SYNOPSIS
#include <shishi.h>int shishi_kdc_process(Shishi * handle, Shishi_asn1 kdcreq, Shishi_asn1 kdcrep, Shishi_key * key, int keyusage, Shishi_asn1 * enckdcreppart);
ARGUMENTS
- Shishi * handle
- shishi handle as allocated by shishi_init().
- Shishi_asn1 kdcreq
- input variable that holds the sent KDC-REQ.
- Shishi_asn1 kdcrep
- input variable that holds the received KDC-REP.
- Shishi_key * key
- input array with key to decrypt encrypted part of KDC-REP with.
- int keyusage
- kereros key usage value.
- Shishi_asn1 * enckdcreppart
- output variable that holds new EncKDCRepPart.
DESCRIPTION
Process a KDC client exchange and output decrypted EncKDCRepPart which holds details for the new ticket received. Use shishi_kdcrep_get_ticket() to extract the ticket. This function verifies the various conditions that must hold if the response is to be considered valid, specifically it compares nonces (shishi_kdc_check_nonce()) and if the exchange was a AS exchange, it also compares cname and crealm (shishi_as_check_cname() and shishi_as_check_crealm()).Usually the shishi_as_process() and shishi_tgs_process() functions should be used instead, since they simplify the decryption key computation.
RETURN VALUE
Returns SHISHI_OK iff the KDC client exchange was successful.REPORTING BUGS
Report bugs to <[email protected]>.COPYRIGHT
Copyright © 2002-2010 Simon Josefsson.Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.