xref: /illumos-gate/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/decrypt_tk.c (revision 7c478bd95313f5f23a4c958a745db2134aa03244) 
1 #pragma ident	"%Z%%M%	%I%	%E% SMI"
2 /*
3  * lib/krb5/krb/decrypt_tk.c
4  *
5  * Copyright 1990 by the Massachusetts Institute of Technology.
6  * All Rights Reserved.
7  *
8  * Export of this software from the United States of America may
9  *   require a specific license from the United States Government.
10  *   It is the responsibility of any person or organization contemplating
11  *   export to obtain such a license before exporting.
12  *
13  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
14  * distribute this software and its documentation for any purpose and
15  * without fee is hereby granted, provided that the above copyright
16  * notice appear in all copies and that both that copyright notice and
17  * this permission notice appear in supporting documentation, and that
18  * the name of M.I.T. not be used in advertising or publicity pertaining
19  * to distribution of the software without specific, written prior
20  * permission.  Furthermore if you modify this software you must label
21  * your software as modified software and not distribute it in such a
22  * fashion that it might be confused with the original M.I.T. software.
23  * M.I.T. makes no representations about the suitability of
24  * this software for any purpose.  It is provided "as is" without express
25  * or implied warranty.
26  *
27  *
28  * krb5_decrypt_tkt_part() function.
29  */
30 
31 #include <k5-int.h>
32 
33 /*
34  Decrypts dec_ticket->enc_part
35  using *srv_key, and places result in dec_ticket->enc_part2.
36  The storage of dec_ticket->enc_part2 will be allocated before return.
37 
38  returns errors from encryption routines, system errors
39 
40 */
41 
42 /*ARGSUSED*/
43 KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
44 krb5_decrypt_tkt_part(context, srv_key, ticket)
45     krb5_context context;
46     const krb5_keyblock FAR *srv_key;
47     register krb5_ticket FAR *ticket;
48 {
49     krb5_enc_tkt_part *dec_tkt_part;
50     krb5_data scratch;
51     krb5_error_code retval;
52 
53     if (!valid_enctype(ticket->enc_part.enctype))
54 	return KRB5_PROG_ETYPE_NOSUPP;
55 
56     scratch.length = ticket->enc_part.ciphertext.length;
57     if (!(scratch.data = malloc(ticket->enc_part.ciphertext.length)))
58 	return(ENOMEM);
59 
60     /* call the encryption routine */
61     if (retval = krb5_c_decrypt(context, srv_key,
62 				KRB5_KEYUSAGE_KDC_REP_TICKET, 0,
63 				&ticket->enc_part, &scratch)) {
64 	free(scratch.data);
65 	return retval;
66     }
67 
68 #define clean_scratch() {memset(scratch.data, 0, scratch.length); \
69 free(scratch.data);}
70 
71     /*  now decode the decrypted stuff */
72     retval = decode_krb5_enc_tkt_part(&scratch, &dec_tkt_part);
73     if (!retval) {
74 	ticket->enc_part2 = dec_tkt_part;
75     }
76     clean_scratch();
77     return retval;
78 }
79