1/* $NetBSD: keyblock.c,v 1.2 2017/01/28 21:31:49 christos Exp $ */ 2 3/* 4 * Copyright (c) 1997 - 2001 Kungliga Tekniska H��gskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36#include "krb5_locl.h" 37 38/** 39 * Zero out a keyblock 40 * 41 * @param keyblock keyblock to zero out 42 * 43 * @ingroup krb5_crypto 44 */ 45 46KRB5_LIB_FUNCTION void KRB5_LIB_CALL 47krb5_keyblock_zero(krb5_keyblock *keyblock) 48{ 49 keyblock->keytype = 0; 50 krb5_data_zero(&keyblock->keyvalue); 51} 52 53/** 54 * Free a keyblock's content, also zero out the content of the keyblock. 55 * 56 * @param context a Kerberos 5 context 57 * @param keyblock keyblock content to free, NULL is valid argument 58 * 59 * @ingroup krb5_crypto 60 */ 61 62KRB5_LIB_FUNCTION void KRB5_LIB_CALL 63krb5_free_keyblock_contents(krb5_context context, 64 krb5_keyblock *keyblock) 65{ 66 if(keyblock) { 67 if (keyblock->keyvalue.data != NULL) 68 memset(keyblock->keyvalue.data, 0, keyblock->keyvalue.length); 69 krb5_data_free (&keyblock->keyvalue); 70 keyblock->keytype = KRB5_ENCTYPE_NULL; 71 } 72} 73 74/** 75 * Free a keyblock, also zero out the content of the keyblock, uses 76 * krb5_free_keyblock_contents() to free the content. 77 * 78 * @param context a Kerberos 5 context 79 * @param keyblock keyblock to free, NULL is valid argument 80 * 81 * @ingroup krb5_crypto 82 */ 83 84KRB5_LIB_FUNCTION void KRB5_LIB_CALL 85krb5_free_keyblock(krb5_context context, 86 krb5_keyblock *keyblock) 87{ 88 if(keyblock){ 89 krb5_free_keyblock_contents(context, keyblock); 90 free(keyblock); 91 } 92} 93 94/** 95 * Copy a keyblock, free the output keyblock with 96 * krb5_free_keyblock_contents(). 97 * 98 * @param context a Kerberos 5 context 99 * @param inblock the key to copy 100 * @param to the output key. 101 * 102 * @return 0 on success or a Kerberos 5 error code 103 * 104 * @ingroup krb5_crypto 105 */ 106 107KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 108krb5_copy_keyblock_contents (krb5_context context, 109 const krb5_keyblock *inblock, 110 krb5_keyblock *to) 111{ 112 return copy_EncryptionKey(inblock, to); 113} 114 115/** 116 * Copy a keyblock, free the output keyblock with 117 * krb5_free_keyblock(). 118 * 119 * @param context a Kerberos 5 context 120 * @param inblock the key to copy 121 * @param to the output key. 122 * 123 * @return 0 on success or a Kerberos 5 error code 124 * 125 * @ingroup krb5_crypto 126 */ 127 128 129KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 130krb5_copy_keyblock (krb5_context context, 131 const krb5_keyblock *inblock, 132 krb5_keyblock **to) 133{ 134 krb5_error_code ret; 135 krb5_keyblock *k; 136 137 *to = NULL; 138 139 k = calloc (1, sizeof(*k)); 140 if (k == NULL) 141 return krb5_enomem(context); 142 143 ret = krb5_copy_keyblock_contents (context, inblock, k); 144 if (ret) { 145 free(k); 146 return ret; 147 } 148 *to = k; 149 return 0; 150} 151 152/** 153 * Get encryption type of a keyblock. 154 * 155 * @ingroup krb5_crypto 156 */ 157 158KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 159krb5_keyblock_get_enctype(const krb5_keyblock *block) 160{ 161 return block->keytype; 162} 163 164/** 165 * Fill in `key' with key data of type `enctype' from `data' of length 166 * `size'. Key should be freed using krb5_free_keyblock_contents(). 167 * 168 * @return 0 on success or a Kerberos 5 error code 169 * 170 * @ingroup krb5_crypto 171 */ 172 173KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 174krb5_keyblock_init(krb5_context context, 175 krb5_enctype type, 176 const void *data, 177 size_t size, 178 krb5_keyblock *key) 179{ 180 krb5_error_code ret; 181 size_t len; 182 183 memset(key, 0, sizeof(*key)); 184 185 ret = krb5_enctype_keysize(context, type, &len); 186 if (ret) 187 return ret; 188 189 if (len != size) { 190 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, 191 "Encryption key %d is %lu bytes " 192 "long, %lu was passed in", 193 type, (unsigned long)len, (unsigned long)size); 194 return KRB5_PROG_ETYPE_NOSUPP; 195 } 196 ret = krb5_data_copy(&key->keyvalue, data, len); 197 if(ret) { 198 krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); 199 return ret; 200 } 201 key->keytype = type; 202 203 return 0; 204} 205