LCOV - code coverage report
Current view: top level - shishi/lib - authenticator.c (source / functions) Hit Total Coverage
Test: GNU Shishi Lines: 128 256 50.0 %
Date: 2010-05-20 Functions: 21 34 61.8 %
Legend: Lines: hit not hit | Branches: + taken - not taken # not executed Branches: 43 126 34.1 %

           Branch data     Line data    Source code
       1                 :            : /* authenticator.c --- Functions for authenticators.
       2                 :            :  * Copyright (C) 2002, 2003, 2004, 2006, 2007, 2008  Simon Josefsson
       3                 :            :  *
       4                 :            :  * This file is part of Shishi.
       5                 :            :  *
       6                 :            :  * Shishi is free software; you can redistribute it and/or modify it
       7                 :            :  * under the terms of the GNU General Public License as published by
       8                 :            :  * the Free Software Foundation; either version 3 of the License, or
       9                 :            :  * (at your option) any later version.
      10                 :            :  *
      11                 :            :  * Shishi is distributed in the hope that it will be useful, but
      12                 :            :  * WITHOUT ANY WARRANTY; without even the implied warranty of
      13                 :            :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14                 :            :  * GNU General Public License for more details.
      15                 :            :  *
      16                 :            :  * You should have received a copy of the GNU General Public License
      17                 :            :  * along with Shishi; if not, see http://www.gnu.org/licenses or write
      18                 :            :  * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
      19                 :            :  * Floor, Boston, MA 02110-1301, USA
      20                 :            :  *
      21                 :            :  */
      22                 :            : 
      23                 :            : #include "internal.h"
      24                 :            : 
      25                 :            : /* Get _shishi_print_armored_data, etc. */
      26                 :            : #include "diskio.h"
      27                 :            : 
      28                 :            : /**
      29                 :            :  * shishi_authenticator:
      30                 :            :  * @handle: shishi handle as allocated by shishi_init().
      31                 :            :  *
      32                 :            :  * This function creates a new Authenticator, populated with some
      33                 :            :  * default values.  It uses the current time as returned by the system
      34                 :            :  * for the ctime and cusec fields.
      35                 :            :  *
      36                 :            :  * Return value: Returns the authenticator or NULL on
      37                 :            :  * failure.
      38                 :            :  **/
      39                 :            : Shishi_asn1
      40                 :          1 : shishi_authenticator (Shishi * handle)
      41                 :            : {
      42                 :            :   int res;
      43                 :          1 :   Shishi_asn1 node = NULL;
      44                 :            :   struct timeval tv;
      45                 :            :   uint32_t seqnr;
      46                 :            : 
      47                 :          1 :   res = gettimeofday (&tv, NULL);
      48         [ -  + ]:          1 :   if (res != 0)
      49                 :          0 :     return NULL;
      50                 :            : 
      51                 :          1 :   node = shishi_asn1_authenticator (handle);
      52         [ -  + ]:          1 :   if (!node)
      53                 :          0 :     return NULL;
      54                 :            : 
      55                 :          1 :   res = shishi_asn1_write (handle, node, "authenticator-vno", "5", 0);
      56         [ -  + ]:          1 :   if (res != SHISHI_OK)
      57                 :          0 :     goto error;
      58                 :            : 
      59                 :          1 :   res = shishi_authenticator_set_crealm (handle, node,
      60                 :            :                                          shishi_realm_default (handle));
      61         [ -  + ]:          1 :   if (res != SHISHI_OK)
      62                 :          0 :     goto error;
      63                 :            : 
      64                 :          1 :   res = shishi_authenticator_client_set (handle, node,
      65                 :            :                                          shishi_principal_default (handle));
      66         [ -  + ]:          1 :   if (res != SHISHI_OK)
      67                 :          0 :     goto error;
      68                 :            : 
      69                 :          1 :   res = shishi_authenticator_cusec_set (handle, node, tv.tv_usec % 1000000);
      70         [ -  + ]:          1 :   if (res != SHISHI_OK)
      71                 :          0 :     goto error;
      72                 :            : 
      73                 :          1 :   res = shishi_asn1_write (handle, node, "ctime",
      74                 :            :                            shishi_generalize_time (handle, time (NULL)), 0);
      75         [ -  + ]:          1 :   if (res != SHISHI_OK)
      76                 :          0 :     goto error;
      77                 :            : 
      78                 :            :   /*
      79                 :            :    * For sequence numbers to adequately support the detection of
      80                 :            :    * replays they SHOULD be non-repeating, even across connection
      81                 :            :    * boundaries. The initial sequence number SHOULD be random and
      82                 :            :    * uniformly distributed across the full space of possible sequence
      83                 :            :    * numbers, so that it cannot be guessed by an attacker and so that
      84                 :            :    * it and the successive sequence numbers do not repeat other
      85                 :            :    * sequences.
      86                 :            :    */
      87                 :          1 :   shishi_randomize (handle, 0, &seqnr, sizeof (seqnr));
      88                 :            : 
      89                 :            :   /* XXX remove once libtasn1 _asn1_convert_integer is fixed. */
      90                 :          1 :   seqnr &= 0x7FFFFFFF;
      91                 :            : 
      92                 :            :   /*
      93                 :            :    * Implementation note: as noted before, some implementations omit
      94                 :            :    * the optional sequence number when its value would be zero.
      95                 :            :    * Implementations MAY accept an omitted sequence number when
      96                 :            :    * expecting a value of zero, and SHOULD NOT transmit an
      97                 :            :    * Authenticator with a initial sequence number of zero.
      98                 :            :    */
      99         [ -  + ]:          1 :   if (seqnr == 0)
     100                 :          0 :     seqnr++;
     101                 :            : 
     102                 :          1 :   res = shishi_authenticator_seqnumber_set (handle, node, seqnr);
     103         [ -  + ]:          1 :   if (res != SHISHI_OK)
     104                 :          0 :     goto error;
     105                 :            : 
     106                 :          1 :   return node;
     107                 :            : 
     108                 :            : error:
     109                 :          0 :   shishi_asn1_done (handle, node);
     110                 :          1 :   return NULL;
     111                 :            : }
     112                 :            : 
     113                 :            : /**
     114                 :            :  * shishi_authenticator_subkey:
     115                 :            :  * @handle: shishi handle as allocated by shishi_init().
     116                 :            :  *
     117                 :            :  * This function creates a new Authenticator, populated with some
     118                 :            :  * default values.  It uses the current time as returned by the system
     119                 :            :  * for the ctime and cusec fields. It adds a random subkey.
     120                 :            :  *
     121                 :            :  * Return value: Returns the authenticator or NULL on
     122                 :            :  * failure.
     123                 :            :  **/
     124                 :            : Shishi_asn1
     125                 :          0 : shishi_authenticator_subkey (Shishi * handle)
     126                 :            : {
     127                 :            :   Shishi_asn1 node;
     128                 :            :   int res;
     129                 :            : 
     130                 :          0 :   node = shishi_authenticator (handle);
     131         [ #  # ]:          0 :   if (node == NULL)
     132                 :          0 :     return NULL;
     133                 :            : 
     134                 :          0 :   res = shishi_authenticator_add_random_subkey (handle, node);
     135         [ #  # ]:          0 :   if (res != SHISHI_OK)
     136                 :          0 :     return NULL;
     137                 :            : 
     138                 :          0 :   return node;
     139                 :            : }
     140                 :            : 
     141                 :            : /**
     142                 :            :  * shishi_authenticator_print:
     143                 :            :  * @handle: shishi handle as allocated by shishi_init().
     144                 :            :  * @fh: file handle open for writing.
     145                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     146                 :            :  *
     147                 :            :  * Print ASCII armored DER encoding of authenticator to file.
     148                 :            :  *
     149                 :            :  * Return value: Returns SHISHI_OK iff successful.
     150                 :            :  **/
     151                 :            : int
     152                 :          1 : shishi_authenticator_print (Shishi * handle,
     153                 :            :                             FILE * fh, Shishi_asn1 authenticator)
     154                 :            : {
     155                 :          1 :   return _shishi_print_armored_data (handle, fh, authenticator,
     156                 :            :                                      "Authenticator", NULL);
     157                 :            : }
     158                 :            : 
     159                 :            : /**
     160                 :            :  * shishi_authenticator_save:
     161                 :            :  * @handle: shishi handle as allocated by shishi_init().
     162                 :            :  * @fh: file handle open for writing.
     163                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     164                 :            :  *
     165                 :            :  * Save DER encoding of authenticator to file.
     166                 :            :  *
     167                 :            :  * Return value: Returns SHISHI_OK iff successful.
     168                 :            :  **/
     169                 :            : int
     170                 :          0 : shishi_authenticator_save (Shishi * handle,
     171                 :            :                            FILE * fh, Shishi_asn1 authenticator)
     172                 :            : {
     173                 :          0 :   return _shishi_save_data (handle, fh, authenticator, "Authenticator");
     174                 :            : }
     175                 :            : 
     176                 :            : /**
     177                 :            :  * shishi_authenticator_to_file:
     178                 :            :  * @handle: shishi handle as allocated by shishi_init().
     179                 :            :  * @authenticator: Authenticator to save.
     180                 :            :  * @filetype: input variable specifying type of file to be written,
     181                 :            :  *            see Shishi_filetype.
     182                 :            :  * @filename: input variable with filename to write to.
     183                 :            :  *
     184                 :            :  * Write Authenticator to file in specified TYPE.  The file will be
     185                 :            :  * truncated if it exists.
     186                 :            :  *
     187                 :            :  * Return value: Returns SHISHI_OK iff successful.
     188                 :            :  **/
     189                 :            : int
     190                 :          1 : shishi_authenticator_to_file (Shishi * handle, Shishi_asn1 authenticator,
     191                 :            :                               int filetype, const char *filename)
     192                 :            : {
     193                 :            :   FILE *fh;
     194                 :            :   int res;
     195                 :            : 
     196         [ -  + ]:          1 :   if (VERBOSE (handle))
     197                 :          0 :     printf (_("Writing Authenticator to %s...\n"), filename);
     198                 :            : 
     199                 :          1 :   fh = fopen (filename, "w");
     200         [ -  + ]:          1 :   if (fh == NULL)
     201                 :          0 :     return SHISHI_FOPEN_ERROR;
     202                 :            : 
     203         [ -  + ]:          1 :   if (VERBOSE (handle))
     204         [ #  # ]:          0 :     printf (_("Writing Authenticator in %s format...\n"),
     205                 :            :             filetype == SHISHI_FILETYPE_TEXT ? "TEXT" : "DER");
     206                 :            : 
     207         [ +  - ]:          1 :   if (filetype == SHISHI_FILETYPE_TEXT)
     208                 :          1 :     res = shishi_authenticator_print (handle, fh, authenticator);
     209                 :            :   else
     210                 :          0 :     res = shishi_authenticator_save (handle, fh, authenticator);
     211         [ -  + ]:          1 :   if (res != SHISHI_OK)
     212                 :          0 :     return res;
     213                 :            : 
     214                 :          1 :   res = fclose (fh);
     215         [ -  + ]:          1 :   if (res != 0)
     216                 :          0 :     return SHISHI_IO_ERROR;
     217                 :            : 
     218         [ -  + ]:          1 :   if (VERBOSE (handle))
     219                 :          0 :     printf (_("Writing Authenticator to %s...done\n"), filename);
     220                 :            : 
     221                 :          1 :   return SHISHI_OK;
     222                 :            : }
     223                 :            : 
     224                 :            : /**
     225                 :            :  * shishi_authenticator_parse:
     226                 :            :  * @handle: shishi handle as allocated by shishi_init().
     227                 :            :  * @fh: file handle open for reading.
     228                 :            :  * @authenticator: output variable with newly allocated authenticator.
     229                 :            :  *
     230                 :            :  * Read ASCII armored DER encoded authenticator from file and populate
     231                 :            :  * given authenticator variable.
     232                 :            :  *
     233                 :            :  * Return value: Returns SHISHI_OK iff successful.
     234                 :            :  **/
     235                 :            : int
     236                 :          1 : shishi_authenticator_parse (Shishi * handle,
     237                 :            :                             FILE * fh, Shishi_asn1 * authenticator)
     238                 :            : {
     239                 :          1 :   return _shishi_authenticator_input (handle, fh, authenticator, 0);
     240                 :            : }
     241                 :            : 
     242                 :            : /**
     243                 :            :  * shishi_authenticator_read:
     244                 :            :  * @handle: shishi handle as allocated by shishi_init().
     245                 :            :  * @fh: file handle open for reading.
     246                 :            :  * @authenticator: output variable with newly allocated authenticator.
     247                 :            :  *
     248                 :            :  * Read DER encoded authenticator from file and populate given
     249                 :            :  * authenticator variable.
     250                 :            :  *
     251                 :            :  * Return value: Returns SHISHI_OK iff successful.
     252                 :            :  **/
     253                 :            : int
     254                 :          0 : shishi_authenticator_read (Shishi * handle,
     255                 :            :                            FILE * fh, Shishi_asn1 * authenticator)
     256                 :            : {
     257                 :          0 :   return _shishi_authenticator_input (handle, fh, authenticator, 1);
     258                 :            : }
     259                 :            : 
     260                 :            : /**
     261                 :            :  * shishi_authenticator_from_file:
     262                 :            :  * @handle: shishi handle as allocated by shishi_init().
     263                 :            :  * @authenticator: output variable with newly allocated Authenticator.
     264                 :            :  * @filetype: input variable specifying type of file to be read,
     265                 :            :  *            see Shishi_filetype.
     266                 :            :  * @filename: input variable with filename to read from.
     267                 :            :  *
     268                 :            :  * Read Authenticator from file in specified TYPE.
     269                 :            :  *
     270                 :            :  * Return value: Returns SHISHI_OK iff successful.
     271                 :            :  **/
     272                 :            : int
     273                 :          1 : shishi_authenticator_from_file (Shishi * handle, Shishi_asn1 * authenticator,
     274                 :            :                                 int filetype, const char *filename)
     275                 :            : {
     276                 :            :   int res;
     277                 :            :   FILE *fh;
     278                 :            : 
     279         [ -  + ]:          1 :   if (VERBOSE (handle))
     280                 :          0 :     printf (_("Reading Authenticator from %s...\n"), filename);
     281                 :            : 
     282                 :          1 :   fh = fopen (filename, "r");
     283         [ -  + ]:          1 :   if (fh == NULL)
     284                 :          0 :     return SHISHI_FOPEN_ERROR;
     285                 :            : 
     286         [ -  + ]:          1 :   if (VERBOSE (handle))
     287         [ #  # ]:          0 :     printf (_("Reading Authenticator in %s format...\n"),
     288                 :            :             filetype == SHISHI_FILETYPE_TEXT ? "TEXT" : "DER");
     289                 :            : 
     290         [ +  - ]:          1 :   if (filetype == SHISHI_FILETYPE_TEXT)
     291                 :          1 :     res = shishi_authenticator_parse (handle, fh, authenticator);
     292                 :            :   else
     293                 :          0 :     res = shishi_authenticator_read (handle, fh, authenticator);
     294         [ -  + ]:          1 :   if (res != SHISHI_OK)
     295                 :          0 :     return res;
     296                 :            : 
     297                 :          1 :   res = fclose (fh);
     298         [ -  + ]:          1 :   if (res != 0)
     299                 :          0 :     return SHISHI_IO_ERROR;
     300                 :            : 
     301         [ -  + ]:          1 :   if (VERBOSE (handle))
     302                 :          0 :     printf (_("Reading Authenticator from %s...done\n"), filename);
     303                 :            : 
     304                 :          1 :   return SHISHI_OK;
     305                 :            : }
     306                 :            : 
     307                 :            : /**
     308                 :            :  * shishi_authenticator_set_crealm:
     309                 :            :  * @handle: shishi handle as allocated by shishi_init().
     310                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     311                 :            :  * @crealm: input array with realm.
     312                 :            :  *
     313                 :            :  * Set realm field in authenticator to specified value.
     314                 :            :  *
     315                 :            :  * Return value: Returns SHISHI_OK iff successful.
     316                 :            :  **/
     317                 :            : int
     318                 :          3 : shishi_authenticator_set_crealm (Shishi * handle,
     319                 :            :                                  Shishi_asn1 authenticator,
     320                 :            :                                  const char *crealm)
     321                 :            : {
     322                 :            :   int res;
     323                 :            : 
     324                 :          3 :   res = shishi_asn1_write (handle, authenticator, "crealm", crealm, 0);
     325         [ -  + ]:          3 :   if (res != SHISHI_OK)
     326                 :          0 :     return res;
     327                 :            : 
     328                 :          3 :   return SHISHI_OK;
     329                 :            : }
     330                 :            : 
     331                 :            : /**
     332                 :            :  * shishi_authenticator_set_cname:
     333                 :            :  * @handle: shishi handle as allocated by shishi_init().
     334                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     335                 :            :  * @name_type: type of principial, see Shishi_name_type, usually
     336                 :            :  *             SHISHI_NT_UNKNOWN.
     337                 :            :  * @cname: input array with principal name.
     338                 :            :  *
     339                 :            :  * Set principal field in authenticator to specified value.
     340                 :            :  *
     341                 :            :  * Return value: Returns SHISHI_OK iff successful.
     342                 :            :  **/
     343                 :            : int
     344                 :          0 : shishi_authenticator_set_cname (Shishi * handle,
     345                 :            :                                 Shishi_asn1 authenticator,
     346                 :            :                                 Shishi_name_type name_type,
     347                 :            :                                 const char *cname[])
     348                 :            : {
     349                 :            :   int res;
     350                 :            : 
     351                 :          0 :   res = shishi_principal_name_set (handle, authenticator, "cname",
     352                 :            :                                    name_type, cname);
     353         [ #  # ]:          0 :   if (res != SHISHI_OK)
     354                 :          0 :     return res;
     355                 :            : 
     356                 :          0 :   return SHISHI_OK;
     357                 :            : }
     358                 :            : 
     359                 :            : /**
     360                 :            :  * shishi_authenticator_client_set:
     361                 :            :  * @handle: shishi handle as allocated by shishi_init().
     362                 :            :  * @authenticator: Authenticator to set client name field in.
     363                 :            :  * @client: zero-terminated string with principal name on RFC 1964 form.
     364                 :            :  *
     365                 :            :  * Set the client name field in the Authenticator.
     366                 :            :  *
     367                 :            :  * Return value: Returns SHISHI_OK iff successful.
     368                 :            :  **/
     369                 :            : int
     370                 :          3 : shishi_authenticator_client_set (Shishi * handle,
     371                 :            :                                  Shishi_asn1 authenticator,
     372                 :            :                                  const char *client)
     373                 :            : {
     374                 :            :   int res;
     375                 :            : 
     376                 :          3 :   res = shishi_principal_set (handle, authenticator, "cname", client);
     377         [ -  + ]:          3 :   if (res != SHISHI_OK)
     378                 :          0 :     return res;
     379                 :            : 
     380                 :          3 :   return SHISHI_OK;
     381                 :            : }
     382                 :            : 
     383                 :            : /**
     384                 :            :  * shishi_authenticator_ctime:
     385                 :            :  * @handle: shishi handle as allocated by shishi_init().
     386                 :            :  * @authenticator: Authenticator as allocated by shishi_authenticator().
     387                 :            :  * @t: newly allocated zero-terminated character array with client time.
     388                 :            :  *
     389                 :            :  * Extract client time from Authenticator.
     390                 :            :  *
     391                 :            :  * Return value: Returns SHISHI_OK iff successful.
     392                 :            :  **/
     393                 :            : int
     394                 :          1 : shishi_authenticator_ctime (Shishi * handle,
     395                 :            :                             Shishi_asn1 authenticator, char **t)
     396                 :            : {
     397                 :          1 :   return shishi_time (handle, authenticator, "ctime", t);
     398                 :            : }
     399                 :            : 
     400                 :            : /**
     401                 :            :  * shishi_authenticator_ctime_set:
     402                 :            :  * @handle: shishi handle as allocated by shishi_init().
     403                 :            :  * @authenticator: Authenticator as allocated by shishi_authenticator().
     404                 :            :  * @t: string with generalized time value to store in Authenticator.
     405                 :            :  *
     406                 :            :  * Store client time in Authenticator.
     407                 :            :  *
     408                 :            :  * Return value: Returns SHISHI_OK iff successful.
     409                 :            :  **/
     410                 :            : int
     411                 :          1 : shishi_authenticator_ctime_set (Shishi * handle,
     412                 :            :                                 Shishi_asn1 authenticator, const char *t)
     413                 :            : {
     414                 :            :   int res;
     415                 :            : 
     416                 :          1 :   res = shishi_asn1_write (handle, authenticator, "ctime",
     417                 :            :                            t, SHISHI_GENERALIZEDTIME_LENGTH);
     418         [ -  + ]:          1 :   if (res != SHISHI_OK)
     419                 :          0 :     return res;
     420                 :            : 
     421                 :          1 :   return SHISHI_OK;
     422                 :            : }
     423                 :            : 
     424                 :            : /**
     425                 :            :  * shishi_authenticator_cusec_get:
     426                 :            :  * @handle: shishi handle as allocated by shishi_init().
     427                 :            :  * @authenticator: Authenticator as allocated by shishi_authenticator().
     428                 :            :  * @cusec: output integer with client microseconds field.
     429                 :            :  *
     430                 :            :  * Extract client microseconds field from Authenticator.
     431                 :            :  *
     432                 :            :  * Return value: Returns SHISHI_OK iff successful.
     433                 :            :  **/
     434                 :            : int
     435                 :          1 : shishi_authenticator_cusec_get (Shishi * handle,
     436                 :            :                                 Shishi_asn1 authenticator, uint32_t * cusec)
     437                 :            : {
     438                 :            :   int res;
     439                 :            : 
     440                 :          1 :   res = shishi_asn1_read_uint32 (handle, authenticator, "cusec", cusec);
     441         [ -  + ]:          1 :   if (res != SHISHI_OK)
     442                 :          0 :     return res;
     443                 :            : 
     444                 :          1 :   return SHISHI_OK;
     445                 :            : }
     446                 :            : 
     447                 :            : /**
     448                 :            :  * shishi_authenticator_cusec_set:
     449                 :            :  * @handle: shishi handle as allocated by shishi_init().
     450                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     451                 :            :  * @cusec: client microseconds to set in authenticator, 0-999999.
     452                 :            :  *
     453                 :            :  * Set the cusec field in the Authenticator.
     454                 :            :  *
     455                 :            :  * Return value: Returns SHISHI_OK iff successful.
     456                 :            :  **/
     457                 :            : int
     458                 :          2 : shishi_authenticator_cusec_set (Shishi * handle,
     459                 :            :                                 Shishi_asn1 authenticator, uint32_t cusec)
     460                 :            : {
     461                 :            :   int res;
     462                 :            : 
     463                 :          2 :   res = shishi_asn1_write_uint32 (handle, authenticator, "cusec", cusec);
     464         [ -  + ]:          2 :   if (res != SHISHI_OK)
     465                 :          0 :     return res;
     466                 :            : 
     467                 :          2 :   return SHISHI_OK;
     468                 :            : }
     469                 :            : 
     470                 :            : /**
     471                 :            :  * shishi_authenticator_seqnumber_get:
     472                 :            :  * @handle: shishi handle as allocated by shishi_init().
     473                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     474                 :            :  * @seqnumber: output integer with sequence number field.
     475                 :            :  *
     476                 :            :  * Extract sequence number field from Authenticator.
     477                 :            :  *
     478                 :            :  * Return value: Returns %SHISHI_OK iff successful.
     479                 :            :  **/
     480                 :            : int
     481                 :          2 : shishi_authenticator_seqnumber_get (Shishi * handle,
     482                 :            :                                     Shishi_asn1 authenticator,
     483                 :            :                                     uint32_t * seqnumber)
     484                 :            : {
     485                 :            :   int res;
     486                 :            : 
     487                 :          2 :   res = shishi_asn1_read_uint32 (handle, authenticator,
     488                 :            :                                  "seq-number", seqnumber);
     489         [ -  + ]:          2 :   if (res != SHISHI_OK)
     490                 :          0 :     return res;
     491                 :            : 
     492                 :          2 :   return res;
     493                 :            : }
     494                 :            : 
     495                 :            : /**
     496                 :            :  * shishi_authenticator_seqnumber_remove:
     497                 :            :  * @handle: shishi handle as allocated by shishi_init().
     498                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     499                 :            :  *
     500                 :            :  * Remove sequence number field in Authenticator.
     501                 :            :  *
     502                 :            :  * Return value: Returns %SHISHI_OK iff successful.
     503                 :            :  **/
     504                 :            : int
     505                 :          1 : shishi_authenticator_seqnumber_remove (Shishi * handle,
     506                 :            :                                        Shishi_asn1 authenticator)
     507                 :            : {
     508                 :            :   int res;
     509                 :            : 
     510                 :          1 :   res = shishi_asn1_write (handle, authenticator, "seq-number", NULL, 0);
     511         [ -  + ]:          1 :   if (res != SHISHI_OK)
     512                 :          0 :     return res;
     513                 :            : 
     514                 :          1 :   return SHISHI_OK;
     515                 :            : }
     516                 :            : 
     517                 :            : /**
     518                 :            :  * shishi_authenticator_seqnumber_set:
     519                 :            :  * @handle: shishi handle as allocated by shishi_init().
     520                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     521                 :            :  * @seqnumber: integer with sequence number field to store in Authenticator.
     522                 :            :  *
     523                 :            :  * Store sequence number field in Authenticator.
     524                 :            :  *
     525                 :            :  * Return value: Returns %SHISHI_OK iff successful.
     526                 :            :  **/
     527                 :            : int
     528                 :          2 : shishi_authenticator_seqnumber_set (Shishi * handle,
     529                 :            :                                     Shishi_asn1 authenticator,
     530                 :            :                                     uint32_t seqnumber)
     531                 :            : {
     532                 :            :   int res;
     533                 :            : 
     534                 :          2 :   res = shishi_asn1_write_uint32 (handle, authenticator,
     535                 :            :                                   "seq-number", seqnumber);
     536         [ -  + ]:          2 :   if (res != SHISHI_OK)
     537                 :          0 :     return res;
     538                 :            : 
     539                 :          2 :   return SHISHI_OK;
     540                 :            : }
     541                 :            : 
     542                 :            : /**
     543                 :            :  * shishi_authenticator_client:
     544                 :            :  * @handle: Shishi library handle create by shishi_init().
     545                 :            :  * @authenticator: Authenticator variable to get client name from.
     546                 :            :  * @client: pointer to newly allocated zero terminated string containing
     547                 :            :  *   principal name.  May be %NULL (to only populate @clientlen).
     548                 :            :  * @clientlen: pointer to length of @client on output, excluding terminating
     549                 :            :  *   zero.  May be %NULL (to only populate @client).
     550                 :            :  *
     551                 :            :  * Represent client principal name in Authenticator as zero-terminated
     552                 :            :  * string.  The string is allocate by this function, and it is the
     553                 :            :  * responsibility of the caller to deallocate it.  Note that the
     554                 :            :  * output length @clientlen does not include the terminating zero.
     555                 :            :  *
     556                 :            :  * Return value: Returns SHISHI_OK iff successful.
     557                 :            :  **/
     558                 :            : int
     559                 :          2 : shishi_authenticator_client (Shishi * handle,
     560                 :            :                              Shishi_asn1 authenticator,
     561                 :            :                              char **client, size_t * clientlen)
     562                 :            : {
     563                 :          2 :   return shishi_principal_name (handle, authenticator,
     564                 :            :                                 "cname", client, clientlen);
     565                 :            : }
     566                 :            : 
     567                 :            : /**
     568                 :            :  * shishi_authenticator_clientrealm:
     569                 :            :  * @handle: Shishi library handle create by shishi_init().
     570                 :            :  * @authenticator: Authenticator variable to get client name and realm from.
     571                 :            :  * @client: pointer to newly allocated zero terminated string containing
     572                 :            :  *   principal name and realm.  May be %NULL (to only populate @clientlen).
     573                 :            :  * @clientlen: pointer to length of @client on output, excluding terminating
     574                 :            :  *   zero.  May be %NULL (to only populate @client).
     575                 :            :  *
     576                 :            :  * Convert cname and realm fields from Authenticator to printable
     577                 :            :  * principal name format.  The string is allocate by this function,
     578                 :            :  * and it is the responsibility of the caller to deallocate it.  Note
     579                 :            :  * that the output length @clientlen does not include the terminating
     580                 :            :  * zero.
     581                 :            :  *
     582                 :            :  * Return value: Returns SHISHI_OK iff successful.
     583                 :            :  **/
     584                 :            : int
     585                 :          1 : shishi_authenticator_clientrealm (Shishi * handle,
     586                 :            :                                   Shishi_asn1 authenticator,
     587                 :            :                                   char **client, size_t * clientlen)
     588                 :            : {
     589                 :          1 :   return shishi_principal_name_realm (handle,
     590                 :            :                                       authenticator, "cname",
     591                 :            :                                       authenticator, "crealm",
     592                 :            :                                       client, clientlen);
     593                 :            : }
     594                 :            : 
     595                 :            : int
     596                 :          1 : shishi_authenticator_remove_cksum (Shishi * handle, Shishi_asn1 authenticator)
     597                 :            : {
     598                 :            :   int res;
     599                 :            : 
     600                 :            :   /* XXX remove this function */
     601                 :            : 
     602                 :          1 :   res = shishi_asn1_write (handle, authenticator, "cksum", NULL, 0);
     603         [ -  + ]:          1 :   if (res != SHISHI_OK)
     604                 :          0 :     return res;
     605                 :            : 
     606                 :          1 :   return SHISHI_OK;
     607                 :            : }
     608                 :            : 
     609                 :            : /**
     610                 :            :  * shishi_authenticator_cksum:
     611                 :            :  * @handle: shishi handle as allocated by shishi_init().
     612                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     613                 :            :  * @cksumtype: output checksum type.
     614                 :            :  * @cksum: newly allocated output checksum data from authenticator.
     615                 :            :  * @cksumlen: on output, actual size of allocated output checksum data buffer.
     616                 :            :  *
     617                 :            :  * Read checksum value from authenticator.  @cksum is allocated by
     618                 :            :  * this function, and it is the responsibility of caller to deallocate
     619                 :            :  * it.
     620                 :            :  *
     621                 :            :  * Return value: Returns SHISHI_OK iff successful.
     622                 :            :  **/
     623                 :            : int
     624                 :          0 : shishi_authenticator_cksum (Shishi * handle,
     625                 :            :                             Shishi_asn1 authenticator,
     626                 :            :                             int32_t * cksumtype,
     627                 :            :                             char **cksum, size_t * cksumlen)
     628                 :            : {
     629                 :            :   int res;
     630                 :            : 
     631                 :          0 :   res = shishi_asn1_read_int32 (handle, authenticator,
     632                 :            :                                 "cksum.cksumtype", cksumtype);
     633         [ #  # ]:          0 :   if (res != SHISHI_OK)
     634                 :          0 :     return res;
     635                 :            : 
     636                 :          0 :   res = shishi_asn1_read (handle, authenticator, "cksum.checksum",
     637                 :            :                           cksum, cksumlen);
     638         [ #  # ]:          0 :   if (res != SHISHI_OK)
     639                 :          0 :     return res;
     640                 :            : 
     641                 :          0 :   return SHISHI_OK;
     642                 :            : }
     643                 :            : 
     644                 :            : /**
     645                 :            :  * shishi_authenticator_set_cksum:
     646                 :            :  * @handle: shishi handle as allocated by shishi_init().
     647                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     648                 :            :  * @cksumtype: input checksum type to store in authenticator.
     649                 :            :  * @cksum: input checksum data to store in authenticator.
     650                 :            :  * @cksumlen: size of input checksum data to store in authenticator.
     651                 :            :  *
     652                 :            :  * Store checksum value in authenticator.  A checksum is usually created
     653                 :            :  * by calling shishi_checksum() on some application specific data using
     654                 :            :  * the key from the ticket that is being used.  To save time, you may
     655                 :            :  * want to use shishi_authenticator_add_cksum() instead, which calculates
     656                 :            :  * the checksum and calls this function in one step.
     657                 :            :  *
     658                 :            :  * Return value: Returns SHISHI_OK iff successful.
     659                 :            :  **/
     660                 :            : int
     661                 :          0 : shishi_authenticator_set_cksum (Shishi * handle,
     662                 :            :                                 Shishi_asn1 authenticator,
     663                 :            :                                 int32_t cksumtype,
     664                 :            :                                 char *cksum, size_t cksumlen)
     665                 :            : {
     666                 :            :   int res;
     667                 :            : 
     668                 :          0 :   res = shishi_asn1_write_int32 (handle, authenticator,
     669                 :            :                                  "cksum.cksumtype", cksumtype);
     670         [ #  # ]:          0 :   if (res != SHISHI_OK)
     671                 :          0 :     return res;
     672                 :            : 
     673                 :          0 :   res = shishi_asn1_write (handle, authenticator, "cksum.checksum",
     674                 :            :                            cksum, cksumlen);
     675         [ #  # ]:          0 :   if (res != SHISHI_OK)
     676                 :          0 :     return res;
     677                 :            : 
     678                 :          0 :   return SHISHI_OK;
     679                 :            : }
     680                 :            : 
     681                 :            : /**
     682                 :            :  * shishi_authenticator_add_cksum:
     683                 :            :  * @handle: shishi handle as allocated by shishi_init().
     684                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     685                 :            :  * @key: key to to use for encryption.
     686                 :            :  * @keyusage: cryptographic key usage value to use in encryption.
     687                 :            :  * @data: input array with data to calculate checksum on.
     688                 :            :  * @datalen: size of input array with data to calculate checksum on.
     689                 :            :  *
     690                 :            :  * Calculate checksum for data and store it in the authenticator.
     691                 :            :  *
     692                 :            :  * Return value: Returns SHISHI_OK iff successful.
     693                 :            :  **/
     694                 :            : int
     695                 :          0 : shishi_authenticator_add_cksum (Shishi * handle,
     696                 :            :                                 Shishi_asn1 authenticator,
     697                 :            :                                 Shishi_key * key,
     698                 :            :                                 int keyusage, char *data, size_t datalen)
     699                 :            : {
     700                 :          0 :   return shishi_authenticator_add_cksum_type (handle, authenticator, key,
     701                 :            :                                               keyusage,
     702                 :            :                                               shishi_cipher_defaultcksumtype
     703                 :            :                                               (shishi_key_type (key)),
     704                 :            :                                               data, datalen);
     705                 :            : }
     706                 :            : 
     707                 :            : /**
     708                 :            :  * shishi_authenticator_add_cksum_type:
     709                 :            :  * @handle: shishi handle as allocated by shishi_init().
     710                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     711                 :            :  * @key: key to to use for encryption.
     712                 :            :  * @keyusage: cryptographic key usage value to use in encryption.
     713                 :            :  * @cksumtype: checksum to type to calculate checksum.
     714                 :            :  * @data: input array with data to calculate checksum on.
     715                 :            :  * @datalen: size of input array with data to calculate checksum on.
     716                 :            :  *
     717                 :            :  * Calculate checksum for data and store it in the authenticator.
     718                 :            :  *
     719                 :            :  * Return value: Returns SHISHI_OK iff successful.
     720                 :            :  **/
     721                 :            : int
     722                 :          0 : shishi_authenticator_add_cksum_type (Shishi * handle,
     723                 :            :                                      Shishi_asn1 authenticator,
     724                 :            :                                      Shishi_key * key,
     725                 :            :                                      int keyusage, int cksumtype,
     726                 :            :                                      char *data, size_t datalen)
     727                 :            : {
     728                 :            :   int res;
     729                 :            : 
     730 [ #  # ][ #  # ]:          0 :   if (data && datalen > 0)
     731                 :            :     {
     732                 :            :       char *cksum;
     733                 :            :       size_t cksumlen;
     734                 :            : 
     735                 :          0 :       res = shishi_checksum (handle, key, keyusage, cksumtype,
     736                 :            :                              data, datalen, &cksum, &cksumlen);
     737         [ #  # ]:          0 :       if (res != SHISHI_OK)
     738                 :          0 :         return res;
     739                 :            : 
     740                 :          0 :       res = shishi_authenticator_set_cksum (handle, authenticator,
     741                 :            :                                             cksumtype, cksum, cksumlen);
     742                 :          0 :       free (cksum);
     743                 :            :     }
     744                 :            :   else
     745                 :          0 :     res = shishi_authenticator_remove_cksum (handle, authenticator);
     746                 :            : 
     747                 :          0 :   return res;
     748                 :            : }
     749                 :            : 
     750                 :            : /**
     751                 :            :  * shishi_authenticator_clear_authorizationdata:
     752                 :            :  * @handle: shishi handle as allocated by shishi_init().
     753                 :            :  * @authenticator: Authenticator as allocated by shishi_authenticator().
     754                 :            :  *
     755                 :            :  * Remove the authorization-data field from Authenticator.
     756                 :            :  *
     757                 :            :  * Return value: Returns SHISHI_OK iff successful.
     758                 :            :  **/
     759                 :            : int
     760                 :          1 : shishi_authenticator_clear_authorizationdata (Shishi * handle,
     761                 :            :                                               Shishi_asn1 authenticator)
     762                 :            : {
     763                 :            :   int res;
     764                 :            : 
     765                 :          1 :   res = shishi_asn1_write (handle, authenticator,
     766                 :            :                            "authorization-data", NULL, 0);
     767         [ -  + ]:          1 :   if (res != SHISHI_OK)
     768                 :          0 :     return SHISHI_ASN1_ERROR;
     769                 :            : 
     770                 :          1 :   return SHISHI_OK;
     771                 :            : }
     772                 :            : 
     773                 :            : /**
     774                 :            :  * shishi_authenticator_add_authorizationdata:
     775                 :            :  * @handle: shishi handle as allocated by shishi_init().
     776                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     777                 :            :  * @adtype: input authorization data type to add.
     778                 :            :  * @addata: input authorization data to add.
     779                 :            :  * @addatalen: size of input authorization data to add.
     780                 :            :  *
     781                 :            :  * Add authorization data to authenticator.
     782                 :            :  *
     783                 :            :  * Return value: Returns SHISHI_OK iff successful.
     784                 :            :  **/
     785                 :            : int
     786                 :          1 : shishi_authenticator_add_authorizationdata (Shishi * handle,
     787                 :            :                                             Shishi_asn1 authenticator,
     788                 :            :                                             int32_t adtype,
     789                 :            :                                             const char *addata,
     790                 :            :                                             size_t addatalen)
     791                 :            : {
     792                 :            :   char *format;
     793                 :            :   int res;
     794                 :            :   size_t i;
     795                 :            : 
     796                 :          1 :   res = shishi_asn1_write (handle, authenticator,
     797                 :            :                            "authorization-data", "NEW", 1);
     798         [ -  + ]:          1 :   if (res != SHISHI_OK)
     799                 :          0 :     return res;
     800                 :            : 
     801                 :          1 :   res = shishi_asn1_number_of_elements (handle, authenticator,
     802                 :            :                                         "authorization-data", &i);
     803         [ -  + ]:          1 :   if (res != SHISHI_OK)
     804                 :          0 :     return res;
     805                 :            : 
     806                 :          1 :   asprintf (&format, "authorization-data.?%d.ad-type", i);
     807                 :          1 :   res = shishi_asn1_write_integer (handle, authenticator, format, adtype);
     808         [ -  + ]:          1 :   if (res != SHISHI_OK)
     809                 :            :     {
     810                 :          0 :       free (format);
     811                 :          0 :       return res;
     812                 :            :     }
     813                 :            : 
     814                 :          1 :   sprintf (format, "authorization-data.?%d.ad-data", i);
     815                 :          1 :   res = shishi_asn1_write (handle, authenticator, format, addata, addatalen);
     816                 :          1 :   free (format);
     817         [ -  + ]:          1 :   if (res != SHISHI_OK)
     818                 :          0 :     return res;
     819                 :            : 
     820                 :          1 :   return SHISHI_OK;
     821                 :            : }
     822                 :            : 
     823                 :            : /**
     824                 :            :  * shishi_authenticator_authorizationdata:
     825                 :            :  * @handle: shishi handle as allocated by shishi_init().
     826                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     827                 :            :  * @adtype: output authorization data type.
     828                 :            :  * @addata: newly allocated output authorization data.
     829                 :            :  * @addatalen: on output, actual size of newly allocated authorization data.
     830                 :            :  * @nth: element number of authorization-data to extract.
     831                 :            :  *
     832                 :            :  * Extract n:th authorization data from authenticator.  The first
     833                 :            :  * field is 1.
     834                 :            :  *
     835                 :            :  * Return value: Returns SHISHI_OK iff successful.
     836                 :            :  **/
     837                 :            : int
     838                 :          2 : shishi_authenticator_authorizationdata (Shishi * handle,
     839                 :            :                                         Shishi_asn1 authenticator,
     840                 :            :                                         int32_t * adtype,
     841                 :            :                                         char **addata, size_t * addatalen,
     842                 :            :                                         size_t nth)
     843                 :            : {
     844                 :            :   char *format;
     845                 :            :   int res;
     846                 :            :   size_t i;
     847                 :            : 
     848                 :          2 :   res = shishi_asn1_number_of_elements (handle, authenticator,
     849                 :            :                                         "authorization-data", &i);
     850         [ -  + ]:          2 :   if (res != SHISHI_OK)
     851                 :          0 :     return SHISHI_ASN1_ERROR;
     852                 :            : 
     853         [ +  + ]:          2 :   if (nth > i)
     854                 :          1 :     return SHISHI_OUT_OF_RANGE;
     855                 :            : 
     856                 :          1 :   asprintf (&format, "authorization-data.?%d.ad-type", nth);
     857                 :          1 :   res = shishi_asn1_read_int32 (handle, authenticator, format, adtype);
     858                 :          1 :   free (format);
     859         [ -  + ]:          1 :   if (res != SHISHI_OK)
     860                 :          0 :     return res;
     861                 :            : 
     862                 :          1 :   asprintf (&format, "authorization-data.?%d.ad-data", i);
     863                 :          1 :   res = shishi_asn1_read (handle, authenticator, format, addata, addatalen);
     864                 :          1 :   free (format);
     865         [ -  + ]:          1 :   if (res != SHISHI_OK)
     866                 :          0 :     return res;
     867                 :            : 
     868                 :          2 :   return SHISHI_OK;
     869                 :            : }
     870                 :            : 
     871                 :            : /**
     872                 :            :  * shishi_authenticator_remove_subkey:
     873                 :            :  * @handle: shishi handle as allocated by shishi_init().
     874                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     875                 :            :  *
     876                 :            :  * Remove subkey from the authenticator.
     877                 :            :  *
     878                 :            :  * Return value: Returns SHISHI_OK iff successful.
     879                 :            :  **/
     880                 :            : int
     881                 :          1 : shishi_authenticator_remove_subkey (Shishi * handle,
     882                 :            :                                     Shishi_asn1 authenticator)
     883                 :            : {
     884                 :            :   int res;
     885                 :            : 
     886                 :          1 :   res = shishi_asn1_write (handle, authenticator, "subkey", NULL, 0);
     887         [ -  + ]:          1 :   if (res != SHISHI_OK)
     888                 :          0 :     return res;
     889                 :            : 
     890                 :          1 :   return SHISHI_OK;
     891                 :            : }
     892                 :            : 
     893                 :            : /**
     894                 :            :  * shishi_authenticator_get_subkey:
     895                 :            :  * @handle: shishi handle as allocated by shishi_init().
     896                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     897                 :            :  * @subkey: output newly allocated subkey from authenticator.
     898                 :            :  *
     899                 :            :  * Read subkey value from authenticator.
     900                 :            :  *
     901                 :            :  * Return value: Returns SHISHI_OK if successful or SHISHI_ASN1_NO_ELEMENT
     902                 :            :  *               if subkey is not present.
     903                 :            :  **/
     904                 :            : int
     905                 :          0 : shishi_authenticator_get_subkey (Shishi * handle,
     906                 :            :                                  Shishi_asn1 authenticator,
     907                 :            :                                  Shishi_key ** subkey)
     908                 :            : {
     909                 :            :   int res;
     910                 :            :   int subkeytype;
     911                 :            :   char *subkeyvalue;
     912                 :            :   size_t subkeylen;
     913                 :            : 
     914                 :          0 :   res = shishi_asn1_read_int32 (handle, authenticator,
     915                 :            :                                 "subkey.keytype", &subkeytype);
     916         [ #  # ]:          0 :   if (res != SHISHI_OK)
     917                 :          0 :     return res;
     918                 :            : 
     919                 :          0 :   res = shishi_asn1_read (handle, authenticator, "subkey.keyvalue",
     920                 :            :                           &subkeyvalue, &subkeylen);
     921         [ #  # ]:          0 :   if (res != SHISHI_OK)
     922                 :          0 :     return res;
     923                 :            : 
     924                 :          0 :   res = shishi_key (handle, subkey);
     925         [ #  # ]:          0 :   if (res != SHISHI_OK)
     926                 :          0 :     return res;
     927                 :            : 
     928                 :          0 :   shishi_key_type_set (*subkey, subkeytype);
     929                 :          0 :   shishi_key_value_set (*subkey, subkeyvalue);
     930                 :            : 
     931                 :          0 :   return SHISHI_OK;
     932                 :            : }
     933                 :            : 
     934                 :            : /**
     935                 :            :  * shishi_authenticator_set_subkey:
     936                 :            :  * @handle: shishi handle as allocated by shishi_init().
     937                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     938                 :            :  * @subkeytype: input subkey type to store in authenticator.
     939                 :            :  * @subkey: input subkey data to store in authenticator.
     940                 :            :  * @subkeylen: size of input subkey data to store in authenticator.
     941                 :            :  *
     942                 :            :  * Store subkey value in authenticator.  A subkey is usually created
     943                 :            :  * by calling shishi_key_random() using the default encryption type of
     944                 :            :  * the key from the ticket that is being used.  To save time, you may
     945                 :            :  * want to use shishi_authenticator_add_subkey() instead, which calculates
     946                 :            :  * the subkey and calls this function in one step.
     947                 :            :  *
     948                 :            :  * Return value: Returns SHISHI_OK iff successful.
     949                 :            :  **/
     950                 :            : int
     951                 :          0 : shishi_authenticator_set_subkey (Shishi * handle,
     952                 :            :                                  Shishi_asn1 authenticator,
     953                 :            :                                  int32_t subkeytype,
     954                 :            :                                  const char *subkey, size_t subkeylen)
     955                 :            : {
     956                 :            :   int res;
     957                 :            : 
     958                 :          0 :   res = shishi_asn1_write_int32 (handle, authenticator,
     959                 :            :                                  "subkey.keytype", subkeytype);
     960         [ #  # ]:          0 :   if (res != SHISHI_OK)
     961                 :          0 :     return res;
     962                 :            : 
     963                 :          0 :   res = shishi_asn1_write (handle, authenticator, "subkey.keyvalue",
     964                 :            :                            subkey, subkeylen);
     965         [ #  # ]:          0 :   if (res != SHISHI_OK)
     966                 :          0 :     return res;
     967                 :            : 
     968                 :          0 :   return SHISHI_OK;
     969                 :            : }
     970                 :            : 
     971                 :            : /**
     972                 :            :  * shishi_authenticator_add_random_subkey:
     973                 :            :  * @handle: shishi handle as allocated by shishi_init().
     974                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
     975                 :            :  *
     976                 :            :  * Generate random subkey, of the default encryption type from
     977                 :            :  * configuration, and store it in the authenticator.
     978                 :            :  *
     979                 :            :  * Return value: Returns SHISHI_OK iff successful.
     980                 :            :  **/
     981                 :            : int
     982                 :          0 : shishi_authenticator_add_random_subkey (Shishi * handle,
     983                 :            :                                         Shishi_asn1 authenticator)
     984                 :            : {
     985                 :            :   int n;
     986                 :            :   int res;
     987                 :            :   int *etypes;
     988                 :            : 
     989                 :          0 :   n = shishi_cfg_clientkdcetype (handle, &etypes);
     990         [ #  # ]:          0 :   if (n <= 0)
     991                 :          0 :     return SHISHI_TICKET_BAD_KEYTYPE;   /* XXX */
     992                 :            : 
     993                 :          0 :   res = shishi_authenticator_add_random_subkey_etype (handle, authenticator,
     994                 :            :                                                       etypes[0]);
     995         [ #  # ]:          0 :   if (res != SHISHI_OK)
     996                 :          0 :     return res;
     997                 :            : 
     998                 :          0 :   return res;
     999                 :            : }
    1000                 :            : 
    1001                 :            : /**
    1002                 :            :  * shishi_authenticator_add_random_subkey_etype:
    1003                 :            :  * @handle: shishi handle as allocated by shishi_init().
    1004                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
    1005                 :            :  * @etype: encryption type of random key to generate.
    1006                 :            :  *
    1007                 :            :  * Generate random subkey of indicated encryption type, and store it
    1008                 :            :  * in the authenticator.
    1009                 :            :  *
    1010                 :            :  * Return value: Returns SHISHI_OK iff successful.
    1011                 :            :  **/
    1012                 :            : int
    1013                 :          0 : shishi_authenticator_add_random_subkey_etype (Shishi * handle,
    1014                 :            :                                               Shishi_asn1 authenticator,
    1015                 :            :                                               int etype)
    1016                 :            : {
    1017                 :            :   int res;
    1018                 :            :   Shishi_key *subkey;
    1019                 :            : 
    1020                 :          0 :   res = shishi_key_random (handle, etype, &subkey);
    1021         [ #  # ]:          0 :   if (res != SHISHI_OK)
    1022                 :          0 :     return res;
    1023                 :            : 
    1024                 :          0 :   res = shishi_authenticator_add_subkey (handle, authenticator, subkey);
    1025                 :            : 
    1026                 :          0 :   shishi_key_done (subkey);
    1027                 :            : 
    1028                 :          0 :   return res;
    1029                 :            : }
    1030                 :            : 
    1031                 :            : /**
    1032                 :            :  * shishi_authenticator_add_subkey:
    1033                 :            :  * @handle: shishi handle as allocated by shishi_init().
    1034                 :            :  * @authenticator: authenticator as allocated by shishi_authenticator().
    1035                 :            :  * @subkey: subkey to add to authenticator.
    1036                 :            :  *
    1037                 :            :  * Store subkey in the authenticator.
    1038                 :            :  *
    1039                 :            :  * Return value: Returns SHISHI_OK iff successful.
    1040                 :            :  **/
    1041                 :            : int
    1042                 :          0 : shishi_authenticator_add_subkey (Shishi * handle,
    1043                 :            :                                  Shishi_asn1 authenticator,
    1044                 :            :                                  Shishi_key * subkey)
    1045                 :            : {
    1046                 :            :   int res;
    1047                 :            : 
    1048                 :          0 :   res = shishi_authenticator_set_subkey (handle, authenticator,
    1049                 :            :                                          shishi_key_type (subkey),
    1050                 :            :                                          shishi_key_value (subkey),
    1051                 :            :                                          shishi_key_length (subkey));
    1052         [ #  # ]:          0 :   if (res != SHISHI_OK)
    1053                 :          0 :     return res;
    1054                 :            : 
    1055                 :          0 :   return SHISHI_OK;
    1056                 :            : }

Generated by: LCOV version 1.8