1 /* shishi.h header file for shishi library -*- c -*-
2 * Copyright (C) 2002 Simon Josefsson
4 * This file is part of Shishi.
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include <stdio.h> /* FILE */
26 #include <stddef.h> /* size_t */
27 #include <libtasn1.h> /* ASN1_TYPE */
29 #define SHISHI_VERSION "@PACKAGE_VERSION@"
35 SHISHI_ASN1_ERROR
= 1,
36 SHISHI_FOPEN_ERROR
= 2,
37 SHISHI_FCLOSE_ERROR
= 3,
38 SHISHI_MALLOC_ERROR
= 4,
39 SHISHI_BASE64_ERROR
= 5,
40 SHISHI_REALM_MISMATCH
= 6,
41 SHISHI_CNAME_MISMATCH
= 7,
42 SHISHI_NONCE_MISMATCH
= 8,
43 SHISHI_TGSREP_BAD_KEYTYPE
= 9,
44 SHISHI_KDCREP_BAD_KEYTYPE
= 10,
45 SHISHI_APREP_BAD_KEYTYPE
= 11,
46 SHISHI_APREP_VERIFY_FAILED
= 12,
47 SHISHI_APREQ_BAD_KEYTYPE
= 13,
48 SHISHI_TOO_SMALL_BUFFER
= 14,
49 SHISHI_DERIVEDKEY_TOO_SMALL
= 15,
50 SHISHI_KEY_TOO_LARGE
= 16,
51 SHISHI_CRYPTO_ERROR
= 17,
52 SHISHI_GCRYPT_ERROR
= 18,
53 SHISHI_SOCKET_ERROR
= 19,
54 SHISHI_BIND_ERROR
= 20,
55 SHISHI_SENDTO_ERROR
= 21,
56 SHISHI_RECVFROM_ERROR
= 22,
57 SHISHI_CLOSE_ERROR
= 23,
58 SHISHI_KDC_TIMEOUT
= 24,
59 SHISHI_KDC_NOT_KNOWN_FOR_REALM
= 25,
60 SHISHI_TTY_ERROR
= 26,
61 SHISHI_GOT_KRBERROR
= 27,
62 SHISHI_HANDLE_ERROR
= 28,
63 SHISHI_INVALID_TICKETSET
= 29
66 /* This is not specified in the ASN.1 syntax for some reason. */
69 SHISHI_NT_UNKNOWN
= 0, /* Name type not known */
70 SHISHI_NT_PRINCIPAL
, /* Just the name of the principal as in */
71 /* DCE, or for users */
72 SHISHI_NT_SRV_INST
, /* Service and other unique instance (krbtgt) */
73 SHISHI_NT_SRV_HST
, /* Service with host name as instance */
74 /* (telnet, rcommands) */
75 SHISHI_NT_SRV_XHST
, /* Service with host as remaining components */
76 SHISHI_NT_UID
/* Unique ID */
80 /* This is not specified in the ASN.1 syntax for some reason. */
83 SHISHI_PA_TGS_REQ
= 1, /* padata is APREQ */
84 SHISHI_PA_ENC_TIMESTAMP
, /* timestamp pre authentication */
85 SHISHI_PA_PW_SALT
, /* salt for string-to-key */
86 SHISHI_PA_ETYPE_INFO
= 10, /* in krb-error, request for preauth */
87 SHISHI_PA_USE_SPECIFIED_KVNO
= 20 /* use specified kvno */
93 SHISHI_APOPTIONS_RESERVED
= 0x1, /* bit 0 */
94 SHISHI_APOPTIONS_USE_SESSION_KEY
= 0x2, /* bit 1 */
95 SHISHI_APOPTIONS_MUTUAL_REQUIRED
= 0x4 /* bit 2 */
101 SHISHI_TICKETFLAGS_RESERVED
= 0x1, /* bit 0 */
102 SHISHI_TICKETFLAGS_FORWARDABLE
= 0x2, /* bit 1 */
103 SHISHI_TICKETFLAGS_FORWARDED
= 0x4, /* bit 2 */
104 SHISHI_TICKETFLAGS_PROXIABLE
= 0x8, /* bit 3 */
105 SHISHI_TICKETFLAGS_PROXY
= 0x10, /* bit 4 */
106 SHISHI_TICKETFLAGS_MAY_POSTDATE
= 0x20, /* bit 5 */
107 SHISHI_TICKETFLAGS_POSTDATED
= 0x40, /* bit 6 */
108 SHISHI_TICKETFLAGS_INVALID
= 0x80, /* bit 7 */
109 SHISHI_TICKETFLAGS_RENEWABLE
= 0x100, /* bit 8 */
110 SHISHI_TICKETFLAGS_INITIAL
= 0x200, /* bit 9 */
111 SHISHI_TICKETFLAGS_PRE_AUTHENT
= 0x400, /* bit 10 */
112 SHISHI_TICKETFLAGS_HW_AUTHENT
= 0x800, /* bit 11 */
113 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED
= 0x1000, /* bit 12 */
114 SHISHI_TICKETFLAGS_OK_AS_DELEGATE
= 0x2000 /* bit 12 */
120 SHISHI_KDCOPTIONS_RESERVED
= 0x1, /* bit 0 */
121 SHISHI_KDCOPTIONS_FORWARDABLE
= 0x2, /* bit 1 */
122 SHISHI_KDCOPTIONS_FORWARDED
= 0x4, /* bit 2 */
123 SHISHI_KDCOPTIONS_PROXIABLE
= 0x8, /* bit 3 */
124 SHISHI_KDCOPTIONS_PROXY
= 0x10, /* bit 4 */
125 SHISHI_KDCOPTIONS_ALLOW_POSTDATE
= 0x20, /* bit 5 */
126 SHISHI_KDCOPTIONS_POSTDATED
= 0x40, /* bit 6 */
127 SHISHI_KDCOPTIONS_UNUSED7
= 0x80, /* bit 7 */
128 SHISHI_KDCOPTIONS_RENEWABLE
= 0x100, /* bit 8 */
129 SHISHI_KDCOPTIONS_UNUSED9
= 0x200, /* bit 9 */
130 SHISHI_KDCOPTIONS_UNUSED10
= 0x400, /* bit 10 */
131 SHISHI_KDCOPTIONS_UNUSED11
= 0x800, /* bit 11 */
132 SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK
= 0x4000000, /* bit 26 */
133 SHISHI_KDCOPTIONS_RENEWABLE_OK
= 0x8000000, /* bit 27 */
134 SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY
= 0x10000000, /* bit 28 */
135 SHISHI_KDCOPTIONS_RENEW
= 0x40000000, /* bit 30 */
136 SHISHI_KDCOPTIONS_VALIDATE
= 0x80000000 /* bit 31 */
142 SHISHI_MSGTYPE_AS_REQ
= 10,
143 SHISHI_MSGTYPE_AS_REP
= 11,
144 SHISHI_MSGTYPE_TGS_REQ
= 12,
145 SHISHI_MSGTYPE_TGS_REP
= 13
152 SHISHI_DES_CBC_CRC
= 1,
153 SHISHI_DES_CBC_MD4
= 2,
154 SHISHI_DES_CBC_MD5
= 3,
155 SHISHI_DES3_CBC_HMAC_SHA1_KD
= 16,
156 SHISHI_AES128_CTS_HMAC_SHA1_96
= 17,
157 SHISHI_AES256_CTS_HMAC_SHA1_96
= 18
165 SHISHI_RSA_MD4_DES
= 3,
167 SHISHI_DES_MAC_K
= 5,
168 SHISHI_RSA_MD4_DES_K
= 6,
170 SHISHI_RSA_MD5_DES
= 8,
171 SHISHI_HMAC_SHA1_96_AES128
= 10,
172 SHISHI_HMAC_SHA1_96_AES256
= 11,
173 SHISHI_HMAC_SHA1_DES3_KD
= 12
179 SHISHI_FILETYPE_TEXT
= 0,
182 SHISHI_FILETYPE_BASE64
,
183 SHISHI_FILETYPE_BINARY
189 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
191 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP
= 1,
192 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
193 application session key), encrypted with the service key */
194 SHISHI_KEYUSAGE_KDCREP_TICKET
= 2,
195 /* 3. AS-REP encrypted part (includes TGS session key or application
196 session key), encrypted with the client key */
197 SHISHI_KEYUSAGE_ENCASREPPART
= 3,
198 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
200 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY
= 4,
201 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
202 authenticator subkey (section 5.4.1) */
203 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY
= 5,
204 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
206 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM
= 6,
207 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
208 authenticator subkey), encrypted with the TGS session key */
209 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR
= 7,
210 /* 8. TGS-REP encrypted part (includes application session key), encrypted
211 with the TGS session key */
212 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY
= 8,
213 /* 9. TGS-REP encrypted part (includes application session key), encrypted
214 with the TGS authenticator subkey */
215 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY
= 9,
216 /* 10. AP-REQ Authenticator cksum, keyed with the application
218 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM
= 10,
219 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
220 encrypted with the application session key */
221 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR
= 11,
222 /* 12. AP-REP encrypted part (includes application session subkey),
223 encrypted with the application session key */
224 SHISHI_KEYUSAGE_ENCAPREPPART
= 12,
225 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
227 SHISHI_KEYUSAGE_KRB_PRIV
= 13,
228 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
230 SHISHI_KEYUSAGE_KRB_CRED
= 14,
231 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
232 SHISHI_KEYUSAGE_KRB_SAFE
= 15,
233 /* 18. KRB-ERROR checksum (e-cksum) */
234 SHISHI_KEYUSAGE_KRB_ERROR
= 18,
235 /* 19. AD-KDCIssued checksum (ad-checksum) */
236 SHISHI_KEYUSAGE_AD_KDCISSUED
= 19,
237 /* 20. Checksum for Mandatory Ticket Extensions */
238 SHISHI_KEYUSAGE_TICKET_EXTENSION
= 20,
239 /* 21. Checksum in Authorization Data in Ticket Extensions */
240 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION
= 21,
241 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
243 /* 25-511. Reserved for future use in Kerberos and related protocols. */
244 /* 512-1023. Reserved for uses internal to a Kerberos implementation. */
248 typedef struct Shishi Shishi
;
249 typedef struct Shishi_ticket Shishi_ticket
;
250 typedef struct Shishi_ticketset Shishi_ticketset
;
251 typedef struct Shishi_as Shishi_as
;
252 typedef struct Shishi_tgs Shishi_tgs
;
253 typedef struct Shishi_ap Shishi_ap
;
254 typedef struct Shishi_key Shishi_key
;
257 extern Shishi
*shishi (void);
258 extern int shishi_init (Shishi
** handle
);
259 extern int shishi_init_with_paths (Shishi
** handle
,
260 const char *ticketsetfile
,
261 const char *systemcfgfile
,
262 const char *usercfgfile
);
263 extern void shishi_done (Shishi
* handle
);
264 extern int shishi_verbose (Shishi
* handle
);
265 extern int shishi_debug (Shishi
* handle
);
268 extern int shishi_cfg (Shishi
* handle
, char *option
);
269 extern int shishi_cfg_from_file (Shishi
* handle
, const char *cfg
);
270 extern int shishi_cfg_print (Shishi
* handle
, FILE * fh
);
271 extern const char *shishi_cfg_default_systemfile (Shishi
* handle
);
272 extern const char *shishi_cfg_default_userfile (Shishi
* handle
);
273 extern int shishi_cfg_clientkdcetype_set (Shishi
* handle
, char *value
);
276 extern const char *shishi_strerror (int err
);
277 extern const char *shishi_strerror_details (Shishi
* handle
);
278 extern void shishi_error_set (Shishi
* handle
, const char *error
);
279 extern void shishi_error_printf (Shishi
* handle
, char *format
, ...);
282 extern char *shishi_realm_default_guess (void);
283 extern const char *shishi_realm_default (Shishi
* handle
);
284 extern void shishi_realm_default_set (Shishi
* handle
, const char *realm
);
285 extern const char *shishi_realm_for_server_file (Shishi
* handle
,
287 extern const char *shishi_realm_for_server_dns (Shishi
* handle
,
289 extern const char *shishi_realm_for_server (Shishi
* handle
, char *server
);
292 extern char *shishi_principal_default_guess (void);
293 extern const char *shishi_principal_default (Shishi
* handle
);
294 extern void shishi_principal_default_set (Shishi
* handle
,
295 const char *principal
);
298 extern ASN1_TYPE
shishi_ticket_ticket (Shishi_ticket
* ticket
);
299 extern ASN1_TYPE
shishi_ticket_enckdcreppart (Shishi_ticket
* ticket
);
300 extern Shishi_key
*shishi_ticket_key (Shishi_ticket
* ticket
);
301 extern Shishi_ticket
*shishi_ticket (Shishi
* handle
,
304 ASN1_TYPE enckdcreppart
);
305 extern int shishi_ticket_print (Shishi_ticket
* ticket
, FILE * fh
);
306 extern char *shishi_ticket_principal (Shishi_ticket
* ticket
);
307 extern int shishi_ticket_authtime (Shishi_ticket
* ticket
,
308 char *authtime
, int *authtimelen
);
309 extern int shishi_ticket_starttime (Shishi_ticket
* ticket
,
310 char *starttime
, int *starttimelen
);
311 extern int shishi_ticket_endtime (Shishi_ticket
* ticket
,
312 char *endtime
, int *endtimelen
);
313 extern int shishi_ticket_renew_till (Shishi_ticket
* ticket
,
314 char *renewtilltime
, int *renewtilllen
);
315 extern int shishi_ticket_keytype (Shishi_ticket
* ticket
,
317 extern int shishi_ticket_server (Shishi_ticket
* ticket
,
318 const char *service
, int *servicelen
);
319 extern int shishi_ticket_realm (Shishi_ticket
* ticket
,
320 const char *realm
, int *realmlen
);
321 extern int shishi_ticket_server_p (Shishi_ticket
* ticket
,
322 const char *service
);
323 extern int shishi_ticket_valid_at_time_p (Shishi_ticket
* ticket
, time_t now
);
324 extern int shishi_ticket_valid_now_p (Shishi_ticket
* ticket
);
327 extern char *shishi_ticketset_default_file_guess (void);
328 extern const char *shishi_ticketset_default_file (Shishi
* handle
);
329 extern void shishi_ticketset_default_file_set (Shishi
* handle
,
330 const char *ticketsetfile
);
331 extern int shishi_ticketset_init (Shishi
* handle
,
332 Shishi_ticketset
** ticketset
);
333 extern Shishi_ticket
*shishi_ticketset_get (Shishi
* handle
,
334 Shishi_ticketset
* ticketset
,
336 extern int shishi_ticketset_size (Shishi
* handle
,
337 Shishi_ticketset
* ticketset
);
338 extern int shishi_ticketset_from_file (Shishi
* handle
,
339 Shishi_ticketset
* ticketset
,
340 const char *filename
);
341 extern void shishi_ticketset_done (Shishi
* handle
,
342 Shishi_ticketset
* ticketset
);
343 extern Shishi_ticketset
*shishi_ticketset (Shishi
* handle
);
344 extern Shishi_ticket
*
345 shishi_ticketset_find_ticket_for_server (Shishi
*
347 Shishi_ticketset
* ticketset
,
349 extern Shishi_ticket
*
350 shishi_ticketset_find_ticket_for_clientserver (Shishi
* handle
,
351 Shishi_ticketset
* ticketset
,
357 shishi_enckdcreppart_print (Shishi
* handle
,
358 FILE * fh
, ASN1_TYPE enckdcreppart
);
360 shishi_enckdcreppart_save (Shishi
* handle
,
361 FILE * fh
, ASN1_TYPE enckdcreppart
);
363 shishi_enckdcreppart_parse (Shishi
* handle
,
364 FILE * fh
, ASN1_TYPE
* enckdcreppart
);
366 shishi_enckdcreppart_read (Shishi
* handle
,
367 FILE * fh
, ASN1_TYPE
* enckdcreppart
);
368 extern int shishi_ticket_save (Shishi
* handle
, FILE * fh
, ASN1_TYPE ticket
);
370 shishi_asn1ticket_print (Shishi
* handle
, FILE * fh
, ASN1_TYPE ticket
);
371 extern int shishi_kdc_req_print (Shishi
* handle
, FILE * fh
, ASN1_TYPE asreq
);
372 extern int shishi_kdc_rep_print (Shishi
* handle
, FILE * fh
, ASN1_TYPE asreq
);
373 extern int shishi_kdc_print (Shishi
* handle
,
376 ASN1_TYPE asrep
, ASN1_TYPE encasreppart
);
377 extern int shishi_kdc_req_parse (Shishi
* handle
,
378 FILE * fh
, ASN1_TYPE
* asreq
);
379 extern int shishi_kdc_rep_parse (Shishi
* handle
,
380 FILE * fh
, ASN1_TYPE
* asrep
);
382 shishi_ticket_parse (Shishi
* handle
, FILE * fh
, ASN1_TYPE
* ticket
);
384 shishi_ticket_read (Shishi
* handle
, FILE * fh
, ASN1_TYPE
* ticket
);
387 shishi_authenticator_print (Shishi
* handle
,
388 FILE * fh
, ASN1_TYPE authenticator
);
391 shishi_authenticator_save (Shishi
* handle
,
392 FILE * fh
, ASN1_TYPE authenticator
);
394 /* authenticator.c */
396 shishi_authenticator_add_checksum (Shishi
* handle
,
400 char *key
, int keylen
, int cksumtype
);
403 shishi_authenticator_set_crealm (Shishi
* handle
,
404 ASN1_TYPE node
, char *crealm
);
408 shishi_authenticator_set_cname (Shishi
* handle
,
410 Shishi_name_type name_type
,
411 const char *principal
);
413 extern ASN1_TYPE
shishi_authenticator (Shishi
* handle
);
416 extern ASN1_TYPE
shishi_as_asreq (Shishi_as
* as
);
417 extern ASN1_TYPE
shishi_as_asrep (Shishi_as
* as
);
418 extern ASN1_TYPE
shishi_as_krberror (Shishi_as
* as
);
419 extern Shishi_ticket
*shishi_as_ticket (Shishi_as
* as
);
420 extern int shishi_as (Shishi
* handle
, Shishi_as
** as
);
421 extern int shishi_as_password_cnamerealmsname (Shishi
* handle
,
427 extern int shishi_as_key_cnamerealmsname (Shishi
* handle
,
433 extern int shishi_as_cnamerealmsname (Shishi
* handle
,
442 extern ASN1_TYPE
shishi_tgs_get_tgsreq (Shishi_tgs
* tgs
);
443 extern Shishi_ticket
*shishi_tgs_get_tgticket (Shishi_tgs
* tgs
);
444 extern ASN1_TYPE
shishi_tgs_get_authenticator (Shishi_tgs
* tgs
);
445 extern ASN1_TYPE
shishi_tgs_get_apreq (Shishi_tgs
* tgs
);
446 extern ASN1_TYPE
shishi_tgs_get_tgsrep (Shishi_tgs
* tgs
);
447 extern ASN1_TYPE
shishi_tgs_get_krberror (Shishi_tgs
* tgs
);
448 extern Shishi_ticket
*shishi_tgs_get_ticket (Shishi_tgs
* tgs
);
449 extern int shishi_tgs (Shishi
* handle
,
450 Shishi_ticket
* tgticket
,
453 extern int shishi_tgs_realmsname (Shishi
* handle
,
454 Shishi_ticket
* tgticket
,
460 extern ASN1_TYPE
shishi_asreq (Shishi
* handle
);
461 extern ASN1_TYPE
shishi_asreq_rsc (Shishi
* handle
, char *realm
,
462 char *server
, char *client
);
463 extern ASN1_TYPE
shishi_tgsreq (Shishi
* handle
);
464 extern ASN1_TYPE
shishi_tgsreq_rst (Shishi
* handle
, char *realm
,
465 char *server
, Shishi_ticket
* ticket
);
466 extern int shishi_kdcreq_print (Shishi
* handle
, FILE * fh
, ASN1_TYPE kdcreq
);
468 extern int shishi_kdcreq_set_etype (Shishi
* handle
,
470 int *etype
, int netype
);
471 extern int shishi_kdcreq_set_cname (Shishi
* handle
,
473 Shishi_name_type name_type
,
474 const char *principal
);
475 extern int shishi_kdcreq_set_sname (Shishi
* handle
,
477 Shishi_name_type name_type
,
479 extern int shishi_kdcreq_set_realm (Shishi
* handle
,
482 extern int shishi_kdcreq_set_server (Shishi
* handle
, ASN1_TYPE req
,
483 const char *service
);
484 extern int shishi_kdcreq_set_realmserver (Shishi
* handle
, ASN1_TYPE req
,
485 char *realm
, char *service
);
487 /* enckdcreppart.c */
488 extern ASN1_TYPE
shishi_asrep (Shishi
* handle
);
489 extern ASN1_TYPE
shishi_tgsrep (Shishi
* handle
);
490 extern int shishi_enckdcreppart (Shishi
* handle
, ASN1_TYPE
* enckdcreppart
);
493 extern int shishi_as_derive_salt (Shishi
* handle
,
496 char *salt
, int *saltlen
);
497 extern int shishi_tgs_process (Shishi
* handle
,
500 ASN1_TYPE oldenckdcreppart
,
501 ASN1_TYPE
* enckdcreppart
);
502 extern int shishi_as_process (Shishi
* handle
,
506 ASN1_TYPE
* enckdcreppart
);
507 extern int shishi_kdc_process (Shishi
* handle
,
512 ASN1_TYPE
* enckdcreppart
);
515 extern int shishi_kdcrep_get_ticket (Shishi
* handle
,
518 extern int shishi_kdcrep_get_enc_part_etype (Shishi
* handle
,
521 extern int shishi_kdcreq_add_padata_tgs (Shishi
* handle
,
522 ASN1_TYPE kdcreq
, ASN1_TYPE apreq
);
523 extern int shishi_kdcreq (Shishi
* handle
, char *realm
,
524 char *service
, ASN1_TYPE
* req
);
527 extern ASN1_TYPE
shishi_krberror (Shishi
* handle
);
528 extern int shishi_krberror_print (Shishi
* handle
, FILE * fh
,
530 extern int shishi_krberror_save (Shishi
* handle
, FILE * fh
,
532 extern int shishi_krberror_to_file (Shishi
* handle
, ASN1_TYPE krberror
,
533 int filetype
, char *filename
);
534 extern int shishi_krberror_parse (Shishi
* handle
, FILE * fh
,
535 ASN1_TYPE
* krberror
);
536 extern int shishi_krberror_read (Shishi
* handle
, FILE * fh
,
537 ASN1_TYPE
* krberror
);
538 extern int shishi_krberror_from_file (Shishi
* handle
, ASN1_TYPE
* krberror
,
539 int filetype
, char *filename
);
540 extern const char * shishi_krberror_errorcode_message (Shishi
*handle
,
542 extern int shishi_krberror_get_etext (Shishi
*handle
, ASN1_TYPE krberror
,
543 char *etext
, size_t *etextlen
);
544 extern int shishi_krberror_get_errorcode (Shishi
*handle
,
547 extern int shishi_krberror_get_errorcode_fast (Shishi
*handle
,
549 extern int shishi_krberror_pretty_print (Shishi
*handle
,
550 FILE *fh
, ASN1_TYPE krberror
);
553 extern void shishi_to_base64 (unsigned char *out
, const unsigned char *in
,
555 extern int shishi_from_base64 (unsigned char *out
, const unsigned char *in
);
558 extern int shishi_asprintf (char **result
, const char *format
, ...);
561 extern char *shishi_generalize_time (Shishi
* handle
, time_t time
);
562 extern time_t shishi_generalize_ctime (Shishi
* handle
, char *now
);
565 extern const char *shishi_cipher_name (int type
);
566 extern int shishi_cipher_blocksize (int type
);
567 extern int shishi_cipher_minpadsize (int type
);
568 extern int shishi_cipher_confoundersize (int type
);
569 extern size_t shishi_cipher_keylen (int type
);
570 extern int shishi_cipher_parse (const char *cipher
);
571 extern int shishi_string_to_key (Shishi
* handle
,
579 extern int shishi_random_to_key (Shishi
* handle
,
584 extern int shishi_encrypt (Shishi
* handle
,
588 char *out
, int *outlen
);
589 extern int shishi_decrypt (Shishi
* handle
,
593 char *out
, int *outlen
);
594 extern int shishi_checksum (Shishi
* handle
,
598 char *in
, int inlen
, char *out
, int *outlen
);
599 extern int shishi_randomize (Shishi
* handle
, char *data
, int datalen
);
600 extern int shishi_dk (Shishi
* handle
,
604 Shishi_key
*derivedkey
);
605 extern int shishi_dr (Shishi
* handle
,
611 extern int shishi_n_fold (Shishi
* handle
, char *in
, int m
, char *out
, int n
);
614 extern const char *shishi_check_version (const char *req_version
);
617 extern int shishi_read_password (FILE * fh
, char *s
, int size
);
619 shishi_prompt_password_raw (FILE * in
, char *s
, int size
,
620 FILE * out
, char *format
, ...);
622 shishi_prompt_password (Shishi
*handle
,
623 FILE * in
, char *s
, int size
,
624 FILE * out
, char *format
, ...);
627 extern ASN1_TYPE
shishi_d2a_aprep (Shishi
* handle
, char *der
, int derlen
);
629 shishi_d2a_encapreppart (Shishi
* handle
, char *der
, int der_len
);
632 extern const char *shishi_ap_option2string (int option
);
633 extern int shishi_ap_string2option (const char *str
);
635 extern int shishi_ap (Shishi
* handle
, Shishi_ap
** ap
);
636 extern int shishi_ap_tktoptions (Shishi
* handle
,
638 Shishi_ticket
*ticket
,
640 extern int shishi_ap_tktoptionsdata (Shishi
* handle
,
642 Shishi_ticket
*ticket
,
646 extern int shishi_ap_tktoptionsasn1usage (Shishi
* handle
,
648 Shishi_ticket
*ticket
,
652 int authenticatorcksumkeyusage
,
653 int authenticatorkeyusage
);
655 extern Shishi_ticket
*shishi_ap_ticket (Shishi_ap
* ap
);
656 extern void shishi_ap_ticket_set (Shishi_ap
* ap
, Shishi_ticket
* ticket
);
658 extern int shishi_ap_authenticator_cksumdata (Shishi_ap
* ap
,
659 char *out
, int *len
);
661 shishi_ap_authenticator_cksumdata_set (Shishi_ap
* ap
,
662 char *authenticatorcksumdata
,
663 int authenticatorcksumdatalen
);
665 extern ASN1_TYPE
shishi_ap_authenticator (Shishi_ap
* ap
);
666 extern void shishi_ap_authenticator_set (Shishi_ap
* ap
,
667 ASN1_TYPE authenticator
);
669 extern ASN1_TYPE
shishi_ap_req (Shishi_ap
* ap
);
670 extern int shishi_ap_req_build (Shishi_ap
* ap
);
671 extern int shishi_ap_req_asn1 (Shishi_ap
* ap
, ASN1_TYPE
* apreq
);
672 extern int shishi_ap_req_der (Shishi_ap
* ap
, char *out
, int *outlen
);
673 extern void shishi_ap_req_set (Shishi_ap
* ap
, ASN1_TYPE apreq
);
675 extern ASN1_TYPE
shishi_ap_rep (Shishi_ap
* ap
);
676 extern int shishi_ap_rep_der_set (Shishi_ap
* ap
, char *der
, int derlen
);
677 extern int shishi_ap_rep_verify (Shishi_ap
* ap
);
678 extern int shishi_ap_rep_verify_der (Shishi_ap
* ap
, char *der
, int derlen
);
679 extern int shishi_ap_rep_verify_asn1 (Shishi_ap
* ap
, ASN1_TYPE aprep
);
680 extern void shishi_ap_rep_set (Shishi_ap
* ap
, ASN1_TYPE aprep
);
682 extern ASN1_TYPE
shishi_ap_encapreppart (Shishi_ap
* ap
);
683 extern void shishi_ap_encapreppart_set (Shishi_ap
* ap
,
684 ASN1_TYPE encapreppart
);
687 extern int shishi_key_type (Shishi_key
* key
);
688 extern void shishi_key_type_set (Shishi_key
* key
, int type
);
689 extern char *shishi_key_value (Shishi_key
* key
);
690 extern void shishi_key_value_set (Shishi_key
* key
, char *value
);
691 extern const char *shishi_key_name (Shishi_key
* key
);
692 extern size_t shishi_key_length (Shishi_key
* key
);
693 extern Shishi_key
*shishi_key (int type
, char *value
);
694 extern void shishi_key_done (Shishi_key
*key
);
695 extern void shishi_key_copy (Shishi_key
* dstkey
, Shishi_key
*srckey
);
696 extern int shishi_key_from_random (Shishi
*handle
,
700 Shishi_key
**outkey
);
701 extern int shishi_key_from_string (Shishi
*handle
,
708 Shishi_key
**outkey
);
711 extern ASN1_TYPE
shishi_encapreppart (Shishi
* handle
);
714 extern ASN1_TYPE
shishi_apreq (Shishi
* handle
);
717 extern int shishi_kdcrep_decrypt (Shishi
* handle
,
721 ASN1_TYPE
* enckdcreppart
);
722 /* enckdcreppart.c */
723 extern int shishi_enckdcreppart_get_key (Shishi
* handle
,
724 ASN1_TYPE enckdcreppart
,
728 extern ASN1_TYPE
shishi_aprep (Shishi
* handle
);
729 extern int shishi_aprep_decrypt (Shishi
* handle
,
733 ASN1_TYPE
* encapreppart
);