etc/services - sync with NetBSD-8
[minix.git] / crypto / external / bsd / heimdal / dist / lib / krb5 / mk_rep.c
blob4719d811d2552ac0d8a75ff309de287ae418d22a
1 /* $NetBSD: mk_rep.c,v 1.1.1.2 2014/04/24 12:45:50 pettai Exp $ */
3 /*
4 * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
36 #include "krb5_locl.h"
38 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
39 krb5_mk_rep(krb5_context context,
40 krb5_auth_context auth_context,
41 krb5_data *outbuf)
43 krb5_error_code ret;
44 AP_REP ap;
45 EncAPRepPart body;
46 u_char *buf = NULL;
47 size_t buf_size;
48 size_t len = 0;
49 krb5_crypto crypto;
51 ap.pvno = 5;
52 ap.msg_type = krb_ap_rep;
54 memset (&body, 0, sizeof(body));
56 body.ctime = auth_context->authenticator->ctime;
57 body.cusec = auth_context->authenticator->cusec;
58 if (auth_context->flags & KRB5_AUTH_CONTEXT_USE_SUBKEY) {
59 if (auth_context->local_subkey == NULL) {
60 ret = krb5_auth_con_generatelocalsubkey(context,
61 auth_context,
62 auth_context->keyblock);
63 if(ret) {
64 free_EncAPRepPart(&body);
65 return ret;
68 ret = krb5_copy_keyblock(context, auth_context->local_subkey,
69 &body.subkey);
70 if (ret) {
71 free_EncAPRepPart(&body);
72 krb5_set_error_message(context, ENOMEM,
73 N_("malloc: out of memory", ""));
74 return ENOMEM;
76 } else
77 body.subkey = NULL;
78 if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
79 if(auth_context->local_seqnumber == 0)
80 krb5_generate_seq_number (context,
81 auth_context->keyblock,
82 &auth_context->local_seqnumber);
83 ALLOC(body.seq_number, 1);
84 if (body.seq_number == NULL) {
85 krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
86 free_EncAPRepPart(&body);
87 return ENOMEM;
89 *(body.seq_number) = auth_context->local_seqnumber;
90 } else
91 body.seq_number = NULL;
93 ap.enc_part.etype = auth_context->keyblock->keytype;
94 ap.enc_part.kvno = NULL;
96 ASN1_MALLOC_ENCODE(EncAPRepPart, buf, buf_size, &body, &len, ret);
97 free_EncAPRepPart (&body);
98 if(ret)
99 return ret;
100 if (buf_size != len)
101 krb5_abortx(context, "internal error in ASN.1 encoder");
102 ret = krb5_crypto_init(context, auth_context->keyblock,
103 0 /* ap.enc_part.etype */, &crypto);
104 if (ret) {
105 free (buf);
106 return ret;
108 ret = krb5_encrypt (context,
109 crypto,
110 KRB5_KU_AP_REQ_ENC_PART,
111 buf + buf_size - len,
112 len,
113 &ap.enc_part.cipher);
114 krb5_crypto_destroy(context, crypto);
115 free(buf);
116 if (ret)
117 return ret;
119 ASN1_MALLOC_ENCODE(AP_REP, outbuf->data, outbuf->length, &ap, &len, ret);
120 if (ret == 0 && outbuf->length != len)
121 krb5_abortx(context, "internal error in ASN.1 encoder");
122 free_AP_REP (&ap);
123 return ret;