/**
* shishi_apreq_set_authenticator:
* @handle: shishi handle as allocated by shishi_init().
* @apreq: AP-REQ to add authenticator field to.
* @etype: encryption type used to encrypt authenticator.
* @kvno: version of the key used to encrypt authenticator.
* @buf: input array with encrypted authenticator.
* @buflen: size of input array with encrypted authenticator.
*
* Set the encrypted authenticator field in the AP-REP. The encrypted
* data is usually created by calling shishi_encrypt() on the DER
* encoded authenticator. To save time, you may want to use
* shishi_apreq_add_authenticator() instead, which calculates the
* encrypted data and calls this function in one step.
*
* Return value: Returns SHISHI_OK on success.
**/
int
shishi_apreq_set_authenticator (Shishi * handle,
Shishi_asn1 apreq,
int32_t etype, uint32_t kvno,
const char *buf, size_t buflen)
{
int res;
res = shishi_asn1_write (handle, apreq, "authenticator.cipher",
buf, buflen);
if (res != SHISHI_OK)
return res;
if (kvno == UINT32_MAX)
res = shishi_asn1_write (handle, apreq, "authenticator.kvno", NULL, 0);
else
res = shishi_asn1_write_int32 (handle, apreq, "authenticator.kvno", kvno);
if (res != SHISHI_OK)
return res;
res = shishi_asn1_write_int32 (handle, apreq, "authenticator.etype", etype);
if (res != SHISHI_OK)
return res;
return SHISHI_OK;
}
/**
* shishi_kdcreq_set_etype:
* @handle: shishi handle as allocated by shishi_init().
* @kdcreq: KDC-REQ variable to set etype field in.
* @etype: input array with encryption types.
* @netype: number of elements in input array with encryption types.
*
* Set the list of supported or wanted encryption types in the
* request. The list should be sorted in priority order.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_kdcreq_set_etype (Shishi * handle,
Shishi_asn1 kdcreq, int32_t * etype, int netype)
{
int res;
char *buf;
int i;
res = shishi_asn1_write (handle, kdcreq, "req-body.etype", NULL, 0);
if (res != SHISHI_OK)
return res;
for (i = 1; i <= netype; i++)
{
res = shishi_asn1_write (handle, kdcreq, "req-body.etype", "NEW", 1);
if (res != SHISHI_OK)
return res;
asprintf (&buf, "req-body.etype.?%d", i);
res = shishi_asn1_write_int32 (handle, kdcreq, buf, etype[i - 1]);
free (buf);
if (res != SHISHI_OK)
return res;
}
return SHISHI_OK;
}
/**
* shishi_authenticator_set_subkey:
* @handle: shishi handle as allocated by shishi_init().
* @authenticator: authenticator as allocated by shishi_authenticator().
* @subkeytype: input subkey type to store in authenticator.
* @subkey: input subkey data to store in authenticator.
* @subkeylen: size of input subkey data to store in authenticator.
*
* Store subkey value in authenticator. A subkey is usually created
* by calling shishi_key_random() using the default encryption type of
* the key from the ticket that is being used. To save time, you may
* want to use shishi_authenticator_add_subkey() instead, which calculates
* the subkey and calls this function in one step.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_authenticator_set_subkey (Shishi * handle,
Shishi_asn1 authenticator,
int32_t subkeytype,
const char *subkey, size_t subkeylen)
{
int res;
res = shishi_asn1_write_int32 (handle, authenticator,
"subkey.keytype", subkeytype);
if (res != SHISHI_OK)
return res;
res = shishi_asn1_write (handle, authenticator, "subkey.keyvalue",
subkey, subkeylen);
if (res != SHISHI_OK)
return res;
return SHISHI_OK;
}
/**
* shishi_authenticator_set_cksum:
* @handle: shishi handle as allocated by shishi_init().
* @authenticator: authenticator as allocated by shishi_authenticator().
* @cksumtype: input checksum type to store in authenticator.
* @cksum: input checksum data to store in authenticator.
* @cksumlen: size of input checksum data to store in authenticator.
*
* Store checksum value in authenticator. A checksum is usually created
* by calling shishi_checksum() on some application specific data using
* the key from the ticket that is being used. To save time, you may
* want to use shishi_authenticator_add_cksum() instead, which calculates
* the checksum and calls this function in one step.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_authenticator_set_cksum (Shishi * handle,
Shishi_asn1 authenticator,
int32_t cksumtype,
char *cksum, size_t cksumlen)
{
int res;
res = shishi_asn1_write_int32 (handle, authenticator,
"cksum.cksumtype", cksumtype);
if (res != SHISHI_OK)
return res;
res = shishi_asn1_write (handle, authenticator, "cksum.checksum",
cksum, cksumlen);
if (res != SHISHI_OK)
return res;
return SHISHI_OK;
}
/**
* shishi_encticketpart_transited_set:
* @handle: shishi handle as allocated by shishi_init().
* @encticketpart: input EncTicketPart variable.
* @trtype: transitedencoding type, e.g. SHISHI_TR_DOMAIN_X500_COMPRESS.
* @trdata: actual transited realm data.
* @trdatalen: length of actual transited realm data.
*
* Set the EncTicketPart.transited field to supplied value.
*
* Return value: Returns %SHISHI_OK iff successful.
**/
int
shishi_encticketpart_transited_set (Shishi * handle,
Shishi_asn1 encticketpart,
int32_t trtype,
const char *trdata, size_t trdatalen)
{
int res;
res = shishi_asn1_write_int32 (handle, encticketpart,
"transited.tr-type", trtype);
if (res != SHISHI_OK)
return res;
res = shishi_asn1_write (handle, encticketpart,
"transited.contents", trdata, trdatalen);
if (res != SHISHI_OK)
return res;
return SHISHI_OK;
}
