17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate 
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate  * Copyright (C) 1998 by the FundsXpress, INC.
9*55fea89dSDan Cross  *
107c478bd9Sstevel@tonic-gate  * All rights reserved.
11*55fea89dSDan Cross  *
127c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may require
137c478bd9Sstevel@tonic-gate  * a specific license from the United States Government.  It is the
147c478bd9Sstevel@tonic-gate  * responsibility of any person or organization contemplating export to
157c478bd9Sstevel@tonic-gate  * obtain such a license before exporting.
16*55fea89dSDan Cross  *
177c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
187c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
197c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
207c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
217c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
227c478bd9Sstevel@tonic-gate  * the name of FundsXpress. not be used in advertising or publicity pertaining
237c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
247c478bd9Sstevel@tonic-gate  * permission.  FundsXpress makes no representations about the suitability of
257c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
267c478bd9Sstevel@tonic-gate  * or implied warranty.
27*55fea89dSDan Cross  *
287c478bd9Sstevel@tonic-gate  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
297c478bd9Sstevel@tonic-gate  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
307c478bd9Sstevel@tonic-gate  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
317c478bd9Sstevel@tonic-gate  */
327c478bd9Sstevel@tonic-gate 
33159d09a2SMark Phalan #include "dk.h"
347c478bd9Sstevel@tonic-gate 
35159d09a2SMark Phalan static const unsigned char kerberos[] = "kerberos";
367c478bd9Sstevel@tonic-gate #define kerberos_len (sizeof(kerberos)-1)
377c478bd9Sstevel@tonic-gate 
387c478bd9Sstevel@tonic-gate krb5_error_code
krb5int_dk_string_to_key(krb5_context context,const struct krb5_enc_provider * enc,const krb5_data * string,const krb5_data * salt,const krb5_data * parms,krb5_keyblock * key)39159d09a2SMark Phalan krb5int_dk_string_to_key(
40159d09a2SMark Phalan 			 krb5_context context,
41159d09a2SMark Phalan 			 const struct krb5_enc_provider *enc,
42159d09a2SMark Phalan 			 const krb5_data *string, const krb5_data *salt,
43159d09a2SMark Phalan 			 const krb5_data *parms, krb5_keyblock *key)
447c478bd9Sstevel@tonic-gate {
457c478bd9Sstevel@tonic-gate     krb5_error_code ret;
467c478bd9Sstevel@tonic-gate     size_t keybytes, keylength, concatlen;
477c478bd9Sstevel@tonic-gate     unsigned char *concat, *foldstring, *foldkeydata;
487c478bd9Sstevel@tonic-gate     krb5_data indata;
497c478bd9Sstevel@tonic-gate     krb5_keyblock foldkey;
507c478bd9Sstevel@tonic-gate 
517c478bd9Sstevel@tonic-gate     /* key->length is checked by krb5_derive_key */
527c478bd9Sstevel@tonic-gate 
53505d05c7Sgtb     keybytes = enc->keybytes;
54505d05c7Sgtb     keylength = enc->keylength;
557c478bd9Sstevel@tonic-gate 
567c478bd9Sstevel@tonic-gate     concatlen = string->length+(salt?salt->length:0);
577c478bd9Sstevel@tonic-gate 
587c478bd9Sstevel@tonic-gate     if ((concat = (unsigned char *) malloc(concatlen)) == NULL)
597c478bd9Sstevel@tonic-gate 	return(ENOMEM);
607c478bd9Sstevel@tonic-gate     if ((foldstring = (unsigned char *) malloc(keybytes)) == NULL) {
617c478bd9Sstevel@tonic-gate 	free(concat);
627c478bd9Sstevel@tonic-gate 	return(ENOMEM);
637c478bd9Sstevel@tonic-gate     }
647c478bd9Sstevel@tonic-gate     if ((foldkeydata = (unsigned char *) malloc(keylength)) == NULL) {
657c478bd9Sstevel@tonic-gate 	free(foldstring);
667c478bd9Sstevel@tonic-gate 	free(concat);
677c478bd9Sstevel@tonic-gate 	return(ENOMEM);
687c478bd9Sstevel@tonic-gate     }
697c478bd9Sstevel@tonic-gate 
707c478bd9Sstevel@tonic-gate     /* construct input string ( = string + salt), fold it, make_key it */
717c478bd9Sstevel@tonic-gate 
72159d09a2SMark Phalan     memcpy(concat, string->data, string->length);
737c478bd9Sstevel@tonic-gate     if (salt)
74159d09a2SMark Phalan 	memcpy(concat+string->length, salt->data, salt->length);
757c478bd9Sstevel@tonic-gate 
767c478bd9Sstevel@tonic-gate     krb5_nfold(concatlen*8, concat, keybytes*8, foldstring);
777c478bd9Sstevel@tonic-gate 
787c478bd9Sstevel@tonic-gate     indata.length = keybytes;
79159d09a2SMark Phalan     indata.data = (char *) foldstring;
807c478bd9Sstevel@tonic-gate 
81159d09a2SMark Phalan     /* Solaris Kerberos */
827c478bd9Sstevel@tonic-gate     memset(&foldkey, 0, sizeof (krb5_keyblock));
837c478bd9Sstevel@tonic-gate     foldkey.enctype = key->enctype;
847c478bd9Sstevel@tonic-gate     foldkey.length = keylength;
857c478bd9Sstevel@tonic-gate     foldkey.contents = foldkeydata;
867c478bd9Sstevel@tonic-gate 
87159d09a2SMark Phalan     /* Solaris Kerberos */
887c478bd9Sstevel@tonic-gate     (*(enc->make_key))(context, &indata, &foldkey);
897c478bd9Sstevel@tonic-gate 
907c478bd9Sstevel@tonic-gate     /* now derive the key from this one */
917c478bd9Sstevel@tonic-gate 
927c478bd9Sstevel@tonic-gate     indata.length = kerberos_len;
93159d09a2SMark Phalan     indata.data = (char *) kerberos;
94159d09a2SMark Phalan     /* Solaris Kerberos */
957c478bd9Sstevel@tonic-gate     if ((ret = krb5_derive_key(context, enc, &foldkey, key, &indata)))
967c478bd9Sstevel@tonic-gate 	(void) memset(key->contents, 0, key->length);
977c478bd9Sstevel@tonic-gate 
987c478bd9Sstevel@tonic-gate     /* ret is set correctly by the prior call */
997c478bd9Sstevel@tonic-gate 
100159d09a2SMark Phalan     memset(concat, 0, concatlen);
101159d09a2SMark Phalan     memset(foldstring, 0, keybytes);
102159d09a2SMark Phalan     memset(foldkeydata, 0, keylength);
1037c478bd9Sstevel@tonic-gate 
1047c478bd9Sstevel@tonic-gate     free(foldkeydata);
1057c478bd9Sstevel@tonic-gate     free(foldstring);
1067c478bd9Sstevel@tonic-gate     free(concat);
1077c478bd9Sstevel@tonic-gate 
1087c478bd9Sstevel@tonic-gate     return(ret);
1097c478bd9Sstevel@tonic-gate }
110