diff options
Diffstat (limited to 'src/lib/crypto/krb/cf2.c')
-rw-r--r-- | src/lib/crypto/krb/cf2.c | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/src/lib/crypto/krb/cf2.c b/src/lib/crypto/krb/cf2.c new file mode 100644 index 0000000..4e25641 --- /dev/null +++ b/src/lib/crypto/krb/cf2.c @@ -0,0 +1,154 @@ +/* + * lib/crypto/cf2.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * + * Implement KRB_FX_CF2 function per + *draft-ietf-krb-wg-preauth-framework-09. Take two keys and two + *pepper strings as input and return a combined key. + */ + +#include <k5-int.h> +#include <assert.h> +#include "etypes.h" + + +/* + * Call the PRF function multiple times with the pepper prefixed with + * a count byte to get enough bits of output. + */ +static krb5_error_code +prf_plus( krb5_context context, krb5_keyblock *k,const char *pepper, + size_t keybytes, char **out) +{ + krb5_error_code retval = 0; + size_t prflen, iterations; + krb5_data out_data; + krb5_data in_data; + char *buffer = NULL; + struct k5buf prf_inbuf; + krb5int_buf_init_dynamic(&prf_inbuf); + krb5int_buf_add_len( &prf_inbuf, "\001", 1); + krb5int_buf_add( &prf_inbuf, pepper); + retval = krb5_c_prf_length( context, k->enctype, &prflen); + if (retval != 0) + goto cleanup; + iterations = keybytes/prflen; + if ((keybytes%prflen) != 0) + iterations++; + assert(iterations <= 254); + buffer = malloc(iterations*prflen); + if (buffer == NULL) { + retval = ENOMEM; + goto cleanup; + } + if (krb5int_buf_len( &prf_inbuf) == -1) { + retval = ENOMEM; + goto cleanup; + } + in_data.length = (krb5_int32) krb5int_buf_len( &prf_inbuf); + in_data.data = krb5int_buf_data( &prf_inbuf); + out_data.length = prflen; + out_data.data = buffer; + + while (iterations > 0) { + retval = krb5_c_prf( context, k, &in_data, &out_data); + if (retval != 0) + goto cleanup; + out_data.data += prflen; + in_data.data[0]++; + iterations--; + } + cleanup: + if (retval == 0 ) + *out = buffer; + else{ + if (buffer != NULL) + free(buffer); + } + krb5int_free_buf( &prf_inbuf); + return retval; +} + + +krb5_error_code KRB5_CALLCONV +krb5_c_fx_cf2_simple(krb5_context context, + krb5_keyblock *k1, const char *pepper1, + krb5_keyblock *k2, const char *pepper2, + krb5_keyblock **out) +{ + const struct krb5_keytypes *out_enctype; + size_t keybytes, keylength, i; + char *prf1 = NULL, *prf2 = NULL; + krb5_data keydata; + krb5_enctype out_enctype_num; + krb5_error_code retval = 0; + krb5_keyblock *out_key = NULL; + + + if (k1 == NULL ||!krb5_c_valid_enctype(k1->enctype)) + return KRB5_BAD_ENCTYPE; + if (k2 == NULL || !krb5_c_valid_enctype(k2->enctype)) + return KRB5_BAD_ENCTYPE; + out_enctype_num = k1->enctype; + assert(out != NULL); + assert ((out_enctype = find_enctype(out_enctype_num)) != NULL); + if (out_enctype->prf == NULL) { + if (context) + krb5int_set_error(&(context->err) , KRB5_CRYPTO_INTERNAL, + "Enctype %d has no PRF", out_enctype_num); + return KRB5_CRYPTO_INTERNAL; + } + keybytes = out_enctype->enc->keybytes; + keylength = out_enctype->enc->keylength; + + retval = prf_plus( context, k1, pepper1, keybytes, &prf1); + if (retval != 0) + goto cleanup; + retval = prf_plus( context, k2, pepper2, keybytes, &prf2); + if (retval != 0) + goto cleanup; + for (i = 0; i < keybytes; i++) + prf1[i] ^= prf2[i]; + zap(prf2, keybytes); + retval = krb5int_c_init_keyblock( context, out_enctype_num, keylength, &out_key); + if (retval != 0) + goto cleanup; + keydata.data = prf1; + keydata.length = keybytes; + retval = out_enctype->enc->make_key( &keydata, out_key); + + cleanup: + if (retval == 0) + *out = out_key; + else krb5int_c_free_keyblock( context, out_key); + if (prf1 != NULL) { + zap(prf1, keybytes); + free(prf1); + } + if (prf2 != NULL) + free(prf2); + return retval; +} |