6 * Copyright 1989,1990 by the Massachusetts Institute of Technology.
8 * For copying and distribution information, please see the file
11 * Encryption interface-related declarations
14 #include <krb5/copyright.h>
16 #ifndef KRB5_ENCRYPTION__
17 #define KRB5_ENCRYPTION__
19 typedef struct _krb5_keyblock {
25 typedef struct _krb5_checksum {
26 krb5_cksumtype checksum_type; /* checksum type */
31 typedef struct _krb5_encrypt_block {
32 struct _krb5_cryptosystem_entry *crypto_entry;
34 krb5_pointer priv; /* for private use, e.g. DES
38 typedef struct _krb5_enc_data {
44 /* could be used in a table to find an etype and initialize a block */
45 typedef struct _krb5_cryptosystem_entry {
46 krb5_error_code (*encrypt_func) PROTOTYPE((krb5_const_pointer /* in */,
47 krb5_pointer /* out */,
51 krb5_error_code (*decrypt_func) PROTOTYPE((krb5_const_pointer /* in */,
52 krb5_pointer /* out */,
56 krb5_error_code (*process_key) PROTOTYPE((krb5_encrypt_block *,
57 const krb5_keyblock *));
58 krb5_error_code (*finish_key) PROTOTYPE((krb5_encrypt_block *));
59 krb5_error_code (*string_to_key) PROTOTYPE((const krb5_keytype,
62 krb5_const_principal));
63 krb5_error_code (*init_random_key) PROTOTYPE((const krb5_keyblock *,
65 krb5_error_code (*finish_random_key) PROTOTYPE((krb5_pointer *));
66 krb5_error_code (*random_key) PROTOTYPE((krb5_pointer,
69 int pad_minimum; /* needed for cksum size computation */
71 krb5_enctype proto_enctype; /* encryption type,
72 (assigned protocol number AND
74 krb5_keytype proto_keytype; /* key type,
75 (assigned protocol number AND
77 } krb5_cryptosystem_entry;
79 typedef struct _krb5_cs_table_entry {
80 krb5_cryptosystem_entry *system;
81 krb5_pointer random_sequence; /* from init_random_key() */
82 } krb5_cs_table_entry;
84 /* could be used in a table to find a sumtype */
85 typedef struct _krb5_checksum_entry {
86 krb5_error_code (*sum_func) PROTOTYPE ((krb5_pointer /* in */,
87 size_t /* in_length */,
88 krb5_pointer /* key/seed */,
89 size_t /* key/seed size */,
90 krb5_checksum * /* out_cksum */));
91 int checksum_length; /* length of stuff returned by
93 } krb5_checksum_entry;
95 /* per Kerberos v5 protocol spec */
96 #define KEYTYPE_NULL 0x0000
97 #define KEYTYPE_DES 0x0001 /* Data Encryption Standard,
99 #define KEYTYPE_LUCIFER 0x0002 /* Lucifer */
101 #define ETYPE_NULL 0x0000
102 #define ETYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */
103 #define ETYPE_LUCIFER_CRC 0x0002
105 #define CKSUMTYPE_CRC32 0x0001
106 #define CKSUMTYPE_XXX 0x0002
107 #define CKSUMTYPE_XEROX 0x0003
108 #define CKSUMTYPE_DESCBC 0x0004
110 /* macros to determine if a type is a local type */
111 #define KEYTYPE_IS_LOCAL(keytype) (keytype & 0x8000)
112 #define ETYPE_IS_LOCAL(etype) (etype & 0x8000)
113 #define CKSUMTYPE_IS_LOCAL(cksumtype) (cksumtype & 0x8000)
116 /* round x up to nearest multiple of y */
117 #define krb5_roundup(x, y) ((((x) + (y) - 1)/(y))*(y))
120 /* macro function definitions to help clean up code */
121 #define krb5_encrypt_size(length, crypto) \
122 krb5_roundup((length)+(crypto)->pad_minimum, (crypto)->block_length)
124 /* This array is indexed by encryption type */
125 extern krb5_cs_table_entry *krb5_csarray[];
126 extern int krb5_max_cryptosystem; /* max entry in array */
128 /* This array is indexed by key type, and has (should have) pointers to
129 the same entries as krb5_csarray */
130 /* XXX what if a given keytype works for several etypes? */
131 extern krb5_cs_table_entry *krb5_keytype_array[];
132 extern int krb5_max_keytype; /* max entry in array */
134 /* This array is indexed by checksum type */
135 extern krb5_checksum_entry *krb5_cksumarray[];
136 extern int krb5_max_cksum; /* max entry in array */
138 #define valid_etype(etype) ((etype <= krb5_max_cryptosystem) && (etype > 0) && krb5_csarray[etype])
140 #define valid_keytype(ktype) ((ktype <= krb5_max_keytype) && (ktype > 0) && krb5_keytype_array[ktype])
142 #define valid_cksumtype(cktype) ((cktype <= krb5_max_cksum) && (cktype > 0) && krb5_cksumarray[cktype])
145 #define krb5_encrypt(inptr, outptr, size, eblock, ivec) (*(eblock)->crypto_entry->encrypt_func)(inptr, outptr, size, eblock, ivec)
146 #define krb5_decrypt(inptr, outptr, size, eblock, ivec) (*(eblock)->crypto_entry->decrypt_func)(inptr, outptr, size, eblock, ivec)
147 #define krb5_process_key(eblock, key) (*(eblock)->crypto_entry->process_key)(eblock, key)
148 #define krb5_finish_key(eblock) (*(eblock)->crypto_entry->finish_key)(eblock)
149 #define krb5_string_to_key(eblock, keytype, keyblock, data, princ) (*(eblock)->crypto_entry->string_to_key)(keytype, keyblock, data, princ)
150 #define krb5_init_random_key(eblock, keyblock, ptr) (*(eblock)->crypto_entry->init_random_key)(keyblock, ptr)
151 #define krb5_finish_random_key(eblock, ptr) (*(eblock)->crypto_entry->finish_random_key)(ptr)
152 #define krb5_random_key(eblock, ptr, keyblock) (*(eblock)->crypto_entry->random_key)(ptr, keyblock)
154 #endif /* KRB5_ENCRYPTION__ */