Api function
#include <shishi.h>
int shishi_kdc_process(Shishi * handle, Shishi_asn1 kdcreq, Shishi_asn1 kdcrep, Shishi_key * key, int keyusage, Shishi_asn1 * enckdcreppart);
shishi handle as allocated by shishi_init().
input variable that holds the sent KDC-REQ.
input variable that holds the received KDC-REP.
input array with key to decrypt encrypted part of KDC-REP with.
kereros key usage value.
output variable that holds new EncKDCRepPart.
Process a KDC client exchange and output decrypted EncKDCRepPart which holds details for the new ticket received. Use shishi_kdcrep_get_ticket() to extract the ticket. This function verifies the various conditions that must hold if the response is to be considered valid, specifically it compares nonces (shishi_kdc_check_nonce()) and if the exchange was a AS exchange, it also compares cname and crealm (shishi_as_check_cname() and shishi_as_check_crealm()).
Usually the shishi_as_process() and shishi_tgs_process() functions should be used instead, since they simplify the decryption key computation.
Returns SHISHI_OK iff the KDC client exchange was successful.
Report bugs to <[email protected]>.
Copyright © 2002-2010 Simon Josefsson.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
The full documentation for shishi is maintained as a Texinfo manual. If the info and shishi programs are properly installed at your site, the command
info shishi
should give you access to the complete manual.