diff options
author | Ken Hornstein <kenh@cmf.nrl.navy.mil> | 2002-10-24 06:49:59 +0000 |
---|---|---|
committer | Ken Hornstein <kenh@cmf.nrl.navy.mil> | 2002-10-24 06:49:59 +0000 |
commit | 5ffe972e2c0e6c3748b6b6a33a4f5f68736a6dc7 (patch) | |
tree | bea2ed9545782a2999e54a0da60d51c5741fa7c3 /src/include/k5-int.h | |
parent | a706a2d0d05ecea7a844db7d291493a5d282ed57 (diff) | |
download | krb5-5ffe972e2c0e6c3748b6b6a33a4f5f68736a6dc7.zip krb5-5ffe972e2c0e6c3748b6b6a33a4f5f68736a6dc7.tar.gz krb5-5ffe972e2c0e6c3748b6b6a33a4f5f68736a6dc7.tar.bz2 |
Client code lacks support for draft-ietf-krb-wg-kerberos-sam-01.txt
This widely-spread commit implements support for the so-called "new"
hardware preauth protocol, defined in the IETF internet-draft
draft-ietf-krb-wg-kerberos-sam-01.txt. Note that this code is client-side
only.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14939 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include/k5-int.h')
-rw-r--r-- | src/include/k5-int.h | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 3f9c330..0ee5dd9 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -387,6 +387,39 @@ typedef struct _krb5_sam_response { krb5_timestamp sam_patimestamp; } krb5_sam_response; +typedef struct _krb5_sam_challenge_2 { + krb5_data sam_challenge_2_body; + krb5_checksum **sam_cksum; /* Array of checksums */ +} krb5_sam_challenge_2; + +typedef struct _krb5_sam_challenge_2_body { + krb5_magic magic; + krb5_int32 sam_type; /* information */ + krb5_flags sam_flags; /* KRB5_SAM_* values */ + krb5_data sam_type_name; + krb5_data sam_track_id; + krb5_data sam_challenge_label; + krb5_data sam_challenge; + krb5_data sam_response_prompt; + krb5_data sam_pk_for_sad; + krb5_int32 sam_nonce; + krb5_enctype sam_etype; +} krb5_sam_challenge_2_body; + +typedef struct _krb5_sam_response_2 { + krb5_magic magic; + krb5_int32 sam_type; /* informational */ + krb5_flags sam_flags; /* KRB5_SAM_* values */ + krb5_data sam_track_id; /* copied */ + krb5_enc_data sam_enc_nonce_or_sad; /* krb5_enc_sam_response_enc */ + krb5_int32 sam_nonce; +} krb5_sam_response_2; + +typedef struct _krb5_enc_sam_response_enc_2 { + krb5_magic magic; + krb5_int32 sam_nonce; + krb5_data sam_sad; +} krb5_enc_sam_response_enc_2; /* * Begin "ext-proto.h" @@ -648,6 +681,14 @@ krb5_error_code krb5int_default_free_state (krb5_data *state); +/* + * Combine two keys (normally used by the hardware preauth mechanism) + */ +krb5_error_code krb5int_c_combine_keys +(krb5_context context, krb5_keyblock *key1, krb5_keyblock *key2, + krb5_keyblock *outkey); + + /* * These declarations are here, so both krb5 and k5crypto * can get to them. @@ -954,20 +995,36 @@ krb5_error_code krb5_do_preauth void KRB5_CALLCONV krb5_free_sam_challenge (krb5_context, krb5_sam_challenge * ); +void KRB5_CALLCONV krb5_free_sam_challenge_2 + (krb5_context, krb5_sam_challenge_2 * ); +void KRB5_CALLCONV krb5_free_sam_challenge_2_body + (krb5_context, krb5_sam_challenge_2_body *); void KRB5_CALLCONV krb5_free_sam_response (krb5_context, krb5_sam_response * ); +void KRB5_CALLCONV krb5_free_sam_response_2 + (krb5_context, krb5_sam_response_2 * ); void KRB5_CALLCONV krb5_free_predicted_sam_response (krb5_context, krb5_predicted_sam_response * ); void KRB5_CALLCONV krb5_free_enc_sam_response_enc (krb5_context, krb5_enc_sam_response_enc * ); +void KRB5_CALLCONV krb5_free_enc_sam_response_enc_2 + (krb5_context, krb5_enc_sam_response_enc_2 * ); void KRB5_CALLCONV krb5_free_sam_challenge_contents (krb5_context, krb5_sam_challenge * ); +void KRB5_CALLCONV krb5_free_sam_challenge_2_contents + (krb5_context, krb5_sam_challenge_2 * ); +void KRB5_CALLCONV krb5_free_sam_challenge_2_body_contents + (krb5_context, krb5_sam_challenge_2_body * ); void KRB5_CALLCONV krb5_free_sam_response_contents (krb5_context, krb5_sam_response * ); +void KRB5_CALLCONV krb5_free_sam_response_2_contents + (krb5_context, krb5_sam_response_2 *); void KRB5_CALLCONV krb5_free_predicted_sam_response_contents (krb5_context, krb5_predicted_sam_response * ); void KRB5_CALLCONV krb5_free_enc_sam_response_enc_contents (krb5_context, krb5_enc_sam_response_enc * ); +void KRB5_CALLCONV krb5_free_enc_sam_response_enc_2_contents + (krb5_context, krb5_enc_sam_response_enc_2 * ); void KRB5_CALLCONV krb5_free_pa_enc_ts (krb5_context, krb5_pa_enc_ts *); @@ -1243,6 +1300,18 @@ krb5_error_code encode_krb5_enc_sam_response_enc krb5_error_code encode_krb5_sam_response (const krb5_sam_response * , krb5_data **); +krb5_error_code encode_krb5_sam_challenge_2 + (const krb5_sam_challenge_2 * , krb5_data **); + +krb5_error_code encode_krb5_sam_challenge_2_body + (const krb5_sam_challenge_2_body * , krb5_data **); + +krb5_error_code encode_krb5_enc_sam_response_enc_2 + (const krb5_enc_sam_response_enc_2 * , krb5_data **); + +krb5_error_code encode_krb5_sam_response_2 + (const krb5_sam_response_2 * , krb5_data **); + krb5_error_code encode_krb5_predicted_sam_response (const krb5_predicted_sam_response * , krb5_data **); @@ -1280,6 +1349,18 @@ krb5_error_code decode_krb5_sam_response krb5_error_code decode_krb5_predicted_sam_response (const krb5_data *, krb5_predicted_sam_response **); +krb5_error_code decode_krb5_sam_challenge_2 + (const krb5_data *, krb5_sam_challenge_2 **); + +krb5_error_code decode_krb5_sam_challenge_2_body + (const krb5_data *, krb5_sam_challenge_2_body **); + +krb5_error_code decode_krb5_enc_sam_response_enc_2 + (const krb5_data *, krb5_enc_sam_response_enc_2 **); + +krb5_error_code decode_krb5_sam_response_2 + (const krb5_data *, krb5_sam_response_2 **); + /************************************************************************* * Prototypes for krb5_decode.c |