src/kauth/decode_ticket.c

   1 /*
   2  * Copyright 2000, International Business Machines Corporation and others.
   3  * All Rights Reserved.
   4  *
   5  * This software has been released under the terms of the IBM Public
   6  * License.  For details, see the LICENSE file in the top-level source
   7  * directory or online at http://www.openafs.org/dl/license10.html
   8  */
   9
  10 #include <afsconfig.h>
  11 #include <afs/param.h>
  12
  13 #include <roken.h>
  14
  15 #include <hcrypto/des.h>
  16
  17 #include <afs/com_err.h>
  18 #include <afs/auth.h>
  19 #include <rx/rxkad.h>
  20
  21 #include "kautils.h"
  22
  23 static char *whoami;
  24
  25 int
  26 main(int argc, char *argv[])
  27 {
  28     struct ktc_principal client;
  29     struct ktc_encryptionKey sessionkey;
  30     Date start, end;
  31     afs_int32 host;
  32     char key[8];
  33     char ticket[MAXKTCTICKETLEN];
  34     afs_int32 ticketLen;
  35     afs_int32 code;
  36     char bob[KA_TIMESTR_LEN];
  37
  38     whoami = argv[0];
  39     initialize_RXK_error_table();
  40     initialize_KA_error_table();
  41
  42     if (argc != 3) {
  43         printf("Usage is %s key ticket\n", whoami);
  44         exit(1);
  45     }
  46     if (ka_ReadBytes(argv[1], key, sizeof(key)) != 8)
  47         printf("Key must be 8 bytes long\n");
  48     if (!DES_check_key_parity(charptr_to_cblock(key)) || DES_is_weak_key(charptr_to_cblock(key))) {
  49         afs_com_err(whoami, KABADKEY, "server's key for decoding ticket is bad");
  50         exit(1);
  51     }
  52     ticketLen = ka_ReadBytes(argv[2], ticket, sizeof(ticket));
  53     printf("Ticket length is %d\n", ticketLen);
  54
  55     code =
  56         tkt_DecodeTicket(ticket, ticketLen, key, client.name, client.instance,
  57                          client.cell, &sessionkey, &host, &start, &end);
  58     if (code) {
  59         afs_com_err(whoami, code, "decoding ticket");
  60         if (code = tkt_CheckTimes(start, end, time(0)) <= 0)
  61             afs_com_err(whoami, 0, "because of start or end times");
  62         exit(1);
  63     }
  64
  65     if (!des_check_key_parity(&sessionkey) || des_is_weak_key(&sessionkey)) {
  66         afs_com_err(whoami, KABADKEY, "checking ticket's session key");
  67         exit(1);
  68     }
  69
  70     ka_PrintUserID("Client is ", client.name, client.instance, 0);
  71     if (strlen(client.cell))
  72         printf("@%s", client.cell);
  73     printf("\nSession key is ");
  74     ka_PrintBytes(&sessionkey, 8);
  75     ka_timestr(start, bob, KA_TIMESTR_LEN);
  76     printf("\nGood from %s", bob);
  77     ka_timestr(end, bob, KA_TIMESTR_LEN);
  78     printf(" till %s\n", bob);
  79 }