1*7934SMark.Phalan@Sun.COM /*
2*7934SMark.Phalan@Sun.COM * COPYRIGHT (C) 2006,2007
3*7934SMark.Phalan@Sun.COM * THE REGENTS OF THE UNIVERSITY OF MICHIGAN
4*7934SMark.Phalan@Sun.COM * ALL RIGHTS RESERVED
5*7934SMark.Phalan@Sun.COM *
6*7934SMark.Phalan@Sun.COM * Permission is granted to use, copy, create derivative works
7*7934SMark.Phalan@Sun.COM * and redistribute this software and such derivative works
8*7934SMark.Phalan@Sun.COM * for any purpose, so long as the name of The University of
9*7934SMark.Phalan@Sun.COM * Michigan is not used in any advertising or publicity
10*7934SMark.Phalan@Sun.COM * pertaining to the use of distribution of this software
11*7934SMark.Phalan@Sun.COM * without specific, written prior authorization. If the
12*7934SMark.Phalan@Sun.COM * above copyright notice or any other identification of the
13*7934SMark.Phalan@Sun.COM * University of Michigan is included in any copy of any
14*7934SMark.Phalan@Sun.COM * portion of this software, then the disclaimer below must
15*7934SMark.Phalan@Sun.COM * also be included.
16*7934SMark.Phalan@Sun.COM *
17*7934SMark.Phalan@Sun.COM * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
18*7934SMark.Phalan@Sun.COM * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
19*7934SMark.Phalan@Sun.COM * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
20*7934SMark.Phalan@Sun.COM * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
21*7934SMark.Phalan@Sun.COM * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
22*7934SMark.Phalan@Sun.COM * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
23*7934SMark.Phalan@Sun.COM * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
24*7934SMark.Phalan@Sun.COM * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
25*7934SMark.Phalan@Sun.COM * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
26*7934SMark.Phalan@Sun.COM * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
27*7934SMark.Phalan@Sun.COM * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
28*7934SMark.Phalan@Sun.COM * SUCH DAMAGES.
29*7934SMark.Phalan@Sun.COM */
30*7934SMark.Phalan@Sun.COM
31*7934SMark.Phalan@Sun.COM #include <stdio.h>
32*7934SMark.Phalan@Sun.COM #include <stdlib.h>
33*7934SMark.Phalan@Sun.COM #include <errno.h>
34*7934SMark.Phalan@Sun.COM #include <unistd.h>
35*7934SMark.Phalan@Sun.COM #include <string.h>
36*7934SMark.Phalan@Sun.COM #include <ctype.h>
37*7934SMark.Phalan@Sun.COM #include <assert.h>
38*7934SMark.Phalan@Sun.COM
39*7934SMark.Phalan@Sun.COM #include "pkinit.h"
40*7934SMark.Phalan@Sun.COM
41*7934SMark.Phalan@Sun.COM #define FAKECERT
42*7934SMark.Phalan@Sun.COM
43*7934SMark.Phalan@Sun.COM const krb5_octet_data
44*7934SMark.Phalan@Sun.COM dh_oid = { 0, 7, (unsigned char *)"\x2A\x86\x48\xce\x3e\x02\x01" };
45*7934SMark.Phalan@Sun.COM
46*7934SMark.Phalan@Sun.COM
47*7934SMark.Phalan@Sun.COM krb5_error_code
pkinit_init_req_opts(pkinit_req_opts ** reqopts)48*7934SMark.Phalan@Sun.COM pkinit_init_req_opts(pkinit_req_opts **reqopts)
49*7934SMark.Phalan@Sun.COM {
50*7934SMark.Phalan@Sun.COM krb5_error_code retval = ENOMEM;
51*7934SMark.Phalan@Sun.COM pkinit_req_opts *opts = NULL;
52*7934SMark.Phalan@Sun.COM
53*7934SMark.Phalan@Sun.COM *reqopts = NULL;
54*7934SMark.Phalan@Sun.COM opts = (pkinit_req_opts *) calloc(1, sizeof(pkinit_req_opts));
55*7934SMark.Phalan@Sun.COM if (opts == NULL)
56*7934SMark.Phalan@Sun.COM return retval;
57*7934SMark.Phalan@Sun.COM
58*7934SMark.Phalan@Sun.COM opts->require_eku = 1;
59*7934SMark.Phalan@Sun.COM opts->accept_secondary_eku = 0;
60*7934SMark.Phalan@Sun.COM opts->allow_upn = 0;
61*7934SMark.Phalan@Sun.COM opts->dh_or_rsa = DH_PROTOCOL;
62*7934SMark.Phalan@Sun.COM opts->require_crl_checking = 0;
63*7934SMark.Phalan@Sun.COM opts->dh_size = PKINIT_DEFAULT_DH_MIN_BITS;
64*7934SMark.Phalan@Sun.COM opts->win2k_target = 0;
65*7934SMark.Phalan@Sun.COM opts->win2k_require_cksum = 0;
66*7934SMark.Phalan@Sun.COM
67*7934SMark.Phalan@Sun.COM *reqopts = opts;
68*7934SMark.Phalan@Sun.COM
69*7934SMark.Phalan@Sun.COM return 0;
70*7934SMark.Phalan@Sun.COM }
71*7934SMark.Phalan@Sun.COM
72*7934SMark.Phalan@Sun.COM void
pkinit_fini_req_opts(pkinit_req_opts * opts)73*7934SMark.Phalan@Sun.COM pkinit_fini_req_opts(pkinit_req_opts *opts)
74*7934SMark.Phalan@Sun.COM {
75*7934SMark.Phalan@Sun.COM if (opts != NULL)
76*7934SMark.Phalan@Sun.COM free(opts);
77*7934SMark.Phalan@Sun.COM return;
78*7934SMark.Phalan@Sun.COM }
79*7934SMark.Phalan@Sun.COM
80*7934SMark.Phalan@Sun.COM krb5_error_code
pkinit_init_plg_opts(pkinit_plg_opts ** plgopts)81*7934SMark.Phalan@Sun.COM pkinit_init_plg_opts(pkinit_plg_opts **plgopts)
82*7934SMark.Phalan@Sun.COM {
83*7934SMark.Phalan@Sun.COM krb5_error_code retval = ENOMEM;
84*7934SMark.Phalan@Sun.COM pkinit_plg_opts *opts = NULL;
85*7934SMark.Phalan@Sun.COM
86*7934SMark.Phalan@Sun.COM *plgopts = NULL;
87*7934SMark.Phalan@Sun.COM opts = (pkinit_plg_opts *) calloc(1, sizeof(pkinit_plg_opts));
88*7934SMark.Phalan@Sun.COM if (opts == NULL)
89*7934SMark.Phalan@Sun.COM return retval;
90*7934SMark.Phalan@Sun.COM
91*7934SMark.Phalan@Sun.COM opts->require_eku = 1;
92*7934SMark.Phalan@Sun.COM opts->accept_secondary_eku = 0;
93*7934SMark.Phalan@Sun.COM opts->dh_or_rsa = DH_PROTOCOL;
94*7934SMark.Phalan@Sun.COM opts->allow_upn = 0;
95*7934SMark.Phalan@Sun.COM opts->require_crl_checking = 0;
96*7934SMark.Phalan@Sun.COM
97*7934SMark.Phalan@Sun.COM opts->dh_min_bits = PKINIT_DEFAULT_DH_MIN_BITS;
98*7934SMark.Phalan@Sun.COM
99*7934SMark.Phalan@Sun.COM *plgopts = opts;
100*7934SMark.Phalan@Sun.COM
101*7934SMark.Phalan@Sun.COM return 0;
102*7934SMark.Phalan@Sun.COM }
103*7934SMark.Phalan@Sun.COM
104*7934SMark.Phalan@Sun.COM void
pkinit_fini_plg_opts(pkinit_plg_opts * opts)105*7934SMark.Phalan@Sun.COM pkinit_fini_plg_opts(pkinit_plg_opts *opts)
106*7934SMark.Phalan@Sun.COM {
107*7934SMark.Phalan@Sun.COM if (opts != NULL)
108*7934SMark.Phalan@Sun.COM free(opts);
109*7934SMark.Phalan@Sun.COM return;
110*7934SMark.Phalan@Sun.COM }
111*7934SMark.Phalan@Sun.COM
112*7934SMark.Phalan@Sun.COM void
free_krb5_pa_pk_as_req(krb5_pa_pk_as_req ** in)113*7934SMark.Phalan@Sun.COM free_krb5_pa_pk_as_req(krb5_pa_pk_as_req **in)
114*7934SMark.Phalan@Sun.COM {
115*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
116*7934SMark.Phalan@Sun.COM if ((*in)->signedAuthPack.data != NULL)
117*7934SMark.Phalan@Sun.COM free((*in)->signedAuthPack.data);
118*7934SMark.Phalan@Sun.COM if ((*in)->trustedCertifiers != NULL)
119*7934SMark.Phalan@Sun.COM free_krb5_external_principal_identifier(&(*in)->trustedCertifiers);
120*7934SMark.Phalan@Sun.COM if ((*in)->kdcPkId.data != NULL)
121*7934SMark.Phalan@Sun.COM free((*in)->kdcPkId.data);
122*7934SMark.Phalan@Sun.COM free(*in);
123*7934SMark.Phalan@Sun.COM }
124*7934SMark.Phalan@Sun.COM
125*7934SMark.Phalan@Sun.COM void
free_krb5_pa_pk_as_req_draft9(krb5_pa_pk_as_req_draft9 ** in)126*7934SMark.Phalan@Sun.COM free_krb5_pa_pk_as_req_draft9(krb5_pa_pk_as_req_draft9 **in)
127*7934SMark.Phalan@Sun.COM {
128*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
129*7934SMark.Phalan@Sun.COM if ((*in)->signedAuthPack.data != NULL)
130*7934SMark.Phalan@Sun.COM free((*in)->signedAuthPack.data);
131*7934SMark.Phalan@Sun.COM if ((*in)->kdcCert.data != NULL)
132*7934SMark.Phalan@Sun.COM free((*in)->kdcCert.data);
133*7934SMark.Phalan@Sun.COM if ((*in)->encryptionCert.data != NULL)
134*7934SMark.Phalan@Sun.COM free((*in)->encryptionCert.data);
135*7934SMark.Phalan@Sun.COM if ((*in)->trustedCertifiers != NULL)
136*7934SMark.Phalan@Sun.COM free_krb5_trusted_ca(&(*in)->trustedCertifiers);
137*7934SMark.Phalan@Sun.COM free(*in);
138*7934SMark.Phalan@Sun.COM }
139*7934SMark.Phalan@Sun.COM
140*7934SMark.Phalan@Sun.COM void
free_krb5_reply_key_pack(krb5_reply_key_pack ** in)141*7934SMark.Phalan@Sun.COM free_krb5_reply_key_pack(krb5_reply_key_pack **in)
142*7934SMark.Phalan@Sun.COM {
143*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
144*7934SMark.Phalan@Sun.COM if ((*in)->replyKey.contents != NULL)
145*7934SMark.Phalan@Sun.COM free((*in)->replyKey.contents);
146*7934SMark.Phalan@Sun.COM if ((*in)->asChecksum.contents != NULL)
147*7934SMark.Phalan@Sun.COM free((*in)->asChecksum.contents);
148*7934SMark.Phalan@Sun.COM free(*in);
149*7934SMark.Phalan@Sun.COM }
150*7934SMark.Phalan@Sun.COM
151*7934SMark.Phalan@Sun.COM void
free_krb5_reply_key_pack_draft9(krb5_reply_key_pack_draft9 ** in)152*7934SMark.Phalan@Sun.COM free_krb5_reply_key_pack_draft9(krb5_reply_key_pack_draft9 **in)
153*7934SMark.Phalan@Sun.COM {
154*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
155*7934SMark.Phalan@Sun.COM if ((*in)->replyKey.contents != NULL)
156*7934SMark.Phalan@Sun.COM free((*in)->replyKey.contents);
157*7934SMark.Phalan@Sun.COM free(*in);
158*7934SMark.Phalan@Sun.COM }
159*7934SMark.Phalan@Sun.COM
160*7934SMark.Phalan@Sun.COM void
free_krb5_auth_pack(krb5_auth_pack ** in)161*7934SMark.Phalan@Sun.COM free_krb5_auth_pack(krb5_auth_pack **in)
162*7934SMark.Phalan@Sun.COM {
163*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
164*7934SMark.Phalan@Sun.COM if ((*in)->clientPublicValue != NULL) {
165*7934SMark.Phalan@Sun.COM if ((*in)->clientPublicValue->algorithm.algorithm.data != NULL)
166*7934SMark.Phalan@Sun.COM free((*in)->clientPublicValue->algorithm.algorithm.data);
167*7934SMark.Phalan@Sun.COM if ((*in)->clientPublicValue->algorithm.parameters.data != NULL)
168*7934SMark.Phalan@Sun.COM free((*in)->clientPublicValue->algorithm.parameters.data);
169*7934SMark.Phalan@Sun.COM if ((*in)->clientPublicValue->subjectPublicKey.data != NULL)
170*7934SMark.Phalan@Sun.COM free((*in)->clientPublicValue->subjectPublicKey.data);
171*7934SMark.Phalan@Sun.COM free((*in)->clientPublicValue);
172*7934SMark.Phalan@Sun.COM }
173*7934SMark.Phalan@Sun.COM if ((*in)->pkAuthenticator.paChecksum.contents != NULL)
174*7934SMark.Phalan@Sun.COM free((*in)->pkAuthenticator.paChecksum.contents);
175*7934SMark.Phalan@Sun.COM if ((*in)->supportedCMSTypes != NULL)
176*7934SMark.Phalan@Sun.COM free_krb5_algorithm_identifiers(&((*in)->supportedCMSTypes));
177*7934SMark.Phalan@Sun.COM free(*in);
178*7934SMark.Phalan@Sun.COM }
179*7934SMark.Phalan@Sun.COM
180*7934SMark.Phalan@Sun.COM void
free_krb5_auth_pack_draft9(krb5_context context,krb5_auth_pack_draft9 ** in)181*7934SMark.Phalan@Sun.COM free_krb5_auth_pack_draft9(krb5_context context,
182*7934SMark.Phalan@Sun.COM krb5_auth_pack_draft9 **in)
183*7934SMark.Phalan@Sun.COM {
184*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
185*7934SMark.Phalan@Sun.COM krb5_free_principal(context, (*in)->pkAuthenticator.kdcName);
186*7934SMark.Phalan@Sun.COM free(*in);
187*7934SMark.Phalan@Sun.COM }
188*7934SMark.Phalan@Sun.COM
189*7934SMark.Phalan@Sun.COM void
free_krb5_pa_pk_as_rep(krb5_pa_pk_as_rep ** in)190*7934SMark.Phalan@Sun.COM free_krb5_pa_pk_as_rep(krb5_pa_pk_as_rep **in)
191*7934SMark.Phalan@Sun.COM {
192*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
193*7934SMark.Phalan@Sun.COM switch ((*in)->choice) {
194*7934SMark.Phalan@Sun.COM case choice_pa_pk_as_rep_dhInfo:
195*7934SMark.Phalan@Sun.COM if ((*in)->u.dh_Info.dhSignedData.data != NULL)
196*7934SMark.Phalan@Sun.COM free((*in)->u.dh_Info.dhSignedData.data);
197*7934SMark.Phalan@Sun.COM break;
198*7934SMark.Phalan@Sun.COM case choice_pa_pk_as_rep_encKeyPack:
199*7934SMark.Phalan@Sun.COM if ((*in)->u.encKeyPack.data != NULL)
200*7934SMark.Phalan@Sun.COM free((*in)->u.encKeyPack.data);
201*7934SMark.Phalan@Sun.COM break;
202*7934SMark.Phalan@Sun.COM default:
203*7934SMark.Phalan@Sun.COM break;
204*7934SMark.Phalan@Sun.COM }
205*7934SMark.Phalan@Sun.COM free(*in);
206*7934SMark.Phalan@Sun.COM }
207*7934SMark.Phalan@Sun.COM
208*7934SMark.Phalan@Sun.COM void
free_krb5_pa_pk_as_rep_draft9(krb5_pa_pk_as_rep_draft9 ** in)209*7934SMark.Phalan@Sun.COM free_krb5_pa_pk_as_rep_draft9(krb5_pa_pk_as_rep_draft9 **in)
210*7934SMark.Phalan@Sun.COM {
211*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
212*7934SMark.Phalan@Sun.COM if ((*in)->u.encKeyPack.data != NULL)
213*7934SMark.Phalan@Sun.COM free((*in)->u.encKeyPack.data);
214*7934SMark.Phalan@Sun.COM free(*in);
215*7934SMark.Phalan@Sun.COM }
216*7934SMark.Phalan@Sun.COM
217*7934SMark.Phalan@Sun.COM void
free_krb5_external_principal_identifier(krb5_external_principal_identifier *** in)218*7934SMark.Phalan@Sun.COM free_krb5_external_principal_identifier(krb5_external_principal_identifier ***in)
219*7934SMark.Phalan@Sun.COM {
220*7934SMark.Phalan@Sun.COM int i = 0;
221*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
222*7934SMark.Phalan@Sun.COM while ((*in)[i] != NULL) {
223*7934SMark.Phalan@Sun.COM if ((*in)[i]->subjectName.data != NULL)
224*7934SMark.Phalan@Sun.COM free((*in)[i]->subjectName.data);
225*7934SMark.Phalan@Sun.COM if ((*in)[i]->issuerAndSerialNumber.data != NULL)
226*7934SMark.Phalan@Sun.COM free((*in)[i]->issuerAndSerialNumber.data);
227*7934SMark.Phalan@Sun.COM if ((*in)[i]->subjectKeyIdentifier.data != NULL)
228*7934SMark.Phalan@Sun.COM free((*in)[i]->subjectKeyIdentifier.data);
229*7934SMark.Phalan@Sun.COM free((*in)[i]);
230*7934SMark.Phalan@Sun.COM i++;
231*7934SMark.Phalan@Sun.COM }
232*7934SMark.Phalan@Sun.COM free(*in);
233*7934SMark.Phalan@Sun.COM }
234*7934SMark.Phalan@Sun.COM
235*7934SMark.Phalan@Sun.COM void
free_krb5_trusted_ca(krb5_trusted_ca *** in)236*7934SMark.Phalan@Sun.COM free_krb5_trusted_ca(krb5_trusted_ca ***in)
237*7934SMark.Phalan@Sun.COM {
238*7934SMark.Phalan@Sun.COM int i = 0;
239*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
240*7934SMark.Phalan@Sun.COM while ((*in)[i] != NULL) {
241*7934SMark.Phalan@Sun.COM switch((*in)[i]->choice) {
242*7934SMark.Phalan@Sun.COM case choice_trusted_cas_principalName:
243*7934SMark.Phalan@Sun.COM break;
244*7934SMark.Phalan@Sun.COM case choice_trusted_cas_caName:
245*7934SMark.Phalan@Sun.COM if ((*in)[i]->u.caName.data != NULL)
246*7934SMark.Phalan@Sun.COM free((*in)[i]->u.caName.data);
247*7934SMark.Phalan@Sun.COM break;
248*7934SMark.Phalan@Sun.COM case choice_trusted_cas_issuerAndSerial:
249*7934SMark.Phalan@Sun.COM if ((*in)[i]->u.issuerAndSerial.data != NULL)
250*7934SMark.Phalan@Sun.COM free((*in)[i]->u.issuerAndSerial.data);
251*7934SMark.Phalan@Sun.COM break;
252*7934SMark.Phalan@Sun.COM case choice_trusted_cas_UNKNOWN:
253*7934SMark.Phalan@Sun.COM break;
254*7934SMark.Phalan@Sun.COM }
255*7934SMark.Phalan@Sun.COM free((*in)[i]);
256*7934SMark.Phalan@Sun.COM i++;
257*7934SMark.Phalan@Sun.COM }
258*7934SMark.Phalan@Sun.COM free(*in);
259*7934SMark.Phalan@Sun.COM }
260*7934SMark.Phalan@Sun.COM
261*7934SMark.Phalan@Sun.COM void
free_krb5_typed_data(krb5_typed_data *** in)262*7934SMark.Phalan@Sun.COM free_krb5_typed_data(krb5_typed_data ***in)
263*7934SMark.Phalan@Sun.COM {
264*7934SMark.Phalan@Sun.COM int i = 0;
265*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
266*7934SMark.Phalan@Sun.COM while ((*in)[i] != NULL) {
267*7934SMark.Phalan@Sun.COM if ((*in)[i]->data != NULL)
268*7934SMark.Phalan@Sun.COM free((*in)[i]->data);
269*7934SMark.Phalan@Sun.COM free((*in)[i]);
270*7934SMark.Phalan@Sun.COM i++;
271*7934SMark.Phalan@Sun.COM }
272*7934SMark.Phalan@Sun.COM free(*in);
273*7934SMark.Phalan@Sun.COM }
274*7934SMark.Phalan@Sun.COM
275*7934SMark.Phalan@Sun.COM void
free_krb5_algorithm_identifier(krb5_algorithm_identifier * in)276*7934SMark.Phalan@Sun.COM free_krb5_algorithm_identifier(krb5_algorithm_identifier *in)
277*7934SMark.Phalan@Sun.COM {
278*7934SMark.Phalan@Sun.COM if (in == NULL)
279*7934SMark.Phalan@Sun.COM return;
280*7934SMark.Phalan@Sun.COM if (in->algorithm.data != NULL)
281*7934SMark.Phalan@Sun.COM free(in->algorithm.data);
282*7934SMark.Phalan@Sun.COM if (in->parameters.data != NULL)
283*7934SMark.Phalan@Sun.COM free(in->parameters.data);
284*7934SMark.Phalan@Sun.COM free(in);
285*7934SMark.Phalan@Sun.COM }
286*7934SMark.Phalan@Sun.COM
287*7934SMark.Phalan@Sun.COM void
free_krb5_algorithm_identifiers(krb5_algorithm_identifier *** in)288*7934SMark.Phalan@Sun.COM free_krb5_algorithm_identifiers(krb5_algorithm_identifier ***in)
289*7934SMark.Phalan@Sun.COM {
290*7934SMark.Phalan@Sun.COM int i;
291*7934SMark.Phalan@Sun.COM if (in == NULL || *in == NULL)
292*7934SMark.Phalan@Sun.COM return;
293*7934SMark.Phalan@Sun.COM for (i = 0; (*in)[i] != NULL; i++) {
294*7934SMark.Phalan@Sun.COM free_krb5_algorithm_identifier((*in)[i]);
295*7934SMark.Phalan@Sun.COM }
296*7934SMark.Phalan@Sun.COM free(*in);
297*7934SMark.Phalan@Sun.COM }
298*7934SMark.Phalan@Sun.COM
299*7934SMark.Phalan@Sun.COM void
free_krb5_subject_pk_info(krb5_subject_pk_info ** in)300*7934SMark.Phalan@Sun.COM free_krb5_subject_pk_info(krb5_subject_pk_info **in)
301*7934SMark.Phalan@Sun.COM {
302*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
303*7934SMark.Phalan@Sun.COM if ((*in)->algorithm.parameters.data != NULL)
304*7934SMark.Phalan@Sun.COM free((*in)->algorithm.parameters.data);
305*7934SMark.Phalan@Sun.COM if ((*in)->subjectPublicKey.data != NULL)
306*7934SMark.Phalan@Sun.COM free((*in)->subjectPublicKey.data);
307*7934SMark.Phalan@Sun.COM free(*in);
308*7934SMark.Phalan@Sun.COM }
309*7934SMark.Phalan@Sun.COM
310*7934SMark.Phalan@Sun.COM void
free_krb5_kdc_dh_key_info(krb5_kdc_dh_key_info ** in)311*7934SMark.Phalan@Sun.COM free_krb5_kdc_dh_key_info(krb5_kdc_dh_key_info **in)
312*7934SMark.Phalan@Sun.COM {
313*7934SMark.Phalan@Sun.COM if (*in == NULL) return;
314*7934SMark.Phalan@Sun.COM if ((*in)->subjectPublicKey.data != NULL)
315*7934SMark.Phalan@Sun.COM free((*in)->subjectPublicKey.data);
316*7934SMark.Phalan@Sun.COM free(*in);
317*7934SMark.Phalan@Sun.COM }
318*7934SMark.Phalan@Sun.COM
319*7934SMark.Phalan@Sun.COM void
init_krb5_pa_pk_as_req(krb5_pa_pk_as_req ** in)320*7934SMark.Phalan@Sun.COM init_krb5_pa_pk_as_req(krb5_pa_pk_as_req **in)
321*7934SMark.Phalan@Sun.COM {
322*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_pa_pk_as_req));
323*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
324*7934SMark.Phalan@Sun.COM (*in)->signedAuthPack.data = NULL;
325*7934SMark.Phalan@Sun.COM (*in)->signedAuthPack.length = 0;
326*7934SMark.Phalan@Sun.COM (*in)->trustedCertifiers = NULL;
327*7934SMark.Phalan@Sun.COM (*in)->kdcPkId.data = NULL;
328*7934SMark.Phalan@Sun.COM (*in)->kdcPkId.length = 0;
329*7934SMark.Phalan@Sun.COM }
330*7934SMark.Phalan@Sun.COM
331*7934SMark.Phalan@Sun.COM void
init_krb5_pa_pk_as_req_draft9(krb5_pa_pk_as_req_draft9 ** in)332*7934SMark.Phalan@Sun.COM init_krb5_pa_pk_as_req_draft9(krb5_pa_pk_as_req_draft9 **in)
333*7934SMark.Phalan@Sun.COM {
334*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_pa_pk_as_req_draft9));
335*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
336*7934SMark.Phalan@Sun.COM (*in)->signedAuthPack.data = NULL;
337*7934SMark.Phalan@Sun.COM (*in)->signedAuthPack.length = 0;
338*7934SMark.Phalan@Sun.COM (*in)->trustedCertifiers = NULL;
339*7934SMark.Phalan@Sun.COM (*in)->kdcCert.data = NULL;
340*7934SMark.Phalan@Sun.COM (*in)->kdcCert.length = 0;
341*7934SMark.Phalan@Sun.COM (*in)->encryptionCert.data = NULL;
342*7934SMark.Phalan@Sun.COM (*in)->encryptionCert.length = 0;
343*7934SMark.Phalan@Sun.COM }
344*7934SMark.Phalan@Sun.COM
345*7934SMark.Phalan@Sun.COM void
init_krb5_reply_key_pack(krb5_reply_key_pack ** in)346*7934SMark.Phalan@Sun.COM init_krb5_reply_key_pack(krb5_reply_key_pack **in)
347*7934SMark.Phalan@Sun.COM {
348*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_reply_key_pack));
349*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
350*7934SMark.Phalan@Sun.COM (*in)->replyKey.contents = NULL;
351*7934SMark.Phalan@Sun.COM (*in)->replyKey.length = 0;
352*7934SMark.Phalan@Sun.COM (*in)->asChecksum.contents = NULL;
353*7934SMark.Phalan@Sun.COM (*in)->asChecksum.length = 0;
354*7934SMark.Phalan@Sun.COM }
355*7934SMark.Phalan@Sun.COM
356*7934SMark.Phalan@Sun.COM void
init_krb5_reply_key_pack_draft9(krb5_reply_key_pack_draft9 ** in)357*7934SMark.Phalan@Sun.COM init_krb5_reply_key_pack_draft9(krb5_reply_key_pack_draft9 **in)
358*7934SMark.Phalan@Sun.COM {
359*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_reply_key_pack_draft9));
360*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
361*7934SMark.Phalan@Sun.COM (*in)->replyKey.contents = NULL;
362*7934SMark.Phalan@Sun.COM (*in)->replyKey.length = 0;
363*7934SMark.Phalan@Sun.COM }
364*7934SMark.Phalan@Sun.COM
365*7934SMark.Phalan@Sun.COM void
init_krb5_auth_pack(krb5_auth_pack ** in)366*7934SMark.Phalan@Sun.COM init_krb5_auth_pack(krb5_auth_pack **in)
367*7934SMark.Phalan@Sun.COM {
368*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_auth_pack));
369*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
370*7934SMark.Phalan@Sun.COM (*in)->clientPublicValue = NULL;
371*7934SMark.Phalan@Sun.COM (*in)->supportedCMSTypes = NULL;
372*7934SMark.Phalan@Sun.COM (*in)->clientDHNonce.length = 0;
373*7934SMark.Phalan@Sun.COM (*in)->clientDHNonce.data = NULL;
374*7934SMark.Phalan@Sun.COM (*in)->pkAuthenticator.paChecksum.contents = NULL;
375*7934SMark.Phalan@Sun.COM }
376*7934SMark.Phalan@Sun.COM
377*7934SMark.Phalan@Sun.COM void
init_krb5_auth_pack_draft9(krb5_auth_pack_draft9 ** in)378*7934SMark.Phalan@Sun.COM init_krb5_auth_pack_draft9(krb5_auth_pack_draft9 **in)
379*7934SMark.Phalan@Sun.COM {
380*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_auth_pack_draft9));
381*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
382*7934SMark.Phalan@Sun.COM (*in)->clientPublicValue = NULL;
383*7934SMark.Phalan@Sun.COM }
384*7934SMark.Phalan@Sun.COM
385*7934SMark.Phalan@Sun.COM void
init_krb5_pa_pk_as_rep(krb5_pa_pk_as_rep ** in)386*7934SMark.Phalan@Sun.COM init_krb5_pa_pk_as_rep(krb5_pa_pk_as_rep **in)
387*7934SMark.Phalan@Sun.COM {
388*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_pa_pk_as_rep));
389*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
390*7934SMark.Phalan@Sun.COM (*in)->u.dh_Info.serverDHNonce.length = 0;
391*7934SMark.Phalan@Sun.COM (*in)->u.dh_Info.serverDHNonce.data = NULL;
392*7934SMark.Phalan@Sun.COM (*in)->u.dh_Info.dhSignedData.length = 0;
393*7934SMark.Phalan@Sun.COM (*in)->u.dh_Info.dhSignedData.data = NULL;
394*7934SMark.Phalan@Sun.COM (*in)->u.encKeyPack.length = 0;
395*7934SMark.Phalan@Sun.COM (*in)->u.encKeyPack.data = NULL;
396*7934SMark.Phalan@Sun.COM }
397*7934SMark.Phalan@Sun.COM
398*7934SMark.Phalan@Sun.COM void
init_krb5_pa_pk_as_rep_draft9(krb5_pa_pk_as_rep_draft9 ** in)399*7934SMark.Phalan@Sun.COM init_krb5_pa_pk_as_rep_draft9(krb5_pa_pk_as_rep_draft9 **in)
400*7934SMark.Phalan@Sun.COM {
401*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_pa_pk_as_rep_draft9));
402*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
403*7934SMark.Phalan@Sun.COM (*in)->u.dhSignedData.length = 0;
404*7934SMark.Phalan@Sun.COM (*in)->u.dhSignedData.data = NULL;
405*7934SMark.Phalan@Sun.COM (*in)->u.encKeyPack.length = 0;
406*7934SMark.Phalan@Sun.COM (*in)->u.encKeyPack.data = NULL;
407*7934SMark.Phalan@Sun.COM }
408*7934SMark.Phalan@Sun.COM
409*7934SMark.Phalan@Sun.COM void
init_krb5_typed_data(krb5_typed_data ** in)410*7934SMark.Phalan@Sun.COM init_krb5_typed_data(krb5_typed_data **in)
411*7934SMark.Phalan@Sun.COM {
412*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_typed_data));
413*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
414*7934SMark.Phalan@Sun.COM (*in)->type = 0;
415*7934SMark.Phalan@Sun.COM (*in)->length = 0;
416*7934SMark.Phalan@Sun.COM (*in)->data = NULL;
417*7934SMark.Phalan@Sun.COM }
418*7934SMark.Phalan@Sun.COM
419*7934SMark.Phalan@Sun.COM void
init_krb5_subject_pk_info(krb5_subject_pk_info ** in)420*7934SMark.Phalan@Sun.COM init_krb5_subject_pk_info(krb5_subject_pk_info **in)
421*7934SMark.Phalan@Sun.COM {
422*7934SMark.Phalan@Sun.COM (*in) = malloc(sizeof(krb5_subject_pk_info));
423*7934SMark.Phalan@Sun.COM if ((*in) == NULL) return;
424*7934SMark.Phalan@Sun.COM (*in)->algorithm.parameters.data = NULL;
425*7934SMark.Phalan@Sun.COM (*in)->algorithm.parameters.length = 0;
426*7934SMark.Phalan@Sun.COM (*in)->subjectPublicKey.data = NULL;
427*7934SMark.Phalan@Sun.COM (*in)->subjectPublicKey.length = 0;
428*7934SMark.Phalan@Sun.COM }
429*7934SMark.Phalan@Sun.COM
430*7934SMark.Phalan@Sun.COM krb5_error_code
pkinit_copy_krb5_octet_data(krb5_octet_data * dst,const krb5_octet_data * src)431*7934SMark.Phalan@Sun.COM pkinit_copy_krb5_octet_data(krb5_octet_data *dst, const krb5_octet_data *src)
432*7934SMark.Phalan@Sun.COM {
433*7934SMark.Phalan@Sun.COM if (dst == NULL || src == NULL)
434*7934SMark.Phalan@Sun.COM return EINVAL;
435*7934SMark.Phalan@Sun.COM if (src->data == NULL) {
436*7934SMark.Phalan@Sun.COM dst->data = NULL;
437*7934SMark.Phalan@Sun.COM dst->length = 0;
438*7934SMark.Phalan@Sun.COM return 0;
439*7934SMark.Phalan@Sun.COM }
440*7934SMark.Phalan@Sun.COM dst->data = malloc(src->length);
441*7934SMark.Phalan@Sun.COM if (dst->data == NULL)
442*7934SMark.Phalan@Sun.COM return ENOMEM;
443*7934SMark.Phalan@Sun.COM (void) memcpy(dst->data, src->data, src->length);
444*7934SMark.Phalan@Sun.COM dst->length = src->length;
445*7934SMark.Phalan@Sun.COM return 0;
446*7934SMark.Phalan@Sun.COM }
447*7934SMark.Phalan@Sun.COM
448*7934SMark.Phalan@Sun.COM /* debugging functions */
449*7934SMark.Phalan@Sun.COM void
print_buffer(unsigned char * buf,unsigned int len)450*7934SMark.Phalan@Sun.COM print_buffer(unsigned char *buf, unsigned int len)
451*7934SMark.Phalan@Sun.COM {
452*7934SMark.Phalan@Sun.COM int i = 0;
453*7934SMark.Phalan@Sun.COM /* Solaris Kerberos: len is unsigned (lint) */
454*7934SMark.Phalan@Sun.COM if (len == 0)
455*7934SMark.Phalan@Sun.COM return;
456*7934SMark.Phalan@Sun.COM
457*7934SMark.Phalan@Sun.COM for (i = 0; i < len; i++)
458*7934SMark.Phalan@Sun.COM pkiDebug("%02x ", buf[i]);
459*7934SMark.Phalan@Sun.COM pkiDebug("\n");
460*7934SMark.Phalan@Sun.COM }
461*7934SMark.Phalan@Sun.COM
462*7934SMark.Phalan@Sun.COM void
print_buffer_bin(unsigned char * buf,unsigned int len,char * filename)463*7934SMark.Phalan@Sun.COM print_buffer_bin(unsigned char *buf, unsigned int len, char *filename)
464*7934SMark.Phalan@Sun.COM {
465*7934SMark.Phalan@Sun.COM FILE *f = NULL;
466*7934SMark.Phalan@Sun.COM int i = 0;
467*7934SMark.Phalan@Sun.COM
468*7934SMark.Phalan@Sun.COM /* Solaris Kerberos: len is unsigned (lint) */
469*7934SMark.Phalan@Sun.COM if (len == 0 || filename == NULL)
470*7934SMark.Phalan@Sun.COM return;
471*7934SMark.Phalan@Sun.COM
472*7934SMark.Phalan@Sun.COM if ((f = fopen(filename, "w")) == NULL)
473*7934SMark.Phalan@Sun.COM return;
474*7934SMark.Phalan@Sun.COM
475*7934SMark.Phalan@Sun.COM for (i = 0; i < len; i++)
476*7934SMark.Phalan@Sun.COM (void) fputc(buf[i], f);
477*7934SMark.Phalan@Sun.COM
478*7934SMark.Phalan@Sun.COM (void) fclose(f);
479*7934SMark.Phalan@Sun.COM }
480