xref: /freebsd/crypto/krb5/src/tests/asn.1/ktest.c (revision 7f2fe78b9dd5f51c821d771b63d2e096f6fd49e9) 
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* tests/asn.1/ktest.c */
3 /*
4  * Copyright (C) 1994 by the Massachusetts Institute of Technology.
5  * All rights reserved.
6  *
7  * Export of this software from the United States of America may
8  *   require a specific license from the United States Government.
9  *   It is the responsibility of any person or organization contemplating
10  *   export to obtain such a license before exporting.
11  *
12  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13  * distribute this software and its documentation for any purpose and
14  * without fee is hereby granted, provided that the above copyright
15  * notice appear in all copies and that both that copyright notice and
16  * this permission notice appear in supporting documentation, and that
17  * the name of M.I.T. not be used in advertising or publicity pertaining
18  * to distribution of the software without specific, written prior
19  * permission.  Furthermore if you modify this software you must label
20  * your software as modified software and not distribute it in such a
21  * fashion that it might be confused with the original M.I.T. software.
22  * M.I.T. makes no representations about the suitability of
23  * this software for any purpose.  It is provided "as is" without express
24  * or implied warranty.
25  */
26 
27 #include "ktest.h"
28 #include "utility.h"
29 #include <stdlib.h>
30 
31 char *sample_principal_name = "hftsai/extra@ATHENA.MIT.EDU";
32 
33 void
ktest_make_sample_authenticator(krb5_authenticator * a)34 ktest_make_sample_authenticator(krb5_authenticator *a)
35 {
36     ktest_make_sample_principal(&a->client);
37     a->checksum = ealloc(sizeof(krb5_checksum));
38     ktest_make_sample_checksum(a->checksum);
39     a->cusec = SAMPLE_USEC;
40     a->ctime = SAMPLE_TIME;
41     a->subkey = ealloc(sizeof(krb5_keyblock));
42     ktest_make_sample_keyblock(a->subkey);
43     a->seq_number = SAMPLE_SEQ_NUMBER;
44     ktest_make_sample_authorization_data(&a->authorization_data);
45 }
46 
47 void
ktest_make_sample_principal(krb5_principal * p)48 ktest_make_sample_principal(krb5_principal *p)
49 {
50     if (krb5_parse_name(test_context, sample_principal_name, p))
51         abort();
52 }
53 
54 void
ktest_make_sample_checksum(krb5_checksum * cs)55 ktest_make_sample_checksum(krb5_checksum *cs)
56 {
57     cs->checksum_type = 1;
58     cs->length = 4;
59     cs->contents = ealloc(4);
60     memcpy(cs->contents,"1234",4);
61 }
62 
63 void
ktest_make_sample_keyblock(krb5_keyblock * kb)64 ktest_make_sample_keyblock(krb5_keyblock *kb)
65 {
66     kb->magic = KV5M_KEYBLOCK;
67     kb->enctype = 1;
68     kb->length = 8;
69     kb->contents = ealloc(8);
70     memcpy(kb->contents,"12345678",8);
71 }
72 
73 void
ktest_make_sample_ticket(krb5_ticket * tkt)74 ktest_make_sample_ticket(krb5_ticket *tkt)
75 {
76     ktest_make_sample_principal(&tkt->server);
77     ktest_make_sample_enc_data(&tkt->enc_part);
78     tkt->enc_part2 = NULL;
79 }
80 
81 void
ktest_make_sample_enc_data(krb5_enc_data * ed)82 ktest_make_sample_enc_data(krb5_enc_data *ed)
83 {
84     ed->kvno = 5;
85     ed->enctype = 0;
86     krb5_data_parse(&ed->ciphertext, "krbASN.1 test message");
87 }
88 
89 void
ktest_make_sample_enc_tkt_part(krb5_enc_tkt_part * etp)90 ktest_make_sample_enc_tkt_part(krb5_enc_tkt_part *etp)
91 {
92     etp->flags = SAMPLE_FLAGS;
93     etp->session = ealloc(sizeof(krb5_keyblock));
94     ktest_make_sample_keyblock(etp->session);
95     ktest_make_sample_principal(&etp->client);
96     ktest_make_sample_transited(&etp->transited);
97     ktest_make_sample_ticket_times(&etp->times);
98     ktest_make_sample_addresses(&etp->caddrs);
99     ktest_make_sample_authorization_data(&etp->authorization_data);
100 }
101 
102 void
ktest_make_sample_addresses(krb5_address *** caddrs)103 ktest_make_sample_addresses(krb5_address ***caddrs)
104 {
105     int i;
106 
107     *caddrs = ealloc(3 * sizeof(krb5_address *));
108     for (i = 0; i < 2; i++) {
109         (*caddrs)[i] = ealloc(sizeof(krb5_address));
110         ktest_make_sample_address((*caddrs)[i]);
111     }
112     (*caddrs)[2] = NULL;
113 }
114 
115 void
ktest_make_sample_authorization_data(krb5_authdata *** ad)116 ktest_make_sample_authorization_data(krb5_authdata ***ad)
117 {
118     int i;
119 
120     *ad = ealloc(3 * sizeof(krb5_authdata *));
121     for (i = 0; i <= 1; i++) {
122         (*ad)[i] = ealloc(sizeof(krb5_authdata));
123         ktest_make_sample_authdata((*ad)[i]);
124     }
125     (*ad)[2] = NULL;
126 }
127 
128 void
ktest_make_sample_transited(krb5_transited * t)129 ktest_make_sample_transited(krb5_transited *t)
130 {
131     t->tr_type = 1;
132     krb5_data_parse(&t->tr_contents, "EDU,MIT.,ATHENA.,WASHINGTON.EDU,CS.");
133 }
134 
135 void
ktest_make_sample_ticket_times(krb5_ticket_times * tt)136 ktest_make_sample_ticket_times(krb5_ticket_times *tt)
137 {
138     tt->authtime = SAMPLE_TIME;
139     tt->starttime = SAMPLE_TIME;
140     tt->endtime = SAMPLE_TIME;
141     tt->renew_till = SAMPLE_TIME;
142 }
143 
144 void
ktest_make_sample_address(krb5_address * a)145 ktest_make_sample_address(krb5_address *a)
146 {
147     a->addrtype = ADDRTYPE_INET;
148     a->length = 4;
149     a->contents = ealloc(4 * sizeof(krb5_octet));
150     a->contents[0] = 18;
151     a->contents[1] = 208;
152     a->contents[2] = 0;
153     a->contents[3] = 35;
154 }
155 
156 void
ktest_make_sample_authdata(krb5_authdata * ad)157 ktest_make_sample_authdata(krb5_authdata *ad)
158 {
159     ad->ad_type = 1;
160     ad->length = 6;
161     ad->contents = ealloc(6 * sizeof(krb5_octet));
162     memcpy(ad->contents, "foobar", 6);
163 }
164 
165 void
ktest_make_sample_enc_kdc_rep_part(krb5_enc_kdc_rep_part * ekr)166 ktest_make_sample_enc_kdc_rep_part(krb5_enc_kdc_rep_part *ekr)
167 {
168     ekr->session = ealloc(sizeof(krb5_keyblock));
169     ktest_make_sample_keyblock(ekr->session);
170     ktest_make_sample_last_req(&ekr->last_req);
171     ekr->nonce = SAMPLE_NONCE;
172     ekr->key_exp = SAMPLE_TIME;
173     ekr->flags = SAMPLE_FLAGS;
174     ekr->times.authtime = SAMPLE_TIME;
175     ekr->times.starttime = SAMPLE_TIME;
176     ekr->times.endtime = SAMPLE_TIME;
177     ekr->times.renew_till = SAMPLE_TIME;
178     ktest_make_sample_principal(&ekr->server);
179     ktest_make_sample_addresses(&ekr->caddrs);
180 }
181 
182 void
ktest_make_sample_last_req(krb5_last_req_entry *** lr)183 ktest_make_sample_last_req(krb5_last_req_entry ***lr)
184 {
185     int i;
186 
187     *lr = ealloc(3 * sizeof(krb5_last_req_entry *));
188     for (i = 0; i <= 1; i++)
189         ktest_make_sample_last_req_entry(&(*lr)[i]);
190     (*lr)[2] = NULL;
191 }
192 
193 void
ktest_make_sample_last_req_entry(krb5_last_req_entry ** lre)194 ktest_make_sample_last_req_entry(krb5_last_req_entry **lre)
195 {
196     *lre = ealloc(sizeof(krb5_last_req_entry));
197     (*lre)->lr_type = -5;
198     (*lre)->value = SAMPLE_TIME;
199 }
200 
201 void
ktest_make_sample_kdc_rep(krb5_kdc_rep * kdcr)202 ktest_make_sample_kdc_rep(krb5_kdc_rep *kdcr)
203 {
204     ktest_make_sample_pa_data_array(&kdcr->padata);
205     ktest_make_sample_principal(&kdcr->client);
206     kdcr->ticket = ealloc(sizeof(krb5_ticket));
207     ktest_make_sample_ticket(kdcr->ticket);
208     ktest_make_sample_enc_data(&kdcr->enc_part);
209     kdcr->enc_part2 = NULL;
210 }
211 
212 void
ktest_make_sample_pa_data_array(krb5_pa_data *** pad)213 ktest_make_sample_pa_data_array(krb5_pa_data ***pad)
214 {
215     int i;
216 
217     *pad = ealloc(3 * sizeof(krb5_pa_data *));
218     for (i = 0; i <= 1; i++) {
219         (*pad)[i] = ealloc(sizeof(krb5_pa_data));
220         ktest_make_sample_pa_data((*pad)[i]);
221     }
222     (*pad)[2] = NULL;
223 }
224 
225 void
ktest_make_sample_empty_pa_data_array(krb5_pa_data *** pad)226 ktest_make_sample_empty_pa_data_array(krb5_pa_data ***pad)
227 {
228     *pad = ealloc(sizeof(krb5_pa_data *));
229     (*pad)[0] = NULL;
230 }
231 
232 void
ktest_make_sample_pa_data(krb5_pa_data * pad)233 ktest_make_sample_pa_data(krb5_pa_data *pad)
234 {
235     pad->pa_type = 13;
236     pad->length = 7;
237     pad->contents = ealloc(7);
238     memcpy(pad->contents, "pa-data", 7);
239 }
240 
241 void
ktest_make_sample_ap_req(krb5_ap_req * ar)242 ktest_make_sample_ap_req(krb5_ap_req *ar)
243 {
244     ar->ap_options = SAMPLE_FLAGS;
245     ar->ticket = ealloc(sizeof(krb5_ticket));
246     ktest_make_sample_ticket(ar->ticket);
247     ktest_make_sample_enc_data(&(ar->authenticator));
248 }
249 
250 void
ktest_make_sample_ap_rep(krb5_ap_rep * ar)251 ktest_make_sample_ap_rep(krb5_ap_rep *ar)
252 {
253     ktest_make_sample_enc_data(&ar->enc_part);
254 }
255 
256 void
ktest_make_sample_ap_rep_enc_part(krb5_ap_rep_enc_part * arep)257 ktest_make_sample_ap_rep_enc_part(krb5_ap_rep_enc_part *arep)
258 {
259     arep->ctime = SAMPLE_TIME;
260     arep->cusec = SAMPLE_USEC;
261     arep->subkey = ealloc(sizeof(krb5_keyblock));
262     ktest_make_sample_keyblock(arep->subkey);
263     arep->seq_number = SAMPLE_SEQ_NUMBER;
264 }
265 
266 void
ktest_make_sample_kdc_req(krb5_kdc_req * kr)267 ktest_make_sample_kdc_req(krb5_kdc_req *kr)
268 {
269     /* msg_type is left up to the calling procedure */
270     ktest_make_sample_pa_data_array(&kr->padata);
271     kr->kdc_options = SAMPLE_FLAGS;
272     ktest_make_sample_principal(&(kr->client));
273     ktest_make_sample_principal(&(kr->server));
274     kr->from = SAMPLE_TIME;
275     kr->till = SAMPLE_TIME;
276     kr->rtime = SAMPLE_TIME;
277     kr->nonce = SAMPLE_NONCE;
278     kr->nktypes = 2;
279     kr->ktype = ealloc(2 * sizeof(krb5_enctype));
280     kr->ktype[0] = 0;
281     kr->ktype[1] = 1;
282     ktest_make_sample_addresses(&kr->addresses);
283     ktest_make_sample_enc_data(&kr->authorization_data);
284     ktest_make_sample_authorization_data(&kr->unenc_authdata);
285     ktest_make_sample_sequence_of_ticket(&kr->second_ticket);
286 }
287 
288 void
ktest_make_sample_kdc_req_body(krb5_kdc_req * krb)289 ktest_make_sample_kdc_req_body(krb5_kdc_req *krb)
290 {
291     krb->kdc_options = SAMPLE_FLAGS;
292     ktest_make_sample_principal(&krb->client);
293     ktest_make_sample_principal(&krb->server);
294     krb->from = SAMPLE_TIME;
295     krb->till = SAMPLE_TIME;
296     krb->rtime = SAMPLE_TIME;
297     krb->nonce = SAMPLE_NONCE;
298     krb->nktypes = 2;
299     krb->ktype = (krb5_enctype*)calloc(2,sizeof(krb5_enctype));
300     krb->ktype[0] = 0;
301     krb->ktype[1] = 1;
302     ktest_make_sample_addresses(&krb->addresses);
303     ktest_make_sample_enc_data(&krb->authorization_data);
304     ktest_make_sample_authorization_data(&krb->unenc_authdata);
305     ktest_make_sample_sequence_of_ticket(&krb->second_ticket);
306 }
307 
308 void
ktest_make_sample_safe(krb5_safe * s)309 ktest_make_sample_safe(krb5_safe *s)
310 {
311     ktest_make_sample_data(&s->user_data);
312     s->timestamp = SAMPLE_TIME;
313     s->usec = SAMPLE_USEC;
314     s->seq_number = SAMPLE_SEQ_NUMBER;
315     s->s_address = ealloc(sizeof(krb5_address));
316     ktest_make_sample_address(s->s_address);
317     s->r_address = ealloc(sizeof(krb5_address));
318     ktest_make_sample_address(s->r_address);
319     s->checksum = ealloc(sizeof(krb5_checksum));
320     ktest_make_sample_checksum(s->checksum);
321 }
322 
323 void
ktest_make_sample_priv(krb5_priv * p)324 ktest_make_sample_priv(krb5_priv *p)
325 {
326     ktest_make_sample_enc_data(&p->enc_part);
327 }
328 
329 void
ktest_make_sample_priv_enc_part(krb5_priv_enc_part * pep)330 ktest_make_sample_priv_enc_part(krb5_priv_enc_part *pep)
331 {
332     ktest_make_sample_data(&(pep->user_data));
333     pep->timestamp = SAMPLE_TIME;
334     pep->usec = SAMPLE_USEC;
335     pep->seq_number = SAMPLE_SEQ_NUMBER;
336     pep->s_address = ealloc(sizeof(krb5_address));
337     ktest_make_sample_address(pep->s_address);
338     pep->r_address = ealloc(sizeof(krb5_address));
339     ktest_make_sample_address(pep->r_address);
340 }
341 
342 void
ktest_make_sample_cred(krb5_cred * c)343 ktest_make_sample_cred(krb5_cred *c)
344 {
345     ktest_make_sample_sequence_of_ticket(&c->tickets);
346     ktest_make_sample_enc_data(&c->enc_part);
347 }
348 
349 void
ktest_make_sample_sequence_of_ticket(krb5_ticket *** sot)350 ktest_make_sample_sequence_of_ticket(krb5_ticket ***sot)
351 {
352     int i;
353 
354     *sot = ealloc(3 * sizeof(krb5_ticket *));
355     for (i = 0; i < 2; i++) {
356         (*sot)[i] = ealloc(sizeof(krb5_ticket));
357         ktest_make_sample_ticket((*sot)[i]);
358     }
359     (*sot)[2] = NULL;
360 }
361 
362 void
ktest_make_sample_cred_enc_part(krb5_cred_enc_part * cep)363 ktest_make_sample_cred_enc_part(krb5_cred_enc_part *cep)
364 {
365     cep->nonce = SAMPLE_NONCE;
366     cep->timestamp = SAMPLE_TIME;
367     cep->usec = SAMPLE_USEC;
368     cep->s_address = ealloc(sizeof(krb5_address));
369     ktest_make_sample_address(cep->s_address);
370     cep->r_address = ealloc(sizeof(krb5_address));
371     ktest_make_sample_address(cep->r_address);
372     ktest_make_sequence_of_cred_info(&cep->ticket_info);
373 }
374 
375 void
ktest_make_sequence_of_cred_info(krb5_cred_info *** soci)376 ktest_make_sequence_of_cred_info(krb5_cred_info ***soci)
377 {
378     int i;
379 
380     *soci = ealloc(3 * sizeof(krb5_cred_info *));
381     for (i = 0; i < 2; i++) {
382         (*soci)[i] = ealloc(sizeof(krb5_cred_info));
383         ktest_make_sample_cred_info((*soci)[i]);
384     }
385     (*soci)[2] = NULL;
386 }
387 
388 void
ktest_make_sample_cred_info(krb5_cred_info * ci)389 ktest_make_sample_cred_info(krb5_cred_info *ci)
390 {
391     ci->session = ealloc(sizeof(krb5_keyblock));
392     ktest_make_sample_keyblock(ci->session);
393     ktest_make_sample_principal(&ci->client);
394     ktest_make_sample_principal(&ci->server);
395     ci->flags = SAMPLE_FLAGS;
396     ci->times.authtime = SAMPLE_TIME;
397     ci->times.starttime = SAMPLE_TIME;
398     ci->times.endtime = SAMPLE_TIME;
399     ci->times.renew_till = SAMPLE_TIME;
400     ktest_make_sample_addresses(&ci->caddrs);
401 }
402 
403 void
ktest_make_sample_error(krb5_error * kerr)404 ktest_make_sample_error(krb5_error *kerr)
405 {
406     kerr->ctime = SAMPLE_TIME;
407     kerr->cusec = SAMPLE_USEC;
408     kerr->susec = SAMPLE_USEC;
409     kerr->stime = SAMPLE_TIME;
410     kerr->error = SAMPLE_ERROR;
411     ktest_make_sample_principal(&kerr->client);
412     ktest_make_sample_principal(&kerr->server);
413     ktest_make_sample_data(&kerr->text);
414     ktest_make_sample_data(&kerr->e_data);
415 }
416 
417 void
ktest_make_sample_data(krb5_data * d)418 ktest_make_sample_data(krb5_data *d)
419 {
420     krb5_data_parse(d, "krb5data");
421 }
422 
423 void
ktest_make_sample_etype_info(krb5_etype_info_entry *** p)424 ktest_make_sample_etype_info(krb5_etype_info_entry ***p)
425 {
426     krb5_etype_info_entry **info;
427     int i, len;
428     char *str;
429 
430     info = ealloc(4 * sizeof(krb5_etype_info_entry *));
431     for (i = 0; i < 3; i++) {
432         info[i] = ealloc(sizeof(krb5_etype_info_entry));
433         info[i]->etype = i;
434         len = asprintf(&str, "Morton's #%d", i);
435         if (len < 0)
436             abort();
437         info[i]->salt = (krb5_octet *)str;
438         info[i]->length = len;
439         info[i]->s2kparams.data = NULL;
440         info[i]->s2kparams.length = 0;
441         info[i]->magic = KV5M_ETYPE_INFO_ENTRY;
442     }
443     free(info[1]->salt);
444     info[1]->length = KRB5_ETYPE_NO_SALT;
445     info[1]->salt = 0;
446     *p = info;
447 }
448 
449 
450 void
ktest_make_sample_etype_info2(krb5_etype_info_entry *** p)451 ktest_make_sample_etype_info2(krb5_etype_info_entry ***p)
452 {
453     krb5_etype_info_entry **info;
454     int i, len;
455     char *str;
456 
457     info = ealloc(4 * sizeof(krb5_etype_info_entry *));
458     for (i = 0; i < 3; i++) {
459         info[i] = ealloc(sizeof(krb5_etype_info_entry));
460         info[i]->etype = i;
461         len = asprintf(&str, "Morton's #%d", i);
462         if (len < 0)
463             abort();
464         info[i]->salt = (krb5_octet *)str;
465         info[i]->length = (unsigned int)len;
466         len = asprintf(&info[i]->s2kparams.data, "s2k: %d", i);
467         if (len < 0)
468             abort();
469         info[i]->s2kparams.length = (unsigned int) len;
470         info[i]->magic = KV5M_ETYPE_INFO_ENTRY;
471     }
472     free(info[1]->salt);
473     info[1]->length = KRB5_ETYPE_NO_SALT;
474     info[1]->salt = 0;
475     *p = info;
476 }
477 
478 
479 void
ktest_make_sample_pa_enc_ts(krb5_pa_enc_ts * pa_enc)480 ktest_make_sample_pa_enc_ts(krb5_pa_enc_ts *pa_enc)
481 {
482     pa_enc->patimestamp = SAMPLE_TIME;
483     pa_enc->pausec = SAMPLE_USEC;
484 }
485 
486 void
ktest_make_sample_sam_challenge_2(krb5_sam_challenge_2 * p)487 ktest_make_sample_sam_challenge_2(krb5_sam_challenge_2 *p)
488 {
489     /* Need a valid DER sequence encoding here; this one contains the OCTET
490      * STRING "challenge". */
491     krb5_data_parse(&p->sam_challenge_2_body, "\x30\x0B\x04\x09" "challenge");
492     p->sam_cksum = ealloc(2 * sizeof(krb5_checksum *));
493     p->sam_cksum[0] = ealloc(sizeof(krb5_checksum));
494     ktest_make_sample_checksum(p->sam_cksum[0]);
495     p->sam_cksum[1] = NULL;
496 }
497 
498 void
ktest_make_sample_sam_challenge_2_body(krb5_sam_challenge_2_body * p)499 ktest_make_sample_sam_challenge_2_body(krb5_sam_challenge_2_body *p)
500 {
501     p->sam_type = 42;
502     p->sam_flags = KRB5_SAM_USE_SAD_AS_KEY;
503     krb5_data_parse(&p->sam_type_name, "type name");
504     p->sam_track_id = empty_data();
505     krb5_data_parse(&p->sam_challenge_label, "challenge label");
506     krb5_data_parse(&p->sam_challenge, "challenge ipse");
507     krb5_data_parse(&p->sam_response_prompt, "response_prompt ipse");
508     p->sam_pk_for_sad = empty_data();
509     p->sam_nonce = 0x543210;
510     p->sam_etype = ENCTYPE_AES256_CTS_HMAC_SHA384_192;
511 }
512 
513 void
ktest_make_sample_sam_response_2(krb5_sam_response_2 * p)514 ktest_make_sample_sam_response_2(krb5_sam_response_2 *p)
515 {
516     p->magic = KV5M_SAM_RESPONSE;
517     p->sam_type = 43; /* information */
518     p->sam_flags = KRB5_SAM_USE_SAD_AS_KEY; /* KRB5_SAM_* values */
519     krb5_data_parse(&p->sam_track_id, "track data");
520     krb5_data_parse(&p->sam_enc_nonce_or_sad.ciphertext, "nonce or sad");
521     p->sam_enc_nonce_or_sad.enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192;
522     p->sam_enc_nonce_or_sad.kvno = 3382;
523     p->sam_nonce = 0x543210;
524 }
525 
526 void
ktest_make_sample_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 * p)527 ktest_make_sample_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 *p)
528 {
529     p->magic = 83;
530     p->sam_nonce = 88;
531     krb5_data_parse(&p->sam_sad, "enc_sam_response_enc_2");
532 }
533 
534 void
ktest_make_sample_pa_for_user(krb5_pa_for_user * p)535 ktest_make_sample_pa_for_user(krb5_pa_for_user *p)
536 {
537     ktest_make_sample_principal(&p->user);
538     ktest_make_sample_checksum(&p->cksum);
539     ktest_make_sample_data(&p->auth_package);
540 }
541 
542 void
ktest_make_sample_pa_s4u_x509_user(krb5_pa_s4u_x509_user * p)543 ktest_make_sample_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p)
544 {
545     krb5_s4u_userid *u = &p->user_id;
546 
547     u->nonce = 13243546;
548     ktest_make_sample_principal(&u->user);
549     krb5_data_parse(&u->subject_cert, "pa_s4u_x509_user");
550     u->options = 0x80000000;
551     ktest_make_sample_checksum(&p->cksum);
552 }
553 
554 void
ktest_make_sample_ad_kdcissued(krb5_ad_kdcissued * p)555 ktest_make_sample_ad_kdcissued(krb5_ad_kdcissued *p)
556 {
557     ktest_make_sample_checksum(&p->ad_checksum);
558     ktest_make_sample_principal(&p->i_principal);
559     ktest_make_sample_authorization_data(&p->elements);
560 }
561 
562 void
ktest_make_sample_iakerb_header(krb5_iakerb_header * ih)563 ktest_make_sample_iakerb_header(krb5_iakerb_header *ih)
564 {
565     ktest_make_sample_data(&(ih->target_realm));
566     ih->cookie = ealloc(sizeof(krb5_data));
567     ktest_make_sample_data(ih->cookie);
568 }
569 
570 void
ktest_make_sample_iakerb_finished(krb5_iakerb_finished * ih)571 ktest_make_sample_iakerb_finished(krb5_iakerb_finished *ih)
572 {
573     ktest_make_sample_checksum(&ih->checksum);
574 }
575 
576 static void
ktest_make_sample_fast_finished(krb5_fast_finished * p)577 ktest_make_sample_fast_finished(krb5_fast_finished *p)
578 {
579     p->timestamp = SAMPLE_TIME;
580     p->usec = SAMPLE_USEC;
581     ktest_make_sample_principal(&p->client);
582     ktest_make_sample_checksum(&p->ticket_checksum);
583 }
584 
585 void
ktest_make_sample_fast_response(krb5_fast_response * p)586 ktest_make_sample_fast_response(krb5_fast_response *p)
587 {
588     ktest_make_sample_pa_data_array(&p->padata);
589     p->strengthen_key = ealloc(sizeof(krb5_keyblock));
590     ktest_make_sample_keyblock(p->strengthen_key);
591     p->finished = ealloc(sizeof(krb5_fast_finished));
592     ktest_make_sample_fast_finished(p->finished);
593     p->nonce = SAMPLE_NONCE;
594 }
595 
596 void
ktest_make_sha256_alg(krb5_algorithm_identifier * p)597 ktest_make_sha256_alg(krb5_algorithm_identifier *p)
598 {
599     /* { 2 16 840 1 101 3 4 2 1 } */
600     krb5_data_parse(&p->algorithm, "\x60\x86\x48\x01\x65\x03\x04\x02\x01");
601     p->parameters = empty_data();
602 }
603 
604 void
ktest_make_sha1_alg(krb5_algorithm_identifier * p)605 ktest_make_sha1_alg(krb5_algorithm_identifier *p)
606 {
607     /* { 1 3 14 3 2 26 } */
608     krb5_data_parse(&p->algorithm, "\x2b\x0e\x03\x02\x1a");
609     p->parameters = empty_data();
610 }
611 
612 void
ktest_make_minimal_otp_tokeninfo(krb5_otp_tokeninfo * p)613 ktest_make_minimal_otp_tokeninfo(krb5_otp_tokeninfo *p)
614 {
615     memset(p, 0, sizeof(*p));
616     p->length = p->format = p->iteration_count = -1;
617 }
618 
619 void
ktest_make_maximal_otp_tokeninfo(krb5_otp_tokeninfo * p)620 ktest_make_maximal_otp_tokeninfo(krb5_otp_tokeninfo *p)
621 {
622     p->flags = KRB5_OTP_FLAG_NEXTOTP | KRB5_OTP_FLAG_COMBINE |
623         KRB5_OTP_FLAG_COLLECT_PIN | KRB5_OTP_FLAG_ENCRYPT_NONCE |
624         KRB5_OTP_FLAG_SEPARATE_PIN | KRB5_OTP_FLAG_CHECK_DIGIT;
625     krb5_data_parse(&p->vendor, "Examplecorp");
626     krb5_data_parse(&p->challenge, "hark!");
627     p->length = 10;
628     p->format = 2;
629     krb5_data_parse(&p->token_id, "yourtoken");
630     krb5_data_parse(&p->alg_id, "urn:ietf:params:xml:ns:keyprov:pskc:hotp");
631     p->supported_hash_alg = ealloc(3 * sizeof(*p->supported_hash_alg));
632     p->supported_hash_alg[0] = ealloc(sizeof(*p->supported_hash_alg[0]));
633     ktest_make_sha256_alg(p->supported_hash_alg[0]);
634     p->supported_hash_alg[1] = ealloc(sizeof(*p->supported_hash_alg[1]));
635     ktest_make_sha1_alg(p->supported_hash_alg[1]);
636     p->supported_hash_alg[2] = NULL;
637     p->iteration_count = 1000;
638 }
639 
640 void
ktest_make_minimal_pa_otp_challenge(krb5_pa_otp_challenge * p)641 ktest_make_minimal_pa_otp_challenge(krb5_pa_otp_challenge *p)
642 {
643     memset(p, 0, sizeof(*p));
644     krb5_data_parse(&p->nonce, "minnonce");
645     p->tokeninfo = ealloc(2 * sizeof(*p->tokeninfo));
646     p->tokeninfo[0] = ealloc(sizeof(*p->tokeninfo[0]));
647     ktest_make_minimal_otp_tokeninfo(p->tokeninfo[0]);
648     p->tokeninfo[1] = NULL;
649 }
650 
651 void
ktest_make_maximal_pa_otp_challenge(krb5_pa_otp_challenge * p)652 ktest_make_maximal_pa_otp_challenge(krb5_pa_otp_challenge *p)
653 {
654     krb5_data_parse(&p->nonce, "maxnonce");
655     krb5_data_parse(&p->service, "testservice");
656     p->tokeninfo = ealloc(3 * sizeof(*p->tokeninfo));
657     p->tokeninfo[0] = ealloc(sizeof(*p->tokeninfo[0]));
658     ktest_make_minimal_otp_tokeninfo(p->tokeninfo[0]);
659     p->tokeninfo[1] = ealloc(sizeof(*p->tokeninfo[1]));
660     ktest_make_maximal_otp_tokeninfo(p->tokeninfo[1]);
661     p->tokeninfo[2] = NULL;
662     krb5_data_parse(&p->salt, "keysalt");
663     krb5_data_parse(&p->s2kparams, "1234");
664 }
665 
666 void
ktest_make_minimal_pa_otp_req(krb5_pa_otp_req * p)667 ktest_make_minimal_pa_otp_req(krb5_pa_otp_req *p)
668 {
669     memset(p, 0, sizeof(*p));
670     p->iteration_count = -1;
671     p->format = -1;
672     ktest_make_sample_enc_data(&p->enc_data);
673 }
674 
675 void
ktest_make_maximal_pa_otp_req(krb5_pa_otp_req * p)676 ktest_make_maximal_pa_otp_req(krb5_pa_otp_req *p)
677 {
678     p->flags = KRB5_OTP_FLAG_NEXTOTP | KRB5_OTP_FLAG_COMBINE;
679     krb5_data_parse(&p->nonce, "nonce");
680     ktest_make_sample_enc_data(&p->enc_data);
681     p->hash_alg = ealloc(sizeof(*p->hash_alg));
682     ktest_make_sha256_alg(p->hash_alg);
683     p->iteration_count = 1000;
684     krb5_data_parse(&p->otp_value, "frogs");
685     krb5_data_parse(&p->pin, "myfirstpin");
686     krb5_data_parse(&p->challenge, "hark!");
687     p->time = SAMPLE_TIME;
688     krb5_data_parse(&p->counter, "346");
689     p->format = 2;
690     krb5_data_parse(&p->token_id, "yourtoken");
691     krb5_data_parse(&p->alg_id, "urn:ietf:params:xml:ns:keyprov:pskc:hotp");
692     krb5_data_parse(&p->vendor, "Examplecorp");
693 }
694 
695 #ifndef DISABLE_PKINIT
696 
697 static void
ktest_make_sample_pk_authenticator(krb5_pk_authenticator * p)698 ktest_make_sample_pk_authenticator(krb5_pk_authenticator *p)
699 {
700     p->cusec = SAMPLE_USEC;
701     p->ctime = SAMPLE_TIME;
702     p->nonce = SAMPLE_NONCE;
703     ktest_make_sample_checksum(&p->paChecksum);
704     /* We don't encode the checksum type, only the contents. */
705     p->paChecksum.checksum_type = 0;
706     p->freshnessToken = ealloc(sizeof(krb5_data));
707     ktest_make_sample_data(p->freshnessToken);
708 }
709 
710 static void
ktest_make_sample_oid(krb5_data * p)711 ktest_make_sample_oid(krb5_data *p)
712 {
713     krb5_data_parse(p, "\052\206\110\206\367\022\001\002\002");
714 }
715 
716 static void
ktest_make_sample_algorithm_identifier(krb5_algorithm_identifier * p)717 ktest_make_sample_algorithm_identifier(krb5_algorithm_identifier *p)
718 {
719     ktest_make_sample_oid(&p->algorithm);
720     /* Need a valid DER encoding here; this is the OCTET STRING "params". */
721     krb5_data_parse(&p->parameters, "\x04\x06" "params");
722 }
723 
724 static void
ktest_make_sample_algorithm_identifier_no_params(krb5_algorithm_identifier * p)725 ktest_make_sample_algorithm_identifier_no_params(krb5_algorithm_identifier *p)
726 {
727     ktest_make_sample_oid(&p->algorithm);
728     p->parameters = empty_data();
729 }
730 
731 static void
ktest_make_sample_external_principal_identifier(krb5_external_principal_identifier * p)732 ktest_make_sample_external_principal_identifier(
733     krb5_external_principal_identifier *p)
734 {
735     ktest_make_sample_data(&p->subjectName);
736     ktest_make_sample_data(&p->issuerAndSerialNumber);
737     ktest_make_sample_data(&p->subjectKeyIdentifier);
738 }
739 
740 void
ktest_make_sample_pa_pk_as_req(krb5_pa_pk_as_req * p)741 ktest_make_sample_pa_pk_as_req(krb5_pa_pk_as_req *p)
742 {
743     ktest_make_sample_data(&p->signedAuthPack);
744     p->trustedCertifiers =
745         ealloc(2 * sizeof(krb5_external_principal_identifier *));
746     p->trustedCertifiers[0] =
747         ealloc(sizeof(krb5_external_principal_identifier));
748     ktest_make_sample_external_principal_identifier(p->trustedCertifiers[0]);
749     p->trustedCertifiers[1] = NULL;
750     ktest_make_sample_data(&p->kdcPkId);
751 }
752 
753 static void
ktest_make_sample_dh_rep_info(krb5_dh_rep_info * p)754 ktest_make_sample_dh_rep_info(krb5_dh_rep_info *p)
755 {
756     ktest_make_sample_data(&p->dhSignedData);
757     ktest_make_sample_data(&p->serverDHNonce);
758     p->kdfID = ealloc(sizeof(krb5_data));
759     ktest_make_sample_data(p->kdfID);
760 }
761 
762 void
ktest_make_sample_pa_pk_as_rep_dhInfo(krb5_pa_pk_as_rep * p)763 ktest_make_sample_pa_pk_as_rep_dhInfo(krb5_pa_pk_as_rep *p)
764 {
765     p->choice = choice_pa_pk_as_rep_dhInfo;
766     ktest_make_sample_dh_rep_info(&p->u.dh_Info);
767 }
768 
769 void
ktest_make_sample_pa_pk_as_rep_encKeyPack(krb5_pa_pk_as_rep * p)770 ktest_make_sample_pa_pk_as_rep_encKeyPack(krb5_pa_pk_as_rep *p)
771 {
772     p->choice = choice_pa_pk_as_rep_encKeyPack;
773     ktest_make_sample_data(&p->u.encKeyPack);
774 }
775 
776 void
ktest_make_sample_auth_pack(krb5_auth_pack * p)777 ktest_make_sample_auth_pack(krb5_auth_pack *p)
778 {
779     ktest_make_sample_pk_authenticator(&p->pkAuthenticator);
780     /* Need a valid DER encoding here; this is the OCTET STRING "pvalue". */
781     krb5_data_parse(&p->clientPublicValue, "\x04\x06" "pvalue");
782     p->supportedCMSTypes = ealloc(3 * sizeof(krb5_algorithm_identifier *));
783     p->supportedCMSTypes[0] = ealloc(sizeof(krb5_algorithm_identifier));
784     ktest_make_sample_algorithm_identifier(p->supportedCMSTypes[0]);
785     p->supportedCMSTypes[1] = ealloc(sizeof(krb5_algorithm_identifier));
786     ktest_make_sample_algorithm_identifier_no_params(p->supportedCMSTypes[1]);
787     p->supportedCMSTypes[2] = NULL;
788     ktest_make_sample_data(&p->clientDHNonce);
789     p->supportedKDFs = ealloc(2 * sizeof(krb5_data *));
790     p->supportedKDFs[0] = ealloc(sizeof(krb5_data));
791     ktest_make_sample_data(p->supportedKDFs[0]);
792     p->supportedKDFs[1] = NULL;
793 }
794 
795 void
ktest_make_sample_kdc_dh_key_info(krb5_kdc_dh_key_info * p)796 ktest_make_sample_kdc_dh_key_info(krb5_kdc_dh_key_info *p)
797 {
798     ktest_make_sample_data(&p->subjectPublicKey);
799     p->nonce = SAMPLE_NONCE;
800     p->dhKeyExpiration = SAMPLE_TIME;
801 }
802 
803 void
ktest_make_sample_reply_key_pack(krb5_reply_key_pack * p)804 ktest_make_sample_reply_key_pack(krb5_reply_key_pack *p)
805 {
806     ktest_make_sample_keyblock(&p->replyKey);
807     ktest_make_sample_checksum(&p->asChecksum);
808 }
809 
810 void
ktest_make_sample_sp80056a_other_info(krb5_sp80056a_other_info * p)811 ktest_make_sample_sp80056a_other_info(krb5_sp80056a_other_info *p)
812 {
813     ktest_make_sample_algorithm_identifier_no_params(&p->algorithm_identifier);
814     ktest_make_sample_principal(&p->party_u_info);
815     ktest_make_sample_principal(&p->party_v_info);
816     ktest_make_sample_data(&p->supp_pub_info);
817 }
818 
819 void
ktest_make_sample_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info * p)820 ktest_make_sample_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info *p)
821 {
822     p->enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192;
823     ktest_make_sample_data(&p->as_req);
824     ktest_make_sample_data(&p->pk_as_rep);
825 }
826 
827 #endif /* not DISABLE_PKINIT */
828 
829 #ifdef ENABLE_LDAP
830 static void
ktest_make_sample_key_data(krb5_key_data * p,int i)831 ktest_make_sample_key_data(krb5_key_data *p, int i)
832 {
833     char *str;
834     int len;
835 
836     len = asprintf(&str, "key%d", i);
837     if (len < 0)
838         abort();
839     p->key_data_ver = 2;
840     p->key_data_type[0] = 2;
841     p->key_data_length[0] = (unsigned int) len;
842     p->key_data_contents[0] = (krb5_octet *)str;
843     len = asprintf(&str, "salt%d", i);
844     if (len < 0)
845         abort();
846     p->key_data_type[1] = i;
847     p->key_data_length[1] = (unsigned int) len;
848     p->key_data_contents[1] = (krb5_octet *)str;
849 }
850 
851 void
ktest_make_sample_ldap_seqof_key_data(ldap_seqof_key_data * p)852 ktest_make_sample_ldap_seqof_key_data(ldap_seqof_key_data *p)
853 {
854     int i;
855 
856     p->mkvno = 14;
857     p->n_key_data = 3;
858     p->key_data = calloc(3,sizeof(krb5_key_data));
859     p->kvno = 42;
860     for (i = 0; i < 3; i++)
861         ktest_make_sample_key_data(&p->key_data[i], i);
862 }
863 #endif
864 
865 void
ktest_make_sample_kkdcp_message(krb5_kkdcp_message * p)866 ktest_make_sample_kkdcp_message(krb5_kkdcp_message *p)
867 {
868     krb5_kdc_req req;
869     krb5_data *message;
870 
871     ktest_make_sample_kdc_req(&req);
872     req.msg_type = KRB5_AS_REQ;
873     encode_krb5_as_req(&req, &message);
874     p->kerb_message = *message;
875     free(message);
876     ktest_empty_kdc_req(&req);
877     ktest_make_sample_data(&(p->target_domain));
878     p->dclocator_hint = 0;
879 }
880 
881 static krb5_authdata *
make_ad_element(krb5_authdatatype ad_type,const char * str)882 make_ad_element(krb5_authdatatype ad_type, const char *str)
883 {
884     krb5_authdata *ad;
885 
886     ad = ealloc(sizeof(*ad));
887     ad->ad_type = ad_type;
888     ad->length = strlen(str);
889     ad->contents = ealloc(ad->length);
890     memcpy(ad->contents, str, ad->length);
891     return ad;
892 }
893 
894 static krb5_verifier_mac *
make_vmac(krb5_boolean include_princ,krb5_kvno kvno,krb5_enctype enctype,const char * cksumstr)895 make_vmac(krb5_boolean include_princ, krb5_kvno kvno, krb5_enctype enctype,
896           const char *cksumstr)
897 {
898     krb5_verifier_mac *vmac;
899 
900     vmac = ealloc(sizeof(*vmac));
901     if (include_princ) {
902         ktest_make_sample_principal(&vmac->princ);
903         (void)krb5_set_principal_realm(NULL, vmac->princ, "");
904     } else {
905         vmac->princ = NULL;
906     }
907     vmac->kvno = kvno;
908     vmac->enctype = enctype;
909     vmac->checksum.checksum_type = 1;
910     vmac->checksum.length = strlen(cksumstr);
911     vmac->checksum.contents = ealloc(vmac->checksum.length);
912     memcpy(vmac->checksum.contents, cksumstr, vmac->checksum.length);
913     return vmac;
914 }
915 
916 void
ktest_make_minimal_cammac(krb5_cammac * p)917 ktest_make_minimal_cammac(krb5_cammac *p)
918 {
919     memset(p, 0, sizeof(*p));
920     p->elements = ealloc(2 * sizeof(*p->elements));
921     p->elements[0] = make_ad_element(1, "ad1");
922     p->elements[1] = NULL;
923 }
924 
925 void
ktest_make_maximal_cammac(krb5_cammac * p)926 ktest_make_maximal_cammac(krb5_cammac *p)
927 {
928     p->elements = ealloc(3 * sizeof(*p->elements));
929     p->elements[0] = make_ad_element(1, "ad1");
930     p->elements[1] = make_ad_element(2, "ad2");
931     p->elements[2] = NULL;
932     p->kdc_verifier = make_vmac(TRUE, 5, 16, "cksumkdc");
933     p->svc_verifier = make_vmac(TRUE, 5, 16, "cksumsvc");
934     p->other_verifiers = ealloc(3 * sizeof(*p->other_verifiers));
935     p->other_verifiers[0] = make_vmac(FALSE, 0, 0, "cksum1");
936     p->other_verifiers[1] = make_vmac(TRUE, 5, 16, "cksum2");
937     p->other_verifiers[2] = NULL;
938 }
939 
940 void
ktest_make_sample_secure_cookie(krb5_secure_cookie * p)941 ktest_make_sample_secure_cookie(krb5_secure_cookie *p)
942 {
943     ktest_make_sample_pa_data_array(&p->data);
944     p->time = SAMPLE_TIME;
945 }
946 
947 void
ktest_make_minimal_spake_factor(krb5_spake_factor * p)948 ktest_make_minimal_spake_factor(krb5_spake_factor *p)
949 {
950     p->type = 1;
951     p->data = NULL;
952 }
953 
954 void
ktest_make_maximal_spake_factor(krb5_spake_factor * p)955 ktest_make_maximal_spake_factor(krb5_spake_factor *p)
956 {
957     p->type = 2;
958     p->data = ealloc(sizeof(*p->data));
959     krb5_data_parse(p->data, "fdata");
960 }
961 
962 void
ktest_make_support_pa_spake(krb5_pa_spake * p)963 ktest_make_support_pa_spake(krb5_pa_spake *p)
964 {
965     krb5_spake_support *s = &p->u.support;
966 
967     s->ngroups = 2;
968     s->groups = ealloc(s->ngroups * sizeof(*s->groups));
969     s->groups[0] = 1;
970     s->groups[1] = 2;
971     p->choice = SPAKE_MSGTYPE_SUPPORT;
972 }
973 
974 void
ktest_make_challenge_pa_spake(krb5_pa_spake * p)975 ktest_make_challenge_pa_spake(krb5_pa_spake *p)
976 {
977     krb5_spake_challenge *c = &p->u.challenge;
978 
979     c->group = 1;
980     krb5_data_parse(&c->pubkey, "T value");
981     c->factors = ealloc(3 * sizeof(*c->factors));
982     c->factors[0] = ealloc(sizeof(*c->factors[0]));
983     ktest_make_minimal_spake_factor(c->factors[0]);
984     c->factors[1] = ealloc(sizeof(*c->factors[1]));
985     ktest_make_maximal_spake_factor(c->factors[1]);
986     c->factors[2] = NULL;
987     p->choice = SPAKE_MSGTYPE_CHALLENGE;
988 }
989 
990 void
ktest_make_response_pa_spake(krb5_pa_spake * p)991 ktest_make_response_pa_spake(krb5_pa_spake *p)
992 {
993     krb5_spake_response *r = &p->u.response;
994 
995     krb5_data_parse(&r->pubkey, "S value");
996     ktest_make_sample_enc_data(&r->factor);
997     p->choice = SPAKE_MSGTYPE_RESPONSE;
998 }
999 
1000 void
ktest_make_encdata_pa_spake(krb5_pa_spake * p)1001 ktest_make_encdata_pa_spake(krb5_pa_spake *p)
1002 {
1003     ktest_make_sample_enc_data(&p->u.encdata);
1004     p->choice = SPAKE_MSGTYPE_ENCDATA;
1005 }
1006 
1007 /****************************************************************/
1008 /* destructors */
1009 
1010 void
ktest_destroy_data(krb5_data ** d)1011 ktest_destroy_data(krb5_data **d)
1012 {
1013     if (*d != NULL) {
1014         free((*d)->data);
1015         free(*d);
1016         *d = NULL;
1017     }
1018 }
1019 
1020 void
ktest_empty_data(krb5_data * d)1021 ktest_empty_data(krb5_data *d)
1022 {
1023     if (d->data != NULL) {
1024         free(d->data);
1025         d->data = NULL;
1026         d->length = 0;
1027     }
1028 }
1029 
1030 static void
ktest_empty_checksum(krb5_checksum * cs)1031 ktest_empty_checksum(krb5_checksum *cs)
1032 {
1033     free(cs->contents);
1034     cs->contents = NULL;
1035 }
1036 
1037 void
ktest_destroy_checksum(krb5_checksum ** cs)1038 ktest_destroy_checksum(krb5_checksum **cs)
1039 {
1040     if (*cs != NULL) {
1041         free((*cs)->contents);
1042         free(*cs);
1043         *cs = NULL;
1044     }
1045 }
1046 
1047 void
ktest_empty_keyblock(krb5_keyblock * kb)1048 ktest_empty_keyblock(krb5_keyblock *kb)
1049 {
1050     if (kb != NULL) {
1051         if (kb->contents) {
1052             free(kb->contents);
1053             kb->contents = NULL;
1054         }
1055     }
1056 }
1057 
1058 void
ktest_destroy_keyblock(krb5_keyblock ** kb)1059 ktest_destroy_keyblock(krb5_keyblock **kb)
1060 {
1061     if (*kb != NULL) {
1062         free((*kb)->contents);
1063         free(*kb);
1064         *kb = NULL;
1065     }
1066 }
1067 
1068 void
ktest_empty_authorization_data(krb5_authdata ** ad)1069 ktest_empty_authorization_data(krb5_authdata **ad)
1070 {
1071     int i;
1072 
1073     if (*ad != NULL) {
1074         for (i=0; ad[i] != NULL; i++)
1075             ktest_destroy_authdata(&ad[i]);
1076     }
1077 }
1078 
1079 void
ktest_destroy_authorization_data(krb5_authdata *** ad)1080 ktest_destroy_authorization_data(krb5_authdata ***ad)
1081 {
1082     ktest_empty_authorization_data(*ad);
1083     free(*ad);
1084     *ad = NULL;
1085 }
1086 
1087 void
ktest_destroy_authdata(krb5_authdata ** ad)1088 ktest_destroy_authdata(krb5_authdata **ad)
1089 {
1090     if (*ad != NULL) {
1091         free((*ad)->contents);
1092         free(*ad);
1093         *ad = NULL;
1094     }
1095 }
1096 
1097 void
ktest_empty_pa_data_array(krb5_pa_data ** pad)1098 ktest_empty_pa_data_array(krb5_pa_data **pad)
1099 {
1100     int i;
1101 
1102     for (i=0; pad[i] != NULL; i++)
1103         ktest_destroy_pa_data(&pad[i]);
1104 }
1105 
1106 void
ktest_destroy_pa_data_array(krb5_pa_data *** pad)1107 ktest_destroy_pa_data_array(krb5_pa_data ***pad)
1108 {
1109     ktest_empty_pa_data_array(*pad);
1110     free(*pad);
1111     *pad = NULL;
1112 }
1113 
1114 void
ktest_destroy_pa_data(krb5_pa_data ** pad)1115 ktest_destroy_pa_data(krb5_pa_data **pad)
1116 {
1117     if (*pad != NULL) {
1118         free((*pad)->contents);
1119         free(*pad);
1120         *pad = NULL;
1121     }
1122 }
1123 
1124 void
ktest_destroy_address(krb5_address ** a)1125 ktest_destroy_address(krb5_address **a)
1126 {
1127     if (*a != NULL) {
1128         free((*a)->contents);
1129         free(*a);
1130         *a = NULL;
1131     }
1132 }
1133 
1134 void
ktest_empty_addresses(krb5_address ** a)1135 ktest_empty_addresses(krb5_address **a)
1136 {
1137     int i;
1138 
1139     for (i=0; a[i] != NULL; i++)
1140         ktest_destroy_address(&a[i]);
1141 }
1142 
1143 void
ktest_destroy_addresses(krb5_address *** a)1144 ktest_destroy_addresses(krb5_address ***a)
1145 {
1146     ktest_empty_addresses(*a);
1147     free(*a);
1148     *a = NULL;
1149 }
1150 
1151 void
ktest_destroy_principal(krb5_principal * p)1152 ktest_destroy_principal(krb5_principal *p)
1153 {
1154     int i;
1155 
1156     if (*p == NULL)
1157         return;
1158     for (i=0; i<(*p)->length; i++)
1159         ktest_empty_data(&(*p)->data[i]);
1160     ktest_empty_data(&(*p)->realm);
1161     free((*p)->data);
1162     free(*p);
1163     *p = NULL;
1164 }
1165 
1166 void
ktest_destroy_sequence_of_integer(long ** soi)1167 ktest_destroy_sequence_of_integer(long **soi)
1168 {
1169     free(*soi);
1170     *soi = NULL;
1171 }
1172 
1173 void
ktest_destroy_sequence_of_ticket(krb5_ticket *** sot)1174 ktest_destroy_sequence_of_ticket(krb5_ticket ***sot)
1175 {
1176     int i;
1177 
1178     for (i=0; (*sot)[i] != NULL; i++)
1179         ktest_destroy_ticket(&(*sot)[i]);
1180     free(*sot);
1181     *sot = NULL;
1182 }
1183 
1184 void
ktest_destroy_ticket(krb5_ticket ** tkt)1185 ktest_destroy_ticket(krb5_ticket **tkt)
1186 {
1187     ktest_destroy_principal(&(*tkt)->server);
1188     ktest_destroy_enc_data(&(*tkt)->enc_part);
1189     /*  ktest_empty_enc_tkt_part(((*tkt)->enc_part2));*/
1190     free(*tkt);
1191     *tkt = NULL;
1192 }
1193 
1194 void
ktest_empty_ticket(krb5_ticket * tkt)1195 ktest_empty_ticket(krb5_ticket *tkt)
1196 {
1197     if (tkt->server)
1198         ktest_destroy_principal(&tkt->server);
1199     ktest_destroy_enc_data(&tkt->enc_part);
1200     if (tkt->enc_part2)
1201         ktest_destroy_enc_tkt_part(&tkt->enc_part2);
1202 }
1203 
1204 void
ktest_destroy_enc_data(krb5_enc_data * ed)1205 ktest_destroy_enc_data(krb5_enc_data *ed)
1206 {
1207     ktest_empty_data(&ed->ciphertext);
1208     ed->kvno = 0;
1209 }
1210 
1211 void
ktest_destroy_etype_info_entry(krb5_etype_info_entry * i)1212 ktest_destroy_etype_info_entry(krb5_etype_info_entry *i)
1213 {
1214     if (i->salt)
1215         free(i->salt);
1216     ktest_empty_data(&i->s2kparams);
1217     free(i);
1218 }
1219 
1220 void
ktest_destroy_etype_info(krb5_etype_info_entry ** info)1221 ktest_destroy_etype_info(krb5_etype_info_entry **info)
1222 {
1223     int i;
1224 
1225     for (i = 0; info[i] != NULL; i++)
1226         ktest_destroy_etype_info_entry(info[i]);
1227     free(info);
1228 }
1229 
1230 void
ktest_empty_kdc_req(krb5_kdc_req * kr)1231 ktest_empty_kdc_req(krb5_kdc_req *kr)
1232 {
1233     if (kr->padata)
1234         ktest_destroy_pa_data_array(&kr->padata);
1235 
1236     if (kr->client)
1237         ktest_destroy_principal(&kr->client);
1238 
1239     if (kr->server)
1240         ktest_destroy_principal(&kr->server);
1241     free(kr->ktype);
1242     if (kr->addresses)
1243         ktest_destroy_addresses(&kr->addresses);
1244     ktest_destroy_enc_data(&kr->authorization_data);
1245     if (kr->unenc_authdata)
1246         ktest_destroy_authorization_data(&kr->unenc_authdata);
1247     if (kr->second_ticket)
1248         ktest_destroy_sequence_of_ticket(&kr->second_ticket);
1249 
1250 }
1251 
1252 void
ktest_empty_kdc_rep(krb5_kdc_rep * kr)1253 ktest_empty_kdc_rep(krb5_kdc_rep *kr)
1254 {
1255     if (kr->padata)
1256         ktest_destroy_pa_data_array(&kr->padata);
1257 
1258     if (kr->client)
1259         ktest_destroy_principal(&kr->client);
1260 
1261     if (kr->ticket)
1262         ktest_destroy_ticket(&kr->ticket);
1263 
1264     ktest_destroy_enc_data(&kr->enc_part);
1265 
1266     if (kr->enc_part2) {
1267         ktest_empty_enc_kdc_rep_part(kr->enc_part2);
1268         free(kr->enc_part2);
1269         kr->enc_part2 = NULL;
1270     }
1271 }
1272 
1273 void
ktest_empty_authenticator(krb5_authenticator * a)1274 ktest_empty_authenticator(krb5_authenticator *a)
1275 {
1276     if (a->client)
1277         ktest_destroy_principal(&a->client);
1278     if (a->checksum)
1279         ktest_destroy_checksum(&a->checksum);
1280     if (a->subkey)
1281         ktest_destroy_keyblock(&a->subkey);
1282     if (a->authorization_data)
1283         ktest_destroy_authorization_data(&a->authorization_data);
1284 }
1285 
1286 void
ktest_empty_enc_tkt_part(krb5_enc_tkt_part * etp)1287 ktest_empty_enc_tkt_part(krb5_enc_tkt_part *etp)
1288 {
1289     if (etp->session)
1290         ktest_destroy_keyblock(&etp->session);
1291     if (etp->client)
1292         ktest_destroy_principal(&etp->client);
1293     if (etp->caddrs)
1294         ktest_destroy_addresses(&etp->caddrs);
1295     if (etp->authorization_data)
1296         ktest_destroy_authorization_data(&etp->authorization_data);
1297     ktest_destroy_transited(&etp->transited);
1298 }
1299 
1300 void
ktest_destroy_enc_tkt_part(krb5_enc_tkt_part ** etp)1301 ktest_destroy_enc_tkt_part(krb5_enc_tkt_part **etp)
1302 {
1303     if (*etp) {
1304         ktest_empty_enc_tkt_part(*etp);
1305         free(*etp);
1306         *etp = NULL;
1307     }
1308 }
1309 
1310 void
ktest_empty_enc_kdc_rep_part(krb5_enc_kdc_rep_part * ekr)1311 ktest_empty_enc_kdc_rep_part(krb5_enc_kdc_rep_part *ekr)
1312 {
1313     if (ekr->session)
1314         ktest_destroy_keyblock(&ekr->session);
1315 
1316     if (ekr->server)
1317         ktest_destroy_principal(&ekr->server);
1318 
1319     if (ekr->caddrs)
1320         ktest_destroy_addresses(&ekr->caddrs);
1321     ktest_destroy_last_req(&ekr->last_req);
1322 }
1323 
1324 void
ktest_destroy_transited(krb5_transited * t)1325 ktest_destroy_transited(krb5_transited *t)
1326 {
1327     if (t->tr_contents.data)
1328         ktest_empty_data(&t->tr_contents);
1329 }
1330 
1331 void
ktest_empty_ap_rep(krb5_ap_rep * ar)1332 ktest_empty_ap_rep(krb5_ap_rep *ar)
1333 {
1334     ktest_destroy_enc_data(&ar->enc_part);
1335 }
1336 
1337 void
ktest_empty_ap_req(krb5_ap_req * ar)1338 ktest_empty_ap_req(krb5_ap_req *ar)
1339 {
1340     if (ar->ticket)
1341         ktest_destroy_ticket(&ar->ticket);
1342     ktest_destroy_enc_data(&ar->authenticator);
1343 }
1344 
1345 void
ktest_empty_cred_enc_part(krb5_cred_enc_part * cep)1346 ktest_empty_cred_enc_part(krb5_cred_enc_part *cep)
1347 {
1348     if (cep->s_address)
1349         ktest_destroy_address(&cep->s_address);
1350     if (cep->r_address)
1351         ktest_destroy_address(&cep->r_address);
1352     if (cep->ticket_info)
1353         ktest_destroy_sequence_of_cred_info(&cep->ticket_info);
1354 }
1355 
1356 void
ktest_destroy_cred_info(krb5_cred_info ** ci)1357 ktest_destroy_cred_info(krb5_cred_info **ci)
1358 {
1359     if ((*ci)->session)
1360         ktest_destroy_keyblock(&(*ci)->session);
1361     if ((*ci)->client)
1362         ktest_destroy_principal(&(*ci)->client);
1363     if ((*ci)->server)
1364         ktest_destroy_principal(&(*ci)->server);
1365     if ((*ci)->caddrs)
1366         ktest_destroy_addresses(&(*ci)->caddrs);
1367     free(*ci);
1368     *ci = NULL;
1369 }
1370 
1371 void
ktest_destroy_sequence_of_cred_info(krb5_cred_info *** soci)1372 ktest_destroy_sequence_of_cred_info(krb5_cred_info ***soci)
1373 {
1374     int i;
1375 
1376     for (i = 0; (*soci)[i] != NULL; i++)
1377         ktest_destroy_cred_info(&(*soci)[i]);
1378     free(*soci);
1379     *soci = NULL;
1380 }
1381 
1382 void
ktest_empty_safe(krb5_safe * s)1383 ktest_empty_safe(krb5_safe *s)
1384 {
1385     ktest_empty_data(&s->user_data);
1386     ktest_destroy_address(&s->s_address);
1387     ktest_destroy_address(&s->r_address);
1388     ktest_destroy_checksum(&s->checksum);
1389 }
1390 
1391 void
ktest_empty_priv_enc_part(krb5_priv_enc_part * pep)1392 ktest_empty_priv_enc_part(krb5_priv_enc_part *pep)
1393 {
1394     ktest_empty_data(&pep->user_data);
1395     ktest_destroy_address(&pep->s_address);
1396     ktest_destroy_address(&pep->r_address);
1397 }
1398 
1399 void
ktest_empty_priv(krb5_priv * p)1400 ktest_empty_priv(krb5_priv *p)
1401 {
1402     ktest_destroy_enc_data(&p->enc_part);
1403 }
1404 
1405 void
ktest_empty_cred(krb5_cred * c)1406 ktest_empty_cred(krb5_cred *c)
1407 {
1408     ktest_destroy_sequence_of_ticket(&c->tickets);
1409     ktest_destroy_enc_data(&c->enc_part);
1410     /* enc_part2 */
1411 }
1412 
1413 void
ktest_destroy_last_req(krb5_last_req_entry *** lr)1414 ktest_destroy_last_req(krb5_last_req_entry ***lr)
1415 {
1416     int i;
1417 
1418     if (*lr) {
1419         for (i=0; (*lr)[i] != NULL; i++)
1420             free((*lr)[i]);
1421 
1422         free(*lr);
1423     }
1424 }
1425 
1426 void
ktest_empty_error(krb5_error * kerr)1427 ktest_empty_error(krb5_error *kerr)
1428 {
1429     if (kerr->client)
1430         ktest_destroy_principal(&kerr->client);
1431     if (kerr->server)
1432         ktest_destroy_principal(&kerr->server);
1433     ktest_empty_data(&kerr->text);
1434     ktest_empty_data(&kerr->e_data);
1435 }
1436 
1437 void
ktest_empty_ap_rep_enc_part(krb5_ap_rep_enc_part * arep)1438 ktest_empty_ap_rep_enc_part(krb5_ap_rep_enc_part *arep)
1439 {
1440     ktest_destroy_keyblock(&(arep)->subkey);
1441 }
1442 
1443 void
ktest_empty_sam_challenge_2(krb5_sam_challenge_2 * p)1444 ktest_empty_sam_challenge_2(krb5_sam_challenge_2 *p)
1445 {
1446     krb5_checksum **ck;
1447 
1448     ktest_empty_data(&p->sam_challenge_2_body);
1449     if (p->sam_cksum != NULL) {
1450         for (ck = p->sam_cksum; *ck != NULL; ck++)
1451             ktest_destroy_checksum(ck);
1452         free(p->sam_cksum);
1453         p->sam_cksum = NULL;
1454     }
1455 }
1456 
1457 void
ktest_empty_sam_challenge_2_body(krb5_sam_challenge_2_body * p)1458 ktest_empty_sam_challenge_2_body(krb5_sam_challenge_2_body *p)
1459 {
1460     ktest_empty_data(&p->sam_type_name);
1461     ktest_empty_data(&p->sam_track_id);
1462     ktest_empty_data(&p->sam_challenge_label);
1463     ktest_empty_data(&p->sam_challenge);
1464     ktest_empty_data(&p->sam_response_prompt);
1465     ktest_empty_data(&p->sam_pk_for_sad);
1466 }
1467 
1468 void
ktest_empty_sam_response_2(krb5_sam_response_2 * p)1469 ktest_empty_sam_response_2(krb5_sam_response_2 *p)
1470 {
1471     ktest_empty_data(&p->sam_track_id);
1472     ktest_empty_data(&p->sam_enc_nonce_or_sad.ciphertext);
1473 }
1474 
1475 void
ktest_empty_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 * p)1476 ktest_empty_enc_sam_response_enc_2(krb5_enc_sam_response_enc_2 *p)
1477 {
1478     ktest_empty_data(&p->sam_sad);
1479 }
1480 
1481 void
ktest_empty_pa_for_user(krb5_pa_for_user * p)1482 ktest_empty_pa_for_user(krb5_pa_for_user *p)
1483 {
1484     ktest_destroy_principal(&p->user);
1485     ktest_empty_checksum(&p->cksum);
1486     ktest_empty_data(&p->auth_package);
1487 }
1488 
1489 void
ktest_empty_pa_s4u_x509_user(krb5_pa_s4u_x509_user * p)1490 ktest_empty_pa_s4u_x509_user(krb5_pa_s4u_x509_user *p)
1491 {
1492     ktest_destroy_principal(&p->user_id.user);
1493     ktest_empty_data(&p->user_id.subject_cert);
1494     free(p->cksum.contents);
1495 }
1496 
1497 void
ktest_empty_ad_kdcissued(krb5_ad_kdcissued * p)1498 ktest_empty_ad_kdcissued(krb5_ad_kdcissued *p)
1499 {
1500     free(p->ad_checksum.contents);
1501     ktest_destroy_principal(&p->i_principal);
1502     ktest_destroy_authorization_data(&p->elements);
1503 }
1504 
1505 void
ktest_empty_iakerb_header(krb5_iakerb_header * p)1506 ktest_empty_iakerb_header(krb5_iakerb_header *p)
1507 {
1508     krb5_free_data_contents(NULL, &p->target_realm);
1509     krb5_free_data(NULL, p->cookie);
1510 }
1511 
1512 void
ktest_empty_iakerb_finished(krb5_iakerb_finished * p)1513 ktest_empty_iakerb_finished(krb5_iakerb_finished *p)
1514 {
1515     krb5_free_checksum_contents(NULL, &p->checksum);
1516 }
1517 
1518 static void
ktest_empty_fast_finished(krb5_fast_finished * p)1519 ktest_empty_fast_finished(krb5_fast_finished *p)
1520 {
1521     ktest_destroy_principal(&p->client);
1522     ktest_empty_checksum(&p->ticket_checksum);
1523 }
1524 
1525 void
ktest_empty_fast_response(krb5_fast_response * p)1526 ktest_empty_fast_response(krb5_fast_response *p)
1527 {
1528     ktest_destroy_pa_data_array(&p->padata);
1529     ktest_destroy_keyblock(&p->strengthen_key);
1530     if (p->finished != NULL) {
1531         ktest_empty_fast_finished(p->finished);
1532         free(p->finished);
1533         p->finished = NULL;
1534     }
1535 }
1536 
1537 static void
ktest_empty_algorithm_identifier(krb5_algorithm_identifier * p)1538 ktest_empty_algorithm_identifier(krb5_algorithm_identifier *p)
1539 {
1540     ktest_empty_data(&p->algorithm);
1541     ktest_empty_data(&p->parameters);
1542 }
1543 
1544 void
ktest_empty_otp_tokeninfo(krb5_otp_tokeninfo * p)1545 ktest_empty_otp_tokeninfo(krb5_otp_tokeninfo *p)
1546 {
1547     krb5_algorithm_identifier **alg;
1548 
1549     p->flags = 0;
1550     krb5_free_data_contents(NULL, &p->vendor);
1551     krb5_free_data_contents(NULL, &p->challenge);
1552     krb5_free_data_contents(NULL, &p->token_id);
1553     krb5_free_data_contents(NULL, &p->alg_id);
1554     for (alg = p->supported_hash_alg; alg != NULL && *alg != NULL; alg++) {
1555         ktest_empty_algorithm_identifier(*alg);
1556         free(*alg);
1557     }
1558     free(p->supported_hash_alg);
1559     p->supported_hash_alg = NULL;
1560     p->length = p->format = p->iteration_count = -1;
1561 }
1562 
1563 void
ktest_empty_pa_otp_challenge(krb5_pa_otp_challenge * p)1564 ktest_empty_pa_otp_challenge(krb5_pa_otp_challenge *p)
1565 {
1566     krb5_otp_tokeninfo **ti;
1567 
1568     krb5_free_data_contents(NULL, &p->nonce);
1569     krb5_free_data_contents(NULL, &p->service);
1570     for (ti = p->tokeninfo; *ti != NULL; ti++) {
1571         ktest_empty_otp_tokeninfo(*ti);
1572         free(*ti);
1573     }
1574     free(p->tokeninfo);
1575     p->tokeninfo = NULL;
1576     krb5_free_data_contents(NULL, &p->salt);
1577     krb5_free_data_contents(NULL, &p->s2kparams);
1578 }
1579 
1580 void
ktest_empty_pa_otp_req(krb5_pa_otp_req * p)1581 ktest_empty_pa_otp_req(krb5_pa_otp_req *p)
1582 {
1583     p->flags = 0;
1584     krb5_free_data_contents(NULL, &p->nonce);
1585     ktest_destroy_enc_data(&p->enc_data);
1586     if (p->hash_alg != NULL)
1587         ktest_empty_algorithm_identifier(p->hash_alg);
1588     free(p->hash_alg);
1589     p->hash_alg = NULL;
1590     p->iteration_count = -1;
1591     krb5_free_data_contents(NULL, &p->otp_value);
1592     krb5_free_data_contents(NULL, &p->pin);
1593     krb5_free_data_contents(NULL, &p->challenge);
1594     p->time = 0;
1595     krb5_free_data_contents(NULL, &p->counter);
1596     p->format = -1;
1597     krb5_free_data_contents(NULL, &p->token_id);
1598     krb5_free_data_contents(NULL, &p->alg_id);
1599     krb5_free_data_contents(NULL, &p->vendor);
1600 }
1601 
1602 #ifndef DISABLE_PKINIT
1603 
1604 static void
ktest_empty_pk_authenticator(krb5_pk_authenticator * p)1605 ktest_empty_pk_authenticator(krb5_pk_authenticator *p)
1606 {
1607     ktest_empty_checksum(&p->paChecksum);
1608     p->paChecksum.contents = NULL;
1609     krb5_free_data(NULL, p->freshnessToken);
1610     p->freshnessToken = NULL;
1611 }
1612 
1613 static void
ktest_empty_external_principal_identifier(krb5_external_principal_identifier * p)1614 ktest_empty_external_principal_identifier(
1615     krb5_external_principal_identifier *p)
1616 {
1617     ktest_empty_data(&p->subjectName);
1618     ktest_empty_data(&p->issuerAndSerialNumber);
1619     ktest_empty_data(&p->subjectKeyIdentifier);
1620 }
1621 
1622 void
ktest_empty_pa_pk_as_req(krb5_pa_pk_as_req * p)1623 ktest_empty_pa_pk_as_req(krb5_pa_pk_as_req *p)
1624 {
1625     krb5_external_principal_identifier **pi;
1626 
1627     ktest_empty_data(&p->signedAuthPack);
1628     for (pi = p->trustedCertifiers; *pi != NULL; pi++) {
1629         ktest_empty_external_principal_identifier(*pi);
1630         free(*pi);
1631     }
1632     free(p->trustedCertifiers);
1633     p->trustedCertifiers = NULL;
1634     ktest_empty_data(&p->kdcPkId);
1635 }
1636 
1637 static void
ktest_empty_dh_rep_info(krb5_dh_rep_info * p)1638 ktest_empty_dh_rep_info(krb5_dh_rep_info *p)
1639 {
1640     ktest_empty_data(&p->dhSignedData);
1641     ktest_empty_data(&p->serverDHNonce);
1642     ktest_destroy_data(&p->kdfID);
1643 }
1644 
1645 void
ktest_empty_pa_pk_as_rep(krb5_pa_pk_as_rep * p)1646 ktest_empty_pa_pk_as_rep(krb5_pa_pk_as_rep *p)
1647 {
1648     if (p->choice == choice_pa_pk_as_rep_dhInfo)
1649         ktest_empty_dh_rep_info(&p->u.dh_Info);
1650     else if (p->choice == choice_pa_pk_as_rep_encKeyPack)
1651         ktest_empty_data(&p->u.encKeyPack);
1652     p->choice = choice_pa_pk_as_rep_UNKNOWN;
1653 }
1654 
1655 void
ktest_empty_auth_pack(krb5_auth_pack * p)1656 ktest_empty_auth_pack(krb5_auth_pack *p)
1657 {
1658     krb5_algorithm_identifier **ai;
1659     krb5_data **d;
1660 
1661     ktest_empty_pk_authenticator(&p->pkAuthenticator);
1662     ktest_empty_data(&p->clientPublicValue);
1663     if (p->supportedCMSTypes != NULL) {
1664         for (ai = p->supportedCMSTypes; *ai != NULL; ai++) {
1665             ktest_empty_algorithm_identifier(*ai);
1666             free(*ai);
1667         }
1668         free(p->supportedCMSTypes);
1669         p->supportedCMSTypes = NULL;
1670     }
1671     ktest_empty_data(&p->clientDHNonce);
1672     if (p->supportedKDFs != NULL) {
1673         for (d = p->supportedKDFs; *d != NULL; d++) {
1674             ktest_empty_data(*d);
1675             free(*d);
1676         }
1677         free(p->supportedKDFs);
1678         p->supportedKDFs = NULL;
1679     }
1680 }
1681 
1682 void
ktest_empty_kdc_dh_key_info(krb5_kdc_dh_key_info * p)1683 ktest_empty_kdc_dh_key_info(krb5_kdc_dh_key_info *p)
1684 {
1685     ktest_empty_data(&p->subjectPublicKey);
1686 }
1687 
1688 void
ktest_empty_reply_key_pack(krb5_reply_key_pack * p)1689 ktest_empty_reply_key_pack(krb5_reply_key_pack *p)
1690 {
1691     ktest_empty_keyblock(&p->replyKey);
1692     ktest_empty_checksum(&p->asChecksum);
1693 }
1694 
ktest_empty_sp80056a_other_info(krb5_sp80056a_other_info * p)1695 void ktest_empty_sp80056a_other_info(krb5_sp80056a_other_info *p)
1696 {
1697     ktest_empty_algorithm_identifier(&p->algorithm_identifier);
1698     ktest_destroy_principal(&p->party_u_info);
1699     ktest_destroy_principal(&p->party_v_info);
1700     ktest_empty_data(&p->supp_pub_info);
1701 }
1702 
ktest_empty_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info * p)1703 void ktest_empty_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info *p)
1704 {
1705     ktest_empty_data(&p->as_req);
1706     ktest_empty_data(&p->pk_as_rep);
1707 }
1708 
1709 #endif /* not DISABLE_PKINIT */
1710 
1711 #ifdef ENABLE_LDAP
1712 void
ktest_empty_ldap_seqof_key_data(krb5_context ctx,ldap_seqof_key_data * p)1713 ktest_empty_ldap_seqof_key_data(krb5_context ctx, ldap_seqof_key_data *p)
1714 {
1715     int i;
1716 
1717     for (i = 0; i < p->n_key_data; i++) {
1718         free(p->key_data[i].key_data_contents[0]);
1719         free(p->key_data[i].key_data_contents[1]);
1720     }
1721     free(p->key_data);
1722 }
1723 #endif
1724 
1725 void
ktest_empty_kkdcp_message(krb5_kkdcp_message * p)1726 ktest_empty_kkdcp_message(krb5_kkdcp_message *p)
1727 {
1728     ktest_empty_data(&p->kerb_message);
1729     ktest_empty_data(&p->target_domain);
1730     p->dclocator_hint = -1;
1731 }
1732 
1733 static void
destroy_verifier_mac(krb5_verifier_mac ** vmac)1734 destroy_verifier_mac(krb5_verifier_mac **vmac)
1735 {
1736     if (*vmac == NULL)
1737         return;
1738     ktest_destroy_principal(&(*vmac)->princ);
1739     ktest_empty_checksum(&(*vmac)->checksum);
1740     free(*vmac);
1741     *vmac = NULL;
1742 }
1743 
1744 void
ktest_empty_cammac(krb5_cammac * p)1745 ktest_empty_cammac(krb5_cammac *p)
1746 {
1747     krb5_verifier_mac **vmacp;
1748 
1749     ktest_destroy_authorization_data(&p->elements);
1750     destroy_verifier_mac(&p->kdc_verifier);
1751     destroy_verifier_mac(&p->svc_verifier);
1752     for (vmacp = p->other_verifiers; vmacp != NULL && *vmacp != NULL; vmacp++)
1753         destroy_verifier_mac(vmacp);
1754     free(p->other_verifiers);
1755     p->other_verifiers = NULL;
1756 }
1757 
1758 void
ktest_empty_secure_cookie(krb5_secure_cookie * p)1759 ktest_empty_secure_cookie(krb5_secure_cookie *p)
1760 {
1761     ktest_empty_pa_data_array(p->data);
1762 }
1763 
1764 void
ktest_empty_spake_factor(krb5_spake_factor * p)1765 ktest_empty_spake_factor(krb5_spake_factor *p)
1766 {
1767     krb5_free_data(NULL, p->data);
1768     p->data = NULL;
1769 }
1770 
1771 void
ktest_empty_pa_spake(krb5_pa_spake * p)1772 ktest_empty_pa_spake(krb5_pa_spake *p)
1773 {
1774     krb5_spake_factor **f;
1775 
1776     switch (p->choice) {
1777     case SPAKE_MSGTYPE_SUPPORT:
1778         free(p->u.support.groups);
1779         break;
1780     case SPAKE_MSGTYPE_CHALLENGE:
1781         ktest_empty_data(&p->u.challenge.pubkey);
1782         for (f = p->u.challenge.factors; *f != NULL; f++) {
1783             ktest_empty_spake_factor(*f);
1784             free(*f);
1785         }
1786         free(p->u.challenge.factors);
1787         break;
1788     case SPAKE_MSGTYPE_RESPONSE:
1789         ktest_empty_data(&p->u.response.pubkey);
1790         ktest_destroy_enc_data(&p->u.response.factor);
1791         break;
1792     case SPAKE_MSGTYPE_ENCDATA:
1793         ktest_destroy_enc_data(&p->u.encdata);
1794         break;
1795     default:
1796         break;
1797     }
1798     p->choice = SPAKE_MSGTYPE_UNKNOWN;
1799 }
1800