int main(int argc, char *argv[]) { struct ktc_principal client; struct ktc_encryptionKey sessionkey; Date start, end; afs_int32 host; char key[8]; char ticket[MAXKTCTICKETLEN]; afs_int32 ticketLen; afs_int32 code; char bob[KA_TIMESTR_LEN]; whoami = argv[0]; initialize_RXK_error_table(); initialize_KA_error_table(); if (argc != 3) { printf("Usage is %s key ticket\n", whoami); exit(1); } if (ka_ReadBytes(argv[1], key, sizeof(key)) != 8) printf("Key must be 8 bytes long\n"); if (!des_check_key_parity(key) || des_is_weak_key(key)) { afs_com_err(whoami, KABADKEY, "server's key for decoding ticket is bad"); exit(1); } ticketLen = ka_ReadBytes(argv[2], ticket, sizeof(ticket)); printf("Ticket length is %d\n", ticketLen); code = tkt_DecodeTicket(ticket, ticketLen, key, client.name, client.instance, client.cell, &sessionkey, &host, &start, &end); if (code) { afs_com_err(whoami, code, "decoding ticket"); if (code = tkt_CheckTimes(start, end, time(0)) <= 0) afs_com_err(whoami, 0, "because of start or end times"); exit(1); } if (!des_check_key_parity(&sessionkey) || des_is_weak_key(&sessionkey)) { afs_com_err(whoami, KABADKEY, "checking ticket's session key"); exit(1); } ka_PrintUserID("Client is ", client.name, client.instance, 0); if (strlen(client.cell)) printf("@%s", client.cell); printf("\nSession key is "); ka_PrintBytes(&sessionkey, 8); ka_timestr(start, bob, KA_TIMESTR_LEN); printf("\nGood from %s", bob); ka_timestr(end, bob, KA_TIMESTR_LEN); printf(" till %s\n", bob); }
/* * Generate a sequence of random des keys * using the random block sequence, fixup * parity and skip weak keys. */ int des_new_random_key(des_cblock *key) { int urandom; again: urandom = open("/dev/urandom", O_RDONLY); if (urandom < 0) des_random_key(key); else { if (read(urandom, key, sizeof(des_cblock)) != sizeof(des_cblock)) { close(urandom); des_random_key(key); } else close(urandom); } /* random key must have odd parity and not be weak */ des_set_odd_parity(key); if (des_is_weak_key(key)) goto again; return (0); }
/* * des_random_key: create a random des key * * You should call des_set_random_number_generater_seed at least * once before this routine is called. If you haven't, I'll try * to add a little randomness to the start point anyway. Yes, * it recurses. Deal with it. * * Notes: the returned key has correct parity and is guarenteed not * to be a weak des key. Des_generate_random_block is used to * provide the random bits. */ int des_random_key(des_cblock key) { LOCK_INIT; if (!is_inited) { des_init_random_number_generator(key); } UNLOCK_INIT; do { des_generate_random_block(key); des_fixup_key_parity(key); } while (des_is_weak_key(key)); return (0); }
static void des3_random_to_key(struct krb5_key_state *ks, const void *in) { uint8_t *outkey; const uint8_t *inkey; int subkey; for (subkey = 0, outkey = ks->ks_key, inkey = in; subkey < 3; subkey++, outkey += 8, inkey += 7) { /* * Expand 56 bits of random data to 64 bits as follows * (in the example, bit number 1 is the MSB of the 56 * bits of random data): * * expanded = * 1 2 3 4 5 6 7 p * 9 10 11 12 13 14 15 p * 17 18 19 20 21 22 23 p * 25 26 27 28 29 30 31 p * 33 34 35 36 37 38 39 p * 41 42 43 44 45 46 47 p * 49 50 51 52 53 54 55 p * 56 48 40 32 24 16 8 p */ outkey[0] = inkey[0]; outkey[1] = inkey[1]; outkey[2] = inkey[2]; outkey[3] = inkey[3]; outkey[4] = inkey[4]; outkey[5] = inkey[5]; outkey[6] = inkey[6]; outkey[7] = (((inkey[0] & 1) << 1) | ((inkey[1] & 1) << 2) | ((inkey[2] & 1) << 3) | ((inkey[3] & 1) << 4) | ((inkey[4] & 1) << 5) | ((inkey[5] & 1) << 6) | ((inkey[6] & 1) << 7)); des_set_odd_parity((des_cblock *) outkey); if (des_is_weak_key((des_cblock *) outkey)) outkey[7] ^= 0xf0; } des3_set_key(ks, ks->ks_key); }
static int esp_descbc_mature(struct secasvar *sav) { const struct esp_algorithm *algo; if (!(sav->flags & SADB_X_EXT_OLD) && (sav->flags & SADB_X_EXT_IV4B)) { ipseclog((LOG_ERR, "esp_cbc_mature: " "algorithm incompatible with 4 octets IV length\n")); return 1; } if (!sav->key_enc) { ipseclog((LOG_ERR, "esp_descbc_mature: no key is given.\n")); return 1; } algo = esp_algorithm_lookup(sav->alg_enc); if (!algo) { ipseclog((LOG_ERR, "esp_descbc_mature: unsupported algorithm.\n")); return 1; } if (_KEYBITS(sav->key_enc) < algo->keymin || _KEYBITS(sav->key_enc) > algo->keymax) { ipseclog((LOG_ERR, "esp_descbc_mature: invalid key length %d.\n", _KEYBITS(sav->key_enc))); return 1; } /* weak key check */ if (des_is_weak_key((des_cblock *)_KEYBUF(sav->key_enc))) { ipseclog((LOG_ERR, "esp_descbc_mature: weak key was passed.\n")); return 1; } return 0; }
int des_key_sched(des_cblock k, des_key_schedule schedule) #endif { /* better pass 8 bytes, length not checked here */ int i, j, n; /* i = r10, j = r9, n = r8 */ unsigned int temp; /* r7 */ char *p_char; /* r6 */ key k_char; i = 8; n = 0; p_char = k_char; #ifdef lint n = n; /* fool it in case of VAXASM */ #endif #ifdef DEBUG if (des_debug) fprintf(stderr, "\n\ninput key, left to right = "); #endif if (!des_check_key_parity(k)) /* bad parity --> return -1 */ return (-1); do { /* get next input key byte */ #ifdef DEBUG if (des_debug) fprintf(stderr, "%02x ", *k & 0xff); #endif temp = (unsigned int)((unsigned char)*k++); j = 8; do { #ifndef VAXASM *p_char++ = (int)temp & 01; temp = temp >> 1; #else asm("bicb3 $-2,r7,(r8)+[r6]"); asm("rotl $-1,r7,r7"); #endif } while (--j > 0); } while (--i > 0); #ifdef DEBUG if (des_debug) { p_char = k_char; fprintf(stderr, "\nKey bits, from zero to 63"); for (i = 0; i <= 7; i++) { fprintf(stderr, "\n\t"); for (j = 0; j <= 7; j++) fprintf(stderr, "%d ", *p_char++); } } #else #ifdef lint p_char = p_char; #endif #endif /* check against weak keys */ k -= sizeof(des_cblock); if (des_is_weak_key(k)) return (-2); make_key_sched(k_char, schedule); /* if key was good, return 0 */ return 0; }
static int esp_cbc_mature(struct secasvar *sav) { int keylen; const struct esp_algorithm *algo; if (sav->flags & SADB_X_EXT_OLD) { ipseclog((LOG_ERR, "esp_cbc_mature: algorithm incompatible with esp-old\n")); return 1; } if (sav->flags & SADB_X_EXT_DERIV) { ipseclog((LOG_ERR, "esp_cbc_mature: algorithm incompatible with derived\n")); return 1; } if (!sav->key_enc) { ipseclog((LOG_ERR, "esp_cbc_mature: no key is given.\n")); return 1; } algo = esp_algorithm_lookup(sav->alg_enc); if (!algo) { ipseclog((LOG_ERR, "esp_cbc_mature: unsupported algorithm.\n")); return 1; } keylen = sav->key_enc->sadb_key_bits; if (keylen < algo->keymin || algo->keymax < keylen) { ipseclog((LOG_ERR, "esp_cbc_mature %s: invalid key length %d.\n", algo->name, sav->key_enc->sadb_key_bits)); return 1; } switch (sav->alg_enc) { case SADB_EALG_3DESCBC: /* weak key check */ if (des_is_weak_key((des_cblock *)_KEYBUF(sav->key_enc)) || des_is_weak_key((des_cblock *)(_KEYBUF(sav->key_enc) + 8)) || des_is_weak_key((des_cblock *)(_KEYBUF(sav->key_enc) + 16))) { ipseclog((LOG_ERR, "esp_cbc_mature %s: weak key was passed.\n", algo->name)); return 1; } break; case SADB_X_EALG_RIJNDAELCBC: /* allows specific key sizes only */ if (!(keylen == 128 || keylen == 192 || keylen == 256)) { ipseclog((LOG_ERR, "esp_cbc_mature %s: invalid key length %d.\n", algo->name, keylen)); return 1; } break; } return 0; }