string2key.c revision 102644 
1/*
2 * Copyright (c) 1997, 1998, 1999, 2002 Kungliga Tekniska H�gskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include "headers.h"
35#include <getarg.h>
36
37RCSID("$Id: string2key.c,v 1.19 2002/04/18 10:18:07 joda Exp $");
38
39int version5;
40int version4;
41int afs;
42char *principal;
43char *cell;
44char *password;
45const char *keytype_str = "des-cbc-md5";
46int version;
47int help;
48
49struct getargs args[] = {
50    { "version5", '5', arg_flag,   &version5, "Output Kerberos v5 string-to-key" },
51    { "version4", '4', arg_flag,   &version4, "Output Kerberos v4 string-to-key" },
52    { "afs",      'a', arg_flag,   &afs, "Output AFS string-to-key" },
53    { "cell",     'c', arg_string, &cell, "AFS cell to use", "cell" },
54    { "password", 'w', arg_string, &password, "Password to use", "password" },
55    { "principal",'p', arg_string, &principal, "Kerberos v5 principal to use", "principal" },
56    { "keytype",  'k', arg_string, &keytype_str, "Keytype" },
57    { "version",    0, arg_flag,   &version, "print version" },
58    { "help",       0, arg_flag,   &help, NULL }
59};
60
61int num_args = sizeof(args) / sizeof(args[0]);
62
63static void
64usage(int status)
65{
66    arg_printusage (args, num_args, NULL, "password");
67    exit(status);
68}
69
70static void
71tokey(krb5_context context,
72      krb5_enctype enctype,
73      const char *password,
74      krb5_salt salt,
75      const char *label)
76{
77    int i;
78    krb5_keyblock key;
79    krb5_string_to_key_salt(context, enctype, password, salt, &key);
80    printf("%s: ", label);
81    for(i = 0; i < key.keyvalue.length; i++)
82	printf("%02x", ((unsigned char*)key.keyvalue.data)[i]);
83    printf("\n");
84    krb5_free_keyblock_contents(context, &key);
85}
86
87int
88main(int argc, char **argv)
89{
90    krb5_context context;
91    krb5_principal princ;
92    krb5_salt salt;
93    int optind;
94    char buf[1024];
95    krb5_enctype etype;
96    krb5_error_code ret;
97
98    optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL);
99
100    if(help)
101	usage(0);
102
103    if(version){
104	print_version (NULL);
105	return 0;
106    }
107
108    argc -= optind;
109    argv += optind;
110
111    if (argc > 1)
112	usage(1);
113
114    if(!version5 && !version4 && !afs)
115	version5 = 1;
116
117    ret = krb5_string_to_enctype(context, keytype_str, &etype);
118#if 0
119    if(ret) {
120	krb5_keytype keytype;
121	ret = krb5_string_to_keytype(context, keytype_str, &keytype);
122	ret = krb5_keytype_to_enctype(context, keytype, &etype);
123    }
124#endif
125    if(ret)
126	krb5_err(context, 1, ret, "%s", keytype_str);
127
128    if((etype != ETYPE_DES_CBC_CRC &&
129	etype != ETYPE_DES_CBC_MD4 &&
130	etype != ETYPE_DES_CBC_MD5) &&
131       (afs || version4))
132	krb5_errx(context, 1,
133		  "DES is the only valid keytype for AFS and Kerberos 4");
134
135
136    if(version5 && principal == NULL){
137	printf("Kerberos v5 principal: ");
138	if(fgets(buf, sizeof(buf), stdin) == NULL)
139	    return 1;
140	if(buf[strlen(buf) - 1] == '\n')
141	    buf[strlen(buf) - 1] = '\0';
142	principal = estrdup(buf);
143    }
144    if(afs && cell == NULL){
145	printf("AFS cell: ");
146	if(fgets(buf, sizeof(buf), stdin) == NULL)
147	    return 1;
148	if(buf[strlen(buf) - 1] == '\n')
149	    buf[strlen(buf) - 1] = '\0';
150	cell = estrdup(buf);
151    }
152    if(argv[0])
153	password = argv[0];
154    if(password == NULL){
155	if(des_read_pw_string(buf, sizeof(buf), "Password: ", 0))
156	    return 1;
157	password = buf;
158    }
159
160    if(version5){
161	krb5_parse_name(context, principal, &princ);
162	krb5_get_pw_salt(context, princ, &salt);
163	tokey(context, etype, password, salt, "Kerberos v5 key");
164	krb5_free_salt(context, salt);
165    }
166    if(version4){
167	salt.salttype = KRB5_PW_SALT;
168	salt.saltvalue.length = 0;
169	salt.saltvalue.data = NULL;
170	tokey(context, ETYPE_DES_CBC_MD5, password, salt, "Kerberos v4 key");
171    }
172    if(afs){
173	salt.salttype = KRB5_AFS3_SALT;
174	salt.saltvalue.length = strlen(cell);
175	salt.saltvalue.data = cell;
176	tokey(context, ETYPE_DES_CBC_MD5, password, salt, "AFS key");
177    }
178    return 0;
179}
180