1 /* 2 * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "krb5_locl.h" 35 36 /** 37 * Zero out a keyblock 38 * 39 * @param keyblock keyblock to zero out 40 * 41 * @ingroup krb5_crypto 42 */ 43 44 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 45 krb5_keyblock_zero(krb5_keyblock *keyblock) 46 { 47 keyblock->keytype = 0; 48 krb5_data_zero(&keyblock->keyvalue); 49 } 50 51 /** 52 * Free a keyblock's content, also zero out the content of the keyblock. 53 * 54 * @param context a Kerberos 5 context 55 * @param keyblock keyblock content to free, NULL is valid argument 56 * 57 * @ingroup krb5_crypto 58 */ 59 60 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 61 krb5_free_keyblock_contents(krb5_context context, 62 krb5_keyblock *keyblock) 63 { 64 if(keyblock) { 65 if (keyblock->keyvalue.data != NULL) 66 memset(keyblock->keyvalue.data, 0, keyblock->keyvalue.length); 67 krb5_data_free (&keyblock->keyvalue); 68 keyblock->keytype = ENCTYPE_NULL; 69 } 70 } 71 72 /** 73 * Free a keyblock, also zero out the content of the keyblock, uses 74 * krb5_free_keyblock_contents() to free the content. 75 * 76 * @param context a Kerberos 5 context 77 * @param keyblock keyblock to free, NULL is valid argument 78 * 79 * @ingroup krb5_crypto 80 */ 81 82 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 83 krb5_free_keyblock(krb5_context context, 84 krb5_keyblock *keyblock) 85 { 86 if(keyblock){ 87 krb5_free_keyblock_contents(context, keyblock); 88 free(keyblock); 89 } 90 } 91 92 /** 93 * Copy a keyblock, free the output keyblock with 94 * krb5_free_keyblock_contents(). 95 * 96 * @param context a Kerberos 5 context 97 * @param inblock the key to copy 98 * @param to the output key. 99 * 100 * @return 0 on success or a Kerberos 5 error code 101 * 102 * @ingroup krb5_crypto 103 */ 104 105 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 106 krb5_copy_keyblock_contents (krb5_context context, 107 const krb5_keyblock *inblock, 108 krb5_keyblock *to) 109 { 110 return copy_EncryptionKey(inblock, to); 111 } 112 113 /** 114 * Copy a keyblock, free the output keyblock with 115 * krb5_free_keyblock(). 116 * 117 * @param context a Kerberos 5 context 118 * @param inblock the key to copy 119 * @param to the output key. 120 * 121 * @return 0 on success or a Kerberos 5 error code 122 * 123 * @ingroup krb5_crypto 124 */ 125 126 127 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 128 krb5_copy_keyblock (krb5_context context, 129 const krb5_keyblock *inblock, 130 krb5_keyblock **to) 131 { 132 krb5_error_code ret; 133 krb5_keyblock *k; 134 135 *to = NULL; 136 137 k = calloc (1, sizeof(*k)); 138 if (k == NULL) { 139 krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); 140 return ENOMEM; 141 } 142 143 ret = krb5_copy_keyblock_contents (context, inblock, k); 144 if (ret) { 145 free(k); 146 return ret; 147 } 148 *to = k; 149 return 0; 150 } 151 152 /** 153 * Get encryption type of a keyblock. 154 * 155 * @ingroup krb5_crypto 156 */ 157 158 KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 159 krb5_keyblock_get_enctype(const krb5_keyblock *block) 160 { 161 return block->keytype; 162 } 163 164 /** 165 * Fill in `key' with key data of type `enctype' from `data' of length 166 * `size'. Key should be freed using krb5_free_keyblock_contents(). 167 * 168 * @return 0 on success or a Kerberos 5 error code 169 * 170 * @ingroup krb5_crypto 171 */ 172 173 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 174 krb5_keyblock_init(krb5_context context, 175 krb5_enctype type, 176 const void *data, 177 size_t size, 178 krb5_keyblock *key) 179 { 180 krb5_error_code ret; 181 size_t len; 182 183 memset(key, 0, sizeof(*key)); 184 185 ret = krb5_enctype_keysize(context, type, &len); 186 if (ret) 187 return ret; 188 189 if (len != size) { 190 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, 191 "Encryption key %d is %lu bytes " 192 "long, %lu was passed in", 193 type, (unsigned long)len, (unsigned long)size); 194 return KRB5_PROG_ETYPE_NOSUPP; 195 } 196 ret = krb5_data_copy(&key->keyvalue, data, len); 197 if(ret) { 198 krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); 199 return ret; 200 } 201 key->keytype = type; 202 203 return 0; 204 } 205