shishi_kdc_process(3) API function


#include <shishi.h>

int shishi_kdc_process(Shishi * handle, Shishi_asn1 kdcreq, Shishi_asn1 kdcrep, Shishi_key * key, int keyusage, Shishi_asn1 * enckdcreppart);


Shishi * handle
shishi handle as allocated by shishi_init().
Shishi_asn1 kdcreq
input variable that holds the sent KDC-REQ.
Shishi_asn1 kdcrep
input variable that holds the received KDC-REP.
Shishi_key * key
input array with key to decrypt encrypted part of KDC-REP with.
int keyusage
kereros key usage value.
Shishi_asn1 * enckdcreppart
output variable that holds new EncKDCRepPart.


Process a KDC client exchange and output decrypted EncKDCRepPart which holds details for the new ticket received. Use shishi_kdcrep_get_ticket() to extract the ticket. This function verifies the various conditions that must hold if the response is to be considered valid, specifically it compares nonces (shishi_kdc_check_nonce()) and if the exchange was a AS exchange, it also compares cname and crealm (shishi_as_check_cname() and shishi_as_check_crealm()).

Usually the shishi_as_process() and shishi_tgs_process() functions should be used instead, since they simplify the decryption key computation.


Returns SHISHI_OK iff the KDC client exchange was successful.


Report bugs to <[email protected]>.


Copyright © 2002-2010 Simon Josefsson.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.