#ifndef _CSIIOP_IDL_ | |
#define _CSIIOP_IDL_ | |
#include <IOP.idl> | |
#include <CSI.idl> | |
#pragma prefix "omg.org" | |
module CSIIOP { | |
const IOP::ComponentId TAG_NULL_TAG = 34; | |
const IOP::ComponentId TAG_CSI_SEC_MECH_LIST = 33; | |
// Association options | |
typedef unsigned short AssociationOptions; | |
const AssociationOptions NoProtection = 1; | |
const AssociationOptions Integrity = 2; | |
const AssociationOptions Confidentiality = 4; | |
const AssociationOptions DetectReplay = 8; | |
const AssociationOptions DetectMisordering = 16; | |
const AssociationOptions EstablishTrustInTarget = 32; | |
const AssociationOptions EstablishTrustInClient = 64; | |
const AssociationOptions NoDelegation = 128; | |
const AssociationOptions SimpleDelegation = 256; | |
const AssociationOptions CompositeDelegation = 512; | |
const AssociationOptions IdentityAssertion = 1024; | |
const AssociationOptions DelegationByClient = 2048; | |
// The high order 20-bits of each ServiceConfigurationSyntax constant | |
// shall contain the Vendor Minor Codeset ID (VMCID) of the | |
// organization that defined the syntax. The low order 12 bits shall | |
// contain the organization-scoped syntax identifier. The high-order 20 | |
// bits of all syntaxes defined by the OMG shall contain the VMCID | |
// allocated to the OMG (that is, 0x4F4D0). | |
typedef unsigned long ServiceConfigurationSyntax; | |
const ServiceConfigurationSyntax SCS_GeneralNames = CSI::OMGVMCID | 0; | |
const ServiceConfigurationSyntax SCS_GSSExportedName = CSI::OMGVMCID | 1; | |
typedef sequence <octet> ServiceSpecificName; | |
// The name field of the ServiceConfiguration structure identifies a | |
// privilege authority in the format identified in the syntax field. If the | |
// syntax is SCS_GeneralNames, the name field contains an ASN.1 (BER) | |
// SEQUENCE [1..MAX] OF GeneralName, as defined by the type GeneralNames in | |
// [IETF RFC 2459]. If the syntax is SCS_GSSExportedName, the name field | |
// contains a GSS exported name encoded according to the rules in | |
// [IETF RFC 2743] Section 3.2, "Mechanism-Independent Exported Name | |
// Object Format," p. 84. | |
struct ServiceConfiguration { | |
ServiceConfigurationSyntax syntax; | |
ServiceSpecificName name; | |
}; | |
typedef sequence <ServiceConfiguration> ServiceConfigurationList; | |
// The body of the TAG_NULL_TAG component is a sequence of octets of | |
// length 0. | |
// type used to define AS layer functionality within a compound mechanism | |
// definition | |
struct AS_ContextSec { | |
AssociationOptions target_supports; | |
AssociationOptions target_requires; | |
CSI::OID client_authentication_mech; | |
CSI::GSS_NT_ExportedName target_name; | |
}; | |
// type used to define SAS layer functionality within a compound mechanism | |
// definition | |
struct SAS_ContextSec { | |
AssociationOptions target_supports; | |
AssociationOptions target_requires; | |
ServiceConfigurationList privilege_authorities; | |
CSI::OIDList supported_naming_mechanisms; | |
CSI::IdentityTokenType supported_identity_types; | |
}; | |
// type used in the body of a TAG_CSI_SEC_MECH_LIST component to | |
// describe a compound mechanism | |
struct CompoundSecMech { | |
AssociationOptions target_requires; | |
IOP::TaggedComponent transport_mech; | |
AS_ContextSec as_context_mech; | |
SAS_ContextSec sas_context_mech; | |
}; | |
typedef sequence <CompoundSecMech> CompoundSecMechanisms; | |
// type corresponding to the body of a TAG_CSI_SEC_MECH_LIST | |
// component | |
struct CompoundSecMechList { | |
boolean stateful; | |
CompoundSecMechanisms mechanism_list; | |
}; | |
struct TransportAddress { | |
string host_name; | |
unsigned short port; | |
}; | |
typedef sequence <TransportAddress> TransportAddressList; | |
// Tagged component for configuring SECIOP as a CSIv2 transport mechanism | |
const IOP::ComponentId TAG_SECIOP_SEC_TRANS = 35; | |
struct SECIOP_SEC_TRANS { | |
AssociationOptions target_supports; | |
AssociationOptions target_requires; | |
CSI::OID mech_oid; | |
CSI::GSS_NT_ExportedName target_name; | |
TransportAddressList addresses; | |
}; | |
// tagged component for configuring TLS/SSL as a CSIv2 transport mechanism | |
const IOP::ComponentId TAG_TLS_SEC_TRANS = 36; | |
struct TLS_SEC_TRANS { | |
AssociationOptions target_supports; | |
AssociationOptions target_requires; | |
TransportAddressList addresses; | |
}; | |
}; //CSIIOP | |
#endif |