1 /* 2 Unix SMB/CIFS implementation. 3 4 Samba KDB plugin for MIT Kerberos 5 6 Copyright (c) 2010 Simo Sorce <idra@samba.org>. 7 Copyright (c) 2014 Andreas Schneider <asn@samba.org> 8 9 This program is free software; you can redistribute it and/or modify 10 it under the terms of the GNU General Public License as published by 11 the Free Software Foundation; either version 3 of the License, or 12 (at your option) any later version. 13 14 This program is distributed in the hope that it will be useful, 15 but WITHOUT ANY WARRANTY; without even the implied warranty of 16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 GNU General Public License for more details. 18 19 You should have received a copy of the GNU General Public License 20 along with this program. If not, see <http://www.gnu.org/licenses/>. 21 */ 22 23 #include "includes.h" 24 25 #include "system/kerberos.h" 26 27 #include <profile.h> 28 #include <kdb.h> 29 30 #include "kdc/mit_samba.h" 31 #include "kdb_samba.h" 32 33 krb5_error_code kdb_samba_dbekd_decrypt_key_data(krb5_context context, 34 const krb5_keyblock *mkey, 35 const krb5_key_data *key_data, 36 krb5_keyblock *kkey, 37 krb5_keysalt *keysalt) 38 { 39 /* 40 * NOTE: Samba doesn't use a master key, so we will just copy 41 * the contents around untouched. 42 */ 43 ZERO_STRUCTP(kkey); 44 45 kkey->magic = KV5M_KEYBLOCK; 46 kkey->enctype = key_data->key_data_type[0]; 47 kkey->contents = malloc(key_data->key_data_length[0]); 48 if (kkey->contents == NULL) { 49 return ENOMEM; 50 } 51 memcpy(kkey->contents, 52 key_data->key_data_contents[0], 53 key_data->key_data_length[0]); 54 kkey->length = key_data->key_data_length[0]; 55 56 if (keysalt != NULL) { 57 keysalt->type = key_data->key_data_type[1]; 58 keysalt->data.data = malloc(key_data->key_data_length[1]); 59 if (keysalt->data.data == NULL) { 60 free(kkey->contents); 61 return ENOMEM; 62 } 63 memcpy(keysalt->data.data, 64 key_data->key_data_contents[1], 65 key_data->key_data_length[1]); 66 keysalt->data.length = key_data->key_data_length[1]; 67 } 68 69 return 0; 70 } 71 72 krb5_error_code kdb_samba_dbekd_encrypt_key_data(krb5_context context, 73 const krb5_keyblock *mkey, 74 const krb5_keyblock *kkey, 75 const krb5_keysalt *keysalt, 76 int keyver, 77 krb5_key_data *key_data) 78 { 79 /* 80 * NOTE: samba doesn't use a master key, so we will just copy 81 * the contents around untouched. 82 */ 83 84 ZERO_STRUCTP(key_data); 85 86 key_data->key_data_ver = KRB5_KDB_V1_KEY_DATA_ARRAY; 87 key_data->key_data_kvno = keyver; 88 key_data->key_data_type[0] = kkey->enctype; 89 key_data->key_data_contents[0] = malloc(kkey->length); 90 if (key_data->key_data_contents[0] == NULL) { 91 return ENOMEM; 92 } 93 memcpy(key_data->key_data_contents[0], 94 kkey->contents, 95 kkey->length); 96 key_data->key_data_length[0] = kkey->length; 97 98 if (keysalt != NULL) { 99 key_data->key_data_type[1] = keysalt->type; 100 key_data->key_data_contents[1] = malloc(keysalt->data.length); 101 if (key_data->key_data_contents[1] == NULL) { 102 free(key_data->key_data_contents[0]); 103 return ENOMEM; 104 } 105 memcpy(key_data->key_data_contents[1], 106 keysalt->data.data, 107 keysalt->data.length); 108 key_data->key_data_length[1] = keysalt->data.length; 109 } 110 111 return 0; 112 } 113