search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Use GPL instead of LGPL.
[shishi.git] / lib / shishi.h.in
blob809782784876efc4f1eeaba0ee9734b2d0ff8075
1 /* shishi.h header file for shishi library -*- c -*-
2 * Copyright (C) 2002 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 */
21
22 #ifndef SHISHI_H
23 #define SHISHI_H
24
25 #include <stdio.h> /* FILE */
26 #include <stddef.h> /* size_t */
27 #include <libtasn1.h> /* ASN1_TYPE */
28
29 #define SHISHI_VERSION "@PACKAGE_VERSION@"
30
31 /* Error codes */
32 enum
33 {
34 SHISHI_OK = 0,
35 SHISHI_ASN1_ERROR = 1,
36 SHISHI_FOPEN_ERROR = 2,
37 SHISHI_FCLOSE_ERROR = 3,
38 SHISHI_MALLOC_ERROR = 4,
39 SHISHI_BASE64_ERROR = 5,
40 SHISHI_REALM_MISMATCH = 6,
41 SHISHI_CNAME_MISMATCH = 7,
42 SHISHI_NONCE_MISMATCH = 8,
43 SHISHI_TGSREP_BAD_KEYTYPE = 9,
44 SHISHI_KDCREP_BAD_KEYTYPE = 10,
45 SHISHI_APREP_BAD_KEYTYPE = 11,
46 SHISHI_APREP_VERIFY_FAILED = 12,
47 SHISHI_APREQ_BAD_KEYTYPE = 13,
48 SHISHI_TOO_SMALL_BUFFER = 14,
49 SHISHI_DERIVEDKEY_TOO_SMALL = 15,
50 SHISHI_KEY_TOO_LARGE = 16,
51 SHISHI_CRYPTO_ERROR = 17,
52 SHISHI_GCRYPT_ERROR = 18,
53 SHISHI_SOCKET_ERROR = 19,
54 SHISHI_BIND_ERROR = 20,
55 SHISHI_SENDTO_ERROR = 21,
56 SHISHI_RECVFROM_ERROR = 22,
57 SHISHI_CLOSE_ERROR = 23,
58 SHISHI_KDC_TIMEOUT = 24,
59 SHISHI_KDC_NOT_KNOWN_FOR_REALM = 25,
60 SHISHI_TTY_ERROR = 26,
61 SHISHI_GOT_KRBERROR = 27,
62 SHISHI_HANDLE_ERROR = 28,
63 SHISHI_INVALID_TICKETSET = 29
64 };
65
66 /* This is not specified in the ASN.1 syntax for some reason. */
67 typedef enum
68 {
69 SHISHI_NT_UNKNOWN = 0, /* Name type not known */
70 SHISHI_NT_PRINCIPAL, /* Just the name of the principal as in */
71 /* DCE, or for users */
72 SHISHI_NT_SRV_INST, /* Service and other unique instance (krbtgt) */
73 SHISHI_NT_SRV_HST, /* Service with host name as instance */
74 /* (telnet, rcommands) */
75 SHISHI_NT_SRV_XHST, /* Service with host as remaining components */
76 SHISHI_NT_UID /* Unique ID */
77 }
78 Shishi_name_type;
79
80 /* This is not specified in the ASN.1 syntax for some reason. */
81 typedef enum
82 {
83 SHISHI_PA_TGS_REQ = 1, /* padata is APREQ */
84 SHISHI_PA_ENC_TIMESTAMP, /* timestamp pre authentication */
85 SHISHI_PA_PW_SALT, /* salt for string-to-key */
86 SHISHI_PA_ETYPE_INFO = 10, /* in krb-error, request for preauth */
87 SHISHI_PA_USE_SPECIFIED_KVNO = 20 /* use specified kvno */
88 }
89 Shishi_padata_type;
90
91 typedef enum
92 {
93 SHISHI_APOPTIONS_RESERVED = 0x1, /* bit 0 */
94 SHISHI_APOPTIONS_USE_SESSION_KEY = 0x2, /* bit 1 */
95 SHISHI_APOPTIONS_MUTUAL_REQUIRED = 0x4 /* bit 2 */
96 }
97 Shishi_apoptions;
98
99 typedef enum
100 {
101 SHISHI_TICKETFLAGS_RESERVED = 0x1, /* bit 0 */
102 SHISHI_TICKETFLAGS_FORWARDABLE = 0x2, /* bit 1 */
103 SHISHI_TICKETFLAGS_FORWARDED = 0x4, /* bit 2 */
104 SHISHI_TICKETFLAGS_PROXIABLE = 0x8, /* bit 3 */
105 SHISHI_TICKETFLAGS_PROXY = 0x10, /* bit 4 */
106 SHISHI_TICKETFLAGS_MAY_POSTDATE = 0x20, /* bit 5 */
107 SHISHI_TICKETFLAGS_POSTDATED = 0x40, /* bit 6 */
108 SHISHI_TICKETFLAGS_INVALID = 0x80, /* bit 7 */
109 SHISHI_TICKETFLAGS_RENEWABLE = 0x100, /* bit 8 */
110 SHISHI_TICKETFLAGS_INITIAL = 0x200, /* bit 9 */
111 SHISHI_TICKETFLAGS_PRE_AUTHENT = 0x400, /* bit 10 */
112 SHISHI_TICKETFLAGS_HW_AUTHENT = 0x800, /* bit 11 */
113 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED = 0x1000, /* bit 12 */
114 SHISHI_TICKETFLAGS_OK_AS_DELEGATE = 0x2000 /* bit 12 */
115 }
116 Shishi_ticketflags;
117
118 typedef enum
119 {
120 SHISHI_KDCOPTIONS_RESERVED = 0x1, /* bit 0 */
121 SHISHI_KDCOPTIONS_FORWARDABLE = 0x2, /* bit 1 */
122 SHISHI_KDCOPTIONS_FORWARDED = 0x4, /* bit 2 */
123 SHISHI_KDCOPTIONS_PROXIABLE = 0x8, /* bit 3 */
124 SHISHI_KDCOPTIONS_PROXY = 0x10, /* bit 4 */
125 SHISHI_KDCOPTIONS_ALLOW_POSTDATE = 0x20, /* bit 5 */
126 SHISHI_KDCOPTIONS_POSTDATED = 0x40, /* bit 6 */
127 SHISHI_KDCOPTIONS_UNUSED7 = 0x80, /* bit 7 */
128 SHISHI_KDCOPTIONS_RENEWABLE = 0x100, /* bit 8 */
129 SHISHI_KDCOPTIONS_UNUSED9 = 0x200, /* bit 9 */
130 SHISHI_KDCOPTIONS_UNUSED10 = 0x400, /* bit 10 */
131 SHISHI_KDCOPTIONS_UNUSED11 = 0x800, /* bit 11 */
132 SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK = 0x4000000, /* bit 26 */
133 SHISHI_KDCOPTIONS_RENEWABLE_OK = 0x8000000, /* bit 27 */
134 SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY = 0x10000000, /* bit 28 */
135 SHISHI_KDCOPTIONS_RENEW = 0x40000000, /* bit 30 */
136 SHISHI_KDCOPTIONS_VALIDATE = 0x80000000 /* bit 31 */
137 }
138 Shishi_KDCOptions;
139
140 typedef enum
141 {
142 SHISHI_MSGTYPE_AS_REQ = 10,
143 SHISHI_MSGTYPE_AS_REP = 11,
144 SHISHI_MSGTYPE_TGS_REQ = 12,
145 SHISHI_MSGTYPE_TGS_REP = 13
146 }
147 Shihi_msgtype;
148
149 typedef enum
150 {
151 SHISHI_NULL = 0,
152 SHISHI_DES_CBC_CRC = 1,
153 SHISHI_DES_CBC_MD4 = 2,
154 SHISHI_DES_CBC_MD5 = 3,
155 SHISHI_DES3_CBC_HMAC_SHA1_KD = 16,
156 SHISHI_AES128_CTS_HMAC_SHA1_96 = 17,
157 SHISHI_AES256_CTS_HMAC_SHA1_96 = 18
158 }
159 Shishi_etype;
160
161 typedef enum
162 {
163 SHISHI_CRC32 = 1,
164 SHISHI_RSA_MD4 = 2,
165 SHISHI_RSA_MD4_DES = 3,
166 SHISHI_DES_MAC = 4,
167 SHISHI_DES_MAC_K = 5,
168 SHISHI_RSA_MD4_DES_K = 6,
169 SHISHI_RSA_MD5 = 7,
170 SHISHI_RSA_MD5_DES = 8,
171 SHISHI_HMAC_SHA1_96_AES128 = 10,
172 SHISHI_HMAC_SHA1_96_AES256 = 11,
173 SHISHI_HMAC_SHA1_DES3_KD = 12
174 }
175 Shishi_cksumtype;
176
177 typedef enum
178 {
179 SHISHI_FILETYPE_TEXT = 0,
180 SHISHI_FILETYPE_DER,
181 SHISHI_FILETYPE_HEX,
182 SHISHI_FILETYPE_BASE64,
183 SHISHI_FILETYPE_BINARY
184 }
185 Shishi_filetype;
186
187 typedef enum
188 {
189 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
190 client key */
191 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP = 1,
192 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
193 application session key), encrypted with the service key */
194 SHISHI_KEYUSAGE_KDCREP_TICKET = 2,
195 /* 3. AS-REP encrypted part (includes TGS session key or application
196 session key), encrypted with the client key */
197 SHISHI_KEYUSAGE_ENCASREPPART = 3,
198 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
199 session key */
200 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY = 4,
201 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
202 authenticator subkey (section 5.4.1) */
203 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY = 5,
204 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
205 TGS session key */
206 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM = 6,
207 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
208 authenticator subkey), encrypted with the TGS session key */
209 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR = 7,
210 /* 8. TGS-REP encrypted part (includes application session key), encrypted
211 with the TGS session key */
212 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY = 8,
213 /* 9. TGS-REP encrypted part (includes application session key), encrypted
214 with the TGS authenticator subkey */
215 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY = 9,
216 /* 10. AP-REQ Authenticator cksum, keyed with the application
217 session key */
218 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM = 10,
219 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
220 encrypted with the application session key */
221 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR = 11,
222 /* 12. AP-REP encrypted part (includes application session subkey),
223 encrypted with the application session key */
224 SHISHI_KEYUSAGE_ENCAPREPPART = 12,
225 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
226 application */
227 SHISHI_KEYUSAGE_KRB_PRIV = 13,
228 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
229 application */
230 SHISHI_KEYUSAGE_KRB_CRED = 14,
231 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
232 SHISHI_KEYUSAGE_KRB_SAFE = 15,
233 /* 18. KRB-ERROR checksum (e-cksum) */
234 SHISHI_KEYUSAGE_KRB_ERROR = 18,
235 /* 19. AD-KDCIssued checksum (ad-checksum) */
236 SHISHI_KEYUSAGE_AD_KDCISSUED = 19,
237 /* 20. Checksum for Mandatory Ticket Extensions */
238 SHISHI_KEYUSAGE_TICKET_EXTENSION = 20,
239 /* 21. Checksum in Authorization Data in Ticket Extensions */
240 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION = 21,
241 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
242 (raeburn/MIT) */
243 /* 25-511. Reserved for future use in Kerberos and related protocols. */
244 /* 512-1023. Reserved for uses internal to a Kerberos implementation. */
245 }
246 Shishi_keyusage;
247
248 typedef struct Shishi Shishi;
249 typedef struct Shishi_ticket Shishi_ticket;
250 typedef struct Shishi_ticketset Shishi_ticketset;
251 typedef struct Shishi_as Shishi_as;
252 typedef struct Shishi_tgs Shishi_tgs;
253 typedef struct Shishi_ap Shishi_ap;
254 typedef struct Shishi_key Shishi_key;
255
256 /* init.c */
257 extern Shishi *shishi (void);
258 extern int shishi_init (Shishi ** handle);
259 extern int shishi_init_with_paths (Shishi ** handle,
260 const char *ticketsetfile,
261 const char *systemcfgfile,
262 const char *usercfgfile);
263 extern void shishi_done (Shishi * handle);
264 extern int shishi_verbose (Shishi * handle);
265 extern int shishi_debug (Shishi * handle);
266
267 /* cfg.c */
268 extern int shishi_cfg (Shishi * handle, char *option);
269 extern int shishi_cfg_from_file (Shishi * handle, const char *cfg);
270 extern int shishi_cfg_print (Shishi * handle, FILE * fh);
271 extern const char *shishi_cfg_default_systemfile (Shishi * handle);
272 extern const char *shishi_cfg_default_userfile (Shishi * handle);
273 extern int shishi_cfg_clientkdcetype_set (Shishi * handle, char *value);
274
275 /* error.c */
276 extern const char *shishi_strerror (int err);
277 extern const char *shishi_strerror_details (Shishi * handle);
278 extern void shishi_error_set (Shishi * handle, const char *error);
279 extern void shishi_error_printf (Shishi * handle, char *format, ...);
280
281 /* realm.c */
282 extern char *shishi_realm_default_guess (void);
283 extern const char *shishi_realm_default (Shishi * handle);
284 extern void shishi_realm_default_set (Shishi * handle, const char *realm);
285 extern const char *shishi_realm_for_server_file (Shishi * handle,
286 char *server);
287 extern const char *shishi_realm_for_server_dns (Shishi * handle,
288 char *server);
289 extern const char *shishi_realm_for_server (Shishi * handle, char *server);
290
291 /* principal.c */
292 extern char *shishi_principal_default_guess (void);
293 extern const char *shishi_principal_default (Shishi * handle);
294 extern void shishi_principal_default_set (Shishi * handle,
295 const char *principal);
296
297 /* ticket.c */
298 extern ASN1_TYPE shishi_ticket_ticket (Shishi_ticket * ticket);
299 extern ASN1_TYPE shishi_ticket_enckdcreppart (Shishi_ticket * ticket);
300 extern Shishi_key *shishi_ticket_key (Shishi_ticket * ticket);
301 extern Shishi_ticket *shishi_ticket (Shishi * handle,
302 char *principal,
303 ASN1_TYPE ticket,
304 ASN1_TYPE enckdcreppart);
305 extern int shishi_ticket_print (Shishi_ticket * ticket, FILE * fh);
306 extern char *shishi_ticket_principal (Shishi_ticket * ticket);
307 extern int shishi_ticket_authtime (Shishi_ticket * ticket,
308 char *authtime, int *authtimelen);
309 extern int shishi_ticket_starttime (Shishi_ticket * ticket,
310 char *starttime, int *starttimelen);
311 extern int shishi_ticket_endtime (Shishi_ticket * ticket,
312 char *endtime, int *endtimelen);
313 extern int shishi_ticket_renew_till (Shishi_ticket * ticket,
314 char *renewtilltime, int *renewtilllen);
315 extern int shishi_ticket_keytype (Shishi_ticket * ticket,
316 int *etype);
317 extern int shishi_ticket_server (Shishi_ticket * ticket,
318 const char *service, int *servicelen);
319 extern int shishi_ticket_realm (Shishi_ticket * ticket,
320 const char *realm, int *realmlen);
321 extern int shishi_ticket_server_p (Shishi_ticket * ticket,
322 const char *service);
323 extern int shishi_ticket_valid_at_time_p (Shishi_ticket * ticket, time_t now);
324 extern int shishi_ticket_valid_now_p (Shishi_ticket * ticket);
325
326 /* ticketset.c */
327 extern char *shishi_ticketset_default_file_guess (void);
328 extern const char *shishi_ticketset_default_file (Shishi * handle);
329 extern void shishi_ticketset_default_file_set (Shishi * handle,
330 const char *ticketsetfile);
331 extern int shishi_ticketset_init (Shishi * handle,
332 Shishi_ticketset ** ticketset);
333 extern Shishi_ticket *shishi_ticketset_get (Shishi * handle,
334 Shishi_ticketset * ticketset,
335 int ticketno);
336 extern int shishi_ticketset_size (Shishi * handle,
337 Shishi_ticketset * ticketset);
338 extern int shishi_ticketset_from_file (Shishi * handle,
339 Shishi_ticketset * ticketset,
340 const char *filename);
341 extern void shishi_ticketset_done (Shishi * handle,
342 Shishi_ticketset * ticketset);
343 extern Shishi_ticketset *shishi_ticketset (Shishi * handle);
344 extern Shishi_ticket *
345 shishi_ticketset_find_ticket_for_server (Shishi *
346 handle,
347 Shishi_ticketset * ticketset,
348 const char *server);
349 extern Shishi_ticket *
350 shishi_ticketset_find_ticket_for_clientserver (Shishi * handle,
351 Shishi_ticketset * ticketset,
352 const char *client,
353 const char *server);
354
355 /* diskio.c */
356 extern int
357 shishi_enckdcreppart_print (Shishi * handle,
358 FILE * fh, ASN1_TYPE enckdcreppart);
359 extern int
360 shishi_enckdcreppart_save (Shishi * handle,
361 FILE * fh, ASN1_TYPE enckdcreppart);
362 extern int
363 shishi_enckdcreppart_parse (Shishi * handle,
364 FILE * fh, ASN1_TYPE * enckdcreppart);
365 extern int
366 shishi_enckdcreppart_read (Shishi * handle,
367 FILE * fh, ASN1_TYPE * enckdcreppart);
368 extern int shishi_ticket_save (Shishi * handle, FILE * fh, ASN1_TYPE ticket);
369 extern int
370 shishi_asn1ticket_print (Shishi * handle, FILE * fh, ASN1_TYPE ticket);
371 extern int shishi_kdc_req_print (Shishi * handle, FILE * fh, ASN1_TYPE asreq);
372 extern int shishi_kdc_rep_print (Shishi * handle, FILE * fh, ASN1_TYPE asreq);
373 extern int shishi_kdc_print (Shishi * handle,
374 FILE * fh,
375 ASN1_TYPE asreq,
376 ASN1_TYPE asrep, ASN1_TYPE encasreppart);
377 extern int shishi_kdc_req_parse (Shishi * handle,
378 FILE * fh, ASN1_TYPE * asreq);
379 extern int shishi_kdc_rep_parse (Shishi * handle,
380 FILE * fh, ASN1_TYPE * asrep);
381 extern int
382 shishi_ticket_parse (Shishi * handle, FILE * fh, ASN1_TYPE * ticket);
383 extern int
384 shishi_ticket_read (Shishi * handle, FILE * fh, ASN1_TYPE * ticket);
385 extern
386 int
387 shishi_authenticator_print (Shishi * handle,
388 FILE * fh, ASN1_TYPE authenticator);
389 extern
390 int
391 shishi_authenticator_save (Shishi * handle,
392 FILE * fh, ASN1_TYPE authenticator);
393
394 /* authenticator.c */
395 extern int
396 shishi_authenticator_add_checksum (Shishi * handle,
397 ASN1_TYPE node,
398 char *data,
399 int datalen,
400 char *key, int keylen, int cksumtype);
401 extern
402 int
403 shishi_authenticator_set_crealm (Shishi * handle,
404 ASN1_TYPE node, char *crealm);
405
406 extern
407 int
408 shishi_authenticator_set_cname (Shishi * handle,
409 ASN1_TYPE node,
410 Shishi_name_type name_type,
411 const char *principal);
412
413 extern ASN1_TYPE shishi_authenticator (Shishi * handle);
414
415 /* as.c */
416 extern ASN1_TYPE shishi_as_asreq (Shishi_as * as);
417 extern ASN1_TYPE shishi_as_asrep (Shishi_as * as);
418 extern ASN1_TYPE shishi_as_krberror (Shishi_as * as);
419 extern Shishi_ticket *shishi_as_ticket (Shishi_as * as);
420 extern int shishi_as (Shishi * handle, Shishi_as ** as);
421 extern int shishi_as_password_cnamerealmsname (Shishi * handle,
422 char *password,
423 Shishi_as ** as,
424 char *cname,
425 char *realm,
426 char *sname);
427 extern int shishi_as_key_cnamerealmsname (Shishi * handle,
428 Shishi_key *key,
429 Shishi_as ** as,
430 char *cname,
431 char *realm,
432 char *sname);
433 extern int shishi_as_cnamerealmsname (Shishi * handle,
434 char *password,
435 Shishi_key *key,
436 Shishi_as ** as,
437 char *cname,
438 char *realm,
439 char *sname);
440
441 /* tgs.c */
442 extern ASN1_TYPE shishi_tgs_get_tgsreq (Shishi_tgs * tgs);
443 extern Shishi_ticket *shishi_tgs_get_tgticket (Shishi_tgs * tgs);
444 extern ASN1_TYPE shishi_tgs_get_authenticator (Shishi_tgs * tgs);
445 extern ASN1_TYPE shishi_tgs_get_apreq (Shishi_tgs * tgs);
446 extern ASN1_TYPE shishi_tgs_get_tgsrep (Shishi_tgs * tgs);
447 extern ASN1_TYPE shishi_tgs_get_krberror (Shishi_tgs * tgs);
448 extern Shishi_ticket *shishi_tgs_get_ticket (Shishi_tgs * tgs);
449 extern int shishi_tgs (Shishi * handle,
450 Shishi_ticket * tgticket,
451 Shishi_tgs ** tgs,
452 char *server);
453 extern int shishi_tgs_realmsname (Shishi * handle,
454 Shishi_ticket * tgticket,
455 Shishi_tgs ** tgs,
456 char *realm,
457 char *sname);
458
459 /* kdcreq.c */
460 extern ASN1_TYPE shishi_asreq (Shishi * handle);
461 extern ASN1_TYPE shishi_asreq_rsc (Shishi * handle, char *realm,
462 char *server, char *client);
463 extern ASN1_TYPE shishi_tgsreq (Shishi * handle);
464 extern ASN1_TYPE shishi_tgsreq_rst (Shishi * handle, char *realm,
465 char *server, Shishi_ticket * ticket);
466 extern int shishi_kdcreq_print (Shishi * handle, FILE * fh, ASN1_TYPE kdcreq);
467
468 extern int shishi_kdcreq_set_etype (Shishi * handle,
469 ASN1_TYPE kdcreq,
470 int *etype, int netype);
471 extern int shishi_kdcreq_set_cname (Shishi * handle,
472 ASN1_TYPE kdcreq,
473 Shishi_name_type name_type,
474 const char *principal);
475 extern int shishi_kdcreq_set_sname (Shishi * handle,
476 ASN1_TYPE kdcreq,
477 Shishi_name_type name_type,
478 char *service[]);
479 extern int shishi_kdcreq_set_realm (Shishi * handle,
480 ASN1_TYPE node,
481 const char *realm);
482 extern int shishi_kdcreq_set_server (Shishi * handle, ASN1_TYPE req,
483 const char *service);
484 extern int shishi_kdcreq_set_realmserver (Shishi * handle, ASN1_TYPE req,
485 char *realm, char *service);
486
487 /* enckdcreppart.c */
488 extern ASN1_TYPE shishi_asrep (Shishi * handle);
489 extern ASN1_TYPE shishi_tgsrep (Shishi * handle);
490 extern int shishi_enckdcreppart (Shishi * handle, ASN1_TYPE * enckdcreppart);
491
492 /* kdc.c */
493 extern int shishi_as_derive_salt (Shishi * handle,
494 ASN1_TYPE asreq,
495 ASN1_TYPE asrep,
496 char *salt, int *saltlen);
497 extern int shishi_tgs_process (Shishi * handle,
498 ASN1_TYPE tgsreq,
499 ASN1_TYPE tgsrep,
500 ASN1_TYPE oldenckdcreppart,
501 ASN1_TYPE * enckdcreppart);
502 extern int shishi_as_process (Shishi * handle,
503 ASN1_TYPE asreq,
504 ASN1_TYPE asrep,
505 char *string,
506 ASN1_TYPE * enckdcreppart);
507 extern int shishi_kdc_process (Shishi * handle,
508 ASN1_TYPE kdcreq,
509 ASN1_TYPE kdcrep,
510 Shishi_key *key,
511 int keyusage,
512 ASN1_TYPE * enckdcreppart);
513
514 /* kdcrep.c */
515 extern int shishi_kdcrep_get_ticket (Shishi * handle,
516 ASN1_TYPE kdcrep,
517 ASN1_TYPE * ticket);
518 extern int shishi_kdcrep_get_enc_part_etype (Shishi * handle,
519 ASN1_TYPE asrep,
520 int *etype);
521 extern int shishi_kdcreq_add_padata_tgs (Shishi * handle,
522 ASN1_TYPE kdcreq, ASN1_TYPE apreq);
523 extern int shishi_kdcreq (Shishi * handle, char *realm,
524 char *service, ASN1_TYPE * req);
525
526 /* krberror.c */
527 extern ASN1_TYPE shishi_krberror (Shishi * handle);
528 extern int shishi_krberror_print (Shishi * handle, FILE * fh,
529 ASN1_TYPE krberror);
530 extern int shishi_krberror_save (Shishi * handle, FILE * fh,
531 ASN1_TYPE krberror);
532 extern int shishi_krberror_to_file (Shishi * handle, ASN1_TYPE krberror,
533 int filetype, char *filename);
534 extern int shishi_krberror_parse (Shishi * handle, FILE * fh,
535 ASN1_TYPE * krberror);
536 extern int shishi_krberror_read (Shishi * handle, FILE * fh,
537 ASN1_TYPE * krberror);
538 extern int shishi_krberror_from_file (Shishi * handle, ASN1_TYPE * krberror,
539 int filetype, char *filename);
540 extern const char * shishi_krberror_errorcode_message (Shishi *handle,
541 int errorcode);
542 extern int shishi_krberror_get_etext (Shishi *handle, ASN1_TYPE krberror,
543 char *etext, size_t *etextlen);
544 extern int shishi_krberror_get_errorcode (Shishi *handle,
545 ASN1_TYPE krberror,
546 int *errorcode);
547 extern int shishi_krberror_get_errorcode_fast (Shishi *handle,
548 ASN1_TYPE krberror);
549 extern int shishi_krberror_pretty_print (Shishi *handle,
550 FILE *fh, ASN1_TYPE krberror);
551
552 /* base64.c */
553 extern void shishi_to_base64 (unsigned char *out, const unsigned char *in,
554 int len, int olen);
555 extern int shishi_from_base64 (unsigned char *out, const unsigned char *in);
556
557 /* vasprintf.c */
558 extern int shishi_asprintf (char **result, const char *format, ...);
559
560 /* gztime.c */
561 extern char *shishi_generalize_time (Shishi * handle, time_t time);
562 extern time_t shishi_generalize_ctime (Shishi * handle, char *now);
563
564 /* crypto.c */
565 extern const char *shishi_cipher_name (int type);
566 extern int shishi_cipher_blocksize (int type);
567 extern int shishi_cipher_minpadsize (int type);
568 extern int shishi_cipher_confoundersize (int type);
569 extern size_t shishi_cipher_keylen (int type);
570 extern int shishi_cipher_parse (const char *cipher);
571 extern int shishi_string_to_key (Shishi * handle,
572 int keytype,
573 char *password,
574 int passwordlen,
575 char *salt,
576 int saltlen,
577 char *parameter,
578 Shishi_key *outkey);
579 extern int shishi_random_to_key (Shishi * handle,
580 int keytype,
581 char *random,
582 int randomlen,
583 Shishi_key *outkey);
584 extern int shishi_encrypt (Shishi * handle,
585 Shishi_key *key,
586 int keyusage,
587 char *in, int inlen,
588 char *out, int *outlen);
589 extern int shishi_decrypt (Shishi * handle,
590 Shishi_key *key,
591 int keyusage,
592 char *in, int inlen,
593 char *out, int *outlen);
594 extern int shishi_checksum (Shishi * handle,
595 Shishi_key *key,
596 int keyusage,
597 int cksumtype,
598 char *in, int inlen, char *out, int *outlen);
599 extern int shishi_randomize (Shishi * handle, char *data, int datalen);
600 extern int shishi_dk (Shishi * handle,
601 Shishi_key *key,
602 char *constant,
603 int constantlen,
604 Shishi_key *derivedkey);
605 extern int shishi_dr (Shishi * handle,
606 Shishi_key *key,
607 char *derivedkey,
608 int derivedkeylen,
609 char *constant,
610 int constantlen);
611 extern int shishi_n_fold (Shishi * handle, char *in, int m, char *out, int n);
612
613 /* version.c */
614 extern const char *shishi_check_version (const char *req_version);
615
616 /* password.c */
617 extern int shishi_read_password (FILE * fh, char *s, int size);
618 extern int
619 shishi_prompt_password_raw (FILE * in, char *s, int size,
620 FILE * out, char *format, ...);
621 extern int
622 shishi_prompt_password (Shishi *handle,
623 FILE * in, char *s, int size,
624 FILE * out, char *format, ...);
625
626 /* asn1.c */
627 extern ASN1_TYPE shishi_d2a_aprep (Shishi * handle, char *der, int derlen);
628 extern ASN1_TYPE
629 shishi_d2a_encapreppart (Shishi * handle, char *der, int der_len);
630
631 /* ap.c */
632 extern const char *shishi_ap_option2string (int option);
633 extern int shishi_ap_string2option (const char *str);
634
635 extern int shishi_ap (Shishi * handle, Shishi_ap ** ap);
636 extern int shishi_ap_tktoptions (Shishi * handle,
637 Shishi_ap ** ap,
638 Shishi_ticket *ticket,
639 int options);
640 extern int shishi_ap_tktoptionsdata (Shishi * handle,
641 Shishi_ap ** ap,
642 Shishi_ticket *ticket,
643 int options,
644 char *data,
645 int len);
646 extern int shishi_ap_tktoptionsasn1usage (Shishi * handle,
647 Shishi_ap ** ap,
648 Shishi_ticket *ticket,
649 int options,
650 ASN1_TYPE node,
651 char *field,
652 int authenticatorcksumkeyusage,
653 int authenticatorkeyusage);
654
655 extern Shishi_ticket *shishi_ap_ticket (Shishi_ap * ap);
656 extern void shishi_ap_ticket_set (Shishi_ap * ap, Shishi_ticket * ticket);
657
658 extern int shishi_ap_authenticator_cksumdata (Shishi_ap * ap,
659 char *out, int *len);
660 extern void
661 shishi_ap_authenticator_cksumdata_set (Shishi_ap * ap,
662 char *authenticatorcksumdata,
663 int authenticatorcksumdatalen);
664
665 extern ASN1_TYPE shishi_ap_authenticator (Shishi_ap * ap);
666 extern void shishi_ap_authenticator_set (Shishi_ap * ap,
667 ASN1_TYPE authenticator);
668
669 extern ASN1_TYPE shishi_ap_req (Shishi_ap * ap);
670 extern int shishi_ap_req_build (Shishi_ap * ap);
671 extern int shishi_ap_req_asn1 (Shishi_ap * ap, ASN1_TYPE * apreq);
672 extern int shishi_ap_req_der (Shishi_ap * ap, char *out, int *outlen);
673 extern void shishi_ap_req_set (Shishi_ap * ap, ASN1_TYPE apreq);
674
675 extern ASN1_TYPE shishi_ap_rep (Shishi_ap * ap);
676 extern int shishi_ap_rep_der_set (Shishi_ap * ap, char *der, int derlen);
677 extern int shishi_ap_rep_verify (Shishi_ap * ap);
678 extern int shishi_ap_rep_verify_der (Shishi_ap * ap, char *der, int derlen);
679 extern int shishi_ap_rep_verify_asn1 (Shishi_ap * ap, ASN1_TYPE aprep);
680 extern void shishi_ap_rep_set (Shishi_ap * ap, ASN1_TYPE aprep);
681
682 extern ASN1_TYPE shishi_ap_encapreppart (Shishi_ap * ap);
683 extern void shishi_ap_encapreppart_set (Shishi_ap * ap,
684 ASN1_TYPE encapreppart);
685
686 /* key.c */
687 extern int shishi_key_type (Shishi_key * key);
688 extern void shishi_key_type_set (Shishi_key * key, int type);
689 extern char *shishi_key_value (Shishi_key * key);
690 extern void shishi_key_value_set (Shishi_key * key, char *value);
691 extern const char *shishi_key_name (Shishi_key * key);
692 extern size_t shishi_key_length (Shishi_key * key);
693 extern Shishi_key *shishi_key (int type, char *value);
694 extern void shishi_key_done (Shishi_key *key);
695 extern void shishi_key_copy (Shishi_key * dstkey, Shishi_key *srckey);
696 extern int shishi_key_from_random (Shishi *handle,
697 int type,
698 char *random,
699 int randomlen,
700 Shishi_key **outkey);
701 extern int shishi_key_from_string (Shishi *handle,
702 int type,
703 char *password,
704 int passwordlen,
705 char *salt,
706 int saltlen,
707 char *parameter,
708 Shishi_key **outkey);
709
710 /* encapreppart.c */
711 extern ASN1_TYPE shishi_encapreppart (Shishi * handle);
712
713 /* apreq.c */
714 extern ASN1_TYPE shishi_apreq (Shishi * handle);
715
716 /* kdcrep.c */
717 extern int shishi_kdcrep_decrypt (Shishi * handle,
718 ASN1_TYPE kdcrep,
719 Shishi_key *key,
720 int keyusage,
721 ASN1_TYPE * enckdcreppart);
722 /* enckdcreppart.c */
723 extern int shishi_enckdcreppart_get_key (Shishi * handle,
724 ASN1_TYPE enckdcreppart,
725 Shishi_key **key);
726
727 /* aprep.c */
728 extern ASN1_TYPE shishi_aprep (Shishi * handle);
729 extern int shishi_aprep_decrypt (Shishi * handle,
730 ASN1_TYPE aprep,
731 Shishi_key *key,
732 int keyusage,
733 ASN1_TYPE * encapreppart);
734
735 #endif
Free Kerberos V5 implementation