summaryrefslogtreecommitdiff
path: root/librpc/idl/schannel.idl
blob: d9b230d70bfa93d9c42df54264e9b803196b8000 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#include "idl_types.h"

/*
  schannel structures
*/

import "netlogon.idl", "nbt.idl";

[
	pointer_default(unique),
	helper("../librpc/ndr/ndr_schannel.h")
]
interface schannel
{
	/*
	  a schannel bind blob - used in dcerpc auth_info
	  on a schannel
	*/
	typedef struct {
		astring domain;
		astring workstation;
	} schannel_bind_3;

	typedef struct {
		astring domain;
		astring workstation;
		nbt_string dnsdomain;
		nbt_string dnsworkstation;
	} schannel_bind_23;

	typedef [nodiscriminant] union {
		[case (3)]  schannel_bind_3  info3;
		[case (23)] schannel_bind_23 info23;
	} schannel_bind_info;

	typedef [public] struct {
		uint32 unknown1; /* seems to need to be 0 */
		uint32 bind_type;
		[switch_is(bind_type)] schannel_bind_info u;
	} schannel_bind;

	/* a bind_ack blob */
	typedef [public] struct {
		uint32 unknown1; /* 1 */
		uint32 unknown2; /* 0 */
		uint32 unknown3; /* 0x006c0000 */
	} schannel_bind_ack;

	/* this structure is used internally in the NETLOGON server */

	typedef [public,flag(NDR_PAHEX)] struct {
		netr_NegotiateFlags negotiate_flags;
		uint8 session_key[16];
		uint32 sequence;
		netr_Credential seed;
		netr_Credential client;
		netr_Credential server;
		netr_SchannelType secure_channel_type;
		[string,charset(UTF8)] uint8 computer_name[];
		[string,charset(UTF8)] uint8 account_name[];
		dom_sid *sid;
	} netlogon_creds_CredentialState;

	/* MS-NRPC 2.2.1.3.1 NL_AUTH_MESSAGE */

	typedef [v1_enum] enum {
		NL_NEGOTIATE_REQUEST	= 0x00000000,
		NL_NEGOTIATE_RESPONSE	= 0x00000001
	} NL_AUTH_MESSAGE_TYPE;

	typedef [bitmap32bit] bitmap {
		NL_FLAG_OEM_NETBIOS_DOMAIN_NAME		= 0x00000001,
		NL_FLAG_OEM_NETBIOS_COMPUTER_NAME	= 0x00000002,
		NL_FLAG_UTF8_DNS_DOMAIN_NAME		= 0x00000004,
		NL_FLAG_UTF8_DNS_HOST_NAME		= 0x00000008,
		NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME	= 0x00000010
	} NL_AUTH_MESSAGE_FLAGS;

	typedef [public,nodiscriminant,noprint] union {
		[case (NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)]	astring	 a;
		[case (NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)]	astring	 a;
		[case (NL_FLAG_UTF8_DNS_DOMAIN_NAME)]		nbt_string u;
		[case (NL_FLAG_UTF8_DNS_HOST_NAME)]		nbt_string u;
		[case (NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)]	nbt_string u;
		[default]					;
	} NL_AUTH_MESSAGE_BUFFER;

	typedef [public,nodiscriminant,noprint] union {
		[case (NL_NEGOTIATE_RESPONSE)]			uint32 dummy;
		[default]					;
	} NL_AUTH_MESSAGE_BUFFER_REPLY;

	typedef [public,flag(NDR_PAHEX)] struct {
		NL_AUTH_MESSAGE_TYPE MessageType;
		NL_AUTH_MESSAGE_FLAGS Flags;
		[switch_is(Flags & NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)]	NL_AUTH_MESSAGE_BUFFER oem_netbios_domain;
		[switch_is(Flags & NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)]	NL_AUTH_MESSAGE_BUFFER oem_netbios_computer;
		[switch_is(Flags & NL_FLAG_UTF8_DNS_DOMAIN_NAME)]	NL_AUTH_MESSAGE_BUFFER utf8_dns_domain;
		[switch_is(Flags & NL_FLAG_UTF8_DNS_HOST_NAME)]		NL_AUTH_MESSAGE_BUFFER utf8_dns_host;
		[switch_is(Flags & NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)]	NL_AUTH_MESSAGE_BUFFER utf8_netbios_computer;
		[switch_is(MessageType & NL_NEGOTIATE_RESPONSE)]	NL_AUTH_MESSAGE_BUFFER_REPLY Buffer;
	} NL_AUTH_MESSAGE;

	/* MS-NRPC 2.2.1.3.2 NL_AUTH_SIGNATURE */

	typedef enum {
		NL_SIGN_HMAC_SHA256	= 0x0013,
		NL_SIGN_HMAC_MD5	= 0x0077
	} NL_SIGNATURE_ALGORITHM;

	typedef enum {
		NL_SEAL_AES128		= 0x001A,
		NL_SEAL_RC4		= 0x007A,
		NL_SEAL_NONE		= 0xFFFF
	} NL_SEAL_ALGORITHM;

	typedef [public,flag(NDR_PAHEX)] struct {
		[value(NL_SIGN_HMAC_MD5)] NL_SIGNATURE_ALGORITHM SignatureAlgorithm;
		NL_SEAL_ALGORITHM SealAlgorithm;
		uint16 Pad;
		uint16 Flags;
		uint8 SequenceNumber[8];
		uint8 Checksum[8];
		uint8 Confounder[8];
	} NL_AUTH_SIGNATURE;

	/* MS-NRPC 2.2.1.3.3 NL_AUTH_SHA2_SIGNATURE */

	typedef [public,flag(NDR_PAHEX)] struct {
		[value(NL_SIGN_HMAC_SHA256)] NL_SIGNATURE_ALGORITHM SignatureAlgorithm;
		NL_SEAL_ALGORITHM SealAlgorithm;
		uint16 Pad;
		uint16 Flags;
		uint8 SequenceNumber[8];
		uint8 Checksum[32];
		uint8 Confounder[8];
	} NL_AUTH_SHA2_SIGNATURE;
}