NAME¶

shishi_kdc_process - API function

SYNOPSIS¶

#include <shishi.h> int shishi_kdc_process(Shishi * handle, Shishi_asn1 kdcreq, Shishi_asn1 kdcrep, Shishi_key * key, int keyusage, Shishi_asn1 * enckdcreppart);

ARGUMENTS¶

Shishi * handle

shishi handle as allocated by shishi_init().

Shishi_asn1 kdcreq

input variable that holds the sent KDC-REQ.

Shishi_asn1 kdcrep

input variable that holds the received KDC-REP.

Shishi_key * key

input array with key to decrypt encrypted part of KDC-REP with.

int keyusage

kereros key usage value.

Shishi_asn1 * enckdcreppart

output variable that holds new EncKDCRepPart.

DESCRIPTION¶

Process a KDC client exchange and output decrypted EncKDCRepPart which holds details for the new ticket received. Use shishi_kdcrep_get_ticket() to extract the ticket. This function verifies the various conditions that must hold if the response is to be considered valid, specifically it compares nonces ( shishi_kdc_check_nonce()) and if the exchange was a AS exchange, it also compares cname and crealm ( shishi_as_check_cname() and shishi_as_check_crealm()). Usually the shishi_as_process() and shishi_tgs_process() functions should be used instead, since they simplify the decryption key computation.

RETURN VALUE¶

Returns SHISHI_OK iff the KDC client exchange was successful.

REPORTING BUGS¶

Report bugs to <bug-shishi@gnu.org>.

COPYRIGHT¶

Copyright © 2002-2010 Simon Josefsson. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO¶

The full documentation for shishi is maintained as a Texinfo manual. If the info and shishi programs are properly installed at your site, the command

info shishi

should give you access to the complete manual.