static krb5_error_code
krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
unsigned char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE];
int nblocks = 0, blockno;
}
if (CACHE(key)->enc_ctx.keybitlen == 0) {
if (camellia_enc_key(key->keyblock.contents, key->keyblock.length,
- &CACHE(key)->enc_ctx) != camellia_good)
+ &CACHE(key)->enc_ctx) != camellia_good)
abort();
}
if (ivec != NULL)
static krb5_error_code
krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
unsigned char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
int nblocks = 0, blockno;
}
if (CACHE(key)->dec_ctx.keybitlen == 0) {
if (camellia_dec_key(key->keyblock.contents, key->keyblock.length,
- &CACHE(key)->dec_ctx) != camellia_good)
+ &CACHE(key)->dec_ctx) != camellia_good)
abort();
}
krb5_error_code
krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
size_t num_data, const krb5_data *iv,
- krb5_data *output)
+ krb5_data *output)
{
camellia_ctx ctx;
unsigned char blockY[BLOCK_SIZE];
unsigned char blockB[BLOCK_SIZE];
if (!krb5int_c_iov_get_block(blockB, BLOCK_SIZE, data, num_data,
- &iov_state))
+ &iov_state))
break;
xorblock(blockB, blockY);
static krb5_error_code
camellia_init_state(const krb5_keyblock *key, krb5_keyusage usage,
- krb5_data *state)
+ krb5_data *state)
{
state->length = 16;
state->data = malloc(16);
krb5_error_code
krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
size_t num_data, const krb5_data *iv,
- krb5_data *output)
+ krb5_data *output)
{
return EINVAL;
}
krb5_data cksum;
} test_cases[] = {
{
- "abc",
- CKSUMTYPE_CRC32, 0, 0, { KV5M_DATA, 0, "" },
- { KV5M_DATA, 4,
+ "abc",
+ CKSUMTYPE_CRC32, 0, 0, { KV5M_DATA, 0, "" },
+ { KV5M_DATA, 4,
"\xD0\x98\x65\xCA" }
},
{
- "one",
- CKSUMTYPE_RSA_MD4, 0, 0, { KV5M_DATA, 0, "" },
- { KV5M_DATA, 16,
+ "one",
+ CKSUMTYPE_RSA_MD4, 0, 0, { KV5M_DATA, 0, "" },
+ { KV5M_DATA, 16,
"\x30\x5D\xCC\x2C\x0F\xDD\x53\x39\x96\x95\x52\xC7\xB8\x99\x63\x48" }
},
{
- "two three four five",
- CKSUMTYPE_RSA_MD5, 0, 0, { KV5M_DATA, 0, "" },
- { KV5M_DATA, 16,
+ "two three four five",
+ CKSUMTYPE_RSA_MD5, 0, 0, { KV5M_DATA, 0, "" },
+ { KV5M_DATA, 16,
"\xBA\xB5\x32\x15\x51\xE1\x08\x44\x90\x86\x96\x35\xB3\xC2\x68\x15" }
},
{
- "",
- CKSUMTYPE_NIST_SHA, 0, 0, { KV5M_DATA, 0, "" },
- { KV5M_DATA, 20,
+ "",
+ CKSUMTYPE_NIST_SHA, 0, 0, { KV5M_DATA, 0, "" },
+ { KV5M_DATA, 20,
"\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90"
"\xAF\xD8\x07\x09" }
},
{
- "six seven",
- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
+ "six seven",
+ CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
{ KV5M_DATA, 24,
"\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
"\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
- { KV5M_DATA, 20,
+ { KV5M_DATA, 20,
"\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6"
"\x99\x08\x2B\xB4" }
},
{
- "eight nine ten eleven twelve thirteen",
- CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
+ "eight nine ten eleven twelve thirteen",
+ CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
{ KV5M_DATA, 16,
"\x90\x62\x43\x0C\x8C\xDA\x33\x88\x92\x2E\x6D\x6A\x50\x9F\x5B\x7A" },
- { KV5M_DATA, 12,
+ { KV5M_DATA, 12,
"\x01\xA4\xB0\x88\xD4\x56\x28\xF6\x94\x66\x14\xE3" }
},
{
- "fourteen",
- CKSUMTYPE_HMAC_SHA1_96_AES256, ENCTYPE_AES256_CTS_HMAC_SHA1_96, 4,
+ "fourteen",
+ CKSUMTYPE_HMAC_SHA1_96_AES256, ENCTYPE_AES256_CTS_HMAC_SHA1_96, 4,
{ KV5M_DATA, 32,
"\xB1\xAE\x4C\xD8\x46\x2A\xFF\x16\x77\x05\x3C\xC9\x27\x9A\xAC\x30"
"\xB7\x96\xFB\x81\xCE\x21\x47\x4D\xD3\xDD\xBC\xFE\xA4\xEC\x76\xD7" },
- { KV5M_DATA, 12,
+ { KV5M_DATA, 12,
"\xE0\x87\x39\xE3\x27\x9E\x29\x03\xEC\x8E\x38\x36" }
},
{
- "fifteen sixteen",
- CKSUMTYPE_MD5_HMAC_ARCFOUR, ENCTYPE_ARCFOUR_HMAC, 5,
+ "fifteen sixteen",
+ CKSUMTYPE_MD5_HMAC_ARCFOUR, ENCTYPE_ARCFOUR_HMAC, 5,
{ KV5M_DATA, 16,
"\xF7\xD3\xA1\x55\xAF\x5E\x23\x8A\x0B\x7A\x87\x1A\x96\xBA\x2A\xB2" },
- { KV5M_DATA, 16,
+ { KV5M_DATA, 16,
"\x9F\x41\xDF\x30\x49\x07\xDE\x73\x54\x47\x00\x1F\xD2\xA1\x97\xB9" }
},
{
- "seventeen eighteen nineteen twenty",
- CKSUMTYPE_HMAC_MD5_ARCFOUR, ENCTYPE_ARCFOUR_HMAC, 6,
+ "seventeen eighteen nineteen twenty",
+ CKSUMTYPE_HMAC_MD5_ARCFOUR, ENCTYPE_ARCFOUR_HMAC, 6,
{ KV5M_DATA, 16,
"\xF7\xD3\xA1\x55\xAF\x5E\x23\x8A\x0B\x7A\x87\x1A\x96\xBA\x2A\xB2" },
- { KV5M_DATA, 16,
+ { KV5M_DATA, 16,
"\xEB\x38\xCC\x97\xE2\x23\x0F\x59\xDA\x41\x17\xDC\x58\x59\xD7\xEC" }
},
#ifdef CAMELLIA
{
- "abcdefghijk",
- CKSUMTYPE_CMAC_CAMELLIA128, ENCTYPE_CAMELLIA128_CTS_CMAC, 7,
+ "abcdefghijk",
+ CKSUMTYPE_CMAC_CAMELLIA128, ENCTYPE_CAMELLIA128_CTS_CMAC, 7,
{ KV5M_DATA, 16,
"\x1D\xC4\x6A\x8D\x76\x3F\x4F\x93\x74\x2B\xCB\xA3\x38\x75\x76\xC3" },
- { KV5M_DATA, 16,
+ { KV5M_DATA, 16,
"\x11\x78\xE6\xC5\xC4\x7A\x8C\x1A\xE0\xC4\xB9\xC7\xD4\xEB\x7B\x6B" }
},
{
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
- CKSUMTYPE_CMAC_CAMELLIA128, ENCTYPE_CAMELLIA128_CTS_CMAC, 8,
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ CKSUMTYPE_CMAC_CAMELLIA128, ENCTYPE_CAMELLIA128_CTS_CMAC, 8,
{ KV5M_DATA, 16,
"\x50\x27\xBC\x23\x1D\x0F\x3A\x9D\x23\x33\x3F\x1C\xA6\xFD\xBE\x7C" },
- { KV5M_DATA, 16,
+ { KV5M_DATA, 16,
"\xD1\xB3\x4F\x70\x04\xA7\x31\xF2\x3A\x0C\x00\xBF\x6C\x3F\x75\x3A" }
},
{
- "123456789",
- CKSUMTYPE_CMAC_CAMELLIA256, ENCTYPE_CAMELLIA256_CTS_CMAC, 9,
+ "123456789",
+ CKSUMTYPE_CMAC_CAMELLIA256, ENCTYPE_CAMELLIA256_CTS_CMAC, 9,
{ KV5M_DATA, 32,
"\xB6\x1C\x86\xCC\x4E\x5D\x27\x57\x54\x5A\xD4\x23\x39\x9F\xB7\x03"
"\x1E\xCA\xB9\x13\xCB\xB9\x00\xBD\x7A\x3C\x6D\xD8\xBF\x92\x01\x5B" },
- { KV5M_DATA, 16,
+ { KV5M_DATA, 16,
"\x87\xA1\x2C\xFD\x2B\x96\x21\x48\x10\xF0\x1C\x82\x6E\x77\x44\xB1" }
},
{
- "!@#$%^&*()!@#$%^&*()!@#$%^&*()",
- CKSUMTYPE_CMAC_CAMELLIA256, ENCTYPE_CAMELLIA256_CTS_CMAC, 10,
+ "!@#$%^&*()!@#$%^&*()!@#$%^&*()",
+ CKSUMTYPE_CMAC_CAMELLIA256, ENCTYPE_CAMELLIA256_CTS_CMAC, 10,
{ KV5M_DATA, 32,
"\x32\x16\x4C\x5B\x43\x4D\x1D\x15\x38\xE4\xCF\xD9\xBE\x80\x40\xFE"
"\x8C\x4A\xC7\xAC\xC4\xB9\x3D\x33\x14\xD2\x13\x36\x68\x14\x7A\x05" },
- { KV5M_DATA, 16,
+ { KV5M_DATA, 16,
"\x3F\xA0\xB4\x23\x55\xE5\x2B\x18\x91\x87\x29\x4A\xA2\x52\xAB\x64" }
},
#endif
verbose = TRUE;
for (i = 0; i < sizeof(test_cases) / sizeof(*test_cases); i++) {
test = &test_cases[i];
- if (test->enctype != 0) {
- kb.magic = KV5M_KEYBLOCK;
- kb.enctype = test->enctype;
- kb.length = test->keybits.length;
- kb.contents = (unsigned char *)test->keybits.data;
- kbp = &kb;
- } else
- kbp = NULL;
- plain = string2data(test->plaintext);
- assert(krb5_c_make_checksum(context, test->sumtype, kbp, test->usage,
- &plain, &cksum) == 0);
- if (verbose) {
+ if (test->enctype != 0) {
+ kb.magic = KV5M_KEYBLOCK;
+ kb.enctype = test->enctype;
+ kb.length = test->keybits.length;
+ kb.contents = (unsigned char *)test->keybits.data;
+ kbp = &kb;
+ } else
+ kbp = NULL;
+ plain = string2data(test->plaintext);
+ assert(krb5_c_make_checksum(context, test->sumtype, kbp, test->usage,
+ &plain, &cksum) == 0);
+ if (verbose) {
char buf[64];
- krb5_cksumtype_to_string(test->sumtype, buf, sizeof(buf));
+ krb5_cksumtype_to_string(test->sumtype, buf, sizeof(buf));
printf("\nTest %d:\n", (int)i);
printf("Plaintext: %s\n", test->plaintext);
printf("Checksum type: %s\n", buf);
- if (test->enctype != 0) {
- krb5_enctype_to_name(test->enctype, FALSE, buf, sizeof(buf));
- printf("Enctype: %s\n", buf);
- printhex("Key: ", test->keybits.data, test->keybits.length);
- printf("Key usage: %d\n", (int)test->usage);
- }
- printhex("Checksum: ", cksum.contents, cksum.length);
- }
- if (test->cksum.length != cksum.length ||
- memcmp(test->cksum.data, cksum.contents, cksum.length) != 0) {
+ if (test->enctype != 0) {
+ krb5_enctype_to_name(test->enctype, FALSE, buf, sizeof(buf));
+ printf("Enctype: %s\n", buf);
+ printhex("Key: ", test->keybits.data, test->keybits.length);
+ printf("Key usage: %d\n", (int)test->usage);
+ }
+ printhex("Checksum: ", cksum.contents, cksum.length);
+ }
+ if (test->cksum.length != cksum.length ||
+ memcmp(test->cksum.data, cksum.contents, cksum.length) != 0) {
printf("derive test %d failed\n", (int)i);
status = 1;
if (!verbose)
break;
}
- krb5_free_checksum_contents(context, &cksum);
+ krb5_free_checksum_contents(context, &cksum);
}
return status;
}
for (i = 0; i < sizeof(test_cases) / sizeof(*test_cases); i++) {
test = &test_cases[i];
- kb.magic = KV5M_KEYBLOCK;
- kb.enctype = test->enctype;
- kb.length = test->keybits.length;
- kb.contents = (unsigned char *)test->keybits.data;
+ kb.magic = KV5M_KEYBLOCK;
+ kb.enctype = test->enctype;
+ kb.length = test->keybits.length;
+ kb.contents = (unsigned char *)test->keybits.data;
assert(alloc_data(&plain, test->ciphertext.length) == 0);
enc.magic = KV5M_ENC_DATA;
enc.enctype = test->enctype;
} test_cases[] = {
/* Kc, Ke, Kei for a DES3 key */
{
- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_DES3_CBC_SHA1,
{ KV5M_DATA, 24,
"\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
- DERIVE_RFC3961,
+ "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+ { KV5M_DATA, 5, "\0\0\0\2\x99" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 24,
- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
+ "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
+ "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
},
{
- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_DES3_CBC_SHA1,
{ KV5M_DATA, 24,
"\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
- DERIVE_RFC3961,
+ "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+ { KV5M_DATA, 5, "\0\0\0\2\xAA" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 24,
- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
+ "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
+ "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
},
{
- ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_DES3_CBC_SHA1,
{ KV5M_DATA, 24,
"\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
- DERIVE_RFC3961,
+ "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+ { KV5M_DATA, 5, "\0\0\0\2\x55" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 24,
- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
+ "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
+ "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
},
/* Kc, Ke, Ki for an AES-128 key */
{
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
{ KV5M_DATA, 16,
"\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" },
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
- DERIVE_RFC3961,
+ { KV5M_DATA, 5, "\0\0\0\2\x99" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 16,
- "\x34\x28\x0A\x38\x2B\xC9\x27\x69\xB2\xDA\x2F\x9E\xF0\x66\x85\x4B" }
+ "\x34\x28\x0A\x38\x2B\xC9\x27\x69\xB2\xDA\x2F\x9E\xF0\x66\x85\x4B" }
},
{
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
{ KV5M_DATA, 16,
"\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" },
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
- DERIVE_RFC3961,
+ { KV5M_DATA, 5, "\0\0\0\2\xAA" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 16,
- "\x5B\x14\xFC\x4E\x25\x0E\x14\xDD\xF9\xDC\xCF\x1A\xF6\x67\x4F\x53" }
+ "\x5B\x14\xFC\x4E\x25\x0E\x14\xDD\xF9\xDC\xCF\x1A\xF6\x67\x4F\x53" }
},
{
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
{ KV5M_DATA, 16,
"\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" },
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
- DERIVE_RFC3961,
+ { KV5M_DATA, 5, "\0\0\0\2\x55" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 16,
- "\x4E\xD3\x10\x63\x62\x16\x84\xF0\x9A\xE8\xD8\x99\x91\xAF\x3E\x8F" }
+ "\x4E\xD3\x10\x63\x62\x16\x84\xF0\x9A\xE8\xD8\x99\x91\xAF\x3E\x8F" }
},
/* Kc, Ke, Ki for an AES-256 key */
{
- ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
{ KV5M_DATA, 32,
"\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B"
"\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" },
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
- DERIVE_RFC3961,
+ { KV5M_DATA, 5, "\0\0\0\2\x99" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 32,
- "\xBF\xAB\x38\x8B\xDC\xB2\x38\xE9\xF9\xC9\x8D\x6A\x87\x83\x04\xF0"
- "\x4D\x30\xC8\x25\x56\x37\x5A\xC5\x07\xA7\xA8\x52\x79\x0F\x46\x74" }
+ "\xBF\xAB\x38\x8B\xDC\xB2\x38\xE9\xF9\xC9\x8D\x6A\x87\x83\x04\xF0"
+ "\x4D\x30\xC8\x25\x56\x37\x5A\xC5\x07\xA7\xA8\x52\x79\x0F\x46\x74" }
},
{
- ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
{ KV5M_DATA, 32,
"\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B"
"\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" },
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
- DERIVE_RFC3961,
+ { KV5M_DATA, 5, "\0\0\0\2\xAA" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 32,
- "\xC7\xCF\xD9\xCD\x75\xFE\x79\x3A\x58\x6A\x54\x2D\x87\xE0\xD1\x39"
- "\x6F\x11\x34\xA1\x04\xBB\x1A\x91\x90\xB8\xC9\x0A\xDA\x3D\xDF\x37" }
+ "\xC7\xCF\xD9\xCD\x75\xFE\x79\x3A\x58\x6A\x54\x2D\x87\xE0\xD1\x39"
+ "\x6F\x11\x34\xA1\x04\xBB\x1A\x91\x90\xB8\xC9\x0A\xDA\x3D\xDF\x37" }
},
{
- ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
{ KV5M_DATA, 32,
"\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B"
"\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" },
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
- DERIVE_RFC3961,
+ { KV5M_DATA, 5, "\0\0\0\2\x55" },
+ DERIVE_RFC3961,
{ KV5M_DATA, 32,
- "\x97\x15\x1B\x4C\x76\x94\x50\x63\xE2\xEB\x05\x29\xDC\x06\x7D\x97"
- "\xD7\xBB\xA9\x07\x76\xD8\x12\x6D\x91\xF3\x4F\x31\x01\xAE\xA8\xBA" }
+ "\x97\x15\x1B\x4C\x76\x94\x50\x63\xE2\xEB\x05\x29\xDC\x06\x7D\x97"
+ "\xD7\xBB\xA9\x07\x76\xD8\x12\x6D\x91\xF3\x4F\x31\x01\xAE\xA8\xBA" }
},
#ifdef CAMELLIA
/* Kc, Ke, Ki for a Camellia-128 key */
{
- ENCTYPE_CAMELLIA128_CTS_CMAC,
+ ENCTYPE_CAMELLIA128_CTS_CMAC,
{ KV5M_DATA, 16,
"\x57\xD0\x29\x72\x98\xFF\xD9\xD3\x5D\xE5\xA4\x7F\xB4\xBD\xE2\x4B" },
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
- DERIVE_SP800_108_CMAC,
+ { KV5M_DATA, 5, "\0\0\0\2\x99" },
+ DERIVE_SP800_108_CMAC,
{ KV5M_DATA, 16,
- "\xD1\x55\x77\x5A\x20\x9D\x05\xF0\x2B\x38\xD4\x2A\x38\x9E\x5A\x56" }
+ "\xD1\x55\x77\x5A\x20\x9D\x05\xF0\x2B\x38\xD4\x2A\x38\x9E\x5A\x56" }
},
{
- ENCTYPE_CAMELLIA128_CTS_CMAC,
+ ENCTYPE_CAMELLIA128_CTS_CMAC,
{ KV5M_DATA, 16,
"\x57\xD0\x29\x72\x98\xFF\xD9\xD3\x5D\xE5\xA4\x7F\xB4\xBD\xE2\x4B" },
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
- DERIVE_SP800_108_CMAC,
+ { KV5M_DATA, 5, "\0\0\0\2\xAA" },
+ DERIVE_SP800_108_CMAC,
{ KV5M_DATA, 16,
- "\x64\xDF\x83\xF8\x5A\x53\x2F\x17\x57\x7D\x8C\x37\x03\x57\x96\xAB" }
+ "\x64\xDF\x83\xF8\x5A\x53\x2F\x17\x57\x7D\x8C\x37\x03\x57\x96\xAB" }
},
{
- ENCTYPE_CAMELLIA128_CTS_CMAC,
+ ENCTYPE_CAMELLIA128_CTS_CMAC,
{ KV5M_DATA, 16,
"\x57\xD0\x29\x72\x98\xFF\xD9\xD3\x5D\xE5\xA4\x7F\xB4\xBD\xE2\x4B" },
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
- DERIVE_SP800_108_CMAC,
+ { KV5M_DATA, 5, "\0\0\0\2\x55" },
+ DERIVE_SP800_108_CMAC,
{ KV5M_DATA, 16,
- "\x3E\x4F\xBD\xF3\x0F\xB8\x25\x9C\x42\x5C\xB6\xC9\x6F\x1F\x46\x35" }
+ "\x3E\x4F\xBD\xF3\x0F\xB8\x25\x9C\x42\x5C\xB6\xC9\x6F\x1F\x46\x35" }
},
/* Kc, Ke, Ki for a Camellia-256 key */
{
- ENCTYPE_CAMELLIA256_CTS_CMAC,
+ ENCTYPE_CAMELLIA256_CTS_CMAC,
{ KV5M_DATA, 32,
"\xB9\xD6\x82\x8B\x20\x56\xB7\xBE\x65\x6D\x88\xA1\x23\xB1\xFA\xC6"
"\x82\x14\xAC\x2B\x72\x7E\xCF\x5F\x69\xAF\xE0\xC4\xDF\x2A\x6D\x2C" },
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
- DERIVE_SP800_108_CMAC,
+ { KV5M_DATA, 5, "\0\0\0\2\x99" },
+ DERIVE_SP800_108_CMAC,
{ KV5M_DATA, 32,
- "\xE4\x67\xF9\xA9\x55\x2B\xC7\xD3\x15\x5A\x62\x20\xAF\x9C\x19\x22"
- "\x0E\xEE\xD4\xFF\x78\xB0\xD1\xE6\xA1\x54\x49\x91\x46\x1A\x9E\x50" }
+ "\xE4\x67\xF9\xA9\x55\x2B\xC7\xD3\x15\x5A\x62\x20\xAF\x9C\x19\x22"
+ "\x0E\xEE\xD4\xFF\x78\xB0\xD1\xE6\xA1\x54\x49\x91\x46\x1A\x9E\x50" }
},
{
- ENCTYPE_CAMELLIA256_CTS_CMAC,
+ ENCTYPE_CAMELLIA256_CTS_CMAC,
{ KV5M_DATA, 32,
"\xB9\xD6\x82\x8B\x20\x56\xB7\xBE\x65\x6D\x88\xA1\x23\xB1\xFA\xC6"
"\x82\x14\xAC\x2B\x72\x7E\xCF\x5F\x69\xAF\xE0\xC4\xDF\x2A\x6D\x2C" },
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
- DERIVE_SP800_108_CMAC,
+ { KV5M_DATA, 5, "\0\0\0\2\xAA" },
+ DERIVE_SP800_108_CMAC,
{ KV5M_DATA, 32,
- "\x41\x2A\xEF\xC3\x62\xA7\x28\x5F\xC3\x96\x6C\x6A\x51\x81\xE7\x60"
- "\x5A\xE6\x75\x23\x5B\x6D\x54\x9F\xBF\xC9\xAB\x66\x30\xA4\xC6\x04" }
+ "\x41\x2A\xEF\xC3\x62\xA7\x28\x5F\xC3\x96\x6C\x6A\x51\x81\xE7\x60"
+ "\x5A\xE6\x75\x23\x5B\x6D\x54\x9F\xBF\xC9\xAB\x66\x30\xA4\xC6\x04" }
},
{
- ENCTYPE_CAMELLIA256_CTS_CMAC,
+ ENCTYPE_CAMELLIA256_CTS_CMAC,
{ KV5M_DATA, 32,
"\xB9\xD6\x82\x8B\x20\x56\xB7\xBE\x65\x6D\x88\xA1\x23\xB1\xFA\xC6"
"\x82\x14\xAC\x2B\x72\x7E\xCF\x5F\x69\xAF\xE0\xC4\xDF\x2A\x6D\x2C" },
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
- DERIVE_SP800_108_CMAC,
+ { KV5M_DATA, 5, "\0\0\0\2\x55" },
+ DERIVE_SP800_108_CMAC,
{ KV5M_DATA, 32,
- "\xFA\x62\x4F\xA0\xE5\x23\x99\x3F\xA3\x88\xAE\xFD\xC6\x7E\x67\xEB"
- "\xCD\x8C\x08\xE8\xA0\x24\x6B\x1D\x73\xB0\xD1\xDD\x9F\xC5\x82\xB0" }
+ "\xFA\x62\x4F\xA0\xE5\x23\x99\x3F\xA3\x88\xAE\xFD\xC6\x7E\x67\xEB"
+ "\xCD\x8C\x08\xE8\xA0\x24\x6B\x1D\x73\xB0\xD1\xDD\x9F\xC5\x82\xB0" }
},
#endif
};
verbose = TRUE;
for (i = 0; i < sizeof(test_cases) / sizeof(*test_cases); i++) {
test = &test_cases[i];
- kb.magic = KV5M_KEYBLOCK;
- kb.enctype = test->enctype;
- kb.length = test->inkey.length;
- kb.contents = (unsigned char *)test->inkey.data;
- assert(krb5_k_create_key(context, &kb, &inkey) == 0);
- enc = get_enc_provider(test->enctype);
- assert(krb5int_derive_key(enc, inkey, &outkey, &test->constant,
- test->alg) == 0);
- if (verbose) {
+ kb.magic = KV5M_KEYBLOCK;
+ kb.enctype = test->enctype;
+ kb.length = test->inkey.length;
+ kb.contents = (unsigned char *)test->inkey.data;
+ assert(krb5_k_create_key(context, &kb, &inkey) == 0);
+ enc = get_enc_provider(test->enctype);
+ assert(krb5int_derive_key(enc, inkey, &outkey, &test->constant,
+ test->alg) == 0);
+ if (verbose) {
char buf[64];
krb5_enctype_to_name(test->enctype, FALSE, buf, sizeof(buf));
printf("\nTest %d:\n", (int)i);
printf("Enctype: %s\n", buf);
- printhex("Input key: ", inkey->keyblock.contents,
- inkey->keyblock.length);
- printhex("Constant: ", test->constant.data, test->constant.length);
- printhex("Output key: ", outkey->keyblock.contents,
- outkey->keyblock.length);
- }
+ printhex("Input key: ", inkey->keyblock.contents,
+ inkey->keyblock.length);
+ printhex("Constant: ", test->constant.data, test->constant.length);
+ printhex("Output key: ", outkey->keyblock.contents,
+ outkey->keyblock.length);
+ }
assert(outkey->keyblock.length == test->expected_key.length);
if (memcmp(outkey->keyblock.contents, test->expected_key.data,
outkey->keyblock.length) != 0) {
if (!verbose)
break;
}
- krb5_k_free_key(context, inkey);
- krb5_k_free_key(context, outkey);
+ krb5_k_free_key(context, inkey);
+ krb5_k_free_key(context, outkey);
}
return status;
}
t(krb5_error_code code)
{
if (code != 0) {
- fprintf(stderr, "Failure: %s\n", krb5_get_error_message(ctx, code));
- exit(1);
+ fprintf(stderr, "Failure: %s\n", krb5_get_error_message(ctx, code));
+ exit(1);
}
}
/* If we're the parent, make sure the child succeeded. */
if (pid != 0) {
- assert(wait(&status) == pid);
- if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
- fprintf(stderr, "Child failed with status %d\n", status);
- return 1;
- }
+ assert(wait(&status) == pid);
+ if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
+ fprintf(stderr, "Child failed with status %d\n", status);
+ return 1;
+ }
}
return 0;
xorbytes = malloc(origkey->keyblock.length);
if (xorbytes == NULL)
- return ENOMEM;
+ return ENOMEM;
memcpy(xorbytes, origkey->keyblock.contents, origkey->keyblock.length);
for (i = 0; i < origkey->keyblock.length; i++)
xorbytes[i] ^= 0xf0;
/* Hash the confounder, then the input data. */
hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret);
if (hash_iov == NULL)
- goto cleanup;
+ goto cleanup;
hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
hash_iov[0].data = conf;
memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov));
ret = ctp->hash->hash(hash_iov, num_data + 1, &hashval);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Confounder and hash are in output buffer; encrypt them in place. */
iov.flags = KRB5_CRYPTO_TYPE_DATA;
plaintext = k5alloc(input->length, &ret);
if (plaintext == NULL)
- return ret;
+ return ret;
ret = mk_xorkey(key, &xorkey);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Decrypt the input checksum. */
iov.flags = KRB5_CRYPTO_TYPE_DATA;
/* Hash the confounder, then the input data. */
hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret);
if (hash_iov == NULL)
- goto cleanup;
+ goto cleanup;
hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
hash_iov[0].data = make_data(plaintext, blocksize);
memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov));
ret = alloc_data(&computed, hashsize);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = ctp->hash->hash(hash_iov, num_data + 1, &computed);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Compare the decrypted hash to the computed one. */
*valid = (memcmp(plaintext + blocksize, computed.data, hashsize) == 0);
if (key == NULL || key->keyblock.length > ctp->hash->blocksize)
return KRB5_BAD_ENCTYPE;
if (ctp->ctype == CKSUMTYPE_HMAC_MD5_ARCFOUR) {
- /* Compute HMAC(key, "signaturekey\0") to get the signing key ks. */
+ /* Compute HMAC(key, "signaturekey\0") to get the signing key ks. */
ret = alloc_data(&ds, ctp->hash->hashsize);
- if (ret != 0)
- goto cleanup;
+ if (ret != 0)
+ goto cleanup;
- iov.flags = KRB5_CRYPTO_TYPE_DATA;
- iov.data = make_data("signaturekey", 13);
- ret = krb5int_hmac(ctp->hash, key, &iov, 1, &ds);
- if (ret)
- goto cleanup;
- ks.length = key->keyblock.length;
- ks.contents = (krb5_octet *) ds.data;
- keyblock = &ks;
+ iov.flags = KRB5_CRYPTO_TYPE_DATA;
+ iov.data = make_data("signaturekey", 13);
+ ret = krb5int_hmac(ctp->hash, key, &iov, 1, &ds);
+ if (ret)
+ goto cleanup;
+ ks.length = key->keyblock.length;
+ ks.contents = (krb5_octet *) ds.data;
+ keyblock = &ks;
} else /* For md5-hmac, just use the key. */
- keyblock = &key->keyblock;
+ keyblock = &key->keyblock;
/* Compute the MD5 value of the input. */
ms_usage = krb5int_arcfour_translate_usage(usage);
store_32_le(ms_usage, t);
hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret);
if (hash_iov == NULL)
- goto cleanup;
+ goto cleanup;
hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
hash_iov[0].data = make_data(t, 4);
memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov));
ret = alloc_data(&hashval, ctp->hash->hashsize);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = ctp->hash->hash(hash_iov, num_data + 1, &hashval);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Compute HMAC(ks, md5value). */
iov.flags = KRB5_CRYPTO_TYPE_DATA;
/* Length */
unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type);
+ krb5_cryptotype type);
unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type);
+ krb5_cryptotype type);
unsigned int krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type);
+ krb5_cryptotype type);
unsigned int krb5int_dk_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type);
+ krb5_cryptotype type);
unsigned int krb5int_aes_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type);
+ krb5_cryptotype type);
unsigned int krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type);
+ krb5_cryptotype type);
/* Encrypt */
krb5_error_code krb5int_old_encrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code krb5int_raw_encrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data);
krb5_error_code krb5int_dk_encrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data);
/* Decrypt */
krb5_error_code krb5int_old_decrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code krb5int_raw_decrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data);
krb5_error_code krb5int_dk_decrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data);
/* String to key */
krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp,
const krb5_data *params,
krb5_keyblock *key);
krb5_error_code krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
krb5_error_code krb5int_dk_string_to_key(const struct krb5_keytypes *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
krb5_error_code krb5int_aes_string_to_key(const struct krb5_keytypes *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
krb5_error_code krb5int_camellia_string_to_key(const struct krb5_keytypes *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
/* Random to key */
krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
- krb5_keyblock *keyblock);
+ krb5_keyblock *keyblock);
krb5_error_code k5_rand2key_des(const krb5_data *randombits,
- krb5_keyblock *keyblock);
+ krb5_keyblock *keyblock);
krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
- krb5_keyblock *keyblock);
+ krb5_keyblock *keyblock);
/* Pseudo-random function */
krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
- krb5_key key, const krb5_data *in,
- krb5_data *out);
+ krb5_key key, const krb5_data *in,
+ krb5_data *out);
krb5_error_code krb5int_arcfour_prf(const struct krb5_keytypes *ktp,
- krb5_key key, const krb5_data *in,
- krb5_data *out);
+ krb5_key key, const krb5_data *in,
+ krb5_data *out);
krb5_error_code krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key,
- const krb5_data *in, krb5_data *out);
+ const krb5_data *in, krb5_data *out);
krb5_error_code krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp,
- krb5_key key, const krb5_data *in,
- krb5_data *out);
+ krb5_key key, const krb5_data *in,
+ krb5_data *out);
/*** Prototypes for cksumtype handler functions ***/
size_t num_data,
krb5_data *output);
krb5_error_code krb5int_dk_checksum(const struct krb5_cksumtypes *ctp,
- krb5_key key, krb5_keyusage usage,
- const krb5_crypto_iov *data,
- size_t num_data, krb5_data *output);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_crypto_iov *data,
+ size_t num_data, krb5_data *output);
krb5_error_code krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp,
- krb5_key key, krb5_keyusage usage,
- const krb5_crypto_iov *data,
- size_t num_data, krb5_data *output);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_crypto_iov *data,
+ size_t num_data, krb5_data *output);
krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp,
krb5_key key, krb5_keyusage usage,
const krb5_crypto_iov *data,
};
krb5_error_code krb5int_derive_keyblock(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_keyblock *outkey,
- const krb5_data *in_constant,
- enum deriv_alg alg);
+ krb5_key inkey, krb5_keyblock *outkey,
+ const krb5_data *in_constant,
+ enum deriv_alg alg);
krb5_error_code krb5int_derive_key(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_key *outkey,
- const krb5_data *in_constant,
- enum deriv_alg alg);
+ krb5_key inkey, krb5_key *outkey,
+ const krb5_data *in_constant,
+ enum deriv_alg alg);
krb5_error_code krb5int_derive_random(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_data *outrnd,
- const krb5_data *in_constant,
- enum deriv_alg alg);
+ krb5_key inkey, krb5_data *outrnd,
+ const krb5_data *in_constant,
+ enum deriv_alg alg);
/*** Miscellaneous prototypes ***/
(_state)->pad_to_boundary = 0)
krb5_crypto_iov *krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data,
- krb5_cryptotype type);
+ krb5_cryptotype type);
krb5_error_code krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp,
- krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_key key,
+ krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data);
unsigned int krb5int_c_padding_length(const struct krb5_keytypes *ktp,
- size_t data_length);
+ size_t data_length);
/*** Crypto module declarations ***/
unsigned int
krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp,
- krb5_cryptotype type)
+ krb5_cryptotype type)
{
switch (type) {
case KRB5_CRYPTO_TYPE_HEADER:
/* Derive encryption and integrity keys for CMAC-using enctypes. */
static krb5_error_code
derive_keys(const struct krb5_enc_provider *enc, krb5_key key,
- krb5_keyusage usage, krb5_key *ke_out, krb5_key *ki_out)
+ krb5_keyusage usage, krb5_key *ke_out, krb5_key *ki_out)
{
krb5_error_code ret;
unsigned char buf[K5CLENGTH];
buf[4] = 0xAA;
ret = krb5int_derive_key(enc, key, &ke, &constant, DERIVE_SP800_108_CMAC);
if (ret != 0)
- return ret;
+ return ret;
/* Derive the integrity key. */
buf[4] = 0x55;
ret = krb5int_derive_key(enc, key, &ki, &constant, DERIVE_SP800_108_CMAC);
if (ret != 0) {
- krb5_k_free_key(NULL, ke);
- return ret;
+ krb5_k_free_key(NULL, ke);
+ return ret;
}
*ke_out = ke;
krb5_error_code
krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, krb5_key key,
- krb5_keyusage usage, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_keyusage usage, const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data)
{
const struct krb5_enc_provider *enc = ktp->enc;
krb5_error_code ret;
return KRB5_BAD_MSIZE;
padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING);
if (padding != NULL)
- padding->data.length = 0;
+ padding->data.length = 0;
/* Derive the encryption and integrity keys. */
ret = derive_keys(enc, key, usage, &ke, &ki);
* okay. */
fd = open(DEVICE, O_RDWR, 0);
if (fd == -1)
- fd = open(DEVICE, O_RDONLY, 0);
+ fd = open(DEVICE, O_RDONLY, 0);
if (fd == -1)
- return errno;
+ return errno;
return 0;
}
ssize_t count;
while (len > 0) {
- count = read(fd, buf, len);
- if (count == 0) /* Not expected from a random device. */
- return KRB5_CRYPTO_INTERNAL;
- if (count == -1)
- return errno;
- buf += count;
- len -= count;
+ count = read(fd, buf, len);
+ if (count == 0) /* Not expected from a random device. */
+ return KRB5_CRYPTO_INTERNAL;
+ if (count == -1)
+ return errno;
+ buf += count;
+ len -= count;
}
return 0;
}
static krb5_error_code
krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
krb5_error_code ret;
static krb5_error_code
krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
krb5_error_code ret;
krb5_error_code
krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
size_t num_data, const krb5_data *iv,
- krb5_data *output)
+ krb5_data *output)
{
return EINVAL;
}
krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos);
Camellia_set_key(key->keyblock.contents, NUM_BITS * key->keyblock.length,
- &enck);
+ &enck);
size = CRYPTO_cts128_encrypt((unsigned char *)dbuf, oblock, dlen, &enck,
iv_cts, (cbc128_f)Camellia_cbc_encrypt);
}
Camellia_set_key(key->keyblock.contents, NUM_BITS * key->keyblock.length,
- &deck);
+ &deck);
krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos);
static krb5_error_code
krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
int ret = 0;
int nblocks = 0;
static krb5_error_code
krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
int ret = 0;
int nblocks = 0;
krb5_error_code
krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
size_t num_data, const krb5_data *iv,
- krb5_data *output)
+ krb5_data *output)
{
CAMELLIA_KEY enck;
unsigned char blockY[CAMELLIA_BLOCK_SIZE];
unsigned char blockB[CAMELLIA_BLOCK_SIZE];
if (!krb5int_c_iov_get_block(blockB, CAMELLIA_BLOCK_SIZE, data,
- num_data, &iov_state))
+ num_data, &iov_state))
break;
xorblock(blockB, blockY);
static krb5_error_code
krb5int_camellia_init_state (const krb5_keyblock *key, krb5_keyusage usage,
- krb5_data *state)
+ krb5_data *state)
{
state->length = 16;
state->data = (void *) malloc(16);
krb5_error_code
krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
size_t num_data, const krb5_data *iv,
- krb5_data *output)
+ krb5_data *output)
{
return EINVAL;
}