lib/enckdcreppart.c

   1 /* enckdcreppart.c --- Key distribution encrypted reply part functions
   2  * Copyright (C) 2002, 2003, 2004, 2006, 2007  Simon Josefsson
   3  *
   4  * This file is part of Shishi.
   5  *
   6  * Shishi is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation; either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * Shishi is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with Shishi; if not, see http://www.gnu.org/licenses or write
  18  * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
  19  * Floor, Boston, MA 02110-1301, USA
  20  *
  21  */
  22
  23 #include "internal.h"
  24
  25
  26 Shishi_asn1
  27 shishi_enckdcreppart (Shishi * handle)
  28 {
  29   int res;
  30   Shishi_asn1 node;
  31
  32   node = shishi_asn1_enckdcreppart (handle);
  33   if (!node)
  34     return NULL;
  35
  36   /* XXX remove these two: */
  37   res = shishi_asn1_write (handle, node, "key-expiration", NULL, 0);
  38   if (res != SHISHI_OK)
  39     return NULL;
  40
  41   res = shishi_asn1_write (handle, node, "caddr", NULL, 0);
  42   if (res != SHISHI_OK)
  43     return NULL;
  44
  45   res = shishi_enckdcreppart_flags_set (handle, node, 0);
  46   if (res != SHISHI_OK)
  47     return NULL;
  48
  49   return node;
  50 }
  51
  52 Shishi_asn1
  53 shishi_encasreppart (Shishi * handle)
  54 {
  55   int res;
  56   Shishi_asn1 node;
  57
  58   node = shishi_asn1_encasreppart (handle);
  59   if (!node)
  60     return NULL;
  61
  62   /* XXX remove these two: */
  63   res = shishi_asn1_write (handle, node, "key-expiration", NULL, 0);
  64   if (res != SHISHI_OK)
  65     puts ("urk");
  66   res = shishi_asn1_write (handle, node, "caddr", NULL, 0);
  67   if (res != SHISHI_OK)
  68     puts ("urk2");
  69
  70   return node;
  71 }
  72
  73 /**
  74  * shishi_enckdcreppart_get_key:
  75  * @handle: shishi handle as allocated by shishi_init().
  76  * @enckdcreppart: input EncKDCRepPart variable.
  77  * @key: newly allocated encryption key handle.
  78  *
  79  * Extract the key to use with the ticket sent in the KDC-REP
  80  * associated with the EncKDCRepPart input variable.
  81  *
  82  * Return value: Returns SHISHI_OK iff succesful.
  83  **/
  84 int
  85 shishi_enckdcreppart_get_key (Shishi * handle,
  86                               Shishi_asn1 enckdcreppart, Shishi_key ** key)
  87 {
  88   int res;
  89   char *buf;
  90   size_t buflen;
  91   int32_t keytype;
  92
  93   res = shishi_asn1_read_int32 (handle, enckdcreppart,
  94                                 "key.keytype", &keytype);
  95   if (res != SHISHI_OK)
  96     return res;
  97
  98   res = shishi_asn1_read (handle, enckdcreppart, "key.keyvalue",
  99                           &buf, &buflen);
 100   if (res != SHISHI_OK)
 101     return res;
 102
 103   res = shishi_key_from_value (handle, keytype, buf, key);
 104   free (buf);
 105   if (res != SHISHI_OK)
 106     return res;
 107
 108   return SHISHI_OK;
 109 }
 110
 111 /**
 112  * shishi_enckdcreppart_key_set:
 113  * @handle: shishi handle as allocated by shishi_init().
 114  * @enckdcreppart: input EncKDCRepPart variable.
 115  * @key: key handle with information to store in enckdcreppart.
 116  *
 117  * Set the EncKDCRepPart.key field to key type and value of supplied
 118  * key.
 119  *
 120  * Return value: Returns SHISHI_OK iff succesful.
 121  **/
 122 int
 123 shishi_enckdcreppart_key_set (Shishi * handle,
 124                               Shishi_asn1 enckdcreppart, Shishi_key * key)
 125 {
 126   int res;
 127
 128   res = shishi_asn1_write_integer (handle, enckdcreppart, "key.keytype",
 129                                    shishi_key_type (key));
 130   if (res != SHISHI_OK)
 131     return SHISHI_ASN1_ERROR;
 132
 133   res = shishi_asn1_write (handle, enckdcreppart, "key.keyvalue",
 134                            shishi_key_value (key), shishi_key_length (key));
 135   if (res != SHISHI_OK)
 136     return SHISHI_ASN1_ERROR;
 137
 138   return SHISHI_OK;
 139 }
 140
 141 /**
 142  * shishi_enckdcreppart_nonce_set:
 143  * @handle: shishi handle as allocated by shishi_init().
 144  * @enckdcreppart: input EncKDCRepPart variable.
 145  * @nonce: nonce to set in EncKDCRepPart.
 146  *
 147  * Set the EncKDCRepPart.nonce field.
 148  *
 149  * Return value: Returns SHISHI_OK iff succesful.
 150  **/
 151 int
 152 shishi_enckdcreppart_nonce_set (Shishi * handle,
 153                                 Shishi_asn1 enckdcreppart, uint32_t nonce)
 154 {
 155   int res;
 156
 157   res = shishi_asn1_write_uint32 (handle, enckdcreppart, "nonce", nonce);
 158   if (res != SHISHI_OK)
 159     return res;
 160
 161   return SHISHI_OK;
 162 }
 163
 164 /**
 165  * shishi_enckdcreppart_flags_set:
 166  * @handle: shishi handle as allocated by shishi_init().
 167  * @enckdcreppart: input EncKDCRepPart variable.
 168  * @flags: flags to set in EncKDCRepPart.
 169  *
 170  * Set the EncKDCRepPart.flags field.
 171  *
 172  * Return value: Returns SHISHI_OK iff succesful.
 173  **/
 174 int
 175 shishi_enckdcreppart_flags_set (Shishi * handle,
 176                                 Shishi_asn1 enckdcreppart, int flags)
 177 {
 178   int res;
 179
 180   res = shishi_asn1_write_bitstring (handle, enckdcreppart, "flags", flags);
 181   if (res != SHISHI_OK)
 182     return res;
 183
 184   return SHISHI_OK;
 185 }
 186
 187 /**
 188  * shishi_enckdcreppart_authtime_set:
 189  * @handle: shishi handle as allocated by shishi_init().
 190  * @enckdcreppart: input EncKDCRepPart variable.
 191  * @authtime: character buffer containing a generalized time string.
 192  *
 193  * Set the EncTicketPart.authtime to supplied value.
 194  *
 195  * Return value: Returns SHISHI_OK iff succesful.
 196  **/
 197 int
 198 shishi_enckdcreppart_authtime_set (Shishi * handle,
 199                                    Shishi_asn1 enckdcreppart,
 200                                    const char *authtime)
 201 {
 202   int res;
 203
 204   res = shishi_asn1_write (handle, enckdcreppart, "authtime",
 205                            authtime, SHISHI_GENERALIZEDTIME_LENGTH);
 206   if (res != SHISHI_OK)
 207     return res;
 208
 209   return SHISHI_OK;
 210 }
 211
 212 /**
 213  * shishi_enckdcreppart_starttime_set:
 214  * @handle: shishi handle as allocated by shishi_init().
 215  * @enckdcreppart: input EncKDCRepPart variable.
 216  * @starttime: character buffer containing a generalized time string.
 217  *
 218  * Set the EncTicketPart.starttime to supplied value.  Use a NULL
 219  * value for @starttime to remove the field.
 220  *
 221  * Return value: Returns SHISHI_OK iff succesful.
 222  **/
 223 int
 224 shishi_enckdcreppart_starttime_set (Shishi * handle,
 225                                     Shishi_asn1 enckdcreppart,
 226                                     const char *starttime)
 227 {
 228   int res;
 229
 230   if (!starttime)
 231     res = shishi_asn1_write (handle, enckdcreppart, "starttime", NULL, 0);
 232   else
 233     res = shishi_asn1_write (handle, enckdcreppart, "starttime",
 234                              starttime, SHISHI_GENERALIZEDTIME_LENGTH);
 235   if (res != SHISHI_OK)
 236     return res;
 237
 238   return SHISHI_OK;
 239 }
 240
 241 /**
 242  * shishi_enckdcreppart_endtime_set:
 243  * @handle: shishi handle as allocated by shishi_init().
 244  * @enckdcreppart: input EncKDCRepPart variable.
 245  * @endtime: character buffer containing a generalized time string.
 246  *
 247  * Set the EncTicketPart.endtime to supplied value.
 248  *
 249  * Return value: Returns SHISHI_OK iff succesful.
 250  **/
 251 int
 252 shishi_enckdcreppart_endtime_set (Shishi * handle,
 253                                   Shishi_asn1 enckdcreppart,
 254                                   const char *endtime)
 255 {
 256   int res;
 257
 258   res = shishi_asn1_write (handle, enckdcreppart, "endtime",
 259                            endtime, SHISHI_GENERALIZEDTIME_LENGTH);
 260   if (res != SHISHI_OK)
 261     return res;
 262
 263   return SHISHI_OK;
 264 }
 265
 266 /**
 267  * shishi_enckdcreppart_renew_till_set:
 268  * @handle: shishi handle as allocated by shishi_init().
 269  * @enckdcreppart: input EncKDCRepPart variable.
 270  * @renew_till: character buffer containing a generalized time string.
 271  *
 272  * Set the EncTicketPart.renew-till to supplied value.  Use a NULL
 273  * value for @renew_till to remove the field.
 274  *
 275  * Return value: Returns SHISHI_OK iff succesful.
 276  **/
 277 int
 278 shishi_enckdcreppart_renew_till_set (Shishi * handle,
 279                                      Shishi_asn1 enckdcreppart,
 280                                      const char *renew_till)
 281 {
 282   int res;
 283
 284   if (!renew_till)
 285     res = shishi_asn1_write (handle, enckdcreppart, "renew-till", NULL, 0);
 286   else
 287     res = shishi_asn1_write (handle, enckdcreppart, "renew-till",
 288                              renew_till, SHISHI_GENERALIZEDTIME_LENGTH);
 289   if (res != SHISHI_OK)
 290     return res;
 291
 292   return SHISHI_OK;
 293 }
 294
 295 /**
 296  * shishi_enckdcreppart_srealm_set:
 297  * @handle: shishi handle as allocated by shishi_init().
 298  * @enckdcreppart: EncKDCRepPart variable to set realm field in.
 299  * @srealm: input array with name of realm.
 300  *
 301  * Set the server realm field in the EncKDCRepPart.
 302  *
 303  * Return value: Returns SHISHI_OK iff successful.
 304  **/
 305 int
 306 shishi_enckdcreppart_srealm_set (Shishi * handle,
 307                                  Shishi_asn1 enckdcreppart,
 308                                  const char *srealm)
 309 {
 310   int res = SHISHI_OK;
 311
 312   res = shishi_asn1_write (handle, enckdcreppart, "srealm", srealm, 0);
 313   if (res != SHISHI_OK)
 314     return res;
 315
 316   return SHISHI_OK;
 317 }
 318
 319
 320 /**
 321  * shishi_enckdcreppart_sname_set:
 322  * @handle: shishi handle as allocated by shishi_init().
 323  * @enckdcreppart: EncKDCRepPart variable to set server name field in.
 324  * @name_type: type of principial, see Shishi_name_type, usually
 325  *             SHISHI_NT_UNKNOWN.
 326  * @sname: input array with principal name.
 327  *
 328  * Set the server name field in the EncKDCRepPart.
 329  *
 330  * Return value: Returns SHISHI_OK iff successful.
 331  **/
 332 int
 333 shishi_enckdcreppart_sname_set (Shishi * handle,
 334                                 Shishi_asn1 enckdcreppart,
 335                                 Shishi_name_type name_type, char *sname[])
 336 {
 337   int res = SHISHI_OK;
 338   int i;
 339   char *buf;
 340
 341   res = shishi_asn1_write_integer (handle, enckdcreppart,
 342                                    "sname.name-type", name_type);
 343   if (res != SHISHI_OK)
 344     return res;
 345
 346   res = shishi_asn1_write (handle, enckdcreppart,
 347                            "sname.name-string", NULL, 0);
 348   if (res != SHISHI_OK)
 349     return res;
 350
 351   i = 1;
 352   while (sname[i - 1])
 353     {
 354       res = shishi_asn1_write (handle, enckdcreppart, "sname.name-string",
 355                                "NEW", 1);
 356       if (res != SHISHI_OK)
 357         return res;
 358
 359       asprintf (&buf, "sname.name-string.?%d", i);
 360       res = shishi_asn1_write (handle, enckdcreppart, buf, sname[i - 1], 0);
 361       free (buf);
 362       if (res != SHISHI_OK)
 363         return res;
 364
 365       i++;
 366     }
 367
 368   return SHISHI_OK;
 369 }
 370
 371 int
 372 shishi_enckdcreppart_server_set (Shishi * handle,
 373                                  Shishi_asn1 enckdcreppart,
 374                                  const char *server)
 375 {
 376   char *tmpserver;
 377   char **serverbuf;
 378   char *tokptr;
 379   int res;
 380   int i;
 381
 382   tmpserver = xstrdup (server);
 383
 384   serverbuf = xmalloc (sizeof (*serverbuf));
 385   for (i = 0;
 386        (serverbuf[i] = strtok_r (i == 0 ? tmpserver : NULL, "/", &tokptr));
 387        i++)
 388     {
 389       serverbuf = xrealloc (serverbuf, (i + 2) * sizeof (*serverbuf));
 390     }
 391
 392   res = shishi_enckdcreppart_sname_set (handle, enckdcreppart,
 393                                         SHISHI_NT_PRINCIPAL, serverbuf);
 394   if (res != SHISHI_OK)
 395     return res;
 396
 397   free (serverbuf);
 398   free (tmpserver);
 399
 400   return SHISHI_OK;
 401 }
 402
 403 int
 404 shishi_enckdcreppart_srealmserver_set (Shishi * handle,
 405                                        Shishi_asn1 enckdcreppart,
 406                                        const char *srealm, const char *server)
 407 {
 408   int res;
 409
 410   res = shishi_enckdcreppart_srealm_set (handle, enckdcreppart, srealm);
 411   if (res != SHISHI_OK)
 412     return res;
 413
 414   res = shishi_enckdcreppart_server_set (handle, enckdcreppart, server);
 415   if (res != SHISHI_OK)
 416     return res;
 417
 418   return SHISHI_OK;
 419 }
 420
 421 /**
 422  * shishi_enckdcreppart_populate_encticketpart:
 423  * @handle: shishi handle as allocated by shishi_init().
 424  * @enckdcreppart: input EncKDCRepPart variable.
 425  * @encticketpart: input EncTicketPart variable.
 426  *
 427  * Set the flags, authtime, starttime, endtime, renew-till and caddr
 428  * fields of the EncKDCRepPart to the corresponding values in the
 429  * EncTicketPart.
 430  *
 431  * Return value: Returns SHISHI_OK iff succesful.
 432  **/
 433 int
 434 shishi_enckdcreppart_populate_encticketpart (Shishi * handle,
 435                                              Shishi_asn1 enckdcreppart,
 436                                              Shishi_asn1 encticketpart)
 437 {
 438   char *buf;
 439   size_t buflen;
 440   int res;
 441
 442   res = shishi_asn1_read (handle, encticketpart, "flags", &buf, &buflen);
 443   if (res != SHISHI_OK)
 444     return SHISHI_ASN1_ERROR;
 445
 446   res = shishi_asn1_write (handle, enckdcreppart, "flags", buf, buflen);
 447   free (buf);
 448   if (res != SHISHI_OK)
 449     return SHISHI_ASN1_ERROR;
 450
 451   res = shishi_asn1_read (handle, encticketpart, "authtime", &buf, &buflen);
 452   if (res != SHISHI_OK)
 453     return SHISHI_ASN1_ERROR;
 454
 455   res = shishi_asn1_write (handle, enckdcreppart, "authtime", buf, buflen);
 456   free (buf);
 457   if (res != SHISHI_OK)
 458     return SHISHI_ASN1_ERROR;
 459
 460   res = shishi_asn1_read (handle, encticketpart, "starttime", &buf, &buflen);
 461   if (res != SHISHI_OK && res != SHISHI_ASN1_NO_ELEMENT)
 462     return SHISHI_ASN1_ERROR;
 463
 464   if (res == SHISHI_ASN1_NO_ELEMENT)
 465     res = shishi_asn1_write (handle, enckdcreppart, "starttime", NULL, 0);
 466   else
 467     {
 468       res = shishi_asn1_write (handle, enckdcreppart, "starttime",
 469                                buf, buflen);
 470       free (buf);
 471     }
 472   if (res != SHISHI_OK)
 473     return SHISHI_ASN1_ERROR;
 474
 475   res = shishi_asn1_read (handle, encticketpart, "endtime", &buf, &buflen);
 476   if (res != SHISHI_OK)
 477     return SHISHI_ASN1_ERROR;
 478
 479   res = shishi_asn1_write (handle, enckdcreppart, "endtime", buf, buflen);
 480   free (buf);
 481   if (res != SHISHI_OK)
 482     return SHISHI_ASN1_ERROR;
 483
 484   res = shishi_asn1_read (handle, encticketpart, "renew-till", &buf, &buflen);
 485   if (res != SHISHI_OK && res != SHISHI_ASN1_NO_ELEMENT)
 486     return SHISHI_ASN1_ERROR;
 487
 488   if (res == SHISHI_ASN1_NO_ELEMENT)
 489     res = shishi_asn1_write (handle, enckdcreppart, "renew-till", NULL, 0);
 490   else
 491     {
 492       res = shishi_asn1_write (handle, enckdcreppart,
 493                                "renew-till", buf, buflen);
 494       free (buf);
 495     }
 496   if (res != SHISHI_OK)
 497     return SHISHI_ASN1_ERROR;
 498
 499   /* XXX copy caddr too */
 500
 501   return SHISHI_OK;
 502 }