2 * Protocol descriptions for core RXGK structures and RPCs.
8 /* constants for RXGK RPC numbers */
9 #define RXGK_GSSNEGOTIATE 1
10 #define RXGK_COMBINETOKENS 2
11 #define RXGK_AFSCOMBINETOKENS 3
13 /* RPC-L from draft-wilkinson-afs3-rxgk */
17 typedef afs_int64 rxgkTime;
19 /* key usage values */
20 const RXGK_CLIENT_ENC_PACKET = 1026;
21 const RXGK_CLIENT_MIC_PACKET = 1027;
22 const RXGK_SERVER_ENC_PACKET = 1028;
23 const RXGK_SERVER_MIC_PACKET = 1029;
24 const RXGK_CLIENT_ENC_RESPONSE = 1030;
25 const RXGK_SERVER_ENC_TOKEN = 1036;
33 /* RXGK_LEVEL_BOGUS is an invalid level we only use internally for objects
34 * that are not yet initialized. This can be used to make sure we don't
35 * accidentally treat an uninitialized context as an RXGK_LEVEL_CLEAR
36 * connection. This level should never be used on the wire. */
40 /* limits for variable-length arrays */
41 const RXGK_MAXENCTYPES = 255;
42 const RXGK_MAXLEVELS = 255;
43 const RXGK_MAXMIC = 1024;
44 const RXGK_MAXNONCE = 1024;
45 const RXGK_MAXDATA = 1048576;
47 typedef afs_int32 RXGK_Enctypes<RXGK_MAXENCTYPES>;
48 typedef opaque RXGK_Data<RXGK_MAXDATA>;
50 /* Begin definitions for RXGK_GSSNegotiate. */
52 struct RXGK_StartParams {
53 RXGK_Enctypes enctypes;
54 RXGK_Level levels<RXGK_MAXLEVELS>;
57 opaque client_nonce<RXGK_MAXNONCE>;
60 struct RXGK_ClientInfo {
67 opaque mic<RXGK_MAXMIC>;
69 opaque server_nonce<RXGK_MAXNONCE>;
72 GSSNegotiate(IN RXGK_StartParams *client_start,
73 IN RXGK_Data *input_token_buffer,
74 IN RXGK_Data *opaque_in,
75 OUT RXGK_Data *output_token_buffer,
76 OUT RXGK_Data *opaque_out,
77 OUT afs_uint32 *gss_major_status,
78 OUT afs_uint32 *gss_minor_status,
79 OUT RXGK_Data *rxgk_info) = RXGK_GSSNEGOTIATE;
81 /* Begin definitions for RXGK_CombineTokens. */
83 struct RXGK_CombineOptions {
84 RXGK_Enctypes enctypes;
85 RXGK_Level levels<RXGK_MAXLEVELS>;
88 struct RXGK_TokenInfo {
96 CombineTokens(IN RXGK_Data *token0, IN RXGK_Data *token1,
97 IN RXGK_CombineOptions *options,
98 OUT RXGK_Data *new_token,
99 OUT RXGK_TokenInfo *info) = RXGK_COMBINETOKENS;
101 /* Begin definitions for security class operation. */
103 const RXGK_CHALLENGE_NONCE_LEN = 20;
105 /* RX challenge and response structures */
106 struct RXGK_Challenge {
107 opaque nonce[RXGK_CHALLENGE_NONCE_LEN];
109 const RXGK_MAXAUTHENTICATOR = 1416; /* better fit in a packet! */
110 struct RXGK_Response {
113 opaque authenticator<RXGK_MAXAUTHENTICATOR>;
116 struct RXGK_Authenticator {
117 opaque nonce[RXGK_CHALLENGE_NONCE_LEN];
122 afs_uint32 call_numbers<>;
125 /* RPC-L from draft-brashear-afs3-pts-extended-names-09 (final). */
127 #define AUTHDATAMAX 2048
128 #define AUTHPRINTABLEMAX 2048
131 opaque data<AUTHDATAMAX>;
132 opaque display<AUTHPRINTABLEMAX>;
135 /* PrAuthName 'kind' values */
136 const PRAUTHTYPE_KRB4 = 1;
137 const PRAUTHTYPE_GSS = 2;
139 /* RPC-L from draft-wilkinson-afs3-rxgk-afs. */
141 const RXGK_NEVERDATE = 0;
143 /* Begin authenticator appdata definition. */
145 struct RXGK_Authenticator_AFSAppData {
153 /* Begin token definitions. */
155 struct RXGK_TokenContainer {
158 opaque encrypted_token<>;
166 rxgkTime expirationtime;
167 struct PrAuthName identities<>;
170 /* Begin definitions for AFSCombineTokens. */
172 AFSCombineTokens(IN RXGK_Data *user_tok,
173 IN RXGK_Data *cm_tok,
174 IN RXGK_CombineOptions *options,
175 IN afsUUID destination,
176 OUT RXGK_Data *new_token,
177 OUT RXGK_TokenInfo *token_info) = RXGK_AFSCOMBINETOKENS;