/* * These functions implement the KClient 3.0 API. * See KClient30-API.html. * * $Header: /cvs/kfm/KerberosFramework/KClient/Sources/KClient/KClient.cp,v 1.30 2003/02/26 04:08:54 lxs Exp $ */ #include "KClientSession.h" #include "KClientPrincipal.h" #include "StPointerReturnValue.h" const char kVersionString[] = "KClient 3.0"; // Helper functions for error handling inline bool IsKerberos4Error (OSStatus err) { return (err >= kcFirstKerberosError && err <= kcLastKerberosError); } inline bool IsKClientLoginError (OSStatus err) { return (err >= klFirstError && err <= klLastError); } inline OSStatus RemapProfileError (OSStatus /* err */) { return kcErrInvalidPreferences; } // // KClient API functions // // Most of these call through to their private implementation, and // wrap appropriate exception handling and argument decoding around // the internal API // OSStatus KClientGetVersion ( UInt16* outMajorVersion, UInt16* outMinorVersion, const char** outVersionString) { if (outMajorVersion != NULL) { *outMajorVersion = 3; } if (outMinorVersion != NULL) { *outMinorVersion = 0; } if (outVersionString != NULL) { *outVersionString = kVersionString; } return noErr; } OSStatus KClientNewClientSession ( KClientSession* outSession) { OSStatus err; BeginShieldedTry_ { StKClientSession session (new KClientSessionPriv ()); StRawKClientSession result = outSession; *result = session; err = noErr; } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrBadParam) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientNewServerSession ( KClientSession* outSession, KClientPrincipal inServicePrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientPrincipal service (inServicePrincipal); StKClientSession session (new KClientSessionPriv (service)); StRawKClientSession result = outSession; *result = session; } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrBadParam) || (err == kcErrInvalidPrincipal) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientDisposeSession ( KClientSession inSession) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); KClientSessionPriv& sessionPriv = session; delete &sessionPriv; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidSession)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientGetClientPrincipal ( KClientSession inSession, KClientPrincipal* outPrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StKClientPrincipal principal ( new UPrincipal (session -> GetClientPrincipal ().Clone ())); StRawKClientPrincipal result = outPrincipal; *result = principal; } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrBadParam) || (err == kcErrInvalidSession) || (err == kcErrNoClientPrincipal) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientSetClientPrincipal ( KClientSession inSession, KClientPrincipal inPrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StKClientPrincipal principal (inPrincipal); session -> SetClientPrincipal (principal); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrInvalidPrincipal) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientGetServerPrincipal ( KClientSession inSession, KClientPrincipal* outPrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StKClientPrincipal principal ( new UPrincipal (session -> GetServerPrincipal ().Clone ())); StRawKClientPrincipal result = outPrincipal; *result = principal; } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrBadParam) || (err == kcErrInvalidSession) || (err == kcErrNoServerPrincipal) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientSetServerPrincipal ( KClientSession inSession, KClientPrincipal inPrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StKClientPrincipal principal (inPrincipal); session -> SetServerPrincipal (principal); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrInvalidPrincipal) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientGetLocalAddress ( KClientSession inSession, KClientAddress* outAddress) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawKClientAddress result = outAddress; *result = session -> GetLocalAddress (); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrBadParam) || (err == kcErrInvalidSession) || (err == kcErrNoLocalAddress) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientSetLocalAddress ( KClientSession inSession, const KClientAddress* inAddress) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> SetLocalAddress (*inAddress); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrInvalidAddress) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientGetRemoteAddress ( KClientSession inSession, KClientAddress* outAddress) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawKClientAddress result = outAddress; *result = session -> GetRemoteAddress (); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrBadParam) || (err == kcErrInvalidSession) || (err == kcErrNoLocalAddress) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientSetRemoteAddress ( KClientSession inSession, const KClientAddress* inAddress) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> SetRemoteAddress (*inAddress); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrInvalidAddress) || (err == kcErrNoMemory)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientGetSessionKey ( KClientSession inSession, KClientKey* outKey) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawKClientKey result = outKey; *result = session -> GetSessionKey (); } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoServiceKey) || IsKClientLoginError (err)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientGetExpirationTime ( KClientSession inSession, UInt32* outExpiration) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawUInt32 result = outExpiration; session -> GetExpirationTime (*result); } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNotLoggedIn)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientSetKeyFile ( KClientSession inSession, const KClientFile* inKeyFile) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> SetKeyFile (*inKeyFile); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrInvalidFile) || (err == kcErrBadParam)); return err; } /* Logging in and out (client) */ /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientLogin ( KClientSession inSession) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> Login (); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrNoMemory) || (err == kcErrUserCancelled) || (err == kcErrInvalidPreferences) || IsKClientLoginError (err)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientPasswordLogin ( KClientSession inSession, const char* inPassword) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> Login (inPassword); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrNoMemory) || (err == kcErrIncorrectPassword) || (err == kcErrInvalidPreferences) || IsKClientLoginError (err)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientKeyFileLogin ( KClientSession inSession) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> KeyFileLogin (); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; #warning review the error list AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrNoMemory) || (err == kcErrIncorrectPassword) || (err == kcErrInvalidPreferences) || IsKClientLoginError (err)); return err; } /*---------------------------------------------------------------------------------------------------*/ OSStatus KClientLogout ( KClientSession inSession) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> Logout (); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrNoMemory) || (err == kcErrIncorrectPassword) || IsKClientLoginError (err)); return err; } /* Accessing service keys (server) */ OSStatus KClientGetServiceKey ( KClientSession inSession, UInt32 inVersion, KClientKey* outKey) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawKClientKey keyResult = outKey; *keyResult = session -> GetServiceKey (inVersion); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoMemory) || (err == kcErrKeyFileAccess)); return err; } OSStatus KClientAddServiceKey ( KClientSession inSession, UInt32 inVersion, const KClientKey* inKey) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); session -> AddServiceKey (inVersion, *inKey); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoMemory) || (err == kcErrKeyFileAccess)); return err; } /* Authenticating to a service (client) */ OSStatus KClientGetTicketForService ( KClientSession inSession, UInt32 inChecksum, void* outBuffer, UInt32* ioBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawUInt32 lengthResult = ioBufferLength; StRawBuffer bufferResult = outBuffer; session -> GetTicketForService (inChecksum, *bufferResult, *lengthResult); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrInvalidPreferences) || (err == kcErrNoMemory) || IsKerberos4Error (err) || IsKClientLoginError (err)); return err; } OSStatus KClientGetAuthenticatorForService ( KClientSession inSession, UInt32 inChecksum, const char* inApplicationVersion, void* outBuffer, UInt32* ioBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawUInt32 lengthResult = ioBufferLength; StRawBuffer bufferResult = outBuffer; session -> GetAuthenticatorForService (inChecksum, inApplicationVersion, *bufferResult, *lengthResult); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrInvalidPreferences) || (err == kcErrNoMemory) || IsKerberos4Error (err) || IsKClientLoginError (err)); return err; } OSStatus KClientVerifyEncryptedServiceReply ( KClientSession inSession, const void* inBuffer, UInt32 inBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawConstBuffer buffer = inBuffer; session -> VerifyEncryptedServiceReply (*buffer, inBufferLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } OSStatus KClientVerifyProtectedServiceReply ( KClientSession inSession, const void* inBuffer, UInt32 inBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawConstBuffer buffer = inBuffer; session -> VerifyProtectedServiceReply (*buffer, inBufferLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } /* Authenticating a client (server) */ OSStatus KClientVerifyAuthenticator ( KClientSession inSession, const void* inBuffer, UInt32 inBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawConstBuffer buffer = inBuffer; session -> VerifyAuthenticator (*buffer, inBufferLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; #warning handle bad key file errors AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrNoSessionKey) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } OSStatus KClientGetEncryptedServiceReply ( KClientSession inSession, void* outBuffer, UInt32* ioBufferSize) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawBuffer buffer = outBuffer; StRawUInt32 bufferSize = ioBufferSize; session -> GetEncryptedServiceReply (*buffer, *bufferSize); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrNoSessionKey) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } OSStatus KClientGetProtectedServiceReply ( KClientSession inSession, void* outBuffer, UInt32* ioBufferSize) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawBuffer buffer = outBuffer; StRawUInt32 bufferSize = ioBufferSize; session -> GetProtectedServiceReply (*buffer, *bufferSize); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrNoSessionKey) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } /* Communicating between a server and a client */ OSStatus KClientEncrypt ( KClientSession inSession, const void* inPlainBuffer, UInt32 inPlainBufferLength, void* outEncryptedBuffer, UInt32* ioEncryptedBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawConstBuffer plainBuffer = inPlainBuffer; StRawBuffer encryptedBuffer = outEncryptedBuffer; StRawUInt32 encryptedBufferLength = ioEncryptedBufferLength; session -> Encrypt (*plainBuffer, inPlainBufferLength, *encryptedBuffer, *encryptedBufferLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrNoSessionKey) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } OSStatus KClientDecrypt ( KClientSession inSession, void* inEncryptedBuffer, UInt32 inEncryptedBufferLength, UInt32* outPlainOffset, UInt32* outPlainLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawBuffer encryptedBuffer = inEncryptedBuffer; StRawUInt32 plainOffset = outPlainOffset; StRawUInt32 plainLength = outPlainLength; session -> Decrypt (*encryptedBuffer, inEncryptedBufferLength, *plainOffset, *plainLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoSessionKey) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } OSStatus KClientProtectIntegrity ( KClientSession inSession, const void* inPlainBuffer, UInt32 inPlainBufferLength, void* outProtectedBuffer, UInt32* ioProtectedBufferLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawConstBuffer plainBuffer = inPlainBuffer; StRawBuffer protectedBuffer = outProtectedBuffer; StRawUInt32 protectedBufferLength = ioProtectedBufferLength; session -> ProtectIntegrity (*plainBuffer, inPlainBufferLength, *protectedBuffer, *protectedBufferLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrBufferTooSmall) || (err == kcErrNoSessionKey) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } OSStatus KClientVerifyIntegrity ( KClientSession inSession, void* inProtectedBuffer, UInt32 inProtectedBufferLength, UInt32* outPlainOffset, UInt32* outPlainLength) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); StRawBuffer protectedBuffer = inProtectedBuffer; StRawUInt32 plainOffset = outPlainOffset; StRawUInt32 plainLength = outPlainLength; session -> VerifyIntegrity (*protectedBuffer, inProtectedBufferLength, *plainOffset, *plainLength); } ShieldedCatch_ (std::bad_alloc& e) { err = kcErrNoMemory; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == kcNoError) || (err == kcErrInvalidPreferences) || (err == kcErrInvalidSession) || (err == kcErrBadParam) || (err == kcErrNoSessionKey) || (err == kcErrNoMemory) || IsKerberos4Error (err)); return err; } /* Getting to other APIs */ OSStatus KClientGetCCacheReference ( KClientSession inSession, cc_ccache_t* outCCacheReference) { OSStatus err = noErr; BeginShieldedTry_ { StKClientSession session (inSession); *outCCacheReference = session -> GetCCacheReference ().Release (); } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } EndShieldedTry_; AssertReturnValue_ (err == noErr); return err; } OSStatus KClientGetProfileHandle ( KClientSession inSession, profile_t* outProfileHandle); OSStatus KClientV4StringToPrincipal ( const char* inString, KClientPrincipal* outPrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientPrincipal principal (new UPrincipal (UPrincipal::kerberosV4, inString)); *outPrincipal = principal; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == noErr) || (err == kcErrInvalidPreferences)); return err; } OSStatus KClientPrincipalToV4String ( KClientPrincipal inPrincipal, char* outString) { OSStatus err = noErr; BeginShieldedTry_ { StKClientPrincipal principal (inPrincipal); std::string string = principal -> GetString (UPrincipal::kerberosV4); strcpy (outString, string.c_str ()); } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == noErr) || (err == kcErrInvalidPreferences)); return err; } OSStatus KClientPrincipalToV4Triplet ( KClientPrincipal inPrincipal, char* outName, char* outInstance, char* outRealm) { OSStatus err = noErr; BeginShieldedTry_ { StKClientPrincipal principal (inPrincipal); std::string name; std::string instance; std::string realm; principal -> GetTriplet (UPrincipal::kerberosV4, name, instance, realm); strcpy (outName, name.c_str ()); strcpy (outInstance, instance.c_str ()); strcpy (outRealm, realm.c_str ()); } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == noErr) || (err == kcErrInvalidPreferences)); return err; } OSStatus KClientDisposePrincipal ( KClientPrincipal inPrincipal) { OSStatus err = noErr; BeginShieldedTry_ { StKClientPrincipal principal (inPrincipal); UPrincipal& principalPriv = principal; delete &principalPriv; } ShieldedCatch_ (KClientError& e) { err = e.ErrorCode (); } ShieldedCatch_ (UProfileRuntimeError& e) { err = RemapProfileError (e.Error ()); } EndShieldedTry_; AssertReturnValue_ ((err == noErr) || (err == kcErrInvalidPreferences)); return err; }