From 01cc5eb727ff872c52be731a72ae9a5b1a567836 Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Mon, 13 Nov 1995 16:53:23 +0000
Subject: [PATCH] * encrypt_data.c (krb5_encrypt_data): New file.  A generic
 routine 	for encrypting data in a krb5_data structure.  Fills in a 
 krb5_enc_data structure.

* decrypt_data.c (krb5_decrypt_data): New file.  A generic routine
	for decrypting data in a krb5_enc_data structure.  Fills
	in a krb5_data structure.

* Makefile.in (SRCS): Added decrypt_data.c and encrypt_data.c to
	list of files to be compiled.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7100 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/crypto/ChangeLog      | 13 +++++++
 src/lib/crypto/Makefile.in    |  4 ++
 src/lib/crypto/decrypt_data.c | 66 +++++++++++++++++++++++++++++++++
 src/lib/crypto/encrypt_data.c | 70 +++++++++++++++++++++++++++++++++++
 4 files changed, 153 insertions(+)
 create mode 100644 src/lib/crypto/decrypt_data.c
 create mode 100644 src/lib/crypto/encrypt_data.c

diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog
index 5b9d99f18..298030de3 100644
--- a/src/lib/crypto/ChangeLog
+++ b/src/lib/crypto/ChangeLog
@@ -1,3 +1,16 @@
+Mon Nov 13 11:30:10 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* encrypt_data.c (krb5_encrypt_data): New file.  A generic routine
+		for encrypting data in a krb5_data structure.  Fills in a
+		krb5_enc_data structure.
+
+	* decrypt_data.c (krb5_decrypt_data): New file.  A generic routine
+		for decrypting data in a krb5_enc_data structure.  Fills
+		in a krb5_data structure.
+
+	* Makefile.in (SRCS): Added decrypt_data.c and encrypt_data.c to
+		list of files to be compiled.
+
 Fri Oct  6 22:01:04 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* Makefile.in: Remove ##DOS!include of config/windows.in.
diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
index c8f62a9f3..7d8c0a330 100644
--- a/src/lib/crypto/Makefile.in
+++ b/src/lib/crypto/Makefile.in
@@ -10,11 +10,15 @@ TST=if test -n "`cat DONE`" ; then
 @SHARED_RULE@
 
 OBJS=	cryptoconf.$(OBJEXT) \
+	encrypt_data.$(OBJEXT) \
+	decrypt_data.$(OBJEXT) \
 	des_crc.$(OBJEXT) \
 	des_md5.$(OBJEXT) \
 	raw_des.$(OBJEXT)
 
 SRCS=	$(srcdir)/cryptoconf.c \
+	$(srcdir)/encrypt_data.c \
+	$(srcdir)/decrypt_data.c \
 	$(srcdir)/des_crc.c \
 	$(srcdir)/des_md5.c \
 	$(srcdir)/raw_des.c 
diff --git a/src/lib/crypto/decrypt_data.c b/src/lib/crypto/decrypt_data.c
new file mode 100644
index 000000000..ae886d0c9
--- /dev/null
+++ b/src/lib/crypto/decrypt_data.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright 1995 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include "k5-int.h"
+
+/*
+ * This routine takes a key and a krb5_enc_data structure as input, and
+ * outputs the decrypted data in a krb5_data structure.  Note that
+ * the krb5_data structure is not allocated.
+ */
+krb5_error_code
+krb5_decrypt_data(context, key, ivec, enc_data, data)
+    krb5_context	context;
+    krb5_keyblock *	key;
+    krb5_pointer	ivec;
+    krb5_enc_data *	enc_data;
+    krb5_data *		data;
+{
+    krb5_error_code	retval;
+    krb5_encrypt_block	eblock;
+
+    krb5_use_enctype(context, &eblock, key->enctype);
+    data->length = enc_data->ciphertext.length;
+    if (!(data->data = malloc(data->length)))
+	return ENOMEM;
+
+    if ((retval = krb5_process_key(context, &eblock, key)) != 0)
+	goto cleanup;
+
+    if ((retval = krb5_decrypt(context,
+			       (krb5_pointer) enc_data->ciphertext.data,
+			       (krb5_pointer) data->data,
+			       enc_data->ciphertext.length, &eblock, ivec))) {
+    	krb5_finish_key(context, &eblock);
+        goto cleanup;
+    }
+    (void) krb5_finish_key(context, &eblock);
+
+    return 0;
+
+cleanup:
+    if (data->data) {
+	free(data->data);
+	data->data = 0;
+    }
+    return retval;
+}
diff --git a/src/lib/crypto/encrypt_data.c b/src/lib/crypto/encrypt_data.c
new file mode 100644
index 000000000..b2f039f33
--- /dev/null
+++ b/src/lib/crypto/encrypt_data.c
@@ -0,0 +1,70 @@
+/*
+ * Copyright 1995 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include "k5-int.h"
+
+/*
+ * This routine takes a key and a krb5_data structure as input, and
+ * outputs the encrypted data in a krb5_enc_data structure.  Note that
+ * the krb5_enc_data structure is not allocated, and the kvno field is
+ * not filled in.
+ */
+krb5_error_code
+krb5_encrypt_data(context, key, ivec, data, enc_data)
+    krb5_context	context;
+    krb5_keyblock *	key;
+    krb5_pointer	ivec;
+    krb5_data *		data;
+    krb5_enc_data *	enc_data;
+{
+    krb5_error_code	retval;
+    krb5_encrypt_block	eblock;
+
+    krb5_use_enctype(context, &eblock, key->enctype);
+
+    enc_data->magic = KV5M_ENC_DATA;
+    enc_data->kvno = 0;
+    enc_data->enctype = key->enctype;
+    enc_data->ciphertext.length = krb5_encrypt_size(data->length,
+						    eblock.crypto_entry);
+    enc_data->ciphertext.data = malloc(enc_data->ciphertext.length);
+    if (enc_data->ciphertext.data == 0)
+	return ENOMEM;
+
+    if ((retval = krb5_process_key(context, &eblock, key)) != 0)
+	goto cleanup;
+
+    if ((retval = krb5_encrypt(context, (krb5_pointer) data->data,
+			       (krb5_pointer) enc_data->ciphertext.data,
+			       data->length, &eblock, ivec))) {
+    	krb5_finish_key(context, &eblock);
+        goto cleanup;
+    }
+    (void) krb5_finish_key(context, &eblock);
+
+    return 0;
+
+cleanup:
+    free(enc_data->ciphertext.data);
+    return retval;
+}
+    
-- 
2.26.2