search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
krb5: implement draft-ietf-kitten-aes-cts-hmac-sha2-07
[heimdal.git] / lib / hdb / mkey.c
blobebfcb76f5d6d312c187a074cd325f31927d4b385
1 /*
2 * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "hdb_locl.h"
35 #ifndef O_BINARY
36 #define O_BINARY 0
37 #endif
38
39 struct hdb_master_key_data {
40 krb5_keytab_entry keytab;
41 krb5_crypto crypto;
42 struct hdb_master_key_data *next;
43 unsigned int key_usage;
44 };
45
46 void
47 hdb_free_master_key(krb5_context context, hdb_master_key mkey)
48 {
49 struct hdb_master_key_data *ptr;
50 while(mkey) {
51 krb5_kt_free_entry(context, &mkey->keytab);
52 if (mkey->crypto)
53 krb5_crypto_destroy(context, mkey->crypto);
54 ptr = mkey;
55 mkey = mkey->next;
56 free(ptr);
57 }
58 }
59
60 krb5_error_code
61 hdb_process_master_key(krb5_context context,
62 int kvno, krb5_keyblock *key, krb5_enctype etype,
63 hdb_master_key *mkey)
64 {
65 krb5_error_code ret;
66
67 *mkey = calloc(1, sizeof(**mkey));
68 if(*mkey == NULL) {
69 krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
70 return ENOMEM;
71 }
72 (*mkey)->key_usage = HDB_KU_MKEY;
73 (*mkey)->keytab.vno = kvno;
74 ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal);
75 if(ret)
76 goto fail;
77 ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock);
78 if(ret)
79 goto fail;
80 if(etype != 0)
81 (*mkey)->keytab.keyblock.keytype = etype;
82 (*mkey)->keytab.timestamp = time(NULL);
83 ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto);
84 if(ret)
85 goto fail;
86 return 0;
87 fail:
88 hdb_free_master_key(context, *mkey);
89 *mkey = NULL;
90 return ret;
91 }
92
93 krb5_error_code
94 hdb_add_master_key(krb5_context context, krb5_keyblock *key,
95 hdb_master_key *inout)
96 {
97 int vno = 0;
98 hdb_master_key p;
99 krb5_error_code ret;
100
101 for(p = *inout; p; p = p->next)
102 vno = max(vno, p->keytab.vno);
103 vno++;
104 ret = hdb_process_master_key(context, vno, key, 0, &p);
105 if(ret)
106 return ret;
107 p->next = *inout;
108 *inout = p;
109 return 0;
110 }
111
112 static krb5_error_code
113 read_master_keytab(krb5_context context, const char *filename,
114 hdb_master_key *mkey)
115 {
116 krb5_error_code ret;
117 krb5_keytab id;
118 krb5_kt_cursor cursor;
119 krb5_keytab_entry entry;
120 hdb_master_key p;
121
122 ret = krb5_kt_resolve(context, filename, &id);
123 if(ret)
124 return ret;
125
126 ret = krb5_kt_start_seq_get(context, id, &cursor);
127 if(ret)
128 goto out;
129 *mkey = NULL;
130 while(krb5_kt_next_entry(context, id, &entry, &cursor) == 0) {
131 p = calloc(1, sizeof(*p));
132 if(p == NULL) {
133 krb5_kt_end_seq_get(context, id, &cursor);
134 ret = ENOMEM;
135 goto out;
136 }
137 p->keytab = entry;
138 ret = krb5_crypto_init(context, &p->keytab.keyblock, 0, &p->crypto);
139 p->next = *mkey;
140 *mkey = p;
141 }
142 krb5_kt_end_seq_get(context, id, &cursor);
143 out:
144 krb5_kt_close(context, id);
145 return ret;
146 }
147
148 /* read a MIT master keyfile */
149 static krb5_error_code
150 read_master_mit(krb5_context context, const char *filename,
151 int byteorder, hdb_master_key *mkey)
152 {
153 int fd;
154 krb5_error_code ret;
155 krb5_storage *sp;
156 int16_t enctype;
157 krb5_keyblock key;
158
159 fd = open(filename, O_RDONLY | O_BINARY);
160 if(fd < 0) {
161 int save_errno = errno;
162 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
163 filename, strerror(save_errno));
164 return save_errno;
165 }
166 sp = krb5_storage_from_fd(fd);
167 if(sp == NULL) {
168 close(fd);
169 return errno;
170 }
171 krb5_storage_set_flags(sp, byteorder);
172 /* could possibly use ret_keyblock here, but do it with more
173 checks for now */
174 {
175 ret = krb5_ret_int16(sp, &enctype);
176 if (ret)
177 goto out;
178 ret = krb5_enctype_valid(context, enctype);
179 if (ret)
180 goto out;
181 key.keytype = enctype;
182 ret = krb5_ret_data(sp, &key.keyvalue);
183 if(ret)
184 goto out;
185 }
186 ret = hdb_process_master_key(context, 1, &key, 0, mkey);
187 krb5_free_keyblock_contents(context, &key);
188 out:
189 krb5_storage_free(sp);
190 close(fd);
191 return ret;
192 }
193
194 /* read an old master key file */
195 static krb5_error_code
196 read_master_encryptionkey(krb5_context context, const char *filename,
197 hdb_master_key *mkey)
198 {
199 int fd;
200 krb5_keyblock key;
201 krb5_error_code ret;
202 unsigned char buf[256];
203 ssize_t len;
204 size_t ret_len;
205
206 fd = open(filename, O_RDONLY | O_BINARY);
207 if(fd < 0) {
208 int save_errno = errno;
209 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
210 filename, strerror(save_errno));
211 return save_errno;
212 }
213
214 len = read(fd, buf, sizeof(buf));
215 close(fd);
216 if(len < 0) {
217 int save_errno = errno;
218 krb5_set_error_message(context, save_errno, "error reading %s: %s",
219 filename, strerror(save_errno));
220 return save_errno;
221 }
222
223 ret = decode_EncryptionKey(buf, len, &key, &ret_len);
224 memset(buf, 0, sizeof(buf));
225 if(ret)
226 return ret;
227
228 /* Originally, the keytype was just that, and later it got changed
229 to des-cbc-md5, but we always used des in cfb64 mode. This
230 should cover all cases, but will break if someone has hacked
231 this code to really use des-cbc-md5 -- but then that's not my
232 problem. */
233 if(key.keytype == ETYPE_DES_CBC_CRC || key.keytype == ETYPE_DES_CBC_MD5)
234 key.keytype = ETYPE_DES_CFB64_NONE;
235
236 ret = hdb_process_master_key(context, 0, &key, 0, mkey);
237 krb5_free_keyblock_contents(context, &key);
238 return ret;
239 }
240
241 /* read a krb4 /.k style file */
242 static krb5_error_code
243 read_master_krb4(krb5_context context, const char *filename,
244 hdb_master_key *mkey)
245 {
246 int fd;
247 krb5_keyblock key;
248 krb5_error_code ret;
249 unsigned char buf[256];
250 ssize_t len;
251
252 fd = open(filename, O_RDONLY | O_BINARY);
253 if(fd < 0) {
254 int save_errno = errno;
255 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
256 filename, strerror(save_errno));
257 return save_errno;
258 }
259
260 len = read(fd, buf, sizeof(buf));
261 close(fd);
262 if(len < 0) {
263 int save_errno = errno;
264 krb5_set_error_message(context, save_errno, "error reading %s: %s",
265 filename, strerror(save_errno));
266 return save_errno;
267 }
268 if(len != 8) {
269 krb5_set_error_message(context, HEIM_ERR_EOF,
270 "bad contents of %s", filename);
271 return HEIM_ERR_EOF; /* XXX file might be too large */
272 }
273
274 memset(&key, 0, sizeof(key));
275 key.keytype = ETYPE_DES_PCBC_NONE;
276 ret = krb5_data_copy(&key.keyvalue, buf, len);
277 memset(buf, 0, sizeof(buf));
278 if(ret)
279 return ret;
280
281 ret = hdb_process_master_key(context, 0, &key, 0, mkey);
282 krb5_free_keyblock_contents(context, &key);
283 return ret;
284 }
285
286 krb5_error_code
287 hdb_read_master_key(krb5_context context, const char *filename,
288 hdb_master_key *mkey)
289 {
290 FILE *f;
291 unsigned char buf[16];
292 krb5_error_code ret;
293
294 off_t len;
295
296 *mkey = NULL;
297
298 if(filename == NULL)
299 filename = HDB_DB_DIR "/m-key";
300
301 f = fopen(filename, "r");
302 if(f == NULL) {
303 int save_errno = errno;
304 krb5_set_error_message(context, save_errno, "failed to open %s: %s",
305 filename, strerror(save_errno));
306 return save_errno;
307 }
308
309 if(fread(buf, 1, 2, f) != 2) {
310 fclose(f);
311 krb5_set_error_message(context, HEIM_ERR_EOF, "end of file reading %s", filename);
312 return HEIM_ERR_EOF;
313 }
314
315 fseek(f, 0, SEEK_END);
316 len = ftell(f);
317
318 if(fclose(f) != 0)
319 return errno;
320
321 if(len < 0)
322 return errno;
323
324 if(len == 8) {
325 ret = read_master_krb4(context, filename, mkey);
326 } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) {
327 ret = read_master_encryptionkey(context, filename, mkey);
328 } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) {
329 ret = read_master_keytab(context, filename, mkey);
330 } else {
331 /*
332 * Check both LittleEndian and BigEndian since they key file
333 * might be moved from a machine with diffrent byte order, or
334 * its running on MacOS X that always uses BE master keys.
335 */
336 ret = read_master_mit(context, filename, KRB5_STORAGE_BYTEORDER_LE, mkey);
337 if (ret)
338 ret = read_master_mit(context, filename, KRB5_STORAGE_BYTEORDER_BE, mkey);
339 }
340 return ret;
341 }
342
343 krb5_error_code
344 hdb_write_master_key(krb5_context context, const char *filename,
345 hdb_master_key mkey)
346 {
347 krb5_error_code ret;
348 hdb_master_key p;
349 krb5_keytab kt;
350
351 if(filename == NULL)
352 filename = HDB_DB_DIR "/m-key";
353
354 ret = krb5_kt_resolve(context, filename, &kt);
355 if(ret)
356 return ret;
357
358 for(p = mkey; p; p = p->next) {
359 ret = krb5_kt_add_entry(context, kt, &p->keytab);
360 }
361
362 krb5_kt_close(context, kt);
363
364 return ret;
365 }
366
367 krb5_error_code
368 _hdb_set_master_key_usage(krb5_context context, HDB *db, unsigned int key_usage)
369 {
370 if (db->hdb_master_key_set == 0)
371 return HDB_ERR_NO_MKEY;
372 db->hdb_master_key->key_usage = key_usage;
373 return 0;
374 }
375
376 hdb_master_key
377 _hdb_find_master_key(int *mkvno, hdb_master_key mkey)
378 {
379 hdb_master_key ret = NULL;
380 while(mkey) {
381 if(ret == NULL && mkey->keytab.vno == 0)
382 ret = mkey;
383 if(mkvno == NULL) {
384 if(ret == NULL || mkey->keytab.vno > ret->keytab.vno)
385 ret = mkey;
386 } else if((uint32_t)mkey->keytab.vno == *mkvno)
387 return mkey;
388 mkey = mkey->next;
389 }
390 return ret;
391 }
392
393 int
394 _hdb_mkey_version(hdb_master_key mkey)
395 {
396 return mkey->keytab.vno;
397 }
398
399 int
400 _hdb_mkey_decrypt(krb5_context context, hdb_master_key key,
401 krb5_key_usage usage,
402 void *ptr, size_t size, krb5_data *res)
403 {
404 return krb5_decrypt(context, key->crypto, usage,
405 ptr, size, res);
406 }
407
408 int
409 _hdb_mkey_encrypt(krb5_context context, hdb_master_key key,
410 krb5_key_usage usage,
411 const void *ptr, size_t size, krb5_data *res)
412 {
413 return krb5_encrypt(context, key->crypto, usage,
414 ptr, size, res);
415 }
416
417 krb5_error_code
418 hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
419 {
420
421 krb5_error_code ret;
422 krb5_data res;
423 size_t keysize;
424
425 hdb_master_key key;
426
427 if(k->mkvno == NULL)
428 return 0;
429
430 key = _hdb_find_master_key(k->mkvno, mkey);
431
432 if (key == NULL)
433 return HDB_ERR_NO_MKEY;
434
435 ret = _hdb_mkey_decrypt(context, key, HDB_KU_MKEY,
436 k->key.keyvalue.data,
437 k->key.keyvalue.length,
438 &res);
439 if(ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) {
440 /* try to decrypt with MIT key usage */
441 ret = _hdb_mkey_decrypt(context, key, 0,
442 k->key.keyvalue.data,
443 k->key.keyvalue.length,
444 &res);
445 }
446 if (ret)
447 return ret;
448
449 /* fixup keylength if the key got padded when encrypting it */
450 ret = krb5_enctype_keysize(context, k->key.keytype, &keysize);
451 if (ret) {
452 krb5_data_free(&res);
453 return ret;
454 }
455 if (keysize > res.length) {
456 krb5_data_free(&res);
457 return KRB5_BAD_KEYSIZE;
458 }
459
460 memset(k->key.keyvalue.data, 0, k->key.keyvalue.length);
461 free(k->key.keyvalue.data);
462 k->key.keyvalue = res;
463 k->key.keyvalue.length = keysize;
464 free(k->mkvno);
465 k->mkvno = NULL;
466
467 return 0;
468 }
469
470 krb5_error_code
471 hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
472 {
473 size_t i;
474
475 for(i = 0; i < ent->keys.len; i++){
476 krb5_error_code ret;
477
478 ret = hdb_unseal_key_mkey(context, &ent->keys.val[i], mkey);
479 if (ret)
480 return ret;
481 }
482 return 0;
483 }
484
485 krb5_error_code
486 hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent)
487 {
488 if (db->hdb_master_key_set == 0)
489 return 0;
490 return hdb_unseal_keys_mkey(context, ent, db->hdb_master_key);
491 }
492
493 /*
494 * Unseal the keys for the given kvno (or all of them) of entry.
495 *
496 * If kvno == 0 -> unseal all.
497 * if kvno != 0 -> unseal the requested kvno and make sure it's the one listed
498 * as the current keyset for the entry (swapping it with a
499 * historical keyset if need be).
500 */
501 krb5_error_code
502 hdb_unseal_keys_kvno(krb5_context context, HDB *db, krb5_kvno kvno,
503 unsigned flags, hdb_entry *ent)
504 {
505 krb5_error_code ret = HDB_ERR_NOENTRY;
506 HDB_extension *ext;
507 HDB_Ext_KeySet *hist_keys;
508 Key *tmp_val;
509 time_t tmp_set_time;
510 unsigned int tmp_len;
511 unsigned int kvno_diff = 0;
512 krb5_kvno tmp_kvno;
513 size_t i, k;
514 int exclude_dead = 0;
515 KerberosTime now = 0;
516
517 if (kvno == 0)
518 ret = 0;
519
520 if ((flags & HDB_F_LIVE_CLNT_KVNOS) || (flags & HDB_F_LIVE_SVC_KVNOS)) {
521 exclude_dead = 1;
522 now = time(NULL);
523 if (HDB_F_LIVE_CLNT_KVNOS)
524 kvno_diff = hdb_entry_get_kvno_diff_clnt(ent);
525 else
526 kvno_diff = hdb_entry_get_kvno_diff_svc(ent);
527 }
528
529 ext = hdb_find_extension(ent, choice_HDB_extension_data_hist_keys);
530 if (ext == NULL || (&ext->data.u.hist_keys)->len == 0)
531 return hdb_unseal_keys_mkey(context, ent, db->hdb_master_key);
532
533 /* For swapping; see below */
534 tmp_len = ent->keys.len;
535 tmp_val = ent->keys.val;
536 tmp_kvno = ent->kvno;
537 (void) hdb_entry_get_pw_change_time(ent, &tmp_set_time);
538
539 hist_keys = &ext->data.u.hist_keys;
540
541 for (i = 0; i < hist_keys->len; i++) {
542 if (kvno != 0 && hist_keys->val[i].kvno != kvno)
543 continue;
544
545 if (exclude_dead &&
546 ((ent->max_life != NULL &&
547 hist_keys->val[i].set_time != NULL &&
548 (*hist_keys->val[i].set_time) < (now - (*ent->max_life))) ||
549 (hist_keys->val[i].kvno < kvno &&
550 (kvno - hist_keys->val[i].kvno) > kvno_diff)))
551 /*
552 * The KDC may want to to check for this keyset's set_time
553 * is within the TGS principal's max_life, say. But we stop
554 * here.
555 */
556 continue;
557
558 /* Either the keys we want, or all the keys */
559 for (k = 0; k < hist_keys->val[i].keys.len; k++) {
560 ret = hdb_unseal_key_mkey(context,
561 &hist_keys->val[i].keys.val[k],
562 db->hdb_master_key);
563 /*
564 * If kvno == 0 we might not want to bail here! E.g., if we
565 * no longer have the right master key, so just ignore this.
566 *
567 * We could filter out keys that we can't decrypt here
568 * because of HDB_ERR_NO_MKEY. However, it seems safest to
569 * filter them out only where necessary, say, in kadm5.
570 */
571 if (ret && kvno != 0)
572 return ret;
573 if (ret && ret != HDB_ERR_NO_MKEY)
574 return (ret);
575 }
576
577 if (kvno == 0)
578 continue;
579
580 /*
581 * What follows is a bit of a hack.
582 *
583 * This is the keyset we're being asked for, but it's not the
584 * current keyset. So we add the current keyset to the history,
585 * leave the one we were asked for in the history, and pretend
586 * the one we were asked for is also the current keyset.
587 *
588 * This is a bit of a defensive hack in case an entry fetched
589 * this way ever gets modified then stored: if the keyset is not
590 * changed we can detect this and put things back, else we won't
591 * drop any keysets from history by accident.
592 *
593 * Note too that we only ever get called with a non-zero kvno
594 * either in the KDC or in cases where we aren't changing the
595 * HDB entry anyways, which is why this is just a defensive
596 * hack. We also don't fetch specific kvnos in the dump case,
597 * so there's no danger that we'll dump this entry and load it
598 * again, repeatedly causing the history to grow boundelessly.
599 */
600
601 /* Swap key sets */
602 ent->kvno = hist_keys->val[i].kvno;
603 ent->keys.val = hist_keys->val[i].keys.val;
604 ent->keys.len = hist_keys->val[i].keys.len;
605 if (hist_keys->val[i].set_time != NULL)
606 /* Sloppy, but the callers we expect won't care */
607 (void) hdb_entry_set_pw_change_time(context, ent,
608 *hist_keys->val[i].set_time);
609 hist_keys->val[i].kvno = tmp_kvno;
610 hist_keys->val[i].keys.val = tmp_val;
611 hist_keys->val[i].keys.len = tmp_len;
612 if (hist_keys->val[i].set_time != NULL)
613 /* Sloppy, but the callers we expect won't care */
614 *hist_keys->val[i].set_time = tmp_set_time;
615
616 return 0;
617 }
618
619 return (ret);
620 }
621
622 krb5_error_code
623 hdb_unseal_key(krb5_context context, HDB *db, Key *k)
624 {
625 if (db->hdb_master_key_set == 0)
626 return 0;
627 return hdb_unseal_key_mkey(context, k, db->hdb_master_key);
628 }
629
630 krb5_error_code
631 hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
632 {
633 krb5_error_code ret;
634 krb5_data res;
635 hdb_master_key key;
636
637 if(k->mkvno != NULL)
638 return 0;
639
640 key = _hdb_find_master_key(k->mkvno, mkey);
641
642 if (key == NULL)
643 return HDB_ERR_NO_MKEY;
644
645 ret = _hdb_mkey_encrypt(context, key, HDB_KU_MKEY,
646 k->key.keyvalue.data,
647 k->key.keyvalue.length,
648 &res);
649 if (ret)
650 return ret;
651
652 memset(k->key.keyvalue.data, 0, k->key.keyvalue.length);
653 free(k->key.keyvalue.data);
654 k->key.keyvalue = res;
655
656 if (k->mkvno == NULL) {
657 k->mkvno = malloc(sizeof(*k->mkvno));
658 if (k->mkvno == NULL)
659 return ENOMEM;
660 }
661 *k->mkvno = key->keytab.vno;
662
663 return 0;
664 }
665
666 krb5_error_code
667 hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
668 {
669 HDB_extension *ext;
670 HDB_Ext_KeySet *hist_keys;
671 size_t i, k;
672 krb5_error_code ret;
673
674 for(i = 0; i < ent->keys.len; i++){
675 ret = hdb_seal_key_mkey(context, &ent->keys.val[i], mkey);
676 if (ret)
677 return ret;
678 }
679
680 ext = hdb_find_extension(ent, choice_HDB_extension_data_hist_keys);
681 if (ext == NULL)
682 return 0;
683 hist_keys = &ext->data.u.hist_keys;
684
685 for (i = 0; i < hist_keys->len; i++) {
686 for (k = 0; k < hist_keys->val[i].keys.len; k++) {
687 ret = hdb_seal_key_mkey(context, &hist_keys->val[i].keys.val[k],
688 mkey);
689 if (ret)
690 return ret;
691 }
692 }
693
694 return 0;
695 }
696
697 krb5_error_code
698 hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent)
699 {
700 if (db->hdb_master_key_set == 0)
701 return 0;
702
703 return hdb_seal_keys_mkey(context, ent, db->hdb_master_key);
704 }
705
706 krb5_error_code
707 hdb_seal_key(krb5_context context, HDB *db, Key *k)
708 {
709 if (db->hdb_master_key_set == 0)
710 return 0;
711
712 return hdb_seal_key_mkey(context, k, db->hdb_master_key);
713 }
714
715 krb5_error_code
716 hdb_set_master_key(krb5_context context,
717 HDB *db,
718 krb5_keyblock *key)
719 {
720 krb5_error_code ret;
721 hdb_master_key mkey;
722
723 ret = hdb_process_master_key(context, 0, key, 0, &mkey);
724 if (ret)
725 return ret;
726 db->hdb_master_key = mkey;
727 #if 0 /* XXX - why? */
728 des_set_random_generator_seed(key.keyvalue.data);
729 #endif
730 db->hdb_master_key_set = 1;
731 db->hdb_master_key->key_usage = HDB_KU_MKEY;
732 return 0;
733 }
734
735 krb5_error_code
736 hdb_set_master_keyfile (krb5_context context,
737 HDB *db,
738 const char *keyfile)
739 {
740 hdb_master_key key;
741 krb5_error_code ret;
742
743 ret = hdb_read_master_key(context, keyfile, &key);
744 if (ret) {
745 if (ret != ENOENT)
746 return ret;
747 krb5_clear_error_message(context);
748 return 0;
749 }
750 db->hdb_master_key = key;
751 db->hdb_master_key_set = 1;
752 return ret;
753 }
754
755 krb5_error_code
756 hdb_clear_master_key (krb5_context context,
757 HDB *db)
758 {
759 if (db->hdb_master_key_set) {
760 hdb_free_master_key(context, db->hdb_master_key);
761 db->hdb_master_key_set = 0;
762 }
763 return 0;
764 }
Heimdal