17c478bd9Sstevel@tonic-gate /* 2*159d09a2SMark Phalan * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 37c478bd9Sstevel@tonic-gate * Use is subject to license terms. 47c478bd9Sstevel@tonic-gate */ 57c478bd9Sstevel@tonic-gate 67c478bd9Sstevel@tonic-gate /* 77c478bd9Sstevel@tonic-gate * Copyright (C) 1998 by the FundsXpress, INC. 87c478bd9Sstevel@tonic-gate * 97c478bd9Sstevel@tonic-gate * All rights reserved. 107c478bd9Sstevel@tonic-gate * 117c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may require 127c478bd9Sstevel@tonic-gate * a specific license from the United States Government. It is the 137c478bd9Sstevel@tonic-gate * responsibility of any person or organization contemplating export to 147c478bd9Sstevel@tonic-gate * obtain such a license before exporting. 157c478bd9Sstevel@tonic-gate * 167c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 177c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 187c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 197c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 207c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 217c478bd9Sstevel@tonic-gate * the name of FundsXpress. not be used in advertising or publicity pertaining 227c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 237c478bd9Sstevel@tonic-gate * permission. FundsXpress makes no representations about the suitability of 247c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 257c478bd9Sstevel@tonic-gate * or implied warranty. 267c478bd9Sstevel@tonic-gate * 277c478bd9Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 287c478bd9Sstevel@tonic-gate * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 297c478bd9Sstevel@tonic-gate * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 307c478bd9Sstevel@tonic-gate */ 317c478bd9Sstevel@tonic-gate 32*159d09a2SMark Phalan #include "k5-int.h" 33*159d09a2SMark Phalan #include "etypes.h" 347c478bd9Sstevel@tonic-gate 357c478bd9Sstevel@tonic-gate krb5_error_code KRB5_CALLCONV 36505d05c7Sgtb krb5_c_string_to_key_with_params(krb5_context context, 37505d05c7Sgtb krb5_enctype enctype, 38505d05c7Sgtb const krb5_data *string, 39505d05c7Sgtb const krb5_data *salt, 40505d05c7Sgtb const krb5_data *params, 41505d05c7Sgtb krb5_keyblock *key); 42505d05c7Sgtb 43505d05c7Sgtb /*ARGSUSED*/ 44505d05c7Sgtb krb5_error_code KRB5_CALLCONV 45505d05c7Sgtb krb5_c_string_to_key(krb5_context context, krb5_enctype enctype, 46505d05c7Sgtb const krb5_data *string, const krb5_data *salt, 47505d05c7Sgtb krb5_keyblock *key) 48505d05c7Sgtb { 49505d05c7Sgtb return krb5_c_string_to_key_with_params(context, enctype, string, salt, 50505d05c7Sgtb NULL, key); 51505d05c7Sgtb } 52505d05c7Sgtb 53505d05c7Sgtb krb5_error_code KRB5_CALLCONV 54505d05c7Sgtb krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, 55505d05c7Sgtb const krb5_data *string, 56505d05c7Sgtb const krb5_data *salt, 57505d05c7Sgtb const krb5_data *params, krb5_keyblock *key) 587c478bd9Sstevel@tonic-gate { 597c478bd9Sstevel@tonic-gate int i; 607c478bd9Sstevel@tonic-gate krb5_error_code ret; 617c478bd9Sstevel@tonic-gate const struct krb5_enc_provider *enc; 627c478bd9Sstevel@tonic-gate size_t keybytes, keylength; 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate for (i=0; i<krb5_enctypes_length; i++) { 657c478bd9Sstevel@tonic-gate if (krb5_enctypes_list[i].etype == enctype) 667c478bd9Sstevel@tonic-gate break; 677c478bd9Sstevel@tonic-gate } 687c478bd9Sstevel@tonic-gate 697c478bd9Sstevel@tonic-gate if (i == krb5_enctypes_length) 707c478bd9Sstevel@tonic-gate return(KRB5_BAD_ENCTYPE); 717c478bd9Sstevel@tonic-gate 727c478bd9Sstevel@tonic-gate enc = krb5_enctypes_list[i].enc; 73505d05c7Sgtb /* xxx AFS string2key function is indicated by a special length in 74505d05c7Sgtb * the salt in much of the code. However only the DES enctypes can 75505d05c7Sgtb * deal with this. Using s2kparams would be a much better solution.*/ 76505d05c7Sgtb if (salt && salt->length == SALT_TYPE_AFS_LENGTH) { 77505d05c7Sgtb switch (enctype) { 78505d05c7Sgtb case ENCTYPE_DES_CBC_CRC: 79505d05c7Sgtb case ENCTYPE_DES_CBC_MD4: 80505d05c7Sgtb case ENCTYPE_DES_CBC_MD5: 81505d05c7Sgtb break; 82505d05c7Sgtb default: 83505d05c7Sgtb return (KRB5_CRYPTO_INTERNAL); 84505d05c7Sgtb } 85505d05c7Sgtb } 867c478bd9Sstevel@tonic-gate 87505d05c7Sgtb keybytes = enc->keybytes; 88505d05c7Sgtb keylength = enc->keylength; 897c478bd9Sstevel@tonic-gate 907c478bd9Sstevel@tonic-gate if ((key->contents = (krb5_octet *) malloc(keylength)) == NULL) 917c478bd9Sstevel@tonic-gate return(ENOMEM); 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate key->magic = KV5M_KEYBLOCK; 947c478bd9Sstevel@tonic-gate key->enctype = enctype; 957c478bd9Sstevel@tonic-gate key->length = keylength; 96*159d09a2SMark Phalan /* Solaris Kerberos */ 977c478bd9Sstevel@tonic-gate key->dk_list = NULL; 987c478bd9Sstevel@tonic-gate key->hKey = CK_INVALID_HANDLE; 997c478bd9Sstevel@tonic-gate 100*159d09a2SMark Phalan /* Solaris Kerberos */ 1017c478bd9Sstevel@tonic-gate ret = (*krb5_enctypes_list[i].str2key)(context, enc, string, salt, 1027c478bd9Sstevel@tonic-gate params, key); 1037c478bd9Sstevel@tonic-gate if (ret) { 1047c478bd9Sstevel@tonic-gate memset(key->contents, 0, keylength); 1057c478bd9Sstevel@tonic-gate free(key->contents); 106*159d09a2SMark Phalan /* Solaris Kerberos */ 1077c478bd9Sstevel@tonic-gate key->contents = NULL; 1087c478bd9Sstevel@tonic-gate } 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate return(ret); 1117c478bd9Sstevel@tonic-gate } 112