OpenSolaris_b135/lib/gss_mechs/mech_krb5/crypto/aes/aes_s2k.c
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* lib/crypto/aes/aes_s2k.c
*
* Copyright 2003 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* krb5int_aes_string_to_key
*/
#include "k5-int.h"
#include "dk.h"
#include "aes_s2k.h"
#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */
#define MAX_ITERATION_COUNT 0x1000000L
krb5_error_code
krb5int_aes_string_to_key(krb5_context context,
const struct krb5_enc_provider *enc,
const krb5_data *string,
const krb5_data *salt,
const krb5_data *params,
krb5_keyblock *key)
{
unsigned long iter_count;
krb5_data out;
static const krb5_data usage = { KV5M_DATA, 8, "kerberos" };
krb5_error_code err;
/* Solaris Kerberos */
krb5_keyblock *inkey = NULL;
if (params) {
unsigned char *p = (unsigned char *) params->data;
if (params->length != 4)
return KRB5_ERR_BAD_S2K_PARAMS;
/* The first two need casts in case 'int' is 16 bits. */
iter_count = (((unsigned long)p[0] << 24)
| ((unsigned long)p[1] << 16)
| (p[2] << 8)
| (p[3]));
if (iter_count == 0) {
/*
iter_count = (1L << 16) << 16;
if (((iter_count >> 16) >> 16) != 1)
return KRB5_ERR_BAD_S2K_PARAMS;
*/
iter_count = DEFAULT_ITERATION_COUNT;
}
} else
iter_count = DEFAULT_ITERATION_COUNT;
/* This is not a protocol specification constraint; this is an
implementation limit, which should eventually be controlled by
a config file. */
if (iter_count >= MAX_ITERATION_COUNT)
return KRB5_ERR_BAD_S2K_PARAMS;
/*
* Dense key space, no parity bits or anything, so take a shortcut
* and use the key contents buffer for the generated bytes.
*/
/* Solaris Kerberos */
if (key->length != 16 && key->length != 32)
return KRB5_CRYPTO_INTERNAL;
out.data = (char *) key->contents;
out.length = key->length;
/* Solaris Kerberos */
err = krb5int_pbkdf2_hmac_sha1 (context, &out, iter_count, key->enctype,
string, salt);
if (err) {
memset(out.data, 0, out.length);
return err;
}
/*
* Solaris Kerberos:
* The derive key operation below will not work correctly
* if the input and output key pointers are to the same
* data. This is because the key object handle (PKCS#11)
* gets out-of-sync with the original key when the contents
* are modified. We copy the original key here for use
* below in the derive_key step, then we free this key
* before exiting.
*/
err = krb5_copy_keyblock(context, key, &inkey);
if (err) {
memset(out.data, 0, out.length);
return err;
}
err = krb5_derive_key (context, enc, inkey, key, &usage);
if (err) {
memset(out.data, 0, out.length);
}
krb5_free_keyblock(context, inkey);
return (err);
}