1 /*
   2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
   3  * Use is subject to license terms.
   4  */
   5 
   6 #pragma ident   "%Z%%M% %I%     %E% SMI"
   7 
   8 /*
   9  * lib/crypto/des/string2key.c
  10  *
  11  * Copyright 1990,1991 by the Massachusetts Institute of Technology.
  12  * All Rights Reserved.
  13  *
  14  * Export of this software from the United States of America may
  15  *   require a specific license from the United States Government.
  16  *   It is the responsibility of any person or organization contemplating
  17  *   export to obtain such a license before exporting.
  18  *
  19  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  20  * distribute this software and its documentation for any purpose and
  21  * without fee is hereby granted, provided that the above copyright
  22  * notice appear in all copies and that both that copyright notice and
  23  * this permission notice appear in supporting documentation, and that
  24  * the name of M.I.T. not be used in advertising or publicity pertaining
  25  * to distribution of the software without specific, written prior
  26  * permission.  M.I.T. makes no representations about the suitability of
  27  * this software for any purpose.  It is provided "as is" without express
  28  * or implied warranty.
  29  */
  30 
  31 #include <k5-int.h>
  32 #include <des_int.h>
  33 
  34 /*
  35         converts the string pointed to by "data" into an encryption key
  36         of type "enctype".  *keyblock is filled in with the key info;
  37         in particular, keyblock->contents is to be set to allocated storage.
  38         It is the responsibility of the caller to release this storage
  39         when the generated key no longer needed.
  40 
  41         The routine may use "salt" to seed or alter the conversion
  42         algorithm.
  43 
  44         If the particular function called does not know how to make a
  45         key of type "enctype", an error may be returned.
  46 
  47         returns: errors
  48  */
  49 
  50 krb5_error_code
  51 mit_des_string_to_key_int (krb5_context context,
  52         krb5_keyblock *keyblock,
  53         const krb5_data *data,
  54         const krb5_data *salt)
  55 {
  56     krb5_error_code retval = KRB5_PROG_ETYPE_NOSUPP;
  57     register char *str, *copystr;
  58     register krb5_octet *key;
  59     register unsigned temp;
  60     register long i;
  61     register int j;
  62     register long length;
  63     unsigned char *k_p;
  64     int forward;
  65     register char *p_char;
  66     char k_char[64];
  67 
  68 #ifndef min
  69 #define min(A, B) ((A) < (B) ? (A): (B))
  70 #endif
  71 
  72     keyblock->magic = KV5M_KEYBLOCK;
  73     keyblock->length = sizeof(mit_des_cblock);
  74     key = keyblock->contents;
  75 
  76     if (salt
  77         && (salt->length == SALT_TYPE_AFS_LENGTH
  78             /* XXX  Yuck!  Aren't we done with this yet?  */
  79             || salt->length == (unsigned) -1)) {
  80         krb5_data afssalt;
  81         char *at;
  82 
  83         afssalt.data = salt->data;
  84         at = strchr(afssalt.data, '@');
  85         if (at) {
  86             *at = 0;
  87             afssalt.length = at - afssalt.data;
  88         } else
  89             afssalt.length = strlen(afssalt.data);
  90         return mit_afs_string_to_key(context, keyblock, data, &afssalt);
  91     }
  92 
  93     length = data->length + (salt ? salt->length : 0);
  94 
  95     copystr = malloc((size_t) length);
  96     if (!copystr) {
  97         return ENOMEM;
  98     }
  99 
 100     (void) memcpy(copystr, (char *) data->data, data->length);
 101     if (salt)
 102         (void) memcpy(copystr + data->length, (char *)salt->data, salt->length);
 103 
 104     /* convert to des key */
 105     forward = 1;
 106     p_char = k_char;
 107 
 108     /* init key array for bits */
 109     (void) memset(k_char,0,sizeof(k_char));
 110 
 111 #if 0
 112     if (mit_des_debug)
 113         fprintf(stdout,
 114                 "\n\ninput str length = %d  string = %*s\nstring = 0x ",
 115                 length,length,str);
 116 #endif
 117 
 118     str = copystr;
 119 
 120     /* get next 8 bytes, strip parity, xor */
 121     for (i = 1; i <= length; i++) {
 122         /* get next input key byte */
 123         temp = (unsigned int) *str++;
 124 #if 0
 125         if (mit_des_debug)
 126             fprintf(stdout,"%02x ",temp & 0xff);
 127 #endif
 128         /* loop through bits within byte, ignore parity */
 129         for (j = 0; j <= 6; j++) {
 130             if (forward)
 131                 *p_char++ ^= (int) temp & 01;
 132             else
 133                 *--p_char ^= (int) temp & 01;
 134             temp = temp >> 1;
 135         }
 136 
 137         /* check and flip direction */
 138         if ((i%8) == 0)
 139             forward = !forward;
 140     }
 141 
 142     /* now stuff into the key mit_des_cblock, and force odd parity */
 143     p_char = k_char;
 144     k_p = (unsigned char *) key;
 145 
 146     for (i = 0; i <= 7; i++) {
 147         temp = 0;
 148         for (j = 0; j <= 6; j++)
 149             temp |= *p_char++ << (1+j);
 150         *k_p++ = (unsigned char) temp;
 151     }
 152 
 153     /* fix key parity */
 154     mit_des_fixup_key_parity(key);
 155     if (mit_des_is_weak_key(key))
 156         ((krb5_octet *)key)[7] ^= 0xf0;
 157 
 158     retval = mit_des_cbc_cksum(context, (unsigned char*)copystr, key,
 159         length, keyblock, key);
 160 
 161     /* clean & free the input string */
 162     (void) memset(copystr, 0, (size_t) length);
 163     krb5_xfree(copystr);
 164 
 165     /* now fix up key parity again */
 166     mit_des_fixup_key_parity(key);
 167     if (mit_des_is_weak_key(key))
 168         ((krb5_octet *)key)[7] ^= 0xf0;
 169 
 170     /*
 171      * Because this routine actually modifies the original keyblock
 172      * in place we cannot use the PKCS#11 key object handle created earlier.
 173      * Destroy the existing object handle associated with the key,
 174      * a correct handle will get created when the key is actually
 175      * used for the first time.
 176      */
 177      if (keyblock->hKey != CK_INVALID_HANDLE) {
 178         (void)C_DestroyObject(krb_ctx_hSession(context), keyblock->hKey);
 179         keyblock->hKey = CK_INVALID_HANDLE;
 180      }
 181 
 182     return retval;
 183 }