Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Samba KDB plugin for MIT Kerberos
5 :
6 : Copyright (c) 2010 Simo Sorce <idra@samba.org>.
7 : Copyright (c) 2014 Andreas Schneider <asn@samba.org>
8 :
9 : This program is free software; you can redistribute it and/or modify
10 : it under the terms of the GNU General Public License as published by
11 : the Free Software Foundation; either version 3 of the License, or
12 : (at your option) any later version.
13 :
14 : This program is distributed in the hope that it will be useful,
15 : but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : GNU General Public License for more details.
18 :
19 : You should have received a copy of the GNU General Public License
20 : along with this program. If not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 : #include "includes.h"
24 :
25 : #include "system/kerberos.h"
26 :
27 : #include <profile.h>
28 : #include <kdb.h>
29 :
30 : #include "kdc/mit_samba.h"
31 : #include "kdb_samba.h"
32 :
33 : #undef DBGC_CLASS
34 : #define DBGC_CLASS DBGC_KERBEROS
35 :
36 12 : krb5_error_code kdb_samba_dbekd_decrypt_key_data(krb5_context context,
37 : const krb5_keyblock *mkey,
38 : const krb5_key_data *key_data,
39 : krb5_keyblock *kkey,
40 : krb5_keysalt *keysalt)
41 : {
42 : /*
43 : * NOTE: Samba doesn't use a master key, so we will just copy
44 : * the contents around untouched.
45 : */
46 12 : ZERO_STRUCTP(kkey);
47 :
48 12 : kkey->magic = KV5M_KEYBLOCK;
49 12 : kkey->enctype = key_data->key_data_type[0];
50 12 : kkey->contents = malloc(key_data->key_data_length[0]);
51 12 : if (kkey->contents == NULL) {
52 0 : return ENOMEM;
53 : }
54 12 : memcpy(kkey->contents,
55 12 : key_data->key_data_contents[0],
56 12 : key_data->key_data_length[0]);
57 12 : kkey->length = key_data->key_data_length[0];
58 :
59 12 : if (keysalt != NULL) {
60 0 : keysalt->type = key_data->key_data_type[1];
61 0 : keysalt->data.data = malloc(key_data->key_data_length[1]);
62 0 : if (keysalt->data.data == NULL) {
63 0 : free(kkey->contents);
64 0 : return ENOMEM;
65 : }
66 0 : memcpy(keysalt->data.data,
67 0 : key_data->key_data_contents[1],
68 0 : key_data->key_data_length[1]);
69 0 : keysalt->data.length = key_data->key_data_length[1];
70 : }
71 :
72 12 : return 0;
73 : }
74 :
75 0 : krb5_error_code kdb_samba_dbekd_encrypt_key_data(krb5_context context,
76 : const krb5_keyblock *mkey,
77 : const krb5_keyblock *kkey,
78 : const krb5_keysalt *keysalt,
79 : int keyver,
80 : krb5_key_data *key_data)
81 : {
82 : /*
83 : * NOTE: samba doesn't use a master key, so we will just copy
84 : * the contents around untouched.
85 : */
86 :
87 0 : ZERO_STRUCTP(key_data);
88 :
89 0 : key_data->key_data_ver = KRB5_KDB_V1_KEY_DATA_ARRAY;
90 0 : key_data->key_data_kvno = keyver;
91 0 : key_data->key_data_type[0] = kkey->enctype;
92 0 : key_data->key_data_contents[0] = malloc(kkey->length);
93 0 : if (key_data->key_data_contents[0] == NULL) {
94 0 : return ENOMEM;
95 : }
96 0 : memcpy(key_data->key_data_contents[0],
97 0 : kkey->contents,
98 0 : kkey->length);
99 0 : key_data->key_data_length[0] = kkey->length;
100 :
101 0 : if (keysalt != NULL) {
102 0 : key_data->key_data_type[1] = keysalt->type;
103 0 : key_data->key_data_contents[1] = malloc(keysalt->data.length);
104 0 : if (key_data->key_data_contents[1] == NULL) {
105 0 : free(key_data->key_data_contents[0]);
106 0 : return ENOMEM;
107 : }
108 0 : memcpy(key_data->key_data_contents[1],
109 0 : keysalt->data.data,
110 0 : keysalt->data.length);
111 0 : key_data->key_data_length[1] = keysalt->data.length;
112 : }
113 :
114 0 : return 0;
115 : }
|
