diff options
author | Simo Sorce <simo@redhat.com> | 2014-11-13 11:31:09 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-11-20 10:52:13 -0500 |
commit | c6afc489a1c9d86fd593bd47c4a8dae6d9a008d2 (patch) | |
tree | 27ad9cc99e3c8e38b8df1adacb3cca5e3f8f1e43 /asn1/ipa_asn1.h | |
parent | b170851058d6712442d553ef3d11ecd21b282443 (diff) | |
download | freeipa-c6afc489a1c9d86fd593bd47c4a8dae6d9a008d2.tar.gz freeipa-c6afc489a1c9d86fd593bd47c4a8dae6d9a008d2.tar.xz freeipa-c6afc489a1c9d86fd593bd47c4a8dae6d9a008d2.zip |
Add asn1c generated code for keytab controls
Instead of manually encoding controls, use an actual asn1 compiler.
The file asn1/asn1c/ipa.asn1 will contain ipa modules. The generated code
is committed to the tree and built into a static library that is linked
to the code that uses it.
The first module implements the GetKeytabControl control.
Related:
https://fedorahosted.org/freeipa/ticket/4718
https://fedorahosted.org/freeipa/ticket/4728
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
Diffstat (limited to 'asn1/ipa_asn1.h')
-rw-r--r-- | asn1/ipa_asn1.h | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/asn1/ipa_asn1.h b/asn1/ipa_asn1.h new file mode 100644 index 000000000..6ffcc5cc8 --- /dev/null +++ b/asn1/ipa_asn1.h @@ -0,0 +1,76 @@ +#ifndef __IPA_ASN1_H_ +#define __IPA_ASN1_H_ + +#include "ipa_krb5.h" + +/** + * @brief Encodes a Get Keytab Request Control + * + * @param newkt Whether this is a New Key request or a Current Key one + * @param princ The principal the keys belong to (this is required) + * @param pwd Optional, only for New Key reqs, the password to use to + * create the new keys + * @param etypes Optional, only for New Key reqs, list of desired + * enctypes + * @param numtypes Optional, Number of desired enctypes in etypes + * @param buf A void pointer wil lcontain pointer to an allocated + * buffer with the serialized control, must be freed + * @param len Length of the returned buffer + * + * @return True on success or False on failure + */ +bool ipaasn1_enc_getkt(bool newkt, const char *princ, const char *pwd, + long *etypes, int numtypes, void **buf, size_t *len); + +/** + * @brief Encodes a Get Keytab Reply Control + * + * @param kvno The new key version number + * @param keys A set of keys to return to the caller + * @param buf A void pointer wil lcontain pointer to an allocated + * buffer with the serialized control, must be freed + * @param len Length of the returned buffer + * + * @return True on success or False on failure + */ +bool ipaasn1_enc_getktreply(int kvno, struct keys_container *keys, + void **buf, size_t *len); + +/** + * @brief Decodes a Get Keytab Requst Control + * + * @param buf A pointer to the serialized buffer + * @param len The lenght of the buffer + * @param newkt Returns whether this is a New Key or Current Key request + * @param princ Returns the principal the keys belong to. + * @param pwd Optional: The password to use to create keys + * @param etypes Optional: The desired enctypes + * @param numtypes Optional: Number of desired enctypes in etypes + * + * @return True on success or False on failure + * + * NOTE: princ, pwd, etypes and numtypes should be zeroed before being + * passed in input, and the caller may need to free them even in + * case of failure. + */ +bool ipaasn1_dec_getkt(void *buf, size_t len, bool *newkt, + char **princ, char **pwd, + long **etypes, int *numtypes); + +/** + * @brief Decodes a Get Keytab Reply Control + * + * @param buf A pointer to the serialized buffer + * @param len The lenght of the buffer + * @param kvno The new key version number + * @param keys A set of keys generated by the server + * + * @return True on success or False on failure + * + * NOTE: keys should be a zeroed structure and the caller may need to free + * it even in case of failure. + */ +bool ipaasn1_dec_getktreply(void *buf, size_t len, + int *kvno, struct keys_container *keys); + +#endif /* __IPA_ASN1_H_ */ |