1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
/*
* lib/crypto/des/random_key.c
*
* Copyright 1990,1991 by the Massachusetts Institute of Technology.
* Copyright 1996 by Lehman Brothers, Inc.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. or Lehman Brothers not be used in advertising or
* publicity pertaining to distribution of the software without
* specific, written prior permission. M.I.T. and Lehman Brothers
* make no representations about the suitability of this software for
* any purpose. It is provided "as is" without express or implied
* warranty.
*/
#include "k5-int.h"
#include "des_int.h"
static void mit_des_generate_random_key
PROTOTYPE((mit_des_random_state * state, krb5_keyblock * randkey));
/*
generate a random encryption key, allocating storage for it and
filling in the keyblock address in *keyblock
*/
krb5_error_code
mit_des_random_key (eblock, state, keyblock)
const krb5_encrypt_block * eblock;
krb5_pointer state;
krb5_keyblock ** keyblock;
{
krb5_keyblock *randkey;
int keysize = ((mit_des_random_state *)state)->eblock.crypto_entry->keysize;
if (eblock == NULL)
/* We are being called from the random number initialization routine */
eblock = &((mit_des_random_state *)state)->eblock;
if (!(randkey = (krb5_keyblock *)malloc(sizeof(*randkey))))
return ENOMEM;
if (!(randkey->contents = (krb5_octet *)malloc(keysize))) {
krb5_xfree(randkey);
return ENOMEM;
}
randkey->magic = KV5M_KEYBLOCK;
randkey->length = keysize;
randkey->enctype = eblock->crypto_entry->proto_enctype;
do {
mit_des_generate_random_key(state, randkey);
mit_des_fixup_keyblock_parity(randkey);
} while (mit_des_is_weak_keyblock(randkey));
*keyblock = randkey;
return 0;
}
static mit_des_cblock zero_ivec = { 0, 0, 0, 0, 0, 0, 0, 0 };
static void
mit_des_generate_random_key(state, randkey)
mit_des_random_state * state;
krb5_keyblock * randkey;
{
krb5_encrypt_block *eblock = &state->eblock;
int i;
(* state->eblock.crypto_entry->encrypt_func)
(state->sequence.data /*in*/, randkey->contents /*out*/,
state->sequence.length, eblock, zero_ivec);
if (state->sequence.length > sizeof(mit_des_cblock))
(* state->eblock.crypto_entry->encrypt_func)
(randkey->contents /*in*/, randkey->contents /*out*/,
randkey->length, eblock,
randkey->contents + randkey->length - sizeof(mit_des_cblock));
/* Increment the sequence number, with wraparound (LSB) */
for (i = 0; i < state->sequence.length; i++) {
state->sequence.data[i] = (state->sequence.data[i] + 1) & 0xff;
if (state->sequence.data[i])
break;
}
}
|
