/src/samba/third_party/heimdal/lib/krb5/salt-aes-sha2.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan |
3 | | * (Royal Institute of Technology, Stockholm, Sweden). |
4 | | * All rights reserved. |
5 | | * |
6 | | * Redistribution and use in source and binary forms, with or without |
7 | | * modification, are permitted provided that the following conditions |
8 | | * are met: |
9 | | * |
10 | | * 1. Redistributions of source code must retain the above copyright |
11 | | * notice, this list of conditions and the following disclaimer. |
12 | | * |
13 | | * 2. Redistributions in binary form must reproduce the above copyright |
14 | | * notice, this list of conditions and the following disclaimer in the |
15 | | * documentation and/or other materials provided with the distribution. |
16 | | * |
17 | | * 3. Neither the name of the Institute nor the names of its contributors |
18 | | * may be used to endorse or promote products derived from this software |
19 | | * without specific prior written permission. |
20 | | * |
21 | | * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND |
22 | | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
23 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
24 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE |
25 | | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
26 | | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
27 | | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
28 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
29 | | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
30 | | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
31 | | * SUCH DAMAGE. |
32 | | */ |
33 | | |
34 | | #include "krb5_locl.h" |
35 | | |
36 | | const int _krb5_AES_SHA2_string_to_default_iterator = 32768; |
37 | | |
38 | | static krb5_error_code |
39 | | AES_SHA2_string_to_key(krb5_context context, |
40 | | krb5_enctype enctype, |
41 | | krb5_data password, |
42 | | krb5_salt salt, |
43 | | krb5_data opaque, |
44 | | krb5_keyblock *key) |
45 | 0 | { |
46 | 0 | krb5_error_code ret; |
47 | 0 | uint32_t iter; |
48 | 0 | struct _krb5_encryption_type *et = NULL; |
49 | 0 | struct _krb5_key_data kd; |
50 | 0 | krb5_data saltp; |
51 | 0 | size_t enctypesz; |
52 | 0 | const EVP_MD *md = NULL; |
53 | |
|
54 | 0 | krb5_data_zero(&saltp); |
55 | 0 | kd.key = NULL; |
56 | 0 | kd.schedule = NULL; |
57 | |
|
58 | 0 | if (opaque.length == 0) { |
59 | 0 | iter = _krb5_AES_SHA2_string_to_default_iterator; |
60 | 0 | } else if (opaque.length == 4) { |
61 | 0 | unsigned long v; |
62 | 0 | _krb5_get_int(opaque.data, &v, 4); |
63 | 0 | iter = ((uint32_t)v); |
64 | 0 | } else { |
65 | 0 | ret = KRB5_PROG_KEYTYPE_NOSUPP; /* XXX */ |
66 | 0 | goto cleanup; |
67 | 0 | } |
68 | | |
69 | 0 | et = _krb5_find_enctype(enctype); |
70 | 0 | if (et == NULL) { |
71 | 0 | ret = KRB5_PROG_KEYTYPE_NOSUPP; |
72 | 0 | goto cleanup; |
73 | 0 | } |
74 | | |
75 | 0 | kd.schedule = NULL; |
76 | 0 | ALLOC(kd.key, 1); |
77 | 0 | if (kd.key == NULL) { |
78 | 0 | ret = krb5_enomem(context); |
79 | 0 | goto cleanup; |
80 | 0 | } |
81 | 0 | kd.key->keytype = enctype; |
82 | 0 | ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); |
83 | 0 | if (ret) { |
84 | 0 | ret = krb5_enomem(context); |
85 | 0 | goto cleanup; |
86 | 0 | } |
87 | | |
88 | 0 | enctypesz = strlen(et->name) + 1; |
89 | 0 | ret = krb5_data_alloc(&saltp, enctypesz + salt.saltvalue.length); |
90 | 0 | if (ret) { |
91 | 0 | ret = krb5_enomem(context); |
92 | 0 | goto cleanup; |
93 | 0 | } |
94 | 0 | memcpy(saltp.data, et->name, enctypesz); |
95 | 0 | if (salt.saltvalue.length) |
96 | 0 | memcpy((unsigned char *)saltp.data + enctypesz, |
97 | 0 | salt.saltvalue.data, salt.saltvalue.length); |
98 | |
|
99 | 0 | ret = _krb5_aes_sha2_md_for_enctype(context, enctype, &md); |
100 | 0 | if (ret) |
101 | 0 | goto cleanup; |
102 | | |
103 | 0 | ret = PKCS5_PBKDF2_HMAC(password.data, password.length, |
104 | 0 | saltp.data, saltp.length, |
105 | 0 | iter, md, |
106 | 0 | et->keytype->size, kd.key->keyvalue.data); |
107 | 0 | if (ret != 1) { |
108 | 0 | krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, |
109 | 0 | "Error calculating s2k"); |
110 | 0 | ret = KRB5_PROG_KEYTYPE_NOSUPP; |
111 | 0 | goto cleanup; |
112 | 0 | } |
113 | | |
114 | 0 | ret = _krb5_derive_key(context, et, &kd, "kerberos", strlen("kerberos")); |
115 | 0 | if (ret) |
116 | 0 | goto cleanup; |
117 | | |
118 | 0 | ret = krb5_copy_keyblock_contents(context, kd.key, key); |
119 | 0 | if (ret) |
120 | 0 | goto cleanup; |
121 | | |
122 | 0 | cleanup: |
123 | 0 | krb5_data_free(&saltp); |
124 | 0 | _krb5_free_key_data(context, &kd, et); |
125 | |
|
126 | 0 | return ret; |
127 | 0 | } |
128 | | |
129 | | struct salt_type _krb5_AES_SHA2_salt[] = { |
130 | | { |
131 | | KRB5_PW_SALT, |
132 | | "pw-salt", |
133 | | AES_SHA2_string_to_key |
134 | | }, |
135 | | { 0, NULL, NULL } |
136 | | }; |