From: John Kohl <jtkohl@mit.edu>
Date: Mon, 29 Jan 1990 16:17:50 +0000 (+0000)
Subject: *** empty log message ***
X-Git-Tag: krb5-1.0-alpha2~1202
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b6c1cfe06e095a1aa972d0ccc4577c2a5196a0df;p=krb5.git

*** empty log message ***

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@181 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c
new file mode 100644
index 000000000..b9e5b758d
--- /dev/null
+++ b/src/lib/krb5/krb/encode_kdc.c
@@ -0,0 +1,123 @@
+/*
+ * $Source$
+ * $Author$
+ *
+ * Copyright 1990 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <krb5/mit-copyright.h>.
+ *
+ * krb5_encode_kdc_rep() function.
+ */
+
+#if !defined(lint) && !defined(SABER)
+static char rcsid_encode_kdc_c [] =
+"$Id$";
+#endif	/* !lint & !SABER */
+
+#include <krb5/copyright.h>
+#include <krb5/krb5.h>
+#include <krb5/krb5_err.h>
+#include <krb5/asn1.h>
+
+#include <errno.h>
+
+#include <krb5/ext-proto.h>
+
+/* array of pointers into encryption systems */
+extern krb5_cs_table_entry *csarray[];
+
+/*
+ Takes KDC rep parts in *rep and *encpart, and formats it into *enc_rep,
+ using message type type and encryption key client_key and encryption type
+ etype.
+
+ The string *enc_rep will be allocated before formatting; the caller should
+ free when finished.
+
+ returns system errors
+
+ dec_rep->enc_part is allocated and filled in.
+*/
+krb5_error_code
+krb5_encode_kdc_rep(type, dec_rep, encpart, client_key, enc_rep)
+krb5_msgtype type;
+register krb5_kdc_rep *dec_rep;
+register krb5_enc_kdc_rep_part *encpart;
+krb5_keyblock *client_key;
+krb5_data **enc_rep;
+{
+    krb5_data *scratch;
+    krb5_encrypt_block eblock;
+    krb5_error_code retval;
+
+    switch (type) {
+    case KRB5_AS_REP:
+    case KRB5_TGS_REP:
+	break;
+    default:
+	return KRB5_BADMSGTYPE;
+    }
+
+    if (retval = encode_krb5_enc_kdc_rep_part(encpart, &scratch)) {
+	return retval;
+    }
+
+#define cleanup_scratch() { (void) bzero(scratch->data, scratch->length); krb5_free_data(scratch); }
+
+    /* put together an eblock for this encryption */
+
+    eblock.crypto_entry = csarray[dec_rep->etype]->system;
+    dec_rep->enc_part.length = krb5_encrypt_size(scratch->length,
+					      eblock.crypto_entry);
+    if (!(dec_rep->enc_part.data = malloc(dec_rep->enc_part.length))) {
+	retval = ENOMEM;
+	goto clean_scratch;
+    }
+
+#define cleanup_encpart() {(void) bzero(dec_rep->enc_part.data, dec_rep->enc_part.length); free(dec_rep->enc_part.data); dec_rep->enc_part.length = 0; dec_rep->enc_part.data = 0;}
+
+    if (retval = (*eblock.crypto_entry->process_key)(&eblock, client_key)) {
+	goto clean_encpart;
+    }
+
+#define cleanup_prockey() {(void) (*eblock.crypto_entry->finish_key)(&eblock);}
+
+    if (retval =
+	(*eblock.crypto_entry->encrypt_func)((krb5_pointer) scratch->data,
+					     (krb5_pointer) dec_rep->enc_part.data,
+					     scratch->length, &eblock)) {
+	goto clean_prockey;
+    }
+
+    /* do some cleanup */
+    cleanup_scratch();
+
+    if (retval = (*eblock.crypto_entry->finish_key)(&eblock)) {
+	cleanup_encpart();
+	return retval;
+    }
+
+    /* now it's ready to be encoded for the wire! */
+
+    switch (type) {
+    case KRB5_AS_REP:
+	retval = encode_krb5_as_rep(dec_rep, enc_rep);
+	break;
+    case KRB5_TGS_REP:
+	retval = encode_krb5_tgs_rep(dec_rep, enc_rep);
+	break;
+    }
+    if (retval)
+	cleanup_encpart();
+    return retval;
+
+ clean_prockey:
+    cleanup_prockey();
+ clean_encpart:
+    cleanup_encpart();
+ clean_scratch:
+    cleanup_scratch();
+
+    return retval;
+}
diff --git a/src/lib/krb5/krb/encrypt_tk.c b/src/lib/krb5/krb/encrypt_tk.c
new file mode 100644
index 000000000..194b56ebe
--- /dev/null
+++ b/src/lib/krb5/krb/encrypt_tk.c
@@ -0,0 +1,104 @@
+/*
+ * $Source$
+ * $Author$
+ *
+ * Copyright 1990 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <krb5/mit-copyright.h>.
+ *
+ * krb5_encrypt_tkt_part() routine.
+ */
+
+#if !defined(lint) && !defined(SABER)
+static char rcsid_encrypt_tk_c[] =
+"$Id$";
+#endif	/* !lint & !SABER */
+
+#include <krb5/copyright.h>
+
+#include <krb5/krb5.h>
+#include <krb5/asn1.h>
+
+#include <errno.h>
+
+#include <krb5/ext-proto.h>
+
+/* array of pointers into encryption systems */
+extern krb5_cs_table_entry *csarray[];
+
+/*
+ Takes unencrypted dec_ticket & dec_tkt_part, encrypts with dec_ticket->etype
+ using *srv_key, and places result in dec_ticket->enc_part.
+ The string dec_ticket->enc_part will be allocated  before formatting.
+
+ returns errors from encryption routines, system errors
+
+ enc_part->data allocated & filled in with encrypted stuff
+*/
+
+krb5_error_code
+krb5_encrypt_tkt_part(dec_tkt_part, srv_key, dec_ticket)
+register krb5_enc_tkt_part *dec_tkt_part;
+krb5_keyblock *srv_key;
+register krb5_ticket *dec_ticket;
+{
+    krb5_data *scratch;
+    krb5_error_code retval;
+    krb5_encrypt_block eblock;
+
+    /* encrypt the encrypted part */
+
+    /*  start by encoding the to-be-encrypted part. */
+    if (retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch)) {
+	return retval;
+    }
+
+#define cleanup_scratch() { (void) bzero(scratch->data, scratch->length); krb5_free_data(scratch); }
+
+    /* put together an eblock for this encryption */
+
+    eblock.crypto_entry = csarray[dec_ticket->etype]->system;
+    dec_ticket->enc_part.length = krb5_encrypt_size(scratch->length,
+						     eblock.crypto_entry);
+    if (!(dec_ticket->enc_part.data = malloc(dec_ticket->enc_part.length))) {
+	retval = ENOMEM;
+	goto clean_scratch;
+    }
+
+#define cleanup_encpart() {(void) bzero(dec_ticket->enc_part.data, dec_ticket->enc_part.length); free(dec_ticket->enc_part.data); dec_ticket->enc_part.length = 0; dec_ticket->enc_part.data = 0;}
+
+    /* do any necessary key pre-processing */
+    if (retval = (*eblock.crypto_entry->process_key)(&eblock, srv_key)) {
+	goto clean_encpart;
+    }
+
+#define cleanup_prockey() {(void) (*eblock.crypto_entry->finish_key)(&eblock);}
+
+    /* call the encryption routine */
+    if (retval =
+	(*eblock.crypto_entry->encrypt_func)((krb5_pointer) scratch->data,
+					     (krb5_pointer) dec_ticket->enc_part.data,
+					     scratch->length, &eblock)) {
+	goto clean_prockey;
+    }
+
+    /* ticket is now assembled-- do some cleanup */
+    cleanup_scratch();
+
+    if (retval = (*eblock.crypto_entry->finish_key)(&eblock)) {
+	cleanup_encpart();
+	return retval;
+    }
+
+    return 0;
+
+ clean_prockey:
+    cleanup_prockey();
+ clean_encpart:
+    cleanup_encpart();
+ clean_scratch:
+    cleanup_scratch();
+
+    return retval;
+}