/**
* shishi_encapreppart_to_file:
* @handle: shishi handle as allocated by shishi_init().
* @encapreppart: EncAPRepPart to save.
* @filetype: input variable specifying type of file to be written,
* see Shishi_filetype.
* @filename: input variable with filename to write to.
*
* Write EncAPRepPart to file in specified TYPE. The file will be
* truncated if it exists.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_encapreppart_to_file (Shishi * handle, Shishi_asn1 encapreppart,
int filetype, const char *filename)
{
FILE *fh;
int res;
if (VERBOSE (handle))
printf (_("Writing EncAPRepPart to %s...\n"), filename);
fh = fopen (filename, "w");
if (fh == NULL)
return SHISHI_FOPEN_ERROR;
if (VERBOSE (handle))
printf (_("Writing EncAPRepPart in %s format...\n"),
filetype == SHISHI_FILETYPE_TEXT ? "TEXT" : "DER");
if (filetype == SHISHI_FILETYPE_TEXT)
res = shishi_encapreppart_print (handle, fh, encapreppart);
else
res = shishi_encapreppart_save (handle, fh, encapreppart);
if (res != SHISHI_OK)
return res;
res = fclose (fh);
if (res != 0)
return SHISHI_IO_ERROR;
if (VERBOSE (handle))
printf (_("Writing EncAPRepPart to %s...done\n"), filename);
return SHISHI_OK;
}
static Shishi_ap *
auth (Shishi * h, int verbose, const char *cname, const char *sname)
{
Shishi_key *key;
Shishi_ap *ap;
Shishi_asn1 apreq;
char *buf;
size_t buflen;
int rc;
printf ("Client: %s\n", cname);
printf ("Server: %s\n", sname);
/* Get key for the server. */
key = shishi_hostkeys_for_server (h, sname);
if (!key)
{
printf ("could not find key: %s\n", shishi_error (h));
return NULL;
}
if (verbose)
shishi_key_print (h, stderr, key);
/* Read Authentication request from client */
printf ("Waiting for client to authenticate itself...\n");
rc = shishi_apreq_parse (h, stdin, &apreq);
if (rc != SHISHI_OK)
{
printf ("could not read AP-REQ: %s\n", shishi_strerror (rc));
return NULL;
}
/* Create Authentication context */
rc = shishi_ap (h, &ap);
if (rc != SHISHI_OK)
{
printf ("Could not create AP: %s\n", shishi_strerror (rc));
return NULL;
}
/* Store request in context */
shishi_ap_req_set (ap, apreq);
/* Process authentication request */
rc = shishi_ap_req_process (ap, key);
if (rc != SHISHI_OK)
{
printf ("Could not process AP-REQ: %s\n", shishi_strerror (rc));
return NULL;
}
if (verbose)
shishi_authenticator_print (h, stderr, shishi_ap_authenticator (ap));
rc = shishi_authenticator_client (h, shishi_ap_authenticator (ap),
&buf, &buflen);
printf ("Client name (from authenticator): %.*s\n", (int) buflen, buf);
free (buf);
rc = shishi_encticketpart_clientrealm
(h, shishi_tkt_encticketpart (shishi_ap_tkt (ap)), &buf, &buflen);
printf ("Client name (from encticketpart): %.*s\n", (int) buflen, buf);
free (buf);
rc = shishi_ticket_server (h, shishi_tkt_ticket (shishi_ap_tkt (ap)),
&buf, &buflen);
printf ("Server name (from ticket): %.*s\n", (int) buflen, buf);
free (buf);
/* User is authenticated. */
printf ("User authenticated.\n");
/* Authenticate ourself to client, if request */
if (shishi_apreq_mutual_required_p (h, apreq))
{
Shishi_asn1 aprep;
printf ("Mutual authentication required.\n");
rc = shishi_ap_rep_asn1 (ap, &aprep);
if (rc != SHISHI_OK)
{
printf ("Error creating AP-REP: %s\n", shishi_strerror (rc));
return NULL;
}
if (verbose)
shishi_encapreppart_print (h, stderr, shishi_ap_encapreppart (ap));
shishi_aprep_print (h, stdout, aprep);
/* We are authenticated to client */
}
return ap;
}