add "extract snk4 key" function to get device keys out of the database

author Mark Eichin <eichin@mit.edu>

Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)

committer Mark Eichin <eichin@mit.edu>

Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)
author Mark Eichin <eichin@mit.edu>
Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)
committer Mark Eichin <eichin@mit.edu>
Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)
diff --git a/src/kadmin/v5client/kadmin5.c b/src/kadmin/v5client/kadmin5.c

index 57cca4f5ccedf677bfad5805a36aa478b57be437..71a46bbc04ea7b6b8cd67cbb165e0a1c1ed086d8 100644 (file)
--- a/src/kadmin/v5client/kadmin5.c
+++ b/src/kadmin/v5client/kadmin5.c
@@ -1124,6 +1124,114 @@ kadmin_extract_v4(argc, argv)
      fclose(v4tab);
  }
  \f
+/*
+ * kadmin_extract_snk4()       - Extract snk4 entry.
+ */
+void
+kadmin_extract_snk4(argc, argv)
+    int        argc;
+    char       *argv[];
+{
+  int                  i;
+  krb5_error_code      kret;
+  krb5_int32           proto_stat;
+  krb5_int32           ncomps;
+  krb5_data            *complist;
+  char         *instance;
+  krb5_boolean force, doit;
+  krb5_keytab_entry    keytab_entry;
+
+  requestname = argv[0];
+  force = 0;
+  if (argc < 2) {
+    com_err(argv[0], 0, "usage is %s principal", argv[0]);
+    return;
+
+  }
+  instance = "SNK4";
+  argc -= 1;
+  argv += 1;
+
+  memset((char *) &keytab_entry, 0, sizeof(krb5_keytab_entry));
+
+  for (i=0; i<argc; i++) {
+    if (!(kret = net_do_proto(KRB5_ADM_EXT_KEY_CMD,
+                             instance,
+                             argv[i],
+                             0,
+                             (krb5_data *) NULL,
+                             &proto_stat,
+                             &ncomps,
+                             &complist,
+                             0))) {
+      if (proto_stat == KRB5_ADM_SUCCESS) {
+       if (!(kret = krb5_adm_proto_to_ktent(kcontext,
+                                            ncomps,
+                                            complist,
+                                            &keytab_entry))) {
+         if (keytab_entry.key.enctype != 1) {
+           com_err(requestname, 0, xst_nodeskey_fmt, argv[i]);
+           break;
+         }
+         if (keytab_entry.key.length != 8) {
+           com_err(requestname, 0, "%s not an 8 byte key", argv[i]);
+           break;
+         }
+         printf("device key:\n");
+         { 
+           int i;
+           for (i = 0; i<8; i++) {
+             printf("%03o ", keytab_entry.key.contents[i]);
+           }
+           printf("\n");
+         }
+         /* now compute rawdes(key,0) and print the first 3 bytes */
+         {
+           krb5_encrypt_block eblock;
+           char zblock[8];
+           unsigned char outputblock[8];
+           memset(zblock,0,8);
+
+           krb5_use_enctype(kcontext, &eblock, ENCTYPE_DES_CBC_RAW);
+           keytab_entry.key.enctype = ENCTYPE_DES_CBC_RAW;
+           kret = krb5_process_key(kcontext, &eblock,
+                                     &keytab_entry.key);
+           if (kret) {
+             com_err(requestname, 0, "snk4 process key failed for %s", 
+                     argv[i]);
+             break;
+           }
+           kret = krb5_encrypt(kcontext, zblock, outputblock, 8,
+                                 &eblock, zblock /* ivec */);
+           if (kret) {
+             com_err(requestname, 0, "snk4 checksum generation %s", 
+                     argv[i]);
+             break;
+           }
+           printf("Checksum on screen: %02x%02x%02x\n",
+                  outputblock[0], outputblock[1], outputblock[2]);
+
+         }
+
+
+         com_err(requestname, 0, "done extracting entry %s", 
+                 argv[i]);
+         if (keytab_entry.key.contents) {
+           memset((char *) keytab_entry.key.contents, 0,
+                  (size_t) keytab_entry.key.length);
+           krb5_xfree(keytab_entry.key.contents);
+         }
+       }
+       else {
+         com_err(requestname, kret, xst_proto_fmt);
+       }
+       memset((char *) &keytab_entry, 0, sizeof(krb5_keytab_entry));
+       krb5_free_adm_data(kcontext, ncomps, complist);
+      }
+    }
+  }
+}
+\f
  /*
   * kadmin_modify()     - Modify principal.
   */
diff --git a/src/kadmin/v5client/kadmin5_ct.ct b/src/kadmin/v5client/kadmin5_ct.ct

index 8404dd7c7475dbd83b84ab8615564dfc81dfe5f0..b9e692396ab1cf14fd4d9015221df62b81443d5a 100644 (file)
--- a/src/kadmin/v5client/kadmin5_ct.ct
+++ b/src/kadmin/v5client/kadmin5_ct.ct
@@ -55,6 +55,9 @@ request kadmin_extract, "Extract service key table entry/entries.",
  request kadmin_extract_v4, "Extract service key table entry/entries in V4 format.",
         extract_v4_srvtab, xst4;
  
+request kadmin_extract_snk4, "Extract programming codes for SNK4 device.",
+       extract_snk4, xsnk4;
+
  request kadmin_modify, "Modify database entry.",
         modify_entry, modent;
author	Mark Eichin <eichin@mit.edu>
	Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)
committer	Mark Eichin <eichin@mit.edu>
	Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)
src/kadmin/v5client/kadmin5.c		patch \| blob \| history
src/kadmin/v5client/kadmin5_ct.ct		patch \| blob \| history