librpc/idl/backupkey.idl

   1 #include "idl_types.h"
   2
   3 import "misc.idl", "security.idl";
   4 [
   5   uuid("3dde7c30-165d-11d1-ab8f-00805f14db40"),
   6   version(1.0),
   7   endpoint("ncacn_np:[\\pipe\\protected_storage]","ncacn_np:[\\pipe\\ntsvcs]" ,"ncacn_ip_tcp:"),
   8   helpstring("Remote Backup Key Storage"),
   9   helper("../librpc/ndr/ndr_backupkey.h"),
  10   pointer_default(unique)
  11 ]
  12 interface backupkey
  13 {
  14         const string BACKUPKEY_RESTORE_GUID             = "47270C64-2FC7-499B-AC5B-0E37CDCE899A";
  15         const string BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID = "018FF48A-EABA-40C6-8F6D-72370240E967";
  16
  17         const string BACKUPKEY_RESTORE_GUID_WIN2K       = "7FE94D50-178E-11D1-AB8F-00805F14DB40";
  18         const string BACKUPKEY_BACKUP_GUID              = "7F752B10-178E-11D1-AB8F-00805F14DB40";
  19
  20         /*
  21          * The magic values are really what they are there is no name it's just remarkable values
  22          * that are here to check that what is transmited or decoded is really what the client or
  23          * the server expect.
  24          */
  25         [public] typedef struct {
  26                 [value(0x00000002)] uint32 header1;
  27                 [value(0x00000494)] uint32 header2;
  28                 uint32 certificate_len;
  29                 [value(0x00000207)] uint32 magic1;
  30                 [value(0x0000A400)] uint32 magic2;
  31                 [value(0x32415352)] uint32 magic3;
  32                 [value(0x00000800)] uint32 magic4;
  33                 [subcontext(0),subcontext_size(4),flag(NDR_REMAINING)] DATA_BLOB public_exponent;
  34
  35                 [subcontext(0),subcontext_size(256),flag(NDR_REMAINING)] DATA_BLOB modulus;
  36                 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB prime1;
  37                 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB prime2;
  38                 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB exponent1;
  39                 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB exponent2;
  40                 [subcontext(0),subcontext_size(128),flag(NDR_REMAINING)] DATA_BLOB coefficient;
  41                 [subcontext(0),subcontext_size(256),flag(NDR_REMAINING)] DATA_BLOB private_exponent;
  42                 [subcontext(0),subcontext_size(certificate_len),flag(NDR_REMAINING)] DATA_BLOB cert;
  43         } bkrp_exported_RSA_key_pair;
  44
  45         [public] typedef struct {
  46                 [value(0x00000001)] uint32 magic;
  47                 uint8 key[256];
  48         } bkrp_dc_serverwrap_key;
  49
  50         [public] typedef struct {
  51         } bkrp_empty;
  52
  53         [public,gensize] typedef struct {
  54                 uint32 version;
  55                 uint32 encrypted_secret_len;
  56                 uint32 access_check_len;
  57                 GUID guid;
  58                 uint8  encrypted_secret[encrypted_secret_len];
  59                 uint8  access_check[access_check_len];
  60         } bkrp_client_side_wrapped;
  61
  62         [public] typedef struct {
  63                 [value(0x00000000)] uint32 magic;
  64                 [subcontext(0),flag(NDR_REMAINING)] DATA_BLOB secret;
  65         } bkrp_client_side_unwrapped;
  66
  67         [public] typedef struct {
  68                 uint32 secret_len;
  69                 [value(0x00000020)] uint32 magic;
  70                 uint8 secret[secret_len];
  71                 uint8 payload_key[32];
  72         } bkrp_encrypted_secret_v2;
  73
  74         [public] typedef struct {
  75                 uint32 secret_len;
  76                 [value(0x00000030)] uint32 magic1;
  77                 [value(0x00006610)] uint32 magic2;
  78                 [value(0x0000800e)] uint32 magic3;
  79                 uint8 secret[secret_len];
  80                 uint8 payload_key[48];
  81         } bkrp_encrypted_secret_v3;
  82
  83         /* Due to alignement constraint we can generate the structure only via pidl*/
  84         [public, nopush, nopull] typedef struct {
  85                 [value(0x00000001)] uint32 magic;
  86                 uint32 nonce_len;
  87                 uint8 nonce[nonce_len];
  88                 dom_sid sid;
  89                 uint8 hash[20];
  90         } bkrp_access_check_v2;
  91
  92         /* Due to alignement constraint we can generate the structure only via pidl*/
  93         [public,nopush,nopull] typedef struct {
  94                 [value(0x00000001)] uint32 magic;
  95                 uint32 nonce_len;
  96                 uint8 nonce[nonce_len];
  97                 dom_sid sid;
  98                 uint8 hash[64];
  99         } bkrp_access_check_v3;
 100
 101         [public] typedef struct {
 102                 uint8 r3[32];
 103                 uint8 mac[20];
 104                 dom_sid sid;
 105                 [subcontext(0),flag(NDR_REMAINING)] DATA_BLOB secret_data;
 106         } bkrp_rc4encryptedpayload;
 107
 108         [public] typedef struct {
 109                 [value(0x00000001)] uint32 magic;
 110                 uint32 payload_length;
 111                 uint32 ciphertext_length;
 112                 GUID guid;
 113                 uint8 r2[68];
 114                 uint8 rc4encryptedpayload[ciphertext_length];
 115         } bkrp_server_side_wrapped;
 116
 117         [public] typedef struct {
 118                 [flag(NDR_REMAINING)] DATA_BLOB opaque;
 119         } bkrp_opaque_blob;
 120
 121         typedef enum {
 122                 BACKUPKEY_INVALID_GUID_INTEGER = 0xFFFF,
 123                 BACKUPKEY_RESTORE_GUID_INTEGER = 0x0000,
 124                 BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID_INTEGER = 0x0001,
 125                 BACKUPKEY_RESTORE_GUID_WIN2K_INTEGER = 0x0002,
 126                 BACKUPKEY_BACKUP_GUID_INTEGER = 0x0003
 127         } bkrp_guid_to_integer;
 128
 129         [public] typedef [nodiscriminant] union {
 130                 [case(BACKUPKEY_RESTORE_GUID_INTEGER)] bkrp_client_side_wrapped restore_req;
 131                 [case(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID_INTEGER)] bkrp_empty empty;
 132                 [case(BACKUPKEY_RESTORE_GUID_WIN2K_INTEGER)] bkrp_server_side_wrapped unsign_req;
 133                 [case(BACKUPKEY_BACKUP_GUID_INTEGER)] bkrp_opaque_blob sign_req;
 134         } bkrp_data_in_blob;
 135
 136         /******************/
 137         /* Function: 0x00 */
 138
 139         [public, noprint] WERROR bkrp_BackupKey (
 140                 [in,ref]  GUID *guidActionAgent,
 141                 [in,ref]  [size_is(data_in_len)] uint8 *data_in,
 142                 [in]      uint32 data_in_len,
 143                 [out,ref] [size_is(,*data_out_len)] uint8 **data_out,
 144                 [out,ref] uint32 *data_out_len,
 145                 [in]      uint32 param
 146         );
 147 }