schannel: add NL_AUTH_MESSAGE and both NL_AUTH_SIGNATURE structs.

These actually belong netlogon but we for now want to keep netlogon as a security
providor separate.

Guenther

1 files changed, 73 insertions, 0 deletions

diff --git a/librpc/idl/schannel.idl b/librpc/idl/schannel.idl
index 68d92e5f4ec..c3bf3aaeef5 100644
--- a/librpc/idl/schannel.idl
+++ b/librpc/idl/schannel.idl
@@ -6,6 +6,10 @@
 
 import "netlogon.idl", "nbt.idl";
 
+[
+	pointer_default(unique),
+	helper("../librpc/ndr/ndr_schannel.h")
+]
 interface schannel
 {
 	/*
@@ -56,4 +60,73 @@ interface schannel
 		[string,charset(UTF8)] uint8 account_name[];
 		dom_sid *sid;
 	} netlogon_creds_CredentialState;
+
+	/* MS-NRPC 2.2.1.3.1 NL_AUTH_MESSAGE */
+
+	typedef [v1_enum] enum {
+		NL_NEGOTIATE_REQUEST	= 0x00000000,
+		NL_NEGOTIATE_RESPONSE	= 0x00000001
+	} NL_AUTH_MESSAGE_TYPE;
+
+	typedef [bitmap32bit] bitmap {
+		NL_FLAG_OEM_NETBIOS_DOMAIN_NAME		= 0x00000001,
+		NL_FLAG_OEM_NETBIOS_COMPUTER_NAME	= 0x00000002,
+		NL_FLAG_UTF8_DNS_DOMAIN_NAME		= 0x00000004,
+		NL_FLAG_UTF8_DNS_HOST_NAME		= 0x00000008,
+		NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME	= 0x00000010
+	} NL_AUTH_MESSAGE_FLAGS;
+
+	typedef [public,nodiscriminant,noprint] union {
+		[case (NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)]	astring	 a;
+		[case (NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)]	astring	 a;
+		[case (NL_FLAG_UTF8_DNS_DOMAIN_NAME)]		nbt_string u;
+		[case (NL_FLAG_UTF8_DNS_HOST_NAME)]		nbt_string u;
+		[case (NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)]	nbt_string u;
+		[default];
+	} NL_AUTH_MESSAGE_BUFFER;
+
+	typedef [public,flag(NDR_PAHEX)] struct {
+		NL_AUTH_MESSAGE_TYPE MessageType;
+		NL_AUTH_MESSAGE_FLAGS Flags;
+		[switch_is(Flags & NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)]	NL_AUTH_MESSAGE_BUFFER oem_netbios_domain;
+		[switch_is(Flags & NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)]	NL_AUTH_MESSAGE_BUFFER oem_netbios_computer;
+		[switch_is(Flags & NL_FLAG_UTF8_DNS_DOMAIN_NAME)]	NL_AUTH_MESSAGE_BUFFER utf8_dns_domain;
+		[switch_is(Flags & NL_FLAG_UTF8_DNS_HOST_NAME)]		NL_AUTH_MESSAGE_BUFFER utf8_dns_host;
+		[switch_is(Flags & NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)]	NL_AUTH_MESSAGE_BUFFER utf8_netbios_computer;
+	} NL_AUTH_MESSAGE;
+
+	/* MS-NRPC 2.2.1.3.2 NL_AUTH_SIGNATURE */
+
+	typedef enum {
+		NL_SIGN_HMAC_SHA256	= 0x0013,
+		NL_SIGN_HMAC_MD5	= 0x0077
+	} NL_SIGNATURE_ALGORITHM;
+
+	typedef enum {
+		NL_SEAL_AES128		= 0x001A,
+		NL_SEAL_RC4		= 0x007A,
+		NL_SEAL_NONE		= 0xFFFF
+	} NL_SEAL_ALGORITHM;
+
+	typedef [public,flag(NDR_PAHEX)] struct {
+		[value(NL_SIGN_HMAC_MD5)] NL_SIGNATURE_ALGORITHM SignatureAlgorithm;
+		NL_SEAL_ALGORITHM SealAlgorithm;
+		uint16 Pad;
+		uint16 Flags;
+		uint8 SequenceNumber[8];
+		uint8 Checksum[8];
+		uint8 Confounder[8];
+	} NL_AUTH_SIGNATURE;
+
+	/* MS-NRPC 2.2.1.3.3 NL_AUTH_SHA2_SIGNATURE */
+
+	typedef [public,flag(NDR_PAHEX)] struct {
+		[value(NL_SIGN_HMAC_SHA256)] NL_SIGNATURE_ALGORITHM SignatureAlgorithm;
+		NL_SEAL_ALGORITHM SealAlgorithm;
+		uint16 Pad;
+		uint16 Flags;
+		uint8 SequenceNumber[8];
+		uint8 Checksum[32];
+		uint8 Confounder[8];
+	} NL_AUTH_SHA2_SIGNATURE;
 }