430 lines
15 KiB
C
430 lines
15 KiB
C
/***********************************************************************
|
|
*
|
|
* Copyright (C) 2005-2006 Novell, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; version 2.1
|
|
* of the License.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Library General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free
|
|
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
*
|
|
* To contact Novell about this file by physical or electronic mail,
|
|
* you may find current contact information at www.novell.com.
|
|
*
|
|
***********************************************************************/
|
|
|
|
|
|
/***************************************************************************
|
|
* This is the Managed IDK for collaborating suite of applications
|
|
***************************************************************************/
|
|
|
|
#ifndef _MICASA_MANAGED_H_
|
|
#define _MICASA_MANAGED_H_
|
|
|
|
#if defined(__cplusplus) || defined(c_plusplus)
|
|
extern "C"
|
|
{
|
|
#endif
|
|
|
|
#include <micasa_types.h>
|
|
|
|
/***************************************************************************
|
|
*** All strings are length preceeded and the lengths include the NULL.
|
|
***************************************************************************/
|
|
|
|
#ifndef _SSUTF8_H_
|
|
/* defining the utf8 for SSCS */
|
|
typedef unsigned char SS_UTF8_T;
|
|
#endif
|
|
|
|
#define NSSCS_MAX_USERID_LEN 256 //* max username (bytes)
|
|
#define NSSCS_MAX_PWORD_LEN 128 //* max password (bytes)
|
|
#define NSSCS_MAX_SECRET_ID_LEN 512 //* in bytes including NULL
|
|
|
|
// used to denote what structure is being used for the credentials
|
|
#define SSCS_CRED_TYPE_BASIC_F 0x00000001L
|
|
#define SSCS_CRED_TYPE_BINARY_F 0x00000002L
|
|
|
|
// used to denote the type of username being requested or set
|
|
#define USERNAME_TYPE_CN_F 0x00000000L // default behavior
|
|
#define USERNAME_TYPE_NDS_DN_F 0x00000001L
|
|
#define USERNAME_TYPE_NDS_FDN_F 0x00000002L
|
|
#define USERNAME_TYPE_LDAP_DN_F 0x00000004L
|
|
#define USERNAME_TYPE_EMAIL_F 0x00000008L
|
|
#define USERNAME_TYPE_OTHER_F 0x00000010L
|
|
|
|
typedef struct _sscs_secret_id
|
|
{
|
|
uint32_t len; // max id len in bytes
|
|
SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN]; // * should be passed in # of chars
|
|
} SSCS_SECRET_ID_T;
|
|
|
|
|
|
typedef struct _sscs_basic_credential
|
|
{
|
|
uint32_t unFlags;
|
|
uint32_t unLen;
|
|
SS_UTF8_T username[NSSCS_MAX_USERID_LEN];
|
|
uint32_t pwordLen;
|
|
SS_UTF8_T password[NSSCS_MAX_PWORD_LEN];
|
|
} SSCS_BASIC_CREDENTIAL;
|
|
|
|
|
|
typedef struct _sscs_binary_credential
|
|
{
|
|
uint32_t idLen;
|
|
SS_UTF8_T id[NSSCS_MAX_SECRET_ID_LEN];
|
|
uint32_t *dataLen;
|
|
uint8_t *data;
|
|
} SSCS_BINARY_CREDENTIAL;
|
|
|
|
typedef struct _sscs_ext_t
|
|
{
|
|
int32_t extID; // defined to identify the extension
|
|
int32_t version; // defined as the version of the specified extension
|
|
void *ext; // points to the actual extension
|
|
} SSCS_EXT_T;
|
|
|
|
/* ####################################################################### */
|
|
/* ############################## ERROR CODES ############################ */
|
|
/* ####################################################################### */
|
|
|
|
#define NSSCS_SUCCESS 0x00000000 /* 0 */
|
|
#define NSSCS_E_OBJECT_NOT_FOUND 0xFFFFFCE0 /* -800 */
|
|
#define NSSCS_E_NICI_FAILURE 0xFFFFFCDF /* -801 */
|
|
#define NSSCS_E_INVALID_SECRET_ID 0xFFFFFCDE /* -802 */
|
|
#define NSSCS_E_SYSTEM_FAILURE 0xFFFFFCDD /* -803 */
|
|
#define NSSCS_E_ACCESS_DENIED 0xFFFFFCDC /* -804 */
|
|
#define NSSCS_E_NDS_INTERNAL_FAILURE 0xFFFFFCDB /* -805 */
|
|
#define NSSCS_E_SECRET_UNINITIALIZED 0xFFFFFCDA /* -806 */
|
|
#define NSSCS_E_BUFFER_LEN 0xFFFFFCD9 /* -807 */
|
|
#define NSSCS_E_INCOMPATIBLE_VERSION 0xFFFFFCD8 /* -808 */
|
|
#define NSSCS_E_CORRUPTED_STORE 0xFFFFFCD7 /* -809 */
|
|
#define NSSCS_E_SECRET_ID_EXISTS 0xFFFFFCD6 /* -810 */
|
|
#define NSSCS_E_NDS_PWORD_CHANGED 0xFFFFFCD5 /* -811 */
|
|
#define NSSCS_E_INVALID_TARGET_OBJECT 0xFFFFFCD4 /* -812 */
|
|
#define NSSCS_E_STORE_NOT_FOUND 0xFFFFFCD3 /* -813 */
|
|
#define NSSCS_E_SERVICE_NOT_FOUND 0xFFFFFCD2 /* -814 */
|
|
#define NSSCS_E_SECRET_ID_TOO_LONG 0xFFFFFCD1 /* -815 */
|
|
#define NSSCS_E_ENUM_BUFF_TOO_SHORT 0xFFFFFCD0 /* -816 */
|
|
#define NSSCS_E_NOT_AUTHENTICATED 0xFFFFFCCF /* -817 */
|
|
#define NSSCS_E_NOT_SUPPORTED 0xFFFFFCCE /* -818 */
|
|
#define NSSCS_E_NDS_PWORD_INVALID 0xFFFFFCCD /* -819 */
|
|
#define NSSCS_E_NICI_OUTOF_SYNC 0xFFFFFCCC /* -820 */
|
|
#define NSSCS_E_SERVICE_NOT_SUPPORTED 0xFFFFFCCB /* -821 */
|
|
#define NSSCS_E_TOKEN_NOT_SUPPORTED 0xFFFFFCCA /* -822 */
|
|
#define NSSCS_E_UNICODE_OP_FAILURE 0xFFFFFCC9 /* -823 */
|
|
#define NSSCS_E_TRANSPORT_FAILURE 0xFFFFFCC8 /* -824 */
|
|
#define NSSCS_E_CRYPTO_OP_FAILURE 0xFFFFFCC7 /* -825 */
|
|
#define NSSCS_E_SERVER_CONN_FAILURE 0xFFFFFCC6 /* -826 */
|
|
#define NSSCS_E_CONN_ACCESS_FAILURE 0xFFFFFCC5 /* -827 */
|
|
#define NSSCS_E_ENUM_BUFF_TOO_LONG 0xFFFFFCC4 /* -828 */
|
|
#define NSSCS_E_SECRET_BUFF_TOO_LONG 0xFFFFFCC3 /* -829 */
|
|
#define NSSCS_E_SECRET_ID_TOO_SHORT 0xFFFFFCC2 /* -830 */
|
|
#define NSSCS_E_CORRUPTED_PACKET_DATA 0xFFFFFCC1 /* -831 */
|
|
#define NSSCS_E_EP_ACCESS_DENIED 0xFFFFFCC0 /* -832 */
|
|
#define NSSCS_E_SCHEMA_NOT_EXTENDED 0xFFFFFCBF /* -833 */
|
|
#define NSSCS_E_ATTR_NOT_FOUND 0xFFFFFCBE /* -834 */
|
|
#define NSSCS_E_MIGRATION_NEEDED 0xFFFFFCBD /* -835 */
|
|
#define NSSCS_E_MP_PWORD_INVALID 0xFFFFFCBC /* -836 */
|
|
#define NSSCS_E_MP_PWORD_NOT_SET 0xFFFFFCBB /* -837 */
|
|
#define NSSCS_E_MP_PWORD_NOT_ALLOWED 0xFFFFFCBA /* -838 */
|
|
#define NSSCS_E_WRONG_REPLICA_TYPE 0xFFFFFCB9 /* -839 */
|
|
#define NSSCS_E_ATTR_VAL_NOT_FOUND 0xFFFFFCB8 /* -840 */
|
|
#define NSSCS_E_INVALID_PARAM 0xFFFFFCB7 /* -841 */
|
|
#define NSSCS_E_NEED_SECURE_CHANNEL 0xFFFFFCB6 /* -842 */
|
|
#define NSSCS_E_CONFIG_NOT_SUPPORTED 0xFFFFFCB5 /* -843 */
|
|
#define NSSCS_E_STORE_NOT_LOCKED 0xFFFFFCB4 /* -844 */
|
|
#define NSSCS_E_TIME_OUT_OF_SYNC 0xFFFFFCB3 /* -845 */
|
|
#define NSSCS_E_VERSION_MISMATCH 0xFFFFFCB2 /* -846 */
|
|
#define NSSCS_E_SECRET_BUFF_TOO_SHORT 0xFFFFFCB1 /* -847 */
|
|
#define NSSCS_E_SH_SECRET_FAILURE 0xFFFFFCB0 /* -848 */
|
|
#define NSSCS_E_PARSER_FAILURE 0xFFFFFCAF /* -849 */
|
|
#define NSSCS_E_UTF8_OP_FAILURE 0xFFFFFCAE /* -850 */
|
|
#define NSSCS_E_CTX_LESS_CN_NOT_UNIQUE 0xFFFFFCAD /* -851 */
|
|
#define NSSCS_E_UNSUPPORTED_BIND_CRED 0xFFFFFCAC /* -852 */
|
|
#define NSSCS_E_CERTIFICATE_NOT_FOUND 0xFFFFFCAB /* -853 */
|
|
#define NSSCS_E_CANT_OPEN_CLIENT_CACHE 0xFFFFFCAA /* -854 */
|
|
#define NSSCS_E_WRONG_SH_SEC_TYPE 0xFFFFFCA9 /* -855 */
|
|
|
|
#define NSSCS_E_NOT_IMPLEMENTED 0xFFFFFC88 /* -888 */
|
|
#define NSSCS_E_BETA_EXPIRED 0xFFFFFC7D /* -899 */
|
|
|
|
|
|
/* #########################################################################
|
|
########################### ERROR DESCRIPTIONS ##########################
|
|
#########################################################################
|
|
|
|
NSSCS_E_OBJECT_NOT_FOUND -800
|
|
Description: Can't find the target object DN in NDS. (Resolve name failed.)
|
|
|
|
NSSCS_E_NICI_FAILURE -801
|
|
Description: NICI operations have failed.
|
|
|
|
NSSCS_E_INVALID_SECRET_ID -802
|
|
Description: Secret ID is not in the User Secret Store.
|
|
|
|
NSSCS_E_SYSTEM_FAILURE -803
|
|
Description: Some internal operating system services have not been available.
|
|
|
|
NSSCS_E_ACCESS_DENIED -804
|
|
Description: Access to the target Secret Store has been denied!
|
|
|
|
NSSCS_E_NDS_INTERNAL_FAILURE -805
|
|
Description: Some internal NDS services have not been available.
|
|
|
|
NSSCS_E_SECRET_UNINITIALIZED -806
|
|
Description: Secret has not been initialized with a write.
|
|
|
|
NSSCS_E_BUFFER_LEN -807
|
|
Description: Size of the buffer is not in a nominal range between minimum and maximum.
|
|
|
|
NSSCS_E_INCOMPATIBLE_VERSION -808
|
|
Description: Client and server components are not of the compatible versions.
|
|
|
|
NSSCS_E_CORRUPTED_STORE -809
|
|
Description: Secret Store data on the server has been corrupted.
|
|
|
|
NSSCS_E_SECRET_ID_EXISTS -810
|
|
Description: Secret ID already exists in the Secret Store.
|
|
|
|
NSSCS_E_NDS_PWORD_CHANGED -811
|
|
Description: User NDS password has been changed by the administrator.
|
|
|
|
NSSCS_E_INVALID_TARGET_OBJECT -812
|
|
Description: Target NDS User object not found.
|
|
|
|
NSSCS_E_STORE_NOT_FOUND -813
|
|
Description: Target NDS User object does not have a Secret Store.
|
|
|
|
NSSCS_E_SERVICE_NOT_FOUND -814
|
|
Description: Secret Store not on the Network.
|
|
|
|
NSSCS_E_SECRET_ID_TOO_LONG -815
|
|
Description: Lenght of the Secret ID buffer exceeds the limit.
|
|
|
|
NSSCS_E_ENUM_BUFF_TOO_SHORT -816
|
|
Description: Lenght of the Enumeration buffer too short.
|
|
|
|
NSSCS_E_NOT_AUTHENTICATED -817
|
|
Description: User not authenticated.
|
|
|
|
NSSCS_E_NOT_SUPPORTED -818
|
|
Description: Not supported operations.
|
|
|
|
NSSCS_E_NDS_PWORD_INVALID -819
|
|
Description: Typed in NDS password not valid.
|
|
|
|
NSSCS_E_NICI_OUTOF_SYNC -820
|
|
Description: Session keys of the client and server NICI are out of sync.
|
|
|
|
NSSCS_E_SERVICE_NOT_SUPPORTED -821
|
|
Description: Requested service not supported yet.
|
|
|
|
NSSCS_E_TOKEN_NOT_SUPPORTED -822
|
|
Description: NDS authentication type not supported.
|
|
|
|
NSSCS_E_UNICODE_OP_FAILURE -823
|
|
Description: Unicode text conversion operation failed.
|
|
|
|
NSSCS_E_TRANSPORT_FAILURE -824
|
|
Description: Connection to server is lost.
|
|
|
|
NSSCS_E_CRYPTO_OP_FAILURE -825
|
|
Description: Cryptographic operation failed.
|
|
|
|
NSSCS_E_SERVER_CONN_FAILURE -826
|
|
Description: Opening a connection to the server failed.
|
|
|
|
NSSCS_E_CONN_ACCESS_FAILURE -827
|
|
Description: Access to server connection failed.
|
|
|
|
NSSCS_E_ENUM_BUFF_TOO_LONG -828
|
|
Description: Size of the enumeration buffer exceeds the limit.
|
|
|
|
NSSCS_E_SECRET_BUFF_TOO_LONG -829
|
|
Description: Size of the Secret buffer exceeds the limit.
|
|
|
|
NSSCS_E_SECRET_ID_TOO_SHORT -830
|
|
Description: Lenght of the Secret ID should be greater than zero.
|
|
|
|
NSSCS_E_CORRUPTED_PACKET_DATA -831
|
|
Description: Protocol data corrupted on the wire.
|
|
|
|
NSSCS_E_EP_ACCESS_DENIED -832
|
|
Description: EP password validation failed. Access to the secret denied!
|
|
|
|
NSSCS_E_SCHEMA_NOT_EXTENDED -833
|
|
Description: Schema is not extended to support SecreStore on the target tree.
|
|
|
|
NSSCS_E_ATTR_NOT_FOUND -834
|
|
Description: One of the optional service attributes is not instantiated.
|
|
|
|
NSSCS_E_MIGRATION_NEEDED -835
|
|
Description: Server has been upgraded and user SecretStore should be updated.
|
|
|
|
NSSCS_E_MP_PWORD_INVALID -836
|
|
Description: Master passwrod could not be verified to read or unlock the secrets.
|
|
|
|
NSSCS_E_MP_PWORD_NOT_SET -837
|
|
Description: Master password has not been set on the SecretStore.
|
|
|
|
NSSCS_E_MP_PWORD_NOT_ALLOWED -838
|
|
Description: Ability to use master password has been disabled.
|
|
|
|
NSSCS_E_WRONG_REPLICA_TYPE -839
|
|
Description: Not a writeable replica of NDS.
|
|
|
|
NSSCS_E_ATTR_VAL_NOT_FOUND -840
|
|
Description: Target attrbute is not instantiated in NDS.
|
|
|
|
NSSCS_E_INVALID_PARAM -841
|
|
Description: API parameter is not initialized.
|
|
|
|
NSSCS_E_NEED_SECURE_CHANNEL -842
|
|
Description: Connection to the SecretStore needs to be over SSL.
|
|
|
|
NSSCS_E_CONFIG_NOT_SUPPORTED -843
|
|
Description: No server to support the given override configuration is found.
|
|
|
|
NSSCS_E_STORE_NOT_LOCKED -844
|
|
Description: Attempt to unlock SecretStore failed because the store is not locked.
|
|
|
|
NSSCS_E_TIME_OUT_OF_SYNC -845
|
|
Description: NDS Replica on the server that holds SecretStore is out of sync with the replica ring.
|
|
|
|
NSSCS_E_VERSION_MISMATCH -846
|
|
Description: Versions of the client dlls don't match.
|
|
|
|
NSSCS_E_SECRET_BUFF_TOO_SHORT -847
|
|
Description: Buffer supplied for the secret is too short (minimum NSSCS_MIN_IDLIST_BUF_LEN).
|
|
|
|
NSSCS_E_SH_SECRET_FAILURE -848
|
|
Description: Shared Secret processing and operations failed.
|
|
|
|
NSSCS_E_PARSER_FAILURE -849
|
|
Description: Shared Secret parser operations failed.
|
|
|
|
NSSCS_E_UTF8_OP_FAILURE -850
|
|
Description: Utf8 string operations failed.
|
|
|
|
NSSCS_E_CTX_LESS_CN_NOT_UNIQUE -851
|
|
Description: Contextless name for LDAP bind does not resolve to a unique DN
|
|
|
|
NSSCS_E_UNSUPPORTED_BIND_CRED -852
|
|
Description: login credential for advanced bind is not supported
|
|
|
|
NSSCS_E_CERTIFICATE_NOT_FOUND -853
|
|
Description: LDAP Root Cert required for Bind operations not found
|
|
|
|
NSSCS_E_WRONG_SH_SEC_TYPE -855
|
|
Description: Unrecognized or unknown shared secret tag.
|
|
|
|
|
|
NSSCS_E_NOT_IMPLEMENTED -888
|
|
Description: Feature not implemented yet.
|
|
|
|
NSSCS_E_BETA_EXPIRED -899
|
|
Description: Product's BETA life has expired! Official release copy should be
|
|
purchased.
|
|
|
|
|
|
|
|
########################### END OFERROR CODES ########################## */
|
|
|
|
#endif // _SSCS_SDK_H_
|
|
|
|
|
|
// * The following functions will be exposed as exported API:
|
|
// **************************************************************
|
|
// * These function calls will utilize the Support Functions for
|
|
// * populating or extracting data from a Shared Secret.
|
|
// **************************************************************
|
|
|
|
// General API Info:
|
|
// All strings passed through the API need to be NULL terminated.
|
|
//
|
|
//
|
|
// Parameters:
|
|
// ssFlags
|
|
// Sets behaviors desired on the Secret. Set to 0.
|
|
//
|
|
// appSecretID (input) -
|
|
// Name of service requesting credentials.
|
|
//
|
|
// sharedSecretID (input) -
|
|
// The group name is the name of the backend authentication realm, relating a group of services.
|
|
// Example: Novell.Collaboration (Groupwise, GW address book, GW Notify, and GWIM)
|
|
// This parameter can be set to NULL,
|
|
//
|
|
// credentialType (input)
|
|
// Type of credential structure used during this call.
|
|
// Currently we only support one:
|
|
// SSCS_CRED_TYPE_BASIC_F
|
|
//
|
|
// credential
|
|
// Pointer to the credential structure
|
|
//
|
|
// ext
|
|
// Reserved.
|
|
//
|
|
// Abstract:
|
|
//
|
|
// Get cache user credentials routine.
|
|
//
|
|
//
|
|
|
|
SSCS_EXTERN_LIBCALL(int32_t)
|
|
miCASAGetCredential
|
|
(
|
|
uint32_t ssFlags, // IN
|
|
SSCS_SECRET_ID_T * appSecretID, // IN
|
|
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
|
|
uint32_t * credentialType, // IN/OUT
|
|
void * credential, // OUT
|
|
SSCS_EXT_T * ext // Reserved
|
|
);
|
|
|
|
SSCS_EXTERN_LIBCALL(int32_t)
|
|
miCASASetCredential
|
|
(
|
|
uint32_t ssFlags, // IN
|
|
SSCS_SECRET_ID_T * appSecretID, // IN
|
|
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
|
|
uint32_t credentialType, // IN
|
|
void * credential, // IN
|
|
SSCS_EXT_T * ext // Reserved
|
|
);
|
|
|
|
SSCS_EXTERN_LIBCALL(int32_t)
|
|
miCASARemoveCredential
|
|
(
|
|
uint32_t ssFlags, // IN
|
|
SSCS_SECRET_ID_T * appSecretID, // IN
|
|
SSCS_SECRET_ID_T * sharedSecretID, // Optional IN
|
|
SSCS_EXT_T * ext // Reserved
|
|
);
|
|
|
|
// end
|
|
SSCS_EXTERN_LIBCALL(int32_t)
|
|
miCASAIsSecretPersistent
|
|
(
|
|
uint32_t ssFlags,
|
|
SSCS_SECRET_ID_T *secretID,
|
|
SSCS_EXT_T *ext
|
|
);
|
|
|
|
#if defined(__cplusplus) || defined(c_plusplus)
|
|
}
|
|
#endif
|
|
|
|
|