crypto/arcfour/arcfour_str2key.c

7c478bd9Sstevel@tonic-gate/*
7c478bd9Sstevel@tonic-gate * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
7c478bd9Sstevel@tonic-gate * Use is subject to license terms.
7c478bd9Sstevel@tonic-gate */
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate#include <k5-int.h>
7c478bd9Sstevel@tonic-gate#include <rsa-md4.h>
7c478bd9Sstevel@tonic-gate#include <arcfour.h>
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gatestatic void asctouni(unsigned char *unicode, unsigned char *ascii, size_t len)
7c478bd9Sstevel@tonic-gate{
7c478bd9Sstevel@tonic-gate	int counter;
7c478bd9Sstevel@tonic-gate	for (counter=0;counter<len;counter++) {
7c478bd9Sstevel@tonic-gate		unicode[2*counter]=ascii[counter];
7c478bd9Sstevel@tonic-gate		unicode[2*counter + 1]=0x00;
7c478bd9Sstevel@tonic-gate	}
7c478bd9Sstevel@tonic-gate}
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gatekrb5_error_code
7c478bd9Sstevel@tonic-gatekrb5int_arcfour_string_to_key(krb5_context context,
7c478bd9Sstevel@tonic-gate	const struct krb5_enc_provider *enc,
7c478bd9Sstevel@tonic-gate	const krb5_data *string, const krb5_data *salt,
7c478bd9Sstevel@tonic-gate	const krb5_data *params, krb5_keyblock *key)
7c478bd9Sstevel@tonic-gate{
7c478bd9Sstevel@tonic-gate  size_t len,slen;
7c478bd9Sstevel@tonic-gate  unsigned char *copystr = NULL;
7c478bd9Sstevel@tonic-gate  krb5_MD4_CTX md4_context;
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  if (params != NULL)
7c478bd9Sstevel@tonic-gate      return KRB5_ERR_BAD_S2K_PARAMS;
*1da57d55SToomas Soome
7c478bd9Sstevel@tonic-gate  if (key->length != 16)
7c478bd9Sstevel@tonic-gate    return (KRB5_BAD_MSIZE);
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  /* We ignore salt per the Microsoft spec*/
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  /* compute the space needed for the new string.
7c478bd9Sstevel@tonic-gate     Since the password must be stored in unicode, we need to increase
7c478bd9Sstevel@tonic-gate     that number by 2x.
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate     This should be re-evauated in the future, it makes the assumption that
7c478bd9Sstevel@tonic-gate     thes user's password is in ascii.
7c478bd9Sstevel@tonic-gate  */
7c478bd9Sstevel@tonic-gate  slen = ((string->length)>128)?128:string->length;
7c478bd9Sstevel@tonic-gate  len=(slen)*2;
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  copystr = malloc(len);
7c478bd9Sstevel@tonic-gate  if (copystr == NULL)
7c478bd9Sstevel@tonic-gate    return ENOMEM;
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  /* make the string.  start by creating the unicode version of the password*/
7c478bd9Sstevel@tonic-gate  asctouni(copystr, (uchar_t *)string->data, slen );
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  /* the actual MD4 hash of the data */
7c478bd9Sstevel@tonic-gate  krb5_MD4Init(&md4_context);
7c478bd9Sstevel@tonic-gate  krb5_MD4Update(&md4_context, (unsigned char *)copystr, len);
7c478bd9Sstevel@tonic-gate  krb5_MD4Final(&md4_context);
7c478bd9Sstevel@tonic-gate  memcpy(key->contents, md4_context.digest, 16);
7c478bd9Sstevel@tonic-gate
*1da57d55SToomas Soome#if 0
7c478bd9Sstevel@tonic-gate  /* test the string_to_key function */
7c478bd9Sstevel@tonic-gate  printf("Hash=");
7c478bd9Sstevel@tonic-gate  {
7c478bd9Sstevel@tonic-gate    int counter;
7c478bd9Sstevel@tonic-gate    for(counter=0;counter<16;counter++)
7c478bd9Sstevel@tonic-gate      printf("%02x", md4_context.digest[counter]);
7c478bd9Sstevel@tonic-gate    printf("\n");
7c478bd9Sstevel@tonic-gate  }
7c478bd9Sstevel@tonic-gate#endif /* 0 */
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  /* Zero out the data behind us */
7c478bd9Sstevel@tonic-gate  memset (copystr, 0, len);
7c478bd9Sstevel@tonic-gate  memset(&md4_context, 0, sizeof(md4_context));
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  if (copystr)
7c478bd9Sstevel@tonic-gate	free(copystr);
7c478bd9Sstevel@tonic-gate
7c478bd9Sstevel@tonic-gate  return 0;
7c478bd9Sstevel@tonic-gate}