diff options
| author | Magnus Holmberg <mho@cvs.openbsd.org> | 2003-05-15 05:43:53 +0000 |
|---|---|---|
| committer | Magnus Holmberg <mho@cvs.openbsd.org> | 2003-05-15 05:43:53 +0000 |
| commit | 804a178370c8968b19371cf196959a2e577dd453 (patch) | |
| tree | d21a1ea9cb2e52158715991a3e206d4b27552b16 /kerberosV | |
| parent | b30f1d4f23ac887928986428c76041f15c89f893 (diff) | |
-Wall; ok hin@
Diffstat (limited to 'kerberosV')
| -rw-r--r-- | kerberosV/src/kdc/string2key.c | 47 | ||||
| -rw-r--r-- | kerberosV/src/lib/krb5/crypto.c | 17 |
2 files changed, 40 insertions, 24 deletions
diff --git a/kerberosV/src/kdc/string2key.c b/kerberosV/src/kdc/string2key.c index 47197a6a045..67f4af1a0c9 100644 --- a/kerberosV/src/kdc/string2key.c +++ b/kerberosV/src/kdc/string2key.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -34,7 +34,7 @@ #include "headers.h" #include <getarg.h> -RCSID("$KTH: string2key.c,v 1.18 1999/12/02 17:05:00 joda Exp $"); +RCSID("$KTH: string2key.c,v 1.20 2003/03/25 12:28:52 joda Exp $"); int version5; int version4; @@ -42,7 +42,7 @@ int afs; char *principal; char *cell; char *password; -char *keytype_str = "des-cbc-md5"; +const char *keytype_str = "des3-cbc-sha1"; int version; int help; @@ -76,8 +76,11 @@ tokey(krb5_context context, { int i; krb5_keyblock key; + char *e; krb5_string_to_key_salt(context, enctype, password, salt, &key); - printf("%s: ", label); + krb5_enctype_to_string(context, enctype, &e); + printf(label, e); + printf(": "); for(i = 0; i < key.keyvalue.length; i++) printf("%02x", ((unsigned char*)key.keyvalue.data)[i]); printf("\n"); @@ -115,23 +118,35 @@ main(int argc, char **argv) version5 = 1; ret = krb5_string_to_enctype(context, keytype_str, &etype); -#if 0 if(ret) { krb5_keytype keytype; + int *etypes; + unsigned num; ret = krb5_string_to_keytype(context, keytype_str, &keytype); - ret = krb5_keytype_to_enctype(context, keytype, &etype); + if(ret) + krb5_err(context, 1, ret, "%s", keytype_str); + ret = krb5_keytype_to_enctypes(context, keytype, &num, &etypes); + if(ret) + krb5_err(context, 1, ret, "%s", keytype_str); + if(num == 0) + krb5_errx(context, 1, "there are no encryption types for that keytype"); + etype = etypes[0]; + krb5_enctype_to_string(context, etype, (char **) &keytype_str); + if(num > 1 && version5) + krb5_warnx(context, "ambiguous keytype, using %s", keytype_str); } -#endif - if(ret) - krb5_err(context, 1, ret, "%s", keytype_str); if((etype != ETYPE_DES_CBC_CRC && etype != ETYPE_DES_CBC_MD4 && etype != ETYPE_DES_CBC_MD5) && - (afs || version4)) - krb5_errx(context, 1, - "DES is the only valid keytype for AFS and Kerberos 4"); - + (afs || version4)) { + if(!version5) { + etype = ETYPE_DES_CBC_CRC; + } else { + krb5_errx(context, 1, + "DES is the only valid keytype for AFS and Kerberos 4"); + } + } if(version5 && principal == NULL){ printf("Kerberos v5 principal: "); @@ -160,20 +175,20 @@ main(int argc, char **argv) if(version5){ krb5_parse_name(context, principal, &princ); krb5_get_pw_salt(context, princ, &salt); - tokey(context, etype, password, salt, "Kerberos v5 key"); + tokey(context, etype, password, salt, "Kerberos 5 (%s)"); krb5_free_salt(context, salt); } if(version4){ salt.salttype = KRB5_PW_SALT; salt.saltvalue.length = 0; salt.saltvalue.data = NULL; - tokey(context, ETYPE_DES_CBC_MD5, password, salt, "Kerberos v4 key"); + tokey(context, ETYPE_DES_CBC_MD5, password, salt, "Kerberos 4"); } if(afs){ salt.salttype = KRB5_AFS3_SALT; salt.saltvalue.length = strlen(cell); salt.saltvalue.data = cell; - tokey(context, ETYPE_DES_CBC_MD5, password, salt, "AFS key"); + tokey(context, ETYPE_DES_CBC_MD5, password, salt, "AFS"); } return 0; } diff --git a/kerberosV/src/lib/krb5/crypto.c b/kerberosV/src/lib/krb5/crypto.c index 32b4bc8c9ec..21f26ff8163 100644 --- a/kerberosV/src/lib/krb5/crypto.c +++ b/kerberosV/src/lib/krb5/crypto.c @@ -293,12 +293,13 @@ krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw, memcpy(&temp_key, "kerberos", 8); des_set_odd_parity (&temp_key); des_set_key (&temp_key, schedule); - des_cbc_cksum (password, &ivec, passlen, schedule, &ivec); + des_cbc_cksum ((des_cblock *) password, &ivec, passlen, schedule, &ivec); memcpy(&temp_key, &ivec, 8); des_set_odd_parity (&temp_key); des_set_key (&temp_key, schedule); - des_cbc_cksum (password, key, passlen, schedule, &ivec); + des_cbc_cksum ((des_cblock *) password, (des_cblock *) key, passlen, + schedule, &ivec); memset(&schedule, 0, sizeof(schedule)); memset(&temp_key, 0, sizeof(temp_key)); memset(&ivec, 0, sizeof(ivec)); @@ -406,8 +407,8 @@ DES3_string_to_key(krb5_context context, des_set_key(keys + i, s[i]); } memset(&ivec, 0, sizeof(ivec)); - des_ede3_cbc_encrypt(tmp, - tmp, sizeof(tmp), + des_ede3_cbc_encrypt((des_cblock *) tmp, + (des_cblock *) tmp, sizeof(tmp), s[0], s[1], s[2], &ivec, DES_ENCRYPT); memset(s, 0, sizeof(s)); memset(&ivec, 0, sizeof(ivec)); @@ -1188,8 +1189,8 @@ RSA_MD4_DES_checksum(krb5_context context, MD4_Update (&md4, data, len); MD4_Final (p + 8, &md4); memset (&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(p, - p, + des_cbc_encrypt((des_cblock *) p, + (des_cblock *) p, 24, key->schedule->data, &ivec, @@ -1263,8 +1264,8 @@ RSA_MD5_DES_checksum(krb5_context context, MD5_Update (&md5, data, len); MD5_Final (p + 8, &md5); memset (&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(p, - p, + des_cbc_encrypt((des_cblock *) p, + (des_cblock *) p, 24, key->schedule->data, &ivec, |