From b6c1cfe06e095a1aa972d0ccc4577c2a5196a0df Mon Sep 17 00:00:00 2001 From: John Kohl Date: Mon, 29 Jan 1990 16:17:50 +0000 Subject: [PATCH] *** empty log message *** git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@181 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/encode_kdc.c | 123 ++++++++++++++++++++++++++++++++++ src/lib/krb5/krb/encrypt_tk.c | 104 ++++++++++++++++++++++++++++ 2 files changed, 227 insertions(+) create mode 100644 src/lib/krb5/krb/encode_kdc.c create mode 100644 src/lib/krb5/krb/encrypt_tk.c diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c new file mode 100644 index 000000000..b9e5b758d --- /dev/null +++ b/src/lib/krb5/krb/encode_kdc.c @@ -0,0 +1,123 @@ +/* + * $Source$ + * $Author$ + * + * Copyright 1990 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * . + * + * krb5_encode_kdc_rep() function. + */ + +#if !defined(lint) && !defined(SABER) +static char rcsid_encode_kdc_c [] = +"$Id$"; +#endif /* !lint & !SABER */ + +#include +#include +#include +#include + +#include + +#include + +/* array of pointers into encryption systems */ +extern krb5_cs_table_entry *csarray[]; + +/* + Takes KDC rep parts in *rep and *encpart, and formats it into *enc_rep, + using message type type and encryption key client_key and encryption type + etype. + + The string *enc_rep will be allocated before formatting; the caller should + free when finished. + + returns system errors + + dec_rep->enc_part is allocated and filled in. +*/ +krb5_error_code +krb5_encode_kdc_rep(type, dec_rep, encpart, client_key, enc_rep) +krb5_msgtype type; +register krb5_kdc_rep *dec_rep; +register krb5_enc_kdc_rep_part *encpart; +krb5_keyblock *client_key; +krb5_data **enc_rep; +{ + krb5_data *scratch; + krb5_encrypt_block eblock; + krb5_error_code retval; + + switch (type) { + case KRB5_AS_REP: + case KRB5_TGS_REP: + break; + default: + return KRB5_BADMSGTYPE; + } + + if (retval = encode_krb5_enc_kdc_rep_part(encpart, &scratch)) { + return retval; + } + +#define cleanup_scratch() { (void) bzero(scratch->data, scratch->length); krb5_free_data(scratch); } + + /* put together an eblock for this encryption */ + + eblock.crypto_entry = csarray[dec_rep->etype]->system; + dec_rep->enc_part.length = krb5_encrypt_size(scratch->length, + eblock.crypto_entry); + if (!(dec_rep->enc_part.data = malloc(dec_rep->enc_part.length))) { + retval = ENOMEM; + goto clean_scratch; + } + +#define cleanup_encpart() {(void) bzero(dec_rep->enc_part.data, dec_rep->enc_part.length); free(dec_rep->enc_part.data); dec_rep->enc_part.length = 0; dec_rep->enc_part.data = 0;} + + if (retval = (*eblock.crypto_entry->process_key)(&eblock, client_key)) { + goto clean_encpart; + } + +#define cleanup_prockey() {(void) (*eblock.crypto_entry->finish_key)(&eblock);} + + if (retval = + (*eblock.crypto_entry->encrypt_func)((krb5_pointer) scratch->data, + (krb5_pointer) dec_rep->enc_part.data, + scratch->length, &eblock)) { + goto clean_prockey; + } + + /* do some cleanup */ + cleanup_scratch(); + + if (retval = (*eblock.crypto_entry->finish_key)(&eblock)) { + cleanup_encpart(); + return retval; + } + + /* now it's ready to be encoded for the wire! */ + + switch (type) { + case KRB5_AS_REP: + retval = encode_krb5_as_rep(dec_rep, enc_rep); + break; + case KRB5_TGS_REP: + retval = encode_krb5_tgs_rep(dec_rep, enc_rep); + break; + } + if (retval) + cleanup_encpart(); + return retval; + + clean_prockey: + cleanup_prockey(); + clean_encpart: + cleanup_encpart(); + clean_scratch: + cleanup_scratch(); + + return retval; +} diff --git a/src/lib/krb5/krb/encrypt_tk.c b/src/lib/krb5/krb/encrypt_tk.c new file mode 100644 index 000000000..194b56ebe --- /dev/null +++ b/src/lib/krb5/krb/encrypt_tk.c @@ -0,0 +1,104 @@ +/* + * $Source$ + * $Author$ + * + * Copyright 1990 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * . + * + * krb5_encrypt_tkt_part() routine. + */ + +#if !defined(lint) && !defined(SABER) +static char rcsid_encrypt_tk_c[] = +"$Id$"; +#endif /* !lint & !SABER */ + +#include + +#include +#include + +#include + +#include + +/* array of pointers into encryption systems */ +extern krb5_cs_table_entry *csarray[]; + +/* + Takes unencrypted dec_ticket & dec_tkt_part, encrypts with dec_ticket->etype + using *srv_key, and places result in dec_ticket->enc_part. + The string dec_ticket->enc_part will be allocated before formatting. + + returns errors from encryption routines, system errors + + enc_part->data allocated & filled in with encrypted stuff +*/ + +krb5_error_code +krb5_encrypt_tkt_part(dec_tkt_part, srv_key, dec_ticket) +register krb5_enc_tkt_part *dec_tkt_part; +krb5_keyblock *srv_key; +register krb5_ticket *dec_ticket; +{ + krb5_data *scratch; + krb5_error_code retval; + krb5_encrypt_block eblock; + + /* encrypt the encrypted part */ + + /* start by encoding the to-be-encrypted part. */ + if (retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch)) { + return retval; + } + +#define cleanup_scratch() { (void) bzero(scratch->data, scratch->length); krb5_free_data(scratch); } + + /* put together an eblock for this encryption */ + + eblock.crypto_entry = csarray[dec_ticket->etype]->system; + dec_ticket->enc_part.length = krb5_encrypt_size(scratch->length, + eblock.crypto_entry); + if (!(dec_ticket->enc_part.data = malloc(dec_ticket->enc_part.length))) { + retval = ENOMEM; + goto clean_scratch; + } + +#define cleanup_encpart() {(void) bzero(dec_ticket->enc_part.data, dec_ticket->enc_part.length); free(dec_ticket->enc_part.data); dec_ticket->enc_part.length = 0; dec_ticket->enc_part.data = 0;} + + /* do any necessary key pre-processing */ + if (retval = (*eblock.crypto_entry->process_key)(&eblock, srv_key)) { + goto clean_encpart; + } + +#define cleanup_prockey() {(void) (*eblock.crypto_entry->finish_key)(&eblock);} + + /* call the encryption routine */ + if (retval = + (*eblock.crypto_entry->encrypt_func)((krb5_pointer) scratch->data, + (krb5_pointer) dec_ticket->enc_part.data, + scratch->length, &eblock)) { + goto clean_prockey; + } + + /* ticket is now assembled-- do some cleanup */ + cleanup_scratch(); + + if (retval = (*eblock.crypto_entry->finish_key)(&eblock)) { + cleanup_encpart(); + return retval; + } + + return 0; + + clean_prockey: + cleanup_prockey(); + clean_encpart: + cleanup_encpart(); + clean_scratch: + cleanup_scratch(); + + return retval; +} -- 2.26.2