1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /*
3 * COPYRIGHT (c) 2006
4 * The Regents of the University of Michigan
5 * ALL RIGHTS RESERVED
6 *
7 * Permission is granted to use, copy, create derivative works
8 * and redistribute this software and such derivative works
9 * for any purpose, so long as the name of The University of
10 * Michigan is not used in any advertising or publicity
11 * pertaining to the use of distribution of this software
12 * without specific, written prior authorization. If the
13 * above copyright notice or any other identification of the
14 * University of Michigan is included in any copy of any
15 * portion of this software, then the disclaimer below must
16 * also be included.
17 *
18 * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
19 * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
20 * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
21 * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
22 * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
24 * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
25 * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
26 * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
27 * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
28 * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGES.
30 */
31
32 /*
33 * Create a key given random data. It is assumed that random_key has
34 * already been initialized and random_key->contents have been allocated
35 * with the correct length.
36 */
37 #include "crypto_int.h"
38
39 krb5_error_code KRB5_CALLCONV
krb5_c_random_to_key(krb5_context context,krb5_enctype enctype,krb5_data * random_data,krb5_keyblock * random_key)40 krb5_c_random_to_key(krb5_context context, krb5_enctype enctype,
41 krb5_data *random_data, krb5_keyblock *random_key)
42 {
43 krb5_error_code ret;
44 const struct krb5_keytypes *ktp;
45
46 if (random_data == NULL || random_key == NULL ||
47 random_key->contents == NULL)
48 return EINVAL;
49
50 ktp = find_enctype(enctype);
51 if (ktp == NULL)
52 return KRB5_BAD_ENCTYPE;
53
54 if (random_key->length != ktp->enc->keylength)
55 return KRB5_BAD_KEYSIZE;
56
57 ret = ktp->rand2key(random_data, random_key);
58 if (ret)
59 zap(random_key->contents, random_key->length);
60
61 return ret;
62 }
63
64 krb5_error_code
k5_rand2key_direct(const krb5_data * randombits,krb5_keyblock * keyblock)65 k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock)
66 {
67 if (randombits->length != keyblock->length)
68 return KRB5_CRYPTO_INTERNAL;
69
70 keyblock->magic = KV5M_KEYBLOCK;
71 memcpy(keyblock->contents, randombits->data, randombits->length);
72 return 0;
73 }
74
75 static inline void
eighth_byte(unsigned char * b)76 eighth_byte(unsigned char *b)
77 {
78 b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) |
79 ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) |
80 ((b[6] & 1) << 7));
81 }
82
83 krb5_error_code
k5_rand2key_des3(const krb5_data * randombits,krb5_keyblock * keyblock)84 k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock)
85 {
86 int i;
87
88 if (randombits->length != 21)
89 return KRB5_CRYPTO_INTERNAL;
90
91 keyblock->magic = KV5M_KEYBLOCK;
92
93 /* Take the seven bytes, move them around into the top 7 bits of the
94 * 8 key bytes, then compute the parity bits. Do this three times. */
95 for (i = 0; i < 3; i++) {
96 memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7);
97 eighth_byte(&keyblock->contents[i * 8]);
98 k5_des_fixup_key_parity(&keyblock->contents[i * 8]);
99 }
100 return 0;
101 }
102