xref: /illumos-gate/usr/src/lib/gss_mechs/mech_krb5/crypto/make_random_key.c (revision 159d09a20817016f09b3ea28d1bdada4a336bb91) 
1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 
7 /*
8  * Copyright (C) 1998 by the FundsXpress, INC.
9  *
10  * All rights reserved.
11  *
12  * Export of this software from the United States of America may require
13  * a specific license from the United States Government.  It is the
14  * responsibility of any person or organization contemplating export to
15  * obtain such a license before exporting.
16  *
17  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
18  * distribute this software and its documentation for any purpose and
19  * without fee is hereby granted, provided that the above copyright
20  * notice appear in all copies and that both that copyright notice and
21  * this permission notice appear in supporting documentation, and that
22  * the name of FundsXpress. not be used in advertising or publicity pertaining
23  * to distribution of the software without specific, written prior
24  * permission.  FundsXpress makes no representations about the suitability of
25  * this software for any purpose.  It is provided "as is" without express
26  * or implied warranty.
27  *
28  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
29  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
30  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
31  */
32 
33 #include "k5-int.h"
34 #include "etypes.h"
35 
36 krb5_error_code KRB5_CALLCONV
37 krb5_c_make_random_key(krb5_context context, krb5_enctype enctype,
38 		       krb5_keyblock *random_key)
39 {
40     int i;
41     krb5_error_code ret;
42     const struct krb5_enc_provider *enc;
43     size_t keybytes, keylength;
44     krb5_data random_data;
45     unsigned char *bytes;
46 
47     for (i=0; i<krb5_enctypes_length; i++) {
48 	if (krb5_enctypes_list[i].etype == enctype)
49 	    break;
50     }
51 
52     /* Solaris Kerberos: Better error message */
53     if (i == krb5_enctypes_length) {
54 	krb5_set_error_message(context, KRB5_BAD_ENCTYPE,
55 	    "Unknown encryption type: %d", enctype);
56 	return(KRB5_BAD_ENCTYPE);
57     }
58 
59     enc = krb5_enctypes_list[i].enc;
60 
61     keybytes = enc->keybytes;
62     keylength = enc->keylength;
63 
64     if ((bytes = (unsigned char *) malloc(keybytes)) == NULL)
65 	return(ENOMEM);
66     if ((random_key->contents = (krb5_octet *) malloc(keylength)) == NULL) {
67 	free(bytes);
68 	return(ENOMEM);
69     }
70 
71     random_data.data = (char *) bytes;
72     random_data.length = keybytes;
73 
74     if ((ret = krb5_c_random_make_octets(context, &random_data)))
75 	goto cleanup;
76 
77     random_key->magic = KV5M_KEYBLOCK;
78     random_key->enctype = enctype;
79     random_key->length = keylength;
80 
81     /* Solaris Kerberos */
82     random_key->dk_list = NULL;
83 #ifdef _KERNEL
84     random_key->kef_key = NULL;
85 #else
86     random_key->hKey = CK_INVALID_HANDLE;
87 #endif
88 
89     /* Solaris Kerberos */
90     ret = ((*(enc->make_key))(context, &random_data, random_key));
91 
92 cleanup:
93     memset(bytes, 0, keybytes);
94     free(bytes);
95 
96     if (ret) {
97 	memset(random_key->contents, 0, keylength);
98 	free(random_key->contents);
99 	/* Solaris Kerberos */
100 	random_key->contents = NULL;
101     }
102 
103     return(ret);
104 }
105