void
mshim_herror2merror(krb5_context context, const krb5_error *h, mit_krb5_error *m)
{
LOG_ENTRY();
memset(m, 0, sizeof(*m));
m->magic = MIT_KV5M_ERROR;
if (h->ctime)
m->ctime = *h->ctime;
if (h->cusec)
m->cusec = *h->cusec;
m->stime = h->stime;
m->susec = h->susec;
#if 0
m->client = mshim_hprinc2mprinc(context, h->client);
m->server = mshim_hprinc2mprinc(context, h->server);
#endif
m->error = h->error_code;
if (h->e_text) {
m->text.magic = MIT_KV5M_DATA;
m->text.data = strdup(*(h->e_text));
m->text.length = strlen(*(h->e_text));
}
if (h->e_data)
mshim_hdata2mdata(h->e_data, &m->e_data);
#if 0
krb5_principal client; /* client's principal identifier;
optional */
krb5_principal server; /* server's principal identifier */
#endif
}
mit_krb5_error_code KRB5_CALLCONV
krb5_c_encrypt(mit_krb5_context context,
const mit_krb5_keyblock *key,
mit_krb5_keyusage usage,
const mit_krb5_data *ivec,
const mit_krb5_data *input,
mit_krb5_enc_data *output)
{
LOG_ENTRY();
krb5_error_code ret;
krb5_crypto crypto;
krb5_keyblock keyblock;
krb5_data odata;
mshim_mkeyblock2hkeyblock(key, &keyblock);
ret = heim_krb5_crypto_init(HC(context), &keyblock, 0, &crypto);
heim_krb5_free_keyblock_contents(HC(context), &keyblock);
if (ret)
return ret;
if (ivec) {
size_t blocksize;
ret = heim_krb5_crypto_getblocksize(HC(context), crypto, &blocksize);
if (ret) {
heim_krb5_crypto_destroy(HC(context), crypto);
return ret;
}
if (blocksize > ivec->length) {
heim_krb5_crypto_destroy(HC(context), crypto);
return KRB5_BAD_MSIZE;
}
}
ret = heim_krb5_encrypt_ivec(HC(context), crypto, usage,
input->data, input->length,
&odata,
ivec ? ivec->data : NULL);
// output->magic = KV5M_ENC_DATA;
output->kvno = 0;
if (ret == 0) {
heim_krb5_crypto_getenctype(HC(context), crypto, &output->enctype);
mshim_hdata2mdata(&odata, &output->ciphertext);
heim_krb5_data_free(&odata);
}
heim_krb5_crypto_destroy(HC(context), crypto);
return ret ;
}
void
mshim_hcred2mcred(krb5_context context, krb5_creds *h, mit_krb5_creds *m)
{
memset(m, 0, sizeof(*m));
m->magic = MIT_KV5M_CREDS;
m->client = mshim_hprinc2mprinc(context, h->client);
m->server = mshim_hprinc2mprinc(context, h->server);
mshim_hkeyblock2mkeyblock(&h->session, &m->keyblock);
mshim_hdata2mdata(&h->ticket, &m->ticket);
m->times.authtime = h->times.authtime;
m->times.starttime = h->times.starttime;
m->times.endtime = h->times.endtime;
m->times.renew_till = h->times.renew_till;
m->ticket_flags = 0;
if (h->flags.b.forwardable)
m->ticket_flags |= MIT_TKT_FLG_FORWARDABLE;
if (h->flags.b.forwarded)
m->ticket_flags |= MIT_TKT_FLG_FORWARDED;
if (h->flags.b.proxiable)
m->ticket_flags |= MIT_TKT_FLG_PROXIABLE;
if (h->flags.b.proxy)
m->ticket_flags |= MIT_TKT_FLG_PROXY;
if (h->flags.b.may_postdate)
m->ticket_flags |= MIT_TKT_FLG_MAY_POSTDATE;
if (h->flags.b.postdated)
m->ticket_flags |= MIT_TKT_FLG_POSTDATED;
if (h->flags.b.invalid)
m->ticket_flags |= MIT_TKT_FLG_INVALID;
if (h->flags.b.renewable)
m->ticket_flags |= MIT_TKT_FLG_RENEWABLE;
if (h->flags.b.initial)
m->ticket_flags |= MIT_TKT_FLG_INITIAL;
if (h->flags.b.pre_authent)
m->ticket_flags |= MIT_TKT_FLG_PRE_AUTH;
if (h->flags.b.hw_authent)
m->ticket_flags |= MIT_TKT_FLG_HW_AUTH;
if (h->flags.b.transited_policy_checked)
m->ticket_flags |= MIT_TKT_FLG_TRANSIT_POLICY_CHECKED;
if (h->flags.b.ok_as_delegate)
m->ticket_flags |= MIT_TKT_FLG_OK_AS_DELEGATE;
if (h->flags.b.anonymous)
m->ticket_flags |= MIT_TKT_FLG_ANONYMOUS;
}
mit_krb5_error_code KRB5_CALLCONV
krb5_principal2salt(mit_krb5_context context,
mit_krb5_const_principal principal,
mit_krb5_data *salt)
{
struct comb_principal *c = (struct comb_principal *)principal;
krb5_error_code ret;
krb5_salt hsalt;
memset(salt, 0, sizeof(*salt));
ret = heim_krb5_get_pw_salt(HC(context), c->heim, &hsalt);
if (ret)
return ret;
mshim_hdata2mdata(&hsalt.saltvalue, salt);
heim_krb5_free_salt(HC(context), hsalt);
return 0;
}
