search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add.
[shishi.git] / lib / shishi.h.in
blobfab30775bb2bf4d8324213e137102501f4aa2b0d
1 /* shishi.h --- Header file for Shishi library. -*- c -*-
2 * Copyright (C) 2002, 2003, 2004, 2006, 2007 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, see http://www.gnu.org/licenses or write
18 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
19 * Floor, Boston, MA 02110-1301, USA
20 *
21 */
22
23 #ifndef SHISHI_H
24 #define SHISHI_H
25
26 #include <stddef.h> /* size_t */
27 #include <stdio.h> /* FILE */
28 #include <time.h> /* time_t */
29 #include <shishi-int.h> /* uint32_t */
30
31 #define SHISHI_VERSION "@PACKAGE_VERSION@"
32
33 /* Error codes */
34 typedef enum
35 {
36 SHISHI_OK = 0,
37 SHISHI_ASN1_ERROR = 1,
38 SHISHI_FOPEN_ERROR = 2,
39 SHISHI_IO_ERROR = 3,
40 SHISHI_MALLOC_ERROR = 4,
41 SHISHI_BASE64_ERROR = 5,
42 SHISHI_REALM_MISMATCH = 6,
43 SHISHI_CNAME_MISMATCH = 7,
44 SHISHI_NONCE_MISMATCH = 8,
45 SHISHI_TGSREP_BAD_KEYTYPE = 9,
46 SHISHI_KDCREP_BAD_KEYTYPE = 10,
47 SHISHI_APREP_BAD_KEYTYPE = 11,
48 SHISHI_APREP_VERIFY_FAILED = 12,
49 SHISHI_APREQ_BAD_KEYTYPE = 13,
50 SHISHI_TOO_SMALL_BUFFER = 14,
51 SHISHI_DERIVEDKEY_TOO_SMALL = 15,
52 SHISHI_KEY_TOO_LARGE = 16,
53 SHISHI_CRYPTO_ERROR = 17,
54 SHISHI_CRYPTO_INTERNAL_ERROR = 18,
55 SHISHI_SOCKET_ERROR = 19,
56 SHISHI_BIND_ERROR = 20,
57 SHISHI_SENDTO_ERROR = 21,
58 SHISHI_RECVFROM_ERROR = 22,
59 SHISHI_CLOSE_ERROR = 23,
60 SHISHI_KDC_TIMEOUT = 24,
61 SHISHI_KDC_NOT_KNOWN_FOR_REALM = 25,
62 SHISHI_TTY_ERROR = 26,
63 SHISHI_GOT_KRBERROR = 27,
64 SHISHI_HANDLE_ERROR = 28,
65 SHISHI_INVALID_TKTS = 29,
66 SHISHI_TICKET_BAD_KEYTYPE = 30,
67 SHISHI_INVALID_KEY = 31,
68 SHISHI_APREQ_DECRYPT_FAILED = 32,
69 SHISHI_TICKET_DECRYPT_FAILED = 33,
70 SHISHI_INVALID_TICKET = 34,
71 SHISHI_OUT_OF_RANGE = 35,
72 SHISHI_ASN1_NO_ELEMENT = 36,
73 SHISHI_SAFE_BAD_KEYTYPE = 37,
74 SHISHI_SAFE_VERIFY_FAILED = 38,
75 SHISHI_PKCS5_INVALID_PRF = 39,
76 SHISHI_PKCS5_INVALID_ITERATION_COUNT = 40,
77 SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH = 41,
78 SHISHI_PKCS5_DERIVED_KEY_TOO_LONG = 42,
79 SHISHI_INVALID_PRINCIPAL_NAME = 43,
80 SHISHI_INVALID_ARGUMENT = 44,
81 SHISHI_ASN1_NO_VALUE = 45,
82 SHISHI_CONNECT_ERROR = 46,
83 SHISHI_VERIFY_FAILED = 47,
84 SHISHI_PRIV_BAD_KEYTYPE = 48,
85 SHISHI_FILE_ERROR = 49,
86 SHISHI_ENCAPREPPART_BAD_KEYTYPE = 50,
87 SHISHI_GETTIMEOFDAY_ERROR = 51,
88 SHISHI_KEYTAB_ERROR = 52,
89 SHISHI_CCACHE_ERROR = 53,
90 SHISHI_LAST_ERROR = 53
91 }
92 Shishi_rc;
93
94 typedef enum
95 {
96 /* Name type not known */
97 SHISHI_NT_UNKNOWN = 0,
98 /* Just the name of the principal as in DCE, or for users */
99 SHISHI_NT_PRINCIPAL = 1,
100 /* Service and other unique instance (krbtgt) */
101 SHISHI_NT_SRV_INST = 2,
102 /* Service with host name as instance (telnet, rcommands) */
103 SHISHI_NT_SRV_HST = 3,
104 /* Service with host as remaining components */
105 SHISHI_NT_SRV_XHST = 4,
106 /* Unique ID */
107 SHISHI_NT_UID = 5,
108 /* Encoded X.509 Distingished name [RFC 2253] */
109 SHISHI_NT_X500_PRINCIPAL = 6,
110 /* Name in form of SMTP email name (e.g. user@foo.com) */
111 SHISHI_NT_SMTP_NAME = 7,
112 /* Enterprise name - may be mapped to principal name */
113 SHISHI_NT_ENTERPRISE = 10
114 }
115 Shishi_name_type;
116
117 typedef enum
118 {
119 SHISHI_PA_TGS_REQ = 1,
120 SHISHI_PA_ENC_TIMESTAMP = 2,
121 SHISHI_PA_PW_SALT = 3,
122 SHISHI_PA_RESERVED = 4,
123 SHISHI_PA_ENC_UNIX_TIME = 5, /* (deprecated) */
124 SHISHI_PA_SANDIA_SECUREID = 6,
125 SHISHI_PA_SESAME = 7,
126 SHISHI_PA_OSF_DCE = 8,
127 SHISHI_PA_CYBERSAFE_SECUREID = 9,
128 SHISHI_PA_AFS3_SALT = 10,
129 SHISHI_PA_ETYPE_INFO = 11,
130 SHISHI_PA_SAM_CHALLENGE = 12, /* (sam/otp) */
131 SHISHI_PA_SAM_RESPONSE = 13, /* (sam/otp) */
132 SHISHI_PA_PK_AS_REQ = 14, /* (pkinit) */
133 SHISHI_PA_PK_AS_REP = 15, /* (pkinit) */
134 SHISHI_PA_ETYPE_INFO2 = 19, /* (replaces pa_etype_info) */
135 SHISHI_PA_USE_SPECIFIED_KVNO = 20,
136 SHISHI_PA_SAM_REDIRECT = 21, /* (sam/otp) */
137 SHISHI_PA_GET_FROM_TYPED_DATA = 22, /* (embedded in typed data) */
138 SHISHI_TD_PADATA = 22, /* (embeds padata) */
139 SHISHI_PA_SAM_ETYPE_INFO = 23, /* (sam/otp) */
140 SHISHI_PA_ALT_PRINC = 24, /* (crawdad@fnal.gov) */
141 SHISHI_PA_SAM_CHALLENGE2 = 30, /* (kenh@pobox.com) */
142 SHISHI_PA_SAM_RESPONSE2 = 31, /* (kenh@pobox.com) */
143 SHISHI_PA_EXTRA_TGT = 41, /* Reserved extra TGT */
144 SHISHI_TD_PKINIT_CMS_CERTIFICATES = 101, /* CertificateSet from CMS */
145 SHISHI_TD_KRB_PRINCIPAL = 102, /* PrincipalName */
146 SHISHI_TD_KRB_REALM = 103, /* Realm */
147 SHISHI_TD_TRUSTED_CERTIFIERS = 104, /* from PKINIT */
148 SHISHI_TD_CERTIFICATE_INDEX = 105, /* from PKINIT */
149 SHISHI_TD_APP_DEFINED_ERROR = 106, /* application specific */
150 SHISHI_TD_REQ_NONCE = 107, /* INTEGER */
151 SHISHI_TD_REQ_SEQ = 108, /* INTEGER */
152 SHISHI_PA_PAC_REQUEST = 128 /* (jbrezak@exchange.microsoft.com) */
153 }
154 Shishi_padata_type;
155
156 typedef enum
157 {
158 SHISHI_TR_DOMAIN_X500_COMPRESS = 1
159 }
160 Shishi_tr_type;
161
162 typedef enum
163 {
164 SHISHI_APOPTIONS_RESERVED = 0x1, /* bit 0 */
165 SHISHI_APOPTIONS_USE_SESSION_KEY = 0x2, /* bit 1 */
166 SHISHI_APOPTIONS_MUTUAL_REQUIRED = 0x4 /* bit 2 */
167 }
168 Shishi_apoptions;
169
170 typedef enum
171 {
172 SHISHI_TICKETFLAGS_RESERVED = 0x1, /* bit 0 */
173 SHISHI_TICKETFLAGS_FORWARDABLE = 0x2, /* bit 1 */
174 SHISHI_TICKETFLAGS_FORWARDED = 0x4, /* bit 2 */
175 SHISHI_TICKETFLAGS_PROXIABLE = 0x8, /* bit 3 */
176 SHISHI_TICKETFLAGS_PROXY = 0x10, /* bit 4 */
177 SHISHI_TICKETFLAGS_MAY_POSTDATE = 0x20, /* bit 5 */
178 SHISHI_TICKETFLAGS_POSTDATED = 0x40, /* bit 6 */
179 SHISHI_TICKETFLAGS_INVALID = 0x80, /* bit 7 */
180 SHISHI_TICKETFLAGS_RENEWABLE = 0x100, /* bit 8 */
181 SHISHI_TICKETFLAGS_INITIAL = 0x200, /* bit 9 */
182 SHISHI_TICKETFLAGS_PRE_AUTHENT = 0x400, /* bit 10 */
183 SHISHI_TICKETFLAGS_HW_AUTHENT = 0x800, /* bit 11 */
184 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED = 0x1000, /* bit 12 */
185 SHISHI_TICKETFLAGS_OK_AS_DELEGATE = 0x2000 /* bit 13 */
186 }
187 Shishi_ticketflags;
188
189 typedef enum
190 {
191 SHISHI_KDCOPTIONS_RESERVED = 0x1, /* bit 0 */
192 SHISHI_KDCOPTIONS_FORWARDABLE = 0x2, /* bit 1 */
193 SHISHI_KDCOPTIONS_FORWARDED = 0x4, /* bit 2 */
194 SHISHI_KDCOPTIONS_PROXIABLE = 0x8, /* bit 3 */
195 SHISHI_KDCOPTIONS_PROXY = 0x10, /* bit 4 */
196 SHISHI_KDCOPTIONS_ALLOW_POSTDATE = 0x20, /* bit 5 */
197 SHISHI_KDCOPTIONS_POSTDATED = 0x40, /* bit 6 */
198 SHISHI_KDCOPTIONS_UNUSED7 = 0x80, /* bit 7 */
199 SHISHI_KDCOPTIONS_RENEWABLE = 0x100, /* bit 8 */
200 SHISHI_KDCOPTIONS_UNUSED9 = 0x200, /* bit 9 */
201 SHISHI_KDCOPTIONS_UNUSED10 = 0x400, /* bit 10 */
202 SHISHI_KDCOPTIONS_UNUSED11 = 0x800 /* bit 11 */
203 #define SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK 0x4000000 /* bit 26 */
204 #define SHISHI_KDCOPTIONS_RENEWABLE_OK 0x8000000 /* bit 27 */
205 #define SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY 0x10000000 /* bit 28 */
206 #define SHISHI_KDCOPTIONS_RENEW 0x40000000 /* bit 30 */
207 #define SHISHI_KDCOPTIONS_VALIDATE 0x80000000 /* bit 31 */
208 }
209 Shishi_KDCOptions;
210
211 typedef enum
212 {
213 /* 0 unused */
214 /* 1 Ticket PDU */
215 /* 2 Authenticator non-PDU */
216 /* 3 EncTicketPart non-PDU */
217 /* 4-9 unused */
218 /* Request for initial authentication */
219 SHISHI_MSGTYPE_AS_REQ = 10,
220 /* Response to SHISHI_MSGTYPE_AS_REQ request */
221 SHISHI_MSGTYPE_AS_REP = 11,
222 /* Request for authentication based on TGT */
223 SHISHI_MSGTYPE_TGS_REQ = 12,
224 /* Response to SHISHI_MSGTYPE_TGS_REQ request */
225 SHISHI_MSGTYPE_TGS_REP = 13,
226 /* application request to server */
227 SHISHI_MSGTYPE_AP_REQ = 14,
228 /* Response to SHISHI_MSGTYPE_AP_REQ_MUTUAL */
229 SHISHI_MSGTYPE_AP_REP = 15,
230 /* Reserved for user-to-user krb_tgt_request */
231 SHISHI_MSGTYPE_RESERVED16 = 16,
232 /* Reserved for user-to-user krb_tgt_reply */
233 SHISHI_MSGTYPE_RESERVED17 = 17,
234 /* 18-19 unused */
235 /* Safe (checksummed) application message */
236 SHISHI_MSGTYPE_SAFE = 20,
237 /* Private (encrypted) application message */
238 SHISHI_MSGTYPE_PRIV = 21,
239 /* Private (encrypted) message to forward credentials */
240 SHISHI_MSGTYPE_CRED = 22,
241 /* 23-24 unused */
242 /* 25 EncASRepPart non-PDU */
243 /* 26 EncTGSRepPart non-PDU */
244 /* 27 EncApRepPart non-PDU */
245 /* 28 EncKrbPrivPart non-PDU */
246 /* 29 EncKrbCredPart non-PDU */
247 /* Error response */
248 SHISHI_MSGTYPE_ERROR = 30
249 }
250 Shishi_msgtype;
251
252 typedef enum
253 {
254 SHISHI_LRTYPE_LAST_INITIAL_TGT_REQUEST = 1,
255 SHISHI_LRTYPE_LAST_INITIAL_REQUEST = 2,
256 SHISHI_LRTYPE_NEWEST_TGT_ISSUE = 3,
257 SHISHI_LRTYPE_LAST_RENEWAL = 4,
258 SHISHI_LRTYPE_LAST_REQUEST = 5
259 }
260 Shishi_lrtype;
261
262 typedef enum
263 {
264 SHISHI_NULL = 0,
265 SHISHI_DES_CBC_CRC = 1,
266 SHISHI_DES_CBC_MD4 = 2,
267 SHISHI_DES_CBC_MD5 = 3,
268 SHISHI_DES_CBC_NONE = 4,
269 SHISHI_DES3_CBC_NONE = 6,
270 SHISHI_DES3_CBC_HMAC_SHA1_KD = 16,
271 SHISHI_AES128_CTS_HMAC_SHA1_96 = 17,
272 SHISHI_AES256_CTS_HMAC_SHA1_96 = 18,
273 SHISHI_ARCFOUR_HMAC = 23,
274 SHISHI_ARCFOUR_HMAC_EXP = 24
275 }
276 Shishi_etype;
277
278 typedef enum
279 {
280 SHISHI_CRC32 = 1,
281 SHISHI_RSA_MD4 = 2,
282 SHISHI_RSA_MD4_DES = 3,
283 SHISHI_DES_MAC = 4,
284 SHISHI_DES_MAC_K = 5,
285 SHISHI_RSA_MD4_DES_K = 6,
286 SHISHI_RSA_MD5 = 7,
287 SHISHI_RSA_MD5_DES = 8,
288 SHISHI_RSA_MD5_DES_GSS = 9, /* XXX */
289 SHISHI_HMAC_SHA1_DES3_KD = 12,
290 SHISHI_HMAC_SHA1_96_AES128 = 15,
291 SHISHI_HMAC_SHA1_96_AES256 = 16,
292 SHISHI_ARCFOUR_HMAC_MD5 = -138,
293 SHISHI_KRB5_GSSAPI_CKSUM = 8003,
294 SHISHI_NO_CKSUMTYPE = -1
295 }
296 Shishi_cksumtype;
297
298 typedef enum
299 {
300 SHISHI_FILETYPE_TEXT = 0,
301 SHISHI_FILETYPE_DER,
302 SHISHI_FILETYPE_HEX,
303 SHISHI_FILETYPE_BASE64,
304 SHISHI_FILETYPE_BINARY
305 }
306 Shishi_filetype;
307
308 typedef enum
309 {
310 SHISHI_OUTPUTTYPE_NULL = 0,
311 SHISHI_OUTPUTTYPE_STDERR,
312 SHISHI_OUTPUTTYPE_SYSLOG
313 }
314 Shishi_outputtype;
315
316 typedef enum
317 {
318 SHISHI_AUTHORIZATION_BASIC = 0,
319 SHISHI_AUTHORIZATION_K5LOGIN
320 }
321 Shishi_authorization;
322
323 typedef enum
324 {
325 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
326 client key */
327 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP = 1,
328 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
329 application session key), encrypted with the service key */
330 SHISHI_KEYUSAGE_ENCTICKETPART = 2,
331 /* 3. AS-REP encrypted part (includes TGS session key or application
332 session key), encrypted with the client key */
333 SHISHI_KEYUSAGE_ENCASREPPART = 3,
334 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
335 session key */
336 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY = 4,
337 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
338 authenticator subkey (section 5.4.1) */
339 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY = 5,
340 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
341 TGS session key */
342 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM = 6,
343 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
344 authenticator subkey), encrypted with the TGS session key */
345 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR = 7,
346 /* 8. TGS-REP encrypted part (includes application session key), encrypted
347 with the TGS session key */
348 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY = 8,
349 /* 9. TGS-REP encrypted part (includes application session key), encrypted
350 with the TGS authenticator subkey */
351 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY = 9,
352 /* 10. AP-REQ Authenticator cksum, keyed with the application
353 session key */
354 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM = 10,
355 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
356 encrypted with the application session key */
357 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR = 11,
358 /* 12. AP-REP encrypted part (includes application session subkey),
359 encrypted with the application session key */
360 SHISHI_KEYUSAGE_ENCAPREPPART = 12,
361 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
362 application */
363 SHISHI_KEYUSAGE_KRB_PRIV = 13,
364 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
365 application */
366 SHISHI_KEYUSAGE_KRB_CRED = 14,
367 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
368 SHISHI_KEYUSAGE_KRB_SAFE = 15,
369 /* 18. KRB-ERROR checksum (e-cksum) */
370 SHISHI_KEYUSAGE_KRB_ERROR = 18,
371 /* 19. AD-KDCIssued checksum (ad-checksum) */
372 SHISHI_KEYUSAGE_AD_KDCISSUED = 19,
373 /* 20. Checksum for Mandatory Ticket Extensions */
374 SHISHI_KEYUSAGE_TICKET_EXTENSION = 20,
375 /* 21. Checksum in Authorization Data in Ticket Extensions */
376 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION = 21,
377 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
378 (raeburn/MIT) */
379 SHISHI_KEYUSAGE_GSS_R1 = 22,
380 SHISHI_KEYUSAGE_GSS_R2 = 23,
381 SHISHI_KEYUSAGE_GSS_R3 = 24,
382 /* draft-ietf-krb-wg-gssapi-cfx */
383 SHISHI_KEYUSAGE_ACCEPTOR_SEAL = 22,
384 SHISHI_KEYUSAGE_ACCEPTOR_SIGN = 23,
385 SHISHI_KEYUSAGE_INITIATOR_SEAL = 24,
386 SHISHI_KEYUSAGE_INITIATOR_SIGN = 25,
387 /* 16-18,20-21,25-511. Reserved for future use. */
388 /* 512-1023. Reserved for uses internal implementations. */
389 /* 1024. Encryption for application use in protocols that
390 do not specify key usage values */
391 /* 1025. Checksums for application use in protocols that
392 do not specify key usage values */
393 /* 1026-2047. Reserved for application use.
394 1026,1028,1030,1032,1034 used in KCMD protocol */
395 SHISHI_KEYUSAGE_KCMD_DES = 1026,
396 SHISHI_KEYUSAGE_KCMD_INPUT = 1028,
397 SHISHI_KEYUSAGE_KCMD_OUTPUT = 1030,
398 SHISHI_KEYUSAGE_KCMD_STDERR_INPUT = 1032,
399 SHISHI_KEYUSAGE_KCMD_STDERR_OUTPUT = 1034
400 }
401 Shishi_keyusage;
402
403 typedef enum
404 {
405 /* No error */
406 SHISHI_KDC_ERR_NONE = 0,
407 /* Client's entry in database has expired */
408 SHISHI_KDC_ERR_NAME_EXP = 1,
409 /* Server's entry in database has expired */
410 SHISHI_KDC_ERR_SERVICE_EXP = 2,
411 /* Requested protocol version number - not supported */
412 SHISHI_KDC_ERR_BAD_PVNO = 3,
413 /* Client's key encrypted in old master key */
414 SHISHI_KDC_ERR_C_OLD_MAST_KVNO = 4,
415 /* Server's key encrypted in old master key */
416 SHISHI_KDC_ERR_S_OLD_MAST_KVNO = 5,
417 /* Client not found in database */
418 SHISHI_KDC_ERR_C_PRINCIPAL_UNKNOWN = 6,
419 /* Server not found in database */
420 SHISHI_KDC_ERR_S_PRINCIPAL_UNKNOWN = 7,
421 /* Multiple principal entries in database */
422 SHISHI_KDC_ERR_PRINCIPAL_NOT_UNIQUE = 8,
423 /* The client or server has a null key */
424 SHISHI_KDC_ERR_NULL_KEY = 9,
425 /* Ticket not eligible for postdating */
426 SHISHI_KDC_ERR_CANNOT_POSTDATE = 10,
427 /* Requested start time is later than end time */
428 SHISHI_KDC_ERR_NEVER_VALID = 11,
429 /* KDC policy rejects request */
430 SHISHI_KDC_ERR_POLICY = 12,
431 /* KDC cannot accommodate requested option */
432 SHISHI_KDC_ERR_BADOPTION = 13,
433 /* KDC has no support for encryption type */
434 SHISHI_KDC_ERR_ETYPE_NOSUPP = 14,
435 /* KDC has no support for checksum type */
436 SHISHI_KDC_ERR_SUMTYPE_NOSUPP = 15,
437 /* KDC has no support for padata type */
438 SHISHI_KDC_ERR_PADATA_TYPE_NOSUPP = 16,
439 /* KDC has no support for transited type */
440 SHISHI_KDC_ERR_TRTYPE_NOSUPP = 17,
441 /* Clients credentials have been revoked */
442 SHISHI_KDC_ERR_CLIENT_REVOKED = 18,
443 /* Credentials for server have been revoked */
444 SHISHI_KDC_ERR_SERVICE_REVOKED = 19,
445 /* TGT has been revoked */
446 SHISHI_KDC_ERR_TGT_REVOKED = 20,
447 /* Client not yet valid - try again later */
448 SHISHI_KDC_ERR_CLIENT_NOTYET = 21,
449 /* Server not yet valid - try again later */
450 SHISHI_KDC_ERR_SERVICE_NOTYET = 22,
451 /* Password has expired - change password to reset */
452 SHISHI_KDC_ERR_KEY_EXPIRED = 23,
453 /* Pre-authentication information was invalid */
454 SHISHI_KDC_ERR_PREAUTH_FAILED = 24,
455 /* Additional pre-authenticationrequired */
456 SHISHI_KDC_ERR_PREAUTH_REQUIRED = 25,
457 /* Requested server and ticket don't match */
458 SHISHI_KDC_ERR_SERVER_NOMATCH = 26,
459 /* Server principal valid for user = 2,user only */
460 SHISHI_KDC_ERR_MUST_USE_USER2USER = 27,
461 /* KDC Policy rejects transited path */
462 SHISHI_KDC_ERR_PATH_NOT_ACCPETED = 28,
463 /* A service is not available */
464 SHISHI_KDC_ERR_SVC_UNAVAILABLE = 29,
465 /* Integrity check on decrypted field failed */
466 SHISHI_KRB_AP_ERR_BAD_INTEGRITY = 31,
467 /* Ticket expired */
468 SHISHI_KRB_AP_ERR_TKT_EXPIRED = 32,
469 /* Ticket not yet valid */
470 SHISHI_KRB_AP_ERR_TKT_NYV = 33,
471 /* Request is a replay */
472 SHISHI_KRB_AP_ERR_REPEAT = 34,
473 /* The ticket isn't for us */
474 SHISHI_KRB_AP_ERR_NOT_US = 35,
475 /* Ticket and authenticator don't match */
476 SHISHI_KRB_AP_ERR_BADMATCH = 36,
477 /* Clock skew too great */
478 SHISHI_KRB_AP_ERR_SKEW = 37,
479 /* Incorrect net address */
480 SHISHI_KRB_AP_ERR_BADADDR = 38,
481 /* Protocol version mismatch */
482 SHISHI_KRB_AP_ERR_BADVERSION = 39,
483 /* Invalid msg type */
484 SHISHI_KRB_AP_ERR_MSG_TYPE = 40,
485 /* Message stream modified */
486 SHISHI_KRB_AP_ERR_MODIFIED = 41,
487 /* Message out of order */
488 SHISHI_KRB_AP_ERR_BADORDER = 42,
489 /* Specified version of key is not available */
490 SHISHI_KRB_AP_ERR_BADKEYVER = 44,
491 /* Service key not available */
492 SHISHI_KRB_AP_ERR_NOKEY = 45,
493 /* Mutual authentication failed */
494 SHISHI_KRB_AP_ERR_MUT_FAIL = 46,
495 /* Incorrect message direction */
496 SHISHI_KRB_AP_ERR_BADDIRECTION = 47,
497 /* Alternative authentication method required */
498 SHISHI_KRB_AP_ERR_METHOD = 48,
499 /* Incorrect sequence number in message */
500 SHISHI_KRB_AP_ERR_BADSEQ = 49,
501 /* Inappropriate type of checksum in message */
502 SHISHI_KRB_AP_ERR_INAPP_CKSUM = 50,
503 /* Policy rejects transited path */
504 SHISHI_KRB_AP_PATH_NOT_ACCEPTED = 51,
505 /* Response too big for UDP, retry with TCP */
506 SHISHI_KRB_ERR_RESPONSE_TOO_BIG = 52,
507 /* Generic error (description in e-text) */
508 SHISHI_KRB_ERR_GENERIC = 60,
509 /* Field is too long for this implementation */
510 SHISHI_KRB_ERR_FIELD_TOOLONG = 61,
511 /* Reserved for PKINIT */
512 SHISHI_KDC_ERROR_CLIENT_NOT_TRUSTED = 62,
513 /* Reserved for PKINIT */
514 SHISHI_KDC_ERROR_KDC_NOT_TRUSTED = 63,
515 /* Reserved for PKINIT */
516 SHISHI_KDC_ERROR_INVALID_SIG = 64,
517 /* Reserved for PKINIT */
518 SHISHI_KDC_ERR_KEY_TOO_WEAK = 65,
519 /* Reserved for PKINIT */
520 SHISHI_KDC_ERR_CERTIFICATE_MISMATCH = 66,
521 /* No TGT available to validate USER-TO-USER */
522 SHISHI_KRB_AP_ERR_NO_TGT = 67,
523 /* USER-TO-USER TGT issued different KDC */
524 SHISHI_KDC_ERR_WRONG_REALM = 68,
525 /* Ticket must be for USER-TO-USER */
526 SHISHI_KRB_AP_ERR_USER_TO_USER_REQUIRED = 69,
527 /* Reserved for PKINIT */
528 SHISHI_KDC_ERR_CANT_VERIFY_CERTIFICATE = 70,
529 /* Reserved for PKINIT */
530 SHISHI_KDC_ERR_INVALID_CERTIFICATE = 71,
531 /* Reserved for PKINIT */
532 SHISHI_KDC_ERR_REVOKED_CERTIFICATE = 72,
533 /* Reserved for PKINIT */
534 SHISHI_KDC_ERR_REVOCATION_STATUS_UNKNOWN = 73,
535 /* Reserved for PKINIT */
536 SHISHI_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE = 74,
537 /* Reserved for PKINIT */
538 SHISHI_KDC_ERR_CLIENT_NAME_MISMATCH = 75,
539 /* Reserved for PKINIT */
540 SHISHI_KDC_ERR_KDC_NAME_MISMATCH = 76,
541 SHISHI_LAST_ERROR_CODE = 76
542 }
543 Shishi_krb_error;
544
545 typedef enum
546 {
547 SHISHI_TKTSHINTFLAGS_ACCEPT_EXPIRED = 1
548 }
549 Shishi_tkts_hintflags;
550
551 struct Shishi_tkts_hint
552 {
553 int startpos;
554 char *server;
555 char *serverrealm;
556 char *client;
557 char *clientrealm;
558 int flags;
559 Shishi_ticketflags tktflags;
560 Shishi_KDCOptions kdcoptions;
561 int32_t etype;
562 char *passwd;
563 time_t starttime;
564 time_t endtime;
565 time_t renew_till;
566 int32_t preauthetype;
567 char *preauthsalt;
568 size_t preauthsaltlen;
569 char *preauths2kparams;
570 size_t preauths2kparamslen;
571 };
572 typedef struct Shishi_tkts_hint Shishi_tkts_hint;
573
574 /* resolv.c */
575 #define SHISHI_DNS_TXT 16
576 #define SHISHI_DNS_SRV 33
577
578 struct Shishi_dns_st
579 {
580 struct Shishi_dns_st *next;
581
582 uint16_t class;
583 uint16_t type;
584 uint32_t ttl;
585
586 void *rr;
587 };
588 typedef struct Shishi_dns_st *Shishi_dns;
589
590 struct Shishi_dns_srv_st
591 {
592 uint16_t priority;
593 uint16_t weight;
594 uint16_t port;
595
596 char name[256];
597 };
598 typedef struct Shishi_dns_srv_st *Shishi_dns_srv;
599
600 typedef struct Shishi Shishi;
601 typedef struct Shishi_tkt Shishi_tkt;
602 typedef struct Shishi_tkts Shishi_tkts;
603 typedef struct Shishi_as Shishi_as;
604 typedef struct Shishi_tgs Shishi_tgs;
605 typedef struct Shishi_ap Shishi_ap;
606 typedef struct Shishi_key Shishi_key;
607 typedef struct Shishi_keys Shishi_keys;
608 typedef struct Shishi_safe Shishi_safe;
609 typedef struct Shishi_priv Shishi_priv;
610 #ifndef _SHISHI_HAS_LIBTASN1_H
611 typedef struct node_asn_struct *ASN1_TYPE;
612 #endif
613 typedef ASN1_TYPE Shishi_asn1;
614 typedef struct Shishi_crypto Shishi_crypto;
615
616 #define SHISHI_GENERALIZEDTIME_LENGTH 15
617 #define SHISHI_GENERALIZEDTIMEZ_LENGTH (SHISHI_GENERALIZEDTIME_LENGTH + 1)
618
619 /* If non-NULL, call this function when memory is exhausted. */
620 extern void (*shishi_alloc_fail_function) (void);
621
622 /* init.c */
623 extern Shishi *shishi (void);
624 extern Shishi *shishi_server (void);
625 extern void shishi_done (Shishi * handle);
626 extern int shishi_init (Shishi ** handle);
627 extern int shishi_init_with_paths (Shishi ** handle,
628 const char *tktsfile,
629 const char *systemcfgfile,
630 const char *usercfgfile);
631 extern int shishi_init_server (Shishi ** handle);
632 extern int shishi_init_server_with_paths (Shishi ** handle,
633 const char *systemcfgfile);
634
635 /* cfg.c */
636 extern int shishi_cfg (Shishi * handle, char *option);
637 extern int shishi_cfg_from_file (Shishi * handle, const char *cfg);
638 extern int shishi_cfg_print (Shishi * handle, FILE * fh);
639 extern const char *shishi_cfg_default_systemfile (Shishi * handle);
640 extern const char *shishi_cfg_default_userdirectory (Shishi * handle);
641 extern const char *shishi_cfg_default_userfile (Shishi * handle);
642 extern char *shishi_cfg_userdirectory_file (Shishi * handle,
643 const char *file);
644 extern int shishi_cfg_clientkdcetype (Shishi * handle, int32_t ** etypes);
645 extern int32_t shishi_cfg_clientkdcetype_fast (Shishi * handle);
646 extern int shishi_cfg_clientkdcetype_set (Shishi * handle, char *value);
647 extern int shishi_cfg_authorizationtype_set (Shishi * handle, char *value);
648
649 /* error.c */
650 extern const char *shishi_strerror (int err);
651 extern const char *shishi_error (Shishi * handle);
652 extern void shishi_error_clear (Shishi * handle);
653 extern void shishi_error_set (Shishi * handle, const char *errstr);
654 extern void shishi_error_printf (Shishi * handle, const char *format, ...);
655 extern int shishi_error_outputtype (Shishi * handle);
656 extern void shishi_error_set_outputtype (Shishi * handle, int type);
657 extern void shishi_info (Shishi * handle, const char *format, ...);
658 extern void shishi_warn (Shishi * handle, const char *format, ...);
659 extern void shishi_verbose (Shishi * handle, const char *format, ...);
660
661 /* realm.c */
662 extern char *shishi_realm_default_guess (void);
663 extern const char *shishi_realm_default (Shishi * handle);
664 extern void shishi_realm_default_set (Shishi * handle, const char *realm);
665 extern char *shishi_realm_for_server_file (Shishi * handle, char *server);
666 extern char *shishi_realm_for_server_dns (Shishi * handle, char *server);
667 extern char *shishi_realm_for_server (Shishi * handle, char *server);
668
669 /* principal.c */
670 extern char *shishi_principal_default_guess (void);
671 extern const char *shishi_principal_default (Shishi * handle);
672 extern void shishi_principal_default_set (Shishi * handle,
673 const char *principal);
674 extern int shishi_principal_name (Shishi * handle,
675 Shishi_asn1 namenode,
676 const char *namefield,
677 char **out, size_t * outlen);
678 extern int shishi_principal_name_realm (Shishi * handle,
679 Shishi_asn1 namenode,
680 const char *namefield,
681 Shishi_asn1 realmnode,
682 const char *realmfield,
683 char **out, size_t * outlen);
684 extern int shishi_principal_name_set (Shishi * handle,
685 Shishi_asn1 namenode,
686 const char *namefield,
687 Shishi_name_type name_type,
688 const char *name[]);
689 extern int shishi_principal_set (Shishi * handle,
690 Shishi_asn1 namenode,
691 const char *namefield, const char *name);
692 extern int shishi_parse_name (Shishi * handle, const char *name,
693 char **principal, char **realm);
694 extern int shishi_derive_default_salt (Shishi * handle,
695 const char *name,
696 char **salt);
697 extern char *shishi_server_for_local_service (Shishi * handle,
698 const char *service);
699
700 /* ticket.c */
701 extern Shishi_asn1 shishi_ticket (Shishi * handle);
702 extern int shishi_ticket_server (Shishi * handle, Shishi_asn1 ticket,
703 char **server, size_t * serverlen);
704 extern int shishi_ticket_sname_set (Shishi * handle,
705 Shishi_asn1 ticket,
706 Shishi_name_type name_type,
707 char *sname[]);
708 extern int shishi_ticket_srealmserver_set (Shishi * handle,
709 Shishi_asn1 ticket,
710 const char *realm,
711 const char *server);
712 extern int shishi_ticket_set_server (Shishi * handle, Shishi_asn1 ticket,
713 const char *server);
714 extern int shishi_ticket_realm_get (Shishi * handle,
715 Shishi_asn1 ticket,
716 char **realm, size_t * realmlen);
717 extern int shishi_ticket_realm_set (Shishi * handle, Shishi_asn1 ticket,
718 const char *realm);
719 extern int shishi_ticket_get_enc_part_etype (Shishi * handle,
720 Shishi_asn1 ticket,
721 int32_t * etype);
722 extern int shishi_ticket_set_enc_part (Shishi * handle, Shishi_asn1 ticket,
723 int32_t etype, uint32_t kvno,
724 const char *buf, size_t buflen);
725 extern int shishi_ticket_add_enc_part (Shishi * handle, Shishi_asn1 ticket,
726 Shishi_key * key,
727 Shishi_asn1 encticketpart);
728 extern int shishi_ticket_decrypt (Shishi * handle, Shishi_asn1 ticket,
729 Shishi_key * key,
730 Shishi_asn1 * encticketpart);
731
732 /* tkt.c */
733 extern Shishi_asn1 shishi_tkt_ticket (Shishi_tkt * tkt);
734 extern void shishi_tkt_ticket_set (Shishi_tkt * tkt, Shishi_asn1 ticket);
735 extern Shishi_asn1 shishi_tkt_kdcrep (Shishi_tkt * tkt);
736 extern Shishi_asn1 shishi_tkt_enckdcreppart (Shishi_tkt * tkt);
737 extern void shishi_tkt_enckdcreppart_set (Shishi_tkt * tkt,
738 Shishi_asn1 enckdcreppart);
739 extern Shishi_asn1 shishi_tkt_encticketpart (Shishi_tkt * tkt);
740 extern void shishi_tkt_encticketpart_set (Shishi_tkt * tkt,
741 Shishi_asn1 encticketpart);
742 extern Shishi_key *shishi_tkt_key (Shishi_tkt * tkt);
743 extern int shishi_tkt_key_set (Shishi_tkt * tkt, Shishi_key * key);
744 extern int shishi_tkt (Shishi * handle, Shishi_tkt ** tkt);
745 extern Shishi_tkt *shishi_tkt2 (Shishi * handle,
746 Shishi_asn1 ticket,
747 Shishi_asn1 enckdcreppart,
748 Shishi_asn1 kdcrep);
749 extern void shishi_tkt_pretty_print (Shishi_tkt * tkt, FILE * fh);
750 extern int shishi_tkt_realm (Shishi_tkt * tkt, char **realm,
751 size_t * realmlen);
752 extern int shishi_tkt_client (Shishi_tkt * tkt,
753 char **client, size_t * clientlen);
754 extern int shishi_tkt_client_p (Shishi_tkt * tkt, const char *client);
755 extern int shishi_tkt_clientrealm (Shishi_tkt * tkt,
756 char **client, size_t *clientlen);
757 extern int shishi_tkt_clientrealm_p (Shishi_tkt * tkt, const char *client);
758 extern int shishi_tkt_clientrealm_set (Shishi_tkt * tkt,
759 const char *realm, const char *client);
760 extern int shishi_tkt_serverrealm_set (Shishi_tkt * tkt,
761 const char *realm, const char *server);
762 extern int shishi_tkt_build (Shishi_tkt * tkt, Shishi_key * key);
763 extern int shishi_tkt_lastreq (Shishi_tkt * tkt,
764 char **lrtime, size_t * lrtimelen,
765 int32_t lrtype);
766 extern time_t shishi_tkt_lastreqc (Shishi_tkt * tkt, Shishi_lrtype lrtype);
767 extern void shishi_tkt_lastreq_pretty_print (Shishi_tkt * tkt, FILE * fh);
768 extern int shishi_tkt_authtime (Shishi_tkt * tkt,
769 char **authtime, size_t * authtimelen);
770 extern time_t shishi_tkt_authctime (Shishi_tkt * tkt);
771 extern int shishi_tkt_starttime (Shishi_tkt * tkt,
772 char **starttime, size_t * starttimelen);
773 extern time_t shishi_tkt_startctime (Shishi_tkt * tkt);
774 extern int shishi_tkt_endtime (Shishi_tkt * tkt,
775 char **endtime, size_t * endtimelen);
776 extern time_t shishi_tkt_endctime (Shishi_tkt * tkt);
777 extern int shishi_tkt_renew_till (Shishi_tkt * tkt,
778 char **renewtilltime,
779 size_t * renewtilllen);
780 extern time_t shishi_tkt_renew_tillc (Shishi_tkt * tkt);
781 extern int shishi_tkt_keytype (Shishi_tkt * tkt, int32_t * etype);
782 extern int32_t shishi_tkt_keytype_fast (Shishi_tkt * tkt);
783 extern int shishi_tkt_keytype_p (Shishi_tkt * tkt, int32_t etype);
784 extern int shishi_tkt_server (Shishi_tkt * tkt,
785 char **server, size_t * serverlen);
786 extern int shishi_tkt_server_p (Shishi_tkt * tkt, const char *server);
787 extern int shishi_tkt_valid_at_time_p (Shishi_tkt * tkt, time_t now);
788 extern int shishi_tkt_valid_now_p (Shishi_tkt * tkt);
789 extern int shishi_tkt_expired_p (Shishi_tkt * tkt);
790 extern int shishi_tkt_decrypt (Shishi_tkt * tkt, Shishi_key * key);
791 extern void shishi_tkt_done (Shishi_tkt * tkt);
792 extern int shishi_tkt_flags (Shishi_tkt * tkt, uint32_t * flags);
793 extern int shishi_tkt_flags_set (Shishi_tkt * tkt, uint32_t flags);
794 extern int shishi_tkt_flags_add (Shishi_tkt * tkt, uint32_t flag);
795 extern int shishi_tkt_forwardable_p (Shishi_tkt * tkt);
796 extern int shishi_tkt_forwarded_p (Shishi_tkt * tkt);
797 extern int shishi_tkt_proxiable_p (Shishi_tkt * tkt);
798 extern int shishi_tkt_proxy_p (Shishi_tkt * tkt);
799 extern int shishi_tkt_may_postdate_p (Shishi_tkt * tkt);
800 extern int shishi_tkt_postdated_p (Shishi_tkt * tkt);
801 extern int shishi_tkt_invalid_p (Shishi_tkt * tkt);
802 extern int shishi_tkt_renewable_p (Shishi_tkt * tkt);
803 extern int shishi_tkt_initial_p (Shishi_tkt * tkt);
804 extern int shishi_tkt_pre_authent_p (Shishi_tkt * tkt);
805 extern int shishi_tkt_hw_authent_p (Shishi_tkt * tkt);
806 extern int shishi_tkt_transited_policy_checked_p (Shishi_tkt * tkt);
807 extern int shishi_tkt_ok_as_delegate_p (Shishi_tkt * tkt);
808
809 /* tkts.c */
810 extern char *shishi_tkts_default_file_guess (Shishi * handle);
811 extern const char *shishi_tkts_default_file (Shishi * handle);
812 extern void shishi_tkts_default_file_set (Shishi * handle,
813 const char *tktsfile);
814 extern Shishi_tkts *shishi_tkts_default (Shishi * handle);
815 extern int shishi_tkts_default_to_file (Shishi_tkts * tkts);
816 extern int shishi_tkts (Shishi * handle, Shishi_tkts ** tkts);
817 extern Shishi_tkt *shishi_tkts_nth (Shishi_tkts * tkts, int ticketno);
818 extern int shishi_tkts_size (Shishi_tkts * tkts);
819 extern int shishi_tkts_add (Shishi_tkts * tkts, Shishi_tkt * tkt);
820 extern int shishi_tkts_new (Shishi_tkts * tkts,
821 Shishi_asn1 ticket,
822 Shishi_asn1 enckdcreppart, Shishi_asn1 kdcrep);
823 extern int shishi_tkts_remove (Shishi_tkts * tkts, int ticketno);
824 extern int shishi_tkts_expire (Shishi_tkts * tkts);
825 extern int shishi_tkts_print_for_service (Shishi_tkts * tkts,
826 FILE * fh, const char *service);
827 extern int shishi_tkts_print (Shishi_tkts * tkts, FILE * fh);
828 extern int shishi_tkts_write (Shishi_tkts * tkts, FILE * fh);
829 extern int shishi_tkts_to_file (Shishi_tkts * tkts, const char *filename);
830 extern int shishi_tkts_read (Shishi_tkts * tkts, FILE * fh);
831 extern int shishi_tkts_from_file (Shishi_tkts * tkts, const char *filename);
832 extern void shishi_tkts_done (Shishi_tkts ** tkts);
833 extern int shishi_tkt_match_p (Shishi_tkt * tkt, Shishi_tkts_hint * hint);
834 extern Shishi_tkt *shishi_tkts_find (Shishi_tkts * tkts,
835 Shishi_tkts_hint * hint);
836 extern Shishi_tkt *shishi_tkts_find_for_clientserver (Shishi_tkts * tkts,
837 const char *client,
838 const char *server);
839 extern Shishi_tkt *shishi_tkts_find_for_server (Shishi_tkts * tkts,
840 const char *server);
841 extern Shishi_tkt *shishi_tkts_get (Shishi_tkts * tkts,
842 Shishi_tkts_hint * hint);
843 extern Shishi_tkt *shishi_tkts_get_tgt (Shishi_tkts * tkts,
844 Shishi_tkts_hint * hint);
845 extern Shishi_tkt *shishi_tkts_get_tgs (Shishi_tkts * tkts,
846 Shishi_tkts_hint * hint,
847 Shishi_tkt * tgt);
848 extern Shishi_tkt *shishi_tkts_get_for_clientserver (Shishi_tkts * tkts,
849 const char *client,
850 const char *server);
851 extern Shishi_tkt *shishi_tkts_get_for_server (Shishi_tkts * tkts,
852 const char *server);
853 extern Shishi_tkt *shishi_tkts_get_for_localservicepasswd (Shishi_tkts * tkts,
854 const char
855 *service,
856 const char
857 *passwd);
858
859 /* tktccache.c */
860 extern char *shishi_tkts_default_ccache_guess (Shishi * handle);
861 extern const char *shishi_tkts_default_ccache (Shishi * handle);
862 extern void shishi_tkts_default_ccache_set (Shishi * handle,
863 const char *ccache);
864 extern int shishi_tkts_add_ccache_mem (Shishi * handle,
865 const char *data, size_t len,
866 Shishi_tkts *tkts);
867 extern int shishi_tkts_add_ccache_file (Shishi * handle,
868 const char *filename,
869 Shishi_tkts *tkts);
870 extern int shishi_tkts_from_ccache_mem (Shishi * handle,
871 const char *data, size_t len,
872 Shishi_tkts **outtkts);
873 extern int shishi_tkts_from_ccache_file (Shishi * handle,
874 const char *filename,
875 Shishi_tkts **outtkts);
876
877 /* diskio.c */
878 extern int
879 shishi_enckdcreppart_print (Shishi * handle,
880 FILE * fh, Shishi_asn1 enckdcreppart);
881 extern int
882 shishi_enckdcreppart_save (Shishi * handle,
883 FILE * fh, Shishi_asn1 enckdcreppart);
884 extern int
885 shishi_enckdcreppart_parse (Shishi * handle,
886 FILE * fh, Shishi_asn1 * enckdcreppart);
887 extern int
888 shishi_enckdcreppart_read (Shishi * handle,
889 FILE * fh, Shishi_asn1 * enckdcreppart);
890 extern int shishi_ticket_save (Shishi * handle, FILE * fh,
891 Shishi_asn1 ticket);
892 extern int shishi_ticket_print (Shishi * handle, FILE * fh,
893 Shishi_asn1 ticket);
894 extern int shishi_kdc_req_print (Shishi * handle, FILE * fh,
895 Shishi_asn1 asreq);
896 extern int shishi_kdc_rep_print (Shishi * handle, FILE * fh,
897 Shishi_asn1 asreq);
898 extern int shishi_kdc_print (Shishi * handle, FILE * fh, Shishi_asn1 asreq,
899 Shishi_asn1 asrep, Shishi_asn1 encasreppart);
900 extern int shishi_kdc_req_parse (Shishi * handle, FILE * fh,
901 Shishi_asn1 * asreq);
902 extern int shishi_kdc_rep_parse (Shishi * handle, FILE * fh,
903 Shishi_asn1 * asrep);
904 extern int shishi_ticket_parse (Shishi * handle, FILE * fh,
905 Shishi_asn1 * ticket);
906 extern int shishi_ticket_read (Shishi * handle, FILE * fh,
907 Shishi_asn1 * ticket);
908 extern int shishi_etype_info_print (Shishi * handle, FILE * fh,
909 Shishi_asn1 etypeinfo);
910 extern int shishi_etype_info2_print (Shishi * handle, FILE * fh,
911 Shishi_asn1 etypeinfo2);
912
913 /* authenticator.c */
914 extern Shishi_asn1 shishi_authenticator (Shishi * handle);
915 extern int shishi_authenticator_set_crealm (Shishi * handle,
916 Shishi_asn1 authenticator,
917 const char *crealm);
918 extern int shishi_authenticator_set_cname (Shishi * handle,
919 Shishi_asn1 authenticator,
920 Shishi_name_type name_type,
921 const char *cname[]);
922 extern int shishi_authenticator_client_set (Shishi * handle,
923 Shishi_asn1 authenticator,
924 const char *client);
925 extern int shishi_authenticator_ctime (Shishi * handle,
926 Shishi_asn1 authenticator, char **t);
927 extern int shishi_authenticator_ctime_set (Shishi * handle,
928 Shishi_asn1 authenticator,
929 const char *t);
930 extern int shishi_authenticator_cusec_get (Shishi * handle,
931 Shishi_asn1 authenticator,
932 uint32_t * cusec);
933 extern int shishi_authenticator_cusec_set (Shishi * handle,
934 Shishi_asn1 authenticator,
935 uint32_t cusec);
936 extern int shishi_authenticator_seqnumber_get (Shishi * handle,
937 Shishi_asn1 authenticator,
938 uint32_t * seqnumber);
939 extern int shishi_authenticator_seqnumber_remove (Shishi * handle,
940 Shishi_asn1 authenticator);
941 extern int shishi_authenticator_seqnumber_set (Shishi * handle,
942 Shishi_asn1 authenticator,
943 uint32_t seqnumber);
944 extern int shishi_authenticator_client (Shishi * handle,
945 Shishi_asn1 authenticator,
946 char **client, size_t *clientlen);
947 extern int shishi_authenticator_clientrealm (Shishi * handle,
948 Shishi_asn1 authenticator,
949 char **client, size_t *clientlen);
950 extern int shishi_authenticator_remove_cksum (Shishi * handle,
951 Shishi_asn1 authenticator);
952 extern int shishi_authenticator_cksum (Shishi * handle,
953 Shishi_asn1 authenticator,
954 int32_t * cksumtype,
955 char **cksum, size_t * cksumlen);
956 extern int shishi_authenticator_set_cksum (Shishi * handle,
957 Shishi_asn1 authenticator,
958 int cksumtype,
959 char *cksum, size_t cksumlen);
960 extern int shishi_authenticator_add_cksum (Shishi * handle,
961 Shishi_asn1 authenticator,
962 Shishi_key * key,
963 int keyusage,
964 char *data, size_t datalen);
965 extern int
966 shishi_authenticator_add_cksum_type (Shishi * handle,
967 Shishi_asn1 authenticator,
968 Shishi_key * key,
969 int keyusage, int cksumtype,
970 char *data, size_t datalen);
971 extern int
972 shishi_authenticator_remove_subkey (Shishi * handle,
973 Shishi_asn1 authenticator);
974 extern Shishi_asn1 shishi_authenticator_subkey (Shishi * handle);
975 extern int
976 shishi_authenticator_get_subkey (Shishi * handle,
977 Shishi_asn1 authenticator,
978 Shishi_key ** subkey);
979 extern int
980 shishi_authenticator_set_subkey (Shishi * handle,
981 Shishi_asn1 authenticator,
982 int32_t subkeytype,
983 char *subkey, size_t subkeylen);
984 extern int
985 shishi_authenticator_add_random_subkey (Shishi * handle,
986 Shishi_asn1 authenticator);
987 extern int
988 shishi_authenticator_add_random_subkey_etype (Shishi * handle,
989 Shishi_asn1 authenticator,
990 int etype);
991 extern int
992 shishi_authenticator_add_subkey (Shishi * handle,
993 Shishi_asn1 authenticator,
994 Shishi_key * subkey);
995 extern int
996 shishi_authenticator_clear_authorizationdata (Shishi * handle,
997 Shishi_asn1 authenticator);
998 extern int
999 shishi_authenticator_add_authorizationdata (Shishi * handle,
1000 Shishi_asn1 authenticator,
1001 int32_t adtype,
1002 const char *addata,
1003 size_t addatalen);
1004 extern int
1005 shishi_authenticator_authorizationdata (Shishi * handle,
1006 Shishi_asn1 authenticator,
1007 int32_t * adtype,
1008 char **addata, size_t * addatalen,
1009 size_t nth);
1010 extern int shishi_authenticator_read (Shishi * handle, FILE * fh,
1011 Shishi_asn1 * authenticator);
1012 extern int shishi_authenticator_parse (Shishi * handle, FILE * fh,
1013 Shishi_asn1 * authenticator);
1014 extern int shishi_authenticator_from_file (Shishi * handle,
1015 Shishi_asn1 * authenticator,
1016 int filetype,
1017 const char *filename);
1018 extern int shishi_authenticator_print (Shishi * handle, FILE * fh,
1019 Shishi_asn1 authenticator);
1020 extern int shishi_authenticator_to_file (Shishi * handle,
1021 Shishi_asn1 authenticator,
1022 int filetype, const char *filename);
1023 extern int shishi_authenticator_save (Shishi * handle, FILE * fh,
1024 Shishi_asn1 authenticator);
1025
1026 /* as.c */
1027 extern int shishi_as (Shishi * handle, Shishi_as ** as);
1028 extern void shishi_as_done (Shishi_as * as);
1029 extern Shishi_asn1 shishi_as_req (Shishi_as * as);
1030 extern int shishi_as_req_build (Shishi_as * as);
1031 extern void shishi_as_req_set (Shishi_as * as, Shishi_asn1 asreq);
1032 extern int shishi_as_req_der (Shishi_as * as, char **out, size_t * outlen);
1033 extern int shishi_as_req_der_set (Shishi_as * as, char *der, size_t derlen);
1034 extern Shishi_asn1 shishi_as_rep (Shishi_as * as);
1035 extern void shishi_as_rep_set (Shishi_as * as, Shishi_asn1 asrep);
1036 extern int shishi_as_rep_build (Shishi_as * as, Shishi_key * key);
1037 extern int shishi_as_rep_der (Shishi_as * as, char **out, size_t * outlen);
1038 extern int shishi_as_rep_der_set (Shishi_as * as, char *der, size_t derlen);
1039 extern Shishi_asn1 shishi_as_encasreppart (Shishi_as * as);
1040 extern void shishi_as_encasreppart_set (Shishi_as * as,
1041 Shishi_asn1 encasreppart);
1042 extern Shishi_asn1 shishi_as_krberror (Shishi_as * as);
1043 extern int shishi_as_krberror_der (Shishi_as * as, char **out,
1044 size_t * outlen);
1045 extern void shishi_as_krberror_set (Shishi_as * as, Shishi_asn1 krberror);
1046 extern Shishi_tkt *shishi_as_tkt (Shishi_as * as);
1047 extern void shishi_as_tkt_set (Shishi_as * as, Shishi_tkt * tkt);
1048 extern int shishi_as_sendrecv (Shishi_as * as);
1049 extern int shishi_as_sendrecv_hint (Shishi_as * as, Shishi_tkts_hint * hint);
1050 extern int shishi_as_rep_process (Shishi_as * as,
1051 Shishi_key * key, const char *password);
1052
1053 /* tgs.c */
1054 extern int shishi_tgs (Shishi * handle, Shishi_tgs ** tgs);
1055 extern void shishi_tgs_done (Shishi_tgs * tgs);
1056 extern Shishi_tkt *shishi_tgs_tgtkt (Shishi_tgs * tgs);
1057 extern void shishi_tgs_tgtkt_set (Shishi_tgs * tgs, Shishi_tkt * tgtkt);
1058 extern Shishi_ap *shishi_tgs_ap (Shishi_tgs * tgs);
1059 extern Shishi_asn1 shishi_tgs_req (Shishi_tgs * tgs);
1060 extern int shishi_tgs_req_der (Shishi_tgs * tgs, char **out, size_t * outlen);
1061 extern int shishi_tgs_req_der_set (Shishi_tgs * tgs, char *der,
1062 size_t derlen);
1063 extern void shishi_tgs_req_set (Shishi_tgs * tgs, Shishi_asn1 tgsreq);
1064 extern int shishi_tgs_req_build (Shishi_tgs * tgs);
1065 extern int shishi_tgs_req_process (Shishi_tgs * tgs);
1066 extern Shishi_asn1 shishi_tgs_rep (Shishi_tgs * tgs);
1067 extern int shishi_tgs_rep_der (Shishi_tgs * tgs, char **out, size_t * outlen);
1068 extern int shishi_tgs_rep_build (Shishi_tgs * tgs, int keyusage,
1069 Shishi_key * key);
1070 extern int shishi_tgs_rep_process (Shishi_tgs * tgs);
1071 extern Shishi_asn1 shishi_tgs_krberror (Shishi_tgs * tgs);
1072 extern int shishi_tgs_krberror_der (Shishi_tgs * tgs, char **out,
1073 size_t * outlen);
1074 extern void shishi_tgs_krberror_set (Shishi_tgs * tgs, Shishi_asn1 krberror);
1075 extern Shishi_tkt *shishi_tgs_tkt (Shishi_tgs * tgs);
1076 extern void shishi_tgs_tkt_set (Shishi_tgs * tgs, Shishi_tkt * tkt);
1077 extern int shishi_tgs_sendrecv (Shishi_tgs * tgs);
1078 extern int shishi_tgs_sendrecv_hint (Shishi_tgs * tgs,
1079 Shishi_tkts_hint * hint);
1080 extern int shishi_tgs_set_server (Shishi_tgs * tgs, const char *server);
1081 extern int shishi_tgs_set_realm (Shishi_tgs * tgs, const char *realm);
1082 extern int shishi_tgs_set_realmserver (Shishi_tgs * tgs,
1083 const char *realm, const char *server);
1084
1085 /* kdcreq.c */
1086 extern int shishi_kdcreq (Shishi * handle, char *realm,
1087 char *service, Shishi_asn1 * req);
1088 extern Shishi_asn1 shishi_asreq (Shishi * handle);
1089 extern Shishi_asn1 shishi_asreq_rsc (Shishi * handle, char *realm,
1090 char *server, char *client);
1091 extern Shishi_asn1 shishi_tgsreq (Shishi * handle);
1092 extern Shishi_asn1 shishi_tgsreq_rst (Shishi * handle, char *realm,
1093 char *server, Shishi_tkt * tkt);
1094 extern int shishi_kdcreq_save (Shishi * handle, FILE * fh,
1095 Shishi_asn1 kdcreq);
1096 extern int shishi_kdcreq_print (Shishi * handle, FILE * fh,
1097 Shishi_asn1 kdcreq);
1098 extern int shishi_kdcreq_to_file (Shishi * handle, Shishi_asn1 kdcreq,
1099 int filetype, const char *filename);
1100 extern int shishi_kdcreq_parse (Shishi * handle, FILE * fh,
1101 Shishi_asn1 * kdcreq);
1102 extern int shishi_kdcreq_read (Shishi * handle, FILE * fh,
1103 Shishi_asn1 * kdcreq);
1104 extern int shishi_kdcreq_from_file (Shishi * handle, Shishi_asn1 * kdcreq,
1105 int filetype, const char *filename);
1106 extern int shishi_asreq_clientrealm (Shishi * handle,
1107 Shishi_asn1 asreq,
1108 char **client, size_t * clientlen);
1109 extern int shishi_kdcreq_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1110 uint32_t * nonce);
1111 extern int shishi_kdcreq_nonce_set (Shishi * handle,
1112 Shishi_asn1 kdcreq, uint32_t nonce);
1113 extern int shishi_kdcreq_client (Shishi * handle, Shishi_asn1 kdcreq,
1114 char **client, size_t * clientlen);
1115 extern int shishi_kdcreq_set_cname (Shishi * handle, Shishi_asn1 kdcreq,
1116 Shishi_name_type name_type,
1117 const char *principal);
1118 extern int shishi_kdcreq_server (Shishi * handle, Shishi_asn1 kdcreq,
1119 char **server, size_t * serverlen);
1120 extern int shishi_kdcreq_set_sname (Shishi * handle, Shishi_asn1 kdcreq,
1121 Shishi_name_type name_type,
1122 const char *sname[]);
1123 extern int shishi_kdcreq_realm (Shishi * handle, Shishi_asn1 kdcreq,
1124 char **realm, size_t * realmlen);
1125 extern int shishi_kdcreq_realm_get (Shishi * handle, Shishi_asn1 kdcreq,
1126 char **realm, size_t * realmlen);
1127 extern int shishi_kdcreq_set_realm (Shishi * handle, Shishi_asn1 kdcreq,
1128 const char *realm);
1129 extern int shishi_kdcreq_set_server (Shishi * handle, Shishi_asn1 req,
1130 const char *service);
1131 extern int shishi_kdcreq_set_realmserver (Shishi * handle, Shishi_asn1 req,
1132 char *realm, char *service);
1133 extern int shishi_kdcreq_till (Shishi * handle, Shishi_asn1 kdcreq,
1134 char **till, size_t * tilllen);
1135 extern time_t shishi_kdcreq_tillc (Shishi * handle, Shishi_asn1 kdcreq);
1136 extern int shishi_kdcreq_etype (Shishi * handle, Shishi_asn1 kdcreq,
1137 int32_t * etype, int netype);
1138 extern int shishi_kdcreq_set_etype (Shishi * handle, Shishi_asn1 kdcreq,
1139 int32_t * etype, int netype);
1140 extern int shishi_kdcreq_options (Shishi * handle, Shishi_asn1 kdcreq,
1141 uint32_t * flags);
1142 extern int shishi_kdcreq_forwardable_p (Shishi * handle, Shishi_asn1 kdcreq);
1143 extern int shishi_kdcreq_forwarded_p (Shishi * handle, Shishi_asn1 kdcreq);
1144 extern int shishi_kdcreq_proxiable_p (Shishi * handle, Shishi_asn1 kdcreq);
1145 extern int shishi_kdcreq_proxy_p (Shishi * handle, Shishi_asn1 kdcreq);
1146 extern int shishi_kdcreq_allow_postdate_p (Shishi * handle,
1147 Shishi_asn1 kdcreq);
1148 extern int shishi_kdcreq_postdated_p (Shishi * handle, Shishi_asn1 kdcreq);
1149 extern int shishi_kdcreq_renewable_p (Shishi * handle, Shishi_asn1 kdcreq);
1150 extern int shishi_kdcreq_disable_transited_check_p (Shishi * handle,
1151 Shishi_asn1 kdcreq);
1152 extern int shishi_kdcreq_renewable_ok_p (Shishi * handle, Shishi_asn1 kdcreq);
1153 extern int shishi_kdcreq_enc_tkt_in_skey_p (Shishi * handle,
1154 Shishi_asn1 kdcreq);
1155 extern int shishi_kdcreq_renew_p (Shishi * handle, Shishi_asn1 kdcreq);
1156 extern int shishi_kdcreq_validate_p (Shishi * handle, Shishi_asn1 kdcreq);
1157 extern int shishi_kdcreq_options_set (Shishi * handle, Shishi_asn1 kdcreq,
1158 uint32_t options);
1159 extern int shishi_kdcreq_options_add (Shishi * handle, Shishi_asn1 kdcreq,
1160 uint32_t option);
1161 extern int shishi_kdcreq_clear_padata (Shishi * handle, Shishi_asn1 kdcreq);
1162 extern int shishi_kdcreq_get_padata (Shishi * handle,
1163 Shishi_asn1 kdcreq,
1164 Shishi_padata_type padatatype,
1165 char **out, size_t * outlen);
1166 extern int shishi_kdcreq_get_padata_tgs (Shishi * handle,
1167 Shishi_asn1 kdcreq,
1168 Shishi_asn1 * apreq);
1169 extern int shishi_kdcreq_add_padata (Shishi * handle,
1170 Shishi_asn1 kdcreq,
1171 int padatatype,
1172 const char *data, size_t datalen);
1173 extern int shishi_kdcreq_add_padata_tgs (Shishi * handle,
1174 Shishi_asn1 kdcreq,
1175 Shishi_asn1 apreq);
1176 extern int shishi_kdcreq_add_padata_preauth (Shishi * handle,
1177 Shishi_asn1 kdcreq,
1178 Shishi_key *key);
1179 extern int shishi_kdcreq_build (Shishi * handle, Shishi_asn1 kdcreq);
1180
1181 /* kdc.c */
1182 extern int shishi_as_derive_salt (Shishi * handle,
1183 Shishi_asn1 asreq,
1184 Shishi_asn1 asrep,
1185 char **salt, size_t * saltlen);
1186 extern int shishi_tgs_process (Shishi * handle,
1187 Shishi_asn1 tgsreq,
1188 Shishi_asn1 tgsrep,
1189 Shishi_asn1 authenticator,
1190 Shishi_asn1 oldenckdcreppart,
1191 Shishi_asn1 * enckdcreppart);
1192 extern int shishi_as_process (Shishi * handle, Shishi_asn1 asreq,
1193 Shishi_asn1 asrep,
1194 const char *string,
1195 Shishi_asn1 * enckdcreppart);
1196 extern int shishi_kdc_process (Shishi * handle, Shishi_asn1 kdcreq,
1197 Shishi_asn1 kdcrep, Shishi_key * key,
1198 int keyusage, Shishi_asn1 * enckdcreppart);
1199 extern int shishi_kdcreq_sendrecv (Shishi * handle, Shishi_asn1 kdcreq,
1200 Shishi_asn1 * kdcrep);
1201 extern int shishi_kdcreq_sendrecv_hint (Shishi * handle,
1202 Shishi_asn1 kdcreq,
1203 Shishi_asn1 * kdcrep,
1204 Shishi_tkts_hint * hint);
1205 extern int shishi_kdc_copy_crealm (Shishi * handle, Shishi_asn1 kdcrep,
1206 Shishi_asn1 encticketpart);
1207 extern int shishi_as_check_crealm (Shishi * handle, Shishi_asn1 asreq,
1208 Shishi_asn1 asrep);
1209 extern int shishi_kdc_copy_cname (Shishi * handle, Shishi_asn1 kdcrep,
1210 Shishi_asn1 encticketpart);
1211 extern int shishi_as_check_cname (Shishi * handle, Shishi_asn1 asreq,
1212 Shishi_asn1 asrep);
1213 extern int shishi_kdc_copy_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1214 Shishi_asn1 enckdcreppart);
1215 extern int shishi_kdc_check_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1216 Shishi_asn1 enckdcreppart);
1217
1218 /* kdcrep.c */
1219 extern Shishi_asn1 shishi_asrep (Shishi * handle);
1220 extern Shishi_asn1 shishi_tgsrep (Shishi * handle);
1221 extern int shishi_kdcrep_save (Shishi * handle, FILE * fh,
1222 Shishi_asn1 kdcrep);
1223 extern int shishi_kdcrep_print (Shishi * handle, FILE * fh,
1224 Shishi_asn1 kdcrep);
1225 extern int shishi_kdcrep_to_file (Shishi * handle, Shishi_asn1 kdcrep,
1226 int filetype, const char *filename);
1227 extern int shishi_kdcrep_parse (Shishi * handle, FILE * fh,
1228 Shishi_asn1 * kdcrep);
1229 extern int shishi_kdcrep_read (Shishi * handle, FILE * fh,
1230 Shishi_asn1 * kdcrep);
1231 extern int shishi_kdcrep_from_file (Shishi * handle, Shishi_asn1 * kdcrep,
1232 int filetype, const char *filename);
1233 extern int shishi_kdcrep_clear_padata (Shishi * handle, Shishi_asn1 kdcrep);
1234 extern int shishi_kdcrep_get_enc_part_etype (Shishi * handle,
1235 Shishi_asn1 kdcrep,
1236 int32_t * etype);
1237 extern int shishi_kdcrep_add_enc_part (Shishi * handle,
1238 Shishi_asn1 kdcrep,
1239 Shishi_key * key,
1240 int keyusage,
1241 Shishi_asn1 enckdcreppart);
1242 extern int shishi_kdcrep_get_ticket (Shishi * handle,
1243 Shishi_asn1 kdcrep,
1244 Shishi_asn1 * ticket);
1245 extern int shishi_kdcrep_set_ticket (Shishi * handle, Shishi_asn1 kdcrep,
1246 Shishi_asn1 ticket);
1247 extern int shishi_kdcrep_crealm_set (Shishi * handle,
1248 Shishi_asn1 kdcrep, const char *crealm);
1249 extern int shishi_kdcrep_cname_set (Shishi * handle,
1250 Shishi_asn1 kdcrep,
1251 Shishi_name_type name_type,
1252 const char *cname[]);
1253 extern int shishi_kdcrep_client_set (Shishi * handle, Shishi_asn1 kdcrep,
1254 const char *client);
1255 extern int shishi_kdcrep_crealmserver_set (Shishi * handle,
1256 Shishi_asn1 kdcrep,
1257 const char *crealm,
1258 const char *client);
1259 extern int shishi_kdcrep_set_enc_part (Shishi * handle, Shishi_asn1 kdcrep,
1260 int32_t etype, uint32_t kvno,
1261 const char *buf, size_t buflen);
1262 extern int shishi_kdcrep_decrypt (Shishi * handle,
1263 Shishi_asn1 kdcrep,
1264 Shishi_key * key,
1265 int keyusage, Shishi_asn1 * enckdcreppart);
1266
1267 /* enckdcreppart.c */
1268 extern Shishi_asn1 shishi_enckdcreppart (Shishi * handle);
1269 extern Shishi_asn1 shishi_encasreppart (Shishi * handle);
1270 extern int shishi_enckdcreppart_get_key (Shishi * handle,
1271 Shishi_asn1 enckdcreppart,
1272 Shishi_key ** key);
1273 extern int shishi_enckdcreppart_key_set (Shishi * handle,
1274 Shishi_asn1 enckdcreppart,
1275 Shishi_key * key);
1276 extern int shishi_enckdcreppart_nonce_set (Shishi * handle,
1277 Shishi_asn1 enckdcreppart,
1278 uint32_t nonce);
1279 extern int shishi_enckdcreppart_flags_set (Shishi * handle,
1280 Shishi_asn1 enckdcreppart,
1281 int flags);
1282 extern int shishi_enckdcreppart_authtime_set (Shishi * handle,
1283 Shishi_asn1 enckdcreppart,
1284 const char *authtime);
1285 extern int shishi_enckdcreppart_starttime_set (Shishi * handle,
1286 Shishi_asn1 enckdcreppart,
1287 const char *starttime);
1288 extern int shishi_enckdcreppart_endtime_set (Shishi * handle,
1289 Shishi_asn1 enckdcreppart,
1290 const char *endtime);
1291 extern int shishi_enckdcreppart_renew_till_set (Shishi * handle,
1292 Shishi_asn1 enckdcreppart,
1293 const char *renew_till);
1294 extern int shishi_enckdcreppart_srealm_set (Shishi * handle,
1295 Shishi_asn1 enckdcreppart,
1296 const char *srealm);
1297 extern int shishi_enckdcreppart_sname_set (Shishi * handle,
1298 Shishi_asn1 enckdcreppart,
1299 Shishi_name_type name_type,
1300 char *sname[]);
1301 extern int shishi_enckdcreppart_server_set (Shishi * handle,
1302 Shishi_asn1 enckdcreppart,
1303 const char *server);
1304 extern int shishi_enckdcreppart_srealmserver_set (Shishi * handle,
1305 Shishi_asn1 enckdcreppart,
1306 const char *srealm,
1307 const char *server);
1308 extern int
1309 shishi_enckdcreppart_populate_encticketpart (Shishi * handle,
1310 Shishi_asn1 enckdcreppart,
1311 Shishi_asn1 encticketpart);
1312
1313 /* krberror.c */
1314 extern Shishi_asn1 shishi_krberror (Shishi * handle);
1315 extern int shishi_krberror_print (Shishi * handle, FILE * fh,
1316 Shishi_asn1 krberror);
1317 extern int shishi_krberror_save (Shishi * handle, FILE * fh,
1318 Shishi_asn1 krberror);
1319 extern int shishi_krberror_to_file (Shishi * handle, Shishi_asn1 krberror,
1320 int filetype, const char *filename);
1321 extern int shishi_krberror_parse (Shishi * handle, FILE * fh,
1322 Shishi_asn1 * krberror);
1323 extern int shishi_krberror_read (Shishi * handle, FILE * fh,
1324 Shishi_asn1 * krberror);
1325 extern int shishi_krberror_from_file (Shishi * handle, Shishi_asn1 * krberror,
1326 int filetype, const char *filename);
1327 extern int shishi_krberror_build (Shishi * handle, Shishi_asn1 krberror);
1328 extern int shishi_krberror_der (Shishi * handle,
1329 Shishi_asn1 krberror,
1330 char **out, size_t * outlen);
1331 extern int shishi_krberror_crealm (Shishi * handle,
1332 Shishi_asn1 krberror,
1333 char **realm, size_t * realmlen);
1334 extern int shishi_krberror_remove_crealm (Shishi * handle,
1335 Shishi_asn1 krberror);
1336 extern int shishi_krberror_set_crealm (Shishi * handle,
1337 Shishi_asn1 krberror,
1338 const char *crealm);
1339 extern int shishi_krberror_client (Shishi * handle,
1340 Shishi_asn1 krberror,
1341 char **client, size_t * clientlen);
1342 extern int shishi_krberror_set_cname (Shishi * handle,
1343 Shishi_asn1 krberror,
1344 Shishi_name_type name_type,
1345 const char *cname[]);
1346 extern int shishi_krberror_remove_cname (Shishi * handle,
1347 Shishi_asn1 krberror);
1348 extern int shishi_krberror_client_set (Shishi * handle,
1349 Shishi_asn1 krberror,
1350 const char *client);
1351 extern int shishi_krberror_realm (Shishi * handle,
1352 Shishi_asn1 krberror,
1353 char **realm, size_t * realmlen);
1354 extern int shishi_krberror_set_realm (Shishi * handle,
1355 Shishi_asn1 krberror,
1356 const char *realm);
1357 extern int shishi_krberror_server (Shishi * handle,
1358 Shishi_asn1 krberror,
1359 char **server, size_t *serverlen);
1360 extern int shishi_krberror_remove_sname (Shishi * handle,
1361 Shishi_asn1 krberror);
1362 extern int shishi_krberror_set_sname (Shishi * handle,
1363 Shishi_asn1 krberror,
1364 Shishi_name_type name_type,
1365 const char *sname[]);
1366 extern int shishi_krberror_server_set (Shishi * handle,
1367 Shishi_asn1 krberror,
1368 const char *server);
1369 extern int shishi_krberror_ctime (Shishi * handle,
1370 Shishi_asn1 krberror, char **t);
1371 extern int shishi_krberror_ctime_set (Shishi * handle,
1372 Shishi_asn1 krberror, const char *t);
1373 extern int shishi_krberror_remove_ctime (Shishi * handle,
1374 Shishi_asn1 krberror);
1375 extern int shishi_krberror_cusec (Shishi * handle, Shishi_asn1 krberror,
1376 uint32_t * cusec);
1377 extern int shishi_krberror_cusec_set (Shishi * handle, Shishi_asn1 krberror,
1378 uint32_t cusec);
1379 extern int shishi_krberror_remove_cusec (Shishi * handle,
1380 Shishi_asn1 krberror);
1381 extern int shishi_krberror_stime (Shishi * handle, Shishi_asn1 krberror,
1382 char **t);
1383 extern int shishi_krberror_stime_set (Shishi * handle, Shishi_asn1 krberror,
1384 const char *t);
1385 extern int shishi_krberror_susec (Shishi * handle, Shishi_asn1 krberror,
1386 uint32_t * susec);
1387 extern int shishi_krberror_susec_set (Shishi * handle, Shishi_asn1 krberror,
1388 uint32_t susec);
1389 extern int shishi_krberror_errorcode_set (Shishi * handle,
1390 Shishi_asn1 krberror,
1391 int errorcode);
1392 extern int shishi_krberror_etext (Shishi * handle, Shishi_asn1 krberror,
1393 char **etext, size_t * etextlen);
1394 extern int shishi_krberror_set_etext (Shishi * handle, Shishi_asn1 krberror,
1395 const char *etext);
1396 extern int shishi_krberror_remove_etext (Shishi * handle,
1397 Shishi_asn1 krberror);
1398 extern int shishi_krberror_edata (Shishi * handle, Shishi_asn1 krberror,
1399 char **edata, size_t * edatalen);
1400 extern int shishi_krberror_set_edata (Shishi * handle, Shishi_asn1 krberror,
1401 const char *edata);
1402 extern int shishi_krberror_remove_edata (Shishi * handle,
1403 Shishi_asn1 krberror);
1404 extern int shishi_krberror_errorcode (Shishi * handle, Shishi_asn1 krberror,
1405 int *errorcode);
1406 extern int shishi_krberror_errorcode_fast (Shishi * handle,
1407 Shishi_asn1 krberror);
1408 extern int shishi_krberror_pretty_print (Shishi * handle, FILE * fh,
1409 Shishi_asn1 krberror);
1410 extern const char *shishi_krberror_errorcode_message (Shishi * handle,
1411 int errorcode);
1412 extern const char *shishi_krberror_message (Shishi * handle,
1413 Shishi_asn1 krberror);
1414 extern int shishi_krberror_methoddata (Shishi * handle,
1415 Shishi_asn1 krberror,
1416 Shishi_asn1 *methoddata);
1417
1418 /* gztime.c */
1419 extern const char *shishi_generalize_time (Shishi * handle, time_t t);
1420 extern const char *shishi_generalize_now (Shishi * handle);
1421 extern time_t shishi_generalize_ctime (Shishi * handle, const char *t);
1422 extern int shishi_time (Shishi * handle, Shishi_asn1 node,
1423 const char *field, char **t);
1424 extern int shishi_ctime (Shishi * handle, Shishi_asn1 node,
1425 const char *field, time_t *t);
1426
1427 /* nettle.c, libgcrypt.c, ... */
1428 extern int shishi_randomize (Shishi * handle, int strong,
1429 void *data, size_t datalen);
1430 extern int shishi_crc (Shishi * handle, const char *in, size_t inlen,
1431 char *out[4]);
1432 extern int shishi_md4 (Shishi * handle, const char *in, size_t inlen,
1433 char *out[16]);
1434 extern int shishi_md5 (Shishi * handle, const char *in, size_t inlen,
1435 char *out[16]);
1436 extern int shishi_hmac_md5 (Shishi * handle, const char *key, size_t keylen,
1437 const char *in, size_t inlen, char *outhash[16]);
1438 extern int shishi_hmac_sha1 (Shishi * handle, const char *key, size_t keylen,
1439 const char *in, size_t inlen, char *outhash[20]);
1440 extern int shishi_des_cbc_mac (Shishi * handle, const char key[8],
1441 const char iv[8], const char *in, size_t inlen,
1442 char *out[8]);
1443 extern int shishi_arcfour (Shishi * handle, int decryptp,
1444 const char *key, size_t keylen,
1445 const char iv[258], char *ivout[258],
1446 const char *in, size_t inlen, char **out);
1447 extern int shishi_des (Shishi * handle, int decryptp, const char key[8],
1448 const char iv[8], char *ivout[8],
1449 const char *in, size_t inlen, char **out);
1450 extern int shishi_3des (Shishi * handle, int decryptp, const char key[24],
1451 const char iv[8], char *ivout[8],
1452 const char *in, size_t inlen, char **out);
1453 extern int shishi_aes_cts (Shishi * handle, int decryptp,
1454 const char *key, size_t keylen,
1455 const char iv[16], char *ivout[16],
1456 const char *in, size_t inlen, char **out);
1457
1458 /* crypto.c */
1459 extern int shishi_cipher_supported_p (int type);
1460 extern const char *shishi_cipher_name (int type);
1461 extern int shishi_cipher_blocksize (int type);
1462 extern int shishi_cipher_confoundersize (int type);
1463 extern size_t shishi_cipher_keylen (int type);
1464 extern size_t shishi_cipher_randomlen (int type);
1465 extern int shishi_cipher_defaultcksumtype (int32_t type);
1466 extern int shishi_cipher_parse (const char *cipher);
1467 extern int shishi_checksum_supported_p (int32_t type);
1468 extern const char *shishi_checksum_name (int32_t type);
1469 extern size_t shishi_checksum_cksumlen (int32_t type);
1470 extern int shishi_checksum_parse (const char *checksum);
1471 extern int shishi_string_to_key (Shishi * handle,
1472 int32_t keytype,
1473 const char *password, size_t passwordlen,
1474 const char *salt, size_t saltlen,
1475 const char *parameter, Shishi_key * outkey);
1476 extern int shishi_random_to_key (Shishi * handle,
1477 int32_t keytype,
1478 const char *rnd,
1479 size_t rndlen, Shishi_key * outkey);
1480 extern int shishi_encrypt_ivupdate_etype (Shishi * handle,
1481 Shishi_key * key,
1482 int keyusage,
1483 int32_t etype,
1484 const char *iv, size_t ivlen,
1485 char **ivout, size_t * ivoutlen,
1486 const char *in, size_t inlen,
1487 char **out, size_t * outlen);
1488 extern int shishi_encrypt_iv_etype (Shishi * handle,
1489 Shishi_key * key,
1490 int keyusage,
1491 int32_t etype,
1492 const char *iv, size_t ivlen,
1493 const char *in, size_t inlen,
1494 char **out, size_t * outlen);
1495 extern int shishi_encrypt_etype (Shishi * handle,
1496 Shishi_key * key,
1497 int keyusage,
1498 int32_t etype,
1499 const char *in, size_t inlen,
1500 char **out, size_t * outlen);
1501 extern int shishi_encrypt_ivupdate (Shishi * handle,
1502 Shishi_key * key,
1503 int keyusage,
1504 const char *iv, size_t ivlen,
1505 char **ivout, size_t * ivoutlen,
1506 const char *in, size_t inlen,
1507 char **out, size_t * outlen);
1508 extern int shishi_encrypt_iv (Shishi * handle,
1509 Shishi_key * key,
1510 int keyusage,
1511 const char *iv, size_t ivlen,
1512 const char *in, size_t inlen,
1513 char **out, size_t * outlen);
1514 extern int shishi_encrypt (Shishi * handle,
1515 Shishi_key * key,
1516 int keyusage,
1517 char *in, size_t inlen,
1518 char **out, size_t * outlen);
1519 extern int shishi_decrypt_ivupdate_etype (Shishi * handle,
1520 Shishi_key * key,
1521 int keyusage,
1522 int32_t etype,
1523 const char *iv, size_t ivlen,
1524 char **ivout, size_t * ivoutlen,
1525 const char *in, size_t inlen,
1526 char **out, size_t * outlen);
1527 extern int shishi_decrypt_iv_etype (Shishi * handle,
1528 Shishi_key * key,
1529 int keyusage,
1530 int32_t etype,
1531 const char *iv, size_t ivlen,
1532 const char *in, size_t inlen,
1533 char **out, size_t * outlen);
1534 extern int shishi_decrypt_etype (Shishi * handle,
1535 Shishi_key * key,
1536 int keyusage,
1537 int32_t etype,
1538 const char *in, size_t inlen,
1539 char **out, size_t * outlen);
1540 extern int shishi_decrypt_ivupdate (Shishi * handle,
1541 Shishi_key * key,
1542 int keyusage,
1543 const char *iv, size_t ivlen,
1544 char **ivout, size_t * ivoutlen,
1545 const char *in, size_t inlen,
1546 char **out, size_t * outlen);
1547 extern int shishi_decrypt_iv (Shishi * handle,
1548 Shishi_key * key,
1549 int keyusage,
1550 const char *iv, size_t ivlen,
1551 const char *in, size_t inlen,
1552 char **out, size_t * outlen);
1553 extern int shishi_decrypt (Shishi * handle,
1554 Shishi_key * key,
1555 int keyusage,
1556 const char *in, size_t inlen,
1557 char **out, size_t * outlen);
1558 extern int shishi_checksum (Shishi * handle,
1559 Shishi_key * key,
1560 int keyusage,
1561 int32_t cksumtype,
1562 const char *in, size_t inlen,
1563 char **out, size_t * outlen);
1564 extern int shishi_verify (Shishi * handle,
1565 Shishi_key * key,
1566 int keyusage,
1567 int cksumtype,
1568 const char *in, size_t inlen,
1569 const char *cksum, size_t cksumlen);
1570 extern int shishi_dk (Shishi * handle,
1571 Shishi_key * key,
1572 const char *prfconstant, size_t prfconstantlen,
1573 Shishi_key * derivedkey);
1574 extern int shishi_dr (Shishi * handle,
1575 Shishi_key * key,
1576 const char *prfconstant, size_t prfconstantlen,
1577 char *derivedrandom, size_t derivedrandomlen);
1578 extern int shishi_n_fold (Shishi * handle, const char *in, size_t inlen,
1579 char *out, size_t outlen);
1580 extern int shishi_pbkdf2_sha1 (Shishi * handle,
1581 const char *P, size_t Plen,
1582 const char *S, size_t Slen,
1583 unsigned int c, unsigned int dkLen, char *DK);
1584
1585 /* crypto-ctx.c */
1586 extern Shishi_crypto *shishi_crypto (Shishi * handle,
1587 Shishi_key * key, int keyusage,
1588 int32_t etype,
1589 const char *iv, size_t ivlen);
1590 extern void shishi_crypto_close (Shishi_crypto * ctx);
1591 extern int shishi_crypto_encrypt (Shishi_crypto * ctx,
1592 const char *in, size_t inlen,
1593 char **out, size_t * outlen);
1594 extern int shishi_crypto_decrypt (Shishi_crypto * ctx,
1595 const char *in, size_t inlen,
1596 char **out, size_t * outlen);
1597
1598 /* version.c */
1599 extern const char *shishi_check_version (const char *req_version);
1600
1601 /* password.c */
1602 extern int
1603 shishi_prompt_password (Shishi * handle, char **s, const char *format, ...);
1604
1605 /* asn1.c */
1606 extern int shishi_asn1_number_of_elements (Shishi * handle,
1607 Shishi_asn1 node,
1608 const char *field, size_t * n);
1609 extern int shishi_asn1_empty_p (Shishi * handle, Shishi_asn1 node,
1610 const char *field);
1611
1612 extern int shishi_asn1_read (Shishi * handle, Shishi_asn1 node,
1613 const char *field,
1614 char **data, size_t * datalen);
1615 extern int shishi_asn1_read_inline (Shishi * handle, Shishi_asn1 node,
1616 const char *field,
1617 char *data, size_t * datalen);
1618 extern int shishi_asn1_read_integer (Shishi * handle, Shishi_asn1 node,
1619 const char *field, int *i);
1620 extern int shishi_asn1_read_int32 (Shishi * handle, Shishi_asn1 node,
1621 const char *field, int32_t * i);
1622 extern int shishi_asn1_read_uint32 (Shishi * handle, Shishi_asn1 node,
1623 const char *field, uint32_t * i);
1624 extern int shishi_asn1_read_bitstring (Shishi * handle, Shishi_asn1 node,
1625 const char *field, uint32_t * flags);
1626 extern int shishi_asn1_read_optional (Shishi * handle,
1627 Shishi_asn1 node, const char *field,
1628 char **data, size_t * datalen);
1629
1630 extern int shishi_asn1_write (Shishi * handle, Shishi_asn1 node,
1631 const char *field,
1632 const char *data, size_t datalen);
1633 extern int shishi_asn1_write_integer (Shishi * handle, Shishi_asn1 node,
1634 const char *field, int n);
1635 extern int shishi_asn1_write_int32 (Shishi * handle, Shishi_asn1 node,
1636 const char *field, int32_t n);
1637 extern int shishi_asn1_write_uint32 (Shishi * handle, Shishi_asn1 node,
1638 const char *field, uint32_t n);
1639 extern int shishi_asn1_write_bitstring (Shishi * handle, Shishi_asn1 node,
1640 const char *field, uint32_t flags);
1641
1642 extern void shishi_asn1_done (Shishi * handle, Shishi_asn1 node);
1643
1644 extern Shishi_asn1 shishi_asn1_pa_enc_ts_enc (Shishi * handle);
1645 extern Shishi_asn1 shishi_asn1_encrypteddata (Shishi * handle);
1646 extern Shishi_asn1 shishi_asn1_padata (Shishi * handle);
1647 extern Shishi_asn1 shishi_asn1_methoddata (Shishi * handle);
1648 extern Shishi_asn1 shishi_asn1_etype_info (Shishi * handle);
1649 extern Shishi_asn1 shishi_asn1_etype_info2 (Shishi * handle);
1650 extern Shishi_asn1 shishi_asn1_asreq (Shishi * handle);
1651 extern Shishi_asn1 shishi_asn1_asrep (Shishi * handle);
1652 extern Shishi_asn1 shishi_asn1_tgsreq (Shishi * handle);
1653 extern Shishi_asn1 shishi_asn1_tgsrep (Shishi * handle);
1654 extern Shishi_asn1 shishi_asn1_apreq (Shishi * handle);
1655 extern Shishi_asn1 shishi_asn1_aprep (Shishi * handle);
1656 extern Shishi_asn1 shishi_asn1_ticket (Shishi * handle);
1657 extern Shishi_asn1 shishi_asn1_encapreppart (Shishi * handle);
1658 extern Shishi_asn1 shishi_asn1_encticketpart (Shishi * handle);
1659 extern Shishi_asn1 shishi_asn1_authenticator (Shishi * handle);
1660 extern Shishi_asn1 shishi_asn1_enckdcreppart (Shishi * handle);
1661 extern Shishi_asn1 shishi_asn1_encasreppart (Shishi * handle);
1662 extern Shishi_asn1 shishi_asn1_krberror (Shishi * handle);
1663 extern Shishi_asn1 shishi_asn1_krbsafe (Shishi * handle);
1664 extern Shishi_asn1 shishi_asn1_priv (Shishi * handle);
1665 extern Shishi_asn1 shishi_asn1_encprivpart (Shishi * handle);
1666
1667 extern int shishi_asn1_to_der (Shishi * handle, Shishi_asn1 node,
1668 char **der, size_t * len);
1669 extern int shishi_asn1_to_der_field (Shishi * handle, Shishi_asn1 node,
1670 const char *field, char **der, size_t * len);
1671
1672 extern Shishi_msgtype shishi_asn1_msgtype (Shishi * handle, Shishi_asn1 node);
1673 extern Shishi_msgtype shishi_der_msgtype (Shishi * handle,
1674 const char *der, size_t derlen);
1675
1676 extern Shishi_asn1 shishi_der2asn1 (Shishi * handle,
1677 const char *der, size_t derlen);
1678 extern Shishi_asn1 shishi_der2asn1_padata (Shishi * handle,
1679 const char *der, size_t derlen);
1680 extern Shishi_asn1 shishi_der2asn1_methoddata (Shishi * handle,
1681 const char *der, size_t derlen);
1682 extern Shishi_asn1 shishi_der2asn1_etype_info (Shishi * handle,
1683 const char *der,
1684 size_t derlen);
1685 extern Shishi_asn1 shishi_der2asn1_etype_info2 (Shishi * handle,
1686 const char *der,
1687 size_t derlen);
1688 extern Shishi_asn1 shishi_der2asn1_ticket (Shishi * handle,
1689 const char *der, size_t derlen);
1690 extern Shishi_asn1 shishi_der2asn1_encticketpart (Shishi * handle,
1691 const char *der,
1692 size_t derlen);
1693 extern Shishi_asn1 shishi_der2asn1_asreq (Shishi * handle,
1694 const char *der, size_t derlen);
1695 extern Shishi_asn1 shishi_der2asn1_tgsreq (Shishi * handle,
1696 const char *der, size_t derlen);
1697 extern Shishi_asn1 shishi_der2asn1_asrep (Shishi * handle,
1698 const char *der, size_t derlen);
1699 extern Shishi_asn1 shishi_der2asn1_tgsrep (Shishi * handle,
1700 const char *der, size_t derlen);
1701 extern Shishi_asn1 shishi_der2asn1_kdcrep (Shishi * handle,
1702 const char *der, size_t derlen);
1703 extern Shishi_asn1 shishi_der2asn1_kdcreq (Shishi * handle,
1704 const char *der, size_t derlen);
1705 extern Shishi_asn1 shishi_der2asn1_apreq (Shishi * handle,
1706 const char *der, size_t derlen);
1707 extern Shishi_asn1 shishi_der2asn1_aprep (Shishi * handle,
1708 const char *der, size_t derlen);
1709 extern Shishi_asn1 shishi_der2asn1_authenticator (Shishi * handle,
1710 const char *der,
1711 size_t derlen);
1712 extern Shishi_asn1 shishi_der2asn1_krberror (Shishi * handle,
1713 const char *der, size_t derlen);
1714 extern Shishi_asn1 shishi_der2asn1_krbsafe (Shishi * handle,
1715 const char *der, size_t derlen);
1716 extern Shishi_asn1 shishi_der2asn1_priv (Shishi * handle,
1717 const char *der, size_t derlen);
1718 extern Shishi_asn1 shishi_der2asn1_encasreppart (Shishi * handle,
1719 const char *der,
1720 size_t derlen);
1721 extern Shishi_asn1 shishi_der2asn1_enctgsreppart (Shishi * handle,
1722 const char *der,
1723 size_t derlen);
1724 extern Shishi_asn1 shishi_der2asn1_enckdcreppart (Shishi * handle,
1725 const char *der,
1726 size_t derlen);
1727 extern Shishi_asn1 shishi_der2asn1_encapreppart (Shishi * handle,
1728 const char *der,
1729 size_t derlen);
1730 extern Shishi_asn1 shishi_der2asn1_encprivpart (Shishi * handle,
1731 const char *der,
1732 size_t derlen);
1733
1734 /* ap.c */
1735 extern int shishi_ap (Shishi * handle, Shishi_ap ** ap);
1736 extern int shishi_ap_etype (Shishi * handle, Shishi_ap ** ap, int etype);
1737 extern int shishi_ap_nosubkey (Shishi * handle, Shishi_ap ** ap);
1738 extern void shishi_ap_done (Shishi_ap * ap);
1739 extern int shishi_ap_set_tktoptions (Shishi_ap * ap,
1740 Shishi_tkt * tkt, int options);
1741 extern int shishi_ap_tktoptions (Shishi * handle,
1742 Shishi_ap ** ap,
1743 Shishi_tkt * tkt, int options);
1744 extern int shishi_ap_etype_tktoptionsdata (Shishi * handle,
1745 Shishi_ap ** ap,
1746 int32_t etype,
1747 Shishi_tkt * tkt, int options,
1748 const char *data, size_t len);
1749 extern int shishi_ap_set_tktoptionsdata (Shishi_ap * ap,
1750 Shishi_tkt * tkt,
1751 int options,
1752 const char *data, size_t len);
1753 extern int shishi_ap_tktoptionsdata (Shishi * handle,
1754 Shishi_ap ** ap,
1755 Shishi_tkt * tkt,
1756 int options,
1757 const char *data, size_t len);
1758 extern int shishi_ap_set_tktoptionsraw (Shishi_ap * ap,
1759 Shishi_tkt * tkt,
1760 int options,
1761 int32_t cksumtype,
1762 const char *data, size_t len);
1763 extern int shishi_ap_tktoptionsraw (Shishi * handle,
1764 Shishi_ap ** ap,
1765 Shishi_tkt * tkt, int options,
1766 int32_t cksumtype,
1767 const char *data, size_t len);
1768 extern int shishi_ap_set_tktoptionsasn1usage (Shishi_ap * ap,
1769 Shishi_tkt * tkt,
1770 int options,
1771 Shishi_asn1 node,
1772 const char *field,
1773 int authenticatorcksumkeyusage,
1774 int authenticatorkeyusage);
1775 extern int shishi_ap_tktoptionsasn1usage (Shishi * handle,
1776 Shishi_ap ** ap,
1777 Shishi_tkt * tkt,
1778 int options,
1779 Shishi_asn1 node,
1780 const char *field,
1781 int authenticatorcksumkeyusage,
1782 int authenticatorkeyusage);
1783
1784 extern Shishi_tkt *shishi_ap_tkt (Shishi_ap * ap);
1785 extern void shishi_ap_tkt_set (Shishi_ap * ap, Shishi_tkt * tkt);
1786
1787 extern int shishi_ap_authenticator_cksumdata (Shishi_ap * ap,
1788 char *out, size_t * len);
1789 extern void
1790 shishi_ap_authenticator_cksumdata_set (Shishi_ap * ap,
1791 const char *authenticatorcksumdata,
1792 size_t authenticatorcksumdatalen);
1793 extern void
1794 shishi_ap_authenticator_cksumraw_set (Shishi_ap * ap,
1795 int32_t authenticatorcksumtype,
1796 const char *authenticatorcksumraw,
1797 size_t authenticatorcksumrawlen);
1798 extern int32_t shishi_ap_authenticator_cksumtype (Shishi_ap * ap);
1799 extern void shishi_ap_authenticator_cksumtype_set (Shishi_ap * ap,
1800 int32_t cksumtype);
1801
1802 extern Shishi_asn1 shishi_ap_authenticator (Shishi_ap * ap);
1803 extern void shishi_ap_authenticator_set (Shishi_ap * ap,
1804 Shishi_asn1 authenticator);
1805
1806 extern Shishi_asn1 shishi_ap_req (Shishi_ap * ap);
1807 extern void shishi_ap_req_set (Shishi_ap * ap, Shishi_asn1 apreq);
1808 extern int shishi_ap_req_der (Shishi_ap * ap, char **out, size_t * outlen);
1809 extern int shishi_ap_req_der_set (Shishi_ap * ap, char *der, size_t derlen);
1810 extern int shishi_ap_req_build (Shishi_ap * ap);
1811 extern int shishi_ap_req_asn1 (Shishi_ap * ap, Shishi_asn1 * apreq);
1812 extern Shishi_key *shishi_ap_key (Shishi_ap * ap);
1813 extern int shishi_ap_req_decode (Shishi_ap * ap);
1814 extern int shishi_ap_req_process (Shishi_ap * ap, Shishi_key * key);
1815 extern int shishi_ap_req_process_keyusage (Shishi_ap * ap,
1816 Shishi_key * key,
1817 int32_t keyusage);
1818
1819 extern Shishi_asn1 shishi_ap_rep (Shishi_ap * ap);
1820 extern void shishi_ap_rep_set (Shishi_ap * ap, Shishi_asn1 aprep);
1821 extern int shishi_ap_rep_der (Shishi_ap * ap, char **out, size_t * outlen);
1822 extern int shishi_ap_rep_der_set (Shishi_ap * ap, char *der, size_t derlen);
1823 extern int shishi_ap_rep_verify (Shishi_ap * ap);
1824 extern int shishi_ap_rep_verify_der (Shishi_ap * ap, char *der,
1825 size_t derlen);
1826 extern int shishi_ap_rep_verify_asn1 (Shishi_ap * ap, Shishi_asn1 aprep);
1827 extern int shishi_ap_rep_asn1 (Shishi_ap * ap, Shishi_asn1 * aprep);
1828 extern int shishi_ap_rep_build (Shishi_ap * ap);
1829
1830 extern Shishi_asn1 shishi_ap_encapreppart (Shishi_ap * ap);
1831 extern void shishi_ap_encapreppart_set (Shishi_ap * ap,
1832 Shishi_asn1 encapreppart);
1833
1834 extern const char *shishi_ap_option2string (Shishi_apoptions option);
1835 extern Shishi_apoptions shishi_ap_string2option (const char *str);
1836
1837 /* key.c */
1838 extern const char *shishi_key_principal (Shishi_key * key);
1839 extern void shishi_key_principal_set (Shishi_key * key,
1840 const char *principal);
1841 extern const char *shishi_key_realm (Shishi_key * key);
1842 extern void shishi_key_realm_set (Shishi_key * key, const char *realm);
1843 extern int shishi_key_type (Shishi_key * key);
1844 extern void shishi_key_type_set (Shishi_key * key, int32_t type);
1845 extern char *shishi_key_value (Shishi_key * key);
1846 extern void shishi_key_value_set (Shishi_key * key, const char *value);
1847 extern const char *shishi_key_name (Shishi_key * key);
1848 extern size_t shishi_key_length (Shishi_key * key);
1849 extern uint32_t shishi_key_version (Shishi_key * key);
1850 extern void shishi_key_version_set (Shishi_key * key, uint32_t kvno);
1851 extern int shishi_key (Shishi * handle, Shishi_key ** key);
1852 extern void shishi_key_done (Shishi_key * key);
1853 extern void shishi_key_copy (Shishi_key * dstkey, Shishi_key * srckey);
1854 extern int shishi_key_print (Shishi * handle, FILE * fh,
1855 const Shishi_key * key);
1856 extern int shishi_key_to_file (Shishi * handle,
1857 const char *filename, Shishi_key * key);
1858 extern int shishi_key_parse (Shishi * handle, FILE * fh, Shishi_key ** key);
1859 extern int shishi_key_random (Shishi * handle,
1860 int32_t type, Shishi_key ** key);
1861 extern int shishi_key_from_value (Shishi * handle,
1862 int32_t type,
1863 const char *value, Shishi_key ** key);
1864 extern int shishi_key_from_base64 (Shishi * handle,
1865 int32_t type,
1866 const char *value, Shishi_key ** key);
1867 extern int shishi_key_from_random (Shishi * handle,
1868 int32_t type,
1869 const char *rnd,
1870 size_t rndlen, Shishi_key ** outkey);
1871 extern int shishi_key_from_string (Shishi * handle,
1872 int32_t type,
1873 const char *password, size_t passwordlen,
1874 const char *salt, size_t saltlen,
1875 const char *parameter,
1876 Shishi_key ** outkey);
1877 extern int shishi_key_from_name (Shishi * handle,
1878 int32_t type,
1879 const char *name,
1880 const char *password, size_t passwordlen,
1881 const char *parameter,
1882 Shishi_key ** outkey);
1883
1884 /* keys.c */
1885 extern int shishi_keys (Shishi * handle, Shishi_keys ** keys);
1886 extern void shishi_keys_done (Shishi_keys ** keys);
1887 extern int shishi_keys_size (Shishi_keys * keys);
1888 extern const Shishi_key *shishi_keys_nth (Shishi_keys * keys, int keyno);
1889 extern void shishi_keys_remove (Shishi_keys * keys, int keyno);
1890 extern int shishi_keys_add (Shishi_keys * keys, Shishi_key * key);
1891
1892 extern int shishi_keys_add_keytab_mem (Shishi * handle,
1893 const char *data, size_t len,
1894 Shishi_keys *keys);
1895 extern int shishi_keys_add_keytab_file (Shishi * handle,
1896 const char *filename,
1897 Shishi_keys *keys);
1898 extern int shishi_keys_from_keytab_mem (Shishi * handle,
1899 const char *data, size_t len,
1900 Shishi_keys **outkeys);
1901 extern int shishi_keys_from_keytab_file (Shishi * handle,
1902 const char *filename,
1903 Shishi_keys **outkeys);
1904
1905 extern int shishi_keys_print (Shishi_keys * keys, FILE *fh);
1906 extern int shishi_keys_to_file (Shishi * handle,
1907 const char *filename,
1908 Shishi_keys * keys);
1909
1910 extern Shishi_key *shishi_keys_for_serverrealm_in_file (Shishi * handle,
1911 const char *filename,
1912 const char *server,
1913 const char *realm);
1914 extern Shishi_key *shishi_keys_for_server_in_file (Shishi * handle,
1915 const char *filename,
1916 const char *server);
1917 extern Shishi_key *shishi_keys_for_localservicerealm_in_file (Shishi * handle,
1918 const char
1919 *filename,
1920 const char
1921 *service,
1922 const char
1923 *realm);
1924
1925 /* hostkeys.c */
1926 extern const char *shishi_hostkeys_default_file (Shishi * handle);
1927 extern void shishi_hostkeys_default_file_set (Shishi * handle,
1928 const char *hostkeysfile);
1929 extern Shishi_key *shishi_hostkeys_for_server (Shishi * handle,
1930 const char *server);
1931 extern Shishi_key *shishi_hostkeys_for_serverrealm (Shishi * handle,
1932 const char *server,
1933 const char *realm);
1934 extern Shishi_key *shishi_hostkeys_for_localservicerealm (Shishi * handle,
1935 const char *service,
1936 const char *realm);
1937 extern Shishi_key *shishi_hostkeys_for_localservice (Shishi * handle,
1938 const char *service);
1939
1940 /* encapreppart.c */
1941 extern Shishi_asn1 shishi_encapreppart (Shishi * handle);
1942 extern int shishi_encapreppart_time_copy (Shishi * handle,
1943 Shishi_asn1 encapreppart,
1944 Shishi_asn1 authenticator);
1945 extern int shishi_encapreppart_ctime (Shishi * handle,
1946 Shishi_asn1 encapreppart, char **t);
1947 extern int shishi_encapreppart_ctime_set (Shishi * handle,
1948 Shishi_asn1 encapreppart,
1949 const char *t);
1950 extern int shishi_encapreppart_cusec_get (Shishi * handle,
1951 Shishi_asn1 encapreppart,
1952 uint32_t * cusec);
1953 extern int shishi_encapreppart_cusec_set (Shishi * handle,
1954 Shishi_asn1 encapreppart,
1955 uint32_t cusec);
1956 extern int shishi_encapreppart_print (Shishi * handle, FILE * fh,
1957 Shishi_asn1 encapreppart);
1958 extern int shishi_encapreppart_save (Shishi * handle, FILE * fh,
1959 Shishi_asn1 encapreppart);
1960 extern int shishi_encapreppart_to_file (Shishi * handle,
1961 Shishi_asn1 encapreppart,
1962 int filetype, const char *filename);
1963 extern int shishi_encapreppart_read (Shishi * handle, FILE * fh,
1964 Shishi_asn1 * encapreppart);
1965 extern int shishi_encapreppart_parse (Shishi * handle, FILE * fh,
1966 Shishi_asn1 * encapreppart);
1967 extern int shishi_encapreppart_from_file (Shishi * handle,
1968 Shishi_asn1 * encapreppart,
1969 int filetype, const char *filename);
1970 extern int shishi_encapreppart_get_key (Shishi * handle,
1971 Shishi_asn1 encapreppart,
1972 Shishi_key ** key);
1973 extern int shishi_encapreppart_seqnumber_get (Shishi * handle,
1974 Shishi_asn1 encapreppart,
1975 uint32_t * seqnumber);
1976 extern int shishi_encapreppart_seqnumber_remove (Shishi * handle,
1977 Shishi_asn1 encapreppart);
1978 extern int shishi_encapreppart_seqnumber_set (Shishi * handle,
1979 Shishi_asn1 encapreppart,
1980 uint32_t seqnumber);
1981
1982 /* apreq.c */
1983 extern Shishi_asn1 shishi_apreq (Shishi * handle);
1984 extern int shishi_apreq_parse (Shishi * handle, FILE * fh,
1985 Shishi_asn1 * apreq);
1986 extern int shishi_apreq_from_file (Shishi * handle, Shishi_asn1 * apreq,
1987 int filetype, const char *filename);
1988 extern int shishi_apreq_print (Shishi * handle, FILE * fh, Shishi_asn1 apreq);
1989 extern int shishi_apreq_to_file (Shishi * handle, Shishi_asn1 apreq,
1990 int filetype, const char *filename);
1991 extern int shishi_apreq_read (Shishi * handle, FILE * fh,
1992 Shishi_asn1 * apreq);
1993 extern int shishi_apreq_save (Shishi * handle, FILE * fh, Shishi_asn1 apreq);
1994 extern int shishi_apreq_set_ticket (Shishi * handle, Shishi_asn1 apreq,
1995 Shishi_asn1 ticket);
1996 extern int shishi_apreq_set_authenticator (Shishi * handle, Shishi_asn1 apreq,
1997 int32_t etype, uint32_t kvno,
1998 const char *buf, size_t buflen);
1999 extern int shishi_apreq_add_authenticator (Shishi * handle, Shishi_asn1 apreq,
2000 Shishi_key * key, int keyusage,
2001 Shishi_asn1 authenticator);
2002 extern int shishi_apreq_options (Shishi * handle, Shishi_asn1 apreq,
2003 uint32_t * flags);
2004 extern int shishi_apreq_use_session_key_p (Shishi * handle,
2005 Shishi_asn1 apreq);
2006 extern int shishi_apreq_mutual_required_p (Shishi * handle,
2007 Shishi_asn1 apreq);
2008 extern int shishi_apreq_options_set (Shishi * handle, Shishi_asn1 apreq,
2009 uint32_t options);
2010 extern int shishi_apreq_options_add (Shishi * handle, Shishi_asn1 apreq,
2011 uint32_t option);
2012 extern int shishi_apreq_options_remove (Shishi * handle, Shishi_asn1 apreq,
2013 uint32_t option);
2014 extern int shishi_apreq_get_ticket (Shishi * handle, Shishi_asn1 apreq,
2015 Shishi_asn1 * ticket);
2016 extern int shishi_apreq_get_authenticator_etype (Shishi * handle,
2017 Shishi_asn1 apreq,
2018 int32_t * etype);
2019 extern int shishi_apreq_decrypt (Shishi * handle, Shishi_asn1 apreq,
2020 Shishi_key * key, int keyusage,
2021 Shishi_asn1 * authenticator);
2022
2023 /* aprep.c */
2024 extern Shishi_asn1 shishi_aprep (Shishi * handle);
2025 extern int shishi_aprep_print (Shishi * handle, FILE * fh, Shishi_asn1 aprep);
2026 extern int shishi_aprep_save (Shishi * handle, FILE * fh, Shishi_asn1 aprep);
2027 extern int shishi_aprep_to_file (Shishi * handle, Shishi_asn1 aprep,
2028 int filetype, const char *filename);
2029 extern int shishi_aprep_read (Shishi * handle, FILE * fh,
2030 Shishi_asn1 * aprep);
2031 extern int shishi_aprep_parse (Shishi * handle, FILE * fh,
2032 Shishi_asn1 * aprep);
2033 extern int shishi_aprep_from_file (Shishi * handle, Shishi_asn1 * aprep,
2034 int filetype, const char *filename);
2035 extern int shishi_aprep_decrypt (Shishi * handle, Shishi_asn1 aprep,
2036 Shishi_key * key, int keyusage,
2037 Shishi_asn1 * encapreppart);
2038 extern int shishi_aprep_verify (Shishi * handle, Shishi_asn1 authenticator,
2039 Shishi_asn1 encapreppart);
2040 extern int shishi_aprep_enc_part_set (Shishi * handle, Shishi_asn1 aprep,
2041 int etype,
2042 const char *buf, size_t buflen);
2043 extern int shishi_aprep_enc_part_add (Shishi * handle, Shishi_asn1 aprep,
2044 Shishi_asn1 encticketpart,
2045 Shishi_asn1 encapreppart);
2046 extern int shishi_aprep_enc_part_make (Shishi * handle, Shishi_asn1 aprep,
2047 Shishi_asn1 encapreppart,
2048 Shishi_asn1 authenticator,
2049 Shishi_asn1 encticketpart);
2050 extern int shishi_aprep_get_enc_part_etype (Shishi * handle,
2051 Shishi_asn1 aprep,
2052 int32_t * etype);
2053
2054 /* netio.c */
2055 extern int shishi_kdc_sendrecv (Shishi * handle, char *realm,
2056 const char *indata, size_t inlen,
2057 char **outdata, size_t * outlen);
2058 extern int shishi_kdc_sendrecv_hint (Shishi * handle, char *realm,
2059 const char *indata, size_t inlen,
2060 char **outdata, size_t * outlen,
2061 Shishi_tkts_hint * hint);
2062
2063 /* encticketpart.c */
2064 extern Shishi_asn1 shishi_encticketpart (Shishi * handle);
2065 extern int shishi_encticketpart_key_set (Shishi * handle,
2066 Shishi_asn1 encticketpart,
2067 Shishi_key * key);
2068 extern int shishi_encticketpart_get_key (Shishi * handle,
2069 Shishi_asn1 encticketpart,
2070 Shishi_key ** key);
2071 extern int shishi_encticketpart_crealm (Shishi * handle,
2072 Shishi_asn1 encticketpart,
2073 char **crealm, size_t * crealmlen);
2074 extern int shishi_encticketpart_crealm_set (Shishi * handle,
2075 Shishi_asn1 encticketpart,
2076 const char *realm);
2077 extern int shishi_encticketpart_client (Shishi * handle,
2078 Shishi_asn1 encticketpart,
2079 char **client, size_t * clientlen);
2080 extern int shishi_encticketpart_clientrealm (Shishi * handle,
2081 Shishi_asn1 encticketpart,
2082 char **client, size_t *clientlen);
2083 extern int shishi_encticketpart_cname_set (Shishi * handle,
2084 Shishi_asn1 encticketpart,
2085 Shishi_name_type name_type,
2086 const char *principal);
2087 extern int shishi_encticketpart_print (Shishi * handle, FILE * fh,
2088 Shishi_asn1 encticketpart);
2089 extern int shishi_encticketpart_flags_set (Shishi * handle,
2090 Shishi_asn1 encticketpart,
2091 int flags);
2092 extern int shishi_encticketpart_transited_set (Shishi * handle,
2093 Shishi_asn1 encticketpart,
2094 int32_t trtype,
2095 const char *trdata,
2096 size_t trdatalen);
2097 extern int shishi_encticketpart_authtime_set (Shishi * handle,
2098 Shishi_asn1 encticketpart,
2099 const char *authtime);
2100 extern int shishi_encticketpart_endtime_set (Shishi * handle,
2101 Shishi_asn1 encticketpart,
2102 const char *endtime);
2103 extern int shishi_encticketpart_authtime (Shishi * handle,
2104 Shishi_asn1 encticketpart,
2105 char *authtime,
2106 size_t * authtimelen);
2107 extern time_t shishi_encticketpart_authctime (Shishi * handle,
2108 Shishi_asn1 encticketpart);
2109
2110 /* safe.c */
2111 extern int shishi_safe (Shishi * handle, Shishi_safe ** safe);
2112 extern void shishi_safe_done (Shishi_safe * safe);
2113 extern Shishi_key *shishi_safe_key (Shishi_safe * safe);
2114 extern void shishi_safe_key_set (Shishi_safe * safe, Shishi_key * key);
2115 extern Shishi_asn1 shishi_safe_safe (Shishi_safe * safe);
2116 extern void shishi_safe_safe_set (Shishi_safe * safe, Shishi_asn1 asn1safe);
2117 extern int shishi_safe_safe_der (Shishi_safe * safe, char **out,
2118 size_t * outlen);
2119 extern int shishi_safe_safe_der_set (Shishi_safe * safe,
2120 char *der, size_t derlen);
2121 extern int shishi_safe_print (Shishi * handle, FILE * fh, Shishi_asn1 safe);
2122 extern int shishi_safe_save (Shishi * handle, FILE * fh, Shishi_asn1 safe);
2123 extern int shishi_safe_to_file (Shishi * handle, Shishi_asn1 safe,
2124 int filetype, const char *filename);
2125 extern int shishi_safe_parse (Shishi * handle, FILE * fh, Shishi_asn1 * safe);
2126 extern int shishi_safe_read (Shishi * handle, FILE * fh, Shishi_asn1 * safe);
2127 extern int shishi_safe_from_file (Shishi * handle, Shishi_asn1 * safe,
2128 int filetype, const char *filename);
2129 extern int shishi_safe_cksum (Shishi * handle,
2130 Shishi_asn1 safe,
2131 int32_t * cksumtype,
2132 char **cksum, size_t * cksumlen);
2133 extern int shishi_safe_set_cksum (Shishi * handle,
2134 Shishi_asn1 safe,
2135 int32_t cksumtype,
2136 const char *cksum, size_t cksumlen);
2137 extern int shishi_safe_user_data (Shishi * handle,
2138 Shishi_asn1 safe,
2139 char **userdata, size_t * userdatalen);
2140 extern int shishi_safe_set_user_data (Shishi * handle,
2141 Shishi_asn1 safe,
2142 const char *userdata,
2143 size_t userdatalen);
2144 extern int shishi_safe_build (Shishi_safe * safe, Shishi_key * key);
2145 extern int shishi_safe_verify (Shishi_safe * safe, Shishi_key * key);
2146
2147 /* priv.c */
2148 extern int shishi_priv (Shishi * handle, Shishi_priv ** priv);
2149 extern void shishi_priv_done (Shishi_priv * priv);
2150 extern Shishi_key *shishi_priv_key (Shishi_priv * priv);
2151 extern void shishi_priv_key_set (Shishi_priv * priv, Shishi_key * key);
2152 extern Shishi_asn1 shishi_priv_priv (Shishi_priv * priv);
2153 extern void shishi_priv_priv_set (Shishi_priv * priv, Shishi_asn1 asn1priv);
2154 extern int shishi_priv_priv_der (Shishi_priv * priv, char **out,
2155 size_t * outlen);
2156 extern int shishi_priv_priv_der_set (Shishi_priv * priv,
2157 char *der, size_t derlen);
2158 extern Shishi_asn1 shishi_priv_encprivpart (Shishi_priv * priv);
2159 extern void shishi_priv_encprivpart_set (Shishi_priv * priv,
2160 Shishi_asn1 asn1encprivpart);
2161 extern int shishi_priv_encprivpart_der (Shishi_priv * priv, char **out,
2162 size_t * outlen);
2163 extern int shishi_priv_encprivpart_der_set (Shishi_priv * priv,
2164 char *der, size_t derlen);
2165 extern int shishi_priv_print (Shishi * handle, FILE * fh, Shishi_asn1 priv);
2166 extern int shishi_priv_save (Shishi * handle, FILE * fh, Shishi_asn1 priv);
2167 extern int shishi_priv_to_file (Shishi * handle, Shishi_asn1 priv,
2168 int filetype, const char *filename);
2169 extern int shishi_priv_parse (Shishi * handle, FILE * fh, Shishi_asn1 * priv);
2170 extern int shishi_priv_read (Shishi * handle, FILE * fh, Shishi_asn1 * priv);
2171 extern int shishi_priv_from_file (Shishi * handle, Shishi_asn1 * priv,
2172 int filetype, const char *filename);
2173 extern int shishi_priv_enc_part_etype (Shishi * handle,
2174 Shishi_asn1 priv, int32_t * etype);
2175 extern int shishi_priv_set_enc_part (Shishi * handle,
2176 Shishi_asn1 priv,
2177 int32_t etype,
2178 const char *encpart, size_t encpartlen);
2179 extern int shishi_encprivpart_user_data (Shishi * handle,
2180 Shishi_asn1 encprivpart,
2181 char **userdata,
2182 size_t * userdatalen);
2183 extern int shishi_encprivpart_set_user_data (Shishi * handle,
2184 Shishi_asn1 encprivpart,
2185 const char *userdata,
2186 size_t userdatalen);
2187 extern int shishi_priv_build (Shishi_priv * priv, Shishi_key * key);
2188 extern int shishi_priv_process (Shishi_priv * priv, Shishi_key * key);
2189
2190 /* authorize.c */
2191 extern int shishi_authorized_p (Shishi * handle,
2192 Shishi_tkt * tkt, const char *authzname);
2193 extern int shishi_authorization_parse (const char *authorization);
2194 extern int shishi_authorize_strcmp (Shishi * handle, const char *principal,
2195 const char *authzname);
2196 extern int shishi_authorize_k5login (Shishi * handle, const char *principal,
2197 const char *authzname);
2198
2199 /* pki.c */
2200 extern char *shishi_x509ca_default_file_guess (Shishi * handle);
2201 extern void shishi_x509ca_default_file_set (Shishi * handle,
2202 const char *x509cafile);
2203 extern const char *shishi_x509ca_default_file (Shishi * handle);
2204 extern char *shishi_x509ca_default_file_guess (Shishi * handle);
2205 extern char *shishi_x509cert_default_file_guess (Shishi * handle);
2206 extern void shishi_x509cert_default_file_set (Shishi * handle,
2207 const char *x509certfile);
2208 extern const char *shishi_x509cert_default_file (Shishi * handle);
2209 extern char *shishi_x509key_default_file_guess (Shishi * handle);
2210 extern void shishi_x509key_default_file_set (Shishi * handle,
2211 const char *x509keyfile);
2212 extern const char *shishi_x509key_default_file (Shishi * handle);
2213
2214 /* utils.c */
2215 extern time_t shishi_get_date (const char *p, const time_t * now);
2216 extern void shishi_xalloc_die (void);
2217
2218 /* resolv.c */
2219 extern Shishi_dns shishi_resolv (const char *zone, uint16_t querytype);
2220 extern void shishi_resolv_free (Shishi_dns rrs);
2221
2222 #endif
Free Kerberos V5 implementation