1 /* shishi.h Header file for Shishi library. -*- c -*-
2 * Copyright (C) 2002, 2003 Simon Josefsson
4 * This file is part of Shishi.
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include <stddef.h> /* size_t */
26 #include <stdio.h> /* FILE */
27 #include <time.h> /* time_t */
28 #include <shishi-int.h> /* uint32_t */
30 #define SHISHI_VERSION "@PACKAGE_VERSION@"
36 SHISHI_ASN1_ERROR
= 1,
37 SHISHI_FOPEN_ERROR
= 2,
38 SHISHI_FCLOSE_ERROR
= 3,
39 SHISHI_MALLOC_ERROR
= 4,
40 SHISHI_BASE64_ERROR
= 5,
41 SHISHI_REALM_MISMATCH
= 6,
42 SHISHI_CNAME_MISMATCH
= 7,
43 SHISHI_NONCE_MISMATCH
= 8,
44 SHISHI_TGSREP_BAD_KEYTYPE
= 9,
45 SHISHI_KDCREP_BAD_KEYTYPE
= 10,
46 SHISHI_APREP_BAD_KEYTYPE
= 11,
47 SHISHI_APREP_VERIFY_FAILED
= 12,
48 SHISHI_APREQ_BAD_KEYTYPE
= 13,
49 SHISHI_TOO_SMALL_BUFFER
= 14,
50 SHISHI_DERIVEDKEY_TOO_SMALL
= 15,
51 SHISHI_KEY_TOO_LARGE
= 16,
52 SHISHI_CRYPTO_ERROR
= 17,
53 SHISHI_GCRYPT_ERROR
= 18,
54 SHISHI_SOCKET_ERROR
= 19,
55 SHISHI_BIND_ERROR
= 20,
56 SHISHI_SENDTO_ERROR
= 21,
57 SHISHI_RECVFROM_ERROR
= 22,
58 SHISHI_CLOSE_ERROR
= 23,
59 SHISHI_KDC_TIMEOUT
= 24,
60 SHISHI_KDC_NOT_KNOWN_FOR_REALM
= 25,
61 SHISHI_TTY_ERROR
= 26,
62 SHISHI_GOT_KRBERROR
= 27,
63 SHISHI_HANDLE_ERROR
= 28,
64 SHISHI_INVALID_TKTS
= 29,
65 SHISHI_TICKET_BAD_KEYTYPE
= 30,
66 SHISHI_INVALID_KEY
= 31,
67 SHISHI_APREQ_DECRYPT_FAILED
= 32,
68 SHISHI_TICKET_DECRYPT_FAILED
= 33,
69 SHISHI_INVALID_TICKET
= 34,
70 SHISHI_OUT_OF_RANGE
= 35,
71 SHISHI_ASN1_NO_ELEMENT
= 36,
72 SHISHI_SAFE_BAD_KEYTYPE
= 37,
73 SHISHI_SAFE_VERIFY_FAILED
= 38
76 /* This is not specified in the ASN.1 syntax for some reason. */
79 SHISHI_NT_UNKNOWN
= 0, /* Name type not known */
80 SHISHI_NT_PRINCIPAL
, /* Just the name of the principal as in */
81 /* DCE, or for users */
82 SHISHI_NT_SRV_INST
, /* Service and other unique instance (krbtgt) */
83 SHISHI_NT_SRV_HST
, /* Service with host name as instance */
84 /* (telnet, rcommands) */
85 SHISHI_NT_SRV_XHST
, /* Service with host as remaining components */
86 SHISHI_NT_UID
/* Unique ID */
90 /* This is not specified in the ASN.1 syntax for some reason. */
93 SHISHI_PA_TGS_REQ
= 1, /* padata is APREQ */
94 SHISHI_PA_ENC_TIMESTAMP
, /* timestamp pre authentication */
95 SHISHI_PA_PW_SALT
, /* salt for string-to-key */
96 SHISHI_PA_ETYPE_INFO
= 10, /* in krb-error, request for preauth */
97 SHISHI_PA_USE_SPECIFIED_KVNO
= 20 /* use specified kvno */
101 /* This is not specified in the ASN.1 syntax for some reason. */
104 SHISHI_TR_DOMAIN_X500_COMPRESS
= 1
110 SHISHI_APOPTIONS_RESERVED
= 0x1, /* bit 0 */
111 SHISHI_APOPTIONS_USE_SESSION_KEY
= 0x2, /* bit 1 */
112 SHISHI_APOPTIONS_MUTUAL_REQUIRED
= 0x4 /* bit 2 */
118 SHISHI_TICKETFLAGS_RESERVED
= 0x1, /* bit 0 */
119 SHISHI_TICKETFLAGS_FORWARDABLE
= 0x2, /* bit 1 */
120 SHISHI_TICKETFLAGS_FORWARDED
= 0x4, /* bit 2 */
121 SHISHI_TICKETFLAGS_PROXIABLE
= 0x8, /* bit 3 */
122 SHISHI_TICKETFLAGS_PROXY
= 0x10, /* bit 4 */
123 SHISHI_TICKETFLAGS_MAY_POSTDATE
= 0x20, /* bit 5 */
124 SHISHI_TICKETFLAGS_POSTDATED
= 0x40, /* bit 6 */
125 SHISHI_TICKETFLAGS_INVALID
= 0x80, /* bit 7 */
126 SHISHI_TICKETFLAGS_RENEWABLE
= 0x100, /* bit 8 */
127 SHISHI_TICKETFLAGS_INITIAL
= 0x200, /* bit 9 */
128 SHISHI_TICKETFLAGS_PRE_AUTHENT
= 0x400, /* bit 10 */
129 SHISHI_TICKETFLAGS_HW_AUTHENT
= 0x800, /* bit 11 */
130 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED
= 0x1000, /* bit 12 */
131 SHISHI_TICKETFLAGS_OK_AS_DELEGATE
= 0x2000 /* bit 13 */
137 SHISHI_KDCOPTIONS_RESERVED
= 0x1, /* bit 0 */
138 SHISHI_KDCOPTIONS_FORWARDABLE
= 0x2, /* bit 1 */
139 SHISHI_KDCOPTIONS_FORWARDED
= 0x4, /* bit 2 */
140 SHISHI_KDCOPTIONS_PROXIABLE
= 0x8, /* bit 3 */
141 SHISHI_KDCOPTIONS_PROXY
= 0x10, /* bit 4 */
142 SHISHI_KDCOPTIONS_ALLOW_POSTDATE
= 0x20, /* bit 5 */
143 SHISHI_KDCOPTIONS_POSTDATED
= 0x40, /* bit 6 */
144 SHISHI_KDCOPTIONS_UNUSED7
= 0x80, /* bit 7 */
145 SHISHI_KDCOPTIONS_RENEWABLE
= 0x100, /* bit 8 */
146 SHISHI_KDCOPTIONS_UNUSED9
= 0x200, /* bit 9 */
147 SHISHI_KDCOPTIONS_UNUSED10
= 0x400, /* bit 10 */
148 SHISHI_KDCOPTIONS_UNUSED11
= 0x800, /* bit 11 */
149 SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK
= 0x4000000, /* bit 26 */
150 SHISHI_KDCOPTIONS_RENEWABLE_OK
= 0x8000000, /* bit 27 */
151 SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY
= 0x10000000, /* bit 28 */
152 SHISHI_KDCOPTIONS_RENEW
= 0x40000000, /* bit 30 */
153 SHISHI_KDCOPTIONS_VALIDATE
= 0x80000000 /* bit 31 */
159 SHISHI_MSGTYPE_AS_REQ
= 10,
160 SHISHI_MSGTYPE_AS_REP
= 11,
161 SHISHI_MSGTYPE_TGS_REQ
= 12,
162 SHISHI_MSGTYPE_TGS_REP
= 13
168 SHISHI_LRTYPE_LAST_INITIAL_TGT_REQUEST
= 1,
169 SHISHI_LRTYPE_LAST_INITIAL_REQUEST
= 2,
170 SHISHI_LRTYPE_NEWEST_TGT_ISSUE
= 3,
171 SHISHI_LRTYPE_LAST_RENEWAL
= 4,
172 SHISHI_LRTYPE_LAST_REQUEST
= 5
179 SHISHI_DES_CBC_CRC
= 1,
180 SHISHI_DES_CBC_MD4
= 2,
181 SHISHI_DES_CBC_MD5
= 3,
182 SHISHI_DES_CBC_NONE
= 4,
183 SHISHI_DES3_CBC_NONE
= 6,
184 SHISHI_DES3_CBC_HMAC_SHA1_KD
= 16,
185 SHISHI_AES128_CTS_HMAC_SHA1_96
= 17,
186 SHISHI_AES256_CTS_HMAC_SHA1_96
= 18
194 SHISHI_RSA_MD4_DES
= 3,
196 SHISHI_DES_MAC_K
= 5,
197 SHISHI_RSA_MD4_DES_K
= 6,
199 SHISHI_RSA_MD5_DES
= 8,
200 SHISHI_HMAC_SHA1_96_AES128
= 10,
201 SHISHI_HMAC_SHA1_96_AES256
= 11,
202 SHISHI_HMAC_SHA1_DES3_KD
= 12
208 SHISHI_FILETYPE_TEXT
= 0,
211 SHISHI_FILETYPE_BASE64
,
212 SHISHI_FILETYPE_BINARY
218 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
220 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP
= 1,
221 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
222 application session key), encrypted with the service key */
223 SHISHI_KEYUSAGE_ENCTICKETPART
= 2,
224 /* 3. AS-REP encrypted part (includes TGS session key or application
225 session key), encrypted with the client key */
226 SHISHI_KEYUSAGE_ENCASREPPART
= 3,
227 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
229 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY
= 4,
230 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
231 authenticator subkey (section 5.4.1) */
232 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY
= 5,
233 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
235 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM
= 6,
236 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
237 authenticator subkey), encrypted with the TGS session key */
238 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR
= 7,
239 /* 8. TGS-REP encrypted part (includes application session key), encrypted
240 with the TGS session key */
241 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY
= 8,
242 /* 9. TGS-REP encrypted part (includes application session key), encrypted
243 with the TGS authenticator subkey */
244 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY
= 9,
245 /* 10. AP-REQ Authenticator cksum, keyed with the application
247 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM
= 10,
248 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
249 encrypted with the application session key */
250 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR
= 11,
251 /* 12. AP-REP encrypted part (includes application session subkey),
252 encrypted with the application session key */
253 SHISHI_KEYUSAGE_ENCAPREPPART
= 12,
254 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
256 SHISHI_KEYUSAGE_KRB_PRIV
= 13,
257 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
259 SHISHI_KEYUSAGE_KRB_CRED
= 14,
260 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
261 SHISHI_KEYUSAGE_KRB_SAFE
= 15,
262 /* 18. KRB-ERROR checksum (e-cksum) */
263 SHISHI_KEYUSAGE_KRB_ERROR
= 18,
264 /* 19. AD-KDCIssued checksum (ad-checksum) */
265 SHISHI_KEYUSAGE_AD_KDCISSUED
= 19,
266 /* 20. Checksum for Mandatory Ticket Extensions */
267 SHISHI_KEYUSAGE_TICKET_EXTENSION
= 20,
268 /* 21. Checksum in Authorization Data in Ticket Extensions */
269 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION
= 21,
270 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
272 SHISHI_KEYUSAGE_GSS_R1
= 22,
273 SHISHI_KEYUSAGE_GSS_R2
= 23,
274 SHISHI_KEYUSAGE_GSS_R3
= 24
275 /* 25-511. Reserved for future use in Kerberos and related protocols. */
276 /* 512-1023. Reserved for uses internal to a Kerberos implementation. */
282 SHISHI_TKTSHINTFLAGS_ACCEPT_EXPIRED
= 1
284 Shishi_tkts_hintflags
;
286 struct Shishi_tkts_hint
297 typedef struct Shishi_tkts_hint Shishi_tkts_hint
;
299 typedef struct Shishi Shishi
;
300 typedef struct Shishi_tkt Shishi_tkt
;
301 typedef struct Shishi_tkts Shishi_tkts
;
302 typedef struct Shishi_as Shishi_as
;
303 typedef struct Shishi_tgs Shishi_tgs
;
304 typedef struct Shishi_ap Shishi_ap
;
305 typedef struct Shishi_key Shishi_key
;
306 typedef struct Shishi_safe Shishi_safe
;
307 #ifndef _SHISHI_HAS_LIBTASN1_H
308 typedef struct node_asn_struct
*ASN1_TYPE
;
310 typedef ASN1_TYPE Shishi_asn1
;
313 extern Shishi
*shishi (void);
314 extern int shishi_init (Shishi
** handle
);
315 extern int shishi_init_with_paths (Shishi
** handle
,
316 const char *tktsfile
,
317 const char *systemcfgfile
,
318 const char *usercfgfile
);
319 extern int shishi_init_server (Shishi
** handle
);
320 extern int shishi_init_server_with_paths (Shishi
** handle
,
321 const char *systemcfgfile
);
322 extern void shishi_info (Shishi
* handle
, const char *fmt
, ...);
323 extern void shishi_warn (Shishi
* handle
, const char *fmt
, ...);
326 extern void shishi_done (Shishi
* handle
);
329 extern int shishi_cfg (Shishi
* handle
, char *option
);
330 extern int shishi_cfg_from_file (Shishi
* handle
, const char *cfg
);
331 extern int shishi_cfg_print (Shishi
* handle
, FILE * fh
);
332 extern const char *shishi_cfg_default_systemfile (Shishi
* handle
);
333 extern const char *shishi_cfg_default_userdirectory (Shishi
* handle
);
334 extern const char *shishi_cfg_default_userfile (Shishi
* handle
);
335 extern int shishi_cfg_clientkdcetype (Shishi
* handle
, int32_t ** etypes
);
336 extern int shishi_cfg_clientkdcetype_set (Shishi
* handle
, char *value
);
339 extern const char *shishi_strerror (int err
);
340 extern const char *shishi_strerror_details (Shishi
* handle
);
341 extern void shishi_error_set (Shishi
* handle
, const char *error
);
342 extern void shishi_error_printf (Shishi
* handle
, char *format
, ...);
343 extern void shishi_error_clear (Shishi
* handle
);
346 extern char *shishi_realm_default_guess (void);
347 extern const char *shishi_realm_default (Shishi
* handle
);
348 extern void shishi_realm_default_set (Shishi
* handle
, const char *realm
);
349 extern const char *shishi_realm_for_server_file (Shishi
* handle
,
351 extern const char *shishi_realm_for_server_dns (Shishi
* handle
,
353 extern const char *shishi_realm_for_server (Shishi
* handle
, char *server
);
356 extern char *shishi_principal_default_guess (void);
357 extern const char *shishi_principal_default (Shishi
* handle
);
358 extern void shishi_principal_default_set (Shishi
* handle
,
359 const char *principal
);
360 extern int shishi_principal_name_get (Shishi
* handle
, Shishi_asn1 namenode
,
361 const char *namefield
, char *out
,
363 extern int shishi_principal_name_realm_get (Shishi
* handle
,
364 Shishi_asn1 namenode
,
365 const char *namefield
,
366 Shishi_asn1 realmnode
,
367 const char *realmfield
,
368 char *out
, size_t * outlen
);
369 extern int shishi_principal_name_set (Shishi
* handle
,
370 Shishi_asn1 namenode
,
371 const char *namefield
,
372 Shishi_name_type name_type
,
374 extern int shishi_principal_set (Shishi
* handle
,
375 Shishi_asn1 namenode
,
376 const char *namefield
, const char *name
);
379 extern int shishi_ticket_sname_get (Shishi
* handle
,
381 char *server
, size_t * serverlen
);
382 extern int shishi_ticket_sname_set (Shishi
* handle
,
384 Shishi_name_type name_type
,
386 extern int shishi_ticket_snamerealm_get (Shishi
* handle
, Shishi_asn1 ticket
,
388 int *serverrealmlen
);
389 extern int shishi_ticket_srealmserver_set (Shishi
* handle
,
390 Shishi_asn1 ticket
, char *realm
,
392 extern int shishi_ticket_set_server (Shishi
* handle
, Shishi_asn1 ticket
,
394 extern int shishi_ticket_realm_get (Shishi
* handle
, Shishi_asn1 ticket
,
395 char *realm
, int *realmlen
);
396 extern int shishi_ticket_realm_set (Shishi
* handle
, Shishi_asn1 ticket
,
398 extern int shishi_ticket_get_enc_part_etype (Shishi
* handle
,
401 extern int shishi_ticket_set_enc_part (Shishi
* handle
, Shishi_asn1 ticket
,
403 char *buf
, size_t buflen
);
404 extern int shishi_ticket_add_enc_part (Shishi
* handle
, Shishi_asn1 ticket
,
406 Shishi_asn1 encticketpart
);
407 extern int shishi_enckdcreppart_key_set (Shishi
* handle
,
408 Shishi_asn1 enckdcreppart
,
410 extern int shishi_ticket_decrypt (Shishi
* handle
, Shishi_asn1 ticket
,
412 Shishi_asn1
* encticketpart
);
415 extern Shishi_asn1
shishi_tkt_ticket (Shishi_tkt
* tkt
);
416 extern Shishi_asn1
shishi_tkt_kdcrep (Shishi_tkt
* tkt
);
417 extern Shishi_asn1
shishi_tkt_enckdcreppart (Shishi_tkt
* tkt
);
418 extern void shishi_tkt_enckdcreppart_set (Shishi_tkt
* tkt
,
419 Shishi_asn1 enckdcreppart
);
420 extern Shishi_asn1
shishi_tkt_encticketpart (Shishi_tkt
* tkt
);
421 extern void shishi_tkt_encticketpart_set (Shishi_tkt
* tkt
,
422 Shishi_asn1 encticketpart
);
423 extern Shishi_key
*shishi_tkt_key (Shishi_tkt
* tkt
);
424 extern int shishi_tkt_key_set (Shishi_tkt
* tkt
, Shishi_key
* key
);
425 extern int shishi_tkt (Shishi
* handle
, Shishi_tkt
** tkt
);
426 extern Shishi_tkt
*shishi_tkt2 (Shishi
* handle
,
428 Shishi_asn1 enckdcreppart
,
430 extern int shishi_tkt_pretty_print (Shishi_tkt
* tkt
, FILE * fh
);
431 extern int shishi_tkt_realm (Shishi_tkt
* tkt
, char *realm
, int *realmlen
);
432 extern int shishi_tkt_cnamerealm (Shishi_tkt
* tkt
,
433 char *cnamerealm
, int *cnamerealmlen
);
434 extern int shishi_tkt_cnamerealm_p (Shishi_tkt
* tkt
, const char *client
);
435 extern int shishi_tkt_client (Shishi_tkt
* tkt
, char *client
, int *clientlen
);
436 extern int shishi_tkt_client_p (Shishi_tkt
* tkt
, const char *client
);
437 extern int shishi_tkt_clientrealm_set (Shishi_tkt
* tkt
,
438 char *realm
, char *client
);
439 extern int shishi_tkt_serverrealm_set (Shishi_tkt
* tkt
,
440 char *realm
, char *server
);
441 extern int shishi_tkt_build (Shishi_tkt
* tkt
, Shishi_key
* key
);
442 extern int shishi_tkt_lastreq (Shishi_tkt
* tkt
,
443 char *lrtime
, int *lrtimelen
, int lrtype
);
444 extern time_t shishi_tkt_lastreqc (Shishi_tkt
* tkt
, Shihi_lrtype lrtype
);
445 extern int shishi_tkt_lastreq_pretty_print (Shishi_tkt
* tkt
, FILE * fh
);
446 extern int shishi_tkt_authtime (Shishi_tkt
* tkt
,
447 char *authtime
, int *authtimelen
);
448 extern time_t shishi_tkt_authctime (Shishi_tkt
* tkt
);
449 extern int shishi_tkt_starttime (Shishi_tkt
* tkt
,
450 char *starttime
, int *starttimelen
);
451 extern time_t shishi_tkt_startctime (Shishi_tkt
* tkt
);
452 extern int shishi_tkt_endtime (Shishi_tkt
* tkt
,
453 char *endtime
, int *endtimelen
);
454 extern time_t shishi_tkt_endctime (Shishi_tkt
* tkt
);
455 extern int shishi_tkt_renew_till (Shishi_tkt
* tkt
,
456 char *renewtilltime
, int *renewtilllen
);
457 extern time_t shishi_tkt_renew_tillc (Shishi_tkt
* tkt
);
458 extern int shishi_tkt_keytype (Shishi_tkt
* tkt
, int32_t * etype
);
459 extern int shishi_tkt_keytype_p (Shishi_tkt
* tkt
, int32_t etype
);
460 extern int shishi_tkt_server (Shishi_tkt
* tkt
,
461 char *service
, int *servicelen
);
462 extern int shishi_tkt_server_p (Shishi_tkt
* tkt
, const char *service
);
463 extern int shishi_tkt_server_realm (Shishi_tkt
* tkt
,
464 char *serverrealm
, int *serverrealmlen
);
465 extern int shishi_tkt_valid_at_time_p (Shishi_tkt
* tkt
, time_t now
);
466 extern int shishi_tkt_valid_now_p (Shishi_tkt
* tkt
);
467 extern int shishi_tkt_decrypt (Shishi_tkt
* tkt
, Shishi_key
* key
);
468 extern void shishi_tkt_done (Shishi_tkt
* tkt
);
469 extern int shishi_tkt_flags (Shishi_tkt
* tkt
, int *flags
);
470 extern int shishi_tkt_flags_set (Shishi_tkt
* tkt
, int flags
);
471 extern int shishi_tkt_forwardable_p (Shishi_tkt
* tkt
);
472 extern int shishi_tkt_forwarded_p (Shishi_tkt
* tkt
);
473 extern int shishi_tkt_proxiable_p (Shishi_tkt
* tkt
);
474 extern int shishi_tkt_proxy_p (Shishi_tkt
* tkt
);
475 extern int shishi_tkt_may_postdate_p (Shishi_tkt
* tkt
);
476 extern int shishi_tkt_postdated_p (Shishi_tkt
* tkt
);
477 extern int shishi_tkt_invalid_p (Shishi_tkt
* tkt
);
478 extern int shishi_tkt_renewable_p (Shishi_tkt
* tkt
);
479 extern int shishi_tkt_initial_p (Shishi_tkt
* tkt
);
480 extern int shishi_tkt_pre_authent_p (Shishi_tkt
* tkt
);
481 extern int shishi_tkt_hw_authent_p (Shishi_tkt
* tkt
);
482 extern int shishi_tkt_transited_policy_checked_p (Shishi_tkt
* tkt
);
483 extern int shishi_tkt_ok_as_delegate_p (Shishi_tkt
* tkt
);
486 extern char *shishi_tkts_default_file_guess (void);
487 extern const char *shishi_tkts_default_file (Shishi
* handle
);
488 extern void shishi_tkts_default_file_set (Shishi
* handle
,
489 const char *tktsfile
);
490 extern Shishi_tkts
*shishi_tkts_default (Shishi
* handle
);
491 extern int shishi_tkts (Shishi
* handle
, Shishi_tkts
** tkts
);
492 extern Shishi_tkt
*shishi_tkts_nth (Shishi_tkts
* tkts
, int ticketno
);
493 extern int shishi_tkts_size (Shishi_tkts
* tkts
);
494 extern int shishi_tkts_add (Shishi_tkts
* tkts
, Shishi_tkt
* ticket
);
495 extern int shishi_tkts_new (Shishi_tkts
* tkts
,
497 Shishi_asn1 enckdcreppart
, Shishi_asn1 kdcrep
);
498 extern int shishi_tkts_remove (Shishi_tkts
* tkts
, int ticketno
);
499 extern int shishi_tkts_expire (Shishi_tkts
* tkts
);
500 extern int shishi_tkts_print_for_service (Shishi_tkts
* tkts
,
501 FILE * fh
, const char *service
);
502 extern int shishi_tkts_print (Shishi_tkts
* tkts
, FILE * fh
);
503 extern int shishi_tkts_write (Shishi_tkts
* tkts
, FILE * fh
);
504 extern int shishi_tkts_to_file (Shishi_tkts
* tkts
, const char *filename
);
505 extern int shishi_tkts_read (Shishi_tkts
* tkts
, FILE * fh
);
506 extern int shishi_tkts_from_file (Shishi_tkts
* tkts
, const char *filename
);
507 extern void shishi_tkts_done (Shishi_tkts
** tkts
);
508 extern int shishi_tkt_match_p (Shishi_tkt
* tkt
, Shishi_tkts_hint
* hint
);
509 extern Shishi_tkt
*shishi_tkts_find (Shishi_tkts
* tkts
,
510 Shishi_tkts_hint
* hint
);
511 extern Shishi_tkt
*shishi_tkts_find_for_clientserver (Shishi_tkts
* tkts
,
514 extern Shishi_tkt
*shishi_tkts_find_for_server (Shishi_tkts
* tkts
,
516 extern Shishi_tkt
*shishi_tkts_get (Shishi_tkts
* tkts
,
517 Shishi_tkts_hint
* hint
);
518 extern Shishi_tkt
*shishi_tkts_get_for_clientserver (Shishi_tkts
* tkts
,
521 extern Shishi_tkt
*shishi_tkts_get_for_server (Shishi_tkts
* tkts
,
523 extern Shishi_tkt
*shishi_tkts_get_for_localservicepasswd (Shishi_tkts
* tkts
,
531 shishi_enckdcreppart_print (Shishi
* handle
,
532 FILE * fh
, Shishi_asn1 enckdcreppart
);
534 shishi_enckdcreppart_save (Shishi
* handle
,
535 FILE * fh
, Shishi_asn1 enckdcreppart
);
537 shishi_enckdcreppart_parse (Shishi
* handle
,
538 FILE * fh
, Shishi_asn1
* enckdcreppart
);
540 shishi_enckdcreppart_read (Shishi
* handle
,
541 FILE * fh
, Shishi_asn1
* enckdcreppart
);
542 extern int shishi_ticket_save (Shishi
* handle
, FILE * fh
,
544 extern int shishi_ticket_print (Shishi
* handle
, FILE * fh
,
546 extern int shishi_kdc_req_print (Shishi
* handle
, FILE * fh
,
548 extern int shishi_kdc_rep_print (Shishi
* handle
, FILE * fh
,
550 extern int shishi_kdc_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 asreq
,
551 Shishi_asn1 asrep
, Shishi_asn1 encasreppart
);
552 extern int shishi_kdc_req_parse (Shishi
* handle
, FILE * fh
,
553 Shishi_asn1
* asreq
);
554 extern int shishi_kdc_rep_parse (Shishi
* handle
, FILE * fh
,
555 Shishi_asn1
* asrep
);
556 extern int shishi_ticket_parse (Shishi
* handle
, FILE * fh
,
557 Shishi_asn1
* ticket
);
558 extern int shishi_ticket_read (Shishi
* handle
, FILE * fh
,
559 Shishi_asn1
* ticket
);
561 /* authenticator.c */
562 extern Shishi_asn1
shishi_authenticator (Shishi
* handle
);
563 extern int shishi_authenticator_set_crealm (Shishi
* handle
,
566 extern int shishi_authenticator_set_cname (Shishi
* handle
,
567 Shishi_asn1 authenticator
,
568 Shishi_name_type name_type
,
569 const char *cname
[]);
570 extern int shishi_authenticator_client_set (Shishi
* handle
,
571 Shishi_asn1 authenticator
,
573 extern int shishi_authenticator_ctime_get (Shishi
* handle
,
574 Shishi_asn1 authenticator
,
576 extern int shishi_authenticator_cusec_get (Shishi
* handle
,
577 Shishi_asn1 authenticator
,
579 extern int shishi_authenticator_cname_get (Shishi
* handle
,
580 Shishi_asn1 authenticator
,
581 char *cname
, int *cnamelen
);
582 extern int shishi_authenticator_cnamerealm_get (Shishi
* handle
,
583 Shishi_asn1 authenticator
,
586 extern int shishi_authenticator_remove_cksum (Shishi
* handle
,
587 Shishi_asn1 authenticator
);
588 extern int shishi_authenticator_cksum (Shishi
* handle
,
589 Shishi_asn1 authenticator
,
591 char *cksum
, size_t * cksumlen
);
592 extern int shishi_authenticator_set_cksum (Shishi
* handle
,
593 Shishi_asn1 authenticator
,
595 char *cksum
, size_t cksumlen
);
596 extern int shishi_authenticator_add_cksum (Shishi
* handle
,
597 Shishi_asn1 authenticator
,
600 char *data
, int datalen
);
602 shishi_authenticator_clear_authorizationdata (Shishi
* handle
,
603 Shishi_asn1 authenticator
);
605 shishi_authenticator_add_authorizationdata (Shishi
* handle
,
606 Shishi_asn1 authenticator
,
608 char *addata
, int addatalen
);
610 shishi_authenticator_authorizationdata (Shishi
* handle
,
611 Shishi_asn1 authenticator
,
613 char *addata
, int *addatalen
,
615 extern int shishi_authenticator_read (Shishi
* handle
, FILE * fh
,
616 Shishi_asn1
* authenticator
);
617 extern int shishi_authenticator_parse (Shishi
* handle
, FILE * fh
,
618 Shishi_asn1
* authenticator
);
619 extern int shishi_authenticator_from_file (Shishi
* handle
,
620 Shishi_asn1
* authenticator
,
621 int filetype
, char *filename
);
622 extern int shishi_authenticator_print (Shishi
* handle
, FILE * fh
,
623 Shishi_asn1 authenticator
);
624 extern int shishi_authenticator_to_file (Shishi
* handle
,
625 Shishi_asn1 authenticator
,
626 int filetype
, char *filename
);
627 extern int shishi_authenticator_save (Shishi
* handle
, FILE * fh
,
628 Shishi_asn1 authenticator
);
631 extern Shishi_asn1
shishi_as_req (Shishi_as
* as
);
632 extern void shishi_as_req_set (Shishi_as
* as
, Shishi_asn1 asreq
);
633 extern int shishi_as_req_der (Shishi_as
* as
, char *out
, int *outlen
);
634 extern int shishi_as_req_der_set (Shishi_as
* as
, char *der
, size_t derlen
);
635 extern Shishi_asn1
shishi_as_rep (Shishi_as
* as
);
636 extern void shishi_as_rep_set (Shishi_as
* as
, Shishi_asn1 asrep
);
637 extern int shishi_as_rep_build (Shishi_as
* as
, Shishi_key
* key
);
638 extern int shishi_as_rep_der (Shishi_as
* as
, char *out
, int *outlen
);
639 extern int shishi_as_rep_der_set (Shishi_as
* as
, char *der
, size_t derlen
);
640 extern Shishi_asn1
shishi_as_encasreppart (Shishi_as
* as
);
641 extern void shishi_as_encasreppart_set (Shishi_as
* as
,
642 Shishi_asn1 encasreppart
);
643 extern Shishi_asn1
shishi_as_krberror (Shishi_as
* as
);
644 extern int shishi_as_krberror_der (Shishi_as
* as
, char *out
, int *outlen
);
645 extern void shishi_as_krberror_set (Shishi_as
* as
, Shishi_asn1 krberror
);
646 extern Shishi_tkt
*shishi_as_tkt (Shishi_as
* as
);
647 extern void shishi_as_tkt_set (Shishi_as
* as
, Shishi_tkt
* ticket
);
648 extern int shishi_as (Shishi
* handle
, Shishi_as
** as
);
649 extern int shishi_as_password_cnamerealmsname (Shishi
* handle
,
653 char *realm
, char *sname
);
654 extern int shishi_as_key_cnamerealmsname (Shishi
* handle
,
658 char *realm
, char *sname
);
659 extern int shishi_as_cnamerealmsname (Shishi
* handle
,
663 char *cname
, char *realm
, char *sname
);
664 extern int shishi_as_sendrecv (Shishi_as
* as
);
665 extern int shishi_as_rep_process (Shishi_as
* as
,
666 Shishi_key
* key
, const char *password
);
669 extern int shishi_tgs (Shishi
* handle
, Shishi_tgs
** tgs
);
670 extern Shishi_tkt
*shishi_tgs_tgtkt (Shishi_tgs
* tgs
);
671 extern void shishi_tgs_tgtkt_set (Shishi_tgs
* tgs
, Shishi_tkt
* tgticket
);
672 extern Shishi_ap
*shishi_tgs_ap (Shishi_tgs
* tgs
);
673 extern Shishi_asn1
shishi_tgs_req (Shishi_tgs
* tgs
);
674 extern int shishi_tgs_req_build (Shishi_tgs
* tgs
);
675 extern Shishi_asn1
shishi_tgs_rep (Shishi_tgs
* tgs
);
676 extern int shishi_tgs_rep_process (Shishi_tgs
* tgs
);
677 extern Shishi_asn1
shishi_tgs_krberror (Shishi_tgs
* tgs
);
678 extern Shishi_tkt
*shishi_tgs_tkt (Shishi_tgs
* tgs
);
679 extern void shishi_tgs_tkt_set (Shishi_tgs
* tgs
, Shishi_tkt
* ticket
);
680 extern int shishi_tgs_sendrecv (Shishi_tgs
* tgs
);
681 extern int shishi_tgs_set_server (Shishi_tgs
* tgs
, const char *server
);
682 extern int shishi_tgs_set_realm (Shishi_tgs
* tgs
, const char *realm
);
683 extern int shishi_tgs_set_realmserver (Shishi_tgs
* tgs
,
684 const char *realm
, const char *server
);
687 extern int shishi_kdcreq (Shishi
* handle
, char *realm
,
688 char *service
, Shishi_asn1
* req
);
689 extern Shishi_asn1
shishi_asreq (Shishi
* handle
);
690 extern Shishi_asn1
shishi_asreq_rsc (Shishi
* handle
, char *realm
,
691 char *server
, char *client
);
692 extern Shishi_asn1
shishi_tgsreq (Shishi
* handle
);
693 extern Shishi_asn1
shishi_tgsreq_rst (Shishi
* handle
, char *realm
,
694 char *server
, Shishi_tkt
* ticket
);
695 extern int shishi_kdcreq_save (Shishi
* handle
, FILE * fh
,
697 extern int shishi_kdcreq_print (Shishi
* handle
, FILE * fh
,
699 extern int shishi_kdcreq_to_file (Shishi
* handle
, Shishi_asn1 kdcreq
,
700 int filetype
, char *filename
);
701 extern int shishi_kdcreq_parse (Shishi
* handle
, FILE * fh
,
702 Shishi_asn1
* kdcreq
);
703 extern int shishi_kdcreq_read (Shishi
* handle
, FILE * fh
,
704 Shishi_asn1
* kdcreq
);
705 extern int shishi_kdcreq_from_file (Shishi
* handle
, Shishi_asn1
* kdcreq
,
706 int filetype
, char *filename
);
707 extern int shishi_asreq_cnamerealm_get (Shishi
* handle
, Shishi_asn1 kdcreq
,
709 size_t * cnamerealmlen
);
710 extern int shishi_kdcreq_nonce (Shishi
* handle
, Shishi_asn1 kdcreq
,
712 extern int shishi_kdcreq_cname_get (Shishi
* handle
,
714 char *cname
, size_t * cnamelen
);
715 extern int shishi_kdcreq_set_cname (Shishi
* handle
, Shishi_asn1 kdcreq
,
716 Shishi_name_type name_type
,
717 const char *principal
);
718 extern int shishi_kdcreq_sname_get (Shishi
* handle
, Shishi_asn1 kdcreq
,
719 char *sname
, size_t * snamelen
);
720 extern int shishi_kdcreq_snamerealm_get (Shishi
* handle
, Shishi_asn1 kdcreq
,
722 size_t * snamerealmlen
);
723 extern int shishi_kdcreq_set_sname (Shishi
* handle
, Shishi_asn1 kdcreq
,
724 Shishi_name_type name_type
,
725 const char *sname
[]);
726 extern int shishi_kdcreq_realm_get (Shishi
* handle
, Shishi_asn1 kdcreq
,
727 char *realm
, int *realmlen
);
728 extern int shishi_kdcreq_set_realm (Shishi
* handle
, Shishi_asn1 node
,
730 extern int shishi_kdcreq_set_server (Shishi
* handle
, Shishi_asn1 req
,
731 const char *service
);
732 extern int shishi_kdcreq_set_realmserver (Shishi
* handle
, Shishi_asn1 req
,
733 char *realm
, char *service
);
734 extern int shishi_kdcreq_etype (Shishi
* handle
, Shishi_asn1 kdcreq
,
735 int32_t * etype
, int netype
);
736 extern int shishi_kdcreq_set_etype (Shishi
* handle
, Shishi_asn1 kdcreq
,
737 int32_t * etype
, int netype
);
738 extern int shishi_kdcreq_clear_padata (Shishi
* handle
, Shishi_asn1 kdcreq
);
739 extern int shishi_kdcreq_add_padata (Shishi
* handle
,
741 int padatatype
, char *data
, int datalen
);
742 extern int shishi_kdcreq_add_padata_tgs (Shishi
* handle
,
746 /* enckdcreppart.c */
747 extern Shishi_asn1
shishi_enckdcreppart (Shishi
* handle
);
748 extern Shishi_asn1
shishi_encasreppart (Shishi
* handle
);
749 extern int shishi_enckdcreppart_srealmserver_set (Shishi
* handle
,
750 Shishi_asn1 enckdcreppart
,
753 extern int shishi_enckdcreppart_nonce_set (Shishi
* handle
,
754 Shishi_asn1 enckdcreppart
,
757 shishi_enckdcreppart_populate_encticketpart (Shishi
* handle
,
758 Shishi_asn1 enckdcreppart
,
759 Shishi_asn1 encticketpart
);
760 extern int shishi_enckdcreppart_flags_set (Shishi
* handle
,
761 Shishi_asn1 enckdcreppart
,
765 extern int shishi_as_derive_salt (Shishi
* handle
,
767 Shishi_asn1 asrep
, char *salt
,
769 extern int shishi_tgs_process (Shishi
* handle
, Shishi_asn1 tgsreq
,
771 Shishi_asn1 oldenckdcreppart
,
772 Shishi_asn1
* enckdcreppart
);
773 extern int shishi_as_process (Shishi
* handle
, Shishi_asn1 asreq
,
776 Shishi_asn1
* enckdcreppart
);
777 extern int shishi_kdc_process (Shishi
* handle
, Shishi_asn1 kdcreq
,
778 Shishi_asn1 kdcrep
, Shishi_key
* key
,
779 int keyusage
, Shishi_asn1
* enckdcreppart
);
780 extern int shishi_kdcreq_sendrecv (Shishi
* handle
, Shishi_asn1 kdcreq
,
781 Shishi_asn1
* kdcrep
);
782 extern int shishi_kdc_copy_crealm (Shishi
* handle
, Shishi_asn1 kdcrep
,
783 Shishi_asn1 encticketpart
);
784 extern int shishi_as_check_crealm (Shishi
* handle
, Shishi_asn1 asreq
,
786 extern int shishi_kdc_copy_cname (Shishi
* handle
, Shishi_asn1 kdcrep
,
787 Shishi_asn1 encticketpart
);
788 extern int shishi_as_check_cname (Shishi
* handle
, Shishi_asn1 asreq
,
790 extern int shishi_kdc_copy_nonce (Shishi
* handle
, Shishi_asn1 kdcreq
,
791 Shishi_asn1 enckdcreppart
);
792 extern int shishi_kdc_check_nonce (Shishi
* handle
, Shishi_asn1 kdcreq
,
793 Shishi_asn1 enckdcreppart
);
796 extern Shishi_asn1
shishi_asrep (Shishi
* handle
);
797 extern Shishi_asn1
shishi_tgsrep (Shishi
* handle
);
798 extern int shishi_kdcrep_save (Shishi
* handle
, FILE * fh
,
800 extern int shishi_kdcrep_print (Shishi
* handle
, FILE * fh
,
802 extern int shishi_kdcrep_to_file (Shishi
* handle
, Shishi_asn1 kdcrep
,
803 int filetype
, char *filename
);
804 extern int shishi_kdcrep_parse (Shishi
* handle
, FILE * fh
,
805 Shishi_asn1
* kdcrep
);
806 extern int shishi_kdcrep_read (Shishi
* handle
, FILE * fh
,
807 Shishi_asn1
* kdcrep
);
808 extern int shishi_kdcrep_from_file (Shishi
* handle
, Shishi_asn1
* kdcrep
,
809 int filetype
, char *filename
);
810 extern int shishi_kdcrep_clear_padata (Shishi
* handle
, Shishi_asn1 kdcrep
);
811 extern int shishi_kdcrep_get_enc_part_etype (Shishi
* handle
,
814 extern int shishi_kdcrep_add_enc_part (Shishi
* handle
,
818 Shishi_asn1 enckdcreppart
);
819 extern int shishi_kdcrep_get_ticket (Shishi
* handle
,
821 Shishi_asn1
* ticket
);
822 extern int shishi_kdcrep_set_ticket (Shishi
* handle
, Shishi_asn1 kdcrep
,
824 extern int shishi_kdcrep_crealm_set (Shishi
* handle
,
825 Shishi_asn1 kdcrep
, const char *crealm
);
826 extern int shishi_kdcrep_cname_set (Shishi
* handle
,
828 Shishi_name_type name_type
,
829 const char *cname
[]);
830 extern int shishi_kdcrep_client_set (Shishi
* handle
, Shishi_asn1 kdcrep
,
832 extern int shishi_kdcrep_crealmserver_set (Shishi
* handle
,
836 extern int shishi_kdcrep_set_enc_part (Shishi
* handle
, Shishi_asn1 kdcrep
,
837 int etype
, int kvno
, char *buf
,
841 extern Shishi_asn1
shishi_krberror (Shishi
* handle
);
842 extern int shishi_krberror_print (Shishi
* handle
, FILE * fh
,
843 Shishi_asn1 krberror
);
844 extern int shishi_krberror_save (Shishi
* handle
, FILE * fh
,
845 Shishi_asn1 krberror
);
846 extern int shishi_krberror_to_file (Shishi
* handle
, Shishi_asn1 krberror
,
847 int filetype
, char *filename
);
848 extern int shishi_krberror_parse (Shishi
* handle
, FILE * fh
,
849 Shishi_asn1
* krberror
);
850 extern int shishi_krberror_read (Shishi
* handle
, FILE * fh
,
851 Shishi_asn1
* krberror
);
852 extern int shishi_krberror_from_file (Shishi
* handle
, Shishi_asn1
* krberror
,
853 int filetype
, char *filename
);
854 extern const char *shishi_krberror_errorcode_message (Shishi
* handle
,
856 extern const char *shishi_krberror_message (Shishi
* handle
,
857 Shishi_asn1 krberror
);
858 extern int shishi_krberror_etext (Shishi
* handle
, Shishi_asn1 krberror
,
859 char *etext
, size_t * etextlen
);
860 extern int shishi_krberror_errorcode (Shishi
* handle
,
861 Shishi_asn1 krberror
, int *errorcode
);
862 extern int shishi_krberror_errorcode_fast (Shishi
* handle
,
863 Shishi_asn1 krberror
);
864 extern int shishi_krberror_pretty_print (Shishi
* handle
,
865 FILE * fh
, Shishi_asn1 krberror
);
868 extern void shishi_to_base64 (unsigned char *out
, const unsigned char *in
,
870 extern int shishi_from_base64 (unsigned char *out
, const unsigned char *in
);
873 extern int shishi_asprintf (char **result
, char *format
, ...);
876 extern const char *shishi_generalize_time (Shishi
* handle
, time_t t
);
877 extern time_t shishi_generalize_ctime (Shishi
* handle
, const char *t
);
880 extern int shishi_cipher_supported_p (int type
);
881 extern const char *shishi_cipher_name (int type
);
882 extern int shishi_cipher_blocksize (int type
);
883 extern int shishi_cipher_minpadsize (int type
);
884 extern int shishi_cipher_confoundersize (int type
);
885 extern size_t shishi_cipher_keylen (int type
);
886 extern size_t shishi_cipher_randomlen (int type
);
887 extern int shishi_cipher_defaultcksumtype (int32_t type
);
888 extern int shishi_cipher_parse (const char *cipher
);
889 extern int shishi_checksum_supported_p (int32_t type
);
890 extern const char *shishi_checksum_name (int32_t type
);
891 extern size_t shishi_checksum_cksumlen (int32_t type
);
892 extern int shishi_checksum_parse (const char *checksum
);
893 extern int shishi_string_to_key (Shishi
* handle
,
895 const char *password
, size_t passwordlen
,
896 const char *salt
, size_t saltlen
,
897 const char *parameter
, Shishi_key
* outkey
);
898 extern int shishi_random_to_key (Shishi
* handle
,
900 char *random
, size_t randomlen
,
901 Shishi_key
* outkey
);
902 extern int shishi_encrypt (Shishi
* handle
,
905 char *in
, size_t inlen
,
906 char **out
, size_t * outlen
);
907 extern int shishi_encrypt_iv (Shishi
* handle
,
910 char *iv
, size_t ivlen
,
911 char *in
, size_t inlen
,
912 char **out
, size_t * outlen
);
913 extern int shishi_encrypt_iv_etype (Shishi
* handle
,
917 char *iv
, size_t ivlen
,
918 char *in
, size_t inlen
,
919 char **out
, size_t * outlen
);
920 extern int shishi_decrypt (Shishi
* handle
,
923 char *in
, size_t inlen
,
924 char **out
, size_t * outlen
);
925 extern int shishi_decrypt_iv (Shishi
* handle
,
928 char *iv
, size_t ivlen
,
929 char *in
, size_t inlen
,
930 char **out
, size_t * outlen
);
931 extern int shishi_decrypt_iv_etype (Shishi
* handle
,
935 char *iv
, size_t ivlen
,
936 char *in
, size_t inlen
,
937 char **out
, size_t * outlen
);
938 extern int shishi_checksum (Shishi
* handle
,
942 char *in
, size_t inlen
,
943 char **out
, size_t * outlen
);
944 extern int shishi_randomize (Shishi
* handle
, char *data
, size_t datalen
);
945 extern int shishi_dk (Shishi
* handle
,
947 char *constant
, int constantlen
,
948 Shishi_key
* derivedkey
);
949 extern int shishi_dr (Shishi
* handle
,
951 char *derivedkey
, size_t derivedkeylen
,
952 char *constant
, size_t constantlen
);
953 extern int shishi_n_fold (Shishi
* handle
, char *in
, size_t m
, char *out
,
957 extern const char *shishi_check_version (const char *req_version
);
960 extern int shishi_read_password (FILE * fh
, char *s
, int size
);
962 shishi_prompt_password_raw (FILE * in
, char *s
, int size
,
963 FILE * out
, char *format
, ...);
965 shishi_prompt_password (Shishi
* handle
,
966 FILE * in
, char *s
, int size
,
967 FILE * out
, char *format
, ...);
970 extern int shishi_a2d_field (Shishi
* handle
,
972 const char *field
, char *der
, int *len
);
973 extern int shishi_a2d (Shishi
* handle
, Shishi_asn1 node
,
974 char *der
, int *len
);
975 extern int shishi_a2d_new_field (Shishi
* handle
, Shishi_asn1 node
,
976 const char *field
, char **der
, int *len
);
977 extern int shishi_new_a2d (Shishi
* handle
, Shishi_asn1 node
,
978 char **der
, int *len
);
979 extern int shishi_asn1_done (Shishi
* handle
, Shishi_asn1 node
);
980 extern int shishi_asn1_read (Shishi
* handle
, Shishi_asn1 node
,
981 const char *field
, char *data
, size_t * datalen
);
982 extern int shishi_asn1_read_int32 (Shishi
* handle
, Shishi_asn1 node
,
983 const char *field
, int32_t * i
);
984 extern int shishi_asn1_read_uint32 (Shishi
* handle
, Shishi_asn1 node
,
985 const char *field
, uint32_t * i
);
986 extern int shishi_asn1_read_bitstring (Shishi
* handle
, Shishi_asn1 node
,
987 const char *field
, int *flags
);
988 extern int shishi_asn1_write (Shishi
* handle
, Shishi_asn1 node
,
990 const char *data
, size_t datalen
);
991 extern int shishi_asn1_write_int32 (Shishi
* handle
, Shishi_asn1 node
,
992 const char *field
, int32_t n
);
993 extern int shishi_asn1_write_uint32 (Shishi
* handle
, Shishi_asn1 node
,
994 const char *field
, uint32_t n
);
995 extern int shishi_asn1_write_bitstring (Shishi
* handle
, Shishi_asn1 node
,
996 const char *field
, int flags
);
997 extern int shishi_asn1_field (Shishi
* handle
,
999 char *data
, size_t * datalen
,
1001 extern int shishi_asn1_optional_field (Shishi
* handle
,
1003 char *data
, size_t * datalen
,
1005 extern int shishi_asn1_number_of_elements (Shishi
* handle
,
1007 const char *field
, int *n
);
1008 extern Shishi_asn1
shishi_asn1_asreq (Shishi
* handle
);
1009 extern Shishi_asn1
shishi_asn1_asrep (Shishi
* handle
);
1010 extern Shishi_asn1
shishi_asn1_tgsreq (Shishi
* handle
);
1011 extern Shishi_asn1
shishi_asn1_tgsrep (Shishi
* handle
);
1012 extern Shishi_asn1
shishi_asn1_apreq (Shishi
* handle
);
1013 extern Shishi_asn1
shishi_asn1_aprep (Shishi
* handle
);
1014 extern Shishi_asn1
shishi_asn1_ticket (Shishi
* handle
);
1015 extern Shishi_asn1
shishi_asn1_encapreppart (Shishi
* handle
);
1016 extern Shishi_asn1
shishi_asn1_encticketpart (Shishi
* handle
);
1017 extern Shishi_asn1
shishi_asn1_authenticator (Shishi
* handle
);
1018 extern Shishi_asn1
shishi_asn1_enckdcreppart (Shishi
* handle
);
1019 extern Shishi_asn1
shishi_asn1_encasreppart (Shishi
* handle
);
1020 extern Shishi_asn1
shishi_asn1_krberror (Shishi
* handle
);
1021 extern Shishi_asn1
shishi_asn1_krbsafe (Shishi
* handle
);
1022 extern Shishi_asn1
shishi_der2asn1 (Shishi
* handle
,
1023 const char *fieldname
,
1024 const char *nodename
,
1025 const char *der
, size_t derlen
);
1026 extern Shishi_asn1
shishi_der2asn1_ticket (Shishi
* handle
,
1027 const char *der
, size_t derlen
);
1028 extern Shishi_asn1
shishi_der2asn1_encticketpart (Shishi
* handle
,
1031 extern Shishi_asn1
shishi_der2asn1_asreq (Shishi
* handle
,
1032 const char *der
, size_t derlen
);
1033 extern Shishi_asn1
shishi_der2asn1_tgsreq (Shishi
* handle
,
1034 const char *der
, size_t derlen
);
1035 extern Shishi_asn1
shishi_der2asn1_asrep (Shishi
* handle
,
1036 const char *der
, size_t derlen
);
1037 extern Shishi_asn1
shishi_der2asn1_tgsrep (Shishi
* handle
,
1038 const char *der
, size_t derlen
);
1039 extern Shishi_asn1
shishi_der2asn1_kdcrep (Shishi
* handle
,
1040 const char *der
, size_t derlen
);
1041 extern Shishi_asn1
shishi_der2asn1_kdcreq (Shishi
* handle
,
1042 const char *der
, size_t derlen
);
1043 extern Shishi_asn1
shishi_der2asn1_encasreppart (Shishi
* handle
,
1046 extern Shishi_asn1
shishi_der2asn1_enctgsreppart (Shishi
* handle
,
1049 extern Shishi_asn1
shishi_der2asn1_enckdcreppart (Shishi
* handle
,
1052 extern Shishi_asn1
shishi_der2asn1_authenticator (Shishi
* handle
,
1055 extern Shishi_asn1
shishi_der2asn1_krberror (Shishi
* handle
,
1056 const char *der
, size_t derlen
);
1057 extern Shishi_asn1
shishi_der2asn1_krbsafe (Shishi
* handle
,
1058 const char *der
, size_t derlen
);
1059 extern Shishi_asn1
shishi_der2asn1_apreq (Shishi
* handle
,
1060 const char *der
, size_t derlen
);
1061 extern Shishi_asn1
shishi_der2asn1_aprep (Shishi
* handle
,
1062 const char *der
, size_t derlen
);
1063 extern Shishi_asn1
shishi_der2asn1_encapreppart (Shishi
* handle
,
1068 extern const char *shishi_ap_option2string (int option
);
1069 extern int shishi_ap_string2option (const char *str
);
1071 extern int shishi_ap (Shishi
* handle
, Shishi_ap
** ap
);
1072 extern int shishi_ap_set_tktoptions (Shishi_ap
* ap
,
1073 Shishi_tkt
* ticket
, int options
);
1074 extern int shishi_ap_tktoptions (Shishi
* handle
,
1076 Shishi_tkt
* ticket
, int options
);
1077 extern int shishi_ap_set_tktoptionsdata (Shishi_ap
* ap
,
1078 Shishi_tkt
* ticket
,
1079 int options
, char *data
, int len
);
1080 extern int shishi_ap_tktoptionsdata (Shishi
* handle
,
1082 Shishi_tkt
* ticket
,
1083 int options
, char *data
, int len
);
1084 extern int shishi_ap_set_tktoptionsasn1usage (Shishi_ap
* ap
,
1085 Shishi_tkt
* ticket
,
1089 int authenticatorcksumkeyusage
,
1090 int authenticatorkeyusage
);
1091 extern int shishi_ap_tktoptionsasn1usage (Shishi
* handle
,
1093 Shishi_tkt
* ticket
,
1097 int authenticatorcksumkeyusage
,
1098 int authenticatorkeyusage
);
1100 extern Shishi_tkt
*shishi_ap_tkt (Shishi_ap
* ap
);
1101 extern void shishi_ap_tkt_set (Shishi_ap
* ap
, Shishi_tkt
* ticket
);
1103 extern int shishi_ap_authenticator_cksumdata (Shishi_ap
* ap
,
1104 char *out
, int *len
);
1106 shishi_ap_authenticator_cksumdata_set (Shishi_ap
* ap
,
1107 char *authenticatorcksumdata
,
1108 int authenticatorcksumdatalen
);
1110 extern Shishi_asn1
shishi_ap_authenticator (Shishi_ap
* ap
);
1111 extern void shishi_ap_authenticator_set (Shishi_ap
* ap
,
1112 Shishi_asn1 authenticator
);
1114 extern Shishi_asn1
shishi_ap_req (Shishi_ap
* ap
);
1115 extern void shishi_ap_req_set (Shishi_ap
* ap
, Shishi_asn1 apreq
);
1116 extern int shishi_ap_req_der (Shishi_ap
* ap
, char *out
, int *outlen
);
1117 extern int shishi_ap_req_der_set (Shishi_ap
* ap
, char *der
, size_t derlen
);
1118 extern int shishi_ap_req_der_new (Shishi_ap
* ap
, char **out
, int *outlen
);
1119 extern int shishi_ap_req_build (Shishi_ap
* ap
);
1120 extern int shishi_ap_req_asn1 (Shishi_ap
* ap
, Shishi_asn1
* apreq
);
1121 extern int shishi_ap_req_process (Shishi_ap
* ap
, Shishi_key
* key
);
1122 extern int shishi_ap_req_build (Shishi_ap
* ap
);
1124 extern Shishi_asn1
shishi_ap_rep (Shishi_ap
* ap
);
1125 extern void shishi_ap_rep_set (Shishi_ap
* ap
, Shishi_asn1 aprep
);
1126 extern int shishi_ap_rep_der (Shishi_ap
* ap
, char *out
, size_t * outlen
);
1127 extern int shishi_ap_rep_der_set (Shishi_ap
* ap
, char *der
, size_t derlen
);
1128 extern int shishi_ap_rep_verify (Shishi_ap
* ap
);
1129 extern int shishi_ap_rep_verify_der (Shishi_ap
* ap
, char *der
,
1131 extern int shishi_ap_rep_verify_asn1 (Shishi_ap
* ap
, Shishi_asn1 aprep
);
1132 extern int shishi_ap_rep_asn1 (Shishi_ap
* ap
, Shishi_asn1
* aprep
);
1133 extern int shishi_ap_rep_build (Shishi_ap
* ap
);
1135 extern Shishi_asn1
shishi_ap_encapreppart (Shishi_ap
* ap
);
1136 extern void shishi_ap_encapreppart_set (Shishi_ap
* ap
,
1137 Shishi_asn1 encapreppart
);
1140 extern const char *shishi_key_principal (Shishi_key
* key
);
1141 extern void shishi_key_principal_set (Shishi_key
* key
,
1142 const char *principal
);
1143 extern const char *shishi_key_realm (Shishi_key
* key
);
1144 extern void shishi_key_realm_set (Shishi_key
* key
, const char *realm
);
1145 extern int shishi_key_type (Shishi_key
* key
);
1146 extern void shishi_key_type_set (Shishi_key
* key
, int32_t type
);
1147 extern char *shishi_key_value (Shishi_key
* key
);
1148 extern void shishi_key_value_set (Shishi_key
* key
, const char *value
);
1149 extern int shishi_key_value_set_random (Shishi_key
* key
,
1150 char *random
, size_t randomlen
);
1151 extern const char *shishi_key_name (Shishi_key
* key
);
1152 extern size_t shishi_key_length (Shishi_key
* key
);
1153 extern int shishi_key_version (Shishi_key
* key
);
1154 extern void shishi_key_version_set (Shishi_key
* key
, int version
);
1155 extern int shishi_key (Shishi
* handle
, Shishi_key
** key
);
1156 extern void shishi_key_done (Shishi_key
** key
);
1157 extern void shishi_key_copy (Shishi_key
* dstkey
, Shishi_key
* srckey
);
1158 extern int shishi_key_print (Shishi
* handle
, FILE * fh
, Shishi_key
* key
);
1159 extern int shishi_key_to_file (Shishi
* handle
,
1160 const char *filename
, Shishi_key
* key
);
1161 extern int shishi_key_parse (Shishi
* handle
, FILE * fh
, Shishi_key
** key
);
1162 extern int shishi_key_random (Shishi
* handle
,
1163 int32_t type
, Shishi_key
** key
);
1164 extern int shishi_key_from_value (Shishi
* handle
,
1166 char *value
, Shishi_key
** key
);
1167 extern int shishi_key_from_base64 (Shishi
* handle
,
1169 char *value
, Shishi_key
** key
);
1170 extern int shishi_key_from_random (Shishi
* handle
,
1172 char *random
, size_t randomlen
,
1173 Shishi_key
** outkey
);
1174 extern int shishi_key_from_string (Shishi
* handle
,
1176 const char *password
, size_t passwordlen
,
1177 const char *salt
, size_t saltlen
,
1178 const char *parameter
,
1179 Shishi_key
** outkey
);
1182 extern const char *shishi_hostkeys_default_file (Shishi
* handle
);
1183 extern void shishi_hostkeys_default_file_set (Shishi
* handle
,
1184 const char *hostkeysfile
);
1185 extern Shishi_key
*shishi_hostkeys_for_serverrealm_in_file (Shishi
* handle
,
1192 extern Shishi_key
*shishi_hostkeys_for_server_in_file (Shishi
* handle
,
1193 const char *filename
,
1194 const char *server
);
1195 extern Shishi_key
*shishi_hostkeys_for_server (Shishi
* handle
,
1196 const char *server
);
1197 extern Shishi_key
*shishi_hostkeys_for_serverrealm (Shishi
* handle
,
1200 extern Shishi_key
*shishi_hostkeys_for_localservicerealm (Shishi
* handle
,
1201 const char *service
,
1203 extern Shishi_key
*shishi_hostkeys_for_localservice (Shishi
* handle
,
1204 const char *service
);
1206 /* encapreppart.c */
1207 extern Shishi_asn1
shishi_encapreppart (Shishi
* handle
);
1208 extern int shishi_encapreppart_time_copy (Shishi
* handle
,
1209 Shishi_asn1 encapreppart
,
1210 Shishi_asn1 authenticator
);
1211 extern int shishi_encapreppart_ctime_get (Shishi
* handle
,
1212 Shishi_asn1 encapreppart
,
1214 extern int shishi_encapreppart_ctime_set (Shishi
* handle
,
1215 Shishi_asn1 encapreppart
,
1217 extern int shishi_encapreppart_cusec_get (Shishi
* handle
,
1218 Shishi_asn1 encapreppart
,
1220 extern int shishi_encapreppart_cusec_set (Shishi
* handle
,
1221 Shishi_asn1 encapreppart
,
1223 extern int shishi_encapreppart_print (Shishi
* handle
, FILE * fh
,
1224 Shishi_asn1 encapreppart
);
1225 extern int shishi_encapreppart_save (Shishi
* handle
, FILE * fh
,
1226 Shishi_asn1 encapreppart
);
1227 extern int shishi_encapreppart_to_file (Shishi
* handle
,
1228 Shishi_asn1 encapreppart
,
1229 int filetype
, char *filename
);
1230 extern int shishi_encapreppart_read (Shishi
* handle
, FILE * fh
,
1231 Shishi_asn1
* encapreppart
);
1232 extern int shishi_encapreppart_parse (Shishi
* handle
, FILE * fh
,
1233 Shishi_asn1
* encapreppart
);
1234 extern int shishi_encapreppart_from_file (Shishi
* handle
,
1235 Shishi_asn1
* encapreppart
,
1236 int filetype
, char *filename
);
1237 extern int shishi_encapreppart_get_key (Shishi
* handle
,
1238 Shishi_asn1 encapreppart
,
1241 size_t * keyvalue_len
);
1242 extern int shishi_encapreppart_seqnumber_get (Shishi
* handle
,
1243 Shishi_asn1 encapreppart
,
1244 uint32_t *seqnumber
);
1247 extern Shishi_asn1
shishi_apreq (Shishi
* handle
);
1248 extern int shishi_apreq_parse (Shishi
* handle
, FILE * fh
,
1249 Shishi_asn1
* apreq
);
1250 extern int shishi_apreq_from_file (Shishi
* handle
, Shishi_asn1
* apreq
,
1251 int filetype
, char *filename
);
1252 extern int shishi_apreq_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 apreq
);
1253 extern int shishi_apreq_to_file (Shishi
* handle
, Shishi_asn1 apreq
,
1254 int filetype
, char *filename
);
1255 extern int shishi_apreq_read (Shishi
* handle
, FILE * fh
,
1256 Shishi_asn1
* apreq
);
1257 extern int shishi_apreq_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 apreq
);
1258 extern int shishi_apreq_options (Shishi
* handle
, Shishi_asn1 apreq
,
1260 extern int shishi_apreq_options_set (Shishi
* handle
, Shishi_asn1 apreq
,
1262 extern int shishi_apreq_set_ticket (Shishi
* handle
, Shishi_asn1 apreq
,
1263 Shishi_asn1 ticket
);
1264 extern int shishi_apreq_set_authenticator (Shishi
* handle
, Shishi_asn1 apreq
,
1266 char *buf
, int buflen
);
1267 extern int shishi_apreq_add_authenticator (Shishi
* handle
, Shishi_asn1 apreq
,
1268 Shishi_key
* key
, int keyusage
,
1269 Shishi_asn1 authenticator
);
1270 extern int shishi_apreq_options (Shishi
* handle
, Shishi_asn1 apreq
,
1272 extern int shishi_apreq_use_session_key_p (Shishi
* handle
,
1274 extern int shishi_apreq_mutual_required_p (Shishi
* handle
,
1276 extern int shishi_apreq_options_set (Shishi
* handle
, Shishi_asn1 apreq
,
1278 extern int shishi_apreq_options_add (Shishi
* handle
, Shishi_asn1 apreq
,
1280 extern int shishi_apreq_get_ticket (Shishi
* handle
, Shishi_asn1 apreq
,
1281 Shishi_asn1
* ticket
);
1282 extern int shishi_apreq_get_authenticator_etype (Shishi
* handle
,
1285 extern int shishi_apreq_decrypt (Shishi
* handle
, Shishi_asn1 apreq
,
1286 Shishi_key
* key
, int keyusage
,
1287 Shishi_asn1
* authenticator
);
1290 extern int shishi_kdcrep_decrypt (Shishi
* handle
,
1293 int keyusage
, Shishi_asn1
* enckdcreppart
);
1294 /* enckdcreppart.c */
1295 extern int shishi_enckdcreppart_get_key (Shishi
* handle
,
1296 Shishi_asn1 enckdcreppart
,
1298 extern int shishi_enckdcreppart_srealm_set (Shishi
* handle
,
1299 Shishi_asn1 enckdcreppart
,
1300 const char *srealm
);
1301 extern int shishi_enckdcreppart_sname_set (Shishi
* handle
,
1302 Shishi_asn1 enckdcreppart
,
1303 Shishi_name_type name_type
,
1305 extern int shishi_enckdcreppart_server_set (Shishi
* handle
,
1306 Shishi_asn1 enckdcreppart
,
1307 const char *server
);
1310 extern Shishi_asn1
shishi_aprep (Shishi
* handle
);
1311 extern int shishi_aprep_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 aprep
);
1312 extern int shishi_aprep_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 aprep
);
1313 extern int shishi_aprep_to_file (Shishi
* handle
, Shishi_asn1 aprep
,
1314 int filetype
, char *filename
);
1315 extern int shishi_aprep_read (Shishi
* handle
, FILE * fh
,
1316 Shishi_asn1
* aprep
);
1317 extern int shishi_aprep_parse (Shishi
* handle
, FILE * fh
,
1318 Shishi_asn1
* aprep
);
1319 extern int shishi_aprep_from_file (Shishi
* handle
, Shishi_asn1
* aprep
,
1320 int filetype
, char *filename
);
1321 extern int shishi_aprep_decrypt (Shishi
* handle
, Shishi_asn1 aprep
,
1322 Shishi_key
* key
, int keyusage
,
1323 Shishi_asn1
* encapreppart
);
1324 extern int shishi_aprep_verify (Shishi
* handle
, Shishi_asn1 authenticator
,
1325 Shishi_asn1 encapreppart
);
1326 extern int shishi_aprep_enc_part_set (Shishi
* handle
, Shishi_asn1 aprep
,
1327 int etype
, const char *buf
, int buflen
);
1328 extern int shishi_aprep_enc_part_add (Shishi
* handle
, Shishi_asn1 aprep
,
1329 Shishi_asn1 encticketpart
,
1330 Shishi_asn1 encapreppart
);
1331 extern int shishi_aprep_enc_part_make (Shishi
* handle
, Shishi_asn1 aprep
,
1332 Shishi_asn1 authenticator
,
1333 Shishi_asn1 encticketpart
);
1334 extern int shishi_aprep_get_enc_part_etype (Shishi
* handle
,
1339 extern int shishi_kdc_sendrecv (Shishi
* handle
,
1342 size_t inlen
, char *outdata
, size_t * outlen
);
1344 /* encticketpart.c */
1345 extern Shishi_asn1
shishi_encticketpart (Shishi
* handle
);
1346 extern int shishi_encticketpart_key_set (Shishi
* handle
,
1347 Shishi_asn1 encticketpart
,
1349 extern int shishi_encticketpart_get_enc_part_etype (Shishi
* handle
,
1350 Shishi_asn1 encticketpart
,
1352 extern int shishi_encticketpart_get_key (Shishi
* handle
,
1353 Shishi_asn1 encticketpart
,
1355 extern int shishi_encticketpart_crealm_set (Shishi
* handle
,
1356 Shishi_asn1 encticketpart
,
1358 extern int shishi_encticketpart_cname_get (Shishi
* handle
,
1359 Shishi_asn1 encticketpart
,
1360 char *cname
, int *cnamelen
);
1361 extern int shishi_encticketpart_cname_set (Shishi
* handle
,
1362 Shishi_asn1 encticketpart
,
1363 Shishi_name_type name_type
,
1364 const char *principal
);
1365 extern int shishi_encticketpart_cnamerealm_get (Shishi
* handle
,
1366 Shishi_asn1 encticketpart
,
1368 int *cnamerealmlen
);
1369 extern int shishi_encticketpart_print (Shishi
* handle
, FILE * fh
,
1370 Shishi_asn1 encticketpart
);
1371 extern int shishi_encticketpart_flags_set (Shishi
* handle
,
1372 Shishi_asn1 encticketpart
,
1374 extern int shishi_encticketpart_transited_set (Shishi
* handle
,
1375 Shishi_asn1 encticketpart
,
1379 extern int shishi_encticketpart_authtime_set (Shishi
* handle
,
1380 Shishi_asn1 encticketpart
,
1381 const char *authtime
);
1382 extern int shishi_encticketpart_endtime_set (Shishi
* handle
,
1383 Shishi_asn1 encticketpart
,
1384 const char *endtime
);
1385 extern int shishi_encticketpart_authtime (Shishi
* handle
,
1386 Shishi_asn1 encticketpart
,
1387 char *authtime
, int *authtimelen
);
1388 extern time_t shishi_encticketpart_authctime (Shishi
* handle
,
1389 Shishi_asn1 encticketpart
);
1392 extern int shishi_safe (Shishi
* handle
, Shishi_safe
** safe
);
1393 extern Shishi_key
*shishi_safe_key (Shishi_safe
* safe
);
1394 extern void shishi_safe_key_set (Shishi_safe
* safe
, Shishi_key
* key
);
1395 extern Shishi_asn1
shishi_safe_safe (Shishi_safe
* safe
);
1396 extern void shishi_safe_safe_set (Shishi_safe
* safe
, Shishi_asn1 asn1safe
);
1397 extern int shishi_safe_safe_der (Shishi_safe
* safe
, char *out
, int *outlen
);
1398 extern int shishi_safe_safe_der_set (Shishi_safe
* safe
,
1399 char *der
, size_t derlen
);
1400 extern int shishi_safe_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 safe
);
1401 extern int shishi_safe_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 safe
);
1402 extern int shishi_safe_to_file (Shishi
* handle
, Shishi_asn1 safe
,
1403 int filetype
, char *filename
);
1404 extern int shishi_safe_parse (Shishi
* handle
, FILE * fh
, Shishi_asn1
* safe
);
1405 extern int shishi_safe_read (Shishi
* handle
, FILE * fh
, Shishi_asn1
* safe
);
1406 extern int shishi_safe_from_file (Shishi
* handle
, Shishi_asn1
* safe
,
1407 int filetype
, char *filename
);
1408 extern int shishi_safe_cksum (Shishi
* handle
,
1410 int32_t * cksumtype
,
1411 char *cksum
, size_t * cksumlen
);
1412 extern int shishi_safe_set_cksum (Shishi
* handle
,
1415 char *cksum
, size_t cksumlen
);
1416 extern int shishi_safe_user_data (Shishi
* handle
,
1418 char *userdata
, size_t * userdatalen
);
1419 extern int shishi_safe_set_user_data (Shishi
* handle
,
1421 char *userdata
, size_t userdatalen
);
1422 extern int shishi_safe_build (Shishi_safe
* safe
, Shishi_key
* key
);
1423 extern int shishi_safe_verify (Shishi_safe
* safe
, Shishi_key
* key
);