#define KRB_KEYTYPE(key) ((key)->enctype)
+enum gss_eap_token_type {
+ TOK_TYPE_NONE = 0x0000, /* no token */
+ TOK_TYPE_MIC = 0x0404, /* RFC 4121 MIC token */
+ TOK_TYPE_WRAP = 0x0504, /* RFC 4121 wrap token */
+ TOK_TYPE_EXPORT_NAME = 0x0401, /* RFC 2743 exported name */
+ TOK_TYPE_EXPORT_NAME_COMPOSITE = 0x0402, /* draft-ietf-kitten-gss-naming */
+ TOK_TYPE_DELETE_CONTEXT = 0x0405, /* RFC 2743 delete context */
+ TOK_TYPE_EAP_RESP = 0x0601, /* draft-howlett-eap-gss */
+ TOK_TYPE_EAP_REQ = 0x0602, /* draft-howlett-eap-gss */
+ TOK_TYPE_GSS_CHANNEL_BINDINGS = 0x0603, /* draft-howlett-eap-gss */
+};
+
int
gssEapSign(krb5_context context,
krb5_cksumtype type,
OM_uint32 gssEapAllocContext(OM_uint32 *minor, gss_ctx_id_t *pCtx);
OM_uint32 gssEapReleaseContext(OM_uint32 *minor, gss_ctx_id_t *pCtx);
+OM_uint32
+gssEapMakeToken(OM_uint32 *minor,
+ gss_ctx_id_t ctx,
+ const gss_buffer_t innerToken,
+ enum gss_eap_token_type tokenType,
+ gss_buffer_t outputToken);
+
+OM_uint32
+gssEapVerifyToken(OM_uint32 *minor,
+ gss_ctx_id_t ctx,
+ const gss_buffer_t inputToken,
+ enum gss_eap_token_type tokenType,
+ gss_buffer_t innerInputToken);
+
/* util_cred.c */
OM_uint32 gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred);
OM_uint32 gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred);
int do_replay, int do_sequence, int wide_nums);
/* util_token.c */
-enum gss_eap_token_type {
- TOK_TYPE_NONE = 0x0000, /* no token */
- TOK_TYPE_MIC = 0x0404, /* RFC 4121 MIC token */
- TOK_TYPE_WRAP = 0x0504, /* RFC 4121 wrap token */
- TOK_TYPE_EXPORT_NAME = 0x0401, /* RFC 2743 exported name */
- TOK_TYPE_EXPORT_NAME_COMPOSITE = 0x0402, /* draft-ietf-kitten-gss-naming */
- TOK_TYPE_DELETE_CONTEXT = 0x0405, /* RFC 2743 delete context */
- TOK_TYPE_EAP_RESP = 0x0601, /* draft-howlett-eap-gss */
- TOK_TYPE_EAP_REQ = 0x0602, /* draft-howlett-eap-gss */
- TOK_TYPE_GSS_CHANNEL_BINDINGS = 0x0603, /* draft-howlett-eap-gss */
-};
-
size_t
tokenSize(const gss_OID_desc *mech, size_t body_size);