s4 idl: Add IDL for backup key protocol

[mat/samba.git] / librpc / idl / backupkey.idl

diff --git a/librpc/idl/backupkey.idl b/librpc/idl/backupkey.idl
new file mode 100644 (file)
index 0000000..3999d2c
--- /dev/null
+++ b/librpc/idl/backupkey.idl
@@ -0,0 +1,134 @@
+#include "idl_types.h"
+/*
+  plug and play services
+*/
+
+import "misc.idl", "security.idl";
+[
+  uuid("3dde7c30-165d-11d1-ab8f-00805f14db40"),
+  version(1.0),
+  endpoint("ncacn_np:[\\pipe\\protected_storage]","ncacn_np:[\\pipe\\ntsvcs]" ,"ncacn_ip_tcp:"),
+  helpstring("Remote Backup Key Storage"),
+  helper("../librpc/ndr/ndr_backupkey.h"),
+  helper("../librpc/ndr/ndr_backupkey_print.h"),
+  pointer_default(unique)
+]
+interface backupkey
+{
+       const string BACKUPKEY_RESTORE_GUID             = "47270C64-2FC7-499B-AC5B-0E37CDCE899A";
+       const string BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID = "018FF48A-EABA-40C6-8F6D-72370240E967";
+
+       const string BACKUPKEY_RESTORE_GUID_WIN2K       = "7FE94D50-178E-11D1-AB8F-00805F14DB40";
+       const string BACKUPKEY_BACKUP_GUID              = "7F752B10-178E-11D1-AB8F-00805F14DB40";
+
+       [public] typedef struct {
+               [value(0x00000002)] uint32 header1;
+               [value(0x00000494)] uint32 header2;
+               uint32 certificate_len;
+               [value(0x00000207)] uint32 magic1;
+               [value(0x0000A400)] uint32 magic2;
+               [value(0x32415352)] uint32 magic3;
+               [value(0x00000800)] uint32 magic4;
+               [subcontext(0),subcontext_size(4),flag(NDR_REMAINING)] DATA_BLOB public_exponent;
+
+               [subcontext(0),subcontext_size(256),flag(NDR_REMAINING)] DATA_BLOB modulus;
+               [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB prime1;
+               [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB prime2;
+               [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB exponent1;
+               [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB exponent2;
+               [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB coefficient;
+               [subcontext(0),subcontext_size(256),flag(NDR_REMAINING)] DATA_BLOB private_exponent;
+               [subcontext(0),subcontext_size(certificate_len),flag(NDR_REMAINING)] DATA_BLOB cert;
+       } bkrp_exported_RSA_key_pair;
+
+       [public,gensize] typedef struct {
+               uint32 version;
+               uint32 encrypted_secret_len;
+               uint32 access_check_len;
+               GUID guid;
+               uint8  encrypted_secret[encrypted_secret_len];
+               uint8  access_check[access_check_len];
+       } bkrp_client_side_wrapped;
+
+       [public] typedef struct {
+               [value(0x00000000)] uint32 magic;
+               [subcontext(0),flag(NDR_REMAINING)] DATA_BLOB secret;
+       } bkrp_client_side_unwrapped;
+
+       [public] typedef struct {
+               uint32 secret_len;
+               [value(0x00000020)] uint32 magic;
+               uint8 secret[secret_len];
+               uint8 payload_key[32];
+       } bkrp_encrypted_secret_v2;
+
+       [public] typedef struct {
+               uint32 secret_len;
+               [value(0x00000030)] uint32 magic1;
+               [value(0x00006610)] uint32 magic2;
+               [value(0x0000800e)] uint32 magic3;
+               uint8 secret[secret_len];
+               uint8 payload_key[48];
+       } bkrp_encrypted_secret_v3;
+
+       [public, nopush, nopull] typedef struct {
+               [value(0x00000001)] uint32 magic;
+               uint32 nonce_len;
+               uint8 nonce[nonce_len];
+               dom_sid sid;
+               //[flag(NDR_REMAINING)] DATA_BLOB remaining;
+               //DATA_BLOB pad;,
+               uint8 hash[20];
+       } bkrp_access_check_v2;
+
+       [public,nopush,nopull] typedef struct {
+               [value(0x00000001)] uint32 magic;
+               uint32 nonce_len;
+               uint8 nonce[nonce_len];
+               dom_sid sid;
+               //[flag(NDR_REMAINING)] DATA_BLOB remaining;
+               //DATA_BLOB pad;,
+               uint8 hash[64];
+       } bkrp_access_check_v3;
+
+
+       /******************/
+       /* Function: 0x00
+       PI_STATUS BackuprKey(
+        [in] handle_t h,
+        [in] GUID* pguidActionAgent,
+        [in, size_is(cbDataIn)] byte* pDataIn,
+        [in] DWORD cbDataIn,
+        [out, size_is(,*pcbDataOut)] byte** ppDataOut,
+        [out] DWORD* pcbDataOut,
+        [in] DWORD dwParam
+        );
+        */
+typedef enum {
+       BACKUPKEY_RESTORE_GUID_INTEGER = 0x0000,
+       BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID_INTEGER = 0x0001
+       } bkrp_guid_to_integer;
+
+typedef [nodiscriminant] union {
+       [case(BACKUPKEY_RESTORE_GUID_INTEGER)] bkrp_client_side_wrapped cert_req;
+       [case(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID_INTEGER)] bkrp_client_side_wrapped sec_req;
+       } bkrp_data_in_blob;
+
+       [public] WERROR bkrp_BackupKey (
+                [in,ref]  GUID *guidActionAgent,
+                [in,ref]  [size_is(data_in_len)] uint8 *data_in,
+                [in]  uint32 data_in_len,
+                [out,ref] [size_is(,*data_out_len)] uint8 **data_out,
+                [out,ref] uint32 *data_out_len,
+                [in]  uint32 param
+       );
+
+       [public,noprint,nopush,nopull] WERROR bkrp_BackupKey_debug (
+                [in,ref]  GUID *guidActionAgent,
+                [in,ref]  [size_is(data_in_len)] uint8 *data_in,
+                [in]  uint32 data_in_len,
+                [in]  uint32 param,
+                [out,unique] [size_is(data_out_len)] uint8 *data_out,
+                [out] uint32 data_out_len
+       );
+}