diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2001-06-22 03:22:27 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2001-06-22 03:22:27 +0000 |
| commit | a18890a71f0db424b9b4cd99ca313c9bbf71868e (patch) | |
| tree | 8d87eea27832c4fa2ff0c6eb4e7a8a1c2b226102 /src/lib/crypto | |
| parent | 0a953b87f34ef69d8821691b90360669886dd4fb (diff) | |
| download | krb5-a18890a71f0db424b9b4cd99ca313c9bbf71868e.tar.gz krb5-a18890a71f0db424b9b4cd99ca313c9bbf71868e.tar.xz krb5-a18890a71f0db424b9b4cd99ca313c9bbf71868e.zip | |
* derive.c: provide krb5_derive_random, krb5_random2key a la rfc1510bis (not exported for now)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13474 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto')
| -rw-r--r-- | src/lib/crypto/dk/ChangeLog | 3 | ||||
| -rw-r--r-- | src/lib/crypto/dk/derive.c | 103 |
2 files changed, 106 insertions, 0 deletions
diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog index 6ae4da7c1..63cbd02e6 100644 --- a/src/lib/crypto/dk/ChangeLog +++ b/src/lib/crypto/dk/ChangeLog @@ -1,5 +1,8 @@ 2001-06-21 Ken Raeburn <raeburn@mit.edu> + * derive.c: Include etypes.h. + (krb5_derive_random, krb5_random2key): New functions. + * checksum.c (krb5_dk_make_checksum): Cast 0x99 to char explicitly to silence warnings. diff --git a/src/lib/crypto/dk/derive.c b/src/lib/crypto/dk/derive.c index 8129ae8aa..0aabdc4ed 100644 --- a/src/lib/crypto/dk/derive.c +++ b/src/lib/crypto/dk/derive.c @@ -112,3 +112,106 @@ krb5_derive_key(enc, inkey, outkey, in_constant) return(0); } + +krb5_error_code +krb5_derive_random(enc, inkey, outrnd, in_constant) + const struct krb5_enc_provider *enc; + const krb5_keyblock *inkey; + krb5_data *outrnd; + const krb5_data *in_constant; +{ + size_t blocksize, keybytes, keylength, n; + unsigned char *inblockdata, *outblockdata, *rawkey; + krb5_data inblock, outblock; + + (*(enc->block_size))(&blocksize); + (*(enc->keysize))(&keybytes, &keylength); + + if ((inkey->length != keylength) || + (outrnd->length != keybytes)) + return(KRB5_CRYPTO_INTERNAL); + + /* allocate and set up buffers */ + + if ((inblockdata = (unsigned char *) malloc(blocksize)) == NULL) + return(ENOMEM); + + if ((outblockdata = (unsigned char *) malloc(blocksize)) == NULL) { + free(inblockdata); + return(ENOMEM); + } + + if ((rawkey = (unsigned char *) malloc(keybytes)) == NULL) { + free(outblockdata); + free(inblockdata); + return(ENOMEM); + } + + inblock.data = inblockdata; + inblock.length = blocksize; + + outblock.data = outblockdata; + outblock.length = blocksize; + + /* initialize the input block */ + + if (in_constant->length == inblock.length) { + memcpy(inblock.data, in_constant->data, inblock.length); + } else { + krb5_nfold(in_constant->length*8, in_constant->data, + inblock.length*8, inblock.data); + } + + /* loop encrypting the blocks until enough key bytes are generated */ + + n = 0; + while (n < keybytes) { + (*(enc->encrypt))(inkey, 0, &inblock, &outblock); + + if ((keybytes - n) <= outblock.length) { + memcpy(rawkey+n, outblock.data, (keybytes - n)); + break; + } + + memcpy(rawkey+n, outblock.data, outblock.length); + memcpy(inblock.data, outblock.data, outblock.length); + n += outblock.length; + } + + /* postprocess the key */ + + memcpy (outrnd->data, rawkey, keybytes); + + /* clean memory, free resources and exit */ + + memset(inblockdata, 0, blocksize); + memset(outblockdata, 0, blocksize); + memset(rawkey, 0, keybytes); + + free(rawkey); + free(outblockdata); + free(inblockdata); + + return(0); +} + +#include "etypes.h" +void +krb5_random2key (krb5_enctype enctype, krb5_data *inblock, + krb5_keyblock *outkey) +{ + int i; + const struct krb5_enc_provider *enc; + + for (i=0; i<krb5_enctypes_length; i++) { + if (krb5_enctypes_list[i].etype == enctype) + break; + } + + if (i == krb5_enctypes_length) + abort (); + + enc = krb5_enctypes_list[i].enc; + + enc->make_key (inblock, outkey); +} |