2 * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "ktutil_locl.h"
39 readstring(const char *prompt
, char *buf
, size_t len
)
42 if (fgets(buf
, len
, stdin
) == NULL
)
44 buf
[strcspn(buf
, "\r\n")] = '\0';
49 kt_add(struct add_options
*opt
, int argc
, char **argv
)
53 krb5_keytab_entry entry
;
57 if((keytab
= ktutil_open_keytab()) == NULL
)
60 memset(&entry
, 0, sizeof(entry
));
61 if(opt
->principal_string
== NULL
) {
62 if(readstring("Principal: ", buf
, sizeof(buf
)) == NULL
)
64 opt
->principal_string
= buf
;
66 ret
= krb5_parse_name(context
, opt
->principal_string
, &entry
.principal
);
68 krb5_warn(context
, ret
, "%s", opt
->principal_string
);
71 if(opt
->enctype_string
== NULL
) {
72 if(readstring("Encryption type: ", buf
, sizeof(buf
)) == NULL
) {
76 opt
->enctype_string
= buf
;
78 ret
= krb5_string_to_enctype(context
, opt
->enctype_string
, &enctype
);
81 if(sscanf(opt
->enctype_string
, "%d", &t
) == 1)
84 krb5_warn(context
, ret
, "%s", opt
->enctype_string
);
88 if(opt
->kvno_integer
== -1) {
89 if(readstring("Key version: ", buf
, sizeof(buf
)) == NULL
) {
93 if(sscanf(buf
, "%u", &opt
->kvno_integer
) != 1)
96 if(opt
->password_string
== NULL
&& opt
->random_flag
== 0) {
97 if(UI_UTIL_read_pw_string(buf
, sizeof(buf
), "Password: ",
98 UI_UTIL_FLAG_VERIFY
)) {
102 opt
->password_string
= buf
;
104 if(opt
->password_string
) {
109 len
= (strlen(opt
->password_string
) + 1) / 2;
113 krb5_warn(context
, ENOMEM
, "malloc");
117 if ((size_t)hex_decode(opt
->password_string
, data
, len
) != len
) {
119 krb5_warn(context
, ENOMEM
, "hex decode failed");
123 ret
= krb5_keyblock_init(context
, enctype
,
124 data
, len
, &entry
.keyblock
);
126 } else if (!opt
->salt_flag
) {
130 salt
.salttype
= KRB5_PW_SALT
;
131 salt
.saltvalue
.data
= NULL
;
132 salt
.saltvalue
.length
= 0;
133 pw
.data
= (void*)opt
->password_string
;
134 pw
.length
= strlen(opt
->password_string
);
135 ret
= krb5_string_to_key_data_salt(context
, enctype
, pw
, salt
,
138 ret
= krb5_string_to_key(context
, enctype
, opt
->password_string
,
139 entry
.principal
, &entry
.keyblock
);
141 memset (opt
->password_string
, 0, strlen(opt
->password_string
));
143 ret
= krb5_generate_random_keyblock(context
, enctype
, &entry
.keyblock
);
146 krb5_warn(context
, ret
, "add");
149 entry
.vno
= opt
->kvno_integer
;
150 entry
.timestamp
= time (NULL
);
151 ret
= krb5_kt_add_entry(context
, keytab
, &entry
);
153 krb5_warn(context
, ret
, "add");
155 krb5_kt_free_entry(context
, &entry
);
156 krb5_kt_close(context
, keytab
);