search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix messages.
[shishi.git] / lib / shishi.h.in
blob42b9f7a148e2f7e8fdcde8ed692ed021d644c72e
1 /* shishi.h Header file for Shishi library. -*- c -*-
2 * Copyright (C) 2002, 2003 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 */
21
22 #ifndef SHISHI_H
23 #define SHISHI_H
24
25 #include <stddef.h> /* size_t */
26 #include <stdio.h> /* FILE */
27 #include <time.h> /* time_t */
28 #include <shishi-int.h> /* uint32_t */
29
30 #define SHISHI_VERSION "@PACKAGE_VERSION@"
31
32 /* Error codes */
33 typedef enum
34 {
35 SHISHI_OK = 0,
36 SHISHI_ASN1_ERROR = 1,
37 SHISHI_FOPEN_ERROR = 2,
38 SHISHI_FCLOSE_ERROR = 3,
39 SHISHI_MALLOC_ERROR = 4,
40 SHISHI_BASE64_ERROR = 5,
41 SHISHI_REALM_MISMATCH = 6,
42 SHISHI_CNAME_MISMATCH = 7,
43 SHISHI_NONCE_MISMATCH = 8,
44 SHISHI_TGSREP_BAD_KEYTYPE = 9,
45 SHISHI_KDCREP_BAD_KEYTYPE = 10,
46 SHISHI_APREP_BAD_KEYTYPE = 11,
47 SHISHI_APREP_VERIFY_FAILED = 12,
48 SHISHI_APREQ_BAD_KEYTYPE = 13,
49 SHISHI_TOO_SMALL_BUFFER = 14,
50 SHISHI_DERIVEDKEY_TOO_SMALL = 15,
51 SHISHI_KEY_TOO_LARGE = 16,
52 SHISHI_CRYPTO_ERROR = 17,
53 SHISHI_CRYPTO_INTERNAL_ERROR = 18,
54 SHISHI_SOCKET_ERROR = 19,
55 SHISHI_BIND_ERROR = 20,
56 SHISHI_SENDTO_ERROR = 21,
57 SHISHI_RECVFROM_ERROR = 22,
58 SHISHI_CLOSE_ERROR = 23,
59 SHISHI_KDC_TIMEOUT = 24,
60 SHISHI_KDC_NOT_KNOWN_FOR_REALM = 25,
61 SHISHI_TTY_ERROR = 26,
62 SHISHI_GOT_KRBERROR = 27,
63 SHISHI_HANDLE_ERROR = 28,
64 SHISHI_INVALID_TKTS = 29,
65 SHISHI_TICKET_BAD_KEYTYPE = 30,
66 SHISHI_INVALID_KEY = 31,
67 SHISHI_APREQ_DECRYPT_FAILED = 32,
68 SHISHI_TICKET_DECRYPT_FAILED = 33,
69 SHISHI_INVALID_TICKET = 34,
70 SHISHI_OUT_OF_RANGE = 35,
71 SHISHI_ASN1_NO_ELEMENT = 36,
72 SHISHI_SAFE_BAD_KEYTYPE = 37,
73 SHISHI_SAFE_VERIFY_FAILED = 38,
74 SHISHI_PKCS5_INVALID_PRF = 39,
75 SHISHI_PKCS5_INVALID_ITERATION_COUNT = 40,
76 SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH = 41,
77 SHISHI_PKCS5_DERIVED_KEY_TOO_LONG = 42,
78 SHISHI_INVALID_PRINCIPAL_NAME = 43,
79 SHISHI_INVALID_ARGUMENT = 44,
80 SHISHI_ASN1_NO_VALUE = 45,
81 SHISHI_CONNECT_ERROR = 46,
82 SHISHI_VERIFY_FAILED = 47,
83 SHISHI_PRIV_BAD_KEYTYPE = 48,
84 SHISHI_FILE_ERROR = 49,
85 SHISHI_LAST_ERROR = 49
86 }
87 Shishi_rc;
88
89 typedef enum
90 {
91 /* Name type not known */
92 SHISHI_NT_UNKNOWN = 0,
93 /* Just the name of the principal as in DCE, or for users */
94 SHISHI_NT_PRINCIPAL = 1,
95 /* Service and other unique instance (krbtgt) */
96 SHISHI_NT_SRV_INST = 2,
97 /* Service with host name as instance (telnet, rcommands) */
98 SHISHI_NT_SRV_HST = 3,
99 /* Service with host as remaining components */
100 SHISHI_NT_SRV_XHST = 4,
101 /* Unique ID */
102 SHISHI_NT_UID = 5,
103 /* Encoded X.509 Distingished name [RFC 2253] */
104 SHISHI_NT_X500_PRINCIPAL = 6,
105 /* Name in form of SMTP email name (e.g. user@foo.com) */
106 SHISHI_NT_SMTP_NAME = 7,
107 /* Enterprise name - may be mapped to principal name */
108 SHISHI_NT_ENTERPRISE = 10
109 }
110 Shishi_name_type;
111
112 typedef enum
113 {
114 SHISHI_PA_TGS_REQ = 1,
115 SHISHI_PA_ENC_TIMESTAMP = 2,
116 SHISHI_PA_PW_SALT = 3,
117 SHISHI_PA_RESERVED = 4,
118 SHISHI_PA_ENC_UNIX_TIME = 5, /* (deprecated) */
119 SHISHI_PA_SANDIA_SECUREID = 6,
120 SHISHI_PA_SESAME = 7,
121 SHISHI_PA_OSF_DCE = 8,
122 SHISHI_PA_CYBERSAFE_SECUREID = 9,
123 SHISHI_PA_AFS3_SALT = 10,
124 SHISHI_PA_ETYPE_INFO = 11,
125 SHISHI_PA_SAM_CHALLENGE = 12, /* (sam/otp) */
126 SHISHI_PA_SAM_RESPONSE = 13, /* (sam/otp) */
127 SHISHI_PA_PK_AS_REQ = 14, /* (pkinit) */
128 SHISHI_PA_PK_AS_REP = 15, /* (pkinit) */
129 SHISHI_PA_ETYPE_INFO2 = 19, /* (replaces pa_etype_info) */
130 SHISHI_PA_USE_SPECIFIED_KVNO = 20,
131 SHISHI_PA_SAM_REDIRECT = 21, /* (sam/otp) */
132 SHISHI_PA_GET_FROM_TYPED_DATA = 22, /* (embedded in typed data) */
133 SHISHI_TD_PADATA = 22, /* (embeds padata) */
134 SHISHI_PA_SAM_ETYPE_INFO = 23, /* (sam/otp) */
135 SHISHI_PA_ALT_PRINC = 24, /* (crawdad@fnal.gov) */
136 SHISHI_PA_SAM_CHALLENGE2 = 30, /* (kenh@pobox.com) */
137 SHISHI_PA_SAM_RESPONSE2 = 31, /* (kenh@pobox.com) */
138 SHISHI_PA_EXTRA_TGT = 41, /* Reserved extra TGT */
139 SHISHI_TD_PKINIT_CMS_CERTIFICATES = 101, /* CertificateSet from CMS */
140 SHISHI_TD_KRB_PRINCIPAL = 102, /* PrincipalName */
141 SHISHI_TD_KRB_REALM = 103, /* Realm */
142 SHISHI_TD_TRUSTED_CERTIFIERS = 104, /* from PKINIT */
143 SHISHI_TD_CERTIFICATE_INDEX = 105, /* from PKINIT */
144 SHISHI_TD_APP_DEFINED_ERROR = 106, /* application specific */
145 SHISHI_TD_REQ_NONCE = 107, /* INTEGER */
146 SHISHI_TD_REQ_SEQ = 108, /* INTEGER */
147 SHISHI_PA_PAC_REQUEST = 128 /* (jbrezak@exchange.microsoft.com) */
148 }
149 Shishi_padata_type;
150
151 typedef enum
152 {
153 SHISHI_TR_DOMAIN_X500_COMPRESS = 1
154 }
155 Shishi_tr_type;
156
157 typedef enum
158 {
159 SHISHI_APOPTIONS_RESERVED = 0x1, /* bit 0 */
160 SHISHI_APOPTIONS_USE_SESSION_KEY = 0x2, /* bit 1 */
161 SHISHI_APOPTIONS_MUTUAL_REQUIRED = 0x4 /* bit 2 */
162 }
163 Shishi_apoptions;
164
165 typedef enum
166 {
167 SHISHI_TICKETFLAGS_RESERVED = 0x1, /* bit 0 */
168 SHISHI_TICKETFLAGS_FORWARDABLE = 0x2, /* bit 1 */
169 SHISHI_TICKETFLAGS_FORWARDED = 0x4, /* bit 2 */
170 SHISHI_TICKETFLAGS_PROXIABLE = 0x8, /* bit 3 */
171 SHISHI_TICKETFLAGS_PROXY = 0x10, /* bit 4 */
172 SHISHI_TICKETFLAGS_MAY_POSTDATE = 0x20, /* bit 5 */
173 SHISHI_TICKETFLAGS_POSTDATED = 0x40, /* bit 6 */
174 SHISHI_TICKETFLAGS_INVALID = 0x80, /* bit 7 */
175 SHISHI_TICKETFLAGS_RENEWABLE = 0x100, /* bit 8 */
176 SHISHI_TICKETFLAGS_INITIAL = 0x200, /* bit 9 */
177 SHISHI_TICKETFLAGS_PRE_AUTHENT = 0x400, /* bit 10 */
178 SHISHI_TICKETFLAGS_HW_AUTHENT = 0x800, /* bit 11 */
179 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED = 0x1000, /* bit 12 */
180 SHISHI_TICKETFLAGS_OK_AS_DELEGATE = 0x2000 /* bit 13 */
181 }
182 Shishi_ticketflags;
183
184 typedef enum
185 {
186 SHISHI_KDCOPTIONS_RESERVED = 0x1, /* bit 0 */
187 SHISHI_KDCOPTIONS_FORWARDABLE = 0x2, /* bit 1 */
188 SHISHI_KDCOPTIONS_FORWARDED = 0x4, /* bit 2 */
189 SHISHI_KDCOPTIONS_PROXIABLE = 0x8, /* bit 3 */
190 SHISHI_KDCOPTIONS_PROXY = 0x10, /* bit 4 */
191 SHISHI_KDCOPTIONS_ALLOW_POSTDATE = 0x20, /* bit 5 */
192 SHISHI_KDCOPTIONS_POSTDATED = 0x40, /* bit 6 */
193 SHISHI_KDCOPTIONS_UNUSED7 = 0x80, /* bit 7 */
194 SHISHI_KDCOPTIONS_RENEWABLE = 0x100, /* bit 8 */
195 SHISHI_KDCOPTIONS_UNUSED9 = 0x200, /* bit 9 */
196 SHISHI_KDCOPTIONS_UNUSED10 = 0x400, /* bit 10 */
197 SHISHI_KDCOPTIONS_UNUSED11 = 0x800, /* bit 11 */
198 SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK = 0x4000000, /* bit 26 */
199 SHISHI_KDCOPTIONS_RENEWABLE_OK = 0x8000000, /* bit 27 */
200 SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY = 0x10000000, /* bit 28 */
201 SHISHI_KDCOPTIONS_RENEW = 0x40000000, /* bit 30 */
202 SHISHI_KDCOPTIONS_VALIDATE = 0x80000000 /* bit 31 */
203 }
204 Shishi_KDCOptions;
205
206 typedef enum
207 {
208 /* 0 unused */
209 /* 1 Ticket PDU */
210 /* 2 Authenticator non-PDU */
211 /* 3 EncTicketPart non-PDU */
212 /* 4-9 unused */
213 /* Request for initial authentication */
214 SHISHI_MSGTYPE_AS_REQ = 10,
215 /* Response to SHISHI_MSGTYPE_AS_REQ request */
216 SHISHI_MSGTYPE_AS_REP = 11,
217 /* Request for authentication based on TGT */
218 SHISHI_MSGTYPE_TGS_REQ = 12,
219 /* Response to SHISHI_MSGTYPE_TGS_REQ request */
220 SHISHI_MSGTYPE_TGS_REP = 13,
221 /* application request to server */
222 SHISHI_MSGTYPE_AP_REQ = 14,
223 /* Response to SHISHI_MSGTYPE_AP_REQ_MUTUAL */
224 SHISHI_MSGTYPE_AP_REP = 15,
225 /* Reserved for user-to-user krb_tgt_request */
226 SHISHI_MSGTYPE_RESERVED16 = 16,
227 /* Reserved for user-to-user krb_tgt_reply */
228 SHISHI_MSGTYPE_RESERVED17 = 17,
229 /* 18-19 unused */
230 /* Safe (checksummed) application message */
231 SHISHI_MSGTYPE_SAFE = 20,
232 /* Private (encrypted) application message */
233 SHISHI_MSGTYPE_PRIV = 21,
234 /* Private (encrypted) message to forward credentials */
235 SHISHI_MSGTYPE_CRED = 22,
236 /* 23-24 unused */
237 /* 25 EncASRepPart non-PDU */
238 /* 26 EncTGSRepPart non-PDU */
239 /* 27 EncApRepPart non-PDU */
240 /* 28 EncKrbPrivPart non-PDU */
241 /* 29 EncKrbCredPart non-PDU */
242 /* Error response */
243 SHISHI_MSGTYPE_ERROR = 30
244 }
245 Shishi_msgtype;
246
247 typedef enum
248 {
249 SHISHI_LRTYPE_LAST_INITIAL_TGT_REQUEST = 1,
250 SHISHI_LRTYPE_LAST_INITIAL_REQUEST = 2,
251 SHISHI_LRTYPE_NEWEST_TGT_ISSUE = 3,
252 SHISHI_LRTYPE_LAST_RENEWAL = 4,
253 SHISHI_LRTYPE_LAST_REQUEST = 5
254 }
255 Shishi_lrtype;
256
257 typedef enum
258 {
259 SHISHI_NULL = 0,
260 SHISHI_DES_CBC_CRC = 1,
261 SHISHI_DES_CBC_MD4 = 2,
262 SHISHI_DES_CBC_MD5 = 3,
263 SHISHI_DES_CBC_NONE = 4,
264 SHISHI_DES3_CBC_NONE = 6,
265 SHISHI_DES3_CBC_HMAC_SHA1_KD = 16,
266 SHISHI_AES128_CTS_HMAC_SHA1_96 = 17,
267 SHISHI_AES256_CTS_HMAC_SHA1_96 = 18,
268 SHISHI_RC4_HMAC = 23,
269 SHISHI_RC4_HMAC_EXP = 24
270 }
271 Shishi_etype;
272
273 typedef enum
274 {
275 SHISHI_CRC32 = 1,
276 SHISHI_RSA_MD4 = 2,
277 SHISHI_RSA_MD4_DES = 3,
278 SHISHI_DES_MAC = 4,
279 SHISHI_DES_MAC_K = 5,
280 SHISHI_RSA_MD4_DES_K = 6,
281 SHISHI_RSA_MD5 = 7,
282 SHISHI_RSA_MD5_DES = 8,
283 SHISHI_RSA_MD5_DES_GSS = 9, /* XXX */
284 SHISHI_HMAC_SHA1_DES3_KD = 12,
285 SHISHI_HMAC_SHA1_96_AES128 = 15,
286 SHISHI_HMAC_SHA1_96_AES256 = 16,
287 SHISHI_RC4_HMAC_MD5 = -138,
288 SHISHI_NO_CKSUMTYPE = -1
289 }
290 Shishi_cksumtype;
291
292 typedef enum
293 {
294 SHISHI_FILETYPE_TEXT = 0,
295 SHISHI_FILETYPE_DER,
296 SHISHI_FILETYPE_HEX,
297 SHISHI_FILETYPE_BASE64,
298 SHISHI_FILETYPE_BINARY
299 }
300 Shishi_filetype;
301
302 typedef enum
303 {
304 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
305 client key */
306 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP = 1,
307 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
308 application session key), encrypted with the service key */
309 SHISHI_KEYUSAGE_ENCTICKETPART = 2,
310 /* 3. AS-REP encrypted part (includes TGS session key or application
311 session key), encrypted with the client key */
312 SHISHI_KEYUSAGE_ENCASREPPART = 3,
313 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
314 session key */
315 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY = 4,
316 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
317 authenticator subkey (section 5.4.1) */
318 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY = 5,
319 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
320 TGS session key */
321 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM = 6,
322 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
323 authenticator subkey), encrypted with the TGS session key */
324 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR = 7,
325 /* 8. TGS-REP encrypted part (includes application session key), encrypted
326 with the TGS session key */
327 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY = 8,
328 /* 9. TGS-REP encrypted part (includes application session key), encrypted
329 with the TGS authenticator subkey */
330 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY = 9,
331 /* 10. AP-REQ Authenticator cksum, keyed with the application
332 session key */
333 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM = 10,
334 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
335 encrypted with the application session key */
336 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR = 11,
337 /* 12. AP-REP encrypted part (includes application session subkey),
338 encrypted with the application session key */
339 SHISHI_KEYUSAGE_ENCAPREPPART = 12,
340 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
341 application */
342 SHISHI_KEYUSAGE_KRB_PRIV = 13,
343 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
344 application */
345 SHISHI_KEYUSAGE_KRB_CRED = 14,
346 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
347 SHISHI_KEYUSAGE_KRB_SAFE = 15,
348 /* 18. KRB-ERROR checksum (e-cksum) */
349 SHISHI_KEYUSAGE_KRB_ERROR = 18,
350 /* 19. AD-KDCIssued checksum (ad-checksum) */
351 SHISHI_KEYUSAGE_AD_KDCISSUED = 19,
352 /* 20. Checksum for Mandatory Ticket Extensions */
353 SHISHI_KEYUSAGE_TICKET_EXTENSION = 20,
354 /* 21. Checksum in Authorization Data in Ticket Extensions */
355 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION = 21,
356 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
357 (raeburn/MIT) */
358 SHISHI_KEYUSAGE_GSS_R1 = 22,
359 SHISHI_KEYUSAGE_GSS_R2 = 23,
360 SHISHI_KEYUSAGE_GSS_R3 = 24
361 /* 16-18,20-21,25-511. Reserved for future use in Kerberos and related
362 protocols.
363 512-1023. Reserved for uses internal to a Kerberos
364 implementation.
365 1024. Encryption for application use in protocols that
366 do not specify key usage values
367 1025. Checksums for application use in protocols that
368 do not specify key usage values
369 1026-2047. Reserved for application use. */
370 }
371 Shishi_keyusage;
372
373 typedef enum
374 {
375 /* No error */
376 SHISHI_KDC_ERR_NONE = 0,
377 /* Client's entry in database has expired */
378 SHISHI_KDC_ERR_NAME_EXP = 1,
379 /* Server's entry in database has expired */
380 SHISHI_KDC_ERR_SERVICE_EXP = 2,
381 /* Requested protocol version number - not supported */
382 SHISHI_KDC_ERR_BAD_PVNO = 3,
383 /* Client's key encrypted in old master key */
384 SHISHI_KDC_ERR_C_OLD_MAST_KVNO = 4,
385 /* Server's key encrypted in old master key */
386 SHISHI_KDC_ERR_S_OLD_MAST_KVNO = 5,
387 /* Client not found in Kerberos database */
388 SHISHI_KDC_ERR_C_PRINCIPAL_UNKNOWN = 6,
389 /* Server not found in Kerberos database */
390 SHISHI_KDC_ERR_S_PRINCIPAL_UNKNOWN = 7,
391 /* Multiple principal entries in database */
392 SHISHI_KDC_ERR_PRINCIPAL_NOT_UNIQUE = 8,
393 /* The client or server has a null key */
394 SHISHI_KDC_ERR_NULL_KEY = 9,
395 /* Ticket not eligible for postdating */
396 SHISHI_KDC_ERR_CANNOT_POSTDATE = 10,
397 /* Requested start time is later than end time */
398 SHISHI_KDC_ERR_NEVER_VALID = 11,
399 /* KDC policy rejects request */
400 SHISHI_KDC_ERR_POLICY = 12,
401 /* KDC cannot accommodate requested option */
402 SHISHI_KDC_ERR_BADOPTION = 13,
403 /* KDC has no support for encryption type */
404 SHISHI_KDC_ERR_ETYPE_NOSUPP = 14,
405 /* KDC has no support for checksum type */
406 SHISHI_KDC_ERR_SUMTYPE_NOSUPP = 15,
407 /* KDC has no support for padata type */
408 SHISHI_KDC_ERR_PADATA_TYPE_NOSUPP = 16,
409 /* KDC has no support for transited type */
410 SHISHI_KDC_ERR_TRTYPE_NOSUPP = 17,
411 /* Clients credentials have been revoked */
412 SHISHI_KDC_ERR_CLIENT_REVOKED = 18,
413 /* Credentials for server have been revoked */
414 SHISHI_KDC_ERR_SERVICE_REVOKED = 19,
415 /* TGT has been revoked */
416 SHISHI_KDC_ERR_TGT_REVOKED = 20,
417 /* Client not yet valid - try again later */
418 SHISHI_KDC_ERR_CLIENT_NOTYET = 21,
419 /* Server not yet valid - try again later */
420 SHISHI_KDC_ERR_SERVICE_NOTYET = 22,
421 /* Password has expired - change password to reset */
422 SHISHI_KDC_ERR_KEY_EXPIRED = 23,
423 /* Pre-authentication information was invalid */
424 SHISHI_KDC_ERR_PREAUTH_FAILED = 24,
425 /* Additional pre-authenticationrequired */
426 SHISHI_KDC_ERR_PREAUTH_REQUIRED = 25,
427 /* Requested server and ticket don't match */
428 SHISHI_KDC_ERR_SERVER_NOMATCH = 26,
429 /* Server principal valid for user = 2,user only */
430 SHISHI_KDC_ERR_MUST_USE_USER2USER = 27,
431 /* KDC Policy rejects transited path */
432 SHISHI_KDC_ERR_PATH_NOT_ACCPETED = 28,
433 /* A service is not available */
434 SHISHI_KDC_ERR_SVC_UNAVAILABLE = 29,
435 /* Integrity check on decrypted field failed */
436 SHISHI_KRB_AP_ERR_BAD_INTEGRITY = 31,
437 /* Ticket expired */
438 SHISHI_KRB_AP_ERR_TKT_EXPIRED = 32,
439 /* Ticket not yet valid */
440 SHISHI_KRB_AP_ERR_TKT_NYV = 33,
441 /* Request is a replay */
442 SHISHI_KRB_AP_ERR_REPEAT = 34,
443 /* The ticket isn't for us */
444 SHISHI_KRB_AP_ERR_NOT_US = 35,
445 /* Ticket and authenticator don't match */
446 SHISHI_KRB_AP_ERR_BADMATCH = 36,
447 /* Clock skew too great */
448 SHISHI_KRB_AP_ERR_SKEW = 37,
449 /* Incorrect net address */
450 SHISHI_KRB_AP_ERR_BADADDR = 38,
451 /* Protocol version mismatch */
452 SHISHI_KRB_AP_ERR_BADVERSION = 39,
453 /* Invalid msg type */
454 SHISHI_KRB_AP_ERR_MSG_TYPE = 40,
455 /* Message stream modified */
456 SHISHI_KRB_AP_ERR_MODIFIED = 41,
457 /* Message out of order */
458 SHISHI_KRB_AP_ERR_BADORDER = 42,
459 /* Specified version of key is not available */
460 SHISHI_KRB_AP_ERR_BADKEYVER = 44,
461 /* Service key not available */
462 SHISHI_KRB_AP_ERR_NOKEY = 45,
463 /* Mutual authentication failed */
464 SHISHI_KRB_AP_ERR_MUT_FAIL = 46,
465 /* Incorrect message direction */
466 SHISHI_KRB_AP_ERR_BADDIRECTION = 47,
467 /* Alternative authentication method required */
468 SHISHI_KRB_AP_ERR_METHOD = 48,
469 /* Incorrect sequence number in message */
470 SHISHI_KRB_AP_ERR_BADSEQ = 49,
471 /* Inappropriate type of checksum in message */
472 SHISHI_KRB_AP_ERR_INAPP_CKSUM = 50,
473 /* Policy rejects transited path */
474 SHISHI_KRB_AP_PATH_NOT_ACCEPTED = 51,
475 /* Response too big for UDP, retry with TCP */
476 SHISHI_KRB_ERR_RESPONSE_TOO_BIG = 52,
477 /* Generic error (description in e-text) */
478 SHISHI_KRB_ERR_GENERIC = 60,
479 /* Field is too long for this implementation */
480 SHISHI_KRB_ERR_FIELD_TOOLONG = 61,
481 /* Reserved for PKINIT */
482 SHISHI_KDC_ERROR_CLIENT_NOT_TRUSTED = 62,
483 /* Reserved for PKINIT */
484 SHISHI_KDC_ERROR_KDC_NOT_TRUSTED = 63,
485 /* Reserved for PKINIT */
486 SHISHI_KDC_ERROR_INVALID_SIG = 64,
487 /* Reserved for PKINIT */
488 SHISHI_KDC_ERR_KEY_TOO_WEAK = 65,
489 /* Reserved for PKINIT */
490 SHISHI_KDC_ERR_CERTIFICATE_MISMATCH = 66,
491 /* No TGT available to validate USER-TO-USER */
492 SHISHI_KRB_AP_ERR_NO_TGT = 67,
493 /* USER-TO-USER TGT issued different KDC */
494 SHISHI_KDC_ERR_WRONG_REALM = 68,
495 /* Ticket must be for USER-TO-USER */
496 SHISHI_KRB_AP_ERR_USER_TO_USER_REQUIRED = 69,
497 /* Reserved for PKINIT */
498 SHISHI_KDC_ERR_CANT_VERIFY_CERTIFICATE = 70,
499 /* Reserved for PKINIT */
500 SHISHI_KDC_ERR_INVALID_CERTIFICATE = 71,
501 /* Reserved for PKINIT */
502 SHISHI_KDC_ERR_REVOKED_CERTIFICATE = 72,
503 /* Reserved for PKINIT */
504 SHISHI_KDC_ERR_REVOCATION_STATUS_UNKNOWN = 73,
505 /* Reserved for PKINIT */
506 SHISHI_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE = 74,
507 /* Reserved for PKINIT */
508 SHISHI_KDC_ERR_CLIENT_NAME_MISMATCH = 75,
509 /* Reserved for PKINIT */
510 SHISHI_KDC_ERR_KDC_NAME_MISMATCH = 76,
511 SHISHI_LAST_ERROR_CODE = 76
512 }
513 Shishi_krb_error;
514
515 typedef enum
516 {
517 SHISHI_TKTSHINTFLAGS_ACCEPT_EXPIRED = 1
518 }
519 Shishi_tkts_hintflags;
520
521 struct Shishi_tkts_hint
522 {
523 int startpos;
524 char *server;
525 char *serverrealm;
526 char *client;
527 char *clientrealm;
528 int flags;
529 Shishi_ticketflags tktflags;
530 Shishi_KDCOptions kdcoptions;
531 int32_t etype;
532 char *passwd;
533 time_t starttime;
534 time_t endtime;
535 time_t renew_till;
536 };
537 typedef struct Shishi_tkts_hint Shishi_tkts_hint;
538
539 typedef struct Shishi Shishi;
540 typedef struct Shishi_tkt Shishi_tkt;
541 typedef struct Shishi_tkts Shishi_tkts;
542 typedef struct Shishi_as Shishi_as;
543 typedef struct Shishi_tgs Shishi_tgs;
544 typedef struct Shishi_ap Shishi_ap;
545 typedef struct Shishi_key Shishi_key;
546 typedef struct Shishi_safe Shishi_safe;
547 typedef struct Shishi_priv Shishi_priv;
548 #ifndef _SHISHI_HAS_LIBTASN1_H
549 typedef struct node_asn_struct *ASN1_TYPE;
550 #endif
551 typedef ASN1_TYPE Shishi_asn1;
552
553 /* init.c */
554 extern Shishi *shishi (void);
555 extern void shishi_done (Shishi * handle);
556 extern int shishi_init (Shishi ** handle);
557 extern int shishi_init_with_paths (Shishi ** handle,
558 const char *tktsfile,
559 const char *systemcfgfile,
560 const char *usercfgfile);
561 extern int shishi_init_server (Shishi ** handle);
562 extern int shishi_init_server_with_paths (Shishi ** handle,
563 const char *systemcfgfile);
564
565 /* cfg.c */
566 extern int shishi_cfg (Shishi * handle, char *option);
567 extern int shishi_cfg_from_file (Shishi * handle, const char *cfg);
568 extern int shishi_cfg_print (Shishi * handle, FILE * fh);
569 extern const char *shishi_cfg_default_systemfile (Shishi * handle);
570 extern const char *shishi_cfg_default_userdirectory (Shishi * handle);
571 extern const char *shishi_cfg_default_userfile (Shishi * handle);
572 extern int shishi_cfg_clientkdcetype (Shishi * handle, int32_t ** etypes);
573 extern int shishi_cfg_clientkdcetype_set (Shishi * handle, char *value);
574
575 /* error.c */
576 extern const char *shishi_strerror (int err);
577 extern const char *shishi_error (Shishi * handle);
578 extern void shishi_error_clear (Shishi * handle);
579 extern void shishi_error_set (Shishi * handle, const char *error);
580 extern void shishi_error_printf (Shishi * handle, const char *format, ...);
581 extern void shishi_info (Shishi * handle, const char *format, ...);
582 extern void shishi_warn (Shishi * handle, const char *format, ...);
583
584 /* realm.c */
585 extern char *shishi_realm_default_guess (void);
586 extern const char *shishi_realm_default (Shishi * handle);
587 extern void shishi_realm_default_set (Shishi * handle, const char *realm);
588 extern char *shishi_realm_for_server_file (Shishi * handle, char *server);
589 extern char *shishi_realm_for_server_dns (Shishi * handle, char *server);
590 extern char *shishi_realm_for_server (Shishi * handle, char *server);
591
592 /* principal.c */
593 extern char *shishi_principal_default_guess (void);
594 extern const char *shishi_principal_default (Shishi * handle);
595 extern void shishi_principal_default_set (Shishi * handle,
596 const char *principal);
597 extern int shishi_principal_name_get (Shishi * handle, Shishi_asn1 namenode,
598 const char *namefield, char *out,
599 size_t * outlen);
600 extern int shishi_principal_name_realm_get (Shishi * handle,
601 Shishi_asn1 namenode,
602 const char *namefield,
603 Shishi_asn1 realmnode,
604 const char *realmfield,
605 char *out, size_t * outlen);
606 extern int shishi_principal_name_set (Shishi * handle,
607 Shishi_asn1 namenode,
608 const char *namefield,
609 Shishi_name_type name_type,
610 const char *name[]);
611 extern int shishi_principal_set (Shishi * handle,
612 Shishi_asn1 namenode,
613 const char *namefield, const char *name);
614 extern int shishi_parse_name (Shishi * handle, const char *name,
615 char **principal, char **realm);
616 extern char *shishi_server_for_local_service (Shishi * handle,
617 const char *service);
618
619 /* ticket.c */
620 extern int shishi_ticket_sname_get (Shishi * handle,
621 Shishi_asn1 ticket,
622 char *server, size_t * serverlen);
623 extern int shishi_ticket_sname_set (Shishi * handle,
624 Shishi_asn1 ticket,
625 Shishi_name_type name_type,
626 char *sname[]);
627 extern int shishi_ticket_snamerealm_get (Shishi * handle, Shishi_asn1 ticket,
628 char *serverrealm,
629 size_t * serverrealmlen);
630 extern int shishi_ticket_srealmserver_set (Shishi * handle,
631 Shishi_asn1 ticket, char *realm,
632 char *server);
633 extern int shishi_ticket_set_server (Shishi * handle, Shishi_asn1 ticket,
634 const char *server);
635 extern int shishi_ticket_realm_get (Shishi * handle,
636 Shishi_asn1 ticket,
637 char **realm, size_t * realmlen);
638 extern int shishi_ticket_realm_set (Shishi * handle, Shishi_asn1 ticket,
639 const char *realm);
640 extern int shishi_ticket_get_enc_part_etype (Shishi * handle,
641 Shishi_asn1 ticket,
642 int32_t * etype);
643 extern int shishi_ticket_set_enc_part (Shishi * handle, Shishi_asn1 ticket,
644 int etype, int kvno,
645 char *buf, size_t buflen);
646 extern int shishi_ticket_add_enc_part (Shishi * handle, Shishi_asn1 ticket,
647 Shishi_key * key,
648 Shishi_asn1 encticketpart);
649 extern int shishi_enckdcreppart_key_set (Shishi * handle,
650 Shishi_asn1 enckdcreppart,
651 Shishi_key * key);
652 extern int shishi_ticket_decrypt (Shishi * handle, Shishi_asn1 ticket,
653 Shishi_key * key,
654 Shishi_asn1 * encticketpart);
655
656 /* tkt.c */
657 extern Shishi_asn1 shishi_tkt_ticket (Shishi_tkt * tkt);
658 extern Shishi_asn1 shishi_tkt_kdcrep (Shishi_tkt * tkt);
659 extern Shishi_asn1 shishi_tkt_enckdcreppart (Shishi_tkt * tkt);
660 extern void shishi_tkt_enckdcreppart_set (Shishi_tkt * tkt,
661 Shishi_asn1 enckdcreppart);
662 extern Shishi_asn1 shishi_tkt_encticketpart (Shishi_tkt * tkt);
663 extern void shishi_tkt_encticketpart_set (Shishi_tkt * tkt,
664 Shishi_asn1 encticketpart);
665 extern Shishi_key *shishi_tkt_key (Shishi_tkt * tkt);
666 extern int shishi_tkt_key_set (Shishi_tkt * tkt, Shishi_key * key);
667 extern int shishi_tkt (Shishi * handle, Shishi_tkt ** tkt);
668 extern Shishi_tkt *shishi_tkt2 (Shishi * handle,
669 Shishi_asn1 ticket,
670 Shishi_asn1 enckdcreppart,
671 Shishi_asn1 kdcrep);
672 extern void shishi_tkt_pretty_print (Shishi_tkt * tkt, FILE * fh);
673 extern int shishi_tkt_realm (Shishi_tkt * tkt, char **realm,
674 size_t * realmlen);
675 extern int shishi_tkt_cnamerealm (Shishi_tkt * tkt, char *cnamerealm,
676 size_t * cnamerealmlen);
677 extern int shishi_tkt_cnamerealm_p (Shishi_tkt * tkt, const char *client);
678 extern int shishi_tkt_client (Shishi_tkt * tkt,
679 char *client, size_t * clientlen);
680 extern int shishi_tkt_client_p (Shishi_tkt * tkt, const char *client);
681 extern int shishi_tkt_clientrealm_set (Shishi_tkt * tkt,
682 char *realm, char *client);
683 extern int shishi_tkt_serverrealm_set (Shishi_tkt * tkt,
684 char *realm, char *server);
685 extern int shishi_tkt_build (Shishi_tkt * tkt, Shishi_key * key);
686 extern int shishi_tkt_lastreq (Shishi_tkt * tkt,
687 char *lrtime, size_t * lrtimelen, int lrtype);
688 extern time_t shishi_tkt_lastreqc (Shishi_tkt * tkt, Shishi_lrtype lrtype);
689 extern void shishi_tkt_lastreq_pretty_print (Shishi_tkt * tkt, FILE * fh);
690 extern int shishi_tkt_authtime (Shishi_tkt * tkt,
691 char *authtime, size_t * authtimelen);
692 extern time_t shishi_tkt_authctime (Shishi_tkt * tkt);
693 extern int shishi_tkt_starttime (Shishi_tkt * tkt,
694 char *starttime, size_t * starttimelen);
695 extern time_t shishi_tkt_startctime (Shishi_tkt * tkt);
696 extern int shishi_tkt_endtime (Shishi_tkt * tkt,
697 char *endtime, size_t * endtimelen);
698 extern time_t shishi_tkt_endctime (Shishi_tkt * tkt);
699 extern int shishi_tkt_renew_till (Shishi_tkt * tkt,
700 char *renewtilltime, size_t * renewtilllen);
701 extern time_t shishi_tkt_renew_tillc (Shishi_tkt * tkt);
702 extern int shishi_tkt_keytype (Shishi_tkt * tkt, int32_t * etype);
703 extern int shishi_tkt_keytype_p (Shishi_tkt * tkt, int32_t etype);
704 extern int shishi_tkt_server (Shishi_tkt * tkt,
705 char *service, size_t * servicelen);
706 extern int shishi_tkt_server_p (Shishi_tkt * tkt, const char *server);
707 extern int shishi_tkt_server_realm (Shishi_tkt * tkt,
708 char *serverrealm,
709 size_t * serverrealmlen);
710 extern int shishi_tkt_valid_at_time_p (Shishi_tkt * tkt, time_t now);
711 extern int shishi_tkt_valid_now_p (Shishi_tkt * tkt);
712 extern int shishi_tkt_decrypt (Shishi_tkt * tkt, Shishi_key * key);
713 extern void shishi_tkt_done (Shishi_tkt * tkt);
714 extern int shishi_tkt_flags (Shishi_tkt * tkt, int *flags);
715 extern int shishi_tkt_flags_set (Shishi_tkt * tkt, int flags);
716 extern int shishi_tkt_forwardable_p (Shishi_tkt * tkt);
717 extern int shishi_tkt_forwarded_p (Shishi_tkt * tkt);
718 extern int shishi_tkt_proxiable_p (Shishi_tkt * tkt);
719 extern int shishi_tkt_proxy_p (Shishi_tkt * tkt);
720 extern int shishi_tkt_may_postdate_p (Shishi_tkt * tkt);
721 extern int shishi_tkt_postdated_p (Shishi_tkt * tkt);
722 extern int shishi_tkt_invalid_p (Shishi_tkt * tkt);
723 extern int shishi_tkt_renewable_p (Shishi_tkt * tkt);
724 extern int shishi_tkt_initial_p (Shishi_tkt * tkt);
725 extern int shishi_tkt_pre_authent_p (Shishi_tkt * tkt);
726 extern int shishi_tkt_hw_authent_p (Shishi_tkt * tkt);
727 extern int shishi_tkt_transited_policy_checked_p (Shishi_tkt * tkt);
728 extern int shishi_tkt_ok_as_delegate_p (Shishi_tkt * tkt);
729
730 /* tkts.c */
731 extern char *shishi_tkts_default_file_guess (void);
732 extern const char *shishi_tkts_default_file (Shishi * handle);
733 extern void shishi_tkts_default_file_set (Shishi * handle,
734 const char *tktsfile);
735 extern Shishi_tkts *shishi_tkts_default (Shishi * handle);
736 extern int shishi_tkts_default_to_file (Shishi_tkts * tkts);
737 extern int shishi_tkts (Shishi * handle, Shishi_tkts ** tkts);
738 extern Shishi_tkt *shishi_tkts_nth (Shishi_tkts * tkts, int ticketno);
739 extern int shishi_tkts_size (Shishi_tkts * tkts);
740 extern int shishi_tkts_add (Shishi_tkts * tkts, Shishi_tkt * tkt);
741 extern int shishi_tkts_new (Shishi_tkts * tkts,
742 Shishi_asn1 ticket,
743 Shishi_asn1 enckdcreppart, Shishi_asn1 kdcrep);
744 extern int shishi_tkts_remove (Shishi_tkts * tkts, int ticketno);
745 extern int shishi_tkts_expire (Shishi_tkts * tkts);
746 extern int shishi_tkts_print_for_service (Shishi_tkts * tkts,
747 FILE * fh, const char *service);
748 extern int shishi_tkts_print (Shishi_tkts * tkts, FILE * fh);
749 extern int shishi_tkts_write (Shishi_tkts * tkts, FILE * fh);
750 extern int shishi_tkts_to_file (Shishi_tkts * tkts, const char *filename);
751 extern int shishi_tkts_read (Shishi_tkts * tkts, FILE * fh);
752 extern int shishi_tkts_from_file (Shishi_tkts * tkts, const char *filename);
753 extern void shishi_tkts_done (Shishi_tkts ** tkts);
754 extern int shishi_tkt_match_p (Shishi_tkt * tkt, Shishi_tkts_hint * hint);
755 extern Shishi_tkt *shishi_tkts_find (Shishi_tkts * tkts,
756 Shishi_tkts_hint * hint);
757 extern Shishi_tkt *shishi_tkts_find_for_clientserver (Shishi_tkts * tkts,
758 const char *client,
759 const char *server);
760 extern Shishi_tkt *shishi_tkts_find_for_server (Shishi_tkts * tkts,
761 const char *server);
762 extern Shishi_tkt *shishi_tkts_get (Shishi_tkts * tkts,
763 Shishi_tkts_hint * hint);
764 extern Shishi_tkt *shishi_tkts_get_tgt (Shishi_tkts * tkts,
765 Shishi_tkts_hint * hint);
766 extern Shishi_tkt *shishi_tkts_get_tgs (Shishi_tkts * tkts,
767 Shishi_tkts_hint * hint,
768 Shishi_tkt *tgt);
769 extern Shishi_tkt *shishi_tkts_get_for_clientserver (Shishi_tkts * tkts,
770 const char *client,
771 const char *server);
772 extern Shishi_tkt *shishi_tkts_get_for_server (Shishi_tkts * tkts,
773 const char *server);
774 extern Shishi_tkt *shishi_tkts_get_for_localservicepasswd (Shishi_tkts * tkts,
775 const char
776 *service,
777 const char
778 *passwd);
779
780 /* diskio.c */
781 extern int
782 shishi_enckdcreppart_print (Shishi * handle,
783 FILE * fh, Shishi_asn1 enckdcreppart);
784 extern int
785 shishi_enckdcreppart_save (Shishi * handle,
786 FILE * fh, Shishi_asn1 enckdcreppart);
787 extern int
788 shishi_enckdcreppart_parse (Shishi * handle,
789 FILE * fh, Shishi_asn1 * enckdcreppart);
790 extern int
791 shishi_enckdcreppart_read (Shishi * handle,
792 FILE * fh, Shishi_asn1 * enckdcreppart);
793 extern int shishi_ticket_save (Shishi * handle, FILE * fh,
794 Shishi_asn1 ticket);
795 extern int shishi_ticket_print (Shishi * handle, FILE * fh,
796 Shishi_asn1 ticket);
797 extern int shishi_kdc_req_print (Shishi * handle, FILE * fh,
798 Shishi_asn1 asreq);
799 extern int shishi_kdc_rep_print (Shishi * handle, FILE * fh,
800 Shishi_asn1 asreq);
801 extern int shishi_kdc_print (Shishi * handle, FILE * fh, Shishi_asn1 asreq,
802 Shishi_asn1 asrep, Shishi_asn1 encasreppart);
803 extern int shishi_kdc_req_parse (Shishi * handle, FILE * fh,
804 Shishi_asn1 * asreq);
805 extern int shishi_kdc_rep_parse (Shishi * handle, FILE * fh,
806 Shishi_asn1 * asrep);
807 extern int shishi_ticket_parse (Shishi * handle, FILE * fh,
808 Shishi_asn1 * ticket);
809 extern int shishi_ticket_read (Shishi * handle, FILE * fh,
810 Shishi_asn1 * ticket);
811
812 /* authenticator.c */
813 extern Shishi_asn1 shishi_authenticator (Shishi * handle);
814 extern int shishi_authenticator_set_crealm (Shishi * handle,
815 Shishi_asn1 authenticator,
816 const char *crealm);
817 extern int shishi_authenticator_set_cname (Shishi * handle,
818 Shishi_asn1 authenticator,
819 Shishi_name_type name_type,
820 const char *cname[]);
821 extern int shishi_authenticator_client_set (Shishi * handle,
822 Shishi_asn1 authenticator,
823 const char *client);
824 extern int shishi_authenticator_ctime (Shishi * handle,
825 Shishi_asn1 authenticator,
826 char **ctime);
827 extern int shishi_authenticator_ctime_set (Shishi * handle,
828 Shishi_asn1 authenticator,
829 char *ctime);
830 extern int shishi_authenticator_cusec_get (Shishi * handle,
831 Shishi_asn1 authenticator,
832 int *cusec);
833 extern int shishi_authenticator_cusec_set (Shishi * handle,
834 Shishi_asn1 authenticator,
835 int cusec);
836 extern int shishi_authenticator_cname_get (Shishi * handle,
837 Shishi_asn1 authenticator,
838 char *cname, size_t * cnamelen);
839 extern int shishi_authenticator_cnamerealm_get (Shishi * handle,
840 Shishi_asn1 authenticator,
841 char *cnamerealm,
842 size_t * cnamerealmlen);
843 extern int shishi_authenticator_remove_cksum (Shishi * handle,
844 Shishi_asn1 authenticator);
845 extern int shishi_authenticator_cksum (Shishi * handle,
846 Shishi_asn1 authenticator,
847 int32_t * cksumtype,
848 char *cksum, size_t * cksumlen);
849 extern int shishi_authenticator_set_cksum (Shishi * handle,
850 Shishi_asn1 authenticator,
851 int cksumtype,
852 char *cksum, size_t cksumlen);
853 extern int shishi_authenticator_add_cksum (Shishi * handle,
854 Shishi_asn1 authenticator,
855 Shishi_key * key,
856 int keyusage,
857 char *data, size_t datalen);
858 extern int
859 shishi_authenticator_add_cksum_type (Shishi * handle,
860 Shishi_asn1 authenticator,
861 Shishi_key * key,
862 int keyusage, int cksumtype,
863 char *data, size_t datalen);
864 extern int
865 shishi_authenticator_remove_subkey (Shishi * handle,
866 Shishi_asn1 authenticator);
867 extern Shishi_asn1 shishi_authenticator_subkey (Shishi * handle);
868 extern int
869 shishi_authenticator_get_subkey (Shishi * handle,
870 Shishi_asn1 authenticator,
871 Shishi_key ** subkey);
872 extern int
873 shishi_authenticator_set_subkey (Shishi * handle,
874 Shishi_asn1 authenticator,
875 int32_t subkeytype,
876 char *subkey, size_t subkeylen);
877 extern int
878 shishi_authenticator_add_random_subkey (Shishi * handle,
879 Shishi_asn1 authenticator);
880 extern int
881 shishi_authenticator_add_subkey (Shishi * handle,
882 Shishi_asn1 authenticator,
883 Shishi_key * subkey);
884 extern int
885 shishi_authenticator_clear_authorizationdata (Shishi * handle,
886 Shishi_asn1 authenticator);
887 extern int
888 shishi_authenticator_add_authorizationdata (Shishi * handle,
889 Shishi_asn1 authenticator,
890 int adtype,
891 char *addata, size_t addatalen);
892 extern int
893 shishi_authenticator_authorizationdata (Shishi * handle,
894 Shishi_asn1 authenticator,
895 int *adtype,
896 char *addata, size_t * addatalen,
897 int nth);
898 extern int shishi_authenticator_read (Shishi * handle, FILE * fh,
899 Shishi_asn1 * authenticator);
900 extern int shishi_authenticator_parse (Shishi * handle, FILE * fh,
901 Shishi_asn1 * authenticator);
902 extern int shishi_authenticator_from_file (Shishi * handle,
903 Shishi_asn1 * authenticator,
904 int filetype, char *filename);
905 extern int shishi_authenticator_print (Shishi * handle, FILE * fh,
906 Shishi_asn1 authenticator);
907 extern int shishi_authenticator_to_file (Shishi * handle,
908 Shishi_asn1 authenticator,
909 int filetype, char *filename);
910 extern int shishi_authenticator_save (Shishi * handle, FILE * fh,
911 Shishi_asn1 authenticator);
912
913 /* as.c */
914 extern int shishi_as (Shishi * handle, Shishi_as ** as);
915 extern void shishi_as_done (Shishi_as * as);
916 extern Shishi_asn1 shishi_as_req (Shishi_as * as);
917 extern int shishi_as_req_build (Shishi_as * as);
918 extern void shishi_as_req_set (Shishi_as * as, Shishi_asn1 asreq);
919 extern int shishi_as_req_der (Shishi_as * as, char **out, size_t * outlen);
920 extern int shishi_as_req_der_set (Shishi_as * as, char *der, size_t derlen);
921 extern Shishi_asn1 shishi_as_rep (Shishi_as * as);
922 extern void shishi_as_rep_set (Shishi_as * as, Shishi_asn1 asrep);
923 extern int shishi_as_rep_build (Shishi_as * as, Shishi_key * key);
924 extern int shishi_as_rep_der (Shishi_as * as, char **out, size_t * outlen);
925 extern int shishi_as_rep_der_set (Shishi_as * as, char *der, size_t derlen);
926 extern Shishi_asn1 shishi_as_encasreppart (Shishi_as * as);
927 extern void shishi_as_encasreppart_set (Shishi_as * as,
928 Shishi_asn1 encasreppart);
929 extern Shishi_asn1 shishi_as_krberror (Shishi_as * as);
930 extern int shishi_as_krberror_der (Shishi_as * as, char **out,
931 size_t * outlen);
932 extern void shishi_as_krberror_set (Shishi_as * as, Shishi_asn1 krberror);
933 extern Shishi_tkt *shishi_as_tkt (Shishi_as * as);
934 extern void shishi_as_tkt_set (Shishi_as * as, Shishi_tkt * tkt);
935 extern int shishi_as_sendrecv (Shishi_as * as);
936 extern int shishi_as_rep_process (Shishi_as * as,
937 Shishi_key * key, const char *password);
938
939 /* tgs.c */
940 extern int shishi_tgs (Shishi * handle, Shishi_tgs ** tgs);
941 extern void shishi_tgs_done (Shishi_tgs * tgs);
942 extern Shishi_tkt *shishi_tgs_tgtkt (Shishi_tgs * tgs);
943 extern void shishi_tgs_tgtkt_set (Shishi_tgs * tgs, Shishi_tkt * tgtkt);
944 extern Shishi_ap *shishi_tgs_ap (Shishi_tgs * tgs);
945 extern Shishi_asn1 shishi_tgs_req (Shishi_tgs * tgs);
946 extern int shishi_tgs_req_der (Shishi_tgs * tgs, char **out, size_t * outlen);
947 extern int shishi_tgs_req_der_set (Shishi_tgs * tgs, char *der,
948 size_t derlen);
949 extern void shishi_tgs_req_set (Shishi_tgs * tgs, Shishi_asn1 tgsreq);
950 extern int shishi_tgs_req_build (Shishi_tgs * tgs);
951 extern int shishi_tgs_req_process (Shishi_tgs * tgs);
952 extern Shishi_asn1 shishi_tgs_rep (Shishi_tgs * tgs);
953 extern int shishi_tgs_rep_der (Shishi_tgs * tgs, char **out, size_t * outlen);
954 extern int shishi_tgs_rep_build (Shishi_tgs * tgs, Shishi_key * key);
955 extern int shishi_tgs_rep_process (Shishi_tgs * tgs);
956 extern Shishi_asn1 shishi_tgs_krberror (Shishi_tgs * tgs);
957 extern int shishi_tgs_krberror_der (Shishi_tgs * tgs, char **out,
958 size_t * outlen);
959 extern void shishi_tgs_krberror_set (Shishi_tgs * tgs, Shishi_asn1 krberror);
960 extern Shishi_tkt *shishi_tgs_tkt (Shishi_tgs * tgs);
961 extern void shishi_tgs_tkt_set (Shishi_tgs * tgs, Shishi_tkt * tkt);
962 extern int shishi_tgs_sendrecv (Shishi_tgs * tgs);
963 extern int shishi_tgs_set_server (Shishi_tgs * tgs, const char *server);
964 extern int shishi_tgs_set_realm (Shishi_tgs * tgs, const char *realm);
965 extern int shishi_tgs_set_realmserver (Shishi_tgs * tgs,
966 const char *realm, const char *server);
967
968 /* kdcreq.c */
969 extern int shishi_kdcreq (Shishi * handle, char *realm,
970 char *service, Shishi_asn1 * req);
971 extern Shishi_asn1 shishi_asreq (Shishi * handle);
972 extern Shishi_asn1 shishi_asreq_rsc (Shishi * handle, char *realm,
973 char *server, char *client);
974 extern Shishi_asn1 shishi_tgsreq (Shishi * handle);
975 extern Shishi_asn1 shishi_tgsreq_rst (Shishi * handle, char *realm,
976 char *server, Shishi_tkt * tkt);
977 extern int shishi_kdcreq_save (Shishi * handle, FILE * fh,
978 Shishi_asn1 kdcreq);
979 extern int shishi_kdcreq_print (Shishi * handle, FILE * fh,
980 Shishi_asn1 kdcreq);
981 extern int shishi_kdcreq_to_file (Shishi * handle, Shishi_asn1 kdcreq,
982 int filetype, char *filename);
983 extern int shishi_kdcreq_parse (Shishi * handle, FILE * fh,
984 Shishi_asn1 * kdcreq);
985 extern int shishi_kdcreq_read (Shishi * handle, FILE * fh,
986 Shishi_asn1 * kdcreq);
987 extern int shishi_kdcreq_from_file (Shishi * handle, Shishi_asn1 * kdcreq,
988 int filetype, char *filename);
989 extern int shishi_asreq_cnamerealm_get (Shishi * handle, Shishi_asn1 kdcreq,
990 char *cnamerealm,
991 size_t * cnamerealmlen);
992 extern int shishi_kdcreq_nonce (Shishi * handle, Shishi_asn1 kdcreq,
993 uint32_t * nonce);
994 extern int shishi_kdcreq_cname_get (Shishi * handle,
995 Shishi_asn1 kdcreq,
996 char *cname, size_t * cnamelen);
997 extern int shishi_kdcreq_set_cname (Shishi * handle, Shishi_asn1 kdcreq,
998 Shishi_name_type name_type,
999 const char *principal);
1000 extern int shishi_kdcreq_sname_get (Shishi * handle, Shishi_asn1 kdcreq,
1001 char *sname, size_t * snamelen);
1002 extern int shishi_kdcreq_snamerealm_get (Shishi * handle, Shishi_asn1 kdcreq,
1003 char *snamerealm,
1004 size_t * snamerealmlen);
1005 extern int shishi_kdcreq_set_sname (Shishi * handle, Shishi_asn1 kdcreq,
1006 Shishi_name_type name_type,
1007 const char *sname[]);
1008 extern int shishi_kdcreq_realm_get (Shishi * handle, Shishi_asn1 kdcreq,
1009 char *realm, size_t * realmlen);
1010 extern int shishi_kdcreq_set_realm (Shishi * handle, Shishi_asn1 kdcreq,
1011 const char *realm);
1012 extern int shishi_kdcreq_set_server (Shishi * handle, Shishi_asn1 req,
1013 const char *service);
1014 extern int shishi_kdcreq_set_realmserver (Shishi * handle, Shishi_asn1 req,
1015 char *realm, char *service);
1016 extern int shishi_kdcreq_etype (Shishi * handle, Shishi_asn1 kdcreq,
1017 int32_t * etype, int netype);
1018 extern int shishi_kdcreq_set_etype (Shishi * handle, Shishi_asn1 kdcreq,
1019 int32_t * etype, int netype);
1020 extern int shishi_kdcreq_options (Shishi * handle, Shishi_asn1 kdcreq,
1021 uint32_t *flags);
1022 extern int shishi_kdcreq_renewable_p (Shishi * handle, Shishi_asn1 kdcreq);
1023 extern int shishi_kdcreq_options_set (Shishi * handle, Shishi_asn1 kdcreq,
1024 uint32_t options);
1025 extern int shishi_kdcreq_options_add (Shishi * handle, Shishi_asn1 kdcreq,
1026 uint32_t option);
1027 extern int shishi_kdcreq_clear_padata (Shishi * handle, Shishi_asn1 kdcreq);
1028 extern int shishi_kdcreq_get_padata (Shishi * handle,
1029 Shishi_asn1 kdcreq,
1030 Shishi_padata_type padatatype,
1031 char **out, size_t * outlen);
1032 extern int shishi_kdcreq_get_padata_tgs (Shishi * handle,
1033 Shishi_asn1 kdcreq,
1034 Shishi_asn1 * apreq);
1035 extern int shishi_kdcreq_add_padata (Shishi * handle,
1036 Shishi_asn1 kdcreq,
1037 int padatatype,
1038 const char *data, size_t datalen);
1039 extern int shishi_kdcreq_add_padata_tgs (Shishi * handle,
1040 Shishi_asn1 kdcreq,
1041 Shishi_asn1 apreq);
1042 extern int shishi_kdcreq_build (Shishi * handle, Shishi_asn1 kdcreq);
1043
1044 /* enckdcreppart.c */
1045 extern Shishi_asn1 shishi_enckdcreppart (Shishi * handle);
1046 extern Shishi_asn1 shishi_encasreppart (Shishi * handle);
1047 extern int shishi_enckdcreppart_srealmserver_set (Shishi * handle,
1048 Shishi_asn1 enckdcreppart,
1049 const char *srealm,
1050 const char *server);
1051 extern int shishi_enckdcreppart_nonce_set (Shishi * handle,
1052 Shishi_asn1 enckdcreppart,
1053 uint32_t nonce);
1054 extern int
1055 shishi_enckdcreppart_populate_encticketpart (Shishi * handle,
1056 Shishi_asn1 enckdcreppart,
1057 Shishi_asn1 encticketpart);
1058 extern int shishi_enckdcreppart_flags_set (Shishi * handle,
1059 Shishi_asn1 enckdcreppart,
1060 int flags);
1061
1062 /* kdc.c */
1063 extern int shishi_as_derive_salt (Shishi * handle,
1064 Shishi_asn1 asreq,
1065 Shishi_asn1 asrep, char *salt,
1066 size_t * saltlen);
1067 extern int shishi_tgs_process (Shishi * handle,
1068 Shishi_asn1 tgsreq,
1069 Shishi_asn1 tgsrep,
1070 Shishi_asn1 authenticator,
1071 Shishi_asn1 oldenckdcreppart,
1072 Shishi_asn1 * enckdcreppart);
1073 extern int shishi_as_process (Shishi * handle, Shishi_asn1 asreq,
1074 Shishi_asn1 asrep,
1075 const char *string,
1076 Shishi_asn1 * enckdcreppart);
1077 extern int shishi_kdc_process (Shishi * handle, Shishi_asn1 kdcreq,
1078 Shishi_asn1 kdcrep, Shishi_key * key,
1079 int keyusage, Shishi_asn1 * enckdcreppart);
1080 extern int shishi_kdcreq_sendrecv (Shishi * handle, Shishi_asn1 kdcreq,
1081 Shishi_asn1 * kdcrep);
1082 extern int shishi_kdc_copy_crealm (Shishi * handle, Shishi_asn1 kdcrep,
1083 Shishi_asn1 encticketpart);
1084 extern int shishi_as_check_crealm (Shishi * handle, Shishi_asn1 asreq,
1085 Shishi_asn1 asrep);
1086 extern int shishi_kdc_copy_cname (Shishi * handle, Shishi_asn1 kdcrep,
1087 Shishi_asn1 encticketpart);
1088 extern int shishi_as_check_cname (Shishi * handle, Shishi_asn1 asreq,
1089 Shishi_asn1 asrep);
1090 extern int shishi_kdc_copy_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1091 Shishi_asn1 enckdcreppart);
1092 extern int shishi_kdc_check_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1093 Shishi_asn1 enckdcreppart);
1094
1095 /* kdcrep.c */
1096 extern Shishi_asn1 shishi_asrep (Shishi * handle);
1097 extern Shishi_asn1 shishi_tgsrep (Shishi * handle);
1098 extern int shishi_kdcrep_save (Shishi * handle, FILE * fh,
1099 Shishi_asn1 kdcrep);
1100 extern int shishi_kdcrep_print (Shishi * handle, FILE * fh,
1101 Shishi_asn1 kdcrep);
1102 extern int shishi_kdcrep_to_file (Shishi * handle, Shishi_asn1 kdcrep,
1103 int filetype, char *filename);
1104 extern int shishi_kdcrep_parse (Shishi * handle, FILE * fh,
1105 Shishi_asn1 * kdcrep);
1106 extern int shishi_kdcrep_read (Shishi * handle, FILE * fh,
1107 Shishi_asn1 * kdcrep);
1108 extern int shishi_kdcrep_from_file (Shishi * handle, Shishi_asn1 * kdcrep,
1109 int filetype, char *filename);
1110 extern int shishi_kdcrep_clear_padata (Shishi * handle, Shishi_asn1 kdcrep);
1111 extern int shishi_kdcrep_get_enc_part_etype (Shishi * handle,
1112 Shishi_asn1 kdcrep,
1113 int32_t * etype);
1114 extern int shishi_kdcrep_add_enc_part (Shishi * handle,
1115 Shishi_asn1 kdcrep,
1116 Shishi_key * key,
1117 int keyusage,
1118 Shishi_asn1 enckdcreppart);
1119 extern int shishi_kdcrep_get_ticket (Shishi * handle,
1120 Shishi_asn1 kdcrep,
1121 Shishi_asn1 * ticket);
1122 extern int shishi_kdcrep_set_ticket (Shishi * handle, Shishi_asn1 kdcrep,
1123 Shishi_asn1 ticket);
1124 extern int shishi_kdcrep_crealm_set (Shishi * handle,
1125 Shishi_asn1 kdcrep, const char *crealm);
1126 extern int shishi_kdcrep_cname_set (Shishi * handle,
1127 Shishi_asn1 kdcrep,
1128 Shishi_name_type name_type,
1129 const char *cname[]);
1130 extern int shishi_kdcrep_client_set (Shishi * handle, Shishi_asn1 kdcrep,
1131 const char *client);
1132 extern int shishi_kdcrep_crealmserver_set (Shishi * handle,
1133 Shishi_asn1 kdcrep,
1134 const char *crealm,
1135 const char *client);
1136 extern int shishi_kdcrep_set_enc_part (Shishi * handle, Shishi_asn1 kdcrep,
1137 int etype, int kvno,
1138 const char *buf, size_t buflen);
1139
1140 /* krberror.c */
1141 extern Shishi_asn1 shishi_krberror (Shishi * handle);
1142 extern int shishi_krberror_print (Shishi * handle, FILE * fh,
1143 Shishi_asn1 krberror);
1144 extern int shishi_krberror_save (Shishi * handle, FILE * fh,
1145 Shishi_asn1 krberror);
1146 extern int shishi_krberror_to_file (Shishi * handle, Shishi_asn1 krberror,
1147 int filetype, char *filename);
1148 extern int shishi_krberror_parse (Shishi * handle, FILE * fh,
1149 Shishi_asn1 * krberror);
1150 extern int shishi_krberror_read (Shishi * handle, FILE * fh,
1151 Shishi_asn1 * krberror);
1152 extern int shishi_krberror_from_file (Shishi * handle, Shishi_asn1 * krberror,
1153 int filetype, char *filename);
1154 extern int shishi_krberror_build (Shishi * handle, Shishi_asn1 krberror);
1155 extern int shishi_krberror_der (Shishi * handle,
1156 Shishi_asn1 krberror,
1157 char **out, size_t * outlen);
1158 extern int shishi_krberror_crealm (Shishi * handle,
1159 Shishi_asn1 krberror,
1160 char **realm, size_t * realmlen);
1161 extern int shishi_krberror_remove_crealm (Shishi * handle,
1162 Shishi_asn1 krberror);
1163 extern int shishi_krberror_set_crealm (Shishi * handle,
1164 Shishi_asn1 krberror,
1165 const char *crealm);
1166 extern int shishi_krberror_cname (Shishi * handle,
1167 Shishi_asn1 krberror,
1168 char *out, size_t * outlen);
1169 extern int shishi_krberror_set_cname (Shishi * handle,
1170 Shishi_asn1 krberror,
1171 Shishi_name_type name_type,
1172 const char *cname[]);
1173 extern int shishi_krberror_remove_cname (Shishi * handle,
1174 Shishi_asn1 krberror);
1175 extern int shishi_krberror_client_set (Shishi * handle,
1176 Shishi_asn1 krberror,
1177 const char *client);
1178 extern int shishi_krberror_realm (Shishi * handle,
1179 Shishi_asn1 krberror,
1180 char **realm, size_t * realmlen);
1181 extern int shishi_krberror_set_realm (Shishi * handle,
1182 Shishi_asn1 krberror,
1183 const char *realm);
1184 extern int shishi_krberror_sname (Shishi * handle,
1185 Shishi_asn1 krberror,
1186 char *out, size_t * outlen);
1187 extern int shishi_krberror_remove_sname (Shishi * handle,
1188 Shishi_asn1 krberror);
1189 extern int shishi_krberror_set_sname (Shishi * handle,
1190 Shishi_asn1 krberror,
1191 Shishi_name_type name_type,
1192 const char *sname[]);
1193 extern int shishi_krberror_server_set (Shishi * handle,
1194 Shishi_asn1 krberror,
1195 const char *server);
1196 extern int shishi_krberror_ctime (Shishi * handle,
1197 Shishi_asn1 krberror, char **ctime);
1198 extern int shishi_krberror_ctime_set (Shishi * handle,
1199 Shishi_asn1 krberror,
1200 const char *ctime);
1201 extern int shishi_krberror_remove_ctime (Shishi * handle,
1202 Shishi_asn1 krberror);
1203 extern int shishi_krberror_cusec (Shishi * handle, Shishi_asn1 krberror,
1204 int *cusec);
1205 extern int shishi_krberror_cusec_set (Shishi * handle, Shishi_asn1 krberror,
1206 int cusec);
1207 extern int shishi_krberror_remove_cusec (Shishi * handle,
1208 Shishi_asn1 krberror);
1209 extern int shishi_krberror_stime (Shishi * handle, Shishi_asn1 krberror,
1210 char **stime);
1211 extern int shishi_krberror_stime_set (Shishi * handle, Shishi_asn1 krberror,
1212 const char *stime);
1213 extern int shishi_krberror_susec (Shishi * handle, Shishi_asn1 krberror,
1214 int *susec);
1215 extern int shishi_krberror_susec_set (Shishi * handle, Shishi_asn1 krberror,
1216 int susec);
1217 extern int shishi_krberror_errorcode_set (Shishi * handle,
1218 Shishi_asn1 krberror,
1219 int errorcode);
1220 extern int shishi_krberror_etext (Shishi * handle, Shishi_asn1 krberror,
1221 char **etext, size_t * etextlen);
1222 extern int shishi_krberror_set_etext (Shishi * handle, Shishi_asn1 krberror,
1223 const char *etext);
1224 extern int shishi_krberror_remove_etext (Shishi * handle,
1225 Shishi_asn1 krberror);
1226 extern int shishi_krberror_edata (Shishi * handle, Shishi_asn1 krberror,
1227 char **edata, size_t * edatalen);
1228 extern int shishi_krberror_set_edata (Shishi * handle, Shishi_asn1 krberror,
1229 const char *edata);
1230 extern int shishi_krberror_remove_edata (Shishi * handle,
1231 Shishi_asn1 krberror);
1232 extern int shishi_krberror_errorcode (Shishi * handle, Shishi_asn1 krberror,
1233 int *errorcode);
1234 extern int shishi_krberror_errorcode_fast (Shishi * handle,
1235 Shishi_asn1 krberror);
1236 extern int shishi_krberror_pretty_print (Shishi * handle, FILE * fh,
1237 Shishi_asn1 krberror);
1238 extern const char *shishi_krberror_errorcode_message (Shishi * handle,
1239 int errorcode);
1240 extern const char *shishi_krberror_message (Shishi * handle,
1241 Shishi_asn1 krberror);
1242
1243 /* gztime.c */
1244 extern const char *shishi_generalize_time (Shishi * handle, time_t t);
1245 extern const char *shishi_generalize_now (Shishi * handle);
1246 extern time_t shishi_generalize_ctime (Shishi * handle, const char *t);
1247 extern int shishi_time (Shishi * handle, Shishi_asn1 node,
1248 const char *field, char **time);
1249
1250 /* nettle.c, libgcrypt.c, ... */
1251 extern int shishi_randomize (Shishi * handle, char *data, size_t datalen);
1252 extern int shishi_md4 (Shishi * handle, const char *in, size_t inlen,
1253 char *out[16]);
1254 extern int shishi_md5 (Shishi * handle, const char *in, size_t inlen,
1255 char *out[16]);
1256 extern int shishi_hmac_sha1 (Shishi * handle,
1257 const char *key, size_t keylen,
1258 const char *in, size_t inlen,
1259 char *outhash[20]);
1260 extern int shishi_des_cbc_mac (Shishi * handle,
1261 const char key[8],
1262 const char iv[8],
1263 const char *in, size_t inlen,
1264 char *out[8]);
1265 extern int shishi_des (Shishi * handle, int decryptp,
1266 const char key[8],
1267 const char iv[8],
1268 char *ivout[8],
1269 const char *in, size_t inlen,
1270 char **out);
1271 extern int shishi_3des (Shishi * handle, int decryptp,
1272 const char key[24],
1273 const char iv[8],
1274 char *ivout[8],
1275 const char *in, size_t inlen,
1276 char **out);
1277 extern int shishi_aes_cts (Shishi * handle, int decryptp,
1278 const char *key, size_t keylen,
1279 const char iv[16],
1280 char *ivout[16],
1281 const char *in, size_t inlen,
1282 char **out);
1283
1284 /* crypto.c */
1285 extern int shishi_cipher_supported_p (int type);
1286 extern const char *shishi_cipher_name (int type);
1287 extern int shishi_cipher_blocksize (int type);
1288 extern int shishi_cipher_minpadsize (int type);
1289 extern int shishi_cipher_confoundersize (int type);
1290 extern size_t shishi_cipher_keylen (int type);
1291 extern size_t shishi_cipher_randomlen (int type);
1292 extern int shishi_cipher_defaultcksumtype (int32_t type);
1293 extern int shishi_cipher_parse (const char *cipher);
1294 extern int shishi_checksum_supported_p (int32_t type);
1295 extern const char *shishi_checksum_name (int32_t type);
1296 extern size_t shishi_checksum_cksumlen (int32_t type);
1297 extern int shishi_checksum_parse (const char *checksum);
1298 extern int shishi_string_to_key (Shishi * handle,
1299 int32_t keytype,
1300 const char *password, size_t passwordlen,
1301 const char *salt, size_t saltlen,
1302 const char *parameter, Shishi_key * outkey);
1303 extern int shishi_random_to_key (Shishi * handle,
1304 int32_t keytype,
1305 char *random, size_t randomlen,
1306 Shishi_key * outkey);
1307 extern int shishi_encrypt_ivupdate_etype (Shishi * handle,
1308 Shishi_key * key,
1309 int keyusage,
1310 int32_t etype,
1311 const char *iv, size_t ivlen,
1312 char **ivout, size_t * ivoutlen,
1313 const char *in, size_t inlen,
1314 char **out, size_t * outlen);
1315 extern int shishi_encrypt_iv_etype (Shishi * handle,
1316 Shishi_key * key,
1317 int keyusage,
1318 int32_t etype,
1319 const char *iv, size_t ivlen,
1320 const char *in, size_t inlen,
1321 char **out, size_t * outlen);
1322 extern int shishi_encrypt_etype (Shishi * handle,
1323 Shishi_key * key,
1324 int keyusage,
1325 int32_t etype,
1326 const char *in, size_t inlen,
1327 char **out, size_t * outlen);
1328 extern int shishi_encrypt_ivupdate (Shishi * handle,
1329 Shishi_key * key,
1330 int keyusage,
1331 const char *iv, size_t ivlen,
1332 char **ivout, size_t * ivoutlen,
1333 const char *in, size_t inlen,
1334 char **out, size_t * outlen);
1335 extern int shishi_encrypt_iv (Shishi * handle,
1336 Shishi_key * key,
1337 int keyusage,
1338 const char *iv, size_t ivlen,
1339 const char *in, size_t inlen,
1340 char **out, size_t * outlen);
1341 extern int shishi_encrypt (Shishi * handle,
1342 Shishi_key * key,
1343 int keyusage,
1344 char *in, size_t inlen,
1345 char **out, size_t * outlen);
1346 extern int shishi_decrypt_ivupdate_etype (Shishi * handle,
1347 Shishi_key * key,
1348 int keyusage,
1349 int32_t etype,
1350 const char *iv, size_t ivlen,
1351 char **ivout, size_t * ivoutlen,
1352 const char *in, size_t inlen,
1353 char **out, size_t * outlen);
1354 extern int shishi_decrypt_iv_etype (Shishi * handle,
1355 Shishi_key * key,
1356 int keyusage,
1357 int32_t etype,
1358 const char *iv, size_t ivlen,
1359 const char *in, size_t inlen,
1360 char **out, size_t * outlen);
1361 extern int shishi_decrypt_etype (Shishi * handle,
1362 Shishi_key * key,
1363 int keyusage,
1364 int32_t etype,
1365 const char *in, size_t inlen,
1366 char **out, size_t * outlen);
1367 extern int shishi_decrypt_ivupdate (Shishi * handle,
1368 Shishi_key * key,
1369 int keyusage,
1370 const char *iv, size_t ivlen,
1371 char **ivout, size_t * ivoutlen,
1372 const char *in, size_t inlen,
1373 char **out, size_t * outlen);
1374 extern int shishi_decrypt_iv (Shishi * handle,
1375 Shishi_key * key,
1376 int keyusage,
1377 const char *iv, size_t ivlen,
1378 const char *in, size_t inlen,
1379 char **out, size_t * outlen);
1380 extern int shishi_decrypt (Shishi * handle,
1381 Shishi_key * key,
1382 int keyusage,
1383 const char *in, size_t inlen,
1384 char **out, size_t * outlen);
1385 extern int shishi_checksum (Shishi * handle,
1386 Shishi_key * key,
1387 int keyusage,
1388 int32_t cksumtype,
1389 const char *in, size_t inlen,
1390 char **out, size_t * outlen);
1391 extern int shishi_verify (Shishi * handle,
1392 Shishi_key * key,
1393 int keyusage,
1394 int cksumtype,
1395 const char *in, size_t inlen,
1396 const char *cksum, size_t cksumlen);
1397 extern int shishi_dk (Shishi * handle,
1398 Shishi_key * key,
1399 const char *constant, size_t constantlen,
1400 Shishi_key * derivedkey);
1401 extern int shishi_dr (Shishi * handle,
1402 Shishi_key * key,
1403 const char *constant, size_t constantlen,
1404 char *derivedrandom, size_t derivedrandomlen);
1405 extern int shishi_n_fold (Shishi * handle, const char *in, size_t inlen,
1406 char *out, size_t outlen);
1407 extern int shishi_pbkdf2_sha1 (Shishi * handle,
1408 const char *P, size_t Plen,
1409 const char *S, size_t Slen,
1410 unsigned int c, unsigned int dkLen, char *DK);
1411
1412 /* version.c */
1413 extern const char *shishi_check_version (const char *req_version);
1414
1415 /* password.c */
1416 extern int
1417 shishi_prompt_password (Shishi * handle, char **s, const char *format, ...);
1418
1419 /* asn1.c */
1420 extern int shishi_a2d_field (Shishi * handle,
1421 Shishi_asn1 node,
1422 const char *field, char *der, size_t * len);
1423 extern int shishi_a2d (Shishi * handle, Shishi_asn1 node,
1424 char *der, size_t * len);
1425 extern int shishi_a2d_new_field (Shishi * handle, Shishi_asn1 node,
1426 const char *field, char **der, size_t * len);
1427 extern int shishi_new_a2d (Shishi * handle, Shishi_asn1 node,
1428 char **der, size_t * len);
1429 extern void shishi_asn1_done (Shishi * handle, Shishi_asn1 node);
1430 extern int shishi_asn1_read (Shishi * handle, Shishi_asn1 node,
1431 const char *field, char *data, size_t * datalen);
1432 extern int shishi_asn1_read2 (Shishi * handle, Shishi_asn1 node,
1433 const char *field,
1434 char **data, size_t * datalen);
1435 extern int shishi_asn1_read_integer (Shishi * handle, Shishi_asn1 node,
1436 const char *field, int *i);
1437 extern int shishi_asn1_read_int32 (Shishi * handle, Shishi_asn1 node,
1438 const char *field, int32_t * i);
1439 extern int shishi_asn1_read_uint32 (Shishi * handle, Shishi_asn1 node,
1440 const char *field, uint32_t * i);
1441 extern int shishi_asn1_read_bitstring (Shishi * handle, Shishi_asn1 node,
1442 const char *field, uint32_t *flags);
1443 extern int shishi_asn1_read_optional (Shishi * handle,
1444 Shishi_asn1 node, const char *field,
1445 char *data, size_t * datalen);
1446 extern int shishi_asn1_empty_p (Shishi * handle, Shishi_asn1 node,
1447 const char *field);
1448 extern int shishi_asn1_write (Shishi * handle, Shishi_asn1 node,
1449 const char *field,
1450 const char *data, size_t datalen);
1451 extern int shishi_asn1_write_integer (Shishi * handle, Shishi_asn1 node,
1452 const char *field, int n);
1453 extern int shishi_asn1_write_int32 (Shishi * handle, Shishi_asn1 node,
1454 const char *field, int32_t n);
1455 extern int shishi_asn1_write_uint32 (Shishi * handle, Shishi_asn1 node,
1456 const char *field, uint32_t n);
1457 extern int shishi_asn1_write_bitstring (Shishi * handle, Shishi_asn1 node,
1458 const char *field, uint32_t flags);
1459 extern int shishi_asn1_number_of_elements (Shishi * handle,
1460 Shishi_asn1 node,
1461 const char *field, size_t * n);
1462 extern Shishi_asn1 shishi_asn1_asreq (Shishi * handle);
1463 extern Shishi_asn1 shishi_asn1_asrep (Shishi * handle);
1464 extern Shishi_asn1 shishi_asn1_tgsreq (Shishi * handle);
1465 extern Shishi_asn1 shishi_asn1_tgsrep (Shishi * handle);
1466 extern Shishi_asn1 shishi_asn1_apreq (Shishi * handle);
1467 extern Shishi_asn1 shishi_asn1_aprep (Shishi * handle);
1468 extern Shishi_asn1 shishi_asn1_ticket (Shishi * handle);
1469 extern Shishi_asn1 shishi_asn1_encapreppart (Shishi * handle);
1470 extern Shishi_asn1 shishi_asn1_encticketpart (Shishi * handle);
1471 extern Shishi_asn1 shishi_asn1_authenticator (Shishi * handle);
1472 extern Shishi_asn1 shishi_asn1_enckdcreppart (Shishi * handle);
1473 extern Shishi_asn1 shishi_asn1_encasreppart (Shishi * handle);
1474 extern Shishi_asn1 shishi_asn1_krberror (Shishi * handle);
1475 extern Shishi_asn1 shishi_asn1_krbsafe (Shishi * handle);
1476 extern Shishi_asn1 shishi_asn1_priv (Shishi * handle);
1477 extern Shishi_asn1 shishi_asn1_encprivpart (Shishi * handle);
1478
1479 extern Shishi_asn1 shishi_der2asn1 (Shishi * handle,
1480 const char *fieldname,
1481 const char *nodename,
1482 const char *der, size_t derlen);
1483 extern Shishi_asn1 shishi_der2asn1_ticket (Shishi * handle,
1484 const char *der, size_t derlen);
1485 extern Shishi_asn1 shishi_der2asn1_encticketpart (Shishi * handle,
1486 const char *der,
1487 size_t derlen);
1488 extern Shishi_asn1 shishi_der2asn1_asreq (Shishi * handle,
1489 const char *der, size_t derlen);
1490 extern Shishi_asn1 shishi_der2asn1_tgsreq (Shishi * handle,
1491 const char *der, size_t derlen);
1492 extern Shishi_asn1 shishi_der2asn1_asrep (Shishi * handle,
1493 const char *der, size_t derlen);
1494 extern Shishi_asn1 shishi_der2asn1_tgsrep (Shishi * handle,
1495 const char *der, size_t derlen);
1496 extern Shishi_asn1 shishi_der2asn1_kdcrep (Shishi * handle,
1497 const char *der, size_t derlen);
1498 extern Shishi_asn1 shishi_der2asn1_kdcreq (Shishi * handle,
1499 const char *der, size_t derlen);
1500 extern Shishi_asn1 shishi_der2asn1_apreq (Shishi * handle,
1501 const char *der, size_t derlen);
1502 extern Shishi_asn1 shishi_der2asn1_aprep (Shishi * handle,
1503 const char *der, size_t derlen);
1504 extern Shishi_asn1 shishi_der2asn1_authenticator (Shishi * handle,
1505 const char *der,
1506 size_t derlen);
1507 extern Shishi_asn1 shishi_der2asn1_krberror (Shishi * handle,
1508 const char *der, size_t derlen);
1509 extern Shishi_asn1 shishi_der2asn1_krbsafe (Shishi * handle,
1510 const char *der, size_t derlen);
1511 extern Shishi_asn1 shishi_der2asn1_priv (Shishi * handle,
1512 const char *der, size_t derlen);
1513 extern Shishi_asn1 shishi_der2asn1_encasreppart (Shishi * handle,
1514 const char *der,
1515 size_t derlen);
1516 extern Shishi_asn1 shishi_der2asn1_enctgsreppart (Shishi * handle,
1517 const char *der,
1518 size_t derlen);
1519 extern Shishi_asn1 shishi_der2asn1_enckdcreppart (Shishi * handle,
1520 const char *der,
1521 size_t derlen);
1522 extern Shishi_asn1 shishi_der2asn1_encapreppart (Shishi * handle,
1523 const char *der,
1524 size_t derlen);
1525 extern Shishi_asn1 shishi_der2asn1_encprivpart (Shishi * handle,
1526 const char *der,
1527 size_t derlen);
1528
1529 /* ap.c */
1530 extern int shishi_ap (Shishi * handle, Shishi_ap ** ap);
1531 extern void shishi_ap_done (Shishi_ap * ap);
1532 extern int shishi_ap_nosubkey (Shishi * handle, Shishi_ap ** ap);
1533 extern int shishi_ap_set_tktoptions (Shishi_ap * ap,
1534 Shishi_tkt * tkt, int options);
1535 extern int shishi_ap_tktoptions (Shishi * handle,
1536 Shishi_ap ** ap,
1537 Shishi_tkt * tkt, int options);
1538 extern int shishi_ap_set_tktoptionsdata (Shishi_ap * ap,
1539 Shishi_tkt * tkt,
1540 int options,
1541 const char *data, size_t len);
1542 extern int shishi_ap_tktoptionsdata (Shishi * handle,
1543 Shishi_ap ** ap,
1544 Shishi_tkt * tkt,
1545 int options,
1546 const char *data, size_t len);
1547 extern int shishi_ap_set_tktoptionsasn1usage (Shishi_ap * ap,
1548 Shishi_tkt * tkt,
1549 int options,
1550 Shishi_asn1 node,
1551 char *field,
1552 int authenticatorcksumkeyusage,
1553 int authenticatorkeyusage);
1554 extern int shishi_ap_tktoptionsasn1usage (Shishi * handle,
1555 Shishi_ap ** ap,
1556 Shishi_tkt * tkt,
1557 int options,
1558 Shishi_asn1 node,
1559 char *field,
1560 int authenticatorcksumkeyusage,
1561 int authenticatorkeyusage);
1562
1563 extern Shishi_tkt *shishi_ap_tkt (Shishi_ap * ap);
1564 extern void shishi_ap_tkt_set (Shishi_ap * ap, Shishi_tkt * tkt);
1565
1566 extern int shishi_ap_authenticator_cksumdata (Shishi_ap * ap,
1567 char *out, size_t * len);
1568 extern void
1569 shishi_ap_authenticator_cksumdata_set (Shishi_ap * ap,
1570 const char *authenticatorcksumdata,
1571 size_t authenticatorcksumdatalen);
1572 extern int shishi_ap_authenticator_cksumtype (Shishi_ap * ap);
1573 extern void shishi_ap_authenticator_cksumtype_set (Shishi_ap * ap,
1574 int cksumtype);
1575
1576 extern Shishi_asn1 shishi_ap_authenticator (Shishi_ap * ap);
1577 extern void shishi_ap_authenticator_set (Shishi_ap * ap,
1578 Shishi_asn1 authenticator);
1579
1580 extern Shishi_asn1 shishi_ap_req (Shishi_ap * ap);
1581 extern void shishi_ap_req_set (Shishi_ap * ap, Shishi_asn1 apreq);
1582 extern int shishi_ap_req_der (Shishi_ap * ap, char **out, size_t * outlen);
1583 extern int shishi_ap_req_der_set (Shishi_ap * ap, char *der, size_t derlen);
1584 extern int shishi_ap_req_build (Shishi_ap * ap);
1585 extern int shishi_ap_req_asn1 (Shishi_ap * ap, Shishi_asn1 * apreq);
1586 extern Shishi_key *shishi_ap_key (Shishi_ap * ap);
1587 extern int shishi_ap_req_process (Shishi_ap * ap, Shishi_key * key);
1588 extern int shishi_ap_req_process_keyusage (Shishi_ap * ap,
1589 Shishi_key * key,
1590 int32_t keyusage);
1591 extern int shishi_ap_req_build (Shishi_ap * ap);
1592
1593 extern Shishi_asn1 shishi_ap_rep (Shishi_ap * ap);
1594 extern void shishi_ap_rep_set (Shishi_ap * ap, Shishi_asn1 aprep);
1595 extern int shishi_ap_rep_der (Shishi_ap * ap, char **out, size_t * outlen);
1596 extern int shishi_ap_rep_der_set (Shishi_ap * ap, char *der, size_t derlen);
1597 extern int shishi_ap_rep_verify (Shishi_ap * ap);
1598 extern int shishi_ap_rep_verify_der (Shishi_ap * ap, char *der,
1599 size_t derlen);
1600 extern int shishi_ap_rep_verify_asn1 (Shishi_ap * ap, Shishi_asn1 aprep);
1601 extern int shishi_ap_rep_asn1 (Shishi_ap * ap, Shishi_asn1 * aprep);
1602 extern int shishi_ap_rep_build (Shishi_ap * ap);
1603
1604 extern Shishi_asn1 shishi_ap_encapreppart (Shishi_ap * ap);
1605 extern void shishi_ap_encapreppart_set (Shishi_ap * ap,
1606 Shishi_asn1 encapreppart);
1607
1608 extern const char *shishi_ap_option2string (Shishi_apoptions option);
1609 extern Shishi_apoptions shishi_ap_string2option (const char *str);
1610
1611 /* key.c */
1612 extern const char *shishi_key_principal (Shishi_key * key);
1613 extern void shishi_key_principal_set (Shishi_key * key,
1614 const char *principal);
1615 extern const char *shishi_key_realm (Shishi_key * key);
1616 extern void shishi_key_realm_set (Shishi_key * key, const char *realm);
1617 extern int shishi_key_type (Shishi_key * key);
1618 extern void shishi_key_type_set (Shishi_key * key, int32_t type);
1619 extern char *shishi_key_value (Shishi_key * key);
1620 extern void shishi_key_value_set (Shishi_key * key, const char *value);
1621 extern int shishi_key_value_set_random (Shishi_key * key,
1622 char *random, size_t randomlen);
1623 extern const char *shishi_key_name (Shishi_key * key);
1624 extern size_t shishi_key_length (Shishi_key * key);
1625 extern int shishi_key_version (Shishi_key * key);
1626 extern void shishi_key_version_set (Shishi_key * key, int version);
1627 extern int shishi_key (Shishi * handle, Shishi_key ** key);
1628 extern void shishi_key_done (Shishi_key * key);
1629 extern void shishi_key_copy (Shishi_key * dstkey, Shishi_key * srckey);
1630 extern int shishi_key_print (Shishi * handle, FILE * fh, Shishi_key * key);
1631 extern int shishi_key_to_file (Shishi * handle,
1632 const char *filename, Shishi_key * key);
1633 extern int shishi_key_parse (Shishi * handle, FILE * fh, Shishi_key ** key);
1634 extern int shishi_key_random (Shishi * handle,
1635 int32_t type, Shishi_key ** key);
1636 extern int shishi_key_from_value (Shishi * handle,
1637 int32_t type,
1638 char *value, Shishi_key ** key);
1639 extern int shishi_key_from_base64 (Shishi * handle,
1640 int32_t type,
1641 char *value, Shishi_key ** key);
1642 extern int shishi_key_from_random (Shishi * handle,
1643 int32_t type,
1644 char *random, size_t randomlen,
1645 Shishi_key ** outkey);
1646 extern int shishi_key_from_string (Shishi * handle,
1647 int32_t type,
1648 const char *password, size_t passwordlen,
1649 const char *salt, size_t saltlen,
1650 const char *parameter,
1651 Shishi_key ** outkey);
1652
1653 /* keys.c */
1654 extern Shishi_key *shishi_keys_for_serverrealm_in_file (Shishi * handle,
1655 const char *filename,
1656 const char *server,
1657 const char *realm);
1658 extern Shishi_key *shishi_keys_for_server_in_file (Shishi * handle,
1659 const char *filename,
1660 const char *server);
1661 extern Shishi_key *shishi_keys_for_localservicerealm_in_file (Shishi * handle,
1662 const char
1663 *filename,
1664 const char
1665 *service,
1666 const char
1667 *realm);
1668
1669 /* hostkeys.c */
1670 extern const char *shishi_hostkeys_default_file (Shishi * handle);
1671 extern void shishi_hostkeys_default_file_set (Shishi * handle,
1672 const char *hostkeysfile);
1673 extern Shishi_key *shishi_hostkeys_for_server (Shishi * handle,
1674 const char *server);
1675 extern Shishi_key *shishi_hostkeys_for_serverrealm (Shishi * handle,
1676 const char *server,
1677 const char *realm);
1678 extern Shishi_key *shishi_hostkeys_for_localservicerealm (Shishi * handle,
1679 const char *service,
1680 const char *realm);
1681 extern Shishi_key *shishi_hostkeys_for_localservice (Shishi * handle,
1682 const char *service);
1683
1684 /* encapreppart.c */
1685 extern Shishi_asn1 shishi_encapreppart (Shishi * handle);
1686 extern int shishi_encapreppart_time_copy (Shishi * handle,
1687 Shishi_asn1 encapreppart,
1688 Shishi_asn1 authenticator);
1689 extern int shishi_encapreppart_ctime (Shishi * handle,
1690 Shishi_asn1 encapreppart, char **ctime);
1691 extern int shishi_encapreppart_ctime_set (Shishi * handle,
1692 Shishi_asn1 encapreppart,
1693 char *ctime);
1694 extern int shishi_encapreppart_cusec_get (Shishi * handle,
1695 Shishi_asn1 encapreppart,
1696 int *cusec);
1697 extern int shishi_encapreppart_cusec_set (Shishi * handle,
1698 Shishi_asn1 encapreppart,
1699 int cusec);
1700 extern int shishi_encapreppart_print (Shishi * handle, FILE * fh,
1701 Shishi_asn1 encapreppart);
1702 extern int shishi_encapreppart_save (Shishi * handle, FILE * fh,
1703 Shishi_asn1 encapreppart);
1704 extern int shishi_encapreppart_to_file (Shishi * handle,
1705 Shishi_asn1 encapreppart,
1706 int filetype, char *filename);
1707 extern int shishi_encapreppart_read (Shishi * handle, FILE * fh,
1708 Shishi_asn1 * encapreppart);
1709 extern int shishi_encapreppart_parse (Shishi * handle, FILE * fh,
1710 Shishi_asn1 * encapreppart);
1711 extern int shishi_encapreppart_from_file (Shishi * handle,
1712 Shishi_asn1 * encapreppart,
1713 int filetype, char *filename);
1714 extern int shishi_encapreppart_get_key (Shishi * handle,
1715 Shishi_asn1 encapreppart,
1716 int32_t * keytype,
1717 char *keyvalue,
1718 size_t * keyvalue_len);
1719 extern int shishi_encapreppart_seqnumber_get (Shishi * handle,
1720 Shishi_asn1 encapreppart,
1721 uint32_t * seqnumber);
1722
1723 /* apreq.c */
1724 extern Shishi_asn1 shishi_apreq (Shishi * handle);
1725 extern int shishi_apreq_parse (Shishi * handle, FILE * fh,
1726 Shishi_asn1 * apreq);
1727 extern int shishi_apreq_from_file (Shishi * handle, Shishi_asn1 * apreq,
1728 int filetype, char *filename);
1729 extern int shishi_apreq_print (Shishi * handle, FILE * fh, Shishi_asn1 apreq);
1730 extern int shishi_apreq_to_file (Shishi * handle, Shishi_asn1 apreq,
1731 int filetype, char *filename);
1732 extern int shishi_apreq_read (Shishi * handle, FILE * fh,
1733 Shishi_asn1 * apreq);
1734 extern int shishi_apreq_save (Shishi * handle, FILE * fh, Shishi_asn1 apreq);
1735 extern int shishi_apreq_set_ticket (Shishi * handle, Shishi_asn1 apreq,
1736 Shishi_asn1 ticket);
1737 extern int shishi_apreq_set_authenticator (Shishi * handle, Shishi_asn1 apreq,
1738 int32_t etype,
1739 const char *buf, size_t buflen);
1740 extern int shishi_apreq_add_authenticator (Shishi * handle, Shishi_asn1 apreq,
1741 Shishi_key * key, int keyusage,
1742 Shishi_asn1 authenticator);
1743 extern int shishi_apreq_options (Shishi * handle, Shishi_asn1 apreq,
1744 int *flags);
1745 extern int shishi_apreq_use_session_key_p (Shishi * handle,
1746 Shishi_asn1 apreq);
1747 extern int shishi_apreq_mutual_required_p (Shishi * handle,
1748 Shishi_asn1 apreq);
1749 extern int shishi_apreq_options_set (Shishi * handle, Shishi_asn1 apreq,
1750 int options);
1751 extern int shishi_apreq_options_add (Shishi * handle, Shishi_asn1 apreq,
1752 int option);
1753 extern int shishi_apreq_options_remove (Shishi * handle, Shishi_asn1 apreq,
1754 int option);
1755 extern int shishi_apreq_get_ticket (Shishi * handle, Shishi_asn1 apreq,
1756 Shishi_asn1 * ticket);
1757 extern int shishi_apreq_get_authenticator_etype (Shishi * handle,
1758 Shishi_asn1 apreq,
1759 int32_t * etype);
1760 extern int shishi_apreq_decrypt (Shishi * handle, Shishi_asn1 apreq,
1761 Shishi_key * key, int keyusage,
1762 Shishi_asn1 * authenticator);
1763
1764 /* kdcrep.c */
1765 extern int shishi_kdcrep_decrypt (Shishi * handle,
1766 Shishi_asn1 kdcrep,
1767 Shishi_key * key,
1768 int keyusage, Shishi_asn1 * enckdcreppart);
1769 /* enckdcreppart.c */
1770 extern int shishi_enckdcreppart_get_key (Shishi * handle,
1771 Shishi_asn1 enckdcreppart,
1772 Shishi_key ** key);
1773 extern int shishi_enckdcreppart_srealm_set (Shishi * handle,
1774 Shishi_asn1 enckdcreppart,
1775 const char *srealm);
1776 extern int shishi_enckdcreppart_sname_set (Shishi * handle,
1777 Shishi_asn1 enckdcreppart,
1778 Shishi_name_type name_type,
1779 char *sname[]);
1780 extern int shishi_enckdcreppart_server_set (Shishi * handle,
1781 Shishi_asn1 enckdcreppart,
1782 const char *server);
1783
1784 /* aprep.c */
1785 extern Shishi_asn1 shishi_aprep (Shishi * handle);
1786 extern int shishi_aprep_print (Shishi * handle, FILE * fh, Shishi_asn1 aprep);
1787 extern int shishi_aprep_save (Shishi * handle, FILE * fh, Shishi_asn1 aprep);
1788 extern int shishi_aprep_to_file (Shishi * handle, Shishi_asn1 aprep,
1789 int filetype, char *filename);
1790 extern int shishi_aprep_read (Shishi * handle, FILE * fh,
1791 Shishi_asn1 * aprep);
1792 extern int shishi_aprep_parse (Shishi * handle, FILE * fh,
1793 Shishi_asn1 * aprep);
1794 extern int shishi_aprep_from_file (Shishi * handle, Shishi_asn1 * aprep,
1795 int filetype, char *filename);
1796 extern int shishi_aprep_decrypt (Shishi * handle, Shishi_asn1 aprep,
1797 Shishi_key * key, int keyusage,
1798 Shishi_asn1 * encapreppart);
1799 extern int shishi_aprep_verify (Shishi * handle, Shishi_asn1 authenticator,
1800 Shishi_asn1 encapreppart);
1801 extern int shishi_aprep_enc_part_set (Shishi * handle, Shishi_asn1 aprep,
1802 int etype,
1803 const char *buf, size_t buflen);
1804 extern int shishi_aprep_enc_part_add (Shishi * handle, Shishi_asn1 aprep,
1805 Shishi_asn1 encticketpart,
1806 Shishi_asn1 encapreppart);
1807 extern int shishi_aprep_enc_part_make (Shishi * handle, Shishi_asn1 aprep,
1808 Shishi_asn1 authenticator,
1809 Shishi_asn1 encticketpart);
1810 extern int shishi_aprep_get_enc_part_etype (Shishi * handle,
1811 Shishi_asn1 aprep,
1812 int32_t * etype);
1813
1814 /* netio.c */
1815 extern int shishi_kdc_sendrecv (Shishi * handle, char *realm,
1816 const char *indata, size_t inlen,
1817 char **outdata, size_t * outlen);
1818
1819 /* encticketpart.c */
1820 extern Shishi_asn1 shishi_encticketpart (Shishi * handle);
1821 extern int shishi_encticketpart_key_set (Shishi * handle,
1822 Shishi_asn1 encticketpart,
1823 Shishi_key * key);
1824 extern int shishi_encticketpart_get_enc_part_etype (Shishi * handle,
1825 Shishi_asn1 encticketpart,
1826 int32_t * etype);
1827 extern int shishi_encticketpart_get_key (Shishi * handle,
1828 Shishi_asn1 encticketpart,
1829 Shishi_key ** key);
1830 extern int shishi_encticketpart_crealm_set (Shishi * handle,
1831 Shishi_asn1 encticketpart,
1832 const char *realm);
1833 extern int shishi_encticketpart_cname_get (Shishi * handle,
1834 Shishi_asn1 encticketpart,
1835 char *cname, size_t * cnamelen);
1836 extern int shishi_encticketpart_cname_set (Shishi * handle,
1837 Shishi_asn1 encticketpart,
1838 Shishi_name_type name_type,
1839 const char *principal);
1840 extern int shishi_encticketpart_cnamerealm_get (Shishi * handle,
1841 Shishi_asn1 encticketpart,
1842 char *cnamerealm,
1843 size_t * cnamerealmlen);
1844 extern int shishi_encticketpart_print (Shishi * handle, FILE * fh,
1845 Shishi_asn1 encticketpart);
1846 extern int shishi_encticketpart_flags_set (Shishi * handle,
1847 Shishi_asn1 encticketpart,
1848 int flags);
1849 extern int shishi_encticketpart_transited_set (Shishi * handle,
1850 Shishi_asn1 encticketpart,
1851 int trtype,
1852 char *trdata,
1853 size_t trdatalen);
1854 extern int shishi_encticketpart_authtime_set (Shishi * handle,
1855 Shishi_asn1 encticketpart,
1856 const char *authtime);
1857 extern int shishi_encticketpart_endtime_set (Shishi * handle,
1858 Shishi_asn1 encticketpart,
1859 const char *endtime);
1860 extern int shishi_encticketpart_authtime (Shishi * handle,
1861 Shishi_asn1 encticketpart,
1862 char *authtime,
1863 size_t * authtimelen);
1864 extern time_t shishi_encticketpart_authctime (Shishi * handle,
1865 Shishi_asn1 encticketpart);
1866
1867 /* safe.c */
1868 extern int shishi_safe (Shishi * handle, Shishi_safe ** safe);
1869 extern void shishi_safe_done (Shishi_safe * safe);
1870 extern Shishi_key *shishi_safe_key (Shishi_safe * safe);
1871 extern void shishi_safe_key_set (Shishi_safe * safe, Shishi_key * key);
1872 extern Shishi_asn1 shishi_safe_safe (Shishi_safe * safe);
1873 extern void shishi_safe_safe_set (Shishi_safe * safe, Shishi_asn1 asn1safe);
1874 extern int shishi_safe_safe_der (Shishi_safe * safe, char **out,
1875 size_t * outlen);
1876 extern int shishi_safe_safe_der_set (Shishi_safe * safe,
1877 char *der, size_t derlen);
1878 extern int shishi_safe_print (Shishi * handle, FILE * fh, Shishi_asn1 safe);
1879 extern int shishi_safe_save (Shishi * handle, FILE * fh, Shishi_asn1 safe);
1880 extern int shishi_safe_to_file (Shishi * handle, Shishi_asn1 safe,
1881 int filetype, char *filename);
1882 extern int shishi_safe_parse (Shishi * handle, FILE * fh, Shishi_asn1 * safe);
1883 extern int shishi_safe_read (Shishi * handle, FILE * fh, Shishi_asn1 * safe);
1884 extern int shishi_safe_from_file (Shishi * handle, Shishi_asn1 * safe,
1885 int filetype, const char *filename);
1886 extern int shishi_safe_cksum (Shishi * handle,
1887 Shishi_asn1 safe,
1888 int32_t * cksumtype,
1889 char **cksum, size_t * cksumlen);
1890 extern int shishi_safe_set_cksum (Shishi * handle,
1891 Shishi_asn1 safe,
1892 int32_t cksumtype,
1893 const char *cksum, size_t cksumlen);
1894 extern int shishi_safe_user_data (Shishi * handle,
1895 Shishi_asn1 safe,
1896 char **userdata, size_t * userdatalen);
1897 extern int shishi_safe_set_user_data (Shishi * handle,
1898 Shishi_asn1 safe,
1899 const char *userdata,
1900 size_t userdatalen);
1901 extern int shishi_safe_build (Shishi_safe * safe, Shishi_key * key);
1902 extern int shishi_safe_verify (Shishi_safe * safe, Shishi_key * key);
1903
1904 /* priv.c */
1905 extern int shishi_priv (Shishi * handle, Shishi_priv ** priv);
1906 extern void shishi_priv_done (Shishi_priv * priv);
1907 extern Shishi_key *shishi_priv_key (Shishi_priv * priv);
1908 extern void shishi_priv_key_set (Shishi_priv * priv, Shishi_key * key);
1909 extern Shishi_asn1 shishi_priv_priv (Shishi_priv * priv);
1910 extern void shishi_priv_priv_set (Shishi_priv * priv, Shishi_asn1 asn1priv);
1911 extern int shishi_priv_priv_der (Shishi_priv * priv, char **out,
1912 size_t * outlen);
1913 extern int shishi_priv_priv_der_set (Shishi_priv * priv,
1914 char *der, size_t derlen);
1915 extern Shishi_asn1 shishi_priv_encprivpart (Shishi_priv * priv);
1916 extern void shishi_priv_encprivpart_set (Shishi_priv * priv,
1917 Shishi_asn1 asn1encprivpart);
1918 extern int shishi_priv_encprivpart_der (Shishi_priv * priv, char **out,
1919 size_t * outlen);
1920 extern int shishi_priv_encprivpart_der_set (Shishi_priv * priv,
1921 char *der, size_t derlen);
1922 extern int shishi_priv_print (Shishi * handle, FILE * fh, Shishi_asn1 priv);
1923 extern int shishi_priv_save (Shishi * handle, FILE * fh, Shishi_asn1 priv);
1924 extern int shishi_priv_to_file (Shishi * handle, Shishi_asn1 priv,
1925 int filetype, char *filename);
1926 extern int shishi_priv_parse (Shishi * handle, FILE * fh, Shishi_asn1 * priv);
1927 extern int shishi_priv_read (Shishi * handle, FILE * fh, Shishi_asn1 * priv);
1928 extern int shishi_priv_from_file (Shishi * handle, Shishi_asn1 * priv,
1929 int filetype, const char *filename);
1930 extern int shishi_priv_enc_part_etype (Shishi * handle,
1931 Shishi_asn1 priv,
1932 int32_t * etype);
1933 extern int shishi_priv_set_enc_part (Shishi * handle,
1934 Shishi_asn1 priv,
1935 int32_t etype,
1936 const char *encpart, size_t encpartlen);
1937 extern int shishi_encprivpart_user_data (Shishi * handle,
1938 Shishi_asn1 encprivpart,
1939 char **userdata,
1940 size_t * userdatalen);
1941 extern int shishi_encprivpart_set_user_data (Shishi * handle,
1942 Shishi_asn1 encprivpart,
1943 const char *userdata,
1944 size_t userdatalen);
1945 extern int shishi_priv_build (Shishi_priv * priv, Shishi_key * key);
1946 extern int shishi_priv_process (Shishi_priv * priv, Shishi_key * key);
1947
1948 #endif
Free Kerberos V5 implementation