1 /* $NetBSD: keyblock.c,v 1.2 2017/01/28 21:31:49 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include "krb5_locl.h" 37 38 /** 39 * Zero out a keyblock 40 * 41 * @param keyblock keyblock to zero out 42 * 43 * @ingroup krb5_crypto 44 */ 45 46 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 47 krb5_keyblock_zero(krb5_keyblock *keyblock) 48 { 49 keyblock->keytype = 0; 50 krb5_data_zero(&keyblock->keyvalue); 51 } 52 53 /** 54 * Free a keyblock's content, also zero out the content of the keyblock. 55 * 56 * @param context a Kerberos 5 context 57 * @param keyblock keyblock content to free, NULL is valid argument 58 * 59 * @ingroup krb5_crypto 60 */ 61 62 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 63 krb5_free_keyblock_contents(krb5_context context, 64 krb5_keyblock *keyblock) 65 { 66 if(keyblock) { 67 if (keyblock->keyvalue.data != NULL) 68 memset(keyblock->keyvalue.data, 0, keyblock->keyvalue.length); 69 krb5_data_free (&keyblock->keyvalue); 70 keyblock->keytype = KRB5_ENCTYPE_NULL; 71 } 72 } 73 74 /** 75 * Free a keyblock, also zero out the content of the keyblock, uses 76 * krb5_free_keyblock_contents() to free the content. 77 * 78 * @param context a Kerberos 5 context 79 * @param keyblock keyblock to free, NULL is valid argument 80 * 81 * @ingroup krb5_crypto 82 */ 83 84 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 85 krb5_free_keyblock(krb5_context context, 86 krb5_keyblock *keyblock) 87 { 88 if(keyblock){ 89 krb5_free_keyblock_contents(context, keyblock); 90 free(keyblock); 91 } 92 } 93 94 /** 95 * Copy a keyblock, free the output keyblock with 96 * krb5_free_keyblock_contents(). 97 * 98 * @param context a Kerberos 5 context 99 * @param inblock the key to copy 100 * @param to the output key. 101 * 102 * @return 0 on success or a Kerberos 5 error code 103 * 104 * @ingroup krb5_crypto 105 */ 106 107 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 108 krb5_copy_keyblock_contents (krb5_context context, 109 const krb5_keyblock *inblock, 110 krb5_keyblock *to) 111 { 112 return copy_EncryptionKey(inblock, to); 113 } 114 115 /** 116 * Copy a keyblock, free the output keyblock with 117 * krb5_free_keyblock(). 118 * 119 * @param context a Kerberos 5 context 120 * @param inblock the key to copy 121 * @param to the output key. 122 * 123 * @return 0 on success or a Kerberos 5 error code 124 * 125 * @ingroup krb5_crypto 126 */ 127 128 129 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 130 krb5_copy_keyblock (krb5_context context, 131 const krb5_keyblock *inblock, 132 krb5_keyblock **to) 133 { 134 krb5_error_code ret; 135 krb5_keyblock *k; 136 137 *to = NULL; 138 139 k = calloc (1, sizeof(*k)); 140 if (k == NULL) 141 return krb5_enomem(context); 142 143 ret = krb5_copy_keyblock_contents (context, inblock, k); 144 if (ret) { 145 free(k); 146 return ret; 147 } 148 *to = k; 149 return 0; 150 } 151 152 /** 153 * Get encryption type of a keyblock. 154 * 155 * @ingroup krb5_crypto 156 */ 157 158 KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 159 krb5_keyblock_get_enctype(const krb5_keyblock *block) 160 { 161 return block->keytype; 162 } 163 164 /** 165 * Fill in `key' with key data of type `enctype' from `data' of length 166 * `size'. Key should be freed using krb5_free_keyblock_contents(). 167 * 168 * @return 0 on success or a Kerberos 5 error code 169 * 170 * @ingroup krb5_crypto 171 */ 172 173 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 174 krb5_keyblock_init(krb5_context context, 175 krb5_enctype type, 176 const void *data, 177 size_t size, 178 krb5_keyblock *key) 179 { 180 krb5_error_code ret; 181 size_t len; 182 183 memset(key, 0, sizeof(*key)); 184 185 ret = krb5_enctype_keysize(context, type, &len); 186 if (ret) 187 return ret; 188 189 if (len != size) { 190 krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, 191 "Encryption key %d is %lu bytes " 192 "long, %lu was passed in", 193 type, (unsigned long)len, (unsigned long)size); 194 return KRB5_PROG_ETYPE_NOSUPP; 195 } 196 ret = krb5_data_copy(&key->keyvalue, data, len); 197 if(ret) { 198 krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); 199 return ret; 200 } 201 key->keytype = type; 202 203 return 0; 204 } 205