Security Audit. Checkpoint changes thus far to c code.

This commit is contained in:
Jim Norman 2006-04-17 21:53:18 +00:00
parent 0d5ef76eb5
commit d47212b28d
14 changed files with 785 additions and 2018 deletions

View File

@ -1,3 +1,7 @@
-------------------------------------------------------------------
Mon Apr 17 15:47:10 MST 2006 - jnorman@novell.com
- Security Audit. Checkpoint changes thus far to c code.
-------------------------------------------------------------------
Fri Apr 14 14:10:11 MST 2006 - cmashayekh@novell.com
- CASA.spec, casacfgpam, and casaucfgpam scripts were

View File

@ -1,495 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
***********************************************************************/
#ifndef _MICASA_H_
#define _MICASA_H_
#if defined(__cplusplus) || defined(c_plusplus)
extern "C"
{
#endif
#include "micasa_mgmd.h"
/***************************************************************************
*** All strings are length preceeded and the lengths include the NULL.
***************************************************************************/
/***************************************************************************
*** most apis use a parameter called ssFlags, defined here
***************************************************************************/
#define SSFLAG_DESTROY_SESSION_F 0x00000001L // used with miCASACloseSecretStoreCache
#define SSCS_SESSION_KEY_CHAIN_F 0x00000002L
#define SSCS_LOCAL_KEY_CHAIN_F 0x00000004L
#define SSCS_REMOTE_KEY_CHAIN_F 0x00000008L
// ######################### FIRST RELEASE ############################
// Session key chain is maintained only in only in cache during the usr session */
/* FLAGS: (SSCS_SESSION_KEY_CHAIN_F) */
#define SSCS_S_KC_ID_F (SSCS_SESSION_KEY_CHAIN_F)
#define SSCS_S_KC_ID_CHARS 26
static SS_UTF8_T SSCS_SESSION_KEY_CHAIN_ID[] = {"SSCS_SESSION_KEY_CHAIN_ID"};
// {'S','S','C','S','_','S','E','S','S','I','O','N','_','K','E','Y','_','C','H','A','I','N','_','I','D', 0};
// ######################### FIRST RELEASE ############################
// ######################### FUTURE RELEASE ############################
// Persistent Private Keychain:
// A Local keychain that is cached and is persistent */
#define SSCS_PPV_KC_ID_F SSCS_SL_KC_ID_F
#define SSCS_PPV_KC_CHARS 24
#define SSCS_PERSISTENT_PRIVATE_KEYCHAIN_ID SSCS_LOCAL_KEY_CHAIN_ID
// Public Keychain:
// A Remote keychain that is cached locally only for the user session
#define SSCS_PB_KC_F SSCS_SR_KC_ID_F
#define SSCS_PB_KC_ID_CHARS 25
#define SSCS_PUBLIC_KEYCHAIN_ID SSCS_REMOTE_KEY_CHAIN_ID
// Persistent Public Keychain:
// A Remote keychain that is cached locally and is persistent */
#define SSCS_PPB_KC_F SSCS_SLR_KC_ID_F
#define SSCS_PPB_KC_ID_CHARS 31
#define SSCS_PERSISTENT_PUBLIC_KEYCHAIN_ID SSCS_LOCAL_REMOTE_KEY_CHAIN_ID
// ######################### FUTURE RELEASE ############################
// Default SecretID
static SS_UTF8_T SECRET_ID_DEFAULT[] = {"Default_Credential"};
#define SECRET_ID_DEFAULT_LEN 19
// Known keys for Shared Secret format
// ===============================================
static SS_UTF8_T SHS_PASSWORD[] = {"Password"};
// {'P','a','s','s','s','w','o','r','d','=',0};
#define SHS_PASSWORD_LEN 9
static SS_UTF8_T SHS_USERNAME[] = {"Username"};
// {'U','s','e','r','n','a','m','e','=',0};
#define SHS_USER_NAME_LEN 9
static SS_UTF8_T SHS_OTHER[] = {"Other"};
//{'O','t','h','e','r','=',0};
#define SHS_OTHER_LEN 6
static SS_UTF8_T SHS_BINARY[] = {"Binary"};
//{'B','i','n','a','r','y','=',0};
#define SHS_BINARY_LEN 7
// Common Name
static SS_UTF8_T SHS_CN[] = {"CN"};
//{'C','N','=',0};
#define SHS_CN_LEN 3
// LDAP DN
static SS_UTF8_T SHS_DN_LDAP[] = {"DN_LDAP"};
//{'D','N','L','D','A','P','=',0};
#define SHS_DNLDAP_LEN 8
// NDAP DN
static SS_UTF8_T SHS_DN_NDAP[] = {"DN_NDAP"};
//{'D','N','N','D','A','P','=',0};
#define SHS_DNNDAP_LEN 8
// EMAIL NAME
static SS_UTF8_T SHS_EMAIL[] = {"EMAIL"};
//{'E','M','A','I','L','=',0};
#define SHS_EMAIL_LEN 6
/* STANDARD KEYCHAIN IDs */
/* Persistent local keychain that is cached */
/* FLAGS: (SSCS_SESSION_KEY_CHAIN_F | SSCS_LOCAL_KEY_CHAIN_F) */
#define SSCS_SL_KC_ID_F (SSCS_SESSION_KEY_CHAIN_F | SSCS_LOCAL_KEY_CHAIN_F)
#define SSCS_SL_KC_ID_CHARS 24
// #define SSCS_SL_KC_LEN 48
static SS_UTF8_T SSCS_LOCAL_KEY_CHAIN_ID[] = {"SSCS_LOCAL_KEY_CHAIN_ID"};
// {'S','S','C','S','_','L','O','C','A','L','_','K','E','Y','_','C','H','A','I','N','_','I','D', 0};
//
/* A Remote keychain that is cached locally only for the user session
/* FLAGS: (SSCS_SESSION_KEY_CHAIN_F | SSCS_REMOTE_KEY_CHAIN_F) */
#define SSCS_SR_KC_ID_F (SSCS_SESSION_KEY_CHAIN_F | SSCS_REMOTE_KEY_CHAIN_F)
#define SSCS_SR_KC_ID_CHARS 25
// #define SSCS_SR_KC_ID_LEN 50
static SS_UTF8_T SSCS_REMOTE_KEY_CHAIN_ID[] = {"SSCS_REMOTE_KEY_CHAIN_ID"};
// {'S','S','C','S','_','R','E','M','O','T','E','_','K','E','Y','_','C','H','A','I','N','_','I','D', 0};
/* A Remote keychain that is cached locally and is persistent */
/* FLAGS: (SSCS_SESSION_KEY_CHAIN_F | SSCS_REMOTE_KEY_CHAIN_F | SSCS_LOCAL_KEY_CHAIN_F) */
#define SSCS_SLR_KC_ID_F (SSCS_SESSION_KEY_CHAIN_F | SSCS_REMOTE_KEY_CHAIN_F | SSCS_LOCAL_KEY_CHAIN_F)
#define SSCS_SLR_KC_ID_CHARS 31
// #define SSCS_SLR_KC_ID_LEN 62
static SS_UTF8_T SSCS_LOCAL_REMOTE_KEY_CHAIN_ID[] = {"SSCS_LOCAL_REMOTE_KEY_CHAIN_ID"};
// {'S','S','C','S','_','L','O','C','A','L','_','R','E','M','O','T','E','_','K','E','Y','_','C','H','A','I','N','_','I','D', 0};
#define NSSCS_VERSION_NUMBER 0x00040000L // client version Major 04 Minor 00 Revision 01
// the final release will be 4.0.0
#define NSSCS_MIN_SECRET_BUF_LEN 3968 //* (4K-128)to match server
#define NSSCS_MID_SECRET_BUF_LEN 32768 //* (4K-128)to match server
#define NSSCS_MAX_SECRET_BUF_LEN 60416 //* (59K)to match server
#define NSSCS_MAX_PWORD_HINT_LEN 128 //* maximum hint (bytes)
#define NSSCS_MAX_KEYCHAIN_ID_LEN 256 //* in bytes including NULL
#define NSSCS_MAX_NUM_OF_DEFAULT_KEYCHAINS 6
#define NSSCS_MIN_IDLIST_BUF_LEN 16384 //* (16K)
#define NSSCS_MID_IDLIST_BUF_LEN 32768 //* (32K)
#define NSSCS_MAX_IDLIST_BUF_LEN 65536 //* (64kK)
#define NSSCS_JUMBO_IDLIST_BUF_LEN 131072 //* (128K)
#define NSSCS_JUMBO_ENUM_BUF_LEN 131072 //* (128K)
#define NSSCS_ENUM_BUFFER_GUESS 32768 //* (32K)
#define NSSCS_ENUM_DELIM ((SS_UTF8_T)'*') //* immutable
#define NSSCS_MAX_SRCH_KEY_LEN 128 //* maximum hint (bytes)
#define SSCS_APPLICATION_TYPE_F 0x00000001L
#define SSCS_CREDENTIAL_TYPE_F 0x00000002L
static SS_UTF8_T SSCS_DEFAULT_SECRETSTORE_ID[] = {"SecretStore"};
//{'S','e','c','r','e','t','S','t','o','r','e', 0};
#define SSCS_DEFAULT_SECRETSTORE_ID_LEN 12
static SS_UTF8_T SSCS_CRED_SET[] = {"SS_CredSet"};
//{'S','S','_','C','r','e','d','S','e','t', 0};
#define SSCS_CRED_SET_LEN 10
static SS_UTF8_T SSCS_BINARY_SECRET[] = {"SS_Binary"};
//{'S','S','_','B','i','n','a','r','y', 0};
#define SSCS_BINARY_CHARS 9
static SS_UTF8_T APP_DELIMITER[] = {":"};
#define APP_DELIMITER_LEN 2
static SS_UTF8_T CREDSET_DELIMITER[] = {"="};
#define CREDSET_DELIMITER_LEN 2
static SS_UTF8_T BINARY_DELIMITER[] = {"="};
#define BINARY_DELIMITER_LEN 2
#define SSCS_MASTER_PASSWORD 1
#define SSCS_ENHANCED_PROTECTION_PASSWORD 2
#define SSCS_DIRECTORY_PASSWORD 1
typedef struct _sscs_password
{
unsigned long pwordType;
unsigned long pwordLen; // enhanced protection len & pword to set
SS_UTF8_T pword[NSSCS_MAX_PWORD_LEN]; // * should be passed in # of chars
} SSCS_PASSWORD_T;
typedef struct _sscs_sh_secret_id
{
int type; // The shared secret type i.e. SS_App or SS_CredSet
int len; // except that it excludes the header and is not escaped.
SS_UTF8_T name[NSSCS_MAX_SECRET_ID_LEN]; // The shared secret name. This is the same as the identifier
} SSCS_SH_SECRET_ID_T;
typedef struct _sscs_passcode
{
int passcodeType;
void *passcodeHandle; // can be password structure or other types of structures.
} SSCS_PASSCODE_T;
typedef struct _sscs_secretstore
{
unsigned int version;
SS_UTF8_T ssName[NSSCS_MAX_SECRET_ID_LEN];
} SSCS_SECRETSTORE_T;
typedef struct _ssscs_read_extension
{
unsigned long statFlags; //* OUT - return flags on the secret
unsigned long crtStamp; //* OUT - secret creation time stamp
unsigned long latStamp; //* OUT - last accessed time stamp (optional)
unsigned long lmtStamp; //* OUT - last modified time stamp
} SSCS_READEXT_T;
typedef struct _sscs_hint
{
unsigned long hintLen;
SS_UTF8_T hint[NSSCS_MAX_PWORD_HINT_LEN]; //* should be passed in # of chars
} SSCS_HINT_T;
typedef struct _sscs_secretstore_info
{
unsigned int numKeyChains;
unsigned int enumBufsize;
} SSCS_SECRETSTORE_INFO_T;
typedef struct _sscs_srch_key
{
unsigned long srchKeyLen;
SS_UTF8_T srchKey[NSSCS_MAX_SRCH_KEY_LEN]; //* should be passed in # of chars
} SSCS_SRCH_KEY_T;
typedef struct _sscs_sh_secret_ID_List
{
unsigned long enumHandle; // set to 0 to begin with
unsigned long returnedIDs; // to be initialized by the caller to the array size
SSCS_SH_SECRET_ID_T *secIDList; //* an array of secret IDs structures.
} SSCS_SH_SECRET_ID_LIST_T;
typedef struct _sscs_keychain_id
{
unsigned long len;
SS_UTF8_T keychainID[NSSCS_MAX_SECRET_ID_LEN];
} SSCS_KEYCHAIN_ID_T;
typedef struct _sscs_keychain_id_list
{
unsigned long enumHandle; // set to 0 to begin with
unsigned long returnedIDs; // to be initialized by the caller to the array size
SSCS_KEYCHAIN_ID_T *keyChainIDList; //* an array of keychainID structures
} SSCS_KEYCHAIN_ID_LIST_T;
// **************************************************************
// * The following functions will be exposed as exported API:
// **************************************************************
// * SSCS APIs below export the interface for applications.
// * Support APIs are needed for populating or extracting data
// * from a Shared Secret.
// **************************************************************
SSCS_EXTERN_LIBCALL_PTR(void)
miCASAOpenSecretStoreCache
(
SSCS_SECRETSTORE_T * ssid,
unsigned long ssFlags,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASACloseSecretStoreCache
(
void * context,
unsigned long ssFlags,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAReadSecret
(
void * context,
SSCS_KEYCHAIN_ID_T * keyChainID,
unsigned long ssFlags,
void * secretHandle,
SSCS_SH_SECRET_ID_T * sharedSecretID,
SSCS_PASSWORD_T * epPassword,
SSCS_READEXT_T * readData,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASARemoveSecret
(
void * context,
SSCS_KEYCHAIN_ID_T * keyChainID,
unsigned long ssFlags,
SSCS_SH_SECRET_ID_T * sharedSecretID,
SSCS_PASSWORD_T * epPassword,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAWriteSecret
(
void * context,
SSCS_KEYCHAIN_ID_T * keyChainID,
unsigned long ssFlags,
void * secretHandle,
SSCS_SH_SECRET_ID_T * sharedSecretID,
SSCS_PASSWORD_T * epPassword,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAGetStoreInformation
(
void * context,
unsigned long ssFlags,
SSCS_SECRETSTORE_INFO_T * ssInfo,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAEnumerateSecretIDs
(
void * context,
SSCS_KEYCHAIN_ID_T * keyChainID,
unsigned long ssFlags,
SSCS_SRCH_KEY_T * searchKey,
SSCS_SH_SECRET_ID_LIST_T * secretIDList,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASARemoveSecretStore
(
void * context,
unsigned long ssFlags,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASASetMasterPassword
(
void * context,
unsigned long ssFlags,
SSCS_PASSWORD_T * password,
SSCS_HINT_T * hint,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAUnlockSecrets
(
void * context,
unsigned long ssFlags,
SSCS_PASSWORD_T * password,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASALockStore
(
void * context,
unsigned long ssFlags,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAUnlockStore
(
void * context,
unsigned long ssFlags,
SSCS_PASSCODE_T * passcode,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAEnumerateKeyChainIDs
(
void * context,
unsigned long ssFlags,
SSCS_SRCH_KEY_T * searchKey,
SSCS_KEYCHAIN_ID_LIST_T * kcIDList,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASAAddKeyChain
(
void * context,
unsigned long ssFlags,
SSCS_KEYCHAIN_ID_T * keyChainID,
SSCS_EXT_T * ext
);
SSCS_EXTERN_LIBCALL(int)
miCASARemoveKeyChain
(
void * context,
unsigned long ssFlags,
SSCS_KEYCHAIN_ID_T * keyChainID,
SSCS_EXT_T * ext
);
//**************************************************************
//* Support Functions for processing (populating or extracting)
//* data components from Shared Secrets
//**************************************************************
SSCS_EXTERN_LIBCALL_PTR(void)
miCASA_CreateSHSHandle();
SSCS_EXTERN_LIBCALL(int)
miCASA_DestroySHSHandle(void *secretHandle); // in
SSCS_EXTERN_LIBCALL(int)
miCASA_GetNextSHSEntry
(
int restart,
void *secretHandle,
unsigned long *keyLen,
SS_UTF8_T *key,
unsigned long *valLen,
unsigned char *value
);
SSCS_EXTERN_LIBCALL(int)
miCASA_AddSHSEntry
(
void *secretHandle,
SS_UTF8_T *key,
unsigned long valueLen,
unsigned char *value
);
SSCS_EXTERN_LIBCALL(int)
miCASA_RemoveSHSEntry
(
void *secretHandle,
SS_UTF8_T *key,
unsigned long valueLen,
unsigned char *value
);
#if defined(__cplusplus) || defined(c_plusplus)
}
#endif
#endif /* _miCASA_H */

View File

@ -1,452 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
***********************************************************************/
#ifndef _MICASA_MANAGED_H_
#define _MICASA_MANAGED_H_
#if defined(__cplusplus) || defined(c_plusplus)
extern "C"
{
#endif
/***************************************************************************
*** All strings are length preceeded and the lengths include the NULL.
***************************************************************************/
#if defined(WIN32)
#define SSCS_GLOBAL_LIBCALL_PTR(RET) RET * __stdcall
#define SSCS_GLOBAL_LIBCALL(RET) RET __stdcall
#define SSCS_EXTERN_LIBCALL_PTR(RET) extern RET * __stdcall
#define SSCS_EXTERN_LIBCALL(RET) extern RET __stdcall
#define SSCS_TYPEDEF_LIBCALL_PTR(RET, PTR) typedef RET * (__stdcall *PTR)
#define SSCS_TYPEDEF_LIBCALL(RET, PTR) typedef RET (__stdcall *PTR)
#else
#define SSCS_GLOBAL_LIBCALL_PTR(RET) RET *
#define SSCS_GLOBAL_LIBCALL(RET) RET
#define SSCS_EXTERN_LIBCALL_PTR(RET) extern RET *
#define SSCS_EXTERN_LIBCALL(RET) extern RET
#define SSCS_TYPEDEF_LIBCALL_PTR(RET, PTR) typedef RET * (*PTR)
#define SSCS_TYPEDEF_LIBCALL(RET, PTR) typedef RET (*PTR)
#endif /* WIN32 */
#ifndef _MICASA_TYPES_H_
#define _MICASA_TYPES_H_
#if defined(WIN32)
#include <stdio.h>
typedef unsigned __int64 uint64_t;
typedef signed __int64 int64_t;
typedef unsigned int uint32_t;
typedef signed int int32_t;
typedef unsigned short uint16_t;
typedef signed short int16_t;
typedef unsigned char uint8_t;
typedef signed char int_t;
#else
#include <stdio.h>
#include <stdint.h>
#endif
#ifndef _SSUTF8_H_
/* defining the utf8 for SSCS */
typedef unsigned char SS_UTF8_T;
#endif
#define NSSCS_MAX_USERID_LEN 256 //* max username (bytes)
#define NSSCS_MAX_PWORD_LEN 128 //* max password (bytes)
#define NSSCS_MAX_SECRET_ID_LEN 512 //* in bytes including NULL
// used to denote what structure is being used for the credentials
#define SSCS_CRED_TYPE_BASIC_F 0x00000001L
// used to denote the type of username being requested or set
#define USERNAME_TYPE_CN_F 0x00000000L // default behavior
#define USERNAME_TYPE_NDS_DN_F 0x00000001L
#define USERNAME_TYPE_NDS_FDN_F 0x00000002L
#define USERNAME_TYPE_LDAP_DN_F 0x00000004L
#define USERNAME_TYPE_EMAIL_F 0x00000008L
#define USERNAME_TYPE_OTHER_F 0x00000010L
typedef struct _sscs_secret_id
{
uint32_t len; // max id len in bytes
SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN]; // * should be passed in # of chars
} SSCS_SECRET_ID_T;
typedef struct _sscs_basic_credential
{
uint32_t unFlags;
uint32_t unLen;
SS_UTF8_T username[NSSCS_MAX_USERID_LEN];
uint32_t pwordLen;
SS_UTF8_T password[NSSCS_MAX_PWORD_LEN];
} SSCS_BASIC_CREDENTIAL;
typedef struct _sscs_ext_t
{
int32_t extID; // defined to identify the extension
int32_t version; // defined as the version of the specified extension
void *ext; // points to the actual extension
} SSCS_EXT_T;
/* ####################################################################### */
/* ############################## ERROR CODES ############################ */
/* ####################################################################### */
#define NSSCS_SUCCESS 0x00000000 /* 0 */
#define NSSCS_E_OBJECT_NOT_FOUND 0xFFFFFCE0 /* -800 */
#define NSSCS_E_NICI_FAILURE 0xFFFFFCDF /* -801 */
#define NSSCS_E_INVALID_SECRET_ID 0xFFFFFCDE /* -802 */
#define NSSCS_E_SYSTEM_FAILURE 0xFFFFFCDD /* -803 */
#define NSSCS_E_ACCESS_DENIED 0xFFFFFCDC /* -804 */
#define NSSCS_E_NDS_INTERNAL_FAILURE 0xFFFFFCDB /* -805 */
#define NSSCS_E_SECRET_UNINITIALIZED 0xFFFFFCDA /* -806 */
#define NSSCS_E_BUFFER_LEN 0xFFFFFCD9 /* -807 */
#define NSSCS_E_INCOMPATIBLE_VERSION 0xFFFFFCD8 /* -808 */
#define NSSCS_E_CORRUPTED_STORE 0xFFFFFCD7 /* -809 */
#define NSSCS_E_SECRET_ID_EXISTS 0xFFFFFCD6 /* -810 */
#define NSSCS_E_NDS_PWORD_CHANGED 0xFFFFFCD5 /* -811 */
#define NSSCS_E_INVALID_TARGET_OBJECT 0xFFFFFCD4 /* -812 */
#define NSSCS_E_STORE_NOT_FOUND 0xFFFFFCD3 /* -813 */
#define NSSCS_E_SERVICE_NOT_FOUND 0xFFFFFCD2 /* -814 */
#define NSSCS_E_SECRET_ID_TOO_LONG 0xFFFFFCD1 /* -815 */
#define NSSCS_E_ENUM_BUFF_TOO_SHORT 0xFFFFFCD0 /* -816 */
#define NSSCS_E_NOT_AUTHENTICATED 0xFFFFFCCF /* -817 */
#define NSSCS_E_NOT_SUPPORTED 0xFFFFFCCE /* -818 */
#define NSSCS_E_NDS_PWORD_INVALID 0xFFFFFCCD /* -819 */
#define NSSCS_E_NICI_OUTOF_SYNC 0xFFFFFCCC /* -820 */
#define NSSCS_E_SERVICE_NOT_SUPPORTED 0xFFFFFCCB /* -821 */
#define NSSCS_E_TOKEN_NOT_SUPPORTED 0xFFFFFCCA /* -822 */
#define NSSCS_E_UNICODE_OP_FAILURE 0xFFFFFCC9 /* -823 */
#define NSSCS_E_TRANSPORT_FAILURE 0xFFFFFCC8 /* -824 */
#define NSSCS_E_CRYPTO_OP_FAILURE 0xFFFFFCC7 /* -825 */
#define NSSCS_E_SERVER_CONN_FAILURE 0xFFFFFCC6 /* -826 */
#define NSSCS_E_CONN_ACCESS_FAILURE 0xFFFFFCC5 /* -827 */
#define NSSCS_E_ENUM_BUFF_TOO_LONG 0xFFFFFCC4 /* -828 */
#define NSSCS_E_SECRET_BUFF_TOO_LONG 0xFFFFFCC3 /* -829 */
#define NSSCS_E_SECRET_ID_TOO_SHORT 0xFFFFFCC2 /* -830 */
#define NSSCS_E_CORRUPTED_PACKET_DATA 0xFFFFFCC1 /* -831 */
#define NSSCS_E_EP_ACCESS_DENIED 0xFFFFFCC0 /* -832 */
#define NSSCS_E_SCHEMA_NOT_EXTENDED 0xFFFFFCBF /* -833 */
#define NSSCS_E_ATTR_NOT_FOUND 0xFFFFFCBE /* -834 */
#define NSSCS_E_MIGRATION_NEEDED 0xFFFFFCBD /* -835 */
#define NSSCS_E_MP_PWORD_INVALID 0xFFFFFCBC /* -836 */
#define NSSCS_E_MP_PWORD_NOT_SET 0xFFFFFCBB /* -837 */
#define NSSCS_E_MP_PWORD_NOT_ALLOWED 0xFFFFFCBA /* -838 */
#define NSSCS_E_WRONG_REPLICA_TYPE 0xFFFFFCB9 /* -839 */
#define NSSCS_E_ATTR_VAL_NOT_FOUND 0xFFFFFCB8 /* -840 */
#define NSSCS_E_INVALID_PARAM 0xFFFFFCB7 /* -841 */
#define NSSCS_E_NEED_SECURE_CHANNEL 0xFFFFFCB6 /* -842 */
#define NSSCS_E_CONFIG_NOT_SUPPORTED 0xFFFFFCB5 /* -843 */
#define NSSCS_E_STORE_NOT_LOCKED 0xFFFFFCB4 /* -844 */
#define NSSCS_E_TIME_OUT_OF_SYNC 0xFFFFFCB3 /* -845 */
#define NSSCS_E_VERSION_MISMATCH 0xFFFFFCB2 /* -846 */
#define NSSCS_E_SECRET_BUFF_TOO_SHORT 0xFFFFFCB1 /* -847 */
#define NSSCS_E_SH_SECRET_FAILURE 0xFFFFFCB0 /* -848 */
#define NSSCS_E_PARSER_FAILURE 0xFFFFFCAF /* -849 */
#define NSSCS_E_UTF8_OP_FAILURE 0xFFFFFCAE /* -850 */
#define NSSCS_E_CTX_LESS_CN_NOT_UNIQUE 0xFFFFFCAD /* -851 */
#define NSSCS_E_UNSUPPORTED_BIND_CRED 0xFFFFFCAC /* -852 */
#define NSSCS_E_CERTIFICATE_NOT_FOUND 0xFFFFFCAB /* -853 */
#define NSSCS_E_CANT_OPEN_CLIENT_CACHE 0xFFFFFCAA /* -854 */
#define NSSCS_E_WRONG_SH_SEC_TYPE 0xFFFFFCA9 /* -855 */
#define NSSCS_E_NOT_IMPLEMENTED 0xFFFFFC88 /* -888 */
#define NSSCS_E_BETA_EXPIRED 0xFFFFFC7D /* -899 */
/* #########################################################################
########################### ERROR DESCRIPTIONS ##########################
#########################################################################
NSSCS_E_OBJECT_NOT_FOUND -800
Description: Can't find the target object DN in NDS. (Resolve name failed.)
NSSCS_E_NICI_FAILURE -801
Description: NICI operations have failed.
NSSCS_E_INVALID_SECRET_ID -802
Description: Secret ID is not in the User Secret Store.
NSSCS_E_SYSTEM_FAILURE -803
Description: Some internal operating system services have not been available.
NSSCS_E_ACCESS_DENIED -804
Description: Access to the target Secret Store has been denied!
NSSCS_E_NDS_INTERNAL_FAILURE -805
Description: Some internal NDS services have not been available.
NSSCS_E_SECRET_UNINITIALIZED -806
Description: Secret has not been initialized with a write.
NSSCS_E_BUFFER_LEN -807
Description: Size of the buffer is not in a nominal range between minimum and maximum.
NSSCS_E_INCOMPATIBLE_VERSION -808
Description: Client and server components are not of the compatible versions.
NSSCS_E_CORRUPTED_STORE -809
Description: Secret Store data on the server has been corrupted.
NSSCS_E_SECRET_ID_EXISTS -810
Description: Secret ID already exists in the Secret Store.
NSSCS_E_NDS_PWORD_CHANGED -811
Description: User NDS password has been changed by the administrator.
NSSCS_E_INVALID_TARGET_OBJECT -812
Description: Target NDS User object not found.
NSSCS_E_STORE_NOT_FOUND -813
Description: Target NDS User object does not have a Secret Store.
NSSCS_E_SERVICE_NOT_FOUND -814
Description: Secret Store not on the Network.
NSSCS_E_SECRET_ID_TOO_LONG -815
Description: Lenght of the Secret ID buffer exceeds the limit.
NSSCS_E_ENUM_BUFF_TOO_SHORT -816
Description: Lenght of the Enumeration buffer too short.
NSSCS_E_NOT_AUTHENTICATED -817
Description: User not authenticated.
NSSCS_E_NOT_SUPPORTED -818
Description: Not supported operations.
NSSCS_E_NDS_PWORD_INVALID -819
Description: Typed in NDS password not valid.
NSSCS_E_NICI_OUTOF_SYNC -820
Description: Session keys of the client and server NICI are out of sync.
NSSCS_E_SERVICE_NOT_SUPPORTED -821
Description: Requested service not supported yet.
NSSCS_E_TOKEN_NOT_SUPPORTED -822
Description: NDS authentication type not supported.
NSSCS_E_UNICODE_OP_FAILURE -823
Description: Unicode text conversion operation failed.
NSSCS_E_TRANSPORT_FAILURE -824
Description: Connection to server is lost.
NSSCS_E_CRYPTO_OP_FAILURE -825
Description: Cryptographic operation failed.
NSSCS_E_SERVER_CONN_FAILURE -826
Description: Opening a connection to the server failed.
NSSCS_E_CONN_ACCESS_FAILURE -827
Description: Access to server connection failed.
NSSCS_E_ENUM_BUFF_TOO_LONG -828
Description: Size of the enumeration buffer exceeds the limit.
NSSCS_E_SECRET_BUFF_TOO_LONG -829
Description: Size of the Secret buffer exceeds the limit.
NSSCS_E_SECRET_ID_TOO_SHORT -830
Description: Lenght of the Secret ID should be greater than zero.
NSSCS_E_CORRUPTED_PACKET_DATA -831
Description: Protocol data corrupted on the wire.
NSSCS_E_EP_ACCESS_DENIED -832
Description: EP password validation failed. Access to the secret denied!
NSSCS_E_SCHEMA_NOT_EXTENDED -833
Description: Schema is not extended to support SecreStore on the target tree.
NSSCS_E_ATTR_NOT_FOUND -834
Description: One of the optional service attributes is not instantiated.
NSSCS_E_MIGRATION_NEEDED -835
Description: Server has been upgraded and user SecretStore should be updated.
NSSCS_E_MP_PWORD_INVALID -836
Description: Master passwrod could not be verified to read or unlock the secrets.
NSSCS_E_MP_PWORD_NOT_SET -837
Description: Master password has not been set on the SecretStore.
NSSCS_E_MP_PWORD_NOT_ALLOWED -838
Description: Ability to use master password has been disabled.
NSSCS_E_WRONG_REPLICA_TYPE -839
Description: Not a writeable replica of NDS.
NSSCS_E_ATTR_VAL_NOT_FOUND -840
Description: Target attrbute is not instantiated in NDS.
NSSCS_E_INVALID_PARAM -841
Description: API parameter is not initialized.
NSSCS_E_NEED_SECURE_CHANNEL -842
Description: Connection to the SecretStore needs to be over SSL.
NSSCS_E_CONFIG_NOT_SUPPORTED -843
Description: No server to support the given override configuration is found.
NSSCS_E_STORE_NOT_LOCKED -844
Description: Attempt to unlock SecretStore failed because the store is not locked.
NSSCS_E_TIME_OUT_OF_SYNC -845
Description: NDS Replica on the server that holds SecretStore is out of sync with the replica ring.
NSSCS_E_VERSION_MISMATCH -846
Description: Versions of the client dlls don't match.
NSSCS_E_SECRET_BUFF_TOO_SHORT -847
Description: Buffer supplied for the secret is too short (minimum NSSCS_MIN_IDLIST_BUF_LEN).
NSSCS_E_SH_SECRET_FAILURE -848
Description: Shared Secret processing and operations failed.
NSSCS_E_PARSER_FAILURE -849
Description: Shared Secret parser operations failed.
NSSCS_E_UTF8_OP_FAILURE -850
Description: Utf8 string operations failed.
NSSCS_E_CTX_LESS_CN_NOT_UNIQUE -851
Description: Contextless name for LDAP bind does not resolve to a unique DN
NSSCS_E_UNSUPPORTED_BIND_CRED -852
Description: login credential for advanced bind is not supported
NSSCS_E_CERTIFICATE_NOT_FOUND -853
Description: LDAP Root Cert required for Bind operations not found
NSSCS_E_WRONG_SH_SEC_TYPE -855
Description: Unrecognized or unknown shared secret tag.
NSSCS_E_NOT_IMPLEMENTED -888
Description: Feature not implemented yet.
NSSCS_E_BETA_EXPIRED -899
Description: Product's BETA life has expired! Official release copy should be
purchased.
########################### END OFERROR CODES ########################## */
#endif // _SSCS_SDK_H_
// * The following functions will be exposed as exported API:
// **************************************************************
// * These function calls will utilize the Support Functions for
// * populating or extracting data from a Shared Secret.
// **************************************************************
// General API Info:
// All strings passed through the API need to be NULL terminated.
//
//
// Parameters:
// ssFlags
// Sets behaviors desired on the Secret. Set to 0.
//
// appSecretID (input) -
// Name of service requesting credentials.
//
// sharedSecretID (input) -
// The group name is the name of the backend authentication realm, relating a group of services.
// Example: Novell.Collaboration (Groupwise, GW address book, GW Notify, and GWIM)
// This parameter can be set to NULL,
//
// credentialType (input)
// Type of credential structure used during this call.
// Currently we only support one:
// SSCS_CRED_TYPE_BASIC_F
//
// credential
// Pointer to the credential structure
//
// ext
// Reserved.
//
// Abstract:
//
// Get cache user credentials routine.
//
//
SSCS_EXTERN_LIBCALL(int32_t)
miCASAGetCredential
(
uint32_t ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
int32_t * credentialType, // IN/OUT
void * credential, // OUT
SSCS_EXT_T * ext // Reserved
);
SSCS_EXTERN_LIBCALL(int32_t)
miCASASetCredential
(
uint32_t ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
int32_t credentialType, // IN
void * credential, // IN
SSCS_EXT_T * ext // Reserved
);
SSCS_EXTERN_LIBCALL(int32_t)
miCASARemoveCredential
(
uint32_t ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
SSCS_EXT_T * ext // Reserved
);
// end
#if defined(__cplusplus) || defined(c_plusplus)
}
#endif
#endif // _MICASA_MANAGED_H_

View File

@ -1,447 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
***********************************************************************/
#ifndef _NSSCS_MANAGED_IDK_H_
#define _NSSCS_MANAGED_IDK_H_
#if defined(__cplusplus) || defined(c_plusplus)
extern "C"
{
#endif
/***************************************************************************
*** All strings are length preceeded and the lengths include the NULL.
***************************************************************************/
#if defined(WIN32)
#define SSCS_GLOBAL_LIBCALL_PTR(RET) RET * __stdcall
#define SSCS_GLOBAL_LIBCALL(RET) RET __stdcall
#define SSCS_EXTERN_LIBCALL_PTR(RET) extern RET * __stdcall
#define SSCS_EXTERN_LIBCALL(RET) extern RET __stdcall
#define SSCS_TYPEDEF_LIBCALL_PTR(RET, PTR) typedef RET * (__stdcall *PTR)
#define SSCS_TYPEDEF_LIBCALL(RET, PTR) typedef RET (__stdcall *PTR)
#else
#define SSCS_GLOBAL_LIBCALL_PTR(RET) RET *
#define SSCS_GLOBAL_LIBCALL(RET) RET
#define SSCS_EXTERN_LIBCALL_PTR(RET) extern RET *
#define SSCS_EXTERN_LIBCALL(RET) extern RET
#define SSCS_TYPEDEF_LIBCALL_PTR(RET, PTR) typedef RET * (*PTR)
#define SSCS_TYPEDEF_LIBCALL(RET, PTR) typedef RET (*PTR)
#endif /* WIN32 */
#ifndef _SSUTF8_H_
/* defining the utf8 for SSCS */
typedef unsigned char SS_UTF8_T;
#endif
#define NSSCS_MAX_USERID_LEN 256 //* max username (bytes)
#define NSSCS_MAX_PWORD_LEN 128 //* max password (bytes)
#define NSSCS_MAX_SECRET_ID_LEN 512 //* in bytes including NULL
// used to denote what structure is being used for the credentials
#define SSCS_CRED_TYPE_BASIC_F 0x00000001L
// used to denote the type of username being requested or set
#define USERNAME_TYPE_CN_F 0x00000000L // default behavior
#define USERNAME_TYPE_NDS_DN_F 0x00000001L
#define USERNAME_TYPE_LDAP_DN_F 0x00000002L
#define USERNAME_TYPE_EMAIL_F 0x00000004L
#define USERNAME_TYPE_OTHER_F 0x00000008L
typedef struct _sscs_secret_id
{
long len; // max id len in bytes
SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN]; // * should be passed in # of chars
} SSCS_SECRET_ID_T;
typedef struct _sscs_basic_credential
{
unsigned long unFlags;
unsigned long unLen;
SS_UTF8_T username[NSSCS_MAX_USERID_LEN];
unsigned long pwordLen;
SS_UTF8_T password[NSSCS_MAX_PWORD_LEN];
} SSCS_BASIC_CREDENTIAL;
typedef struct _sscs_ext_t
{
int extID; // defined to identify the extension
int version; // defined as the version of the specified extension
void *ext; // points to the actual extension
} SSCS_EXT_T;
/* ####################################################################### */
/* ############################## ERROR CODES ############################ */
/* ####################################################################### */
#define NSSCS_SUCCESS 0x00000000 /* 0 */
#define NSSCS_E_OBJECT_NOT_FOUND 0xFFFFFCE0 /* -800 */
#define NSSCS_E_NICI_FAILURE 0xFFFFFCDF /* -801 */
#define NSSCS_E_INVALID_SECRET_ID 0xFFFFFCDE /* -802 */
#define NSSCS_E_SYSTEM_FAILURE 0xFFFFFCDD /* -803 */
#define NSSCS_E_ACCESS_DENIED 0xFFFFFCDC /* -804 */
#define NSSCS_E_NDS_INTERNAL_FAILURE 0xFFFFFCDB /* -805 */
#define NSSCS_E_SECRET_UNINITIALIZED 0xFFFFFCDA /* -806 */
#define NSSCS_E_BUFFER_LEN 0xFFFFFCD9 /* -807 */
#define NSSCS_E_INCOMPATIBLE_VERSION 0xFFFFFCD8 /* -808 */
#define NSSCS_E_CORRUPTED_STORE 0xFFFFFCD7 /* -809 */
#define NSSCS_E_SECRET_ID_EXISTS 0xFFFFFCD6 /* -810 */
#define NSSCS_E_NDS_PWORD_CHANGED 0xFFFFFCD5 /* -811 */
#define NSSCS_E_INVALID_TARGET_OBJECT 0xFFFFFCD4 /* -812 */
#define NSSCS_E_STORE_NOT_FOUND 0xFFFFFCD3 /* -813 */
#define NSSCS_E_SERVICE_NOT_FOUND 0xFFFFFCD2 /* -814 */
#define NSSCS_E_SECRET_ID_TOO_LONG 0xFFFFFCD1 /* -815 */
#define NSSCS_E_ENUM_BUFF_TOO_SHORT 0xFFFFFCD0 /* -816 */
#define NSSCS_E_NOT_AUTHENTICATED 0xFFFFFCCF /* -817 */
#define NSSCS_E_NOT_SUPPORTED 0xFFFFFCCE /* -818 */
#define NSSCS_E_NDS_PWORD_INVALID 0xFFFFFCCD /* -819 */
#define NSSCS_E_NICI_OUTOF_SYNC 0xFFFFFCCC /* -820 */
#define NSSCS_E_SERVICE_NOT_SUPPORTED 0xFFFFFCCB /* -821 */
#define NSSCS_E_TOKEN_NOT_SUPPORTED 0xFFFFFCCA /* -822 */
#define NSSCS_E_UNICODE_OP_FAILURE 0xFFFFFCC9 /* -823 */
#define NSSCS_E_TRANSPORT_FAILURE 0xFFFFFCC8 /* -824 */
#define NSSCS_E_CRYPTO_OP_FAILURE 0xFFFFFCC7 /* -825 */
#define NSSCS_E_SERVER_CONN_FAILURE 0xFFFFFCC6 /* -826 */
#define NSSCS_E_CONN_ACCESS_FAILURE 0xFFFFFCC5 /* -827 */
#define NSSCS_E_ENUM_BUFF_TOO_LONG 0xFFFFFCC4 /* -828 */
#define NSSCS_E_SECRET_BUFF_TOO_LONG 0xFFFFFCC3 /* -829 */
#define NSSCS_E_SECRET_ID_TOO_SHORT 0xFFFFFCC2 /* -830 */
#define NSSCS_E_CORRUPTED_PACKET_DATA 0xFFFFFCC1 /* -831 */
#define NSSCS_E_EP_ACCESS_DENIED 0xFFFFFCC0 /* -832 */
#define NSSCS_E_SCHEMA_NOT_EXTENDED 0xFFFFFCBF /* -833 */
#define NSSCS_E_ATTR_NOT_FOUND 0xFFFFFCBE /* -834 */
#define NSSCS_E_MIGRATION_NEEDED 0xFFFFFCBD /* -835 */
#define NSSCS_E_MP_PWORD_INVALID 0xFFFFFCBC /* -836 */
#define NSSCS_E_MP_PWORD_NOT_SET 0xFFFFFCBB /* -837 */
#define NSSCS_E_MP_PWORD_NOT_ALLOWED 0xFFFFFCBA /* -838 */
#define NSSCS_E_WRONG_REPLICA_TYPE 0xFFFFFCB9 /* -839 */
#define NSSCS_E_ATTR_VAL_NOT_FOUND 0xFFFFFCB8 /* -840 */
#define NSSCS_E_INVALID_PARAM 0xFFFFFCB7 /* -841 */
#define NSSCS_E_NEED_SECURE_CHANNEL 0xFFFFFCB6 /* -842 */
#define NSSCS_E_CONFIG_NOT_SUPPORTED 0xFFFFFCB5 /* -843 */
#define NSSCS_E_STORE_NOT_LOCKED 0xFFFFFCB4 /* -844 */
#define NSSCS_E_TIME_OUT_OF_SYNC 0xFFFFFCB3 /* -845 */
#define NSSCS_E_VERSION_MISMATCH 0xFFFFFCB2 /* -846 */
#define NSSCS_E_SECRET_BUFF_TOO_SHORT 0xFFFFFCB1 /* -847 */
#define NSSCS_E_SH_SECRET_FAILURE 0xFFFFFCB0 /* -848 */
#define NSSCS_E_PARSER_FAILURE 0xFFFFFCAF /* -849 */
#define NSSCS_E_UTF8_OP_FAILURE 0xFFFFFCAE /* -850 */
#define NSSCS_E_CTX_LESS_CN_NOT_UNIQUE 0xFFFFFCAD /* -851 */
#define NSSCS_E_UNSUPPORTED_BIND_CRED 0xFFFFFCAC /* -852 */
#define NSSCS_E_CERTIFICATE_NOT_FOUND 0xFFFFFCAB /* -853 */
#define NSSCS_E_CANT_OPEN_CLIENT_CACHE 0xFFFFFCAA /* -854 */
#define NSSCS_E_WRONG_SH_SEC_TYPE 0xFFFFFCA9 /* -855 */
#define NSSCS_E_NOT_IMPLEMENTED 0xFFFFFC88 /* -888 */
#define NSSCS_E_BETA_EXPIRED 0xFFFFFC7D /* -899 */
/* #########################################################################
########################### ERROR DESCRIPTIONS ##########################
#########################################################################
NSSCS_E_OBJECT_NOT_FOUND -800
Description: Can't find the target object DN in NDS. (Resolve name failed.)
NSSCS_E_NICI_FAILURE -801
Description: NICI operations have failed.
NSSCS_E_INVALID_SECRET_ID -802
Description: Secret ID is not in the User Secret Store.
NSSCS_E_SYSTEM_FAILURE -803
Description: Some internal operating system services have not been available.
NSSCS_E_ACCESS_DENIED -804
Description: Access to the target Secret Store has been denied!
NSSCS_E_NDS_INTERNAL_FAILURE -805
Description: Some internal NDS services have not been available.
NSSCS_E_SECRET_UNINITIALIZED -806
Description: Secret has not been initialized with a write.
NSSCS_E_BUFFER_LEN -807
Description: Size of the buffer is not in a nominal range between minimum and maximum.
NSSCS_E_INCOMPATIBLE_VERSION -808
Description: Client and server components are not of the compatible versions.
NSSCS_E_CORRUPTED_STORE -809
Description: Secret Store data on the server has been corrupted.
NSSCS_E_SECRET_ID_EXISTS -810
Description: Secret ID already exists in the Secret Store.
NSSCS_E_NDS_PWORD_CHANGED -811
Description: User NDS password has been changed by the administrator.
NSSCS_E_INVALID_TARGET_OBJECT -812
Description: Target NDS User object not found.
NSSCS_E_STORE_NOT_FOUND -813
Description: Target NDS User object does not have a Secret Store.
NSSCS_E_SERVICE_NOT_FOUND -814
Description: Secret Store not on the Network.
NSSCS_E_SECRET_ID_TOO_LONG -815
Description: Lenght of the Secret ID buffer exceeds the limit.
NSSCS_E_ENUM_BUFF_TOO_SHORT -816
Description: Lenght of the Enumeration buffer too short.
NSSCS_E_NOT_AUTHENTICATED -817
Description: User not authenticated.
NSSCS_E_NOT_SUPPORTED -818
Description: Not supported operations.
NSSCS_E_NDS_PWORD_INVALID -819
Description: Typed in NDS password not valid.
NSSCS_E_NICI_OUTOF_SYNC -820
Description: Session keys of the client and server NICI are out of sync.
NSSCS_E_SERVICE_NOT_SUPPORTED -821
Description: Requested service not supported yet.
NSSCS_E_TOKEN_NOT_SUPPORTED -822
Description: NDS authentication type not supported.
NSSCS_E_UNICODE_OP_FAILURE -823
Description: Unicode text conversion operation failed.
NSSCS_E_TRANSPORT_FAILURE -824
Description: Connection to server is lost.
NSSCS_E_CRYPTO_OP_FAILURE -825
Description: Cryptographic operation failed.
NSSCS_E_SERVER_CONN_FAILURE -826
Description: Opening a connection to the server failed.
NSSCS_E_CONN_ACCESS_FAILURE -827
Description: Access to server connection failed.
NSSCS_E_ENUM_BUFF_TOO_LONG -828
Description: Size of the enumeration buffer exceeds the limit.
NSSCS_E_SECRET_BUFF_TOO_LONG -829
Description: Size of the Secret buffer exceeds the limit.
NSSCS_E_SECRET_ID_TOO_SHORT -830
Description: Lenght of the Secret ID should be greater than zero.
NSSCS_E_CORRUPTED_PACKET_DATA -831
Description: Protocol data corrupted on the wire.
NSSCS_E_EP_ACCESS_DENIED -832
Description: EP password validation failed. Access to the secret denied!
NSSCS_E_SCHEMA_NOT_EXTENDED -833
Description: Schema is not extended to support SecreStore on the target tree.
NSSCS_E_ATTR_NOT_FOUND -834
Description: One of the optional service attributes is not instantiated.
NSSCS_E_MIGRATION_NEEDED -835
Description: Server has been upgraded and user SecretStore should be updated.
NSSCS_E_MP_PWORD_INVALID -836
Description: Master passwrod could not be verified to read or unlock the secrets.
NSSCS_E_MP_PWORD_NOT_SET -837
Description: Master password has not been set on the SecretStore.
NSSCS_E_MP_PWORD_NOT_ALLOWED -838
Description: Ability to use master password has been disabled.
NSSCS_E_WRONG_REPLICA_TYPE -839
Description: Not a writeable replica of NDS.
NSSCS_E_ATTR_VAL_NOT_FOUND -840
Description: Target attrbute is not instantiated in NDS.
NSSCS_E_INVALID_PARAM -841
Description: API parameter is not initialized.
NSSCS_E_NEED_SECURE_CHANNEL -842
Description: Connection to the SecretStore needs to be over SSL.
NSSCS_E_CONFIG_NOT_SUPPORTED -843
Description: No server to support the given override configuration is found.
NSSCS_E_STORE_NOT_LOCKED -844
Description: Attempt to unlock SecretStore failed because the store is not locked.
NSSCS_E_TIME_OUT_OF_SYNC -845
Description: NDS Replica on the server that holds SecretStore is out of sync with the replica ring.
NSSCS_E_VERSION_MISMATCH -846
Description: Versions of the client dlls don't match.
NSSCS_E_SECRET_BUFF_TOO_SHORT -847
Description: Buffer supplied for the secret is too short (minimum NSSCS_MIN_IDLIST_BUF_LEN).
NSSCS_E_SH_SECRET_FAILURE -848
Description: Shared Secret processing and operations failed.
NSSCS_E_PARSER_FAILURE -849
Description: Shared Secret parser operations failed.
NSSCS_E_UTF8_OP_FAILURE -850
Description: Utf8 string operations failed.
NSSCS_E_CTX_LESS_CN_NOT_UNIQUE -851
Description: Contextless name for LDAP bind does not resolve to a unique DN
NSSCS_E_UNSUPPORTED_BIND_CRED -852
Description: login credential for advanced bind is not supported
NSSCS_E_CERTIFICATE_NOT_FOUND -853
Description: LDAP Root Cert required for Bind operations not found
NSSCS_E_WRONG_SH_SEC_TYPE -855
Description: Unrecognized or unknown shared secret tag.
NSSCS_E_NOT_IMPLEMENTED -888
Description: Feature not implemented yet.
NSSCS_E_BETA_EXPIRED -899
Description: Product's BETA life has expired! Official release copy should be
purchased.
########################### END OFERROR CODES ########################## */
// * The following functions will be exposed as exported API:
// **************************************************************
// * These function calls will utilize the Support Functions for
// * populating or extracting data from a Shared Secret.
// **************************************************************
// General API Info:
//
// There is a high probability that services under the same group share the
// same user name and passwords. By specifying a service group name, the caller wants to
// take advantage of this to try to improve the user experience. If the service group
// name is not specified then no effort is made to share usernames and passwords with
// other services.
//
// If the svcGroupNameIsRealmName parameter is set to true then it is assumed that
// the services in the group validate username and passwords against the same
// database or against synchronized databases.
//
// If the svcGroupNameIsRealmName parameter is set to false then an attempt will be
// made to share passwords between the services in the group but services will be
// allowed to use different passwords. Specifying a service group does not mean
// that the system will not be able to obtain a username and password that is
// unique to a particular service.
//
// All strings passed through the API need to be NULL terminated.
//
//
// Get cache user credentials routine
//
// Parameters:
//
// ssFlags
// Sets behaviors desired on the Secret.
// Example: SSCS_PERSIST_CREDENTIAL_F (Make credential persistent)
//
// appSecretID (input) -
// Name of service requesting credentials.
//
// sharedSecretID (input) -
// The group name is the name of the backend authentication realm, relating a group of services.
// Example: NovellCollaboration (Groupwise, GW address book, GW Notify, and GWIM)
// This parameter can be set to NULL,
//
// credentialType (input)
// Type of credential structure used during this call.
// Currently we only support one:
// SSCS_CRED_TYPE_BASIC_F
//
// credential
// Pointer to the credential structure
//
// ext
// Reserved.
//
// Abstract:
//
// Get cache user credentials routine.
//
//
SSCS_EXTERN_LIBCALL(int)
NSSCSGetCredential
(
unsigned long ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
int * credentialType, // IN/OUT
void * credential, // OUT
SSCS_EXT_T * ext // Reserved
);
SSCS_EXTERN_LIBCALL(int)
NSSCSSetCredential
(
unsigned long ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
int credentialType, // IN
void * credential, // IN
SSCS_EXT_T * ext // Reserved
);
SSCS_EXTERN_LIBCALL(int)
NSSCSRemoveCredential
(
unsigned long ssFlags, // IN
SSCS_SECRET_ID_T * appSecretID, // IN
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
SSCS_EXT_T * ext // Reserved
);
// end
#if defined(__cplusplus) || defined(c_plusplus)
}
#endif
#endif // _NSSCS_MANAGED_IDK_H_

View File

@ -19,7 +19,7 @@
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories=".\external\xplatapi\include;.\external\provider\include"
AdditionalIncludeDirectories=".\external\xplatapi\include;.\external\provider\include;..\..\include"
PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;WINDOWS_EXPORTS"
MinimalRebuild="TRUE"
BasicRuntimeChecks="3"
@ -134,9 +134,6 @@
<File
RelativePath=".\lcredmgr.h">
</File>
<File
RelativePath=".\micasa_mgmd.h">
</File>
<File
RelativePath=".\npapi.h">
</File>

View File

@ -210,7 +210,7 @@ int ll_InsertSharedSecretLink
sharedLink->key = (SS_UTF8_T *)(((uint8_t *)sharedLink) + sizeof(LL_SHSEC_KEY_VAL_T));
sharedLink->value = (((uint8_t *)sharedLink) + sizeof(LL_SHSEC_KEY_VAL_T)) + keyLen;
sscs_Utf8Strcpy(sharedLink->key, key);
sscs_Utf8Strncpy(sharedLink->key, key, kLen);
memcpy(sharedLink->value, value, vLen);
return(NSSCS_LL_SUCCESS);

View File

@ -1,36 +0,0 @@
#######################################################################
#
# Copyright (C) 2006 Novell, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
#
#######################################################################
SUBDIRS = $(TARGET_OS)
DIST_SUBDIRS = linux
CFILES =
EXTRA_DIST = *.c
.PHONY: package package-clean package-install package-uninstall
package package-clean package-install package-uninstall:
$(MAKE) -C $(TARGET_OS) $@
maintainer-clean-local:
rm -f Makefile.in

View File

@ -54,27 +54,19 @@ void* sscs_CacheOpenSecretStore
SSCS_LINUX_SS_HANDLE_T *platHandle = NULL;
int32_t retVal = 0;
ssHandle = (SSCS_SECRETSTORE_HANDLE_T *)malloc(sizeof(SSCS_SECRETSTORE_HANDLE_T));
ssHandle = (SSCS_SECRETSTORE_HANDLE_T *)malloc((sizeof(SSCS_SECRETSTORE_HANDLE_T) + (sizeof(SSCS_LINUX_SS_HANDLE_T))));
if(NULL == ssHandle)
{
return NULL;
}
platHandle = (SSCS_LINUX_SS_HANDLE_T *)malloc(sizeof(SSCS_LINUX_SS_HANDLE_T));
if(NULL == platHandle)
{
free(ssHandle);
return NULL;
}
memset(ssHandle,0,sizeof(SSCS_SECRETSTORE_HANDLE_T));
memset(platHandle,0,sizeof(SSCS_LINUX_SS_HANDLE_T));
ssHandle->platHandle = platHandle;
ssHandle->platHandle = ssHandle + sizeof(SSCS_SECRETSTORE_HANDLE_T);
retVal = ipc_OpenSecretStore(secretStoreID,ssHandle);
if(retVal)
{
free(platHandle);
memset(ssHandle, 0, sizeof(SSCS_SECRETSTORE_HANDLE_T) + (sizeof(SSCS_LINUX_SS_HANDLE_T)));
free(ssHandle);
return NULL;
}
@ -107,7 +99,6 @@ int32_t sscs_CacheCloseSecretStore
if(ssHandleCopy->platHandle)
{
retVal = ipc_CloseSecretStore(ssHandleCopy, ssFlags);
free(ssHandleCopy->platHandle);
}
if(ssHandleCopy)

View File

@ -227,8 +227,8 @@ int32_t ipc_OpenSecretStore
break;
}
*(int *)ssHandle->platHandle = IPC_CREATE();
if(*(int *)ssHandle->platHandle < 0)
ssHandle->platHandle = IPC_CREATE();
if(ssHandle->platHandle < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
@ -259,13 +259,13 @@ int32_t ipc_OpenSecretStore
memcpy(pReq,ssID->ssName,ssNameLen);
pReq += ssNameLen;
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,(char *)gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,(char *)gpReqBuf, msgLen);
if(retVal < 0)
{
DMSG(("Write failed : %s\n",strerror(errno)));
DMSG(("Closing socket : %d\n",*(int*)ssHandle->platHandle));
DMSG(("ipc_OpenSecretStore:IPC_WRITE returned :%d\n",retVal));
IPC_CLOSE(*(int *)ssHandle->platHandle);
IPC_CLOSE(ssHandle->platHandle);
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
@ -276,7 +276,7 @@ int32_t ipc_OpenSecretStore
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_OPENSS);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_OPENSS);
if(retVal < 0)
{
//log debug info here
@ -284,7 +284,7 @@ int32_t ipc_OpenSecretStore
DMSG(("Read failed : %s\n",strerror(errno)));
DMSG(("Closing socket : %d\n",*(int*)ssHandle->platHandle));
IPC_CLOSE(*(int *)ssHandle->platHandle);
IPC_CLOSE(ssHandle->platHandle);
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
@ -302,7 +302,7 @@ int32_t ipc_OpenSecretStore
{
DMSG(("ipc_OpenSecretStore:sscs returned :%d\n",sockReturn));
DMSG(("Closing socket : %d\n",*(int*)ssHandle->platHandle));
IPC_CLOSE(*(int *)ssHandle->platHandle);
IPC_CLOSE(ssHandle->platHandle);
retCode = mapReturnCode(sockReturn);
break;
}
@ -351,7 +351,7 @@ int32_t ipc_CloseSecretStore
//marshall ssflags
memcpy(pReq, &ssFlags, MSG_DWORD_LEN);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
retVal = NSSCS_E_SYSTEM_FAILURE;
@ -361,7 +361,7 @@ int32_t ipc_CloseSecretStore
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -379,7 +379,7 @@ int32_t ipc_CloseSecretStore
}while(0);
DMSG(("Closing socket : %d\n",*(int*)ssHandle->platHandle));
IPC_CLOSE(*(int *)ssHandle->platHandle);
IPC_CLOSE(ssHandle->platHandle);
return retCode; // map return code
}
@ -419,7 +419,7 @@ int32_t ipc_RemoveSecretStore
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -428,7 +428,7 @@ int32_t ipc_RemoveSecretStore
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -497,7 +497,7 @@ int32_t ipc_EnumerateKeychainIDs
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -507,7 +507,7 @@ int32_t ipc_EnumerateKeychainIDs
// Read reply
pReply = gpReplyBuf;
memset(pReply,0,MIN_REPLY_BUF_LEN);
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -523,7 +523,7 @@ int32_t ipc_EnumerateKeychainIDs
memcpy(&bufLen,pReply, MSG_DWORD_LEN);
if( 0 == bufLen )
{
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if(retVal < 0)
{
//log debug info here
@ -546,13 +546,13 @@ int32_t ipc_EnumerateKeychainIDs
n = msgLen - MSG_REPLY_GENERAL;
while(n)
{
int bytes = IPC_READ(*(int *)ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
int bytes = IPC_READ(ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
if( bytes > 0 )
n -= MIN_REPLY_BUF_LEN;
else
break;
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,
retVal = IPC_READ(ssHandle->platHandle,
&sockReturn, MSG_DWORD_LEN);
if(retVal < 0)
{
@ -565,7 +565,7 @@ int32_t ipc_EnumerateKeychainIDs
else
tmpBuf = (SS_UTF8_T *)pReply; // Save this ptr to free later.
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,pReply, bufLen*sizeof(char));
retVal = IPC_READ(ssHandle->platHandle,pReply, bufLen*sizeof(char));
tmpPtr = (SS_UTF8_T *)pReply;
tmpPtr[bufLen] = nulc;
@ -587,7 +587,7 @@ int32_t ipc_EnumerateKeychainIDs
free(tmpBuf);
tmpBuf = NULL;
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
kcIDList->enumHandle = 0;
retCode = NSSS_E_ENUM_BUFF_TOO_SHORT;
@ -605,7 +605,7 @@ int32_t ipc_EnumerateKeychainIDs
}
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if(retVal < 0)
{
//log debug info here
@ -677,7 +677,7 @@ int32_t ipc_AddKeychain
memcpy((SS_UTF8_T*)pReq,keychainID->keychainID,keychainIDLen);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -687,7 +687,7 @@ int32_t ipc_AddKeychain
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -759,7 +759,7 @@ int32_t ipc_RemoveKeychain
pReq += MSG_STRING_LEN;
memcpy(pReq,keychainID->keychainID, keychainIDLen);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -768,7 +768,7 @@ int32_t ipc_RemoveKeychain
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -853,7 +853,7 @@ int32_t ipc_EnumerateSecretIDs
pReq += MSG_STRING_LEN;
memcpy((SS_UTF8_T *)pReq,(SS_UTF8_T *)keychainID->keychainID,keychainIDLen);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -863,7 +863,7 @@ int32_t ipc_EnumerateSecretIDs
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if( retVal < 0 )
{
//log debug info here
@ -881,7 +881,7 @@ int32_t ipc_EnumerateSecretIDs
if( 0 == bufLen )
{
// Cleanup the channel by reading the return code.
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
secretIDList->returnedIDs = 0;
retCode = mapReturnCode(sockReturn);
break;
@ -899,13 +899,13 @@ int32_t ipc_EnumerateSecretIDs
n = msgLen - MSG_REPLY_GENERAL;
while(n)
{
int bytes = IPC_READ((*(int *)ssHandle->platHandle), gpReplyBuf, MIN_REPLY_BUF_LEN);
int bytes = IPC_READ((ssHandle->platHandle), gpReplyBuf, MIN_REPLY_BUF_LEN);
if(bytes > 0 )
n -= MIN_REPLY_BUF_LEN;
else
break;
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,
retVal = IPC_READ(ssHandle->platHandle,
&sockReturn, MSG_DWORD_LEN);
if(retVal < 0)
{
@ -920,7 +920,7 @@ int32_t ipc_EnumerateSecretIDs
else
tmpBuf = (SS_UTF8_T *)pReply; // Save this ptr to free later.
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,pReply, bufLen*sizeof(SS_UTF8_T));
retVal = IPC_READ(ssHandle->platHandle,pReply, bufLen*sizeof(SS_UTF8_T));
DMSG(("Read returns..%d\n",retVal));
tmpPtr = (SS_UTF8_T *)pReply;
tmpPtr[bufLen] = nulc;
@ -941,7 +941,7 @@ int32_t ipc_EnumerateSecretIDs
free(tmpBuf);
tmpBuf = NULL;
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
secretIDList->enumHandle = 0;
retCode = NSSS_E_ENUM_BUFF_TOO_SHORT;
break;
@ -958,7 +958,7 @@ int32_t ipc_EnumerateSecretIDs
}
}
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if(retVal < 0)
{
//log debug info here
@ -1049,7 +1049,7 @@ int32_t ipc_ReadSecret
memcpy(pReq, epPassword->pword, epPassword->pwordLen);
pReq += epPassword->pwordLen;
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1059,7 +1059,7 @@ int32_t ipc_ReadSecret
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if( 0 == retVal )
{
//log debug info here
@ -1075,7 +1075,7 @@ int32_t ipc_ReadSecret
if( 0 == dataLen )
{
// Cleanup the channel by reading the return code.
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -1089,7 +1089,7 @@ int32_t ipc_ReadSecret
if(dataLen <= (uint32_t)secretData->len)
{
// Read the secret into application buffer.
retVal = IPC_READ(*(int *)ssHandle->platHandle, secretData->data, dataLen);
retVal = IPC_READ(ssHandle->platHandle, secretData->data, dataLen);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -1108,20 +1108,20 @@ int32_t ipc_ReadSecret
n = dataLen;
while(n)
{
int bytes = IPC_READ(*(int *)ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
int bytes = IPC_READ(ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
if( bytes > 0)
n -= MIN_REPLY_BUF_LEN;
else
break;
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
IPC_READ(ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = NSSCS_E_ENUM_BUFF_TOO_SHORT;
break;
}
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
IPC_READ(ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = mapReturnCode(sockReturn);
} while(0);
@ -1288,11 +1288,11 @@ int ipc_WriteSecret
if(tmpBuf != NULL)
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,tmpBuf,msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,tmpBuf,msgLen);
}
else
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,gpReqBuf, msgLen);
}
if(retVal < 0)
{
@ -1303,7 +1303,7 @@ int ipc_WriteSecret
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -1411,7 +1411,7 @@ int32_t ipc_RemoveSecret
memcpy(pReq, &pwordlen, MSG_STRING_LEN);
}
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1421,7 +1421,7 @@ int32_t ipc_RemoveSecret
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -1486,7 +1486,7 @@ int32_t ipc_GetSecretStoreInfo
memcpy(pReq, &msgLen, MSG_LEN);
pReq += MSG_LEN;
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1496,7 +1496,7 @@ int32_t ipc_GetSecretStoreInfo
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply,
retVal = IPC_READ(ssHandle->platHandle, pReply,
MSG_REPLY_GETSSINFO);
if(retVal < 0)
{
@ -1575,7 +1575,7 @@ int32_t ipc_GetKeychainInfo
pReq += MSG_LEN;
memcpy(pReq,keychainID->keychainID,keychainID->len);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1585,7 +1585,7 @@ int32_t ipc_GetKeychainInfo
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply,MSG_REPLY_GETKEYCHAIN_INFO);
retVal = IPC_READ(ssHandle->platHandle, pReply,MSG_REPLY_GETKEYCHAIN_INFO);
if(retVal < 0)
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -1653,7 +1653,7 @@ int32_t ipc_LockCache
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1662,7 +1662,7 @@ int32_t ipc_LockCache
}
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL)
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL)
;
if(retVal < 0)
{
@ -1725,7 +1725,7 @@ int32_t ipc_UnlockCache
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
// log debug info here
@ -1734,7 +1734,7 @@ int32_t ipc_UnlockCache
}
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -1814,7 +1814,7 @@ int32_t ipc_SetMasterPasscode
memcpy((SS_UTF8_T*)pReq,((SSCS_PASSWORD_T*)(passcode->passcodeHandle))->pword,passcodeLen);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1824,7 +1824,7 @@ int32_t ipc_SetMasterPasscode
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -1932,7 +1932,7 @@ int32_t ipc_ReadKey
memcpy(pReq, epPassword->pword, epPassword->pwordLen);
pReq += epPassword->pwordLen;
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -1942,7 +1942,7 @@ int32_t ipc_ReadKey
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if( 0 == retVal )
{
//log debug info here
@ -1958,7 +1958,7 @@ int32_t ipc_ReadKey
if( 0 == dataLen )
{
// Cleanup the channel by reading the return code.
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -1971,7 +1971,7 @@ int32_t ipc_ReadKey
if(dataLen <= *valLen)
{
// Read the secret into application buffer.
retVal = IPC_READ(*(int *)ssHandle->platHandle, val, dataLen);
retVal = IPC_READ(ssHandle->platHandle, val, dataLen);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -1991,20 +1991,20 @@ int32_t ipc_ReadKey
n = dataLen;
while(n)
{
int bytes = IPC_READ(*(int *)ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
int bytes = IPC_READ(ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
if( bytes > 0)
n -= MIN_REPLY_BUF_LEN;
else
break;
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
IPC_READ(ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = NSSCS_E_ENUM_BUFF_TOO_SHORT;
break;
}
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
IPC_READ(ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = mapReturnCode(sockReturn);
} while(0);
@ -2098,7 +2098,7 @@ int32_t ipc_ReadBinaryKey
memcpy(pReq, epPassword->pword, epPassword->pwordLen);
pReq += epPassword->pwordLen;
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -2108,7 +2108,7 @@ int32_t ipc_ReadBinaryKey
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if( 0 == retVal )
{
//log debug info here
@ -2124,7 +2124,7 @@ int32_t ipc_ReadBinaryKey
if( 0 == dataLen )
{
// Cleanup the channel by reading the return code.
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
retVal = IPC_READ(ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -2137,7 +2137,7 @@ int32_t ipc_ReadBinaryKey
if(dataLen <= *valLen)
{
// Read the secret into application buffer.
retVal = IPC_READ(*(int *)ssHandle->platHandle, val, dataLen);
retVal = IPC_READ(ssHandle->platHandle, val, dataLen);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
@ -2156,20 +2156,20 @@ int32_t ipc_ReadBinaryKey
n = dataLen;
while(n)
{
int bytes = IPC_READ(*(int *)ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
int bytes = IPC_READ(ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
if( bytes > 0)
n -= MIN_REPLY_BUF_LEN;
else
break;
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
IPC_READ(ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = NSSCS_E_ENUM_BUFF_TOO_SHORT;
break;
}
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
IPC_READ(ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = mapReturnCode(sockReturn);
} while(0);
@ -2348,11 +2348,11 @@ int ipc_WriteKey
if(tmpBuf != NULL)
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,tmpBuf,msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,tmpBuf,msgLen);
}
else
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,gpReqBuf, msgLen);
}
if(retVal < 0)
{
@ -2363,7 +2363,7 @@ int ipc_WriteKey
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -2563,11 +2563,11 @@ int ipc_WriteBinaryKey
if(tmpBuf != NULL)
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,tmpBuf,msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,tmpBuf,msgLen);
}
else
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,gpReqBuf, msgLen);
}
if(retVal < 0)
{
@ -2578,7 +2578,7 @@ int ipc_WriteBinaryKey
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -2660,7 +2660,7 @@ int32_t ipc_SetMasterPassword
memcpy((SS_UTF8_T*)pReq,passwd->pword,passwdLen);
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
@ -2670,7 +2670,7 @@ int32_t ipc_SetMasterPassword
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
@ -2796,11 +2796,11 @@ int ipc_IsSecretPersistent
}
if(tmpBuf != NULL)
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,tmpBuf,msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,tmpBuf,msgLen);
}
else
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,gpReqBuf, msgLen);
retVal = IPC_WRITE(ssHandle->platHandle,gpReqBuf, msgLen);
}
if(retVal < 0)
{
@ -2811,7 +2811,7 @@ int ipc_IsSecretPersistent
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here

File diff suppressed because it is too large Load Diff

View File

@ -546,6 +546,7 @@ SSCS_EXTERN_LIBCALL(int32_t)
miCASA_AddSHSEntry
(
void *secretHandle,
uint32_t keyLen,
SS_UTF8_T *key,
uint32_t valueLen,
uint8_t *value
@ -555,6 +556,7 @@ SSCS_EXTERN_LIBCALL(int32_t)
miCASA_RemoveSHSEntry
(
void *secretHandle,
uint32_t keyLen,
SS_UTF8_T *key,
uint32_t valueLen,
uint8_t *value

View File

@ -96,6 +96,7 @@ typedef struct _sscs_ext_t
/* ############################## ERROR CODES ############################ */
/* ####################################################################### */
#define NSSCS_SUCCESS 0x00000000 /* 0 */
#define NSSCS_E_OBJECT_NOT_FOUND 0xFFFFFCE0 /* -800 */
#define NSSCS_E_NICI_FAILURE 0xFFFFFCDF /* -801 */
@ -339,8 +340,6 @@ typedef struct _sscs_ext_t
########################### END OFERROR CODES ########################## */
#endif // _SSCS_SDK_H_
// * The following functions will be exposed as exported API:
// **************************************************************
@ -425,4 +424,5 @@ typedef struct _sscs_ext_t
}
#endif
#endif

View File

@ -57,6 +57,11 @@ typedef uint8_t Byte;
#include <sscs_lldefs.h>
#include <errno.h>
void * ipc_win_create(void);
int ipc_win_write(HANDLE hPipe, LPCVOID lpBuffer, DWORD bytesToWrite);
int ipc_win_read(HANDLE hPipe, LPVOID lpBuffer, DWORD numOfBytesToRead);
int ipc_win_close(HANDLE hPipe);
#define IPC_CREATE() ipc_win_create();
#define IPC_READ(s1,s2,s3) ipc_win_read(s1,s2,s3);
#define IPC_WRITE(s1,s2,s3) ipc_win_write(s1,s2,s3);

View File

@ -44,9 +44,9 @@ typedef unsigned char SS_UTF8_T;
#define sscs_Utf8Stricmp(s1, s2) sscs_stricmp((s1),(s2))
#define sscs_Utf8Strstr(s1, s2) sscs_strstr((s1),(s2))
#define sscs_Utf8Strchr(s1, c) sscs_strchr((s1),(c))
#define sscs_Utf8Strncat(s1, s2, c) sscs_strncat((s1), (s2), (c))
#define sscs_Utf8Strncmp(s1, s2, c) sscs_strncmp((s1), (s2), (c))
#define sscs_Utf8Strncpy(s1, s2, c) sscs_strncpy((s1), (s2), (c))
#define sscs_Utf8Strncat(s1, s2, l) {(s2)[(l)-1]='\0';strncat((s1),(s2),(l));}
#define sscs_Utf8Strncmp(s1, s2, l) (strncmp((s1),(s2),(l)))
#define sscs_Utf8Strncpy(s1, s2, l) {(s2)[(l)-1]='\0';strncpy((s1),(s2),(l));}
#if defined(__cplusplus) || defined(c_plusplus)