 #define SPNEGO_E_INVALID_PARAMETER     -8
  167 
  168 // Token Handler encountered an unexpected OID
  169 #define SPNEGO_E_UNEXPECTED_OID        -9
  170 
  171 // The requested token was not found
  172 #define SPNEGO_E_TOKEN_NOT_FOUND       -10
  173 
  174 // An unexpected type was encountered in the encoding
  175 #define SPNEGO_E_UNEXPECTED_TYPE       -11
  176 
  177 // The buffer was too small
  178 #define SPNEGO_E_BUFFER_TOO_SMALL      -12
  179 
  180 // A Token Element was invalid (e.g. improper length or value)
  181 #define SPNEGO_E_INVALID_ELEMENT       -13
  182 
  183 /* Miscelaneous API Functions */
  184 
  185 // Frees opaque data
  186 void spnegoFreeData( SPNEGO_TOKEN_HANDLE hSpnegoToken );
  187 
  188 // Initializes SPNEGO_TOKEN structure from DER encoded binary data
  189 int spnegoInitFromBinary( unsigned char* pbTokenData, unsigned long ulLength, SPNEGO_TOKEN_HANDLE* phSpnegoToken );
  190 
  191 // Initializes SPNEGO_TOKEN structure for a NegTokenInit type using the
  192 // supplied parameters
  193 int spnegoCreateNegTokenInit( SPNEGO_MECH_OID MechType,
  194           unsigned char ucContextFlags, unsigned char* pbMechToken,
  195           unsigned long ulMechTokenLen, unsigned char* pbMechTokenMIC,
  196           unsigned long ulMechTokenMIC, SPNEGO_TOKEN_HANDLE* phSpnegoToken );
  197 
  198 // Initializes SPNEGO_TOKEN structure for a NegTokenTarg type using the
  199 // supplied parameters
  200 int spnegoCreateNegTokenTarg( SPNEGO_MECH_OID MechType, 
  201           SPNEGO_NEGRESULT spnegoNegResult, unsigned char* pbMechToken,
  202           unsigned long ulMechTokenLen, unsigned char* pbMechListMIC,
  203           unsigned long ulMechListMICLen, SPNEGO_TOKEN_HANDLE* phSpnegoToken );
  204 
  205 // Copies binary representation of SPNEGO Data into user supplied buffer
  206 int spnegoTokenGetBinary( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pbTokenData,
  207                            unsigned long * pulDataLen );
  208 
  209 // Returns SPNEGO Token Type
  210 int spnegoGetTokenType( SPNEGO_TOKEN_HANDLE hSpnegoToken, int * piTokenType );
  211 
  212 /* Reading an Init Token */
  213 
  214 // Returns the Initial Mech Type in the MechList element in the NegInitToken.
  215 int spnegoIsMechTypeAvailable( SPNEGO_TOKEN_HANDLE hSpnegoToken, SPNEGO_MECH_OID MechOID, int * piMechTypeIndex );
  216 
  217 // Returns the value from the context flags element in the NegInitToken as an unsigned long
  218 int spnegoGetContextFlags( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pucContextFlags );
  219 
  220 /* Reading a Response Token */
  221 
  222 // Returns the value from the negResult element (Status code of GSS call - 0,1,2)
  223 int spnegoGetNegotiationResult( SPNEGO_TOKEN_HANDLE hSpnegoToken, SPNEGO_NEGRESULT* pnegResult );
  224 
  225 // Returns the Supported Mech Type from the NegTokenTarg.
  226 int spnegoGetSupportedMechType( SPNEGO_TOKEN_HANDLE hSpnegoToken, SPNEGO_MECH_OID* pMechOID  );
  227 
  228 /* Reading either Token Type */
  229 
  230 // Returns the actual Mechanism data from the token (this is what is passed into GSS-API functions
  231 int spnegoGetMechToken( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pbTokenData, unsigned long* pulDataLen );
  232 
  233 // Returns the Message Integrity BLOB in the token
  234 int spnegoGetMechListMIC( SPNEGO_TOKEN_HANDLE hSpnegoToken, unsigned char* pbMICData, unsigned long* pulDataLen );
  235 
  236 // C++ Specific
  237 #if defined(__cplusplus)
  238 }
  239 #endif
  240 #ifdef DEBUG
  241   #define LOG(x) printf x
  242 #else
  243   #define LOG(x)
  244 #endif
  245 #endif