/**
* shishi_tgs_rep_build:
* @tgs: structure that holds information about TGS exchange
* @keyusage: keyusage integer.
* @key: user's key, used to encrypt the encrypted part of the TGS-REP.
*
* Build TGS-REP.
*
* Return value: Returns SHISHI_OK iff successful.
**/
int
shishi_tgs_rep_build (Shishi_tgs * tgs, int keyusage, Shishi_key * key)
{
int rc;
/* XXX there are reasons for having padata in TGS-REP */
rc = shishi_kdcrep_clear_padata (tgs->handle, tgs->tgsrep);
if (rc != SHISHI_OK)
return rc;
rc = shishi_enckdcreppart_populate_encticketpart
(tgs->handle, shishi_tkt_enckdcreppart (tgs->tkt),
shishi_tkt_encticketpart (tgs->tkt));
if (rc != SHISHI_OK)
return rc;
rc = shishi_kdc_copy_nonce (tgs->handle, tgs->tgsreq,
shishi_tkt_enckdcreppart (tgs->tkt));
if (rc != SHISHI_OK)
return rc;
rc = shishi_kdcrep_add_enc_part (tgs->handle,
tgs->tgsrep,
key, keyusage,
shishi_tkt_enckdcreppart (tgs->tkt));
if (rc != SHISHI_OK)
return rc;
rc = shishi_kdcrep_set_ticket (tgs->handle, tgs->tgsrep,
shishi_tkt_ticket (tgs->tkt));
if (rc != SHISHI_OK)
return rc;
rc = shishi_kdc_copy_crealm (tgs->handle, tgs->tgsrep,
shishi_tkt_encticketpart (tgs->tkt));
if (rc != SHISHI_OK)
return rc;
rc = shishi_kdc_copy_cname (tgs->handle, tgs->tgsrep,
shishi_tkt_encticketpart (tgs->tkt));
if (rc != SHISHI_OK)
return rc;
return SHISHI_OK;
}
void
test (Shishi * handle)
{
Shishi_asn1 req, rep;
char *reqder, *repder;
size_t reqderlen, repderlen;
int rc;
uint32_t nonce;
if (!base64_decode_alloc (asreq, strlen (asreq), &reqder, &reqderlen))
fail ("base64 req\n");
if (!base64_decode_alloc (asreppart, strlen (asreppart), &repder, &repderlen))
fail ("base64 rep\n");
req = shishi_der2asn1_asreq (handle, reqder, reqderlen);
if (!req)
fail ("der2asn1 req\n");
rep = shishi_der2asn1_encasreppart (handle, repder, repderlen);
if (!rep)
fail ("der2asn1 rep\n");
if (debug)
{
shishi_kdcreq_print (handle, stdout, req);
shishi_enckdcreppart_print (handle, stdout, rep);
}
/* Read and check req */
rc = shishi_asn1_read_uint32 (handle, req, "req-body.nonce", &nonce);
if (rc)
fail ("shishi_asn1_read_uint32\n");
printf ("req nonce: %x\n", nonce);
if (nonce != 0x09575283)
fail ("nonce mismatch low\n");
rc = shishi_kdcreq_nonce (handle, req, &nonce);
if (rc)
fail ("shishi_kdcreq_nonce\n");
printf ("req nonce: %x\n", nonce);
if (nonce != 0x09575283)
fail ("nonce mismatch high");
/* Read and check rep */
rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce);
if (rc)
fail ("read rep uint32");
printf ("old rep nonce: %x\n", nonce);
if (nonce != 0x7fffffff)
fail ("nonce mismatch high");
/* Copy nonce. */
rc = shishi_kdc_copy_nonce (handle, req, rep);
if (rc)
fail ("shishi_kdc_copy_nonce\n");
/* Read and check rep */
rc = shishi_asn1_read_uint32 (handle, rep, "nonce", &nonce);
if (rc)
fail ("read rep uint32");
printf ("new rep nonce: %x\n", nonce);
if (nonce != 0x09575283)
fail ("nonce mismatch high");
free (reqder);
free (repder);
shishi_asn1_done (handle, req);
shishi_asn1_done (handle, rep);
}
