PROG_RPATH=$(KRB5_LIBDIR)
STLIBOBJS=\
- aescrypt.o \
- aestab.o \
- aeskey.o \
aes_s2k.o
OBJS=\
- $(OUTPRE)aescrypt.$(OBJEXT) \
- $(OUTPRE)aestab.$(OBJEXT) \
- $(OUTPRE)aeskey.$(OBJEXT) \
$(OUTPRE)aes_s2k.$(OBJEXT)
SRCS=\
- $(srcdir)/aescrypt.c \
- $(srcdir)/aestab.c \
- $(srcdir)/aeskey.c \
$(srcdir)/aes_s2k.c
-GEN_OBJS=\
- $(OUTPRE)aescrypt.$(OBJEXT) \
- $(OUTPRE)aestab.$(OBJEXT) \
- $(OUTPRE)aeskey.$(OBJEXT)
##DOS##LIBOBJS = $(OBJS)
+++ /dev/null
-/*
- * To be compiled against the AES code from:
- * http://fp.gladman.plus.com/cryptography_technology/rijndael/index.htm
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include "aes.h"
-
-#define B 16U
-unsigned char key[16];
-unsigned char test_case_len[] = { B+1, 2*B-1, 2*B, 2*B+1, 3*B-1, 3*B, 4*B, };
-#define NTESTS (sizeof(test_case_len))
-struct {
- unsigned char ivec[16];
- unsigned char input[4*16];
- unsigned char output[4*16];
-} test_case[NTESTS];
-aes_ctx ctx, dctx;
-
-static void init ()
-{
- int i, j, r;
-
- srand(42);
- for (i = 0; i < 16; i++)
- key[i] = 0xff & rand();
- memset(test_case, 0, sizeof(test_case));
- for (i = 0; i < NTESTS; i++)
- for (j = 0; j < test_case_len[i]; j++) {
- test_case[i].input[j] = 0xff & rand();
- }
-
- r = krb5int_aes_enc_key (key, sizeof(key), &ctx);
- //r = aes_enc_key (key, sizeof(key), &ctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- r = krb5int_aes_dec_key (key, sizeof(key), &dctx);
- //r = aes_dec_key (key, sizeof(key), &dctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
-}
-
-static void hexdump(const unsigned char *ptr, size_t len)
-{
- int i;
- for (i = 0; i < len; i++)
- printf ("%s%02X", (i % 16 == 0) ? "\n " : " ", ptr[i]);
-}
-
-static void fips_test ()
-{
- static const unsigned char fipskey[16] = {
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
- };
- static const unsigned char input[16] = {
- 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
- 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
- };
- static const unsigned char expected[16] = {
- 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
- 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
- };
- unsigned char output[16];
- unsigned char tmp[16];
- aes_ctx fipsctx;
- int r;
-
- printf ("FIPS test:\nkey:");
- hexdump (fipskey, 16);
- printf ("\ninput:");
- hexdump (input, 16);
- r = aes_enc_key (fipskey, sizeof(fipskey), &fipsctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- r = aes_enc_blk (input, output, &fipsctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- printf ("\noutput:");
- hexdump (output, 16);
- printf ("\n");
- if (memcmp(expected, output, 16))
- fprintf(stderr, "wrong results!!!\n"), exit (1);
- r = aes_dec_key (fipskey, sizeof(fipskey), &fipsctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- r = aes_dec_blk (output, tmp, &fipsctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- if (memcmp(input, tmp, 16))
- fprintf(stderr, "decryption failed!!\n"), exit(1);
- printf ("ok.\n\n");
-}
-
-static void
-xor (unsigned char *out, const unsigned char *a, const unsigned char *b)
-{
- int i;
- for (i = 0; i < B; i++)
- out[i] = a[i] ^ b[i];
-}
-
-static void
-ecb_enc (unsigned char *out, unsigned char *in, unsigned int len)
-{
- int i, r;
- for (i = 0; i < len; i += 16) {
- r = aes_enc_blk (in + i, out + i, &ctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- }
- if (i != len) abort ();
-}
-
-static void
-ecb_dec (unsigned char *out, unsigned char *in, unsigned int len)
-{
- int i, r;
- for (i = 0; i < len; i += 16) {
- r = aes_dec_blk (in + i, out + i, &dctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- }
- if (i != len) abort ();
-}
-
-#define D(X) (printf("%s %d: %s=",__FUNCTION__,__LINE__, #X),hexdump(X,B),printf("\n"))
-
-#undef D
-#define D(X)
-
-static void
-cbc_enc (unsigned char *out, unsigned char *in, unsigned char *iv,
- unsigned int len)
-{
- int i, r;
- unsigned char tmp[B];
- D(iv);
- memcpy (tmp, iv, B);
- for (i = 0; i < len; i += B) {
- D(in+i);
- xor (tmp, tmp, in + i);
- D(tmp);
- r = aes_enc_blk (tmp, out + i, &ctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- memcpy (tmp, out + i, B);
- D(out+i);
- }
- if (i != len) abort ();
-}
-
-static void
-cbc_dec (unsigned char *out, unsigned char *in, unsigned char *iv,
- unsigned int len)
-{
- int i, r;
- unsigned char tmp[B];
- memcpy (tmp, iv, B);
- for (i = 0; i < len; i += B) {
- r = aes_dec_blk (in + i, tmp, &dctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- xor (tmp, tmp, iv);
- iv = in + i;
- memcpy (out + i, tmp, B);
- }
- if (i != len) abort ();
-}
-
-static void
-cts_enc (unsigned char *out, unsigned char *in, unsigned char *iv,
- unsigned int len)
-{
- int r;
- unsigned int len2;
- unsigned char pn1[B], pn[B], cn[B], cn1[B];
-
- if (len < B + 1) abort ();
- len2 = (len - B - 1) & ~(B-1);
- cbc_enc (out, in, iv, len2);
- out += len2;
- in += len2;
- len -= len2;
- if (len2)
- iv = out - B;
- if (len <= B || len > 2 * B)
- abort ();
- printf ("(did CBC mode for %d)\n", len2);
-
- D(in);
- xor (pn1, in, iv);
- D(pn1);
- r = aes_enc_blk (pn1, cn, &ctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- D(cn);
- memset (pn, 0, sizeof(pn));
- memcpy (pn, in+B, len-B);
- D(pn);
- xor (pn, pn, cn);
- D(pn);
- r = aes_enc_blk (pn, cn1, &ctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- D(cn1);
- memcpy(out, cn1, B);
- memcpy(out+B, cn, len-B);
-}
-
-static void
-cts_dec (unsigned char *out, unsigned char *in, unsigned char *iv,
- unsigned int len)
-{
- int r;
- unsigned int len2;
- unsigned char pn1[B], pn[B], cn[B], cn1[B];
-
- if (len < B + 1) abort ();
- len2 = (len - B - 1) & ~(B-1);
- cbc_dec (out, in, iv, len2);
- out += len2;
- in += len2;
- len -= len2;
- if (len2)
- iv = in - B;
- if (len <= B || len > 2 * B)
- abort ();
-
- memcpy (cn1, in, B);
- r = aes_dec_blk (cn1, pn, &dctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- memset (cn, 0, sizeof(cn));
- memcpy (cn, in+B, len-B);
- xor (pn, pn, cn);
- memcpy (cn+len-B, pn+len-B, 2*B-len);
- r = aes_dec_blk (cn, pn1, &dctx);
- if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
- xor (pn1, pn1, iv);
- memcpy(out, pn1, B);
- memcpy(out+B, pn, len-B);
-}
-
-static void ecb_test ()
-{
- int testno;
- unsigned char tmp[4*B];
-
- printf ("ECB tests:\n");
- printf ("key:");
- hexdump (key, sizeof(key));
- for (testno = 0; testno < NTESTS; testno++) {
- unsigned len = (test_case_len[testno] + 15) & ~15;
- printf ("\ntest %d - %d bytes\n", testno, len);
- printf ("input:");
- hexdump (test_case[testno].input, len);
- printf ("\n");
- ecb_enc (test_case[testno].output, test_case[testno].input, len);
- printf ("output:");
- hexdump (test_case[testno].output, len);
- printf ("\n");
- ecb_dec (tmp, test_case[testno].output, len);
- if (memcmp (tmp, test_case[testno].input, len)) {
- printf ("ecb decrypt failed!!");
- hexdump (tmp, len);
- printf ("\n");
- exit (1);
- }
- }
- printf ("\n");
-}
-
-unsigned char ivec[16] = { 0 };
-
-static void cbc_test ()
-{
- int testno;
- unsigned char tmp[4*B];
-
- printf ("CBC tests:\n");
- printf ("initial vector:");
- hexdump (ivec, sizeof(ivec));
- for (testno = 0; testno < NTESTS; testno++) {
- unsigned len = (test_case_len[testno] + 15) & ~15;
- printf ("\ntest %d - %d bytes\n", testno, len);
- printf ("input:");
- hexdump (test_case[testno].input, len);
- printf ("\n");
- cbc_enc (test_case[testno].output, test_case[testno].input, ivec, len);
- printf ("output:");
- hexdump (test_case[testno].output, len);
- printf ("\n");
- cbc_dec (tmp, test_case[testno].output, ivec, len);
- if (memcmp (tmp, test_case[testno].input, len)) {
- printf("cbc decrypt failed!!");
- hexdump (tmp, len);
- printf ("\n");
- exit(1);
- }
- }
- printf ("\n");
-}
-
-static void cts_test ()
-{
- int testno;
- unsigned char tmp[4*B];
-
- printf ("CTS tests:\n");
- printf ("initial vector:");
- hexdump (ivec, sizeof(ivec));
- for (testno = 0; testno < NTESTS; testno++) {
- unsigned int len = test_case_len[testno];
- printf ("\ntest %d - %d bytes\n", testno, len);
- printf ("input:");
- hexdump (test_case[testno].input, len);
- printf ("\n");
- cts_enc (test_case[testno].output, test_case[testno].input, ivec, len);
- printf ("output:");
- hexdump (test_case[testno].output, len);
- printf ("\n");
- cts_dec (tmp, test_case[testno].output, ivec, len);
- if (memcmp (tmp, test_case[testno].input, len))
- fprintf (stderr, "cts decrypt failed!!\n"), exit(1);
- }
- printf ("\n");
-}
-
-int main ()
-{
- init ();
- fips_test ();
-
- ecb_test();
- cbc_test();
- cts_test();
-
- return 0;
-}
+++ /dev/null
-/*
- -------------------------------------------------------------------------
- Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
- All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explcit or implied warranties
- in respect of any properties, including, but not limited to, correctness
- and fitness for purpose.
- -------------------------------------------------------------------------
- Issue Date: 21/01/2002
-
- This file contains the definitions required to use AES (Rijndael) in C.
-*/
-
-#ifndef _AES_H
-#define _AES_H
-
-#include "uitypes.h"
-
-/* BLOCK_SIZE is in BYTES: 16, 24, 32 or undefined for aes.c and 16, 20,
- 24, 28, 32 or undefined for aespp.c. When left undefined a slower
- version that provides variable block length is compiled.
-*/
-
-#define BLOCK_SIZE 16
-
-/* key schedule length (in 32-bit words) */
-
-#if !defined(BLOCK_SIZE)
-#define KS_LENGTH 128
-#else
-#define KS_LENGTH 4 * BLOCK_SIZE
-#endif
-
-#if defined(__cplusplus)
-extern "C"
-{
-#endif
-
-typedef uint16_t aes_fret; /* type for function return value */
-#define aes_bad 0 /* bad function return value */
-#define aes_good 1 /* good function return value */
-#ifndef AES_DLL /* implement normal or DLL functions */
-#define aes_rval aes_fret
-#else
-#define aes_rval aes_fret __declspec(dllexport) _stdcall
-#endif
-
-typedef struct /* the AES context for encryption */
-{ uint32_t k_sch[KS_LENGTH]; /* the encryption key schedule */
- uint32_t n_rnd; /* the number of cipher rounds */
- uint32_t n_blk; /* the number of bytes in the state */
-} aes_ctx;
-
-/* for Kerberos 5 tree -- hide names! */
-#define aes_blk_len krb5int_aes_blk_len
-#define aes_enc_key krb5int_aes_enc_key
-#define aes_enc_blk krb5int_aes_enc_blk
-#define aes_dec_key krb5int_aes_dec_key
-#define aes_dec_blk krb5int_aes_dec_blk
-#define fl_tab krb5int_fl_tab
-#define ft_tab krb5int_ft_tab
-#define il_tab krb5int_il_tab
-#define im_tab krb5int_im_tab
-#define it_tab krb5int_it_tab
-#define rcon_tab krb5int_rcon_tab
-
-aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]);
-
-aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
-aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
-
-aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
-aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
-
-#if defined(__cplusplus)
-}
-#endif
-
-#endif
/*
* lib/crypto/openssl/aes/aes_s2k.c
*
- * Copyright 2003 by the Massachusetts Institute of Technology.
+ * Copyright 2003, 2009 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
+++ /dev/null
-
-/*
- -------------------------------------------------------------------------
- Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
- All rights reserved.
-
- TERMS
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted subject to the following conditions:
-
- 1. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- 3. The copyright holder's name must not be used to endorse or promote
- any products derived from this software without his specific prior
- written permission.
-
- This software is provided 'as is' with no express or implied warranties
- of correctness or fitness for purpose.
- -------------------------------------------------------------------------
- Issue Date: 21/01/2002
-
- This file contains the definitions required to use AES (Rijndael) in C++.
-*/
-
-#ifndef _AESCPP_H
-#define _AESCPP_H
-
-#include "aes.h"
-
-class AESclass
-{ aes_ctx cx[1];
-public:
-#if defined(BLOCK_SIZE)
- AESclass() { cx->n_blk = BLOCK_SIZE; cx->n_rnd = 0; }
-#else
- AESclass(unsigned int blen = 16) { cx->n_blk = blen; cx->n_rnd = 0; }
-#endif
- aes_rval blk_len(unsigned int blen) { return aes_blk_len(blen, cx); }
- aes_rval enc_key(const unsigned char in_key[], unsigned int klen)
- { return aes_enc_key(in_key, klen, cx); }
- aes_rval dec_key(const unsigned char in_key[], unsigned int klen)
- { return aes_dec_key(in_key, klen, cx); }
- aes_rval enc_blk(const unsigned char in_blk[], unsigned char out_blk[])
- { return aes_enc_blk(in_blk, out_blk, cx); }
- aes_rval dec_blk(const unsigned char in_blk[], unsigned char out_blk[])
- { return aes_dec_blk(in_blk, out_blk, cx); }
-};
-
-#endif
+++ /dev/null
-/* lib/crypto/openssl/aes/aescrypt.c
- */
-
-#include "aesopt.h"
-
-aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1])
-{
- return aes_bad;
-}
-aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1])
-{
- return aes_bad;
-}
-
+++ /dev/null
-/*
- * lib/crypto/openssl/aes/aeskey.c
- */
-
-#include "aesopt.h"
-
-aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1])
-{
- return aes_bad;
-}
-aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1])
-{
- return aes_bad;
-}
-
+++ /dev/null
-/*
- -------------------------------------------------------------------------
- Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
- All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explcit or implied warranties
- in respect of any properties, including, but not limited to, correctness
- and fitness for purpose.
- -------------------------------------------------------------------------
- Issue Date: 07/02/2002
-
- This file contains the compilation options for AES (Rijndael) and code
- that is common across encryption, key scheduling and table generation.
-
-
- OPERATION
-
- These source code files implement the AES algorithm Rijndael designed by
- Joan Daemen and Vincent Rijmen. The version in aes.c is designed for
- block and key sizes of 128, 192 and 256 bits (16, 24 and 32 bytes) while
- that in aespp.c provides for block and keys sizes of 128, 160, 192, 224
- and 256 bits (16, 20, 24, 28 and 32 bytes). This file is a common header
- file for these two implementations and for aesref.c, which is a reference
- implementation.
-
- This version is designed for flexibility and speed using operations on
- 32-bit words rather than operations on bytes. It provides aes_both fixed
- and dynamic block and key lengths and can also run with either big or
- little endian internal byte order (see aes.h). It inputs block and key
- lengths in bytes with the legal values being 16, 24 and 32 for aes.c and
- 16, 20, 24, 28 and 32 for aespp.c
-
- THE CIPHER INTERFACE
-
- uint8_t (an unsigned 8-bit type)
- uint32_t (an unsigned 32-bit type)
- aes_fret (a signed 16 bit type for function return values)
- aes_good (value != 0, a good return)
- aes_bad (value == 0, an error return)
- struct aes_ctx (structure for the cipher encryption context)
- struct aes_ctx (structure for the cipher decryption context)
- aes_rval the function return type (aes_fret if not DLL)
-
- C subroutine calls:
-
- aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]);
- aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
- aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
-
- aes_rval aes_dec_len(unsigned int blen, aes_ctx cx[1]);
- aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]);
- aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1]);
-
- IMPORTANT NOTE: If you are using this C interface and your compiler does
- not set the memory used for objects to zero before use, you will need to
- ensure that cx.s_flg is set to zero before using these subroutine calls.
-
- C++ aes class subroutines:
-
- class AESclass for encryption
- class AESclass for decryption
-
- aes_rval len(unsigned int blen = 16);
- aes_rval key(const unsigned char in_key[], unsigned int klen);
- aes_rval blk(const unsigned char in_blk[], unsigned char out_blk[]);
-
- aes_rval len(unsigned int blen = 16);
- aes_rval key(const unsigned char in_key[], unsigned int klen);
- aes_rval blk(const unsigned char in_blk[], unsigned char out_blk[]);
-
- The block length inputs to set_block and set_key are in numbers of
- BYTES, not bits. The calls to subroutines must be made in the above
- order but multiple calls can be made without repeating earlier calls
- if their parameters have not changed. If the cipher block length is
- variable but set_blk has not been called before cipher operations a
- value of 16 is assumed (that is, the AES block size). In contrast to
- earlier versions the block and key length parameters are now checked
- for correctness and the encryption and decryption routines check to
- ensure that an appropriate key has been set before they are called.
-
- COMPILATION
-
- The files used to provide AES (Rijndael) are
-
- a. aes.h for the definitions needed for use in C.
- b. aescpp.h for the definitions needed for use in C++.
- c. aesopt.h for setting compilation options (also includes common
- code).
- d. aescrypt.c for encryption and decrytpion, or
- e. aescrypt.asm for encryption and decryption using assembler code.
- f. aeskey.c for key scheduling.
- g. aestab.c for table loading or generation.
- h. uitypes.h for defining fixed length unsigned integers.
-
- The assembler code uses the NASM assembler. The above files provice
- block and key lengths of 16, 24 and 32 bytes (128, 192 and 256 bits).
- If aescrypp.c and aeskeypp.c are used instead of aescrypt.c and
- aeskey.c respectively, the block and key lengths can then be 16, 20,
- 24, 28 or 32 bytes. However this code has not been optimised to the
- same extent and is hence slower (esepcially for the AES block size
- of 16 bytes).
-
- To compile AES (Rijndael) for use in C code use aes.h and exclude
- the AES_DLL define in aes.h
-
- To compile AES (Rijndael) for use in in C++ code use aescpp.h and
- exclude the AES_DLL define in aes.h
-
- To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
- aes.h, include the AES_DLL define and compile the DLL. If using
- the test files to test the DLL, exclude aes.c from the test build
- project and compile it with the same defines as used for the DLL
- (ensure that the DLL path is correct)
-
- CONFIGURATION OPTIONS (here and in aes.h)
-
- a. define BLOCK_SIZE in aes.h to set the cipher block size (16, 24
- or 32 for the standard code, or 16, 20, 24, 28 or 32 for the
- extended code) or leave this undefined for dynamically variable
- block size (this will result in much slower code).
- b. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
- c. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
- d. If you want the code to run in a specific internal byte order, then
- INTERNAL_BYTE_ORDER must be set accordingly.
- e. set other configuration options decribed below.
-*/
-
-#ifndef _AESOPT_H
-#define _AESOPT_H
-
-/* START OF CONFIGURATION OPTIONS
-
- USE OF DEFINES
-
- Later in this section there are a number of defines that control
- the operation of the code. In each section, the purpose of each
- define is explained so that the relevant form can be included or
- excluded by setting either 1's or 0's respectively on the branches
- of the related #if clauses.
-*/
-
-#include "autoconf.h"
-
-/* 1. PLATFORM SPECIFIC INCLUDES */
-
-#if /* defined(__GNUC__) || */ defined(__GNU_LIBRARY__)
-# include <endian.h>
-# include <byteswap.h>
-#elif defined(__CRYPTLIB__)
-# if defined( INC_ALL )
-# include "crypt.h"
-# elif defined( INC_CHILD )
-# include "../crypt.h"
-# else
-# include "crypt.h"
-# endif
-# if defined(DATA_LITTLEENDIAN)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-# else
-# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-# endif
-#elif defined(_MSC_VER)
-# include <stdlib.h>
-#elif defined(__m68k__) && defined(__palmos__)
-# include <FloatMgr.h> /* defines BIG_ENDIAN */
-#elif defined(_MIPSEB)
-# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-#elif defined(_MIPSEL)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-#elif defined(_WIN32)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-#elif !defined(_WIN32)
-# include <stdlib.h>
-# if defined(HAVE_ENDIAN_H)
-# include <endian.h>
-# elif defined(HAVE_MACHINE_ENDIAN_H)
-# include <machine/endian.h>
-# else
-# include <sys/param.h>
-# endif
-#endif
-
-/* 2. BYTE ORDER IN 32-BIT WORDS
-
- To obtain the highest speed on processors with 32-bit words, this code
- needs to determine the order in which bytes are packed into such words.
- The following block of code is an attempt to capture the most obvious
- ways in which various environemnts specify heir endian definitions. It
- may well fail, in which case the definitions will need to be set by
- editing at the points marked **** EDIT HERE IF NECESSARY **** below.
-*/
-#define AES_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
-#define AES_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
-
-#if !defined(PLATFORM_BYTE_ORDER)
-#if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
-# if defined(LITTLE_ENDIAN) && defined(BIG_ENDIAN)
-# if defined(BYTE_ORDER)
-# if (BYTE_ORDER == LITTLE_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-# elif (BYTE_ORDER == BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-# endif
-# endif
-# elif defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-# elif !defined(LITTLE_ENDIAN) && defined(BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-# endif
-#elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
-# if defined(_LITTLE_ENDIAN) && defined(_BIG_ENDIAN)
-# if defined(_BYTE_ORDER)
-# if (_BYTE_ORDER == _LITTLE_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-# elif (_BYTE_ORDER == _BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-# endif
-# endif
-# elif defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-# elif !defined(_LITTLE_ENDIAN) && defined(_BIG_ENDIAN)
-# define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-# endif
-#elif 0 /* **** EDIT HERE IF NECESSARY **** */
-#define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-#elif 0 /* **** EDIT HERE IF NECESSARY **** */
-#define PLATFORM_BYTE_ORDER AES_BIG_ENDIAN
-#elif 1
-#define PLATFORM_BYTE_ORDER AES_LITTLE_ENDIAN
-#define UNKNOWN_BYTE_ORDER /* we're guessing */
-#endif
-#endif
-
-/* 3. ASSEMBLER SUPPORT
-
- If the assembler code is used for encryption and decryption this file only
- provides key scheduling so the following defines are used
-*/
-#ifdef AES_ASM
-#define ENCRYPTION_KEY_SCHEDULE
-#define DECRYPTION_KEY_SCHEDULE
-#endif
-
-/* 4. FUNCTIONS REQUIRED
-
- This implementation provides five main subroutines which provide for
- setting block length, setting encryption and decryption keys and for
- encryption and decryption. When the assembler code is not being used
- the following definition blocks allow the selection of the routines
- that are to be included in the compilation.
-*/
-#if 1
-#ifndef AES_ASM
-#define SET_BLOCK_LENGTH
-#endif
-#endif
-
-#if 1
-#ifndef AES_ASM
-#define ENCRYPTION_KEY_SCHEDULE
-#endif
-#endif
-
-#if 1
-#ifndef AES_ASM
-#define DECRYPTION_KEY_SCHEDULE
-#endif
-#endif
-
-#if 1
-#ifndef AES_ASM
-#define ENCRYPTION
-#endif
-#endif
-
-#if 1
-#ifndef AES_ASM
-#define DECRYPTION
-#endif
-#endif
-
-/* 5. BYTE ORDER WITHIN 32 BIT WORDS
-
- The fundamental data processing units in Rijndael are 8-bit bytes. The
- input, output and key input are all enumerated arrays of bytes in which
- bytes are numbered starting at zero and increasing to one less than the
- number of bytes in the array in question. This enumeration is only used
- for naming bytes and does not imply any adjacency or order relationship
- from one byte to another. When these inputs and outputs are considered
- as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
- byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
- In this implementation bits are numbered from 0 to 7 starting at the
- numerically least significant end of each byte (bit n represents 2^n).
-
- However, Rijndael can be implemented more efficiently using 32-bit
- words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
- into word[n]. While in principle these bytes can be assembled into words
- in any positions, this implementation only supports the two formats in
- which bytes in adjacent positions within words also have adjacent byte
- numbers. This order is called big-endian if the lowest numbered bytes
- in words have the highest numeric significance and little-endian if the
- opposite applies.
-
- This code can work in either order irrespective of the order used by the
- machine on which it runs. Normally the internal byte order will be set
- to the order of the processor on which the code is to be run but this
- define can be used to reverse this in special situations
-*/
-#if 1
-#define INTERNAL_BYTE_ORDER PLATFORM_BYTE_ORDER
-#elif defined(AES_LITTLE_ENDIAN)
-#define INTERNAL_BYTE_ORDER AES_LITTLE_ENDIAN
-#elif defined(AES_BIG_ENDIAN)
-#define INTERNAL_BYTE_ORDER AES_BIG_ENDIAN
-#endif
-
-/* 6. FAST INPUT/OUTPUT OPERATIONS.
-
- On some machines it is possible to improve speed by transferring the
- bytes in the input and output arrays to and from the internal 32-bit
- variables by addressing these arrays as if they are arrays of 32-bit
- words. On some machines this will always be possible but there may
- be a large performance penalty if the byte arrays are not aligned on
- the normal word boundaries. On other machines this technique will
- lead to memory access errors when such 32-bit word accesses are not
- properly aligned. The option SAFE_IO avoids such problems but will
- often be slower on those machines that support misaligned access
- (especially so if care is taken to align the input and output byte
- arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
- assumed that access to byte arrays as if they are arrays of 32-bit
- words will not cause problems when such accesses are misaligned.
-*/
-#if 1
-#define SAFE_IO
-#endif
-
-/*
- * If PLATFORM_BYTE_ORDER does not match the actual machine byte
- * order, the fast word-access code will cause incorrect results.
- * Therefore, SAFE_IO is required when the byte order is unknown.
- */
-#if !defined(SAFE_IO) && defined(UNKNOWN_BYTE_ORDER)
-# error "SAFE_IO must be defined if machine byte order is unknown."
-#endif
-
-/* 7. LOOP UNROLLING
-
- The code for encryption and decrytpion cycles through a number of rounds
- that can be implemented either in a loop or by expanding the code into a
- long sequence of instructions, the latter producing a larger program but
- one that will often be much faster. The latter is called loop unrolling.
- There are also potential speed advantages in expanding two iterations in
- a loop with half the number of iterations, which is called partial loop
- unrolling. The following options allow partial or full loop unrolling
- to be set independently for encryption and decryption
-*/
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO)
-#define ENC_UNROLL FULL
-#elif 0
-#define ENC_UNROLL PARTIAL
-#else
-#define ENC_UNROLL NONE
-#endif
-
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO)
-#define DEC_UNROLL FULL
-#elif 0
-#define DEC_UNROLL PARTIAL
-#else
-#define DEC_UNROLL NONE
-#endif
-
-/* 8. FIXED OR DYNAMIC TABLES
-
- When this section is included the tables used by the code are compiled
- statically into the binary file. Otherwise they are computed once when
- the code is first used.
-*/
-#if 1
-#define FIXED_TABLES
-#endif
-
-/* 9. FAST FINITE FIELD OPERATIONS
-
- If this section is included, tables are used to provide faster finite
- field arithmetic (this has no effect if FIXED_TABLES is defined).
-*/
-#if 1
-#define FF_TABLES
-#endif
-
-/* 10. INTERNAL STATE VARIABLE FORMAT
-
- The internal state of Rijndael is stored in a number of local 32-bit
- word varaibles which can be defined either as an array or as individual
- names variables. Include this section if you want to store these local
- varaibles in arrays. Otherwise individual local variables will be used.
-*/
-#if 1
-#define ARRAYS
-#endif
-
-/* In this implementation the columns of the state array are each held in
- 32-bit words. The state array can be held in various ways: in an array
- of words, in a number of individual word variables or in a number of
- processor registers. The following define maps a variable name x and
- a column number c to the way the state array variable is to be held.
- The first define below maps the state into an array x[c] whereas the
- second form maps the state into a number of individual variables x0,
- x1, etc. Another form could map individual state colums to machine
- register names.
-*/
-
-#if defined(ARRAYS)
-#define s(x,c) x[c]
-#else
-#define s(x,c) x##c
-#endif
-
-/* 11. VARIABLE BLOCK SIZE SPEED
-
- This section is only relevant if you wish to use the variable block
- length feature of the code. Include this section if you place more
- emphasis on speed rather than code size.
-*/
-#if 1
-#define FAST_VARIABLE
-#endif
-
-/* 12. INTERNAL TABLE CONFIGURATION
-
- This cipher proceeds by repeating in a number of cycles known as 'rounds'
- which are implemented by a round function which can optionally be speeded
- up using tables. The basic tables are each 256 32-bit words, with either
- one or four tables being required for each round function depending on
- how much speed is required. The encryption and decryption round functions
- are different and the last encryption and decrytpion round functions are
- different again making four different round functions in all.
-
- This means that:
- 1. Normal encryption and decryption rounds can each use either 0, 1
- or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
- 2. The last encryption and decryption rounds can also use either 0, 1
- or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
-
- Include or exclude the appropriate definitions below to set the number
- of tables used by this implementation.
-*/
-
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the normal encryption round */
-#define ENC_ROUND FOUR_TABLES
-#elif 0
-#define ENC_ROUND ONE_TABLE
-#else
-#define ENC_ROUND NO_TABLES
-#endif
-
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the last encryption round */
-#define LAST_ENC_ROUND FOUR_TABLES
-#elif 0
-#define LAST_ENC_ROUND ONE_TABLE
-#else
-#define LAST_ENC_ROUND NO_TABLES
-#endif
-
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the normal decryption round */
-#define DEC_ROUND FOUR_TABLES
-#elif 0
-#define DEC_ROUND ONE_TABLE
-#else
-#define DEC_ROUND NO_TABLES
-#endif
-
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO) /* set tables for the last decryption round */
-#define LAST_DEC_ROUND FOUR_TABLES
-#elif 0
-#define LAST_DEC_ROUND ONE_TABLE
-#else
-#define LAST_DEC_ROUND NO_TABLES
-#endif
-
-/* The decryption key schedule can be speeded up with tables in the same
- way that the round functions can. Include or exclude the following
- defines to set this requirement.
-*/
-#if !defined(CONFIG_SMALL) || defined(CONFIG_SMALL_NO_CRYPTO)
-#define KEY_SCHED FOUR_TABLES
-#elif 0
-#define KEY_SCHED ONE_TABLE
-#else
-#define KEY_SCHED NO_TABLES
-#endif
-
-/* END OF CONFIGURATION OPTIONS */
-
-#define NO_TABLES 0 /* DO NOT CHANGE */
-#define ONE_TABLE 1 /* DO NOT CHANGE */
-#define FOUR_TABLES 4 /* DO NOT CHANGE */
-#define NONE 0 /* DO NOT CHANGE */
-#define PARTIAL 1 /* DO NOT CHANGE */
-#define FULL 2 /* DO NOT CHANGE */
-
-#if defined(BLOCK_SIZE) && ((BLOCK_SIZE & 3) || BLOCK_SIZE < 16 || BLOCK_SIZE > 32)
-#error An illegal block size has been specified.
-#endif
-
-#if !defined(BLOCK_SIZE)
-#define RC_LENGTH 29
-#else
-#define RC_LENGTH 5 * BLOCK_SIZE / 4 - (BLOCK_SIZE == 16 ? 10 : 11)
-#endif
-
-/* Disable at least some poor combinations of options */
-
-#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
-#undef LAST_ENC_ROUND
-#define LAST_ENC_ROUND NO_TABLES
-#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
-#undef LAST_ENC_ROUND
-#define LAST_ENC_ROUND ONE_TABLE
-#endif
-
-#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
-#undef ENC_UNROLL
-#define ENC_UNROLL NONE
-#endif
-
-#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
-#undef LAST_DEC_ROUND
-#define LAST_DEC_ROUND NO_TABLES
-#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
-#undef LAST_DEC_ROUND
-#define LAST_DEC_ROUND ONE_TABLE
-#endif
-
-#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
-#undef DEC_UNROLL
-#define DEC_UNROLL NONE
-#endif
-
-#include "aes.h"
-
- /*
- upr(x,n): rotates bytes within words by n positions, moving bytes to
- higher index positions with wrap around into low positions
- ups(x,n): moves bytes by n positions to higher index positions in
- words but without wrap around
- bval(x,n): extracts a byte from a word
- */
-
-#if (INTERNAL_BYTE_ORDER == AES_LITTLE_ENDIAN)
-#if defined(_MSC_VER)
-#define upr(x,n) _lrotl((x), 8 * (n))
-#else
-#define upr(x,n) (((x) << (8 * (n))) | ((x) >> (32 - 8 * (n))))
-#endif
-#define ups(x,n) ((x) << (8 * (n)))
-#define bval(x,n) ((uint8_t)((x) >> (8 * (n))))
-#define bytes2word(b0, b1, b2, b3) \
- (((uint32_t)(b3) << 24) | ((uint32_t)(b2) << 16) | ((uint32_t)(b1) << 8) | (b0))
-#endif
-
-#if (INTERNAL_BYTE_ORDER == AES_BIG_ENDIAN)
-#define upr(x,n) (((x) >> (8 * (n))) | ((x) << (32 - 8 * (n))))
-#define ups(x,n) ((x) >> (8 * (n))))
-#define bval(x,n) ((uint8_t)((x) >> (24 - 8 * (n))))
-#define bytes2word(b0, b1, b2, b3) \
- (((uint32_t)(b0) << 24) | ((uint32_t)(b1) << 16) | ((uint32_t)(b2) << 8) | (b3))
-#endif
-
-#if defined(SAFE_IO)
-
-#define word_in(x) bytes2word((x)[0], (x)[1], (x)[2], (x)[3])
-#define word_out(x,v) { (x)[0] = bval(v,0); (x)[1] = bval(v,1); \
- (x)[2] = bval(v,2); (x)[3] = bval(v,3); }
-
-#elif (INTERNAL_BYTE_ORDER == PLATFORM_BYTE_ORDER)
-
-#define word_in(x) *(uint32_t*)(x)
-#define word_out(x,v) *(uint32_t*)(x) = (v)
-
-#else
-
-#if !defined(bswap_32)
-#if !defined(_MSC_VER)
-#define _lrotl(x,n) (((x) << n) | ((x) >> (32 - n)))
-#endif
-#define bswap_32(x) ((_lrotl((x),8) & 0x00ff00ff) | (_lrotl((x),24) & 0xff00ff00))
-#endif
-
-#define word_in(x) bswap_32(*(uint32_t*)(x))
-#define word_out(x,v) *(uint32_t*)(x) = bswap_32(v)
-
-#endif
-
-/* the finite field modular polynomial and elements */
-
-#define WPOLY 0x011b
-#define BPOLY 0x1b
-
-/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
-
-#define m1 0x80808080
-#define m2 0x7f7f7f7f
-#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
-
-/* The following defines provide alternative definitions of FFmulX that might
- give improved performance if a fast 32-bit multiply is not available. Note
- that a temporary variable u needs to be defined where FFmulX is used.
-
-#define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
-#define m4 (0x01010101 * BPOLY)
-#define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
-*/
-
-/* Work out which tables are needed for the different options */
-
-#ifdef AES_ASM
-#ifdef ENC_ROUND
-#undef ENC_ROUND
-#endif
-#define ENC_ROUND FOUR_TABLES
-#ifdef LAST_ENC_ROUND
-#undef LAST_ENC_ROUND
-#endif
-#define LAST_ENC_ROUND FOUR_TABLES
-#ifdef DEC_ROUND
-#undef DEC_ROUND
-#endif
-#define DEC_ROUND FOUR_TABLES
-#ifdef LAST_DEC_ROUND
-#undef LAST_DEC_ROUND
-#endif
-#define LAST_DEC_ROUND FOUR_TABLES
-#ifdef KEY_SCHED
-#undef KEY_SCHED
-#define KEY_SCHED FOUR_TABLES
-#endif
-#endif
-
-#if defined(ENCRYPTION) || defined(AES_ASM)
-#if ENC_ROUND == ONE_TABLE
-#define FT1_SET
-#elif ENC_ROUND == FOUR_TABLES
-#define FT4_SET
-#else
-#define SBX_SET
-#endif
-#if LAST_ENC_ROUND == ONE_TABLE
-#define FL1_SET
-#elif LAST_ENC_ROUND == FOUR_TABLES
-#define FL4_SET
-#elif !defined(SBX_SET)
-#define SBX_SET
-#endif
-#endif
-
-#if defined(DECRYPTION) || defined(AES_ASM)
-#if DEC_ROUND == ONE_TABLE
-#define IT1_SET
-#elif DEC_ROUND == FOUR_TABLES
-#define IT4_SET
-#else
-#define ISB_SET
-#endif
-#if LAST_DEC_ROUND == ONE_TABLE
-#define IL1_SET
-#elif LAST_DEC_ROUND == FOUR_TABLES
-#define IL4_SET
-#elif !defined(ISB_SET)
-#define ISB_SET
-#endif
-#endif
-
-#if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
-#if KEY_SCHED == ONE_TABLE
-#define LS1_SET
-#define IM1_SET
-#elif KEY_SCHED == FOUR_TABLES
-#define LS4_SET
-#define IM4_SET
-#elif !defined(SBX_SET)
-#define SBX_SET
-#endif
-#endif
-
-#ifdef FIXED_TABLES
-#define prefx extern const
-#else
-#define prefx extern
-extern uint8_t tab_init;
-void gen_tabs(void);
-#endif
-
-prefx uint32_t rcon_tab[0];
-
-#ifdef SBX_SET
-prefx uint8_t s_box[256];
-#endif
-
-#ifdef ISB_SET
-prefx uint8_t inv_s_box[256];
-#endif
-
-#ifdef FT1_SET
-prefx uint32_t ft_tab[256];
-#endif
-
-#ifdef FT4_SET
-prefx uint32_t ft_tab[4][256];
-#endif
-
-#ifdef FL1_SET
-prefx uint32_t fl_tab[256];
-#endif
-
-#ifdef FL4_SET
-prefx uint32_t fl_tab[4][256];
-#endif
-
-#ifdef IT1_SET
-prefx uint32_t it_tab[256];
-#endif
-
-#ifdef IT4_SET
-prefx uint32_t it_tab[4][256];
-#endif
-
-#ifdef IL1_SET
-prefx uint32_t il_tab[256];
-#endif
-
-#ifdef IL4_SET
-prefx uint32_t il_tab[4][256];
-#endif
-
-#ifdef LS1_SET
-#ifdef FL1_SET
-#undef LS1_SET
-#else
-prefx uint32_t ls_tab[256];
-#endif
-#endif
-
-#ifdef LS4_SET
-#ifdef FL4_SET
-#undef LS4_SET
-#else
-prefx uint32_t ls_tab[4][256];
-#endif
-#endif
-
-#ifdef IM1_SET
-prefx uint32_t im_tab[256];
-#endif
-
-#ifdef IM4_SET
-prefx uint32_t im_tab[4][256];
-#endif
-
-/* Set the number of columns in nc. Note that it is important */
-/* that nc is a constant which is known at compile time if the */
-/* highest speed version of the code is needed */
-
-#if defined(BLOCK_SIZE)
-#define nc (BLOCK_SIZE >> 2)
-#else
-#define nc (cx->n_blk >> 2)
-#endif
-
-/* generic definitions of Rijndael macros that use of tables */
-
-#define no_table(x,box,vf,rf,c) bytes2word( \
- box[bval(vf(x,0,c),rf(0,c))], \
- box[bval(vf(x,1,c),rf(1,c))], \
- box[bval(vf(x,2,c),rf(2,c))], \
- box[bval(vf(x,3,c),rf(3,c))])
-
-#define one_table(x,op,tab,vf,rf,c) \
- ( tab[bval(vf(x,0,c),rf(0,c))] \
- ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
- ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
- ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
-
-#define four_tables(x,tab,vf,rf,c) \
- ( tab[0][bval(vf(x,0,c),rf(0,c))] \
- ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
- ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
- ^ tab[3][bval(vf(x,3,c),rf(3,c))])
-
-#define vf1(x,r,c) (x)
-#define rf1(r,c) (r)
-#define rf2(r,c) ((r-c)&3)
-
-/* perform forward and inverse column mix operation on four bytes in long word x in */
-/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */
-
-#define dec_fmvars
-#if defined(FM4_SET) /* not currently used */
-#define fwd_mcol(x) four_tables(x,fm_tab,vf1,rf1,0)
-#elif defined(FM1_SET) /* not currently used */
-#define fwd_mcol(x) one_table(x,upr,fm_tab,vf1,rf1,0)
-#else
-#undef dec_fmvars
-#define dec_fmvars uint32_t f1, f2;
-#define fwd_mcol(x) (f1 = (x), f2 = FFmulX(f1), f2 ^ upr(f1 ^ f2, 3) ^ upr(f1, 2) ^ upr(f1, 1))
-#endif
-
-#define dec_imvars
-#if defined(IM4_SET)
-#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0)
-#elif defined(IM1_SET)
-#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0)
-#else
-#undef dec_imvars
-#define dec_imvars uint32_t f2, f4, f8, f9;
-#define inv_mcol(x) \
- (f9 = (x), f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \
- f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1))
-#endif
-
-#if defined(FL4_SET)
-#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
-#elif defined(LS4_SET)
-#define ls_box(x,c) four_tables(x,ls_tab,vf1,rf2,c)
-#elif defined(FL1_SET)
-#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c)
-#elif defined(LS1_SET)
-#define ls_box(x,c) one_table(x,upr,ls_tab,vf1,rf2,c)
-#else
-#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c)
-#endif
-
-#endif
+++ /dev/null
-/* lib/crypto/openssl/aes/aestab.c
- */
-
-#include "aesopt.h"
-const uint32_t rcon_tab[0]={};
-
#
# Generated makefile dependencies follow.
#
-aescrypt.so aescrypt.po $(OUTPRE)aescrypt.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(srcdir)/aes.h \
- $(srcdir)/aescrypt.c $(srcdir)/aesopt.h \
- $(srcdir)/uitypes.h
-aestab.so aestab.po $(OUTPRE)aestab.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(srcdir)/aes.h $(srcdir)/aesopt.h \
- $(srcdir)/aestab.c $(srcdir)/uitypes.h
-aeskey.so aeskey.po $(OUTPRE)aeskey.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(srcdir)/aes.h $(srcdir)/aeskey.c \
- $(srcdir)/aesopt.h $(srcdir)/uitypes.h
aes_s2k.so aes_s2k.po $(OUTPRE)aes_s2k.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
+++ /dev/null
-/*
- -------------------------------------------------------------------------
- Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
- All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explcit or implied warranties
- in respect of any properties, including, but not limited to, correctness
- and fitness for purpose.
- -------------------------------------------------------------------------
- Issue Date: 01/02/2002
-
- This file contains code to obtain or set the definitions for fixed length
- unsigned integer types.
-*/
-
-#ifndef _UITYPES_H
-#define _UITYPES_H
-
-#include "autoconf.h"
-
-#if defined(__GNU_LIBRARY__)
-#define HAS_INTTYPES_H
-#elif !defined(_MSC_VER)
-#include <limits.h>
-#if ULONG_MAX > 0xFFFFFFFFUL
- #define MODEL_64
-#else
- #define MODEL_32
-#endif
-#endif
-
-#if defined HAS_INTTYPES_H || defined HAVE_INTTYPES_H
-#include <inttypes.h>
-#define s_u32 u
-#define s_u64 ull
-#elif defined MODEL_32
-typedef unsigned char uint8_t;
-typedef unsigned short int uint16_t;
-typedef unsigned int uint32_t;
-typedef unsigned long long int uint64_t;
-#define s_u32 u
-#define s_u64 ull
-#elif defined MODEL_64
-typedef unsigned char uint8_t;
-typedef unsigned short int uint16_t;
-typedef unsigned int uint32_t;
-typedef unsigned long int uint64_t;
-#define s_u32 u
-#define s_u64 ul
-#elif defined(_MSC_VER)
-typedef unsigned __int8 uint8_t;
-typedef unsigned __int16 uint16_t;
-typedef unsigned __int32 uint32_t;
-typedef unsigned __int64 uint64_t;
-#define s_u32 ui32
-#define s_u64 ui64
-#else
-#error You need to define fixed length types in uitypes.h
-#endif
-
-#define sfx_lo(x,y) x##y
-#define sfx_hi(x,y) sfx_lo(x,y)
-#define x_32(p) sfx_hi(0x##p,s_u32)
-#define x_64(p) sfx_hi(0x##p,s_u64)
-
-#endif
/*
* lib/crypto/arcfour/arcfour_aead.c
*
- * Copyright 2008 by the Massachusetts Institute of Technology.
+ * Copyright 2008, 2009 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
PROG_RPATH=$(KRB5_LIBDIR)
-STLIBOBJS=\
- afsstring2key.o \
- d3_cbc.o \
- d3_aead.o \
- d3_kysched.o \
- f_aead.o \
- f_cbc.o \
- f_cksum.o \
+STLIBOBJS= des_oldapis.o \
f_parity.o \
- f_sched.o \
- key_sched.o \
string2key.o \
weak_key.o
-OBJS= $(OUTPRE)afsstring2key.$(OBJEXT) \
- $(OUTPRE)d3_cbc.$(OBJEXT) \
- $(OUTPRE)d3_aead.$(OBJEXT) \
- $(OUTPRE)d3_kysched.$(OBJEXT) \
- $(OUTPRE)f_aead.$(OBJEXT) \
- $(OUTPRE)f_cbc.$(OBJEXT) \
- $(OUTPRE)f_cksum.$(OBJEXT) \
- $(OUTPRE)f_parity.$(OBJEXT) \
- $(OUTPRE)f_sched.$(OBJEXT) \
- $(OUTPRE)key_sched.$(OBJEXT) \
+OBJS= $(OUTPRE)f_parity.$(OBJEXT) \
+ $(OUTPRE)des_oldapis.$(OBJEXT) \
$(OUTPRE)string2key.$(OBJEXT) \
$(OUTPRE)weak_key.$(OBJEXT)
-SRCS= $(srcdir)/afsstring2key.c \
- $(srcdir)/d3_cbc.c \
- $(srcdir)/d3_aead.c \
- $(srcdir)/d3_kysched.c \
- $(srcdir)/f_aead.c \
- $(srcdir)/f_cbc.c \
- $(srcdir)/f_cksum.c \
- $(srcdir)/f_parity.c \
- $(srcdir)/f_sched.c \
- $(srcdir)/key_sched.c \
+SRCS= $(srcdir)/f_parity.c \
+ $(srcdir)/des_oldapis.c \
$(srcdir)/weak_key.c \
$(srcdir)/string2key.c
##DOS##LIBOBJS = $(OBJS)
-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
- $(OUTPRE)f_cbc.$(OBJEXT) \
- $(OUTPRE)f_cksum.$(OBJEXT)
-
-
all-unix:: all-libobjs
check-unix::
+++ /dev/null
-/* lib/crypto/openss/des/afsstring2key.c
- *
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-#include <ctype.h>
-
-krb5_error_code
-mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
- const krb5_data *salt)
-{
- return KRB5_CRYPTO_INTERNAL;
-}
-char *
-mit_afs_crypt(const char *pw, const char *salt,
- char *iobuf)
-{
- /* Unsupported operation */
- return NULL;
-}
-
-
+++ /dev/null
-/* lib/crypto/openssl/des/d3_aead.c
- *
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- */
-#include "des_int.h"
-#include "aead.h"
-
-void
-krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
-void
-krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
+++ /dev/null
-/* lib/crypto/openssl/des/d3_cbc.c
- *
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- */
-#include "des_int.h"
-
-/*
- * Triple-DES CBC encryption mode.
- */
-
-#undef mit_des3_cbc_encrypt
-int
-mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec, int enc)
-{
- /* Unsupported operation */
- return KRB5_CRYPTO_INTERNAL;
-}
-
-void
-krb5int_des3_cbc_encrypt(const mit_des_cblock *input,
- mit_des_cblock *output,
- unsigned long length,
- const mit_des_key_schedule key,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
-void
-krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
+++ /dev/null
-/* lib/crypto/openssl/des/d3_kysched.c
- *
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- */
-
-#include "des_int.h"
-
-int
-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
-{
- /* Unsupported operation */
- return KRB5_CRYPTO_INTERNAL;
-}
-
-
#
# Generated makefile dependencies follow.
#
-afsstring2key.so afsstring2key.po $(OUTPRE)afsstring2key.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/afsstring2key.c $(srcdir)/des_int.h
-d3_cbc.so d3_cbc.po $(OUTPRE)d3_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/d3_cbc.c \
- $(srcdir)/des_int.h
-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/d3_aead.c \
- $(srcdir)/des_int.h \
- $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h
-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/d3_kysched.c $(srcdir)/des_int.h
-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/des_int.h \
- $(srcdir)/f_aead.c \
- $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h
-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/des_int.h \
- $(srcdir)/f_cbc.c
-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/des_int.h \
- $(srcdir)/f_cksum.c
f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
$(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
$(srcdir)/des_int.h $(srcdir)/f_parity.c
-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
$(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
$(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
$(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
$(SRCTOP)/include/socket-utils.h $(srcdir)/des_int.h \
- $(srcdir)/f_sched.c
-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/authdata_plugin.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/des_int.h $(srcdir)/key_sched.c
+ $(srcdir)/des_oldapis.c
weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
$(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
$(srcdir)/des_int.h $(srcdir)/string2key.c
-destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_int.h destest.c
/*
* lib/crypto/des/des_int.h
*
- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
+ * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of
* Technology. All Rights Reserved.
*
* Export of this software from the United States of America may
* End "mit-des.h"
*/
-/* afsstring2key.c */
-extern krb5_error_code mit_afs_string_to_key
- (krb5_keyblock *keyblock,
- const krb5_data *data,
- const krb5_data *salt);
-extern char *mit_afs_crypt
- (const char *pw, const char *salt, char *iobuf);
-
-/* f_cksum.c */
-extern unsigned long mit_des_cbc_cksum
- (const krb5_octet *, krb5_octet *, unsigned long ,
- const mit_des_key_schedule, const krb5_octet *);
-
-/* f_ecb.c */
-extern int mit_des_ecb_encrypt
- (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int );
-
-/* f_cbc.c */
-extern int mit_des_cbc_encrypt (const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc);
-
#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
extern const mit_des_cblock mit_des_zeroblock;
-/* fin_rndkey.c */
-extern krb5_error_code mit_des_finish_random_key
- ( const krb5_encrypt_block *,
- krb5_pointer *);
-
-/* finish_key.c */
-extern krb5_error_code mit_des_finish_key
- ( krb5_encrypt_block *);
-
-/* init_rkey.c */
-extern krb5_error_code mit_des_init_random_key
- ( const krb5_encrypt_block *,
- const krb5_keyblock *,
- krb5_pointer *);
-
/* key_parity.c */
extern void mit_des_fixup_key_parity (mit_des_cblock );
extern int mit_des_check_key_parity (mit_des_cblock );
-/* key_sched.c */
-extern int mit_des_key_sched
- (mit_des_cblock , mit_des_key_schedule );
-
-/* process_ky.c */
-extern krb5_error_code mit_des_process_key
- ( krb5_encrypt_block *, const krb5_keyblock *);
-
-/* random_key.c */
-extern krb5_error_code mit_des_random_key
- ( const krb5_encrypt_block *, krb5_pointer ,
- krb5_keyblock **);
-
/* string2key.c */
extern krb5_error_code mit_des_string_to_key
( const krb5_encrypt_block *,
/* weak_key.c */
extern int mit_des_is_weak_key (mit_des_cblock );
-/* cmb_keys.c */
-krb5_error_code mit_des_combine_subkeys
- (const krb5_keyblock *, const krb5_keyblock *,
- krb5_keyblock **);
-
-/* f_pcbc.c */
-int mit_des_pcbc_encrypt ();
-
-/* f_sched.c */
-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
-
-
/* misc.c */
extern void swap_bits (char *);
extern unsigned long long_swap_bits (unsigned long );
/* XXX depends on FILE being a #define! */
extern void test_set (FILE *, const char *, int, const char *, int);
#endif
-
-/* d3_ecb.c */
-extern int mit_des3_ecb_encrypt
- (const mit_des_cblock *in,
- mit_des_cblock *out,
- mit_des_key_schedule sched1,
- mit_des_key_schedule sched2,
- mit_des_key_schedule sched3,
- int enc);
-
-/* d3_cbc.c */
-extern int mit_des3_cbc_encrypt
- (const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec,
- int enc);
-
-void
-krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec);
-void
-krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec);
-
-void
-krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-void
-krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \
- ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \
- (in, out, length, ks1, ks2, ks3, ivec), 0)
-
-void
-krb5int_des_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec);
-void
-krb5int_des_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec);
-
-#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \
- ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \
- (in, out, length, schedule, ivec), 0)
-
-void
-krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
-
-/* d3_procky.c */
-extern krb5_error_code mit_des3_process_key
- (krb5_encrypt_block * eblock,
- const krb5_keyblock * keyblock);
-
-/* d3_kysched.c */
-extern int mit_des3_key_sched
- (mit_des3_cblock key,
- mit_des3_key_schedule schedule);
-
-/* d3_str2ky.c */
-extern krb5_error_code mit_des3_string_to_key
- (const krb5_encrypt_block * eblock,
- krb5_keyblock * keyblock,
- const krb5_data * data,
- const krb5_data * salt);
-
-/* u_nfold.c */
-extern krb5_error_code mit_des_n_fold
- (const krb5_octet * input,
- const size_t in_len,
- krb5_octet * output,
- const size_t out_len);
-
-/* u_rn_key.c */
-extern int mit_des_is_weak_keyblock
- (krb5_keyblock *keyblock);
-
-extern void mit_des_fixup_keyblock_parity
- (krb5_keyblock *keyblock);
-
-extern krb5_error_code mit_des_set_random_generator_seed
- (const krb5_data * seed,
- krb5_pointer random_state);
-
-extern krb5_error_code mit_des_set_random_sequence_number
- (const krb5_data * sequence,
- krb5_pointer random_state);
#endif /*DES_INTERNAL_DEFS*/
--- /dev/null
+/*
+ * lib/crypto/openssl/des/des_oldapis.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include "k5-int.h"
+#include "des_int.h"
+#include <ctype.h>
+
+const mit_des_cblock mit_des_zeroblock /* = all zero */;
+
+unsigned long
+mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
+ unsigned long length, const mit_des_key_schedule schedule,
+ const krb5_octet *ivec)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+
+krb5_error_code
+mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
+ const krb5_data *salt)
+{
+ return KRB5_CRYPTO_INTERNAL;
+}
+
+int
+mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+
+++ /dev/null
-/* lib/crypto/openssl/des/f_aead.c
- *
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- */
-
-#include "des_int.h"
-#include "aead.h"
-
-
-void
-krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
-void
-krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock iv)
-{
- /* Unsupported operation */
- abort();
-}
-
-
+++ /dev/null
-/*
- * lib/crypto/openssldes/f_cbc.c
- *
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
- */
-#include "des_int.h"
-
-/*
- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
- */
-
-/*
- * This routine performs DES cipher-block-chaining operation, either
- * encrypting from cleartext to ciphertext, if encrypt != 0 or
- * decrypting from ciphertext to cleartext, if encrypt == 0.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
- * enough space was provided, your program will get trashed.
- *
- * For encryption, the cleartext string is null padded, at the end, to
- * an integral multiple of eight bytes.
- *
- * For decryption, the ciphertext will be used in integral multiples
- * of 8 bytes, but only the first "length" bytes returned into the
- * cleartext.
- */
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-#undef mit_des_cbc_encrypt
-int
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc)
-{
- /* Unsupported operation */
- return KRB5_CRYPTO_INTERNAL;
-}
-void
-krb5int_des_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
-void
-krb5int_des_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
-{
- /* Unsupported operation */
- abort();
-}
-
+++ /dev/null
-/*
- * lib/crypto/openssl/des/f_cksum.c
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- */
-
-#include "des_int.h"
-
-unsigned long
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const krb5_octet *ivec)
-{
- /* Unsupported operation */
- return KRB5_CRYPTO_INTERNAL;
-}
-
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
* All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
*/
#include "des_int.h"
+++ /dev/null
-/*
- * lib/crypto/openssl/des/f_sched.c
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- */
-
-#include "des_int.h"
-
-int
-mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
-{
- return KRB5_CRYPTO_INTERNAL; // CRYPTO_UNSOPPERTED_OP
-}
-
+++ /dev/null
-/*
- * lib/crypto/openssl/des/key_sched.c
- *
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- */
-
-#include "des_int.h"
-
-int
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
-{
- /* Unsupported operation */
- return KRB5_CRYPTO_INTERNAL;
-}
-
/*
* lib/crypto/openssl/des/string2key.c
*
- * Copyright 2009 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
*
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
*/
#include "des_int.h"
#include "k5-int.h"
#include "enc_provider.h"
#include "rand2key.h"
-#include "aes.h"
#include "aead.h"
#include "hash_provider/hash_provider.h"
#include <openssl/evp.h>
cts_decr_iov(krb5_key key, const krb5_data *ivec,
krb5_crypto_iov *data, size_t num_data, size_t dlen);
+#define BLOCK_SIZE 16
#define NUM_BITS 8
#define IV_CTS_BUF_SIZE 16 /* 16 - hardcoded in CRYPTO_cts128_en/decrypt */
const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
- unsigned char *key_buf = NULL;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX ciph_ctx;
- key_buf = OPENSSL_malloc(key->keyblock.length);
- if (!key_buf)
- return ENOMEM;
-
tmp_len = input->length;
tmp_buf = OPENSSL_malloc(input->length);
if (!tmp_buf){
- OPENSSL_free(key_buf);
return ENOMEM;
}
- memcpy(key_buf, key->keyblock.contents, key->keyblock.length);
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
- NULL, key_buf, (ivec) ? (unsigned char*)ivec->data : NULL);
+ NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (ret == 1){
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
ret = KRB5_CRYPTO_INTERNAL;
}
- memset(key_buf, 0, key->keyblock.length);
memset(tmp_buf, 0, input->length);
- OPENSSL_free(key_buf);
OPENSSL_free(tmp_buf);
return ret;
const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
- unsigned char *key_buf = NULL;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX ciph_ctx;
- key_buf = OPENSSL_malloc(key->keyblock.length);
- if (!key_buf)
- return ENOMEM;
-
tmp_len = input->length;
tmp_buf = OPENSSL_malloc(input->length);
if (!tmp_buf){
- OPENSSL_free(key_buf);
return ENOMEM;
}
- memcpy(key_buf, key->keyblock.contents, key->keyblock.length);
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
- NULL, key_buf, (ivec) ? (unsigned char*)ivec->data : NULL);
+ NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (ret == 1) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
ret = KRB5_CRYPTO_INTERNAL;
}
- memset(key_buf, 0, key->keyblock.length);
memset(tmp_buf, 0, input->length);
- OPENSSL_free(key_buf);
OPENSSL_free(tmp_buf);
return ret;
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
$(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
$(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h $(srcdir)/../aes/aes.h \
- $(srcdir)/../aes/uitypes.h $(srcdir)/aes.c \
+ $(SRCTOP)/include/socket-utils.h \
+ $(srcdir)/aes.c \
$(srcdir)/enc_provider.h \
$(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
$(srcdir)/../../krb/rand2key/rand2key.h
/* lib/crypto/openssl/enc_provider/des.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
#include "k5-int.h"
{
int ret = 0, tmp_len = 0;
unsigned int tmp_buf_len = 0;
- unsigned char *keybuf = NULL;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX ciph_ctx;
if (ret)
return ret;
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
-
tmp_buf_len = output->length*2;
tmp_buf=OPENSSL_malloc(tmp_buf_len);
if (!tmp_buf)
EVP_CIPHER_CTX_init(&ciph_ctx);
- ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, keybuf,
+ ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents,
(ivec) ? (unsigned char*)ivec->data : NULL);
if (ret) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
{
/* key->keyblock.enctype was checked by the caller */
int ret = 0, tmp_len = 0;
- unsigned char *keybuf = NULL;
unsigned char *tmp_buf;
EVP_CIPHER_CTX ciph_ctx;
if (ret)
return ret;
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
tmp_buf=OPENSSL_malloc(output->length);
if (!tmp_buf)
EVP_CIPHER_CTX_init(&ciph_ctx);
- ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, keybuf,
+ ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents,
(ivec) ? (unsigned char*)ivec->data : NULL);
if (ret) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
int ret = 0, tmp_len = MIT_DES_BLOCK_LENGTH;
int oblock_len = MIT_DES_BLOCK_LENGTH * num_data;
unsigned char *iblock = NULL, *oblock = NULL;
- unsigned char *keybuf = NULL ;
struct iov_block_state input_pos, output_pos;
EVP_CIPHER_CTX ciph_ctx;
IOV_BLOCK_STATE_INIT(&input_pos);
IOV_BLOCK_STATE_INIT(&output_pos);
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
ret = validate_iov(key, ivec, data, num_data);
if (ret)
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL,
- keybuf, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL);
+ key->keyblock.contents, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL);
if (!ret){
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
OPENSSL_free(iblock);
int tmp_len = MIT_DES_BLOCK_LENGTH;
int oblock_len = MIT_DES_BLOCK_LENGTH*num_data;
unsigned char *iblock = NULL, *oblock = NULL;
- unsigned char *keybuf = NULL;
struct iov_block_state input_pos, output_pos;
EVP_CIPHER_CTX ciph_ctx;
IOV_BLOCK_STATE_INIT(&input_pos);
IOV_BLOCK_STATE_INIT(&output_pos);
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
-
ret = validate_iov(key, ivec, data, num_data);
if (ret)
return ret;
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL,
- keybuf, (ivec) ? (unsigned char*)ivec->data : NULL);
+ key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (!ret){
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
OPENSSL_free(iblock);
/* lib/crypto/openssl/enc_provider/des3.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
#include "k5-int.h"
{
int ret = 0, tmp_len = 0;
unsigned int tmp_buf_len = 0;
- unsigned char *keybuf = NULL;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX ciph_ctx;
if (ret)
return ret;
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
-
tmp_buf_len = output->length * 2;
tmp_buf = OPENSSL_malloc(tmp_buf_len);
if (!tmp_buf)
EVP_CIPHER_CTX_init(&ciph_ctx);
- ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, keybuf,
+ ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, key->keyblock.contents,
(ivec) ? (unsigned char*)ivec->data : NULL);
if (ret) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
{
int ret = 0, tmp_len = 0;
unsigned int tmp_buf_len = 0;
- unsigned char *keybuf = NULL;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX ciph_ctx;
if (ret)
return ret;
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
tmp_buf_len = output->length;
tmp_buf=OPENSSL_malloc(tmp_buf_len);
EVP_CIPHER_CTX_init(&ciph_ctx);
- ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, keybuf,
+ ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, key->keyblock.contents,
(ivec) ? (unsigned char*)ivec->data: NULL);
if (ret) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
int tmp_len = MIT_DES_BLOCK_LENGTH;
int oblock_len = MIT_DES_BLOCK_LENGTH*num_data;
unsigned char *iblock = NULL, *oblock = NULL;
- unsigned char *keybuf = NULL;
struct iov_block_state input_pos, output_pos;
EVP_CIPHER_CTX ciph_ctx;
IOV_BLOCK_STATE_INIT(&input_pos);
IOV_BLOCK_STATE_INIT(&output_pos);
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
-
memset(oblock, 0, oblock_len);
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL,
- keybuf, (ivec) ? (unsigned char*)ivec->data : NULL);
+ key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (!ret){
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
OPENSSL_free(iblock);
int tmp_len = MIT_DES_BLOCK_LENGTH;
int oblock_len = MIT_DES_BLOCK_LENGTH * num_data;
unsigned char *iblock = NULL, *oblock = NULL;
- unsigned char *keybuf = NULL ;
struct iov_block_state input_pos, output_pos;
EVP_CIPHER_CTX ciph_ctx;
IOV_BLOCK_STATE_INIT(&input_pos);
IOV_BLOCK_STATE_INIT(&output_pos);
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
-
memset(oblock, 0, oblock_len);
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL,
- keybuf, (ivec) ? (unsigned char*)ivec->data : NULL);
+ key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (!ret){
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
OPENSSL_free(iblock);
/* lib/crypto/openssl/enc_provider/rc4.c
+ *
+ * #include STD_DISCLAIMER
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/* arcfour.c
+ *
+ * Copyright (c) 2000 by Computer Science Laboratory,
+ * Rensselaer Polytechnic Institute
*
* #include STD_DISCLAIMER
*/
+
#include "k5-int.h"
#include <aead.h>
#include <rand2key.h>
const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
- unsigned char *keybuf = NULL;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX ciph_ctx;
if (input->length != output->length)
return(KRB5_BAD_MSIZE);
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
-
EVP_CIPHER_CTX_init(&ciph_ctx);
- ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, keybuf, NULL);
+ ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, key->keyblock.contents, NULL);
if (ret) {
tmp_buf=(unsigned char *)output->data;
ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
{
size_t i;
int ret = 0, tmp_len = 0;
- unsigned char *keybuf = NULL ;
unsigned char *tmp_buf = NULL;
krb5_crypto_iov *iov = NULL;
EVP_CIPHER_CTX ciph_ctx;
- keybuf=key->keyblock.contents;
- keybuf[key->keyblock.length] = '\0';
EVP_CIPHER_CTX_init(&ciph_ctx);
- ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, keybuf, NULL);
+ ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, key->keyblock.contents, NULL);
if (!ret){
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
return KRB5_CRYPTO_INTERNAL;
/* lib/crypto/openssl/hmac.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
*/
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+
#include "k5-int.h"
#include "aead.h"
#include <openssl/hmac.h>
/*
* lib/crypto/openssl/md4/md4.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
*/
#include "k5-int.h"
+/* lib/crypto/openssl/md5/md5.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
#include "k5-int.h"
#include "rsa-md5.h"
+/* lib/crypto/openssl/md5/rsa-md5.h
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/*
+ ***********************************************************************
+ ** md5.h -- header file for implementation of MD5 **
+ ** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
+ ** Created: 2/17/90 RLR **
+ ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
+ ** Revised (for MD5): RLR 4/27/91 **
+ ** -- G modified to have y&~z instead of y&z **
+ ** -- FF, GG, HH modified to add in last register done **
+ ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 **
+ ** -- distinct additive constant for each step **
+ ** -- round 4 added, working mod 7 **
+ ***********************************************************************
+ */
+
+/*
+ ***********************************************************************
+ ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+ ** **
+ ** License to copy and use this software is granted provided that **
+ ** it is identified as the "RSA Data Security, Inc. MD5 Message- **
+ ** Digest Algorithm" in all material mentioning or referencing this **
+ ** software or this function. **
+ ** **
+ ** License is also granted to make and use derivative works **
+ ** provided that such works are identified as "derived from the RSA **
+ ** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
+ ** material mentioning or referencing the derived work. **
+ ** **
+ ** RSA Data Security, Inc. makes no representations concerning **
+ ** either the merchantability of this software or the suitability **
+ ** of this software for any particular purpose. It is provided "as **
+ ** is" without express or implied warranty of any kind. **
+ ** **
+ ** These notices must be retained in any copies of any part of this **
+ ** documentation and/or software. **
+ ***********************************************************************
+ */
+
#ifndef KRB5_RSA_MD5__
#define KRB5_RSA_MD5__
/*
* lib/crypto/openssl/pbkdf2.c
*
- * Copyright 2002, 2008 by the Massachusetts Institute of Technology.
+ * Copyright 2002, 2008, 2009 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
+/* lib/crypto/openssl/sha1/shs.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ */
+
#include "shs.h"
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>