1  /*
 2   * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
 3   * (Royal Institute of Technology, Stockholm, Sweden).
 4   * All rights reserved.
 5   *
 6   * Redistribution and use in source and binary forms, with or without
 7   * modification, are permitted provided that the following conditions
 8   * are met:
 9   *
10   * 1. Redistributions of source code must retain the above copyright
11   *    notice, this list of conditions and the following disclaimer.
12   *
13   * 2. Redistributions in binary form must reproduce the above copyright
14   *    notice, this list of conditions and the following disclaimer in the
15   *    documentation and/or other materials provided with the distribution.
16   *
17   * 3. Neither the name of the Institute nor the names of its contributors
18   *    may be used to endorse or promote products derived from this software
19   *    without specific prior written permission.
20   *
21   * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22   * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24   * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25   * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26   * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27   * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28   * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29   * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30   * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31   * SUCH DAMAGE.
32   */
33  
34  #include "krb5_locl.h"
35  
36  /**
37   * Generate subkey, from keyblock
38   *
39   * @param context kerberos context
40   * @param key session key
41   * @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype
42   * @param subkey returned new, free with krb5_free_keyblock().
43   *
44   * @return 0 on success or a Kerberos 5 error code
45   *
46  * @ingroup krb5_crypto
47   */
48  
49  KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
50  krb5_generate_subkey_extended(krb5_context context,
51  			      const krb5_keyblock *key,
52  			      krb5_enctype etype,
53  			      krb5_keyblock **subkey)
54  {
55      krb5_error_code ret;
56  
57      ALLOC(*subkey, 1);
58      if (*subkey == NULL) {
59  	krb5_set_error_message(context, ENOMEM,N_("malloc: out of memory", ""));
60  	return ENOMEM;
61      }
62  
63      if (etype == ETYPE_NULL)
64  	etype = key->keytype; /* use session key etype */
65  
66      /* XXX should we use the session key as input to the RF? */
67      ret = krb5_generate_random_keyblock(context, etype, *subkey);
68      if (ret != 0) {
69  	free(*subkey);
70  	*subkey = NULL;
71      }
72  
73      return ret;
74  }
75