#if !defined(_SECIOP_IDL_)
#define _SECIOP_IDL
#pragma prefix "omg.org"
#include <IOP.idl>
#include <Security.idl>

module SECIOP {

    const IOP::ComponentId TAG_GENERIC_SEC_MECH = 12;
    const IOP::ComponentId TAG_ASSOCIATION_OPTIONS = 13;
    const IOP::ComponentId TAG_SEC_NAME = 14;

    struct TargetAssociationOptions{
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
    };

    struct GenericMechanismInfo {
        sequence <octet>                security_mechanism_type;
        sequence <octet>                mech_specific_data;
        sequence <IOP::TaggedComponent> components;
    };

    enum MsgType {
        MTEstablishContext, 
        MTCompleteEstablishContext,
        MTContinueEstablishContext,
        MTDiscardContext,
        MTMessageError,
        MTMessageInContext
    };

#ifdef NOLONGLONG
    struct ulonglong {
	unsigned long low;
	unsigned long high;
    };
    typedef ulonglong ContextId;
#else
    typedef unsigned long long ContextId;
#endif
    enum ContextIdDefn {
        CIDClient, 
        CIDPeer,
        CIDSender
    };

    struct EstablishContext {
        ContextId            client_context_id;
        sequence <octet>     initial_context_token;
    };

    struct CompleteEstablishContext {
        ContextId        client_context_id;
        boolean          target_context_id_valid;
        ContextId        target_context_id;
        sequence <octet> final_context_token;
    };

    struct ContinueEstablishContext {
        ContextId        client_context_id;
        sequence <octet> continuation_context_token;
    };

    struct DiscardContext {    
        ContextIdDefn    message_context_id_defn;
        ContextId        message_context_id;
        sequence <octet> discard_context_token;
    };

    struct MessageError {
        ContextIdDefn    message_context_id_defn;
        ContextId        message_context_id;
        long             major_status;
        long             minor_status;
    };

    enum ContextTokenType {
        SecTokenTypeWrap,
        SecTokenTypeMIC
    };

    struct MessageInContext {
        ContextIdDefn    message_context_id_defn;
        ContextId        message_context_id;
        ContextTokenType message_context_type;
        sequence <octet> message_protection_token;
    };

    // messsage_protection_token is obtained by CDR encoding
    // the SequencingHeader followed by the octets of the
    // frame data. Sequencingheader + Frame Data is called a
    // SequencedDataFrame

    struct SequencingHeader {
        octet            control_state;
        unsigned long    direct_sequence_number;
        unsigned long    reverse_sequence_number;
        unsigned long    reverse_window;
    };

    typedef sequence <octet> SecurityName;
    typedef unsigned short   CryptographicProfile;
    typedef sequence <CryptographicProfile> CryptographicProfileList;

    // Cryptographic profiles for SPKM
    const CryptographicProfile    MD5_RSA = 20;
    const CryptographicProfile    MD5_DES_CBC = 21;
    const CryptographicProfile    DES_CBC = 22;
    const CryptographicProfile    MD5_DES_CBC_SOURCE  = 23;
    const CryptographicProfile    DES_CBC_SOURCE  = 24;

    // Security Mechanism SPKM_1
    const IOP::ComponentId        TAG_SPKM_1_SEC_MECH = 15;

    struct SPKM_1 {
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
        CryptographicProfileList        crypto_profile;
        SecurityName                    security_name;
    };

    // Security Mechanism SPKM_2
    const IOP::ComponentId        TAG_SPKM_2_SEC_MECH = 16;

    struct SPKM_2 {
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
        CryptographicProfileList        crypto_profile;
        SecurityName                    security_name;
    };

    // Cryptographic profiles for GSS Kerberos Protocol
    const CryptographicProfile    DES_CBC_DES_MAC = 10;
    const CryptographicProfile    DES_CBC_MD5 = 11;
    const CryptographicProfile    DES_MAC = 12;
    const CryptographicProfile    MD5 = 13;

    // Security Mechanism KerberosV5
    const IOP::ComponentId        TAG_KerberosV5_SEC_MECH = 17;

    struct KerberosV5 {
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
        CryptographicProfileList        crypto_profile;
        SecurityName                    security_name;
    };

    // Cryptographic profiles for CSI-ECMA Protocol
    const CryptographicProfile    FullSecurity = 1;
    const CryptographicProfile    NoDataConfidentiality = 2;
    const CryptographicProfile    LowGradeConfidentiality = 3;
    const CryptographicProfile    AgreedDefault = 5;

    // Security Mechanism CSI_ECMA_Secret
    const IOP::ComponentId        TAG_CSI_ECMA_Secret_SEC_MECH = 18;

    struct CSI_ECMA_Secret {
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
        CryptographicProfileList        crypto_profile;
        SecurityName                    security_name;
    };

    // Security Mechanism CSI_ECMA_Hybrid
    const IOP::ComponentId        TAG_CSI_ECMA_Hybrid_SEC_MECH = 19;

    struct CSI_ECMA_Hybrid {
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
        CryptographicProfileList        crypto_profile;
        SecurityName                    security_name;
    };

    // Security Mechanism CSI_ECMA_Public
    const IOP::ComponentId        TAG_CSI_ECMA_Public_SEC_MECH = 21;

    struct CSI_ECMA_Public {
        Security::AssociationOptions    target_supports;
        Security::AssociationOptions    target_requires;
        CryptographicProfileList        crypto_profile;
        SecurityName                    security_name;
    };
};
#endif /* _SECIOP_IDL */