xref: /minix3/crypto/external/bsd/heimdal/dist/lib/gssapi/netlogon/netlogon.h (revision 0a6a1f1d05b60e214de2f05a7310ddd1f0e590e7) 
1 /*	$NetBSD: netlogon.h,v 1.1.1.1 2011/04/13 18:14:47 elric Exp $	*/
2 
3 /*
4  * Copyright (c) 2010 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  *
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  *
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  *
21  * 3. Neither the name of the Institute nor the names of its contributors
22  *    may be used to endorse or promote products derived from this software
23  *    without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
26  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
29  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35  * SUCH DAMAGE.
36  */
37 
38 #ifndef NETLOGON_NETLOGON_H
39 #define NETLOGON_NETLOGON_H
40 
41 #include <config.h>
42 
43 #include <stdio.h>
44 #include <stdlib.h>
45 #include <assert.h>
46 #include <string.h>
47 #include <errno.h>
48 
49 #include <gssapi/gssapi.h>
50 #include <gssapi_mech.h>
51 #include <gssapi_netlogon.h>
52 
53 #include <krb5/krb5.h>
54 
55 #include <krb5/roken.h>
56 #include <heim_threads.h>
57 
58 #define HC_DEPRECATED_CRYPTO
59 #include "crypto-headers.h"
60 
61 /*
62  *
63  */
64 
65 typedef struct {
66 #define NL_NEGOTIATE_REQUEST_MESSAGE    0x00000000
67 #define NL_NEGOTIATE_RESPONSE_MESSAGE   0x00000001
68     uint32_t MessageType;
69 #define NL_FLAG_NETBIOS_DOMAIN_NAME     0x00000001
70 #define NL_FLAG_NETBIOS_COMPUTER_NAME   0x00000002
71 #define NL_FLAG_DNS_DOMAIN_NAME         0x00000004
72 #define NL_FLAG_DNS_HOST_NAME           0x00000008 /* not used */
73 #define NL_FLAG_UTF8_COMPUTER_NAME      0x00000010
74     uint32_t Flags;
75     char *Buffer[0];
76 } NL_AUTH_MESSAGE;
77 
78 #define NL_AUTH_MESSAGE_LENGTH          8
79 
80 /* SignatureAlgorithm */
81 #define NL_SIGN_ALG_HMAC_MD5            0x0077
82 #define NL_SIGN_ALG_SHA256              0x0013
83 
84 /* SealAlgorithm */
85 #define NL_SEAL_ALG_RC4                 0x007A
86 #define NL_SEAL_ALG_AES128              0x001A
87 #define NL_SEAL_ALG_NONE                0xFFFF
88 
89 typedef struct {
90     uint16_t SignatureAlgorithm;
91     uint16_t SealAlgorithm;
92     uint16_t Pad;
93     uint16_t Flags;
94     uint8_t SequenceNumber[8];
95     uint8_t Checksum[8];
96     uint8_t Confounder[8];
97 } NL_AUTH_SIGNATURE;
98 
99 #define NL_AUTH_SIGNATURE_HEADER_LENGTH 8
100 #define NL_AUTH_SIGNATURE_COMMON_LENGTH 16
101 #define NL_AUTH_SIGNATURE_LENGTH        32
102 
103 typedef struct {
104     uint16_t SignatureAlgorithm;
105     uint16_t SealAlgorithm;
106     uint16_t Pad;
107     uint16_t Flags;
108     uint8_t SequenceNumber[8];
109     uint8_t Checksum[32];
110     uint8_t Confounder[8];
111 } NL_AUTH_SHA2_SIGNATURE;
112 
113 #define NL_AUTH_SHA2_SIGNATURE_LENGTH   56
114 
115 typedef union {
116     NL_AUTH_SIGNATURE Signature;
117     NL_AUTH_SHA2_SIGNATURE SHA2Signature;
118 } NL_AUTH_SIGNATURE_U;
119 
120 #define NL_AUTH_SIGNATURE_P(_u)         (&(_u)->Signature)
121 
122 typedef struct gssnetlogon_name {
123     gss_buffer_desc NetbiosName;
124     gss_buffer_desc DnsName;
125 } *gssnetlogon_name;
126 
127 typedef struct gssnetlogon_cred {
128     gssnetlogon_name *Name;
129     uint16_t SignatureAlgorithm;
130     uint16_t SealAlgorithm;
131     uint8_t SessionKey[16];
132 } *gssnetlogon_cred;
133 
134 typedef struct gssnetlogon_ctx {
135     HEIMDAL_MUTEX Mutex;
136     enum { NL_AUTH_NEGOTIATE, NL_AUTH_ESTABLISHED } State;
137     OM_uint32 GssFlags;
138     uint8_t LocallyInitiated;
139     uint32_t MessageBlockSize;
140     uint16_t SignatureAlgorithm;
141     uint16_t SealAlgorithm;
142     uint64_t SequenceNumber;
143     gssnetlogon_name SourceName;
144     gssnetlogon_name TargetName;
145     uint8_t SessionKey[16];
146 } *gssnetlogon_ctx;
147 
148 #include <netlogon-private.h>
149 
150 #endif /* NETLOGON_NETLOGON_H */
151