/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* tests/asn.1/ktest.c */
/*
* Copyright (C) 1994 by the Massachusetts Institute of Technology.
* All rights reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
#include "ktest.h"
#include "utility.h"
#include <stdlib.h>
char *sample_principal_name = "hftsai/extra@ATHENA.MIT.EDU";
void
ktest_make_sample_authenticator(krb5_authenticator *a)
{
ktest_make_sample_principal(&a->client);
a->checksum = ealloc(sizeof(krb5_checksum));
ktest_make_sample_checksum(a->checksum);
a->cusec = SAMPLE_USEC;
a->ctime = SAMPLE_TIME;
a->subkey = ealloc(sizeof(krb5_keyblock));
ktest_make_sample_keyblock(a->subkey);
a->seq_number = SAMPLE_SEQ_NUMBER;
ktest_make_sample_authorization_data(&a->authorization_data);
}
void
ktest_make_sample_principal(krb5_principal *p)
{
if (krb5_parse_name(test_context, sample_principal_name, p))
abort();
}
void
ktest_make_sample_checksum(krb5_checksum *cs)
{
cs->checksum_type = 1;
cs->length = 4;
cs->contents = ealloc(4);
memcpy(cs->contents,"1234",4);
}
void
ktest_make_sample_keyblock(krb5_keyblock *kb)
{
kb->magic = KV5M_KEYBLOCK;
kb->enctype = 1;
kb->length = 8;
kb->contents = ealloc(8);
memcpy(kb->contents,"12345678",8);
}
void
ktest_make_sample_ticket(krb5_ticket *tkt)
{
ktest_make_sample_principal(&tkt->server);
ktest_make_sample_enc_data(&tkt->enc_part);
tkt->enc_part2 = NULL;
}
void
ktest_make_sample_enc_data(krb5_enc_data *ed)
{
ed->kvno = 5;
ed->enctype = 0;
krb5_data_parse(&ed->ciphertext, "krbASN.1 test message");
}
void
ktest_make_sample_enc_tkt_part(krb5_enc_tkt_part *etp)
{
etp->flags = SAMPLE_FLAGS;
etp->session = ealloc(sizeof(krb5_keyblock));
ktest_make_sample_keyblock(etp->session);
ktest_make_sample_principal(&etp->client);
ktest_make_sample_transited(&etp->transited);
ktest_make_sample_ticket_times(&etp->times);
ktest_make_sample_addresses(&etp->caddrs);
ktest_make_sample_authorization_data(&etp->authorization_data);
}
void
ktest_make_sample_addresses(krb5_address ***caddrs)
{
int i;
*caddrs = ealloc(3 * sizeof(krb5_address *));
for (i = 0; i < 2; i++) {
(*caddrs)[i] = ealloc(sizeof(krb5_address));
ktest_make_sample_address((*caddrs)[i]);
}
(*caddrs)[2] = NULL;
}
void
ktest_make_sample_authorization_data(krb5_authdata ***ad)
{
int i;
*ad = ealloc(3 * sizeof(krb5_authdata *));
for (i = 0; i <= 1; i++) {
(*ad)[i] = ealloc(sizeof(krb5_authdata));
ktest_make_sample_authdata((*ad)[i]);
}
(*ad)[2] = NULL;
}
void
ktest_make_sample_transited(krb5_transited *t)
{
t->tr_type = 1;
krb5_data_parse(&t->tr_contents, "EDU,MIT.,ATHENA.,WASHINGTON.EDU,CS.");
}
void
ktest_make_sample_ticket_times(krb5_ticket_times *tt)
{
tt->authtime = SAMPLE_TIME;
tt->starttime = SAMPLE_TIME;
tt->endtime = SAMPLE_TIME;
tt->renew_till = SAMPLE_TIME;
}
void
ktest_make_sample_address(krb5_address *a)
{
a->addrtype = ADDRTYPE_INET;
a->length = 4;
a->contents = ealloc(4 * sizeof(krb5_octet));
a->contents[0] = 18;
a->contents[1] = 208;
a->contents[2] = 0;
a->contents[3] = 35;
}
void
ktest_make_sample_authdata(krb5_authdata *ad)
{
ad->ad_type = 1;
ad->length = 6;
ad->contents = ealloc(6 * sizeof(krb5_octet));
memcpy(ad->contents, "foobar", 6);
}
void
ktest_make_sample_enc_kdc_rep_part(krb5_enc_kdc_rep_part *ekr)
{
ekr->session = ealloc(sizeof(krb5_keyblock));
ktest_make_sample_keyblock(ekr->session);
ktest_make_sample_last_req(&ekr->last_req);
ekr->nonce = SAMPLE_NONCE;
ekr->key_exp = SAMPLE_TIME;
ekr->flags = SAMPLE_FLAGS;
ekr->times.authtime = SAMPLE_TIME;
ekr->times.starttime = SAMPLE_TIME;
ekr->times.endtime = SAMPLE_TIME;
ekr->times.renew_till = SAMPLE_TIME;
ktest_make_sample_principal(&ekr->server);
ktest_make_sample_addresses(&ekr->caddrs);
}
void
ktest_make_sample_last_req(krb5_last_req_entry ***lr)
{
int i;
*lr = ealloc(3 * sizeof(krb5_last_req_entry *));
for (i = 0; i <= 1; i++)
ktest_make_sample_last_req_entry(&(*lr)[i]);
(*lr)[2] = NULL;
}
void
ktest_make_sample_last_req_entry(krb5_last_req_entry **lre)
{
*lre = ealloc(sizeof(krb5_last_req_entry));
(*lre)->lr_type = -5;
(*lre)->value = SAMPLE_TIME;
}
void
ktest_make_sample_kdc_rep(krb5_kdc_rep *kdcr)
{
ktest_make_sample_pa_data_array(&kdcr->padata);
ktest_make_sample_principal(&kdcr->client);
kdcr->ticket = ealloc(sizeof(krb5_ticket));
ktest_make_sample_ticket(kdcr->ticket);
ktest_make_sample_enc_data(&kdcr->enc_part);
kdcr->enc_part2 = NULL;
}
void
ktest_make_sample_pa_data_array(krb5_pa_data ***pad)
{
int i;
*pad = ealloc(3 * sizeof(krb5_pa_data *));
for (i = 0; i <= 1; i++) {
(*pad)[i] = ealloc(sizeof(krb5_pa_data));
ktest_make_sample_pa_data((*pad)[i]);
}
(*pad)[2] = NULL;
}
void
ktest_make_sample_empty_pa_data_array(krb5_pa_data ***pad)
{
*pad = ealloc(sizeof(krb5_pa_data *));
(*pad)[0] = NULL;
}
void
ktest_make_sample_pa_data(krb5_pa_data *pad)
{
pad->pa_type = 13;
pad->length = 7;
pad->contents = ealloc(7);
memcpy(pad->contents, "pa-data", 7);
}
void
ktest_make_sample_ap_req(krb5_ap_req *ar)
{
ar->ap_options = SAMPLE_FLAGS;
ar->ticket = ealloc(sizeof(krb5_ticket));
ktest_make_sample_ticket(ar->ticket);
ktest_make_sample_enc_data(&(ar->authenticator));
}
void
ktest_make_sample_ap_rep(krb5_ap_rep *ar)
{
ktest_make_sample_enc_data(&ar->enc_part);
}
void
ktest_make_sample_ap_rep_enc_part(krb5_ap_rep_enc_part *arep)
{
arep->ctime = SAMPLE_TIME;
arep->cusec = SAMPLE_USEC;
arep->subkey = ealloc(sizeof(krb5_keyblock));
ktest_make_sample_keyblock(arep->subkey);
arep->seq_number = SAMPLE_SEQ_NUMBER;
}
void
ktest_make_sample_kdc_req(krb5_kdc_req *kr)
{
/* msg_type is left up to the calling procedure */
ktest_make_sample_pa_data_array(&kr->padata);
kr->kdc_options = SAMPLE_FLAGS;
ktest_make_sample_principal(&(kr->client));
ktest_make_sample_principal(&(kr->server));
kr->from = SAMPLE_TIME;
kr->till = SAMPLE_TIME;
kr->rtime = SAMPLE_TIME;
kr->nonce = SAMPLE_NONCE;
kr->nktypes = 2;
kr->ktype = ealloc(2 * sizeof(krb5_enctype));
kr->ktype[0] = 0;
kr->ktype[1] = 1;
ktest_make_sample_addresses(&kr->addresses);
ktest_make_sample_enc_data(&kr->authorization_data);
ktest_make_sample_authorization_data(&kr->unenc_authdata);
ktest_make_sample_sequence_of_ticket(&kr->second_ticket);
}
void
ktest_make_sample_kdc_req_body(krb5_kdc_req *krb)
{
krb->kdc_options = SAMPLE_FLAGS;
ktest_make_sample_principal(&krb->client);
ktest_make_sample_principal(&krb->server);
krb->from = SAMPLE_TIME;
krb->till = SAMPLE_TIME;
krb->rtime = SAMPLE_TIME;
krb->nonce = SAMPLE_NONCE;
krb->nktypes = 2;
krb->ktype = (krb5_enctype*)calloc(2,sizeof(krb5_enctype));
krb->ktype[0] = 0;
krb->ktype[1] = 1;
ktest_make_sample_addresses(&krb->addresses);
ktest_make_sample_enc_data(&krb->authorization_data);
ktest_make_sample_authorization_data(&krb->unenc_authdata);
ktest_make_sample_sequence_of_ticket(&krb->second_ticket);
}
void
ktest_make_sample_safe(krb5_safe *s)
{
ktest_make_sample_data(&s->user_data);
s->timestamp = SAMPLE_TIME;
s->usec = SAMPLE_USEC;
s->seq_number = SAMPLE_SEQ_NUMBER;
s->s_address = ealloc(sizeof(krb5_address));
ktest_make_sample_address(s->s_address);
s->r_address = ealloc(sizeof(krb5_address));
ktest_make_sample_address(s->r_address);
s->checksum = ealloc(sizeof(krb5_checksum));
ktest_make_sample_checksum(s->checksum);
}
void
ktest_make_sample_priv(krb5_priv *p)
{
ktest_make_sample_enc_data(&p->enc_part);
}
void
ktest_make_sample_priv_enc_part(krb5_priv_enc_part *pep)
{
ktest_make_sample_data(&(pep->user_data));
pep->timestamp = SAMPLE_TIME;
pep->usec = SAMPLE_USEC;
pep->seq_number = SAMPLE_SEQ_NUMBER;
pep->s_address = ealloc(sizeof(krb5_address));
ktest_make_sample_address(pep->s_address);
pep->r_address = ealloc(sizeof(krb5_address));
ktest_make_sample_address(pep->r_address);
}
void
ktest_make_sample_cred(krb5_cred *c)
{
ktest_make_sample_sequence_of_ticket(&c->tickets);
ktest_make_sample_enc_data(&c->enc_part);
}
void
ktest_make_sample_sequence_of_ticket(krb5_ticket ***sot)
{
int i;
*sot = ealloc(3 * sizeof(krb5_ticket *));
for (i = 0; i < 2; i++) {
(*sot)[i] = ealloc(sizeof(krb5_ticket));
ktest_make_sample_ticket((*sot)[i]);
}
(*sot)[2] = NULL;
}
void
ktest_make_sample_cred_enc_part(krb5_cred_enc_part *cep)
{
cep->nonce = SAMPLE_NONCE;
cep->timestamp = SAMPLE_TIME;
cep->usec = SAMPLE_USEC;
cep->s_address = ealloc(sizeof(krb5_address));
ktest_make_sample_address(cep->s_address);
cep->r_address = ealloc(sizeof(krb5_address));
ktest_make_sample_address(cep->r_address);
ktest_make_sequence_of_cred_info(&cep->ticket_info);
}
void
ktest_make_sequence_of_cred_info(krb5_cred_info ***soci)
{
int i;
*soci = ealloc(3 * sizeof(krb5_cred_info *));
for (i = 0; i < 2; i++) {
(*soci)[i] = ealloc(sizeof(krb5_cred_info));
ktest_make_sample_cred_info((*soci)[i]);
}
(*soci)[2] = NULL;
}
void
ktest_make_sample_cred_info(krb5_cred_info *ci)
{
ci->session = ealloc(sizeof(krb5_keyblock));
ktest_make_sample_keyblock(ci->session);
ktest_make_sample_principal(&ci->client);
ktest_make_sample_principal(&ci->server);
ci->flags = SAMPLE_FLAGS;
ci->times.authtime = SAMPLE_TIME;
ci->times.starttime = SAMPLE_TIME;
ci->times.endtime = SAMPLE_TIME;
ci->times.renew_till = SAMPLE_TIME;
ktest_make_sample_addresses(&ci->caddrs);
}
void
ktest_make_sample_error(krb5_error *kerr)
{
kerr->ctime = SAMPLE_TIME;
kerr->cusec = SAMPLE_USEC;
kerr->susec = SAMPLE_USEC;
kerr->stime = SAMPLE_TIME;
kerr->error = SAMPLE_ERROR;
ktest_make_sample_principal(&kerr->client);
ktest_make_sample_principal(&kerr->server);
ktest_make_sample_data(&kerr->text);
ktest_make_sample_data(&kerr->e_data);
}
void
ktest_make_sample_data(krb5_data *d)
{
krb5_data_parse(d, "krb5data");
}
void
ktest_make_sample_etype_info(krb5_etype_info_entry ***p)
{
krb5_etype_info_entry **info;
int i, len;
char *str;
info = ealloc(4 * sizeof(krb5_etype_info_entry *));
for (i = 0; i < 3; i++) {
info[i] = ealloc(sizeof(krb5_etype_info_entry));
info[i]->etype = i;
len = asprintf(&str, "Morton's #%d", i);
if (len < 0)
abort();
info[i]->salt = (krb5_octet *)str;
info[i]->length = len;
info[i]->s2kparams.data = NULL;
info[i]->s2kparams.length = 0;
info[i]->magic = KV5M_ETYPE_INFO_ENTRY;
}
free(info[1]->salt);
info[1]->length = KRB5_ETYPE_NO_SALT;
info[1]->salt = 0;
*p = info;
}
void
ktest_make_sample_etype_info2(krb5_etype_info_entry ***p)
{
krb5_etype_info_entry **info;
int i, len;
char *str;
info = ealloc(4 * sizeof(krb5_etype_info_entry *));
for (i = 0; i < 3; i++) {
info[i] = ealloc(sizeof(krb5_etype_info_entry));
info[i]->etype = i;
len = asprintf(&str, "Morton's #%d", i);
if (len < 0)
abort();
info[i]->salt = (krb5_octet *)str;
info[i]->length = (unsigned int)len;
len = asprintf(&info[i]->s2kparams.data, "s2k: %d", i);
if (len < 0)
abort();
info[i]->s2kparams.length = (unsigned int) len;
info[i]->magic = KV5M_ETYPE_INFO_ENTRY;
}
free(info[1]->salt);
info[1]->length = KRB5_ETYPE_NO_SALT;
info[1]->salt = 0;
*p = info;
}
void
ktest_make_sample_pa_enc_ts(krb5_pa_enc_ts *pa_enc)
{
pa_enc->patimestamp = SAMPLE_TIME;
pa_enc->pausec = SAMPLE_USEC;
}
void
ktest_make_sample_sam_challenge_2(krb5_sam_challenge_2 *p)
{
/* Need a valid DER sequence encoding here; this one contains the OCTET
* STRING "challenge". */
krb5_data_parse(&p->sam_challenge_2_body, "\x30\x0B\x04\x09" "challenge");
p->sam_cksum = ealloc(2 * sizeof(krb5_checksum *));
p->sam_cksum[0] = ealloc(sizeof(krb5_checksum));
ktest_make_sample_checksum(p->sam_cksum[0]);
p->sam_cksum[1] = NULL;
}
void
ktest_make_sample_sam_challenge_2_body(krb5_sam_challenge_2_body *p)
{
p->sam_type = 42;
p->sam_flags = KRB5_SAM_USE_SAD_AS_KEY;
krb5_data_parse(&p->sam_type_name, "type name");
p->sam_track_id = empty_data();
krb5_data_parse(&p->sam_challenge_label, "challenge label");
krb5_data_parse(&p->sam_challenge, "challenge ipse");
krb5_data_parse(&p->sam_response_prompt, "response_prompt ipse");
p->sam_pk_for_sad = empty_data();
p->sam_nonce = 0x543210;
p->sam_etype = ENCTYPE_AES256_CTS_HMAC_SHA384_192;
}
void
ktest_make_sample_sam_response_2(krb5_sam_response_2 *p)
{
p->magic = KV5M_SAM_RESPONSE;
p->sam_type = 43; /* information */
p->sam_flags = KRB5_SAM_USE_SAD_AS_KEY; /* KRB5_SAM_* values */
krb5_data_parse(&p->sam_track_id, "track data");
krb5_data_parse(&p->sam_enc_nonce_or_sad.ciphertext, "nonce or sad");
p->sam_enc_nonce_or_sad.enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192;
p->sam_enc_nonce_or_sad.kvno = 3382;
p->sam_nonce = 0x543210;
}
void
ktest_make_sample_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 *p)
{
p->magic = 83;
p->sam_nonce = 88;
krb5_data_parse(&p->sam_sad, "enc_sam_response_enc_2");
}
void
ktest_make_sample_pa_for_user(krb5_pa_for_user *p)
{
ktest_make_sample_principal(&p->user);
ktest_make_sample_checksum(&p->cksum);
ktest_make_sample_data(&p->auth_package);
}
void
ktest_make_sample_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p)
{
krb5_s4u_userid *u = &p->user_id;
u->nonce = 13243546;
ktest_make_sample_principal(&u->user);
krb5_data_parse(&u->subject_cert, "pa_s4u_x509_user");
u->options = 0x80000000;
ktest_make_sample_checksum(&p->cksum);
}
void
ktest_make_sample_ad_kdcissued(krb5_ad_kdcissued *p)
{
ktest_make_sample_checksum(&p->ad_checksum);
ktest_make_sample_principal(&p->i_principal);
ktest_make_sample_authorization_data(&p->elements);
}
void
ktest_make_sample_ad_signedpath_data(krb5_ad_signedpath_data *p)
{
ktest_make_sample_principal(&p->client);
p->authtime = SAMPLE_TIME;
p->delegated = ealloc(2 * sizeof(krb5_principal));
ktest_make_sample_principal(&p->delegated[0]);
p->delegated[1] = NULL;
ktest_make_sample_authorization_data(&p->authorization_data);
ktest_make_sample_pa_data_array(&p->method_data);
}
void
ktest_make_sample_ad_signedpath(krb5_ad_signedpath *p)
{
p->enctype = 1;
ktest_make_sample_checksum(&p->checksum);
p->delegated = ealloc(2 * sizeof(krb5_principal));
p->delegated[1] = NULL;
ktest_make_sample_pa_data_array(&p->method_data);
}
void
ktest_make_sample_iakerb_header(krb5_iakerb_header *ih)
{
ktest_make_sample_data(&(ih->target_realm));
ih->cookie = ealloc(sizeof(krb5_data));
ktest_make_sample_data(ih->cookie);
}
void
ktest_make_sample_iakerb_finished(krb5_iakerb_finished *ih)
{
ktest_make_sample_checksum(&ih->checksum);
}
static void
ktest_make_sample_fast_finished(krb5_fast_finished *p)
{
p->timestamp = SAMPLE_TIME;
p->usec = SAMPLE_USEC;
ktest_make_sample_principal(&p->client);
ktest_make_sample_checksum(&p->ticket_checksum);
}
void
ktest_make_sample_fast_response(krb5_fast_response *p)
{
ktest_make_sample_pa_data_array(&p->padata);
p->strengthen_key = ealloc(sizeof(krb5_keyblock));
ktest_make_sample_keyblock(p->strengthen_key);
p->finished = ealloc(sizeof(krb5_fast_finished));
ktest_make_sample_fast_finished(p->finished);
p->nonce = SAMPLE_NONCE;
}
void
ktest_make_sha256_alg(krb5_algorithm_identifier *p)
{
/* { 2 16 840 1 101 3 4 2 1 } */
krb5_data_parse(&p->algorithm, "\x60\x86\x48\x01\x65\x03\x04\x02\x01");
p->parameters = empty_data();
}
void
ktest_make_sha1_alg(krb5_algorithm_identifier *p)
{
/* { 1 3 14 3 2 26 } */
krb5_data_parse(&p->algorithm, "\x2b\x0e\x03\x02\x1a");
p->parameters = empty_data();
}
void
ktest_make_minimal_otp_tokeninfo(krb5_otp_tokeninfo *p)
{
memset(p, 0, sizeof(*p));
p->length = p->format = p->iteration_count = -1;
}
void
ktest_make_maximal_otp_tokeninfo(krb5_otp_tokeninfo *p)
{
p->flags = KRB5_OTP_FLAG_NEXTOTP | KRB5_OTP_FLAG_COMBINE |
KRB5_OTP_FLAG_COLLECT_PIN | KRB5_OTP_FLAG_ENCRYPT_NONCE |
KRB5_OTP_FLAG_SEPARATE_PIN | KRB5_OTP_FLAG_CHECK_DIGIT;
krb5_data_parse(&p->vendor, "Examplecorp");
krb5_data_parse(&p->challenge, "hark!");
p->length = 10;
p->format = 2;
krb5_data_parse(&p->token_id, "yourtoken");
krb5_data_parse(&p->alg_id, "urn:ietf:params:xml:ns:keyprov:pskc:hotp");
p->supported_hash_alg = ealloc(3 * sizeof(*p->supported_hash_alg));
p->supported_hash_alg[0] = ealloc(sizeof(*p->supported_hash_alg[0]));
ktest_make_sha256_alg(p->supported_hash_alg[0]);
p->supported_hash_alg[1] = ealloc(sizeof(*p->supported_hash_alg[1]));
ktest_make_sha1_alg(p->supported_hash_alg[1]);
p->supported_hash_alg[2] = NULL;
p->iteration_count = 1000;
}
void
ktest_make_minimal_pa_otp_challenge(krb5_pa_otp_challenge *p)
{
memset(p, 0, sizeof(*p));
krb5_data_parse(&p->nonce, "minnonce");
p->tokeninfo = ealloc(2 * sizeof(*p->tokeninfo));
p->tokeninfo[0] = ealloc(sizeof(*p->tokeninfo[0]));
ktest_make_minimal_otp_tokeninfo(p->tokeninfo[0]);
p->tokeninfo[1] = NULL;
}
void
ktest_make_maximal_pa_otp_challenge(krb5_pa_otp_challenge *p)
{
krb5_data_parse(&p->nonce, "maxnonce");
krb5_data_parse(&p->service, "testservice");
p->tokeninfo = ealloc(3 * sizeof(*p->tokeninfo));
p->tokeninfo[0] = ealloc(sizeof(*p->tokeninfo[0]));
ktest_make_minimal_otp_tokeninfo(p->tokeninfo[0]);
p->tokeninfo[1] = ealloc(sizeof(*p->tokeninfo[1]));
ktest_make_maximal_otp_tokeninfo(p->tokeninfo[1]);
p->tokeninfo[2] = NULL;
krb5_data_parse(&p->salt, "keysalt");
krb5_data_parse(&p->s2kparams, "1234");
}
void
ktest_make_minimal_pa_otp_req(krb5_pa_otp_req *p)
{
memset(p, 0, sizeof(*p));
p->iteration_count = -1;
p->format = -1;
ktest_make_sample_enc_data(&p->enc_data);
}
void
ktest_make_maximal_pa_otp_req(krb5_pa_otp_req *p)
{
p->flags = KRB5_OTP_FLAG_NEXTOTP | KRB5_OTP_FLAG_COMBINE;
krb5_data_parse(&p->nonce, "nonce");
ktest_make_sample_enc_data(&p->enc_data);
p->hash_alg = ealloc(sizeof(*p->hash_alg));
ktest_make_sha256_alg(p->hash_alg);
p->iteration_count = 1000;
krb5_data_parse(&p->otp_value, "frogs");
krb5_data_parse(&p->pin, "myfirstpin");
krb5_data_parse(&p->challenge, "hark!");
p->time = SAMPLE_TIME;
krb5_data_parse(&p->counter, "346");
p->format = 2;
krb5_data_parse(&p->token_id, "yourtoken");
krb5_data_parse(&p->alg_id, "urn:ietf:params:xml:ns:keyprov:pskc:hotp");
krb5_data_parse(&p->vendor, "Examplecorp");
}
#ifndef DISABLE_PKINIT
static void
ktest_make_sample_pk_authenticator(krb5_pk_authenticator *p)
{
p->cusec = SAMPLE_USEC;
p->ctime = SAMPLE_TIME;
p->nonce = SAMPLE_NONCE;
ktest_make_sample_checksum(&p->paChecksum);
/* We don't encode the checksum type, only the contents. */
p->paChecksum.checksum_type = 0;
p->freshnessToken = ealloc(sizeof(krb5_data));
ktest_make_sample_data(p->freshnessToken);
}
static void
ktest_make_sample_oid(krb5_data *p)
{
krb5_data_parse(p, "\052\206\110\206\367\022\001\002\002");
}
static void
ktest_make_sample_algorithm_identifier(krb5_algorithm_identifier *p)
{
ktest_make_sample_oid(&p->algorithm);
/* Need a valid DER encoding here; this is the OCTET STRING "params". */
krb5_data_parse(&p->parameters, "\x04\x06" "params");
}
static void
ktest_make_sample_algorithm_identifier_no_params(krb5_algorithm_identifier *p)
{
ktest_make_sample_oid(&p->algorithm);
p->parameters = empty_data();
}
static void
ktest_make_sample_subject_pk_info(krb5_subject_pk_info *p)
{
ktest_make_sample_algorithm_identifier(&p->algorithm);
ktest_make_sample_data(&p->subjectPublicKey);
}
static void
ktest_make_sample_external_principal_identifier(
krb5_external_principal_identifier *p)
{
ktest_make_sample_data(&p->subjectName);
ktest_make_sample_data(&p->issuerAndSerialNumber);
ktest_make_sample_data(&p->subjectKeyIdentifier);
}
void
ktest_make_sample_pa_pk_as_req(krb5_pa_pk_as_req *p)
{
ktest_make_sample_data(&p->signedAuthPack);
p->trustedCertifiers =
ealloc(2 * sizeof(krb5_external_principal_identifier *));
p->trustedCertifiers[0] =
ealloc(sizeof(krb5_external_principal_identifier));
ktest_make_sample_external_principal_identifier(p->trustedCertifiers[0]);
p->trustedCertifiers[1] = NULL;
ktest_make_sample_data(&p->kdcPkId);
}
static void
ktest_make_sample_dh_rep_info(krb5_dh_rep_info *p)
{
ktest_make_sample_data(&p->dhSignedData);
ktest_make_sample_data(&p->serverDHNonce);
p->kdfID = ealloc(sizeof(krb5_data));
ktest_make_sample_data(p->kdfID);
}
void
ktest_make_sample_pa_pk_as_rep_dhInfo(krb5_pa_pk_as_rep *p)
{
p->choice = choice_pa_pk_as_rep_dhInfo;
ktest_make_sample_dh_rep_info(&p->u.dh_Info);
}
void
ktest_make_sample_pa_pk_as_rep_encKeyPack(krb5_pa_pk_as_rep *p)
{
p->choice = choice_pa_pk_as_rep_encKeyPack;
ktest_make_sample_data(&p->u.encKeyPack);
}
void
ktest_make_sample_auth_pack(krb5_auth_pack *p)
{
ktest_make_sample_pk_authenticator(&p->pkAuthenticator);
p->clientPublicValue = ealloc(sizeof(krb5_subject_pk_info));
ktest_make_sample_subject_pk_info(p->clientPublicValue);
p->supportedCMSTypes = ealloc(3 * sizeof(krb5_algorithm_identifier *));
p->supportedCMSTypes[0] = ealloc(sizeof(krb5_algorithm_identifier));
ktest_make_sample_algorithm_identifier(p->supportedCMSTypes[0]);
p->supportedCMSTypes[1] = ealloc(sizeof(krb5_algorithm_identifier));
ktest_make_sample_algorithm_identifier_no_params(p->supportedCMSTypes[1]);
p->supportedCMSTypes[2] = NULL;
ktest_make_sample_data(&p->clientDHNonce);
p->supportedKDFs = ealloc(2 * sizeof(krb5_data *));
p->supportedKDFs[0] = ealloc(sizeof(krb5_data));
ktest_make_sample_data(p->supportedKDFs[0]);
p->supportedKDFs[1] = NULL;
}
void
ktest_make_sample_kdc_dh_key_info(krb5_kdc_dh_key_info *p)
{
ktest_make_sample_data(&p->subjectPublicKey);
p->nonce = SAMPLE_NONCE;
p->dhKeyExpiration = SAMPLE_TIME;
}
void
ktest_make_sample_reply_key_pack(krb5_reply_key_pack *p)
{
ktest_make_sample_keyblock(&p->replyKey);
ktest_make_sample_checksum(&p->asChecksum);
}
void
ktest_make_sample_sp80056a_other_info(krb5_sp80056a_other_info *p)
{
ktest_make_sample_algorithm_identifier_no_params(&p->algorithm_identifier);
ktest_make_sample_principal(&p->party_u_info);
ktest_make_sample_principal(&p->party_v_info);
ktest_make_sample_data(&p->supp_pub_info);
}
void
ktest_make_sample_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info *p)
{
p->enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192;
ktest_make_sample_data(&p->as_req);
ktest_make_sample_data(&p->pk_as_rep);
}
#endif /* not DISABLE_PKINIT */
#ifdef ENABLE_LDAP
static void
ktest_make_sample_key_data(krb5_key_data *p, int i)
{
char *str;
int len;
len = asprintf(&str, "key%d", i);
if (len < 0)
abort();
p->key_data_ver = 2;
p->key_data_type[0] = 2;
p->key_data_length[0] = (unsigned int) len;
p->key_data_contents[0] = (krb5_octet *)str;
len = asprintf(&str, "salt%d", i);
if (len < 0)
abort();
p->key_data_type[1] = i;
p->key_data_length[1] = (unsigned int) len;
p->key_data_contents[1] = (krb5_octet *)str;
}
void
ktest_make_sample_ldap_seqof_key_data(ldap_seqof_key_data *p)
{
int i;
p->mkvno = 14;
p->n_key_data = 3;
p->key_data = calloc(3,sizeof(krb5_key_data));
p->kvno = 42;
for (i = 0; i < 3; i++)
ktest_make_sample_key_data(&p->key_data[i], i);
}
#endif
void
ktest_make_sample_kkdcp_message(krb5_kkdcp_message *p)
{
krb5_kdc_req req;
krb5_data *message;
ktest_make_sample_kdc_req(&req);
req.msg_type = KRB5_AS_REQ;
encode_krb5_as_req(&req, &message);
p->kerb_message = *message;
free(message);
ktest_empty_kdc_req(&req);
ktest_make_sample_data(&(p->target_domain));
p->dclocator_hint = 0;
}
static krb5_authdata *
make_ad_element(krb5_authdatatype ad_type, const char *str)
{
krb5_authdata *ad;
ad = ealloc(sizeof(*ad));
ad->ad_type = ad_type;
ad->length = strlen(str);
ad->contents = ealloc(ad->length);
memcpy(ad->contents, str, ad->length);
return ad;
}
static krb5_verifier_mac *
make_vmac(krb5_boolean include_princ, krb5_kvno kvno, krb5_enctype enctype,
const char *cksumstr)
{
krb5_verifier_mac *vmac;
vmac = ealloc(sizeof(*vmac));
if (include_princ) {
ktest_make_sample_principal(&vmac->princ);
(void)krb5_set_principal_realm(NULL, vmac->princ, "");
} else {
vmac->princ = NULL;
}
vmac->kvno = kvno;
vmac->enctype = enctype;
vmac->checksum.checksum_type = 1;
vmac->checksum.length = strlen(cksumstr);
vmac->checksum.contents = ealloc(vmac->checksum.length);
memcpy(vmac->checksum.contents, cksumstr, vmac->checksum.length);
return vmac;
}
void
ktest_make_minimal_cammac(krb5_cammac *p)
{
memset(p, 0, sizeof(*p));
p->elements = ealloc(2 * sizeof(*p->elements));
p->elements[0] = make_ad_element(1, "ad1");
p->elements[1] = NULL;
}
void
ktest_make_maximal_cammac(krb5_cammac *p)
{
p->elements = ealloc(3 * sizeof(*p->elements));
p->elements[0] = make_ad_element(1, "ad1");
p->elements[1] = make_ad_element(2, "ad2");
p->elements[2] = NULL;
p->kdc_verifier = make_vmac(TRUE, 5, 16, "cksumkdc");
p->svc_verifier = make_vmac(TRUE, 5, 16, "cksumsvc");
p->other_verifiers = ealloc(3 * sizeof(*p->other_verifiers));
p->other_verifiers[0] = make_vmac(FALSE, 0, 0, "cksum1");
p->other_verifiers[1] = make_vmac(TRUE, 5, 16, "cksum2");
p->other_verifiers[2] = NULL;
}
void
ktest_make_sample_secure_cookie(krb5_secure_cookie *p)
{
ktest_make_sample_pa_data_array(&p->data);
p->time = SAMPLE_TIME;
}
void
ktest_make_minimal_spake_factor(krb5_spake_factor *p)
{
p->type = 1;
p->data = NULL;
}
void
ktest_make_maximal_spake_factor(krb5_spake_factor *p)
{
p->type = 2;
p->data = ealloc(sizeof(*p->data));
krb5_data_parse(p->data, "fdata");
}
void
ktest_make_support_pa_spake(krb5_pa_spake *p)
{
krb5_spake_support *s = &p->u.support;
s->ngroups = 2;
s->groups = ealloc(s->ngroups * sizeof(*s->groups));
s->groups[0] = 1;
s->groups[1] = 2;
p->choice = SPAKE_MSGTYPE_SUPPORT;
}
void
ktest_make_challenge_pa_spake(krb5_pa_spake *p)
{
krb5_spake_challenge *c = &p->u.challenge;
c->group = 1;
krb5_data_parse(&c->pubkey, "T value");
c->factors = ealloc(3 * sizeof(*c->factors));
c->factors[0] = ealloc(sizeof(*c->factors[0]));
ktest_make_minimal_spake_factor(c->factors[0]);
c->factors[1] = ealloc(sizeof(*c->factors[1]));
ktest_make_maximal_spake_factor(c->factors[1]);
c->factors[2] = NULL;
p->choice = SPAKE_MSGTYPE_CHALLENGE;
}
void
ktest_make_response_pa_spake(krb5_pa_spake *p)
{
krb5_spake_response *r = &p->u.response;
krb5_data_parse(&r->pubkey, "S value");
ktest_make_sample_enc_data(&r->factor);
p->choice = SPAKE_MSGTYPE_RESPONSE;
}
void
ktest_make_encdata_pa_spake(krb5_pa_spake *p)
{
ktest_make_sample_enc_data(&p->u.encdata);
p->choice = SPAKE_MSGTYPE_ENCDATA;
}
/****************************************************************/
/* destructors */
void
ktest_destroy_data(krb5_data **d)
{
if (*d != NULL) {
free((*d)->data);
free(*d);
*d = NULL;
}
}
void
ktest_empty_data(krb5_data *d)
{
if (d->data != NULL) {
free(d->data);
d->data = NULL;
d->length = 0;
}
}
static void
ktest_empty_checksum(krb5_checksum *cs)
{
free(cs->contents);
cs->contents = NULL;
}
void
ktest_destroy_checksum(krb5_checksum **cs)
{
if (*cs != NULL) {
free((*cs)->contents);
free(*cs);
*cs = NULL;
}
}
void
ktest_empty_keyblock(krb5_keyblock *kb)
{
if (kb != NULL) {
if (kb->contents) {
free(kb->contents);
kb->contents = NULL;
}
}
}
void
ktest_destroy_keyblock(krb5_keyblock **kb)
{
if (*kb != NULL) {
free((*kb)->contents);
free(*kb);
*kb = NULL;
}
}
void
ktest_empty_authorization_data(krb5_authdata **ad)
{
int i;
if (*ad != NULL) {
for (i=0; ad[i] != NULL; i++)
ktest_destroy_authdata(&ad[i]);
}
}
void
ktest_destroy_authorization_data(krb5_authdata ***ad)
{
ktest_empty_authorization_data(*ad);
free(*ad);
*ad = NULL;
}
void
ktest_destroy_authdata(krb5_authdata **ad)
{
if (*ad != NULL) {
free((*ad)->contents);
free(*ad);
*ad = NULL;
}
}
void
ktest_empty_pa_data_array(krb5_pa_data **pad)
{
int i;
for (i=0; pad[i] != NULL; i++)
ktest_destroy_pa_data(&pad[i]);
}
void
ktest_destroy_pa_data_array(krb5_pa_data ***pad)
{
ktest_empty_pa_data_array(*pad);
free(*pad);
*pad = NULL;
}
void
ktest_destroy_pa_data(krb5_pa_data **pad)
{
if (*pad != NULL) {
free((*pad)->contents);
free(*pad);
*pad = NULL;
}
}
void
ktest_destroy_address(krb5_address **a)
{
if (*a != NULL) {
free((*a)->contents);
free(*a);
*a = NULL;
}
}
void
ktest_empty_addresses(krb5_address **a)
{
int i;
for (i=0; a[i] != NULL; i++)
ktest_destroy_address(&a[i]);
}
void
ktest_destroy_addresses(krb5_address ***a)
{
ktest_empty_addresses(*a);
free(*a);
*a = NULL;
}
void
ktest_destroy_principal(krb5_principal *p)
{
int i;
if (*p == NULL)
return;
for (i=0; i<(*p)->length; i++)
ktest_empty_data(&(*p)->data[i]);
ktest_empty_data(&(*p)->realm);
free((*p)->data);
free(*p);
*p = NULL;
}
void
ktest_destroy_sequence_of_integer(long **soi)
{
free(*soi);
*soi = NULL;
}
void
ktest_destroy_sequence_of_ticket(krb5_ticket ***sot)
{
int i;
for (i=0; (*sot)[i] != NULL; i++)
ktest_destroy_ticket(&(*sot)[i]);
free(*sot);
*sot = NULL;
}
void
ktest_destroy_ticket(krb5_ticket **tkt)
{
ktest_destroy_principal(&(*tkt)->server);
ktest_destroy_enc_data(&(*tkt)->enc_part);
/* ktest_empty_enc_tkt_part(((*tkt)->enc_part2));*/
free(*tkt);
*tkt = NULL;
}
void
ktest_empty_ticket(krb5_ticket *tkt)
{
if (tkt->server)
ktest_destroy_principal(&tkt->server);
ktest_destroy_enc_data(&tkt->enc_part);
if (tkt->enc_part2)
ktest_destroy_enc_tkt_part(&tkt->enc_part2);
}
void
ktest_destroy_enc_data(krb5_enc_data *ed)
{
ktest_empty_data(&ed->ciphertext);
ed->kvno = 0;
}
void
ktest_destroy_etype_info_entry(krb5_etype_info_entry *i)
{
if (i->salt)
free(i->salt);
ktest_empty_data(&i->s2kparams);
free(i);
}
void
ktest_destroy_etype_info(krb5_etype_info_entry **info)
{
int i;
for (i = 0; info[i] != NULL; i++)
ktest_destroy_etype_info_entry(info[i]);
free(info);
}
void
ktest_empty_kdc_req(krb5_kdc_req *kr)
{
if (kr->padata)
ktest_destroy_pa_data_array(&kr->padata);
if (kr->client)
ktest_destroy_principal(&kr->client);
if (kr->server)
ktest_destroy_principal(&kr->server);
free(kr->ktype);
if (kr->addresses)
ktest_destroy_addresses(&kr->addresses);
ktest_destroy_enc_data(&kr->authorization_data);
if (kr->unenc_authdata)
ktest_destroy_authorization_data(&kr->unenc_authdata);
if (kr->second_ticket)
ktest_destroy_sequence_of_ticket(&kr->second_ticket);
}
void
ktest_empty_kdc_rep(krb5_kdc_rep *kr)
{
if (kr->padata)
ktest_destroy_pa_data_array(&kr->padata);
if (kr->client)
ktest_destroy_principal(&kr->client);
if (kr->ticket)
ktest_destroy_ticket(&kr->ticket);
ktest_destroy_enc_data(&kr->enc_part);
if (kr->enc_part2) {
ktest_empty_enc_kdc_rep_part(kr->enc_part2);
free(kr->enc_part2);
kr->enc_part2 = NULL;
}
}
void
ktest_empty_authenticator(krb5_authenticator *a)
{
if (a->client)
ktest_destroy_principal(&a->client);
if (a->checksum)
ktest_destroy_checksum(&a->checksum);
if (a->subkey)
ktest_destroy_keyblock(&a->subkey);
if (a->authorization_data)
ktest_destroy_authorization_data(&a->authorization_data);
}
void
ktest_empty_enc_tkt_part(krb5_enc_tkt_part *etp)
{
if (etp->session)
ktest_destroy_keyblock(&etp->session);
if (etp->client)
ktest_destroy_principal(&etp->client);
if (etp->caddrs)
ktest_destroy_addresses(&etp->caddrs);
if (etp->authorization_data)
ktest_destroy_authorization_data(&etp->authorization_data);
ktest_destroy_transited(&etp->transited);
}
void
ktest_destroy_enc_tkt_part(krb5_enc_tkt_part **etp)
{
if (*etp) {
ktest_empty_enc_tkt_part(*etp);
free(*etp);
*etp = NULL;
}
}
void
ktest_empty_enc_kdc_rep_part(krb5_enc_kdc_rep_part *ekr)
{
if (ekr->session)
ktest_destroy_keyblock(&ekr->session);
if (ekr->server)
ktest_destroy_principal(&ekr->server);
if (ekr->caddrs)
ktest_destroy_addresses(&ekr->caddrs);
ktest_destroy_last_req(&ekr->last_req);
}
void
ktest_destroy_transited(krb5_transited *t)
{
if (t->tr_contents.data)
ktest_empty_data(&t->tr_contents);
}
void
ktest_empty_ap_rep(krb5_ap_rep *ar)
{
ktest_destroy_enc_data(&ar->enc_part);
}
void
ktest_empty_ap_req(krb5_ap_req *ar)
{
if (ar->ticket)
ktest_destroy_ticket(&ar->ticket);
ktest_destroy_enc_data(&ar->authenticator);
}
void
ktest_empty_cred_enc_part(krb5_cred_enc_part *cep)
{
if (cep->s_address)
ktest_destroy_address(&cep->s_address);
if (cep->r_address)
ktest_destroy_address(&cep->r_address);
if (cep->ticket_info)
ktest_destroy_sequence_of_cred_info(&cep->ticket_info);
}
void
ktest_destroy_cred_info(krb5_cred_info **ci)
{
if ((*ci)->session)
ktest_destroy_keyblock(&(*ci)->session);
if ((*ci)->client)
ktest_destroy_principal(&(*ci)->client);
if ((*ci)->server)
ktest_destroy_principal(&(*ci)->server);
if ((*ci)->caddrs)
ktest_destroy_addresses(&(*ci)->caddrs);
free(*ci);
*ci = NULL;
}
void
ktest_destroy_sequence_of_cred_info(krb5_cred_info ***soci)
{
int i;
for (i = 0; (*soci)[i] != NULL; i++)
ktest_destroy_cred_info(&(*soci)[i]);
free(*soci);
*soci = NULL;
}
void
ktest_empty_safe(krb5_safe *s)
{
ktest_empty_data(&s->user_data);
ktest_destroy_address(&s->s_address);
ktest_destroy_address(&s->r_address);
ktest_destroy_checksum(&s->checksum);
}
void
ktest_empty_priv_enc_part(krb5_priv_enc_part *pep)
{
ktest_empty_data(&pep->user_data);
ktest_destroy_address(&pep->s_address);
ktest_destroy_address(&pep->r_address);
}
void
ktest_empty_priv(krb5_priv *p)
{
ktest_destroy_enc_data(&p->enc_part);
}
void
ktest_empty_cred(krb5_cred *c)
{
ktest_destroy_sequence_of_ticket(&c->tickets);
ktest_destroy_enc_data(&c->enc_part);
/* enc_part2 */
}
void
ktest_destroy_last_req(krb5_last_req_entry ***lr)
{
int i;
if (*lr) {
for (i=0; (*lr)[i] != NULL; i++)
free((*lr)[i]);
free(*lr);
}
}
void
ktest_empty_error(krb5_error *kerr)
{
if (kerr->client)
ktest_destroy_principal(&kerr->client);
if (kerr->server)
ktest_destroy_principal(&kerr->server);
ktest_empty_data(&kerr->text);
ktest_empty_data(&kerr->e_data);
}
void
ktest_empty_ap_rep_enc_part(krb5_ap_rep_enc_part *arep)
{
ktest_destroy_keyblock(&(arep)->subkey);
}
void
ktest_empty_sam_challenge_2(krb5_sam_challenge_2 *p)
{
krb5_checksum **ck;
ktest_empty_data(&p->sam_challenge_2_body);
if (p->sam_cksum != NULL) {
for (ck = p->sam_cksum; *ck != NULL; ck++)
ktest_destroy_checksum(ck);
free(p->sam_cksum);
p->sam_cksum = NULL;
}
}
void
ktest_empty_sam_challenge_2_body(krb5_sam_challenge_2_body *p)
{
ktest_empty_data(&p->sam_type_name);
ktest_empty_data(&p->sam_track_id);
ktest_empty_data(&p->sam_challenge_label);
ktest_empty_data(&p->sam_challenge);
ktest_empty_data(&p->sam_response_prompt);
ktest_empty_data(&p->sam_pk_for_sad);
}
void
ktest_empty_sam_response_2(krb5_sam_response_2 *p)
{
ktest_empty_data(&p->sam_track_id);
ktest_empty_data(&p->sam_enc_nonce_or_sad.ciphertext);
}
void
ktest_empty_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 *p)
{
ktest_empty_data(&p->sam_sad);
}
void
ktest_empty_pa_for_user(krb5_pa_for_user *p)
{
ktest_destroy_principal(&p->user);
ktest_empty_checksum(&p->cksum);
ktest_empty_data(&p->auth_package);
}
void
ktest_empty_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p)
{
ktest_destroy_principal(&p->user_id.user);
ktest_empty_data(&p->user_id.subject_cert);
free(p->cksum.contents);
}
void
ktest_empty_ad_kdcissued(krb5_ad_kdcissued *p)
{
free(p->ad_checksum.contents);
ktest_destroy_principal(&p->i_principal);
ktest_destroy_authorization_data(&p->elements);
}
void
ktest_empty_ad_signedpath_data(krb5_ad_signedpath_data *p)
{
int i;
ktest_destroy_principal(&p->client);
if (p->delegated != NULL) {
for (i = 0; p->delegated[i] != NULL; i++) {
krb5_principal princ = p->delegated[i];
ktest_destroy_principal(&princ);
}
free(p->delegated);
}
ktest_destroy_pa_data_array(&p->method_data);
ktest_destroy_authorization_data(&p->authorization_data);
}
void
ktest_empty_ad_signedpath(krb5_ad_signedpath *p)
{
int i;
free(p->checksum.contents);
if (p->delegated != NULL) {
for (i = 0; p->delegated[i] != NULL; i++) {
krb5_principal princ = p->delegated[i];
ktest_destroy_principal(&princ);
}
free(p->delegated);
}
ktest_destroy_pa_data_array(&p->method_data);
}
void
ktest_empty_iakerb_header(krb5_iakerb_header *p)
{
krb5_free_data_contents(NULL, &p->target_realm);
krb5_free_data(NULL, p->cookie);
}
void
ktest_empty_iakerb_finished(krb5_iakerb_finished *p)
{
krb5_free_checksum_contents(NULL, &p->checksum);
}
static void
ktest_empty_fast_finished(krb5_fast_finished *p)
{
ktest_destroy_principal(&p->client);
ktest_empty_checksum(&p->ticket_checksum);
}
void
ktest_empty_fast_response(krb5_fast_response *p)
{
ktest_destroy_pa_data_array(&p->padata);
ktest_destroy_keyblock(&p->strengthen_key);
if (p->finished != NULL) {
ktest_empty_fast_finished(p->finished);
free(p->finished);
p->finished = NULL;
}
}
static void
ktest_empty_algorithm_identifier(krb5_algorithm_identifier *p)
{
ktest_empty_data(&p->algorithm);
ktest_empty_data(&p->parameters);
}
void
ktest_empty_otp_tokeninfo(krb5_otp_tokeninfo *p)
{
krb5_algorithm_identifier **alg;
p->flags = 0;
krb5_free_data_contents(NULL, &p->vendor);
krb5_free_data_contents(NULL, &p->challenge);
krb5_free_data_contents(NULL, &p->token_id);
krb5_free_data_contents(NULL, &p->alg_id);
for (alg = p->supported_hash_alg; alg != NULL && *alg != NULL; alg++) {
ktest_empty_algorithm_identifier(*alg);
free(*alg);
}
free(p->supported_hash_alg);
p->supported_hash_alg = NULL;
p->length = p->format = p->iteration_count = -1;
}
void
ktest_empty_pa_otp_challenge(krb5_pa_otp_challenge *p)
{
krb5_otp_tokeninfo **ti;
krb5_free_data_contents(NULL, &p->nonce);
krb5_free_data_contents(NULL, &p->service);
for (ti = p->tokeninfo; *ti != NULL; ti++) {
ktest_empty_otp_tokeninfo(*ti);
free(*ti);
}
free(p->tokeninfo);
p->tokeninfo = NULL;
krb5_free_data_contents(NULL, &p->salt);
krb5_free_data_contents(NULL, &p->s2kparams);
}
void
ktest_empty_pa_otp_req(krb5_pa_otp_req *p)
{
p->flags = 0;
krb5_free_data_contents(NULL, &p->nonce);
ktest_destroy_enc_data(&p->enc_data);
if (p->hash_alg != NULL)
ktest_empty_algorithm_identifier(p->hash_alg);
free(p->hash_alg);
p->hash_alg = NULL;
p->iteration_count = -1;
krb5_free_data_contents(NULL, &p->otp_value);
krb5_free_data_contents(NULL, &p->pin);
krb5_free_data_contents(NULL, &p->challenge);
p->time = 0;
krb5_free_data_contents(NULL, &p->counter);
p->format = -1;
krb5_free_data_contents(NULL, &p->token_id);
krb5_free_data_contents(NULL, &p->alg_id);
krb5_free_data_contents(NULL, &p->vendor);
}
#ifndef DISABLE_PKINIT
static void
ktest_empty_pk_authenticator(krb5_pk_authenticator *p)
{
ktest_empty_checksum(&p->paChecksum);
p->paChecksum.contents = NULL;
krb5_free_data(NULL, p->freshnessToken);
p->freshnessToken = NULL;
}
static void
ktest_empty_subject_pk_info(krb5_subject_pk_info *p)
{
ktest_empty_algorithm_identifier(&p->algorithm);
ktest_empty_data(&p->subjectPublicKey);
}
static void
ktest_empty_external_principal_identifier(
krb5_external_principal_identifier *p)
{
ktest_empty_data(&p->subjectName);
ktest_empty_data(&p->issuerAndSerialNumber);
ktest_empty_data(&p->subjectKeyIdentifier);
}
void
ktest_empty_pa_pk_as_req(krb5_pa_pk_as_req *p)
{
krb5_external_principal_identifier **pi;
ktest_empty_data(&p->signedAuthPack);
for (pi = p->trustedCertifiers; *pi != NULL; pi++) {
ktest_empty_external_principal_identifier(*pi);
free(*pi);
}
free(p->trustedCertifiers);
p->trustedCertifiers = NULL;
ktest_empty_data(&p->kdcPkId);
}
static void
ktest_empty_dh_rep_info(krb5_dh_rep_info *p)
{
ktest_empty_data(&p->dhSignedData);
ktest_empty_data(&p->serverDHNonce);
ktest_destroy_data(&p->kdfID);
}
void
ktest_empty_pa_pk_as_rep(krb5_pa_pk_as_rep *p)
{
if (p->choice == choice_pa_pk_as_rep_dhInfo)
ktest_empty_dh_rep_info(&p->u.dh_Info);
else if (p->choice == choice_pa_pk_as_rep_encKeyPack)
ktest_empty_data(&p->u.encKeyPack);
p->choice = choice_pa_pk_as_rep_UNKNOWN;
}
void
ktest_empty_auth_pack(krb5_auth_pack *p)
{
krb5_algorithm_identifier **ai;
krb5_data **d;
ktest_empty_pk_authenticator(&p->pkAuthenticator);
if (p->clientPublicValue != NULL) {
ktest_empty_subject_pk_info(p->clientPublicValue);
free(p->clientPublicValue);
p->clientPublicValue = NULL;
}
if (p->supportedCMSTypes != NULL) {
for (ai = p->supportedCMSTypes; *ai != NULL; ai++) {
ktest_empty_algorithm_identifier(*ai);
free(*ai);
}
free(p->supportedCMSTypes);
p->supportedCMSTypes = NULL;
}
ktest_empty_data(&p->clientDHNonce);
if (p->supportedKDFs != NULL) {
for (d = p->supportedKDFs; *d != NULL; d++) {
ktest_empty_data(*d);
free(*d);
}
free(p->supportedKDFs);
p->supportedKDFs = NULL;
}
}
void
ktest_empty_kdc_dh_key_info(krb5_kdc_dh_key_info *p)
{
ktest_empty_data(&p->subjectPublicKey);
}
void
ktest_empty_reply_key_pack(krb5_reply_key_pack *p)
{
ktest_empty_keyblock(&p->replyKey);
ktest_empty_checksum(&p->asChecksum);
}
void ktest_empty_sp80056a_other_info(krb5_sp80056a_other_info *p)
{
ktest_empty_algorithm_identifier(&p->algorithm_identifier);
ktest_destroy_principal(&p->party_u_info);
ktest_destroy_principal(&p->party_v_info);
ktest_empty_data(&p->supp_pub_info);
}
void ktest_empty_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info *p)
{
ktest_empty_data(&p->as_req);
ktest_empty_data(&p->pk_as_rep);
}
#endif /* not DISABLE_PKINIT */
#ifdef ENABLE_LDAP
void
ktest_empty_ldap_seqof_key_data(krb5_context ctx, ldap_seqof_key_data *p)
{
int i;
for (i = 0; i < p->n_key_data; i++) {
free(p->key_data[i].key_data_contents[0]);
free(p->key_data[i].key_data_contents[1]);
}
free(p->key_data);
}
#endif
void
ktest_empty_kkdcp_message(krb5_kkdcp_message *p)
{
ktest_empty_data(&p->kerb_message);
ktest_empty_data(&p->target_domain);
p->dclocator_hint = -1;
}
static void
destroy_verifier_mac(krb5_verifier_mac **vmac)
{
if (*vmac == NULL)
return;
ktest_destroy_principal(&(*vmac)->princ);
ktest_empty_checksum(&(*vmac)->checksum);
free(*vmac);
*vmac = NULL;
}
void
ktest_empty_cammac(krb5_cammac *p)
{
krb5_verifier_mac **vmacp;
ktest_destroy_authorization_data(&p->elements);
destroy_verifier_mac(&p->kdc_verifier);
destroy_verifier_mac(&p->svc_verifier);
for (vmacp = p->other_verifiers; vmacp != NULL && *vmacp != NULL; vmacp++)
destroy_verifier_mac(vmacp);
free(p->other_verifiers);
p->other_verifiers = NULL;
}
void
ktest_empty_secure_cookie(krb5_secure_cookie *p)
{
ktest_empty_pa_data_array(p->data);
}
void
ktest_empty_spake_factor(krb5_spake_factor *p)
{
krb5_free_data(NULL, p->data);
p->data = NULL;
}
void
ktest_empty_pa_spake(krb5_pa_spake *p)
{
krb5_spake_factor **f;
switch (p->choice) {
case SPAKE_MSGTYPE_SUPPORT:
free(p->u.support.groups);
break;
case SPAKE_MSGTYPE_CHALLENGE:
ktest_empty_data(&p->u.challenge.pubkey);
for (f = p->u.challenge.factors; *f != NULL; f++) {
ktest_empty_spake_factor(*f);
free(*f);
}
free(p->u.challenge.factors);
break;
case SPAKE_MSGTYPE_RESPONSE:
ktest_empty_data(&p->u.response.pubkey);
ktest_destroy_enc_data(&p->u.response.factor);
break;
case SPAKE_MSGTYPE_ENCDATA:
ktest_destroy_enc_data(&p->u.encdata);
break;
default:
break;
}
p->choice = SPAKE_MSGTYPE_UNKNOWN;
}