2 * Copyright (c) 1997 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by Kungliga Tekniska
20 * Högskolan and its contributors.
22 * 4. Neither the name of the Institute nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 #include <krb5_locl.h>
44 krb5_mk_priv(krb5_context context
,
45 krb5_auth_context auth_context
,
46 const krb5_data
*userdata
,
48 /*krb5_replay_data*/ void *outdata
)
62 /* XXX - Is this right? */
64 if (auth_context
->local_subkey
.keytype
)
65 key
= &auth_context
->local_subkey
;
66 else if (auth_context
->remote_subkey
.keytype
)
67 key
= &auth_context
->remote_subkey
;
69 key
= auth_context
->keyblock
;
71 if (auth_context
->enctype
)
72 enctype
= auth_context
->enctype
;
74 r
= krb5_keytype_to_etype (context
, key
->keytype
, &enctype
);
79 krb5_us_timeofday (context
, &sec
, &usec
);
81 part
.user_data
= *userdata
;
83 part
.timestamp
= &sec2
;
86 if (auth_context
->flags
& KRB5_AUTH_CONTEXT_DO_SEQUENCE
) {
87 tmp_seq
= ++auth_context
->local_seqnumber
;
88 part
.seq_number
= &tmp_seq
;
90 part
.seq_number
= NULL
;
93 part
.s_address
= auth_context
->local_address
;
94 part
.r_address
= auth_context
->remote_address
;
96 r
= encode_EncKrbPrivPart (buf
+ sizeof(buf
) - 1, sizeof(buf
), &part
, &len
);
101 s
.msg_type
= krb_priv
;
102 s
.enc_part
.etype
= enctype
;
103 s
.enc_part
.kvno
= NULL
;
105 r
= krb5_encrypt (context
, buf
+ sizeof(buf
) - len
, len
,
106 enctype
, key
, &s
.enc_part
.cipher
);
110 r
= encode_KRB_PRIV (buf
+ sizeof(buf
) - 1, sizeof(buf
), &s
, &len
);
111 krb5_data_free (&s
.enc_part
.cipher
);
114 outbuf
->length
= len
;
115 outbuf
->data
= malloc (len
);
116 if (outbuf
->data
== NULL
)
118 memcpy (outbuf
->data
, buf
+ sizeof(buf
) - len
, len
);