Remove declarations of the cryptosystem specific structures to

raw-des.c and des-crc.c in the parent directory.  They're strictly
speaking not DES specific.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4506 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog
index bf4c17306f2e84eba355aa1f4cf093099445e6f2..31371e9b492e53d33ddb109a5c05059bf6566d76 100644 (file)
--- a/src/lib/crypto/des/ChangeLog
+++ b/src/lib/crypto/des/ChangeLog
@@ -1,3 +1,15 @@
+Fri Oct 14 00:33:17 1994  Theodore Y. Ts'o  (tytso@dcl)
+
+       * des_int.h, f_cbc.c, verify.c: Fix function declarations to
+               (slightly) better match the conventions used by the krb5
+               source tree.
+
+       * cs_entry.c: Remove declarations of the cryptosystem specific
+               structures to raw-des.c and des-crc.c in the parent
+               directory.  They're strictly speaking not DES specific.
+
+       * Makefile.in: Remove file krb_glue.c; we don't use it any more.
+
 Thu Oct  6 12:49:29 1994  Theodore Y. Ts'o  (tytso@dcl)
 
        * Makefile.in: Make sure the "make check" programs get cleaned up

diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in
index 8ae0ccfbb9fe5f2c46daeecc2f82cc993e480630..717cb2dc6ffeb207b45328bbe059dfa566f27446 100644 (file)
--- a/src/lib/crypto/des/Makefile.in
+++ b/src/lib/crypto/des/Makefile.in
@@ -17,7 +17,6 @@ OTHEROBJS=f_cbc.o f_cksum.o f_pcbc.o f_sched.o f_ecb.o f_parity.o f_tables.o
 
 OBJS=  cbc_cksum.o     \
        cs_entry.o      \
-       krb_glue.o      \
        finish_key.o    \
        fin_rndkey.o    \
        init_rkey.o     \
@@ -31,7 +30,6 @@ OBJS= cbc_cksum.o     \
 
 SRCS=  $(srcdir)/cs_entry.c    \
        $(srcdir)/cbc_cksum.c   \
-       $(srcdir)/krb_glue.c    \
        $(srcdir)/finish_key.c  \
        $(srcdir)/fin_rndkey.c  \
        $(srcdir)/init_rkey.c   \

diff --git a/src/lib/crypto/des/cs_entry.c b/src/lib/crypto/des/cs_entry.c
index 8baa8778ff3a3c5e40c86f97d09b4e271988d2df..941f174de55b81eb41666f67c2ad8dae39b1afea 100644 (file)
--- a/src/lib/crypto/des/cs_entry.c
+++ b/src/lib/crypto/des/cs_entry.c
@@ -31,52 +31,6 @@
 
 #include "des_int.h"
 
-static krb5_cryptosystem_entry mit_raw_des_cryptosystem_entry = {
-    0,
-    mit_raw_des_encrypt_func,
-    mit_raw_des_decrypt_func,
-    mit_des_process_key,
-    mit_des_finish_key,
-    mit_des_string_to_key,
-    mit_des_init_random_key,
-    mit_des_finish_random_key,
-    mit_des_random_key,
-    sizeof(mit_des_cblock),
-    0,
-    sizeof(mit_des_cblock),
-    ETYPE_RAW_DES_CBC,
-    KEYTYPE_DES
-    };
-
-static krb5_cryptosystem_entry mit_des_cryptosystem_entry = {
-    0,
-    mit_des_encrypt_func,
-    mit_des_decrypt_func, 
-    mit_des_process_key,
-    mit_des_finish_key,
-    mit_des_string_to_key,
-    mit_des_init_random_key,
-    mit_des_finish_random_key,
-    mit_des_random_key,
-    sizeof(mit_des_cblock),
-    CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock),
-    sizeof(mit_des_cblock),
-    ETYPE_DES_CBC_CRC,
-    KEYTYPE_DES
-    };
-
-krb5_cs_table_entry krb5_raw_des_cst_entry = {
-    0,
-    &mit_raw_des_cryptosystem_entry,
-    0
-    };
-
-krb5_cs_table_entry krb5_des_cst_entry = {
-    0,
-    &mit_des_cryptosystem_entry,
-    0
-    };
-
 extern krb5_error_code mit_des_cbc_checksum PROTOTYPE ((krb5_pointer ,
                                                        size_t ,
                                                        krb5_pointer ,

diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h
index 37be4aa454cfbe067033a0223fc5945c2f3e73c9..038423a97c997d5c756080728c12f5feaf0df8b1 100644 (file)
--- a/src/lib/crypto/des/des_int.h
+++ b/src/lib/crypto/des/des_int.h
@@ -119,11 +119,12 @@ extern void mit_des_cbc_cksum
 extern int mit_des_ecb_encrypt
     PROTOTYPE((unsigned long *, unsigned long *, mit_des_key_schedule , int ));
 
-/* enc_dec.c */
-extern krb5_error_code mit_des_cbc_encrypt
-    PROTOTYPE((krb5_octet *, krb5_octet *, long, mit_des_key_schedule,
-              krb5_octet *, int));
-
+/* f_cbc.c */
+extern int mit_des_cbc_encrypt
+    PROTOTYPE((const mit_des_cblock *in, mit_des_cblock *out, long length,
+              mit_des_key_schedule schedule, mit_des_cblock ivec,
+              int encrypt));
+    
 /* fin_rndkey.c */
 extern krb5_error_code mit_des_finish_random_key
     PROTOTYPE(( krb5_pointer *));
@@ -144,20 +145,6 @@ extern int mit_des_check_key_parity PROTOTYPE((mit_des_cblock ));
 extern int mit_des_key_sched
     PROTOTYPE((mit_des_cblock , mit_des_key_schedule ));
 
-/* krb_glue.c */
-extern krb5_error_code mit_raw_des_encrypt_func
-    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
-               krb5_encrypt_block *, krb5_pointer ));
-extern krb5_error_code mit_des_encrypt_func
-    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
-               krb5_encrypt_block *, krb5_pointer ));
-extern krb5_error_code mit_raw_des_decrypt_func
-    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
-               krb5_encrypt_block *, krb5_pointer ));
-extern krb5_error_code mit_des_decrypt_func
-    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
-               krb5_encrypt_block *, krb5_pointer ));
-
 /* new_rnd_key.c */
 extern int mit_des_new_random_key
     PROTOTYPE((mit_des_cblock , mit_des_random_key_seed *));

diff --git a/src/lib/crypto/des/f_cbc.c b/src/lib/crypto/des/f_cbc.c
index 72a9198e1c7e9629fbf8cddefd5cd5a84dee987a..2d6ce9c3b231f8637884ec7269126aa10609f58e 100644 (file)
--- a/src/lib/crypto/des/f_cbc.c
+++ b/src/lib/crypto/des/f_cbc.c
@@ -38,7 +38,7 @@
 
 int
 mit_des_cbc_encrypt(in, out, length, schedule, ivec, encrypt)
-       des_cblock *in;
+       const des_cblock *in;
        des_cblock *out;
        long length;
        des_key_schedule schedule;

diff --git a/src/lib/crypto/des/krb_glue.c b/src/lib/crypto/des/krb_glue.c
deleted file mode 100644 (file)
index 7b2b5b8..0000000
--- a/src/lib/crypto/des/krb_glue.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/*
- * lib/crypto/des/krb_glue.c
- *
- * Copyright 1985, 1986, 1987, 1988, 1990, 1991 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- * These routines perform encryption and decryption using the DES
- * private key algorithm, or else a subset of it -- fewer inner loops.
- * (AUTH_DES_ITER defaults to 16, may be less.)
- *
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- * 
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- * 
- *
- */
-
-/*
- * These routines were extracted out of enc_dec.c because they will
- * drag in the kerberos library, if someone references mit_des_cbc_encrypt,
- * even no kerberos routines are called
- */
-
-
-
-#include <krb5/krb5.h>
-#include <krb5/ext-proto.h>
-#include <krb5/los-proto.h>
-#include <krb5/crc-32.h>
-
-#include "des_int.h"
-
-/*
-       encrypts "size" bytes at "in", storing result in "out".
-       "eblock" points to an encrypt block which has been initialized
-       by process_key().
-
-       "out" must be preallocated by the caller to contain sufficient
-       storage to hold the output; the macro krb5_encrypt_size() can
-       be used to compute this size.
-       
-       returns: errors
-*/
-static krb5_error_code
-mit_des_encrypt_f(DECLARG(krb5_const_pointer, in),
-                 DECLARG(krb5_pointer, out),
-                 DECLARG(const size_t, size),
-                 DECLARG(krb5_encrypt_block *, key),
-                 DECLARG(krb5_pointer, ivec))
-OLDDECLARG(krb5_const_pointer, in)
-OLDDECLARG(krb5_pointer, out)
-OLDDECLARG(const size_t, size)
-OLDDECLARG(krb5_encrypt_block *, key)
-OLDDECLARG(krb5_pointer, ivec)
-{
-    krb5_octet *iv;
-    
-    if ( ivec == 0 )
-       iv = key->key->contents;
-    else
-       iv = (krb5_octet *)ivec;
-
-    return (mit_des_cbc_encrypt((krb5_octet *)in, 
-                           (krb5_octet *)out,
-                           size, 
-                           (struct mit_des_ks_struct *)key->priv, 
-                           iv,
-                           MIT_DES_ENCRYPT));
-}    
-
-
-/*
-
-       decrypts "size" bytes at "in", storing result in "out".
-       "eblock" points to an encrypt block which has been initialized
-       by process_key().
-
-       "out" must be preallocated by the caller to contain sufficient
-       storage to hold the output; this is guaranteed to be no more than
-       the input size.
-
-       returns: errors
-
- */
-static krb5_error_code
-mit_des_decrypt_f(DECLARG(krb5_const_pointer, in),
-                 DECLARG(krb5_pointer, out),
-                 DECLARG(const size_t, size),
-                 DECLARG(krb5_encrypt_block *, key),
-                 DECLARG(krb5_pointer, ivec))
-OLDDECLARG(krb5_const_pointer, in)
-OLDDECLARG(krb5_pointer, out)
-OLDDECLARG(const size_t, size)
-OLDDECLARG(krb5_encrypt_block *, key)
-OLDDECLARG(krb5_pointer, ivec)
-{
-    krb5_octet *iv;
-
-    if ( ivec == 0 )
-       iv = key->key->contents;
-    else
-       iv = (krb5_octet *)ivec;
-
-    return (mit_des_cbc_encrypt ((krb5_octet *)in, 
-                            (krb5_octet *)out, 
-                            size, 
-                            (struct mit_des_ks_struct *)key->priv, 
-                            iv,
-                            MIT_DES_DECRYPT));
-}    
-
-krb5_error_code mit_raw_des_encrypt_func(DECLARG(krb5_const_pointer, in),
-                                         DECLARG(krb5_pointer, out),
-                                         DECLARG(const size_t, size),
-                                         DECLARG(krb5_encrypt_block *, key),
-                                         DECLARG(krb5_pointer, ivec))
-OLDDECLARG(krb5_const_pointer, in)
-OLDDECLARG(krb5_pointer, out)
-OLDDECLARG(const size_t, size)
-OLDDECLARG(krb5_encrypt_block *, key)
-OLDDECLARG(krb5_pointer, ivec)
-{
-   int sumsize;
-
-   /* round up to des block size */
-
-   sumsize =  krb5_roundup(size, sizeof(mit_des_cblock));
-
-   /* assemble crypto input into the output area, then encrypt in place. */
-
-   memset((char *)out, 0, sumsize);
-   memcpy((char *)out, (char *)in, size);
-
-    /* We depend here on the ability of this DES implementation to
-       encrypt plaintext to ciphertext in-place. */
-    return (mit_des_encrypt_f(out, out, sumsize, key, ivec));
-}
-
-krb5_error_code mit_des_encrypt_func(DECLARG(krb5_const_pointer, in),
-                                    DECLARG(krb5_pointer, out),
-                                    DECLARG(const size_t, size),
-                                    DECLARG(krb5_encrypt_block *, key),
-                                    DECLARG(krb5_pointer, ivec))
-OLDDECLARG(krb5_const_pointer, in)
-OLDDECLARG(krb5_pointer, out)
-OLDDECLARG(const size_t, size)
-OLDDECLARG(krb5_encrypt_block *, key)
-OLDDECLARG(krb5_pointer, ivec)
-{
-    krb5_checksum cksum;
-    krb5_octet         contents[CRC32_CKSUM_LENGTH];
-    int sumsize;
-    krb5_error_code retval;
-
-/*    if ( size < sizeof(mit_des_cblock) )
-       return KRB5_BAD_MSIZE; */
-
-    /* caller passes data size, and saves room for the padding. */
-    /* format of ciphertext, per RFC is:
-      +-----------+----------+-------------+-----+
-      |confounder |   check  |   msg-seq   | pad |
-      +-----------+----------+-------------+-----+
-      
-      our confounder is 8 bytes (one cblock);
-      our checksum is CRC32_CKSUM_LENGTH
-     */
-    sumsize =  krb5_roundup(size+CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock),
-                           sizeof(mit_des_cblock));
-
-    /* assemble crypto input into the output area, then encrypt in place. */
-
-    memset((char *)out, 0, sumsize);
-
-    /* put in the confounder */
-    if (retval = krb5_random_confounder(sizeof(mit_des_cblock), out))
-       return retval;
-
-    memcpy((char *)out+sizeof(mit_des_cblock)+CRC32_CKSUM_LENGTH, (char *)in,
-          size);
-
-    cksum.contents = contents; 
-
-    /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_CRC32,...)
-       but avoids use of the cryptosystem config table which can not be
-       referenced here if this object is to be included in a shared library.  */
-    if (retval = crc32_cksumtable_entry.sum_func((krb5_pointer) out,
-                                                sumsize,
-                                                (krb5_pointer)key->key->contents,
-                                                sizeof(mit_des_cblock),
-                                                &cksum))
-       return retval;
-
-    memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents,
-          CRC32_CKSUM_LENGTH);
-
-    /* We depend here on the ability of this DES implementation to
-       encrypt plaintext to ciphertext in-place. */
-    return (mit_des_encrypt_f(out, out, sumsize, key, ivec));
-}
-
-krb5_error_code mit_raw_des_decrypt_func(DECLARG(krb5_const_pointer, in),
-                                         DECLARG(krb5_pointer, out),
-                                         DECLARG(const size_t, size),
-                                         DECLARG(krb5_encrypt_block *, key),
-                                         DECLARG(krb5_pointer, ivec))
-OLDDECLARG(krb5_const_pointer, in)
-OLDDECLARG(krb5_pointer, out)
-OLDDECLARG(const size_t, size)
-OLDDECLARG(krb5_encrypt_block *, key)
-OLDDECLARG(krb5_pointer, ivec)
-{
-   return(mit_des_decrypt_f(in, out, size, key, ivec));
-}
-
-krb5_error_code mit_des_decrypt_func(DECLARG(krb5_const_pointer, in),
-                                    DECLARG(krb5_pointer, out),
-                                    DECLARG(const size_t, size),
-                                    DECLARG(krb5_encrypt_block *, key),
-                                    DECLARG(krb5_pointer, ivec))
-OLDDECLARG(krb5_const_pointer, in)
-OLDDECLARG(krb5_pointer, out)
-OLDDECLARG(const size_t, size)
-OLDDECLARG(krb5_encrypt_block *, key)
-OLDDECLARG(krb5_pointer, ivec)
-{
-    krb5_checksum cksum;
-    krb5_octet         contents_prd[CRC32_CKSUM_LENGTH];
-    krb5_octet  contents_get[CRC32_CKSUM_LENGTH];
-    char       *p;
-    krb5_error_code   retval;
-
-    if ( size < 2*sizeof(mit_des_cblock) )
-       return KRB5_BAD_MSIZE;
-
-    if (retval = mit_des_decrypt_f(in, out, size, key, ivec))
-       return retval;
-
-    cksum.contents = contents_prd;
-    p = (char *)out + sizeof(mit_des_cblock);
-    memcpy((char *)contents_get, p, CRC32_CKSUM_LENGTH);
-    memset(p, 0, CRC32_CKSUM_LENGTH);
-
-    if (retval = crc32_cksumtable_entry.sum_func(out, size,
-                                                (krb5_pointer)key->key->contents,
-                                                sizeof(mit_des_cblock),
-                                                &cksum))
-       return retval;
-
-    if (memcmp((char *)contents_get, (char *)contents_prd, CRC32_CKSUM_LENGTH) )
-        return KRB5KRB_AP_ERR_BAD_INTEGRITY;
-    memmove((char *)out, (char *)out +
-          sizeof(mit_des_cblock) + CRC32_CKSUM_LENGTH,
-          size - sizeof(mit_des_cblock) - CRC32_CKSUM_LENGTH);
-    return 0;
-}
-

diff --git a/src/lib/crypto/des/verify.c b/src/lib/crypto/des/verify.c
index 73f071e8d07bf8c188174e45e7cd662132b430a3..387e2c7cb965acf1119272195fe81fc9e20d1f48 100644 (file)
--- a/src/lib/crypto/des/verify.c
+++ b/src/lib/crypto/des/verify.c
@@ -280,11 +280,11 @@ main(argc,argv)
 
     printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
     in_length =  strlen((char *)input);
-    if (retval = mit_des_cbc_encrypt((krb5_octet *) input,
-                                    (krb5_octet *) cipher_text,
+    if (retval = mit_des_cbc_encrypt((mit_des_cblock *) input,
+                                    (mit_des_cblock *) cipher_text,
                                     (size_t) in_length, 
                                     (struct mit_des_ks_struct *)eblock.priv,
-                                    (krb5_octet *) ivec,
+                                    ivec,
                                     MIT_DES_ENCRYPT)) {
        com_err("des verify", retval, "can't encrypt");
        exit(-1);
@@ -297,11 +297,11 @@ main(argc,argv)
        }
        printf("\n");
     }
-    if (retval = mit_des_cbc_encrypt((krb5_octet *) cipher_text,
-                                    (krb5_octet *) clear_text,
+    if (retval = mit_des_cbc_encrypt((mit_des_cblock *) cipher_text,
+                                    (mit_des_cblock *) clear_text,
                                     (size_t) in_length, 
                                     eblock.priv,
-                                    (krb5_octet *) ivec,
+                                    ivec,
                                     MIT_DES_DECRYPT)) {
        com_err("des verify", retval, "can't decrypt");
        exit(-1);