From: Ken Raeburn <raeburn@mit.edu>
Date: Fri, 22 Jun 2001 03:22:27 +0000 (+0000)
Subject: * derive.c: provide krb5_derive_random, krb5_random2key a la rfc1510bis (not exported... 
X-Git-Tag: krb5-1.3-alpha1~1312
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=a18890a71f0db424b9b4cd99ca313c9bbf71868e;p=krb5.git

* derive.c: provide krb5_derive_random, krb5_random2key a la rfc1510bis (not exported for now)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13474 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog
index 6ae4da7c1..63cbd02e6 100644
--- a/src/lib/crypto/dk/ChangeLog
+++ b/src/lib/crypto/dk/ChangeLog
@@ -1,5 +1,8 @@
 2001-06-21  Ken Raeburn  <raeburn@mit.edu>
 
+	* derive.c: Include etypes.h.
+	(krb5_derive_random, krb5_random2key): New functions.
+
 	* checksum.c (krb5_dk_make_checksum): Cast 0x99 to char explicitly
 	to silence warnings.
 
diff --git a/src/lib/crypto/dk/derive.c b/src/lib/crypto/dk/derive.c
index 8129ae8aa..0aabdc4ed 100644
--- a/src/lib/crypto/dk/derive.c
+++ b/src/lib/crypto/dk/derive.c
@@ -112,3 +112,106 @@ krb5_derive_key(enc, inkey, outkey, in_constant)
     return(0);
 }
 
+
+krb5_error_code
+krb5_derive_random(enc, inkey, outrnd, in_constant)
+     const struct krb5_enc_provider *enc;
+     const krb5_keyblock *inkey;
+     krb5_data *outrnd;
+     const krb5_data *in_constant;
+{
+    size_t blocksize, keybytes, keylength, n;
+    unsigned char *inblockdata, *outblockdata, *rawkey;
+    krb5_data inblock, outblock;
+
+    (*(enc->block_size))(&blocksize);
+    (*(enc->keysize))(&keybytes, &keylength);
+
+    if ((inkey->length != keylength) ||
+	(outrnd->length != keybytes))
+	return(KRB5_CRYPTO_INTERNAL);
+
+    /* allocate and set up buffers */
+
+    if ((inblockdata = (unsigned char *) malloc(blocksize)) == NULL)
+	return(ENOMEM);
+
+    if ((outblockdata = (unsigned char *) malloc(blocksize)) == NULL) {
+	free(inblockdata);
+	return(ENOMEM);
+    }
+
+    if ((rawkey = (unsigned char *) malloc(keybytes)) == NULL) {
+	free(outblockdata);
+	free(inblockdata);
+	return(ENOMEM);
+    }
+
+    inblock.data = inblockdata;
+    inblock.length = blocksize;
+
+    outblock.data = outblockdata;
+    outblock.length = blocksize;
+
+    /* initialize the input block */
+
+    if (in_constant->length == inblock.length) {
+	memcpy(inblock.data, in_constant->data, inblock.length);
+    } else {
+	krb5_nfold(in_constant->length*8, in_constant->data,
+		   inblock.length*8, inblock.data);
+    }
+
+    /* loop encrypting the blocks until enough key bytes are generated */
+
+    n = 0;
+    while (n < keybytes) {
+	(*(enc->encrypt))(inkey, 0, &inblock, &outblock);
+
+	if ((keybytes - n) <= outblock.length) {
+	    memcpy(rawkey+n, outblock.data, (keybytes - n));
+	    break;
+	}
+
+	memcpy(rawkey+n, outblock.data, outblock.length);
+	memcpy(inblock.data, outblock.data, outblock.length);
+	n += outblock.length;
+    }
+
+    /* postprocess the key */
+
+    memcpy (outrnd->data, rawkey, keybytes);
+
+    /* clean memory, free resources and exit */
+
+    memset(inblockdata, 0, blocksize);
+    memset(outblockdata, 0, blocksize);
+    memset(rawkey, 0, keybytes);
+
+    free(rawkey);
+    free(outblockdata);
+    free(inblockdata);
+
+    return(0);
+}
+
+#include "etypes.h"
+void
+krb5_random2key (krb5_enctype enctype, krb5_data *inblock,
+		 krb5_keyblock *outkey)
+{
+    int i;
+    const struct krb5_enc_provider *enc;
+
+    for (i=0; i<krb5_enctypes_length; i++) {
+	if (krb5_enctypes_list[i].etype == enctype)
+	    break;
+    }
+
+    if (i == krb5_enctypes_length)
+	abort ();
+
+    enc = krb5_enctypes_list[i].enc;
+
+    enc->make_key (inblock, outkey);
+}