本文整理汇总了C++中empty_data函数的典型用法代码示例。如果您正苦于以下问题:C++ empty_data函数的具体用法?C++ empty_data怎么用?C++ empty_data使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了empty_data函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: set_caller_request
/*
* Fill in the caller out, realm, and flags output variables. out is filled in
* with ctx->previous_request, which the caller should set, and realm is filled
* in with the realm of ctx->cur_tgt.
*/
static krb5_error_code
set_caller_request(krb5_context context, krb5_tkt_creds_context ctx)
{
krb5_error_code code;
const krb5_data *req = &ctx->previous_request;
const krb5_data *realm = &ctx->cur_tgt->server->data[1];
krb5_data out_copy = empty_data(), realm_copy = empty_data();
code = krb5int_copy_data_contents(context, req, &out_copy);
if (code != 0)
goto cleanup;
code = krb5int_copy_data_contents(context, realm, &realm_copy);
if (code != 0)
goto cleanup;
*ctx->caller_out = out_copy;
*ctx->caller_realm = realm_copy;
*ctx->caller_flags = KRB5_TKT_CREDS_STEP_FLAG_CONTINUE;
return 0;
cleanup:
krb5_free_data_contents(context, &out_copy);
krb5_free_data_contents(context, &realm_copy);
return code;
}
开发者ID:secure-endpoints,项目名称:mit-krb5,代码行数:30,代码来源:get_creds.c
示例2: krb5int_hmacmd5_checksum
krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp,
krb5_key key, krb5_keyusage usage,
const krb5_crypto_iov *data,
size_t num_data,
krb5_data *output)
{
krb5_keyusage ms_usage;
krb5_error_code ret;
krb5_keyblock ks, *keyblock;
krb5_crypto_iov *hash_iov = NULL, iov;
krb5_data ds = empty_data(), hashval = empty_data();
char t[4];
if (key == NULL || key->keyblock.length > ctp->hash->blocksize)
return KRB5_BAD_ENCTYPE;
if (ctp->ctype == CKSUMTYPE_HMAC_MD5_ARCFOUR) {
/* Compute HMAC(key, "signaturekey\0") to get the signing key ks. */
ret = alloc_data(&ds, ctp->hash->hashsize);
if (ret != 0)
goto cleanup;
iov.flags = KRB5_CRYPTO_TYPE_DATA;
iov.data = make_data("signaturekey", 13);
ret = krb5int_hmac(ctp->hash, key, &iov, 1, &ds);
if (ret)
goto cleanup;
ks.length = key->keyblock.length;
ks.contents = (krb5_octet *) ds.data;
keyblock = &ks;
} else /* For md5-hmac, just use the key. */
keyblock = &key->keyblock;
/* Compute the MD5 value of the input. */
ms_usage = krb5int_arcfour_translate_usage(usage);
store_32_le(ms_usage, t);
hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret);
if (hash_iov == NULL)
goto cleanup;
hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
hash_iov[0].data = make_data(t, 4);
memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov));
ret = alloc_data(&hashval, ctp->hash->hashsize);
if (ret != 0)
goto cleanup;
ret = ctp->hash->hash(hash_iov, num_data + 1, &hashval);
if (ret != 0)
goto cleanup;
/* Compute HMAC(ks, md5value). */
iov.flags = KRB5_CRYPTO_TYPE_DATA;
iov.data = hashval;
ret = krb5int_hmac_keyblock(ctp->hash, keyblock, &iov, 1, output);
cleanup:
zapfree(ds.data, ds.length);
zapfree(hashval.data, hashval.length);
free(hash_iov);
return ret;
}
开发者ID:ln5,项目名称:krb5-anonsvn,代码行数:59,代码来源:checksum_hmac_md5.c
示例3: krb5_mk_priv
krb5_error_code KRB5_CALLCONV
krb5_mk_priv(krb5_context context, krb5_auth_context authcon,
const krb5_data *userdata, krb5_data *der_out,
krb5_replay_data *rdata_out)
{
krb5_error_code ret;
krb5_key key;
krb5_replay_data rdata;
krb5_data der_krbpriv = empty_data();
krb5_enc_data enc;
krb5_address *local_addr, *remote_addr, lstorage, rstorage;
*der_out = empty_data();
memset(&enc, 0, sizeof(enc));
memset(&lstorage, 0, sizeof(lstorage));
memset(&rstorage, 0, sizeof(rstorage));
if (!authcon->local_addr)
return KRB5_LOCAL_ADDR_REQUIRED;
ret = k5_privsafe_gen_rdata(context, authcon, &rdata, rdata_out);
if (ret)
goto cleanup;
ret = k5_privsafe_gen_addrs(context, authcon, &lstorage, &rstorage,
&local_addr, &remote_addr);
if (ret)
goto cleanup;
key = (authcon->send_subkey != NULL) ? authcon->send_subkey : authcon->key;
ret = create_krbpriv(context, userdata, key, &rdata, local_addr,
remote_addr, &authcon->cstate, &der_krbpriv, &enc);
if (ret)
goto cleanup;
ret = k5_privsafe_check_replay(context, authcon, NULL, &enc, NULL);
if (ret)
goto cleanup;
*der_out = der_krbpriv;
der_krbpriv = empty_data();
if ((authcon->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) ||
(authcon->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE))
authcon->local_seq_number++;
cleanup:
krb5_free_data_contents(context, &der_krbpriv);
zapfree(enc.ciphertext.data, enc.ciphertext.length);
free(lstorage.contents);
free(rstorage.contents);
return ret;
}
开发者ID:krb5,项目名称:krb5,代码行数:51,代码来源:mk_priv.c
示例4: ktest_make_sample_sam_challenge_2_body
void
ktest_make_sample_sam_challenge_2_body(krb5_sam_challenge_2_body *p)
{
p->sam_type = 42;
p->sam_flags = KRB5_SAM_USE_SAD_AS_KEY;
krb5_data_parse(&p->sam_type_name, "type name");
p->sam_track_id = empty_data();
krb5_data_parse(&p->sam_challenge_label, "challenge label");
krb5_data_parse(&p->sam_challenge, "challenge ipse");
krb5_data_parse(&p->sam_response_prompt, "response_prompt ipse");
p->sam_pk_for_sad = empty_data();
p->sam_nonce = 0x543210;
p->sam_etype = ENCTYPE_DES_CBC_CRC;
}
开发者ID:WeiY,项目名称:krb5,代码行数:14,代码来源:ktest.c
示例5: make_request
/*
* Set up the request given by ctx->tgs_in_creds, using ctx->cur_tgt. KDC
* options for the requests are determined by ctx->cur_tgt->ticket_flags and
* extra_options.
*/
static krb5_error_code
make_request(krb5_context context, krb5_tkt_creds_context ctx,
int extra_options)
{
krb5_error_code code;
krb5_data request = empty_data();
ctx->kdcopt = extra_options | FLAGS2OPTS(ctx->cur_tgt->ticket_flags);
/* XXX This check belongs in gc_via_tgt.c or nowhere. */
if (!krb5_c_valid_enctype(ctx->cur_tgt->keyblock.enctype))
return KRB5_PROG_ETYPE_NOSUPP;
code = krb5int_make_tgs_request(context, ctx->cur_tgt, ctx->kdcopt,
ctx->cur_tgt->addresses, NULL,
ctx->tgs_in_creds, NULL, NULL, &request,
&ctx->timestamp, &ctx->nonce,
&ctx->subkey);
if (code != 0)
return code;
krb5_free_data_contents(context, &ctx->previous_request);
ctx->previous_request = request;
return set_caller_request(context, ctx);
}
开发者ID:secure-endpoints,项目名称:mit-krb5,代码行数:30,代码来源:get_creds.c
示例6: collect_pin
/* Determines if a pin is required. If it is, it will be prompted for. */
static inline krb5_error_code
collect_pin(krb5_context context, krb5_prompter_fct prompter,
void *prompter_data, const krb5_otp_tokeninfo *ti,
krb5_data *out_pin)
{
krb5_error_code retval;
char otppin[1024];
krb5_flags collect;
krb5_data pin;
/* If no PIN will be collected, don't prompt. */
collect = ti->flags & (KRB5_OTP_FLAG_COLLECT_PIN |
KRB5_OTP_FLAG_SEPARATE_PIN);
if (collect == 0) {
*out_pin = empty_data();
return 0;
}
/* Collect the PIN. */
retval = doprompt(context, prompter, prompter_data, NULL,
_("OTP Token PIN"), otppin, sizeof(otppin));
if (retval != 0)
return retval;
/* Set the PIN. */
pin = make_data(strdup(otppin), strlen(otppin));
if (pin.data == NULL)
return ENOMEM;
*out_pin = pin;
return 0;
}
开发者ID:Akasurde,项目名称:krb5,代码行数:33,代码来源:preauth_otp.c
示例7: ktest_make_sha256_alg
void
ktest_make_sha256_alg(krb5_algorithm_identifier *p)
{
/* { 2 16 840 1 101 3 4 2 1 } */
krb5_data_parse(&p->algorithm, "\x60\x86\x48\x01\x65\x03\x04\x02\x01");
p->parameters = empty_data();
}
开发者ID:WeiY,项目名称:krb5,代码行数:7,代码来源:ktest.c
示例8: principal2salt_internal
/*
* Convert a krb5_principal into the default salt for that principal.
*/
static krb5_error_code
principal2salt_internal(krb5_context context, krb5_const_principal pr,
krb5_data *ret, int use_realm)
{
unsigned int size = 0, offset=0;
krb5_int32 i;
*ret = empty_data();
if (pr == NULL)
return 0;
if (use_realm)
size += pr->realm.length;
for (i = 0; i < pr->length; i++)
size += pr->data[i].length;
if (alloc_data(ret, size))
return ENOMEM;
if (use_realm) {
offset = pr->realm.length;
if (offset > 0)
memcpy(ret->data, pr->realm.data, offset);
}
for (i = 0; i < pr->length; i++) {
if (pr->data[i].length > 0)
memcpy(&ret->data[offset], pr->data[i].data, pr->data[i].length);
offset += pr->data[i].length;
}
return 0;
}
开发者ID:PADL,项目名称:krb5,代码行数:36,代码来源:pr_to_salt.c
示例9: ktest_make_sha1_alg
void
ktest_make_sha1_alg(krb5_algorithm_identifier *p)
{
/* { 1 3 14 3 2 26 } */
krb5_data_parse(&p->algorithm, "\x2b\x0e\x03\x02\x1a");
p->parameters = empty_data();
}
开发者ID:WeiY,项目名称:krb5,代码行数:7,代码来源:ktest.c
示例10: krb5int_derive_keyblock
/*
* Compute a derived key into the keyblock outkey. This variation on
* krb5int_derive_key does not cache the result, as it is only used
* directly in situations which are not expected to be repeated with
* the same inkey and constant.
*/
krb5_error_code
krb5int_derive_keyblock(const struct krb5_enc_provider *enc,
krb5_key inkey, krb5_keyblock *outkey,
const krb5_data *in_constant)
{
krb5_error_code ret;
krb5_data rawkey = empty_data();
/* Allocate a buffer for the raw key bytes. */
ret = alloc_data(&rawkey, enc->keybytes);
if (ret)
goto cleanup;
/* Derive pseudo-random data for the key bytes. */
ret = krb5int_derive_random(enc, inkey, &rawkey, in_constant);
if (ret)
goto cleanup;
/* Postprocess the key. */
ret = enc->make_key(&rawkey, outkey);
cleanup:
zapfree(rawkey.data, enc->keybytes);
return ret;
}
开发者ID:ystk,项目名称:debian-krb5,代码行数:31,代码来源:derive.c
示例11: decrypt_encpart
/*
* Decrypt and decode the enc_part of a krb5_cred using the receiving subkey or
* the session key of authcon. If neither key is present, ctext->ciphertext is
* assumed to be unencrypted plain text (RFC 6448).
*/
static krb5_error_code
decrypt_encpart(krb5_context context, krb5_enc_data *ctext,
krb5_auth_context authcon, krb5_cred_enc_part **encpart_out)
{
krb5_error_code ret;
krb5_data plain = empty_data();
krb5_boolean decrypted = FALSE;
*encpart_out = NULL;
if (authcon->recv_subkey == NULL && authcon->key == NULL)
return decode_krb5_enc_cred_part(&ctext->ciphertext, encpart_out);
ret = alloc_data(&plain, ctext->ciphertext.length);
if (ret)
return ret;
if (authcon->recv_subkey != NULL) {
ret = krb5_k_decrypt(context, authcon->recv_subkey,
KRB5_KEYUSAGE_KRB_CRED_ENCPART, 0, ctext, &plain);
decrypted = (ret == 0);
}
if (!decrypted && authcon->key != NULL) {
ret = krb5_k_decrypt(context, authcon->key,
KRB5_KEYUSAGE_KRB_CRED_ENCPART, 0, ctext, &plain);
decrypted = (ret == 0);
}
if (decrypted)
ret = decode_krb5_enc_cred_part(&plain, encpart_out);
zapfree(plain.data, plain.length);
return ret;
}
开发者ID:krb5,项目名称:krb5,代码行数:36,代码来源:rd_cred.c
示例12: prepare_error_as
static krb5_error_code
prepare_error_as (struct kdc_request_state *rstate, krb5_kdc_req *request,
int error, krb5_pa_data **e_data, krb5_boolean typed_e_data,
krb5_principal canon_client, krb5_data **response,
const char *status)
{
krb5_error errpkt;
krb5_error_code retval;
krb5_data *scratch = NULL, *e_data_asn1 = NULL, *fast_edata = NULL;
kdc_realm_t *kdc_active_realm = rstate->realm_data;
errpkt.ctime = request->nonce;
errpkt.cusec = 0;
retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec);
if (retval)
return retval;
errpkt.error = error;
errpkt.server = request->server;
errpkt.client = (error == KRB5KDC_ERR_WRONG_REALM) ? canon_client :
request->client;
errpkt.text = string2data((char *)status);
if (e_data != NULL) {
if (typed_e_data)
retval = encode_krb5_typed_data(e_data, &e_data_asn1);
else
retval = encode_krb5_padata_sequence(e_data, &e_data_asn1);
if (retval)
goto cleanup;
errpkt.e_data = *e_data_asn1;
} else
errpkt.e_data = empty_data();
retval = kdc_fast_handle_error(kdc_context, rstate, request, e_data,
&errpkt, &fast_edata);
if (retval)
goto cleanup;
if (fast_edata != NULL)
errpkt.e_data = *fast_edata;
scratch = k5alloc(sizeof(*scratch), &retval);
if (scratch == NULL)
goto cleanup;
if (kdc_fast_hide_client(rstate) && errpkt.client != NULL)
errpkt.client = (krb5_principal)krb5_anonymous_principal();
retval = krb5_mk_error(kdc_context, &errpkt, scratch);
if (retval)
goto cleanup;
*response = scratch;
scratch = NULL;
cleanup:
krb5_free_data(kdc_context, fast_edata);
krb5_free_data(kdc_context, e_data_asn1);
free(scratch);
return retval;
}
开发者ID:drankye,项目名称:kerb-token,代码行数:59,代码来源:do_as_req.c
示例13: krb5_parse_name_flags
krb5_error_code KRB5_CALLCONV
krb5_parse_name_flags(krb5_context context, const char *name,
int flags, krb5_principal *principal_out)
{
krb5_error_code ret;
krb5_principal princ = NULL;
char *default_realm;
krb5_boolean has_realm;
krb5_boolean enterprise = (flags & KRB5_PRINCIPAL_PARSE_ENTERPRISE);
krb5_boolean require_realm = (flags & KRB5_PRINCIPAL_PARSE_REQUIRE_REALM);
krb5_boolean no_realm = (flags & KRB5_PRINCIPAL_PARSE_NO_REALM);
krb5_boolean ignore_realm = (flags & KRB5_PRINCIPAL_PARSE_IGNORE_REALM);
*principal_out = NULL;
ret = allocate_princ(context, name, enterprise, &princ, &has_realm);
if (ret)
goto cleanup;
parse_name_into_princ(name, enterprise, princ);
/*
* If a realm was not found, then use the default realm, unless
* KRB5_PRINCIPAL_PARSE_NO_REALM was specified in which case the
* realm will be empty.
*/
if (!has_realm) {
if (require_realm) {
ret = KRB5_PARSE_MALFORMED;
krb5_set_error_message(context, ret,
_("Principal %s is missing required realm"),
name);
goto cleanup;
}
if (!no_realm && !ignore_realm) {
ret = krb5_get_default_realm(context, &default_realm);
if (ret)
goto cleanup;
princ->realm = string2data(default_realm);
}
} else if (no_realm) {
ret = KRB5_PARSE_MALFORMED;
krb5_set_error_message(context, ret,
_("Principal %s has realm present"), name);
goto cleanup;
} else if (ignore_realm) {
krb5_free_data_contents(context, &princ->realm);
princ->realm = empty_data();
}
princ->type = (enterprise) ? KRB5_NT_ENTERPRISE_PRINCIPAL :
KRB5_NT_PRINCIPAL;
princ->magic = KV5M_PRINCIPAL;
*principal_out = princ;
princ = NULL;
cleanup:
krb5_free_principal(context, princ);
return ret;
}
开发者ID:irush-cs,项目名称:krb5,代码行数:59,代码来源:parse.c
示例14: remember_realm
/* Add realm to ctx->realms_seen so that we can avoid revisiting it later. */
static krb5_error_code
remember_realm(krb5_context context, krb5_tkt_creds_context ctx,
const krb5_data *realm)
{
size_t len = 0;
krb5_data *new_list;
if (ctx->realms_seen != NULL) {
for (len = 0; ctx->realms_seen[len].data != NULL; len++);
}
new_list = realloc(ctx->realms_seen, (len + 2) * sizeof(krb5_data));
if (new_list == NULL)
return ENOMEM;
ctx->realms_seen = new_list;
new_list[len] = empty_data();
new_list[len + 1] = empty_data();
return krb5int_copy_data_contents(context, realm, &new_list[len]);
}
开发者ID:secure-endpoints,项目名称:mit-krb5,代码行数:19,代码来源:get_creds.c
示例15: krb5_k_decrypt
krb5_error_code KRB5_CALLCONV
krb5_k_decrypt(krb5_context context, krb5_key key,
krb5_keyusage usage, const krb5_data *ivec,
const krb5_enc_data *input, krb5_data *output)
{
const struct krb5_keytypes *ktp;
krb5_crypto_iov iov[4];
krb5_error_code ret;
unsigned int header_len, trailer_len, plain_len;
char *scratch = NULL;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL)
return KRB5_BAD_ENCTYPE;
if (input->enctype != ENCTYPE_UNKNOWN && ktp->etype != input->enctype)
return KRB5_BAD_ENCTYPE;
/* Verify the input and output lengths. */
header_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_HEADER);
trailer_len = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER);
if (input->ciphertext.length < header_len + trailer_len)
return KRB5_BAD_MSIZE;
plain_len = input->ciphertext.length - header_len - trailer_len;
if (output->length < plain_len)
return KRB5_BAD_MSIZE;
scratch = k5alloc(header_len + trailer_len, &ret);
if (scratch == NULL)
return ret;
iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
iov[0].data = make_data(scratch, header_len);
memcpy(iov[0].data.data, input->ciphertext.data, header_len);
iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
iov[1].data = make_data(output->data, plain_len);
memcpy(iov[1].data.data, input->ciphertext.data + header_len, plain_len);
/* Use empty padding since tokens don't indicate the padding length. */
iov[2].flags = KRB5_CRYPTO_TYPE_PADDING;
iov[2].data = empty_data();
iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER;
iov[3].data = make_data(scratch + header_len, trailer_len);
memcpy(iov[3].data.data, input->ciphertext.data + header_len + plain_len,
trailer_len);
ret = ktp->decrypt(ktp, key, usage, ivec, iov, 4);
if (ret != 0)
zap(output->data, plain_len);
else
output->length = plain_len;
zapfree(scratch, header_len + trailer_len);
return ret;
}
开发者ID:secure-endpoints,项目名称:mit-krb5,代码行数:56,代码来源:decrypt.c
示例16: krb5_tkt_creds_step
krb5_error_code KRB5_CALLCONV
krb5_tkt_creds_step(krb5_context context, krb5_tkt_creds_context ctx,
krb5_data *in, krb5_data *out, krb5_data *realm,
unsigned int *flags)
{
krb5_error_code code;
krb5_boolean no_input = (in == NULL || in->length == 0);
*out = empty_data();
*realm = empty_data();
*flags = 0;
/* We should receive an empty input on the first step only, and should not
* get called after completion. */
if (no_input != (ctx->state == STATE_BEGIN) ||
ctx->state == STATE_COMPLETE)
return EINVAL;
ctx->caller_out = out;
ctx->caller_realm = realm;
ctx->caller_flags = flags;
if (!no_input) {
/* Convert the input token into a credential and store it in ctx. */
code = get_creds_from_tgs_reply(context, ctx, in);
if (code != 0)
return code;
}
if (ctx->state == STATE_BEGIN)
return begin(context, ctx);
else if (ctx->state == STATE_GET_TGT)
return step_get_tgt(context, ctx);
else if (ctx->state == STATE_GET_TGT_OFFPATH)
return step_get_tgt_offpath(context, ctx);
else if (ctx->state == STATE_REFERRALS)
return step_referrals(context, ctx);
else if (ctx->state == STATE_NON_REFERRAL)
return step_non_referral(context, ctx);
else
return EINVAL;
}
开发者ID:secure-endpoints,项目名称:mit-krb5,代码行数:42,代码来源:get_creds.c
示例17: krb5int_confounder_verify
krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp,
krb5_key key, krb5_keyusage usage,
const krb5_crypto_iov *data,
size_t num_data,
const krb5_data *input,
krb5_boolean *valid)
{
krb5_error_code ret;
unsigned char *plaintext = NULL;
krb5_key xorkey = NULL;
krb5_data computed = empty_data();
krb5_crypto_iov *hash_iov = NULL, iov;
size_t blocksize = ctp->enc->block_size, hashsize = ctp->hash->hashsize;
plaintext = k5memdup(input->data, input->length, &ret);
if (plaintext == NULL)
return ret;
ret = mk_xorkey(key, &xorkey);
if (ret != 0)
goto cleanup;
/* Decrypt the input checksum. */
iov.flags = KRB5_CRYPTO_TYPE_DATA;
iov.data = make_data(plaintext, input->length);
ret = ctp->enc->decrypt(xorkey, NULL, &iov, 1);
if (ret != 0)
goto cleanup;
/* Hash the confounder, then the input data. */
hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret);
if (hash_iov == NULL)
goto cleanup;
hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
hash_iov[0].data = make_data(plaintext, blocksize);
memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov));
ret = alloc_data(&computed, hashsize);
if (ret != 0)
goto cleanup;
ret = ctp->hash->hash(hash_iov, num_data + 1, &computed);
if (ret != 0)
goto cleanup;
/* Compare the decrypted hash to the computed one. */
*valid = (memcmp(plaintext + blocksize, computed.data, hashsize) == 0);
cleanup:
zapfree(plaintext, input->length);
zapfree(computed.data, hashsize);
free(hash_iov);
krb5_k_free_key(NULL, xorkey);
return ret;
}
开发者ID:davidben,项目名称:krb5,代码行数:53,代码来源:checksum_confounder.c
示例18: derive_random_rfc3961
static krb5_error_code
derive_random_rfc3961(const struct krb5_enc_provider *enc,
krb5_key inkey, krb5_data *outrnd,
const krb5_data *in_constant)
{
size_t blocksize, keybytes, n;
krb5_error_code ret;
krb5_data block = empty_data();
blocksize = enc->block_size;
keybytes = enc->keybytes;
if (blocksize == 1)
return KRB5_BAD_ENCTYPE;
if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes)
return KRB5_CRYPTO_INTERNAL;
/* Allocate encryption data buffer. */
ret = alloc_data(&block, blocksize);
if (ret)
return ret;
/* Initialize the input block. */
if (in_constant->length == blocksize) {
memcpy(block.data, in_constant->data, blocksize);
} else {
krb5int_nfold(in_constant->length * 8,
(unsigned char *) in_constant->data,
blocksize * 8, (unsigned char *) block.data);
}
/* Loop encrypting the blocks until enough key bytes are generated. */
n = 0;
while (n < keybytes) {
ret = encrypt_block(enc, inkey, &block);
if (ret)
goto cleanup;
if ((keybytes - n) <= blocksize) {
memcpy(outrnd->data + n, block.data, (keybytes - n));
break;
}
memcpy(outrnd->data + n, block.data, blocksize);
n += blocksize;
}
cleanup:
zapfree(block.data, blocksize);
return ret;
}
开发者ID:Baalmart,项目名称:krb5,代码行数:51,代码来源:derive.c
示例19: krb5int_dk_cmac_encrypt
krb5_error_code
krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, krb5_key key,
krb5_keyusage usage, const krb5_data *ivec,
krb5_crypto_iov *data, size_t num_data)
{
const struct krb5_enc_provider *enc = ktp->enc;
krb5_error_code ret;
krb5_crypto_iov *header, *trailer, *padding;
krb5_data cksum = empty_data();
krb5_key ke = NULL, ki = NULL;
/* E(Confounder | Plaintext | Pad) | Checksum */
/* Validate header and trailer lengths, and zero out padding length. */
header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER);
if (header == NULL || header->data.length < enc->block_size)
return KRB5_BAD_MSIZE;
trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER);
if (trailer == NULL || trailer->data.length < enc->block_size)
return KRB5_BAD_MSIZE;
padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING);
if (padding != NULL)
padding->data.length = 0;
/* Derive the encryption and integrity keys. */
ret = derive_keys(enc, key, usage, &ke, &ki);
if (ret != 0)
goto cleanup;
/* Generate confounder. */
header->data.length = enc->block_size;
ret = krb5_c_random_make_octets(NULL, &header->data);
if (ret != 0)
goto cleanup;
/* Checksum the plaintext. */
ret = krb5int_cmac_checksum(enc, ki, data, num_data, &trailer->data);
if (ret != 0)
goto cleanup;
/* Encrypt the plaintext (header | data | padding) */
ret = enc->encrypt(ke, ivec, data, num_data);
if (ret != 0)
goto cleanup;
cleanup:
krb5_k_free_key(NULL, ke);
krb5_k_free_key(NULL, ki);
zapfree(cksum.data, cksum.length);
return ret;
}
开发者ID:Brainiarc7,项目名称:pbis,代码行数:51,代码来源:dk_cmac.c
示例20: krb5int_rd_chpw_rep
krb5_error_code
krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context,
krb5_data *packet, int *result_code_out,
krb5_data *result_data_out)
{
krb5_error_code ret;
krb5_data result_data, *clear = NULL;
krb5_boolean is_error;
char *ptr;
int result_code;
*result_code_out = 0;
*result_data_out = empty_data();
ret = get_clear_result(context, auth_context, packet, &clear, &is_error);
if (ret)
return ret;
if (clear->length < 2) {
ret = KRB5KRB_AP_ERR_MODIFIED;
goto cleanup;
}
/* Decode and check the result code. */
ptr = clear->data;
result_code = (*ptr++ & 0xff);
result_code = (result_code << 8) | (*ptr++ & 0xff);
if (result_code < KRB5_KPASSWD_SUCCESS ||
result_code > KRB5_KPASSWD_INITIAL_FLAG_NEEDED) {
ret = KRB5KRB_AP_ERR_MODIFIED;
goto cleanup;
}
/* Successful replies must not come from errors. */
if (is_error && result_code == KRB5_KPASSWD_SUCCESS) {
ret = KRB5KRB_AP_ERR_MODIFIED;
goto cleanup;
}
result_data = make_data(ptr, clear->data + clear->length - ptr);
ret = krb5int_copy_data_contents(context, &result_data, result_data_out);
if (ret)
goto cleanup;
*result_code_out = result_code;
cleanup:
krb5_free_data(context, clear);
return ret;
}
开发者ID:jmoldow,项目名称:krb5,代码行数:49,代码来源:chpw.c
注:本文中的empty_data函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论