/src/samba/third_party/heimdal/lib/krb5/keyblock.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan |
3 | | * (Royal Institute of Technology, Stockholm, Sweden). |
4 | | * All rights reserved. |
5 | | * |
6 | | * Redistribution and use in source and binary forms, with or without |
7 | | * modification, are permitted provided that the following conditions |
8 | | * are met: |
9 | | * |
10 | | * 1. Redistributions of source code must retain the above copyright |
11 | | * notice, this list of conditions and the following disclaimer. |
12 | | * |
13 | | * 2. Redistributions in binary form must reproduce the above copyright |
14 | | * notice, this list of conditions and the following disclaimer in the |
15 | | * documentation and/or other materials provided with the distribution. |
16 | | * |
17 | | * 3. Neither the name of the Institute nor the names of its contributors |
18 | | * may be used to endorse or promote products derived from this software |
19 | | * without specific prior written permission. |
20 | | * |
21 | | * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND |
22 | | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
23 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
24 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE |
25 | | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
26 | | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
27 | | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
28 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
29 | | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
30 | | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
31 | | * SUCH DAMAGE. |
32 | | */ |
33 | | |
34 | | #include "krb5_locl.h" |
35 | | |
36 | | /** |
37 | | * Zero out a keyblock |
38 | | * |
39 | | * @param keyblock keyblock to zero out |
40 | | * |
41 | | * @ingroup krb5_crypto |
42 | | */ |
43 | | |
44 | | KRB5_LIB_FUNCTION void KRB5_LIB_CALL |
45 | | krb5_keyblock_zero(krb5_keyblock *keyblock) |
46 | 0 | { |
47 | 0 | keyblock->keytype = 0; |
48 | 0 | krb5_data_zero(&keyblock->keyvalue); |
49 | 0 | } |
50 | | |
51 | | /** |
52 | | * Free a keyblock's content, also zero out the content of the keyblock. |
53 | | * |
54 | | * @param context a Kerberos 5 context |
55 | | * @param keyblock keyblock content to free, NULL is valid argument |
56 | | * |
57 | | * @ingroup krb5_crypto |
58 | | */ |
59 | | |
60 | | KRB5_LIB_FUNCTION void KRB5_LIB_CALL |
61 | | krb5_free_keyblock_contents(krb5_context context, |
62 | | krb5_keyblock *keyblock) |
63 | 0 | { |
64 | 0 | if(keyblock) { |
65 | 0 | if (keyblock->keyvalue.data != NULL) |
66 | 0 | memset_s(keyblock->keyvalue.data, keyblock->keyvalue.length, |
67 | 0 | 0, keyblock->keyvalue.length); |
68 | 0 | krb5_data_free (&keyblock->keyvalue); |
69 | 0 | keyblock->keytype = KRB5_ENCTYPE_NULL; |
70 | 0 | } |
71 | 0 | } |
72 | | |
73 | | /** |
74 | | * Free a keyblock, also zero out the content of the keyblock, uses |
75 | | * krb5_free_keyblock_contents() to free the content. |
76 | | * |
77 | | * @param context a Kerberos 5 context |
78 | | * @param keyblock keyblock to free, NULL is valid argument |
79 | | * |
80 | | * @ingroup krb5_crypto |
81 | | */ |
82 | | |
83 | | KRB5_LIB_FUNCTION void KRB5_LIB_CALL |
84 | | krb5_free_keyblock(krb5_context context, |
85 | | krb5_keyblock *keyblock) |
86 | 0 | { |
87 | 0 | if(keyblock){ |
88 | 0 | krb5_free_keyblock_contents(context, keyblock); |
89 | 0 | free(keyblock); |
90 | 0 | } |
91 | 0 | } |
92 | | |
93 | | /** |
94 | | * Copy a keyblock, free the output keyblock with |
95 | | * krb5_free_keyblock_contents(). |
96 | | * |
97 | | * @param context a Kerberos 5 context |
98 | | * @param inblock the key to copy |
99 | | * @param to the output key. |
100 | | * |
101 | | * @return 0 on success or a Kerberos 5 error code |
102 | | * |
103 | | * @ingroup krb5_crypto |
104 | | */ |
105 | | |
106 | | KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL |
107 | | krb5_copy_keyblock_contents (krb5_context context, |
108 | | const krb5_keyblock *inblock, |
109 | | krb5_keyblock *to) |
110 | 0 | { |
111 | 0 | return copy_EncryptionKey(inblock, to); |
112 | 0 | } |
113 | | |
114 | | /** |
115 | | * Copy a keyblock, free the output keyblock with |
116 | | * krb5_free_keyblock(). |
117 | | * |
118 | | * @param context a Kerberos 5 context |
119 | | * @param inblock the key to copy |
120 | | * @param to the output key. |
121 | | * |
122 | | * @return 0 on success or a Kerberos 5 error code |
123 | | * |
124 | | * @ingroup krb5_crypto |
125 | | */ |
126 | | |
127 | | |
128 | | KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL |
129 | | krb5_copy_keyblock (krb5_context context, |
130 | | const krb5_keyblock *inblock, |
131 | | krb5_keyblock **to) |
132 | 0 | { |
133 | 0 | krb5_error_code ret; |
134 | 0 | krb5_keyblock *k; |
135 | |
|
136 | 0 | *to = NULL; |
137 | |
|
138 | 0 | k = calloc (1, sizeof(*k)); |
139 | 0 | if (k == NULL) |
140 | 0 | return krb5_enomem(context); |
141 | | |
142 | 0 | ret = krb5_copy_keyblock_contents (context, inblock, k); |
143 | 0 | if (ret) { |
144 | 0 | free(k); |
145 | 0 | return ret; |
146 | 0 | } |
147 | 0 | *to = k; |
148 | 0 | return 0; |
149 | 0 | } |
150 | | |
151 | | /** |
152 | | * Get encryption type of a keyblock. |
153 | | * |
154 | | * @ingroup krb5_crypto |
155 | | */ |
156 | | |
157 | | KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL |
158 | | krb5_keyblock_get_enctype(const krb5_keyblock *block) |
159 | 0 | { |
160 | 0 | return block->keytype; |
161 | 0 | } |
162 | | |
163 | | /** |
164 | | * Fill in `key' with key data of type `enctype' from `data' of length |
165 | | * `size'. Key should be freed using krb5_free_keyblock_contents(). |
166 | | * |
167 | | * @return 0 on success or a Kerberos 5 error code |
168 | | * |
169 | | * @ingroup krb5_crypto |
170 | | */ |
171 | | |
172 | | KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL |
173 | | krb5_keyblock_init(krb5_context context, |
174 | | krb5_enctype type, |
175 | | const void *data, |
176 | | size_t size, |
177 | | krb5_keyblock *key) |
178 | 0 | { |
179 | 0 | krb5_error_code ret; |
180 | 0 | size_t len; |
181 | |
|
182 | 0 | memset(key, 0, sizeof(*key)); |
183 | |
|
184 | 0 | ret = krb5_enctype_keysize(context, type, &len); |
185 | 0 | if (ret) |
186 | 0 | return ret; |
187 | | |
188 | 0 | if (len != size) { |
189 | 0 | krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, |
190 | 0 | "Encryption key %d is %lu bytes " |
191 | 0 | "long, %lu was passed in", |
192 | 0 | type, (unsigned long)len, (unsigned long)size); |
193 | 0 | return KRB5_PROG_ETYPE_NOSUPP; |
194 | 0 | } |
195 | 0 | ret = krb5_data_copy(&key->keyvalue, data, len); |
196 | 0 | if(ret) { |
197 | 0 | krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); |
198 | 0 | return ret; |
199 | 0 | } |
200 | 0 | key->keytype = type; |
201 | |
|
202 | 0 | return 0; |
203 | 0 | } |