Merge branches/nss to trunk
authorGreg Hudson <ghudson@mit.edu>
Sat, 2 Oct 2010 17:21:54 +0000 (17:21 +0000)
committerGreg Hudson <ghudson@mit.edu>
Sat, 2 Oct 2010 17:21:54 +0000 (17:21 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24416 dc483132-0cff-0310-8789-dd5450dbe970

59 files changed:
NOTICE
src/configure.in
src/include/k5-int.h
src/lib/crypto/Makefile.in
src/lib/crypto/builtin/Makefile.in
src/lib/crypto/builtin/init.c [new file with mode: 0644]
src/lib/crypto/crypto_tests/Makefile.in
src/lib/crypto/krb/Makefile.in
src/lib/crypto/krb/crypto_libinit.c
src/lib/crypto/krb/prng.c
src/lib/crypto/nss/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/aes/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/aes/deps [new file with mode: 0644]
src/lib/crypto/nss/camellia/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/camellia/deps [new file with mode: 0644]
src/lib/crypto/nss/deps [new file with mode: 0644]
src/lib/crypto/nss/des/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/des/deps [new file with mode: 0644]
src/lib/crypto/nss/des/des_int.h [new file with mode: 0644]
src/lib/crypto/nss/des/des_oldapis.c [new file with mode: 0644]
src/lib/crypto/nss/des/f_parity.c [new file with mode: 0644]
src/lib/crypto/nss/des/string2key.c [new file with mode: 0644]
src/lib/crypto/nss/des/weak_key.c [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/aes.c [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/camellia.c [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/deps [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/des.c [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/des3.c [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/enc_gen.c [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/enc_provider.h [new file with mode: 0644]
src/lib/crypto/nss/enc_provider/rc4.c [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/deps [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_crc32.c [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_gen.c [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_gen.h [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_md4.c [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_md5.c [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_provider.h [new file with mode: 0644]
src/lib/crypto/nss/hash_provider/hash_sha1.c [new file with mode: 0644]
src/lib/crypto/nss/hmac.c [new file with mode: 0644]
src/lib/crypto/nss/md4/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/md4/deps [new file with mode: 0644]
src/lib/crypto/nss/md4/md4.c [new file with mode: 0644]
src/lib/crypto/nss/md4/rsa-md4.h [new file with mode: 0644]
src/lib/crypto/nss/md5/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/md5/deps [new file with mode: 0644]
src/lib/crypto/nss/md5/md5.c [new file with mode: 0644]
src/lib/crypto/nss/md5/rsa-md5.h [new file with mode: 0644]
src/lib/crypto/nss/nss_gen.h [new file with mode: 0644]
src/lib/crypto/nss/pbkdf2.c [new file with mode: 0644]
src/lib/crypto/nss/sha1/Makefile.in [new file with mode: 0644]
src/lib/crypto/nss/sha1/deps [new file with mode: 0644]
src/lib/crypto/nss/sha1/shs.c [new file with mode: 0644]
src/lib/crypto/nss/sha1/shs.h [new file with mode: 0644]
src/lib/crypto/nss/yhash.h [new file with mode: 0644]
src/lib/crypto/openssl/Makefile.in
src/lib/crypto/openssl/init.c [new file with mode: 0644]

diff --git a/NOTICE b/NOTICE
index e52ca355741fff87b479fd58207153f0ff5e547d..61241373870ead011e1afc7d138ae103949d1e61 100644 (file)
--- a/NOTICE
+++ b/NOTICE
@@ -173,7 +173,8 @@ src/lib/crypto/aes has the following copyright:
                          --------------------
 
 Portions contributed by Red Hat, including the pre-authentication
-plug-ins framework, contain the following copyright:
+plug-ins framework and the NSS crypto implementation, contain the
+following copyright:
 
   Copyright (c) 2006 Red Hat, Inc.
   Portions copyright (c) 2006 Massachusetts Institute of Technology
index 7d59a56d81c21a4d3a81b3806b762ff17a647e83..70e9817c3f8fdb3bcc4b97eae35d90fafe0f846f 100644 (file)
@@ -123,8 +123,27 @@ AC_HELP_STRING([--with-crypto-impl=IMPL], [use specified crypto implementation @
 [CRYPTO_IMPL=$withval
 AC_MSG_RESULT("k5crypto will use \'$withval\'")
 ], withval=builtin)
+CRYPTO_IMPL_LIBS=
+CRYPTO_IMPL_CFLAGS=
+case "$withval" in
+builtin)
+  ;;
+openssl)
+  AC_CHECK_LIB(crypto, PKCS7_get_signer_info)
+  ;;
+nss)
+  CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss`
+  CRYPTO_IMPL_LIBS="-lnss3 $(pkg-config --libs nss-util)"
+  AC_DEFINE(CRYPTO_IMPL_NSS,1,[Define if crypto implementation is NSS])
+  ;;
+*)
+  AC_MSG_ERROR([Unknown crypto implementation $withval])
+  ;;
+esac
 AC_CONFIG_COMMANDS(CRYPTO_IMPL, , CRYPTO_IMPL=$CRYPTO_IMPL)
 AC_SUBST(CRYPTO_IMPL)
+AC_SUBST(CRYPTO_IMPL_CFLAGS)
+AC_SUBST(CRYPTO_IMPL_LIBS)
 
 # --with-kdc-kdb-update makes the KDC update the database with last request
 # information and failure information.
index cf14a62275171d20413126bdbbb23f7022be08df..67f01925a09325df9648581a92d4e68c9d67aba0 100644 (file)
@@ -823,6 +823,7 @@ krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context,
  * Internal - for cleanup.
  */
 extern void krb5int_prng_cleanup(void);
+extern void krb5int_crypto_impl_cleanup(void);
 
 
 #ifdef KRB5_OLD_CRYPTO
@@ -2654,6 +2655,7 @@ krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *);
 
 extern int krb5int_crypto_init (void);
 extern int krb5int_prng_init(void);
+extern int krb5int_crypto_impl_init(void);
 
 /*
  * Referral definitions, debugging hooks, and subfunctions.
index a05f086e7fe0a830c460657a55a2f12f33d0777f..579d0829ce5f4f58abecf7c09fb928a467b0e11f 100644 (file)
@@ -46,7 +46,7 @@ SUBDIROBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST                               \
 # link editor and loader support it.
 DEPLIBS=
 SHLIB_DIRS=-L$(TOPLIBD)
-SHLIB_EXPLIBS= $(SUPPORT_LIB) @CRYPTO_LIBS@ $(LIBS)
+SHLIB_EXPLIBS= $(SUPPORT_LIB) @CRYPTO_LIBS@ @CRYPTO_IMPL_LIBS@ $(LIBS)
 SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB)
 SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@
 SHLIB_LIBDIRS= @SHLIB_LIBDIRS@
index 4e7e0cd87b35442fb34fe0b02d0dac011d86f1f0..5dd7fafdd37393a4f8c62f06fc09524a8a9150e5 100644 (file)
@@ -27,14 +27,17 @@ EXTRADEPSRCS= $(srcdir)/t_cf2.c
 
 STLIBOBJS=\
        hmac.o  \
-       pbkdf2.o                
+       init.o  \
+       pbkdf2.o
 
 OBJS=\
        $(OUTPRE)hmac.$(OBJEXT) \
-       $(OUTPRE)pbkdf2.$(OBJEXT)               
+       $(OUTPRE)init.$(OBJEXT) \
+       $(OUTPRE)pbkdf2.$(OBJEXT)
 
 SRCS=\
        $(srcdir)/hmac.c        \
+       $(srcdir)/init.c        \
        $(srcdir)/pbkdf2.c      
 
 STOBJLISTS= des/OBJS.ST md4/OBJS.ST    \
diff --git a/src/lib/crypto/builtin/init.c b/src/lib/crypto/builtin/init.c
new file mode 100644 (file)
index 0000000..af69523
--- /dev/null
@@ -0,0 +1,40 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/builtin/init.c
+ *
+ * Copyright (C) 2010 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Built-in back-end library init functions
+ */
+
+int
+krb5int_crypto_impl_init(void)
+{
+    return 0;
+}
+
+void
+krb5int_crypto_impl_cleanup(void)
+{
+}
index a0cbb1d1b848fa2d64e363fb4dcb4fb0b5e8d47f..784d307013724d99958a3c87c89af5212740079e 100644 (file)
@@ -45,6 +45,9 @@ EXTRADEPSRCS=\
 # NOTE: The t_cksum known checksum values are primarily for regression
 # testing.  They are not derived a priori, but are known to produce
 # checksums that interoperate.
+#
+# We use the NSS PRNG when NSS is the crypto back end, so don't test
+# against the expected output for Yarrow.
 check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \
                t_cksum4 t_cksum5 \
                aes-test  \
@@ -53,8 +56,9 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \
                t_crc t_cts t_short t_str2key t_camellia_ccm
        $(RUN_SETUP) $(VALGRIND) ./t_nfold
        $(RUN_SETUP) $(VALGRIND) ./t_encrypt
-       $(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \
-       diff t_prng.output $(srcdir)/t_prng.expected
+       if [ @CRYPTO_IMPL@ != nss ]; then \
+         $(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \
+         diff t_prng.output $(srcdir)/t_prng.expected; fi
        $(RUN_SETUP) $(VALGRIND) ./t_cmac
        $(RUN_SETUP) $(VALGRIND) ./t_hmac
        $(RUN_SETUP) $(VALGRIND) ./t_prf <$(srcdir)/t_prf.in >t_prf.output
index 119441aabf97e28ef33aae489e1b68b335e16199..35dbc877fd416de386ff39e70957da9e9eddbda2 100644 (file)
@@ -9,7 +9,8 @@ LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../@CRYPTO_IMPL@/enc_provider -I$(srcdir
                -I$(srcdir)/../@CRYPTO_IMPL@/ -I$(srcdir)/../@CRYPTO_IMPL@/des          \
                -I$(srcdir)/../@CRYPTO_IMPL@/aes -I$(srcdir)/arcfour    \
                -I$(srcdir)/../@CRYPTO_IMPL@/camellia \
-               -I$(srcdir)/../@CRYPTO_IMPL@/sha1 -I$(srcdir)/../@CRYPTO_IMPL@
+               -I$(srcdir)/../@CRYPTO_IMPL@/sha1 -I$(srcdir)/../@CRYPTO_IMPL@ \
+               @CRYPTO_IMPL_CFLAGS@
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
 DEFS=
index a69db38e3b8cdfc1f7a055884b3d8527e8a3f4cc..b94a01cc0ba4f9327c8c562af6fbbcf9e52a0c32 100644 (file)
@@ -14,7 +14,11 @@ extern void krb5int_prng_cleanup (void);
 
 int cryptoint_initialize_library (void)
 {
-    return krb5int_prng_init();
+    int err;
+    err = krb5int_prng_init();
+    if (err)
+        return err;
+    return krb5int_crypto_impl_init();
 }
 
 int krb5int_crypto_init(void)
@@ -30,5 +34,6 @@ void cryptoint_cleanup_library (void)
 {
     if (!INITIALIZER_RAN(cryptoint_initialize_library))
         return;
-    krb5int_prng_cleanup ();
+    krb5int_prng_cleanup();
+    krb5int_crypto_impl_cleanup();
 }
index ef326994a4726c73d1dcc60d023c50173417233b..a25cfcfcb395618fa4bbd4da6e885ba40c9fa668 100644 (file)
 #include <assert.h>
 #include "k5-thread.h"
 
-#include "yarrow.h"
-static Yarrow_CTX y_ctx;
 #define yarrow_lock krb5int_yarrow_lock
 k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
 
+#ifdef CRYPTO_IMPL_NSS
+
+/*
+ * Using Yarrow with NSS is a bit problematic because the MD5 contexts it holds
+ * open for the entropy pools would be invalidated by a fork(), causing us to
+ * lose the entropy contained therein.
+ *
+ * Therefore, use the NSS PRNG if NSS is the crypto implementation.  Doing this
+ * via ifdefs here is temporary until we come up with better build logic for
+ * it.
+ */
+
+#include "../nss/nss_gen.h"
+#include <pk11pub.h>
+
+/*
+ * NSS gathers its own OS entropy, so it doesn't really matter how much we read
+ * in krb5_c_random_os_entropy.  Use the same value as Yarrow (without using a
+ * Yarrow constant), so that we don't read too much from /dev/random.
+ */
+#define OS_ENTROPY_LEN 20
+
+int krb5int_prng_init(void)
+{
+    return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_random_add_entropy(krb5_context context, unsigned int randsource,
+                          const krb5_data *data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_init();
+    if (ret)
+        return ret;
+    if (PK11_RandomUpdate(data->data, data->length) != SECSuccess)
+        return k5_nss_map_last_error();
+    return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_random_make_octets(krb5_context context, krb5_data *data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_init();
+    if (ret)
+        return ret;
+    if (PK11_GenerateRandom((unsigned char *)data->data,
+                            data->length) != SECSuccess)
+        return k5_nss_map_last_error();
+    return 0;
+}
+
+void
+krb5int_prng_cleanup (void)
+{
+}
+
+#else /* CRYPTO_IMPL_NSS */
+
+#include "yarrow.h"
+static Yarrow_CTX y_ctx;
+
+/* Gather enough OS entropy per call to trigger a Yarrow reseed. */
+#define OS_ENTROPY_LEN (YARROW_SLOW_THRESH/8)
+
 /* Helper function to estimate entropy based on sample length
  * and where it comes from.
  */
@@ -99,12 +165,6 @@ krb5_c_random_add_entropy(krb5_context context, unsigned int randsource,
     return 0;
 }
 
-krb5_error_code KRB5_CALLCONV
-krb5_c_random_seed(krb5_context context, krb5_data *data)
-{
-    return krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OLDAPI, data);
-}
-
 krb5_error_code KRB5_CALLCONV
 krb5_c_random_make_octets(krb5_context context, krb5_data *data)
 {
@@ -127,6 +187,13 @@ krb5int_prng_cleanup (void)
     k5_mutex_destroy(&yarrow_lock);
 }
 
+#endif /* not CRYPTO_IMPL_NSS */
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_random_seed(krb5_context context, krb5_data *data)
+{
+    return krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OLDAPI, data);
+}
 
 /*
  * Routines to get entropy from the OS.  For UNIX we try /dev/urandom
@@ -163,7 +230,7 @@ read_entropy_from_device(krb5_context context, const char *device)
     krb5_data data;
     struct stat sb;
     int fd;
-    unsigned char buf[YARROW_SLOW_THRESH/8], *bp;
+    unsigned char buf[OS_ENTROPY_LEN], *bp;
     int left;
 
     fd = open (device, O_RDONLY);
diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in
new file mode 100644 (file)
index 0000000..f6b457b
--- /dev/null
@@ -0,0 +1,145 @@
+mydir=lib/crypto/nss
+BUILDTOP=$(REL)..$(S)..$(S)..
+SUBDIRS=des aes        camellia md4 md5  sha1 enc_provider hash_provider
+LOCALINCLUDES = -I$(srcdir)/../krb                     \
+               -I$(srcdir)/../krb/hash_provider        \
+               -I$(srcdir)/des         \
+               -I$(srcdir)/aes         \
+               -I$(srcdir)/sha1        \
+               -I$(srcdir)/md4         \
+               -I$(srcdir)/md5 \
+               -I$(srcdir)/enc_provider        \
+               -I$(srcdir)/hash_provider       \
+               @CRYPTO_IMPL_CFLAGS@
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+DEFS=
+
+##DOSBUILDTOP = ..\..\..
+##DOSLIBNAME=$(OUTPRE)crypto.lib
+##DOSOBJFILE=$(OUTPRE)crypto.lst
+##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst
+##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst
+
+STLIBOBJS=\
+       hmac.o  \
+       pbkdf2.o                
+
+OBJS=\
+       $(OUTPRE)hmac.$(OBJEXT) \
+       $(OUTPRE)pbkdf2.$(OBJEXT)               
+
+SRCS=\
+       $(srcdir)/hmac.c        \
+       $(srcdir)/pbkdf2.c      
+
+STOBJLISTS= des/OBJS.ST md4/OBJS.ST    \
+       md5/OBJS.ST sha1/OBJS.ST        \
+       enc_provider/OBJS.ST            \
+       hash_provider/OBJS.ST           \
+       aes/OBJS.ST                     \
+       camellia/OBJS.ST                \
+       OBJS.ST
+
+SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST        \
+               md5/OBJS.ST sha1/OBJS.ST        \
+               enc_provider/OBJS.ST            \
+               hash_provider/OBJS.ST           \
+               aes/OBJS.ST                     \
+               camellia/OBJS.ST
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+includes:: depend
+
+depend:: $(SRCS)
+
+clean-unix:: clean-libobjs
+
+all-windows::
+       cd ..\des
+       @echo Making in crypto\des
+       $(MAKE) -$(MFLAGS)
+       cd ..\md4
+       @echo Making in crypto\md4
+       $(MAKE) -$(MFLAGS)
+       cd ..\md5
+       @echo Making in crypto\md5
+       $(MAKE) -$(MFLAGS)
+       cd ..\sha1
+       @echo Making in crypto\sha1
+       $(MAKE) -$(MFLAGS)
+       cd ..\hash_provider
+       @echo Making in crypto\hash_provider
+       $(MAKE) -$(MFLAGS)
+       cd ..\enc_provider
+       @echo Making in crypto\enc_provider
+       $(MAKE) -$(MFLAGS)
+       cd ..\aes
+       @echo Making in crypto\aes
+       $(MAKE) -$(MFLAGS)
+       cd ..\camellia
+       @echo Making in crypto\aes
+       $(MAKE) -$(MFLAGS)
+       cd ..
+
+clean-windows::
+       cd ..\des
+       @echo Making clean in crypto\des
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\md4
+       @echo Making clean in crypto\md4
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\md5
+       @echo Making clean in crypto\md5
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\sha1
+       @echo Making clean in crypto\sha1
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\hash_provider
+       @echo Making clean in crypto\hash_provider
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\enc_provider
+       @echo Making clean in crypto\enc_provider
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\aes
+       @echo Making clean in crypto\aes
+       $(MAKE) -$(MFLAGS) clean
+       cd ..\camellia
+       @echo Making clean in crypto\aes
+       $(MAKE) -$(MFLAGS) clean
+       cd ..
+
+check-windows::
+       cd ..\des
+       @echo Making check in crypto\des
+       $(MAKE) -$(MFLAGS) check
+       cd ..\md4
+       @echo Making check in crypto\md4
+       $(MAKE) -$(MFLAGS) check
+       cd ..\md5
+       @echo Making check in crypto\md5
+       $(MAKE) -$(MFLAGS) check
+       cd ..\sha1
+       @echo Making check in crypto\sha1
+       $(MAKE) -$(MFLAGS) check
+       cd ..\hash_provider
+       @echo Making check in crypto\hash_provider
+       $(MAKE) -$(MFLAGS) check
+       cd ..\enc_provider
+       @echo Making check in crypto\enc_provider
+       $(MAKE) -$(MFLAGS) check
+       cd ..\aes
+       @echo Making check in crypto\aes
+       $(MAKE) -$(MFLAGS) check
+       cd ..\camellia
+       @echo Making check in crypto\aes
+       $(MAKE) -$(MFLAGS) check
+       cd ..
+
+
+@lib_frag@
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/aes/Makefile.in b/src/lib/crypto/nss/aes/Makefile.in
new file mode 100644 (file)
index 0000000..9855eaf
--- /dev/null
@@ -0,0 +1,40 @@
+# Nothing here!  But we can't remove this directory as the build
+# system currently assumes that all modules have the same directory
+# structure.
+
+mydir=lib/crypto/nss/aes
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=aes
+##DOS##OBJFILE=..\$(OUTPRE)aes.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS=
+
+OBJS=
+
+SRCS=
+
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs 
+
+includes:: depend
+
+depend:: $(SRCS)
+
+check:: 
+
+
+clean-unix:: clean-libobjs
+
+clean::
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/aes/deps b/src/lib/crypto/nss/aes/deps
new file mode 100644 (file)
index 0000000..2feac3c
--- /dev/null
@@ -0,0 +1 @@
+# No dependencies here.
diff --git a/src/lib/crypto/nss/camellia/Makefile.in b/src/lib/crypto/nss/camellia/Makefile.in
new file mode 100644 (file)
index 0000000..c937f21
--- /dev/null
@@ -0,0 +1,40 @@
+# Nothing here!  But we can't remove this directory as the build
+# system currently assumes that all modules have the same directory
+# structure.
+
+mydir=lib/crypto/nss/camellia
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=camellia
+##DOS##OBJFILE=..\$(OUTPRE)camellia.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS=
+
+OBJS=
+
+SRCS=
+
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs 
+
+includes:: depend
+
+depend:: $(SRCS)
+
+check:: 
+
+
+clean-unix:: clean-libobjs
+
+clean::
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/camellia/deps b/src/lib/crypto/nss/camellia/deps
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/src/lib/crypto/nss/deps b/src/lib/crypto/nss/deps
new file mode 100644 (file)
index 0000000..7fc8427
--- /dev/null
@@ -0,0 +1,25 @@
+# 
+# Generated makefile dependencies follow.
+#
+hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h $(srcdir)/hmac.c \
+  $(srcdir)/../krb/aead.h $(srcdir)/../krb/cksumtypes.h
+pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h $(srcdir)/hash_provider/hash_provider.h \
+  $(srcdir)/pbkdf2.c
diff --git a/src/lib/crypto/nss/des/Makefile.in b/src/lib/crypto/nss/des/Makefile.in
new file mode 100644 (file)
index 0000000..d97fcfb
--- /dev/null
@@ -0,0 +1,49 @@
+mydir=lib/crypto/nss/des
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb @CRYPTO_IMPL_CFLAGS@
+
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=des
+##DOS##OBJFILE=..\$(OUTPRE)des.lst
+
+RUN_SETUP = @KRB5_RUN_ENV@
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+
+STLIBOBJS= des_oldapis.o \
+       f_parity.o      \
+       string2key.o    \
+       weak_key.o
+
+OBJS=  $(OUTPRE)f_parity.$(OBJEXT)     \
+       $(OUTPRE)des_oldapis.$(OBJEXT)  \
+       $(OUTPRE)string2key.$(OBJEXT)   \
+       $(OUTPRE)weak_key.$(OBJEXT)
+
+SRCS=  $(srcdir)/f_parity.c    \
+       $(srcdir)/des_oldapis.c \
+       $(srcdir)/weak_key.c    \
+       $(srcdir)/string2key.c
+
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+check-unix:: 
+
+includes:: depend
+
+depend:: $(SRCS)
+
+check-windows::
+
+clean::
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/des/deps b/src/lib/crypto/nss/des/deps
new file mode 100644 (file)
index 0000000..206b3a4
--- /dev/null
@@ -0,0 +1,47 @@
+# 
+# Generated makefile dependencies follow.
+#
+f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/des_int.h $(srcdir)/f_parity.c
+des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h $(srcdir)/des_int.h \
+  $(srcdir)/des_oldapis.c
+weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/des_int.h $(srcdir)/weak_key.c
+string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/des_int.h $(srcdir)/string2key.c
diff --git a/src/lib/crypto/nss/des/des_int.h b/src/lib/crypto/nss/des/des_int.h
new file mode 100644 (file)
index 0000000..eb17eb9
--- /dev/null
@@ -0,0 +1,189 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/des/des_int.h
+ *
+ * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of
+ * Technology.  All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Private include file for the Data Encryption Standard library.
+ */
+
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* only do the whole thing once  */
+#ifndef DES_INTERNAL_DEFS
+#define DES_INTERNAL_DEFS
+
+#include "k5-int.h"
+/*
+ * Begin "mit-des.h"
+ */
+#ifndef KRB5_MIT_DES__
+#define KRB5_MIT_DES__
+
+#if defined(__MACH__) && defined(__APPLE__)
+#include <TargetConditionals.h>
+#include <AvailabilityMacros.h>
+#if TARGET_RT_MAC_CFM
+#error "Use KfM 4.0 SDK headers for CFM compilation."
+#endif
+#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
+#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
+#endif
+#endif /* defined(__MACH__) && defined(__APPLE__) */
+
+/* Macro to add deprecated attribute to DES types and functions */
+/* Currently only defined on Mac OS X 10.5 and later.           */
+#ifndef KRB5INT_DES_DEPRECATED
+#define KRB5INT_DES_DEPRECATED
+#endif
+
+#include <limits.h>
+
+#if UINT_MAX >= 0xFFFFFFFFUL
+#define DES_INT32 int
+#define DES_UINT32 unsigned int
+#else
+#define DES_INT32 long
+#define DES_UINT32 unsigned long
+#endif
+
+typedef unsigned char des_cblock[8]     /* crypto-block size */
+KRB5INT_DES_DEPRECATED;
+
+/*
+ * Key schedule.
+ *
+ * This used to be
+ *
+ * typedef struct des_ks_struct {
+ *     union { DES_INT32 pad; des_cblock _;} __;
+ * } des_key_schedule[16];
+ *
+ * but it would cause trouble if DES_INT32 were ever more than 4
+ * bytes.  The reason is that all the encryption functions cast it to
+ * (DES_INT32 *), and treat it as if it were DES_INT32[32].  If
+ * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
+ * caller-allocated des_key_schedule will be overflowed by the key
+ * scheduling functions.  We can't assume that every platform will
+ * have an exact 32-bit int, and nothing should be looking inside a
+ * des_key_schedule anyway.
+ */
+typedef struct des_ks_struct {  DES_INT32 _[2]; } des_key_schedule[16]
+KRB5INT_DES_DEPRECATED;
+
+typedef des_cblock mit_des_cblock;
+typedef des_key_schedule mit_des_key_schedule;
+
+/* Triple-DES structures */
+typedef mit_des_cblock          mit_des3_cblock[3];
+typedef mit_des_key_schedule    mit_des3_key_schedule[3];
+
+#define MIT_DES_ENCRYPT 1
+#define MIT_DES_DECRYPT 0
+
+typedef struct mit_des_ran_key_seed {
+    krb5_encrypt_block eblock;
+    krb5_data sequence;
+} mit_des_random_state;
+
+/* the first byte of the key is already in the keyblock */
+
+#define MIT_DES_BLOCK_LENGTH            (8*sizeof(krb5_octet))
+#define MIT_DES_CBC_CRC_PAD_MINIMUM     CRC32_CKSUM_LENGTH
+/* This used to be 8*sizeof(krb5_octet) */
+#define MIT_DES_KEYSIZE                 8
+
+#define MIT_DES_CBC_CKSUM_LENGTH        (4*sizeof(krb5_octet))
+
+/*
+ * Check if k5-int.h has been included before us.  If so, then check to see
+ * that our view of the DES key size is the same as k5-int.h's.
+ */
+#ifdef  KRB5_MIT_DES_KEYSIZE
+#if     MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
+error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
+#endif  /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
+#endif  /* KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES__ */
+/*
+ * End "mit-des.h"
+ */
+
+#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
+extern const mit_des_cblock mit_des_zeroblock;
+
+/* key_parity.c */
+extern void mit_des_fixup_key_parity (mit_des_cblock );
+extern int mit_des_check_key_parity (mit_des_cblock );
+
+/* string2key.c */
+extern krb5_error_code mit_des_string_to_key
+    ( const krb5_encrypt_block *,
+               krb5_keyblock *, const krb5_data *, const krb5_data *);
+extern krb5_error_code mit_des_string_to_key_int
+        (krb5_keyblock *, const krb5_data *, const krb5_data *);
+
+/* weak_key.c */
+extern int mit_des_is_weak_key (mit_des_cblock );
+
+/* misc.c */
+extern void swap_bits (char *);
+extern unsigned long long_swap_bits (unsigned long );
+extern unsigned long swap_six_bits_to_ansi (unsigned long );
+extern unsigned long swap_four_bits_to_ansi (unsigned long );
+extern unsigned long swap_bit_pos_1 (unsigned long );
+extern unsigned long swap_bit_pos_0 (unsigned long );
+extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
+extern unsigned long rev_swap_bit_pos_0 (unsigned long );
+extern unsigned long swap_byte_bits (unsigned long );
+extern unsigned long swap_long_bytes_bit_number (unsigned long );
+#ifdef FILE
+/* XXX depends on FILE being a #define! */
+extern void test_set (FILE *, const char *, int, const char *, int);
+#endif
+#endif  /*DES_INTERNAL_DEFS*/
diff --git a/src/lib/crypto/nss/des/des_oldapis.c b/src/lib/crypto/nss/des/des_oldapis.c
new file mode 100644 (file)
index 0000000..eb1e586
--- /dev/null
@@ -0,0 +1,56 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/openssl/des/des_oldapis.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include "k5-int.h"
+#include "des_int.h"
+#include <ctype.h>
+
+const mit_des_cblock mit_des_zeroblock /* = all zero */;
+
+unsigned long
+mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
+                  unsigned long length, const mit_des_key_schedule schedule,
+                  const krb5_octet *ivec)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL;
+}
+
+krb5_error_code
+mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
+                       const krb5_data *salt)
+{
+    return KRB5_CRYPTO_INTERNAL;
+}
+
+int
+mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL;
+}
diff --git a/src/lib/crypto/nss/des/f_parity.c b/src/lib/crypto/nss/des/f_parity.c
new file mode 100644 (file)
index 0000000..460b506
--- /dev/null
@@ -0,0 +1,56 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * These routines check and fix parity of encryption keys for the DES
+ * algorithm.
+ *
+ * They are a replacement for routines in key_parity.c, that don't require
+ * the table building that they do.
+ *
+ * Mark Eichin -- Cygnus Support
+ */
+
+
+#include "des_int.h"
+
+/*
+ * des_fixup_key_parity: Forces odd parity per byte; parity is bits
+ *                       8,16,...64 in des order, implies 0, 8, 16, ...
+ *                       vax order.
+ */
+#define smask(step) ((1<<step)-1)
+#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
+#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
+
+void
+mit_des_fixup_key_parity(mit_des_cblock key)
+{
+    unsigned int i;
+    for (i=0; i<sizeof(mit_des_cblock); i++)
+    {
+        key[i] &= 0xfe;
+        key[i] |= 1^parity_char(key[i]);
+    }
+
+    return;
+}
+
+/*
+ * des_check_key_parity: returns true iff key has the correct des parity.
+ *                       See des_fix_key_parity for the definition of
+ *                       correct des parity.
+ */
+int
+mit_des_check_key_parity(mit_des_cblock key)
+{
+    unsigned int i;
+
+    for (i=0; i<sizeof(mit_des_cblock); i++)
+    {
+        if((key[i] & 1) == parity_char(0xfe&key[i]))
+        {
+            return 0;
+        }
+    }
+
+    return(1);
+}
diff --git a/src/lib/crypto/nss/des/string2key.c b/src/lib/crypto/nss/des/string2key.c
new file mode 100644 (file)
index 0000000..15c0add
--- /dev/null
@@ -0,0 +1,86 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/openssl/des/string2key.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#include "des_int.h"
+#include "pk11pub.h"
+#include "nss_gen.h"
+
+krb5_error_code
+mit_des_string_to_key_int(krb5_keyblock *key, const krb5_data *pw,
+                          const krb5_data *salt)
+{
+    PK11SlotInfo *slot = NULL;
+    PK11SymKey *symKey = NULL;
+    SECItem pwItem;
+    SECItem paramsItem;
+    CK_PBE_PARAMS pbe_params;
+    CK_MECHANISM_TYPE pbeMech = CKM_NETSCAPE_PBE_SHA1_DES_CBC;
+    krb5_error_code ret;
+    SECItem *keyData;
+
+    ret = k5_nss_init();
+    if (ret)
+        return ret;
+
+    slot = PK11_GetBestSlot(pbeMech, NULL);
+    if (slot == NULL) {
+        ret = k5_nss_map_last_error();
+        goto loser;
+    }
+
+    pwItem.data = (unsigned char *)pw->data;
+    pwItem.len = pw->length;
+    memset(&pbe_params, 0, sizeof(pbe_params));
+    pbe_params.pSalt = (unsigned char *)salt->data;
+    pbe_params.ulSaltLen = salt->length;
+    pbe_params.ulIteration = 1;
+    paramsItem.data = (unsigned char *)&pbe_params;
+    paramsItem.len = sizeof(pbe_params);
+
+    symKey = PK11_RawPBEKeyGen(slot, pbeMech, &paramsItem, &pwItem,
+                               PR_FALSE, NULL);
+    if (symKey == NULL) {
+        ret = k5_nss_map_last_error();
+        goto loser;
+    }
+    PK11_ExtractKeyValue(symKey);
+    keyData = PK11_GetKeyData(symKey);
+    if (!keyData) {
+        ret = k5_nss_map_last_error();
+        goto loser;
+    }
+    key->length = keyData->len;
+    memcpy(key->contents, keyData->data, key->length);
+    ret = 0;
+
+loser:
+    if (symKey)
+        PK11_FreeSymKey(symKey);
+    if (slot)
+        PK11_FreeSlot(slot);
+    return ret;
+}
diff --git a/src/lib/crypto/nss/des/weak_key.c b/src/lib/crypto/nss/des/weak_key.c
new file mode 100644 (file)
index 0000000..43fbe91
--- /dev/null
@@ -0,0 +1,84 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/openssl/des/weak_key.c
+ *
+ * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Under U.S. law, this software may not be exported outside the US
+ * without license from the U.S. Commerce department.
+ *
+ * These routines form the library interface to the DES facilities.
+ *
+ * Originally written 8/85 by Steve Miller, MIT Project Athena.
+ */
+
+#include "des_int.h"
+
+/*
+ * The following are the weak DES keys:
+ */
+static const mit_des_cblock weak[16] = {
+    /* weak keys */
+    {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+    {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
+    {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
+    {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
+
+    /* semi-weak */
+    {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
+    {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
+
+    {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
+    {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
+
+    {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
+    {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
+
+    {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
+    {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
+
+    {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
+    {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
+
+    {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
+    {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
+};
+
+/*
+ * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
+ *
+ * Requires: key has correct odd parity.
+ */
+int
+mit_des_is_weak_key(mit_des_cblock key)
+{
+    unsigned int i;
+    const mit_des_cblock *weak_p = weak;
+
+    for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
+        if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
+            return 1;
+    }
+    return 0;
+}
diff --git a/src/lib/crypto/nss/enc_provider/Makefile.in b/src/lib/crypto/nss/enc_provider/Makefile.in
new file mode 100644 (file)
index 0000000..c7950d6
--- /dev/null
@@ -0,0 +1,54 @@
+mydir=lib/crypto/nss/enc_provider
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/../des     \
+               -I$(srcdir)/../arcfour \
+               -I$(srcdir)/../aes      \
+               -I$(srcdir)/../../krb                   \
+               -I$(srcdir)/../../krb/rand2key          \
+               -I$(srcdir)/.. -I$(srcdir)/.  \
+               @CRYPTO_IMPL_CFLAGS@
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=enc_provider
+##DOS##OBJFILE=..\$(OUTPRE)enc_prov.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS= \
+       enc_gen.o       \
+       des.o   \
+       des3.o  \
+       rc4.o   \
+       aes.o   \
+       camellia.o
+
+OBJS= \
+       $(OUTPRE)enc_gen.$(OBJEXT)      \
+       $(OUTPRE)des.$(OBJEXT)  \
+       $(OUTPRE)des3.$(OBJEXT)         \
+       $(OUTPRE)aes.$(OBJEXT)  \
+       $(OUTPRE)camellia.$(OBJEXT)     \
+       $(OUTPRE)rc4.$(OBJEXT)
+
+SRCS= \
+       $(srcdir)/enc_gen.c     \
+       $(srcdir)/des.c         \
+       $(srcdir)/des3.c        \
+       $(srcdir)/aes.c         \
+       $(srcdir)/camellia.c    \
+       $(srcdir)/rc4.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/enc_provider/aes.c b/src/lib/crypto/nss/enc_provider/aes.c
new file mode 100644 (file)
index 0000000..77b796a
--- /dev/null
@@ -0,0 +1,105 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/aes.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "enc_provider.h"
+#include "rand2key.h"
+#include "aead.h"
+#include "nss_gen.h"
+
+
+krb5_error_code
+krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
+                    krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_AES_CBC, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_cts_iov(key, CKM_AES_CBC, CKA_ENCRYPT,
+                              ivec, data, num_data);
+}
+
+krb5_error_code
+krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec,
+                    krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_AES_CBC, CKA_DECRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_cts_iov(key, CKM_AES_CBC, CKA_DECRYPT,
+                              ivec, data, num_data);
+}
+
+/*
+ * perhaps we should store the NSS context in the krb5_data state here?
+ */
+static krb5_error_code
+aes_init_state(const krb5_keyblock *key, krb5_keyusage usage,
+               krb5_data *state)
+{
+    state->length = 16;
+    state->data = (void *) malloc(16);
+    if (state->data == NULL)
+        return ENOMEM;
+    memset(state->data, 0, state->length);
+    return 0;
+}
+
+const struct krb5_enc_provider krb5int_enc_aes128 = {
+    16,
+    16, 16,
+    krb5int_aes_encrypt,
+    krb5int_aes_decrypt,
+    NULL,
+    krb5int_aes_make_key,
+    aes_init_state,
+    krb5int_default_free_state,
+};
+
+const struct krb5_enc_provider krb5int_enc_aes256 = {
+    16,
+    32, 32,
+    krb5int_aes_encrypt,
+    krb5int_aes_decrypt,
+    NULL,
+    krb5int_aes_make_key,
+    aes_init_state,
+    krb5int_default_free_state,
+    k5_nss_gen_cleanup
+};
diff --git a/src/lib/crypto/nss/enc_provider/camellia.c b/src/lib/crypto/nss/enc_provider/camellia.c
new file mode 100644 (file)
index 0000000..7903208
--- /dev/null
@@ -0,0 +1,126 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/camellia.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "enc_provider.h"
+#include "rand2key.h"
+#include "aead.h"
+#include "nss_gen.h"
+
+#ifdef CAMELLIA_CCM
+
+/* XXX These won't work yet (they're just the AES functions, which aren't right
+ * for CTR mode).  Will fix later. */
+
+krb5_error_code
+krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec,
+                        krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT,
+                              ivec, data, num_data);
+}
+
+krb5_error_code
+krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec,
+                        krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_DECRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_DECRYPT,
+                              ivec, data, num_data);
+}
+
+/*
+ * perhaps we should store the NSS context in the krb5_data state here?
+ */
+static krb5_error_code
+camellia_init_state(const krb5_keyblock *key, krb5_keyusage usage,
+               krb5_data *state)
+{
+    state->length = 16;
+    state->data = (void *) malloc(16);
+    if (state->data == NULL)
+        return ENOMEM;
+    memset(state->data, 0, state->length);
+    return 0;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128 = {
+    16,
+    16, 16,
+    krb5int_camellia_encrypt,
+    krb5int_camellia_decrypt,
+    krb5int_camellia_cbc_mac,
+    krb5int_camellia_make_key,
+    camellia_init_state,
+    krb5int_default_free_state,
+};
+
+const struct krb5_enc_provider krb5int_enc_camellia256 = {
+    16,
+    32, 32,
+    krb5int_camellia_encrypt,
+    krb5int_camellia_decrypt,
+    krb5int_camellia_cbc_mac,
+    krb5int_camellia_make_key,
+    camellia_init_state,
+    krb5int_default_free_state,
+    k5_nss_gen_cleanup
+};
+
+#else /* CAMELLIA_CCM */
+
+/* These won't be used, but are still in the export table. */
+
+krb5_error_code
+krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+                         size_t num_data, const krb5_data *iv,
+                        krb5_data *output)
+{
+    return EINVAL;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
+};
+
+#endif
diff --git a/src/lib/crypto/nss/enc_provider/deps b/src/lib/crypto/nss/enc_provider/deps
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/src/lib/crypto/nss/enc_provider/des.c b/src/lib/crypto/nss/enc_provider/des.c
new file mode 100644 (file)
index 0000000..1f28d39
--- /dev/null
@@ -0,0 +1,81 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/des.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "nss_gen.h"
+#include <aead.h>
+#include <rand2key.h>
+#include "des_int.h"
+
+
+static krb5_error_code
+k5_des_encrypt_iov(krb5_key key, const krb5_data *ivec,
+                   krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_DES_CBC, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_block_iov(key, CKM_DES_CBC, CKA_ENCRYPT,
+                                ivec, data, num_data);
+}
+
+static krb5_error_code
+k5_des_decrypt_iov(krb5_key key,
+           const krb5_data *ivec,
+           krb5_crypto_iov *data,
+           size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_DES_CBC, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_block_iov(key, CKM_DES_CBC, CKA_DECRYPT,
+                                ivec, data, num_data);
+}
+
+const struct krb5_enc_provider krb5int_enc_des = {
+    8,
+    7, KRB5_MIT_DES_KEYSIZE,
+    k5_des_encrypt_iov,
+    k5_des_decrypt_iov,
+    NULL,
+    krb5int_des_make_key,
+    krb5int_des_init_state,
+    krb5int_default_free_state,
+    k5_nss_gen_cleanup
+};
diff --git a/src/lib/crypto/nss/enc_provider/des3.c b/src/lib/crypto/nss/enc_provider/des3.c
new file mode 100644 (file)
index 0000000..2d86c9b
--- /dev/null
@@ -0,0 +1,79 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/des3.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "nss_gen.h"
+#include <aead.h>
+#include <rand2key.h>
+#include "des_int.h"
+
+
+static krb5_error_code
+k5_des3_encrypt_iov(krb5_key key, const krb5_data *ivec,
+                    krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_DES3_CBC, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_block_iov(key, CKM_DES3_CBC, CKA_ENCRYPT,
+                                ivec, data, num_data);
+}
+
+static krb5_error_code
+k5_des3_decrypt_iov(krb5_key key, const krb5_data *ivec,
+                    krb5_crypto_iov *data, size_t num_data)
+{
+   krb5_error_code ret;
+
+   ret = k5_nss_gen_import(key, CKM_DES3_CBC, CKA_ENCRYPT);
+   if (ret != 0)
+       return ret;
+   return k5_nss_gen_block_iov(key, CKM_DES3_CBC, CKA_DECRYPT,
+                               ivec, data, num_data);
+}
+
+const struct krb5_enc_provider krb5int_enc_des3 = {
+    8,
+    21, KRB5_MIT_DES3_KEYSIZE,
+    k5_des3_encrypt_iov,
+    k5_des3_decrypt_iov,
+    NULL,
+    krb5int_des3_make_key,
+    krb5int_des_init_state,
+    krb5int_default_free_state,
+    k5_nss_gen_cleanup
+};
diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c
new file mode 100644 (file)
index 0000000..3edf3fc
--- /dev/null
@@ -0,0 +1,697 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/enc_gen.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "nss_gen.h"
+#include "enc_provider.h"
+#include "rand2key.h"
+#include "aead.h"
+#include "seccomon.h"
+#include "pk11pub.h"
+#include "nss.h"
+
+/* 512 bits is bigger than anything defined to date */
+#define MAX_KEY_LENGTH 64
+#define MAX_BLOCK_SIZE 64
+
+static NSSInitContext *k5_nss_ctx = NULL;
+static pid_t k5_nss_pid = 0;
+static k5_mutex_t k5_nss_lock = K5_MUTEX_PARTIAL_INITIALIZER;
+
+struct stream_state {
+    struct stream_state *loopback;  /* To detect copying */
+    pid_t pid;                      /* To detect use across fork */
+    PK11Context *ctx;
+};
+
+struct cached_key {
+    pid_t pid;                  /* To detect use across fork */
+    PK11SymKey *symkey;
+};
+
+krb5_error_code
+k5_nss_map_error(int nss_error)
+{
+    /* Currently KRB5 does not define a full set of CRYPTO failures.
+     * for now just use KRB5_CRYPTO_INTERNAL.  We really should return
+     * errors for Not logged in, and maybe a few others. */
+    return KRB5_CRYPTO_INTERNAL;
+}
+
+krb5_error_code
+k5_nss_map_last_error(void)
+{
+    return k5_nss_map_error(PORT_GetError());
+}
+
+int
+krb5int_crypto_impl_init(void)
+{
+    return k5_mutex_finish_init(&k5_nss_lock);
+}
+
+void
+krb5int_crypto_impl_cleanup(void)
+{
+    k5_mutex_destroy(&k5_nss_lock);
+}
+
+/*
+ * krb5 doesn't have a call into the crypto engine to initialize it, so we do
+ * it here.  This code will try to piggyback on any application initialization
+ * done to NSS.  Otherwise get our one library init context.
+ */
+#define NSS_KRB5_CONFIGDIR "sql:/etc/pki/nssdb"
+krb5_error_code
+k5_nss_init(void)
+{
+    PRUint32 flags = NSS_INIT_READONLY | NSS_INIT_NOROOTINIT;
+    krb5_error_code ret;
+    SECStatus rv;
+    pid_t pid;
+
+    ret = k5_mutex_lock(&k5_nss_lock);
+    if (ret)
+        return ret;
+
+    pid = getpid();
+    if (k5_nss_ctx != NULL) {
+        /* Do nothing if the existing context is still good. */
+        if (k5_nss_pid == pid)
+            goto cleanup;
+
+        /* We've forked since the last init, and need to reinitialize. */
+        rv = NSS_ShutdownContext(k5_nss_ctx);
+        k5_nss_ctx = NULL;
+        if (rv != SECSuccess) {
+            ret = k5_nss_map_last_error();
+            goto cleanup;
+        }
+    }
+    k5_nss_ctx = NSS_InitContext(NSS_KRB5_CONFIGDIR, "", "", "", NULL, flags);
+    if (k5_nss_ctx == NULL) {
+        /* There may be no system database; try again without it. */
+        flags |= NSS_INIT_NOMODDB | NSS_INIT_NOCERTDB;
+        k5_nss_ctx = NSS_InitContext(NULL, "", "", "", NULL, flags);
+        if (k5_nss_ctx == NULL) {
+            ret = k5_nss_map_last_error();
+            goto cleanup;
+        }
+    }
+    k5_nss_pid = pid;
+
+cleanup:
+    k5_mutex_unlock(&k5_nss_lock);
+    return ret;
+}
+
+PK11Context *
+k5_nss_create_context(krb5_key krb_key, CK_MECHANISM_TYPE mechanism,
+                      CK_ATTRIBUTE_TYPE operation, SECItem *param)
+{
+    struct cached_key *ckey = krb_key->cache;
+
+    return PK11_CreateContextBySymKey(mechanism, operation, ckey->symkey,
+                                      param);
+}
+
+static void inline
+xor(unsigned char *x, unsigned char *y, int size)
+{
+    int i;
+
+#define ALIGNED(x,type) (!(((size_t)(x))&(sizeof(type)-1)))
+    if (ALIGNED(x,unsigned long) && ALIGNED(y, unsigned long)
+        && ALIGNED(size, unsigned long)) {
+        unsigned long *ux = (unsigned long *)x;
+        unsigned long *uy = (unsigned long *)y;
+        for (i=0; i < (int)(size/sizeof(unsigned long)); i++) {
+            *ux++ ^= *uy++;
+        }
+        return;
+    }
+    for (i=0; i < size; i++) {
+        *x++ ^= *y++;
+    }
+}
+
+krb5_error_code
+k5_nss_gen_block_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
+                     CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec,
+                     krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret = 0;
+    PK11Context *ctx = NULL;
+    SECStatus rv;
+    SECItem *param = NULL;
+    struct iov_block_state input_pos, output_pos;
+    unsigned char storage[MAX_BLOCK_SIZE];
+    unsigned char iv0[MAX_BLOCK_SIZE];
+    unsigned char *ptr = NULL,*lastptr = NULL;
+    SECItem iv;
+    size_t blocksize;
+    int length = 0;
+    int lastblock = -1;
+    int currentblock;
+
+    IOV_BLOCK_STATE_INIT(&input_pos);
+    IOV_BLOCK_STATE_INIT(&output_pos);
+
+    blocksize = PK11_GetBlockSize(mech, NULL);
+    assert(blocksize <= sizeof(storage));
+
+    if (ivec && ivec->data) {
+        iv.data = (unsigned char *)ivec->data;
+        iv.len = ivec->length;
+        if (operation == CKA_DECRYPT) {
+            int i, inputlength;
+
+            /* Count the blocks so we know which block is last. */
+            for (i = 0, inputlength = 0; i < (int)num_data; i++) {
+                krb5_crypto_iov *iov = &data[i];
+
+                if (ENCRYPT_IOV(iov))
+                    inputlength += iov->data.length;
+            }
+            lastblock = (inputlength/blocksize) -1;
+        }
+    } else {
+        memset(iv0, 0, sizeof(iv0));
+        iv.data = iv0;
+        iv.len = blocksize;
+    }
+    param = PK11_ParamFromIV(mech, &iv);
+
+    ctx = k5_nss_create_context(krb_key, mech, operation, param);
+    if (ctx == NULL) {
+        ret = k5_nss_map_last_error();
+        goto done;
+    }
+
+    for (currentblock = 0;;currentblock++) {
+        if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data,
+                                            &input_pos, &ptr))
+            break;
+
+        lastptr = NULL;
+
+        /* only set if we are decrypting */
+        if (lastblock == currentblock)
+            memcpy(ivec->data, ptr, blocksize);
+
+        rv = PK11_CipherOp(ctx, ptr, &length, blocksize, ptr, blocksize);
+        if (rv != SECSuccess) {
+            ret = k5_nss_map_last_error();
+            break;
+        }
+
+        lastptr = ptr;
+        krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize,
+                                       &output_pos, ptr);
+    }
+
+    if (lastptr && ivec && ivec->data && operation == CKA_ENCRYPT) {
+        memcpy(ivec->data, lastptr, blocksize);
+    }
+done:
+    if (ctx) {
+        PK11_Finalize(ctx);
+        PK11_DestroyContext(ctx, PR_TRUE);
+    }
+    if (param)
+        SECITEM_FreeItem(param, PR_TRUE);
+    return ret;
+}
+
+krb5_error_code
+k5_nss_stream_init_state(krb5_data *new_state)
+{
+    struct stream_state *sstate;
+
+    /* Create a state structure with an uninitialized context. */
+    sstate = calloc(1, sizeof(*sstate));
+    if (sstate == NULL)
+        return ENOMEM;
+    sstate->loopback = NULL;
+    new_state->data = (char *) sstate;
+    new_state->length = sizeof(*sstate);
+    return 0;
+}
+
+krb5_error_code
+k5_nss_stream_free_state(krb5_data *state)
+{
+    struct stream_state *sstate = (struct stream_state *) state->data;
+
+    /* Clean up the OpenSSL context if it was initialized. */
+    if (sstate && sstate->loopback == sstate) {
+        PK11_Finalize(sstate->ctx);
+        PK11_DestroyContext(sstate->ctx, PR_TRUE);
+    }
+    free(sstate);
+    return 0;
+}
+
+krb5_error_code
+k5_nss_gen_stream_iov(krb5_key krb_key, krb5_data *state,
+                      CK_MECHANISM_TYPE mech, CK_ATTRIBUTE_TYPE operation,
+                      krb5_crypto_iov *data, size_t num_data)
+{
+    int ret = 0;
+    PK11Context *ctx = NULL;
+    SECStatus rv;
+    SECItem  param;
+    krb5_crypto_iov *iov;
+    struct stream_state *sstate = NULL;
+    int i;
+
+    param.data = NULL;
+    param.len = 0;
+
+    sstate = (state == NULL) ? NULL : (struct stream_state *) state->data;
+    if (sstate == NULL || sstate->loopback == NULL) {
+        ctx = k5_nss_create_context(krb_key, mech, operation, &param);
+        if (ctx == NULL) {
+            ret = k5_nss_map_last_error();
+            goto done;
+        }
+        if (sstate) {
+            sstate->loopback = sstate;
+            sstate->pid = getpid();
+            sstate->ctx = ctx;
+        }
+    } else {
+        /* Cipher state can't be copied or used across a fork. */
+        if (sstate->loopback != sstate || sstate->pid != getpid())
+            return EINVAL;
+        ctx = sstate->ctx;
+    }
+
+    for (i=0; i < (int)num_data; i++) {
+        int return_length;
+        iov = &data[i];
+        if (iov->data.length <= 0)
+            break;
+
+        if (ENCRYPT_IOV(iov)) {
+            rv = PK11_CipherOp(ctx, (unsigned char *)iov->data.data,
+                               &return_length, iov->data.length,
+                               (unsigned char *)iov->data.data,
+                               iov->data.length);
+            if (rv != SECSuccess) {
+                ret = k5_nss_map_last_error();
+                goto done;
+            }
+            iov->data.length = return_length;
+        }
+    }
+done:
+    if (!state && ctx) {
+        PK11_Finalize(ctx);
+        PK11_DestroyContext(ctx, PR_TRUE);
+    }
+    return ret;
+}
+
+krb5_error_code
+k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
+                   CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec,
+                   krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret = 0;
+    PK11Context *ctx = NULL;
+    SECStatus rv;
+    SECItem *param = NULL;
+    struct iov_block_state input_pos, output_pos;
+    unsigned char storage[MAX_BLOCK_SIZE];
+    unsigned char recover1[MAX_BLOCK_SIZE];
+    unsigned char recover2[MAX_BLOCK_SIZE];
+    unsigned char block1[MAX_BLOCK_SIZE];
+    unsigned char block2[MAX_BLOCK_SIZE];
+    unsigned char iv0[MAX_BLOCK_SIZE];
+    unsigned char *ptr = NULL;
+    SECItem iv;
+    size_t blocksize;
+    size_t bulk_length, remainder;
+    size_t input_length, lastblock;
+    size_t length;
+    int i, len;
+
+    IOV_BLOCK_STATE_INIT(&input_pos);
+    IOV_BLOCK_STATE_INIT(&output_pos);
+
+    blocksize = PK11_GetBlockSize(mech, NULL);
+    assert(blocksize <= sizeof(storage));
+
+    if (ivec) {
+        iv.data = (unsigned char *)ivec->data;
+        iv.len = ivec->length;
+    } else {
+        memset(iv0, 0, sizeof(iv0));
+        iv.data = iv0;
+        iv.len = blocksize;
+    }
+    param = PK11_ParamFromIV(mech, &iv);
+
+    for (i = 0, input_length = 0; i < (int)num_data; i++) {
+        krb5_crypto_iov *iov = &data[i];
+
+        if (ENCRYPT_IOV(iov))
+            input_length += iov->data.length;
+    }
+    /* Must be at least a block or we fail. */
+    if (input_length < blocksize) {
+        ret = EINVAL;
+        goto done;
+    }
+
+    bulk_length = (input_length / blocksize)*blocksize;
+    remainder = input_length - bulk_length;
+    /* Do the block swap even if the input data is aligned, only
+     * drop it if we are encrypting exactly one block. */
+    if (remainder == 0 && bulk_length != blocksize) {
+        remainder = blocksize;
+        bulk_length -= blocksize;
+    }
+
+    ctx = k5_nss_create_context(krb_key, mech, operation, param);
+    if (ctx == NULL) {
+        ret = k5_nss_map_last_error();
+        goto done;
+    }
+
+    /* Now we bulk encrypt each block in the loop.  We need to know where to
+     * stop to do special processing.  For single block operations we stop at
+     * the end.  For all others we stop and the last second to last block
+     * (counting partial blocks).  For decrypt operations we need to save cn-2
+     * so we stop at the third to last block if it exists, otherwise cn-2 = the
+     * iv. */
+    lastblock = bulk_length;
+    if (remainder) {
+        /* We need to process the last full block and last partitial block
+         * differently. */
+        lastblock = bulk_length - blocksize;
+        if (operation == CKA_DECRYPT) {
+            if (bulk_length > blocksize) {
+                /* Stop at cn-2 so we can save it before going on. */
+                lastblock = bulk_length - 2*blocksize;
+            } else {
+                /* iv is cn-2, save it now, cn - 2. */
+                memcpy(recover1, iv.data, blocksize);
+                memcpy(recover2, iv.data, blocksize);
+            }
+        }
+    }
+    for (length = 0; length < lastblock; length += blocksize) {
+        if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data,
+                                            &input_pos, &ptr))
+            break;
+
+        rv = PK11_CipherOp(ctx, ptr, &len, blocksize, ptr, blocksize);
+        if (rv != SECSuccess) {
+            ret = k5_nss_map_last_error();
+            break;
+        }
+
+        krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize,
+                                       &output_pos, ptr);
+    }
+    if (remainder) {
+        if (operation == CKA_DECRYPT) {
+            if (bulk_length > blocksize) {
+                /* we need to save cn-2 */
+                if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data,
+                                                    num_data, &input_pos,
+                                                    &ptr))
+                    goto done; /* shouldn't happen */
+
+                /* save cn-2 */
+                memcpy(recover1, ptr, blocksize);
+                memcpy(recover2, ptr, blocksize);
+
+                /* now process it as normal */
+                rv = PK11_CipherOp(ctx, ptr, &len, blocksize, ptr, blocksize);
+                if (rv != SECSuccess) {
+                    ret = k5_nss_map_last_error();
+                    goto done;
+                }
+
+                krb5int_c_iov_put_block_nocopy(data, num_data, storage,
+                                               blocksize, &output_pos, ptr);
+            }
+        }
+        /* fetch the last 2 blocks */
+        memset(block1, 0, blocksize); /* last block, could be partial */
+        krb5int_c_iov_get_block(block2, blocksize, data, num_data, &input_pos);
+        krb5int_c_iov_get_block(block1, remainder, data, num_data, &input_pos);
+        if (operation == CKA_DECRYPT) {
+            /* recover1 and recover2 are xor values to recover the true
+             * underlying data of the last 2 decrypts. This keeps us from
+             * having to try to reset our IV to do the final decryption. */
+            /* Currently: block1 is cn || 0, block2 is cn-1.
+             * recover1 & recover2 is set to cn-2. */
+            /* recover2 recovers pn || c' from p'n-1. The raw decrypted block
+             * will be p'n-1 xor with cn-2 while pn || c' = p'n-1 xor cn || 0.
+             * recover2 is cn-2 xor cn || 0, so we can simple xor recover1
+             * with the raw decrypted block. */
+            /* recover1 recovers pn-1 from the raw decryption of cn || c'.
+             * the raw decrypt of cn || c' = p'n xor cn-1 while
+             * pn-1 = p'n xor cn-2
+             * recover1 is cn-2 xor cn-1, so we can simple xor recover 2 with
+             * the raw decrypt of cn||c' to get pn-1. */
+            xor(recover1, block2, blocksize);
+            xor(recover2, block1, blocksize);
+            if (ivec && ivec->data)
+                memcpy(ivec->data, block2, blocksize);
+        }
+        rv = PK11_CipherOp(ctx, block2, &len, blocksize, block2, blocksize);
+        if (rv != SECSuccess) {
+            ret = k5_nss_map_last_error();
+            goto done;
+        }
+        if (operation == CKA_DECRYPT) {
+            /* block2 now has p'n-1 xor cn-2. */
+            xor(block2, recover2, blocksize);
+            /* block 2 now has pn || c'. */
+            /* copy c' into cn || c'. */
+            memcpy(block1 + remainder, block2 + remainder,
+                   blocksize - remainder);
+        }
+        rv = PK11_CipherOp(ctx, block1, &len, blocksize, block1, blocksize);
+        if (rv != SECSuccess) {
+            ret = k5_nss_map_last_error();
+            goto done;
+        }
+        if (operation == CKA_DECRYPT) {
+            /* block1 now has p'n xor cn-1 */
+            xor(block1, recover1, blocksize);
+           /* block 1 now has pn-1 */
+        } else {
+            if (ivec && ivec->data) {
+                memcpy(ivec->data, block1, blocksize);
+            }
+        }
+        krb5int_c_iov_put_block(data,num_data, block1, blocksize, &output_pos);
+        krb5int_c_iov_put_block(data,num_data, block2, remainder, &output_pos);
+    }
+
+done:
+    if (ctx) {
+        PK11_Finalize(ctx);
+        PK11_DestroyContext(ctx, PR_TRUE);
+    }
+    if (param)
+        SECITEM_FreeItem(param, PR_TRUE);
+    return ret;
+}
+
+void
+k5_nss_gen_cleanup(krb5_key krb_key)
+{
+    struct cached_key *ckey = krb_key->cache;
+
+    if (ckey) {
+        PK11_FreeSymKey(ckey->symkey);
+        free(ckey);
+        krb_key->cache = NULL;
+    }
+}
+
+krb5_error_code
+k5_nss_gen_import(krb5_key krb_key, CK_MECHANISM_TYPE mech,
+                  CK_ATTRIBUTE_TYPE operation)
+{
+    krb5_error_code ret = 0;
+    pid_t pid = getpid();
+    struct cached_key *ckey = krb_key->cache;
+    PK11SymKey *symkey;
+    PK11SlotInfo *slot = NULL;
+    SECItem raw_key;
+#ifdef FAKE_FIPS
+    PK11SymKey *wrapping_key = NULL;
+    PK11Context *ctx = NULL;
+    SECItem wrapped_key;
+    SECItem params;
+    unsigned char wrapped_key_data[MAX_KEY_LENGTH];
+    unsigned char padded_key_data[MAX_KEY_LENGTH];
+    int wrapping_index, series, blocksize;
+    int keyLength;
+    CK_MECHANISM_TYPE mechanism;
+    SECStatus rv;
+#endif
+
+    if (ckey && ckey->pid == pid)
+        return 0;
+
+    ret = k5_nss_init();
+    if (ret)
+        return ret;
+
+    if (ckey) {
+        /* Discard the no-longer-valid symkey and steal its container. */
+        PK11_FreeSymKey(ckey->symkey);
+        ckey->symkey = NULL;
+        krb_key->cache = NULL;
+    } else {
+        /* Allocate a new container. */
+        ckey = k5alloc(sizeof(*ckey), &ret);
+        if (ckey == NULL)
+            return ret;
+    }
+
+    slot = PK11_GetBestSlot(mech, NULL);
+    if (slot == NULL) {
+        ret = k5_nss_map_last_error();
+        goto done;
+    }
+    raw_key.data = krb_key->keyblock.contents;
+    raw_key.len = krb_key->keyblock.length;
+
+#ifdef FAKE_FIPS
+    /* First, fetch a wrapping key. */
+    wrapping_index = PK11_GetCurrentWrapIndex(slot);
+    series = PK11_GetSlotSeries(slot);
+    wrapping_key = PK11_GetWrapKey(slot, wrapping_index,
+                                   CKM_INVALID_MECHANISM, series, NULL);
+    if (wrapping_key == NULL) {
+        /* One doesn't exist, create one. */
+        mechanism = PK11_GetBestWrapMechanism(slot);
+        keyLength = PK11_GetBestKeyLength(slot, mechanism);
+        wrapping_key = PK11_TokenKeyGenWithFlags(slot, mechanism, NULL,
+                                                 keyLength, NULL,
+                                                 CKF_UNWRAP | CKF_ENCRYPT, 0,
+                                                 NULL);
+        if (!wrapping_key) {
+            ret = k5_nss_map_last_error();
+            goto done;
+        }
+        PK11_SetWrapKey(slot, wrapping_index, wrapping_key);
+    }
+
+    /* Now encrypt the data with the wrapping key. */
+    mechanism = PK11_GetMechanism(wrapping_key);
+    params.data = NULL;
+    params.len = 0;
+    ctx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT,
+                                     wrapping_key, &params);
+    if (ctx == NULL) {
+        ret = k5_nss_map_last_error();
+        goto done;
+    }
+
+    wrapped_key.data = wrapped_key_data;
+    wrapped_key.len = sizeof(wrapped_key_data);
+    blocksize = PK11_GetBlockSize(mechanism, NULL);
+    keyLength = raw_key.len;
+
+    /*
+     * ECB modes need keys in integral multiples of the block size.
+     * if the key isn't and integral multiple, pad it with zero. Unwrap
+     * will use the length parameter to appropriately set the key.
+     */
+    if ((raw_key.len % blocksize) != 0) {
+        int keyblocks = (raw_key.len + (blocksize - 1)) / blocksize;
+        keyLength = keyblocks * blocksize;
+        assert(keyLength <= sizeof(padded_key_data));
+        memset(padded_key_data, 0, keyLength);
+        memcpy(padded_key_data, raw_key.data, raw_key.len);
+        raw_key.data = padded_key_data;
+    }
+    rv = PK11_CipherOp(ctx, wrapped_key.data, (int *)&wrapped_key.len,
+                       sizeof(wrapped_key_data), raw_key.data, keyLength);
+    if (keyLength != raw_key.len) {
+        /* Clear our copy of the key bits. */
+        memset(padded_key_data, 0, keyLength);
+    }
+    if (rv != SECSuccess) {
+        ret = k5_nss_map_last_error();
+        goto done;
+    }
+    PK11_Finalize(ctx);
+    PK11_DestroyContext(ctx, PR_TRUE);
+    ctx = NULL;
+
+    /* Now now we have a 'wrapped' version of the, we can import it into
+     * the token without running afoul with FIPS. */
+    symkey = PK11_UnwrapSymKey(wrapping_key, mechanism, &params, &wrapped_key,
+                               mech, operation, raw_key.len);
+#else
+    symkey = PK11_ImportSymKey(slot, mech, PK11_OriginGenerated, operation,
+                               &raw_key, NULL);
+#endif
+    if (symkey == NULL) {
+        ret = k5_nss_map_last_error();
+        goto done;
+    }
+    ckey->pid = pid;
+    ckey->symkey = symkey;
+    krb_key->cache = ckey;
+    ckey = NULL;
+
+done:
+    free(ckey);
+    if (slot)
+        PK11_FreeSlot(slot);
+#ifdef FAKE_FIPS
+    if (ctx) {
+        PK11_Finalize(ctx);
+        PK11_DestroyContext(ctx, PR_TRUE);
+    }
+    if (wrapping_key)
+        PK11_FreeSymKey(wrapping_key);
+#endif
+
+    return ret;
+}
diff --git a/src/lib/crypto/nss/enc_provider/enc_provider.h b/src/lib/crypto/nss/enc_provider/enc_provider.h
new file mode 100644 (file)
index 0000000..8144b65
--- /dev/null
@@ -0,0 +1,36 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+
+extern const struct krb5_enc_provider krb5int_enc_des;
+extern const struct krb5_enc_provider krb5int_enc_des3;
+extern const struct krb5_enc_provider krb5int_enc_arcfour;
+extern const struct krb5_enc_provider krb5int_enc_aes128;
+extern const struct krb5_enc_provider krb5int_enc_aes256;
+extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
+extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
diff --git a/src/lib/crypto/nss/enc_provider/rc4.c b/src/lib/crypto/nss/enc_provider/rc4.c
new file mode 100644 (file)
index 0000000..8372c04
--- /dev/null
@@ -0,0 +1,102 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/rc4.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include <aead.h>
+#include <rand2key.h>
+#include "nss_gen.h"
+
+#define RC4_KEY_SIZE 16
+#define RC4_BLOCK_SIZE 1
+
+/* In-place IOV crypto */
+static krb5_error_code
+k5_arcfour_encrypt_iov(krb5_key key, const krb5_data *state,
+                       krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_RC4, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_stream_iov(key, state, CKM_RC4, CKA_ENCRYPT,
+                                 data, num_data);
+}
+
+/* In-place IOV crypto */
+static krb5_error_code
+k5_arcfour_decrypt_iov(krb5_key key, const krb5_data *state,
+                       krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_RC4, CKA_DECRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_stream_iov(key, state, CKM_RC4, CKA_DECRYPT,
+                                 data, num_data);
+}
+
+static krb5_error_code
+k5_arcfour_free_state(krb5_data *state)
+{
+    return k5_nss_stream_free_state(state);
+}
+
+static krb5_error_code
+k5_arcfour_init_state(const krb5_keyblock *key,
+                      krb5_keyusage keyusage, krb5_data *new_state)
+{
+    /* key can't quite be used here.  See comment in k5_arcfour_init_state. */
+    return k5_nss_stream_init_state(new_state);
+}
+
+const struct krb5_enc_provider krb5int_enc_arcfour = {
+    /* This seems to work... although I am not sure what the
+       implications are in other places in the kerberos library. */
+    RC4_BLOCK_SIZE,
+    /* Keysize is arbitrary in arcfour, but the constraints of the
+       system, and to attempt to work with the MSFT system forces us
+       to 16byte/128bit.  Since there is no parity in the key, the
+       byte and length are the same.  */
+    RC4_KEY_SIZE, RC4_KEY_SIZE,
+    k5_arcfour_encrypt_iov,
+    k5_arcfour_decrypt_iov,
+    NULL,
+    krb5int_arcfour_make_key,
+    k5_arcfour_init_state,
+    k5_arcfour_free_state,
+    k5_nss_gen_cleanup
+};
diff --git a/src/lib/crypto/nss/hash_provider/Makefile.in b/src/lib/crypto/nss/hash_provider/Makefile.in
new file mode 100644 (file)
index 0000000..2530559
--- /dev/null
@@ -0,0 +1,46 @@
+mydir=lib/crypto/nss/hash_provider
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \
+       -I$(srcdir)/.. -I$(srcdir)/../../krb \
+       @CRYPTO_IMPL_CFLAGS@
+
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=hash_provider
+##DOS##OBJFILE=..\$(OUTPRE)hash_pro.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS= \
+       hash_gen.o      \
+       hash_crc32.o    \
+       hash_md4.o      \
+       hash_md5.o      \
+       hash_sha1.o
+
+OBJS=  $(OUTPRE)hash_gen.$(OBJEXT)     \
+       $(OUTPRE)hash_crc32.$(OBJEXT)   \
+       $(OUTPRE)hash_md4.$(OBJEXT)     \
+       $(OUTPRE)hash_md5.$(OBJEXT)     \
+       $(OUTPRE)hash_sha1.$(OBJEXT)
+
+SRCS=  $(srcdir)/hash_gen.c    \
+       $(srcdir)/hash_crc32.c  \
+       $(srcdir)/hash_md4.c    \
+       $(srcdir)/hash_md5.c    \
+       $(srcdir)/hash_sha1.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/hash_provider/deps b/src/lib/crypto/nss/hash_provider/deps
new file mode 100644 (file)
index 0000000..86f018d
--- /dev/null
@@ -0,0 +1,52 @@
+# 
+# Generated makefile dependencies follow.
+#
+hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/hash_crc32.c \
+  $(srcdir)/hash_provider.h \
+  $(srcdir)/../../krb/crc32/crc-32.h
+hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/hash_md4.c $(srcdir)/hash_provider.h \
+  $(srcdir)/../md4/rsa-md4.h
+hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/hash_md5.c $(srcdir)/hash_provider.h \
+  $(srcdir)/../md5/rsa-md5.h
+hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  $(srcdir)/hash_provider.h \
+  $(srcdir)/hash_sha1.c $(srcdir)/../sha1/shs.h
diff --git a/src/lib/crypto/nss/hash_provider/hash_crc32.c b/src/lib/crypto/nss/hash_provider/hash_crc32.c
new file mode 100644 (file)
index 0000000..3a2f94a
--- /dev/null
@@ -0,0 +1,59 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "crc-32.h"
+#include "hash_provider.h"
+#include "aead.h"
+
+static krb5_error_code
+k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    unsigned long c;
+    unsigned int i;
+
+    if (output->length != CRC32_CKSUM_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
+
+    c = 0;
+    for (i=0; i < num_data; i++) {
+        const krb5_crypto_iov *iov = &data[i];
+
+        if (SIGN_IOV(iov))
+            mit_crc32(iov->data.data, iov->data.length, &c);
+    }
+
+    store_32_le(c, output->data);
+    return 0;
+}
+
+const struct krb5_hash_provider krb5int_hash_crc32 = {
+    "CRC32",
+    CRC32_CKSUM_LENGTH,
+    1,
+    k5_crc32_hash
+};
diff --git a/src/lib/crypto/nss/hash_provider/hash_gen.c b/src/lib/crypto/nss/hash_provider/hash_gen.c
new file mode 100644 (file)
index 0000000..7cc82f4
--- /dev/null
@@ -0,0 +1,76 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/hash_provider/hash_gen.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "sechash.h"
+#include "nss_gen.h"
+#include "aead.h"
+
+krb5_error_code
+k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data,
+                size_t num_data, krb5_data *output)
+{
+    unsigned int i;
+    HASHContext *ctx;
+    krb5_error_code ret;
+
+    ret = k5_nss_init();
+    if (ret)
+        return ret;
+
+    if (output->length != HASH_ResultLen(hashType))
+        return KRB5_CRYPTO_INTERNAL;
+
+    ctx = HASH_Create(hashType);
+    if (!ctx)
+        return ENOMEM;
+
+    HASH_Begin(ctx);
+    for (i=0; i < num_data; i++) {
+        const krb5_crypto_iov *iov = &data[i];
+
+        if (iov->data.length && SIGN_IOV(iov)) {
+            HASH_Update(ctx, (unsigned char *) iov->data.data,
+                        iov->data.length);
+        }
+    }
+
+    HASH_End(ctx, (unsigned char *)output->data,
+             &output->length, output->length);
+    HASH_Destroy(ctx);
+
+    return 0;
+}
+
diff --git a/src/lib/crypto/nss/hash_provider/hash_gen.h b/src/lib/crypto/nss/hash_provider/hash_gen.h
new file mode 100644 (file)
index 0000000..1658e74
--- /dev/null
@@ -0,0 +1,40 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/hash_provider/hash_gen.h
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "sechash.h"
+#include "k5-int.h"
+
+krb5_error_code k5_nss_gen_hash(HASH_HashType hashType, unsigned int icount,
+                                const krb5_data *input, krb5_data *output);
diff --git a/src/lib/crypto/nss/hash_provider/hash_md4.c b/src/lib/crypto/nss/hash_provider/hash_md4.c
new file mode 100644 (file)
index 0000000..91482f7
--- /dev/null
@@ -0,0 +1,63 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * Copyright (C) 2010 Red Hat, Inc.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "hash_provider.h"
+#include "rsa-md4.h"
+#include "aead.h"
+
+static krb5_error_code
+k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    krb5_MD4_CTX ctx;
+    unsigned long i;
+
+    if (output->length != RSA_MD4_CKSUM_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
+
+    krb5int_MD4Init(&ctx);
+    for (i=0; i < num_data; i++) {
+        const krb5_crypto_iov *iov = &data[i];
+
+        if (SIGN_IOV(iov)) {
+            krb5int_MD4Update(&ctx, (unsigned char *)iov->data.data,
+                              iov->data.length);
+        }
+    }
+    krb5int_MD4Final(&ctx);
+
+    memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH);
+
+    return 0;
+}
+
+const struct krb5_hash_provider krb5int_hash_md4 = {
+    "MD4",
+    RSA_MD4_CKSUM_LENGTH,
+    64,
+    k5_md4_hash
+};
diff --git a/src/lib/crypto/nss/hash_provider/hash_md5.c b/src/lib/crypto/nss/hash_provider/hash_md5.c
new file mode 100644 (file)
index 0000000..65ea6fc
--- /dev/null
@@ -0,0 +1,51 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/hash_provider/hash_md5.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "nss_gen.h"
+#include "hash_provider.h"
+
+static krb5_error_code
+k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    return k5_nss_gen_hash(HASH_AlgMD5, data, num_data, output);
+}
+
+const struct krb5_hash_provider krb5int_hash_md5 = {
+    "MD5",
+    MD5_LENGTH,
+    64,
+    k5_md5_hash
+};
diff --git a/src/lib/crypto/nss/hash_provider/hash_provider.h b/src/lib/crypto/nss/hash_provider/hash_provider.h
new file mode 100644 (file)
index 0000000..eebe845
--- /dev/null
@@ -0,0 +1,33 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+
+extern const struct krb5_hash_provider krb5int_hash_crc32;
+extern const struct krb5_hash_provider krb5int_hash_md4;
+extern const struct krb5_hash_provider krb5int_hash_md5;
+extern const struct krb5_hash_provider krb5int_hash_sha1;
diff --git a/src/lib/crypto/nss/hash_provider/hash_sha1.c b/src/lib/crypto/nss/hash_provider/hash_sha1.c
new file mode 100644 (file)
index 0000000..c70d439
--- /dev/null
@@ -0,0 +1,51 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/hash_provider/hash_sha1.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "nss_gen.h"
+#include "hash_provider.h"
+
+static krb5_error_code
+k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    return k5_nss_gen_hash(HASH_AlgSHA1, data, num_data, output);
+}
+
+const struct krb5_hash_provider krb5int_hash_sha1 = {
+    "SHA1",
+    SHA1_LENGTH,
+    64,
+    k5_sha1_hash
+};
diff --git a/src/lib/crypto/nss/hmac.c b/src/lib/crypto/nss/hmac.c
new file mode 100644 (file)
index 0000000..c0db602
--- /dev/null
@@ -0,0 +1,141 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/hmac.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "aead.h"
+#include "nss_gen.h"
+#include "pk11pub.h"
+
+/*
+ * the HMAC transform looks like:
+ *
+ * H(K XOR opad, H(K XOR ipad, text))
+ *
+ * where H is a cryptographic hash
+ * K is an n byte key
+ * ipad is the byte 0x36 repeated blocksize times
+ * opad is the byte 0x5c repeated blocksize times
+ * and text is the data being protected
+ */
+
+static CK_MECHANISM_TYPE
+digest_to_hmac(const struct krb5_hash_provider *hash)
+{
+    /* use strcmp so we don't confuse SHA1 with SHA128 */
+    /* handle the obvious cases first */
+    if (!strcmp(hash->hash_name, "SHA1"))
+        return CKM_SHA_1_HMAC;
+    if (!strcmp(hash->hash_name, "MD5"))
+        return CKM_MD5_HMAC;
+    return CKM_INVALID_MECHANISM;
+}
+
+krb5_error_code
+krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key,
+             const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    unsigned int i = 0;
+    CK_MECHANISM_TYPE mech;
+    PK11Context *ctx = NULL;
+    krb5_error_code ret = 0;
+    SECStatus rv;
+    SECItem param;
+
+    if (output->length < hash->hashsize)
+        return KRB5_BAD_MSIZE;
+
+    mech = digest_to_hmac(hash);
+    if (mech == CKM_INVALID_MECHANISM)
+        return KRB5_CRYPTO_INTERNAL; /* unsupported alg */
+
+    ret = k5_nss_gen_import(key, mech, CKA_SIGN);
+    if (ret != 0)
+        return ret;
+
+    param.data = NULL;
+    param.len = 0;
+    ctx = k5_nss_create_context(key, mech, CKA_SIGN, &param);
+    if (ctx == NULL)
+        goto fail;
+
+    rv = PK11_DigestBegin(ctx);
+    if (rv != SECSuccess)
+        goto fail;
+
+    for (i=0; i < num_data; i++) {
+        const krb5_crypto_iov *iov = &data[i];
+
+        if (iov->data.length && SIGN_IOV(iov)) {
+            rv = PK11_DigestOp(ctx,(const unsigned char*)iov->data.data,
+                               iov->data.length);
+            if (rv != SECSuccess)
+                goto fail;
+        }
+
+    }
+    rv = PK11_DigestFinal(ctx, (unsigned char *) output->data, &output->length,
+                          output->length);
+    if (rv != SECSuccess)
+        goto fail;
+    PK11_DestroyContext(ctx, PR_TRUE);
+    return 0;
+fail:
+    ret = k5_nss_map_last_error();
+    if (ctx)
+        PK11_DestroyContext(ctx, PR_TRUE);
+    return ret;
+}
+
+krb5_error_code
+krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
+                      const krb5_keyblock *keyblock,
+                      const krb5_crypto_iov *data, size_t num_data,
+                      krb5_data *output)
+{
+    krb5_key key;
+    krb5_error_code code;
+
+    if (keyblock->length > hash->blocksize)
+        return KRB5_CRYPTO_INTERNAL;
+
+    memset(&key, 0, sizeof(key));
+
+    code = krb5_k_create_key(NULL, keyblock, &key);
+    if (code)
+        return code;
+    code = krb5int_hmac(hash, key, data, num_data, output);
+    krb5_k_free_key(NULL, key);
+    return code;
+}
diff --git a/src/lib/crypto/nss/md4/Makefile.in b/src/lib/crypto/nss/md4/Makefile.in
new file mode 100644 (file)
index 0000000..f7cb028
--- /dev/null
@@ -0,0 +1,37 @@
+mydir=lib/crypto/nss/md4
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=md4
+##DOS##OBJFILE=..\$(OUTPRE)md4.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS= md4.o
+
+OBJS= $(OUTPRE)md4.$(OBJEXT) 
+
+SRCS= $(srcdir)/md4.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+
+check-unix:: 
+
+check-windows::
+
+clean:: 
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/md4/deps b/src/lib/crypto/nss/md4/deps
new file mode 100644 (file)
index 0000000..a28d9da
--- /dev/null
@@ -0,0 +1,13 @@
+# 
+# Generated makefile dependencies follow.
+#
+md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h md4.c rsa-md4.h
diff --git a/src/lib/crypto/nss/md4/md4.c b/src/lib/crypto/nss/md4/md4.c
new file mode 100644 (file)
index 0000000..6850e13
--- /dev/null
@@ -0,0 +1,247 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ *      lib/crypto/md4/md4.c
+ */
+
+/*
+**********************************************************************
+** md4.c                                                            **
+** RSA Data Security, Inc. MD4 Message Digest Algorithm             **
+** Created: 2/17/90 RLR                                             **
+** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version                  **
+**********************************************************************
+*/
+
+/*
+**********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+**                                                                  **
+** License to copy and use this software is granted provided that   **
+** it is identified as the "RSA Data Security, Inc. MD4 Message     **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function.                                       **
+**                                                                  **
+** License is also granted to make and use derivative works         **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD4 Message Digest Algorithm" in all         **
+** material mentioning or referencing the derived work.             **
+**                                                                  **
+** RSA Data Security, Inc. makes no representations concerning      **
+** either the merchantability of this software or the suitability   **
+** of this software for any particular purpose.  It is provided "as **
+** is" without express or implied warranty of any kind.             **
+**                                                                  **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software.                                   **
+**********************************************************************
+*/
+
+#include "k5-int.h"
+#include "rsa-md4.h"
+
+/* forward declaration */
+static void Transform (krb5_ui_4 *, krb5_ui_4 *);
+
+static const unsigned char PADDING[64] = {
+    0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+/* F, G and H are basic MD4 functions: selection, majority, parity */
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+
+/* ROTATE_LEFT rotates x left n bits */
+#define ROTATE_LEFT(x, n) ((((x) << (n)) & 0xffffffff) | ((x) >> (32-(n))))
+
+/* FF, GG and HH are MD4 transformations for rounds 1, 2 and 3 */
+/* Rotation is separate from addition to prevent recomputation */
+#define FF(a, b, c, d, x, s)                    \
+    {(a) += F ((b), (c), (d)) + (x);            \
+        (a) &= 0xffffffff;                      \
+        (a) = ROTATE_LEFT ((a), (s));}
+#define GG(a, b, c, d, x, s)                            \
+    {(a) += G ((b), (c), (d)) + (x) + 013240474631UL;   \
+        (a) &= 0xffffffff;                              \
+        (a) = ROTATE_LEFT ((a), (s));}
+#define HH(a, b, c, d, x, s)                            \
+    {(a) += H ((b), (c), (d)) + (x) + 015666365641UL;   \
+        (a) &= 0xffffffff;                              \
+        (a) = ROTATE_LEFT ((a), (s));}
+
+void
+krb5int_MD4Init (krb5_MD4_CTX *mdContext)
+{
+    mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0;
+
+    /* Load magic initialization constants.
+     */
+    mdContext->buf[0] = 0x67452301UL;
+    mdContext->buf[1] = 0xefcdab89UL;
+    mdContext->buf[2] = 0x98badcfeUL;
+    mdContext->buf[3] = 0x10325476UL;
+}
+
+void
+krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen)
+{
+    krb5_ui_4 in[16];
+    int mdi;
+    unsigned int i, ii;
+
+    /* compute number of bytes mod 64 */
+    mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
+
+    /* update number of bits */
+    if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0])
+        mdContext->i[1]++;
+    mdContext->i[0] += ((krb5_ui_4)inLen << 3);
+    mdContext->i[1] += ((krb5_ui_4)inLen >> 29);
+
+    while (inLen--) {
+        /* add new character to buffer, increment mdi */
+        mdContext->in[mdi++] = *inBuf++;
+
+        /* transform if necessary */
+        if (mdi == 0x40) {
+            for (i = 0, ii = 0; i < 16; i++, ii += 4) {
+                in[i] = load_32_le(mdContext->in+ii);
+            }
+            Transform (mdContext->buf, in);
+            mdi = 0;
+        }
+    }
+}
+
+void
+krb5int_MD4Final (krb5_MD4_CTX *mdContext)
+{
+    krb5_ui_4 in[16];
+    int mdi;
+    unsigned int i, ii;
+    unsigned int padLen;
+
+    /* save number of bits */
+    in[14] = mdContext->i[0];
+    in[15] = mdContext->i[1];
+
+    /* compute number of bytes mod 64 */
+    mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
+
+    /* pad out to 56 mod 64 */
+    padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
+    krb5int_MD4Update (mdContext, PADDING, padLen);
+
+    /* append length in bits and transform */
+    for (i = 0, ii = 0; i < 14; i++, ii += 4)
+        in[i] = load_32_le(mdContext->in+ii);
+    Transform (mdContext->buf, in);
+
+
+    /* store buffer in digest */
+    for (i = 0, ii = 0; i < 4; i++, ii += 4) {
+        store_32_le(mdContext->buf[i], mdContext->digest+ii);
+    }
+}
+
+/* Basic MD4 step. Transform buf based on in.
+ */
+static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in)
+{
+    register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
+
+#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
+    int i;
+#define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; }
+    for (i = 0; i < 16; i++) {
+        static const unsigned char round1consts[] = { 3, 7, 11, 19, };
+        FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE;
+    }
+    for (i = 0; i < 16; i++) {
+        static const unsigned char round2indices[] = {
+            0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15
+        };
+        static const unsigned char round2consts[] = { 3, 5, 9, 13 };
+        GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE;
+    }
+    for (i = 0; i < 16; i++) {
+        static const unsigned char round3indices[] = {
+            0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15
+        };
+        static const unsigned char round3consts[] = { 3, 9, 11, 15 };
+        HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE;
+    }
+#else
+    /* Round 1 */
+    FF (a, b, c, d, in[ 0],  3);
+    FF (d, a, b, c, in[ 1],  7);
+    FF (c, d, a, b, in[ 2], 11);
+    FF (b, c, d, a, in[ 3], 19);
+    FF (a, b, c, d, in[ 4],  3);
+    FF (d, a, b, c, in[ 5],  7);
+    FF (c, d, a, b, in[ 6], 11);
+    FF (b, c, d, a, in[ 7], 19);
+    FF (a, b, c, d, in[ 8],  3);
+    FF (d, a, b, c, in[ 9],  7);
+    FF (c, d, a, b, in[10], 11);
+    FF (b, c, d, a, in[11], 19);
+    FF (a, b, c, d, in[12],  3);
+    FF (d, a, b, c, in[13],  7);
+    FF (c, d, a, b, in[14], 11);
+    FF (b, c, d, a, in[15], 19);
+
+    /* Round 2 */
+    GG (a, b, c, d, in[ 0],  3);
+    GG (d, a, b, c, in[ 4],  5);
+    GG (c, d, a, b, in[ 8],  9);
+    GG (b, c, d, a, in[12], 13);
+    GG (a, b, c, d, in[ 1],  3);
+    GG (d, a, b, c, in[ 5],  5);
+    GG (c, d, a, b, in[ 9],  9);
+    GG (b, c, d, a, in[13], 13);
+    GG (a, b, c, d, in[ 2],  3);
+    GG (d, a, b, c, in[ 6],  5);
+    GG (c, d, a, b, in[10],  9);
+    GG (b, c, d, a, in[14], 13);
+    GG (a, b, c, d, in[ 3],  3);
+    GG (d, a, b, c, in[ 7],  5);
+    GG (c, d, a, b, in[11],  9);
+    GG (b, c, d, a, in[15], 13);
+
+    /* Round 3 */
+    HH (a, b, c, d, in[ 0],  3);
+    HH (d, a, b, c, in[ 8],  9);
+    HH (c, d, a, b, in[ 4], 11);
+    HH (b, c, d, a, in[12], 15);
+    HH (a, b, c, d, in[ 2],  3);
+    HH (d, a, b, c, in[10],  9);
+    HH (c, d, a, b, in[ 6], 11);
+    HH (b, c, d, a, in[14], 15);
+    HH (a, b, c, d, in[ 1],  3);
+    HH (d, a, b, c, in[ 9],  9);
+    HH (c, d, a, b, in[ 5], 11);
+    HH (b, c, d, a, in[13], 15);
+    HH (a, b, c, d, in[ 3],  3);
+    HH (d, a, b, c, in[11],  9);
+    HH (c, d, a, b, in[ 7], 11);
+    HH (b, c, d, a, in[15], 15);
+#endif
+
+    buf[0] += a;
+    buf[1] += b;
+    buf[2] += c;
+    buf[3] += d;
+}
+
+/*
+**********************************************************************
+** End of md4.c                                                     **
+******************************* (cut) ********************************
+*/
diff --git a/src/lib/crypto/nss/md4/rsa-md4.h b/src/lib/crypto/nss/md4/rsa-md4.h
new file mode 100644 (file)
index 0000000..408f2ef
--- /dev/null
@@ -0,0 +1,95 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/md4/rsa-md4.h
+ *
+ * Copyright 1991 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * RSA MD4 header file, with Kerberos/STDC additions.
+ */
+
+#ifndef __KRB5_RSA_MD4_H__
+#define __KRB5_RSA_MD4_H__
+
+#ifdef unicos61
+#include <sys/types.h>
+#endif /* unicos61 */
+
+/* 16 u_char's in the digest */
+#define RSA_MD4_CKSUM_LENGTH    16
+/* des blocksize is 8, so this works nicely... */
+#define OLD_RSA_MD4_DES_CKSUM_LENGTH    16
+#define NEW_RSA_MD4_DES_CKSUM_LENGTH    24
+#define RSA_MD4_DES_CONFOUND_LENGTH     8
+
+/*
+**********************************************************************
+** md4.h -- Header file for implementation of MD4                   **
+** RSA Data Security, Inc. MD4 Message Digest Algorithm             **
+** Created: 2/17/90 RLR                                             **
+** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version              **
+**********************************************************************
+*/
+
+/*
+**********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+**                                                                  **
+** License to copy and use this software is granted provided that   **
+** it is identified as the "RSA Data Security, Inc. MD4 Message     **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function.                                       **
+**                                                                  **
+** License is also granted to make and use derivative works         **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD4 Message Digest Algorithm" in all         **
+** material mentioning or referencing the derived work.             **
+**                                                                  **
+** RSA Data Security, Inc. makes no representations concerning      **
+** either the merchantability of this software or the suitability   **
+** of this software for any particular purpose.  It is provided "as **
+** is" without express or implied warranty of any kind.             **
+**                                                                  **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software.                                   **
+**********************************************************************
+*/
+
+/* Data structure for MD4 (Message Digest) computation */
+typedef struct {
+    krb5_ui_4 i[2];                       /* number of _bits_ handled mod 2^64 */
+    krb5_ui_4 buf[4];                     /* scratch buffer */
+    unsigned char in[64];                 /* input buffer */
+    unsigned char digest[16];             /* actual digest after MD4Final call */
+} krb5_MD4_CTX;
+
+extern void krb5int_MD4Init(krb5_MD4_CTX *);
+extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned int);
+extern void krb5int_MD4Final(krb5_MD4_CTX *);
+
+/*
+**********************************************************************
+** End of md4.h                                                     **
+******************************* (cut) ********************************
+*/
+#endif /* __KRB5_RSA_MD4_H__ */
diff --git a/src/lib/crypto/nss/md5/Makefile.in b/src/lib/crypto/nss/md5/Makefile.in
new file mode 100644 (file)
index 0000000..94a9e54
--- /dev/null
@@ -0,0 +1,37 @@
+mydir=lib/crypto/nss/md5
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=md5
+##DOS##OBJFILE=..\$(OUTPRE)md5.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+LOCALINCLUDES = -I$(srcdir)/.. @CRYPTO_IMPL_CFLAGS@
+
+
+STLIBOBJS= md5.o
+
+OBJS= $(OUTPRE)md5.$(OBJEXT) 
+
+SRCS= $(srcdir)/md5.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+check-unix:: 
+
+check-windows::
+
+clean:: 
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/md5/deps b/src/lib/crypto/nss/md5/deps
new file mode 100644 (file)
index 0000000..116d552
--- /dev/null
@@ -0,0 +1,14 @@
+# 
+# Generated makefile dependencies follow.
+#
+md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h $(srcdir)/md5.c \
+  $(srcdir)/rsa-md5.h
diff --git a/src/lib/crypto/nss/md5/md5.c b/src/lib/crypto/nss/md5/md5.c
new file mode 100644 (file)
index 0000000..ee494e5
--- /dev/null
@@ -0,0 +1,86 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/md5/md5.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "rsa-md5.h"
+#include "pk11pub.h"
+#include "nss_gen.h"
+
+
+/* Initialize the message-digest context mdContext. */
+void
+krb5int_MD5Init(krb5_MD5_CTX *mdContext)
+{
+    if (k5_nss_init()) {
+        mdContext->nss_ctxt = NULL;
+        return;
+    }
+    mdContext->nss_ctxt = PK11_CreateDigestContext(SEC_OID_MD5);
+    if (mdContext->nss_ctxt == NULL)
+        return;
+    PK11_DigestBegin((PK11Context *)mdContext->nss_ctxt);
+}
+
+/*
+ * Update the message-digest context to account for the presence of each of the
+ * characters inBuf[0..inLen-1] in the message whose digest is being computed.
+ */
+void
+krb5int_MD5Update(krb5_MD5_CTX *mdContext, const unsigned char *inBuf,
+                  unsigned int inLen)
+{
+   if (mdContext->nss_ctxt == NULL)
+        return;
+   PK11_DigestOp((PK11Context *)mdContext->nss_ctxt, inBuf, inLen);
+}
+
+/* Terminate the message-digest computation and end with the desired message
+ * digest in mdContext->digest[0...15]. */
+void
+krb5int_MD5Final(krb5_MD5_CTX *mdContext)
+{
+   unsigned int digestLength;
+
+   if (mdContext->nss_ctxt == NULL)
+        return;
+   PK11_DigestFinal((PK11Context *)mdContext->nss_ctxt, mdContext->digest,
+                    &digestLength, sizeof (mdContext->digest));
+   /* since there is not separate cleanup step, free the context now.
+    * (otherwise we could have reused the context for another MD5 operation
+    * in the future).
+    */
+   PK11_DestroyContext((PK11Context *)mdContext->nss_ctxt, PR_TRUE);
+   mdContext->nss_ctxt = NULL;
+}
diff --git a/src/lib/crypto/nss/md5/rsa-md5.h b/src/lib/crypto/nss/md5/rsa-md5.h
new file mode 100644 (file)
index 0000000..228eb09
--- /dev/null
@@ -0,0 +1,90 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/openssl/md5/rsa-md5.h
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/*
+ ***********************************************************************
+ ** md5.h -- header file for implementation of MD5                    **
+ ** RSA Data Security, Inc. MD5 Message-Digest Algorithm              **
+ ** Created: 2/17/90 RLR                                              **
+ ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version               **
+ ** Revised (for MD5): RLR 4/27/91                                    **
+ **   -- G modified to have y&~z instead of y&z                       **
+ **   -- FF, GG, HH modified to add in last register done             **
+ **   -- Access pattern: round 2 works mod 5, round 3 works mod 3     **
+ **   -- distinct additive constant for each step                     **
+ **   -- round 4 added, working mod 7                                 **
+ ***********************************************************************
+ */
+
+/*
+ ***********************************************************************
+ ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved.  **
+ **                                                                   **
+ ** License to copy and use this software is granted provided that    **
+ ** it is identified as the "RSA Data Security, Inc. MD5 Message-     **
+ ** Digest Algorithm" in all material mentioning or referencing this  **
+ ** software or this function.                                        **
+ **                                                                   **
+ ** License is also granted to make and use derivative works          **
+ ** provided that such works are identified as "derived from the RSA  **
+ ** Data Security, Inc. MD5 Message-Digest Algorithm" in all          **
+ ** material mentioning or referencing the derived work.              **
+ **                                                                   **
+ ** RSA Data Security, Inc. makes no representations concerning       **
+ ** either the merchantability of this software or the suitability    **
+ ** of this software for any particular purpose.  It is provided "as  **
+ ** is" without express or implied warranty of any kind.              **
+ **                                                                   **
+ ** These notices must be retained in any copies of any part of this  **
+ ** documentation and/or software.                                    **
+ ***********************************************************************
+ */
+
+
+#ifndef    KRB5_RSA_MD5__
+#define    KRB5_RSA_MD5__
+
+/* Data structure for MD5 (Message-Digest) computation */
+typedef struct {
+    void *nss_ctxt;
+    krb5_int32 * digest_len;
+    krb5_ui_4 i[2];              /* number of _bits_ handled mod 2^64 */
+    krb5_ui_4 buf[4];            /* scratch buffer */
+    unsigned char in[64];        /* input buffer */
+    unsigned char digest[16];    /* actual digest after MD5Final call */
+} krb5_MD5_CTX;
+
+extern void krb5int_MD5Init(krb5_MD5_CTX *);
+extern void krb5int_MD5Update(krb5_MD5_CTX *, const unsigned char *,
+                              unsigned int);
+extern void krb5int_MD5Final(krb5_MD5_CTX *);
+
+#define    RSA_MD5_CKSUM_LENGTH            16
+#define    OLD_RSA_MD5_DES_CKSUM_LENGTH    16
+#define    NEW_RSA_MD5_DES_CKSUM_LENGTH    24
+#define    RSA_MD5_DES_CONFOUND_LENGTH     8
+
+#endif /* KRB5_RSA_MD5__ */
diff --git a/src/lib/crypto/nss/nss_gen.h b/src/lib/crypto/nss/nss_gen.h
new file mode 100644 (file)
index 0000000..4eb8f2f
--- /dev/null
@@ -0,0 +1,104 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/nss_gen.h
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "pkcs11t.h"
+#include "sechash.h"
+#include "secmodt.h"
+
+/* 512 bits is bigger than anything defined to date */
+#define MAX_KEY_LENGTH 64
+#define MAX_BLOCK_SIZE 64
+
+/*
+ * Common nss utils
+ */
+
+/* Make sure NSS is properly initialized. */
+krb5_error_code k5_nss_init(void);
+
+/* Import a key into NSS and store the handle in krb5_key. */
+krb5_error_code
+k5_nss_gen_import(krb5_key key, CK_MECHANISM_TYPE mech,
+                  CK_ATTRIBUTE_TYPE operation);
+
+/* Clean up an imported key. */
+void
+k5_nss_gen_cleanup(krb5_key key);
+
+/* Create a new crypto/hash/sign context from a krb5_key. */
+PK11Context *
+k5_nss_create_context(krb5_key krb_key, CK_MECHANISM_TYPE mechanism,
+                      CK_ATTRIBUTE_TYPE operation, SECItem * param);
+
+/* Map an NSS error into a krb5_error_code. */
+krb5_error_code k5_nss_map_error(int nss_error);
+krb5_error_code k5_nss_map_last_error(void);
+
+
+/*
+ * Common encryption functions
+ */
+
+/* Encrypt/decrypt block modes except cts using iov. */
+krb5_error_code
+k5_nss_gen_block_iov(krb5_key key, CK_MECHANISM_TYPE mech,
+                     CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec,
+                     krb5_crypto_iov *data, size_t num_data);
+
+/* Encrypt/decrypt stream modes using iov. */
+krb5_error_code
+k5_nss_gen_stream_iov(krb5_key key, krb5_data *state, CK_MECHANISM_TYPE mech,
+                      CK_ATTRIBUTE_TYPE operation, krb5_crypto_iov *data,
+                      size_t num_data);
+
+/* Encrypt/decrypt block modes using cts. */
+krb5_error_code
+k5_nss_gen_cts_iov(krb5_key key, CK_MECHANISM_TYPE mech,
+                   CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec,
+                   krb5_crypto_iov *data, size_t num_data);
+
+/* Stream state management calls. */
+krb5_error_code k5_nss_stream_init_state(krb5_data *new_state);
+krb5_error_code k5_nss_stream_free_state(krb5_data *state);
+
+/*
+ * Common hash functions
+ */
+
+/* All hash modes. */
+krb5_error_code
+k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data,
+                size_t num_data, krb5_data *output);
diff --git a/src/lib/crypto/nss/pbkdf2.c b/src/lib/crypto/nss/pbkdf2.c
new file mode 100644 (file)
index 0000000..a966c36
--- /dev/null
@@ -0,0 +1,120 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/pbkdf2.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <ctype.h>
+#include "k5-int.h"
+#include "hash_provider.h"
+#include "pk11pub.h"
+#include "nss_gen.h"
+
+
+krb5_error_code
+krb5int_pbkdf2_hmac_sha1(const krb5_data *out, unsigned long count,
+                         const krb5_data *pass, const krb5_data *salt)
+{
+
+    PK11SlotInfo *slot = NULL;
+    SECAlgorithmID *algid = NULL;
+    PK11SymKey *symKey = NULL;
+    SECItem saltItem, pwItem;
+    const SECItem *keydata = NULL;
+    SECOidTag pbeAlg = SEC_OID_PKCS5_PBKDF2;
+    SECOidTag cipherAlg = SEC_OID_AES_256_CBC;
+    SECOidTag prfAlg = SEC_OID_HMAC_SHA1;
+    krb5_error_code ret;
+
+    ret = k5_nss_init();
+    if (ret)
+        return ret;
+
+    slot = PK11_GetBestSlot(PK11_AlgtagToMechanism(pbeAlg), NULL);
+    if (slot == NULL)
+        return k5_nss_map_last_error();
+
+    saltItem.type = siBuffer;
+    saltItem.data = (unsigned char *)salt->data;
+    saltItem.len = salt->length;
+
+    /* PKCS 5 was designed to be DER encoded. Algid's carry all the
+     * information needed to describe the encoding the the recipient.
+     * This usually allows for crypto agility in the protocol automatically.
+     * Kerberos already had to solve it's crypto agility issues, so the
+     * algid is just and extra step we need that we will throw away */
+    algid = PK11_CreatePBEV2AlgorithmID(pbeAlg, cipherAlg, prfAlg,
+                                        out->length, count, &saltItem);
+    if (algid == NULL) {
+        ret = k5_nss_map_last_error();
+        goto loser;
+    }
+
+    pwItem.type = siBuffer;
+    pwItem.data = (unsigned char *)pass->data;
+    pwItem.len = pass->length;
+
+    symKey = PK11_PBEKeyGen(slot, algid, &pwItem, PR_FALSE, NULL);
+    if (symKey == NULL) {
+        ret = k5_nss_map_last_error();
+        goto loser;
+    }
+
+    /* At this point we should return symKey as a key, but kerberos is
+     * still passing bits around instead of key handles. */
+    PK11_ExtractKeyValue(symKey);
+
+    /* keydata here is a const * and is valid as long as the key has not been
+     * destroyed. */
+    keydata = PK11_GetKeyData(symKey);
+    if (keydata == NULL) {
+        ret = k5_nss_map_last_error();
+        goto loser;
+    }
+
+    if (out->length != keydata->len) {
+        ret = -1; /* XXXXX */
+        goto loser;
+    }
+    memcpy(out->data, keydata->data, keydata->len);
+    ret = 0;
+
+loser:
+    if (symKey)
+        PK11_FreeSymKey(symKey);
+    if (algid)
+        SECOID_DestroyAlgorithmID(algid, PR_TRUE);
+    if (slot)
+        PK11_FreeSlot(slot);
+
+    return ret;
+}
diff --git a/src/lib/crypto/nss/sha1/Makefile.in b/src/lib/crypto/nss/sha1/Makefile.in
new file mode 100644 (file)
index 0000000..a7cb6e8
--- /dev/null
@@ -0,0 +1,32 @@
+mydir=lib/crypto/nss/sha1
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+DEFS=
+LOCALINCLUDES = -I$(srcdir)/.. @CRYPTO_IMPL_CFLAGS@
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=sha1
+##DOS##OBJFILE=..\$(OUTPRE)sha1.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS= shs.o
+
+OBJS= $(OUTPRE)shs.$(OBJEXT) 
+
+SRCS= $(srcdir)/shs.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+clean::
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/sha1/deps b/src/lib/crypto/nss/sha1/deps
new file mode 100644 (file)
index 0000000..e75ca6b
--- /dev/null
@@ -0,0 +1,14 @@
+# 
+# Generated makefile dependencies follow.
+#
+shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h $(srcdir)/shs.c \
+  $(srcdir)/shs.h
diff --git a/src/lib/crypto/nss/sha1/shs.c b/src/lib/crypto/nss/sha1/shs.c
new file mode 100644 (file)
index 0000000..edf4c9a
--- /dev/null
@@ -0,0 +1,77 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/sha1/shs.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "shs.h"
+#include "pk11pub.h"
+#include "nss_gen.h"
+
+/* Initialize the SHS values */
+void shsInit(SHS_INFO *shsInfo)
+{
+    if (k5_nss_init()) {
+        shsInfo->nss_ctxt = NULL;
+        return;
+    }
+    shsInfo->nss_ctxt = PK11_CreateDigestContext(SEC_OID_SHA1);
+    if (shsInfo->nss_ctxt == NULL)
+        return;
+    PK11_DigestBegin((PK11Context *)shsInfo->nss_ctxt);
+}
+
+/* Update SHS for a block of data */
+void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count)
+{
+    if (shsInfo->nss_ctxt == NULL)
+        return;
+    PK11_DigestOp((PK11Context *)shsInfo->nss_ctxt, buffer, count);
+}
+
+
+/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern
+ * 1 0* (64-bit count of bits processed, MSB-first) */
+void shsFinal(SHS_INFO *shsInfo)
+{
+   if (shsInfo->nss_ctxt == NULL)
+        return;
+   PK11_DigestFinal((PK11Context *)shsInfo->nss_ctxt, shsInfo->digestBuf,
+                    &shsInfo->digestLen, sizeof (shsInfo->digestBuf));
+   /* Since there is not separate cleanup step, free the context now.
+    * (otherwise we could have reused the context for another MD5 operation
+    * in the future).
+    */
+   PK11_DestroyContext((PK11Context *)shsInfo->nss_ctxt, PR_TRUE);
+   shsInfo->nss_ctxt = NULL;
+}
diff --git a/src/lib/crypto/nss/sha1/shs.h b/src/lib/crypto/nss/sha1/shs.h
new file mode 100644 (file)
index 0000000..7019504
--- /dev/null
@@ -0,0 +1,46 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+#ifndef _SHS_DEFINED
+
+#include "k5-int.h"
+
+#define _SHS_DEFINED
+
+/* Some useful types */
+
+typedef krb5_octet      SHS_BYTE;
+typedef krb5_ui_4       SHS_LONG;
+
+/* Define the following to use the updated SHS implementation */
+#define NEW_SHS         /**/
+
+/* The SHS block size and message digest sizes, in bytes */
+
+#define SHS_DATASIZE    64
+#define SHS_DIGESTSIZE  20
+
+/* The structure for storing SHS info */
+
+typedef struct {
+    void *nss_ctxt;
+    unsigned char   digestBuf[SHS_DIGESTSIZE]; /* output */
+    unsigned int    digestLen; /* output */
+} SHS_INFO;
+
+/* Message digest functions (shs.c) */
+void shsInit(SHS_INFO *shsInfo);
+void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count);
+void shsFinal(SHS_INFO *shsInfo);
+
+
+/* Keyed Message digest functions (hmac_sha.c) */
+krb5_error_code hmac_sha(krb5_octet *text,
+                        int text_len,
+                        krb5_octet *key,
+                        int key_len,
+                        krb5_octet *digest);
+
+
+#define NIST_SHA_CKSUM_LENGTH           SHS_DIGESTSIZE
+#define HMAC_SHA_CKSUM_LENGTH           SHS_DIGESTSIZE
+
+#endif /* _SHS_DEFINED */
diff --git a/src/lib/crypto/nss/yhash.h b/src/lib/crypto/nss/yhash.h
new file mode 100644 (file)
index 0000000..151818f
--- /dev/null
@@ -0,0 +1,29 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/openssl/hash/yhash.h
+ */
+
+#ifndef YHASH_H
+#define YHASH_H
+
+/* hash function interface */
+
+/* default to SHA1 for yarrow 160 */
+
+#include "shs.h"
+
+
+#define HASH_CTX SHS_INFO
+#define HASH_Init(x) shsInit(x)
+#define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz)
+
+#define HASH_Final(x, tdigest)  do {                    \
+        int loopvar;                                    \
+        unsigned char *out2 = (void *)(tdigest);        \
+        HASH_CTX  *ctx = (x);                           \
+        shsFinal(ctx);                                  \
+        memcpy(out2, ctx->digestBuf, ctx->digestLen);   \
+    } while(0)
+
+#define HASH_DIGEST_SIZE SHS_DIGESTSIZE
+
+#endif /* YHASH_H */
index 3f4224d320453924602444433d00e9c425b06dd2..6efdbda7426e82b1ac536574b2acccda941c6e94 100644 (file)
@@ -22,14 +22,17 @@ DEFS=
 
 STLIBOBJS=\
        hmac.o  \
-       pbkdf2.o                
+       init.o  \
+       pbkdf2.o
 
 OBJS=\
        $(OUTPRE)hmac.$(OBJEXT) \
-       $(OUTPRE)pbkdf2.$(OBJEXT)               
+       $(OUTPRE)init.$(OBJEXT) \
+       $(OUTPRE)pbkdf2.$(OBJEXT)
 
 SRCS=\
        $(srcdir)/hmac.c        \
+       $(srcdir)/init.c        \
        $(srcdir)/pbkdf2.c      
 
 STOBJLISTS= des/OBJS.ST md4/OBJS.ST    \
diff --git a/src/lib/crypto/openssl/init.c b/src/lib/crypto/openssl/init.c
new file mode 100644 (file)
index 0000000..aaa13cc
--- /dev/null
@@ -0,0 +1,40 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/openssl/init.c
+ *
+ * Copyright (C) 2010 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * OpenSSL back-end library init functions
+ */
+
+int
+krb5int_crypto_impl_init(void)
+{
+    return 0;
+}
+
+void
+krb5int_crypto_impl_cleanup(void)
+{
+}