/** * shishi_kdcreq_to_file: * @handle: shishi handle as allocated by shishi_init(). * @kdcreq: KDC-REQ to save. * @filetype: input variable specifying type of file to be written, * see Shishi_filetype. * @filename: input variable with filename to write to. * * Write KDC-REQ to file in specified TYPE. The file will be truncated * if it exists. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_kdcreq_to_file (Shishi * handle, Shishi_asn1 kdcreq, int filetype, const char *filename) { FILE *fh; int res; if (VERBOSE (handle)) printf (_("Writing KDC-REQ to %s...\n"), filename); fh = fopen (filename, "w"); if (fh == NULL) return SHISHI_FOPEN_ERROR; if (VERBOSE (handle)) printf (_("Writing KDC-REQ in %s format...\n"), filetype == SHISHI_FILETYPE_TEXT ? "TEXT" : "DER"); if (filetype == SHISHI_FILETYPE_TEXT) res = shishi_kdcreq_print (handle, fh, kdcreq); else res = shishi_kdcreq_save (handle, fh, kdcreq); if (res != SHISHI_OK) return res; res = fclose (fh); if (res != 0) return SHISHI_IO_ERROR; if (VERBOSE (handle)) printf (_("Writing KDC-REQ to %s...done\n"), filename); return SHISHI_OK; }
/** * shishi_tgs_sendrecv_hint: * @tgs: structure that holds information about TGS exchange * @hint: additional parameters that modify connection behaviour, or %NULL. * * Send TGS-REQ and receive TGS-REP or KRB-ERROR. This is the * subsequent authentication, usually used to acquire server tickets. * The @hint structure can be used to set, e.g., parameters for TLS * authentication. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_tgs_sendrecv_hint (Shishi_tgs * tgs, Shishi_tkts_hint * hint) { int res; if (VERBOSE (tgs->handle)) printf ("Sending TGS-REQ...\n"); if (VERBOSEASN1 (tgs->handle)) shishi_kdcreq_print (tgs->handle, stdout, tgs->tgsreq); res = shishi_kdcreq_sendrecv_hint (tgs->handle, tgs->tgsreq, &tgs->tgsrep, hint); if (res == SHISHI_GOT_KRBERROR) { tgs->krberror = tgs->tgsrep; tgs->tgsrep = NULL; if (VERBOSE (tgs->handle)) printf ("Received KRB-ERROR...\n"); if (VERBOSEASN1 (tgs->handle)) shishi_krberror_print (tgs->handle, stdout, tgs->krberror); } if (res != SHISHI_OK) return res; if (VERBOSE (tgs->handle)) printf ("Received TGS-REP...\n"); if (VERBOSEASN1 (tgs->handle)) shishi_kdcrep_print (tgs->handle, stdout, tgs->tgsrep); return SHISHI_OK; }
void test (Shishi * handle) { Shishi_asn1 req, rep; char *reqder, *repder; size_t reqderlen, repderlen; int rc; uint32_t nonce; if (!base64_decode_alloc (asreq, strlen (asreq), &reqder, &reqderlen)) fail ("base64 req\n"); if (!base64_decode_alloc (asreppart, strlen (asreppart), &repder, &repderlen)) fail ("base64 rep\n"); req = shishi_der2asn1_asreq (handle, reqder, reqderlen); if (!req) fail ("der2asn1 req\n"); rep = shishi_der2asn1_encasreppart (handle, repder, repderlen); if (!rep) fail ("der2asn1 rep\n"); if (debug) { shishi_kdcreq_print (handle, stdout, req); shishi_enckdcreppart_print (handle, stdout, rep); } /* Read and check req */ rc = shishi_asn1_read_uint32 (handle, req, "req-body.nonce", &nonce); if (rc) fail ("shishi_asn1_read_uint32\n"); printf ("req nonce: %x\n", nonce); if (nonce != 0x09575283) fail ("nonce mismatch low\n"); rc = shishi_kdcreq_nonce (handle, req, &nonce); if (rc) fail ("shishi_kdcreq_nonce\n"); printf ("req nonce: %x\n", nonce); if (nonce != 0x09575283) fail ("nonce mismatch high"); /* Read and check rep */ rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce); if (rc) fail ("read rep uint32"); printf ("old rep nonce: %x\n", nonce); if (nonce != 0x7fffffff) fail ("nonce mismatch high"); /* Copy nonce. */ rc = shishi_kdc_copy_nonce (handle, req, rep); if (rc) fail ("shishi_kdc_copy_nonce\n"); /* Read and check rep */ rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce); if (rc) fail ("read rep uint32"); printf ("new rep nonce: %x\n", nonce); if (nonce != 0x09575283) fail ("nonce mismatch high"); free (reqder); free (repder); shishi_asn1_done (handle, req); shishi_asn1_done (handle, rep); }