Implement RFC 3961 PRF

Add krb5_c_prf, a function that implements the RFC 3961 PRF.


As part of this change, the krb5_init_keyblock and krb5 free routines
move to libk5crypto.  Public stubs remain in libkrb5, but the actual
implementation is an internal interface in libk5crypto

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17219 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 40 insertions, 0 deletions

diff --git a/src/include/ChangeLog b/src/include/ChangeLog
index 60ee43c878..f8bf8f334c 100644
--- a/src/include/ChangeLog
+++ b/src/include/ChangeLog
@@ -1,3 +1,7 @@
+2005-05-19  Sam Hartman  <hartmans@mit.edu>
+
+	* k5-int.h (krb5int_c_ free_keyblock init_keyblock free_keyblock_contents):  new
+
 2005-05-13  Ken Raeburn  <raeburn@mit.edu>
 
 	* configure.in: Deleted, content merged into ../configure.in.
@@ -6,6 +10,12 @@
 	($(srcdir)/krb5/autoconf.stmp): Use $(thisconfigdir) when
 	locating configure.in and autom4te.cache.
 
+2005-05-06  Sam Hartman  <hartmans@mit.edu>
+
+	
+	* krb5.hin: Add krb5_c_prf_length
+
+
 2005-04-28  Ken Raeburn  <raeburn@mit.edu>
 
 	* k5-int.h: Include fcntl.h only if HAVE_FCNTL_H is defined.
@@ -106,6 +116,7 @@
 	(k5_debug_make_loc): Change "lineno" to type int.
 	(k5_debug_make_loc): Likewise for argument "line".
 
+
 2005-01-04  Jeffrey Altman <jaltman@mit.edu>
 
         * krb5.hin: add prototype for krb5_is_thread_safe
@@ -124,11 +135,18 @@
 
 	* krb5.hin: Flag krb5_principal2salt as KRB5_CALLCONV_WRONG.
 
+
 2004-12-08  Ken Raeburn  <raeburn@mit.edu>
 
 	* k5-int.h (KRB5INT_ACCESS_STRUCT_VERSION): Bump to 9.
 	(struct _krb5int_access): Add function pointer field use_dns_kdc.
 
+2004-12-07  Sam Hartman  <hartmans@mit.edu>
+
+	* k5-int.h: Add prf_length to the keytype function
+
+	* krb5.hin: Add krb5_c_prf
+
 2004-12-06  Ken Raeburn  <raeburn@mit.edu>
 
 	* k5-thread.h [DEBUG_THREADS_STATS]: Include string.h and
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 5c62c14767..03a416a213 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -609,16 +609,23 @@ typedef krb5_error_code (*krb5_crypt_func) (const struct krb5_enc_provider *enc,
 typedef krb5_error_code (*krb5_str2key_func) (const struct krb5_enc_provider *enc, const krb5_data *string,
   const krb5_data *salt, const krb5_data *parm, krb5_keyblock *key);
 
+typedef krb5_error_code (*krb5_prf_func)(
+					 const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash,
+					 const krb5_keyblock *key,
+					 krb5_data *in, krb5_data *out);
+
 struct krb5_keytypes {
     krb5_enctype etype;
     char *in_string;
     char *out_string;
     const struct krb5_enc_provider *enc;
     const struct krb5_hash_provider *hash;
+  size_t prf_length;
     krb5_encrypt_length_func encrypt_len;
     krb5_crypt_func encrypt;
     krb5_crypt_func decrypt;
     krb5_str2key_func str2key;
+  krb5_prf_func prf;
     krb5_cksumtype required_ctype;
 };
 
@@ -707,6 +714,14 @@ krb5_error_code krb5int_c_combine_keys
 (krb5_context context, krb5_keyblock *key1, krb5_keyblock *key2,
 		krb5_keyblock *outkey);
 
+void  krb5int_c_free_keyblock
+(krb5_context, krb5_keyblock *key);
+void  krb5int_c_free_keyblock_contents
+	(krb5_context, krb5_keyblock *);
+krb5_error_code   krb5int_c_init_keyblock
+		(krb5_context, krb5_enctype enctype,
+		size_t length, krb5_keyblock **out); 
+
 /*
  * Internal - for cleanup.
  */
diff --git a/src/include/krb5.hin b/src/include/krb5.hin
index 230295d018..ff17139614 100644
--- a/src/include/krb5.hin
+++ b/src/include/krb5.hin
@@ -437,6 +437,13 @@ krb5_error_code KRB5_CALLCONV
 (krb5_context context, const krb5_keyblock *key, krb5_data *state);
 
 krb5_error_code KRB5_CALLCONV
+    krb5_c_prf (krb5_context, const krb5_keyblock *,
+		krb5_data *in, krb5_data *out);
+
+krb5_error_code KRB5_CALLCONV
+    krb5_c_prf_length (krb5_context, krb5_enctype, size_t *outlen);
+
+krb5_error_code KRB5_CALLCONV
     krb5_c_make_random_key
     (krb5_context context, krb5_enctype enctype,
 		    krb5_keyblock *k5_random_key);