/**
* shishi_kdcreq_to_file:
* @handle: shishi handle as allocated by shishi_init().
* @kdcreq: KDC-REQ to save.
* @filetype: input variable specifying type of file to be written,
* see Shishi_filetype.
* @filename: input variable with filename to write to.
*
* Write KDC-REQ to file in specified TYPE. The file will be truncated
* if it exists.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_kdcreq_to_file (Shishi * handle, Shishi_asn1 kdcreq,
int filetype, const char *filename)
{
FILE *fh;
int res;
if (VERBOSE (handle))
printf (_("Writing KDC-REQ to %s...\n"), filename);
fh = fopen (filename, "w");
if (fh == NULL)
return SHISHI_FOPEN_ERROR;
if (VERBOSE (handle))
printf (_("Writing KDC-REQ in %s format...\n"),
filetype == SHISHI_FILETYPE_TEXT ? "TEXT" : "DER");
if (filetype == SHISHI_FILETYPE_TEXT)
res = shishi_kdcreq_print (handle, fh, kdcreq);
else
res = shishi_kdcreq_save (handle, fh, kdcreq);
if (res != SHISHI_OK)
return res;
res = fclose (fh);
if (res != 0)
return SHISHI_IO_ERROR;
if (VERBOSE (handle))
printf (_("Writing KDC-REQ to %s...done\n"), filename);
return SHISHI_OK;
}
/**
* shishi_tgs_sendrecv_hint:
* @tgs: structure that holds information about TGS exchange
* @hint: additional parameters that modify connection behaviour, or %NULL.
*
* Send TGS-REQ and receive TGS-REP or KRB-ERROR. This is the
* subsequent authentication, usually used to acquire server tickets.
* The @hint structure can be used to set, e.g., parameters for TLS
* authentication.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_tgs_sendrecv_hint (Shishi_tgs * tgs, Shishi_tkts_hint * hint)
{
int res;
if (VERBOSE (tgs->handle))
printf ("Sending TGS-REQ...\n");
if (VERBOSEASN1 (tgs->handle))
shishi_kdcreq_print (tgs->handle, stdout, tgs->tgsreq);
res = shishi_kdcreq_sendrecv_hint (tgs->handle, tgs->tgsreq,
&tgs->tgsrep, hint);
if (res == SHISHI_GOT_KRBERROR)
{
tgs->krberror = tgs->tgsrep;
tgs->tgsrep = NULL;
if (VERBOSE (tgs->handle))
printf ("Received KRB-ERROR...\n");
if (VERBOSEASN1 (tgs->handle))
shishi_krberror_print (tgs->handle, stdout, tgs->krberror);
}
if (res != SHISHI_OK)
return res;
if (VERBOSE (tgs->handle))
printf ("Received TGS-REP...\n");
if (VERBOSEASN1 (tgs->handle))
shishi_kdcrep_print (tgs->handle, stdout, tgs->tgsrep);
return SHISHI_OK;
}
void
test (Shishi * handle)
{
Shishi_asn1 req, rep;
char *reqder, *repder;
size_t reqderlen, repderlen;
int rc;
uint32_t nonce;
if (!base64_decode_alloc (asreq, strlen (asreq), &reqder, &reqderlen))
fail ("base64 req\n");
if (!base64_decode_alloc (asreppart, strlen (asreppart), &repder, &repderlen))
fail ("base64 rep\n");
req = shishi_der2asn1_asreq (handle, reqder, reqderlen);
if (!req)
fail ("der2asn1 req\n");
rep = shishi_der2asn1_encasreppart (handle, repder, repderlen);
if (!rep)
fail ("der2asn1 rep\n");
if (debug)
{
shishi_kdcreq_print (handle, stdout, req);
shishi_enckdcreppart_print (handle, stdout, rep);
}
/* Read and check req */
rc = shishi_asn1_read_uint32 (handle, req, "req-body.nonce", &nonce);
if (rc)
fail ("shishi_asn1_read_uint32\n");
printf ("req nonce: %x\n", nonce);
if (nonce != 0x09575283)
fail ("nonce mismatch low\n");
rc = shishi_kdcreq_nonce (handle, req, &nonce);
if (rc)
fail ("shishi_kdcreq_nonce\n");
printf ("req nonce: %x\n", nonce);
if (nonce != 0x09575283)
fail ("nonce mismatch high");
/* Read and check rep */
rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce);
if (rc)
fail ("read rep uint32");
printf ("old rep nonce: %x\n", nonce);
if (nonce != 0x7fffffff)
fail ("nonce mismatch high");
/* Copy nonce. */
rc = shishi_kdc_copy_nonce (handle, req, rep);
if (rc)
fail ("shishi_kdc_copy_nonce\n");
/* Read and check rep */
rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce);
if (rc)
fail ("read rep uint32");
printf ("new rep nonce: %x\n", nonce);
if (nonce != 0x09575283)
fail ("nonce mismatch high");
free (reqder);
free (repder);
shishi_asn1_done (handle, req);
shishi_asn1_done (handle, rep);
}
