1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
|
//File: SECIOP.idl
//Part of the Security Service
// Note: if your IDL compiler does not yet support the
// "long long" data type, compile this module with the
// preprocessor definition "NOLONGLONG". With many
// compilers this would be done with a qualifier on
// the command line, something like -DNOLONGLONG
#ifndef _SECIOP_IDL_
#define _SECIOP_IDL
// omniORB specific pragmas to insert extra includes into the stub header.
#pragma hh #include "COS_sysdep.h"
#include <IOP.idl>
#include <Security.idl>
#pragma prefix "omg.org"
module SECIOP {
const IOP::ComponentId TAG_GENERIC_SEC_MECH = 12;
const IOP::ComponentId TAG_ASSOCIATION_OPTIONS = 13;
const IOP::ComponentId TAG_SEC_NAME = 14;
struct TargetAssociationOptions{
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
};
struct GenericMechanismInfo {
sequence <octet> security_mechanism_type;
sequence <octet> mech_specific_data;
sequence <IOP::TaggedComponent> components;
};
enum MsgType {
MTEstablishContext,
MTCompleteEstablishContext,
MTContinueEstablishContext,
MTDiscardContext,
MTMessageError,
MTMessageInContext
};
#ifdef NOLONGLONG
struct ulonglong {
unsigned long low;
unsigned long high;
};
typedef ulonglong ContextId;
#else
typedef unsigned long long ContextId;
#endif
enum ContextIdDefn {
CIDClient,
CIDPeer,
CIDSender
};
struct EstablishContext {
ContextId client_context_id;
sequence <octet> initial_context_token;
};
struct CompleteEstablishContext {
ContextId client_context_id;
boolean target_context_id_valid;
ContextId target_context_id;
sequence <octet> final_context_token;
};
struct ContinueEstablishContext {
ContextId client_context_id;
sequence <octet> continuation_context_token;
};
struct DiscardContext {
ContextIdDefn message_context_id_defn;
ContextId message_context_id;
sequence <octet> discard_context_token;
};
struct MessageError {
ContextIdDefn message_context_id_defn;
ContextId message_context_id;
long major_status;
long minor_status;
};
enum ContextTokenType {
SecTokenTypeWrap,
SecTokenTypeMIC
};
struct MessageInContext {
ContextIdDefn message_context_id_defn;
ContextId message_context_id;
ContextTokenType message_context_type;
sequence <octet> message_protection_token;
};
// messsage_protection_token is obtained by CDR encoding
// the SequencingHeader followed by the octets of the
// frame data. Sequencingheader + Frame Data is called a
// SequencedDataFrame
struct SequencingHeader {
octet control_state;
unsigned long direct_sequence_number;
unsigned long reverse_sequence_number;
unsigned long reverse_window;
};
typedef sequence <octet> SecurityName;
typedef unsigned short CryptographicProfile;
typedef sequence <CryptographicProfile> CryptographicProfileList;
// Cryptographic profiles for SPKM
const CryptographicProfile MD5_RSA = 20;
const CryptographicProfile MD5_DES_CBC = 21;
const CryptographicProfile DES_CBC = 22;
const CryptographicProfile MD5_DES_CBC_SOURCE = 23;
const CryptographicProfile DES_CBC_SOURCE = 24;
// Security Mechanism SPKM_1
const IOP::ComponentId TAG_SPKM_1_SEC_MECH = 15;
struct SPKM_1 {
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
CryptographicProfileList crypto_profile;
SecurityName security_name;
};
// Security Mechanism SPKM_2
const IOP::ComponentId TAG_SPKM_2_SEC_MECH = 16;
struct SPKM_2 {
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
CryptographicProfileList crypto_profile;
SecurityName security_name;
};
// Cryptographic profiles for GSS Kerberos Protocol
const CryptographicProfile DES_CBC_DES_MAC = 10;
const CryptographicProfile DES_CBC_MD5 = 11;
const CryptographicProfile DES_MAC = 12;
const CryptographicProfile MD5 = 13;
// Security Mechanism KerberosV5
const IOP::ComponentId TAG_KerberosV5_SEC_MECH = 17;
struct KerberosV5 {
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
CryptographicProfileList crypto_profile;
SecurityName security_name;
};
// Cryptographic profiles for CSI-ECMA Protocol
const CryptographicProfile FullSecurity = 1;
const CryptographicProfile NoDataConfidentiality = 2;
const CryptographicProfile LowGradeConfidentiality = 3;
const CryptographicProfile AgreedDefault = 5;
// Security Mechanism CSI_ECMA_Secret
const IOP::ComponentId TAG_CSI_ECMA_Secret_SEC_MECH = 18;
struct CSI_ECMA_Secret {
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
CryptographicProfileList crypto_profile;
SecurityName security_name;
};
// Security Mechanism CSI_ECMA_Hybrid
const IOP::ComponentId TAG_CSI_ECMA_Hybrid_SEC_MECH = 19;
struct CSI_ECMA_Hybrid {
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
CryptographicProfileList crypto_profile;
SecurityName security_name;
};
// Security Mechanism CSI_ECMA_Public
const IOP::ComponentId TAG_CSI_ECMA_Public_SEC_MECH = 21;
struct CSI_ECMA_Public {
Security::AssociationOptions target_supports;
Security::AssociationOptions target_requires;
CryptographicProfileList crypto_profile;
SecurityName security_name;
};
};
#endif /* _SECIOP_IDL */
|
