Tree - source-git/krb5 - CentOS Git server

source-git / krb5

Blame src/lib/kdb/encrypt_key.c

Blob History Raw

Packit Service	99d1c0	`/* -- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -- */`
Packit Service	99d1c0	`/* lib/kdb/encrypt_key.c */`
Packit Service	99d1c0	`/*`
Packit Service	99d1c0	`* Copyright 1990,1991 by the Massachusetts Institute of Technology.`
Packit Service	99d1c0	`* All Rights Reserved.`
Packit Service	99d1c0	`*`
Packit Service	99d1c0	`* Export of this software from the United States of America may`
Packit Service	99d1c0	`* require a specific license from the United States Government.`
Packit Service	99d1c0	`* It is the responsibility of any person or organization contemplating`
Packit Service	99d1c0	`* export to obtain such a license before exporting.`
Packit Service	99d1c0	`*`
Packit Service	99d1c0	`* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and`
Packit Service	99d1c0	`* distribute this software and its documentation for any purpose and`
Packit Service	99d1c0	`* without fee is hereby granted, provided that the above copyright`
Packit Service	99d1c0	`* notice appear in all copies and that both that copyright notice and`
Packit Service	99d1c0	`* this permission notice appear in supporting documentation, and that`
Packit Service	99d1c0	`* the name of M.I.T. not be used in advertising or publicity pertaining`
Packit Service	99d1c0	`* to distribution of the software without specific, written prior`
Packit Service	99d1c0	`* permission. Furthermore if you modify this software you must label`
Packit Service	99d1c0	`* your software as modified software and not distribute it in such a`
Packit Service	99d1c0	`* fashion that it might be confused with the original M.I.T. software.`
Packit Service	99d1c0	`* M.I.T. makes no representations about the suitability of`
Packit Service	99d1c0	`* this software for any purpose. It is provided "as is" without express`
Packit Service	99d1c0	`* or implied warranty.`
Packit Service	99d1c0	`*/`
Packit Service	99d1c0	`/*`
Packit Service	99d1c0	`* Copyright (C) 1998 by the FundsXpress, INC.`
Packit Service	99d1c0	`*`
Packit Service	99d1c0	`* All rights reserved.`
Packit Service	99d1c0	`*`
Packit Service	99d1c0	`* Export of this software from the United States of America may require`
Packit Service	99d1c0	`* a specific license from the United States Government. It is the`
Packit Service	99d1c0	`* responsibility of any person or organization contemplating export to`
Packit Service	99d1c0	`* obtain such a license before exporting.`
Packit Service	99d1c0	`*`
Packit Service	99d1c0	`* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and`
Packit Service	99d1c0	`* distribute this software and its documentation for any purpose and`
Packit Service	99d1c0	`* without fee is hereby granted, provided that the above copyright`
Packit Service	99d1c0	`* notice appear in all copies and that both that copyright notice and`
Packit Service	99d1c0	`* this permission notice appear in supporting documentation, and that`
Packit Service	99d1c0	`* the name of FundsXpress. not be used in advertising or publicity pertaining`
Packit Service	99d1c0	`* to distribution of the software without specific, written prior`
Packit Service	99d1c0	`* permission. FundsXpress makes no representations about the suitability of`
Packit Service	99d1c0	`* this software for any purpose. It is provided "as is" without express`
Packit Service	99d1c0	`* or implied warranty.`
Packit Service	99d1c0	`*`
Packit Service	99d1c0	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
Packit Service	99d1c0	`* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED`
Packit Service	99d1c0	`* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.`
Packit Service	99d1c0	`*/`
Packit Service	99d1c0
Packit Service	99d1c0	`#include "k5-int.h"`
Packit Service	99d1c0	`#include "kdb.h"`
Packit Service	99d1c0
Packit Service	99d1c0	`/*`
Packit Service	99d1c0	`* Encrypt a key for storage in the database. "eblock" is used`
Packit Service	99d1c0	`* to encrypt the key in "in" into "out"; the storage pointed to by "out"`
Packit Service	99d1c0	`* is allocated before use.`
Packit Service	99d1c0	`*/`
Packit Service	99d1c0
Packit Service	99d1c0	`krb5_error_code`
Packit Service	99d1c0	`krb5_dbe_def_encrypt_key_data( krb5_context context,`
Packit Service	99d1c0	`const krb5_keyblock * mkey,`
Packit Service	99d1c0	`const krb5_keyblock * dbkey,`
Packit Service	99d1c0	`const krb5_keysalt * keysalt,`
Packit Service	99d1c0	`int keyver,`
Packit Service	99d1c0	`krb5_key_data * key_data)`
Packit Service	99d1c0	`{`
Packit Service	99d1c0	`krb5_error_code retval;`
Packit Service	99d1c0	`krb5_octet * ptr;`
Packit Service	99d1c0	`size_t len;`
Packit Service	99d1c0	`int i;`
Packit Service	99d1c0	`krb5_data plain;`
Packit Service	99d1c0	`krb5_enc_data cipher;`
Packit Service	99d1c0
Packit Service	99d1c0	`for (i = 0; i < key_data->key_data_ver; i++) {`
Packit Service	99d1c0	`free(key_data->key_data_contents[i]);`
Packit Service	99d1c0	`key_data->key_data_contents[i] = NULL;`
Packit Service	99d1c0	`}`
Packit Service	99d1c0
Packit Service	99d1c0	`key_data->key_data_ver = 1;`
Packit Service	99d1c0	`key_data->key_data_kvno = keyver;`
Packit Service	99d1c0
Packit Service	99d1c0	`/*`
Packit Service	99d1c0	`* The First element of the type/length/contents`
Packit Service	99d1c0	`* fields is the key type/length/contents`
Packit Service	99d1c0	`*/`
Packit Service	99d1c0	`if ((retval = krb5_c_encrypt_length(context, mkey->enctype, dbkey->length,`
Packit Service	99d1c0	`&len)))`
Packit Service	99d1c0	`return(retval);`
Packit Service	99d1c0
Packit Service	99d1c0	`ptr = malloc(2 + len);`
Packit Service	99d1c0	`if (ptr == NULL)`
Packit Service	99d1c0	`return(ENOMEM);`
Packit Service	99d1c0
Packit Service	99d1c0	`key_data->key_data_type[0] = dbkey->enctype;`
Packit Service	99d1c0	`key_data->key_data_length[0] = 2 + len;`
Packit Service	99d1c0	`key_data->key_data_contents[0] = ptr;`
Packit Service	99d1c0
Packit Service	99d1c0	`krb5_kdb_encode_int16(dbkey->length, ptr);`
Packit Service	99d1c0	`ptr += 2;`
Packit Service	99d1c0
Packit Service	99d1c0	`plain.length = dbkey->length;`
Packit Service	99d1c0	`plain.data = (char *) dbkey->contents;`
Packit Service	99d1c0
Packit Service	99d1c0	`cipher.ciphertext.length = len;`
Packit Service	99d1c0	`cipher.ciphertext.data = (char *) ptr;`
Packit Service	99d1c0
Packit Service	99d1c0	`if ((retval = krb5_c_encrypt(context, mkey, /* XXX */ 0, 0,`
Packit Service	99d1c0	`&plain, &cipher))) {`
Packit Service	99d1c0	`free(key_data->key_data_contents[0]);`
Packit Service	99d1c0	`return retval;`
Packit Service	99d1c0	`}`
Packit Service	99d1c0
Packit Service	99d1c0	`/* After key comes the salt in necessary */`
Packit Service	99d1c0	`if (keysalt) {`
Packit Service	99d1c0	`if (keysalt->type > 0) {`
Packit Service	99d1c0	`key_data->key_data_ver++;`
Packit Service	99d1c0	`key_data->key_data_type[1] = keysalt->type;`
Packit Service	99d1c0	`if ((key_data->key_data_length[1] = keysalt->data.length) != 0) {`
Packit Service	99d1c0	`key_data->key_data_contents[1] = malloc(keysalt->data.length);`
Packit Service	99d1c0	`if (key_data->key_data_contents[1] == NULL) {`
Packit Service	99d1c0	`free(key_data->key_data_contents[0]);`
Packit Service	99d1c0	`return ENOMEM;`
Packit Service	99d1c0	`}`
Packit Service	99d1c0	`memcpy(key_data->key_data_contents[1], keysalt->data.data,`
Packit Service	99d1c0	`(size_t) keysalt->data.length);`
Packit Service	99d1c0	`}`
Packit Service	99d1c0	`}`
Packit Service	99d1c0	`}`
Packit Service	99d1c0
Packit Service	99d1c0	`return retval;`
Packit Service	99d1c0	`}`

source-git / krb5

Source Code

Blame src/lib/kdb/encrypt_key.c