From 1853769ca18a5433f9f58bd6967059c49c2446de Mon Sep 17 00:00:00 2001
From: Johan Danielsson <joda@pdc.kth.se>
Date: Sat, 9 Aug 1997 00:17:13 +0000
Subject: [PATCH] Move seal/unseal functions here from various places.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2840 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hdb/hdb.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/lib/hdb/hdb.c b/lib/hdb/hdb.c
index 8b9435a02..53931a27a 100644
--- a/lib/hdb/hdb.c
+++ b/lib/hdb/hdb.c
@@ -158,6 +158,50 @@ hdb_etype2key(krb5_context context,
     return hdb_next_etype2key(context,e, etype, key);
 }
 
+/* this is really ugly, bus has to be this way until the crypto
+   framework gets fixed */
+
+Key *
+hdb_unseal_key(Key *key, des_key_schedule master_key)
+{
+    des_cblock iv;
+    int num = 0;
+    Key *new_key;
+
+    new_key = malloc(sizeof(*new_key));
+    copy_Key(key, new_key);
+    memset(&iv, 0, sizeof(iv));
+    des_cfb64_encrypt(key->key.keyvalue.data, 
+		      new_key->key.keyvalue.data, 
+		      key->key.keyvalue.length, 
+		      master_key, &iv, &num, 0);
+    return new_key;
+}
+
+void
+hdb_seal_key(Key *key, des_key_schedule master_key)
+{
+    des_cblock iv;
+    int num = 0;
+
+    memset(&iv, 0, sizeof(iv));
+    des_cfb64_encrypt(key->key.keyvalue.data, 
+		      key->key.keyvalue.data, 
+		      key->key.keyvalue.length, 
+		      master_key, &iv, &num, 1);
+}
+
+void
+hdb_free_key(Key *key)
+{
+    memset(key->key.keyvalue.data, 
+	   0,
+	   key->key.keyvalue.length);
+    free_Key(key);
+    free(key);
+}
+
+
 krb5_error_code
 hdb_lock(int fd, int operation)
 {