diff options
author | John Kohl <jtkohl@mit.edu> | 1990-02-01 14:57:53 +0000 |
---|---|---|
committer | John Kohl <jtkohl@mit.edu> | 1990-02-01 14:57:53 +0000 |
commit | f4d4826e4c932dcb1f11ed96d759b4e0b0b58a42 (patch) | |
tree | 363fa64313726f7c5cf4b24c570a01f9efc5e3a2 /src/lib/krb5/krb/decode_kdc.c | |
parent | d96cbfc1bd497c9e253f772fee9b6b7e4506f4c1 (diff) | |
download | krb5-f4d4826e4c932dcb1f11ed96d759b4e0b0b58a42.zip krb5-f4d4826e4c932dcb1f11ed96d759b4e0b0b58a42.tar.gz krb5-f4d4826e4c932dcb1f11ed96d759b4e0b0b58a42.tar.bz2 |
*** empty log message ***
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@221 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/decode_kdc.c')
-rw-r--r-- | src/lib/krb5/krb/decode_kdc.c | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c new file mode 100644 index 0000000..b9fedde --- /dev/null +++ b/src/lib/krb5/krb/decode_kdc.c @@ -0,0 +1,125 @@ +/* + * $Source$ + * $Author$ + * + * Copyright 1990 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <krb5/mit-copyright.h>. + * + * krb5_decode_kdc_rep() function. + */ + +#if !defined(lint) && !defined(SABER) +static char rcsid_decode_kdc_c[] = +"$Id$"; +#endif /* !lint & !SABER */ + +#include <krb5/copyright.h> + +#include <krb5/krb5.h> +#include <krb5/krb5_err.h> +#include <krb5/isode_err.h> +#include <krb5/asn1.h> + +#include <errno.h> + +#include <krb5/ext-proto.h> + +/* array of pointers into encryption systems */ +extern krb5_cs_table_entry *csarray[]; +extern int max_cryptosystem; + +/* + Takes a KDC_REP message and decrypts encrypted part using etype and + *key, putting result in *rep. + dec_rep->client,ticket,session.last_req,server,caddrs + are all set to allocated storage which should be freed by the caller + when finished with the response. + + If the response isn't a KDC_REP (tgs or as), it returns an error from + the decoding routines (usually ISODE_50_LOCAL_ERR_BADDECODE). + + returns errors from encryption routines, system errors + */ + +krb5_error_code +krb5_decode_kdc_rep(enc_rep, key, etype, dec_rep) +krb5_data *enc_rep; +krb5_keyblock *key; +krb5_enctype etype; +krb5_kdc_rep **dec_rep; +{ + krb5_error_code retval; + krb5_kdc_rep *local_dec_rep; + krb5_encrypt_block eblock; + krb5_data scratch; + krb5_enc_kdc_rep_part *local_encpart; + + + /* XXX maybe caller should specify type expected? */ + retval = decode_krb5_as_rep(enc_rep, &local_dec_rep); + switch (retval) { + case ISODE_50_LOCAL_ERR_BADMSGTYPE: + retval = decode_krb5_tgs_rep(enc_rep, &local_dec_rep); + switch (retval) { + case 0: + break; + default: + return(retval); + } + case 0: + break; + default: + return (retval); + } + scratch.length = local_dec_rep->enc_part.length; + if (!(scratch.data = malloc(local_dec_rep->enc_part.length))) { + krb5_free_kdc_rep(local_dec_rep); + return(ENOMEM); + } + + if (local_dec_rep->etype > max_cryptosystem || + local_dec_rep->etype < 0 || + !csarray[local_dec_rep->etype]) + return KRB5KDC_ERR_ETYPE_NOSUPP; + + /* put together an eblock for this encryption */ + + eblock.crypto_entry = csarray[local_dec_rep->etype]->system; + + /* do any necessary key pre-processing */ + if (retval = (*eblock.crypto_entry->process_key)(&eblock, key)) { + krb5_free_kdc_rep(local_dec_rep); + free(scratch.data); + return(retval); + } + + /* call the encryption routine */ + if (retval = + (*eblock.crypto_entry->decrypt_func)((krb5_pointer) local_dec_rep->enc_part.data, + (krb5_pointer) scratch.data, + scratch.length, &eblock)) { + (void) (*eblock.crypto_entry->finish_key)(&eblock); + krb5_free_kdc_rep(local_dec_rep); + free(scratch.data); + return retval; + } +#define clean_scratch() {bzero(scratch.data, scratch.length); free(scratch.data);} + if (retval = (*eblock.crypto_entry->finish_key)(&eblock)) { + krb5_free_kdc_rep(local_dec_rep); + clean_scratch(); + return retval; + } + if (retval = decode_krb5_enc_kdc_rep_part(&scratch, &local_encpart)) { + krb5_free_kdc_rep(local_dec_rep); + clean_scratch(); + return retval; + } + clean_scratch(); + + local_dec_rep->enc_part2 = local_encpart; + *dec_rep = local_dec_rep; + return 0; +} + |