2 * lib/krb5/krb/gen_seqnum.c
4 * Copyright 1991 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. M.I.T. makes no representations about the suitability of
20 * this software for any purpose. It is provided "as is" without express
21 * or implied warranty.
24 * Routine to automatically generate a starting sequence number.
25 * We do this by getting a random key and encrypting something with it,
26 * then taking the output and slicing it up.
32 #define MIN(a,b) ((a) < (b) ? (a) : (b))
36 krb5_generate_seq_number(context, key, seqno)
38 const krb5_keyblock *key;
41 krb5_pointer random_state;
42 krb5_encrypt_block eblock;
43 krb5_keyblock *subkey = 0;
44 krb5_error_code retval;
47 krb5_int32 microseconds;
49 krb5_octet *intmp = 0, *outtmp = 0;
52 if (!valid_keytype(key->keytype))
53 return KRB5_PROG_KEYTYPE_NOSUPP;
55 krb5_use_keytype(context, &eblock, key->keytype);
57 if (retval = krb5_init_random_key(context, &eblock, key, &random_state))
60 if (retval = krb5_random_key(context, &eblock, random_state, &subkey)) {
61 (void) krb5_finish_random_key(context, &eblock, &random_state);
64 /* ignore the error if any, since we've already gotten the key out */
65 if (retval = krb5_finish_random_key(context, &eblock, &random_state)) {
66 krb5_free_keyblock(context, subkey);
70 esize = krb5_encrypt_size(sizeof(timenow), eblock.crypto_entry);
71 intmp = (krb5_octet *)malloc(esize);
76 outtmp = (krb5_octet *)malloc(esize);
81 if (retval = krb5_process_key(context, &eblock, subkey)) {
85 if (retval = krb5_us_timeofday(context, &timenow.seconds,
86 &timenow.microseconds)) {
89 memcpy((char *)intmp, (char *)&timenow, sizeof(timenow));
91 retval = krb5_encrypt(context, (krb5_pointer)intmp, (krb5_pointer)outtmp,
92 sizeof(timenow), &eblock, 0);
93 (void) krb5_finish_key(context, &eblock);
97 memcpy((char *) seqno, (char *)outtmp, sizeof(krb5_int32));
101 krb5_free_keyblock(context, subkey);