xref: /titanic_52/usr/src/lib/gss_mechs/mech_krb5/crypto/string_to_key.c (revision 159d09a20817016f09b3ea28d1bdada4a336bb91) 
1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 /*
7  * Copyright (C) 1998 by the FundsXpress, INC.
8  *
9  * All rights reserved.
10  *
11  * Export of this software from the United States of America may require
12  * a specific license from the United States Government.  It is the
13  * responsibility of any person or organization contemplating export to
14  * obtain such a license before exporting.
15  *
16  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
17  * distribute this software and its documentation for any purpose and
18  * without fee is hereby granted, provided that the above copyright
19  * notice appear in all copies and that both that copyright notice and
20  * this permission notice appear in supporting documentation, and that
21  * the name of FundsXpress. not be used in advertising or publicity pertaining
22  * to distribution of the software without specific, written prior
23  * permission.  FundsXpress makes no representations about the suitability of
24  * this software for any purpose.  It is provided "as is" without express
25  * or implied warranty.
26  *
27  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
28  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
29  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
30  */
31 
32 #include "k5-int.h"
33 #include "etypes.h"
34 
35 krb5_error_code KRB5_CALLCONV
36 krb5_c_string_to_key_with_params(krb5_context context,
37 				 krb5_enctype enctype,
38 				 const krb5_data *string,
39 				 const krb5_data *salt,
40 				 const krb5_data *params,
41 				 krb5_keyblock *key);
42 
43 /*ARGSUSED*/
44 krb5_error_code KRB5_CALLCONV
45 krb5_c_string_to_key(krb5_context context, krb5_enctype enctype,
46 		     const krb5_data *string, const krb5_data *salt,
47 		     krb5_keyblock *key)
48 {
49     return krb5_c_string_to_key_with_params(context, enctype, string, salt,
50 					    NULL, key);
51 }
52 
53 krb5_error_code KRB5_CALLCONV
54 krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype,
55 				 const krb5_data *string,
56 				 const krb5_data *salt,
57 				 const krb5_data *params, krb5_keyblock *key)
58 {
59     int i;
60     krb5_error_code ret;
61     const struct krb5_enc_provider *enc;
62     size_t keybytes, keylength;
63 
64     for (i=0; i<krb5_enctypes_length; i++) {
65 	if (krb5_enctypes_list[i].etype == enctype)
66 	    break;
67     }
68 
69     if (i == krb5_enctypes_length)
70 	return(KRB5_BAD_ENCTYPE);
71 
72     enc = krb5_enctypes_list[i].enc;
73 /* xxx AFS string2key function is indicated by a special length  in
74  * the salt in much of the code.  However only the DES enctypes can
75  * deal with this.  Using s2kparams would be a much better solution.*/
76     if (salt && salt->length == SALT_TYPE_AFS_LENGTH) {
77 	switch (enctype) {
78 	case ENCTYPE_DES_CBC_CRC:
79 	case ENCTYPE_DES_CBC_MD4:
80 	case ENCTYPE_DES_CBC_MD5:
81 	    break;
82 	default:
83 	    return (KRB5_CRYPTO_INTERNAL);
84 	}
85     }
86 
87     keybytes = enc->keybytes;
88     keylength = enc->keylength;
89 
90     if ((key->contents = (krb5_octet *) malloc(keylength)) == NULL)
91 	return(ENOMEM);
92 
93     key->magic = KV5M_KEYBLOCK;
94     key->enctype = enctype;
95     key->length = keylength;
96     /* Solaris Kerberos */
97     key->dk_list = NULL;
98     key->hKey = CK_INVALID_HANDLE;
99 
100     /* Solaris Kerberos */
101     ret = (*krb5_enctypes_list[i].str2key)(context, enc, string, salt,
102 			params, key);
103     if (ret) {
104 	memset(key->contents, 0, keylength);
105 	free(key->contents);
106         /* Solaris Kerberos */
107 	key->contents = NULL;
108     }
109 
110     return(ret);
111 }
112