lib/enckdcreppart.c

   1 /* enckdcreppart.c      Key distribution encrypted reply part functions
   2  * Copyright (C) 2002, 2003  Simon Josefsson
   3  *
   4  * This file is part of Shishi.
   5  *
   6  * Shishi is free software; you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation; either version 2 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * Shishi is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with Shishi; if not, write to the Free Software
  18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  19  *
  20  */
  21
  22 #include "internal.h"
  23
  24
  25 Shishi_asn1
  26 shishi_enckdcreppart (Shishi * handle)
  27 {
  28   int res;
  29   Shishi_asn1 node;
  30
  31   node = shishi_asn1_enckdcreppart (handle);
  32   if (!node)
  33     return NULL;
  34
  35   /* XXX remove these two: */
  36   res = shishi_asn1_write (handle, node, "key-expiration", NULL, 0);
  37   if (res != SHISHI_OK)
  38     return NULL;
  39
  40   res = shishi_asn1_write (handle, node, "caddr", NULL, 0);
  41   if (res != SHISHI_OK)
  42     return NULL;
  43
  44   return node;
  45 }
  46
  47 Shishi_asn1
  48 shishi_encasreppart (Shishi * handle)
  49 {
  50   int res;
  51   Shishi_asn1 node;
  52
  53   node = shishi_asn1_encasreppart (handle);
  54   if (!node)
  55     return NULL;
  56
  57   /* XXX remove these two: */
  58   res = shishi_asn1_write (handle, node, "key-expiration", NULL, 0);
  59   if (res != SHISHI_OK)
  60     puts ("urk");
  61   res = shishi_asn1_write (handle, node, "caddr", NULL, 0);
  62   if (res != SHISHI_OK)
  63     puts ("urk2");
  64
  65   return node;
  66 }
  67
  68 /**
  69  * shishi_enckdcreppart_get_key:
  70  * @handle: shishi handle as allocated by shishi_init().
  71  * @enckdcreppart: input EncKDCRepPart variable.
  72  * @key: newly allocated encryption key handle.
  73  *
  74  * Extract the key to use with the ticket sent in the KDC-REP
  75  * associated with the EndKDCRepPart input variable.
  76  *
  77  * Return value: Returns SHISHI_OK iff succesful.
  78  **/
  79 int
  80 shishi_enckdcreppart_get_key (Shishi * handle,
  81                               Shishi_asn1 enckdcreppart, Shishi_key ** key)
  82 {
  83   int res;
  84   char *buf;
  85   size_t buflen;
  86   int32_t keytype;
  87
  88   res = shishi_asn1_read_int32 (handle, enckdcreppart,
  89                                 "key.keytype", &keytype);
  90   if (res != SHISHI_OK)
  91     return res;
  92
  93   res = shishi_asn1_read2 (handle, enckdcreppart, "key.keyvalue",
  94                            &buf, &buflen);
  95   if (res != SHISHI_OK)
  96     return res;
  97
  98   res = shishi_key_from_value (handle, keytype, buf, key);
  99   free (buf);
 100   if (res != SHISHI_OK)
 101     return res;
 102
 103   return SHISHI_OK;
 104 }
 105
 106 /**
 107  * shishi_enckdcreppart_key_set:
 108  * @handle: shishi handle as allocated by shishi_init().
 109  * @enckdcreppart: input EncKDCRepPart variable.
 110  * @key: key handle with information to store in enckdcreppart.
 111  *
 112  * Set the EncKDCRepPart.key field to key type and value of supplied
 113  * key.
 114  *
 115  * Return value: Returns SHISHI_OK iff succesful.
 116  **/
 117 int
 118 shishi_enckdcreppart_key_set (Shishi * handle,
 119                               Shishi_asn1 enckdcreppart, Shishi_key * key)
 120 {
 121   int res;
 122
 123   res = shishi_asn1_write_integer (handle, enckdcreppart, "key.keytype",
 124                                    shishi_key_type (key));
 125   if (res != SHISHI_OK)
 126     return SHISHI_ASN1_ERROR;
 127
 128   res = shishi_asn1_write (handle, enckdcreppart, "key.keyvalue",
 129                            shishi_key_value (key), shishi_key_length (key));
 130   if (res != SHISHI_OK)
 131     return SHISHI_ASN1_ERROR;
 132
 133   return SHISHI_OK;
 134 }
 135
 136 /**
 137  * shishi_enckdcreppart_nonce_set:
 138  * @handle: shishi handle as allocated by shishi_init().
 139  * @enckdcreppart: input EncKDCRepPart variable.
 140  * @nonce: nonce to set in EncKDCRepPart.
 141  *
 142  * Set the EncKDCRepPart.nonce field.
 143  *
 144  * Return value: Returns SHISHI_OK iff succesful.
 145  **/
 146 int
 147 shishi_enckdcreppart_nonce_set (Shishi * handle,
 148                                 Shishi_asn1 enckdcreppart, uint32_t nonce)
 149 {
 150   int res;
 151
 152   res = shishi_asn1_write_integer (handle, enckdcreppart, "nonce", nonce);
 153   if (res != SHISHI_OK)
 154     return res;
 155
 156   return SHISHI_OK;
 157 }
 158
 159 /**
 160  * shishi_enckdcreppart_flags_set:
 161  * @handle: shishi handle as allocated by shishi_init().
 162  * @enckdcreppart: input EncKDCRepPart variable.
 163  * @flags: flags to set in EncKDCRepPart.
 164  *
 165  * Set the EncKDCRepPart.flags field.
 166  *
 167  * Return value: Returns SHISHI_OK iff succesful.
 168  **/
 169 int
 170 shishi_enckdcreppart_flags_set (Shishi * handle,
 171                                 Shishi_asn1 enckdcreppart, int flags)
 172 {
 173   int res;
 174
 175   res = shishi_asn1_write_integer (handle, enckdcreppart, "flags", flags);
 176   if (res != SHISHI_OK)
 177     return SHISHI_ASN1_ERROR;
 178
 179   return SHISHI_OK;
 180 }
 181
 182 /**
 183  * shishi_enckdcreppart_populate_encticketpart:
 184  * @handle: shishi handle as allocated by shishi_init().
 185  * @enckdcreppart: input EncKDCRepPart variable.
 186  * @encticketpart: input EncTicketPart variable.
 187  *
 188  * Set the flags, authtime, starttime, endtime, renew-till and caddr
 189  * fields of the EncKDCRepPart to the corresponding values in the
 190  * EncTicketPart.
 191  *
 192  * Return value: Returns SHISHI_OK iff succesful.
 193  **/
 194 int
 195 shishi_enckdcreppart_populate_encticketpart (Shishi * handle,
 196                                              Shishi_asn1 enckdcreppart,
 197                                              Shishi_asn1 encticketpart)
 198 {
 199   char *buf;
 200   size_t buflen;
 201   int res;
 202
 203   res = shishi_asn1_read2 (handle, encticketpart, "flags", &buf, &buflen);
 204   if (res != SHISHI_OK)
 205     return SHISHI_ASN1_ERROR;
 206
 207   res = shishi_asn1_write (handle, enckdcreppart, "flags", buf, buflen);
 208   free (buf);
 209   if (res != SHISHI_OK)
 210     return SHISHI_ASN1_ERROR;
 211
 212   res = shishi_asn1_read2 (handle, encticketpart, "authtime", &buf, &buflen);
 213   if (res != SHISHI_OK)
 214     return SHISHI_ASN1_ERROR;
 215
 216   res = shishi_asn1_write (handle, enckdcreppart, "authtime", buf, buflen);
 217   free (buf);
 218   if (res != SHISHI_OK)
 219     return SHISHI_ASN1_ERROR;
 220
 221   res = shishi_asn1_read2 (handle, encticketpart, "starttime", &buf, &buflen);
 222   if (res != SHISHI_OK && res != SHISHI_ASN1_NO_ELEMENT)
 223     return SHISHI_ASN1_ERROR;
 224
 225   if (res == SHISHI_ASN1_NO_ELEMENT)
 226     res = shishi_asn1_write (handle, enckdcreppart, "starttime", NULL, 0);
 227   else
 228     {
 229       res = shishi_asn1_write (handle, enckdcreppart, "starttime",
 230                                buf, buflen);
 231       free (buf);
 232     }
 233   if (res != SHISHI_OK)
 234     return SHISHI_ASN1_ERROR;
 235
 236   res = shishi_asn1_read2 (handle, encticketpart, "endtime", &buf, &buflen);
 237   if (res != SHISHI_OK)
 238     return SHISHI_ASN1_ERROR;
 239
 240   res = shishi_asn1_write (handle, enckdcreppart, "endtime", buf, buflen);
 241   free (buf);
 242   if (res != SHISHI_OK)
 243     return SHISHI_ASN1_ERROR;
 244
 245   res =
 246     shishi_asn1_read2 (handle, encticketpart, "renew-till", &buf, &buflen);
 247   if (res != SHISHI_OK && res != SHISHI_ASN1_NO_ELEMENT)
 248     return SHISHI_ASN1_ERROR;
 249
 250   if (res == SHISHI_ASN1_NO_ELEMENT)
 251     res = shishi_asn1_write (handle, enckdcreppart, "renew-till", NULL, 0);
 252   else
 253     {
 254       res = shishi_asn1_write (handle, enckdcreppart,
 255                                "renew-till", buf, buflen);
 256       free (buf);
 257     }
 258   if (res != SHISHI_OK)
 259     return SHISHI_ASN1_ERROR;
 260
 261   /* XXX copy caddr too */
 262
 263   return SHISHI_OK;
 264 }
 265
 266 /**
 267  * shishi_enckdcreppart_srealm_set:
 268  * @handle: shishi handle as allocated by shishi_init().
 269  * @enckdcreppart: EncKDCRepPart variable to set realm field in.
 270  * @srealm: input array with name of realm.
 271  *
 272  * Set the server realm field in the EncKDCRepPart.
 273  *
 274  * Return value: Returns SHISHI_OK iff successful.
 275  **/
 276 int
 277 shishi_enckdcreppart_srealm_set (Shishi * handle,
 278                                  Shishi_asn1 enckdcreppart,
 279                                  const char *srealm)
 280 {
 281   int res = SHISHI_OK;
 282
 283   res = shishi_asn1_write (handle, enckdcreppart, "srealm", srealm, 0);
 284   if (res != SHISHI_OK)
 285     return res;
 286
 287   return SHISHI_OK;
 288 }
 289
 290
 291 /**
 292  * shishi_enckdcreppart_sname_set:
 293  * @handle: shishi handle as allocated by shishi_init().
 294  * @enckdcreppart: EncKDCRepPart variable to set server name field in.
 295  * @name_type: type of principial, see Shishi_name_type, usually
 296  *             SHISHI_NT_UNKNOWN.
 297  * @sname: input array with principal name.
 298  *
 299  * Set the server name field in the EncKDCRepPart.
 300  *
 301  * Return value: Returns SHISHI_OK iff successful.
 302  **/
 303 int
 304 shishi_enckdcreppart_sname_set (Shishi * handle,
 305                                 Shishi_asn1 enckdcreppart,
 306                                 Shishi_name_type name_type, char *sname[])
 307 {
 308   int res = SHISHI_OK;
 309   int i;
 310   char *buf;
 311
 312   res = shishi_asn1_write_integer (handle, enckdcreppart,
 313                                    "sname.name-type", name_type);
 314   if (res != SHISHI_OK)
 315     return res;
 316
 317   res = shishi_asn1_write (handle, enckdcreppart,
 318                            "sname.name-string", NULL, 0);
 319   if (res != SHISHI_OK)
 320     return res;
 321
 322   i = 1;
 323   while (sname[i - 1])
 324     {
 325       res = shishi_asn1_write (handle, enckdcreppart, "sname.name-string",
 326                                "NEW", 1);
 327       if (res != SHISHI_OK)
 328         return res;
 329
 330       asprintf (&buf, "sname.name-string.?%d", i);
 331       res = shishi_asn1_write (handle, enckdcreppart, buf, sname[i - 1], 0);
 332       free (buf);
 333       if (res != SHISHI_OK)
 334         return res;
 335
 336       i++;
 337     }
 338
 339   return SHISHI_OK;
 340 }
 341
 342 int
 343 shishi_enckdcreppart_server_set (Shishi * handle,
 344                                  Shishi_asn1 enckdcreppart,
 345                                  const char *server)
 346 {
 347   char *tmpserver;
 348   char **serverbuf;
 349   char *tokptr;
 350   int res;
 351   int i;
 352
 353   tmpserver = xstrdup (server);
 354
 355   serverbuf = xmalloc (sizeof (*serverbuf));
 356   for (i = 0;
 357        (serverbuf[i] = strtok_r (i == 0 ? tmpserver : NULL, "/", &tokptr));
 358        i++)
 359     {
 360       serverbuf = xrealloc (serverbuf, (i + 2) * sizeof (*serverbuf));
 361     }
 362   res = shishi_enckdcreppart_sname_set (handle, enckdcreppart,
 363                                         SHISHI_NT_PRINCIPAL, serverbuf);
 364   if (res != SHISHI_OK)
 365     {
 366       fprintf (stderr, _("Could not set sname: %s\n"), shishi_error (handle));
 367       return res;
 368     }
 369   free (serverbuf);
 370   free (tmpserver);
 371
 372   return SHISHI_OK;
 373 }
 374
 375 int
 376 shishi_enckdcreppart_srealmserver_set (Shishi * handle,
 377                                        Shishi_asn1 enckdcreppart,
 378                                        const char *srealm, const char *server)
 379 {
 380   int res;
 381
 382   res = shishi_enckdcreppart_srealm_set (handle, enckdcreppart, srealm);
 383   if (res != SHISHI_OK)
 384     return res;
 385
 386   res = shishi_enckdcreppart_server_set (handle, enckdcreppart, server);
 387   if (res != SHISHI_OK)
 388     return res;
 389
 390   return SHISHI_OK;
 391 }