1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 4*7c478bd9Sstevel@tonic-gate */ 5*7c478bd9Sstevel@tonic-gate 6*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 7*7c478bd9Sstevel@tonic-gate 8*7c478bd9Sstevel@tonic-gate /* 9*7c478bd9Sstevel@tonic-gate * Copyright (C) 1998 by the FundsXpress, INC. 10*7c478bd9Sstevel@tonic-gate * 11*7c478bd9Sstevel@tonic-gate * All rights reserved. 12*7c478bd9Sstevel@tonic-gate * 13*7c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may require 14*7c478bd9Sstevel@tonic-gate * a specific license from the United States Government. It is the 15*7c478bd9Sstevel@tonic-gate * responsibility of any person or organization contemplating export to 16*7c478bd9Sstevel@tonic-gate * obtain such a license before exporting. 17*7c478bd9Sstevel@tonic-gate * 18*7c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 19*7c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 20*7c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 21*7c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 22*7c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 23*7c478bd9Sstevel@tonic-gate * the name of FundsXpress. not be used in advertising or publicity pertaining 24*7c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 25*7c478bd9Sstevel@tonic-gate * permission. FundsXpress makes no representations about the suitability of 26*7c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 27*7c478bd9Sstevel@tonic-gate * or implied warranty. 28*7c478bd9Sstevel@tonic-gate * 29*7c478bd9Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 30*7c478bd9Sstevel@tonic-gate * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 31*7c478bd9Sstevel@tonic-gate * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 32*7c478bd9Sstevel@tonic-gate */ 33*7c478bd9Sstevel@tonic-gate 34*7c478bd9Sstevel@tonic-gate #include <k5-int.h> 35*7c478bd9Sstevel@tonic-gate #include <etypes.h> 36*7c478bd9Sstevel@tonic-gate 37*7c478bd9Sstevel@tonic-gate KRB5_DLLIMP krb5_error_code KRB5_CALLCONV 38*7c478bd9Sstevel@tonic-gate krb5_c_make_random_key(context, enctype, random_key) 39*7c478bd9Sstevel@tonic-gate krb5_context context; 40*7c478bd9Sstevel@tonic-gate krb5_enctype enctype; 41*7c478bd9Sstevel@tonic-gate krb5_keyblock *random_key; 42*7c478bd9Sstevel@tonic-gate { 43*7c478bd9Sstevel@tonic-gate int i; 44*7c478bd9Sstevel@tonic-gate krb5_error_code ret; 45*7c478bd9Sstevel@tonic-gate const struct krb5_enc_provider *enc; 46*7c478bd9Sstevel@tonic-gate size_t keybytes, keylength; 47*7c478bd9Sstevel@tonic-gate krb5_data random; 48*7c478bd9Sstevel@tonic-gate unsigned char *bytes; 49*7c478bd9Sstevel@tonic-gate 50*7c478bd9Sstevel@tonic-gate for (i=0; i<krb5_enctypes_length; i++) { 51*7c478bd9Sstevel@tonic-gate if (krb5_enctypes_list[i].etype == enctype) 52*7c478bd9Sstevel@tonic-gate break; 53*7c478bd9Sstevel@tonic-gate } 54*7c478bd9Sstevel@tonic-gate 55*7c478bd9Sstevel@tonic-gate if (i == krb5_enctypes_length) 56*7c478bd9Sstevel@tonic-gate return(KRB5_BAD_ENCTYPE); 57*7c478bd9Sstevel@tonic-gate 58*7c478bd9Sstevel@tonic-gate enc = krb5_enctypes_list[i].enc; 59*7c478bd9Sstevel@tonic-gate 60*7c478bd9Sstevel@tonic-gate (*(enc->keysize))(&keybytes, &keylength); 61*7c478bd9Sstevel@tonic-gate 62*7c478bd9Sstevel@tonic-gate if ((bytes = (unsigned char *) malloc(keybytes)) == NULL) 63*7c478bd9Sstevel@tonic-gate return(ENOMEM); 64*7c478bd9Sstevel@tonic-gate if ((random_key->contents = (krb5_octet *) malloc(keylength)) == NULL) { 65*7c478bd9Sstevel@tonic-gate free(bytes); 66*7c478bd9Sstevel@tonic-gate return(ENOMEM); 67*7c478bd9Sstevel@tonic-gate } 68*7c478bd9Sstevel@tonic-gate 69*7c478bd9Sstevel@tonic-gate random.data = (char *) bytes; 70*7c478bd9Sstevel@tonic-gate random.length = keybytes; 71*7c478bd9Sstevel@tonic-gate 72*7c478bd9Sstevel@tonic-gate if ((ret = krb5_c_random_make_octets(context, &random))) 73*7c478bd9Sstevel@tonic-gate goto cleanup; 74*7c478bd9Sstevel@tonic-gate 75*7c478bd9Sstevel@tonic-gate random_key->magic = KV5M_KEYBLOCK; 76*7c478bd9Sstevel@tonic-gate random_key->enctype = enctype; 77*7c478bd9Sstevel@tonic-gate random_key->length = keylength; 78*7c478bd9Sstevel@tonic-gate random_key->dk_list = NULL; 79*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL 80*7c478bd9Sstevel@tonic-gate random_key->kef_key = NULL; 81*7c478bd9Sstevel@tonic-gate #else 82*7c478bd9Sstevel@tonic-gate random_key->hKey = CK_INVALID_HANDLE; 83*7c478bd9Sstevel@tonic-gate #endif 84*7c478bd9Sstevel@tonic-gate 85*7c478bd9Sstevel@tonic-gate ret = ((*(enc->make_key))(context, &random, random_key)); 86*7c478bd9Sstevel@tonic-gate 87*7c478bd9Sstevel@tonic-gate cleanup: 88*7c478bd9Sstevel@tonic-gate memset(bytes, 0, keybytes); 89*7c478bd9Sstevel@tonic-gate free(bytes); 90*7c478bd9Sstevel@tonic-gate 91*7c478bd9Sstevel@tonic-gate if (ret) { 92*7c478bd9Sstevel@tonic-gate memset(random_key->contents, 0, keylength); 93*7c478bd9Sstevel@tonic-gate free(random_key->contents); 94*7c478bd9Sstevel@tonic-gate random_key->contents = NULL; 95*7c478bd9Sstevel@tonic-gate } 96*7c478bd9Sstevel@tonic-gate 97*7c478bd9Sstevel@tonic-gate return(ret); 98*7c478bd9Sstevel@tonic-gate } 99