1b528cefcSMark Murray /*
2*ae771770SStanislav Sedov * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
3b528cefcSMark Murray * (Royal Institute of Technology, Stockholm, Sweden).
4b528cefcSMark Murray * All rights reserved.
5b528cefcSMark Murray *
6b528cefcSMark Murray * Redistribution and use in source and binary forms, with or without
7b528cefcSMark Murray * modification, are permitted provided that the following conditions
8b528cefcSMark Murray * are met:
9b528cefcSMark Murray *
10b528cefcSMark Murray * 1. Redistributions of source code must retain the above copyright
11b528cefcSMark Murray * notice, this list of conditions and the following disclaimer.
12b528cefcSMark Murray *
13b528cefcSMark Murray * 2. Redistributions in binary form must reproduce the above copyright
14b528cefcSMark Murray * notice, this list of conditions and the following disclaimer in the
15b528cefcSMark Murray * documentation and/or other materials provided with the distribution.
16b528cefcSMark Murray *
17b528cefcSMark Murray * 3. Neither the name of the Institute nor the names of its contributors
18b528cefcSMark Murray * may be used to endorse or promote products derived from this software
19b528cefcSMark Murray * without specific prior written permission.
20b528cefcSMark Murray *
21b528cefcSMark Murray * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22b528cefcSMark Murray * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23b528cefcSMark Murray * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24b528cefcSMark Murray * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25b528cefcSMark Murray * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26b528cefcSMark Murray * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27b528cefcSMark Murray * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28b528cefcSMark Murray * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29b528cefcSMark Murray * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30b528cefcSMark Murray * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31b528cefcSMark Murray * SUCH DAMAGE.
32b528cefcSMark Murray */
33b528cefcSMark Murray
34b528cefcSMark Murray #include "krb5_locl.h"
35b528cefcSMark Murray
36*ae771770SStanislav Sedov /**
37*ae771770SStanislav Sedov * Zero out a keyblock
38*ae771770SStanislav Sedov *
39*ae771770SStanislav Sedov * @param keyblock keyblock to zero out
40*ae771770SStanislav Sedov *
41*ae771770SStanislav Sedov * @ingroup krb5_crypto
42*ae771770SStanislav Sedov */
435e9cd1aeSAssar Westerlund
44*ae771770SStanislav Sedov KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_keyblock_zero(krb5_keyblock * keyblock)45c19800e8SDoug Rabson krb5_keyblock_zero(krb5_keyblock *keyblock)
46c19800e8SDoug Rabson {
47c19800e8SDoug Rabson keyblock->keytype = 0;
48c19800e8SDoug Rabson krb5_data_zero(&keyblock->keyvalue);
49c19800e8SDoug Rabson }
50c19800e8SDoug Rabson
51*ae771770SStanislav Sedov /**
52*ae771770SStanislav Sedov * Free a keyblock's content, also zero out the content of the keyblock.
53*ae771770SStanislav Sedov *
54*ae771770SStanislav Sedov * @param context a Kerberos 5 context
55*ae771770SStanislav Sedov * @param keyblock keyblock content to free, NULL is valid argument
56*ae771770SStanislav Sedov *
57*ae771770SStanislav Sedov * @ingroup krb5_crypto
58*ae771770SStanislav Sedov */
59*ae771770SStanislav Sedov
60*ae771770SStanislav Sedov KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_free_keyblock_contents(krb5_context context,krb5_keyblock * keyblock)61b528cefcSMark Murray krb5_free_keyblock_contents(krb5_context context,
62b528cefcSMark Murray krb5_keyblock *keyblock)
63b528cefcSMark Murray {
64b528cefcSMark Murray if(keyblock) {
65b528cefcSMark Murray if (keyblock->keyvalue.data != NULL)
66b528cefcSMark Murray memset(keyblock->keyvalue.data, 0, keyblock->keyvalue.length);
67b528cefcSMark Murray krb5_data_free (&keyblock->keyvalue);
68c19800e8SDoug Rabson keyblock->keytype = ENCTYPE_NULL;
69b528cefcSMark Murray }
70b528cefcSMark Murray }
71b528cefcSMark Murray
72*ae771770SStanislav Sedov /**
73*ae771770SStanislav Sedov * Free a keyblock, also zero out the content of the keyblock, uses
74*ae771770SStanislav Sedov * krb5_free_keyblock_contents() to free the content.
75*ae771770SStanislav Sedov *
76*ae771770SStanislav Sedov * @param context a Kerberos 5 context
77*ae771770SStanislav Sedov * @param keyblock keyblock to free, NULL is valid argument
78*ae771770SStanislav Sedov *
79*ae771770SStanislav Sedov * @ingroup krb5_crypto
80*ae771770SStanislav Sedov */
81*ae771770SStanislav Sedov
82*ae771770SStanislav Sedov KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_free_keyblock(krb5_context context,krb5_keyblock * keyblock)83b528cefcSMark Murray krb5_free_keyblock(krb5_context context,
84b528cefcSMark Murray krb5_keyblock *keyblock)
85b528cefcSMark Murray {
86b528cefcSMark Murray if(keyblock){
87b528cefcSMark Murray krb5_free_keyblock_contents(context, keyblock);
88b528cefcSMark Murray free(keyblock);
89b528cefcSMark Murray }
90b528cefcSMark Murray }
91b528cefcSMark Murray
92*ae771770SStanislav Sedov /**
93*ae771770SStanislav Sedov * Copy a keyblock, free the output keyblock with
94*ae771770SStanislav Sedov * krb5_free_keyblock_contents().
95*ae771770SStanislav Sedov *
96*ae771770SStanislav Sedov * @param context a Kerberos 5 context
97*ae771770SStanislav Sedov * @param inblock the key to copy
98*ae771770SStanislav Sedov * @param to the output key.
99*ae771770SStanislav Sedov *
100*ae771770SStanislav Sedov * @return 0 on success or a Kerberos 5 error code
101*ae771770SStanislav Sedov *
102*ae771770SStanislav Sedov * @ingroup krb5_crypto
103*ae771770SStanislav Sedov */
104*ae771770SStanislav Sedov
105*ae771770SStanislav Sedov KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_copy_keyblock_contents(krb5_context context,const krb5_keyblock * inblock,krb5_keyblock * to)106b528cefcSMark Murray krb5_copy_keyblock_contents (krb5_context context,
107b528cefcSMark Murray const krb5_keyblock *inblock,
108b528cefcSMark Murray krb5_keyblock *to)
109b528cefcSMark Murray {
110b528cefcSMark Murray return copy_EncryptionKey(inblock, to);
111b528cefcSMark Murray }
112b528cefcSMark Murray
113*ae771770SStanislav Sedov /**
114*ae771770SStanislav Sedov * Copy a keyblock, free the output keyblock with
115*ae771770SStanislav Sedov * krb5_free_keyblock().
116*ae771770SStanislav Sedov *
117*ae771770SStanislav Sedov * @param context a Kerberos 5 context
118*ae771770SStanislav Sedov * @param inblock the key to copy
119*ae771770SStanislav Sedov * @param to the output key.
120*ae771770SStanislav Sedov *
121*ae771770SStanislav Sedov * @return 0 on success or a Kerberos 5 error code
122*ae771770SStanislav Sedov *
123*ae771770SStanislav Sedov * @ingroup krb5_crypto
124*ae771770SStanislav Sedov */
125*ae771770SStanislav Sedov
126*ae771770SStanislav Sedov
127*ae771770SStanislav Sedov KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_copy_keyblock(krb5_context context,const krb5_keyblock * inblock,krb5_keyblock ** to)128b528cefcSMark Murray krb5_copy_keyblock (krb5_context context,
129b528cefcSMark Murray const krb5_keyblock *inblock,
130b528cefcSMark Murray krb5_keyblock **to)
131b528cefcSMark Murray {
132*ae771770SStanislav Sedov krb5_error_code ret;
133b528cefcSMark Murray krb5_keyblock *k;
134b528cefcSMark Murray
135*ae771770SStanislav Sedov *to = NULL;
136*ae771770SStanislav Sedov
137*ae771770SStanislav Sedov k = calloc (1, sizeof(*k));
138adb0ddaeSAssar Westerlund if (k == NULL) {
139*ae771770SStanislav Sedov krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
140b528cefcSMark Murray return ENOMEM;
141adb0ddaeSAssar Westerlund }
142*ae771770SStanislav Sedov
143*ae771770SStanislav Sedov ret = krb5_copy_keyblock_contents (context, inblock, k);
144*ae771770SStanislav Sedov if (ret) {
145*ae771770SStanislav Sedov free(k);
146*ae771770SStanislav Sedov return ret;
147*ae771770SStanislav Sedov }
148b528cefcSMark Murray *to = k;
149*ae771770SStanislav Sedov return 0;
150b528cefcSMark Murray }
151c19800e8SDoug Rabson
152*ae771770SStanislav Sedov /**
153*ae771770SStanislav Sedov * Get encryption type of a keyblock.
154*ae771770SStanislav Sedov *
155*ae771770SStanislav Sedov * @ingroup krb5_crypto
156*ae771770SStanislav Sedov */
157*ae771770SStanislav Sedov
158*ae771770SStanislav Sedov KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL
krb5_keyblock_get_enctype(const krb5_keyblock * block)159c19800e8SDoug Rabson krb5_keyblock_get_enctype(const krb5_keyblock *block)
160c19800e8SDoug Rabson {
161c19800e8SDoug Rabson return block->keytype;
162c19800e8SDoug Rabson }
163c19800e8SDoug Rabson
164*ae771770SStanislav Sedov /**
165c19800e8SDoug Rabson * Fill in `key' with key data of type `enctype' from `data' of length
166*ae771770SStanislav Sedov * `size'. Key should be freed using krb5_free_keyblock_contents().
167*ae771770SStanislav Sedov *
168*ae771770SStanislav Sedov * @return 0 on success or a Kerberos 5 error code
169*ae771770SStanislav Sedov *
170*ae771770SStanislav Sedov * @ingroup krb5_crypto
171c19800e8SDoug Rabson */
172c19800e8SDoug Rabson
173*ae771770SStanislav Sedov KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_keyblock_init(krb5_context context,krb5_enctype type,const void * data,size_t size,krb5_keyblock * key)174c19800e8SDoug Rabson krb5_keyblock_init(krb5_context context,
175c19800e8SDoug Rabson krb5_enctype type,
176c19800e8SDoug Rabson const void *data,
177c19800e8SDoug Rabson size_t size,
178c19800e8SDoug Rabson krb5_keyblock *key)
179c19800e8SDoug Rabson {
180c19800e8SDoug Rabson krb5_error_code ret;
181c19800e8SDoug Rabson size_t len;
182c19800e8SDoug Rabson
183c19800e8SDoug Rabson memset(key, 0, sizeof(*key));
184c19800e8SDoug Rabson
185c19800e8SDoug Rabson ret = krb5_enctype_keysize(context, type, &len);
186c19800e8SDoug Rabson if (ret)
187c19800e8SDoug Rabson return ret;
188c19800e8SDoug Rabson
189c19800e8SDoug Rabson if (len != size) {
190*ae771770SStanislav Sedov krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
191*ae771770SStanislav Sedov "Encryption key %d is %lu bytes "
192c19800e8SDoug Rabson "long, %lu was passed in",
193c19800e8SDoug Rabson type, (unsigned long)len, (unsigned long)size);
194c19800e8SDoug Rabson return KRB5_PROG_ETYPE_NOSUPP;
195c19800e8SDoug Rabson }
196c19800e8SDoug Rabson ret = krb5_data_copy(&key->keyvalue, data, len);
197c19800e8SDoug Rabson if(ret) {
198*ae771770SStanislav Sedov krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
199c19800e8SDoug Rabson return ret;
200c19800e8SDoug Rabson }
201c19800e8SDoug Rabson key->keytype = type;
202c19800e8SDoug Rabson
203c19800e8SDoug Rabson return 0;
204c19800e8SDoug Rabson }
205