oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add hdb_{,un}seal_key{,_mkey} from Andrew Bartlett <abartlet@samba.org>

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13427 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2004-03-06 18:58:22 +00:00
parent 02bf38f7a1
commit 44cb7e1d74
1 changed files with 102 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
lib/hdb/mkey.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000 - 2002 Kungliga Tekniska H<>gskolan * Copyright (c) 2000 - 2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -372,22 +372,19 @@ find_master_key(Key *key, hdb_master_key mkey)
} }
krb5_error_code krb5_error_code
hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
{ {
int i;
krb5_error_code ret; krb5_error_code ret;
krb5_data res; krb5_data res;
size_t keysize; size_t keysize;
Key *k;
for(i = 0; i < ent->keys.len; i++){
hdb_master_key key; hdb_master_key key;
k = &ent->keys.val[i];
if(k->mkvno == NULL) if(k->mkvno == NULL)
continue; return 0;
key = find_master_key(&ent->keys.val[i], mkey); key = find_master_key(k, mkey);
if (key == NULL) if (key == NULL)
return HDB_ERR_NO_MKEY; return HDB_ERR_NO_MKEY;
@@ -416,6 +413,21 @@ hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
k->key.keyvalue.length = keysize; k->key.keyvalue.length = keysize;
free(k->mkvno); free(k->mkvno);
k->mkvno = NULL; k->mkvno = NULL;
return 0;
}
krb5_error_code
hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
{
int i;
for(i = 0; i < ent->keys.len; i++){
krb5_error_code ret;
ret = hdb_unseal_key_mkey(context, &ent->keys.val[i], mkey);
if (ret)
return ret;
} }
return 0; return 0;
} }
@@ -429,17 +441,22 @@ hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent)
} }
krb5_error_code krb5_error_code
hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) hdb_unseal_key(krb5_context context, HDB *db, Key *k)
{
if (db->hdb_master_key_set == 0)
return 0;
return hdb_unseal_key_mkey(context, k, db->hdb_master_key);
}
krb5_error_code
hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
{ {
int i;
krb5_error_code ret; krb5_error_code ret;
krb5_data res; krb5_data res;
for(i = 0; i < ent->keys.len; i++){
Key *k = &ent->keys.val[i];
hdb_master_key key; hdb_master_key key;
if(k->mkvno != NULL) if(k->mkvno != NULL)
continue; return 0;
key = find_master_key(k, mkey); key = find_master_key(k, mkey);
@@ -461,6 +478,20 @@ hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
if (k->mkvno == NULL) if (k->mkvno == NULL)
return ENOMEM; return ENOMEM;
*k->mkvno = key->keytab.vno; *k->mkvno = key->keytab.vno;
return 0;
}
krb5_error_code
hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
{
int i;
for(i = 0; i < ent->keys.len; i++){
krb5_error_code ret;
ret = hdb_seal_key_mkey(context, &ent->keys.val[i], mkey);
if (ret)
return ret;
} }
return 0; return 0;
} }
@@ -474,6 +505,15 @@ hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent)
return hdb_seal_keys_mkey(context, ent, db->hdb_master_key); return hdb_seal_keys_mkey(context, ent, db->hdb_master_key);
} }
krb5_error_code
hdb_seal_key(krb5_context context, HDB *db, Key *k)
{
if (db->hdb_master_key_set == 0)
return 0;
return hdb_seal_key_mkey(context, k, db->hdb_master_key);
}
krb5_error_code krb5_error_code
hdb_set_master_key (krb5_context context, hdb_set_master_key (krb5_context context,
HDB *db, HDB *db,