From: Kevin Coffman <kwc@citi.umich.edu>
Date: Fri, 17 Nov 2006 19:48:17 +0000 (+0000)
Subject: update krb5_c_keylength function, create krb5_c_random_to_key function
X-Git-Tag: krb5-1.7-alpha1~1443
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e91c20fb8b51c22f8a81ebd8f81343f4bd1d0896;p=krb5.git

update krb5_c_keylength function, create krb5_c_random_to_key function

Modify the keylength function to return both keybytes and keylength.
Change the name of the function and source file to reflect this.

Add a function, krb5_c_random_to_key() that takes random input data
of the right length (keybytes) and produce a valid key for a given
enctype.

ticket: new
Target_Version: 1.6
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18836 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
index 71928d057..b46c553d0 100644
--- a/src/lib/crypto/Makefile.in
+++ b/src/lib/crypto/Makefile.in
@@ -52,7 +52,7 @@ STLIBOBJS=\
 	keyblocks.o \
 	keyed_cksum.o		\
 	keyed_checksum_types.o	\
-	keylength.o		\
+	keylengths.o		\
 	make_checksum.o		\
 	make_random_key.o	\
 	mandatory_sumtype.o	\
@@ -61,6 +61,7 @@ STLIBOBJS=\
 	pbkdf2.o		\
 	prf.o \
 	prng.o			\
+	random_to_key.o		\
 	state.o \
 	string_to_cksumtype.o	\
 	string_to_enctype.o	\
@@ -88,7 +89,7 @@ OBJS=\
 	$(OUTPRE)keyblocks.$(OBJEXT) \
 	$(OUTPRE)keyed_cksum.$(OBJEXT)		\
 	$(OUTPRE)keyed_checksum_types.$(OBJEXT)	\
-	$(OUTPRE)keylength.$(OBJEXT)	\
+	$(OUTPRE)keylengths.$(OBJEXT)	\
 	$(OUTPRE)make_checksum.$(OBJEXT)	\
 	$(OUTPRE)make_random_key.$(OBJEXT)	\
 	$(OUTPRE)mandatory_sumtype.$(OBJEXT)	\
@@ -97,6 +98,7 @@ OBJS=\
 	$(OUTPRE)pbkdf2.$(OBJEXT)		\
 	$(OUTPRE)prf.$(OBJEXT) \
 	$(OUTPRE)prng.$(OBJEXT)			\
+	$(OUTPRE)random_to_key.$(OBJEXT)	\
 	$(OUTPRE)state.$(OBJEXT) \
 	$(OUTPRE)string_to_cksumtype.$(OBJEXT)	\
 	$(OUTPRE)string_to_enctype.$(OBJEXT)	\
@@ -124,7 +126,7 @@ SRCS=\
 	$(srcdir)/keyblocks.c \
 	$(srcdir)/keyed_cksum.c		\
 	$(srcdir)/keyed_checksum_types.c\
-	$(srcdir)/keylength.c		\
+	$(srcdir)/keylengths.c		\
 	$(srcdir)/make_checksum.c	\
 	$(srcdir)/make_random_key.c	\
 	$(srcdir)/mandatory_sumtype.c	\
@@ -133,6 +135,7 @@ SRCS=\
 	$(srcdir)/pbkdf2.c	\
 	$(srcdir)/prf.c \
 	$(srcdir)/prng.c		\
+	$(srcdir)/random_to_key.c	\
 	$(srcdir)/state.c \
 	$(srcdir)/string_to_cksumtype.c	\
 	$(srcdir)/string_to_enctype.c	\
@@ -527,7 +530,7 @@ keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$(
   $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
   $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
   cksumtypes.h etypes.h keyed_checksum_types.c
-keylength.so keylength.po $(OUTPRE)keylength.$(OBJEXT): \
+keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
   $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \
@@ -535,7 +538,7 @@ keylength.so keylength.po $(OUTPRE)keylength.$(OBJEXT): \
   $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
   $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
   $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
-  etypes.h keylength.c
+  etypes.h keylengths.c
 make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
@@ -608,6 +611,15 @@ prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(srcdir)/sha1/shs.h $(srcdir)/yarrow/yarrow.h $(srcdir)/yarrow/ycipher.h \
   $(srcdir)/yarrow/yhash.h $(srcdir)/yarrow/ytypes.h \
   prng.c
+random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \
+  $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+  $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+  $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+  $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+  etypes.h random_to_key.c
 state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h \
diff --git a/src/lib/crypto/keylength.c b/src/lib/crypto/keylengths.c
similarity index 79%
rename from src/lib/crypto/keylength.c
rename to src/lib/crypto/keylengths.c
index 0b2a85473..acd1da81b 100644
--- a/src/lib/crypto/keylength.c
+++ b/src/lib/crypto/keylengths.c
@@ -31,13 +31,17 @@
 #include "k5-int.h"
 #include "etypes.h"
 
+/*
+ * keybytes is the number of bytes required as input to make a key,
+ * keylength is the length of the final key in bytes
+ */
 krb5_error_code KRB5_CALLCONV
-krb5_c_keylength(krb5_context context, krb5_enctype enctype,
-		  size_t *keylength)
+krb5_c_keylengths(krb5_context context, krb5_enctype enctype,
+		  size_t *keybytes, size_t *keylength)
 {
     int i;
 
-    if (keylength == NULL)
+    if (keybytes == NULL && keylength == NULL)
 	return(EINVAL);
 
     for (i=0; i<krb5_enctypes_length; i++) {
@@ -48,7 +52,10 @@ krb5_c_keylength(krb5_context context, krb5_enctype enctype,
     if (i == krb5_enctypes_length)
 	return(KRB5_BAD_ENCTYPE);
 
-    *keylength = krb5_enctypes_list[i].enc->keylength;
+    if (keybytes)
+	*keybytes = krb5_enctypes_list[i].enc->keybytes;
+    if (keylength)
+	*keylength = krb5_enctypes_list[i].enc->keylength;
 
     return(0);
 }
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index 1f7dc3215..99eb2025b 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports
@@ -23,7 +23,7 @@ krb5_c_init_state
 krb5_c_is_coll_proof_cksum
 krb5_c_is_keyed_cksum
 krb5_c_keyed_checksum_types
-krb5_c_keylength
+krb5_c_keylengths
 krb5_c_make_checksum
 krb5_c_make_random_key
 krb5_c_prf
@@ -32,6 +32,7 @@ krb5_c_random_add_entropy
 krb5_c_random_make_octets
 krb5_c_random_os_entropy
 krb5_c_random_seed
+krb5_c_random_to_key
 krb5_c_string_to_key
 krb5_c_string_to_key_with_params
 krb5_c_valid_cksumtype
diff --git a/src/lib/crypto/random_to_key.c b/src/lib/crypto/random_to_key.c
new file mode 100644
index 000000000..20f0abc0d
--- /dev/null
+++ b/src/lib/crypto/random_to_key.c
@@ -0,0 +1,73 @@
+/*
+ * COPYRIGHT (c) 2006
+ * The Regents of the University of Michigan
+ * ALL RIGHTS RESERVED
+ * 
+ * Permission is granted to use, copy, create derivative works
+ * and redistribute this software and such derivative works
+ * for any purpose, so long as the name of The University of
+ * Michigan is not used in any advertising or publicity
+ * pertaining to the use of distribution of this software
+ * without specific, written prior authorization.  If the
+ * above copyright notice or any other identification of the
+ * University of Michigan is included in any copy of any
+ * portion of this software, then the disclaimer below must
+ * also be included.
+ * 
+ * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
+ * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
+ * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
+ * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
+ * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
+ * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
+ * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
+ * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
+ * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGES.
+ */
+
+/*
+ * Create a key given random data.  It is assumed that random_key has
+ * already been initialized and random_key->contents have been allocated
+ * with the correct length.
+ */
+#include "k5-int.h"
+#include "etypes.h"
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_random_to_key(krb5_context context, krb5_enctype enctype,
+		     krb5_data *random_data, krb5_keyblock *random_key)
+{
+    int i;
+    krb5_error_code ret;
+    const struct krb5_enc_provider *enc;
+
+    if (random_data == NULL || random_key == NULL)
+	return(EINVAL);
+
+    if (random_key->contents == NULL)
+	return(EINVAL);
+
+    for (i=0; i<krb5_enctypes_length; i++) {
+	if (krb5_enctypes_list[i].etype == enctype)
+	    break;
+    }
+
+    if (i == krb5_enctypes_length)
+	return(KRB5_BAD_ENCTYPE);
+
+    enc = krb5_enctypes_list[i].enc;
+
+    if (random_key->length != enc->keylength)
+	return(KRB5_BAD_KEYSIZE);
+
+    ret = ((*(enc->make_key))(random_data, random_key));
+
+    if (ret) {
+	memset(random_key->contents, 0, random_key->length);
+    }
+
+    return(ret);
+}