X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=gssapiP_eap.h;h=9bb77d3baaf224d1dbdf51b1158db78a3b305541;hb=8df7533a16abccca7dd2c1a03582e3fe7e9c9aca;hp=128b0fed27bc8d11667249948cfa1fc995b4f9f4;hpb=6800e2157097202a9e1e8ff414fb484ef4607bde;p=mech_eap.git diff --git a/gssapiP_eap.h b/gssapiP_eap.h index 128b0fe..9bb77d3 100644 --- a/gssapiP_eap.h +++ b/gssapiP_eap.h @@ -117,7 +117,7 @@ struct gss_ctx_id_struct { gss_OID mechanismUsed; krb5_enctype encryptionType; krb5_cksumtype checksumType; - krb5_keyblock *encryptionKey; + krb5_keyblock *rfc3961Key; gss_name_t initiatorName; gss_name_t acceptorName; time_t expiryTime; @@ -135,88 +135,21 @@ struct gss_ctx_id_struct { #define TOK_FLAG_WRAP_CONFIDENTIAL 0x02 #define TOK_FLAG_ACCEPTOR_SUBKEY 0x04 +#define KEY_USAGE_ACCEPTOR_SEAL 512 +#define KEY_USAGE_ACCEPTOR_SIGN 513 +#define KEY_USAGE_INITIATOR_SEAL 514 +#define KEY_USAGE_INITIATOR_SIGN 515 + enum gss_eap_token_type { - TOK_TYPE_MIC = 0x0404, - TOK_TYPE_WRAP = 0x0504, - TOK_TYPE_DELETE = 0x0405 + TOK_TYPE_EAP_RESP = 0x0601, + TOK_TYPE_EAP_REQ = 0x0602, + TOK_TYPE_GSS_CB = 0x0603, + TOK_TYPE_MIC = 0x0404, + TOK_TYPE_WRAP = 0x0504, + TOK_TYPE_DELETE = 0x0405, + TOK_TYPE_NONE = 0xFFFF }; -/* Helper APIs */ -OM_uint32 gssEapAllocContext(OM_uint32 *minor, gss_ctx_id_t *pCtx); -OM_uint32 gssEapReleaseContext(OM_uint32 *minor, gss_ctx_id_t *pCtx); - -OM_uint32 gssEapAllocName(OM_uint32 *minor, gss_name_t *pName); -OM_uint32 gssEapReleaseName(OM_uint32 *minor, gss_name_t *pName); - -OM_uint32 gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred); -OM_uint32 gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred); - -/* Kerberos token services */ -#define KRB_USAGE_ACCEPTOR_SEAL 22 -#define KRB_USAGE_ACCEPTOR_SIGN 23 -#define KRB_USAGE_INITIATOR_SEAL 24 -#define KRB_USAGE_INITIATOR_SIGN 25 - -#if 0 -#define KRB_KEYTYPE(key) ((key)->keytype) -#else -#define KRB_KEYTYPE(key) ((key)->enctype) -#endif - -/* util_crypt.c */ -int -gssEapEncrypt(krb5_context context, int dce_style, size_t ec, - size_t rrc, krb5_keyblock *key, int usage, krb5_pointer iv, - gss_iov_buffer_desc *iov, int iov_count); - -int -gssEapDecrypt(krb5_context context, int dce_style, size_t ec, - size_t rrc, krb5_keyblock *key, int usage, krb5_pointer iv, - gss_iov_buffer_desc *iov, int iov_count); - -krb5_cryptotype -gssEapTranslateCryptoFlag(OM_uint32 type); - -gss_iov_buffer_t -gssEapLocateIov(gss_iov_buffer_desc *iov, - int iov_count, - OM_uint32 type); - -void -gssEapIovMessageLength(gss_iov_buffer_desc *iov, - int iov_count, - size_t *data_length, - size_t *assoc_data_length); - -void -gssEapReleaseIov(gss_iov_buffer_desc *iov, int iov_count); - -int -gssEapIsIntegrityOnly(gss_iov_buffer_desc *iov, int iov_count); - -int -gssEapAllocIov(gss_iov_buffer_t iov, size_t size); - -/* util_cksum.c */ -int -gssEapSign(krb5_context context, - krb5_cksumtype type, - size_t rrc, - krb5_keyblock *key, - krb5_keyusage sign_usage, - gss_iov_buffer_desc *iov, - int iov_count); - -int -gssEapVerify(krb5_context context, - krb5_cksumtype type, - size_t rrc, - krb5_keyblock *key, - krb5_keyusage sign_usage, - gss_iov_buffer_desc *iov, - int iov_count, - int *valid); - /* wrap_iov.c */ OM_uint32 gssEapWrapOrGetMIC(OM_uint32 *minor, @@ -236,17 +169,7 @@ gssEapUnwrapOrVerifyMIC(OM_uint32 *minor_status, int iov_count, enum gss_eap_token_type toktype); -/* Helper macros */ -#define GSSEAP_CALLOC(count, size) (calloc((count), (size))) -#define GSSEAP_FREE(ptr) (free((ptr))) -#define GSSEAP_MALLOC(size) (malloc((size))) -#define GSSEAP_REALLOC(ptr, size) (realloc((ptr), (size))) -#define GSSEAP_NOT_IMPLEMENTED do { \ - assert(0 && "not implemented"); \ - *minor = ENOSYS; \ - return GSS_S_FAILURE; \ - } while (0) +#include "util.h" #endif /* _GSSAPIP_EAP_H_ */ -