/* This file is generated, please don't edit it directly. */
#ifndef KRB5_KRB5_H_INCLUDED
#define KRB5_KRB5_H_INCLUDED
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* General definitions for Kerberos version 5. */
* Copyright 1989, 1990, 1995, 2001, 2003, 2007, 2011 by the Massachusetts
* Institute of Technology. All Rights Reserved.
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* Copyright (C) 1998 by the FundsXpress, INC.
* Export of this software from the United States of America may require
* a specific license from the United States Government. It is the
* responsibility of any person or organization contemplating export to
* obtain such a license before exporting.
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of FundsXpress. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. FundsXpress makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
/** @defgroup KRB5_H krb5 library API
/* By default, do not expose deprecated interfaces. */
#define KRB5_DEPRECATED 0
#if defined(__MACH__) && defined(__APPLE__)
# include <TargetConditionals.h>
# error "Use KfM 4.0 SDK headers for CFM compilation."
#if defined(_MSDOS) || defined(_WIN32)
#endif /* !KRB5_CALLCONV */
#endif /* !KRB5_CONFIG__ */
#ifndef KRB5_CALLCONV_WRONG
#define KRB5_CALLCONV_WRONG
#define THREEPARAMOPEN(x,y,z) open(x,y,z)
#define WRITABLEFOPEN(x,y) fopen(x,y)
#include <limits.h> /* for *_MAX */
#ifndef KRB5INT_BEGIN_DECLS
#define KRB5INT_BEGIN_DECLS extern "C" {
#define KRB5INT_END_DECLS }
#define KRB5INT_BEGIN_DECLS
#define KRB5INT_END_DECLS
#if defined(TARGET_OS_MAC) && TARGET_OS_MAC
#if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) >= 30203
# define KRB5_ATTR_DEPRECATED __attribute__((deprecated))
# define KRB5_ATTR_DEPRECATED __declspec(deprecated)
# define KRB5_ATTR_DEPRECATED
/* typedef struct _profile_t *profile_t; */
* Word-size related definition.
typedef uint8_t krb5_octet;
typedef int16_t krb5_int16;
typedef uint16_t krb5_ui_2;
typedef int32_t krb5_int32;
typedef uint32_t krb5_ui_4;
#define VALID_INT_BITS INT_MAX
#define VALID_UINT_BITS UINT_MAX
#define KRB5_INT32_MAX 2147483647
/* this strange form is necessary since - is a unary operator, not a sign
#define KRB5_INT32_MIN (-KRB5_INT32_MAX-1)
#define KRB5_INT16_MAX 65535
/* this strange form is necessary since - is a unary operator, not a sign
#define KRB5_INT16_MIN (-KRB5_INT16_MAX-1)
* Basic definitions for Kerberos V5 library
typedef unsigned int krb5_boolean;
typedef unsigned int krb5_msgtype;
typedef unsigned int krb5_kvno;
typedef krb5_int32 krb5_addrtype;
typedef krb5_int32 krb5_enctype;
typedef krb5_int32 krb5_cksumtype;
typedef krb5_int32 krb5_authdatatype;
typedef krb5_int32 krb5_keyusage;
typedef krb5_int32 krb5_cryptotype;
typedef krb5_int32 krb5_preauthtype; /* This may change, later on */
typedef krb5_int32 krb5_flags;
* Represents a timestamp in seconds since the POSIX epoch. This legacy type
* is used frequently in the ABI, but cannot represent timestamps after 2038 as
* a positive number. Code which uses this type should cast values of it to
* uint32_t so that negative values are treated as timestamps between 2038 and
* 2106 on platforms with 64-bit time_t.
typedef krb5_int32 krb5_timestamp;
typedef krb5_int32 krb5_deltat;
* Used to convey an operation status. The value 0 indicates success; any
* other values are com_err codes. Use krb5_get_error_message() to obtain a
* string describing the error.
typedef krb5_int32 krb5_error_code;
typedef krb5_error_code krb5_magic;
typedef struct _krb5_data {
/* Originally introduced for PKINIT; now unused. Do not use this. */
typedef struct _krb5_octet_data {
/* Originally used to recognize AFS and default salts. No longer used. */
#define SALT_TYPE_AFS_LENGTH UINT_MAX
#define SALT_TYPE_NO_LENGTH UINT_MAX
typedef void * krb5_pointer;
typedef void const * krb5_const_pointer;
typedef struct krb5_principal_data {
krb5_data *data; /**< An array of strings */
typedef krb5_principal_data * krb5_principal;
* Per V5 spec on definition of principal types
#define KRB5_NT_UNKNOWN 0 /**< Name type not known */
#define KRB5_NT_PRINCIPAL 1 /**< Just the name of the principal
as in DCE, or for users */
#define KRB5_NT_SRV_INST 2 /**< Service and other unique instance (krbtgt) */
#define KRB5_NT_SRV_HST 3 /**< Service with host name as instance
#define KRB5_NT_SRV_XHST 4 /**< Service with host as remaining components */
#define KRB5_NT_UID 5 /**< Unique ID */
#define KRB5_NT_X500_PRINCIPAL 6 /**< PKINIT */
#define KRB5_NT_SMTP_NAME 7 /**< Name in form of SMTP email name */
#define KRB5_NT_ENTERPRISE_PRINCIPAL 10 /**< Windows 2000 UPN */
#define KRB5_NT_WELLKNOWN 11 /**< Well-known (special) principal */
#define KRB5_WELLKNOWN_NAMESTR "WELLKNOWN" /**< First component of
NT_WELLKNOWN principals */
#define KRB5_NT_MS_PRINCIPAL -128 /**< Windows 2000 UPN and SID */
#define KRB5_NT_MS_PRINCIPAL_AND_ID -129 /**< NT 4 style name */
#define KRB5_NT_ENT_PRINCIPAL_AND_ID -130 /**< NT 4 style name and SID */
/** Constant version of krb5_principal_data */
typedef const krb5_principal_data *krb5_const_principal;
#define krb5_princ_realm(context, princ) (&(princ)->realm)
#define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value))
#define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value)
#define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value)
#define krb5_princ_size(context, princ) (princ)->length
#define krb5_princ_type(context, princ) (princ)->type
#define krb5_princ_name(context, princ) (princ)->data
#define krb5_princ_component(context, princ,i) \
(((i) < krb5_princ_size(context, princ)) \
/** Constant for realm referrals. */
#define KRB5_REFERRAL_REALM ""
* Referral-specific functions.
* Check for a match with KRB5_REFERRAL_REALM.
* @param [in] r Realm to check
* @return @c TRUE if @a r is zero-length, @c FALSE otherwise
krb5_boolean KRB5_CALLCONV
krb5_is_referral_realm(const krb5_data *r);
* Return an anonymous realm data.
* This function returns constant storage that must not be freed.
* @sa #KRB5_ANONYMOUS_REALMSTR
const krb5_data *KRB5_CALLCONV
krb5_anonymous_realm(void);
* Build an anonymous principal.
* This function returns constant storage that must not be freed.
* @sa #KRB5_ANONYMOUS_PRINCSTR
krb5_const_principal KRB5_CALLCONV
krb5_anonymous_principal(void);
#define KRB5_ANONYMOUS_REALMSTR "WELLKNOWN:ANONYMOUS" /**< Anonymous realm */
#define KRB5_ANONYMOUS_PRINCSTR "ANONYMOUS" /**< Anonymous principal name */
/** Structure for address */
typedef struct _krb5_address {
/* per Kerberos v5 protocol spec */
#define ADDRTYPE_INET 0x0002
#define ADDRTYPE_CHAOS 0x0005
#define ADDRTYPE_XNS 0x0006
#define ADDRTYPE_ISO 0x0007
#define ADDRTYPE_DDP 0x0010
#define ADDRTYPE_NETBIOS 0x0014
#define ADDRTYPE_INET6 0x0018
/* not yet in the spec... */
#define ADDRTYPE_ADDRPORT 0x0100
#define ADDRTYPE_IPPORT 0x0101
/* macros to determine if a type is a local type */
#define ADDRTYPE_IS_LOCAL(addrtype) (addrtype & 0x8000)
typedef struct _krb5_context * krb5_context;
struct _krb5_auth_context;
typedef struct _krb5_auth_context * krb5_auth_context;
struct _krb5_cryptosystem_entry;
/** Exposed contents of a key. */
typedef struct _krb5_keyblock {
* Opaque identifier for a key.
* Use with the krb5_k APIs for better performance for repeated operations with
* the same key and usage. Key identifiers must not be used simultaneously
* within multiple threads, as they may contain mutable internal state and are
typedef struct krb5_key_st *krb5_key;
typedef struct _krb5_encrypt_block {
krb5_enctype crypto_entry; /* to call krb5_encrypt_size, you need
this. it was a pointer, but it
doesn't have to be. gross. */
typedef struct _krb5_checksum {
krb5_cksumtype checksum_type; /* checksum type */
typedef struct _krb5_enc_data {
* Structure to describe a region of text to be encrypted or decrypted.
* The @a flags member describes the type of the iov.
* The @a data member points to the memory that will be manipulated.
* All iov APIs take a pointer to the first element of an array of krb5_crypto_iov's
* along with the size of that array. Buffer contents are manipulated in-place;
* data is overwritten. Callers must allocate the right number of krb5_crypto_iov
* structures before calling into an iov API.
typedef struct _krb5_crypto_iov {
krb5_cryptotype flags; /**< @ref KRB5_CRYPTO_TYPE type of the iov */
/* per Kerberos v5 protocol spec */
#define ENCTYPE_NULL 0x0000
#define ENCTYPE_DES_CBC_CRC 0x0001 /**< @deprecated no longer supported */
#define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */
#define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */
#define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */
#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */
#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */
#define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */
#define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */
#define ENCTYPE_MD5_RSA_CMS 0x000a /**< MD5 with RSA, CMS signature */
#define ENCTYPE_SHA1_RSA_CMS 0x000b /**< SHA1 with RSA, CMS signature */
#define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */
#define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */
#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */
#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */
#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */
#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */
#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */
#define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */
#define ENCTYPE_AES256_CTS_HMAC_SHA384_192 0x0014 /**< RFC 8009 */
#define ENCTYPE_ARCFOUR_HMAC 0x0017 /**< RFC 4757 */
#define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 /**< RFC 4757 */
#define ENCTYPE_CAMELLIA128_CTS_CMAC 0x0019 /**< RFC 6803 */
#define ENCTYPE_CAMELLIA256_CTS_CMAC 0x001a /**< RFC 6803 */
#define ENCTYPE_UNKNOWN 0x01ff
* Historically we used the value 9 for unkeyed SHA-1. RFC 3961 assigns this
* value to rsa-md5-des3, which fortunately is unused. For ABI compatibility
* we allow either 9 or 14 for SHA-1.
#define CKSUMTYPE_CRC32 0x0001
#define CKSUMTYPE_RSA_MD4 0x0002
#define CKSUMTYPE_RSA_MD4_DES 0x0003
#define CKSUMTYPE_DESCBC 0x0004
#define CKSUMTYPE_RSA_MD5 0x0007
#define CKSUMTYPE_RSA_MD5_DES 0x0008
#define CKSUMTYPE_NIST_SHA 0x0009
#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */
#define CKSUMTYPE_SHA1 0x000d /**< RFC 3962 */
#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with
ENCTYPE_AES128_CTS_HMAC_SHA1_96 */
#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with
ENCTYPE_AES256_CTS_HMAC_SHA1_96 */
#define CKSUMTYPE_HMAC_SHA256_128_AES128 0x0013 /**< RFC 8009 */
#define CKSUMTYPE_HMAC_SHA384_192_AES256 0x0014 /**< RFC 8009 */
#define CKSUMTYPE_CMAC_CAMELLIA128 0x0011 /**< RFC 6803 */
#define CKSUMTYPE_CMAC_CAMELLIA256 0x0012 /**< RFC 6803 */
#define CKSUMTYPE_MD5_HMAC_ARCFOUR -137 /* Microsoft netlogon */
#define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /**< RFC 4757 */
* The following are entropy source designations. Whenever
* krb5_C_random_add_entropy is called, one of these source ids is passed in.
* This allows the library to better estimate bits of entropy in the sample and
* to keep track of what sources of entropy have contributed enough entropy.
* Sources marked internal MUST NOT be used by applications outside the
KRB5_C_RANDSOURCE_OLDAPI = 0, /*calls to krb5_C_RANDOM_SEED (INTERNAL)*/
KRB5_C_RANDSOURCE_OSRAND = 1, /* /dev/random or equivalent (internal)*/
KRB5_C_RANDSOURCE_TRUSTEDPARTY = 2, /* From KDC or other trusted party*/
* This source should be used carefully; data in this category
* should be from a third party trusted to give random bits
* For example keys issued by the KDC in the application server.
KRB5_C_RANDSOURCE_TIMING = 3, /* Timing of operations*/
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
