const krb5_keyblock *key,
krb5_const_principal issuer,
krb5_authdata *const *authdata,
- krb5_authdata **ad_kdcissued);
+ krb5_authdata ***ad_kdcissued);
krb5_error_code KRB5_CALLCONV
krb5_verify_authdata_kdc_issued(krb5_context context,
const krb5_keyblock *key,
t_ad_fx_armor: t_ad_fx_armor.o
$(CC_LINK) -o $@ t_ad_fx_armor.o $(KRB5_BASE_LIBS)
-t_authdata: t_authdata.o copy_auth.o
- $(CC_LINK) -o $@ t_authdata.o copy_auth.o $(KRB5_BASE_LIBS)
+t_authdata: t_authdata.o $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $@ t_authdata.o $(KRB5_BASE_LIBS)
t_kerb: $(T_KERB_OBJS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o t_kerb $(T_KERB_OBJS) $(KRB5_BASE_LIBS)
const krb5_keyblock *key,
krb5_const_principal issuer,
krb5_authdata *const *authdata,
- krb5_authdata **ad_kdcissued)
+ krb5_authdata ***ad_kdcissued)
{
krb5_error_code code;
krb5_ad_kdcissued ad_kdci;
krb5_data *data;
krb5_cksumtype cksumtype;
+ krb5_authdata ad_datum;
+ krb5_authdata *ad_data[2];
*ad_kdcissued = NULL;
ad_kdci.ad_checksum.contents = NULL;
ad_kdci.i_principal = (krb5_principal)issuer;
- ad_kdci.elements = ad_kdcissued;
+ ad_kdci.elements = (krb5_authdata **)authdata;
code = krb5int_c_mandatory_cksumtype(context, key->enctype,
&cksumtype);
if (code != 0)
return code;
- code = encode_krb5_authdata(ad_kdcissued, &data);
+ code = encode_krb5_authdata(ad_kdci.elements, &data);
if (code != 0)
return code;
if (code != 0)
return code;
- krb5_free_checksum_contents(context, &ad_kdci.ad_checksum);
+ ad_datum.ad_type = KRB5_AUTHDATA_KDC_ISSUED;
+ ad_datum.length = data->length;
+ ad_datum.contents = (unsigned char *)data->data;
- *ad_kdcissued = calloc(1, sizeof(krb5_authdata));
- if (*ad_kdcissued == NULL) {
- krb5_free_data(context, data);
- return ENOMEM;
- }
+ ad_data[0] = &ad_datum;
+ ad_data[1] = NULL;
- (*ad_kdcissued)->magic = KV5M_AUTHDATA;
- (*ad_kdcissued)->ad_type = KRB5_AUTHDATA_KDC_ISSUED;
- (*ad_kdcissued)->length = data->length;
- (*ad_kdcissued)->contents = (krb5_octet *)data->data;
+ code = krb5_copy_authdata(context, ad_data, ad_kdcissued);
- free(data);
+ krb5_free_data(context, data);
+ krb5_free_checksum_contents(context, &ad_kdci.ad_checksum);
- return 0;
+ return code;
}
krb5_error_code KRB5_CALLCONV
krb5_data data, *data2;
krb5_boolean valid = FALSE;
+ if ((ad_kdcissued->ad_type & AD_TYPE_FIELD_TYPE_MASK) !=
+ KRB5_AUTHDATA_KDC_ISSUED)
+ return EINVAL;
+
if (issuer != NULL)
*issuer = NULL;
if (authdata != NULL)
krb5_authdata *adseq2[] = {&ad3, NULL};
+krb5_keyblock key = {
+ KV5M_KEYBLOCK,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ 16,
+ (unsigned char *)"1234567890ABCDEF"
+};
+
static void compare_authdata(const krb5_authdata *adc1, krb5_authdata *adc2) {
assert(adc1->ad_type == adc2->ad_type);
assert(adc1->length == adc2->length);
krb5_authdata **results;
krb5_authdata *container[2];
krb5_authdata **container_out;
-
+ krb5_authdata **kdci;
assert(krb5_init_context(&context) == 0);
assert(krb5_merge_authdata(context, adseq1, adseq2, &results) == 0);
compare_authdata( results[1], &ad4);
compare_authdata( results[2], &ad3);
assert( results[3] == NULL);
+ krb5_free_authdata(context, container_out);
+ assert(krb5_make_authdata_kdc_issued(context, &key, NULL, results, &kdci) == 0);
+ assert(krb5_verify_authdata_kdc_issued(context, &key, kdci[0], NULL, &container_out) == 0);
+ compare_authdata(container_out[0], results[0]);
+ compare_authdata(container_out[1], results[1]);
+ compare_authdata(container_out[2], results[2]);
+ krb5_free_authdata(context, kdci);
krb5_free_authdata(context, results);
krb5_free_authdata(context, container_out);
krb5_free_context(context);
projects / thirdparty / krb5.git / commitdiff
