17c478bd9Sstevel@tonic-gate /* 27c64d375Smp153739 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 37c478bd9Sstevel@tonic-gate * Use is subject to license terms. 47c478bd9Sstevel@tonic-gate */ 57c478bd9Sstevel@tonic-gate 67c478bd9Sstevel@tonic-gate 77c478bd9Sstevel@tonic-gate /* 87c478bd9Sstevel@tonic-gate * Copyright (C) 1998 by the FundsXpress, INC. 97c478bd9Sstevel@tonic-gate * 107c478bd9Sstevel@tonic-gate * All rights reserved. 117c478bd9Sstevel@tonic-gate * 127c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may require 137c478bd9Sstevel@tonic-gate * a specific license from the United States Government. It is the 147c478bd9Sstevel@tonic-gate * responsibility of any person or organization contemplating export to 157c478bd9Sstevel@tonic-gate * obtain such a license before exporting. 167c478bd9Sstevel@tonic-gate * 177c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 187c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 197c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 207c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 217c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 227c478bd9Sstevel@tonic-gate * the name of FundsXpress. not be used in advertising or publicity pertaining 237c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 247c478bd9Sstevel@tonic-gate * permission. FundsXpress makes no representations about the suitability of 257c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 267c478bd9Sstevel@tonic-gate * or implied warranty. 277c478bd9Sstevel@tonic-gate * 287c478bd9Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 297c478bd9Sstevel@tonic-gate * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 307c478bd9Sstevel@tonic-gate * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 317c478bd9Sstevel@tonic-gate */ 327c478bd9Sstevel@tonic-gate 33*159d09a2SMark Phalan #include "k5-int.h" 34*159d09a2SMark Phalan #include "etypes.h" 357c478bd9Sstevel@tonic-gate 36505d05c7Sgtb krb5_error_code KRB5_CALLCONV 37505d05c7Sgtb krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, 38505d05c7Sgtb krb5_keyblock *random_key) 397c478bd9Sstevel@tonic-gate { 407c478bd9Sstevel@tonic-gate int i; 417c478bd9Sstevel@tonic-gate krb5_error_code ret; 427c478bd9Sstevel@tonic-gate const struct krb5_enc_provider *enc; 437c478bd9Sstevel@tonic-gate size_t keybytes, keylength; 44505d05c7Sgtb krb5_data random_data; 457c478bd9Sstevel@tonic-gate unsigned char *bytes; 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate for (i=0; i<krb5_enctypes_length; i++) { 487c478bd9Sstevel@tonic-gate if (krb5_enctypes_list[i].etype == enctype) 497c478bd9Sstevel@tonic-gate break; 507c478bd9Sstevel@tonic-gate } 517c478bd9Sstevel@tonic-gate 527c64d375Smp153739 /* Solaris Kerberos: Better error message */ 537c64d375Smp153739 if (i == krb5_enctypes_length) { 547c64d375Smp153739 krb5_set_error_message(context, KRB5_BAD_ENCTYPE, 557c64d375Smp153739 "Unknown encryption type: %d", enctype); 567c478bd9Sstevel@tonic-gate return(KRB5_BAD_ENCTYPE); 577c64d375Smp153739 } 587c478bd9Sstevel@tonic-gate 597c478bd9Sstevel@tonic-gate enc = krb5_enctypes_list[i].enc; 607c478bd9Sstevel@tonic-gate 61505d05c7Sgtb keybytes = enc->keybytes; 62505d05c7Sgtb keylength = enc->keylength; 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate if ((bytes = (unsigned char *) malloc(keybytes)) == NULL) 657c478bd9Sstevel@tonic-gate return(ENOMEM); 667c478bd9Sstevel@tonic-gate if ((random_key->contents = (krb5_octet *) malloc(keylength)) == NULL) { 677c478bd9Sstevel@tonic-gate free(bytes); 687c478bd9Sstevel@tonic-gate return(ENOMEM); 697c478bd9Sstevel@tonic-gate } 707c478bd9Sstevel@tonic-gate 71505d05c7Sgtb random_data.data = (char *) bytes; 72505d05c7Sgtb random_data.length = keybytes; 737c478bd9Sstevel@tonic-gate 74505d05c7Sgtb if ((ret = krb5_c_random_make_octets(context, &random_data))) 757c478bd9Sstevel@tonic-gate goto cleanup; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate random_key->magic = KV5M_KEYBLOCK; 787c478bd9Sstevel@tonic-gate random_key->enctype = enctype; 797c478bd9Sstevel@tonic-gate random_key->length = keylength; 80*159d09a2SMark Phalan 81*159d09a2SMark Phalan /* Solaris Kerberos */ 827c478bd9Sstevel@tonic-gate random_key->dk_list = NULL; 837c478bd9Sstevel@tonic-gate #ifdef _KERNEL 847c478bd9Sstevel@tonic-gate random_key->kef_key = NULL; 857c478bd9Sstevel@tonic-gate #else 867c478bd9Sstevel@tonic-gate random_key->hKey = CK_INVALID_HANDLE; 877c478bd9Sstevel@tonic-gate #endif 887c478bd9Sstevel@tonic-gate 89*159d09a2SMark Phalan /* Solaris Kerberos */ 90505d05c7Sgtb ret = ((*(enc->make_key))(context, &random_data, random_key)); 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate cleanup: 937c478bd9Sstevel@tonic-gate memset(bytes, 0, keybytes); 947c478bd9Sstevel@tonic-gate free(bytes); 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate if (ret) { 977c478bd9Sstevel@tonic-gate memset(random_key->contents, 0, keylength); 987c478bd9Sstevel@tonic-gate free(random_key->contents); 99*159d09a2SMark Phalan /* Solaris Kerberos */ 1007c478bd9Sstevel@tonic-gate random_key->contents = NULL; 1017c478bd9Sstevel@tonic-gate } 1027c478bd9Sstevel@tonic-gate 1037c478bd9Sstevel@tonic-gate return(ret); 1047c478bd9Sstevel@tonic-gate } 105