48 static struct _krb5_key_data *_new_derived_key(krb5_crypto crypto, unsigned usage);
315 		 krb5_crypto crypto,
323 	ret = _get_derived_key(context, crypto, usage, key);
327 	*key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */);
332 	ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key);
338 	*key = &crypto->key;
348 		 krb5_crypto crypto,
363     if(keyed_checksum && crypto == NULL) {
366 				   "crypto context (key) was passed in", ""),
371 	ret = get_checksum_key(context, crypto, usage, ct, &dkey);
384 arcfour_checksum_p(struct _krb5_checksum_type *ct, krb5_crypto crypto)
387 	(crypto->key.key->keytype == KEYTYPE_ARCFOUR);
392 		     krb5_crypto crypto,
402     /* type 0 -> pick from crypto */
405     } else if (crypto) {
406 	ct = crypto->et->keyed_checksum;
408 	    ct = crypto->et->checksum;
418     if (arcfour_checksum_p(ct, crypto)) {
424     return create_checksum(context, ct, crypto, keyusage,
430 		krb5_crypto crypto,
462 	if (crypto == NULL) {
465 				      "crypto context (key) was passed in", ""),
469 	kct = crypto->et->keyed_checksum;
475 				    ct->name, crypto->et->name);
479 	ret = get_checksum_key(context, crypto, usage, ct, &dkey);
496 				   ct->name, (crypto != NULL)? crypto->et->name : "(none)");
515 			       ct->name, crypto ? crypto->et->name : "(unkeyed)");
525 		     krb5_crypto crypto,
542     if (arcfour_checksum_p(ct, crypto)) {
548     return verify_checksum(context, crypto, keyusage,
554                               krb5_crypto crypto,
559     if (crypto != NULL) {
560         ct = crypto->et->keyed_checksum;
562             ct = crypto->et->checksum;
796 	       krb5_crypto crypto)
798     return (crypto->et->flags & F_DERIVED) != 0;
803 	       krb5_crypto crypto)
805     return (crypto->et->flags & F_SPECIAL) != 0;
813 			 krb5_crypto crypto,
825     const struct _krb5_encryption_type *et = crypto->et;
845 			  crypto,
859     ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
880 		 krb5_crypto crypto,
890     const struct _krb5_encryption_type *et = crypto->et;
911 			  crypto,
925     ret = _key_schedule(context, &crypto->key);
928     ret = (*et->encrypt)(context, &crypto->key, p, block_sz, 1, 0, ivec);
945 			 krb5_crypto crypto,
952     struct _krb5_encryption_type *et = crypto->et;
969     ret = (*et->encrypt)(context, &crypto->key, tmp, sz, TRUE, usage, ivec);
982 			 krb5_crypto crypto,
994     struct _krb5_encryption_type *et = crypto->et;
1019     ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
1040 			  crypto,
1063 		 krb5_crypto crypto,
1073     struct _krb5_encryption_type *et = crypto->et;
1094     ret = _key_schedule(context, &crypto->key);
1099     ret = (*et->encrypt)(context, &crypto->key, p, len, 0, 0, ivec);
1131 			 krb5_crypto crypto,
1138     struct _krb5_encryption_type *et = crypto->et;
1162     ret = (*et->encrypt)(context, &crypto->key, p, len, FALSE, usage, ivec);
1193  * @param crypto Kerberos crypto context
1215 		      krb5_crypto crypto,
1228     const struct _krb5_encryption_type *et = crypto->et;
1236     if(!derived_crypto(context, crypto)) {
1312 			  crypto,
1348     ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
1389  * @param crypto Kerberos crypto context
1408 		      krb5_crypto crypto,
1420     struct _krb5_encryption_type *et = crypto->et;
1423     if(!derived_crypto(context, crypto)) {
1471     ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
1526 			  crypto,
1539  * @param crypto Kerberos crypto context
1551 			 krb5_crypto crypto,
1564     if(!derived_crypto(context, crypto)) {
1591     ret = krb5_create_checksum(context, crypto, usage, 0, p, len, &cksum);
1617  * @param crypto Kerberos crypto context
1629 			 krb5_crypto crypto,
1635     struct _krb5_encryption_type *et = crypto->et;
1643     if(!derived_crypto(context, crypto)) {
1674     ret = krb5_verify_checksum(context, crypto, usage, p, len, &cksum);
1686 		   krb5_crypto crypto,
1690     if (!derived_crypto(context, crypto)) {
1691 	krb5_set_error_message(context, EINVAL, "not a derived crypto");
1700 	*len = crypto->et->blocksize;
1707 	if (crypto->et->padsize > 1)
1708 	    *len = crypto->et->padsize;
1713 	*len = CHECKSUMSIZE(crypto->et->keyed_checksum);
1716 	if (crypto->et->keyed_checksum)
1717 	    *len = CHECKSUMSIZE(crypto->et->keyed_checksum);
1719 	    *len = CHECKSUMSIZE(crypto->et->checksum);
1730 		       krb5_crypto crypto,
1738 	ret = krb5_crypto_length(context, crypto,
1750 		  krb5_crypto crypto,
1757     if(derived_crypto(context, crypto))
1758 	return encrypt_internal_derived(context, crypto, usage,
1760     else if (special_crypto(context, crypto))
1761 	return encrypt_internal_special (context, crypto, usage,
1764 	return encrypt_internal(context, crypto, data, len, result, ivec);
1769 	     krb5_crypto crypto,
1775     return krb5_encrypt_ivec(context, crypto, usage, data, len, result, NULL);
1780 			   krb5_crypto crypto,
1787     result->etype = CRYPTO_ETYPE(crypto);
1793     return krb5_encrypt(context, crypto, usage, data, len, &result->cipher);
1798 		  krb5_crypto crypto,
1805     if(derived_crypto(context, crypto))
1806 	return decrypt_internal_derived(context, crypto, usage,
1808     else if (special_crypto (context, crypto))
1809 	return decrypt_internal_special(context, crypto, usage,
1812 	return decrypt_internal(context, crypto, data, len, result, ivec);
1817 	     krb5_crypto crypto,
1823     return krb5_decrypt_ivec (context, crypto, usage, data, len, result,
1829 			   krb5_crypto crypto,
1834     return krb5_decrypt(context, crypto, usage,
1935 _new_derived_key(krb5_crypto crypto, unsigned usage)
1937     struct _krb5_key_usage *d = crypto->key_usage;
1938     d = realloc(d, (crypto->num_key_usage + 1) * sizeof(*d));
1941     crypto->key_usage = d;
1942     d += crypto->num_key_usage++;
1981 		 krb5_crypto crypto,
1989     for(i = 0; i < crypto->num_key_usage; i++)
1990 	if(crypto->key_usage[i].usage == usage) {
1991 	    *key = &crypto->key_usage[i].key;
1994     d = _new_derived_key(crypto, usage);
1999     krb5_copy_keyblock(context, crypto->key.key, &d->key);
2001     _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant));
2007  * Create a crypto context used for all encryption and signature
2012  * To free the crypto context, use krb5_crypto_destroy().
2017  * @param crypto the resulting crypto context
2028 		 krb5_crypto *crypto)
2031     ALLOC(*crypto, 1);
2032     if(*crypto == NULL) {
2038     (*crypto)->et = _krb5_find_enctype(etype);
2039     if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) {
2040 	free(*crypto);
2041 	*crypto = NULL;
2044     if((*crypto)->et->keytype->size != key->keyvalue.length) {
2045 	free(*crypto);
2046 	*crypto = NULL;
2051     ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key);
2053 	free(*crypto);
2054 	*crypto = NULL;
2057     (*crypto)->key.schedule = NULL;
2058     (*crypto)->num_key_usage = 0;
2059     (*crypto)->key_usage = NULL;
2093  * Free a crypto context created by krb5_crypto_init().
2096  * @param crypto crypto context to free
2105 		    krb5_crypto crypto)
2109     for(i = 0; i < crypto->num_key_usage; i++)
2110 	free_key_usage(context, &crypto->key_usage[i], crypto->et);
2111     free(crypto->key_usage);
2112     _krb5_free_key_data(context, &crypto->key, crypto->et);
2113     free (crypto);
2118  * Return the blocksize used algorithm referenced by the crypto context
2121  * @param crypto crypto context to query
2131 			 krb5_crypto crypto,
2134     *blocksize = crypto->et->blocksize;
2139  * Return the encryption type used by the crypto context
2142  * @param crypto crypto context to query
2152 		       krb5_crypto crypto,
2155     *enctype = crypto->et->type;
2160  * Return the padding size used by the crypto context
2163  * @param crypto crypto context to query
2173                        krb5_crypto crypto,
2176     *padsize = crypto->et->padsize;
2181  * Return the confounder size used by the crypto context
2184  * @param crypto crypto context to query
2194                               krb5_crypto crypto,
2197     *confoundersize = crypto->et->confoundersize;
2285 		krb5_crypto  crypto,
2288     struct _krb5_encryption_type *et = crypto->et;
2300 			krb5_crypto  crypto,
2303     struct _krb5_encryption_type *et = crypto->et;
2322 			 krb5_crypto  crypto,
2325     if (derived_crypto (context, crypto))
2326 	return wrapped_length_dervied (context, crypto, data_len);
2328 	return wrapped_length (context, crypto, data_len);
2337 		 krb5_crypto  crypto)
2339     struct _krb5_encryption_type *et = crypto->et;
2351 			 krb5_crypto  crypto)
2353     struct _krb5_encryption_type *et = crypto->et;
2367 krb5_crypto_overhead (krb5_context context, krb5_crypto crypto)
2369     if (derived_crypto (context, crypto))
2370 	return crypto_overhead_dervied (context, crypto);
2372 	return crypto_overhead (context, crypto);
2377  * Kerberos crypto frame work. It may be assumed that all the bits of
2449 		const krb5_crypto crypto,
2453     struct _krb5_encryption_type *et = crypto->et;
2464     return (*et->prf)(context, crypto, input, output);
2469 		    const krb5_crypto crypto,
2500 	ret = krb5_crypto_prf(context, crypto, &input2, &block);

Indexes created Sat Jun 08 03:50:41 MDT 2024