2 Unix SMB/CIFS implementation.
3 simple kerberos5/SPNEGO routines
4 Copyright (C) Andrew Tridgell 2001
5 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002
6 Copyright (C) Luke Howard 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "data_blob.h"
31 generate a krb5 GSS-API wrapper packet given a ticket
33 DATA_BLOB spnego_gen_krb5_wrap(const DATA_BLOB ticket, const uint8_t tok_id[2])
37 TALLOC_CTX *mem_ctx = talloc_init("gssapi");
39 data = asn1_init(mem_ctx);
41 return data_blob_null;
44 asn1_push_tag(data, ASN1_APPLICATION(0));
45 asn1_write_OID(data, OID_KERBEROS5);
47 asn1_write(data, tok_id, 2);
48 asn1_write(data, ticket.data, ticket.length);
52 if (data->has_error) {
53 DEBUG(1,("Failed to build krb5 wrapper at offset %d\n", (int)data->ofs));
57 ret = data_blob(data->data, data->length);
65 Generate a negTokenInit as used by the client side ... It has a mechType
66 (OID), and a mechToken (a security blob) ...
68 Really, we need to break out the NTLMSSP stuff as well, because it could be
71 DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob)
75 TALLOC_CTX *mem_ctx = talloc_init("spnego");
77 data = asn1_init(mem_ctx);
79 return data_blob_null;
82 asn1_push_tag(data, ASN1_APPLICATION(0));
83 asn1_write_OID(data,OID_SPNEGO);
84 asn1_push_tag(data, ASN1_CONTEXT(0));
85 asn1_push_tag(data, ASN1_SEQUENCE(0));
87 asn1_push_tag(data, ASN1_CONTEXT(0));
88 asn1_push_tag(data, ASN1_SEQUENCE(0));
89 asn1_write_OID(data, OID);
93 asn1_push_tag(data, ASN1_CONTEXT(2));
94 asn1_write_OctetString(data,blob.data,blob.length);
103 if (data->has_error) {
104 DEBUG(1,("Failed to build negTokenInit at offset %d\n", (int)data->ofs));
108 ret = data_blob(data->data, data->length);
110 talloc_free(mem_ctx);