/** * shishi_apreq_set_authenticator: * @handle: shishi handle as allocated by shishi_init(). * @apreq: AP-REQ to add authenticator field to. * @etype: encryption type used to encrypt authenticator. * @kvno: version of the key used to encrypt authenticator. * @buf: input array with encrypted authenticator. * @buflen: size of input array with encrypted authenticator. * * Set the encrypted authenticator field in the AP-REP. The encrypted * data is usually created by calling shishi_encrypt() on the DER * encoded authenticator. To save time, you may want to use * shishi_apreq_add_authenticator() instead, which calculates the * encrypted data and calls this function in one step. * * Return value: Returns SHISHI_OK on success. **/ int shishi_apreq_set_authenticator (Shishi * handle, Shishi_asn1 apreq, int32_t etype, uint32_t kvno, const char *buf, size_t buflen) { int res; res = shishi_asn1_write (handle, apreq, "authenticator.cipher", buf, buflen); if (res != SHISHI_OK) return res; if (kvno == UINT32_MAX) res = shishi_asn1_write (handle, apreq, "authenticator.kvno", NULL, 0); else res = shishi_asn1_write_int32 (handle, apreq, "authenticator.kvno", kvno); if (res != SHISHI_OK) return res; res = shishi_asn1_write_int32 (handle, apreq, "authenticator.etype", etype); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_kdcreq_set_etype: * @handle: shishi handle as allocated by shishi_init(). * @kdcreq: KDC-REQ variable to set etype field in. * @etype: input array with encryption types. * @netype: number of elements in input array with encryption types. * * Set the list of supported or wanted encryption types in the * request. The list should be sorted in priority order. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_kdcreq_set_etype (Shishi * handle, Shishi_asn1 kdcreq, int32_t * etype, int netype) { int res; char *buf; int i; res = shishi_asn1_write (handle, kdcreq, "req-body.etype", NULL, 0); if (res != SHISHI_OK) return res; for (i = 1; i <= netype; i++) { res = shishi_asn1_write (handle, kdcreq, "req-body.etype", "NEW", 1); if (res != SHISHI_OK) return res; asprintf (&buf, "req-body.etype.?%d", i); res = shishi_asn1_write_int32 (handle, kdcreq, buf, etype[i - 1]); free (buf); if (res != SHISHI_OK) return res; } return SHISHI_OK; }
/** * shishi_authenticator_set_subkey: * @handle: shishi handle as allocated by shishi_init(). * @authenticator: authenticator as allocated by shishi_authenticator(). * @subkeytype: input subkey type to store in authenticator. * @subkey: input subkey data to store in authenticator. * @subkeylen: size of input subkey data to store in authenticator. * * Store subkey value in authenticator. A subkey is usually created * by calling shishi_key_random() using the default encryption type of * the key from the ticket that is being used. To save time, you may * want to use shishi_authenticator_add_subkey() instead, which calculates * the subkey and calls this function in one step. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_authenticator_set_subkey (Shishi * handle, Shishi_asn1 authenticator, int32_t subkeytype, const char *subkey, size_t subkeylen) { int res; res = shishi_asn1_write_int32 (handle, authenticator, "subkey.keytype", subkeytype); if (res != SHISHI_OK) return res; res = shishi_asn1_write (handle, authenticator, "subkey.keyvalue", subkey, subkeylen); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_authenticator_set_cksum: * @handle: shishi handle as allocated by shishi_init(). * @authenticator: authenticator as allocated by shishi_authenticator(). * @cksumtype: input checksum type to store in authenticator. * @cksum: input checksum data to store in authenticator. * @cksumlen: size of input checksum data to store in authenticator. * * Store checksum value in authenticator. A checksum is usually created * by calling shishi_checksum() on some application specific data using * the key from the ticket that is being used. To save time, you may * want to use shishi_authenticator_add_cksum() instead, which calculates * the checksum and calls this function in one step. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_authenticator_set_cksum (Shishi * handle, Shishi_asn1 authenticator, int32_t cksumtype, char *cksum, size_t cksumlen) { int res; res = shishi_asn1_write_int32 (handle, authenticator, "cksum.cksumtype", cksumtype); if (res != SHISHI_OK) return res; res = shishi_asn1_write (handle, authenticator, "cksum.checksum", cksum, cksumlen); if (res != SHISHI_OK) return res; return SHISHI_OK; }
/** * shishi_encticketpart_transited_set: * @handle: shishi handle as allocated by shishi_init(). * @encticketpart: input EncTicketPart variable. * @trtype: transitedencoding type, e.g. SHISHI_TR_DOMAIN_X500_COMPRESS. * @trdata: actual transited realm data. * @trdatalen: length of actual transited realm data. * * Set the EncTicketPart.transited field to supplied value. * * Return value: Returns %SHISHI_OK iff successful. **/ int shishi_encticketpart_transited_set (Shishi * handle, Shishi_asn1 encticketpart, int32_t trtype, const char *trdata, size_t trdatalen) { int res; res = shishi_asn1_write_int32 (handle, encticketpart, "transited.tr-type", trtype); if (res != SHISHI_OK) return res; res = shishi_asn1_write (handle, encticketpart, "transited.contents", trdata, trdatalen); if (res != SHISHI_OK) return res; return SHISHI_OK; }