1178825Sdfr/* 2233294Sstas * Copyright (c) 2006 Kungliga Tekniska H��gskolan 3233294Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4233294Sstas * All rights reserved. 5178825Sdfr * 6233294Sstas * Redistribution and use in source and binary forms, with or without 7233294Sstas * modification, are permitted provided that the following conditions 8233294Sstas * are met: 9178825Sdfr * 10233294Sstas * 1. Redistributions of source code must retain the above copyright 11233294Sstas * notice, this list of conditions and the following disclaimer. 12178825Sdfr * 13233294Sstas * 2. Redistributions in binary form must reproduce the above copyright 14233294Sstas * notice, this list of conditions and the following disclaimer in the 15233294Sstas * documentation and/or other materials provided with the distribution. 16178825Sdfr * 17233294Sstas * 3. Neither the name of the Institute nor the names of its contributors 18233294Sstas * may be used to endorse or promote products derived from this software 19233294Sstas * without specific prior written permission. 20178825Sdfr * 21233294Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22233294Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23233294Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24233294Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25233294Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26233294Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27233294Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28233294Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29233294Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30233294Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31233294Sstas * SUCH DAMAGE. 32178825Sdfr */ 33178825Sdfr 34178825Sdfr#include "krb5_locl.h" 35178825Sdfr 36178825Sdfr/* 37178825Sdfr * This PAC and keys are copied (with permission) from Samba torture 38178825Sdfr * regression test suite, they where created by Andrew Bartlet. 39178825Sdfr */ 40178825Sdfr 41178825Sdfrstatic const unsigned char saved_pac[] = { 42233294Sstas 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xd8, 0x01, 0x00, 0x00, 43178825Sdfr 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 44178825Sdfr 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 45178825Sdfr 0x40, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 46178825Sdfr 0x58, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x10, 0x08, 0x00, 0xcc, 0xcc, 0xcc, 0xcc, 47233294Sstas 0xc8, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x30, 0xdf, 0xa6, 0xcb, 48233294Sstas 0x4f, 0x7d, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 49178825Sdfr 0xff, 0xff, 0xff, 0x7f, 0xc0, 0x3c, 0x4e, 0x59, 0x62, 0x73, 0xc5, 0x01, 0xc0, 0x3c, 0x4e, 0x59, 50178825Sdfr 0x62, 0x73, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0x16, 0x00, 0x16, 0x00, 51178825Sdfr 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 52233294Sstas 0x0c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 53233294Sstas 0x14, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x02, 0x00, 0x65, 0x00, 0x00, 0x00, 54178825Sdfr 0xed, 0x03, 0x00, 0x00, 0x04, 0x02, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x1c, 0x00, 0x02, 0x00, 55178825Sdfr 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 56178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x16, 0x00, 0x20, 0x00, 0x02, 0x00, 0x16, 0x00, 0x18, 0x00, 57178825Sdfr 0x24, 0x00, 0x02, 0x00, 0x28, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 58178825Sdfr 0x00, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 59178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 60178825Sdfr 0x01, 0x00, 0x00, 0x00, 0x2c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 61178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 62178825Sdfr 0x57, 0x00, 0x32, 0x00, 0x30, 0x00, 0x30, 0x00, 0x33, 0x00, 0x46, 0x00, 0x49, 0x00, 0x4e, 0x00, 63178825Sdfr 0x41, 0x00, 0x4c, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 64178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 65178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 66178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 67178825Sdfr 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x04, 0x02, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 68178825Sdfr 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x57, 0x00, 0x32, 0x00, 69178825Sdfr 0x30, 0x00, 0x30, 0x00, 0x33, 0x00, 0x46, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x4c, 0x00, 70178825Sdfr 0x0c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x57, 0x00, 0x49, 0x00, 71178825Sdfr 0x4e, 0x00, 0x32, 0x00, 0x4b, 0x00, 0x33, 0x00, 0x54, 0x00, 0x48, 0x00, 0x49, 0x00, 0x4e, 0x00, 72178825Sdfr 0x4b, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 73178825Sdfr 0x15, 0x00, 0x00, 0x00, 0x11, 0x2f, 0xaf, 0xb5, 0x90, 0x04, 0x1b, 0xec, 0x50, 0x3b, 0xec, 0xdc, 74178825Sdfr 0x01, 0x00, 0x00, 0x00, 0x30, 0x00, 0x02, 0x00, 0x07, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 75178825Sdfr 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 76178825Sdfr 0x80, 0x66, 0x28, 0xea, 0x37, 0x80, 0xc5, 0x01, 0x16, 0x00, 0x77, 0x00, 0x32, 0x00, 0x30, 0x00, 77178825Sdfr 0x30, 0x00, 0x33, 0x00, 0x66, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x24, 0x00, 78178825Sdfr 0x76, 0xff, 0xff, 0xff, 0x37, 0xd5, 0xb0, 0xf7, 0x24, 0xf0, 0xd6, 0xd4, 0xec, 0x09, 0x86, 0x5a, 79178825Sdfr 0xa0, 0xe8, 0xc3, 0xa9, 0x00, 0x00, 0x00, 0x00, 0x76, 0xff, 0xff, 0xff, 0xb4, 0xd8, 0xb8, 0xfe, 80178825Sdfr 0x83, 0xb3, 0x13, 0x3f, 0xfc, 0x5c, 0x41, 0xad, 0xe2, 0x64, 0x83, 0xe0, 0x00, 0x00, 0x00, 0x00 81178825Sdfr}; 82178825Sdfr 83178825Sdfrstatic int type_1_length = 472; 84178825Sdfr 85178825Sdfrstatic const krb5_keyblock kdc_keyblock = { 86178825Sdfr ETYPE_ARCFOUR_HMAC_MD5, 87178825Sdfr { 16, "\xB2\x86\x75\x71\x48\xAF\x7F\xD2\x52\xC5\x36\x03\xA1\x50\xB7\xE7" } 88178825Sdfr}; 89178825Sdfr 90178825Sdfrstatic const krb5_keyblock member_keyblock = { 91178825Sdfr ETYPE_ARCFOUR_HMAC_MD5, 92178825Sdfr { 16, "\xD2\x17\xFA\xEA\xE5\xE6\xB5\xF9\x5C\xCC\x94\x07\x7A\xB8\xA5\xFC" } 93178825Sdfr}; 94178825Sdfr 95178825Sdfrstatic time_t authtime = 1120440609; 96233294Sstasstatic const char *user = "w2003final$"; 97178825Sdfr 98233294Sstas/* 99233294Sstas * This pac from Christan Krause 100233294Sstas */ 101233294Sstas 102233294Sstasstatic const unsigned char saved_pac2[] = 103233294Sstas "\x05\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\xc8\x01\x00\x00" 104233294Sstas "\x58\x00\x00\x00\x00\x00\x00\x00\x0a\x00\x00\x00\x18\x00\x00\x00" 105233294Sstas "\x20\x02\x00\x00\x00\x00\x00\x00\x0c\x00\x00\x00\x70\x00\x00\x00" 106233294Sstas "\x38\x02\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x14\x00\x00\x00" 107233294Sstas "\xa8\x02\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x14\x00\x00\x00" 108233294Sstas "\xc0\x02\x00\x00\x00\x00\x00\x00\x01\x10\x08\x00\xcc\xcc\xcc\xcc" 109233294Sstas "\xb8\x01\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x7d\xee\x09\x76" 110233294Sstas "\xf2\x39\xc9\x01\xff\xff\xff\xff\xff\xff\xff\x7f\xff\xff\xff\xff" 111233294Sstas "\xff\xff\xff\x7f\x6d\x49\x38\x62\xf2\x39\xc9\x01\x6d\x09\xa2\x8c" 112233294Sstas "\xbb\x3a\xc9\x01\xff\xff\xff\xff\xff\xff\xff\x7f\x0e\x00\x0e\x00" 113233294Sstas "\x04\x00\x02\x00\x10\x00\x10\x00\x08\x00\x02\x00\x00\x00\x00\x00" 114233294Sstas "\x0c\x00\x02\x00\x00\x00\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00" 115233294Sstas "\x14\x00\x02\x00\x00\x00\x00\x00\x18\x00\x02\x00\x02\x01\x00\x00" 116233294Sstas "\x52\x04\x00\x00\x01\x02\x00\x00\x03\x00\x00\x00\x1c\x00\x02\x00" 117233294Sstas "\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 118233294Sstas "\x00\x00\x00\x00\x10\x00\x12\x00\x20\x00\x02\x00\x0e\x00\x10\x00" 119233294Sstas "\x24\x00\x02\x00\x28\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00" 120233294Sstas "\x10\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 121233294Sstas "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 122233294Sstas "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 123233294Sstas "\x00\x00\x00\x00\x07\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00" 124233294Sstas "\x6f\x00\x70\x00\x65\x00\x6e\x00\x6d\x00\x73\x00\x70\x00\x00\x00" 125233294Sstas "\x08\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x6f\x00\x70\x00" 126233294Sstas "\x65\x00\x6e\x00\x20\x00\x6d\x00\x73\x00\x70\x00\x00\x00\x00\x00" 127233294Sstas "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 128233294Sstas "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 129233294Sstas "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00" 130233294Sstas "\x60\x04\x00\x00\x07\x00\x00\x00\x01\x02\x00\x00\x07\x00\x00\x00" 131233294Sstas "\x5e\x04\x00\x00\x07\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00" 132233294Sstas "\x08\x00\x00\x00\x43\x00\x48\x00\x4b\x00\x52\x00\x2d\x00\x41\x00" 133233294Sstas "\x44\x00\x53\x00\x08\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00" 134233294Sstas "\x4d\x00\x53\x00\x50\x00\x2d\x00\x41\x00\x44\x00\x53\x00\x00\x00" 135233294Sstas "\x04\x00\x00\x00\x01\x04\x00\x00\x00\x00\x00\x05\x15\x00\x00\x00" 136233294Sstas "\x91\xad\xdc\x4c\x63\xb8\xb5\x48\xd5\x53\xd2\xd1\x00\x00\x00\x00" 137233294Sstas "\x00\x66\xeb\x75\xf2\x39\xc9\x01\x0e\x00\x6f\x00\x70\x00\x65\x00" 138233294Sstas "\x6e\x00\x6d\x00\x73\x00\x70\x00\x38\x00\x10\x00\x28\x00\x48\x00" 139233294Sstas "\x00\x00\x00\x00\x00\x00\x00\x00\x6f\x00\x70\x00\x65\x00\x6e\x00" 140233294Sstas "\x6d\x00\x73\x00\x70\x00\x40\x00\x6d\x00\x73\x00\x70\x00\x2d\x00" 141233294Sstas "\x61\x00\x64\x00\x73\x00\x2e\x00\x70\x00\x65\x00\x70\x00\x70\x00" 142233294Sstas "\x65\x00\x72\x00\x63\x00\x6f\x00\x6e\x00\x2e\x00\x64\x00\x65\x00" 143233294Sstas "\x4d\x00\x53\x00\x50\x00\x2d\x00\x41\x00\x44\x00\x53\x00\x2e\x00" 144233294Sstas "\x50\x00\x45\x00\x50\x00\x50\x00\x45\x00\x52\x00\x43\x00\x4f\x00" 145233294Sstas "\x4e\x00\x2e\x00\x44\x00\x45\x00\x76\xff\xff\xff\xb3\x56\x15\x29" 146233294Sstas "\x37\xc6\x5c\xf7\x97\x35\xfa\xec\x59\xe8\x96\xa0\x00\x00\x00\x00" 147233294Sstas "\x76\xff\xff\xff\x50\x71\xa2\xb1\xa3\x64\x82\x5c\xfd\x23\xea\x3b" 148233294Sstas "\xb0\x19\x12\xd4\x00\x00\x00\x00"; 149233294Sstas 150233294Sstas 151233294Sstasstatic const krb5_keyblock member_keyblock2 = { 152233294Sstas ETYPE_DES_CBC_MD5, 153233294Sstas { 8, "\x9e\x37\x83\x25\x4a\x7f\xf2\xf8" } 154233294Sstas}; 155233294Sstas 156233294Sstasstatic time_t authtime2 = 1225304188; 157233294Sstasstatic const char *user2 = "openmsp"; 158233294Sstas 159233294Sstas 160233294Sstas 161178825Sdfrint 162178825Sdfrmain(int argc, char **argv) 163178825Sdfr{ 164178825Sdfr krb5_error_code ret; 165178825Sdfr krb5_context context; 166178825Sdfr krb5_pac pac; 167178825Sdfr krb5_data data; 168233294Sstas krb5_principal p, p2; 169178825Sdfr 170178825Sdfr ret = krb5_init_context(&context); 171178825Sdfr if (ret) 172178825Sdfr errx(1, "krb5_init_contex"); 173178825Sdfr 174233294Sstas krb5_enctype_enable(context, ETYPE_DES_CBC_MD5); 175233294Sstas 176233294Sstas ret = krb5_parse_name_flags(context, user, 177233294Sstas KRB5_PRINCIPAL_PARSE_NO_REALM, &p); 178178825Sdfr if (ret) 179178825Sdfr krb5_err(context, 1, ret, "krb5_parse_name"); 180178825Sdfr 181178825Sdfr ret = krb5_pac_parse(context, saved_pac, sizeof(saved_pac), &pac); 182178825Sdfr if (ret) 183178825Sdfr krb5_err(context, 1, ret, "krb5_pac_parse"); 184178825Sdfr 185178825Sdfr ret = krb5_pac_verify(context, pac, authtime, p, 186178825Sdfr &member_keyblock, &kdc_keyblock); 187178825Sdfr if (ret) 188178825Sdfr krb5_err(context, 1, ret, "krb5_pac_verify"); 189178825Sdfr 190233294Sstas ret = _krb5_pac_sign(context, pac, authtime, p, 191178825Sdfr &member_keyblock, &kdc_keyblock, &data); 192178825Sdfr if (ret) 193178825Sdfr krb5_err(context, 1, ret, "_krb5_pac_sign"); 194178825Sdfr 195178825Sdfr krb5_pac_free(context, pac); 196178825Sdfr 197178825Sdfr ret = krb5_pac_parse(context, data.data, data.length, &pac); 198178825Sdfr krb5_data_free(&data); 199178825Sdfr if (ret) 200178825Sdfr krb5_err(context, 1, ret, "krb5_pac_parse 2"); 201178825Sdfr 202178825Sdfr ret = krb5_pac_verify(context, pac, authtime, p, 203178825Sdfr &member_keyblock, &kdc_keyblock); 204178825Sdfr if (ret) 205178825Sdfr krb5_err(context, 1, ret, "krb5_pac_verify 2"); 206178825Sdfr 207178825Sdfr /* make a copy and try to reproduce it */ 208178825Sdfr { 209178825Sdfr uint32_t *list; 210178825Sdfr size_t len, i; 211178825Sdfr krb5_pac pac2; 212178825Sdfr 213178825Sdfr ret = krb5_pac_init(context, &pac2); 214178825Sdfr if (ret) 215178825Sdfr krb5_err(context, 1, ret, "krb5_pac_init"); 216178825Sdfr 217178825Sdfr /* our two user buffer plus the three "system" buffers */ 218178825Sdfr ret = krb5_pac_get_types(context, pac, &len, &list); 219178825Sdfr if (ret) 220178825Sdfr krb5_err(context, 1, ret, "krb5_pac_get_types"); 221178825Sdfr 222178825Sdfr for (i = 0; i < len; i++) { 223178825Sdfr /* skip server_cksum, privsvr_cksum, and logon_name */ 224178825Sdfr if (list[i] == 6 || list[i] == 7 || list[i] == 10) 225178825Sdfr continue; 226178825Sdfr 227178825Sdfr ret = krb5_pac_get_buffer(context, pac, list[i], &data); 228178825Sdfr if (ret) 229178825Sdfr krb5_err(context, 1, ret, "krb5_pac_get_buffer"); 230178825Sdfr 231178825Sdfr if (list[i] == 1) { 232178825Sdfr if (type_1_length != data.length) 233233294Sstas krb5_errx(context, 1, "type 1 have wrong length: %lu", 234178825Sdfr (unsigned long)data.length); 235178825Sdfr } else 236233294Sstas krb5_errx(context, 1, "unknown type %lu", 237178825Sdfr (unsigned long)list[i]); 238178825Sdfr 239178825Sdfr ret = krb5_pac_add_buffer(context, pac2, list[i], &data); 240178825Sdfr if (ret) 241178825Sdfr krb5_err(context, 1, ret, "krb5_pac_add_buffer"); 242178825Sdfr krb5_data_free(&data); 243178825Sdfr } 244178825Sdfr free(list); 245233294Sstas 246233294Sstas ret = _krb5_pac_sign(context, pac2, authtime, p, 247178825Sdfr &member_keyblock, &kdc_keyblock, &data); 248178825Sdfr if (ret) 249178825Sdfr krb5_err(context, 1, ret, "_krb5_pac_sign 4"); 250233294Sstas 251178825Sdfr krb5_pac_free(context, pac2); 252178825Sdfr 253178825Sdfr ret = krb5_pac_parse(context, data.data, data.length, &pac2); 254233294Sstas krb5_data_free(&data); 255178825Sdfr if (ret) 256178825Sdfr krb5_err(context, 1, ret, "krb5_pac_parse 4"); 257233294Sstas 258178825Sdfr ret = krb5_pac_verify(context, pac2, authtime, p, 259178825Sdfr &member_keyblock, &kdc_keyblock); 260178825Sdfr if (ret) 261178825Sdfr krb5_err(context, 1, ret, "krb5_pac_verify 4"); 262233294Sstas 263178825Sdfr krb5_pac_free(context, pac2); 264178825Sdfr } 265178825Sdfr 266178825Sdfr krb5_pac_free(context, pac); 267178825Sdfr 268178825Sdfr /* 269233294Sstas * check pac from Christian 270233294Sstas */ 271233294Sstas 272233294Sstas ret = krb5_parse_name_flags(context, user2, 273233294Sstas KRB5_PRINCIPAL_PARSE_NO_REALM, &p2); 274233294Sstas if (ret) 275233294Sstas krb5_err(context, 1, ret, "krb5_parse_name"); 276233294Sstas 277233294Sstas ret = krb5_pac_parse(context, saved_pac2, sizeof(saved_pac2) -1, &pac); 278233294Sstas if (ret) 279233294Sstas krb5_err(context, 1, ret, "krb5_pac_parse"); 280233294Sstas 281233294Sstas ret = krb5_pac_verify(context, pac, authtime2, p2, 282233294Sstas &member_keyblock2, NULL); 283233294Sstas if (ret) 284233294Sstas krb5_err(context, 1, ret, "krb5_pac_verify c1"); 285233294Sstas 286233294Sstas krb5_pac_free(context, pac); 287233294Sstas krb5_free_principal(context, p2); 288233294Sstas 289233294Sstas /* 290178825Sdfr * Test empty free 291178825Sdfr */ 292178825Sdfr 293178825Sdfr ret = krb5_pac_init(context, &pac); 294178825Sdfr if (ret) 295178825Sdfr krb5_err(context, 1, ret, "krb5_pac_init"); 296178825Sdfr krb5_pac_free(context, pac); 297178825Sdfr 298178825Sdfr /* 299178825Sdfr * Test add remove buffer 300178825Sdfr */ 301178825Sdfr 302178825Sdfr ret = krb5_pac_init(context, &pac); 303178825Sdfr if (ret) 304178825Sdfr krb5_err(context, 1, ret, "krb5_pac_init"); 305178825Sdfr 306178825Sdfr { 307178825Sdfr const krb5_data cdata = { 2, "\x00\x01" } ; 308178825Sdfr 309178825Sdfr ret = krb5_pac_add_buffer(context, pac, 1, &cdata); 310178825Sdfr if (ret) 311178825Sdfr krb5_err(context, 1, ret, "krb5_pac_add_buffer"); 312178825Sdfr } 313178825Sdfr { 314178825Sdfr ret = krb5_pac_get_buffer(context, pac, 1, &data); 315178825Sdfr if (ret) 316178825Sdfr krb5_err(context, 1, ret, "krb5_pac_get_buffer"); 317178825Sdfr if (data.length != 2 || memcmp(data.data, "\x00\x01", 2) != 0) 318178825Sdfr krb5_errx(context, 1, "krb5_pac_get_buffer data not the same"); 319178825Sdfr krb5_data_free(&data); 320178825Sdfr } 321178825Sdfr 322178825Sdfr { 323178825Sdfr const krb5_data cdata = { 2, "\x02\x00" } ; 324178825Sdfr 325178825Sdfr ret = krb5_pac_add_buffer(context, pac, 2, &cdata); 326178825Sdfr if (ret) 327178825Sdfr krb5_err(context, 1, ret, "krb5_pac_add_buffer"); 328178825Sdfr } 329178825Sdfr { 330178825Sdfr ret = krb5_pac_get_buffer(context, pac, 1, &data); 331178825Sdfr if (ret) 332178825Sdfr krb5_err(context, 1, ret, "krb5_pac_get_buffer"); 333178825Sdfr if (data.length != 2 || memcmp(data.data, "\x00\x01", 2) != 0) 334178825Sdfr krb5_errx(context, 1, "krb5_pac_get_buffer data not the same"); 335178825Sdfr krb5_data_free(&data); 336178825Sdfr /* */ 337178825Sdfr ret = krb5_pac_get_buffer(context, pac, 2, &data); 338178825Sdfr if (ret) 339178825Sdfr krb5_err(context, 1, ret, "krb5_pac_get_buffer"); 340178825Sdfr if (data.length != 2 || memcmp(data.data, "\x02\x00", 2) != 0) 341178825Sdfr krb5_errx(context, 1, "krb5_pac_get_buffer data not the same"); 342178825Sdfr krb5_data_free(&data); 343178825Sdfr } 344178825Sdfr 345233294Sstas ret = _krb5_pac_sign(context, pac, authtime, p, 346178825Sdfr &member_keyblock, &kdc_keyblock, &data); 347178825Sdfr if (ret) 348178825Sdfr krb5_err(context, 1, ret, "_krb5_pac_sign"); 349178825Sdfr 350178825Sdfr krb5_pac_free(context, pac); 351178825Sdfr 352178825Sdfr ret = krb5_pac_parse(context, data.data, data.length, &pac); 353178825Sdfr krb5_data_free(&data); 354178825Sdfr if (ret) 355178825Sdfr krb5_err(context, 1, ret, "krb5_pac_parse 3"); 356178825Sdfr 357178825Sdfr ret = krb5_pac_verify(context, pac, authtime, p, 358178825Sdfr &member_keyblock, &kdc_keyblock); 359178825Sdfr if (ret) 360178825Sdfr krb5_err(context, 1, ret, "krb5_pac_verify 3"); 361178825Sdfr 362178825Sdfr { 363178825Sdfr uint32_t *list; 364178825Sdfr size_t len; 365178825Sdfr 366178825Sdfr /* our two user buffer plus the three "system" buffers */ 367178825Sdfr ret = krb5_pac_get_types(context, pac, &len, &list); 368178825Sdfr if (ret) 369178825Sdfr krb5_err(context, 1, ret, "krb5_pac_get_types"); 370178825Sdfr if (len != 5) 371178825Sdfr krb5_errx(context, 1, "list wrong length"); 372178825Sdfr free(list); 373178825Sdfr } 374178825Sdfr 375178825Sdfr krb5_pac_free(context, pac); 376178825Sdfr 377178825Sdfr krb5_free_principal(context, p); 378178825Sdfr krb5_free_context(context); 379178825Sdfr 380178825Sdfr return 0; 381178825Sdfr} 382