lib/enckdcreppart.c

   1 /* enckdcreppart.c --- Key distribution encrypted reply part functions
   2  * Copyright (C) 2002, 2003, 2004, 2006  Simon Josefsson
   3  *
   4  * This file is part of Shishi.
   5  *
   6  * Shishi is free software; you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation; either version 2 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * Shishi is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with Shishi; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19  *
  20  */
  21
  22 #include "internal.h"
  23
  24
  25 Shishi_asn1
  26 shishi_enckdcreppart (Shishi * handle)
  27 {
  28   int res;
  29   Shishi_asn1 node;
  30
  31   node = shishi_asn1_enckdcreppart (handle);
  32   if (!node)
  33     return NULL;
  34
  35   /* XXX remove these two: */
  36   res = shishi_asn1_write (handle, node, "key-expiration", NULL, 0);
  37   if (res != SHISHI_OK)
  38     return NULL;
  39
  40   res = shishi_asn1_write (handle, node, "caddr", NULL, 0);
  41   if (res != SHISHI_OK)
  42     return NULL;
  43
  44   res = shishi_enckdcreppart_flags_set (handle, node, 0);
  45   if (res != SHISHI_OK)
  46     return NULL;
  47
  48   return node;
  49 }
  50
  51 Shishi_asn1
  52 shishi_encasreppart (Shishi * handle)
  53 {
  54   int res;
  55   Shishi_asn1 node;
  56
  57   node = shishi_asn1_encasreppart (handle);
  58   if (!node)
  59     return NULL;
  60
  61   /* XXX remove these two: */
  62   res = shishi_asn1_write (handle, node, "key-expiration", NULL, 0);
  63   if (res != SHISHI_OK)
  64     puts ("urk");
  65   res = shishi_asn1_write (handle, node, "caddr", NULL, 0);
  66   if (res != SHISHI_OK)
  67     puts ("urk2");
  68
  69   return node;
  70 }
  71
  72 /**
  73  * shishi_enckdcreppart_get_key:
  74  * @handle: shishi handle as allocated by shishi_init().
  75  * @enckdcreppart: input EncKDCRepPart variable.
  76  * @key: newly allocated encryption key handle.
  77  *
  78  * Extract the key to use with the ticket sent in the KDC-REP
  79  * associated with the EncKDCRepPart input variable.
  80  *
  81  * Return value: Returns SHISHI_OK iff succesful.
  82  **/
  83 int
  84 shishi_enckdcreppart_get_key (Shishi * handle,
  85                               Shishi_asn1 enckdcreppart, Shishi_key ** key)
  86 {
  87   int res;
  88   char *buf;
  89   size_t buflen;
  90   int32_t keytype;
  91
  92   res = shishi_asn1_read_int32 (handle, enckdcreppart,
  93                                 "key.keytype", &keytype);
  94   if (res != SHISHI_OK)
  95     return res;
  96
  97   res = shishi_asn1_read (handle, enckdcreppart, "key.keyvalue",
  98                           &buf, &buflen);
  99   if (res != SHISHI_OK)
 100     return res;
 101
 102   res = shishi_key_from_value (handle, keytype, buf, key);
 103   free (buf);
 104   if (res != SHISHI_OK)
 105     return res;
 106
 107   return SHISHI_OK;
 108 }
 109
 110 /**
 111  * shishi_enckdcreppart_key_set:
 112  * @handle: shishi handle as allocated by shishi_init().
 113  * @enckdcreppart: input EncKDCRepPart variable.
 114  * @key: key handle with information to store in enckdcreppart.
 115  *
 116  * Set the EncKDCRepPart.key field to key type and value of supplied
 117  * key.
 118  *
 119  * Return value: Returns SHISHI_OK iff succesful.
 120  **/
 121 int
 122 shishi_enckdcreppart_key_set (Shishi * handle,
 123                               Shishi_asn1 enckdcreppart, Shishi_key * key)
 124 {
 125   int res;
 126
 127   res = shishi_asn1_write_integer (handle, enckdcreppart, "key.keytype",
 128                                    shishi_key_type (key));
 129   if (res != SHISHI_OK)
 130     return SHISHI_ASN1_ERROR;
 131
 132   res = shishi_asn1_write (handle, enckdcreppart, "key.keyvalue",
 133                            shishi_key_value (key), shishi_key_length (key));
 134   if (res != SHISHI_OK)
 135     return SHISHI_ASN1_ERROR;
 136
 137   return SHISHI_OK;
 138 }
 139
 140 /**
 141  * shishi_enckdcreppart_nonce_set:
 142  * @handle: shishi handle as allocated by shishi_init().
 143  * @enckdcreppart: input EncKDCRepPart variable.
 144  * @nonce: nonce to set in EncKDCRepPart.
 145  *
 146  * Set the EncKDCRepPart.nonce field.
 147  *
 148  * Return value: Returns SHISHI_OK iff succesful.
 149  **/
 150 int
 151 shishi_enckdcreppart_nonce_set (Shishi * handle,
 152                                 Shishi_asn1 enckdcreppart, uint32_t nonce)
 153 {
 154   int res;
 155
 156   res = shishi_asn1_write_uint32 (handle, enckdcreppart, "nonce", nonce);
 157   if (res != SHISHI_OK)
 158     return res;
 159
 160   return SHISHI_OK;
 161 }
 162
 163 /**
 164  * shishi_enckdcreppart_flags_set:
 165  * @handle: shishi handle as allocated by shishi_init().
 166  * @enckdcreppart: input EncKDCRepPart variable.
 167  * @flags: flags to set in EncKDCRepPart.
 168  *
 169  * Set the EncKDCRepPart.flags field.
 170  *
 171  * Return value: Returns SHISHI_OK iff succesful.
 172  **/
 173 int
 174 shishi_enckdcreppart_flags_set (Shishi * handle,
 175                                 Shishi_asn1 enckdcreppart, int flags)
 176 {
 177   int res;
 178
 179   res = shishi_asn1_write_bitstring (handle, enckdcreppart, "flags", flags);
 180   if (res != SHISHI_OK)
 181     return res;
 182
 183   return SHISHI_OK;
 184 }
 185
 186 /**
 187  * shishi_enckdcreppart_authtime_set:
 188  * @handle: shishi handle as allocated by shishi_init().
 189  * @enckdcreppart: input EncKDCRepPart variable.
 190  * @authtime: character buffer containing a generalized time string.
 191  *
 192  * Set the EncTicketPart.authtime to supplied value.
 193  *
 194  * Return value: Returns SHISHI_OK iff succesful.
 195  **/
 196 int
 197 shishi_enckdcreppart_authtime_set (Shishi * handle,
 198                                    Shishi_asn1 enckdcreppart,
 199                                    const char *authtime)
 200 {
 201   int res;
 202
 203   res = shishi_asn1_write (handle, enckdcreppart, "authtime",
 204                            authtime, SHISHI_GENERALIZEDTIME_LENGTH);
 205   if (res != SHISHI_OK)
 206     return res;
 207
 208   return SHISHI_OK;
 209 }
 210
 211 /**
 212  * shishi_enckdcreppart_starttime_set:
 213  * @handle: shishi handle as allocated by shishi_init().
 214  * @enckdcreppart: input EncKDCRepPart variable.
 215  * @starttime: character buffer containing a generalized time string.
 216  *
 217  * Set the EncTicketPart.starttime to supplied value.  Use a NULL
 218  * value for @starttime to remove the field.
 219  *
 220  * Return value: Returns SHISHI_OK iff succesful.
 221  **/
 222 int
 223 shishi_enckdcreppart_starttime_set (Shishi * handle,
 224                                     Shishi_asn1 enckdcreppart,
 225                                     const char *starttime)
 226 {
 227   int res;
 228
 229   if (!starttime)
 230     res = shishi_asn1_write (handle, enckdcreppart, "starttime", NULL, 0);
 231   else
 232     res = shishi_asn1_write (handle, enckdcreppart, "starttime",
 233                              starttime, SHISHI_GENERALIZEDTIME_LENGTH);
 234   if (res != SHISHI_OK)
 235     return res;
 236
 237   return SHISHI_OK;
 238 }
 239
 240 /**
 241  * shishi_enckdcreppart_endtime_set:
 242  * @handle: shishi handle as allocated by shishi_init().
 243  * @enckdcreppart: input EncKDCRepPart variable.
 244  * @endtime: character buffer containing a generalized time string.
 245  *
 246  * Set the EncTicketPart.endtime to supplied value.
 247  *
 248  * Return value: Returns SHISHI_OK iff succesful.
 249  **/
 250 int
 251 shishi_enckdcreppart_endtime_set (Shishi * handle,
 252                                   Shishi_asn1 enckdcreppart,
 253                                   const char *endtime)
 254 {
 255   int res;
 256
 257   res = shishi_asn1_write (handle, enckdcreppart, "endtime",
 258                            endtime, SHISHI_GENERALIZEDTIME_LENGTH);
 259   if (res != SHISHI_OK)
 260     return res;
 261
 262   return SHISHI_OK;
 263 }
 264
 265 /**
 266  * shishi_enckdcreppart_renew_till_set:
 267  * @handle: shishi handle as allocated by shishi_init().
 268  * @enckdcreppart: input EncKDCRepPart variable.
 269  * @renew_till: character buffer containing a generalized time string.
 270  *
 271  * Set the EncTicketPart.renew-till to supplied value.  Use a NULL
 272  * value for @renew_till to remove the field.
 273  *
 274  * Return value: Returns SHISHI_OK iff succesful.
 275  **/
 276 int
 277 shishi_enckdcreppart_renew_till_set (Shishi * handle,
 278                                      Shishi_asn1 enckdcreppart,
 279                                      const char *renew_till)
 280 {
 281   int res;
 282
 283   if (!renew_till)
 284     res = shishi_asn1_write (handle, enckdcreppart, "renew-till", NULL, 0);
 285   else
 286     res = shishi_asn1_write (handle, enckdcreppart, "renew-till",
 287                              renew_till, SHISHI_GENERALIZEDTIME_LENGTH);
 288   if (res != SHISHI_OK)
 289     return res;
 290
 291   return SHISHI_OK;
 292 }
 293
 294 /**
 295  * shishi_enckdcreppart_srealm_set:
 296  * @handle: shishi handle as allocated by shishi_init().
 297  * @enckdcreppart: EncKDCRepPart variable to set realm field in.
 298  * @srealm: input array with name of realm.
 299  *
 300  * Set the server realm field in the EncKDCRepPart.
 301  *
 302  * Return value: Returns SHISHI_OK iff successful.
 303  **/
 304 int
 305 shishi_enckdcreppart_srealm_set (Shishi * handle,
 306                                  Shishi_asn1 enckdcreppart,
 307                                  const char *srealm)
 308 {
 309   int res = SHISHI_OK;
 310
 311   res = shishi_asn1_write (handle, enckdcreppart, "srealm", srealm, 0);
 312   if (res != SHISHI_OK)
 313     return res;
 314
 315   return SHISHI_OK;
 316 }
 317
 318
 319 /**
 320  * shishi_enckdcreppart_sname_set:
 321  * @handle: shishi handle as allocated by shishi_init().
 322  * @enckdcreppart: EncKDCRepPart variable to set server name field in.
 323  * @name_type: type of principial, see Shishi_name_type, usually
 324  *             SHISHI_NT_UNKNOWN.
 325  * @sname: input array with principal name.
 326  *
 327  * Set the server name field in the EncKDCRepPart.
 328  *
 329  * Return value: Returns SHISHI_OK iff successful.
 330  **/
 331 int
 332 shishi_enckdcreppart_sname_set (Shishi * handle,
 333                                 Shishi_asn1 enckdcreppart,
 334                                 Shishi_name_type name_type, char *sname[])
 335 {
 336   int res = SHISHI_OK;
 337   int i;
 338   char *buf;
 339
 340   res = shishi_asn1_write_integer (handle, enckdcreppart,
 341                                    "sname.name-type", name_type);
 342   if (res != SHISHI_OK)
 343     return res;
 344
 345   res = shishi_asn1_write (handle, enckdcreppart,
 346                            "sname.name-string", NULL, 0);
 347   if (res != SHISHI_OK)
 348     return res;
 349
 350   i = 1;
 351   while (sname[i - 1])
 352     {
 353       res = shishi_asn1_write (handle, enckdcreppart, "sname.name-string",
 354                                "NEW", 1);
 355       if (res != SHISHI_OK)
 356         return res;
 357
 358       asprintf (&buf, "sname.name-string.?%d", i);
 359       res = shishi_asn1_write (handle, enckdcreppart, buf, sname[i - 1], 0);
 360       free (buf);
 361       if (res != SHISHI_OK)
 362         return res;
 363
 364       i++;
 365     }
 366
 367   return SHISHI_OK;
 368 }
 369
 370 int
 371 shishi_enckdcreppart_server_set (Shishi * handle,
 372                                  Shishi_asn1 enckdcreppart,
 373                                  const char *server)
 374 {
 375   char *tmpserver;
 376   char **serverbuf;
 377   char *tokptr;
 378   int res;
 379   int i;
 380
 381   tmpserver = xstrdup (server);
 382
 383   serverbuf = xmalloc (sizeof (*serverbuf));
 384   for (i = 0;
 385        (serverbuf[i] = strtok_r (i == 0 ? tmpserver : NULL, "/", &tokptr));
 386        i++)
 387     {
 388       serverbuf = xrealloc (serverbuf, (i + 2) * sizeof (*serverbuf));
 389     }
 390
 391   res = shishi_enckdcreppart_sname_set (handle, enckdcreppart,
 392                                         SHISHI_NT_PRINCIPAL, serverbuf);
 393   if (res != SHISHI_OK)
 394     return res;
 395
 396   free (serverbuf);
 397   free (tmpserver);
 398
 399   return SHISHI_OK;
 400 }
 401
 402 int
 403 shishi_enckdcreppart_srealmserver_set (Shishi * handle,
 404                                        Shishi_asn1 enckdcreppart,
 405                                        const char *srealm, const char *server)
 406 {
 407   int res;
 408
 409   res = shishi_enckdcreppart_srealm_set (handle, enckdcreppart, srealm);
 410   if (res != SHISHI_OK)
 411     return res;
 412
 413   res = shishi_enckdcreppart_server_set (handle, enckdcreppart, server);
 414   if (res != SHISHI_OK)
 415     return res;
 416
 417   return SHISHI_OK;
 418 }
 419
 420 /**
 421  * shishi_enckdcreppart_populate_encticketpart:
 422  * @handle: shishi handle as allocated by shishi_init().
 423  * @enckdcreppart: input EncKDCRepPart variable.
 424  * @encticketpart: input EncTicketPart variable.
 425  *
 426  * Set the flags, authtime, starttime, endtime, renew-till and caddr
 427  * fields of the EncKDCRepPart to the corresponding values in the
 428  * EncTicketPart.
 429  *
 430  * Return value: Returns SHISHI_OK iff succesful.
 431  **/
 432 int
 433 shishi_enckdcreppart_populate_encticketpart (Shishi * handle,
 434                                              Shishi_asn1 enckdcreppart,
 435                                              Shishi_asn1 encticketpart)
 436 {
 437   char *buf;
 438   size_t buflen;
 439   int res;
 440
 441   res = shishi_asn1_read (handle, encticketpart, "flags", &buf, &buflen);
 442   if (res != SHISHI_OK)
 443     return SHISHI_ASN1_ERROR;
 444
 445   res = shishi_asn1_write (handle, enckdcreppart, "flags", buf, buflen);
 446   free (buf);
 447   if (res != SHISHI_OK)
 448     return SHISHI_ASN1_ERROR;
 449
 450   res = shishi_asn1_read (handle, encticketpart, "authtime", &buf, &buflen);
 451   if (res != SHISHI_OK)
 452     return SHISHI_ASN1_ERROR;
 453
 454   res = shishi_asn1_write (handle, enckdcreppart, "authtime", buf, buflen);
 455   free (buf);
 456   if (res != SHISHI_OK)
 457     return SHISHI_ASN1_ERROR;
 458
 459   res = shishi_asn1_read (handle, encticketpart, "starttime", &buf, &buflen);
 460   if (res != SHISHI_OK && res != SHISHI_ASN1_NO_ELEMENT)
 461     return SHISHI_ASN1_ERROR;
 462
 463   if (res == SHISHI_ASN1_NO_ELEMENT)
 464     res = shishi_asn1_write (handle, enckdcreppart, "starttime", NULL, 0);
 465   else
 466     {
 467       res = shishi_asn1_write (handle, enckdcreppart, "starttime",
 468                                buf, buflen);
 469       free (buf);
 470     }
 471   if (res != SHISHI_OK)
 472     return SHISHI_ASN1_ERROR;
 473
 474   res = shishi_asn1_read (handle, encticketpart, "endtime", &buf, &buflen);
 475   if (res != SHISHI_OK)
 476     return SHISHI_ASN1_ERROR;
 477
 478   res = shishi_asn1_write (handle, enckdcreppart, "endtime", buf, buflen);
 479   free (buf);
 480   if (res != SHISHI_OK)
 481     return SHISHI_ASN1_ERROR;
 482
 483   res = shishi_asn1_read (handle, encticketpart, "renew-till", &buf, &buflen);
 484   if (res != SHISHI_OK && res != SHISHI_ASN1_NO_ELEMENT)
 485     return SHISHI_ASN1_ERROR;
 486
 487   if (res == SHISHI_ASN1_NO_ELEMENT)
 488     res = shishi_asn1_write (handle, enckdcreppart, "renew-till", NULL, 0);
 489   else
 490     {
 491       res = shishi_asn1_write (handle, enckdcreppart,
 492                                "renew-till", buf, buflen);
 493       free (buf);
 494     }
 495   if (res != SHISHI_OK)
 496     return SHISHI_ASN1_ERROR;
 497
 498   /* XXX copy caddr too */
 499
 500   return SHISHI_OK;
 501 }