2 * lib/krb5/krb/encrypt_tk.c
4 * Copyright 1990 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. M.I.T. makes no representations about the suitability of
20 * this software for any purpose. It is provided "as is" without express
21 * or implied warranty.
24 * krb5_encrypt_tkt_part() routine.
30 Takes unencrypted dec_ticket & dec_tkt_part, encrypts with
31 dec_ticket->enc_part.etype
32 using *srv_key, and places result in dec_ticket->enc_part.
33 The string dec_ticket->enc_part.ciphertext will be allocated before
36 returns errors from encryption routines, system errors
38 enc_part->ciphertext.data allocated & filled in with encrypted stuff
41 krb5_error_code INTERFACE
42 krb5_encrypt_tkt_part(context, eblock, srv_key, dec_ticket)
44 krb5_encrypt_block *eblock;
45 const krb5_keyblock *srv_key;
46 register krb5_ticket *dec_ticket;
49 krb5_error_code retval;
50 register krb5_enc_tkt_part *dec_tkt_part = dec_ticket->enc_part2;
52 /* start by encoding the to-be-encrypted part. */
53 if (retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch)) {
57 #define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); \
58 krb5_free_data(context, scratch); }
60 dec_ticket->enc_part.ciphertext.length =
61 krb5_encrypt_size(scratch->length, eblock->crypto_entry);
62 /* add padding area, and zero it */
63 if (!(scratch->data = realloc(scratch->data,
64 dec_ticket->enc_part.ciphertext.length))) {
65 /* may destroy scratch->data */
69 memset(scratch->data + scratch->length, 0,
70 dec_ticket->enc_part.ciphertext.length - scratch->length);
71 if (!(dec_ticket->enc_part.ciphertext.data =
72 malloc(dec_ticket->enc_part.ciphertext.length))) {
77 #define cleanup_encpart() {\
78 (void) memset(dec_ticket->enc_part.ciphertext.data, 0,\
79 dec_ticket->enc_part.ciphertext.length); \
80 free(dec_ticket->enc_part.ciphertext.data); \
81 dec_ticket->enc_part.ciphertext.length = 0; \
82 dec_ticket->enc_part.ciphertext.data = 0;}
84 /* do any necessary key pre-processing */
85 if (retval = krb5_process_key(context, eblock, srv_key)) {
89 #define cleanup_prockey() {(void) krb5_finish_key(context, eblock);}
91 /* call the encryption routine */
92 if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
93 (krb5_pointer) dec_ticket->enc_part.ciphertext.data,
94 scratch->length, eblock, 0)) {
98 dec_ticket->enc_part.etype = krb5_eblock_enctype(context, eblock);
100 /* ticket is now assembled-- do some cleanup */
103 if (retval = krb5_finish_key(context, eblock)) {