17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate /*
77c478bd9Sstevel@tonic-gate  * Copyright (C) 1998 by the FundsXpress, INC.
8*55fea89dSDan Cross  *
97c478bd9Sstevel@tonic-gate  * All rights reserved.
10*55fea89dSDan Cross  *
117c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may require
127c478bd9Sstevel@tonic-gate  * a specific license from the United States Government.  It is the
137c478bd9Sstevel@tonic-gate  * responsibility of any person or organization contemplating export to
147c478bd9Sstevel@tonic-gate  * obtain such a license before exporting.
15*55fea89dSDan Cross  *
167c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
177c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
187c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
197c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
207c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
217c478bd9Sstevel@tonic-gate  * the name of FundsXpress. not be used in advertising or publicity pertaining
227c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
237c478bd9Sstevel@tonic-gate  * permission.  FundsXpress makes no representations about the suitability of
247c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
257c478bd9Sstevel@tonic-gate  * or implied warranty.
26*55fea89dSDan Cross  *
277c478bd9Sstevel@tonic-gate  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
287c478bd9Sstevel@tonic-gate  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
297c478bd9Sstevel@tonic-gate  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
307c478bd9Sstevel@tonic-gate  */
317c478bd9Sstevel@tonic-gate 
32159d09a2SMark Phalan #include "k5-int.h"
33159d09a2SMark Phalan #include "etypes.h"
34159d09a2SMark Phalan #include "dk.h"
357c478bd9Sstevel@tonic-gate 
367c478bd9Sstevel@tonic-gate #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */
377c478bd9Sstevel@tonic-gate 
387c478bd9Sstevel@tonic-gate /*
397c478bd9Sstevel@tonic-gate  * Derive the key for checksum calculation.
407c478bd9Sstevel@tonic-gate  * This is only called (currently) for SHA1-DES3
417c478bd9Sstevel@tonic-gate  * checksum types.
427c478bd9Sstevel@tonic-gate  *
437c478bd9Sstevel@tonic-gate  * The primary benefit here is that a KEF template
447c478bd9Sstevel@tonic-gate  * is created for use when doing the HMAC operation which
457c478bd9Sstevel@tonic-gate  * saves ALOT of computation cycles and improves performance.
467c478bd9Sstevel@tonic-gate  */
477c478bd9Sstevel@tonic-gate static krb5_error_code
derive_cksum_key(krb5_context context,struct krb5_enc_provider * enc,const krb5_keyblock * key,krb5_keyusage usage,krb5_keyblock ** outkey)487c478bd9Sstevel@tonic-gate derive_cksum_key(krb5_context context,
497c478bd9Sstevel@tonic-gate 		struct krb5_enc_provider *enc,
507c478bd9Sstevel@tonic-gate 		const krb5_keyblock *key,
517c478bd9Sstevel@tonic-gate 		krb5_keyusage usage,
527c478bd9Sstevel@tonic-gate 		krb5_keyblock **outkey)
537c478bd9Sstevel@tonic-gate {
547c478bd9Sstevel@tonic-gate 	krb5_error_code ret = 0;
557c478bd9Sstevel@tonic-gate 	krb5_keyblock *cached_key = NULL;
567c478bd9Sstevel@tonic-gate 	krb5_data d1;
577c478bd9Sstevel@tonic-gate 	unsigned char constantdata[K5CLENGTH];
587c478bd9Sstevel@tonic-gate 
597c478bd9Sstevel@tonic-gate 	cached_key = find_derived_key(usage, DK_CKSUM_KEY_BYTE,
607c478bd9Sstevel@tonic-gate 				    (krb5_keyblock *)key);
617c478bd9Sstevel@tonic-gate 	if (cached_key)
627c478bd9Sstevel@tonic-gate 		*outkey = cached_key;
637c478bd9Sstevel@tonic-gate 	else {
647c478bd9Sstevel@tonic-gate 		*outkey = krb5_create_derived_keyblock(key->length);
657c478bd9Sstevel@tonic-gate 		if (*outkey == NULL)
667c478bd9Sstevel@tonic-gate 			return (ENOMEM);
677c478bd9Sstevel@tonic-gate 
687c478bd9Sstevel@tonic-gate 		constantdata[0] = (usage>>24)&0xff;
697c478bd9Sstevel@tonic-gate 		constantdata[1] = (usage>>16)&0xff;
707c478bd9Sstevel@tonic-gate 		constantdata[2] = (usage>>8)&0xff;
717c478bd9Sstevel@tonic-gate 		constantdata[3] = usage&0xff;
727c478bd9Sstevel@tonic-gate 		constantdata[4] = DK_CKSUM_KEY_BYTE;
737c478bd9Sstevel@tonic-gate 
747c478bd9Sstevel@tonic-gate 		d1.data = (char *)constantdata;
757c478bd9Sstevel@tonic-gate 		d1.length = sizeof(constantdata);
767c478bd9Sstevel@tonic-gate 
777c478bd9Sstevel@tonic-gate 		ret = krb5_derive_key(context, enc, key,
787c478bd9Sstevel@tonic-gate 				    *outkey, &d1);
797c478bd9Sstevel@tonic-gate 		if (ret) {
807c478bd9Sstevel@tonic-gate 			krb5_free_keyblock(context, *outkey);
817c478bd9Sstevel@tonic-gate 			*outkey = NULL;
827c478bd9Sstevel@tonic-gate 			return (ret);
837c478bd9Sstevel@tonic-gate 		}
847c478bd9Sstevel@tonic-gate #ifdef _KERNEL
857c478bd9Sstevel@tonic-gate 		/*
867c478bd9Sstevel@tonic-gate 		 * By default, derived keys get the "mech_type"
877c478bd9Sstevel@tonic-gate 		 * that was associated with their parent.
887c478bd9Sstevel@tonic-gate 		 * we need to switch the mech_type to correspond
897c478bd9Sstevel@tonic-gate 		 * to the checksum mech type.
907c478bd9Sstevel@tonic-gate 		 */
917c478bd9Sstevel@tonic-gate 		if (ret == 0 &&
927c478bd9Sstevel@tonic-gate 		    (*outkey)->kef_mt != context->kef_cksum_mt) {
937c478bd9Sstevel@tonic-gate 			(*outkey)->kef_mt = context->kef_cksum_mt;
947c478bd9Sstevel@tonic-gate 			if ((*outkey)->key_tmpl != NULL) {
957c478bd9Sstevel@tonic-gate 				crypto_destroy_ctx_template((*outkey)->key_tmpl);
967c478bd9Sstevel@tonic-gate 				(*outkey)->key_tmpl = NULL;
977c478bd9Sstevel@tonic-gate 			}
987c478bd9Sstevel@tonic-gate 			ret = update_key_template(*outkey);
997c478bd9Sstevel@tonic-gate 		}
1007c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1017c478bd9Sstevel@tonic-gate 		if (ret == 0)
1027c478bd9Sstevel@tonic-gate 			ret = add_derived_key((krb5_keyblock *)key, usage,
1037c478bd9Sstevel@tonic-gate 			    DK_CKSUM_KEY_BYTE,
1047c478bd9Sstevel@tonic-gate 			    *outkey);
1057c478bd9Sstevel@tonic-gate 	}
1067c478bd9Sstevel@tonic-gate finish:
1077c478bd9Sstevel@tonic-gate 	KRB5_LOG0(KRB5_INFO, "derive_cksum_key() end.");
1087c478bd9Sstevel@tonic-gate 	return (ret);
1097c478bd9Sstevel@tonic-gate }
1107c478bd9Sstevel@tonic-gate 
1117c478bd9Sstevel@tonic-gate /* ARGSUSED */
1127c478bd9Sstevel@tonic-gate krb5_error_code
krb5_dk_make_checksum(context,hash,key,usage,input,output)1137c478bd9Sstevel@tonic-gate krb5_dk_make_checksum(context, hash, key, usage, input, output)
1147c478bd9Sstevel@tonic-gate      krb5_context context;
1157c478bd9Sstevel@tonic-gate      krb5_const struct krb5_hash_provider *hash;
1167c478bd9Sstevel@tonic-gate      krb5_const krb5_keyblock *key;
1177c478bd9Sstevel@tonic-gate      krb5_keyusage usage;
1187c478bd9Sstevel@tonic-gate      krb5_const krb5_data *input;
1197c478bd9Sstevel@tonic-gate      krb5_data *output;
1207c478bd9Sstevel@tonic-gate {
1217c478bd9Sstevel@tonic-gate     int i;
1227c478bd9Sstevel@tonic-gate     krb5_error_code ret;
1237c478bd9Sstevel@tonic-gate     krb5_keyblock *cksum_key = NULL;
1247c478bd9Sstevel@tonic-gate     struct krb5_enc_provider *enc = NULL;
1257c478bd9Sstevel@tonic-gate 
1267c478bd9Sstevel@tonic-gate     KRB5_LOG0(KRB5_INFO, "krb5_dk_make_checksum() start");
1277c478bd9Sstevel@tonic-gate 
1287c478bd9Sstevel@tonic-gate     for (i=0; i<krb5_enctypes_length; i++) {
1297c478bd9Sstevel@tonic-gate 	if (krb5_enctypes_list[i].etype == key->enctype)
1307c478bd9Sstevel@tonic-gate 	    break;
1317c478bd9Sstevel@tonic-gate     }
132159d09a2SMark Phalan 
1337c478bd9Sstevel@tonic-gate     if (i == krb5_enctypes_length) {
1347c478bd9Sstevel@tonic-gate 	KRB5_LOG(KRB5_ERR, "krb5_ck_make_checksum bad enctype: %d",
1357c478bd9Sstevel@tonic-gate 		key->enctype);
1367c478bd9Sstevel@tonic-gate 	return(KRB5_BAD_ENCTYPE);
1377c478bd9Sstevel@tonic-gate     }
1387c478bd9Sstevel@tonic-gate     enc = (struct krb5_enc_provider *)krb5_enctypes_list[i].enc;
1397c478bd9Sstevel@tonic-gate 
1407c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1417c478bd9Sstevel@tonic-gate     if (key->kef_key.ck_data == NULL &&
142*55fea89dSDan Cross 	(ret = init_key_kef(krb5_enctypes_list[i].kef_cipher_mt,
1437c478bd9Sstevel@tonic-gate 			    (krb5_keyblock *)key)))
1447c478bd9Sstevel@tonic-gate 	    goto cleanup;
1457c478bd9Sstevel@tonic-gate #endif
1467c478bd9Sstevel@tonic-gate     ret = derive_cksum_key(context, enc, key, usage, &cksum_key);
1477c478bd9Sstevel@tonic-gate     if (ret != 0)
1487c478bd9Sstevel@tonic-gate 	    goto cleanup;
1497c478bd9Sstevel@tonic-gate 
1507c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1517c478bd9Sstevel@tonic-gate     if ((ret = krb5_hmac(context, (krb5_keyblock *)cksum_key,
1527c478bd9Sstevel@tonic-gate 			input, output))) {
1537c478bd9Sstevel@tonic-gate 	KRB5_LOG(KRB5_ERR, "krb5_hmac error: %0x", ret);
1547c478bd9Sstevel@tonic-gate 	(void) memset(output->data, 0, output->length);
1557c478bd9Sstevel@tonic-gate     }
1567c478bd9Sstevel@tonic-gate #else
1577c478bd9Sstevel@tonic-gate     if ((ret = krb5_hmac(context, hash, cksum_key, 1, input, output)) != 0) {
1587c478bd9Sstevel@tonic-gate 	KRB5_LOG(KRB5_ERR, "krb5_hmac error: %0x", ret);
1597c478bd9Sstevel@tonic-gate 	(void) memset(output->data, 0, output->length);
1607c478bd9Sstevel@tonic-gate     }
1617c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1627c478bd9Sstevel@tonic-gate cleanup:
1637c478bd9Sstevel@tonic-gate 
1647c478bd9Sstevel@tonic-gate     KRB5_LOG0(KRB5_INFO, "krb5_dk_make_checksum() end");
1657c478bd9Sstevel@tonic-gate     return(ret);
1667c478bd9Sstevel@tonic-gate }
1677c478bd9Sstevel@tonic-gate 
168