diff options
| author | Chris Provenzano <proven@mit.edu> | 1995-07-27 08:44:02 +0000 |
|---|---|---|
| committer | Chris Provenzano <proven@mit.edu> | 1995-07-27 08:44:02 +0000 |
| commit | 4f0debdb553c49e68b36ee4e0ece3d2f32e4ae03 (patch) | |
| tree | 30f4ad36ba60acb37c882e626cf3316fb817691b /src/lib/kdb/encrypt_key.c | |
| parent | 9492970827609efce31ce4ce5bd4f0535ff97e53 (diff) | |
| download | krb5-4f0debdb553c49e68b36ee4e0ece3d2f32e4ae03.tar.gz krb5-4f0debdb553c49e68b36ee4e0ece3d2f32e4ae03.tar.xz krb5-4f0debdb553c49e68b36ee4e0ece3d2f32e4ae03.zip | |
* decrypt_key.c, encrypt_key.c, kdb_dbm.c, kdb_xdr.c:
Rewritten for new kdb format.
* kdb_cpw.c : New password changing routines for new kdb format.
* verify_mky.c, t_kdb.c : Use new kdb format.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6328 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/kdb/encrypt_key.c')
| -rw-r--r-- | src/lib/kdb/encrypt_key.c | 99 |
1 files changed, 58 insertions, 41 deletions
diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c index 277983e345..272280a009 100644 --- a/src/lib/kdb/encrypt_key.c +++ b/src/lib/kdb/encrypt_key.c @@ -33,57 +33,74 @@ */ krb5_error_code -krb5_kdb_encrypt_key(context, eblock, in, out) - krb5_context context; - krb5_encrypt_block *eblock; - const krb5_keyblock *in; - register krb5_encrypted_keyblock *out; +krb5_dbekd_encrypt_key_data(context, eblock, keyblock, keysalt, keyver,key_data) + krb5_context context; + krb5_encrypt_block * eblock; + const krb5_keyblock * keyblock; + const krb5_keysalt * keysalt; + int keyver; + krb5_key_data * key_data; { - /* Encrypted rep has the real (unencrypted) key length stored - along with the encrypted key. The length is stored as a 4 - byte integer, MSB first. */ + krb5_error_code retval; + krb5_keyblock tmp; + krb5_octet * ptr; + krb5_int16 len; + int i; - krb5_error_code retval; - krb5_keyblock tmpin; - unsigned int length; + for (i = 0; i < key_data->key_data_ver; i++) + if (key_data->key_data_contents[i]) + krb5_xfree(key_data->key_data_contents[i]); - out->keytype = in->keytype; - out->length = krb5_encrypt_size(in->length, eblock->crypto_entry); + key_data->key_data_ver = 1; + key_data->key_data_kvno = keyver; - /* because of checksum space requirements imposed by the encryption - interface, we need to copy the input key into a larger area. */ - tmpin.length = in->length; - tmpin.contents = (krb5_octet *)malloc(out->length); - if (!tmpin.contents) { - out->length = 0; + /* + * The First element of the type/length/contents + * fields is the key type/length/contents + */ + key_data->key_data_type[0] = keyblock->keytype; + key_data->key_data_length[0] = krb5_encrypt_size(keyblock->length, + eblock->crypto_entry) + 2; + + /* + * because of checksum space requirements imposed by the encryption + * interface, we need to copy the input key into a larger area. + */ + tmp.contents = (krb5_octet *)malloc(key_data->key_data_length[0] - 2); + len = tmp.length = keyblock->length; + if (tmp.contents == NULL) return ENOMEM; - } - memcpy((char *)tmpin.contents, (const char *)in->contents, tmpin.length); - out->length += sizeof(out->length); - out->contents = (krb5_octet *)malloc(out->length); - if (!out->contents) { - krb5_xfree(tmpin.contents); - out->contents = 0; - out->length = 0; + memcpy((char *)tmp.contents, (const char *)keyblock->contents, tmp.length); + key_data->key_data_contents[0] = ptr = (krb5_octet *)malloc( + key_data->key_data_length[0] - 2); + if (key_data->key_data_contents[0] == NULL) { + krb5_xfree(tmp.contents); return ENOMEM; } - length = tmpin.length; - ((char *)out->contents)[0] = length >> 24; - ((char *)out->contents)[1] = length >> 16; - ((char *)out->contents)[2] = length >> 8; - ((char *)out->contents)[3] = length; - - retval = krb5_encrypt(context, (krb5_pointer) tmpin.contents, - (krb5_pointer) ((char *) out->contents + 4), - tmpin.length, eblock, 0); - krb5_xfree(tmpin.contents); - if (retval) { - krb5_xfree(out->contents); - out->contents = 0; - out->length = 0; + *ptr++ = len & 0xff; + *ptr++ = (len >> 8) & 0xff; + if (retval = krb5_encrypt(context, (krb5_pointer) tmp.contents, + (krb5_pointer)(ptr), tmp.length, eblock, 0)) { + krb5_xfree(key_data->key_data_contents[0]); + krb5_xfree(tmp.contents); + return retval; } + krb5_xfree(tmp.contents); + + /* After key comes the salt in necessary */ + if (keysalt) { + key_data->key_data_contents[1] = + (krb5_octet *)malloc(keysalt->data.length); + if (key_data->key_data_contents[1] == NULL) { + krb5_xfree(key_data->key_data_contents[0]); + return ENOMEM; + } + key_data->key_data_length[1] = keysalt->data.length; + key_data->key_data_type[1] = keysalt->type; + key_data->key_data_ver++; + } return retval; } |