/************************************************************************** Copyright (c) [2005] Novell, Inc. All Rights Reserved. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; version 2.1 of the License. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, if not, contact Novell, Inc. To contact Novell about this file by physical or electronic mail, you may find current contact information at www.novell.com. **************************************************************************/ /*************************************************************************** * This is the Managed IDK for collaborating suite of applications ***************************************************************************/ #ifndef _MICASA_MANAGED_H_ #define _MICASA_MANAGED_H_ #if defined(__cplusplus) || defined(c_plusplus) extern "C" { #endif #include /*************************************************************************** *** All strings are length preceeded and the lengths include the NULL. ***************************************************************************/ #ifndef _SSUTF8_H_ /* defining the utf8 for SSCS */ typedef unsigned char SS_UTF8_T; #endif #define NSSCS_MAX_USERID_LEN 256 //* max username (bytes) #define NSSCS_MAX_PWORD_LEN 128 //* max password (bytes) #define NSSCS_MAX_SECRET_ID_LEN 512 //* in bytes including NULL // used to denote what structure is being used for the credentials #define SSCS_CRED_TYPE_BASIC_F 0x00000001L #define SSCS_CRED_TYPE_BINARY_F 0x00000002L // used to denote the type of username being requested or set #define USERNAME_TYPE_CN_F 0x00000000L // default behavior #define USERNAME_TYPE_NDS_DN_F 0x00000001L #define USERNAME_TYPE_NDS_FDN_F 0x00000002L #define USERNAME_TYPE_LDAP_DN_F 0x00000004L #define USERNAME_TYPE_EMAIL_F 0x00000008L #define USERNAME_TYPE_OTHER_F 0x00000010L typedef struct _sscs_secret_id { uint32_t len; // max id len in bytes SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN]; // * should be passed in # of chars } SSCS_SECRET_ID_T; typedef struct _sscs_basic_credential { uint32_t unFlags; uint32_t unLen; SS_UTF8_T username[NSSCS_MAX_USERID_LEN]; uint32_t pwordLen; SS_UTF8_T password[NSSCS_MAX_PWORD_LEN]; } SSCS_BASIC_CREDENTIAL; typedef struct _sscs_binary_credential { uint32_t idLen; SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN]; uint32_t *dataLen; uint8_t *data; } SSCS_BINARY_CREDENTIAL; typedef struct _sscs_ext_t { int32_t extID; // defined to identify the extension int32_t version; // defined as the version of the specified extension void *ext; // points to the actual extension } SSCS_EXT_T; /* ####################################################################### */ /* ############################## ERROR CODES ############################ */ /* ####################################################################### */ #define NSSCS_SUCCESS 0x00000000 /* 0 */ #define NSSCS_E_OBJECT_NOT_FOUND 0xFFFFFCE0 /* -800 */ #define NSSCS_E_NICI_FAILURE 0xFFFFFCDF /* -801 */ #define NSSCS_E_INVALID_SECRET_ID 0xFFFFFCDE /* -802 */ #define NSSCS_E_SYSTEM_FAILURE 0xFFFFFCDD /* -803 */ #define NSSCS_E_ACCESS_DENIED 0xFFFFFCDC /* -804 */ #define NSSCS_E_NDS_INTERNAL_FAILURE 0xFFFFFCDB /* -805 */ #define NSSCS_E_SECRET_UNINITIALIZED 0xFFFFFCDA /* -806 */ #define NSSCS_E_BUFFER_LEN 0xFFFFFCD9 /* -807 */ #define NSSCS_E_INCOMPATIBLE_VERSION 0xFFFFFCD8 /* -808 */ #define NSSCS_E_CORRUPTED_STORE 0xFFFFFCD7 /* -809 */ #define NSSCS_E_SECRET_ID_EXISTS 0xFFFFFCD6 /* -810 */ #define NSSCS_E_NDS_PWORD_CHANGED 0xFFFFFCD5 /* -811 */ #define NSSCS_E_INVALID_TARGET_OBJECT 0xFFFFFCD4 /* -812 */ #define NSSCS_E_STORE_NOT_FOUND 0xFFFFFCD3 /* -813 */ #define NSSCS_E_SERVICE_NOT_FOUND 0xFFFFFCD2 /* -814 */ #define NSSCS_E_SECRET_ID_TOO_LONG 0xFFFFFCD1 /* -815 */ #define NSSCS_E_ENUM_BUFF_TOO_SHORT 0xFFFFFCD0 /* -816 */ #define NSSCS_E_NOT_AUTHENTICATED 0xFFFFFCCF /* -817 */ #define NSSCS_E_NOT_SUPPORTED 0xFFFFFCCE /* -818 */ #define NSSCS_E_NDS_PWORD_INVALID 0xFFFFFCCD /* -819 */ #define NSSCS_E_NICI_OUTOF_SYNC 0xFFFFFCCC /* -820 */ #define NSSCS_E_SERVICE_NOT_SUPPORTED 0xFFFFFCCB /* -821 */ #define NSSCS_E_TOKEN_NOT_SUPPORTED 0xFFFFFCCA /* -822 */ #define NSSCS_E_UNICODE_OP_FAILURE 0xFFFFFCC9 /* -823 */ #define NSSCS_E_TRANSPORT_FAILURE 0xFFFFFCC8 /* -824 */ #define NSSCS_E_CRYPTO_OP_FAILURE 0xFFFFFCC7 /* -825 */ #define NSSCS_E_SERVER_CONN_FAILURE 0xFFFFFCC6 /* -826 */ #define NSSCS_E_CONN_ACCESS_FAILURE 0xFFFFFCC5 /* -827 */ #define NSSCS_E_ENUM_BUFF_TOO_LONG 0xFFFFFCC4 /* -828 */ #define NSSCS_E_SECRET_BUFF_TOO_LONG 0xFFFFFCC3 /* -829 */ #define NSSCS_E_SECRET_ID_TOO_SHORT 0xFFFFFCC2 /* -830 */ #define NSSCS_E_CORRUPTED_PACKET_DATA 0xFFFFFCC1 /* -831 */ #define NSSCS_E_EP_ACCESS_DENIED 0xFFFFFCC0 /* -832 */ #define NSSCS_E_SCHEMA_NOT_EXTENDED 0xFFFFFCBF /* -833 */ #define NSSCS_E_ATTR_NOT_FOUND 0xFFFFFCBE /* -834 */ #define NSSCS_E_MIGRATION_NEEDED 0xFFFFFCBD /* -835 */ #define NSSCS_E_MP_PWORD_INVALID 0xFFFFFCBC /* -836 */ #define NSSCS_E_MP_PWORD_NOT_SET 0xFFFFFCBB /* -837 */ #define NSSCS_E_MP_PWORD_NOT_ALLOWED 0xFFFFFCBA /* -838 */ #define NSSCS_E_WRONG_REPLICA_TYPE 0xFFFFFCB9 /* -839 */ #define NSSCS_E_ATTR_VAL_NOT_FOUND 0xFFFFFCB8 /* -840 */ #define NSSCS_E_INVALID_PARAM 0xFFFFFCB7 /* -841 */ #define NSSCS_E_NEED_SECURE_CHANNEL 0xFFFFFCB6 /* -842 */ #define NSSCS_E_CONFIG_NOT_SUPPORTED 0xFFFFFCB5 /* -843 */ #define NSSCS_E_STORE_NOT_LOCKED 0xFFFFFCB4 /* -844 */ #define NSSCS_E_TIME_OUT_OF_SYNC 0xFFFFFCB3 /* -845 */ #define NSSCS_E_VERSION_MISMATCH 0xFFFFFCB2 /* -846 */ #define NSSCS_E_SECRET_BUFF_TOO_SHORT 0xFFFFFCB1 /* -847 */ #define NSSCS_E_SH_SECRET_FAILURE 0xFFFFFCB0 /* -848 */ #define NSSCS_E_PARSER_FAILURE 0xFFFFFCAF /* -849 */ #define NSSCS_E_UTF8_OP_FAILURE 0xFFFFFCAE /* -850 */ #define NSSCS_E_CTX_LESS_CN_NOT_UNIQUE 0xFFFFFCAD /* -851 */ #define NSSCS_E_UNSUPPORTED_BIND_CRED 0xFFFFFCAC /* -852 */ #define NSSCS_E_CERTIFICATE_NOT_FOUND 0xFFFFFCAB /* -853 */ #define NSSCS_E_CANT_OPEN_CLIENT_CACHE 0xFFFFFCAA /* -854 */ #define NSSCS_E_WRONG_SH_SEC_TYPE 0xFFFFFCA9 /* -855 */ #define NSSCS_E_NOT_IMPLEMENTED 0xFFFFFC88 /* -888 */ #define NSSCS_E_BETA_EXPIRED 0xFFFFFC7D /* -899 */ /* ######################################################################### ########################### ERROR DESCRIPTIONS ########################## ######################################################################### NSSCS_E_OBJECT_NOT_FOUND -800 Description: Can't find the target object DN in NDS. (Resolve name failed.) NSSCS_E_NICI_FAILURE -801 Description: NICI operations have failed. NSSCS_E_INVALID_SECRET_ID -802 Description: Secret ID is not in the User Secret Store. NSSCS_E_SYSTEM_FAILURE -803 Description: Some internal operating system services have not been available. NSSCS_E_ACCESS_DENIED -804 Description: Access to the target Secret Store has been denied! NSSCS_E_NDS_INTERNAL_FAILURE -805 Description: Some internal NDS services have not been available. NSSCS_E_SECRET_UNINITIALIZED -806 Description: Secret has not been initialized with a write. NSSCS_E_BUFFER_LEN -807 Description: Size of the buffer is not in a nominal range between minimum and maximum. NSSCS_E_INCOMPATIBLE_VERSION -808 Description: Client and server components are not of the compatible versions. NSSCS_E_CORRUPTED_STORE -809 Description: Secret Store data on the server has been corrupted. NSSCS_E_SECRET_ID_EXISTS -810 Description: Secret ID already exists in the Secret Store. NSSCS_E_NDS_PWORD_CHANGED -811 Description: User NDS password has been changed by the administrator. NSSCS_E_INVALID_TARGET_OBJECT -812 Description: Target NDS User object not found. NSSCS_E_STORE_NOT_FOUND -813 Description: Target NDS User object does not have a Secret Store. NSSCS_E_SERVICE_NOT_FOUND -814 Description: Secret Store not on the Network. NSSCS_E_SECRET_ID_TOO_LONG -815 Description: Lenght of the Secret ID buffer exceeds the limit. NSSCS_E_ENUM_BUFF_TOO_SHORT -816 Description: Lenght of the Enumeration buffer too short. NSSCS_E_NOT_AUTHENTICATED -817 Description: User not authenticated. NSSCS_E_NOT_SUPPORTED -818 Description: Not supported operations. NSSCS_E_NDS_PWORD_INVALID -819 Description: Typed in NDS password not valid. NSSCS_E_NICI_OUTOF_SYNC -820 Description: Session keys of the client and server NICI are out of sync. NSSCS_E_SERVICE_NOT_SUPPORTED -821 Description: Requested service not supported yet. NSSCS_E_TOKEN_NOT_SUPPORTED -822 Description: NDS authentication type not supported. NSSCS_E_UNICODE_OP_FAILURE -823 Description: Unicode text conversion operation failed. NSSCS_E_TRANSPORT_FAILURE -824 Description: Connection to server is lost. NSSCS_E_CRYPTO_OP_FAILURE -825 Description: Cryptographic operation failed. NSSCS_E_SERVER_CONN_FAILURE -826 Description: Opening a connection to the server failed. NSSCS_E_CONN_ACCESS_FAILURE -827 Description: Access to server connection failed. NSSCS_E_ENUM_BUFF_TOO_LONG -828 Description: Size of the enumeration buffer exceeds the limit. NSSCS_E_SECRET_BUFF_TOO_LONG -829 Description: Size of the Secret buffer exceeds the limit. NSSCS_E_SECRET_ID_TOO_SHORT -830 Description: Lenght of the Secret ID should be greater than zero. NSSCS_E_CORRUPTED_PACKET_DATA -831 Description: Protocol data corrupted on the wire. NSSCS_E_EP_ACCESS_DENIED -832 Description: EP password validation failed. Access to the secret denied! NSSCS_E_SCHEMA_NOT_EXTENDED -833 Description: Schema is not extended to support SecreStore on the target tree. NSSCS_E_ATTR_NOT_FOUND -834 Description: One of the optional service attributes is not instantiated. NSSCS_E_MIGRATION_NEEDED -835 Description: Server has been upgraded and user SecretStore should be updated. NSSCS_E_MP_PWORD_INVALID -836 Description: Master passwrod could not be verified to read or unlock the secrets. NSSCS_E_MP_PWORD_NOT_SET -837 Description: Master password has not been set on the SecretStore. NSSCS_E_MP_PWORD_NOT_ALLOWED -838 Description: Ability to use master password has been disabled. NSSCS_E_WRONG_REPLICA_TYPE -839 Description: Not a writeable replica of NDS. NSSCS_E_ATTR_VAL_NOT_FOUND -840 Description: Target attrbute is not instantiated in NDS. NSSCS_E_INVALID_PARAM -841 Description: API parameter is not initialized. NSSCS_E_NEED_SECURE_CHANNEL -842 Description: Connection to the SecretStore needs to be over SSL. NSSCS_E_CONFIG_NOT_SUPPORTED -843 Description: No server to support the given override configuration is found. NSSCS_E_STORE_NOT_LOCKED -844 Description: Attempt to unlock SecretStore failed because the store is not locked. NSSCS_E_TIME_OUT_OF_SYNC -845 Description: NDS Replica on the server that holds SecretStore is out of sync with the replica ring. NSSCS_E_VERSION_MISMATCH -846 Description: Versions of the client dlls don't match. NSSCS_E_SECRET_BUFF_TOO_SHORT -847 Description: Buffer supplied for the secret is too short (minimum NSSCS_MIN_IDLIST_BUF_LEN). NSSCS_E_SH_SECRET_FAILURE -848 Description: Shared Secret processing and operations failed. NSSCS_E_PARSER_FAILURE -849 Description: Shared Secret parser operations failed. NSSCS_E_UTF8_OP_FAILURE -850 Description: Utf8 string operations failed. NSSCS_E_CTX_LESS_CN_NOT_UNIQUE -851 Description: Contextless name for LDAP bind does not resolve to a unique DN NSSCS_E_UNSUPPORTED_BIND_CRED -852 Description: login credential for advanced bind is not supported NSSCS_E_CERTIFICATE_NOT_FOUND -853 Description: LDAP Root Cert required for Bind operations not found NSSCS_E_WRONG_SH_SEC_TYPE -855 Description: Unrecognized or unknown shared secret tag. NSSCS_E_NOT_IMPLEMENTED -888 Description: Feature not implemented yet. NSSCS_E_BETA_EXPIRED -899 Description: Product's BETA life has expired! Official release copy should be purchased. ########################### END OFERROR CODES ########################## */ #endif // _SSCS_SDK_H_ // * The following functions will be exposed as exported API: // ************************************************************** // * These function calls will utilize the Support Functions for // * populating or extracting data from a Shared Secret. // ************************************************************** // General API Info: // All strings passed through the API need to be NULL terminated. // // // Parameters: // ssFlags // Sets behaviors desired on the Secret. Set to 0. // // appSecretID (input) - // Name of service requesting credentials. // // sharedSecretID (input) - // The group name is the name of the backend authentication realm, relating a group of services. // Example: Novell.Collaboration (Groupwise, GW address book, GW Notify, and GWIM) // This parameter can be set to NULL, // // credentialType (input) // Type of credential structure used during this call. // Currently we only support one: // SSCS_CRED_TYPE_BASIC_F // // credential // Pointer to the credential structure // // ext // Reserved. // // Abstract: // // Get cache user credentials routine. // // SSCS_EXTERN_LIBCALL(int32_t) miCASAGetCredential ( uint32_t ssFlags, // IN SSCS_SECRET_ID_T * appSecretID, // IN SSCS_SECRET_ID_T * sharedSecretID, // Optional IN int32_t * credentialType, // IN/OUT void * credential, // OUT SSCS_EXT_T * ext // Reserved ); SSCS_EXTERN_LIBCALL(int32_t) miCASASetCredential ( uint32_t ssFlags, // IN SSCS_SECRET_ID_T * appSecretID, // IN SSCS_SECRET_ID_T * sharedSecretID, // Optional IN int32_t credentialType, // IN void * credential, // IN SSCS_EXT_T * ext // Reserved ); SSCS_EXTERN_LIBCALL(int32_t) miCASARemoveCredential ( uint32_t ssFlags, // IN SSCS_SECRET_ID_T * appSecretID, // IN SSCS_SECRET_ID_T * sharedSecretID, // Optional IN SSCS_EXT_T * ext // Reserved ); // end SSCS_EXTERN_LIBCALL(int32_t) miCASAIsSecretPersistent ( uint32_t ssFlags, SSCS_SECRET_ID_T *secretID, SSCS_EXT_T *ext ); #if defined(__cplusplus) || defined(c_plusplus) } #endif