2 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "ktutil_locl.h"
36 RCSID("$Id: add.c,v 1.5 2002/09/10 19:26:52 joda Exp $");
39 kt_add(int argc
, char **argv
)
43 krb5_keytab_entry entry
;
45 char *principal_string
= NULL
;
47 char *enctype_string
= NULL
;
49 char *password_string
= NULL
;
53 struct getargs args
[] = {
54 { "principal", 'p', arg_string
, NULL
, "principal of key", "principal"},
55 { "kvno", 'V', arg_integer
, NULL
, "key version of key" },
56 { "enctype", 'e', arg_string
, NULL
, "encryption type of key" },
57 { "password", 'w', arg_string
, NULL
, "password for key"},
58 { "salt", 's', arg_negative_flag
, NULL
, "no salt" },
59 { "random", 'r', arg_flag
, NULL
, "generate random key" },
60 { "help", 'h', arg_flag
, NULL
}
62 int num_args
= sizeof(args
) / sizeof(args
[0]);
65 args
[i
++].value
= &principal_string
;
66 args
[i
++].value
= &kvno
;
67 args
[i
++].value
= &enctype_string
;
68 args
[i
++].value
= &password_string
;
69 args
[i
++].value
= &salt_flag
;
70 args
[i
++].value
= &random_flag
;
71 args
[i
++].value
= &help_flag
;
73 if(getarg(args
, num_args
, argc
, argv
, &optind
)) {
74 arg_printusage(args
, num_args
, "ktutil add", "");
78 arg_printusage(args
, num_args
, "ktutil add", "");
81 if((keytab
= ktutil_open_keytab()) == NULL
)
84 memset(&entry
, 0, sizeof(entry
));
85 if(principal_string
== NULL
) {
86 printf("Principal: ");
87 if (fgets(buf
, sizeof(buf
), stdin
) == NULL
)
89 buf
[strcspn(buf
, "\r\n")] = '\0';
90 principal_string
= buf
;
92 ret
= krb5_parse_name(context
, principal_string
, &entry
.principal
);
94 krb5_warn(context
, ret
, "%s", principal_string
);
97 if(enctype_string
== NULL
) {
98 printf("Encryption type: ");
99 if (fgets(buf
, sizeof(buf
), stdin
) == NULL
)
101 buf
[strcspn(buf
, "\r\n")] = '\0';
102 enctype_string
= buf
;
104 ret
= krb5_string_to_enctype(context
, enctype_string
, &enctype
);
107 if(sscanf(enctype_string
, "%d", &t
) == 1)
110 krb5_warn(context
, ret
, "%s", enctype_string
);
115 printf("Key version: ");
116 if (fgets(buf
, sizeof(buf
), stdin
) == NULL
)
118 buf
[strcspn(buf
, "\r\n")] = '\0';
121 if(password_string
== NULL
&& random_flag
== 0) {
122 if(des_read_pw_string(buf
, sizeof(buf
), "Password: ", 1))
124 password_string
= buf
;
126 if(password_string
) {
131 salt
.salttype
= KRB5_PW_SALT
;
132 salt
.saltvalue
.data
= NULL
;
133 salt
.saltvalue
.length
= 0;
134 pw
.data
= (void*)password_string
;
135 pw
.length
= strlen(password_string
);
136 krb5_string_to_key_data_salt(context
, enctype
, pw
, salt
,
139 krb5_string_to_key(context
, enctype
, password_string
,
140 entry
.principal
, &entry
.keyblock
);
142 memset (password_string
, 0, strlen(password_string
));
144 krb5_generate_random_keyblock(context
, enctype
, &entry
.keyblock
);
147 entry
.timestamp
= time (NULL
);
148 ret
= krb5_kt_add_entry(context
, keytab
, &entry
);
150 krb5_warn(context
, ret
, "add");
152 krb5_kt_free_entry(context
, &entry
);
153 krb5_kt_close(context
, keytab
);