void mshim_herror2merror(krb5_context context, const krb5_error *h, mit_krb5_error *m) { LOG_ENTRY(); memset(m, 0, sizeof(*m)); m->magic = MIT_KV5M_ERROR; if (h->ctime) m->ctime = *h->ctime; if (h->cusec) m->cusec = *h->cusec; m->stime = h->stime; m->susec = h->susec; #if 0 m->client = mshim_hprinc2mprinc(context, h->client); m->server = mshim_hprinc2mprinc(context, h->server); #endif m->error = h->error_code; if (h->e_text) { m->text.magic = MIT_KV5M_DATA; m->text.data = strdup(*(h->e_text)); m->text.length = strlen(*(h->e_text)); } if (h->e_data) mshim_hdata2mdata(h->e_data, &m->e_data); #if 0 krb5_principal client; /* client's principal identifier; optional */ krb5_principal server; /* server's principal identifier */ #endif }
mit_krb5_error_code KRB5_CALLCONV krb5_c_encrypt(mit_krb5_context context, const mit_krb5_keyblock *key, mit_krb5_keyusage usage, const mit_krb5_data *ivec, const mit_krb5_data *input, mit_krb5_enc_data *output) { LOG_ENTRY(); krb5_error_code ret; krb5_crypto crypto; krb5_keyblock keyblock; krb5_data odata; mshim_mkeyblock2hkeyblock(key, &keyblock); ret = heim_krb5_crypto_init(HC(context), &keyblock, 0, &crypto); heim_krb5_free_keyblock_contents(HC(context), &keyblock); if (ret) return ret; if (ivec) { size_t blocksize; ret = heim_krb5_crypto_getblocksize(HC(context), crypto, &blocksize); if (ret) { heim_krb5_crypto_destroy(HC(context), crypto); return ret; } if (blocksize > ivec->length) { heim_krb5_crypto_destroy(HC(context), crypto); return KRB5_BAD_MSIZE; } } ret = heim_krb5_encrypt_ivec(HC(context), crypto, usage, input->data, input->length, &odata, ivec ? ivec->data : NULL); // output->magic = KV5M_ENC_DATA; output->kvno = 0; if (ret == 0) { heim_krb5_crypto_getenctype(HC(context), crypto, &output->enctype); mshim_hdata2mdata(&odata, &output->ciphertext); heim_krb5_data_free(&odata); } heim_krb5_crypto_destroy(HC(context), crypto); return ret ; }
void mshim_hcred2mcred(krb5_context context, krb5_creds *h, mit_krb5_creds *m) { memset(m, 0, sizeof(*m)); m->magic = MIT_KV5M_CREDS; m->client = mshim_hprinc2mprinc(context, h->client); m->server = mshim_hprinc2mprinc(context, h->server); mshim_hkeyblock2mkeyblock(&h->session, &m->keyblock); mshim_hdata2mdata(&h->ticket, &m->ticket); m->times.authtime = h->times.authtime; m->times.starttime = h->times.starttime; m->times.endtime = h->times.endtime; m->times.renew_till = h->times.renew_till; m->ticket_flags = 0; if (h->flags.b.forwardable) m->ticket_flags |= MIT_TKT_FLG_FORWARDABLE; if (h->flags.b.forwarded) m->ticket_flags |= MIT_TKT_FLG_FORWARDED; if (h->flags.b.proxiable) m->ticket_flags |= MIT_TKT_FLG_PROXIABLE; if (h->flags.b.proxy) m->ticket_flags |= MIT_TKT_FLG_PROXY; if (h->flags.b.may_postdate) m->ticket_flags |= MIT_TKT_FLG_MAY_POSTDATE; if (h->flags.b.postdated) m->ticket_flags |= MIT_TKT_FLG_POSTDATED; if (h->flags.b.invalid) m->ticket_flags |= MIT_TKT_FLG_INVALID; if (h->flags.b.renewable) m->ticket_flags |= MIT_TKT_FLG_RENEWABLE; if (h->flags.b.initial) m->ticket_flags |= MIT_TKT_FLG_INITIAL; if (h->flags.b.pre_authent) m->ticket_flags |= MIT_TKT_FLG_PRE_AUTH; if (h->flags.b.hw_authent) m->ticket_flags |= MIT_TKT_FLG_HW_AUTH; if (h->flags.b.transited_policy_checked) m->ticket_flags |= MIT_TKT_FLG_TRANSIT_POLICY_CHECKED; if (h->flags.b.ok_as_delegate) m->ticket_flags |= MIT_TKT_FLG_OK_AS_DELEGATE; if (h->flags.b.anonymous) m->ticket_flags |= MIT_TKT_FLG_ANONYMOUS; }
mit_krb5_error_code KRB5_CALLCONV krb5_principal2salt(mit_krb5_context context, mit_krb5_const_principal principal, mit_krb5_data *salt) { struct comb_principal *c = (struct comb_principal *)principal; krb5_error_code ret; krb5_salt hsalt; memset(salt, 0, sizeof(*salt)); ret = heim_krb5_get_pw_salt(HC(context), c->heim, &hsalt); if (ret) return ret; mshim_hdata2mdata(&hsalt.saltvalue, salt); heim_krb5_free_salt(HC(context), hsalt); return 0; }