| Lasso Reference Manual | ||||
|---|---|---|---|---|
| Top | Description | ||||
enum LassoWsseUsernameTokenPasswordType; struct LassoWsseUsernameToken; LassoWsseUsernameToken * lasso_wsse_username_token_new (void); void lasso_wsse_username_token_reset_nonce (LassoWsseUsernameToken *wsse_username_token); void lasso_wsse_username_token_set_password_kind (LassoWsseUsernameToken *wsse_username_token,LassoWsseUsernameTokenPasswordType password_type); lasso_error_t lasso_wsse_username_token_set_password (LassoWsseUsernameToken *wsse_username_token,char *password); lasso_error_t lasso_wsse_username_token_check_password (LassoWsseUsernameToken *wsse_username_token,char *password); guchar * lasso_wsse_username_token_derive_key (LassoWsseUsernameToken *wsse_username_token,char *password);
Transmit username and password credential as a WS-Security token. The password can be transmitted as cleartext or using a digest mode. It also allows to derive encryption and HMAC signing keys.
typedef enum {
LASSO_WSSE_USERNAME_TOKEN_PASSWORD_TYPE_UNKNOWN,
LASSO_WSSE_USERNAME_TOKEN_PASSWORD_TYPE_TEXT,
LASSO_WSSE_USERNAME_TOKEN_PASSWORD_TYPE_DIGEST,
LASSO_WSSE_USERNAME_TOKEN_PASSWORD_TYPE_LAST
} LassoWsseUsernameTokenPasswordType;
struct LassoWsseUsernameToken {
LassoNode parent;
char *Id;
char *Username;
char *Nonce;
char *Salt;
char *Created;
int Iteration;
GHashTable *attributes;
};
LassoNode |
|
| the identifier of the UsernameToken | |
| the username | |
| a nonce used to compute the digest of the password | |
| the salt for generating derived key | |
| the timestamp for the generation of the token, also used in the digest of the password | |
| how many times to apply SHA1 for generating derivated key | |
void lasso_wsse_username_token_reset_nonce
(LassoWsseUsernameToken *wsse_username_token);
Generate a random nonce.
|
a LassoWsseUsernameToken object |
void lasso_wsse_username_token_set_password_kind (LassoWsseUsernameToken *wsse_username_token,LassoWsseUsernameTokenPasswordType password_type);
Set the way to transmit password, that is either cleartext or digest.
|
a LassoWsseUsernameToken object |
|
a LassoWsseUsernameTokenPasswordType enumeration |
lasso_error_t lasso_wsse_username_token_set_password (LassoWsseUsernameToken *wsse_username_token,char *password);
Set the password using the given UTF-8 string. If password kind is digest, compute the digest SHA1(nonce + created + password), convert to Base64 and set it as the password. If nonce or created are NULL, the empty string is used.
|
a LassoWsseUsernameToken object |
|
an UTF-8 string |
Returns : |
0 if successfull, an error code otherwise. |
lasso_error_t lasso_wsse_username_token_check_password (LassoWsseUsernameToken *wsse_username_token,char *password);
guchar * lasso_wsse_username_token_derive_key (LassoWsseUsernameToken *wsse_username_token,char *password);
Generate a derived 128bit key using the password and setting from the UsernameToken.
|
a LassoWsseUsernameToken object |
|
the known password |
Returns : |
a 20 byte octet string. |