1 /* shishi.h --- Header file for Shishi library. -*- c -*-
2 * Copyright (C) 2002, 2003, 2004, 2006, 2007 Simon Josefsson
4 * This file is part of Shishi.
6 * Shishi is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * Shishi is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, see http://www.gnu.org/licenses or write
18 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
19 * Floor, Boston, MA 02110-1301, USA
26 #include <stddef.h> /* size_t */
27 #include <stdio.h> /* FILE */
28 #include <time.h> /* time_t */
29 #include <shishi-int.h> /* uint32_t */
31 #define SHISHI_VERSION "@PACKAGE_VERSION@"
37 SHISHI_ASN1_ERROR
= 1,
38 SHISHI_FOPEN_ERROR
= 2,
40 SHISHI_MALLOC_ERROR
= 4,
41 SHISHI_BASE64_ERROR
= 5,
42 SHISHI_REALM_MISMATCH
= 6,
43 SHISHI_CNAME_MISMATCH
= 7,
44 SHISHI_NONCE_MISMATCH
= 8,
45 SHISHI_TGSREP_BAD_KEYTYPE
= 9,
46 SHISHI_KDCREP_BAD_KEYTYPE
= 10,
47 SHISHI_APREP_BAD_KEYTYPE
= 11,
48 SHISHI_APREP_VERIFY_FAILED
= 12,
49 SHISHI_APREQ_BAD_KEYTYPE
= 13,
50 SHISHI_TOO_SMALL_BUFFER
= 14,
51 SHISHI_DERIVEDKEY_TOO_SMALL
= 15,
52 SHISHI_KEY_TOO_LARGE
= 16,
53 SHISHI_CRYPTO_ERROR
= 17,
54 SHISHI_CRYPTO_INTERNAL_ERROR
= 18,
55 SHISHI_SOCKET_ERROR
= 19,
56 SHISHI_BIND_ERROR
= 20,
57 SHISHI_SENDTO_ERROR
= 21,
58 SHISHI_RECVFROM_ERROR
= 22,
59 SHISHI_CLOSE_ERROR
= 23,
60 SHISHI_KDC_TIMEOUT
= 24,
61 SHISHI_KDC_NOT_KNOWN_FOR_REALM
= 25,
62 SHISHI_TTY_ERROR
= 26,
63 SHISHI_GOT_KRBERROR
= 27,
64 SHISHI_HANDLE_ERROR
= 28,
65 SHISHI_INVALID_TKTS
= 29,
66 SHISHI_TICKET_BAD_KEYTYPE
= 30,
67 SHISHI_INVALID_KEY
= 31,
68 SHISHI_APREQ_DECRYPT_FAILED
= 32,
69 SHISHI_TICKET_DECRYPT_FAILED
= 33,
70 SHISHI_INVALID_TICKET
= 34,
71 SHISHI_OUT_OF_RANGE
= 35,
72 SHISHI_ASN1_NO_ELEMENT
= 36,
73 SHISHI_SAFE_BAD_KEYTYPE
= 37,
74 SHISHI_SAFE_VERIFY_FAILED
= 38,
75 SHISHI_PKCS5_INVALID_PRF
= 39,
76 SHISHI_PKCS5_INVALID_ITERATION_COUNT
= 40,
77 SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH
= 41,
78 SHISHI_PKCS5_DERIVED_KEY_TOO_LONG
= 42,
79 SHISHI_INVALID_PRINCIPAL_NAME
= 43,
80 SHISHI_INVALID_ARGUMENT
= 44,
81 SHISHI_ASN1_NO_VALUE
= 45,
82 SHISHI_CONNECT_ERROR
= 46,
83 SHISHI_VERIFY_FAILED
= 47,
84 SHISHI_PRIV_BAD_KEYTYPE
= 48,
85 SHISHI_FILE_ERROR
= 49,
86 SHISHI_ENCAPREPPART_BAD_KEYTYPE
= 50,
87 SHISHI_GETTIMEOFDAY_ERROR
= 51,
88 SHISHI_KEYTAB_ERROR
= 52,
89 SHISHI_CCACHE_ERROR
= 53,
90 SHISHI_LAST_ERROR
= 53
96 /* Name type not known */
97 SHISHI_NT_UNKNOWN
= 0,
98 /* Just the name of the principal as in DCE, or for users */
99 SHISHI_NT_PRINCIPAL
= 1,
100 /* Service and other unique instance (krbtgt) */
101 SHISHI_NT_SRV_INST
= 2,
102 /* Service with host name as instance (telnet, rcommands) */
103 SHISHI_NT_SRV_HST
= 3,
104 /* Service with host as remaining components */
105 SHISHI_NT_SRV_XHST
= 4,
108 /* Encoded X.509 Distingished name [RFC 2253] */
109 SHISHI_NT_X500_PRINCIPAL
= 6,
110 /* Name in form of SMTP email name (e.g. user@foo.com) */
111 SHISHI_NT_SMTP_NAME
= 7,
112 /* Enterprise name - may be mapped to principal name */
113 SHISHI_NT_ENTERPRISE
= 10
119 SHISHI_PA_TGS_REQ
= 1,
120 SHISHI_PA_ENC_TIMESTAMP
= 2,
121 SHISHI_PA_PW_SALT
= 3,
122 SHISHI_PA_RESERVED
= 4,
123 SHISHI_PA_ENC_UNIX_TIME
= 5, /* (deprecated) */
124 SHISHI_PA_SANDIA_SECUREID
= 6,
125 SHISHI_PA_SESAME
= 7,
126 SHISHI_PA_OSF_DCE
= 8,
127 SHISHI_PA_CYBERSAFE_SECUREID
= 9,
128 SHISHI_PA_AFS3_SALT
= 10,
129 SHISHI_PA_ETYPE_INFO
= 11,
130 SHISHI_PA_SAM_CHALLENGE
= 12, /* (sam/otp) */
131 SHISHI_PA_SAM_RESPONSE
= 13, /* (sam/otp) */
132 SHISHI_PA_PK_AS_REQ
= 14, /* (pkinit) */
133 SHISHI_PA_PK_AS_REP
= 15, /* (pkinit) */
134 SHISHI_PA_ETYPE_INFO2
= 19, /* (replaces pa_etype_info) */
135 SHISHI_PA_USE_SPECIFIED_KVNO
= 20,
136 SHISHI_PA_SAM_REDIRECT
= 21, /* (sam/otp) */
137 SHISHI_PA_GET_FROM_TYPED_DATA
= 22, /* (embedded in typed data) */
138 SHISHI_TD_PADATA
= 22, /* (embeds padata) */
139 SHISHI_PA_SAM_ETYPE_INFO
= 23, /* (sam/otp) */
140 SHISHI_PA_ALT_PRINC
= 24, /* (crawdad@fnal.gov) */
141 SHISHI_PA_SAM_CHALLENGE2
= 30, /* (kenh@pobox.com) */
142 SHISHI_PA_SAM_RESPONSE2
= 31, /* (kenh@pobox.com) */
143 SHISHI_PA_EXTRA_TGT
= 41, /* Reserved extra TGT */
144 SHISHI_TD_PKINIT_CMS_CERTIFICATES
= 101, /* CertificateSet from CMS */
145 SHISHI_TD_KRB_PRINCIPAL
= 102, /* PrincipalName */
146 SHISHI_TD_KRB_REALM
= 103, /* Realm */
147 SHISHI_TD_TRUSTED_CERTIFIERS
= 104, /* from PKINIT */
148 SHISHI_TD_CERTIFICATE_INDEX
= 105, /* from PKINIT */
149 SHISHI_TD_APP_DEFINED_ERROR
= 106, /* application specific */
150 SHISHI_TD_REQ_NONCE
= 107, /* INTEGER */
151 SHISHI_TD_REQ_SEQ
= 108, /* INTEGER */
152 SHISHI_PA_PAC_REQUEST
= 128 /* (jbrezak@exchange.microsoft.com) */
158 SHISHI_TR_DOMAIN_X500_COMPRESS
= 1
164 SHISHI_APOPTIONS_RESERVED
= 0x1, /* bit 0 */
165 SHISHI_APOPTIONS_USE_SESSION_KEY
= 0x2, /* bit 1 */
166 SHISHI_APOPTIONS_MUTUAL_REQUIRED
= 0x4 /* bit 2 */
172 SHISHI_TICKETFLAGS_RESERVED
= 0x1, /* bit 0 */
173 SHISHI_TICKETFLAGS_FORWARDABLE
= 0x2, /* bit 1 */
174 SHISHI_TICKETFLAGS_FORWARDED
= 0x4, /* bit 2 */
175 SHISHI_TICKETFLAGS_PROXIABLE
= 0x8, /* bit 3 */
176 SHISHI_TICKETFLAGS_PROXY
= 0x10, /* bit 4 */
177 SHISHI_TICKETFLAGS_MAY_POSTDATE
= 0x20, /* bit 5 */
178 SHISHI_TICKETFLAGS_POSTDATED
= 0x40, /* bit 6 */
179 SHISHI_TICKETFLAGS_INVALID
= 0x80, /* bit 7 */
180 SHISHI_TICKETFLAGS_RENEWABLE
= 0x100, /* bit 8 */
181 SHISHI_TICKETFLAGS_INITIAL
= 0x200, /* bit 9 */
182 SHISHI_TICKETFLAGS_PRE_AUTHENT
= 0x400, /* bit 10 */
183 SHISHI_TICKETFLAGS_HW_AUTHENT
= 0x800, /* bit 11 */
184 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED
= 0x1000, /* bit 12 */
185 SHISHI_TICKETFLAGS_OK_AS_DELEGATE
= 0x2000 /* bit 13 */
191 SHISHI_KDCOPTIONS_RESERVED
= 0x1, /* bit 0 */
192 SHISHI_KDCOPTIONS_FORWARDABLE
= 0x2, /* bit 1 */
193 SHISHI_KDCOPTIONS_FORWARDED
= 0x4, /* bit 2 */
194 SHISHI_KDCOPTIONS_PROXIABLE
= 0x8, /* bit 3 */
195 SHISHI_KDCOPTIONS_PROXY
= 0x10, /* bit 4 */
196 SHISHI_KDCOPTIONS_ALLOW_POSTDATE
= 0x20, /* bit 5 */
197 SHISHI_KDCOPTIONS_POSTDATED
= 0x40, /* bit 6 */
198 SHISHI_KDCOPTIONS_UNUSED7
= 0x80, /* bit 7 */
199 SHISHI_KDCOPTIONS_RENEWABLE
= 0x100, /* bit 8 */
200 SHISHI_KDCOPTIONS_UNUSED9
= 0x200, /* bit 9 */
201 SHISHI_KDCOPTIONS_UNUSED10
= 0x400, /* bit 10 */
202 SHISHI_KDCOPTIONS_UNUSED11
= 0x800 /* bit 11 */
203 #define SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK 0x4000000 /* bit 26 */
204 #define SHISHI_KDCOPTIONS_RENEWABLE_OK 0x8000000 /* bit 27 */
205 #define SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY 0x10000000 /* bit 28 */
206 #define SHISHI_KDCOPTIONS_RENEW 0x40000000 /* bit 30 */
207 #define SHISHI_KDCOPTIONS_VALIDATE 0x80000000 /* bit 31 */
215 /* 2 Authenticator non-PDU */
216 /* 3 EncTicketPart non-PDU */
218 /* Request for initial authentication */
219 SHISHI_MSGTYPE_AS_REQ
= 10,
220 /* Response to SHISHI_MSGTYPE_AS_REQ request */
221 SHISHI_MSGTYPE_AS_REP
= 11,
222 /* Request for authentication based on TGT */
223 SHISHI_MSGTYPE_TGS_REQ
= 12,
224 /* Response to SHISHI_MSGTYPE_TGS_REQ request */
225 SHISHI_MSGTYPE_TGS_REP
= 13,
226 /* application request to server */
227 SHISHI_MSGTYPE_AP_REQ
= 14,
228 /* Response to SHISHI_MSGTYPE_AP_REQ_MUTUAL */
229 SHISHI_MSGTYPE_AP_REP
= 15,
230 /* Reserved for user-to-user krb_tgt_request */
231 SHISHI_MSGTYPE_RESERVED16
= 16,
232 /* Reserved for user-to-user krb_tgt_reply */
233 SHISHI_MSGTYPE_RESERVED17
= 17,
235 /* Safe (checksummed) application message */
236 SHISHI_MSGTYPE_SAFE
= 20,
237 /* Private (encrypted) application message */
238 SHISHI_MSGTYPE_PRIV
= 21,
239 /* Private (encrypted) message to forward credentials */
240 SHISHI_MSGTYPE_CRED
= 22,
242 /* 25 EncASRepPart non-PDU */
243 /* 26 EncTGSRepPart non-PDU */
244 /* 27 EncApRepPart non-PDU */
245 /* 28 EncKrbPrivPart non-PDU */
246 /* 29 EncKrbCredPart non-PDU */
248 SHISHI_MSGTYPE_ERROR
= 30
254 SHISHI_LRTYPE_LAST_INITIAL_TGT_REQUEST
= 1,
255 SHISHI_LRTYPE_LAST_INITIAL_REQUEST
= 2,
256 SHISHI_LRTYPE_NEWEST_TGT_ISSUE
= 3,
257 SHISHI_LRTYPE_LAST_RENEWAL
= 4,
258 SHISHI_LRTYPE_LAST_REQUEST
= 5
265 SHISHI_DES_CBC_CRC
= 1,
266 SHISHI_DES_CBC_MD4
= 2,
267 SHISHI_DES_CBC_MD5
= 3,
268 SHISHI_DES_CBC_NONE
= 4,
269 SHISHI_DES3_CBC_NONE
= 6,
270 SHISHI_DES3_CBC_HMAC_SHA1_KD
= 16,
271 SHISHI_AES128_CTS_HMAC_SHA1_96
= 17,
272 SHISHI_AES256_CTS_HMAC_SHA1_96
= 18,
273 SHISHI_ARCFOUR_HMAC
= 23,
274 SHISHI_ARCFOUR_HMAC_EXP
= 24
282 SHISHI_RSA_MD4_DES
= 3,
284 SHISHI_DES_MAC_K
= 5,
285 SHISHI_RSA_MD4_DES_K
= 6,
287 SHISHI_RSA_MD5_DES
= 8,
288 SHISHI_RSA_MD5_DES_GSS
= 9, /* XXX */
289 SHISHI_HMAC_SHA1_DES3_KD
= 12,
290 SHISHI_HMAC_SHA1_96_AES128
= 15,
291 SHISHI_HMAC_SHA1_96_AES256
= 16,
292 SHISHI_ARCFOUR_HMAC_MD5
= -138,
293 SHISHI_KRB5_GSSAPI_CKSUM
= 8003,
294 SHISHI_NO_CKSUMTYPE
= -1
300 SHISHI_FILETYPE_TEXT
= 0,
303 SHISHI_FILETYPE_BASE64
,
304 SHISHI_FILETYPE_BINARY
310 SHISHI_OUTPUTTYPE_NULL
= 0,
311 SHISHI_OUTPUTTYPE_STDERR
,
312 SHISHI_OUTPUTTYPE_SYSLOG
318 SHISHI_AUTHORIZATION_BASIC
= 0,
319 SHISHI_AUTHORIZATION_K5LOGIN
321 Shishi_authorization
;
325 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
327 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP
= 1,
328 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
329 application session key), encrypted with the service key */
330 SHISHI_KEYUSAGE_ENCTICKETPART
= 2,
331 /* 3. AS-REP encrypted part (includes TGS session key or application
332 session key), encrypted with the client key */
333 SHISHI_KEYUSAGE_ENCASREPPART
= 3,
334 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
336 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY
= 4,
337 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
338 authenticator subkey (section 5.4.1) */
339 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY
= 5,
340 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
342 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM
= 6,
343 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
344 authenticator subkey), encrypted with the TGS session key */
345 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR
= 7,
346 /* 8. TGS-REP encrypted part (includes application session key), encrypted
347 with the TGS session key */
348 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY
= 8,
349 /* 9. TGS-REP encrypted part (includes application session key), encrypted
350 with the TGS authenticator subkey */
351 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY
= 9,
352 /* 10. AP-REQ Authenticator cksum, keyed with the application
354 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM
= 10,
355 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
356 encrypted with the application session key */
357 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR
= 11,
358 /* 12. AP-REP encrypted part (includes application session subkey),
359 encrypted with the application session key */
360 SHISHI_KEYUSAGE_ENCAPREPPART
= 12,
361 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
363 SHISHI_KEYUSAGE_KRB_PRIV
= 13,
364 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
366 SHISHI_KEYUSAGE_KRB_CRED
= 14,
367 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
368 SHISHI_KEYUSAGE_KRB_SAFE
= 15,
369 /* 18. KRB-ERROR checksum (e-cksum) */
370 SHISHI_KEYUSAGE_KRB_ERROR
= 18,
371 /* 19. AD-KDCIssued checksum (ad-checksum) */
372 SHISHI_KEYUSAGE_AD_KDCISSUED
= 19,
373 /* 20. Checksum for Mandatory Ticket Extensions */
374 SHISHI_KEYUSAGE_TICKET_EXTENSION
= 20,
375 /* 21. Checksum in Authorization Data in Ticket Extensions */
376 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION
= 21,
377 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
379 SHISHI_KEYUSAGE_GSS_R1
= 22,
380 SHISHI_KEYUSAGE_GSS_R2
= 23,
381 SHISHI_KEYUSAGE_GSS_R3
= 24,
382 /* draft-ietf-krb-wg-gssapi-cfx */
383 SHISHI_KEYUSAGE_ACCEPTOR_SEAL
= 22,
384 SHISHI_KEYUSAGE_ACCEPTOR_SIGN
= 23,
385 SHISHI_KEYUSAGE_INITIATOR_SEAL
= 24,
386 SHISHI_KEYUSAGE_INITIATOR_SIGN
= 25,
387 /* 16-18,20-21,25-511. Reserved for future use. */
388 /* 512-1023. Reserved for uses internal implementations. */
389 /* 1024. Encryption for application use in protocols that
390 do not specify key usage values */
391 /* 1025. Checksums for application use in protocols that
392 do not specify key usage values */
393 /* 1026-2047. Reserved for application use.
394 1026,1028,1030,1032,1034 used in KCMD protocol */
395 SHISHI_KEYUSAGE_KCMD_DES
= 1026,
396 SHISHI_KEYUSAGE_KCMD_INPUT
= 1028,
397 SHISHI_KEYUSAGE_KCMD_OUTPUT
= 1030,
398 SHISHI_KEYUSAGE_KCMD_STDERR_INPUT
= 1032,
399 SHISHI_KEYUSAGE_KCMD_STDERR_OUTPUT
= 1034
406 SHISHI_KDC_ERR_NONE
= 0,
407 /* Client's entry in database has expired */
408 SHISHI_KDC_ERR_NAME_EXP
= 1,
409 /* Server's entry in database has expired */
410 SHISHI_KDC_ERR_SERVICE_EXP
= 2,
411 /* Requested protocol version number - not supported */
412 SHISHI_KDC_ERR_BAD_PVNO
= 3,
413 /* Client's key encrypted in old master key */
414 SHISHI_KDC_ERR_C_OLD_MAST_KVNO
= 4,
415 /* Server's key encrypted in old master key */
416 SHISHI_KDC_ERR_S_OLD_MAST_KVNO
= 5,
417 /* Client not found in database */
418 SHISHI_KDC_ERR_C_PRINCIPAL_UNKNOWN
= 6,
419 /* Server not found in database */
420 SHISHI_KDC_ERR_S_PRINCIPAL_UNKNOWN
= 7,
421 /* Multiple principal entries in database */
422 SHISHI_KDC_ERR_PRINCIPAL_NOT_UNIQUE
= 8,
423 /* The client or server has a null key */
424 SHISHI_KDC_ERR_NULL_KEY
= 9,
425 /* Ticket not eligible for postdating */
426 SHISHI_KDC_ERR_CANNOT_POSTDATE
= 10,
427 /* Requested start time is later than end time */
428 SHISHI_KDC_ERR_NEVER_VALID
= 11,
429 /* KDC policy rejects request */
430 SHISHI_KDC_ERR_POLICY
= 12,
431 /* KDC cannot accommodate requested option */
432 SHISHI_KDC_ERR_BADOPTION
= 13,
433 /* KDC has no support for encryption type */
434 SHISHI_KDC_ERR_ETYPE_NOSUPP
= 14,
435 /* KDC has no support for checksum type */
436 SHISHI_KDC_ERR_SUMTYPE_NOSUPP
= 15,
437 /* KDC has no support for padata type */
438 SHISHI_KDC_ERR_PADATA_TYPE_NOSUPP
= 16,
439 /* KDC has no support for transited type */
440 SHISHI_KDC_ERR_TRTYPE_NOSUPP
= 17,
441 /* Clients credentials have been revoked */
442 SHISHI_KDC_ERR_CLIENT_REVOKED
= 18,
443 /* Credentials for server have been revoked */
444 SHISHI_KDC_ERR_SERVICE_REVOKED
= 19,
445 /* TGT has been revoked */
446 SHISHI_KDC_ERR_TGT_REVOKED
= 20,
447 /* Client not yet valid - try again later */
448 SHISHI_KDC_ERR_CLIENT_NOTYET
= 21,
449 /* Server not yet valid - try again later */
450 SHISHI_KDC_ERR_SERVICE_NOTYET
= 22,
451 /* Password has expired - change password to reset */
452 SHISHI_KDC_ERR_KEY_EXPIRED
= 23,
453 /* Pre-authentication information was invalid */
454 SHISHI_KDC_ERR_PREAUTH_FAILED
= 24,
455 /* Additional pre-authenticationrequired */
456 SHISHI_KDC_ERR_PREAUTH_REQUIRED
= 25,
457 /* Requested server and ticket don't match */
458 SHISHI_KDC_ERR_SERVER_NOMATCH
= 26,
459 /* Server principal valid for user = 2,user only */
460 SHISHI_KDC_ERR_MUST_USE_USER2USER
= 27,
461 /* KDC Policy rejects transited path */
462 SHISHI_KDC_ERR_PATH_NOT_ACCPETED
= 28,
463 /* A service is not available */
464 SHISHI_KDC_ERR_SVC_UNAVAILABLE
= 29,
465 /* Integrity check on decrypted field failed */
466 SHISHI_KRB_AP_ERR_BAD_INTEGRITY
= 31,
468 SHISHI_KRB_AP_ERR_TKT_EXPIRED
= 32,
469 /* Ticket not yet valid */
470 SHISHI_KRB_AP_ERR_TKT_NYV
= 33,
471 /* Request is a replay */
472 SHISHI_KRB_AP_ERR_REPEAT
= 34,
473 /* The ticket isn't for us */
474 SHISHI_KRB_AP_ERR_NOT_US
= 35,
475 /* Ticket and authenticator don't match */
476 SHISHI_KRB_AP_ERR_BADMATCH
= 36,
477 /* Clock skew too great */
478 SHISHI_KRB_AP_ERR_SKEW
= 37,
479 /* Incorrect net address */
480 SHISHI_KRB_AP_ERR_BADADDR
= 38,
481 /* Protocol version mismatch */
482 SHISHI_KRB_AP_ERR_BADVERSION
= 39,
483 /* Invalid msg type */
484 SHISHI_KRB_AP_ERR_MSG_TYPE
= 40,
485 /* Message stream modified */
486 SHISHI_KRB_AP_ERR_MODIFIED
= 41,
487 /* Message out of order */
488 SHISHI_KRB_AP_ERR_BADORDER
= 42,
489 /* Specified version of key is not available */
490 SHISHI_KRB_AP_ERR_BADKEYVER
= 44,
491 /* Service key not available */
492 SHISHI_KRB_AP_ERR_NOKEY
= 45,
493 /* Mutual authentication failed */
494 SHISHI_KRB_AP_ERR_MUT_FAIL
= 46,
495 /* Incorrect message direction */
496 SHISHI_KRB_AP_ERR_BADDIRECTION
= 47,
497 /* Alternative authentication method required */
498 SHISHI_KRB_AP_ERR_METHOD
= 48,
499 /* Incorrect sequence number in message */
500 SHISHI_KRB_AP_ERR_BADSEQ
= 49,
501 /* Inappropriate type of checksum in message */
502 SHISHI_KRB_AP_ERR_INAPP_CKSUM
= 50,
503 /* Policy rejects transited path */
504 SHISHI_KRB_AP_PATH_NOT_ACCEPTED
= 51,
505 /* Response too big for UDP, retry with TCP */
506 SHISHI_KRB_ERR_RESPONSE_TOO_BIG
= 52,
507 /* Generic error (description in e-text) */
508 SHISHI_KRB_ERR_GENERIC
= 60,
509 /* Field is too long for this implementation */
510 SHISHI_KRB_ERR_FIELD_TOOLONG
= 61,
511 /* Reserved for PKINIT */
512 SHISHI_KDC_ERROR_CLIENT_NOT_TRUSTED
= 62,
513 /* Reserved for PKINIT */
514 SHISHI_KDC_ERROR_KDC_NOT_TRUSTED
= 63,
515 /* Reserved for PKINIT */
516 SHISHI_KDC_ERROR_INVALID_SIG
= 64,
517 /* Reserved for PKINIT */
518 SHISHI_KDC_ERR_KEY_TOO_WEAK
= 65,
519 /* Reserved for PKINIT */
520 SHISHI_KDC_ERR_CERTIFICATE_MISMATCH
= 66,
521 /* No TGT available to validate USER-TO-USER */
522 SHISHI_KRB_AP_ERR_NO_TGT
= 67,
523 /* USER-TO-USER TGT issued different KDC */
524 SHISHI_KDC_ERR_WRONG_REALM
= 68,
525 /* Ticket must be for USER-TO-USER */
526 SHISHI_KRB_AP_ERR_USER_TO_USER_REQUIRED
= 69,
527 /* Reserved for PKINIT */
528 SHISHI_KDC_ERR_CANT_VERIFY_CERTIFICATE
= 70,
529 /* Reserved for PKINIT */
530 SHISHI_KDC_ERR_INVALID_CERTIFICATE
= 71,
531 /* Reserved for PKINIT */
532 SHISHI_KDC_ERR_REVOKED_CERTIFICATE
= 72,
533 /* Reserved for PKINIT */
534 SHISHI_KDC_ERR_REVOCATION_STATUS_UNKNOWN
= 73,
535 /* Reserved for PKINIT */
536 SHISHI_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE
= 74,
537 /* Reserved for PKINIT */
538 SHISHI_KDC_ERR_CLIENT_NAME_MISMATCH
= 75,
539 /* Reserved for PKINIT */
540 SHISHI_KDC_ERR_KDC_NAME_MISMATCH
= 76,
541 SHISHI_LAST_ERROR_CODE
= 76
547 SHISHI_TKTSHINTFLAGS_ACCEPT_EXPIRED
= 1
549 Shishi_tkts_hintflags
;
551 struct Shishi_tkts_hint
559 Shishi_ticketflags tktflags
;
560 Shishi_KDCOptions kdcoptions
;
566 int32_t preauthetype
;
568 size_t preauthsaltlen
;
569 char *preauths2kparams
;
570 size_t preauths2kparamslen
;
572 typedef struct Shishi_tkts_hint Shishi_tkts_hint
;
575 #define SHISHI_DNS_TXT 16
576 #define SHISHI_DNS_SRV 33
580 struct Shishi_dns_st
*next
;
588 typedef struct Shishi_dns_st
*Shishi_dns
;
590 struct Shishi_dns_srv_st
598 typedef struct Shishi_dns_srv_st
*Shishi_dns_srv
;
600 typedef struct Shishi Shishi
;
601 typedef struct Shishi_tkt Shishi_tkt
;
602 typedef struct Shishi_tkts Shishi_tkts
;
603 typedef struct Shishi_as Shishi_as
;
604 typedef struct Shishi_tgs Shishi_tgs
;
605 typedef struct Shishi_ap Shishi_ap
;
606 typedef struct Shishi_key Shishi_key
;
607 typedef struct Shishi_keys Shishi_keys
;
608 typedef struct Shishi_safe Shishi_safe
;
609 typedef struct Shishi_priv Shishi_priv
;
610 #ifndef _SHISHI_HAS_LIBTASN1_H
611 typedef struct node_asn_struct
*ASN1_TYPE
;
613 typedef ASN1_TYPE Shishi_asn1
;
614 typedef struct Shishi_crypto Shishi_crypto
;
616 #define SHISHI_GENERALIZEDTIME_LENGTH 15
617 #define SHISHI_GENERALIZEDTIMEZ_LENGTH (SHISHI_GENERALIZEDTIME_LENGTH + 1)
619 /* If non-NULL, call this function when memory is exhausted. */
620 extern void (*shishi_alloc_fail_function
) (void);
623 extern Shishi
*shishi (void);
624 extern Shishi
*shishi_server (void);
625 extern void shishi_done (Shishi
* handle
);
626 extern int shishi_init (Shishi
** handle
);
627 extern int shishi_init_with_paths (Shishi
** handle
,
628 const char *tktsfile
,
629 const char *systemcfgfile
,
630 const char *usercfgfile
);
631 extern int shishi_init_server (Shishi
** handle
);
632 extern int shishi_init_server_with_paths (Shishi
** handle
,
633 const char *systemcfgfile
);
636 extern int shishi_cfg (Shishi
* handle
, char *option
);
637 extern int shishi_cfg_from_file (Shishi
* handle
, const char *cfg
);
638 extern int shishi_cfg_print (Shishi
* handle
, FILE * fh
);
639 extern const char *shishi_cfg_default_systemfile (Shishi
* handle
);
640 extern const char *shishi_cfg_default_userdirectory (Shishi
* handle
);
641 extern const char *shishi_cfg_default_userfile (Shishi
* handle
);
642 extern char *shishi_cfg_userdirectory_file (Shishi
* handle
,
644 extern int shishi_cfg_clientkdcetype (Shishi
* handle
, int32_t ** etypes
);
645 extern int32_t shishi_cfg_clientkdcetype_fast (Shishi
* handle
);
646 extern int shishi_cfg_clientkdcetype_set (Shishi
* handle
, char *value
);
647 extern int shishi_cfg_authorizationtype_set (Shishi
* handle
, char *value
);
650 extern const char *shishi_strerror (int err
);
651 extern const char *shishi_error (Shishi
* handle
);
652 extern void shishi_error_clear (Shishi
* handle
);
653 extern void shishi_error_set (Shishi
* handle
, const char *errstr
);
654 extern void shishi_error_printf (Shishi
* handle
, const char *format
, ...);
655 extern int shishi_error_outputtype (Shishi
* handle
);
656 extern void shishi_error_set_outputtype (Shishi
* handle
, int type
);
657 extern void shishi_info (Shishi
* handle
, const char *format
, ...);
658 extern void shishi_warn (Shishi
* handle
, const char *format
, ...);
659 extern void shishi_verbose (Shishi
* handle
, const char *format
, ...);
662 extern char *shishi_realm_default_guess (void);
663 extern const char *shishi_realm_default (Shishi
* handle
);
664 extern void shishi_realm_default_set (Shishi
* handle
, const char *realm
);
665 extern char *shishi_realm_for_server_file (Shishi
* handle
, char *server
);
666 extern char *shishi_realm_for_server_dns (Shishi
* handle
, char *server
);
667 extern char *shishi_realm_for_server (Shishi
* handle
, char *server
);
670 extern char *shishi_principal_default_guess (void);
671 extern const char *shishi_principal_default (Shishi
* handle
);
672 extern void shishi_principal_default_set (Shishi
* handle
,
673 const char *principal
);
674 extern int shishi_principal_name (Shishi
* handle
,
675 Shishi_asn1 namenode
,
676 const char *namefield
,
677 char **out
, size_t * outlen
);
678 extern int shishi_principal_name_realm (Shishi
* handle
,
679 Shishi_asn1 namenode
,
680 const char *namefield
,
681 Shishi_asn1 realmnode
,
682 const char *realmfield
,
683 char **out
, size_t * outlen
);
684 extern int shishi_principal_name_set (Shishi
* handle
,
685 Shishi_asn1 namenode
,
686 const char *namefield
,
687 Shishi_name_type name_type
,
689 extern int shishi_principal_set (Shishi
* handle
,
690 Shishi_asn1 namenode
,
691 const char *namefield
, const char *name
);
692 extern int shishi_parse_name (Shishi
* handle
, const char *name
,
693 char **principal
, char **realm
);
694 extern int shishi_derive_default_salt (Shishi
* handle
,
697 extern char *shishi_server_for_local_service (Shishi
* handle
,
698 const char *service
);
701 extern Shishi_asn1
shishi_ticket (Shishi
* handle
);
702 extern int shishi_ticket_server (Shishi
* handle
, Shishi_asn1 ticket
,
703 char **server
, size_t * serverlen
);
704 extern int shishi_ticket_sname_set (Shishi
* handle
,
706 Shishi_name_type name_type
,
708 extern int shishi_ticket_srealmserver_set (Shishi
* handle
,
712 extern int shishi_ticket_set_server (Shishi
* handle
, Shishi_asn1 ticket
,
714 extern int shishi_ticket_realm_get (Shishi
* handle
,
716 char **realm
, size_t * realmlen
);
717 extern int shishi_ticket_realm_set (Shishi
* handle
, Shishi_asn1 ticket
,
719 extern int shishi_ticket_get_enc_part_etype (Shishi
* handle
,
722 extern int shishi_ticket_set_enc_part (Shishi
* handle
, Shishi_asn1 ticket
,
723 int32_t etype
, uint32_t kvno
,
724 const char *buf
, size_t buflen
);
725 extern int shishi_ticket_add_enc_part (Shishi
* handle
, Shishi_asn1 ticket
,
727 Shishi_asn1 encticketpart
);
728 extern int shishi_ticket_decrypt (Shishi
* handle
, Shishi_asn1 ticket
,
730 Shishi_asn1
* encticketpart
);
733 extern Shishi_asn1
shishi_tkt_ticket (Shishi_tkt
* tkt
);
734 extern void shishi_tkt_ticket_set (Shishi_tkt
* tkt
, Shishi_asn1 ticket
);
735 extern Shishi_asn1
shishi_tkt_kdcrep (Shishi_tkt
* tkt
);
736 extern Shishi_asn1
shishi_tkt_enckdcreppart (Shishi_tkt
* tkt
);
737 extern void shishi_tkt_enckdcreppart_set (Shishi_tkt
* tkt
,
738 Shishi_asn1 enckdcreppart
);
739 extern Shishi_asn1
shishi_tkt_encticketpart (Shishi_tkt
* tkt
);
740 extern void shishi_tkt_encticketpart_set (Shishi_tkt
* tkt
,
741 Shishi_asn1 encticketpart
);
742 extern Shishi_key
*shishi_tkt_key (Shishi_tkt
* tkt
);
743 extern int shishi_tkt_key_set (Shishi_tkt
* tkt
, Shishi_key
* key
);
744 extern int shishi_tkt (Shishi
* handle
, Shishi_tkt
** tkt
);
745 extern Shishi_tkt
*shishi_tkt2 (Shishi
* handle
,
747 Shishi_asn1 enckdcreppart
,
749 extern void shishi_tkt_pretty_print (Shishi_tkt
* tkt
, FILE * fh
);
750 extern int shishi_tkt_realm (Shishi_tkt
* tkt
, char **realm
,
752 extern int shishi_tkt_client (Shishi_tkt
* tkt
,
753 char **client
, size_t * clientlen
);
754 extern int shishi_tkt_client_p (Shishi_tkt
* tkt
, const char *client
);
755 extern int shishi_tkt_clientrealm (Shishi_tkt
* tkt
,
756 char **client
, size_t *clientlen
);
757 extern int shishi_tkt_clientrealm_p (Shishi_tkt
* tkt
, const char *client
);
758 extern int shishi_tkt_clientrealm_set (Shishi_tkt
* tkt
,
759 const char *realm
, const char *client
);
760 extern int shishi_tkt_serverrealm_set (Shishi_tkt
* tkt
,
761 const char *realm
, const char *server
);
762 extern int shishi_tkt_build (Shishi_tkt
* tkt
, Shishi_key
* key
);
763 extern int shishi_tkt_lastreq (Shishi_tkt
* tkt
,
764 char **lrtime
, size_t * lrtimelen
,
766 extern time_t shishi_tkt_lastreqc (Shishi_tkt
* tkt
, Shishi_lrtype lrtype
);
767 extern void shishi_tkt_lastreq_pretty_print (Shishi_tkt
* tkt
, FILE * fh
);
768 extern int shishi_tkt_authtime (Shishi_tkt
* tkt
,
769 char **authtime
, size_t * authtimelen
);
770 extern time_t shishi_tkt_authctime (Shishi_tkt
* tkt
);
771 extern int shishi_tkt_starttime (Shishi_tkt
* tkt
,
772 char **starttime
, size_t * starttimelen
);
773 extern time_t shishi_tkt_startctime (Shishi_tkt
* tkt
);
774 extern int shishi_tkt_endtime (Shishi_tkt
* tkt
,
775 char **endtime
, size_t * endtimelen
);
776 extern time_t shishi_tkt_endctime (Shishi_tkt
* tkt
);
777 extern int shishi_tkt_renew_till (Shishi_tkt
* tkt
,
778 char **renewtilltime
,
779 size_t * renewtilllen
);
780 extern time_t shishi_tkt_renew_tillc (Shishi_tkt
* tkt
);
781 extern int shishi_tkt_keytype (Shishi_tkt
* tkt
, int32_t * etype
);
782 extern int32_t shishi_tkt_keytype_fast (Shishi_tkt
* tkt
);
783 extern int shishi_tkt_keytype_p (Shishi_tkt
* tkt
, int32_t etype
);
784 extern int shishi_tkt_server (Shishi_tkt
* tkt
,
785 char **server
, size_t * serverlen
);
786 extern int shishi_tkt_server_p (Shishi_tkt
* tkt
, const char *server
);
787 extern int shishi_tkt_valid_at_time_p (Shishi_tkt
* tkt
, time_t now
);
788 extern int shishi_tkt_valid_now_p (Shishi_tkt
* tkt
);
789 extern int shishi_tkt_expired_p (Shishi_tkt
* tkt
);
790 extern int shishi_tkt_decrypt (Shishi_tkt
* tkt
, Shishi_key
* key
);
791 extern void shishi_tkt_done (Shishi_tkt
* tkt
);
792 extern int shishi_tkt_flags (Shishi_tkt
* tkt
, uint32_t * flags
);
793 extern int shishi_tkt_flags_set (Shishi_tkt
* tkt
, uint32_t flags
);
794 extern int shishi_tkt_flags_add (Shishi_tkt
* tkt
, uint32_t flag
);
795 extern int shishi_tkt_forwardable_p (Shishi_tkt
* tkt
);
796 extern int shishi_tkt_forwarded_p (Shishi_tkt
* tkt
);
797 extern int shishi_tkt_proxiable_p (Shishi_tkt
* tkt
);
798 extern int shishi_tkt_proxy_p (Shishi_tkt
* tkt
);
799 extern int shishi_tkt_may_postdate_p (Shishi_tkt
* tkt
);
800 extern int shishi_tkt_postdated_p (Shishi_tkt
* tkt
);
801 extern int shishi_tkt_invalid_p (Shishi_tkt
* tkt
);
802 extern int shishi_tkt_renewable_p (Shishi_tkt
* tkt
);
803 extern int shishi_tkt_initial_p (Shishi_tkt
* tkt
);
804 extern int shishi_tkt_pre_authent_p (Shishi_tkt
* tkt
);
805 extern int shishi_tkt_hw_authent_p (Shishi_tkt
* tkt
);
806 extern int shishi_tkt_transited_policy_checked_p (Shishi_tkt
* tkt
);
807 extern int shishi_tkt_ok_as_delegate_p (Shishi_tkt
* tkt
);
810 extern char *shishi_tkts_default_file_guess (Shishi
* handle
);
811 extern const char *shishi_tkts_default_file (Shishi
* handle
);
812 extern void shishi_tkts_default_file_set (Shishi
* handle
,
813 const char *tktsfile
);
814 extern Shishi_tkts
*shishi_tkts_default (Shishi
* handle
);
815 extern int shishi_tkts_default_to_file (Shishi_tkts
* tkts
);
816 extern int shishi_tkts (Shishi
* handle
, Shishi_tkts
** tkts
);
817 extern Shishi_tkt
*shishi_tkts_nth (Shishi_tkts
* tkts
, int ticketno
);
818 extern int shishi_tkts_size (Shishi_tkts
* tkts
);
819 extern int shishi_tkts_add (Shishi_tkts
* tkts
, Shishi_tkt
* tkt
);
820 extern int shishi_tkts_new (Shishi_tkts
* tkts
,
822 Shishi_asn1 enckdcreppart
, Shishi_asn1 kdcrep
);
823 extern int shishi_tkts_remove (Shishi_tkts
* tkts
, int ticketno
);
824 extern int shishi_tkts_expire (Shishi_tkts
* tkts
);
825 extern int shishi_tkts_print_for_service (Shishi_tkts
* tkts
,
826 FILE * fh
, const char *service
);
827 extern int shishi_tkts_print (Shishi_tkts
* tkts
, FILE * fh
);
828 extern int shishi_tkts_write (Shishi_tkts
* tkts
, FILE * fh
);
829 extern int shishi_tkts_to_file (Shishi_tkts
* tkts
, const char *filename
);
830 extern int shishi_tkts_read (Shishi_tkts
* tkts
, FILE * fh
);
831 extern int shishi_tkts_from_file (Shishi_tkts
* tkts
, const char *filename
);
832 extern void shishi_tkts_done (Shishi_tkts
** tkts
);
833 extern int shishi_tkt_match_p (Shishi_tkt
* tkt
, Shishi_tkts_hint
* hint
);
834 extern Shishi_tkt
*shishi_tkts_find (Shishi_tkts
* tkts
,
835 Shishi_tkts_hint
* hint
);
836 extern Shishi_tkt
*shishi_tkts_find_for_clientserver (Shishi_tkts
* tkts
,
839 extern Shishi_tkt
*shishi_tkts_find_for_server (Shishi_tkts
* tkts
,
841 extern Shishi_tkt
*shishi_tkts_get (Shishi_tkts
* tkts
,
842 Shishi_tkts_hint
* hint
);
843 extern Shishi_tkt
*shishi_tkts_get_tgt (Shishi_tkts
* tkts
,
844 Shishi_tkts_hint
* hint
);
845 extern Shishi_tkt
*shishi_tkts_get_tgs (Shishi_tkts
* tkts
,
846 Shishi_tkts_hint
* hint
,
848 extern Shishi_tkt
*shishi_tkts_get_for_clientserver (Shishi_tkts
* tkts
,
851 extern Shishi_tkt
*shishi_tkts_get_for_server (Shishi_tkts
* tkts
,
853 extern Shishi_tkt
*shishi_tkts_get_for_localservicepasswd (Shishi_tkts
* tkts
,
860 extern char *shishi_tkts_default_ccache_guess (Shishi
* handle
);
861 extern const char *shishi_tkts_default_ccache (Shishi
* handle
);
862 extern void shishi_tkts_default_ccache_set (Shishi
* handle
,
864 extern int shishi_tkts_add_ccache_mem (Shishi
* handle
,
865 const char *data
, size_t len
,
867 extern int shishi_tkts_add_ccache_file (Shishi
* handle
,
868 const char *filename
,
870 extern int shishi_tkts_from_ccache_mem (Shishi
* handle
,
871 const char *data
, size_t len
,
872 Shishi_tkts
**outtkts
);
873 extern int shishi_tkts_from_ccache_file (Shishi
* handle
,
874 const char *filename
,
875 Shishi_tkts
**outtkts
);
879 shishi_enckdcreppart_print (Shishi
* handle
,
880 FILE * fh
, Shishi_asn1 enckdcreppart
);
882 shishi_enckdcreppart_save (Shishi
* handle
,
883 FILE * fh
, Shishi_asn1 enckdcreppart
);
885 shishi_enckdcreppart_parse (Shishi
* handle
,
886 FILE * fh
, Shishi_asn1
* enckdcreppart
);
888 shishi_enckdcreppart_read (Shishi
* handle
,
889 FILE * fh
, Shishi_asn1
* enckdcreppart
);
890 extern int shishi_ticket_save (Shishi
* handle
, FILE * fh
,
892 extern int shishi_ticket_print (Shishi
* handle
, FILE * fh
,
894 extern int shishi_kdc_req_print (Shishi
* handle
, FILE * fh
,
896 extern int shishi_kdc_rep_print (Shishi
* handle
, FILE * fh
,
898 extern int shishi_kdc_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 asreq
,
899 Shishi_asn1 asrep
, Shishi_asn1 encasreppart
);
900 extern int shishi_kdc_req_parse (Shishi
* handle
, FILE * fh
,
901 Shishi_asn1
* asreq
);
902 extern int shishi_kdc_rep_parse (Shishi
* handle
, FILE * fh
,
903 Shishi_asn1
* asrep
);
904 extern int shishi_ticket_parse (Shishi
* handle
, FILE * fh
,
905 Shishi_asn1
* ticket
);
906 extern int shishi_ticket_read (Shishi
* handle
, FILE * fh
,
907 Shishi_asn1
* ticket
);
908 extern int shishi_etype_info_print (Shishi
* handle
, FILE * fh
,
909 Shishi_asn1 etypeinfo
);
910 extern int shishi_etype_info2_print (Shishi
* handle
, FILE * fh
,
911 Shishi_asn1 etypeinfo2
);
913 /* authenticator.c */
914 extern Shishi_asn1
shishi_authenticator (Shishi
* handle
);
915 extern int shishi_authenticator_set_crealm (Shishi
* handle
,
916 Shishi_asn1 authenticator
,
918 extern int shishi_authenticator_set_cname (Shishi
* handle
,
919 Shishi_asn1 authenticator
,
920 Shishi_name_type name_type
,
921 const char *cname
[]);
922 extern int shishi_authenticator_client_set (Shishi
* handle
,
923 Shishi_asn1 authenticator
,
925 extern int shishi_authenticator_ctime (Shishi
* handle
,
926 Shishi_asn1 authenticator
, char **t
);
927 extern int shishi_authenticator_ctime_set (Shishi
* handle
,
928 Shishi_asn1 authenticator
,
930 extern int shishi_authenticator_cusec_get (Shishi
* handle
,
931 Shishi_asn1 authenticator
,
933 extern int shishi_authenticator_cusec_set (Shishi
* handle
,
934 Shishi_asn1 authenticator
,
936 extern int shishi_authenticator_seqnumber_get (Shishi
* handle
,
937 Shishi_asn1 authenticator
,
938 uint32_t * seqnumber
);
939 extern int shishi_authenticator_seqnumber_remove (Shishi
* handle
,
940 Shishi_asn1 authenticator
);
941 extern int shishi_authenticator_seqnumber_set (Shishi
* handle
,
942 Shishi_asn1 authenticator
,
944 extern int shishi_authenticator_client (Shishi
* handle
,
945 Shishi_asn1 authenticator
,
946 char **client
, size_t *clientlen
);
947 extern int shishi_authenticator_clientrealm (Shishi
* handle
,
948 Shishi_asn1 authenticator
,
949 char **client
, size_t *clientlen
);
950 extern int shishi_authenticator_remove_cksum (Shishi
* handle
,
951 Shishi_asn1 authenticator
);
952 extern int shishi_authenticator_cksum (Shishi
* handle
,
953 Shishi_asn1 authenticator
,
955 char **cksum
, size_t * cksumlen
);
956 extern int shishi_authenticator_set_cksum (Shishi
* handle
,
957 Shishi_asn1 authenticator
,
959 char *cksum
, size_t cksumlen
);
960 extern int shishi_authenticator_add_cksum (Shishi
* handle
,
961 Shishi_asn1 authenticator
,
964 char *data
, size_t datalen
);
966 shishi_authenticator_add_cksum_type (Shishi
* handle
,
967 Shishi_asn1 authenticator
,
969 int keyusage
, int cksumtype
,
970 char *data
, size_t datalen
);
972 shishi_authenticator_remove_subkey (Shishi
* handle
,
973 Shishi_asn1 authenticator
);
974 extern Shishi_asn1
shishi_authenticator_subkey (Shishi
* handle
);
976 shishi_authenticator_get_subkey (Shishi
* handle
,
977 Shishi_asn1 authenticator
,
978 Shishi_key
** subkey
);
980 shishi_authenticator_set_subkey (Shishi
* handle
,
981 Shishi_asn1 authenticator
,
983 char *subkey
, size_t subkeylen
);
985 shishi_authenticator_add_random_subkey (Shishi
* handle
,
986 Shishi_asn1 authenticator
);
988 shishi_authenticator_add_random_subkey_etype (Shishi
* handle
,
989 Shishi_asn1 authenticator
,
992 shishi_authenticator_add_subkey (Shishi
* handle
,
993 Shishi_asn1 authenticator
,
994 Shishi_key
* subkey
);
996 shishi_authenticator_clear_authorizationdata (Shishi
* handle
,
997 Shishi_asn1 authenticator
);
999 shishi_authenticator_add_authorizationdata (Shishi
* handle
,
1000 Shishi_asn1 authenticator
,
1005 shishi_authenticator_authorizationdata (Shishi
* handle
,
1006 Shishi_asn1 authenticator
,
1008 char **addata
, size_t * addatalen
,
1010 extern int shishi_authenticator_read (Shishi
* handle
, FILE * fh
,
1011 Shishi_asn1
* authenticator
);
1012 extern int shishi_authenticator_parse (Shishi
* handle
, FILE * fh
,
1013 Shishi_asn1
* authenticator
);
1014 extern int shishi_authenticator_from_file (Shishi
* handle
,
1015 Shishi_asn1
* authenticator
,
1017 const char *filename
);
1018 extern int shishi_authenticator_print (Shishi
* handle
, FILE * fh
,
1019 Shishi_asn1 authenticator
);
1020 extern int shishi_authenticator_to_file (Shishi
* handle
,
1021 Shishi_asn1 authenticator
,
1022 int filetype
, const char *filename
);
1023 extern int shishi_authenticator_save (Shishi
* handle
, FILE * fh
,
1024 Shishi_asn1 authenticator
);
1027 extern int shishi_as (Shishi
* handle
, Shishi_as
** as
);
1028 extern void shishi_as_done (Shishi_as
* as
);
1029 extern Shishi_asn1
shishi_as_req (Shishi_as
* as
);
1030 extern int shishi_as_req_build (Shishi_as
* as
);
1031 extern void shishi_as_req_set (Shishi_as
* as
, Shishi_asn1 asreq
);
1032 extern int shishi_as_req_der (Shishi_as
* as
, char **out
, size_t * outlen
);
1033 extern int shishi_as_req_der_set (Shishi_as
* as
, char *der
, size_t derlen
);
1034 extern Shishi_asn1
shishi_as_rep (Shishi_as
* as
);
1035 extern void shishi_as_rep_set (Shishi_as
* as
, Shishi_asn1 asrep
);
1036 extern int shishi_as_rep_build (Shishi_as
* as
, Shishi_key
* key
);
1037 extern int shishi_as_rep_der (Shishi_as
* as
, char **out
, size_t * outlen
);
1038 extern int shishi_as_rep_der_set (Shishi_as
* as
, char *der
, size_t derlen
);
1039 extern Shishi_asn1
shishi_as_encasreppart (Shishi_as
* as
);
1040 extern void shishi_as_encasreppart_set (Shishi_as
* as
,
1041 Shishi_asn1 encasreppart
);
1042 extern Shishi_asn1
shishi_as_krberror (Shishi_as
* as
);
1043 extern int shishi_as_krberror_der (Shishi_as
* as
, char **out
,
1045 extern void shishi_as_krberror_set (Shishi_as
* as
, Shishi_asn1 krberror
);
1046 extern Shishi_tkt
*shishi_as_tkt (Shishi_as
* as
);
1047 extern void shishi_as_tkt_set (Shishi_as
* as
, Shishi_tkt
* tkt
);
1048 extern int shishi_as_sendrecv (Shishi_as
* as
);
1049 extern int shishi_as_sendrecv_hint (Shishi_as
* as
, Shishi_tkts_hint
* hint
);
1050 extern int shishi_as_rep_process (Shishi_as
* as
,
1051 Shishi_key
* key
, const char *password
);
1054 extern int shishi_tgs (Shishi
* handle
, Shishi_tgs
** tgs
);
1055 extern void shishi_tgs_done (Shishi_tgs
* tgs
);
1056 extern Shishi_tkt
*shishi_tgs_tgtkt (Shishi_tgs
* tgs
);
1057 extern void shishi_tgs_tgtkt_set (Shishi_tgs
* tgs
, Shishi_tkt
* tgtkt
);
1058 extern Shishi_ap
*shishi_tgs_ap (Shishi_tgs
* tgs
);
1059 extern Shishi_asn1
shishi_tgs_req (Shishi_tgs
* tgs
);
1060 extern int shishi_tgs_req_der (Shishi_tgs
* tgs
, char **out
, size_t * outlen
);
1061 extern int shishi_tgs_req_der_set (Shishi_tgs
* tgs
, char *der
,
1063 extern void shishi_tgs_req_set (Shishi_tgs
* tgs
, Shishi_asn1 tgsreq
);
1064 extern int shishi_tgs_req_build (Shishi_tgs
* tgs
);
1065 extern int shishi_tgs_req_process (Shishi_tgs
* tgs
);
1066 extern Shishi_asn1
shishi_tgs_rep (Shishi_tgs
* tgs
);
1067 extern int shishi_tgs_rep_der (Shishi_tgs
* tgs
, char **out
, size_t * outlen
);
1068 extern int shishi_tgs_rep_build (Shishi_tgs
* tgs
, int keyusage
,
1070 extern int shishi_tgs_rep_process (Shishi_tgs
* tgs
);
1071 extern Shishi_asn1
shishi_tgs_krberror (Shishi_tgs
* tgs
);
1072 extern int shishi_tgs_krberror_der (Shishi_tgs
* tgs
, char **out
,
1074 extern void shishi_tgs_krberror_set (Shishi_tgs
* tgs
, Shishi_asn1 krberror
);
1075 extern Shishi_tkt
*shishi_tgs_tkt (Shishi_tgs
* tgs
);
1076 extern void shishi_tgs_tkt_set (Shishi_tgs
* tgs
, Shishi_tkt
* tkt
);
1077 extern int shishi_tgs_sendrecv (Shishi_tgs
* tgs
);
1078 extern int shishi_tgs_sendrecv_hint (Shishi_tgs
* tgs
,
1079 Shishi_tkts_hint
* hint
);
1080 extern int shishi_tgs_set_server (Shishi_tgs
* tgs
, const char *server
);
1081 extern int shishi_tgs_set_realm (Shishi_tgs
* tgs
, const char *realm
);
1082 extern int shishi_tgs_set_realmserver (Shishi_tgs
* tgs
,
1083 const char *realm
, const char *server
);
1086 extern int shishi_kdcreq (Shishi
* handle
, char *realm
,
1087 char *service
, Shishi_asn1
* req
);
1088 extern Shishi_asn1
shishi_asreq (Shishi
* handle
);
1089 extern Shishi_asn1
shishi_asreq_rsc (Shishi
* handle
, char *realm
,
1090 char *server
, char *client
);
1091 extern Shishi_asn1
shishi_tgsreq (Shishi
* handle
);
1092 extern Shishi_asn1
shishi_tgsreq_rst (Shishi
* handle
, char *realm
,
1093 char *server
, Shishi_tkt
* tkt
);
1094 extern int shishi_kdcreq_save (Shishi
* handle
, FILE * fh
,
1095 Shishi_asn1 kdcreq
);
1096 extern int shishi_kdcreq_print (Shishi
* handle
, FILE * fh
,
1097 Shishi_asn1 kdcreq
);
1098 extern int shishi_kdcreq_to_file (Shishi
* handle
, Shishi_asn1 kdcreq
,
1099 int filetype
, const char *filename
);
1100 extern int shishi_kdcreq_parse (Shishi
* handle
, FILE * fh
,
1101 Shishi_asn1
* kdcreq
);
1102 extern int shishi_kdcreq_read (Shishi
* handle
, FILE * fh
,
1103 Shishi_asn1
* kdcreq
);
1104 extern int shishi_kdcreq_from_file (Shishi
* handle
, Shishi_asn1
* kdcreq
,
1105 int filetype
, const char *filename
);
1106 extern int shishi_asreq_clientrealm (Shishi
* handle
,
1108 char **client
, size_t * clientlen
);
1109 extern int shishi_kdcreq_nonce (Shishi
* handle
, Shishi_asn1 kdcreq
,
1111 extern int shishi_kdcreq_nonce_set (Shishi
* handle
,
1112 Shishi_asn1 kdcreq
, uint32_t nonce
);
1113 extern int shishi_kdcreq_client (Shishi
* handle
, Shishi_asn1 kdcreq
,
1114 char **client
, size_t * clientlen
);
1115 extern int shishi_kdcreq_set_cname (Shishi
* handle
, Shishi_asn1 kdcreq
,
1116 Shishi_name_type name_type
,
1117 const char *principal
);
1118 extern int shishi_kdcreq_server (Shishi
* handle
, Shishi_asn1 kdcreq
,
1119 char **server
, size_t * serverlen
);
1120 extern int shishi_kdcreq_set_sname (Shishi
* handle
, Shishi_asn1 kdcreq
,
1121 Shishi_name_type name_type
,
1122 const char *sname
[]);
1123 extern int shishi_kdcreq_realm (Shishi
* handle
, Shishi_asn1 kdcreq
,
1124 char **realm
, size_t * realmlen
);
1125 extern int shishi_kdcreq_realm_get (Shishi
* handle
, Shishi_asn1 kdcreq
,
1126 char **realm
, size_t * realmlen
);
1127 extern int shishi_kdcreq_set_realm (Shishi
* handle
, Shishi_asn1 kdcreq
,
1129 extern int shishi_kdcreq_set_server (Shishi
* handle
, Shishi_asn1 req
,
1130 const char *service
);
1131 extern int shishi_kdcreq_set_realmserver (Shishi
* handle
, Shishi_asn1 req
,
1132 char *realm
, char *service
);
1133 extern int shishi_kdcreq_till (Shishi
* handle
, Shishi_asn1 kdcreq
,
1134 char **till
, size_t * tilllen
);
1135 extern time_t shishi_kdcreq_tillc (Shishi
* handle
, Shishi_asn1 kdcreq
);
1136 extern int shishi_kdcreq_etype (Shishi
* handle
, Shishi_asn1 kdcreq
,
1137 int32_t * etype
, int netype
);
1138 extern int shishi_kdcreq_set_etype (Shishi
* handle
, Shishi_asn1 kdcreq
,
1139 int32_t * etype
, int netype
);
1140 extern int shishi_kdcreq_options (Shishi
* handle
, Shishi_asn1 kdcreq
,
1142 extern int shishi_kdcreq_forwardable_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1143 extern int shishi_kdcreq_forwarded_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1144 extern int shishi_kdcreq_proxiable_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1145 extern int shishi_kdcreq_proxy_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1146 extern int shishi_kdcreq_allow_postdate_p (Shishi
* handle
,
1147 Shishi_asn1 kdcreq
);
1148 extern int shishi_kdcreq_postdated_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1149 extern int shishi_kdcreq_renewable_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1150 extern int shishi_kdcreq_disable_transited_check_p (Shishi
* handle
,
1151 Shishi_asn1 kdcreq
);
1152 extern int shishi_kdcreq_renewable_ok_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1153 extern int shishi_kdcreq_enc_tkt_in_skey_p (Shishi
* handle
,
1154 Shishi_asn1 kdcreq
);
1155 extern int shishi_kdcreq_renew_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1156 extern int shishi_kdcreq_validate_p (Shishi
* handle
, Shishi_asn1 kdcreq
);
1157 extern int shishi_kdcreq_options_set (Shishi
* handle
, Shishi_asn1 kdcreq
,
1159 extern int shishi_kdcreq_options_add (Shishi
* handle
, Shishi_asn1 kdcreq
,
1161 extern int shishi_kdcreq_clear_padata (Shishi
* handle
, Shishi_asn1 kdcreq
);
1162 extern int shishi_kdcreq_get_padata (Shishi
* handle
,
1164 Shishi_padata_type padatatype
,
1165 char **out
, size_t * outlen
);
1166 extern int shishi_kdcreq_get_padata_tgs (Shishi
* handle
,
1168 Shishi_asn1
* apreq
);
1169 extern int shishi_kdcreq_add_padata (Shishi
* handle
,
1172 const char *data
, size_t datalen
);
1173 extern int shishi_kdcreq_add_padata_tgs (Shishi
* handle
,
1176 extern int shishi_kdcreq_add_padata_preauth (Shishi
* handle
,
1179 extern int shishi_kdcreq_build (Shishi
* handle
, Shishi_asn1 kdcreq
);
1182 extern int shishi_as_derive_salt (Shishi
* handle
,
1185 char **salt
, size_t * saltlen
);
1186 extern int shishi_tgs_process (Shishi
* handle
,
1189 Shishi_asn1 authenticator
,
1190 Shishi_asn1 oldenckdcreppart
,
1191 Shishi_asn1
* enckdcreppart
);
1192 extern int shishi_as_process (Shishi
* handle
, Shishi_asn1 asreq
,
1195 Shishi_asn1
* enckdcreppart
);
1196 extern int shishi_kdc_process (Shishi
* handle
, Shishi_asn1 kdcreq
,
1197 Shishi_asn1 kdcrep
, Shishi_key
* key
,
1198 int keyusage
, Shishi_asn1
* enckdcreppart
);
1199 extern int shishi_kdcreq_sendrecv (Shishi
* handle
, Shishi_asn1 kdcreq
,
1200 Shishi_asn1
* kdcrep
);
1201 extern int shishi_kdcreq_sendrecv_hint (Shishi
* handle
,
1203 Shishi_asn1
* kdcrep
,
1204 Shishi_tkts_hint
* hint
);
1205 extern int shishi_kdc_copy_crealm (Shishi
* handle
, Shishi_asn1 kdcrep
,
1206 Shishi_asn1 encticketpart
);
1207 extern int shishi_as_check_crealm (Shishi
* handle
, Shishi_asn1 asreq
,
1209 extern int shishi_kdc_copy_cname (Shishi
* handle
, Shishi_asn1 kdcrep
,
1210 Shishi_asn1 encticketpart
);
1211 extern int shishi_as_check_cname (Shishi
* handle
, Shishi_asn1 asreq
,
1213 extern int shishi_kdc_copy_nonce (Shishi
* handle
, Shishi_asn1 kdcreq
,
1214 Shishi_asn1 enckdcreppart
);
1215 extern int shishi_kdc_check_nonce (Shishi
* handle
, Shishi_asn1 kdcreq
,
1216 Shishi_asn1 enckdcreppart
);
1219 extern Shishi_asn1
shishi_asrep (Shishi
* handle
);
1220 extern Shishi_asn1
shishi_tgsrep (Shishi
* handle
);
1221 extern int shishi_kdcrep_save (Shishi
* handle
, FILE * fh
,
1222 Shishi_asn1 kdcrep
);
1223 extern int shishi_kdcrep_print (Shishi
* handle
, FILE * fh
,
1224 Shishi_asn1 kdcrep
);
1225 extern int shishi_kdcrep_to_file (Shishi
* handle
, Shishi_asn1 kdcrep
,
1226 int filetype
, const char *filename
);
1227 extern int shishi_kdcrep_parse (Shishi
* handle
, FILE * fh
,
1228 Shishi_asn1
* kdcrep
);
1229 extern int shishi_kdcrep_read (Shishi
* handle
, FILE * fh
,
1230 Shishi_asn1
* kdcrep
);
1231 extern int shishi_kdcrep_from_file (Shishi
* handle
, Shishi_asn1
* kdcrep
,
1232 int filetype
, const char *filename
);
1233 extern int shishi_kdcrep_clear_padata (Shishi
* handle
, Shishi_asn1 kdcrep
);
1234 extern int shishi_kdcrep_get_enc_part_etype (Shishi
* handle
,
1237 extern int shishi_kdcrep_add_enc_part (Shishi
* handle
,
1241 Shishi_asn1 enckdcreppart
);
1242 extern int shishi_kdcrep_get_ticket (Shishi
* handle
,
1244 Shishi_asn1
* ticket
);
1245 extern int shishi_kdcrep_set_ticket (Shishi
* handle
, Shishi_asn1 kdcrep
,
1246 Shishi_asn1 ticket
);
1247 extern int shishi_kdcrep_crealm_set (Shishi
* handle
,
1248 Shishi_asn1 kdcrep
, const char *crealm
);
1249 extern int shishi_kdcrep_cname_set (Shishi
* handle
,
1251 Shishi_name_type name_type
,
1252 const char *cname
[]);
1253 extern int shishi_kdcrep_client_set (Shishi
* handle
, Shishi_asn1 kdcrep
,
1254 const char *client
);
1255 extern int shishi_kdcrep_crealmserver_set (Shishi
* handle
,
1258 const char *client
);
1259 extern int shishi_kdcrep_set_enc_part (Shishi
* handle
, Shishi_asn1 kdcrep
,
1260 int32_t etype
, uint32_t kvno
,
1261 const char *buf
, size_t buflen
);
1262 extern int shishi_kdcrep_decrypt (Shishi
* handle
,
1265 int keyusage
, Shishi_asn1
* enckdcreppart
);
1267 /* enckdcreppart.c */
1268 extern Shishi_asn1
shishi_enckdcreppart (Shishi
* handle
);
1269 extern Shishi_asn1
shishi_encasreppart (Shishi
* handle
);
1270 extern int shishi_enckdcreppart_get_key (Shishi
* handle
,
1271 Shishi_asn1 enckdcreppart
,
1273 extern int shishi_enckdcreppart_key_set (Shishi
* handle
,
1274 Shishi_asn1 enckdcreppart
,
1276 extern int shishi_enckdcreppart_nonce_set (Shishi
* handle
,
1277 Shishi_asn1 enckdcreppart
,
1279 extern int shishi_enckdcreppart_flags_set (Shishi
* handle
,
1280 Shishi_asn1 enckdcreppart
,
1282 extern int shishi_enckdcreppart_authtime_set (Shishi
* handle
,
1283 Shishi_asn1 enckdcreppart
,
1284 const char *authtime
);
1285 extern int shishi_enckdcreppart_starttime_set (Shishi
* handle
,
1286 Shishi_asn1 enckdcreppart
,
1287 const char *starttime
);
1288 extern int shishi_enckdcreppart_endtime_set (Shishi
* handle
,
1289 Shishi_asn1 enckdcreppart
,
1290 const char *endtime
);
1291 extern int shishi_enckdcreppart_renew_till_set (Shishi
* handle
,
1292 Shishi_asn1 enckdcreppart
,
1293 const char *renew_till
);
1294 extern int shishi_enckdcreppart_srealm_set (Shishi
* handle
,
1295 Shishi_asn1 enckdcreppart
,
1296 const char *srealm
);
1297 extern int shishi_enckdcreppart_sname_set (Shishi
* handle
,
1298 Shishi_asn1 enckdcreppart
,
1299 Shishi_name_type name_type
,
1301 extern int shishi_enckdcreppart_server_set (Shishi
* handle
,
1302 Shishi_asn1 enckdcreppart
,
1303 const char *server
);
1304 extern int shishi_enckdcreppart_srealmserver_set (Shishi
* handle
,
1305 Shishi_asn1 enckdcreppart
,
1307 const char *server
);
1309 shishi_enckdcreppart_populate_encticketpart (Shishi
* handle
,
1310 Shishi_asn1 enckdcreppart
,
1311 Shishi_asn1 encticketpart
);
1314 extern Shishi_asn1
shishi_krberror (Shishi
* handle
);
1315 extern int shishi_krberror_print (Shishi
* handle
, FILE * fh
,
1316 Shishi_asn1 krberror
);
1317 extern int shishi_krberror_save (Shishi
* handle
, FILE * fh
,
1318 Shishi_asn1 krberror
);
1319 extern int shishi_krberror_to_file (Shishi
* handle
, Shishi_asn1 krberror
,
1320 int filetype
, const char *filename
);
1321 extern int shishi_krberror_parse (Shishi
* handle
, FILE * fh
,
1322 Shishi_asn1
* krberror
);
1323 extern int shishi_krberror_read (Shishi
* handle
, FILE * fh
,
1324 Shishi_asn1
* krberror
);
1325 extern int shishi_krberror_from_file (Shishi
* handle
, Shishi_asn1
* krberror
,
1326 int filetype
, const char *filename
);
1327 extern int shishi_krberror_build (Shishi
* handle
, Shishi_asn1 krberror
);
1328 extern int shishi_krberror_der (Shishi
* handle
,
1329 Shishi_asn1 krberror
,
1330 char **out
, size_t * outlen
);
1331 extern int shishi_krberror_crealm (Shishi
* handle
,
1332 Shishi_asn1 krberror
,
1333 char **realm
, size_t * realmlen
);
1334 extern int shishi_krberror_remove_crealm (Shishi
* handle
,
1335 Shishi_asn1 krberror
);
1336 extern int shishi_krberror_set_crealm (Shishi
* handle
,
1337 Shishi_asn1 krberror
,
1338 const char *crealm
);
1339 extern int shishi_krberror_client (Shishi
* handle
,
1340 Shishi_asn1 krberror
,
1341 char **client
, size_t * clientlen
);
1342 extern int shishi_krberror_set_cname (Shishi
* handle
,
1343 Shishi_asn1 krberror
,
1344 Shishi_name_type name_type
,
1345 const char *cname
[]);
1346 extern int shishi_krberror_remove_cname (Shishi
* handle
,
1347 Shishi_asn1 krberror
);
1348 extern int shishi_krberror_client_set (Shishi
* handle
,
1349 Shishi_asn1 krberror
,
1350 const char *client
);
1351 extern int shishi_krberror_realm (Shishi
* handle
,
1352 Shishi_asn1 krberror
,
1353 char **realm
, size_t * realmlen
);
1354 extern int shishi_krberror_set_realm (Shishi
* handle
,
1355 Shishi_asn1 krberror
,
1357 extern int shishi_krberror_server (Shishi
* handle
,
1358 Shishi_asn1 krberror
,
1359 char **server
, size_t *serverlen
);
1360 extern int shishi_krberror_remove_sname (Shishi
* handle
,
1361 Shishi_asn1 krberror
);
1362 extern int shishi_krberror_set_sname (Shishi
* handle
,
1363 Shishi_asn1 krberror
,
1364 Shishi_name_type name_type
,
1365 const char *sname
[]);
1366 extern int shishi_krberror_server_set (Shishi
* handle
,
1367 Shishi_asn1 krberror
,
1368 const char *server
);
1369 extern int shishi_krberror_ctime (Shishi
* handle
,
1370 Shishi_asn1 krberror
, char **t
);
1371 extern int shishi_krberror_ctime_set (Shishi
* handle
,
1372 Shishi_asn1 krberror
, const char *t
);
1373 extern int shishi_krberror_remove_ctime (Shishi
* handle
,
1374 Shishi_asn1 krberror
);
1375 extern int shishi_krberror_cusec (Shishi
* handle
, Shishi_asn1 krberror
,
1377 extern int shishi_krberror_cusec_set (Shishi
* handle
, Shishi_asn1 krberror
,
1379 extern int shishi_krberror_remove_cusec (Shishi
* handle
,
1380 Shishi_asn1 krberror
);
1381 extern int shishi_krberror_stime (Shishi
* handle
, Shishi_asn1 krberror
,
1383 extern int shishi_krberror_stime_set (Shishi
* handle
, Shishi_asn1 krberror
,
1385 extern int shishi_krberror_susec (Shishi
* handle
, Shishi_asn1 krberror
,
1387 extern int shishi_krberror_susec_set (Shishi
* handle
, Shishi_asn1 krberror
,
1389 extern int shishi_krberror_errorcode_set (Shishi
* handle
,
1390 Shishi_asn1 krberror
,
1392 extern int shishi_krberror_etext (Shishi
* handle
, Shishi_asn1 krberror
,
1393 char **etext
, size_t * etextlen
);
1394 extern int shishi_krberror_set_etext (Shishi
* handle
, Shishi_asn1 krberror
,
1396 extern int shishi_krberror_remove_etext (Shishi
* handle
,
1397 Shishi_asn1 krberror
);
1398 extern int shishi_krberror_edata (Shishi
* handle
, Shishi_asn1 krberror
,
1399 char **edata
, size_t * edatalen
);
1400 extern int shishi_krberror_set_edata (Shishi
* handle
, Shishi_asn1 krberror
,
1402 extern int shishi_krberror_remove_edata (Shishi
* handle
,
1403 Shishi_asn1 krberror
);
1404 extern int shishi_krberror_errorcode (Shishi
* handle
, Shishi_asn1 krberror
,
1406 extern int shishi_krberror_errorcode_fast (Shishi
* handle
,
1407 Shishi_asn1 krberror
);
1408 extern int shishi_krberror_pretty_print (Shishi
* handle
, FILE * fh
,
1409 Shishi_asn1 krberror
);
1410 extern const char *shishi_krberror_errorcode_message (Shishi
* handle
,
1412 extern const char *shishi_krberror_message (Shishi
* handle
,
1413 Shishi_asn1 krberror
);
1414 extern int shishi_krberror_methoddata (Shishi
* handle
,
1415 Shishi_asn1 krberror
,
1416 Shishi_asn1
*methoddata
);
1419 extern const char *shishi_generalize_time (Shishi
* handle
, time_t t
);
1420 extern const char *shishi_generalize_now (Shishi
* handle
);
1421 extern time_t shishi_generalize_ctime (Shishi
* handle
, const char *t
);
1422 extern int shishi_time (Shishi
* handle
, Shishi_asn1 node
,
1423 const char *field
, char **t
);
1424 extern int shishi_ctime (Shishi
* handle
, Shishi_asn1 node
,
1425 const char *field
, time_t *t
);
1427 /* nettle.c, libgcrypt.c, ... */
1428 extern int shishi_randomize (Shishi
* handle
, int strong
,
1429 void *data
, size_t datalen
);
1430 extern int shishi_crc (Shishi
* handle
, const char *in
, size_t inlen
,
1432 extern int shishi_md4 (Shishi
* handle
, const char *in
, size_t inlen
,
1434 extern int shishi_md5 (Shishi
* handle
, const char *in
, size_t inlen
,
1436 extern int shishi_hmac_md5 (Shishi
* handle
, const char *key
, size_t keylen
,
1437 const char *in
, size_t inlen
, char *outhash
[16]);
1438 extern int shishi_hmac_sha1 (Shishi
* handle
, const char *key
, size_t keylen
,
1439 const char *in
, size_t inlen
, char *outhash
[20]);
1440 extern int shishi_des_cbc_mac (Shishi
* handle
, const char key
[8],
1441 const char iv
[8], const char *in
, size_t inlen
,
1443 extern int shishi_arcfour (Shishi
* handle
, int decryptp
,
1444 const char *key
, size_t keylen
,
1445 const char iv
[258], char *ivout
[258],
1446 const char *in
, size_t inlen
, char **out
);
1447 extern int shishi_des (Shishi
* handle
, int decryptp
, const char key
[8],
1448 const char iv
[8], char *ivout
[8],
1449 const char *in
, size_t inlen
, char **out
);
1450 extern int shishi_3des (Shishi
* handle
, int decryptp
, const char key
[24],
1451 const char iv
[8], char *ivout
[8],
1452 const char *in
, size_t inlen
, char **out
);
1453 extern int shishi_aes_cts (Shishi
* handle
, int decryptp
,
1454 const char *key
, size_t keylen
,
1455 const char iv
[16], char *ivout
[16],
1456 const char *in
, size_t inlen
, char **out
);
1459 extern int shishi_cipher_supported_p (int type
);
1460 extern const char *shishi_cipher_name (int type
);
1461 extern int shishi_cipher_blocksize (int type
);
1462 extern int shishi_cipher_confoundersize (int type
);
1463 extern size_t shishi_cipher_keylen (int type
);
1464 extern size_t shishi_cipher_randomlen (int type
);
1465 extern int shishi_cipher_defaultcksumtype (int32_t type
);
1466 extern int shishi_cipher_parse (const char *cipher
);
1467 extern int shishi_checksum_supported_p (int32_t type
);
1468 extern const char *shishi_checksum_name (int32_t type
);
1469 extern size_t shishi_checksum_cksumlen (int32_t type
);
1470 extern int shishi_checksum_parse (const char *checksum
);
1471 extern int shishi_string_to_key (Shishi
* handle
,
1473 const char *password
, size_t passwordlen
,
1474 const char *salt
, size_t saltlen
,
1475 const char *parameter
, Shishi_key
* outkey
);
1476 extern int shishi_random_to_key (Shishi
* handle
,
1479 size_t rndlen
, Shishi_key
* outkey
);
1480 extern int shishi_encrypt_ivupdate_etype (Shishi
* handle
,
1484 const char *iv
, size_t ivlen
,
1485 char **ivout
, size_t * ivoutlen
,
1486 const char *in
, size_t inlen
,
1487 char **out
, size_t * outlen
);
1488 extern int shishi_encrypt_iv_etype (Shishi
* handle
,
1492 const char *iv
, size_t ivlen
,
1493 const char *in
, size_t inlen
,
1494 char **out
, size_t * outlen
);
1495 extern int shishi_encrypt_etype (Shishi
* handle
,
1499 const char *in
, size_t inlen
,
1500 char **out
, size_t * outlen
);
1501 extern int shishi_encrypt_ivupdate (Shishi
* handle
,
1504 const char *iv
, size_t ivlen
,
1505 char **ivout
, size_t * ivoutlen
,
1506 const char *in
, size_t inlen
,
1507 char **out
, size_t * outlen
);
1508 extern int shishi_encrypt_iv (Shishi
* handle
,
1511 const char *iv
, size_t ivlen
,
1512 const char *in
, size_t inlen
,
1513 char **out
, size_t * outlen
);
1514 extern int shishi_encrypt (Shishi
* handle
,
1517 char *in
, size_t inlen
,
1518 char **out
, size_t * outlen
);
1519 extern int shishi_decrypt_ivupdate_etype (Shishi
* handle
,
1523 const char *iv
, size_t ivlen
,
1524 char **ivout
, size_t * ivoutlen
,
1525 const char *in
, size_t inlen
,
1526 char **out
, size_t * outlen
);
1527 extern int shishi_decrypt_iv_etype (Shishi
* handle
,
1531 const char *iv
, size_t ivlen
,
1532 const char *in
, size_t inlen
,
1533 char **out
, size_t * outlen
);
1534 extern int shishi_decrypt_etype (Shishi
* handle
,
1538 const char *in
, size_t inlen
,
1539 char **out
, size_t * outlen
);
1540 extern int shishi_decrypt_ivupdate (Shishi
* handle
,
1543 const char *iv
, size_t ivlen
,
1544 char **ivout
, size_t * ivoutlen
,
1545 const char *in
, size_t inlen
,
1546 char **out
, size_t * outlen
);
1547 extern int shishi_decrypt_iv (Shishi
* handle
,
1550 const char *iv
, size_t ivlen
,
1551 const char *in
, size_t inlen
,
1552 char **out
, size_t * outlen
);
1553 extern int shishi_decrypt (Shishi
* handle
,
1556 const char *in
, size_t inlen
,
1557 char **out
, size_t * outlen
);
1558 extern int shishi_checksum (Shishi
* handle
,
1562 const char *in
, size_t inlen
,
1563 char **out
, size_t * outlen
);
1564 extern int shishi_verify (Shishi
* handle
,
1568 const char *in
, size_t inlen
,
1569 const char *cksum
, size_t cksumlen
);
1570 extern int shishi_dk (Shishi
* handle
,
1572 const char *prfconstant
, size_t prfconstantlen
,
1573 Shishi_key
* derivedkey
);
1574 extern int shishi_dr (Shishi
* handle
,
1576 const char *prfconstant
, size_t prfconstantlen
,
1577 char *derivedrandom
, size_t derivedrandomlen
);
1578 extern int shishi_n_fold (Shishi
* handle
, const char *in
, size_t inlen
,
1579 char *out
, size_t outlen
);
1580 extern int shishi_pbkdf2_sha1 (Shishi
* handle
,
1581 const char *P
, size_t Plen
,
1582 const char *S
, size_t Slen
,
1583 unsigned int c
, unsigned int dkLen
, char *DK
);
1586 extern Shishi_crypto
*shishi_crypto (Shishi
* handle
,
1587 Shishi_key
* key
, int keyusage
,
1589 const char *iv
, size_t ivlen
);
1590 extern void shishi_crypto_close (Shishi_crypto
* ctx
);
1591 extern int shishi_crypto_encrypt (Shishi_crypto
* ctx
,
1592 const char *in
, size_t inlen
,
1593 char **out
, size_t * outlen
);
1594 extern int shishi_crypto_decrypt (Shishi_crypto
* ctx
,
1595 const char *in
, size_t inlen
,
1596 char **out
, size_t * outlen
);
1599 extern const char *shishi_check_version (const char *req_version
);
1603 shishi_prompt_password (Shishi
* handle
, char **s
, const char *format
, ...);
1606 extern int shishi_asn1_number_of_elements (Shishi
* handle
,
1608 const char *field
, size_t * n
);
1609 extern int shishi_asn1_empty_p (Shishi
* handle
, Shishi_asn1 node
,
1612 extern int shishi_asn1_read (Shishi
* handle
, Shishi_asn1 node
,
1614 char **data
, size_t * datalen
);
1615 extern int shishi_asn1_read_inline (Shishi
* handle
, Shishi_asn1 node
,
1617 char *data
, size_t * datalen
);
1618 extern int shishi_asn1_read_integer (Shishi
* handle
, Shishi_asn1 node
,
1619 const char *field
, int *i
);
1620 extern int shishi_asn1_read_int32 (Shishi
* handle
, Shishi_asn1 node
,
1621 const char *field
, int32_t * i
);
1622 extern int shishi_asn1_read_uint32 (Shishi
* handle
, Shishi_asn1 node
,
1623 const char *field
, uint32_t * i
);
1624 extern int shishi_asn1_read_bitstring (Shishi
* handle
, Shishi_asn1 node
,
1625 const char *field
, uint32_t * flags
);
1626 extern int shishi_asn1_read_optional (Shishi
* handle
,
1627 Shishi_asn1 node
, const char *field
,
1628 char **data
, size_t * datalen
);
1630 extern int shishi_asn1_write (Shishi
* handle
, Shishi_asn1 node
,
1632 const char *data
, size_t datalen
);
1633 extern int shishi_asn1_write_integer (Shishi
* handle
, Shishi_asn1 node
,
1634 const char *field
, int n
);
1635 extern int shishi_asn1_write_int32 (Shishi
* handle
, Shishi_asn1 node
,
1636 const char *field
, int32_t n
);
1637 extern int shishi_asn1_write_uint32 (Shishi
* handle
, Shishi_asn1 node
,
1638 const char *field
, uint32_t n
);
1639 extern int shishi_asn1_write_bitstring (Shishi
* handle
, Shishi_asn1 node
,
1640 const char *field
, uint32_t flags
);
1642 extern void shishi_asn1_done (Shishi
* handle
, Shishi_asn1 node
);
1644 extern Shishi_asn1
shishi_asn1_pa_enc_ts_enc (Shishi
* handle
);
1645 extern Shishi_asn1
shishi_asn1_encrypteddata (Shishi
* handle
);
1646 extern Shishi_asn1
shishi_asn1_padata (Shishi
* handle
);
1647 extern Shishi_asn1
shishi_asn1_methoddata (Shishi
* handle
);
1648 extern Shishi_asn1
shishi_asn1_etype_info (Shishi
* handle
);
1649 extern Shishi_asn1
shishi_asn1_etype_info2 (Shishi
* handle
);
1650 extern Shishi_asn1
shishi_asn1_asreq (Shishi
* handle
);
1651 extern Shishi_asn1
shishi_asn1_asrep (Shishi
* handle
);
1652 extern Shishi_asn1
shishi_asn1_tgsreq (Shishi
* handle
);
1653 extern Shishi_asn1
shishi_asn1_tgsrep (Shishi
* handle
);
1654 extern Shishi_asn1
shishi_asn1_apreq (Shishi
* handle
);
1655 extern Shishi_asn1
shishi_asn1_aprep (Shishi
* handle
);
1656 extern Shishi_asn1
shishi_asn1_ticket (Shishi
* handle
);
1657 extern Shishi_asn1
shishi_asn1_encapreppart (Shishi
* handle
);
1658 extern Shishi_asn1
shishi_asn1_encticketpart (Shishi
* handle
);
1659 extern Shishi_asn1
shishi_asn1_authenticator (Shishi
* handle
);
1660 extern Shishi_asn1
shishi_asn1_enckdcreppart (Shishi
* handle
);
1661 extern Shishi_asn1
shishi_asn1_encasreppart (Shishi
* handle
);
1662 extern Shishi_asn1
shishi_asn1_krberror (Shishi
* handle
);
1663 extern Shishi_asn1
shishi_asn1_krbsafe (Shishi
* handle
);
1664 extern Shishi_asn1
shishi_asn1_priv (Shishi
* handle
);
1665 extern Shishi_asn1
shishi_asn1_encprivpart (Shishi
* handle
);
1667 extern int shishi_asn1_to_der (Shishi
* handle
, Shishi_asn1 node
,
1668 char **der
, size_t * len
);
1669 extern int shishi_asn1_to_der_field (Shishi
* handle
, Shishi_asn1 node
,
1670 const char *field
, char **der
, size_t * len
);
1672 extern Shishi_msgtype
shishi_asn1_msgtype (Shishi
* handle
, Shishi_asn1 node
);
1673 extern Shishi_msgtype
shishi_der_msgtype (Shishi
* handle
,
1674 const char *der
, size_t derlen
);
1676 extern Shishi_asn1
shishi_der2asn1 (Shishi
* handle
,
1677 const char *der
, size_t derlen
);
1678 extern Shishi_asn1
shishi_der2asn1_padata (Shishi
* handle
,
1679 const char *der
, size_t derlen
);
1680 extern Shishi_asn1
shishi_der2asn1_methoddata (Shishi
* handle
,
1681 const char *der
, size_t derlen
);
1682 extern Shishi_asn1
shishi_der2asn1_etype_info (Shishi
* handle
,
1685 extern Shishi_asn1
shishi_der2asn1_etype_info2 (Shishi
* handle
,
1688 extern Shishi_asn1
shishi_der2asn1_ticket (Shishi
* handle
,
1689 const char *der
, size_t derlen
);
1690 extern Shishi_asn1
shishi_der2asn1_encticketpart (Shishi
* handle
,
1693 extern Shishi_asn1
shishi_der2asn1_asreq (Shishi
* handle
,
1694 const char *der
, size_t derlen
);
1695 extern Shishi_asn1
shishi_der2asn1_tgsreq (Shishi
* handle
,
1696 const char *der
, size_t derlen
);
1697 extern Shishi_asn1
shishi_der2asn1_asrep (Shishi
* handle
,
1698 const char *der
, size_t derlen
);
1699 extern Shishi_asn1
shishi_der2asn1_tgsrep (Shishi
* handle
,
1700 const char *der
, size_t derlen
);
1701 extern Shishi_asn1
shishi_der2asn1_kdcrep (Shishi
* handle
,
1702 const char *der
, size_t derlen
);
1703 extern Shishi_asn1
shishi_der2asn1_kdcreq (Shishi
* handle
,
1704 const char *der
, size_t derlen
);
1705 extern Shishi_asn1
shishi_der2asn1_apreq (Shishi
* handle
,
1706 const char *der
, size_t derlen
);
1707 extern Shishi_asn1
shishi_der2asn1_aprep (Shishi
* handle
,
1708 const char *der
, size_t derlen
);
1709 extern Shishi_asn1
shishi_der2asn1_authenticator (Shishi
* handle
,
1712 extern Shishi_asn1
shishi_der2asn1_krberror (Shishi
* handle
,
1713 const char *der
, size_t derlen
);
1714 extern Shishi_asn1
shishi_der2asn1_krbsafe (Shishi
* handle
,
1715 const char *der
, size_t derlen
);
1716 extern Shishi_asn1
shishi_der2asn1_priv (Shishi
* handle
,
1717 const char *der
, size_t derlen
);
1718 extern Shishi_asn1
shishi_der2asn1_encasreppart (Shishi
* handle
,
1721 extern Shishi_asn1
shishi_der2asn1_enctgsreppart (Shishi
* handle
,
1724 extern Shishi_asn1
shishi_der2asn1_enckdcreppart (Shishi
* handle
,
1727 extern Shishi_asn1
shishi_der2asn1_encapreppart (Shishi
* handle
,
1730 extern Shishi_asn1
shishi_der2asn1_encprivpart (Shishi
* handle
,
1735 extern int shishi_ap (Shishi
* handle
, Shishi_ap
** ap
);
1736 extern int shishi_ap_etype (Shishi
* handle
, Shishi_ap
** ap
, int etype
);
1737 extern int shishi_ap_nosubkey (Shishi
* handle
, Shishi_ap
** ap
);
1738 extern void shishi_ap_done (Shishi_ap
* ap
);
1739 extern int shishi_ap_set_tktoptions (Shishi_ap
* ap
,
1740 Shishi_tkt
* tkt
, int options
);
1741 extern int shishi_ap_tktoptions (Shishi
* handle
,
1743 Shishi_tkt
* tkt
, int options
);
1744 extern int shishi_ap_etype_tktoptionsdata (Shishi
* handle
,
1747 Shishi_tkt
* tkt
, int options
,
1748 const char *data
, size_t len
);
1749 extern int shishi_ap_set_tktoptionsdata (Shishi_ap
* ap
,
1752 const char *data
, size_t len
);
1753 extern int shishi_ap_tktoptionsdata (Shishi
* handle
,
1757 const char *data
, size_t len
);
1758 extern int shishi_ap_set_tktoptionsraw (Shishi_ap
* ap
,
1762 const char *data
, size_t len
);
1763 extern int shishi_ap_tktoptionsraw (Shishi
* handle
,
1765 Shishi_tkt
* tkt
, int options
,
1767 const char *data
, size_t len
);
1768 extern int shishi_ap_set_tktoptionsasn1usage (Shishi_ap
* ap
,
1773 int authenticatorcksumkeyusage
,
1774 int authenticatorkeyusage
);
1775 extern int shishi_ap_tktoptionsasn1usage (Shishi
* handle
,
1781 int authenticatorcksumkeyusage
,
1782 int authenticatorkeyusage
);
1784 extern Shishi_tkt
*shishi_ap_tkt (Shishi_ap
* ap
);
1785 extern void shishi_ap_tkt_set (Shishi_ap
* ap
, Shishi_tkt
* tkt
);
1787 extern int shishi_ap_authenticator_cksumdata (Shishi_ap
* ap
,
1788 char *out
, size_t * len
);
1790 shishi_ap_authenticator_cksumdata_set (Shishi_ap
* ap
,
1791 const char *authenticatorcksumdata
,
1792 size_t authenticatorcksumdatalen
);
1794 shishi_ap_authenticator_cksumraw_set (Shishi_ap
* ap
,
1795 int32_t authenticatorcksumtype
,
1796 const char *authenticatorcksumraw
,
1797 size_t authenticatorcksumrawlen
);
1798 extern int32_t shishi_ap_authenticator_cksumtype (Shishi_ap
* ap
);
1799 extern void shishi_ap_authenticator_cksumtype_set (Shishi_ap
* ap
,
1802 extern Shishi_asn1
shishi_ap_authenticator (Shishi_ap
* ap
);
1803 extern void shishi_ap_authenticator_set (Shishi_ap
* ap
,
1804 Shishi_asn1 authenticator
);
1806 extern Shishi_asn1
shishi_ap_req (Shishi_ap
* ap
);
1807 extern void shishi_ap_req_set (Shishi_ap
* ap
, Shishi_asn1 apreq
);
1808 extern int shishi_ap_req_der (Shishi_ap
* ap
, char **out
, size_t * outlen
);
1809 extern int shishi_ap_req_der_set (Shishi_ap
* ap
, char *der
, size_t derlen
);
1810 extern int shishi_ap_req_build (Shishi_ap
* ap
);
1811 extern int shishi_ap_req_asn1 (Shishi_ap
* ap
, Shishi_asn1
* apreq
);
1812 extern Shishi_key
*shishi_ap_key (Shishi_ap
* ap
);
1813 extern int shishi_ap_req_decode (Shishi_ap
* ap
);
1814 extern int shishi_ap_req_process (Shishi_ap
* ap
, Shishi_key
* key
);
1815 extern int shishi_ap_req_process_keyusage (Shishi_ap
* ap
,
1819 extern Shishi_asn1
shishi_ap_rep (Shishi_ap
* ap
);
1820 extern void shishi_ap_rep_set (Shishi_ap
* ap
, Shishi_asn1 aprep
);
1821 extern int shishi_ap_rep_der (Shishi_ap
* ap
, char **out
, size_t * outlen
);
1822 extern int shishi_ap_rep_der_set (Shishi_ap
* ap
, char *der
, size_t derlen
);
1823 extern int shishi_ap_rep_verify (Shishi_ap
* ap
);
1824 extern int shishi_ap_rep_verify_der (Shishi_ap
* ap
, char *der
,
1826 extern int shishi_ap_rep_verify_asn1 (Shishi_ap
* ap
, Shishi_asn1 aprep
);
1827 extern int shishi_ap_rep_asn1 (Shishi_ap
* ap
, Shishi_asn1
* aprep
);
1828 extern int shishi_ap_rep_build (Shishi_ap
* ap
);
1830 extern Shishi_asn1
shishi_ap_encapreppart (Shishi_ap
* ap
);
1831 extern void shishi_ap_encapreppart_set (Shishi_ap
* ap
,
1832 Shishi_asn1 encapreppart
);
1834 extern const char *shishi_ap_option2string (Shishi_apoptions option
);
1835 extern Shishi_apoptions
shishi_ap_string2option (const char *str
);
1838 extern const char *shishi_key_principal (Shishi_key
* key
);
1839 extern void shishi_key_principal_set (Shishi_key
* key
,
1840 const char *principal
);
1841 extern const char *shishi_key_realm (Shishi_key
* key
);
1842 extern void shishi_key_realm_set (Shishi_key
* key
, const char *realm
);
1843 extern int shishi_key_type (Shishi_key
* key
);
1844 extern void shishi_key_type_set (Shishi_key
* key
, int32_t type
);
1845 extern char *shishi_key_value (Shishi_key
* key
);
1846 extern void shishi_key_value_set (Shishi_key
* key
, const char *value
);
1847 extern const char *shishi_key_name (Shishi_key
* key
);
1848 extern size_t shishi_key_length (Shishi_key
* key
);
1849 extern uint32_t shishi_key_version (Shishi_key
* key
);
1850 extern void shishi_key_version_set (Shishi_key
* key
, uint32_t kvno
);
1851 extern int shishi_key (Shishi
* handle
, Shishi_key
** key
);
1852 extern void shishi_key_done (Shishi_key
* key
);
1853 extern void shishi_key_copy (Shishi_key
* dstkey
, Shishi_key
* srckey
);
1854 extern int shishi_key_print (Shishi
* handle
, FILE * fh
,
1855 const Shishi_key
* key
);
1856 extern int shishi_key_to_file (Shishi
* handle
,
1857 const char *filename
, Shishi_key
* key
);
1858 extern int shishi_key_parse (Shishi
* handle
, FILE * fh
, Shishi_key
** key
);
1859 extern int shishi_key_random (Shishi
* handle
,
1860 int32_t type
, Shishi_key
** key
);
1861 extern int shishi_key_from_value (Shishi
* handle
,
1863 const char *value
, Shishi_key
** key
);
1864 extern int shishi_key_from_base64 (Shishi
* handle
,
1866 const char *value
, Shishi_key
** key
);
1867 extern int shishi_key_from_random (Shishi
* handle
,
1870 size_t rndlen
, Shishi_key
** outkey
);
1871 extern int shishi_key_from_string (Shishi
* handle
,
1873 const char *password
, size_t passwordlen
,
1874 const char *salt
, size_t saltlen
,
1875 const char *parameter
,
1876 Shishi_key
** outkey
);
1877 extern int shishi_key_from_name (Shishi
* handle
,
1880 const char *password
, size_t passwordlen
,
1881 const char *parameter
,
1882 Shishi_key
** outkey
);
1885 extern int shishi_keys (Shishi
* handle
, Shishi_keys
** keys
);
1886 extern void shishi_keys_done (Shishi_keys
** keys
);
1887 extern int shishi_keys_size (Shishi_keys
* keys
);
1888 extern const Shishi_key
*shishi_keys_nth (Shishi_keys
* keys
, int keyno
);
1889 extern void shishi_keys_remove (Shishi_keys
* keys
, int keyno
);
1890 extern int shishi_keys_add (Shishi_keys
* keys
, Shishi_key
* key
);
1892 extern int shishi_keys_add_keytab_mem (Shishi
* handle
,
1893 const char *data
, size_t len
,
1895 extern int shishi_keys_add_keytab_file (Shishi
* handle
,
1896 const char *filename
,
1898 extern int shishi_keys_from_keytab_mem (Shishi
* handle
,
1899 const char *data
, size_t len
,
1900 Shishi_keys
**outkeys
);
1901 extern int shishi_keys_from_keytab_file (Shishi
* handle
,
1902 const char *filename
,
1903 Shishi_keys
**outkeys
);
1905 extern int shishi_keys_print (Shishi_keys
* keys
, FILE *fh
);
1906 extern int shishi_keys_to_file (Shishi
* handle
,
1907 const char *filename
,
1908 Shishi_keys
* keys
);
1910 extern Shishi_key
*shishi_keys_for_serverrealm_in_file (Shishi
* handle
,
1911 const char *filename
,
1914 extern Shishi_key
*shishi_keys_for_server_in_file (Shishi
* handle
,
1915 const char *filename
,
1916 const char *server
);
1917 extern Shishi_key
*shishi_keys_for_localservicerealm_in_file (Shishi
* handle
,
1926 extern const char *shishi_hostkeys_default_file (Shishi
* handle
);
1927 extern void shishi_hostkeys_default_file_set (Shishi
* handle
,
1928 const char *hostkeysfile
);
1929 extern Shishi_key
*shishi_hostkeys_for_server (Shishi
* handle
,
1930 const char *server
);
1931 extern Shishi_key
*shishi_hostkeys_for_serverrealm (Shishi
* handle
,
1934 extern Shishi_key
*shishi_hostkeys_for_localservicerealm (Shishi
* handle
,
1935 const char *service
,
1937 extern Shishi_key
*shishi_hostkeys_for_localservice (Shishi
* handle
,
1938 const char *service
);
1940 /* encapreppart.c */
1941 extern Shishi_asn1
shishi_encapreppart (Shishi
* handle
);
1942 extern int shishi_encapreppart_time_copy (Shishi
* handle
,
1943 Shishi_asn1 encapreppart
,
1944 Shishi_asn1 authenticator
);
1945 extern int shishi_encapreppart_ctime (Shishi
* handle
,
1946 Shishi_asn1 encapreppart
, char **t
);
1947 extern int shishi_encapreppart_ctime_set (Shishi
* handle
,
1948 Shishi_asn1 encapreppart
,
1950 extern int shishi_encapreppart_cusec_get (Shishi
* handle
,
1951 Shishi_asn1 encapreppart
,
1953 extern int shishi_encapreppart_cusec_set (Shishi
* handle
,
1954 Shishi_asn1 encapreppart
,
1956 extern int shishi_encapreppart_print (Shishi
* handle
, FILE * fh
,
1957 Shishi_asn1 encapreppart
);
1958 extern int shishi_encapreppart_save (Shishi
* handle
, FILE * fh
,
1959 Shishi_asn1 encapreppart
);
1960 extern int shishi_encapreppart_to_file (Shishi
* handle
,
1961 Shishi_asn1 encapreppart
,
1962 int filetype
, const char *filename
);
1963 extern int shishi_encapreppart_read (Shishi
* handle
, FILE * fh
,
1964 Shishi_asn1
* encapreppart
);
1965 extern int shishi_encapreppart_parse (Shishi
* handle
, FILE * fh
,
1966 Shishi_asn1
* encapreppart
);
1967 extern int shishi_encapreppart_from_file (Shishi
* handle
,
1968 Shishi_asn1
* encapreppart
,
1969 int filetype
, const char *filename
);
1970 extern int shishi_encapreppart_get_key (Shishi
* handle
,
1971 Shishi_asn1 encapreppart
,
1973 extern int shishi_encapreppart_seqnumber_get (Shishi
* handle
,
1974 Shishi_asn1 encapreppart
,
1975 uint32_t * seqnumber
);
1976 extern int shishi_encapreppart_seqnumber_remove (Shishi
* handle
,
1977 Shishi_asn1 encapreppart
);
1978 extern int shishi_encapreppart_seqnumber_set (Shishi
* handle
,
1979 Shishi_asn1 encapreppart
,
1980 uint32_t seqnumber
);
1983 extern Shishi_asn1
shishi_apreq (Shishi
* handle
);
1984 extern int shishi_apreq_parse (Shishi
* handle
, FILE * fh
,
1985 Shishi_asn1
* apreq
);
1986 extern int shishi_apreq_from_file (Shishi
* handle
, Shishi_asn1
* apreq
,
1987 int filetype
, const char *filename
);
1988 extern int shishi_apreq_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 apreq
);
1989 extern int shishi_apreq_to_file (Shishi
* handle
, Shishi_asn1 apreq
,
1990 int filetype
, const char *filename
);
1991 extern int shishi_apreq_read (Shishi
* handle
, FILE * fh
,
1992 Shishi_asn1
* apreq
);
1993 extern int shishi_apreq_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 apreq
);
1994 extern int shishi_apreq_set_ticket (Shishi
* handle
, Shishi_asn1 apreq
,
1995 Shishi_asn1 ticket
);
1996 extern int shishi_apreq_set_authenticator (Shishi
* handle
, Shishi_asn1 apreq
,
1997 int32_t etype
, uint32_t kvno
,
1998 const char *buf
, size_t buflen
);
1999 extern int shishi_apreq_add_authenticator (Shishi
* handle
, Shishi_asn1 apreq
,
2000 Shishi_key
* key
, int keyusage
,
2001 Shishi_asn1 authenticator
);
2002 extern int shishi_apreq_options (Shishi
* handle
, Shishi_asn1 apreq
,
2004 extern int shishi_apreq_use_session_key_p (Shishi
* handle
,
2006 extern int shishi_apreq_mutual_required_p (Shishi
* handle
,
2008 extern int shishi_apreq_options_set (Shishi
* handle
, Shishi_asn1 apreq
,
2010 extern int shishi_apreq_options_add (Shishi
* handle
, Shishi_asn1 apreq
,
2012 extern int shishi_apreq_options_remove (Shishi
* handle
, Shishi_asn1 apreq
,
2014 extern int shishi_apreq_get_ticket (Shishi
* handle
, Shishi_asn1 apreq
,
2015 Shishi_asn1
* ticket
);
2016 extern int shishi_apreq_get_authenticator_etype (Shishi
* handle
,
2019 extern int shishi_apreq_decrypt (Shishi
* handle
, Shishi_asn1 apreq
,
2020 Shishi_key
* key
, int keyusage
,
2021 Shishi_asn1
* authenticator
);
2024 extern Shishi_asn1
shishi_aprep (Shishi
* handle
);
2025 extern int shishi_aprep_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 aprep
);
2026 extern int shishi_aprep_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 aprep
);
2027 extern int shishi_aprep_to_file (Shishi
* handle
, Shishi_asn1 aprep
,
2028 int filetype
, const char *filename
);
2029 extern int shishi_aprep_read (Shishi
* handle
, FILE * fh
,
2030 Shishi_asn1
* aprep
);
2031 extern int shishi_aprep_parse (Shishi
* handle
, FILE * fh
,
2032 Shishi_asn1
* aprep
);
2033 extern int shishi_aprep_from_file (Shishi
* handle
, Shishi_asn1
* aprep
,
2034 int filetype
, const char *filename
);
2035 extern int shishi_aprep_decrypt (Shishi
* handle
, Shishi_asn1 aprep
,
2036 Shishi_key
* key
, int keyusage
,
2037 Shishi_asn1
* encapreppart
);
2038 extern int shishi_aprep_verify (Shishi
* handle
, Shishi_asn1 authenticator
,
2039 Shishi_asn1 encapreppart
);
2040 extern int shishi_aprep_enc_part_set (Shishi
* handle
, Shishi_asn1 aprep
,
2042 const char *buf
, size_t buflen
);
2043 extern int shishi_aprep_enc_part_add (Shishi
* handle
, Shishi_asn1 aprep
,
2044 Shishi_asn1 encticketpart
,
2045 Shishi_asn1 encapreppart
);
2046 extern int shishi_aprep_enc_part_make (Shishi
* handle
, Shishi_asn1 aprep
,
2047 Shishi_asn1 encapreppart
,
2048 Shishi_asn1 authenticator
,
2049 Shishi_asn1 encticketpart
);
2050 extern int shishi_aprep_get_enc_part_etype (Shishi
* handle
,
2055 extern int shishi_kdc_sendrecv (Shishi
* handle
, char *realm
,
2056 const char *indata
, size_t inlen
,
2057 char **outdata
, size_t * outlen
);
2058 extern int shishi_kdc_sendrecv_hint (Shishi
* handle
, char *realm
,
2059 const char *indata
, size_t inlen
,
2060 char **outdata
, size_t * outlen
,
2061 Shishi_tkts_hint
* hint
);
2063 /* encticketpart.c */
2064 extern Shishi_asn1
shishi_encticketpart (Shishi
* handle
);
2065 extern int shishi_encticketpart_key_set (Shishi
* handle
,
2066 Shishi_asn1 encticketpart
,
2068 extern int shishi_encticketpart_get_key (Shishi
* handle
,
2069 Shishi_asn1 encticketpart
,
2071 extern int shishi_encticketpart_crealm (Shishi
* handle
,
2072 Shishi_asn1 encticketpart
,
2073 char **crealm
, size_t * crealmlen
);
2074 extern int shishi_encticketpart_crealm_set (Shishi
* handle
,
2075 Shishi_asn1 encticketpart
,
2077 extern int shishi_encticketpart_client (Shishi
* handle
,
2078 Shishi_asn1 encticketpart
,
2079 char **client
, size_t * clientlen
);
2080 extern int shishi_encticketpart_clientrealm (Shishi
* handle
,
2081 Shishi_asn1 encticketpart
,
2082 char **client
, size_t *clientlen
);
2083 extern int shishi_encticketpart_cname_set (Shishi
* handle
,
2084 Shishi_asn1 encticketpart
,
2085 Shishi_name_type name_type
,
2086 const char *principal
);
2087 extern int shishi_encticketpart_print (Shishi
* handle
, FILE * fh
,
2088 Shishi_asn1 encticketpart
);
2089 extern int shishi_encticketpart_flags_set (Shishi
* handle
,
2090 Shishi_asn1 encticketpart
,
2092 extern int shishi_encticketpart_transited_set (Shishi
* handle
,
2093 Shishi_asn1 encticketpart
,
2097 extern int shishi_encticketpart_authtime_set (Shishi
* handle
,
2098 Shishi_asn1 encticketpart
,
2099 const char *authtime
);
2100 extern int shishi_encticketpart_endtime_set (Shishi
* handle
,
2101 Shishi_asn1 encticketpart
,
2102 const char *endtime
);
2103 extern int shishi_encticketpart_authtime (Shishi
* handle
,
2104 Shishi_asn1 encticketpart
,
2106 size_t * authtimelen
);
2107 extern time_t shishi_encticketpart_authctime (Shishi
* handle
,
2108 Shishi_asn1 encticketpart
);
2111 extern int shishi_safe (Shishi
* handle
, Shishi_safe
** safe
);
2112 extern void shishi_safe_done (Shishi_safe
* safe
);
2113 extern Shishi_key
*shishi_safe_key (Shishi_safe
* safe
);
2114 extern void shishi_safe_key_set (Shishi_safe
* safe
, Shishi_key
* key
);
2115 extern Shishi_asn1
shishi_safe_safe (Shishi_safe
* safe
);
2116 extern void shishi_safe_safe_set (Shishi_safe
* safe
, Shishi_asn1 asn1safe
);
2117 extern int shishi_safe_safe_der (Shishi_safe
* safe
, char **out
,
2119 extern int shishi_safe_safe_der_set (Shishi_safe
* safe
,
2120 char *der
, size_t derlen
);
2121 extern int shishi_safe_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 safe
);
2122 extern int shishi_safe_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 safe
);
2123 extern int shishi_safe_to_file (Shishi
* handle
, Shishi_asn1 safe
,
2124 int filetype
, const char *filename
);
2125 extern int shishi_safe_parse (Shishi
* handle
, FILE * fh
, Shishi_asn1
* safe
);
2126 extern int shishi_safe_read (Shishi
* handle
, FILE * fh
, Shishi_asn1
* safe
);
2127 extern int shishi_safe_from_file (Shishi
* handle
, Shishi_asn1
* safe
,
2128 int filetype
, const char *filename
);
2129 extern int shishi_safe_cksum (Shishi
* handle
,
2131 int32_t * cksumtype
,
2132 char **cksum
, size_t * cksumlen
);
2133 extern int shishi_safe_set_cksum (Shishi
* handle
,
2136 const char *cksum
, size_t cksumlen
);
2137 extern int shishi_safe_user_data (Shishi
* handle
,
2139 char **userdata
, size_t * userdatalen
);
2140 extern int shishi_safe_set_user_data (Shishi
* handle
,
2142 const char *userdata
,
2143 size_t userdatalen
);
2144 extern int shishi_safe_build (Shishi_safe
* safe
, Shishi_key
* key
);
2145 extern int shishi_safe_verify (Shishi_safe
* safe
, Shishi_key
* key
);
2148 extern int shishi_priv (Shishi
* handle
, Shishi_priv
** priv
);
2149 extern void shishi_priv_done (Shishi_priv
* priv
);
2150 extern Shishi_key
*shishi_priv_key (Shishi_priv
* priv
);
2151 extern void shishi_priv_key_set (Shishi_priv
* priv
, Shishi_key
* key
);
2152 extern Shishi_asn1
shishi_priv_priv (Shishi_priv
* priv
);
2153 extern void shishi_priv_priv_set (Shishi_priv
* priv
, Shishi_asn1 asn1priv
);
2154 extern int shishi_priv_priv_der (Shishi_priv
* priv
, char **out
,
2156 extern int shishi_priv_priv_der_set (Shishi_priv
* priv
,
2157 char *der
, size_t derlen
);
2158 extern Shishi_asn1
shishi_priv_encprivpart (Shishi_priv
* priv
);
2159 extern void shishi_priv_encprivpart_set (Shishi_priv
* priv
,
2160 Shishi_asn1 asn1encprivpart
);
2161 extern int shishi_priv_encprivpart_der (Shishi_priv
* priv
, char **out
,
2163 extern int shishi_priv_encprivpart_der_set (Shishi_priv
* priv
,
2164 char *der
, size_t derlen
);
2165 extern int shishi_priv_print (Shishi
* handle
, FILE * fh
, Shishi_asn1 priv
);
2166 extern int shishi_priv_save (Shishi
* handle
, FILE * fh
, Shishi_asn1 priv
);
2167 extern int shishi_priv_to_file (Shishi
* handle
, Shishi_asn1 priv
,
2168 int filetype
, const char *filename
);
2169 extern int shishi_priv_parse (Shishi
* handle
, FILE * fh
, Shishi_asn1
* priv
);
2170 extern int shishi_priv_read (Shishi
* handle
, FILE * fh
, Shishi_asn1
* priv
);
2171 extern int shishi_priv_from_file (Shishi
* handle
, Shishi_asn1
* priv
,
2172 int filetype
, const char *filename
);
2173 extern int shishi_priv_enc_part_etype (Shishi
* handle
,
2174 Shishi_asn1 priv
, int32_t * etype
);
2175 extern int shishi_priv_set_enc_part (Shishi
* handle
,
2178 const char *encpart
, size_t encpartlen
);
2179 extern int shishi_encprivpart_user_data (Shishi
* handle
,
2180 Shishi_asn1 encprivpart
,
2182 size_t * userdatalen
);
2183 extern int shishi_encprivpart_set_user_data (Shishi
* handle
,
2184 Shishi_asn1 encprivpart
,
2185 const char *userdata
,
2186 size_t userdatalen
);
2187 extern int shishi_priv_build (Shishi_priv
* priv
, Shishi_key
* key
);
2188 extern int shishi_priv_process (Shishi_priv
* priv
, Shishi_key
* key
);
2191 extern int shishi_authorized_p (Shishi
* handle
,
2192 Shishi_tkt
* tkt
, const char *authzname
);
2193 extern int shishi_authorization_parse (const char *authorization
);
2194 extern int shishi_authorize_strcmp (Shishi
* handle
, const char *principal
,
2195 const char *authzname
);
2196 extern int shishi_authorize_k5login (Shishi
* handle
, const char *principal
,
2197 const char *authzname
);
2200 extern char *shishi_x509ca_default_file_guess (Shishi
* handle
);
2201 extern void shishi_x509ca_default_file_set (Shishi
* handle
,
2202 const char *x509cafile
);
2203 extern const char *shishi_x509ca_default_file (Shishi
* handle
);
2204 extern char *shishi_x509ca_default_file_guess (Shishi
* handle
);
2205 extern char *shishi_x509cert_default_file_guess (Shishi
* handle
);
2206 extern void shishi_x509cert_default_file_set (Shishi
* handle
,
2207 const char *x509certfile
);
2208 extern const char *shishi_x509cert_default_file (Shishi
* handle
);
2209 extern char *shishi_x509key_default_file_guess (Shishi
* handle
);
2210 extern void shishi_x509key_default_file_set (Shishi
* handle
,
2211 const char *x509keyfile
);
2212 extern const char *shishi_x509key_default_file (Shishi
* handle
);
2215 extern time_t shishi_get_date (const char *p
, const time_t * now
);
2216 extern void shishi_xalloc_die (void);
2219 extern Shishi_dns
shishi_resolv (const char *zone
, uint16_t querytype
);
2220 extern void shishi_resolv_free (Shishi_dns rrs
);