int main(int argc, char **argv) { unsigned char data[MAXSIZE]; struct testcase *t; int ret = 0; for (t = tests; t->str; ++t) { int i; ret = _krb5_n_fold (t->str, strlen(t->str), data, t->n); if (ret) errx(1, "out of memory"); if (memcmp (data, t->res, t->n) != 0) { printf ("n-fold(\"%s\", %d) failed\n", t->str, t->n); printf ("should be: "); for (i = 0; i < t->n; ++i) printf ("%02x", t->res[i]); printf ("\nresult was: "); for (i = 0; i < t->n; ++i) printf ("%02x", data[i]); printf ("\n"); ret = 1; } } return ret; }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_derived(krb5_context context, const void *str, size_t len, krb5_enctype etype, krb5_keyblock *key) { struct _krb5_encryption_type *et = _krb5_find_enctype(etype); krb5_error_code ret; struct _krb5_key_data kd; size_t keylen; u_char *tmp; if(et == NULL) { krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, N_("encryption type %d not supported", ""), etype); return KRB5_PROG_ETYPE_NOSUPP; } keylen = et->keytype->bits / 8; ALLOC(kd.key, 1); if(kd.key == NULL) { krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); if(ret) { free(kd.key); return ret; } kd.key->keytype = etype; tmp = malloc (keylen); if(tmp == NULL) { krb5_free_keyblock(context, kd.key); krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ret = _krb5_n_fold(str, len, tmp, keylen); if (ret) { free(tmp); krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); return ret; } kd.schedule = NULL; _krb5_DES3_random_to_key(context, kd.key, tmp, keylen); memset(tmp, 0, keylen); free(tmp); ret = _krb5_derive_key(context, et, &kd, "kerberos", /* XXX well known constant */ strlen("kerberos")); if (ret) { _krb5_free_key_data(context, &kd, et); return ret; } ret = krb5_copy_keyblock_contents(context, kd.key, key); _krb5_free_key_data(context, &kd, et); return ret; }
static krb5_error_code DES3_string_to_key(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_salt salt, krb5_data opaque, krb5_keyblock *key) { char *str; size_t len; unsigned char tmp[24]; DES_cblock keys[3]; krb5_error_code ret; len = password.length + salt.saltvalue.length; str = malloc(len); if(len != 0 && str == NULL) { krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(str, password.data, password.length); memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); { DES_cblock ivec; DES_key_schedule s[3]; int i; ret = _krb5_n_fold(str, len, tmp, 24); if (ret) { memset(str, 0, len); free(str); krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); return ret; } for(i = 0; i < 3; i++){ memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); DES_set_odd_parity(keys + i); if(DES_is_weak_key(keys + i)) _krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); DES_set_key_unchecked(keys + i, &s[i]); } memset(&ivec, 0, sizeof(ivec)); DES_ede3_cbc_encrypt(tmp, tmp, sizeof(tmp), &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); memset(s, 0, sizeof(s)); memset(&ivec, 0, sizeof(ivec)); for(i = 0; i < 3; i++){ memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); DES_set_odd_parity(keys + i); if(DES_is_weak_key(keys + i)) _krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); } memset(tmp, 0, sizeof(tmp)); } key->keytype = enctype; krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); memset(keys, 0, sizeof(keys)); memset(str, 0, len); free(str); return 0; }