/** * shishi_tgs_rep_build: * @tgs: structure that holds information about TGS exchange * @keyusage: keyusage integer. * @key: user's key, used to encrypt the encrypted part of the TGS-REP. * * Build TGS-REP. * * Return value: Returns SHISHI_OK iff successful. **/ int shishi_tgs_rep_build (Shishi_tgs * tgs, int keyusage, Shishi_key * key) { int rc; /* XXX there are reasons for having padata in TGS-REP */ rc = shishi_kdcrep_clear_padata (tgs->handle, tgs->tgsrep); if (rc != SHISHI_OK) return rc; rc = shishi_enckdcreppart_populate_encticketpart (tgs->handle, shishi_tkt_enckdcreppart (tgs->tkt), shishi_tkt_encticketpart (tgs->tkt)); if (rc != SHISHI_OK) return rc; rc = shishi_kdc_copy_nonce (tgs->handle, tgs->tgsreq, shishi_tkt_enckdcreppart (tgs->tkt)); if (rc != SHISHI_OK) return rc; rc = shishi_kdcrep_add_enc_part (tgs->handle, tgs->tgsrep, key, keyusage, shishi_tkt_enckdcreppart (tgs->tkt)); if (rc != SHISHI_OK) return rc; rc = shishi_kdcrep_set_ticket (tgs->handle, tgs->tgsrep, shishi_tkt_ticket (tgs->tkt)); if (rc != SHISHI_OK) return rc; rc = shishi_kdc_copy_crealm (tgs->handle, tgs->tgsrep, shishi_tkt_encticketpart (tgs->tkt)); if (rc != SHISHI_OK) return rc; rc = shishi_kdc_copy_cname (tgs->handle, tgs->tgsrep, shishi_tkt_encticketpart (tgs->tkt)); if (rc != SHISHI_OK) return rc; return SHISHI_OK; }
void test (Shishi * handle) { Shishi_asn1 req, rep; char *reqder, *repder; size_t reqderlen, repderlen; int rc; uint32_t nonce; if (!base64_decode_alloc (asreq, strlen (asreq), &reqder, &reqderlen)) fail ("base64 req\n"); if (!base64_decode_alloc (asreppart, strlen (asreppart), &repder, &repderlen)) fail ("base64 rep\n"); req = shishi_der2asn1_asreq (handle, reqder, reqderlen); if (!req) fail ("der2asn1 req\n"); rep = shishi_der2asn1_encasreppart (handle, repder, repderlen); if (!rep) fail ("der2asn1 rep\n"); if (debug) { shishi_kdcreq_print (handle, stdout, req); shishi_enckdcreppart_print (handle, stdout, rep); } /* Read and check req */ rc = shishi_asn1_read_uint32 (handle, req, "req-body.nonce", &nonce); if (rc) fail ("shishi_asn1_read_uint32\n"); printf ("req nonce: %x\n", nonce); if (nonce != 0x09575283) fail ("nonce mismatch low\n"); rc = shishi_kdcreq_nonce (handle, req, &nonce); if (rc) fail ("shishi_kdcreq_nonce\n"); printf ("req nonce: %x\n", nonce); if (nonce != 0x09575283) fail ("nonce mismatch high"); /* Read and check rep */ rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce); if (rc) fail ("read rep uint32"); printf ("old rep nonce: %x\n", nonce); if (nonce != 0x7fffffff) fail ("nonce mismatch high"); /* Copy nonce. */ rc = shishi_kdc_copy_nonce (handle, req, rep); if (rc) fail ("shishi_kdc_copy_nonce\n"); /* Read and check rep */ rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce); if (rc) fail ("read rep uint32"); printf ("new rep nonce: %x\n", nonce); if (nonce != 0x09575283) fail ("nonce mismatch high"); free (reqder); free (repder); shishi_asn1_done (handle, req); shishi_asn1_done (handle, rep); }