2000-01-21 Ken Raeburn <raeburn@mit.edu>
+ * cksumtypes.c (krb5_cksumtypes_list, krb5_cksumtypes_length): Now
+ const.
+ * cksumtypes.h (krb5_cksumtypes_list, krb5_cksumtypes_length):
+ Updated decls.
+ * etypes.c (krb5_enctypes_list, krb5_enctypes_length): Now const.
+ * etypes.h (krb5_enctypes_list, krb5_enctypes_length): Updated
+ decls.
+ * make_random_key.c (krb5_c_make_random_key): Pointers to
+ enc_provider table now point to const.
* prng.c (enc): Now static and const, and points to const.
+ * string_to_key.c (krb5_c_string_to_key): Ditto.
+
+ * hmac.c (krb5_hmac): Put extra parens around if(a=b) constructs
+ to keep gcc happy.
+ * make_random_key.c (krb5_c_make_random_key): Ditto.
+ * old_api_glue.c (krb5_encrypt, krb5_decrypt, krb5_random_key,
+ krb5_calculate_checksum, krb5_verify_checksum, krb5_encrypt_data,
+ krb5_decrypt_data): Ditto.
+ * prng.c (krb5_c_random_make_octets): Ditto.
+ * string_to_key.c (krb5_c_string_to_key): Ditto.
+ * verify_checksum.c (krb5_c_verify_checksum): Ditto.
+
+ * make_checksum.c: Include dk.h.
+
+ * nfold.c (krb5_nfold): Delete unused variables.
1999-10-26 Tom Yu <tlyu@mit.edu>
#include "keyhash_provider.h"
#include "cksumtypes.h"
-struct krb5_cksumtypes krb5_cksumtypes_list[] = {
+const struct krb5_cksumtypes krb5_cksumtypes_list[] = {
{ CKSUMTYPE_CRC32, KRB5_CKSUMFLAG_NOT_COLL_PROOF,
"crc32", "CRC-32",
0, NULL,
&krb5_hash_sha1 },
};
-int krb5_cksumtypes_length =
+const int krb5_cksumtypes_length =
sizeof(krb5_cksumtypes_list)/sizeof(struct krb5_cksumtypes);
-
#include "k5-int.h"
-extern struct krb5_cksumtypes krb5_cksumtypes_list[];
-extern int krb5_cksumtypes_length;
-
+extern const struct krb5_cksumtypes krb5_cksumtypes_list[];
+extern const int krb5_cksumtypes_length;
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * checksum.c (krb5_dk_make_checksum): enc_providers are now
+ const. Modify if(a=b) assignment/test constructs to silence gcc
+ warnings.
+ * dk_decrypt.c (krb5_dk_decrypt, krb5_marc_dk_decrypt): Ditto.
+ * dk_encrypt.c (krb5_dk_encrypt, krb5_marc_dk_encrypt): Ditto.
+ * stringtokey.c (krb5_dk_string_to_key): Ditto. Include dk.h.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
krb5_data *output;
{
int i;
- struct krb5_enc_provider *enc;
+ const struct krb5_enc_provider *enc;
size_t blocksize, keybytes, keylength;
krb5_error_code ret;
unsigned char constantdata[K5CLENGTH];
datain.data[4] = 0x99;
- if (ret = krb5_derive_key(enc, key, &kc, &datain))
+ if ((ret = krb5_derive_key(enc, key, &kc, &datain)) != 0)
goto cleanup;
/* hash the data */
datain = *input;
- if (ret = krb5_hmac(hash, &kc, 1, &datain, output))
+ if ((ret = krb5_hmac(hash, &kc, 1, &datain, output)) != 0)
memset(output->data, 0, output->length);
/* ret is set correctly by the prior call */
datain[0].data[4] = 0x99;
- if (ret = krb5_derive_key(enc, key, &kc, &datain[0]))
+ if ((ret = krb5_derive_key(enc, key, &kc, &datain[0])) != 0)
goto cleanup;
/* hash the data */
datain[1] = *input;
- if (ret = krb5_hmac(hash, &kc, 2, datain, output))
+ if ((ret = krb5_hmac(hash, &kc, 2, datain, output)) != 0)
memset(output->data, 0, output->length);
/* ret is set correctly by the prior call */
d1.data[4] = 0xAA;
- if (ret = krb5_derive_key(enc, key, &ke, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ke, &d1)) != 0)
goto cleanup;
d1.data[4] = 0x55;
- if (ret = krb5_derive_key(enc, key, &ki, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ki, &d1)) != 0)
goto cleanup;
/* decrypt the ciphertext */
d2.length = enclen;
d2.data = plaindata;
- if (ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2)))
+ if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0)
goto cleanup;
/* verify the hash */
d1.length = hashsize;
d1.data = cksum;
- if (ret = krb5_hmac(hash, &ki, 1, &d2, &d1))
+ if ((ret = krb5_hmac(hash, &ki, 1, &d2, &d1)) != 0)
goto cleanup;
if (memcmp(cksum, input->data+enclen, hashsize) != 0) {
d1.data[4] = 0xAA;
- if (ret = krb5_derive_key(enc, key, &ke, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ke, &d1)) != 0)
goto cleanup;
d1.data[4] = 0x55;
- if (ret = krb5_derive_key(enc, key, &ki, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ki, &d1)) != 0)
goto cleanup;
/* decrypt the ciphertext */
d2.length = enclen;
d2.data = plaindata;
- if (ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2)))
+ if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0)
goto cleanup;
/* verify the hash */
d1.length = hashsize;
d1.data = cksum;
- if (ret = krb5_hmac(hash, &ki, 1, &d2, &d1))
+ if ((ret = krb5_hmac(hash, &ki, 1, &d2, &d1)) != 0)
goto cleanup;
if (memcmp(cksum, input->data+enclen, hashsize) != 0) {
d1.data[4] = 0xAA;
- if (ret = krb5_derive_key(enc, key, &ke, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ke, &d1)))
goto cleanup;
d1.data[4] = 0x55;
- if (ret = krb5_derive_key(enc, key, &ki, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ki, &d1)))
goto cleanup;
/* put together the plaintext */
d1.length = blocksize;
d1.data = plaintext;
- if (ret = krb5_c_random_make_octets(/* XXX */ 0, &d1))
+ if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &d1)))
goto cleanup;
memcpy(plaintext+blocksize, input->data, input->length);
d2.length = plainlen;
d2.data = output->data;
- if (ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2)))
+ if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2))))
goto cleanup;
/* hash the plaintext */
output->length = enclen;
- if (ret = krb5_hmac(hash, &ki, 1, &d1, &d2))
+ if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2)))
memset(d2.data, 0, d2.length);
/* ret is set correctly by the prior call */
d1.data[4] = 0xAA;
- if (ret = krb5_derive_key(enc, key, &ke, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ke, &d1)))
goto cleanup;
d1.data[4] = 0x55;
- if (ret = krb5_derive_key(enc, key, &ki, &d1))
+ if ((ret = krb5_derive_key(enc, key, &ki, &d1)))
goto cleanup;
/* put together the plaintext */
d1.length = blocksize;
d1.data = plaintext;
- if (ret = krb5_c_random_make_octets(/* XXX */ 0, &d1))
+ if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &d1)))
goto cleanup;
(plaintext+blocksize)[0] = (input->length>>24)&0xff;
d2.length = plainlen;
d2.data = output->data;
- if (ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2)))
+ if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2))))
goto cleanup;
/* hash the plaintext */
output->length = enclen;
- if (ret = krb5_hmac(hash, &ki, 1, &d1, &d2))
+ if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2)))
memset(d2.data, 0, d2.length);
/* ret is set correctly by the prior call */
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-#include "k5-int.h"
+#include "dk.h"
static unsigned char kerberos[] = "kerberos";
#define kerberos_len (sizeof(kerberos)-1)
indata.length = kerberos_len;
indata.data = kerberos;
- if (ret = krb5_derive_key(enc, &foldkey, key, &indata))
+ if ((ret = krb5_derive_key(enc, &foldkey, key, &indata)))
memset(key->contents, 0, key->length);
/* ret is set correctly by the prior call */
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * des.c (mit_des_zeroblock): Now const, and using C default
+ initialization.
+ (krb5_enc_des): Now const.
+ * des3.c (mit_des_zeroblock, krb5_enc_des3): Similar.
+ * enc_provider.h (krb5_enc_des, krb5_enc_des3): Update decls.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
#include "des_int.h"
#include "enc_provider.h"
-static mit_des_cblock mit_des_zeroblock[8] = {0,0,0,0,0,0,0,0};
+static const mit_des_cblock mit_des_zeroblock[8] /* = all zero */;
static void
k5_des_block_size(size_t *blocksize)
return(0);
}
-struct krb5_enc_provider krb5_enc_des = {
+const struct krb5_enc_provider krb5_enc_des = {
k5_des_block_size,
k5_des_keysize,
k5_des_encrypt,
#include "k5-int.h"
#include "des_int.h"
-static mit_des_cblock mit_des_zeroblock[8] = {0,0,0,0,0,0,0,0};
+static const mit_des_cblock mit_des_zeroblock[8] /* = all zero */;
static void
k5_des3_block_size(size_t *blocksize)
return(0);
}
-struct krb5_enc_provider krb5_enc_des3 = {
+const struct krb5_enc_provider krb5_enc_des3 = {
k5_des3_block_size,
k5_des3_keysize,
k5_des3_encrypt,
#include "k5-int.h"
-extern struct krb5_enc_provider krb5_enc_des;
-extern struct krb5_enc_provider krb5_enc_des3;
-
-
+extern const struct krb5_enc_provider krb5_enc_des;
+extern const struct krb5_enc_provider krb5_enc_des3;
that the keytypes are all near each other. I'd rather not make
that assumption. */
-struct krb5_keytypes krb5_enctypes_list[] = {
+const struct krb5_keytypes krb5_enctypes_list[] = {
{ ENCTYPE_DES_CBC_CRC,
"des-cbc-crc", "DES cbc mode with CRC-32",
&krb5_enc_des, &krb5_hash_crc32,
#endif
};
-int krb5_enctypes_length =
+const int krb5_enctypes_length =
sizeof(krb5_enctypes_list)/sizeof(struct krb5_keytypes);
#include "k5-int.h"
-extern struct krb5_keytypes krb5_enctypes_list[];
-extern int krb5_enctypes_length;
+extern const struct krb5_keytypes krb5_enctypes_list[];
+extern const int krb5_enctypes_length;
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * hash_crc32.c (krb5_hash_crc32): Now const.
+ * hash_md4.c (krb5_hash_md4): Now const.
+ * hash_md5.c (krb5_hash_md5): Now const.
+ * hash_sha1.c (krb5_hash_sha1): Now const.
+ * hash_provider.h: Updated decls.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
return(0);
}
-struct krb5_hash_provider krb5_hash_crc32 = {
+const struct krb5_hash_provider krb5_hash_crc32 = {
k5_crc32_hash_size,
k5_crc32_block_size,
k5_crc32_hash
return(0);
}
-struct krb5_hash_provider krb5_hash_md4 = {
+const struct krb5_hash_provider krb5_hash_md4 = {
k5_md4_hash_size,
k5_md4_block_size,
k5_md4_hash
return(0);
}
-struct krb5_hash_provider krb5_hash_md5 = {
+const struct krb5_hash_provider krb5_hash_md5 = {
k5_md5_hash_size,
k5_md5_block_size,
k5_md5_hash
#include "k5-int.h"
-extern struct krb5_hash_provider krb5_hash_crc32;
-extern struct krb5_hash_provider krb5_hash_md4;
-extern struct krb5_hash_provider krb5_hash_md5;
-extern struct krb5_hash_provider krb5_hash_sha1;
+extern const struct krb5_hash_provider krb5_hash_crc32;
+extern const struct krb5_hash_provider krb5_hash_md4;
+extern const struct krb5_hash_provider krb5_hash_md5;
+extern const struct krb5_hash_provider krb5_hash_sha1;
return(0);
}
-struct krb5_hash_provider krb5_hash_sha1 = {
+const struct krb5_hash_provider krb5_hash_sha1 = {
k5_sha1_hash_size,
k5_sha1_block_size,
k5_sha1_hash
hashout.length = hashsize;
hashout.data = ihash;
- if (ret = ((*(hash->hash))(icount+1, hashin, &hashout)))
+ if ((ret = ((*(hash->hash))(icount+1, hashin, &hashout))))
goto cleanup;
/* create the outer padded key */
output->length = hashsize;
- if (ret = ((*(hash->hash))(2, hashin, output)))
+ if ((ret = ((*(hash->hash))(2, hashin, output))))
memset(output->data, 0, output->length);
/* ret is set correctly by the prior call */
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * descbc.c (mit_des_zeroblock): Now const, and using C default
+ initializer.
+ (krb5_keyhash_descbc): Now const.
+ * k5_md4des.c (mit_des_zeroblock): Now const, and using C default
+ initializer.
+ (k5_md4des_hash): Change if(a=b) constructs to silence gcc
+ warnings.
+ (k5_md4des_verify): Delete unused variable.
+ (krb5_keyhash_md4des): Now const.
+ * k5_md5des.c (mit_des_zeroblock): Now const, and using C default
+ initializer.
+ (k5_md5des_hash): Change if(a=b) constructs to silence gcc
+ warnings.
+ (k5_md5des_verify): Delete unused variable.
+ (krb5_keyhash_md5des): Now const.
+ * keyhash_provider.h: Updated krb5_keyhash_* decls.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
#include "des_int.h"
#include "keyhash_provider.h"
-static mit_des_cblock mit_des_zeroblock[8] = {0,0,0,0,0,0,0,0};
+static const mit_des_cblock mit_des_zeroblock[8] /* = all zero */;
static void
k5_descbc_hash_size(size_t *output)
return(0);
}
-struct krb5_keyhash_provider krb5_keyhash_descbc = {
+const struct krb5_keyhash_provider krb5_keyhash_descbc = {
k5_descbc_hash_size,
k5_descbc_hash,
NULL
/* Force acceptance of krb5-beta5 md4des checksum for now. */
#define KRB5_MD4DES_BETA5_COMPAT
-static mit_des_cblock mit_des_zeroblock[8] = {0,0,0,0,0,0,0,0};
+static const mit_des_cblock mit_des_zeroblock[8] /* = all zero */;
static void
k5_md4des_hash_size(size_t *output)
data.length = CONFLENGTH;
data.data = conf;
- if (ret = krb5_c_random_make_octets(/* XXX */ 0, &data))
+ if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &data)))
return(ret);
/* create and schedule the encryption key */
krb5_boolean *valid)
{
krb5_error_code ret;
- krb5_data data;
krb5_MD4_CTX ctx;
unsigned char plaintext[CONFLENGTH+RSA_MD4_CKSUM_LENGTH];
unsigned char xorkey[8];
return(0);
}
-struct krb5_keyhash_provider krb5_keyhash_md4des = {
+const struct krb5_keyhash_provider krb5_keyhash_md4des = {
k5_md4des_hash_size,
k5_md4des_hash,
k5_md4des_verify
/* Force acceptance of krb5-beta5 md5des checksum for now. */
#define KRB5_MD5DES_BETA5_COMPAT
-static mit_des_cblock mit_des_zeroblock[8] = {0,0,0,0,0,0,0,0};
+static const mit_des_cblock mit_des_zeroblock[8] /* = all zero */;
static void
k5_md5des_hash_size(size_t *output)
data.length = CONFLENGTH;
data.data = conf;
- if (ret = krb5_c_random_make_octets(/* XXX */ 0, &data))
+ if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &data)))
return(ret);
/* create and schedule the encryption key */
krb5_boolean *valid)
{
krb5_error_code ret;
- krb5_data data;
krb5_MD5_CTX ctx;
unsigned char plaintext[CONFLENGTH+RSA_MD5_CKSUM_LENGTH];
unsigned char xorkey[8];
return(0);
}
-struct krb5_keyhash_provider krb5_keyhash_md5des = {
+const struct krb5_keyhash_provider krb5_keyhash_md5des = {
k5_md5des_hash_size,
k5_md5des_hash,
k5_md5des_verify
#include "k5-int.h"
-extern struct krb5_keyhash_provider krb5_keyhash_descbc;
-extern struct krb5_keyhash_provider krb5_keyhash_md4des;
-extern struct krb5_keyhash_provider krb5_keyhash_md5des;
+extern const struct krb5_keyhash_provider krb5_keyhash_descbc;
+extern const struct krb5_keyhash_provider krb5_keyhash_md4des;
+extern const struct krb5_keyhash_provider krb5_keyhash_md5des;
#include "k5-int.h"
#include "cksumtypes.h"
#include "etypes.h"
+#include "dk.h"
KRB5_DLLIMP krb5_error_code KRB5_CALLCONV
krb5_c_make_checksum(context, cksumtype, key, usage, input, cksum)
{
int i;
krb5_error_code ret;
- struct krb5_enc_provider *enc;
+ const struct krb5_enc_provider *enc;
size_t keybytes, keylength;
krb5_data random;
unsigned char *bytes;
random.data = bytes;
random.length = keybytes;
- if (ret = krb5_c_random_make_octets(context, &random))
+ if ((ret = krb5_c_random_make_octets(context, &random)))
goto cleanup;
random_key->magic = KV5M_KEYBLOCK;
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * md4.c (PADDING): Now const.
+ (krb5_MD4Update): Argument inBuf now points to const.
+ (ROTATE_LEFT): Change (a&b|c) construct to silence gcc warning.
+ * rsa-md4.h (krb5_MD4Update): Update decl.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
static void Transform ();
#endif
-static unsigned char PADDING[64] = {
+static const unsigned char PADDING[64] = {
0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
#define H(x, y, z) ((x) ^ (y) ^ (z))
/* ROTATE_LEFT rotates x left n bits */
-#define ROTATE_LEFT(x, n) (((x) << (n)) & 0xffffffff | ((x) >> (32-(n))))
+#define ROTATE_LEFT(x, n) ((((x) << (n)) & 0xffffffff) | ((x) >> (32-(n))))
/* FF, GG and HH are MD4 transformations for rounds 1, 2 and 3 */
/* Rotation is separate from addition to prevent recomputation */
void
krb5_MD4Update (mdContext, inBuf, inLen)
krb5_MD4_CTX FAR *mdContext;
-unsigned char FAR *inBuf;
+const unsigned char FAR *inBuf;
unsigned int inLen;
{
krb5_ui_4 in[16];
#if defined(__STDC__) || defined(_MSDOS) || defined(_WIN32)
extern void krb5_MD4Init(krb5_MD4_CTX FAR *);
-extern void krb5_MD4Update(krb5_MD4_CTX FAR *, unsigned char FAR *, unsigned int);
+extern void krb5_MD4Update(krb5_MD4_CTX FAR *, const unsigned char FAR *, unsigned int);
extern void krb5_MD4Final(krb5_MD4_CTX FAR *);
#else
void krb5_MD4Init ();
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * md5.c (PADDING): Now const.
+ (krb5_MD5Update): Argument inBuf now points to const.
+ (ROTATE_LEFT): Change (a&b|c) construct to silence gcc warning.
+ * rsa-md5.h (krb5_MD5Update): Update decl.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
/* forward declaration */
static void Transform KRB5_PROTOTYPE((krb5_ui_4 FAR *buf, krb5_ui_4 FAR *in));
-static unsigned char PADDING[64] = {
+static const unsigned char PADDING[64] = {
0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
#define I(x, y, z) ((y) ^ ((x) | (~z)))
/* ROTATE_LEFT rotates x left n bits */
-#define ROTATE_LEFT(x, n) (((x) << (n)) & 0xffffffff | ((x) >> (32-(n))))
+#define ROTATE_LEFT(x, n) ((((x) << (n)) & 0xffffffff) | ((x) >> (32-(n))))
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */
/* Rotation is separate from addition to prevent recomputation */
void
krb5_MD5Update (mdContext, inBuf, inLen)
krb5_MD5_CTX FAR *mdContext;
-unsigned char FAR *inBuf;
+const unsigned char FAR *inBuf;
unsigned int inLen;
{
krb5_ui_4 in[16];
#if (defined(__STDC__) || defined(_MSDOS) || defined(_WIN32)) && !defined(KRB5_NO_PROTOTYPES)
extern void krb5_MD5Init(krb5_MD5_CTX FAR *);
-extern void krb5_MD5Update(krb5_MD5_CTX FAR *,unsigned char FAR *,unsigned int);
+extern void krb5_MD5Update(krb5_MD5_CTX FAR *,const unsigned char FAR *,unsigned int);
extern void krb5_MD5Final(krb5_MD5_CTX FAR *);
#else
extern void krb5_MD5Init();
int outbits;
unsigned char *out;
{
- int a,b,c,gcd,lcm;
- int reps;
+ int a,b,c,lcm;
int byte, i, msbit;
/* the code below is more readable if I make these bytes
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * des_stringtokey.c (mit_des_string_to_key_int): Declare.
+ * old_decrypt.c (krb5_old_decrypt): Delete unused variable.
+ Change if(a=b) constructs to silence gcc warning.
+ * old_encrypt.c (krb5_old_encrypt): Change if(a=b) constructs to
+ silence gcc warning.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
#include "k5-int.h"
#include "old.h"
+/* XXX */
+extern krb5_error_code mit_des_string_to_key_int
+KRB5_PROTOTYPE ((krb5_keyblock FAR * keyblock,
+ const krb5_data FAR * data,
+ const krb5_data FAR * salt));
+
krb5_error_code
krb5_des_string_to_key(enc, string, salt, key)
krb5_const struct krb5_enc_provider *enc;
{
krb5_error_code ret;
size_t blocksize, hashsize, plainsize;
- unsigned char *plaintext, *cksumdata;
+ unsigned char *cksumdata;
krb5_data output, cksum, crcivec;
int alloced;
ivec = &crcivec;
}
- if (ret = ((*(enc->decrypt))(key, ivec, input, &output)))
+ if ((ret = ((*(enc->decrypt))(key, ivec, input, &output))))
goto cleanup;
/* verify the checksum */
cksum.length = hashsize;
cksum.data = output.data+blocksize;
- if (ret = ((*(hash->hash))(1, &output, &cksum)))
+ if ((ret = ((*(hash->hash))(1, &output, &cksum))))
goto cleanup;
if (memcmp(cksum.data, cksumdata, cksum.length) != 0) {
free(cksumdata);
return(ret);
}
-
datain.length = blocksize;
datain.data = output->data;
- if (ret = krb5_c_random_make_octets(/* XXX */ 0, &datain))
+ if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &datain)))
return(ret);
memcpy(output->data+blocksize+hashsize, input->data, input->length);
datain.length = hashsize;
datain.data = output->data+blocksize;
- if (ret = ((*(hash->hash))(1, output, &datain)))
+ if ((ret = ((*(hash->hash))(1, output, &datain))))
goto cleanup;
/* encrypt it */
ivec = &crcivec;
}
- if (ret = ((*(enc->encrypt))(key, ivec, output, output)))
+ if ((ret = ((*(enc->encrypt))(key, ivec, output, output))))
goto cleanup;
cleanup:
krb5_error_code ret;
if (ivec) {
- if (ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize))
+ if ((ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize)))
return(ret);
ivecd.length = blocksize;
/* The size of the output buffer isn't part of the old api. Not too
safe. So, we assume here that it's big enough. */
- if (ret = krb5_c_encrypt_length(context, eblock->key->enctype, size,
- &outlen))
+ if ((ret = krb5_c_encrypt_length(context, eblock->key->enctype, size,
+ &outlen)))
return(ret);
outputd.ciphertext.length = outlen;
krb5_error_code ret;
if (ivec) {
- if (ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize))
+ if ((ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize)))
return(ret);
ivecd.length = blocksize;
if ((key = (krb5_keyblock *) malloc(sizeof(krb5_keyblock))) == NULL)
return(ENOMEM);
- if (ret = krb5_c_make_random_key(context, eblock->crypto_entry, key))
+ if ((ret = krb5_c_make_random_key(context, eblock->crypto_entry, key)))
free(key);
*keyblock = key;
key.length = seed_length;
key.contents = seed;
- if (ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum))
+ if ((ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum)))
return(ret);
if (outcksum->length < cksum.length) {
key.length = seed_length;
key.contents = seed;
- if (ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum,
- &valid))
+ if ((ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum,
+ &valid)))
return(ret);
if (!valid)
size_t enclen, blocksize;
krb5_data ivecd;
- if (ret = krb5_c_encrypt_length(context, key->enctype, data->length,
- &enclen))
+ if ((ret = krb5_c_encrypt_length(context, key->enctype, data->length,
+ &enclen)))
return(ret);
if (ivec) {
- if (ret = krb5_c_block_size(context, key->enctype, &blocksize))
+ if ((ret = krb5_c_block_size(context, key->enctype, &blocksize)))
return(ret);
ivecd.length = blocksize;
if ((enc_data->ciphertext.data = malloc(enclen)) == NULL)
return(ENOMEM);
- if (ret = krb5_c_encrypt(context, key, 0, ivec?&ivecd:0, data, enc_data))
+ if ((ret = krb5_c_encrypt(context, key, 0, ivec?&ivecd:0, data, enc_data)))
free(enc_data->ciphertext.data);
return(ret);
size_t blocksize;
if (ivec) {
- if (ret = krb5_c_block_size(context, key->enctype, &blocksize))
+ if ((ret = krb5_c_block_size(context, key->enctype, &blocksize)))
return(ret);
ivecd.length = blocksize;
if ((data->data = (krb5_octet *) malloc(data->length)) == NULL)
return(ENOMEM);
- if (ret = krb5_c_decrypt(context, key, 0, ivec?&ivecd:0, enc_data, data))
+ if ((ret = krb5_c_decrypt(context, key, 0, ivec?&ivecd:0, enc_data, data)))
free(data->data);
return(0);
key.contents = KEYCONTENTS;
/* fill it in */
- if (ret = ((*(enc->make_key))(&data1, &key)))
+ if ((ret = ((*(enc->make_key))(&data1, &key))))
return(ret);
/* encrypt the block */
data1.data = STATEBLOCK;
data2.length = blocksize;
data2.data = RANDBLOCK;
- if (ret = ((*(enc->encrypt))(&key, NULL, &data1, &data2)))
+ if ((ret = ((*(enc->encrypt))(&key, NULL, &data1, &data2))))
return(ret);
/* fold the new output back into the state */
+2000-01-21 Ken Raeburn <raeburn@mit.edu>
+
+ * shs.c (ROTL): Change (a&b|c) construct to make meaning clear,
+ and silence gcc warning.
+ (longReverse): Delete unused function.
+ (shsFinal): Delete unused variable.
+
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
/* 32-bit rotate left - kludged with shifts */
-#define ROTL(n,X) (((X) << (n)) & 0xffffffff | ((X) >> (32 - n)))
+#define ROTL(n,X) ((((X) << (n)) & 0xffffffff) | ((X) >> (32 - n)))
/* The initial expanding function. The hash function is defined over an
80-word expanded input array W, where the first 16 are copies of the input
digest[ 4 ] &= 0xffffffff;
}
-/* When run on a little-endian CPU we need to perform byte reversal on an
- array of longwords. It is possible to make the code endianness-
- independant by fiddling around with data at the byte level, but this
- makes for very slow code, so we rely on the user to sort out endianness
- at compile time */
-
-void longReverse( LONG *buffer, int byteCount )
-{
- LONG value;
- static int init = 0;
- char *cp;
-
- switch (init) {
- case 0:
- init=1;
- cp = (char *) &init;
- if (*cp == 1) {
- init=2;
- break;
- }
- init=1;
- /* fall through - MSB */
- case 1:
- return;
- }
-
- byteCount /= sizeof( LONG );
- while( byteCount-- ) {
- value = *buffer;
- value = ( ( value & 0xFF00FF00L ) >> 8 ) |
- ( ( value & 0x00FF00FFL ) << 8 );
- *buffer++ = ( value << 16 ) | ( value >> 16 );
- }
-}
-
/* Update SHS for a block of data */
void shsUpdate(shsInfo, buffer, count)
{
int count;
LONG *lp;
- BYTE *dataPtr;
/* Compute number of bytes mod 64 */
count = (int) shsInfo->countLo;
{
int i;
krb5_error_code ret;
- struct krb5_enc_provider *enc;
+ const struct krb5_enc_provider *enc;
size_t keybytes, keylength;
for (i=0; i<krb5_enctypes_length; i++) {
key->enctype = enctype;
key->length = keylength;
- if (ret = ((*(krb5_enctypes_list[i].str2key))(enc, string, salt, key))) {
+ if ((ret = ((*(krb5_enctypes_list[i].str2key))(enc, string, salt, key)))) {
memset(key->contents, 0, keylength);
free(key->contents);
}
/* otherwise, make the checksum again, and compare */
- if (ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize))
+ if ((ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize)))
return(ret);
if (cksum->length != hashsize)
computed.length = hashsize;
- if (ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage,
- data, &computed)) {
+ if ((ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage,
+ data, &computed))) {
free(computed.contents);
return(ret);
}