From 5d4a32ce4e34c6365af72a7eec7fe1cfbda90112 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Thu, 30 Nov 2006 23:21:11 +0000 Subject: [PATCH] pull up r18836 from trunk r18836@cathode-dark-space: coffman | 2006-11-17 14:48:17 -0500 subject: update krb5_c_keylength function, create krb5_c_random_to_key function ticket: new Target_Version: 1.6 Tags: pullup Modify the keylength function to return both keybytes and keylength. Change the name of the function and source file to reflect this. Add a function, krb5_c_random_to_key() that takes random input data of the right length (keybytes) and produce a valid key for a given enctype. ticket: 4799 version_fixed: 1.6 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18890 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/Makefile.in | 22 ++++-- src/lib/crypto/{keylength.c => keylengths.c} | 15 ++-- src/lib/crypto/libk5crypto.exports | 3 +- src/lib/crypto/random_to_key.c | 73 ++++++++++++++++++++ 4 files changed, 103 insertions(+), 10 deletions(-) rename src/lib/crypto/{keylength.c => keylengths.c} (79%) create mode 100644 src/lib/crypto/random_to_key.c diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index 71928d057..b46c553d0 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -52,7 +52,7 @@ STLIBOBJS=\ keyblocks.o \ keyed_cksum.o \ keyed_checksum_types.o \ - keylength.o \ + keylengths.o \ make_checksum.o \ make_random_key.o \ mandatory_sumtype.o \ @@ -61,6 +61,7 @@ STLIBOBJS=\ pbkdf2.o \ prf.o \ prng.o \ + random_to_key.o \ state.o \ string_to_cksumtype.o \ string_to_enctype.o \ @@ -88,7 +89,7 @@ OBJS=\ $(OUTPRE)keyblocks.$(OBJEXT) \ $(OUTPRE)keyed_cksum.$(OBJEXT) \ $(OUTPRE)keyed_checksum_types.$(OBJEXT) \ - $(OUTPRE)keylength.$(OBJEXT) \ + $(OUTPRE)keylengths.$(OBJEXT) \ $(OUTPRE)make_checksum.$(OBJEXT) \ $(OUTPRE)make_random_key.$(OBJEXT) \ $(OUTPRE)mandatory_sumtype.$(OBJEXT) \ @@ -97,6 +98,7 @@ OBJS=\ $(OUTPRE)pbkdf2.$(OBJEXT) \ $(OUTPRE)prf.$(OBJEXT) \ $(OUTPRE)prng.$(OBJEXT) \ + $(OUTPRE)random_to_key.$(OBJEXT) \ $(OUTPRE)state.$(OBJEXT) \ $(OUTPRE)string_to_cksumtype.$(OBJEXT) \ $(OUTPRE)string_to_enctype.$(OBJEXT) \ @@ -124,7 +126,7 @@ SRCS=\ $(srcdir)/keyblocks.c \ $(srcdir)/keyed_cksum.c \ $(srcdir)/keyed_checksum_types.c\ - $(srcdir)/keylength.c \ + $(srcdir)/keylengths.c \ $(srcdir)/make_checksum.c \ $(srcdir)/make_random_key.c \ $(srcdir)/mandatory_sumtype.c \ @@ -133,6 +135,7 @@ SRCS=\ $(srcdir)/pbkdf2.c \ $(srcdir)/prf.c \ $(srcdir)/prng.c \ + $(srcdir)/random_to_key.c \ $(srcdir)/state.c \ $(srcdir)/string_to_cksumtype.c \ $(srcdir)/string_to_enctype.c \ @@ -527,7 +530,7 @@ keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$( $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ cksumtypes.h etypes.h keyed_checksum_types.c -keylength.so keylength.po $(OUTPRE)keylength.$(OBJEXT): \ +keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \ @@ -535,7 +538,7 @@ keylength.so keylength.po $(OUTPRE)keylength.$(OBJEXT): \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - etypes.h keylength.c + etypes.h keylengths.c make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -608,6 +611,15 @@ prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(srcdir)/sha1/shs.h $(srcdir)/yarrow/yarrow.h $(srcdir)/yarrow/ycipher.h \ $(srcdir)/yarrow/yhash.h $(srcdir)/yarrow/ytypes.h \ prng.c +random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ + $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ + $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + etypes.h random_to_key.c state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h \ diff --git a/src/lib/crypto/keylength.c b/src/lib/crypto/keylengths.c similarity index 79% rename from src/lib/crypto/keylength.c rename to src/lib/crypto/keylengths.c index 0b2a85473..acd1da81b 100644 --- a/src/lib/crypto/keylength.c +++ b/src/lib/crypto/keylengths.c @@ -31,13 +31,17 @@ #include "k5-int.h" #include "etypes.h" +/* + * keybytes is the number of bytes required as input to make a key, + * keylength is the length of the final key in bytes + */ krb5_error_code KRB5_CALLCONV -krb5_c_keylength(krb5_context context, krb5_enctype enctype, - size_t *keylength) +krb5_c_keylengths(krb5_context context, krb5_enctype enctype, + size_t *keybytes, size_t *keylength) { int i; - if (keylength == NULL) + if (keybytes == NULL && keylength == NULL) return(EINVAL); for (i=0; ikeylength; + if (keybytes) + *keybytes = krb5_enctypes_list[i].enc->keybytes; + if (keylength) + *keylength = krb5_enctypes_list[i].enc->keylength; return(0); } diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports index 1f7dc3215..99eb2025b 100644 --- a/src/lib/crypto/libk5crypto.exports +++ b/src/lib/crypto/libk5crypto.exports @@ -23,7 +23,7 @@ krb5_c_init_state krb5_c_is_coll_proof_cksum krb5_c_is_keyed_cksum krb5_c_keyed_checksum_types -krb5_c_keylength +krb5_c_keylengths krb5_c_make_checksum krb5_c_make_random_key krb5_c_prf @@ -32,6 +32,7 @@ krb5_c_random_add_entropy krb5_c_random_make_octets krb5_c_random_os_entropy krb5_c_random_seed +krb5_c_random_to_key krb5_c_string_to_key krb5_c_string_to_key_with_params krb5_c_valid_cksumtype diff --git a/src/lib/crypto/random_to_key.c b/src/lib/crypto/random_to_key.c new file mode 100644 index 000000000..20f0abc0d --- /dev/null +++ b/src/lib/crypto/random_to_key.c @@ -0,0 +1,73 @@ +/* + * COPYRIGHT (c) 2006 + * The Regents of the University of Michigan + * ALL RIGHTS RESERVED + * + * Permission is granted to use, copy, create derivative works + * and redistribute this software and such derivative works + * for any purpose, so long as the name of The University of + * Michigan is not used in any advertising or publicity + * pertaining to the use of distribution of this software + * without specific, written prior authorization. If the + * above copyright notice or any other identification of the + * University of Michigan is included in any copy of any + * portion of this software, then the disclaimer below must + * also be included. + * + * THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION + * FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY + * PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF + * MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING + * WITHOUT LIMITATION THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE + * REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE + * FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR + * CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING + * OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN + * IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGES. + */ + +/* + * Create a key given random data. It is assumed that random_key has + * already been initialized and random_key->contents have been allocated + * with the correct length. + */ +#include "k5-int.h" +#include "etypes.h" + +krb5_error_code KRB5_CALLCONV +krb5_c_random_to_key(krb5_context context, krb5_enctype enctype, + krb5_data *random_data, krb5_keyblock *random_key) +{ + int i; + krb5_error_code ret; + const struct krb5_enc_provider *enc; + + if (random_data == NULL || random_key == NULL) + return(EINVAL); + + if (random_key->contents == NULL) + return(EINVAL); + + for (i=0; ilength != enc->keylength) + return(KRB5_BAD_KEYSIZE); + + ret = ((*(enc->make_key))(random_data, random_key)); + + if (ret) { + memset(random_key->contents, 0, random_key->length); + } + + return(ret); +} -- 2.26.2