search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add.
[shishi.git] / lib / shishi.h.in
blob5f6fb3948e407b10404df5afd4fe8bac896ba732
1 /* shishi.h --- Header file for Shishi library. -*- c -*-
2 * Copyright (C) 2002, 2003, 2004, 2006, 2007 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 *
20 */
21
22 #ifndef SHISHI_H
23 #define SHISHI_H
24
25 #include <stddef.h> /* size_t */
26 #include <stdio.h> /* FILE */
27 #include <time.h> /* time_t */
28 #include <shishi-int.h> /* uint32_t */
29
30 #define SHISHI_VERSION "@PACKAGE_VERSION@"
31
32 /* Error codes */
33 typedef enum
34 {
35 SHISHI_OK = 0,
36 SHISHI_ASN1_ERROR = 1,
37 SHISHI_FOPEN_ERROR = 2,
38 SHISHI_IO_ERROR = 3,
39 SHISHI_MALLOC_ERROR = 4,
40 SHISHI_BASE64_ERROR = 5,
41 SHISHI_REALM_MISMATCH = 6,
42 SHISHI_CNAME_MISMATCH = 7,
43 SHISHI_NONCE_MISMATCH = 8,
44 SHISHI_TGSREP_BAD_KEYTYPE = 9,
45 SHISHI_KDCREP_BAD_KEYTYPE = 10,
46 SHISHI_APREP_BAD_KEYTYPE = 11,
47 SHISHI_APREP_VERIFY_FAILED = 12,
48 SHISHI_APREQ_BAD_KEYTYPE = 13,
49 SHISHI_TOO_SMALL_BUFFER = 14,
50 SHISHI_DERIVEDKEY_TOO_SMALL = 15,
51 SHISHI_KEY_TOO_LARGE = 16,
52 SHISHI_CRYPTO_ERROR = 17,
53 SHISHI_CRYPTO_INTERNAL_ERROR = 18,
54 SHISHI_SOCKET_ERROR = 19,
55 SHISHI_BIND_ERROR = 20,
56 SHISHI_SENDTO_ERROR = 21,
57 SHISHI_RECVFROM_ERROR = 22,
58 SHISHI_CLOSE_ERROR = 23,
59 SHISHI_KDC_TIMEOUT = 24,
60 SHISHI_KDC_NOT_KNOWN_FOR_REALM = 25,
61 SHISHI_TTY_ERROR = 26,
62 SHISHI_GOT_KRBERROR = 27,
63 SHISHI_HANDLE_ERROR = 28,
64 SHISHI_INVALID_TKTS = 29,
65 SHISHI_TICKET_BAD_KEYTYPE = 30,
66 SHISHI_INVALID_KEY = 31,
67 SHISHI_APREQ_DECRYPT_FAILED = 32,
68 SHISHI_TICKET_DECRYPT_FAILED = 33,
69 SHISHI_INVALID_TICKET = 34,
70 SHISHI_OUT_OF_RANGE = 35,
71 SHISHI_ASN1_NO_ELEMENT = 36,
72 SHISHI_SAFE_BAD_KEYTYPE = 37,
73 SHISHI_SAFE_VERIFY_FAILED = 38,
74 SHISHI_PKCS5_INVALID_PRF = 39,
75 SHISHI_PKCS5_INVALID_ITERATION_COUNT = 40,
76 SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH = 41,
77 SHISHI_PKCS5_DERIVED_KEY_TOO_LONG = 42,
78 SHISHI_INVALID_PRINCIPAL_NAME = 43,
79 SHISHI_INVALID_ARGUMENT = 44,
80 SHISHI_ASN1_NO_VALUE = 45,
81 SHISHI_CONNECT_ERROR = 46,
82 SHISHI_VERIFY_FAILED = 47,
83 SHISHI_PRIV_BAD_KEYTYPE = 48,
84 SHISHI_FILE_ERROR = 49,
85 SHISHI_ENCAPREPPART_BAD_KEYTYPE = 50,
86 SHISHI_GETTIMEOFDAY_ERROR = 51,
87 SHISHI_KEYTAB_ERROR = 52,
88 SHISHI_CCACHE_ERROR = 53,
89 SHISHI_LAST_ERROR = 53
90 }
91 Shishi_rc;
92
93 typedef enum
94 {
95 /* Name type not known */
96 SHISHI_NT_UNKNOWN = 0,
97 /* Just the name of the principal as in DCE, or for users */
98 SHISHI_NT_PRINCIPAL = 1,
99 /* Service and other unique instance (krbtgt) */
100 SHISHI_NT_SRV_INST = 2,
101 /* Service with host name as instance (telnet, rcommands) */
102 SHISHI_NT_SRV_HST = 3,
103 /* Service with host as remaining components */
104 SHISHI_NT_SRV_XHST = 4,
105 /* Unique ID */
106 SHISHI_NT_UID = 5,
107 /* Encoded X.509 Distingished name [RFC 2253] */
108 SHISHI_NT_X500_PRINCIPAL = 6,
109 /* Name in form of SMTP email name (e.g. user@foo.com) */
110 SHISHI_NT_SMTP_NAME = 7,
111 /* Enterprise name - may be mapped to principal name */
112 SHISHI_NT_ENTERPRISE = 10
113 }
114 Shishi_name_type;
115
116 typedef enum
117 {
118 SHISHI_PA_TGS_REQ = 1,
119 SHISHI_PA_ENC_TIMESTAMP = 2,
120 SHISHI_PA_PW_SALT = 3,
121 SHISHI_PA_RESERVED = 4,
122 SHISHI_PA_ENC_UNIX_TIME = 5, /* (deprecated) */
123 SHISHI_PA_SANDIA_SECUREID = 6,
124 SHISHI_PA_SESAME = 7,
125 SHISHI_PA_OSF_DCE = 8,
126 SHISHI_PA_CYBERSAFE_SECUREID = 9,
127 SHISHI_PA_AFS3_SALT = 10,
128 SHISHI_PA_ETYPE_INFO = 11,
129 SHISHI_PA_SAM_CHALLENGE = 12, /* (sam/otp) */
130 SHISHI_PA_SAM_RESPONSE = 13, /* (sam/otp) */
131 SHISHI_PA_PK_AS_REQ = 14, /* (pkinit) */
132 SHISHI_PA_PK_AS_REP = 15, /* (pkinit) */
133 SHISHI_PA_ETYPE_INFO2 = 19, /* (replaces pa_etype_info) */
134 SHISHI_PA_USE_SPECIFIED_KVNO = 20,
135 SHISHI_PA_SAM_REDIRECT = 21, /* (sam/otp) */
136 SHISHI_PA_GET_FROM_TYPED_DATA = 22, /* (embedded in typed data) */
137 SHISHI_TD_PADATA = 22, /* (embeds padata) */
138 SHISHI_PA_SAM_ETYPE_INFO = 23, /* (sam/otp) */
139 SHISHI_PA_ALT_PRINC = 24, /* (crawdad@fnal.gov) */
140 SHISHI_PA_SAM_CHALLENGE2 = 30, /* (kenh@pobox.com) */
141 SHISHI_PA_SAM_RESPONSE2 = 31, /* (kenh@pobox.com) */
142 SHISHI_PA_EXTRA_TGT = 41, /* Reserved extra TGT */
143 SHISHI_TD_PKINIT_CMS_CERTIFICATES = 101, /* CertificateSet from CMS */
144 SHISHI_TD_KRB_PRINCIPAL = 102, /* PrincipalName */
145 SHISHI_TD_KRB_REALM = 103, /* Realm */
146 SHISHI_TD_TRUSTED_CERTIFIERS = 104, /* from PKINIT */
147 SHISHI_TD_CERTIFICATE_INDEX = 105, /* from PKINIT */
148 SHISHI_TD_APP_DEFINED_ERROR = 106, /* application specific */
149 SHISHI_TD_REQ_NONCE = 107, /* INTEGER */
150 SHISHI_TD_REQ_SEQ = 108, /* INTEGER */
151 SHISHI_PA_PAC_REQUEST = 128 /* (jbrezak@exchange.microsoft.com) */
152 }
153 Shishi_padata_type;
154
155 typedef enum
156 {
157 SHISHI_TR_DOMAIN_X500_COMPRESS = 1
158 }
159 Shishi_tr_type;
160
161 typedef enum
162 {
163 SHISHI_APOPTIONS_RESERVED = 0x1, /* bit 0 */
164 SHISHI_APOPTIONS_USE_SESSION_KEY = 0x2, /* bit 1 */
165 SHISHI_APOPTIONS_MUTUAL_REQUIRED = 0x4 /* bit 2 */
166 }
167 Shishi_apoptions;
168
169 typedef enum
170 {
171 SHISHI_TICKETFLAGS_RESERVED = 0x1, /* bit 0 */
172 SHISHI_TICKETFLAGS_FORWARDABLE = 0x2, /* bit 1 */
173 SHISHI_TICKETFLAGS_FORWARDED = 0x4, /* bit 2 */
174 SHISHI_TICKETFLAGS_PROXIABLE = 0x8, /* bit 3 */
175 SHISHI_TICKETFLAGS_PROXY = 0x10, /* bit 4 */
176 SHISHI_TICKETFLAGS_MAY_POSTDATE = 0x20, /* bit 5 */
177 SHISHI_TICKETFLAGS_POSTDATED = 0x40, /* bit 6 */
178 SHISHI_TICKETFLAGS_INVALID = 0x80, /* bit 7 */
179 SHISHI_TICKETFLAGS_RENEWABLE = 0x100, /* bit 8 */
180 SHISHI_TICKETFLAGS_INITIAL = 0x200, /* bit 9 */
181 SHISHI_TICKETFLAGS_PRE_AUTHENT = 0x400, /* bit 10 */
182 SHISHI_TICKETFLAGS_HW_AUTHENT = 0x800, /* bit 11 */
183 SHISHI_TICKETFLAGS_TRANSITED_POLICY_CHECKED = 0x1000, /* bit 12 */
184 SHISHI_TICKETFLAGS_OK_AS_DELEGATE = 0x2000 /* bit 13 */
185 }
186 Shishi_ticketflags;
187
188 typedef enum
189 {
190 SHISHI_KDCOPTIONS_RESERVED = 0x1, /* bit 0 */
191 SHISHI_KDCOPTIONS_FORWARDABLE = 0x2, /* bit 1 */
192 SHISHI_KDCOPTIONS_FORWARDED = 0x4, /* bit 2 */
193 SHISHI_KDCOPTIONS_PROXIABLE = 0x8, /* bit 3 */
194 SHISHI_KDCOPTIONS_PROXY = 0x10, /* bit 4 */
195 SHISHI_KDCOPTIONS_ALLOW_POSTDATE = 0x20, /* bit 5 */
196 SHISHI_KDCOPTIONS_POSTDATED = 0x40, /* bit 6 */
197 SHISHI_KDCOPTIONS_UNUSED7 = 0x80, /* bit 7 */
198 SHISHI_KDCOPTIONS_RENEWABLE = 0x100, /* bit 8 */
199 SHISHI_KDCOPTIONS_UNUSED9 = 0x200, /* bit 9 */
200 SHISHI_KDCOPTIONS_UNUSED10 = 0x400, /* bit 10 */
201 SHISHI_KDCOPTIONS_UNUSED11 = 0x800 /* bit 11 */
202 #define SHISHI_KDCOPTIONS_DISABLE_TRANSITED_CHECK 0x4000000 /* bit 26 */
203 #define SHISHI_KDCOPTIONS_RENEWABLE_OK 0x8000000 /* bit 27 */
204 #define SHISHI_KDCOPTIONS_ENC_TKT_IN_SKEY 0x10000000 /* bit 28 */
205 #define SHISHI_KDCOPTIONS_RENEW 0x40000000 /* bit 30 */
206 #define SHISHI_KDCOPTIONS_VALIDATE 0x80000000 /* bit 31 */
207 }
208 Shishi_KDCOptions;
209
210 typedef enum
211 {
212 /* 0 unused */
213 /* 1 Ticket PDU */
214 /* 2 Authenticator non-PDU */
215 /* 3 EncTicketPart non-PDU */
216 /* 4-9 unused */
217 /* Request for initial authentication */
218 SHISHI_MSGTYPE_AS_REQ = 10,
219 /* Response to SHISHI_MSGTYPE_AS_REQ request */
220 SHISHI_MSGTYPE_AS_REP = 11,
221 /* Request for authentication based on TGT */
222 SHISHI_MSGTYPE_TGS_REQ = 12,
223 /* Response to SHISHI_MSGTYPE_TGS_REQ request */
224 SHISHI_MSGTYPE_TGS_REP = 13,
225 /* application request to server */
226 SHISHI_MSGTYPE_AP_REQ = 14,
227 /* Response to SHISHI_MSGTYPE_AP_REQ_MUTUAL */
228 SHISHI_MSGTYPE_AP_REP = 15,
229 /* Reserved for user-to-user krb_tgt_request */
230 SHISHI_MSGTYPE_RESERVED16 = 16,
231 /* Reserved for user-to-user krb_tgt_reply */
232 SHISHI_MSGTYPE_RESERVED17 = 17,
233 /* 18-19 unused */
234 /* Safe (checksummed) application message */
235 SHISHI_MSGTYPE_SAFE = 20,
236 /* Private (encrypted) application message */
237 SHISHI_MSGTYPE_PRIV = 21,
238 /* Private (encrypted) message to forward credentials */
239 SHISHI_MSGTYPE_CRED = 22,
240 /* 23-24 unused */
241 /* 25 EncASRepPart non-PDU */
242 /* 26 EncTGSRepPart non-PDU */
243 /* 27 EncApRepPart non-PDU */
244 /* 28 EncKrbPrivPart non-PDU */
245 /* 29 EncKrbCredPart non-PDU */
246 /* Error response */
247 SHISHI_MSGTYPE_ERROR = 30
248 }
249 Shishi_msgtype;
250
251 typedef enum
252 {
253 SHISHI_LRTYPE_LAST_INITIAL_TGT_REQUEST = 1,
254 SHISHI_LRTYPE_LAST_INITIAL_REQUEST = 2,
255 SHISHI_LRTYPE_NEWEST_TGT_ISSUE = 3,
256 SHISHI_LRTYPE_LAST_RENEWAL = 4,
257 SHISHI_LRTYPE_LAST_REQUEST = 5
258 }
259 Shishi_lrtype;
260
261 typedef enum
262 {
263 SHISHI_NULL = 0,
264 SHISHI_DES_CBC_CRC = 1,
265 SHISHI_DES_CBC_MD4 = 2,
266 SHISHI_DES_CBC_MD5 = 3,
267 SHISHI_DES_CBC_NONE = 4,
268 SHISHI_DES3_CBC_NONE = 6,
269 SHISHI_DES3_CBC_HMAC_SHA1_KD = 16,
270 SHISHI_AES128_CTS_HMAC_SHA1_96 = 17,
271 SHISHI_AES256_CTS_HMAC_SHA1_96 = 18,
272 SHISHI_ARCFOUR_HMAC = 23,
273 SHISHI_ARCFOUR_HMAC_EXP = 24
274 }
275 Shishi_etype;
276
277 typedef enum
278 {
279 SHISHI_CRC32 = 1,
280 SHISHI_RSA_MD4 = 2,
281 SHISHI_RSA_MD4_DES = 3,
282 SHISHI_DES_MAC = 4,
283 SHISHI_DES_MAC_K = 5,
284 SHISHI_RSA_MD4_DES_K = 6,
285 SHISHI_RSA_MD5 = 7,
286 SHISHI_RSA_MD5_DES = 8,
287 SHISHI_RSA_MD5_DES_GSS = 9, /* XXX */
288 SHISHI_HMAC_SHA1_DES3_KD = 12,
289 SHISHI_HMAC_SHA1_96_AES128 = 15,
290 SHISHI_HMAC_SHA1_96_AES256 = 16,
291 SHISHI_ARCFOUR_HMAC_MD5 = -138,
292 SHISHI_KRB5_GSSAPI_CKSUM = 8003,
293 SHISHI_NO_CKSUMTYPE = -1
294 }
295 Shishi_cksumtype;
296
297 typedef enum
298 {
299 SHISHI_FILETYPE_TEXT = 0,
300 SHISHI_FILETYPE_DER,
301 SHISHI_FILETYPE_HEX,
302 SHISHI_FILETYPE_BASE64,
303 SHISHI_FILETYPE_BINARY
304 }
305 Shishi_filetype;
306
307 typedef enum
308 {
309 SHISHI_OUTPUTTYPE_NULL = 0,
310 SHISHI_OUTPUTTYPE_STDERR,
311 SHISHI_OUTPUTTYPE_SYSLOG
312 }
313 Shishi_outputtype;
314
315 typedef enum
316 {
317 SHISHI_AUTHORIZATION_BASIC = 0,
318 SHISHI_AUTHORIZATION_K5LOGIN
319 }
320 Shishi_authorization;
321
322 typedef enum
323 {
324 /* 1. AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
325 client key */
326 SHISHI_KEYUSAGE_ASREQ_PA_ENC_TIMESTAMP = 1,
327 /* 2. AS-REP Ticket and TGS-REP Ticket (includes TGS session key or
328 application session key), encrypted with the service key */
329 SHISHI_KEYUSAGE_ENCTICKETPART = 2,
330 /* 3. AS-REP encrypted part (includes TGS session key or application
331 session key), encrypted with the client key */
332 SHISHI_KEYUSAGE_ENCASREPPART = 3,
333 /* 4. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
334 session key */
335 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_SESSION_KEY = 4,
336 /* 5. TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS
337 authenticator subkey (section 5.4.1) */
338 SHISHI_KEYUSAGE_TGSREQ_AUTHORIZATIONDATA_TGS_AUTHENTICATOR_KEY = 5,
339 /* 6. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the
340 TGS session key */
341 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR_CKSUM = 6,
342 /* 7. TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS
343 authenticator subkey), encrypted with the TGS session key */
344 SHISHI_KEYUSAGE_TGSREQ_APREQ_AUTHENTICATOR = 7,
345 /* 8. TGS-REP encrypted part (includes application session key), encrypted
346 with the TGS session key */
347 SHISHI_KEYUSAGE_ENCTGSREPPART_SESSION_KEY = 8,
348 /* 9. TGS-REP encrypted part (includes application session key), encrypted
349 with the TGS authenticator subkey */
350 SHISHI_KEYUSAGE_ENCTGSREPPART_AUTHENTICATOR_KEY = 9,
351 /* 10. AP-REQ Authenticator cksum, keyed with the application
352 session key */
353 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR_CKSUM = 10,
354 /* 11. AP-REQ Authenticator (includes application authenticator subkey),
355 encrypted with the application session key */
356 SHISHI_KEYUSAGE_APREQ_AUTHENTICATOR = 11,
357 /* 12. AP-REP encrypted part (includes application session subkey),
358 encrypted with the application session key */
359 SHISHI_KEYUSAGE_ENCAPREPPART = 12,
360 /* 13. KRB-PRIV encrypted part, encrypted with a key chosen by the
361 application */
362 SHISHI_KEYUSAGE_KRB_PRIV = 13,
363 /* 14. KRB-CRED encrypted part, encrypted with a key chosen by the
364 application */
365 SHISHI_KEYUSAGE_KRB_CRED = 14,
366 /* 15. KRB-SAFE cksum, keyed with a key chosen by the application */
367 SHISHI_KEYUSAGE_KRB_SAFE = 15,
368 /* 18. KRB-ERROR checksum (e-cksum) */
369 SHISHI_KEYUSAGE_KRB_ERROR = 18,
370 /* 19. AD-KDCIssued checksum (ad-checksum) */
371 SHISHI_KEYUSAGE_AD_KDCISSUED = 19,
372 /* 20. Checksum for Mandatory Ticket Extensions */
373 SHISHI_KEYUSAGE_TICKET_EXTENSION = 20,
374 /* 21. Checksum in Authorization Data in Ticket Extensions */
375 SHISHI_KEYUSAGE_TICKET_EXTENSION_AUTHORIZATION = 21,
376 /* 22-24. Reserved for use in GSSAPI mechanisms derived from RFC 1964.
377 (raeburn/MIT) */
378 SHISHI_KEYUSAGE_GSS_R1 = 22,
379 SHISHI_KEYUSAGE_GSS_R2 = 23,
380 SHISHI_KEYUSAGE_GSS_R3 = 24,
381 /* draft-ietf-krb-wg-gssapi-cfx */
382 SHISHI_KEYUSAGE_ACCEPTOR_SEAL = 22,
383 SHISHI_KEYUSAGE_ACCEPTOR_SIGN = 23,
384 SHISHI_KEYUSAGE_INITIATOR_SEAL = 24,
385 SHISHI_KEYUSAGE_INITIATOR_SIGN = 25,
386 /* 16-18,20-21,25-511. Reserved for future use. */
387 /* 512-1023. Reserved for uses internal implementations. */
388 /* 1024. Encryption for application use in protocols that
389 do not specify key usage values */
390 /* 1025. Checksums for application use in protocols that
391 do not specify key usage values */
392 /* 1026-2047. Reserved for application use.
393 1026,1028,1030,1032,1034 used in KCMD protocol */
394 SHISHI_KEYUSAGE_KCMD_DES = 1026,
395 SHISHI_KEYUSAGE_KCMD_INPUT = 1028,
396 SHISHI_KEYUSAGE_KCMD_OUTPUT = 1030,
397 SHISHI_KEYUSAGE_KCMD_STDERR_INPUT = 1032,
398 SHISHI_KEYUSAGE_KCMD_STDERR_OUTPUT = 1034
399 }
400 Shishi_keyusage;
401
402 typedef enum
403 {
404 /* No error */
405 SHISHI_KDC_ERR_NONE = 0,
406 /* Client's entry in database has expired */
407 SHISHI_KDC_ERR_NAME_EXP = 1,
408 /* Server's entry in database has expired */
409 SHISHI_KDC_ERR_SERVICE_EXP = 2,
410 /* Requested protocol version number - not supported */
411 SHISHI_KDC_ERR_BAD_PVNO = 3,
412 /* Client's key encrypted in old master key */
413 SHISHI_KDC_ERR_C_OLD_MAST_KVNO = 4,
414 /* Server's key encrypted in old master key */
415 SHISHI_KDC_ERR_S_OLD_MAST_KVNO = 5,
416 /* Client not found in database */
417 SHISHI_KDC_ERR_C_PRINCIPAL_UNKNOWN = 6,
418 /* Server not found in database */
419 SHISHI_KDC_ERR_S_PRINCIPAL_UNKNOWN = 7,
420 /* Multiple principal entries in database */
421 SHISHI_KDC_ERR_PRINCIPAL_NOT_UNIQUE = 8,
422 /* The client or server has a null key */
423 SHISHI_KDC_ERR_NULL_KEY = 9,
424 /* Ticket not eligible for postdating */
425 SHISHI_KDC_ERR_CANNOT_POSTDATE = 10,
426 /* Requested start time is later than end time */
427 SHISHI_KDC_ERR_NEVER_VALID = 11,
428 /* KDC policy rejects request */
429 SHISHI_KDC_ERR_POLICY = 12,
430 /* KDC cannot accommodate requested option */
431 SHISHI_KDC_ERR_BADOPTION = 13,
432 /* KDC has no support for encryption type */
433 SHISHI_KDC_ERR_ETYPE_NOSUPP = 14,
434 /* KDC has no support for checksum type */
435 SHISHI_KDC_ERR_SUMTYPE_NOSUPP = 15,
436 /* KDC has no support for padata type */
437 SHISHI_KDC_ERR_PADATA_TYPE_NOSUPP = 16,
438 /* KDC has no support for transited type */
439 SHISHI_KDC_ERR_TRTYPE_NOSUPP = 17,
440 /* Clients credentials have been revoked */
441 SHISHI_KDC_ERR_CLIENT_REVOKED = 18,
442 /* Credentials for server have been revoked */
443 SHISHI_KDC_ERR_SERVICE_REVOKED = 19,
444 /* TGT has been revoked */
445 SHISHI_KDC_ERR_TGT_REVOKED = 20,
446 /* Client not yet valid - try again later */
447 SHISHI_KDC_ERR_CLIENT_NOTYET = 21,
448 /* Server not yet valid - try again later */
449 SHISHI_KDC_ERR_SERVICE_NOTYET = 22,
450 /* Password has expired - change password to reset */
451 SHISHI_KDC_ERR_KEY_EXPIRED = 23,
452 /* Pre-authentication information was invalid */
453 SHISHI_KDC_ERR_PREAUTH_FAILED = 24,
454 /* Additional pre-authenticationrequired */
455 SHISHI_KDC_ERR_PREAUTH_REQUIRED = 25,
456 /* Requested server and ticket don't match */
457 SHISHI_KDC_ERR_SERVER_NOMATCH = 26,
458 /* Server principal valid for user = 2,user only */
459 SHISHI_KDC_ERR_MUST_USE_USER2USER = 27,
460 /* KDC Policy rejects transited path */
461 SHISHI_KDC_ERR_PATH_NOT_ACCPETED = 28,
462 /* A service is not available */
463 SHISHI_KDC_ERR_SVC_UNAVAILABLE = 29,
464 /* Integrity check on decrypted field failed */
465 SHISHI_KRB_AP_ERR_BAD_INTEGRITY = 31,
466 /* Ticket expired */
467 SHISHI_KRB_AP_ERR_TKT_EXPIRED = 32,
468 /* Ticket not yet valid */
469 SHISHI_KRB_AP_ERR_TKT_NYV = 33,
470 /* Request is a replay */
471 SHISHI_KRB_AP_ERR_REPEAT = 34,
472 /* The ticket isn't for us */
473 SHISHI_KRB_AP_ERR_NOT_US = 35,
474 /* Ticket and authenticator don't match */
475 SHISHI_KRB_AP_ERR_BADMATCH = 36,
476 /* Clock skew too great */
477 SHISHI_KRB_AP_ERR_SKEW = 37,
478 /* Incorrect net address */
479 SHISHI_KRB_AP_ERR_BADADDR = 38,
480 /* Protocol version mismatch */
481 SHISHI_KRB_AP_ERR_BADVERSION = 39,
482 /* Invalid msg type */
483 SHISHI_KRB_AP_ERR_MSG_TYPE = 40,
484 /* Message stream modified */
485 SHISHI_KRB_AP_ERR_MODIFIED = 41,
486 /* Message out of order */
487 SHISHI_KRB_AP_ERR_BADORDER = 42,
488 /* Specified version of key is not available */
489 SHISHI_KRB_AP_ERR_BADKEYVER = 44,
490 /* Service key not available */
491 SHISHI_KRB_AP_ERR_NOKEY = 45,
492 /* Mutual authentication failed */
493 SHISHI_KRB_AP_ERR_MUT_FAIL = 46,
494 /* Incorrect message direction */
495 SHISHI_KRB_AP_ERR_BADDIRECTION = 47,
496 /* Alternative authentication method required */
497 SHISHI_KRB_AP_ERR_METHOD = 48,
498 /* Incorrect sequence number in message */
499 SHISHI_KRB_AP_ERR_BADSEQ = 49,
500 /* Inappropriate type of checksum in message */
501 SHISHI_KRB_AP_ERR_INAPP_CKSUM = 50,
502 /* Policy rejects transited path */
503 SHISHI_KRB_AP_PATH_NOT_ACCEPTED = 51,
504 /* Response too big for UDP, retry with TCP */
505 SHISHI_KRB_ERR_RESPONSE_TOO_BIG = 52,
506 /* Generic error (description in e-text) */
507 SHISHI_KRB_ERR_GENERIC = 60,
508 /* Field is too long for this implementation */
509 SHISHI_KRB_ERR_FIELD_TOOLONG = 61,
510 /* Reserved for PKINIT */
511 SHISHI_KDC_ERROR_CLIENT_NOT_TRUSTED = 62,
512 /* Reserved for PKINIT */
513 SHISHI_KDC_ERROR_KDC_NOT_TRUSTED = 63,
514 /* Reserved for PKINIT */
515 SHISHI_KDC_ERROR_INVALID_SIG = 64,
516 /* Reserved for PKINIT */
517 SHISHI_KDC_ERR_KEY_TOO_WEAK = 65,
518 /* Reserved for PKINIT */
519 SHISHI_KDC_ERR_CERTIFICATE_MISMATCH = 66,
520 /* No TGT available to validate USER-TO-USER */
521 SHISHI_KRB_AP_ERR_NO_TGT = 67,
522 /* USER-TO-USER TGT issued different KDC */
523 SHISHI_KDC_ERR_WRONG_REALM = 68,
524 /* Ticket must be for USER-TO-USER */
525 SHISHI_KRB_AP_ERR_USER_TO_USER_REQUIRED = 69,
526 /* Reserved for PKINIT */
527 SHISHI_KDC_ERR_CANT_VERIFY_CERTIFICATE = 70,
528 /* Reserved for PKINIT */
529 SHISHI_KDC_ERR_INVALID_CERTIFICATE = 71,
530 /* Reserved for PKINIT */
531 SHISHI_KDC_ERR_REVOKED_CERTIFICATE = 72,
532 /* Reserved for PKINIT */
533 SHISHI_KDC_ERR_REVOCATION_STATUS_UNKNOWN = 73,
534 /* Reserved for PKINIT */
535 SHISHI_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE = 74,
536 /* Reserved for PKINIT */
537 SHISHI_KDC_ERR_CLIENT_NAME_MISMATCH = 75,
538 /* Reserved for PKINIT */
539 SHISHI_KDC_ERR_KDC_NAME_MISMATCH = 76,
540 SHISHI_LAST_ERROR_CODE = 76
541 }
542 Shishi_krb_error;
543
544 typedef enum
545 {
546 SHISHI_TKTSHINTFLAGS_ACCEPT_EXPIRED = 1
547 }
548 Shishi_tkts_hintflags;
549
550 struct Shishi_tkts_hint
551 {
552 int startpos;
553 char *server;
554 char *serverrealm;
555 char *client;
556 char *clientrealm;
557 int flags;
558 Shishi_ticketflags tktflags;
559 Shishi_KDCOptions kdcoptions;
560 int32_t etype;
561 char *passwd;
562 time_t starttime;
563 time_t endtime;
564 time_t renew_till;
565 int32_t preauthetype;
566 char *preauthsalt;
567 size_t preauthsaltlen;
568 char *preauths2kparams;
569 size_t preauths2kparamslen;
570 };
571 typedef struct Shishi_tkts_hint Shishi_tkts_hint;
572
573 /* resolv.c */
574 #define SHISHI_DNS_TXT 16
575 #define SHISHI_DNS_SRV 33
576
577 struct Shishi_dns_st
578 {
579 struct Shishi_dns_st *next;
580
581 uint16_t class;
582 uint16_t type;
583 uint32_t ttl;
584
585 void *rr;
586 };
587 typedef struct Shishi_dns_st *Shishi_dns;
588
589 struct Shishi_dns_srv_st
590 {
591 uint16_t priority;
592 uint16_t weight;
593 uint16_t port;
594
595 char name[256];
596 };
597 typedef struct Shishi_dns_srv_st *Shishi_dns_srv;
598
599 typedef struct Shishi Shishi;
600 typedef struct Shishi_tkt Shishi_tkt;
601 typedef struct Shishi_tkts Shishi_tkts;
602 typedef struct Shishi_as Shishi_as;
603 typedef struct Shishi_tgs Shishi_tgs;
604 typedef struct Shishi_ap Shishi_ap;
605 typedef struct Shishi_key Shishi_key;
606 typedef struct Shishi_keys Shishi_keys;
607 typedef struct Shishi_safe Shishi_safe;
608 typedef struct Shishi_priv Shishi_priv;
609 #ifndef _SHISHI_HAS_LIBTASN1_H
610 typedef struct node_asn_struct *ASN1_TYPE;
611 #endif
612 typedef ASN1_TYPE Shishi_asn1;
613 typedef struct Shishi_crypto Shishi_crypto;
614
615 #define SHISHI_GENERALIZEDTIME_LENGTH 15
616 #define SHISHI_GENERALIZEDTIMEZ_LENGTH (SHISHI_GENERALIZEDTIME_LENGTH + 1)
617
618 /* If non-NULL, call this function when memory is exhausted. */
619 extern void (*shishi_alloc_fail_function) (void);
620
621 /* init.c */
622 extern Shishi *shishi (void);
623 extern Shishi *shishi_server (void);
624 extern void shishi_done (Shishi * handle);
625 extern int shishi_init (Shishi ** handle);
626 extern int shishi_init_with_paths (Shishi ** handle,
627 const char *tktsfile,
628 const char *systemcfgfile,
629 const char *usercfgfile);
630 extern int shishi_init_server (Shishi ** handle);
631 extern int shishi_init_server_with_paths (Shishi ** handle,
632 const char *systemcfgfile);
633
634 /* cfg.c */
635 extern int shishi_cfg (Shishi * handle, char *option);
636 extern int shishi_cfg_from_file (Shishi * handle, const char *cfg);
637 extern int shishi_cfg_print (Shishi * handle, FILE * fh);
638 extern const char *shishi_cfg_default_systemfile (Shishi * handle);
639 extern const char *shishi_cfg_default_userdirectory (Shishi * handle);
640 extern const char *shishi_cfg_default_userfile (Shishi * handle);
641 extern char *shishi_cfg_userdirectory_file (Shishi * handle,
642 const char *file);
643 extern int shishi_cfg_clientkdcetype (Shishi * handle, int32_t ** etypes);
644 extern int32_t shishi_cfg_clientkdcetype_fast (Shishi * handle);
645 extern int shishi_cfg_clientkdcetype_set (Shishi * handle, char *value);
646 extern int shishi_cfg_authorizationtype_set (Shishi * handle, char *value);
647
648 /* error.c */
649 extern const char *shishi_strerror (int err);
650 extern const char *shishi_error (Shishi * handle);
651 extern void shishi_error_clear (Shishi * handle);
652 extern void shishi_error_set (Shishi * handle, const char *errstr);
653 extern void shishi_error_printf (Shishi * handle, const char *format, ...);
654 extern int shishi_error_outputtype (Shishi * handle);
655 extern void shishi_error_set_outputtype (Shishi * handle, int type);
656 extern void shishi_info (Shishi * handle, const char *format, ...);
657 extern void shishi_warn (Shishi * handle, const char *format, ...);
658 extern void shishi_verbose (Shishi * handle, const char *format, ...);
659
660 /* realm.c */
661 extern char *shishi_realm_default_guess (void);
662 extern const char *shishi_realm_default (Shishi * handle);
663 extern void shishi_realm_default_set (Shishi * handle, const char *realm);
664 extern char *shishi_realm_for_server_file (Shishi * handle, char *server);
665 extern char *shishi_realm_for_server_dns (Shishi * handle, char *server);
666 extern char *shishi_realm_for_server (Shishi * handle, char *server);
667
668 /* principal.c */
669 extern char *shishi_principal_default_guess (void);
670 extern const char *shishi_principal_default (Shishi * handle);
671 extern void shishi_principal_default_set (Shishi * handle,
672 const char *principal);
673 extern int shishi_principal_name (Shishi * handle,
674 Shishi_asn1 namenode,
675 const char *namefield,
676 char **out, size_t * outlen);
677 extern int shishi_principal_name_realm (Shishi * handle,
678 Shishi_asn1 namenode,
679 const char *namefield,
680 Shishi_asn1 realmnode,
681 const char *realmfield,
682 char **out, size_t * outlen);
683 extern int shishi_principal_name_set (Shishi * handle,
684 Shishi_asn1 namenode,
685 const char *namefield,
686 Shishi_name_type name_type,
687 const char *name[]);
688 extern int shishi_principal_set (Shishi * handle,
689 Shishi_asn1 namenode,
690 const char *namefield, const char *name);
691 extern int shishi_parse_name (Shishi * handle, const char *name,
692 char **principal, char **realm);
693 extern int shishi_derive_default_salt (Shishi * handle,
694 const char *name,
695 char **salt);
696 extern char *shishi_server_for_local_service (Shishi * handle,
697 const char *service);
698
699 /* ticket.c */
700 extern Shishi_asn1 shishi_ticket (Shishi * handle);
701 extern int shishi_ticket_server (Shishi * handle, Shishi_asn1 ticket,
702 char **server, size_t * serverlen);
703 extern int shishi_ticket_sname_set (Shishi * handle,
704 Shishi_asn1 ticket,
705 Shishi_name_type name_type,
706 char *sname[]);
707 extern int shishi_ticket_srealmserver_set (Shishi * handle,
708 Shishi_asn1 ticket,
709 const char *realm,
710 const char *server);
711 extern int shishi_ticket_set_server (Shishi * handle, Shishi_asn1 ticket,
712 const char *server);
713 extern int shishi_ticket_realm_get (Shishi * handle,
714 Shishi_asn1 ticket,
715 char **realm, size_t * realmlen);
716 extern int shishi_ticket_realm_set (Shishi * handle, Shishi_asn1 ticket,
717 const char *realm);
718 extern int shishi_ticket_get_enc_part_etype (Shishi * handle,
719 Shishi_asn1 ticket,
720 int32_t * etype);
721 extern int shishi_ticket_set_enc_part (Shishi * handle, Shishi_asn1 ticket,
722 int32_t etype, uint32_t kvno,
723 const char *buf, size_t buflen);
724 extern int shishi_ticket_add_enc_part (Shishi * handle, Shishi_asn1 ticket,
725 Shishi_key * key,
726 Shishi_asn1 encticketpart);
727 extern int shishi_ticket_decrypt (Shishi * handle, Shishi_asn1 ticket,
728 Shishi_key * key,
729 Shishi_asn1 * encticketpart);
730
731 /* tkt.c */
732 extern Shishi_asn1 shishi_tkt_ticket (Shishi_tkt * tkt);
733 extern void shishi_tkt_ticket_set (Shishi_tkt * tkt, Shishi_asn1 ticket);
734 extern Shishi_asn1 shishi_tkt_kdcrep (Shishi_tkt * tkt);
735 extern Shishi_asn1 shishi_tkt_enckdcreppart (Shishi_tkt * tkt);
736 extern void shishi_tkt_enckdcreppart_set (Shishi_tkt * tkt,
737 Shishi_asn1 enckdcreppart);
738 extern Shishi_asn1 shishi_tkt_encticketpart (Shishi_tkt * tkt);
739 extern void shishi_tkt_encticketpart_set (Shishi_tkt * tkt,
740 Shishi_asn1 encticketpart);
741 extern Shishi_key *shishi_tkt_key (Shishi_tkt * tkt);
742 extern int shishi_tkt_key_set (Shishi_tkt * tkt, Shishi_key * key);
743 extern int shishi_tkt (Shishi * handle, Shishi_tkt ** tkt);
744 extern Shishi_tkt *shishi_tkt2 (Shishi * handle,
745 Shishi_asn1 ticket,
746 Shishi_asn1 enckdcreppart,
747 Shishi_asn1 kdcrep);
748 extern void shishi_tkt_pretty_print (Shishi_tkt * tkt, FILE * fh);
749 extern int shishi_tkt_realm (Shishi_tkt * tkt, char **realm,
750 size_t * realmlen);
751 extern int shishi_tkt_client (Shishi_tkt * tkt,
752 char **client, size_t * clientlen);
753 extern int shishi_tkt_client_p (Shishi_tkt * tkt, const char *client);
754 extern int shishi_tkt_clientrealm (Shishi_tkt * tkt,
755 char **client, size_t *clientlen);
756 extern int shishi_tkt_clientrealm_p (Shishi_tkt * tkt, const char *client);
757 extern int shishi_tkt_clientrealm_set (Shishi_tkt * tkt,
758 const char *realm, const char *client);
759 extern int shishi_tkt_serverrealm_set (Shishi_tkt * tkt,
760 const char *realm, const char *server);
761 extern int shishi_tkt_build (Shishi_tkt * tkt, Shishi_key * key);
762 extern int shishi_tkt_lastreq (Shishi_tkt * tkt,
763 char **lrtime, size_t * lrtimelen,
764 int32_t lrtype);
765 extern time_t shishi_tkt_lastreqc (Shishi_tkt * tkt, Shishi_lrtype lrtype);
766 extern void shishi_tkt_lastreq_pretty_print (Shishi_tkt * tkt, FILE * fh);
767 extern int shishi_tkt_authtime (Shishi_tkt * tkt,
768 char **authtime, size_t * authtimelen);
769 extern time_t shishi_tkt_authctime (Shishi_tkt * tkt);
770 extern int shishi_tkt_starttime (Shishi_tkt * tkt,
771 char **starttime, size_t * starttimelen);
772 extern time_t shishi_tkt_startctime (Shishi_tkt * tkt);
773 extern int shishi_tkt_endtime (Shishi_tkt * tkt,
774 char **endtime, size_t * endtimelen);
775 extern time_t shishi_tkt_endctime (Shishi_tkt * tkt);
776 extern int shishi_tkt_renew_till (Shishi_tkt * tkt,
777 char **renewtilltime,
778 size_t * renewtilllen);
779 extern time_t shishi_tkt_renew_tillc (Shishi_tkt * tkt);
780 extern int shishi_tkt_keytype (Shishi_tkt * tkt, int32_t * etype);
781 extern int32_t shishi_tkt_keytype_fast (Shishi_tkt * tkt);
782 extern int shishi_tkt_keytype_p (Shishi_tkt * tkt, int32_t etype);
783 extern int shishi_tkt_server (Shishi_tkt * tkt,
784 char **server, size_t * serverlen);
785 extern int shishi_tkt_server_p (Shishi_tkt * tkt, const char *server);
786 extern int shishi_tkt_valid_at_time_p (Shishi_tkt * tkt, time_t now);
787 extern int shishi_tkt_valid_now_p (Shishi_tkt * tkt);
788 extern int shishi_tkt_expired_p (Shishi_tkt * tkt);
789 extern int shishi_tkt_decrypt (Shishi_tkt * tkt, Shishi_key * key);
790 extern void shishi_tkt_done (Shishi_tkt * tkt);
791 extern int shishi_tkt_flags (Shishi_tkt * tkt, uint32_t * flags);
792 extern int shishi_tkt_flags_set (Shishi_tkt * tkt, uint32_t flags);
793 extern int shishi_tkt_flags_add (Shishi_tkt * tkt, uint32_t flag);
794 extern int shishi_tkt_forwardable_p (Shishi_tkt * tkt);
795 extern int shishi_tkt_forwarded_p (Shishi_tkt * tkt);
796 extern int shishi_tkt_proxiable_p (Shishi_tkt * tkt);
797 extern int shishi_tkt_proxy_p (Shishi_tkt * tkt);
798 extern int shishi_tkt_may_postdate_p (Shishi_tkt * tkt);
799 extern int shishi_tkt_postdated_p (Shishi_tkt * tkt);
800 extern int shishi_tkt_invalid_p (Shishi_tkt * tkt);
801 extern int shishi_tkt_renewable_p (Shishi_tkt * tkt);
802 extern int shishi_tkt_initial_p (Shishi_tkt * tkt);
803 extern int shishi_tkt_pre_authent_p (Shishi_tkt * tkt);
804 extern int shishi_tkt_hw_authent_p (Shishi_tkt * tkt);
805 extern int shishi_tkt_transited_policy_checked_p (Shishi_tkt * tkt);
806 extern int shishi_tkt_ok_as_delegate_p (Shishi_tkt * tkt);
807
808 /* tkts.c */
809 extern char *shishi_tkts_default_file_guess (Shishi * handle);
810 extern const char *shishi_tkts_default_file (Shishi * handle);
811 extern void shishi_tkts_default_file_set (Shishi * handle,
812 const char *tktsfile);
813 extern Shishi_tkts *shishi_tkts_default (Shishi * handle);
814 extern int shishi_tkts_default_to_file (Shishi_tkts * tkts);
815 extern int shishi_tkts (Shishi * handle, Shishi_tkts ** tkts);
816 extern Shishi_tkt *shishi_tkts_nth (Shishi_tkts * tkts, int ticketno);
817 extern int shishi_tkts_size (Shishi_tkts * tkts);
818 extern int shishi_tkts_add (Shishi_tkts * tkts, Shishi_tkt * tkt);
819 extern int shishi_tkts_new (Shishi_tkts * tkts,
820 Shishi_asn1 ticket,
821 Shishi_asn1 enckdcreppart, Shishi_asn1 kdcrep);
822 extern int shishi_tkts_remove (Shishi_tkts * tkts, int ticketno);
823 extern int shishi_tkts_expire (Shishi_tkts * tkts);
824 extern int shishi_tkts_print_for_service (Shishi_tkts * tkts,
825 FILE * fh, const char *service);
826 extern int shishi_tkts_print (Shishi_tkts * tkts, FILE * fh);
827 extern int shishi_tkts_write (Shishi_tkts * tkts, FILE * fh);
828 extern int shishi_tkts_to_file (Shishi_tkts * tkts, const char *filename);
829 extern int shishi_tkts_read (Shishi_tkts * tkts, FILE * fh);
830 extern int shishi_tkts_from_file (Shishi_tkts * tkts, const char *filename);
831 extern void shishi_tkts_done (Shishi_tkts ** tkts);
832 extern int shishi_tkt_match_p (Shishi_tkt * tkt, Shishi_tkts_hint * hint);
833 extern Shishi_tkt *shishi_tkts_find (Shishi_tkts * tkts,
834 Shishi_tkts_hint * hint);
835 extern Shishi_tkt *shishi_tkts_find_for_clientserver (Shishi_tkts * tkts,
836 const char *client,
837 const char *server);
838 extern Shishi_tkt *shishi_tkts_find_for_server (Shishi_tkts * tkts,
839 const char *server);
840 extern Shishi_tkt *shishi_tkts_get (Shishi_tkts * tkts,
841 Shishi_tkts_hint * hint);
842 extern Shishi_tkt *shishi_tkts_get_tgt (Shishi_tkts * tkts,
843 Shishi_tkts_hint * hint);
844 extern Shishi_tkt *shishi_tkts_get_tgs (Shishi_tkts * tkts,
845 Shishi_tkts_hint * hint,
846 Shishi_tkt * tgt);
847 extern Shishi_tkt *shishi_tkts_get_for_clientserver (Shishi_tkts * tkts,
848 const char *client,
849 const char *server);
850 extern Shishi_tkt *shishi_tkts_get_for_server (Shishi_tkts * tkts,
851 const char *server);
852 extern Shishi_tkt *shishi_tkts_get_for_localservicepasswd (Shishi_tkts * tkts,
853 const char
854 *service,
855 const char
856 *passwd);
857
858 /* tktccache.c */
859 extern char *shishi_tkts_default_ccache_guess (Shishi * handle);
860 extern const char *shishi_tkts_default_ccache (Shishi * handle);
861 extern void shishi_tkts_default_ccache_set (Shishi * handle,
862 const char *ccache);
863 extern int shishi_tkts_add_ccache_mem (Shishi * handle,
864 const char *data, size_t len,
865 Shishi_tkts *tkts);
866 extern int shishi_tkts_add_ccache_file (Shishi * handle,
867 const char *filename,
868 Shishi_tkts *tkts);
869 extern int shishi_tkts_from_ccache_mem (Shishi * handle,
870 const char *data, size_t len,
871 Shishi_tkts **outtkts);
872 extern int shishi_tkts_from_ccache_file (Shishi * handle,
873 const char *filename,
874 Shishi_tkts **outtkts);
875
876 /* diskio.c */
877 extern int
878 shishi_enckdcreppart_print (Shishi * handle,
879 FILE * fh, Shishi_asn1 enckdcreppart);
880 extern int
881 shishi_enckdcreppart_save (Shishi * handle,
882 FILE * fh, Shishi_asn1 enckdcreppart);
883 extern int
884 shishi_enckdcreppart_parse (Shishi * handle,
885 FILE * fh, Shishi_asn1 * enckdcreppart);
886 extern int
887 shishi_enckdcreppart_read (Shishi * handle,
888 FILE * fh, Shishi_asn1 * enckdcreppart);
889 extern int shishi_ticket_save (Shishi * handle, FILE * fh,
890 Shishi_asn1 ticket);
891 extern int shishi_ticket_print (Shishi * handle, FILE * fh,
892 Shishi_asn1 ticket);
893 extern int shishi_kdc_req_print (Shishi * handle, FILE * fh,
894 Shishi_asn1 asreq);
895 extern int shishi_kdc_rep_print (Shishi * handle, FILE * fh,
896 Shishi_asn1 asreq);
897 extern int shishi_kdc_print (Shishi * handle, FILE * fh, Shishi_asn1 asreq,
898 Shishi_asn1 asrep, Shishi_asn1 encasreppart);
899 extern int shishi_kdc_req_parse (Shishi * handle, FILE * fh,
900 Shishi_asn1 * asreq);
901 extern int shishi_kdc_rep_parse (Shishi * handle, FILE * fh,
902 Shishi_asn1 * asrep);
903 extern int shishi_ticket_parse (Shishi * handle, FILE * fh,
904 Shishi_asn1 * ticket);
905 extern int shishi_ticket_read (Shishi * handle, FILE * fh,
906 Shishi_asn1 * ticket);
907 extern int shishi_etype_info_print (Shishi * handle, FILE * fh,
908 Shishi_asn1 etypeinfo);
909 extern int shishi_etype_info2_print (Shishi * handle, FILE * fh,
910 Shishi_asn1 etypeinfo2);
911
912 /* authenticator.c */
913 extern Shishi_asn1 shishi_authenticator (Shishi * handle);
914 extern int shishi_authenticator_set_crealm (Shishi * handle,
915 Shishi_asn1 authenticator,
916 const char *crealm);
917 extern int shishi_authenticator_set_cname (Shishi * handle,
918 Shishi_asn1 authenticator,
919 Shishi_name_type name_type,
920 const char *cname[]);
921 extern int shishi_authenticator_client_set (Shishi * handle,
922 Shishi_asn1 authenticator,
923 const char *client);
924 extern int shishi_authenticator_ctime (Shishi * handle,
925 Shishi_asn1 authenticator, char **t);
926 extern int shishi_authenticator_ctime_set (Shishi * handle,
927 Shishi_asn1 authenticator,
928 const char *t);
929 extern int shishi_authenticator_cusec_get (Shishi * handle,
930 Shishi_asn1 authenticator,
931 uint32_t * cusec);
932 extern int shishi_authenticator_cusec_set (Shishi * handle,
933 Shishi_asn1 authenticator,
934 uint32_t cusec);
935 extern int shishi_authenticator_seqnumber_get (Shishi * handle,
936 Shishi_asn1 authenticator,
937 uint32_t * seqnumber);
938 extern int shishi_authenticator_seqnumber_remove (Shishi * handle,
939 Shishi_asn1 authenticator);
940 extern int shishi_authenticator_seqnumber_set (Shishi * handle,
941 Shishi_asn1 authenticator,
942 uint32_t seqnumber);
943 extern int shishi_authenticator_client (Shishi * handle,
944 Shishi_asn1 authenticator,
945 char **client, size_t *clientlen);
946 extern int shishi_authenticator_clientrealm (Shishi * handle,
947 Shishi_asn1 authenticator,
948 char **client, size_t *clientlen);
949 extern int shishi_authenticator_remove_cksum (Shishi * handle,
950 Shishi_asn1 authenticator);
951 extern int shishi_authenticator_cksum (Shishi * handle,
952 Shishi_asn1 authenticator,
953 int32_t * cksumtype,
954 char **cksum, size_t * cksumlen);
955 extern int shishi_authenticator_set_cksum (Shishi * handle,
956 Shishi_asn1 authenticator,
957 int cksumtype,
958 char *cksum, size_t cksumlen);
959 extern int shishi_authenticator_add_cksum (Shishi * handle,
960 Shishi_asn1 authenticator,
961 Shishi_key * key,
962 int keyusage,
963 char *data, size_t datalen);
964 extern int
965 shishi_authenticator_add_cksum_type (Shishi * handle,
966 Shishi_asn1 authenticator,
967 Shishi_key * key,
968 int keyusage, int cksumtype,
969 char *data, size_t datalen);
970 extern int
971 shishi_authenticator_remove_subkey (Shishi * handle,
972 Shishi_asn1 authenticator);
973 extern Shishi_asn1 shishi_authenticator_subkey (Shishi * handle);
974 extern int
975 shishi_authenticator_get_subkey (Shishi * handle,
976 Shishi_asn1 authenticator,
977 Shishi_key ** subkey);
978 extern int
979 shishi_authenticator_set_subkey (Shishi * handle,
980 Shishi_asn1 authenticator,
981 int32_t subkeytype,
982 char *subkey, size_t subkeylen);
983 extern int
984 shishi_authenticator_add_random_subkey (Shishi * handle,
985 Shishi_asn1 authenticator);
986 extern int
987 shishi_authenticator_add_random_subkey_etype (Shishi * handle,
988 Shishi_asn1 authenticator,
989 int etype);
990 extern int
991 shishi_authenticator_add_subkey (Shishi * handle,
992 Shishi_asn1 authenticator,
993 Shishi_key * subkey);
994 extern int
995 shishi_authenticator_clear_authorizationdata (Shishi * handle,
996 Shishi_asn1 authenticator);
997 extern int
998 shishi_authenticator_add_authorizationdata (Shishi * handle,
999 Shishi_asn1 authenticator,
1000 int32_t adtype,
1001 const char *addata,
1002 size_t addatalen);
1003 extern int
1004 shishi_authenticator_authorizationdata (Shishi * handle,
1005 Shishi_asn1 authenticator,
1006 int32_t * adtype,
1007 char **addata, size_t * addatalen,
1008 size_t nth);
1009 extern int shishi_authenticator_read (Shishi * handle, FILE * fh,
1010 Shishi_asn1 * authenticator);
1011 extern int shishi_authenticator_parse (Shishi * handle, FILE * fh,
1012 Shishi_asn1 * authenticator);
1013 extern int shishi_authenticator_from_file (Shishi * handle,
1014 Shishi_asn1 * authenticator,
1015 int filetype,
1016 const char *filename);
1017 extern int shishi_authenticator_print (Shishi * handle, FILE * fh,
1018 Shishi_asn1 authenticator);
1019 extern int shishi_authenticator_to_file (Shishi * handle,
1020 Shishi_asn1 authenticator,
1021 int filetype, const char *filename);
1022 extern int shishi_authenticator_save (Shishi * handle, FILE * fh,
1023 Shishi_asn1 authenticator);
1024
1025 /* as.c */
1026 extern int shishi_as (Shishi * handle, Shishi_as ** as);
1027 extern void shishi_as_done (Shishi_as * as);
1028 extern Shishi_asn1 shishi_as_req (Shishi_as * as);
1029 extern int shishi_as_req_build (Shishi_as * as);
1030 extern void shishi_as_req_set (Shishi_as * as, Shishi_asn1 asreq);
1031 extern int shishi_as_req_der (Shishi_as * as, char **out, size_t * outlen);
1032 extern int shishi_as_req_der_set (Shishi_as * as, char *der, size_t derlen);
1033 extern Shishi_asn1 shishi_as_rep (Shishi_as * as);
1034 extern void shishi_as_rep_set (Shishi_as * as, Shishi_asn1 asrep);
1035 extern int shishi_as_rep_build (Shishi_as * as, Shishi_key * key);
1036 extern int shishi_as_rep_der (Shishi_as * as, char **out, size_t * outlen);
1037 extern int shishi_as_rep_der_set (Shishi_as * as, char *der, size_t derlen);
1038 extern Shishi_asn1 shishi_as_encasreppart (Shishi_as * as);
1039 extern void shishi_as_encasreppart_set (Shishi_as * as,
1040 Shishi_asn1 encasreppart);
1041 extern Shishi_asn1 shishi_as_krberror (Shishi_as * as);
1042 extern int shishi_as_krberror_der (Shishi_as * as, char **out,
1043 size_t * outlen);
1044 extern void shishi_as_krberror_set (Shishi_as * as, Shishi_asn1 krberror);
1045 extern Shishi_tkt *shishi_as_tkt (Shishi_as * as);
1046 extern void shishi_as_tkt_set (Shishi_as * as, Shishi_tkt * tkt);
1047 extern int shishi_as_sendrecv (Shishi_as * as);
1048 extern int shishi_as_sendrecv_hint (Shishi_as * as, Shishi_tkts_hint * hint);
1049 extern int shishi_as_rep_process (Shishi_as * as,
1050 Shishi_key * key, const char *password);
1051
1052 /* tgs.c */
1053 extern int shishi_tgs (Shishi * handle, Shishi_tgs ** tgs);
1054 extern void shishi_tgs_done (Shishi_tgs * tgs);
1055 extern Shishi_tkt *shishi_tgs_tgtkt (Shishi_tgs * tgs);
1056 extern void shishi_tgs_tgtkt_set (Shishi_tgs * tgs, Shishi_tkt * tgtkt);
1057 extern Shishi_ap *shishi_tgs_ap (Shishi_tgs * tgs);
1058 extern Shishi_asn1 shishi_tgs_req (Shishi_tgs * tgs);
1059 extern int shishi_tgs_req_der (Shishi_tgs * tgs, char **out, size_t * outlen);
1060 extern int shishi_tgs_req_der_set (Shishi_tgs * tgs, char *der,
1061 size_t derlen);
1062 extern void shishi_tgs_req_set (Shishi_tgs * tgs, Shishi_asn1 tgsreq);
1063 extern int shishi_tgs_req_build (Shishi_tgs * tgs);
1064 extern int shishi_tgs_req_process (Shishi_tgs * tgs);
1065 extern Shishi_asn1 shishi_tgs_rep (Shishi_tgs * tgs);
1066 extern int shishi_tgs_rep_der (Shishi_tgs * tgs, char **out, size_t * outlen);
1067 extern int shishi_tgs_rep_build (Shishi_tgs * tgs, int keyusage,
1068 Shishi_key * key);
1069 extern int shishi_tgs_rep_process (Shishi_tgs * tgs);
1070 extern Shishi_asn1 shishi_tgs_krberror (Shishi_tgs * tgs);
1071 extern int shishi_tgs_krberror_der (Shishi_tgs * tgs, char **out,
1072 size_t * outlen);
1073 extern void shishi_tgs_krberror_set (Shishi_tgs * tgs, Shishi_asn1 krberror);
1074 extern Shishi_tkt *shishi_tgs_tkt (Shishi_tgs * tgs);
1075 extern void shishi_tgs_tkt_set (Shishi_tgs * tgs, Shishi_tkt * tkt);
1076 extern int shishi_tgs_sendrecv (Shishi_tgs * tgs);
1077 extern int shishi_tgs_sendrecv_hint (Shishi_tgs * tgs,
1078 Shishi_tkts_hint * hint);
1079 extern int shishi_tgs_set_server (Shishi_tgs * tgs, const char *server);
1080 extern int shishi_tgs_set_realm (Shishi_tgs * tgs, const char *realm);
1081 extern int shishi_tgs_set_realmserver (Shishi_tgs * tgs,
1082 const char *realm, const char *server);
1083
1084 /* kdcreq.c */
1085 extern int shishi_kdcreq (Shishi * handle, char *realm,
1086 char *service, Shishi_asn1 * req);
1087 extern Shishi_asn1 shishi_asreq (Shishi * handle);
1088 extern Shishi_asn1 shishi_asreq_rsc (Shishi * handle, char *realm,
1089 char *server, char *client);
1090 extern Shishi_asn1 shishi_tgsreq (Shishi * handle);
1091 extern Shishi_asn1 shishi_tgsreq_rst (Shishi * handle, char *realm,
1092 char *server, Shishi_tkt * tkt);
1093 extern int shishi_kdcreq_save (Shishi * handle, FILE * fh,
1094 Shishi_asn1 kdcreq);
1095 extern int shishi_kdcreq_print (Shishi * handle, FILE * fh,
1096 Shishi_asn1 kdcreq);
1097 extern int shishi_kdcreq_to_file (Shishi * handle, Shishi_asn1 kdcreq,
1098 int filetype, const char *filename);
1099 extern int shishi_kdcreq_parse (Shishi * handle, FILE * fh,
1100 Shishi_asn1 * kdcreq);
1101 extern int shishi_kdcreq_read (Shishi * handle, FILE * fh,
1102 Shishi_asn1 * kdcreq);
1103 extern int shishi_kdcreq_from_file (Shishi * handle, Shishi_asn1 * kdcreq,
1104 int filetype, const char *filename);
1105 extern int shishi_asreq_clientrealm (Shishi * handle,
1106 Shishi_asn1 asreq,
1107 char **client, size_t * clientlen);
1108 extern int shishi_kdcreq_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1109 uint32_t * nonce);
1110 extern int shishi_kdcreq_nonce_set (Shishi * handle,
1111 Shishi_asn1 kdcreq, uint32_t nonce);
1112 extern int shishi_kdcreq_client (Shishi * handle, Shishi_asn1 kdcreq,
1113 char **client, size_t * clientlen);
1114 extern int shishi_kdcreq_set_cname (Shishi * handle, Shishi_asn1 kdcreq,
1115 Shishi_name_type name_type,
1116 const char *principal);
1117 extern int shishi_kdcreq_server (Shishi * handle, Shishi_asn1 kdcreq,
1118 char **server, size_t * serverlen);
1119 extern int shishi_kdcreq_set_sname (Shishi * handle, Shishi_asn1 kdcreq,
1120 Shishi_name_type name_type,
1121 const char *sname[]);
1122 extern int shishi_kdcreq_realm (Shishi * handle, Shishi_asn1 kdcreq,
1123 char **realm, size_t * realmlen);
1124 extern int shishi_kdcreq_realm_get (Shishi * handle, Shishi_asn1 kdcreq,
1125 char **realm, size_t * realmlen);
1126 extern int shishi_kdcreq_set_realm (Shishi * handle, Shishi_asn1 kdcreq,
1127 const char *realm);
1128 extern int shishi_kdcreq_set_server (Shishi * handle, Shishi_asn1 req,
1129 const char *service);
1130 extern int shishi_kdcreq_set_realmserver (Shishi * handle, Shishi_asn1 req,
1131 char *realm, char *service);
1132 extern int shishi_kdcreq_till (Shishi * handle, Shishi_asn1 kdcreq,
1133 char **till, size_t * tilllen);
1134 extern time_t shishi_kdcreq_tillc (Shishi * handle, Shishi_asn1 kdcreq);
1135 extern int shishi_kdcreq_etype (Shishi * handle, Shishi_asn1 kdcreq,
1136 int32_t * etype, int netype);
1137 extern int shishi_kdcreq_set_etype (Shishi * handle, Shishi_asn1 kdcreq,
1138 int32_t * etype, int netype);
1139 extern int shishi_kdcreq_options (Shishi * handle, Shishi_asn1 kdcreq,
1140 uint32_t * flags);
1141 extern int shishi_kdcreq_forwardable_p (Shishi * handle, Shishi_asn1 kdcreq);
1142 extern int shishi_kdcreq_forwarded_p (Shishi * handle, Shishi_asn1 kdcreq);
1143 extern int shishi_kdcreq_proxiable_p (Shishi * handle, Shishi_asn1 kdcreq);
1144 extern int shishi_kdcreq_proxy_p (Shishi * handle, Shishi_asn1 kdcreq);
1145 extern int shishi_kdcreq_allow_postdate_p (Shishi * handle,
1146 Shishi_asn1 kdcreq);
1147 extern int shishi_kdcreq_postdated_p (Shishi * handle, Shishi_asn1 kdcreq);
1148 extern int shishi_kdcreq_renewable_p (Shishi * handle, Shishi_asn1 kdcreq);
1149 extern int shishi_kdcreq_disable_transited_check_p (Shishi * handle,
1150 Shishi_asn1 kdcreq);
1151 extern int shishi_kdcreq_renewable_ok_p (Shishi * handle, Shishi_asn1 kdcreq);
1152 extern int shishi_kdcreq_enc_tkt_in_skey_p (Shishi * handle,
1153 Shishi_asn1 kdcreq);
1154 extern int shishi_kdcreq_renew_p (Shishi * handle, Shishi_asn1 kdcreq);
1155 extern int shishi_kdcreq_validate_p (Shishi * handle, Shishi_asn1 kdcreq);
1156 extern int shishi_kdcreq_options_set (Shishi * handle, Shishi_asn1 kdcreq,
1157 uint32_t options);
1158 extern int shishi_kdcreq_options_add (Shishi * handle, Shishi_asn1 kdcreq,
1159 uint32_t option);
1160 extern int shishi_kdcreq_clear_padata (Shishi * handle, Shishi_asn1 kdcreq);
1161 extern int shishi_kdcreq_get_padata (Shishi * handle,
1162 Shishi_asn1 kdcreq,
1163 Shishi_padata_type padatatype,
1164 char **out, size_t * outlen);
1165 extern int shishi_kdcreq_get_padata_tgs (Shishi * handle,
1166 Shishi_asn1 kdcreq,
1167 Shishi_asn1 * apreq);
1168 extern int shishi_kdcreq_add_padata (Shishi * handle,
1169 Shishi_asn1 kdcreq,
1170 int padatatype,
1171 const char *data, size_t datalen);
1172 extern int shishi_kdcreq_add_padata_tgs (Shishi * handle,
1173 Shishi_asn1 kdcreq,
1174 Shishi_asn1 apreq);
1175 extern int shishi_kdcreq_add_padata_preauth (Shishi * handle,
1176 Shishi_asn1 kdcreq,
1177 Shishi_key *key);
1178 extern int shishi_kdcreq_build (Shishi * handle, Shishi_asn1 kdcreq);
1179
1180 /* kdc.c */
1181 extern int shishi_as_derive_salt (Shishi * handle,
1182 Shishi_asn1 asreq,
1183 Shishi_asn1 asrep,
1184 char **salt, size_t * saltlen);
1185 extern int shishi_tgs_process (Shishi * handle,
1186 Shishi_asn1 tgsreq,
1187 Shishi_asn1 tgsrep,
1188 Shishi_asn1 authenticator,
1189 Shishi_asn1 oldenckdcreppart,
1190 Shishi_asn1 * enckdcreppart);
1191 extern int shishi_as_process (Shishi * handle, Shishi_asn1 asreq,
1192 Shishi_asn1 asrep,
1193 const char *string,
1194 Shishi_asn1 * enckdcreppart);
1195 extern int shishi_kdc_process (Shishi * handle, Shishi_asn1 kdcreq,
1196 Shishi_asn1 kdcrep, Shishi_key * key,
1197 int keyusage, Shishi_asn1 * enckdcreppart);
1198 extern int shishi_kdcreq_sendrecv (Shishi * handle, Shishi_asn1 kdcreq,
1199 Shishi_asn1 * kdcrep);
1200 extern int shishi_kdcreq_sendrecv_hint (Shishi * handle,
1201 Shishi_asn1 kdcreq,
1202 Shishi_asn1 * kdcrep,
1203 Shishi_tkts_hint * hint);
1204 extern int shishi_kdc_copy_crealm (Shishi * handle, Shishi_asn1 kdcrep,
1205 Shishi_asn1 encticketpart);
1206 extern int shishi_as_check_crealm (Shishi * handle, Shishi_asn1 asreq,
1207 Shishi_asn1 asrep);
1208 extern int shishi_kdc_copy_cname (Shishi * handle, Shishi_asn1 kdcrep,
1209 Shishi_asn1 encticketpart);
1210 extern int shishi_as_check_cname (Shishi * handle, Shishi_asn1 asreq,
1211 Shishi_asn1 asrep);
1212 extern int shishi_kdc_copy_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1213 Shishi_asn1 enckdcreppart);
1214 extern int shishi_kdc_check_nonce (Shishi * handle, Shishi_asn1 kdcreq,
1215 Shishi_asn1 enckdcreppart);
1216
1217 /* kdcrep.c */
1218 extern Shishi_asn1 shishi_asrep (Shishi * handle);
1219 extern Shishi_asn1 shishi_tgsrep (Shishi * handle);
1220 extern int shishi_kdcrep_save (Shishi * handle, FILE * fh,
1221 Shishi_asn1 kdcrep);
1222 extern int shishi_kdcrep_print (Shishi * handle, FILE * fh,
1223 Shishi_asn1 kdcrep);
1224 extern int shishi_kdcrep_to_file (Shishi * handle, Shishi_asn1 kdcrep,
1225 int filetype, const char *filename);
1226 extern int shishi_kdcrep_parse (Shishi * handle, FILE * fh,
1227 Shishi_asn1 * kdcrep);
1228 extern int shishi_kdcrep_read (Shishi * handle, FILE * fh,
1229 Shishi_asn1 * kdcrep);
1230 extern int shishi_kdcrep_from_file (Shishi * handle, Shishi_asn1 * kdcrep,
1231 int filetype, const char *filename);
1232 extern int shishi_kdcrep_clear_padata (Shishi * handle, Shishi_asn1 kdcrep);
1233 extern int shishi_kdcrep_get_enc_part_etype (Shishi * handle,
1234 Shishi_asn1 kdcrep,
1235 int32_t * etype);
1236 extern int shishi_kdcrep_add_enc_part (Shishi * handle,
1237 Shishi_asn1 kdcrep,
1238 Shishi_key * key,
1239 int keyusage,
1240 Shishi_asn1 enckdcreppart);
1241 extern int shishi_kdcrep_get_ticket (Shishi * handle,
1242 Shishi_asn1 kdcrep,
1243 Shishi_asn1 * ticket);
1244 extern int shishi_kdcrep_set_ticket (Shishi * handle, Shishi_asn1 kdcrep,
1245 Shishi_asn1 ticket);
1246 extern int shishi_kdcrep_crealm_set (Shishi * handle,
1247 Shishi_asn1 kdcrep, const char *crealm);
1248 extern int shishi_kdcrep_cname_set (Shishi * handle,
1249 Shishi_asn1 kdcrep,
1250 Shishi_name_type name_type,
1251 const char *cname[]);
1252 extern int shishi_kdcrep_client_set (Shishi * handle, Shishi_asn1 kdcrep,
1253 const char *client);
1254 extern int shishi_kdcrep_crealmserver_set (Shishi * handle,
1255 Shishi_asn1 kdcrep,
1256 const char *crealm,
1257 const char *client);
1258 extern int shishi_kdcrep_set_enc_part (Shishi * handle, Shishi_asn1 kdcrep,
1259 int32_t etype, uint32_t kvno,
1260 const char *buf, size_t buflen);
1261 extern int shishi_kdcrep_decrypt (Shishi * handle,
1262 Shishi_asn1 kdcrep,
1263 Shishi_key * key,
1264 int keyusage, Shishi_asn1 * enckdcreppart);
1265
1266 /* enckdcreppart.c */
1267 extern Shishi_asn1 shishi_enckdcreppart (Shishi * handle);
1268 extern Shishi_asn1 shishi_encasreppart (Shishi * handle);
1269 extern int shishi_enckdcreppart_get_key (Shishi * handle,
1270 Shishi_asn1 enckdcreppart,
1271 Shishi_key ** key);
1272 extern int shishi_enckdcreppart_key_set (Shishi * handle,
1273 Shishi_asn1 enckdcreppart,
1274 Shishi_key * key);
1275 extern int shishi_enckdcreppart_nonce_set (Shishi * handle,
1276 Shishi_asn1 enckdcreppart,
1277 uint32_t nonce);
1278 extern int shishi_enckdcreppart_flags_set (Shishi * handle,
1279 Shishi_asn1 enckdcreppart,
1280 int flags);
1281 extern int shishi_enckdcreppart_authtime_set (Shishi * handle,
1282 Shishi_asn1 enckdcreppart,
1283 const char *authtime);
1284 extern int shishi_enckdcreppart_starttime_set (Shishi * handle,
1285 Shishi_asn1 enckdcreppart,
1286 const char *starttime);
1287 extern int shishi_enckdcreppart_endtime_set (Shishi * handle,
1288 Shishi_asn1 enckdcreppart,
1289 const char *endtime);
1290 extern int shishi_enckdcreppart_renew_till_set (Shishi * handle,
1291 Shishi_asn1 enckdcreppart,
1292 const char *renew_till);
1293 extern int shishi_enckdcreppart_srealm_set (Shishi * handle,
1294 Shishi_asn1 enckdcreppart,
1295 const char *srealm);
1296 extern int shishi_enckdcreppart_sname_set (Shishi * handle,
1297 Shishi_asn1 enckdcreppart,
1298 Shishi_name_type name_type,
1299 char *sname[]);
1300 extern int shishi_enckdcreppart_server_set (Shishi * handle,
1301 Shishi_asn1 enckdcreppart,
1302 const char *server);
1303 extern int shishi_enckdcreppart_srealmserver_set (Shishi * handle,
1304 Shishi_asn1 enckdcreppart,
1305 const char *srealm,
1306 const char *server);
1307 extern int
1308 shishi_enckdcreppart_populate_encticketpart (Shishi * handle,
1309 Shishi_asn1 enckdcreppart,
1310 Shishi_asn1 encticketpart);
1311
1312 /* krberror.c */
1313 extern Shishi_asn1 shishi_krberror (Shishi * handle);
1314 extern int shishi_krberror_print (Shishi * handle, FILE * fh,
1315 Shishi_asn1 krberror);
1316 extern int shishi_krberror_save (Shishi * handle, FILE * fh,
1317 Shishi_asn1 krberror);
1318 extern int shishi_krberror_to_file (Shishi * handle, Shishi_asn1 krberror,
1319 int filetype, const char *filename);
1320 extern int shishi_krberror_parse (Shishi * handle, FILE * fh,
1321 Shishi_asn1 * krberror);
1322 extern int shishi_krberror_read (Shishi * handle, FILE * fh,
1323 Shishi_asn1 * krberror);
1324 extern int shishi_krberror_from_file (Shishi * handle, Shishi_asn1 * krberror,
1325 int filetype, const char *filename);
1326 extern int shishi_krberror_build (Shishi * handle, Shishi_asn1 krberror);
1327 extern int shishi_krberror_der (Shishi * handle,
1328 Shishi_asn1 krberror,
1329 char **out, size_t * outlen);
1330 extern int shishi_krberror_crealm (Shishi * handle,
1331 Shishi_asn1 krberror,
1332 char **realm, size_t * realmlen);
1333 extern int shishi_krberror_remove_crealm (Shishi * handle,
1334 Shishi_asn1 krberror);
1335 extern int shishi_krberror_set_crealm (Shishi * handle,
1336 Shishi_asn1 krberror,
1337 const char *crealm);
1338 extern int shishi_krberror_client (Shishi * handle,
1339 Shishi_asn1 krberror,
1340 char **client, size_t * clientlen);
1341 extern int shishi_krberror_set_cname (Shishi * handle,
1342 Shishi_asn1 krberror,
1343 Shishi_name_type name_type,
1344 const char *cname[]);
1345 extern int shishi_krberror_remove_cname (Shishi * handle,
1346 Shishi_asn1 krberror);
1347 extern int shishi_krberror_client_set (Shishi * handle,
1348 Shishi_asn1 krberror,
1349 const char *client);
1350 extern int shishi_krberror_realm (Shishi * handle,
1351 Shishi_asn1 krberror,
1352 char **realm, size_t * realmlen);
1353 extern int shishi_krberror_set_realm (Shishi * handle,
1354 Shishi_asn1 krberror,
1355 const char *realm);
1356 extern int shishi_krberror_server (Shishi * handle,
1357 Shishi_asn1 krberror,
1358 char **server, size_t *serverlen);
1359 extern int shishi_krberror_remove_sname (Shishi * handle,
1360 Shishi_asn1 krberror);
1361 extern int shishi_krberror_set_sname (Shishi * handle,
1362 Shishi_asn1 krberror,
1363 Shishi_name_type name_type,
1364 const char *sname[]);
1365 extern int shishi_krberror_server_set (Shishi * handle,
1366 Shishi_asn1 krberror,
1367 const char *server);
1368 extern int shishi_krberror_ctime (Shishi * handle,
1369 Shishi_asn1 krberror, char **t);
1370 extern int shishi_krberror_ctime_set (Shishi * handle,
1371 Shishi_asn1 krberror, const char *t);
1372 extern int shishi_krberror_remove_ctime (Shishi * handle,
1373 Shishi_asn1 krberror);
1374 extern int shishi_krberror_cusec (Shishi * handle, Shishi_asn1 krberror,
1375 uint32_t * cusec);
1376 extern int shishi_krberror_cusec_set (Shishi * handle, Shishi_asn1 krberror,
1377 uint32_t cusec);
1378 extern int shishi_krberror_remove_cusec (Shishi * handle,
1379 Shishi_asn1 krberror);
1380 extern int shishi_krberror_stime (Shishi * handle, Shishi_asn1 krberror,
1381 char **t);
1382 extern int shishi_krberror_stime_set (Shishi * handle, Shishi_asn1 krberror,
1383 const char *t);
1384 extern int shishi_krberror_susec (Shishi * handle, Shishi_asn1 krberror,
1385 uint32_t * susec);
1386 extern int shishi_krberror_susec_set (Shishi * handle, Shishi_asn1 krberror,
1387 uint32_t susec);
1388 extern int shishi_krberror_errorcode_set (Shishi * handle,
1389 Shishi_asn1 krberror,
1390 int errorcode);
1391 extern int shishi_krberror_etext (Shishi * handle, Shishi_asn1 krberror,
1392 char **etext, size_t * etextlen);
1393 extern int shishi_krberror_set_etext (Shishi * handle, Shishi_asn1 krberror,
1394 const char *etext);
1395 extern int shishi_krberror_remove_etext (Shishi * handle,
1396 Shishi_asn1 krberror);
1397 extern int shishi_krberror_edata (Shishi * handle, Shishi_asn1 krberror,
1398 char **edata, size_t * edatalen);
1399 extern int shishi_krberror_set_edata (Shishi * handle, Shishi_asn1 krberror,
1400 const char *edata);
1401 extern int shishi_krberror_remove_edata (Shishi * handle,
1402 Shishi_asn1 krberror);
1403 extern int shishi_krberror_errorcode (Shishi * handle, Shishi_asn1 krberror,
1404 int *errorcode);
1405 extern int shishi_krberror_errorcode_fast (Shishi * handle,
1406 Shishi_asn1 krberror);
1407 extern int shishi_krberror_pretty_print (Shishi * handle, FILE * fh,
1408 Shishi_asn1 krberror);
1409 extern const char *shishi_krberror_errorcode_message (Shishi * handle,
1410 int errorcode);
1411 extern const char *shishi_krberror_message (Shishi * handle,
1412 Shishi_asn1 krberror);
1413 extern int shishi_krberror_methoddata (Shishi * handle,
1414 Shishi_asn1 krberror,
1415 Shishi_asn1 *methoddata);
1416
1417 /* gztime.c */
1418 extern const char *shishi_generalize_time (Shishi * handle, time_t t);
1419 extern const char *shishi_generalize_now (Shishi * handle);
1420 extern time_t shishi_generalize_ctime (Shishi * handle, const char *t);
1421 extern int shishi_time (Shishi * handle, Shishi_asn1 node,
1422 const char *field, char **t);
1423 extern int shishi_ctime (Shishi * handle, Shishi_asn1 node,
1424 const char *field, time_t *t);
1425
1426 /* nettle.c, libgcrypt.c, ... */
1427 extern int shishi_randomize (Shishi * handle, int strong,
1428 void *data, size_t datalen);
1429 extern int shishi_crc (Shishi * handle, const char *in, size_t inlen,
1430 char *out[4]);
1431 extern int shishi_md4 (Shishi * handle, const char *in, size_t inlen,
1432 char *out[16]);
1433 extern int shishi_md5 (Shishi * handle, const char *in, size_t inlen,
1434 char *out[16]);
1435 extern int shishi_hmac_md5 (Shishi * handle, const char *key, size_t keylen,
1436 const char *in, size_t inlen, char *outhash[16]);
1437 extern int shishi_hmac_sha1 (Shishi * handle, const char *key, size_t keylen,
1438 const char *in, size_t inlen, char *outhash[20]);
1439 extern int shishi_des_cbc_mac (Shishi * handle, const char key[8],
1440 const char iv[8], const char *in, size_t inlen,
1441 char *out[8]);
1442 extern int shishi_arcfour (Shishi * handle, int decryptp,
1443 const char *key, size_t keylen,
1444 const char iv[258], char *ivout[258],
1445 const char *in, size_t inlen, char **out);
1446 extern int shishi_des (Shishi * handle, int decryptp, const char key[8],
1447 const char iv[8], char *ivout[8],
1448 const char *in, size_t inlen, char **out);
1449 extern int shishi_3des (Shishi * handle, int decryptp, const char key[24],
1450 const char iv[8], char *ivout[8],
1451 const char *in, size_t inlen, char **out);
1452 extern int shishi_aes_cts (Shishi * handle, int decryptp,
1453 const char *key, size_t keylen,
1454 const char iv[16], char *ivout[16],
1455 const char *in, size_t inlen, char **out);
1456
1457 /* crypto.c */
1458 extern int shishi_cipher_supported_p (int type);
1459 extern const char *shishi_cipher_name (int type);
1460 extern int shishi_cipher_blocksize (int type);
1461 extern int shishi_cipher_confoundersize (int type);
1462 extern size_t shishi_cipher_keylen (int type);
1463 extern size_t shishi_cipher_randomlen (int type);
1464 extern int shishi_cipher_defaultcksumtype (int32_t type);
1465 extern int shishi_cipher_parse (const char *cipher);
1466 extern int shishi_checksum_supported_p (int32_t type);
1467 extern const char *shishi_checksum_name (int32_t type);
1468 extern size_t shishi_checksum_cksumlen (int32_t type);
1469 extern int shishi_checksum_parse (const char *checksum);
1470 extern int shishi_string_to_key (Shishi * handle,
1471 int32_t keytype,
1472 const char *password, size_t passwordlen,
1473 const char *salt, size_t saltlen,
1474 const char *parameter, Shishi_key * outkey);
1475 extern int shishi_random_to_key (Shishi * handle,
1476 int32_t keytype,
1477 const char *rnd,
1478 size_t rndlen, Shishi_key * outkey);
1479 extern int shishi_encrypt_ivupdate_etype (Shishi * handle,
1480 Shishi_key * key,
1481 int keyusage,
1482 int32_t etype,
1483 const char *iv, size_t ivlen,
1484 char **ivout, size_t * ivoutlen,
1485 const char *in, size_t inlen,
1486 char **out, size_t * outlen);
1487 extern int shishi_encrypt_iv_etype (Shishi * handle,
1488 Shishi_key * key,
1489 int keyusage,
1490 int32_t etype,
1491 const char *iv, size_t ivlen,
1492 const char *in, size_t inlen,
1493 char **out, size_t * outlen);
1494 extern int shishi_encrypt_etype (Shishi * handle,
1495 Shishi_key * key,
1496 int keyusage,
1497 int32_t etype,
1498 const char *in, size_t inlen,
1499 char **out, size_t * outlen);
1500 extern int shishi_encrypt_ivupdate (Shishi * handle,
1501 Shishi_key * key,
1502 int keyusage,
1503 const char *iv, size_t ivlen,
1504 char **ivout, size_t * ivoutlen,
1505 const char *in, size_t inlen,
1506 char **out, size_t * outlen);
1507 extern int shishi_encrypt_iv (Shishi * handle,
1508 Shishi_key * key,
1509 int keyusage,
1510 const char *iv, size_t ivlen,
1511 const char *in, size_t inlen,
1512 char **out, size_t * outlen);
1513 extern int shishi_encrypt (Shishi * handle,
1514 Shishi_key * key,
1515 int keyusage,
1516 char *in, size_t inlen,
1517 char **out, size_t * outlen);
1518 extern int shishi_decrypt_ivupdate_etype (Shishi * handle,
1519 Shishi_key * key,
1520 int keyusage,
1521 int32_t etype,
1522 const char *iv, size_t ivlen,
1523 char **ivout, size_t * ivoutlen,
1524 const char *in, size_t inlen,
1525 char **out, size_t * outlen);
1526 extern int shishi_decrypt_iv_etype (Shishi * handle,
1527 Shishi_key * key,
1528 int keyusage,
1529 int32_t etype,
1530 const char *iv, size_t ivlen,
1531 const char *in, size_t inlen,
1532 char **out, size_t * outlen);
1533 extern int shishi_decrypt_etype (Shishi * handle,
1534 Shishi_key * key,
1535 int keyusage,
1536 int32_t etype,
1537 const char *in, size_t inlen,
1538 char **out, size_t * outlen);
1539 extern int shishi_decrypt_ivupdate (Shishi * handle,
1540 Shishi_key * key,
1541 int keyusage,
1542 const char *iv, size_t ivlen,
1543 char **ivout, size_t * ivoutlen,
1544 const char *in, size_t inlen,
1545 char **out, size_t * outlen);
1546 extern int shishi_decrypt_iv (Shishi * handle,
1547 Shishi_key * key,
1548 int keyusage,
1549 const char *iv, size_t ivlen,
1550 const char *in, size_t inlen,
1551 char **out, size_t * outlen);
1552 extern int shishi_decrypt (Shishi * handle,
1553 Shishi_key * key,
1554 int keyusage,
1555 const char *in, size_t inlen,
1556 char **out, size_t * outlen);
1557 extern int shishi_checksum (Shishi * handle,
1558 Shishi_key * key,
1559 int keyusage,
1560 int32_t cksumtype,
1561 const char *in, size_t inlen,
1562 char **out, size_t * outlen);
1563 extern int shishi_verify (Shishi * handle,
1564 Shishi_key * key,
1565 int keyusage,
1566 int cksumtype,
1567 const char *in, size_t inlen,
1568 const char *cksum, size_t cksumlen);
1569 extern int shishi_dk (Shishi * handle,
1570 Shishi_key * key,
1571 const char *prfconstant, size_t prfconstantlen,
1572 Shishi_key * derivedkey);
1573 extern int shishi_dr (Shishi * handle,
1574 Shishi_key * key,
1575 const char *prfconstant, size_t prfconstantlen,
1576 char *derivedrandom, size_t derivedrandomlen);
1577 extern int shishi_n_fold (Shishi * handle, const char *in, size_t inlen,
1578 char *out, size_t outlen);
1579 extern int shishi_pbkdf2_sha1 (Shishi * handle,
1580 const char *P, size_t Plen,
1581 const char *S, size_t Slen,
1582 unsigned int c, unsigned int dkLen, char *DK);
1583
1584 /* crypto-ctx.c */
1585 extern Shishi_crypto *shishi_crypto (Shishi * handle,
1586 Shishi_key * key, int keyusage,
1587 int32_t etype,
1588 const char *iv, size_t ivlen);
1589 extern void shishi_crypto_close (Shishi_crypto * ctx);
1590 extern int shishi_crypto_encrypt (Shishi_crypto * ctx,
1591 const char *in, size_t inlen,
1592 char **out, size_t * outlen);
1593 extern int shishi_crypto_decrypt (Shishi_crypto * ctx,
1594 const char *in, size_t inlen,
1595 char **out, size_t * outlen);
1596
1597 /* version.c */
1598 extern const char *shishi_check_version (const char *req_version);
1599
1600 /* password.c */
1601 extern int
1602 shishi_prompt_password (Shishi * handle, char **s, const char *format, ...);
1603
1604 /* asn1.c */
1605 extern int shishi_asn1_number_of_elements (Shishi * handle,
1606 Shishi_asn1 node,
1607 const char *field, size_t * n);
1608 extern int shishi_asn1_empty_p (Shishi * handle, Shishi_asn1 node,
1609 const char *field);
1610
1611 extern int shishi_asn1_read (Shishi * handle, Shishi_asn1 node,
1612 const char *field,
1613 char **data, size_t * datalen);
1614 extern int shishi_asn1_read_inline (Shishi * handle, Shishi_asn1 node,
1615 const char *field,
1616 char *data, size_t * datalen);
1617 extern int shishi_asn1_read_integer (Shishi * handle, Shishi_asn1 node,
1618 const char *field, int *i);
1619 extern int shishi_asn1_read_int32 (Shishi * handle, Shishi_asn1 node,
1620 const char *field, int32_t * i);
1621 extern int shishi_asn1_read_uint32 (Shishi * handle, Shishi_asn1 node,
1622 const char *field, uint32_t * i);
1623 extern int shishi_asn1_read_bitstring (Shishi * handle, Shishi_asn1 node,
1624 const char *field, uint32_t * flags);
1625 extern int shishi_asn1_read_optional (Shishi * handle,
1626 Shishi_asn1 node, const char *field,
1627 char **data, size_t * datalen);
1628
1629 extern int shishi_asn1_write (Shishi * handle, Shishi_asn1 node,
1630 const char *field,
1631 const char *data, size_t datalen);
1632 extern int shishi_asn1_write_integer (Shishi * handle, Shishi_asn1 node,
1633 const char *field, int n);
1634 extern int shishi_asn1_write_int32 (Shishi * handle, Shishi_asn1 node,
1635 const char *field, int32_t n);
1636 extern int shishi_asn1_write_uint32 (Shishi * handle, Shishi_asn1 node,
1637 const char *field, uint32_t n);
1638 extern int shishi_asn1_write_bitstring (Shishi * handle, Shishi_asn1 node,
1639 const char *field, uint32_t flags);
1640
1641 extern void shishi_asn1_done (Shishi * handle, Shishi_asn1 node);
1642
1643 extern Shishi_asn1 shishi_asn1_pa_enc_ts_enc (Shishi * handle);
1644 extern Shishi_asn1 shishi_asn1_encrypteddata (Shishi * handle);
1645 extern Shishi_asn1 shishi_asn1_padata (Shishi * handle);
1646 extern Shishi_asn1 shishi_asn1_methoddata (Shishi * handle);
1647 extern Shishi_asn1 shishi_asn1_etype_info (Shishi * handle);
1648 extern Shishi_asn1 shishi_asn1_etype_info2 (Shishi * handle);
1649 extern Shishi_asn1 shishi_asn1_asreq (Shishi * handle);
1650 extern Shishi_asn1 shishi_asn1_asrep (Shishi * handle);
1651 extern Shishi_asn1 shishi_asn1_tgsreq (Shishi * handle);
1652 extern Shishi_asn1 shishi_asn1_tgsrep (Shishi * handle);
1653 extern Shishi_asn1 shishi_asn1_apreq (Shishi * handle);
1654 extern Shishi_asn1 shishi_asn1_aprep (Shishi * handle);
1655 extern Shishi_asn1 shishi_asn1_ticket (Shishi * handle);
1656 extern Shishi_asn1 shishi_asn1_encapreppart (Shishi * handle);
1657 extern Shishi_asn1 shishi_asn1_encticketpart (Shishi * handle);
1658 extern Shishi_asn1 shishi_asn1_authenticator (Shishi * handle);
1659 extern Shishi_asn1 shishi_asn1_enckdcreppart (Shishi * handle);
1660 extern Shishi_asn1 shishi_asn1_encasreppart (Shishi * handle);
1661 extern Shishi_asn1 shishi_asn1_krberror (Shishi * handle);
1662 extern Shishi_asn1 shishi_asn1_krbsafe (Shishi * handle);
1663 extern Shishi_asn1 shishi_asn1_priv (Shishi * handle);
1664 extern Shishi_asn1 shishi_asn1_encprivpart (Shishi * handle);
1665
1666 extern int shishi_asn1_to_der (Shishi * handle, Shishi_asn1 node,
1667 char **der, size_t * len);
1668 extern int shishi_asn1_to_der_field (Shishi * handle, Shishi_asn1 node,
1669 const char *field, char **der, size_t * len);
1670
1671 extern Shishi_msgtype shishi_asn1_msgtype (Shishi * handle, Shishi_asn1 node);
1672 extern Shishi_msgtype shishi_der_msgtype (Shishi * handle,
1673 const char *der, size_t derlen);
1674
1675 extern Shishi_asn1 shishi_der2asn1 (Shishi * handle,
1676 const char *der, size_t derlen);
1677 extern Shishi_asn1 shishi_der2asn1_padata (Shishi * handle,
1678 const char *der, size_t derlen);
1679 extern Shishi_asn1 shishi_der2asn1_methoddata (Shishi * handle,
1680 const char *der, size_t derlen);
1681 extern Shishi_asn1 shishi_der2asn1_etype_info (Shishi * handle,
1682 const char *der,
1683 size_t derlen);
1684 extern Shishi_asn1 shishi_der2asn1_etype_info2 (Shishi * handle,
1685 const char *der,
1686 size_t derlen);
1687 extern Shishi_asn1 shishi_der2asn1_ticket (Shishi * handle,
1688 const char *der, size_t derlen);
1689 extern Shishi_asn1 shishi_der2asn1_encticketpart (Shishi * handle,
1690 const char *der,
1691 size_t derlen);
1692 extern Shishi_asn1 shishi_der2asn1_asreq (Shishi * handle,
1693 const char *der, size_t derlen);
1694 extern Shishi_asn1 shishi_der2asn1_tgsreq (Shishi * handle,
1695 const char *der, size_t derlen);
1696 extern Shishi_asn1 shishi_der2asn1_asrep (Shishi * handle,
1697 const char *der, size_t derlen);
1698 extern Shishi_asn1 shishi_der2asn1_tgsrep (Shishi * handle,
1699 const char *der, size_t derlen);
1700 extern Shishi_asn1 shishi_der2asn1_kdcrep (Shishi * handle,
1701 const char *der, size_t derlen);
1702 extern Shishi_asn1 shishi_der2asn1_kdcreq (Shishi * handle,
1703 const char *der, size_t derlen);
1704 extern Shishi_asn1 shishi_der2asn1_apreq (Shishi * handle,
1705 const char *der, size_t derlen);
1706 extern Shishi_asn1 shishi_der2asn1_aprep (Shishi * handle,
1707 const char *der, size_t derlen);
1708 extern Shishi_asn1 shishi_der2asn1_authenticator (Shishi * handle,
1709 const char *der,
1710 size_t derlen);
1711 extern Shishi_asn1 shishi_der2asn1_krberror (Shishi * handle,
1712 const char *der, size_t derlen);
1713 extern Shishi_asn1 shishi_der2asn1_krbsafe (Shishi * handle,
1714 const char *der, size_t derlen);
1715 extern Shishi_asn1 shishi_der2asn1_priv (Shishi * handle,
1716 const char *der, size_t derlen);
1717 extern Shishi_asn1 shishi_der2asn1_encasreppart (Shishi * handle,
1718 const char *der,
1719 size_t derlen);
1720 extern Shishi_asn1 shishi_der2asn1_enctgsreppart (Shishi * handle,
1721 const char *der,
1722 size_t derlen);
1723 extern Shishi_asn1 shishi_der2asn1_enckdcreppart (Shishi * handle,
1724 const char *der,
1725 size_t derlen);
1726 extern Shishi_asn1 shishi_der2asn1_encapreppart (Shishi * handle,
1727 const char *der,
1728 size_t derlen);
1729 extern Shishi_asn1 shishi_der2asn1_encprivpart (Shishi * handle,
1730 const char *der,
1731 size_t derlen);
1732
1733 /* ap.c */
1734 extern int shishi_ap (Shishi * handle, Shishi_ap ** ap);
1735 extern int shishi_ap_etype (Shishi * handle, Shishi_ap ** ap, int etype);
1736 extern int shishi_ap_nosubkey (Shishi * handle, Shishi_ap ** ap);
1737 extern void shishi_ap_done (Shishi_ap * ap);
1738 extern int shishi_ap_set_tktoptions (Shishi_ap * ap,
1739 Shishi_tkt * tkt, int options);
1740 extern int shishi_ap_tktoptions (Shishi * handle,
1741 Shishi_ap ** ap,
1742 Shishi_tkt * tkt, int options);
1743 extern int shishi_ap_etype_tktoptionsdata (Shishi * handle,
1744 Shishi_ap ** ap,
1745 int32_t etype,
1746 Shishi_tkt * tkt, int options,
1747 const char *data, size_t len);
1748 extern int shishi_ap_set_tktoptionsdata (Shishi_ap * ap,
1749 Shishi_tkt * tkt,
1750 int options,
1751 const char *data, size_t len);
1752 extern int shishi_ap_tktoptionsdata (Shishi * handle,
1753 Shishi_ap ** ap,
1754 Shishi_tkt * tkt,
1755 int options,
1756 const char *data, size_t len);
1757 extern int shishi_ap_set_tktoptionsraw (Shishi_ap * ap,
1758 Shishi_tkt * tkt,
1759 int options,
1760 int32_t cksumtype,
1761 const char *data, size_t len);
1762 extern int shishi_ap_tktoptionsraw (Shishi * handle,
1763 Shishi_ap ** ap,
1764 Shishi_tkt * tkt, int options,
1765 int32_t cksumtype,
1766 const char *data, size_t len);
1767 extern int shishi_ap_set_tktoptionsasn1usage (Shishi_ap * ap,
1768 Shishi_tkt * tkt,
1769 int options,
1770 Shishi_asn1 node,
1771 const char *field,
1772 int authenticatorcksumkeyusage,
1773 int authenticatorkeyusage);
1774 extern int shishi_ap_tktoptionsasn1usage (Shishi * handle,
1775 Shishi_ap ** ap,
1776 Shishi_tkt * tkt,
1777 int options,
1778 Shishi_asn1 node,
1779 const char *field,
1780 int authenticatorcksumkeyusage,
1781 int authenticatorkeyusage);
1782
1783 extern Shishi_tkt *shishi_ap_tkt (Shishi_ap * ap);
1784 extern void shishi_ap_tkt_set (Shishi_ap * ap, Shishi_tkt * tkt);
1785
1786 extern int shishi_ap_authenticator_cksumdata (Shishi_ap * ap,
1787 char *out, size_t * len);
1788 extern void
1789 shishi_ap_authenticator_cksumdata_set (Shishi_ap * ap,
1790 const char *authenticatorcksumdata,
1791 size_t authenticatorcksumdatalen);
1792 extern void
1793 shishi_ap_authenticator_cksumraw_set (Shishi_ap * ap,
1794 int32_t authenticatorcksumtype,
1795 const char *authenticatorcksumraw,
1796 size_t authenticatorcksumrawlen);
1797 extern int32_t shishi_ap_authenticator_cksumtype (Shishi_ap * ap);
1798 extern void shishi_ap_authenticator_cksumtype_set (Shishi_ap * ap,
1799 int32_t cksumtype);
1800
1801 extern Shishi_asn1 shishi_ap_authenticator (Shishi_ap * ap);
1802 extern void shishi_ap_authenticator_set (Shishi_ap * ap,
1803 Shishi_asn1 authenticator);
1804
1805 extern Shishi_asn1 shishi_ap_req (Shishi_ap * ap);
1806 extern void shishi_ap_req_set (Shishi_ap * ap, Shishi_asn1 apreq);
1807 extern int shishi_ap_req_der (Shishi_ap * ap, char **out, size_t * outlen);
1808 extern int shishi_ap_req_der_set (Shishi_ap * ap, char *der, size_t derlen);
1809 extern int shishi_ap_req_build (Shishi_ap * ap);
1810 extern int shishi_ap_req_asn1 (Shishi_ap * ap, Shishi_asn1 * apreq);
1811 extern Shishi_key *shishi_ap_key (Shishi_ap * ap);
1812 extern int shishi_ap_req_decode (Shishi_ap * ap);
1813 extern int shishi_ap_req_process (Shishi_ap * ap, Shishi_key * key);
1814 extern int shishi_ap_req_process_keyusage (Shishi_ap * ap,
1815 Shishi_key * key,
1816 int32_t keyusage);
1817
1818 extern Shishi_asn1 shishi_ap_rep (Shishi_ap * ap);
1819 extern void shishi_ap_rep_set (Shishi_ap * ap, Shishi_asn1 aprep);
1820 extern int shishi_ap_rep_der (Shishi_ap * ap, char **out, size_t * outlen);
1821 extern int shishi_ap_rep_der_set (Shishi_ap * ap, char *der, size_t derlen);
1822 extern int shishi_ap_rep_verify (Shishi_ap * ap);
1823 extern int shishi_ap_rep_verify_der (Shishi_ap * ap, char *der,
1824 size_t derlen);
1825 extern int shishi_ap_rep_verify_asn1 (Shishi_ap * ap, Shishi_asn1 aprep);
1826 extern int shishi_ap_rep_asn1 (Shishi_ap * ap, Shishi_asn1 * aprep);
1827 extern int shishi_ap_rep_build (Shishi_ap * ap);
1828
1829 extern Shishi_asn1 shishi_ap_encapreppart (Shishi_ap * ap);
1830 extern void shishi_ap_encapreppart_set (Shishi_ap * ap,
1831 Shishi_asn1 encapreppart);
1832
1833 extern const char *shishi_ap_option2string (Shishi_apoptions option);
1834 extern Shishi_apoptions shishi_ap_string2option (const char *str);
1835
1836 /* key.c */
1837 extern const char *shishi_key_principal (Shishi_key * key);
1838 extern void shishi_key_principal_set (Shishi_key * key,
1839 const char *principal);
1840 extern const char *shishi_key_realm (Shishi_key * key);
1841 extern void shishi_key_realm_set (Shishi_key * key, const char *realm);
1842 extern int shishi_key_type (Shishi_key * key);
1843 extern void shishi_key_type_set (Shishi_key * key, int32_t type);
1844 extern char *shishi_key_value (Shishi_key * key);
1845 extern void shishi_key_value_set (Shishi_key * key, const char *value);
1846 extern const char *shishi_key_name (Shishi_key * key);
1847 extern size_t shishi_key_length (Shishi_key * key);
1848 extern uint32_t shishi_key_version (Shishi_key * key);
1849 extern void shishi_key_version_set (Shishi_key * key, uint32_t kvno);
1850 extern int shishi_key (Shishi * handle, Shishi_key ** key);
1851 extern void shishi_key_done (Shishi_key * key);
1852 extern void shishi_key_copy (Shishi_key * dstkey, Shishi_key * srckey);
1853 extern int shishi_key_print (Shishi * handle, FILE * fh,
1854 const Shishi_key * key);
1855 extern int shishi_key_to_file (Shishi * handle,
1856 const char *filename, Shishi_key * key);
1857 extern int shishi_key_parse (Shishi * handle, FILE * fh, Shishi_key ** key);
1858 extern int shishi_key_random (Shishi * handle,
1859 int32_t type, Shishi_key ** key);
1860 extern int shishi_key_from_value (Shishi * handle,
1861 int32_t type,
1862 const char *value, Shishi_key ** key);
1863 extern int shishi_key_from_base64 (Shishi * handle,
1864 int32_t type,
1865 const char *value, Shishi_key ** key);
1866 extern int shishi_key_from_random (Shishi * handle,
1867 int32_t type,
1868 const char *rnd,
1869 size_t rndlen, Shishi_key ** outkey);
1870 extern int shishi_key_from_string (Shishi * handle,
1871 int32_t type,
1872 const char *password, size_t passwordlen,
1873 const char *salt, size_t saltlen,
1874 const char *parameter,
1875 Shishi_key ** outkey);
1876 extern int shishi_key_from_name (Shishi * handle,
1877 int32_t type,
1878 const char *name,
1879 const char *password, size_t passwordlen,
1880 const char *parameter,
1881 Shishi_key ** outkey);
1882
1883 /* keys.c */
1884 extern int shishi_keys (Shishi * handle, Shishi_keys ** keys);
1885 extern void shishi_keys_done (Shishi_keys ** keys);
1886 extern int shishi_keys_size (Shishi_keys * keys);
1887 extern const Shishi_key *shishi_keys_nth (Shishi_keys * keys, int keyno);
1888 extern void shishi_keys_remove (Shishi_keys * keys, int keyno);
1889 extern int shishi_keys_add (Shishi_keys * keys, Shishi_key * key);
1890
1891 extern int shishi_keys_add_keytab_mem (Shishi * handle,
1892 const char *data, size_t len,
1893 Shishi_keys *keys);
1894 extern int shishi_keys_add_keytab_file (Shishi * handle,
1895 const char *filename,
1896 Shishi_keys *keys);
1897 extern int shishi_keys_from_keytab_mem (Shishi * handle,
1898 const char *data, size_t len,
1899 Shishi_keys **outkeys);
1900 extern int shishi_keys_from_keytab_file (Shishi * handle,
1901 const char *filename,
1902 Shishi_keys **outkeys);
1903
1904 extern int shishi_keys_print (Shishi_keys * keys, FILE *fh);
1905 extern int shishi_keys_to_file (Shishi * handle,
1906 const char *filename,
1907 Shishi_keys * keys);
1908
1909 extern Shishi_key *shishi_keys_for_serverrealm_in_file (Shishi * handle,
1910 const char *filename,
1911 const char *server,
1912 const char *realm);
1913 extern Shishi_key *shishi_keys_for_server_in_file (Shishi * handle,
1914 const char *filename,
1915 const char *server);
1916 extern Shishi_key *shishi_keys_for_localservicerealm_in_file (Shishi * handle,
1917 const char
1918 *filename,
1919 const char
1920 *service,
1921 const char
1922 *realm);
1923
1924 /* hostkeys.c */
1925 extern const char *shishi_hostkeys_default_file (Shishi * handle);
1926 extern void shishi_hostkeys_default_file_set (Shishi * handle,
1927 const char *hostkeysfile);
1928 extern Shishi_key *shishi_hostkeys_for_server (Shishi * handle,
1929 const char *server);
1930 extern Shishi_key *shishi_hostkeys_for_serverrealm (Shishi * handle,
1931 const char *server,
1932 const char *realm);
1933 extern Shishi_key *shishi_hostkeys_for_localservicerealm (Shishi * handle,
1934 const char *service,
1935 const char *realm);
1936 extern Shishi_key *shishi_hostkeys_for_localservice (Shishi * handle,
1937 const char *service);
1938
1939 /* encapreppart.c */
1940 extern Shishi_asn1 shishi_encapreppart (Shishi * handle);
1941 extern int shishi_encapreppart_time_copy (Shishi * handle,
1942 Shishi_asn1 encapreppart,
1943 Shishi_asn1 authenticator);
1944 extern int shishi_encapreppart_ctime (Shishi * handle,
1945 Shishi_asn1 encapreppart, char **t);
1946 extern int shishi_encapreppart_ctime_set (Shishi * handle,
1947 Shishi_asn1 encapreppart,
1948 const char *t);
1949 extern int shishi_encapreppart_cusec_get (Shishi * handle,
1950 Shishi_asn1 encapreppart,
1951 uint32_t * cusec);
1952 extern int shishi_encapreppart_cusec_set (Shishi * handle,
1953 Shishi_asn1 encapreppart,
1954 uint32_t cusec);
1955 extern int shishi_encapreppart_print (Shishi * handle, FILE * fh,
1956 Shishi_asn1 encapreppart);
1957 extern int shishi_encapreppart_save (Shishi * handle, FILE * fh,
1958 Shishi_asn1 encapreppart);
1959 extern int shishi_encapreppart_to_file (Shishi * handle,
1960 Shishi_asn1 encapreppart,
1961 int filetype, const char *filename);
1962 extern int shishi_encapreppart_read (Shishi * handle, FILE * fh,
1963 Shishi_asn1 * encapreppart);
1964 extern int shishi_encapreppart_parse (Shishi * handle, FILE * fh,
1965 Shishi_asn1 * encapreppart);
1966 extern int shishi_encapreppart_from_file (Shishi * handle,
1967 Shishi_asn1 * encapreppart,
1968 int filetype, const char *filename);
1969 extern int shishi_encapreppart_get_key (Shishi * handle,
1970 Shishi_asn1 encapreppart,
1971 Shishi_key ** key);
1972 extern int shishi_encapreppart_seqnumber_get (Shishi * handle,
1973 Shishi_asn1 encapreppart,
1974 uint32_t * seqnumber);
1975 extern int shishi_encapreppart_seqnumber_remove (Shishi * handle,
1976 Shishi_asn1 encapreppart);
1977 extern int shishi_encapreppart_seqnumber_set (Shishi * handle,
1978 Shishi_asn1 encapreppart,
1979 uint32_t seqnumber);
1980
1981 /* apreq.c */
1982 extern Shishi_asn1 shishi_apreq (Shishi * handle);
1983 extern int shishi_apreq_parse (Shishi * handle, FILE * fh,
1984 Shishi_asn1 * apreq);
1985 extern int shishi_apreq_from_file (Shishi * handle, Shishi_asn1 * apreq,
1986 int filetype, const char *filename);
1987 extern int shishi_apreq_print (Shishi * handle, FILE * fh, Shishi_asn1 apreq);
1988 extern int shishi_apreq_to_file (Shishi * handle, Shishi_asn1 apreq,
1989 int filetype, const char *filename);
1990 extern int shishi_apreq_read (Shishi * handle, FILE * fh,
1991 Shishi_asn1 * apreq);
1992 extern int shishi_apreq_save (Shishi * handle, FILE * fh, Shishi_asn1 apreq);
1993 extern int shishi_apreq_set_ticket (Shishi * handle, Shishi_asn1 apreq,
1994 Shishi_asn1 ticket);
1995 extern int shishi_apreq_set_authenticator (Shishi * handle, Shishi_asn1 apreq,
1996 int32_t etype, uint32_t kvno,
1997 const char *buf, size_t buflen);
1998 extern int shishi_apreq_add_authenticator (Shishi * handle, Shishi_asn1 apreq,
1999 Shishi_key * key, int keyusage,
2000 Shishi_asn1 authenticator);
2001 extern int shishi_apreq_options (Shishi * handle, Shishi_asn1 apreq,
2002 uint32_t * flags);
2003 extern int shishi_apreq_use_session_key_p (Shishi * handle,
2004 Shishi_asn1 apreq);
2005 extern int shishi_apreq_mutual_required_p (Shishi * handle,
2006 Shishi_asn1 apreq);
2007 extern int shishi_apreq_options_set (Shishi * handle, Shishi_asn1 apreq,
2008 uint32_t options);
2009 extern int shishi_apreq_options_add (Shishi * handle, Shishi_asn1 apreq,
2010 uint32_t option);
2011 extern int shishi_apreq_options_remove (Shishi * handle, Shishi_asn1 apreq,
2012 uint32_t option);
2013 extern int shishi_apreq_get_ticket (Shishi * handle, Shishi_asn1 apreq,
2014 Shishi_asn1 * ticket);
2015 extern int shishi_apreq_get_authenticator_etype (Shishi * handle,
2016 Shishi_asn1 apreq,
2017 int32_t * etype);
2018 extern int shishi_apreq_decrypt (Shishi * handle, Shishi_asn1 apreq,
2019 Shishi_key * key, int keyusage,
2020 Shishi_asn1 * authenticator);
2021
2022 /* aprep.c */
2023 extern Shishi_asn1 shishi_aprep (Shishi * handle);
2024 extern int shishi_aprep_print (Shishi * handle, FILE * fh, Shishi_asn1 aprep);
2025 extern int shishi_aprep_save (Shishi * handle, FILE * fh, Shishi_asn1 aprep);
2026 extern int shishi_aprep_to_file (Shishi * handle, Shishi_asn1 aprep,
2027 int filetype, const char *filename);
2028 extern int shishi_aprep_read (Shishi * handle, FILE * fh,
2029 Shishi_asn1 * aprep);
2030 extern int shishi_aprep_parse (Shishi * handle, FILE * fh,
2031 Shishi_asn1 * aprep);
2032 extern int shishi_aprep_from_file (Shishi * handle, Shishi_asn1 * aprep,
2033 int filetype, const char *filename);
2034 extern int shishi_aprep_decrypt (Shishi * handle, Shishi_asn1 aprep,
2035 Shishi_key * key, int keyusage,
2036 Shishi_asn1 * encapreppart);
2037 extern int shishi_aprep_verify (Shishi * handle, Shishi_asn1 authenticator,
2038 Shishi_asn1 encapreppart);
2039 extern int shishi_aprep_enc_part_set (Shishi * handle, Shishi_asn1 aprep,
2040 int etype,
2041 const char *buf, size_t buflen);
2042 extern int shishi_aprep_enc_part_add (Shishi * handle, Shishi_asn1 aprep,
2043 Shishi_asn1 encticketpart,
2044 Shishi_asn1 encapreppart);
2045 extern int shishi_aprep_enc_part_make (Shishi * handle, Shishi_asn1 aprep,
2046 Shishi_asn1 encapreppart,
2047 Shishi_asn1 authenticator,
2048 Shishi_asn1 encticketpart);
2049 extern int shishi_aprep_get_enc_part_etype (Shishi * handle,
2050 Shishi_asn1 aprep,
2051 int32_t * etype);
2052
2053 /* netio.c */
2054 extern int shishi_kdc_sendrecv (Shishi * handle, char *realm,
2055 const char *indata, size_t inlen,
2056 char **outdata, size_t * outlen);
2057 extern int shishi_kdc_sendrecv_hint (Shishi * handle, char *realm,
2058 const char *indata, size_t inlen,
2059 char **outdata, size_t * outlen,
2060 Shishi_tkts_hint * hint);
2061
2062 /* encticketpart.c */
2063 extern Shishi_asn1 shishi_encticketpart (Shishi * handle);
2064 extern int shishi_encticketpart_key_set (Shishi * handle,
2065 Shishi_asn1 encticketpart,
2066 Shishi_key * key);
2067 extern int shishi_encticketpart_get_key (Shishi * handle,
2068 Shishi_asn1 encticketpart,
2069 Shishi_key ** key);
2070 extern int shishi_encticketpart_crealm (Shishi * handle,
2071 Shishi_asn1 encticketpart,
2072 char **crealm, size_t * crealmlen);
2073 extern int shishi_encticketpart_crealm_set (Shishi * handle,
2074 Shishi_asn1 encticketpart,
2075 const char *realm);
2076 extern int shishi_encticketpart_client (Shishi * handle,
2077 Shishi_asn1 encticketpart,
2078 char **client, size_t * clientlen);
2079 extern int shishi_encticketpart_clientrealm (Shishi * handle,
2080 Shishi_asn1 encticketpart,
2081 char **client, size_t *clientlen);
2082 extern int shishi_encticketpart_cname_set (Shishi * handle,
2083 Shishi_asn1 encticketpart,
2084 Shishi_name_type name_type,
2085 const char *principal);
2086 extern int shishi_encticketpart_print (Shishi * handle, FILE * fh,
2087 Shishi_asn1 encticketpart);
2088 extern int shishi_encticketpart_flags_set (Shishi * handle,
2089 Shishi_asn1 encticketpart,
2090 int flags);
2091 extern int shishi_encticketpart_transited_set (Shishi * handle,
2092 Shishi_asn1 encticketpart,
2093 int32_t trtype,
2094 const char *trdata,
2095 size_t trdatalen);
2096 extern int shishi_encticketpart_authtime_set (Shishi * handle,
2097 Shishi_asn1 encticketpart,
2098 const char *authtime);
2099 extern int shishi_encticketpart_endtime_set (Shishi * handle,
2100 Shishi_asn1 encticketpart,
2101 const char *endtime);
2102 extern int shishi_encticketpart_authtime (Shishi * handle,
2103 Shishi_asn1 encticketpart,
2104 char *authtime,
2105 size_t * authtimelen);
2106 extern time_t shishi_encticketpart_authctime (Shishi * handle,
2107 Shishi_asn1 encticketpart);
2108
2109 /* safe.c */
2110 extern int shishi_safe (Shishi * handle, Shishi_safe ** safe);
2111 extern void shishi_safe_done (Shishi_safe * safe);
2112 extern Shishi_key *shishi_safe_key (Shishi_safe * safe);
2113 extern void shishi_safe_key_set (Shishi_safe * safe, Shishi_key * key);
2114 extern Shishi_asn1 shishi_safe_safe (Shishi_safe * safe);
2115 extern void shishi_safe_safe_set (Shishi_safe * safe, Shishi_asn1 asn1safe);
2116 extern int shishi_safe_safe_der (Shishi_safe * safe, char **out,
2117 size_t * outlen);
2118 extern int shishi_safe_safe_der_set (Shishi_safe * safe,
2119 char *der, size_t derlen);
2120 extern int shishi_safe_print (Shishi * handle, FILE * fh, Shishi_asn1 safe);
2121 extern int shishi_safe_save (Shishi * handle, FILE * fh, Shishi_asn1 safe);
2122 extern int shishi_safe_to_file (Shishi * handle, Shishi_asn1 safe,
2123 int filetype, const char *filename);
2124 extern int shishi_safe_parse (Shishi * handle, FILE * fh, Shishi_asn1 * safe);
2125 extern int shishi_safe_read (Shishi * handle, FILE * fh, Shishi_asn1 * safe);
2126 extern int shishi_safe_from_file (Shishi * handle, Shishi_asn1 * safe,
2127 int filetype, const char *filename);
2128 extern int shishi_safe_cksum (Shishi * handle,
2129 Shishi_asn1 safe,
2130 int32_t * cksumtype,
2131 char **cksum, size_t * cksumlen);
2132 extern int shishi_safe_set_cksum (Shishi * handle,
2133 Shishi_asn1 safe,
2134 int32_t cksumtype,
2135 const char *cksum, size_t cksumlen);
2136 extern int shishi_safe_user_data (Shishi * handle,
2137 Shishi_asn1 safe,
2138 char **userdata, size_t * userdatalen);
2139 extern int shishi_safe_set_user_data (Shishi * handle,
2140 Shishi_asn1 safe,
2141 const char *userdata,
2142 size_t userdatalen);
2143 extern int shishi_safe_build (Shishi_safe * safe, Shishi_key * key);
2144 extern int shishi_safe_verify (Shishi_safe * safe, Shishi_key * key);
2145
2146 /* priv.c */
2147 extern int shishi_priv (Shishi * handle, Shishi_priv ** priv);
2148 extern void shishi_priv_done (Shishi_priv * priv);
2149 extern Shishi_key *shishi_priv_key (Shishi_priv * priv);
2150 extern void shishi_priv_key_set (Shishi_priv * priv, Shishi_key * key);
2151 extern Shishi_asn1 shishi_priv_priv (Shishi_priv * priv);
2152 extern void shishi_priv_priv_set (Shishi_priv * priv, Shishi_asn1 asn1priv);
2153 extern int shishi_priv_priv_der (Shishi_priv * priv, char **out,
2154 size_t * outlen);
2155 extern int shishi_priv_priv_der_set (Shishi_priv * priv,
2156 char *der, size_t derlen);
2157 extern Shishi_asn1 shishi_priv_encprivpart (Shishi_priv * priv);
2158 extern void shishi_priv_encprivpart_set (Shishi_priv * priv,
2159 Shishi_asn1 asn1encprivpart);
2160 extern int shishi_priv_encprivpart_der (Shishi_priv * priv, char **out,
2161 size_t * outlen);
2162 extern int shishi_priv_encprivpart_der_set (Shishi_priv * priv,
2163 char *der, size_t derlen);
2164 extern int shishi_priv_print (Shishi * handle, FILE * fh, Shishi_asn1 priv);
2165 extern int shishi_priv_save (Shishi * handle, FILE * fh, Shishi_asn1 priv);
2166 extern int shishi_priv_to_file (Shishi * handle, Shishi_asn1 priv,
2167 int filetype, const char *filename);
2168 extern int shishi_priv_parse (Shishi * handle, FILE * fh, Shishi_asn1 * priv);
2169 extern int shishi_priv_read (Shishi * handle, FILE * fh, Shishi_asn1 * priv);
2170 extern int shishi_priv_from_file (Shishi * handle, Shishi_asn1 * priv,
2171 int filetype, const char *filename);
2172 extern int shishi_priv_enc_part_etype (Shishi * handle,
2173 Shishi_asn1 priv, int32_t * etype);
2174 extern int shishi_priv_set_enc_part (Shishi * handle,
2175 Shishi_asn1 priv,
2176 int32_t etype,
2177 const char *encpart, size_t encpartlen);
2178 extern int shishi_encprivpart_user_data (Shishi * handle,
2179 Shishi_asn1 encprivpart,
2180 char **userdata,
2181 size_t * userdatalen);
2182 extern int shishi_encprivpart_set_user_data (Shishi * handle,
2183 Shishi_asn1 encprivpart,
2184 const char *userdata,
2185 size_t userdatalen);
2186 extern int shishi_priv_build (Shishi_priv * priv, Shishi_key * key);
2187 extern int shishi_priv_process (Shishi_priv * priv, Shishi_key * key);
2188
2189 /* authorize.c */
2190 extern int shishi_authorized_p (Shishi * handle,
2191 Shishi_tkt * tkt, const char *authzname);
2192 extern int shishi_authorization_parse (const char *authorization);
2193 extern int shishi_authorize_strcmp (Shishi * handle, const char *principal,
2194 const char *authzname);
2195 extern int shishi_authorize_k5login (Shishi * handle, const char *principal,
2196 const char *authzname);
2197
2198 /* pki.c */
2199 extern char *shishi_x509ca_default_file_guess (Shishi * handle);
2200 extern void shishi_x509ca_default_file_set (Shishi * handle,
2201 const char *x509cafile);
2202 extern const char *shishi_x509ca_default_file (Shishi * handle);
2203 extern char *shishi_x509ca_default_file_guess (Shishi * handle);
2204 extern char *shishi_x509cert_default_file_guess (Shishi * handle);
2205 extern void shishi_x509cert_default_file_set (Shishi * handle,
2206 const char *x509certfile);
2207 extern const char *shishi_x509cert_default_file (Shishi * handle);
2208 extern char *shishi_x509key_default_file_guess (Shishi * handle);
2209 extern void shishi_x509key_default_file_set (Shishi * handle,
2210 const char *x509keyfile);
2211 extern const char *shishi_x509key_default_file (Shishi * handle);
2212
2213 /* utils.c */
2214 extern time_t shishi_get_date (const char *p, const time_t * now);
2215 extern void shishi_xalloc_die (void);
2216
2217 /* resolv.c */
2218 extern Shishi_dns shishi_resolv (const char *zone, uint16_t querytype);
2219 extern void shishi_resolv_free (Shishi_dns rrs);
2220
2221 #endif
Free Kerberos V5 implementation