28 enum sss_authtok_type sss_authtok_get_type(struct sss_auth_token *tok)
30     return tok->type;
33 size_t sss_authtok_get_size(struct sss_auth_token *tok)
35     if (!tok) {
38     switch (tok->type) {
44         return tok->length;
52 uint8_t *sss_authtok_get_data(struct sss_auth_token *tok)
54     if (!tok) {
57     return tok->data;
60 errno_t sss_authtok_get_password(struct sss_auth_token *tok,
63     if (!tok) {
66     switch (tok->type) {
70         *pwd = (const char *)tok->data;
72             *len = tok->length - 1;
85 errno_t sss_authtok_get_ccfile(struct sss_auth_token *tok,
88     if (!tok) {
91     switch (tok->type) {
95         *ccfile = (const char *)tok->data;
97             *len = tok->length - 1;
110 static errno_t sss_authtok_set_string(struct sss_auth_token *tok,
130     tok->data = talloc_named(tok, size, "%s", context_name);
131     if (!tok->data) {
134     memcpy(tok->data, str, len);
135     tok->data[len] = '\0';
136     tok->type = type;
137     tok->length = size;
143 void sss_authtok_set_empty(struct sss_auth_token *tok)
145     if (!tok) {
148     switch (tok->type) {
154         safezero(tok->data, tok->length);
161     tok->type = SSS_AUTHTOK_TYPE_EMPTY;
162     talloc_zfree(tok->data);
163     tok->length = 0;
166 errno_t sss_authtok_set_password(struct sss_auth_token *tok,
169     sss_authtok_set_empty(tok);
171     return sss_authtok_set_string(tok, SSS_AUTHTOK_TYPE_PASSWORD,
175 errno_t sss_authtok_set_ccfile(struct sss_auth_token *tok,
178     sss_authtok_set_empty(tok);
180     return sss_authtok_set_string(tok, SSS_AUTHTOK_TYPE_CCFILE,
184 static errno_t sss_authtok_set_2fa_from_blob(struct sss_auth_token *tok,
187 errno_t sss_authtok_set(struct sss_auth_token *tok,
193         return sss_authtok_set_password(tok, (const char *)data, len);
195         return sss_authtok_set_ccfile(tok, (const char *)data, len);
197         return sss_authtok_set_2fa_from_blob(tok, data, len);
199         return sss_authtok_set_sc_from_blob(tok, data, len);
201         return sss_authtok_set_sc_from_blob(tok, data, len);
203         sss_authtok_set_empty(tok);
245 void sss_authtok_wipe_password(struct sss_auth_token *tok)
247     if (!tok || tok->type != SSS_AUTHTOK_TYPE_PASSWORD) {
251     safezero(tok->data, tok->length);
306 static errno_t sss_authtok_set_2fa_from_blob(struct sss_auth_token *tok,
330     ret = sss_authtok_set_2fa(tok, fa1, fa1_len, fa2, fa2_len);
341         sss_authtok_set_empty(tok);
347 errno_t sss_authtok_get_2fa(struct sss_auth_token *tok,
354     if (tok->type != SSS_AUTHTOK_TYPE_2FA) {
355         return (tok->type == SSS_AUTHTOK_TYPE_EMPTY) ? ENOENT : EACCES;
358     if (tok->length < 2 * sizeof(uint32_t)) {
364     SAFEALIGN_COPY_UINT32(&tmp_uint32_t, tok->data, &c);
366     SAFEALIGN_COPY_UINT32(&tmp_uint32_t, tok->data + c, &c);
370             || tok->length != 2 * sizeof(uint32_t) + *fa1_len + *fa2_len + 2) {
375     if (tok->data[c + *fa1_len] != '\0'
376             || tok->data[c + *fa1_len + 1 + *fa2_len] != '\0') {
381     *fa1 = (const char *) tok->data + c;
382     *fa2 = (const char *) tok->data + c + *fa1_len + 1;
387 errno_t sss_authtok_set_2fa(struct sss_auth_token *tok,
394     if (tok == NULL) {
398     sss_authtok_set_empty(tok);
408     tok->data = talloc_size(tok, needed_size);
409     if (tok->data == NULL) {
414     ret = sss_auth_pack_2fa_blob(fa1, fa1_len, fa2, fa2_len, tok->data,
417         talloc_free(tok->data);
421     tok->length = needed_size;
422     tok->type = SSS_AUTHTOK_TYPE_2FA;
427 errno_t sss_authtok_set_sc(struct sss_auth_token *tok,
443     sss_authtok_set_empty(tok);
454     tok->data = talloc_size(tok, needed_size);
455     if (tok->data == NULL) {
462                                 key_id, key_id_len, tok->data,
466         talloc_free(tok->data);
470     tok->length = needed_size;
471     tok->type = type;
476 errno_t sss_authtok_set_sc_from_blob(struct sss_auth_token *tok,
491     if (tok == NULL) {
514     ret = sss_authtok_set_sc(tok, SSS_AUTHTOK_TYPE_SC_PIN, pin, pin_len,
525 errno_t sss_authtok_set_sc_pin(struct sss_auth_token *tok, const char *pin,
528     if (tok == NULL) {
535     return sss_authtok_set_sc(tok, SSS_AUTHTOK_TYPE_SC_PIN, pin, len,
539 errno_t sss_authtok_get_sc_pin(struct sss_auth_token *tok, const char **_pin,
546     if (!tok) {
549     switch (tok->type) {
553         ret = sss_authtok_get_sc(tok, &pin, &pin_len,
575 void sss_authtok_set_sc_keypad(struct sss_auth_token *tok)
577     if (tok == NULL) {
581     sss_authtok_set_empty(tok);
583     tok->type = SSS_AUTHTOK_TYPE_SC_KEYPAD;
702 errno_t sss_authtok_get_sc(struct sss_auth_token *tok,
715     if (!tok) {
719     if (tok->type != SSS_AUTHTOK_TYPE_SC_PIN
720             && tok->type != SSS_AUTHTOK_TYPE_SC_KEYPAD) {
721         return (tok->type == SSS_AUTHTOK_TYPE_EMPTY) ? ENOENT : EACCES;
724     if (tok->length < 4 * sizeof(uint32_t)) {
729     SAFEALIGN_COPY_UINT32(&tmp_uint32_t, tok->data, &c);
731     SAFEALIGN_COPY_UINT32(&tmp_uint32_t, tok->data + c, &c);
733     SAFEALIGN_COPY_UINT32(&tmp_uint32_t, tok->data + c, &c);
735     SAFEALIGN_COPY_UINT32(&tmp_uint32_t, tok->data + c, &c);
738     if (tok->length != 4 * sizeof(uint32_t) +  4 + pin_len + token_name_len
745         *_pin = (const char *) tok->data + c;
752         *_token_name = (const char *) tok->data + c + pin_len + 1;
759         *_module_name = (const char *) tok->data + c + pin_len + 1
767         *_key_id = (const char *) tok->data + c + pin_len + 1

Indexes created Tue Jul 24 14:28:13 CEST 2018