xref: /freebsd/crypto/krb5/src/tests/gssapi/t_export_cred.c (revision b670c9bafc0e31c7609969bf374b2e80bdc00211) 
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /*
3  * Copyright 2011 by the Massachusetts Institute of Technology.
4  * All Rights Reserved.
5  *
6  * Export of this software from the United States of America may
7  *   require a specific license from the United States Government.
8  *   It is the responsibility of any person or organization contemplating
9  *   export to obtain such a license before exporting.
10  *
11  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
12  * distribute this software and its documentation for any purpose and
13  * without fee is hereby granted, provided that the above copyright
14  * notice appear in all copies and that both that copyright notice and
15  * this permission notice appear in supporting documentation, and that
16  * the name of M.I.T. not be used in advertising or publicity pertaining
17  * to distribution of the software without specific, written prior
18  * permission.  Furthermore if you modify this software you must label
19  * your software as modified software and not distribute it in such a
20  * fashion that it might be confused with the original M.I.T. software.
21  * M.I.T. makes no representations about the suitability of
22  * this software for any purpose.  It is provided "as is" without express
23  * or implied warranty.
24  */
25 
26 #include <stdio.h>
27 #include <stdlib.h>
28 
29 #include "common.h"
30 
31 /* Display a usage error message and exit. */
32 static void
33 usage(void)
34 {
35     fprintf(stderr, "Usage: t_export_cred [-k|-s] [-i initiatorname] "
36             "[-a acceptorname] targetname\n");
37     exit(1);
38 }
39 
40 int
41 main(int argc, char *argv[])
42 {
43     OM_uint32 major, minor, flags;
44     gss_name_t initiator_name = GSS_C_NO_NAME, acceptor_name = GSS_C_NO_NAME;
45     gss_name_t target_name;
46     gss_cred_id_t initiator_cred, acceptor_cred, delegated_cred;
47     gss_ctx_id_t initiator_context = GSS_C_NO_CONTEXT;
48     gss_ctx_id_t acceptor_context = GSS_C_NO_CONTEXT;
49     gss_OID mech = GSS_C_NO_OID;
50     gss_OID_set mechs = GSS_C_NO_OID_SET;
51     char optchar;
52 
53     /* Parse arguments. */
54     argv++;
55     while (*argv != NULL && **argv == '-') {
56         optchar = (*argv)[1];
57         argv++;
58         if (optchar == 'i') {
59             if (*argv == NULL)
60                 usage();
61             initiator_name = import_name(*argv++);
62         } else if (optchar == 'a') {
63             if (*argv == NULL)
64                 usage();
65             acceptor_name = import_name(*argv++);
66         } else if (optchar == 'k') {
67             mech = &mech_krb5;
68             mechs = &mechset_krb5;
69         } else if (optchar == 's') {
70             mech = &mech_spnego;
71             mechs = &mechset_spnego;
72         } else {
73             usage();
74         }
75     }
76     if (*argv == NULL || *(argv + 1) != NULL)
77         usage();
78     target_name = import_name(argv[0]);
79 
80     /* Get initiator cred and export/import it. */
81     major = gss_acquire_cred(&minor, initiator_name, GSS_C_INDEFINITE, mechs,
82                              GSS_C_INITIATE, &initiator_cred, NULL, NULL);
83     check_gsserr("gss_acquire_cred(initiator)", major, minor);
84     export_import_cred(&initiator_cred);
85 
86     /* Get acceptor cred and export/import it. */
87     major = gss_acquire_cred(&minor, acceptor_name, GSS_C_INDEFINITE, mechs,
88                              GSS_C_ACCEPT, &acceptor_cred, NULL, NULL);
89     check_gsserr("gss_acquire_cred(acceptor)", major, minor);
90     export_import_cred(&acceptor_cred);
91 
92     /* Initiate and accept a security context (one-token exchange only),
93      * delegating credentials. */
94     flags = GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG | GSS_C_CONF_FLAG |
95         GSS_C_INTEG_FLAG | GSS_C_DELEG_FLAG;
96     establish_contexts(mech, initiator_cred, acceptor_cred, target_name, flags,
97                        &initiator_context, &acceptor_context, NULL, NULL,
98                        &delegated_cred);
99 
100     /* Import, release, export, and store delegated creds */
101     export_import_cred(&delegated_cred);
102     major = gss_store_cred(&minor, delegated_cred, GSS_C_INITIATE,
103                            GSS_C_NULL_OID, 1, 1, NULL, NULL);
104     check_gsserr("gss_store_cred", major, minor);
105 
106     (void)gss_release_name(&minor, &initiator_name);
107     (void)gss_release_name(&minor, &acceptor_name);
108     (void)gss_release_name(&minor, &target_name);
109     (void)gss_release_cred(&minor, &initiator_cred);
110     (void)gss_release_cred(&minor, &acceptor_cred);
111     (void)gss_release_cred(&minor, &delegated_cred);
112     (void)gss_delete_sec_context(&minor, &initiator_context, NULL);
113     (void)gss_delete_sec_context(&minor, &acceptor_context, NULL);
114     return 0;
115 }
116