include \
kadmin \
kdc \
+ lib/crypto \
lib/kadm5 \
lib/kdb \
lib/krb5 \
include/iprop.h \
include/k5-platform.h \
include/gssrpc \
+ lib/crypto/builtin/aes \
lib/krb5/krb/deltat.c \
lib/krb5/unicode \
plugins/kdb/db2/libdb2 \
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/aes/aes_s2k.c
*
#include "dk.h"
#include "aes_s2k.h"
-#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */
-#define MAX_ITERATION_COUNT 0x1000000L
+#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */
+#define MAX_ITERATION_COUNT 0x1000000L
krb5_error_code
krb5int_aes_string_to_key(const struct krb5_enc_provider *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key)
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key)
{
unsigned long iter_count;
krb5_data out;
krb5_error_code err;
if (params) {
- unsigned char *p = (unsigned char *) params->data;
- if (params->length != 4)
- return KRB5_ERR_BAD_S2K_PARAMS;
- /* The first two need casts in case 'int' is 16 bits. */
- iter_count = load_32_be(p);
- if (iter_count == 0) {
- iter_count = (1UL << 16) << 16;
- if (((iter_count >> 16) >> 16) != 1)
- return KRB5_ERR_BAD_S2K_PARAMS;
- }
+ unsigned char *p = (unsigned char *) params->data;
+ if (params->length != 4)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ /* The first two need casts in case 'int' is 16 bits. */
+ iter_count = load_32_be(p);
+ if (iter_count == 0) {
+ iter_count = (1UL << 16) << 16;
+ if (((iter_count >> 16) >> 16) != 1)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ }
} else
- iter_count = DEFAULT_ITERATION_COUNT;
+ iter_count = DEFAULT_ITERATION_COUNT;
/* This is not a protocol specification constraint; this is an
implementation limit, which should eventually be controlled by
a config file. */
if (iter_count >= MAX_ITERATION_COUNT)
- return KRB5_ERR_BAD_S2K_PARAMS;
+ return KRB5_ERR_BAD_S2K_PARAMS;
/* Use the output keyblock contents for temporary space. */
out.data = (char *) key->contents;
out.length = key->length;
if (out.length != 16 && out.length != 32)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt);
if (err)
- goto cleanup;
+ goto cleanup;
err = krb5_k_create_key (NULL, key, &tempkey);
if (err)
- goto cleanup;
+ goto cleanup;
err = krb5int_derive_keyblock (enc, tempkey, key, &usage);
cleanup:
if (err)
- memset (out.data, 0, out.length);
+ memset (out.data, 0, out.length);
krb5_k_free_key (NULL, tempkey);
return err;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/openssl/aes/aes_s2k.h
+ */
+
+
extern krb5_error_code
krb5int_aes_string_to_key (const struct krb5_enc_provider *,
- const krb5_data *, const krb5_data *,
- const krb5_data *, krb5_keyblock *key);
+ const krb5_data *, const krb5_data *,
+ const krb5_data *, krb5_keyblock *key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/string2key.c
*
#define min(a,b) ((a)>(b)?(b):(a))
krb5_error_code
-mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
- const krb5_data *salt)
+mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data,
+ const krb5_data *salt)
{
- /* totally different approach from MIT string2key. */
- /* much of the work has already been done by the only caller
- which is mit_des_string_to_key; in particular, *keyblock is already
- set up. */
+ /* totally different approach from MIT string2key. */
+ /* much of the work has already been done by the only caller
+ which is mit_des_string_to_key; in particular, *keyblock is already
+ set up. */
char *realm = salt->data;
unsigned int i, j;
krb5_octet *key = keyblock->contents;
if (data->length <= 8) {
- /* One block only. Run afs_crypt and use the first eight
- returned bytes after the copy of the (fixed) salt.
-
- Since the returned bytes are alphanumeric, the output is
- limited to 2**48 possibilities; for each byte, only 64
- possible values can be used. */
- unsigned char password[9]; /* trailing nul for crypt() */
- char afs_crypt_buf[16];
-
- memset (password, 0, sizeof (password));
- memcpy (password, realm, min (salt->length, 8));
- for (i=0; i<8; i++)
- if (isupper(password[i]))
- password[i] = tolower(password[i]);
- for (i=0; i<data->length; i++)
- password[i] ^= data->data[i];
- for (i=0; i<8; i++)
- if (password[i] == '\0')
- password[i] = 'X';
- password[8] = '\0';
- /* Out-of-bounds salt characters are equivalent to a salt string
- of "p1". */
- strncpy((char *) key,
- (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2,
- 8);
- for (i=0; i<8; i++)
- key[i] <<= 1;
- /* now fix up key parity again */
- mit_des_fixup_key_parity(key);
- /* clean & free the input string */
- memset(password, 0, (size_t) sizeof(password));
+ /* One block only. Run afs_crypt and use the first eight
+ returned bytes after the copy of the (fixed) salt.
+
+ Since the returned bytes are alphanumeric, the output is
+ limited to 2**48 possibilities; for each byte, only 64
+ possible values can be used. */
+ unsigned char password[9]; /* trailing nul for crypt() */
+ char afs_crypt_buf[16];
+
+ memset (password, 0, sizeof (password));
+ memcpy (password, realm, min (salt->length, 8));
+ for (i=0; i<8; i++)
+ if (isupper(password[i]))
+ password[i] = tolower(password[i]);
+ for (i=0; i<data->length; i++)
+ password[i] ^= data->data[i];
+ for (i=0; i<8; i++)
+ if (password[i] == '\0')
+ password[i] = 'X';
+ password[8] = '\0';
+ /* Out-of-bounds salt characters are equivalent to a salt string
+ of "p1". */
+ strncpy((char *) key,
+ (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2,
+ 8);
+ for (i=0; i<8; i++)
+ key[i] <<= 1;
+ /* now fix up key parity again */
+ mit_des_fixup_key_parity(key);
+ /* clean & free the input string */
+ memset(password, 0, (size_t) sizeof(password));
} else {
- /* Multiple blocks. Do a CBC checksum, twice, and use the
- result as the new key. */
- mit_des_cblock ikey, tkey;
- mit_des_key_schedule key_sked;
- unsigned int pw_len = salt->length+data->length;
- unsigned char *password = malloc(pw_len+1);
- if (!password) return ENOMEM;
-
- /* Some bound checks from the original code are elided here as
- the malloc above makes sure we have enough storage. */
- memcpy (password, data->data, data->length);
- for (i=data->length, j = 0; j < salt->length; i++, j++) {
- password[i] = realm[j];
- if (isupper(password[i]))
- password[i] = tolower(password[i]);
- }
-
- memcpy (ikey, "kerberos", sizeof(ikey));
- memcpy (tkey, ikey, sizeof(tkey));
- mit_des_fixup_key_parity (tkey);
- (void) mit_des_key_sched (tkey, key_sked);
- (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey);
-
- memcpy (ikey, tkey, sizeof(ikey));
- mit_des_fixup_key_parity (tkey);
- (void) mit_des_key_sched (tkey, key_sked);
- (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey);
-
- /* erase key_sked */
- memset(key_sked, 0,sizeof(key_sked));
-
- /* now fix up key parity again */
- mit_des_fixup_key_parity(key);
-
- /* clean & free the input string */
- memset(password, 0, (size_t) pw_len);
- free(password);
+ /* Multiple blocks. Do a CBC checksum, twice, and use the
+ result as the new key. */
+ mit_des_cblock ikey, tkey;
+ mit_des_key_schedule key_sked;
+ unsigned int pw_len = salt->length+data->length;
+ unsigned char *password = malloc(pw_len+1);
+ if (!password) return ENOMEM;
+
+ /* Some bound checks from the original code are elided here as
+ the malloc above makes sure we have enough storage. */
+ memcpy (password, data->data, data->length);
+ for (i=data->length, j = 0; j < salt->length; i++, j++) {
+ password[i] = realm[j];
+ if (isupper(password[i]))
+ password[i] = tolower(password[i]);
+ }
+
+ memcpy (ikey, "kerberos", sizeof(ikey));
+ memcpy (tkey, ikey, sizeof(tkey));
+ mit_des_fixup_key_parity (tkey);
+ (void) mit_des_key_sched (tkey, key_sked);
+ (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey);
+
+ memcpy (ikey, tkey, sizeof(ikey));
+ mit_des_fixup_key_parity (tkey);
+ (void) mit_des_key_sched (tkey, key_sked);
+ (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey);
+
+ /* erase key_sked */
+ memset(key_sked, 0,sizeof(key_sked));
+
+ /* now fix up key parity again */
+ mit_des_fixup_key_parity(key);
+
+ /* clean & free the input string */
+ memset(password, 0, (size_t) pw_len);
+ free(password);
}
#if 0
/* must free here because it was copied for this special case */
/* Portions of this code:
Copyright 1989 by the Massachusetts Institute of Technology
- */
+*/
/*
* Copyright (c) 1990 Regents of The University of Michigan.
* specific, written prior permission. This software is supplied as
* is without expressed or implied warranties of any kind.
*
- * ITD Research Systems
- * University of Michigan
- * 535 W. William Street
- * Ann Arbor, Michigan
- * +1-313-936-2652
- * netatalk@terminator.cc.umich.edu
+ * ITD Research Systems
+ * University of Michigan
+ * 535 W. William Street
+ * Ann Arbor, Michigan
+ * +1-313-936-2652
+ * netatalk@terminator.cc.umich.edu
*/
static void krb5_afs_crypt_setkey (char*, char*, char(*)[48]);
/*
* Initial permutation,
*/
-static const char IP[] = {
- 58,50,42,34,26,18,10, 2,
- 60,52,44,36,28,20,12, 4,
- 62,54,46,38,30,22,14, 6,
- 64,56,48,40,32,24,16, 8,
- 57,49,41,33,25,17, 9, 1,
- 59,51,43,35,27,19,11, 3,
- 61,53,45,37,29,21,13, 5,
- 63,55,47,39,31,23,15, 7,
+static const char IP[] = {
+ 58,50,42,34,26,18,10, 2,
+ 60,52,44,36,28,20,12, 4,
+ 62,54,46,38,30,22,14, 6,
+ 64,56,48,40,32,24,16, 8,
+ 57,49,41,33,25,17, 9, 1,
+ 59,51,43,35,27,19,11, 3,
+ 61,53,45,37,29,21,13, 5,
+ 63,55,47,39,31,23,15, 7,
};
/*
* Final permutation, FP = IP^(-1)
*/
-static const char FP[] = {
- 40, 8,48,16,56,24,64,32,
- 39, 7,47,15,55,23,63,31,
- 38, 6,46,14,54,22,62,30,
- 37, 5,45,13,53,21,61,29,
- 36, 4,44,12,52,20,60,28,
- 35, 3,43,11,51,19,59,27,
- 34, 2,42,10,50,18,58,26,
- 33, 1,41, 9,49,17,57,25,
+static const char FP[] = {
+ 40, 8,48,16,56,24,64,32,
+ 39, 7,47,15,55,23,63,31,
+ 38, 6,46,14,54,22,62,30,
+ 37, 5,45,13,53,21,61,29,
+ 36, 4,44,12,52,20,60,28,
+ 35, 3,43,11,51,19,59,27,
+ 34, 2,42,10,50,18,58,26,
+ 33, 1,41, 9,49,17,57,25,
};
/*
* Permuted-choice 1 from the key bits to yield C and D.
* Note that bits 8,16... are left out: They are intended for a parity check.
*/
-static const char PC1_C[] = {
- 57,49,41,33,25,17, 9,
- 1,58,50,42,34,26,18,
- 10, 2,59,51,43,35,27,
- 19,11, 3,60,52,44,36,
+static const char PC1_C[] = {
+ 57,49,41,33,25,17, 9,
+ 1,58,50,42,34,26,18,
+ 10, 2,59,51,43,35,27,
+ 19,11, 3,60,52,44,36,
};
-static const char PC1_D[] = {
- 63,55,47,39,31,23,15,
- 7,62,54,46,38,30,22,
- 14, 6,61,53,45,37,29,
- 21,13, 5,28,20,12, 4,
+static const char PC1_D[] = {
+ 63,55,47,39,31,23,15,
+ 7,62,54,46,38,30,22,
+ 14, 6,61,53,45,37,29,
+ 21,13, 5,28,20,12, 4,
};
/*
* Sequence of shifts used for the key schedule.
*/
-static const char shifts[] = {
- 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1,
+static const char shifts[] = {
+ 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1,
};
/*
* Permuted-choice 2, to pick out the bits from
* the CD array that generate the key schedule.
*/
-static const char PC2_C[] = {
- 14,17,11,24, 1, 5,
- 3,28,15, 6,21,10,
- 23,19,12, 4,26, 8,
- 16, 7,27,20,13, 2,
+static const char PC2_C[] = {
+ 14,17,11,24, 1, 5,
+ 3,28,15, 6,21,10,
+ 23,19,12, 4,26, 8,
+ 16, 7,27,20,13, 2,
};
-static const char PC2_D[] = {
- 41,52,31,37,47,55,
- 30,40,51,45,33,48,
- 44,49,39,56,34,53,
- 46,42,50,36,29,32,
+static const char PC2_D[] = {
+ 41,52,31,37,47,55,
+ 30,40,51,45,33,48,
+ 44,49,39,56,34,53,
+ 46,42,50,36,29,32,
};
/*
* The E bit-selection table.
*/
-static const char e[] = {
- 32, 1, 2, 3, 4, 5,
- 4, 5, 6, 7, 8, 9,
- 8, 9,10,11,12,13,
- 12,13,14,15,16,17,
- 16,17,18,19,20,21,
- 20,21,22,23,24,25,
- 24,25,26,27,28,29,
- 28,29,30,31,32, 1,
+static const char e[] = {
+ 32, 1, 2, 3, 4, 5,
+ 4, 5, 6, 7, 8, 9,
+ 8, 9,10,11,12,13,
+ 12,13,14,15,16,17,
+ 16,17,18,19,20,21,
+ 20,21,22,23,24,25,
+ 24,25,26,27,28,29,
+ 28,29,30,31,32, 1,
};
/*
* P is a permutation on the selected combination
* of the current L and key.
*/
-static const char P[] = {
- 16, 7,20,21,
- 29,12,28,17,
- 1,15,23,26,
- 5,18,31,10,
- 2, 8,24,14,
- 32,27, 3, 9,
- 19,13,30, 6,
- 22,11, 4,25,
+static const char P[] = {
+ 16, 7,20,21,
+ 29,12,28,17,
+ 1,15,23,26,
+ 5,18,31,10,
+ 2, 8,24,14,
+ 32,27, 3, 9,
+ 19,13,30, 6,
+ 22,11, 4,25,
};
/*
* For some reason, they give a 0-origin
* index, unlike everything else.
*/
-static const char S[8][64] = {
- {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7,
- 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8,
- 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0,
- 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13},
-
- {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10,
- 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5,
- 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15,
- 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9},
-
- {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8,
- 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1,
- 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7,
- 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12},
-
- { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15,
- 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9,
- 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4,
- 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14},
-
- { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9,
- 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6,
- 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14,
- 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3},
-
- {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11,
- 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8,
- 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6,
- 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13},
-
- { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1,
- 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6,
- 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2,
- 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12},
-
- {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7,
- 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2,
- 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8,
- 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11},
+static const char S[8][64] = {
+ {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7,
+ 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8,
+ 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0,
+ 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13},
+
+ {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10,
+ 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5,
+ 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15,
+ 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9},
+
+ {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8,
+ 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1,
+ 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7,
+ 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12},
+
+ { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15,
+ 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9,
+ 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4,
+ 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14},
+
+ { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9,
+ 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6,
+ 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14,
+ 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3},
+
+ {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11,
+ 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8,
+ 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6,
+ 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13},
+
+ { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1,
+ 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6,
+ 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2,
+ 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12},
+
+ {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7,
+ 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2,
+ 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8,
+ 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11},
};
char *afs_crypt(const char *pw, const char *salt,
- /* must be at least 16 bytes */
- char *iobuf)
+ /* must be at least 16 bytes */
+ char *iobuf)
{
- int i, j, c;
- int temp;
- char block[66];
- char E[48];
- /*
- * The key schedule.
- * Generated from the key.
- */
- char KS[16][48];
-
- for(i=0; i<66; i++)
- block[i] = 0;
- for(i=0; (c= *pw) && i<64; pw++){
- for(j=0; j<7; j++, i++)
- block[i] = (c>>(6-j)) & 01;
- i++;
- }
-
- krb5_afs_crypt_setkey(block, E, KS);
-
- for(i=0; i<66; i++)
- block[i] = 0;
-
- for(i=0;i<2;i++){
- c = *salt++;
- iobuf[i] = c;
- if(c>'Z') c -= 6;
- if(c>'9') c -= 7;
- c -= '.';
- for(j=0;j<6;j++){
- if((c>>j) & 01){
- temp = E[6*i+j];
- E[6*i+j] = E[6*i+j+24];
- E[6*i+j+24] = temp;
- }
- }
- }
-
- for(i=0; i<25; i++)
- krb5_afs_encrypt(block,E,KS);
-
- for(i=0; i<11; i++){
- c = 0;
- for(j=0; j<6; j++){
- c <<= 1;
- c |= block[6*i+j];
- }
- c += '.';
- if(c>'9') c += 7;
- if(c>'Z') c += 6;
- iobuf[i+2] = c;
- }
- iobuf[i+2] = 0;
- if(iobuf[1]==0)
- iobuf[1] = iobuf[0];
- return(iobuf);
+ int i, j, c;
+ int temp;
+ char block[66];
+ char E[48];
+ /*
+ * The key schedule.
+ * Generated from the key.
+ */
+ char KS[16][48];
+
+ for(i=0; i<66; i++)
+ block[i] = 0;
+ for(i=0; (c= *pw) && i<64; pw++){
+ for(j=0; j<7; j++, i++)
+ block[i] = (c>>(6-j)) & 01;
+ i++;
+ }
+
+ krb5_afs_crypt_setkey(block, E, KS);
+
+ for(i=0; i<66; i++)
+ block[i] = 0;
+
+ for(i=0;i<2;i++){
+ c = *salt++;
+ iobuf[i] = c;
+ if(c>'Z') c -= 6;
+ if(c>'9') c -= 7;
+ c -= '.';
+ for(j=0;j<6;j++){
+ if((c>>j) & 01){
+ temp = E[6*i+j];
+ E[6*i+j] = E[6*i+j+24];
+ E[6*i+j+24] = temp;
+ }
+ }
+ }
+
+ for(i=0; i<25; i++)
+ krb5_afs_encrypt(block,E,KS);
+
+ for(i=0; i<11; i++){
+ c = 0;
+ for(j=0; j<6; j++){
+ c <<= 1;
+ c |= block[6*i+j];
+ }
+ c += '.';
+ if(c>'9') c += 7;
+ if(c>'Z') c += 6;
+ iobuf[i+2] = c;
+ }
+ iobuf[i+2] = 0;
+ if(iobuf[1]==0)
+ iobuf[1] = iobuf[0];
+ return(iobuf);
}
/*
static void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48])
{
- register int i, j, k;
- int t;
- /*
- * The C and D arrays used to calculate the key schedule.
- */
- char C[28], D[28];
-
- /*
- * First, generate C and D by permuting
- * the key. The low order bit of each
- * 8-bit char is not used, so C and D are only 28
- * bits apiece.
- */
- for (i=0; i<28; i++) {
- C[i] = key[PC1_C[i]-1];
- D[i] = key[PC1_D[i]-1];
- }
- /*
- * To generate Ki, rotate C and D according
- * to schedule and pick up a permutation
- * using PC2.
- */
- for (i=0; i<16; i++) {
- /*
- * rotate.
- */
- for (k=0; k<shifts[i]; k++) {
- t = C[0];
- for (j=0; j<28-1; j++)
- C[j] = C[j+1];
- C[27] = t;
- t = D[0];
- for (j=0; j<28-1; j++)
- D[j] = D[j+1];
- D[27] = t;
- }
- /*
- * get Ki. Note C and D are concatenated.
- */
- for (j=0; j<24; j++) {
- KS[i][j] = C[PC2_C[j]-1];
- KS[i][j+24] = D[PC2_D[j]-28-1];
- }
- }
+ register int i, j, k;
+ int t;
+ /*
+ * The C and D arrays used to calculate the key schedule.
+ */
+ char C[28], D[28];
+
+ /*
+ * First, generate C and D by permuting
+ * the key. The low order bit of each
+ * 8-bit char is not used, so C and D are only 28
+ * bits apiece.
+ */
+ for (i=0; i<28; i++) {
+ C[i] = key[PC1_C[i]-1];
+ D[i] = key[PC1_D[i]-1];
+ }
+ /*
+ * To generate Ki, rotate C and D according
+ * to schedule and pick up a permutation
+ * using PC2.
+ */
+ for (i=0; i<16; i++) {
+ /*
+ * rotate.
+ */
+ for (k=0; k<shifts[i]; k++) {
+ t = C[0];
+ for (j=0; j<28-1; j++)
+ C[j] = C[j+1];
+ C[27] = t;
+ t = D[0];
+ for (j=0; j<28-1; j++)
+ D[j] = D[j+1];
+ D[27] = t;
+ }
+ /*
+ * get Ki. Note C and D are concatenated.
+ */
+ for (j=0; j<24; j++) {
+ KS[i][j] = C[PC2_C[j]-1];
+ KS[i][j+24] = D[PC2_D[j]-28-1];
+ }
+ }
#if 0
- for(i=0;i<48;i++) {
- E[i] = e[i];
- }
+ for(i=0;i<48;i++) {
+ E[i] = e[i];
+ }
#else
- memcpy(E, e, 48);
+ memcpy(E, e, 48);
#endif
}
static void krb5_afs_encrypt(char *block, char *E, char (*KS)[48])
{
- const long edflag = 0;
- int i, ii;
- int t, j, k;
- char tempL[32];
- char f[32];
- /*
- * The current block, divided into 2 halves.
- */
- char L[64];
- char *const R = &L[32];
- /*
- * The combination of the key and the input, before selection.
- */
- char preS[48];
-
- /*
- * First, permute the bits in the input
- */
- for (j=0; j<64; j++)
- L[j] = block[IP[j]-1];
- /*
- * Perform an encryption operation 16 times.
- */
- for (ii=0; ii<16; ii++) {
- /*
- * Set direction
- */
- if (edflag)
- i = 15-ii;
- else
- i = ii;
- /*
- * Save the R array,
- * which will be the new L.
- */
+ const long edflag = 0;
+ int i, ii;
+ int t, j, k;
+ char tempL[32];
+ char f[32];
+ /*
+ * The current block, divided into 2 halves.
+ */
+ char L[64];
+ char *const R = &L[32];
+ /*
+ * The combination of the key and the input, before selection.
+ */
+ char preS[48];
+
+ /*
+ * First, permute the bits in the input
+ */
+ for (j=0; j<64; j++)
+ L[j] = block[IP[j]-1];
+ /*
+ * Perform an encryption operation 16 times.
+ */
+ for (ii=0; ii<16; ii++) {
+ /*
+ * Set direction
+ */
+ if (edflag)
+ i = 15-ii;
+ else
+ i = ii;
+ /*
+ * Save the R array,
+ * which will be the new L.
+ */
#if 0
- for (j=0; j<32; j++)
- tempL[j] = R[j];
+ for (j=0; j<32; j++)
+ tempL[j] = R[j];
#else
- memcpy(tempL, R, 32);
+ memcpy(tempL, R, 32);
#endif
- /*
- * Expand R to 48 bits using the E selector;
- * exclusive-or with the current key bits.
- */
- for (j=0; j<48; j++)
- preS[j] = R[E[j]-1] ^ KS[i][j];
- /*
- * The pre-select bits are now considered
- * in 8 groups of 6 bits each.
- * The 8 selection functions map these
- * 6-bit quantities into 4-bit quantities
- * and the results permuted
- * to make an f(R, K).
- * The indexing into the selection functions
- * is peculiar; it could be simplified by
- * rewriting the tables.
- */
- for (j=0; j<8; j++) {
- t = 6*j;
- k = S[j][(preS[t+0]<<5)+
- (preS[t+1]<<3)+
- (preS[t+2]<<2)+
- (preS[t+3]<<1)+
- (preS[t+4]<<0)+
- (preS[t+5]<<4)];
- t = 4*j;
- f[t+0] = (k>>3)&01;
- f[t+1] = (k>>2)&01;
- f[t+2] = (k>>1)&01;
- f[t+3] = (k>>0)&01;
- }
- /*
- * The new R is L ^ f(R, K).
- * The f here has to be permuted first, though.
- */
- for (j=0; j<32; j++)
- R[j] = L[j] ^ f[P[j]-1];
- /*
- * Finally, the new L (the original R)
- * is copied back.
- */
+ /*
+ * Expand R to 48 bits using the E selector;
+ * exclusive-or with the current key bits.
+ */
+ for (j=0; j<48; j++)
+ preS[j] = R[E[j]-1] ^ KS[i][j];
+ /*
+ * The pre-select bits are now considered
+ * in 8 groups of 6 bits each.
+ * The 8 selection functions map these
+ * 6-bit quantities into 4-bit quantities
+ * and the results permuted
+ * to make an f(R, K).
+ * The indexing into the selection functions
+ * is peculiar; it could be simplified by
+ * rewriting the tables.
+ */
+ for (j=0; j<8; j++) {
+ t = 6*j;
+ k = S[j][(preS[t+0]<<5)+
+ (preS[t+1]<<3)+
+ (preS[t+2]<<2)+
+ (preS[t+3]<<1)+
+ (preS[t+4]<<0)+
+ (preS[t+5]<<4)];
+ t = 4*j;
+ f[t+0] = (k>>3)&01;
+ f[t+1] = (k>>2)&01;
+ f[t+2] = (k>>1)&01;
+ f[t+3] = (k>>0)&01;
+ }
+ /*
+ * The new R is L ^ f(R, K).
+ * The f here has to be permuted first, though.
+ */
+ for (j=0; j<32; j++)
+ R[j] = L[j] ^ f[P[j]-1];
+ /*
+ * Finally, the new L (the original R)
+ * is copied back.
+ */
#if 0
- for (j=0; j<32; j++)
- L[j] = tempL[j];
+ for (j=0; j<32; j++)
+ L[j] = tempL[j];
#else
- memcpy(L, tempL, 32);
+ memcpy(L, tempL, 32);
#endif
- }
- /*
- * The output L and R are reversed.
- */
- for (j=0; j<32; j++) {
- t = L[j];
- L[j] = R[j];
- R[j] = t;
- }
- /*
- * The final output
- * gets the inverse permutation of the very original.
- */
- for (j=0; j<64; j++)
- block[j] = L[FP[j]-1];
+ }
+ /*
+ * The output L and R are reversed.
+ */
+ for (j=0; j<32; j++) {
+ t = L[j];
+ L[j] = R[j];
+ R[j] = t;
+ }
+ /*
+ * The final output
+ * gets the inverse permutation of the very original.
+ */
+ for (j=0; j<64; j++)
+ block[j] = L[FP[j]-1];
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2008 by the Massachusetts Institute of Technology.
* Copyright 1995 by Richard P. Basch. All Rights Reserved.
void
krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec)
{
unsigned DES_INT32 left, right;
const unsigned DES_INT32 *kp1, *kp2, *kp3;
* vector.
*/
if (ivec != NULL)
- ip = ivec;
+ ip = ivec;
else
- ip = mit_des_zeroblock;
+ ip = mit_des_zeroblock;
GET_HALF_BLOCK(left, ip);
GET_HALF_BLOCK(right, ip);
* at a time.
*/
for (;;) {
- unsigned DES_INT32 temp;
+ unsigned DES_INT32 temp;
- ip = iblock;
- op = oblock;
+ ip = iblock;
+ op = oblock;
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
+ if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
+ break;
- if (input_pos.iov_pos == num_data)
- break;
+ if (input_pos.iov_pos == num_data)
+ break;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ left ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ right ^= temp;
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp1);
- DES_DO_DECRYPT(left, right, kp2);
- DES_DO_ENCRYPT(left, right, kp3);
+ /*
+ * Encrypt what we have
+ */
+ DES_DO_ENCRYPT(left, right, kp1);
+ DES_DO_DECRYPT(left, right, kp2);
+ DES_DO_ENCRYPT(left, right, kp3);
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
+ /*
+ * Copy the results out
+ */
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
+ krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
}
if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
+ memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
}
void
krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec)
{
unsigned DES_INT32 left, right;
const unsigned DES_INT32 *kp1, *kp2, *kp3;
*/
if (num_data == 0)
- return;
+ return;
/*
* Prime the old cipher with ivec.
*/
if (ivec != NULL)
- ip = ivec;
+ ip = ivec;
else
- ip = mit_des_zeroblock;
+ ip = mit_des_zeroblock;
GET_HALF_BLOCK(ocipherl, ip);
GET_HALF_BLOCK(ocipherr, ip);
* Now do this in earnest until we run out of length.
*/
for (;;) {
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
-
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
-
- if (input_pos.iov_pos == num_data)
- break;
-
- ip = iblock;
- op = oblock;
-
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp3);
- DES_DO_ENCRYPT(left, right, kp2);
- DES_DO_DECRYPT(left, right, kp1);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
-
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
-
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
+ /*
+ * Read a block from the input into left and
+ * right. Save this cipher block for later.
+ */
+
+ if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
+ break;
+
+ if (input_pos.iov_pos == num_data)
+ break;
+
+ ip = iblock;
+ op = oblock;
+
+ GET_HALF_BLOCK(left, ip);
+ GET_HALF_BLOCK(right, ip);
+ cipherl = left;
+ cipherr = right;
+
+ /*
+ * Decrypt this.
+ */
+ DES_DO_DECRYPT(left, right, kp3);
+ DES_DO_ENCRYPT(left, right, kp2);
+ DES_DO_DECRYPT(left, right, kp1);
+
+ /*
+ * Xor with the old cipher to get plain
+ * text. Output 8 or less bytes of this.
+ */
+ left ^= ocipherl;
+ right ^= ocipherr;
+
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
+
+ /*
+ * Save current cipher block here
+ */
+ ocipherl = cipherl;
+ ocipherr = cipherr;
+
+ krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
}
if (ivec != NULL) {
- op = ivec;
- PUT_HALF_BLOCK(ocipherl,op);
- PUT_HALF_BLOCK(ocipherr, op);
+ op = ivec;
+ PUT_HALF_BLOCK(ocipherl,op);
+ PUT_HALF_BLOCK(ocipherr, op);
}
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 1995 by Richard P. Basch. All Rights Reserved.
* Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
#undef mit_des3_cbc_encrypt
int
mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec, int enc)
+ unsigned long length, const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec, int enc)
{
if (enc)
- krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec);
+ krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec);
else
- krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec);
+ krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec);
return 0;
}
void
krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec)
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec)
{
unsigned DES_INT32 left, right;
const unsigned DES_INT32 *kp1, *kp2, *kp3;
ip = *in;
op = *out;
while (length > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (length >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- length -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) length;
- switch(length) {
- case 7: right ^= (*(--ip) & FF_UINT32) << 8;
- case 6: right ^= (*(--ip) & FF_UINT32) << 16;
- case 5: right ^= (*(--ip) & FF_UINT32) << 24;
- case 4: left ^= *(--ip) & FF_UINT32;
- case 3: left ^= (*(--ip) & FF_UINT32) << 8;
- case 2: left ^= (*(--ip) & FF_UINT32) << 16;
- case 1: left ^= (*(--ip) & FF_UINT32) << 24;
-
- }
- length = 0;
- }
-
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp1);
- DES_DO_DECRYPT(left, right, kp2);
- DES_DO_ENCRYPT(left, right, kp3);
-
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
+ /*
+ * Get more input, xor it in. If the length is
+ * greater than or equal to 8 this is straight
+ * forward. Otherwise we have to fart around.
+ */
+ if (length >= 8) {
+ unsigned DES_INT32 temp;
+ GET_HALF_BLOCK(temp, ip);
+ left ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ right ^= temp;
+ length -= 8;
+ } else {
+ /*
+ * Oh, shoot. We need to pad the
+ * end with zeroes. Work backwards
+ * to do this.
+ */
+ ip += (int) length;
+ switch(length) {
+ case 7: right ^= (*(--ip) & FF_UINT32) << 8;
+ case 6: right ^= (*(--ip) & FF_UINT32) << 16;
+ case 5: right ^= (*(--ip) & FF_UINT32) << 24;
+ case 4: left ^= *(--ip) & FF_UINT32;
+ case 3: left ^= (*(--ip) & FF_UINT32) << 8;
+ case 2: left ^= (*(--ip) & FF_UINT32) << 16;
+ case 1: left ^= (*(--ip) & FF_UINT32) << 24;
+
+ }
+ length = 0;
+ }
+
+ /*
+ * Encrypt what we have
+ */
+ DES_DO_ENCRYPT(left, right, kp1);
+ DES_DO_DECRYPT(left, right, kp2);
+ DES_DO_ENCRYPT(left, right, kp3);
+
+ /*
+ * Copy the results out
+ */
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
}
}
void
krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec)
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec)
{
unsigned DES_INT32 left, right;
const unsigned DES_INT32 *kp1, *kp2, *kp3;
*/
if (length <= 0)
- return;
+ return;
/*
* Prime the old cipher with ivec.
*/
ip = *in;
op = *out;
- for (;;) { /* check done inside loop */
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp3);
- DES_DO_ENCRYPT(left, right, kp2);
- DES_DO_DECRYPT(left, right, kp1);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
- if (length > 8) {
- length -= 8;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
- } else {
- /*
- * Trouble here. Start at end of output,
- * work backwards.
- */
- op += (int) length;
- switch(length) {
- case 8: *(--op) = (unsigned char) (right & 0xff);
- case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff);
- case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff);
- case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff);
- case 4: *(--op) = (unsigned char) (left & 0xff);
- case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff);
- case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff);
- case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff);
- }
- break; /* we're done */
- }
+ for (;;) { /* check done inside loop */
+ /*
+ * Read a block from the input into left and
+ * right. Save this cipher block for later.
+ */
+ GET_HALF_BLOCK(left, ip);
+ GET_HALF_BLOCK(right, ip);
+ cipherl = left;
+ cipherr = right;
+
+ /*
+ * Decrypt this.
+ */
+ DES_DO_DECRYPT(left, right, kp3);
+ DES_DO_ENCRYPT(left, right, kp2);
+ DES_DO_DECRYPT(left, right, kp1);
+
+ /*
+ * Xor with the old cipher to get plain
+ * text. Output 8 or less bytes of this.
+ */
+ left ^= ocipherl;
+ right ^= ocipherr;
+ if (length > 8) {
+ length -= 8;
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
+ /*
+ * Save current cipher block here
+ */
+ ocipherl = cipherl;
+ ocipherr = cipherr;
+ } else {
+ /*
+ * Trouble here. Start at end of output,
+ * work backwards.
+ */
+ op += (int) length;
+ switch(length) {
+ case 8: *(--op) = (unsigned char) (right & 0xff);
+ case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff);
+ case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff);
+ case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff);
+ case 4: *(--op) = (unsigned char) (left & 0xff);
+ case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff);
+ case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff);
+ case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff);
+ }
+ break; /* we're done */
+ }
}
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 1995 by Richard P. Basch. All Rights Reserved.
* Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
mit_des_make_key_sched(k[1],schedule[1]);
mit_des_make_key_sched(k[2],schedule[2]);
- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
- return(-1);
+ if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
+ return(-1);
if (mit_des_is_weak_key(k[0]))
- return(-2);
+ return(-2);
if (!mit_des_check_key_parity(k[1]))
- return(-1);
+ return(-1);
if (mit_des_is_weak_key(k[1]))
- return(-2);
+ return(-2);
if (!mit_des_check_key_parity(k[2]))
- return(-1);
+ return(-1);
if (mit_des_is_weak_key(k[2]))
- return(-2);
+ return(-2);
/* if key was good, return 0 */
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/des_int.h
*
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-/* only do the whole thing once */
+/* only do the whole thing once */
#ifndef DES_INTERNAL_DEFS
#define DES_INTERNAL_DEFS
#define DES_UINT32 unsigned long
#endif
-typedef unsigned char des_cblock[8] /* crypto-block size */
+typedef unsigned char des_cblock[8] /* crypto-block size */
KRB5INT_DES_DEPRECATED;
/*
typedef des_key_schedule mit_des_key_schedule;
/* Triple-DES structures */
-typedef mit_des_cblock mit_des3_cblock[3];
-typedef mit_des_key_schedule mit_des3_key_schedule[3];
+typedef mit_des_cblock mit_des3_cblock[3];
+typedef mit_des_key_schedule mit_des3_key_schedule[3];
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
+#define MIT_DES_ENCRYPT 1
+#define MIT_DES_DECRYPT 0
typedef struct mit_des_ran_key_seed {
krb5_encrypt_block eblock;
/* the first byte of the key is already in the keyblock */
-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
-#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH
+#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
+#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH
/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE 8
+#define MIT_DES_KEYSIZE 8
-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
+#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
/*
* Check if k5-int.h has been included before us. If so, then check to see
* that our view of the DES key size is the same as k5-int.h's.
*/
-#ifdef KRB5_MIT_DES_KEYSIZE
-#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
+#ifdef KRB5_MIT_DES_KEYSIZE
+#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif /* KRB5_MIT_DES_KEYSIZE */
+#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES_KEYSIZE */
#endif /* KRB5_MIT_DES__ */
/*
* End "mit-des.h"
*/
/* afsstring2key.c */
-extern krb5_error_code mit_afs_string_to_key
- (krb5_keyblock *keyblock,
- const krb5_data *data,
- const krb5_data *salt);
-extern char *mit_afs_crypt
- (const char *pw, const char *salt, char *iobuf);
+krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
+ const krb5_data *data,
+ const krb5_data *salt);
+char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf);
/* f_cksum.c */
-extern unsigned long mit_des_cbc_cksum
- (const krb5_octet *, krb5_octet *, unsigned long ,
- const mit_des_key_schedule, const krb5_octet *);
+unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *,
+ unsigned long, const mit_des_key_schedule,
+ const krb5_octet *);
/* f_ecb.c */
-extern int mit_des_ecb_encrypt
- (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int );
+int mit_des_ecb_encrypt(const mit_des_cblock *, mit_des_cblock *,
+ mit_des_key_schedule, int );
/* f_cbc.c */
-extern int mit_des_cbc_encrypt (const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc);
+int mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec, int enc);
#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
extern const mit_des_cblock mit_des_zeroblock;
/* fin_rndkey.c */
-extern krb5_error_code mit_des_finish_random_key
- ( const krb5_encrypt_block *,
- krb5_pointer *);
+krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *,
+ krb5_pointer *);
/* finish_key.c */
-extern krb5_error_code mit_des_finish_key
- ( krb5_encrypt_block *);
+krb5_error_code mit_des_finish_key(krb5_encrypt_block *);
/* init_rkey.c */
-extern krb5_error_code mit_des_init_random_key
- ( const krb5_encrypt_block *,
- const krb5_keyblock *,
- krb5_pointer *);
+krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
+ const krb5_keyblock *,
+ krb5_pointer *);
/* key_parity.c */
-extern void mit_des_fixup_key_parity (mit_des_cblock );
-extern int mit_des_check_key_parity (mit_des_cblock );
+void mit_des_fixup_key_parity(mit_des_cblock);
+int mit_des_check_key_parity(mit_des_cblock);
/* key_sched.c */
-extern int mit_des_key_sched
- (mit_des_cblock , mit_des_key_schedule );
+int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule);
/* process_ky.c */
-extern krb5_error_code mit_des_process_key
- ( krb5_encrypt_block *, const krb5_keyblock *);
+krb5_error_code mit_des_process_key(krb5_encrypt_block *,
+ const krb5_keyblock *);
/* random_key.c */
-extern krb5_error_code mit_des_random_key
- ( const krb5_encrypt_block *, krb5_pointer ,
- krb5_keyblock **);
+krb5_error_code mit_des_random_key(const krb5_encrypt_block *,
+ krb5_pointer, krb5_keyblock **);
/* string2key.c */
-extern krb5_error_code mit_des_string_to_key
- ( const krb5_encrypt_block *,
- krb5_keyblock *, const krb5_data *, const krb5_data *);
-extern krb5_error_code mit_des_string_to_key_int
- (krb5_keyblock *, const krb5_data *, const krb5_data *);
+krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *,
+ krb5_keyblock *, const krb5_data *,
+ const krb5_data *);
+krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *,
+ const krb5_data *);
/* weak_key.c */
-extern int mit_des_is_weak_key (mit_des_cblock );
+int mit_des_is_weak_key(mit_des_cblock);
/* cmb_keys.c */
-krb5_error_code mit_des_combine_subkeys
- (const krb5_keyblock *, const krb5_keyblock *,
- krb5_keyblock **);
+krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *,
+ const krb5_keyblock *,
+ krb5_keyblock **);
/* f_pcbc.c */
-int mit_des_pcbc_encrypt ();
+int mit_des_pcbc_encrypt();
/* f_sched.c */
int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
/* misc.c */
-extern void swap_bits (char *);
-extern unsigned long long_swap_bits (unsigned long );
-extern unsigned long swap_six_bits_to_ansi (unsigned long );
-extern unsigned long swap_four_bits_to_ansi (unsigned long );
-extern unsigned long swap_bit_pos_1 (unsigned long );
-extern unsigned long swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
-extern unsigned long rev_swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_byte_bits (unsigned long );
-extern unsigned long swap_long_bytes_bit_number (unsigned long );
+extern void swap_bits(char *);
+extern unsigned long long_swap_bits(unsigned long);
+extern unsigned long swap_six_bits_to_ansi(unsigned long);
+extern unsigned long swap_four_bits_to_ansi(unsigned long);
+extern unsigned long swap_bit_pos_1(unsigned long);
+extern unsigned long swap_bit_pos_0(unsigned long);
+extern unsigned long swap_bit_pos_0_to_ansi(unsigned long);
+extern unsigned long rev_swap_bit_pos_0(unsigned long);
+extern unsigned long swap_byte_bits(unsigned long);
+extern unsigned long swap_long_bytes_bit_number(unsigned long);
#ifdef FILE
/* XXX depends on FILE being a #define! */
-extern void test_set (FILE *, const char *, int, const char *, int);
+extern void test_set(FILE *, const char *, int, const char *, int);
#endif
/* d3_ecb.c */
-extern int mit_des3_ecb_encrypt
- (const mit_des_cblock *in,
- mit_des_cblock *out,
- mit_des_key_schedule sched1,
- mit_des_key_schedule sched2,
- mit_des_key_schedule sched3,
- int enc);
+extern int mit_des3_ecb_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+ mit_des_key_schedule sched1,
+ mit_des_key_schedule sched2,
+ mit_des_key_schedule sched3, int enc);
/* d3_cbc.c */
-extern int mit_des3_cbc_encrypt
- (const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec,
- int enc);
+extern int mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec, int enc);
void
krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec);
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec);
void
krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec);
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec);
void
krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec);
void
krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \
- ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec);
+
+#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \
+ ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \
(in, out, length, ks1, ks2, ks3, ivec), 0)
void
krb5int_des_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec);
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec);
void
krb5int_des_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec);
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec);
-#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \
- ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \
+#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \
+ ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \
(in, out, length, schedule, ivec), 0)
void
krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec);
void
krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec);
/* d3_procky.c */
-extern krb5_error_code mit_des3_process_key
- (krb5_encrypt_block * eblock,
- const krb5_keyblock * keyblock);
+krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock,
+ const krb5_keyblock *keyblock);
/* d3_kysched.c */
-extern int mit_des3_key_sched
- (mit_des3_cblock key,
- mit_des3_key_schedule schedule);
+int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule);
/* d3_str2ky.c */
-extern krb5_error_code mit_des3_string_to_key
- (const krb5_encrypt_block * eblock,
- krb5_keyblock * keyblock,
- const krb5_data * data,
- const krb5_data * salt);
+krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock,
+ krb5_keyblock *keyblock,
+ const krb5_data *data,
+ const krb5_data *salt);
/* u_nfold.c */
-extern krb5_error_code mit_des_n_fold
- (const krb5_octet * input,
- const size_t in_len,
- krb5_octet * output,
- const size_t out_len);
+krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len,
+ krb5_octet *output, const size_t out_len);
/* u_rn_key.c */
-extern int mit_des_is_weak_keyblock
- (krb5_keyblock *keyblock);
+int mit_des_is_weak_keyblock(krb5_keyblock *keyblock);
-extern void mit_des_fixup_keyblock_parity
- (krb5_keyblock *keyblock);
+void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock);
-extern krb5_error_code mit_des_set_random_generator_seed
- (const krb5_data * seed,
- krb5_pointer random_state);
+krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed,
+ krb5_pointer random_state);
-extern krb5_error_code mit_des_set_random_sequence_number
- (const krb5_data * sequence,
- krb5_pointer random_state);
-#endif /*DES_INTERNAL_DEFS*/
+krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence,
+ krb5_pointer random_state);
+#endif /*DES_INTERNAL_DEFS*/
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/destest.c
*
int error = 0;
while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
- convert(block1, key);
- convert(block2, input);
- convert(block3, output);
-
- retval = mit_des_key_sched(key, sched);
- if (retval) {
- fprintf(stderr, "des test: can't process key: %d\n", retval);
- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
+ convert(block1, key);
+ convert(block2, input);
+ convert(block3, output);
+
+ retval = mit_des_key_sched(key, sched);
+ if (retval) {
+ fprintf(stderr, "des test: can't process key: %d\n", retval);
+ fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
exit(1);
}
- mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8,
- sched, zeroblock, 1);
-
- if (memcmp((char *)output2, (char *)output, 8)) {
- fprintf(stderr,
- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
- block1, block2, block3,
- output2[0],output2[1],output2[2],output2[3],
- output2[4],output2[5],output2[6],output2[7]);
- error++;
- }
-
- /*
- * Now try decrypting....
- */
- mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8,
- sched, zeroblock, 0);
-
- if (memcmp((char *)output2, (char *)input, 8)) {
- fprintf(stderr,
- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
- block1, block2, block3,
- output2[0],output2[1],output2[2],output2[3],
- output2[4],output2[5],output2[6],output2[7]);
- error++;
- }
-
- num++;
+ mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8,
+ sched, zeroblock, 1);
+
+ if (memcmp((char *)output2, (char *)output, 8)) {
+ fprintf(stderr,
+ "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
+ block1, block2, block3,
+ output2[0],output2[1],output2[2],output2[3],
+ output2[4],output2[5],output2[6],output2[7]);
+ error++;
+ }
+
+ /*
+ * Now try decrypting....
+ */
+ mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8,
+ sched, zeroblock, 0);
+
+ if (memcmp((char *)output2, (char *)input, 8)) {
+ fprintf(stderr,
+ "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
+ block1, block2, block3,
+ output2[0],output2[1],output2[2],output2[3],
+ output2[4],output2[5],output2[6],output2[7]);
+ error++;
+ }
+
+ num++;
}
if (error)
- printf("destest: failed to pass the test\n");
+ printf("destest: failed to pass the test\n");
else
- printf("destest: %d tests passed successfully\n", num);
+ printf("destest: %d tests passed successfully\n", num);
exit( (error > 256 && error % 256) ? 1 : error);
}
int value[128] = {
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
-0, 1, 2, 3, 4, 5, 6, 7,
-8, 9, -1, -1, -1, -1, -1, -1,
--1, 10, 11, 12, 13, 14, 15, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ 0, 1, 2, 3, 4, 5, 6, 7,
+ 8, 9, -1, -1, -1, -1, -1, -1,
+ -1, 10, 11, 12, 13, 14, 15, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1,
};
void
{
register int i;
for (i = 0; i < 8; i++) {
- if (text[i*2] < 0 || text[i*2] >= 128)
- abort ();
- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
- printf("Bad value byte %d in %s\n", i, text);
- exit(1);
- }
- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
+ if (text[i*2] < 0 || text[i*2] >= 128)
+ abort ();
+ if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
+ printf("Bad value byte %d in %s\n", i, text);
+ exit(1);
+ }
+ cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
}
return;
}
mit_des_is_weak_key(key)
mit_des_cblock key;
{
- return 0; /* fake it out for testing */
+ return 0; /* fake it out for testing */
}
void
*/
int
mit_des_check_key_parity(key)
- register mit_des_cblock key;
+ register mit_des_cblock key;
{
int i;
for (i=0; i<sizeof(mit_des_cblock); i++) {
- if ((key[i] & 1) == parity_char(0xfe&key[i])) {
- printf("warning: bad parity key:");
- des_cblock_print_file(key, stdout);
- putchar('\n');
+ if ((key[i] & 1) == parity_char(0xfe&key[i])) {
+ printf("warning: bad parity key:");
+ des_cblock_print_file(key, stdout);
+ putchar('\n');
- return 1;
- }
+ return 1;
+ }
}
return(1);
void
mit_des_fixup_key_parity(key)
- register mit_des_cblock key;
+ register mit_des_cblock key;
{
int i;
for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- key[i] &= 0xfe;
- key[i] |= 1^parity_char(key[i]);
- }
+ {
+ key[i] &= 0xfe;
+ key[i] |= 1^parity_char(key[i]);
+ }
return;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2008 by the Massachusetts Institute of Technology.
* Copyright 1995 by Richard P. Basch. All Rights Reserved.
void
krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec)
{
unsigned DES_INT32 left, right;
const unsigned DES_INT32 *kp;
* vector.
*/
if (ivec != NULL)
- ip = ivec;
+ ip = ivec;
else
- ip = mit_des_zeroblock;
+ ip = mit_des_zeroblock;
GET_HALF_BLOCK(left, ip);
GET_HALF_BLOCK(right, ip);
* at a time.
*/
for (;;) {
- unsigned DES_INT32 temp;
+ unsigned DES_INT32 temp;
- ip = iblock;
- op = oblock;
+ ip = iblock;
+ op = oblock;
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
+ if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
+ break;
- if (input_pos.iov_pos == num_data)
- break;
+ if (input_pos.iov_pos == num_data)
+ break;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ left ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ right ^= temp;
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp);
+ /*
+ * Encrypt what we have
+ */
+ DES_DO_ENCRYPT(left, right, kp);
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
+ /*
+ * Copy the results out
+ */
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
+ krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
}
if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
+ memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
}
void
krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec)
{
unsigned DES_INT32 left, right;
const unsigned DES_INT32 *kp;
*/
if (num_data == 0)
- return;
+ return;
/*
* Prime the old cipher with ivec.
*/
if (ivec != NULL)
- ip = ivec;
+ ip = ivec;
else
- ip = mit_des_zeroblock;
+ ip = mit_des_zeroblock;
GET_HALF_BLOCK(ocipherl, ip);
GET_HALF_BLOCK(ocipherr, ip);
* Now do this in earnest until we run out of length.
*/
for (;;) {
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
-
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
-
- if (input_pos.iov_pos == num_data)
- break;
-
- ip = iblock;
- op = oblock;
-
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
-
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
-
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
+ /*
+ * Read a block from the input into left and
+ * right. Save this cipher block for later.
+ */
+
+ if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
+ break;
+
+ if (input_pos.iov_pos == num_data)
+ break;
+
+ ip = iblock;
+ op = oblock;
+
+ GET_HALF_BLOCK(left, ip);
+ GET_HALF_BLOCK(right, ip);
+ cipherl = left;
+ cipherr = right;
+
+ /*
+ * Decrypt this.
+ */
+ DES_DO_DECRYPT(left, right, kp);
+
+ /*
+ * Xor with the old cipher to get plain
+ * text. Output 8 or less bytes of this.
+ */
+ left ^= ocipherl;
+ right ^= ocipherr;
+
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
+
+ /*
+ * Save current cipher block here
+ */
+ ocipherl = cipherl;
+ ocipherr = cipherr;
+
+ krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
}
if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
+ memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/f_cbc.c
*
#undef mit_des_cbc_encrypt
int
mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc)
+ unsigned long length, const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec, int enc)
{
/*
* Deal with encryption and decryption separately.
*/
if (enc)
- krb5int_des_cbc_encrypt(in, out, length, schedule, ivec);
+ krb5int_des_cbc_encrypt(in, out, length, schedule, ivec);
else
- krb5int_des_cbc_decrypt(in, out, length, schedule, ivec);
+ krb5int_des_cbc_decrypt(in, out, length, schedule, ivec);
return 0;
}
void
krb5int_des_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec)
{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
+ unsigned DES_INT32 left, right;
+ const unsigned DES_INT32 *kp;
+ const unsigned char *ip;
+ unsigned char *op;
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
+ /*
+ * Get key pointer here. This won't need to be reinitialized
+ */
+ kp = (const unsigned DES_INT32 *)schedule;
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
+ /*
+ * Initialize left and right with the contents of the initial
+ * vector.
+ */
+ ip = ivec;
+ GET_HALF_BLOCK(left, ip);
+ GET_HALF_BLOCK(right, ip);
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = *in;
- op = *out;
- while (length > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (length >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- length -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) length;
- switch(length) {
- case 7:
- right ^= (*(--ip) & FF_UINT32) << 8;
- case 6:
- right ^= (*(--ip) & FF_UINT32) << 16;
- case 5:
- right ^= (*(--ip) & FF_UINT32) << 24;
- case 4:
- left ^= *(--ip) & FF_UINT32;
- case 3:
- left ^= (*(--ip) & FF_UINT32) << 8;
- case 2:
- left ^= (*(--ip) & FF_UINT32) << 16;
- case 1:
- left ^= (*(--ip) & FF_UINT32) << 24;
- break;
- }
- length = 0;
- }
+ /*
+ * Suitably initialized, now work the length down 8 bytes
+ * at a time.
+ */
+ ip = *in;
+ op = *out;
+ while (length > 0) {
+ /*
+ * Get more input, xor it in. If the length is
+ * greater than or equal to 8 this is straight
+ * forward. Otherwise we have to fart around.
+ */
+ if (length >= 8) {
+ unsigned DES_INT32 temp;
+ GET_HALF_BLOCK(temp, ip);
+ left ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ right ^= temp;
+ length -= 8;
+ } else {
+ /*
+ * Oh, shoot. We need to pad the
+ * end with zeroes. Work backwards
+ * to do this.
+ */
+ ip += (int) length;
+ switch(length) {
+ case 7:
+ right ^= (*(--ip) & FF_UINT32) << 8;
+ case 6:
+ right ^= (*(--ip) & FF_UINT32) << 16;
+ case 5:
+ right ^= (*(--ip) & FF_UINT32) << 24;
+ case 4:
+ left ^= *(--ip) & FF_UINT32;
+ case 3:
+ left ^= (*(--ip) & FF_UINT32) << 8;
+ case 2:
+ left ^= (*(--ip) & FF_UINT32) << 16;
+ case 1:
+ left ^= (*(--ip) & FF_UINT32) << 24;
+ break;
+ }
+ length = 0;
+ }
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp);
+ /*
+ * Encrypt what we have
+ */
+ DES_DO_ENCRYPT(left, right, kp);
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- }
+ /*
+ * Copy the results out
+ */
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
+ }
}
void
krb5int_des_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec)
{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
+ unsigned DES_INT32 left, right;
+ const unsigned DES_INT32 *kp;
+ const unsigned char *ip;
+ unsigned char *op;
+ unsigned DES_INT32 ocipherl, ocipherr;
+ unsigned DES_INT32 cipherl, cipherr;
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
+ /*
+ * Get key pointer here. This won't need to be reinitialized
+ */
+ kp = (const unsigned DES_INT32 *)schedule;
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
+ /*
+ * Decrypting is harder than encrypting because of
+ * the necessity of remembering a lot more things.
+ * Should think about this a little more...
+ */
- if (length <= 0)
- return;
+ if (length <= 0)
+ return;
- /*
- * Prime the old cipher with ivec.
- */
- ip = ivec;
- GET_HALF_BLOCK(ocipherl, ip);
- GET_HALF_BLOCK(ocipherr, ip);
+ /*
+ * Prime the old cipher with ivec.
+ */
+ ip = ivec;
+ GET_HALF_BLOCK(ocipherl, ip);
+ GET_HALF_BLOCK(ocipherr, ip);
- /*
- * Now do this in earnest until we run out of length.
- */
- ip = *in;
- op = *out;
- for (;;) { /* check done inside loop */
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
+ /*
+ * Now do this in earnest until we run out of length.
+ */
+ ip = *in;
+ op = *out;
+ for (;;) { /* check done inside loop */
+ /*
+ * Read a block from the input into left and
+ * right. Save this cipher block for later.
+ */
+ GET_HALF_BLOCK(left, ip);
+ GET_HALF_BLOCK(right, ip);
+ cipherl = left;
+ cipherr = right;
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp);
+ /*
+ * Decrypt this.
+ */
+ DES_DO_DECRYPT(left, right, kp);
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
- if (length > 8) {
- length -= 8;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
- } else {
- /*
- * Trouble here. Start at end of output,
- * work backwards.
- */
- op += (int) length;
- switch(length) {
- case 8:
- *(--op) = (unsigned char) (right & 0xff);
- case 7:
- *(--op) = (unsigned char) ((right >> 8) & 0xff);
- case 6:
- *(--op) = (unsigned char) ((right >> 16) & 0xff);
- case 5:
- *(--op) = (unsigned char) ((right >> 24) & 0xff);
- case 4:
- *(--op) = (unsigned char) (left & 0xff);
- case 3:
- *(--op) = (unsigned char) ((left >> 8) & 0xff);
- case 2:
- *(--op) = (unsigned char) ((left >> 16) & 0xff);
- case 1:
- *(--op) = (unsigned char) ((left >> 24) & 0xff);
- break;
- }
- break; /* we're done */
- }
- }
+ /*
+ * Xor with the old cipher to get plain
+ * text. Output 8 or less bytes of this.
+ */
+ left ^= ocipherl;
+ right ^= ocipherr;
+ if (length > 8) {
+ length -= 8;
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
+ /*
+ * Save current cipher block here
+ */
+ ocipherl = cipherl;
+ ocipherr = cipherr;
+ } else {
+ /*
+ * Trouble here. Start at end of output,
+ * work backwards.
+ */
+ op += (int) length;
+ switch(length) {
+ case 8:
+ *(--op) = (unsigned char) (right & 0xff);
+ case 7:
+ *(--op) = (unsigned char) ((right >> 8) & 0xff);
+ case 6:
+ *(--op) = (unsigned char) ((right >> 16) & 0xff);
+ case 5:
+ *(--op) = (unsigned char) ((right >> 24) & 0xff);
+ case 4:
+ *(--op) = (unsigned char) (left & 0xff);
+ case 3:
+ *(--op) = (unsigned char) ((left >> 8) & 0xff);
+ case 2:
+ *(--op) = (unsigned char) ((left >> 16) & 0xff);
+ case 1:
+ *(--op) = (unsigned char) ((left >> 24) & 0xff);
+ break;
+ }
+ break; /* we're done */
+ }
+ }
}
#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
- unsigned DES_INT32 *right,
- const unsigned DES_INT32 *kp)
+ unsigned DES_INT32 *right,
+ const unsigned DES_INT32 *kp)
{
DES_DO_ENCRYPT_1 (*left, *right, kp);
}
void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
- unsigned DES_INT32 *right,
- const unsigned DES_INT32 *kp)
+ unsigned DES_INT32 *right,
+ const unsigned DES_INT32 *kp)
{
DES_DO_DECRYPT_1 (*left, *right, kp);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/f_cksum.c
*
unsigned long
mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const krb5_octet *ivec)
+ unsigned long length, const mit_des_key_schedule schedule,
+ const krb5_octet *ivec)
{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- register DES_INT32 len;
+ unsigned DES_INT32 left, right;
+ const unsigned DES_INT32 *kp;
+ const unsigned char *ip;
+ unsigned char *op;
+ register DES_INT32 len;
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
+ /*
+ * Initialize left and right with the contents of the initial
+ * vector.
+ */
+ ip = ivec;
+ GET_HALF_BLOCK(left, ip);
+ GET_HALF_BLOCK(right, ip);
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = in;
- len = length;
- while (len > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (len >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- len -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) len;
- switch(len) {
- case 7:
- right ^= (*(--ip) & FF_UINT32) << 8;
- case 6:
- right ^= (*(--ip) & FF_UINT32) << 16;
- case 5:
- right ^= (*(--ip) & FF_UINT32) << 24;
- case 4:
- left ^= *(--ip) & FF_UINT32;
- case 3:
- left ^= (*(--ip) & FF_UINT32) << 8;
- case 2:
- left ^= (*(--ip) & FF_UINT32) << 16;
- case 1:
- left ^= (*(--ip) & FF_UINT32) << 24;
- break;
- }
- len = 0;
- }
+ /*
+ * Suitably initialized, now work the length down 8 bytes
+ * at a time.
+ */
+ ip = in;
+ len = length;
+ while (len > 0) {
+ /*
+ * Get more input, xor it in. If the length is
+ * greater than or equal to 8 this is straight
+ * forward. Otherwise we have to fart around.
+ */
+ if (len >= 8) {
+ unsigned DES_INT32 temp;
+ GET_HALF_BLOCK(temp, ip);
+ left ^= temp;
+ GET_HALF_BLOCK(temp, ip);
+ right ^= temp;
+ len -= 8;
+ } else {
+ /*
+ * Oh, shoot. We need to pad the
+ * end with zeroes. Work backwards
+ * to do this.
+ */
+ ip += (int) len;
+ switch(len) {
+ case 7:
+ right ^= (*(--ip) & FF_UINT32) << 8;
+ case 6:
+ right ^= (*(--ip) & FF_UINT32) << 16;
+ case 5:
+ right ^= (*(--ip) & FF_UINT32) << 24;
+ case 4:
+ left ^= *(--ip) & FF_UINT32;
+ case 3:
+ left ^= (*(--ip) & FF_UINT32) << 8;
+ case 2:
+ left ^= (*(--ip) & FF_UINT32) << 16;
+ case 1:
+ left ^= (*(--ip) & FF_UINT32) << 24;
+ break;
+ }
+ len = 0;
+ }
- /*
- * Encrypt what we have
- */
- kp = (const unsigned DES_INT32 *)schedule;
- DES_DO_ENCRYPT(left, right, kp);
- }
+ /*
+ * Encrypt what we have
+ */
+ kp = (const unsigned DES_INT32 *)schedule;
+ DES_DO_ENCRYPT(left, right, kp);
+ }
- /*
- * Done. Left and right have the checksum. Put it into
- * the output.
- */
- op = out;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
+ /*
+ * Done. Left and right have the checksum. Put it into
+ * the output.
+ */
+ op = out;
+ PUT_HALF_BLOCK(left, op);
+ PUT_HALF_BLOCK(right, op);
- /*
- * Return right. I'll bet the MIT code returns this
- * inconsistantly (with the low order byte of the checksum
- * not always in the low order byte of the DES_INT32). We won't.
- */
- return right & 0xFFFFFFFFUL;
+ /*
+ * Return right. I'll bet the MIT code returns this
+ * inconsistantly (with the low order byte of the checksum
+ * not always in the low order byte of the DES_INT32). We won't.
+ */
+ return right & 0xFFFFFFFFUL;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* These routines check and fix parity of encryption keys for the DES
* algorithm.
{
unsigned int i;
for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- key[i] &= 0xfe;
- key[i] |= 1^parity_char(key[i]);
- }
+ {
+ key[i] &= 0xfe;
+ key[i] |= 1^parity_char(key[i]);
+ }
return;
}
unsigned int i;
for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- if((key[i] & 1) == parity_char(0xfe&key[i]))
- {
- return 0;
- }
- }
+ {
+ if((key[i] & 1) == parity_char(0xfe&key[i]))
+ {
+ return 0;
+ }
+ }
return(1);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/f_sched.c
*
* part of each key are used to form Ci and Di.
*/
static const unsigned DES_INT32 PC1_CL[8] = {
- 0x00000000, 0x00000010, 0x00001000, 0x00001010,
- 0x00100000, 0x00100010, 0x00101000, 0x00101010
+ 0x00000000, 0x00000010, 0x00001000, 0x00001010,
+ 0x00100000, 0x00100010, 0x00101000, 0x00101010
};
static const unsigned DES_INT32 PC1_DL[16] = {
- 0x00000000, 0x00100000, 0x00001000, 0x00101000,
- 0x00000010, 0x00100010, 0x00001010, 0x00101010,
- 0x00000001, 0x00100001, 0x00001001, 0x00101001,
- 0x00000011, 0x00100011, 0x00001011, 0x00101011
+ 0x00000000, 0x00100000, 0x00001000, 0x00101000,
+ 0x00000010, 0x00100010, 0x00001010, 0x00101010,
+ 0x00000001, 0x00100001, 0x00001001, 0x00101001,
+ 0x00000011, 0x00100011, 0x00001011, 0x00101011
};
static const unsigned DES_INT32 PC1_CR[16] = {
- 0x00000000, 0x00000001, 0x00000100, 0x00000101,
- 0x00010000, 0x00010001, 0x00010100, 0x00010101,
- 0x01000000, 0x01000001, 0x01000100, 0x01000101,
- 0x01010000, 0x01010001, 0x01010100, 0x01010101
+ 0x00000000, 0x00000001, 0x00000100, 0x00000101,
+ 0x00010000, 0x00010001, 0x00010100, 0x00010101,
+ 0x01000000, 0x01000001, 0x01000100, 0x01000101,
+ 0x01010000, 0x01010001, 0x01010100, 0x01010101
};
static const unsigned DES_INT32 PC1_DR[8] = {
- 0x00000000, 0x01000000, 0x00010000, 0x01010000,
- 0x00000100, 0x01000100, 0x00010100, 0x01010100
+ 0x00000000, 0x01000000, 0x00010000, 0x01010000,
+ 0x00000100, 0x01000100, 0x00010100, 0x01010100
};
* two places. This has bits set for the iterations where we do 2 bit
* shifts, starting at the low order bit.
*/
-#define TWO_BIT_SHIFTS 0x7efc
+#define TWO_BIT_SHIFTS 0x7efc
/*
* Permuted choice 2 tables. The first actually produces the low order
* in in the des code.
*/
static const unsigned DES_INT32 PC2_C[4][64] = {
- {
- 0x00000000, 0x00000004, 0x00010000, 0x00010004,
- 0x00000400, 0x00000404, 0x00010400, 0x00010404,
- 0x00000020, 0x00000024, 0x00010020, 0x00010024,
- 0x00000420, 0x00000424, 0x00010420, 0x00010424,
- 0x01000000, 0x01000004, 0x01010000, 0x01010004,
- 0x01000400, 0x01000404, 0x01010400, 0x01010404,
- 0x01000020, 0x01000024, 0x01010020, 0x01010024,
- 0x01000420, 0x01000424, 0x01010420, 0x01010424,
- 0x00020000, 0x00020004, 0x00030000, 0x00030004,
- 0x00020400, 0x00020404, 0x00030400, 0x00030404,
- 0x00020020, 0x00020024, 0x00030020, 0x00030024,
- 0x00020420, 0x00020424, 0x00030420, 0x00030424,
- 0x01020000, 0x01020004, 0x01030000, 0x01030004,
- 0x01020400, 0x01020404, 0x01030400, 0x01030404,
- 0x01020020, 0x01020024, 0x01030020, 0x01030024,
- 0x01020420, 0x01020424, 0x01030420, 0x01030424,
- },
- {
- 0x00000000, 0x02000000, 0x00000800, 0x02000800,
- 0x00080000, 0x02080000, 0x00080800, 0x02080800,
- 0x00000001, 0x02000001, 0x00000801, 0x02000801,
- 0x00080001, 0x02080001, 0x00080801, 0x02080801,
- 0x00000100, 0x02000100, 0x00000900, 0x02000900,
- 0x00080100, 0x02080100, 0x00080900, 0x02080900,
- 0x00000101, 0x02000101, 0x00000901, 0x02000901,
- 0x00080101, 0x02080101, 0x00080901, 0x02080901,
- 0x10000000, 0x12000000, 0x10000800, 0x12000800,
- 0x10080000, 0x12080000, 0x10080800, 0x12080800,
- 0x10000001, 0x12000001, 0x10000801, 0x12000801,
- 0x10080001, 0x12080001, 0x10080801, 0x12080801,
- 0x10000100, 0x12000100, 0x10000900, 0x12000900,
- 0x10080100, 0x12080100, 0x10080900, 0x12080900,
- 0x10000101, 0x12000101, 0x10000901, 0x12000901,
- 0x10080101, 0x12080101, 0x10080901, 0x12080901,
- },
- {
- 0x00000000, 0x00040000, 0x00002000, 0x00042000,
- 0x00100000, 0x00140000, 0x00102000, 0x00142000,
- 0x20000000, 0x20040000, 0x20002000, 0x20042000,
- 0x20100000, 0x20140000, 0x20102000, 0x20142000,
- 0x00000008, 0x00040008, 0x00002008, 0x00042008,
- 0x00100008, 0x00140008, 0x00102008, 0x00142008,
- 0x20000008, 0x20040008, 0x20002008, 0x20042008,
- 0x20100008, 0x20140008, 0x20102008, 0x20142008,
- 0x00200000, 0x00240000, 0x00202000, 0x00242000,
- 0x00300000, 0x00340000, 0x00302000, 0x00342000,
- 0x20200000, 0x20240000, 0x20202000, 0x20242000,
- 0x20300000, 0x20340000, 0x20302000, 0x20342000,
- 0x00200008, 0x00240008, 0x00202008, 0x00242008,
- 0x00300008, 0x00340008, 0x00302008, 0x00342008,
- 0x20200008, 0x20240008, 0x20202008, 0x20242008,
- 0x20300008, 0x20340008, 0x20302008, 0x20342008,
- },
- {
- 0x00000000, 0x00000010, 0x08000000, 0x08000010,
- 0x00000200, 0x00000210, 0x08000200, 0x08000210,
- 0x00000002, 0x00000012, 0x08000002, 0x08000012,
- 0x00000202, 0x00000212, 0x08000202, 0x08000212,
- 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
- 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
- 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
- 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
- 0x00001000, 0x00001010, 0x08001000, 0x08001010,
- 0x00001200, 0x00001210, 0x08001200, 0x08001210,
- 0x00001002, 0x00001012, 0x08001002, 0x08001012,
- 0x00001202, 0x00001212, 0x08001202, 0x08001212,
- 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
- 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
- 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
- 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
- },
+ {
+ 0x00000000, 0x00000004, 0x00010000, 0x00010004,
+ 0x00000400, 0x00000404, 0x00010400, 0x00010404,
+ 0x00000020, 0x00000024, 0x00010020, 0x00010024,
+ 0x00000420, 0x00000424, 0x00010420, 0x00010424,
+ 0x01000000, 0x01000004, 0x01010000, 0x01010004,
+ 0x01000400, 0x01000404, 0x01010400, 0x01010404,
+ 0x01000020, 0x01000024, 0x01010020, 0x01010024,
+ 0x01000420, 0x01000424, 0x01010420, 0x01010424,
+ 0x00020000, 0x00020004, 0x00030000, 0x00030004,
+ 0x00020400, 0x00020404, 0x00030400, 0x00030404,
+ 0x00020020, 0x00020024, 0x00030020, 0x00030024,
+ 0x00020420, 0x00020424, 0x00030420, 0x00030424,
+ 0x01020000, 0x01020004, 0x01030000, 0x01030004,
+ 0x01020400, 0x01020404, 0x01030400, 0x01030404,
+ 0x01020020, 0x01020024, 0x01030020, 0x01030024,
+ 0x01020420, 0x01020424, 0x01030420, 0x01030424,
+ },
+ {
+ 0x00000000, 0x02000000, 0x00000800, 0x02000800,
+ 0x00080000, 0x02080000, 0x00080800, 0x02080800,
+ 0x00000001, 0x02000001, 0x00000801, 0x02000801,
+ 0x00080001, 0x02080001, 0x00080801, 0x02080801,
+ 0x00000100, 0x02000100, 0x00000900, 0x02000900,
+ 0x00080100, 0x02080100, 0x00080900, 0x02080900,
+ 0x00000101, 0x02000101, 0x00000901, 0x02000901,
+ 0x00080101, 0x02080101, 0x00080901, 0x02080901,
+ 0x10000000, 0x12000000, 0x10000800, 0x12000800,
+ 0x10080000, 0x12080000, 0x10080800, 0x12080800,
+ 0x10000001, 0x12000001, 0x10000801, 0x12000801,
+ 0x10080001, 0x12080001, 0x10080801, 0x12080801,
+ 0x10000100, 0x12000100, 0x10000900, 0x12000900,
+ 0x10080100, 0x12080100, 0x10080900, 0x12080900,
+ 0x10000101, 0x12000101, 0x10000901, 0x12000901,
+ 0x10080101, 0x12080101, 0x10080901, 0x12080901,
+ },
+ {
+ 0x00000000, 0x00040000, 0x00002000, 0x00042000,
+ 0x00100000, 0x00140000, 0x00102000, 0x00142000,
+ 0x20000000, 0x20040000, 0x20002000, 0x20042000,
+ 0x20100000, 0x20140000, 0x20102000, 0x20142000,
+ 0x00000008, 0x00040008, 0x00002008, 0x00042008,
+ 0x00100008, 0x00140008, 0x00102008, 0x00142008,
+ 0x20000008, 0x20040008, 0x20002008, 0x20042008,
+ 0x20100008, 0x20140008, 0x20102008, 0x20142008,
+ 0x00200000, 0x00240000, 0x00202000, 0x00242000,
+ 0x00300000, 0x00340000, 0x00302000, 0x00342000,
+ 0x20200000, 0x20240000, 0x20202000, 0x20242000,
+ 0x20300000, 0x20340000, 0x20302000, 0x20342000,
+ 0x00200008, 0x00240008, 0x00202008, 0x00242008,
+ 0x00300008, 0x00340008, 0x00302008, 0x00342008,
+ 0x20200008, 0x20240008, 0x20202008, 0x20242008,
+ 0x20300008, 0x20340008, 0x20302008, 0x20342008,
+ },
+ {
+ 0x00000000, 0x00000010, 0x08000000, 0x08000010,
+ 0x00000200, 0x00000210, 0x08000200, 0x08000210,
+ 0x00000002, 0x00000012, 0x08000002, 0x08000012,
+ 0x00000202, 0x00000212, 0x08000202, 0x08000212,
+ 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
+ 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
+ 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
+ 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
+ 0x00001000, 0x00001010, 0x08001000, 0x08001010,
+ 0x00001200, 0x00001210, 0x08001200, 0x08001210,
+ 0x00001002, 0x00001012, 0x08001002, 0x08001012,
+ 0x00001202, 0x00001212, 0x08001202, 0x08001212,
+ 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
+ 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
+ 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
+ 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
+ },
};
static const unsigned DES_INT32 PC2_D[4][64] = {
- {
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
- 0x00000008, 0x02000008, 0x00020008, 0x02020008,
- 0x00000108, 0x02000108, 0x00020108, 0x02020108,
- 0x00200000, 0x02200000, 0x00220000, 0x02220000,
- 0x00200100, 0x02200100, 0x00220100, 0x02220100,
- 0x00200008, 0x02200008, 0x00220008, 0x02220008,
- 0x00200108, 0x02200108, 0x00220108, 0x02220108,
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
- 0x00000208, 0x02000208, 0x00020208, 0x02020208,
- 0x00000308, 0x02000308, 0x00020308, 0x02020308,
- 0x00200200, 0x02200200, 0x00220200, 0x02220200,
- 0x00200300, 0x02200300, 0x00220300, 0x02220300,
- 0x00200208, 0x02200208, 0x00220208, 0x02220208,
- 0x00200308, 0x02200308, 0x00220308, 0x02220308,
- },
- {
- 0x00000000, 0x00001000, 0x00000020, 0x00001020,
- 0x00100000, 0x00101000, 0x00100020, 0x00101020,
- 0x08000000, 0x08001000, 0x08000020, 0x08001020,
- 0x08100000, 0x08101000, 0x08100020, 0x08101020,
- 0x00000004, 0x00001004, 0x00000024, 0x00001024,
- 0x00100004, 0x00101004, 0x00100024, 0x00101024,
- 0x08000004, 0x08001004, 0x08000024, 0x08001024,
- 0x08100004, 0x08101004, 0x08100024, 0x08101024,
- 0x00000400, 0x00001400, 0x00000420, 0x00001420,
- 0x00100400, 0x00101400, 0x00100420, 0x00101420,
- 0x08000400, 0x08001400, 0x08000420, 0x08001420,
- 0x08100400, 0x08101400, 0x08100420, 0x08101420,
- 0x00000404, 0x00001404, 0x00000424, 0x00001424,
- 0x00100404, 0x00101404, 0x00100424, 0x00101424,
- 0x08000404, 0x08001404, 0x08000424, 0x08001424,
- 0x08100404, 0x08101404, 0x08100424, 0x08101424,
- },
- {
- 0x00000000, 0x10000000, 0x00010000, 0x10010000,
- 0x00000002, 0x10000002, 0x00010002, 0x10010002,
- 0x00002000, 0x10002000, 0x00012000, 0x10012000,
- 0x00002002, 0x10002002, 0x00012002, 0x10012002,
- 0x00040000, 0x10040000, 0x00050000, 0x10050000,
- 0x00040002, 0x10040002, 0x00050002, 0x10050002,
- 0x00042000, 0x10042000, 0x00052000, 0x10052000,
- 0x00042002, 0x10042002, 0x00052002, 0x10052002,
- 0x20000000, 0x30000000, 0x20010000, 0x30010000,
- 0x20000002, 0x30000002, 0x20010002, 0x30010002,
- 0x20002000, 0x30002000, 0x20012000, 0x30012000,
- 0x20002002, 0x30002002, 0x20012002, 0x30012002,
- 0x20040000, 0x30040000, 0x20050000, 0x30050000,
- 0x20040002, 0x30040002, 0x20050002, 0x30050002,
- 0x20042000, 0x30042000, 0x20052000, 0x30052000,
- 0x20042002, 0x30042002, 0x20052002, 0x30052002,
- },
- {
- 0x00000000, 0x04000000, 0x00000001, 0x04000001,
- 0x01000000, 0x05000000, 0x01000001, 0x05000001,
- 0x00000010, 0x04000010, 0x00000011, 0x04000011,
- 0x01000010, 0x05000010, 0x01000011, 0x05000011,
- 0x00080000, 0x04080000, 0x00080001, 0x04080001,
- 0x01080000, 0x05080000, 0x01080001, 0x05080001,
- 0x00080010, 0x04080010, 0x00080011, 0x04080011,
- 0x01080010, 0x05080010, 0x01080011, 0x05080011,
- 0x00000800, 0x04000800, 0x00000801, 0x04000801,
- 0x01000800, 0x05000800, 0x01000801, 0x05000801,
- 0x00000810, 0x04000810, 0x00000811, 0x04000811,
- 0x01000810, 0x05000810, 0x01000811, 0x05000811,
- 0x00080800, 0x04080800, 0x00080801, 0x04080801,
- 0x01080800, 0x05080800, 0x01080801, 0x05080801,
- 0x00080810, 0x04080810, 0x00080811, 0x04080811,
- 0x01080810, 0x05080810, 0x01080811, 0x05080811
- },
+ {
+ 0x00000000, 0x02000000, 0x00020000, 0x02020000,
+ 0x00000100, 0x02000100, 0x00020100, 0x02020100,
+ 0x00000008, 0x02000008, 0x00020008, 0x02020008,
+ 0x00000108, 0x02000108, 0x00020108, 0x02020108,
+ 0x00200000, 0x02200000, 0x00220000, 0x02220000,
+ 0x00200100, 0x02200100, 0x00220100, 0x02220100,
+ 0x00200008, 0x02200008, 0x00220008, 0x02220008,
+ 0x00200108, 0x02200108, 0x00220108, 0x02220108,
+ 0x00000200, 0x02000200, 0x00020200, 0x02020200,
+ 0x00000300, 0x02000300, 0x00020300, 0x02020300,
+ 0x00000208, 0x02000208, 0x00020208, 0x02020208,
+ 0x00000308, 0x02000308, 0x00020308, 0x02020308,
+ 0x00200200, 0x02200200, 0x00220200, 0x02220200,
+ 0x00200300, 0x02200300, 0x00220300, 0x02220300,
+ 0x00200208, 0x02200208, 0x00220208, 0x02220208,
+ 0x00200308, 0x02200308, 0x00220308, 0x02220308,
+ },
+ {
+ 0x00000000, 0x00001000, 0x00000020, 0x00001020,
+ 0x00100000, 0x00101000, 0x00100020, 0x00101020,
+ 0x08000000, 0x08001000, 0x08000020, 0x08001020,
+ 0x08100000, 0x08101000, 0x08100020, 0x08101020,
+ 0x00000004, 0x00001004, 0x00000024, 0x00001024,
+ 0x00100004, 0x00101004, 0x00100024, 0x00101024,
+ 0x08000004, 0x08001004, 0x08000024, 0x08001024,
+ 0x08100004, 0x08101004, 0x08100024, 0x08101024,
+ 0x00000400, 0x00001400, 0x00000420, 0x00001420,
+ 0x00100400, 0x00101400, 0x00100420, 0x00101420,
+ 0x08000400, 0x08001400, 0x08000420, 0x08001420,
+ 0x08100400, 0x08101400, 0x08100420, 0x08101420,
+ 0x00000404, 0x00001404, 0x00000424, 0x00001424,
+ 0x00100404, 0x00101404, 0x00100424, 0x00101424,
+ 0x08000404, 0x08001404, 0x08000424, 0x08001424,
+ 0x08100404, 0x08101404, 0x08100424, 0x08101424,
+ },
+ {
+ 0x00000000, 0x10000000, 0x00010000, 0x10010000,
+ 0x00000002, 0x10000002, 0x00010002, 0x10010002,
+ 0x00002000, 0x10002000, 0x00012000, 0x10012000,
+ 0x00002002, 0x10002002, 0x00012002, 0x10012002,
+ 0x00040000, 0x10040000, 0x00050000, 0x10050000,
+ 0x00040002, 0x10040002, 0x00050002, 0x10050002,
+ 0x00042000, 0x10042000, 0x00052000, 0x10052000,
+ 0x00042002, 0x10042002, 0x00052002, 0x10052002,
+ 0x20000000, 0x30000000, 0x20010000, 0x30010000,
+ 0x20000002, 0x30000002, 0x20010002, 0x30010002,
+ 0x20002000, 0x30002000, 0x20012000, 0x30012000,
+ 0x20002002, 0x30002002, 0x20012002, 0x30012002,
+ 0x20040000, 0x30040000, 0x20050000, 0x30050000,
+ 0x20040002, 0x30040002, 0x20050002, 0x30050002,
+ 0x20042000, 0x30042000, 0x20052000, 0x30052000,
+ 0x20042002, 0x30042002, 0x20052002, 0x30052002,
+ },
+ {
+ 0x00000000, 0x04000000, 0x00000001, 0x04000001,
+ 0x01000000, 0x05000000, 0x01000001, 0x05000001,
+ 0x00000010, 0x04000010, 0x00000011, 0x04000011,
+ 0x01000010, 0x05000010, 0x01000011, 0x05000011,
+ 0x00080000, 0x04080000, 0x00080001, 0x04080001,
+ 0x01080000, 0x05080000, 0x01080001, 0x05080001,
+ 0x00080010, 0x04080010, 0x00080011, 0x04080011,
+ 0x01080010, 0x05080010, 0x01080011, 0x05080011,
+ 0x00000800, 0x04000800, 0x00000801, 0x04000801,
+ 0x01000800, 0x05000800, 0x01000801, 0x05000801,
+ 0x00000810, 0x04000810, 0x00000811, 0x04000811,
+ 0x01000810, 0x05000810, 0x01000811, 0x05000811,
+ 0x00080800, 0x04080800, 0x00080801, 0x04080801,
+ 0x01080800, 0x05080800, 0x01080801, 0x05080801,
+ 0x00080810, 0x04080810, 0x00080811, 0x04080811,
+ 0x01080810, 0x05080810, 0x01080811, 0x05080811
+ },
};
int
mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
{
- register unsigned DES_INT32 c, d;
+ register unsigned DES_INT32 c, d;
- {
- /*
- * Need a pointer for the keys and a temporary DES_INT32
- */
- const unsigned char *k;
- register unsigned DES_INT32 tmp;
+ {
+ /*
+ * Need a pointer for the keys and a temporary DES_INT32
+ */
+ const unsigned char *k;
+ register unsigned DES_INT32 tmp;
- /*
- * Fetch the key into something we can work with
- */
- k = key;
+ /*
+ * Fetch the key into something we can work with
+ */
+ k = key;
- /*
- * The first permutted choice gives us the 28 bits for C0 and
- * 28 for D0. C0 gets 12 bits from the left key and 16 from
- * the right, while D0 gets 16 from the left and 12 from the
- * right. The code knows which bits go where.
- */
- tmp = load_32_be(k), k += 4;
+ /*
+ * The first permutted choice gives us the 28 bits for C0 and
+ * 28 for D0. C0 gets 12 bits from the left key and 16 from
+ * the right, while D0 gets 16 from the left and 12 from the
+ * right. The code knows which bits go where.
+ */
+ tmp = load_32_be(k), k += 4;
- c = PC1_CL[(tmp >> 29) & 0x7]
- | (PC1_CL[(tmp >> 21) & 0x7] << 1)
- | (PC1_CL[(tmp >> 13) & 0x7] << 2)
- | (PC1_CL[(tmp >> 5) & 0x7] << 3);
- d = PC1_DL[(tmp >> 25) & 0xf]
- | (PC1_DL[(tmp >> 17) & 0xf] << 1)
- | (PC1_DL[(tmp >> 9) & 0xf] << 2)
- | (PC1_DL[(tmp >> 1) & 0xf] << 3);
+ c = PC1_CL[(tmp >> 29) & 0x7]
+ | (PC1_CL[(tmp >> 21) & 0x7] << 1)
+ | (PC1_CL[(tmp >> 13) & 0x7] << 2)
+ | (PC1_CL[(tmp >> 5) & 0x7] << 3);
+ d = PC1_DL[(tmp >> 25) & 0xf]
+ | (PC1_DL[(tmp >> 17) & 0xf] << 1)
+ | (PC1_DL[(tmp >> 9) & 0xf] << 2)
+ | (PC1_DL[(tmp >> 1) & 0xf] << 3);
- tmp = load_32_be(k), k += 4;
+ tmp = load_32_be(k), k += 4;
- c |= PC1_CR[(tmp >> 28) & 0xf]
- | (PC1_CR[(tmp >> 20) & 0xf] << 1)
- | (PC1_CR[(tmp >> 12) & 0xf] << 2)
- | (PC1_CR[(tmp >> 4) & 0xf] << 3);
- d |= PC1_DR[(tmp >> 25) & 0x7]
- | (PC1_DR[(tmp >> 17) & 0x7] << 1)
- | (PC1_DR[(tmp >> 9) & 0x7] << 2)
- | (PC1_DR[(tmp >> 1) & 0x7] << 3);
- }
+ c |= PC1_CR[(tmp >> 28) & 0xf]
+ | (PC1_CR[(tmp >> 20) & 0xf] << 1)
+ | (PC1_CR[(tmp >> 12) & 0xf] << 2)
+ | (PC1_CR[(tmp >> 4) & 0xf] << 3);
+ d |= PC1_DR[(tmp >> 25) & 0x7]
+ | (PC1_DR[(tmp >> 17) & 0x7] << 1)
+ | (PC1_DR[(tmp >> 9) & 0x7] << 2)
+ | (PC1_DR[(tmp >> 1) & 0x7] << 3);
+ }
- {
- /*
- * Need several temporaries in here
- */
- register unsigned DES_INT32 ltmp, rtmp;
- register unsigned DES_INT32 *k;
- register int two_bit_shifts;
- register int i;
- /*
- * Now iterate to compute the key schedule. Note that we
- * record the entire set of subkeys in 6 bit chunks since
- * they are used that way. At 6 bits/char, we need
- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
- * The schedule must be this big.
- */
- k = (unsigned DES_INT32 *)schedule;
- two_bit_shifts = TWO_BIT_SHIFTS;
- for (i = 16; i > 0; i--) {
- /*
- * Do the rotation. One bit and two bit rotations
- * are done separately. Note C and D are 28 bits.
- */
- if (two_bit_shifts & 0x1) {
- c = ((c << 2) & 0xffffffc) | (c >> 26);
- d = ((d << 2) & 0xffffffc) | (d >> 26);
- } else {
- c = ((c << 1) & 0xffffffe) | (c >> 27);
- d = ((d << 1) & 0xffffffe) | (d >> 27);
- }
- two_bit_shifts >>= 1;
+ {
+ /*
+ * Need several temporaries in here
+ */
+ register unsigned DES_INT32 ltmp, rtmp;
+ register unsigned DES_INT32 *k;
+ register int two_bit_shifts;
+ register int i;
+ /*
+ * Now iterate to compute the key schedule. Note that we
+ * record the entire set of subkeys in 6 bit chunks since
+ * they are used that way. At 6 bits/char, we need
+ * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
+ * The schedule must be this big.
+ */
+ k = (unsigned DES_INT32 *)schedule;
+ two_bit_shifts = TWO_BIT_SHIFTS;
+ for (i = 16; i > 0; i--) {
+ /*
+ * Do the rotation. One bit and two bit rotations
+ * are done separately. Note C and D are 28 bits.
+ */
+ if (two_bit_shifts & 0x1) {
+ c = ((c << 2) & 0xffffffc) | (c >> 26);
+ d = ((d << 2) & 0xffffffc) | (d >> 26);
+ } else {
+ c = ((c << 1) & 0xffffffe) | (c >> 27);
+ d = ((d << 1) & 0xffffffe) | (d >> 27);
+ }
+ two_bit_shifts >>= 1;
- /*
- * Apply permutted choice 2 to C to get the first
- * 24 bits worth of keys. Note that bits 9, 18, 22
- * and 25 (using DES numbering) in C are unused. The
- * shift-mask stuff is done to delete these bits from
- * the indices, since this cuts the table size in half.
- *
- * The table is torqued, by the way. If the standard
- * byte order for this (high to low order) is 1234,
- * the table actually gives us 4132.
- */
- ltmp = PC2_C[0][((c >> 22) & 0x3f)]
- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
- /*
- * Apply permutted choice 2 to D to get the other half.
- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
- * actually turns out to be cheaper here.
- *
- * This table is similarly torqued. If the standard
- * byte order is 5678, the table has the bytes permuted
- * to give us 7685.
- */
- rtmp = PC2_D[0][((d >> 22) & 0x3f)]
- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
- | PC2_D[2][((d >> 7) & 0x3f)]
- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
+ /*
+ * Apply permutted choice 2 to C to get the first
+ * 24 bits worth of keys. Note that bits 9, 18, 22
+ * and 25 (using DES numbering) in C are unused. The
+ * shift-mask stuff is done to delete these bits from
+ * the indices, since this cuts the table size in half.
+ *
+ * The table is torqued, by the way. If the standard
+ * byte order for this (high to low order) is 1234,
+ * the table actually gives us 4132.
+ */
+ ltmp = PC2_C[0][((c >> 22) & 0x3f)]
+ | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
+ | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
+ | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
+ /*
+ * Apply permutted choice 2 to D to get the other half.
+ * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
+ * actually turns out to be cheaper here.
+ *
+ * This table is similarly torqued. If the standard
+ * byte order is 5678, the table has the bytes permuted
+ * to give us 7685.
+ */
+ rtmp = PC2_D[0][((d >> 22) & 0x3f)]
+ | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
+ | PC2_D[2][((d >> 7) & 0x3f)]
+ | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
- /*
- * Make up two words of the key schedule, with a
- * byte order which is convenient for the DES
- * inner loop. The high order (first) word will
- * hold bytes 7135 (high to low order) while the
- * second holds bytes 4682.
- */
- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
- }
- }
- return (0);
+ /*
+ * Make up two words of the key schedule, with a
+ * byte order which is convenient for the DES
+ * inner loop. The high order (first) word will
+ * hold bytes 7135 (high to low order) while the
+ * second holds bytes 4682.
+ */
+ *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
+ *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
+ }
+ }
+ return (0);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/f_tables.c
*
*/
const unsigned DES_INT32 des_IP_table[256] = {
- 0x00000000, 0x00000010, 0x00000001, 0x00000011,
- 0x00001000, 0x00001010, 0x00001001, 0x00001011,
- 0x00000100, 0x00000110, 0x00000101, 0x00000111,
- 0x00001100, 0x00001110, 0x00001101, 0x00001111,
- 0x00100000, 0x00100010, 0x00100001, 0x00100011,
- 0x00101000, 0x00101010, 0x00101001, 0x00101011,
- 0x00100100, 0x00100110, 0x00100101, 0x00100111,
- 0x00101100, 0x00101110, 0x00101101, 0x00101111,
- 0x00010000, 0x00010010, 0x00010001, 0x00010011,
- 0x00011000, 0x00011010, 0x00011001, 0x00011011,
- 0x00010100, 0x00010110, 0x00010101, 0x00010111,
- 0x00011100, 0x00011110, 0x00011101, 0x00011111,
- 0x00110000, 0x00110010, 0x00110001, 0x00110011,
- 0x00111000, 0x00111010, 0x00111001, 0x00111011,
- 0x00110100, 0x00110110, 0x00110101, 0x00110111,
- 0x00111100, 0x00111110, 0x00111101, 0x00111111,
- 0x10000000, 0x10000010, 0x10000001, 0x10000011,
- 0x10001000, 0x10001010, 0x10001001, 0x10001011,
- 0x10000100, 0x10000110, 0x10000101, 0x10000111,
- 0x10001100, 0x10001110, 0x10001101, 0x10001111,
- 0x10100000, 0x10100010, 0x10100001, 0x10100011,
- 0x10101000, 0x10101010, 0x10101001, 0x10101011,
- 0x10100100, 0x10100110, 0x10100101, 0x10100111,
- 0x10101100, 0x10101110, 0x10101101, 0x10101111,
- 0x10010000, 0x10010010, 0x10010001, 0x10010011,
- 0x10011000, 0x10011010, 0x10011001, 0x10011011,
- 0x10010100, 0x10010110, 0x10010101, 0x10010111,
- 0x10011100, 0x10011110, 0x10011101, 0x10011111,
- 0x10110000, 0x10110010, 0x10110001, 0x10110011,
- 0x10111000, 0x10111010, 0x10111001, 0x10111011,
- 0x10110100, 0x10110110, 0x10110101, 0x10110111,
- 0x10111100, 0x10111110, 0x10111101, 0x10111111,
- 0x01000000, 0x01000010, 0x01000001, 0x01000011,
- 0x01001000, 0x01001010, 0x01001001, 0x01001011,
- 0x01000100, 0x01000110, 0x01000101, 0x01000111,
- 0x01001100, 0x01001110, 0x01001101, 0x01001111,
- 0x01100000, 0x01100010, 0x01100001, 0x01100011,
- 0x01101000, 0x01101010, 0x01101001, 0x01101011,
- 0x01100100, 0x01100110, 0x01100101, 0x01100111,
- 0x01101100, 0x01101110, 0x01101101, 0x01101111,
- 0x01010000, 0x01010010, 0x01010001, 0x01010011,
- 0x01011000, 0x01011010, 0x01011001, 0x01011011,
- 0x01010100, 0x01010110, 0x01010101, 0x01010111,
- 0x01011100, 0x01011110, 0x01011101, 0x01011111,
- 0x01110000, 0x01110010, 0x01110001, 0x01110011,
- 0x01111000, 0x01111010, 0x01111001, 0x01111011,
- 0x01110100, 0x01110110, 0x01110101, 0x01110111,
- 0x01111100, 0x01111110, 0x01111101, 0x01111111,
- 0x11000000, 0x11000010, 0x11000001, 0x11000011,
- 0x11001000, 0x11001010, 0x11001001, 0x11001011,
- 0x11000100, 0x11000110, 0x11000101, 0x11000111,
- 0x11001100, 0x11001110, 0x11001101, 0x11001111,
- 0x11100000, 0x11100010, 0x11100001, 0x11100011,
- 0x11101000, 0x11101010, 0x11101001, 0x11101011,
- 0x11100100, 0x11100110, 0x11100101, 0x11100111,
- 0x11101100, 0x11101110, 0x11101101, 0x11101111,
- 0x11010000, 0x11010010, 0x11010001, 0x11010011,
- 0x11011000, 0x11011010, 0x11011001, 0x11011011,
- 0x11010100, 0x11010110, 0x11010101, 0x11010111,
- 0x11011100, 0x11011110, 0x11011101, 0x11011111,
- 0x11110000, 0x11110010, 0x11110001, 0x11110011,
- 0x11111000, 0x11111010, 0x11111001, 0x11111011,
- 0x11110100, 0x11110110, 0x11110101, 0x11110111,
- 0x11111100, 0x11111110, 0x11111101, 0x11111111
+ 0x00000000, 0x00000010, 0x00000001, 0x00000011,
+ 0x00001000, 0x00001010, 0x00001001, 0x00001011,
+ 0x00000100, 0x00000110, 0x00000101, 0x00000111,
+ 0x00001100, 0x00001110, 0x00001101, 0x00001111,
+ 0x00100000, 0x00100010, 0x00100001, 0x00100011,
+ 0x00101000, 0x00101010, 0x00101001, 0x00101011,
+ 0x00100100, 0x00100110, 0x00100101, 0x00100111,
+ 0x00101100, 0x00101110, 0x00101101, 0x00101111,
+ 0x00010000, 0x00010010, 0x00010001, 0x00010011,
+ 0x00011000, 0x00011010, 0x00011001, 0x00011011,
+ 0x00010100, 0x00010110, 0x00010101, 0x00010111,
+ 0x00011100, 0x00011110, 0x00011101, 0x00011111,
+ 0x00110000, 0x00110010, 0x00110001, 0x00110011,
+ 0x00111000, 0x00111010, 0x00111001, 0x00111011,
+ 0x00110100, 0x00110110, 0x00110101, 0x00110111,
+ 0x00111100, 0x00111110, 0x00111101, 0x00111111,
+ 0x10000000, 0x10000010, 0x10000001, 0x10000011,
+ 0x10001000, 0x10001010, 0x10001001, 0x10001011,
+ 0x10000100, 0x10000110, 0x10000101, 0x10000111,
+ 0x10001100, 0x10001110, 0x10001101, 0x10001111,
+ 0x10100000, 0x10100010, 0x10100001, 0x10100011,
+ 0x10101000, 0x10101010, 0x10101001, 0x10101011,
+ 0x10100100, 0x10100110, 0x10100101, 0x10100111,
+ 0x10101100, 0x10101110, 0x10101101, 0x10101111,
+ 0x10010000, 0x10010010, 0x10010001, 0x10010011,
+ 0x10011000, 0x10011010, 0x10011001, 0x10011011,
+ 0x10010100, 0x10010110, 0x10010101, 0x10010111,
+ 0x10011100, 0x10011110, 0x10011101, 0x10011111,
+ 0x10110000, 0x10110010, 0x10110001, 0x10110011,
+ 0x10111000, 0x10111010, 0x10111001, 0x10111011,
+ 0x10110100, 0x10110110, 0x10110101, 0x10110111,
+ 0x10111100, 0x10111110, 0x10111101, 0x10111111,
+ 0x01000000, 0x01000010, 0x01000001, 0x01000011,
+ 0x01001000, 0x01001010, 0x01001001, 0x01001011,
+ 0x01000100, 0x01000110, 0x01000101, 0x01000111,
+ 0x01001100, 0x01001110, 0x01001101, 0x01001111,
+ 0x01100000, 0x01100010, 0x01100001, 0x01100011,
+ 0x01101000, 0x01101010, 0x01101001, 0x01101011,
+ 0x01100100, 0x01100110, 0x01100101, 0x01100111,
+ 0x01101100, 0x01101110, 0x01101101, 0x01101111,
+ 0x01010000, 0x01010010, 0x01010001, 0x01010011,
+ 0x01011000, 0x01011010, 0x01011001, 0x01011011,
+ 0x01010100, 0x01010110, 0x01010101, 0x01010111,
+ 0x01011100, 0x01011110, 0x01011101, 0x01011111,
+ 0x01110000, 0x01110010, 0x01110001, 0x01110011,
+ 0x01111000, 0x01111010, 0x01111001, 0x01111011,
+ 0x01110100, 0x01110110, 0x01110101, 0x01110111,
+ 0x01111100, 0x01111110, 0x01111101, 0x01111111,
+ 0x11000000, 0x11000010, 0x11000001, 0x11000011,
+ 0x11001000, 0x11001010, 0x11001001, 0x11001011,
+ 0x11000100, 0x11000110, 0x11000101, 0x11000111,
+ 0x11001100, 0x11001110, 0x11001101, 0x11001111,
+ 0x11100000, 0x11100010, 0x11100001, 0x11100011,
+ 0x11101000, 0x11101010, 0x11101001, 0x11101011,
+ 0x11100100, 0x11100110, 0x11100101, 0x11100111,
+ 0x11101100, 0x11101110, 0x11101101, 0x11101111,
+ 0x11010000, 0x11010010, 0x11010001, 0x11010011,
+ 0x11011000, 0x11011010, 0x11011001, 0x11011011,
+ 0x11010100, 0x11010110, 0x11010101, 0x11010111,
+ 0x11011100, 0x11011110, 0x11011101, 0x11011111,
+ 0x11110000, 0x11110010, 0x11110001, 0x11110011,
+ 0x11111000, 0x11111010, 0x11111001, 0x11111011,
+ 0x11110100, 0x11110110, 0x11110101, 0x11110111,
+ 0x11111100, 0x11111110, 0x11111101, 0x11111111
};
/*
* which is or'd with the result from the low byte.
*/
const unsigned DES_INT32 des_FP_table[256] = {
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
- 0x00000002, 0x02000002, 0x00020002, 0x02020002,
- 0x00000202, 0x02000202, 0x00020202, 0x02020202,
- 0x01000000, 0x03000000, 0x01020000, 0x03020000,
- 0x01000200, 0x03000200, 0x01020200, 0x03020200,
- 0x01000002, 0x03000002, 0x01020002, 0x03020002,
- 0x01000202, 0x03000202, 0x01020202, 0x03020202,
- 0x00010000, 0x02010000, 0x00030000, 0x02030000,
- 0x00010200, 0x02010200, 0x00030200, 0x02030200,
- 0x00010002, 0x02010002, 0x00030002, 0x02030002,
- 0x00010202, 0x02010202, 0x00030202, 0x02030202,
- 0x01010000, 0x03010000, 0x01030000, 0x03030000,
- 0x01010200, 0x03010200, 0x01030200, 0x03030200,
- 0x01010002, 0x03010002, 0x01030002, 0x03030002,
- 0x01010202, 0x03010202, 0x01030202, 0x03030202,
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
- 0x00000102, 0x02000102, 0x00020102, 0x02020102,
- 0x00000302, 0x02000302, 0x00020302, 0x02020302,
- 0x01000100, 0x03000100, 0x01020100, 0x03020100,
- 0x01000300, 0x03000300, 0x01020300, 0x03020300,
- 0x01000102, 0x03000102, 0x01020102, 0x03020102,
- 0x01000302, 0x03000302, 0x01020302, 0x03020302,
- 0x00010100, 0x02010100, 0x00030100, 0x02030100,
- 0x00010300, 0x02010300, 0x00030300, 0x02030300,
- 0x00010102, 0x02010102, 0x00030102, 0x02030102,
- 0x00010302, 0x02010302, 0x00030302, 0x02030302,
- 0x01010100, 0x03010100, 0x01030100, 0x03030100,
- 0x01010300, 0x03010300, 0x01030300, 0x03030300,
- 0x01010102, 0x03010102, 0x01030102, 0x03030102,
- 0x01010302, 0x03010302, 0x01030302, 0x03030302,
- 0x00000001, 0x02000001, 0x00020001, 0x02020001,
- 0x00000201, 0x02000201, 0x00020201, 0x02020201,
- 0x00000003, 0x02000003, 0x00020003, 0x02020003,
- 0x00000203, 0x02000203, 0x00020203, 0x02020203,
- 0x01000001, 0x03000001, 0x01020001, 0x03020001,
- 0x01000201, 0x03000201, 0x01020201, 0x03020201,
- 0x01000003, 0x03000003, 0x01020003, 0x03020003,
- 0x01000203, 0x03000203, 0x01020203, 0x03020203,
- 0x00010001, 0x02010001, 0x00030001, 0x02030001,
- 0x00010201, 0x02010201, 0x00030201, 0x02030201,
- 0x00010003, 0x02010003, 0x00030003, 0x02030003,
- 0x00010203, 0x02010203, 0x00030203, 0x02030203,
- 0x01010001, 0x03010001, 0x01030001, 0x03030001,
- 0x01010201, 0x03010201, 0x01030201, 0x03030201,
- 0x01010003, 0x03010003, 0x01030003, 0x03030003,
- 0x01010203, 0x03010203, 0x01030203, 0x03030203,
- 0x00000101, 0x02000101, 0x00020101, 0x02020101,
- 0x00000301, 0x02000301, 0x00020301, 0x02020301,
- 0x00000103, 0x02000103, 0x00020103, 0x02020103,
- 0x00000303, 0x02000303, 0x00020303, 0x02020303,
- 0x01000101, 0x03000101, 0x01020101, 0x03020101,
- 0x01000301, 0x03000301, 0x01020301, 0x03020301,
- 0x01000103, 0x03000103, 0x01020103, 0x03020103,
- 0x01000303, 0x03000303, 0x01020303, 0x03020303,
- 0x00010101, 0x02010101, 0x00030101, 0x02030101,
- 0x00010301, 0x02010301, 0x00030301, 0x02030301,
- 0x00010103, 0x02010103, 0x00030103, 0x02030103,
- 0x00010303, 0x02010303, 0x00030303, 0x02030303,
- 0x01010101, 0x03010101, 0x01030101, 0x03030101,
- 0x01010301, 0x03010301, 0x01030301, 0x03030301,
- 0x01010103, 0x03010103, 0x01030103, 0x03030103,
- 0x01010303, 0x03010303, 0x01030303, 0x03030303
+ 0x00000000, 0x02000000, 0x00020000, 0x02020000,
+ 0x00000200, 0x02000200, 0x00020200, 0x02020200,
+ 0x00000002, 0x02000002, 0x00020002, 0x02020002,
+ 0x00000202, 0x02000202, 0x00020202, 0x02020202,
+ 0x01000000, 0x03000000, 0x01020000, 0x03020000,
+ 0x01000200, 0x03000200, 0x01020200, 0x03020200,
+ 0x01000002, 0x03000002, 0x01020002, 0x03020002,
+ 0x01000202, 0x03000202, 0x01020202, 0x03020202,
+ 0x00010000, 0x02010000, 0x00030000, 0x02030000,
+ 0x00010200, 0x02010200, 0x00030200, 0x02030200,
+ 0x00010002, 0x02010002, 0x00030002, 0x02030002,
+ 0x00010202, 0x02010202, 0x00030202, 0x02030202,
+ 0x01010000, 0x03010000, 0x01030000, 0x03030000,
+ 0x01010200, 0x03010200, 0x01030200, 0x03030200,
+ 0x01010002, 0x03010002, 0x01030002, 0x03030002,
+ 0x01010202, 0x03010202, 0x01030202, 0x03030202,
+ 0x00000100, 0x02000100, 0x00020100, 0x02020100,
+ 0x00000300, 0x02000300, 0x00020300, 0x02020300,
+ 0x00000102, 0x02000102, 0x00020102, 0x02020102,
+ 0x00000302, 0x02000302, 0x00020302, 0x02020302,
+ 0x01000100, 0x03000100, 0x01020100, 0x03020100,
+ 0x01000300, 0x03000300, 0x01020300, 0x03020300,
+ 0x01000102, 0x03000102, 0x01020102, 0x03020102,
+ 0x01000302, 0x03000302, 0x01020302, 0x03020302,
+ 0x00010100, 0x02010100, 0x00030100, 0x02030100,
+ 0x00010300, 0x02010300, 0x00030300, 0x02030300,
+ 0x00010102, 0x02010102, 0x00030102, 0x02030102,
+ 0x00010302, 0x02010302, 0x00030302, 0x02030302,
+ 0x01010100, 0x03010100, 0x01030100, 0x03030100,
+ 0x01010300, 0x03010300, 0x01030300, 0x03030300,
+ 0x01010102, 0x03010102, 0x01030102, 0x03030102,
+ 0x01010302, 0x03010302, 0x01030302, 0x03030302,
+ 0x00000001, 0x02000001, 0x00020001, 0x02020001,
+ 0x00000201, 0x02000201, 0x00020201, 0x02020201,
+ 0x00000003, 0x02000003, 0x00020003, 0x02020003,
+ 0x00000203, 0x02000203, 0x00020203, 0x02020203,
+ 0x01000001, 0x03000001, 0x01020001, 0x03020001,
+ 0x01000201, 0x03000201, 0x01020201, 0x03020201,
+ 0x01000003, 0x03000003, 0x01020003, 0x03020003,
+ 0x01000203, 0x03000203, 0x01020203, 0x03020203,
+ 0x00010001, 0x02010001, 0x00030001, 0x02030001,
+ 0x00010201, 0x02010201, 0x00030201, 0x02030201,
+ 0x00010003, 0x02010003, 0x00030003, 0x02030003,
+ 0x00010203, 0x02010203, 0x00030203, 0x02030203,
+ 0x01010001, 0x03010001, 0x01030001, 0x03030001,
+ 0x01010201, 0x03010201, 0x01030201, 0x03030201,
+ 0x01010003, 0x03010003, 0x01030003, 0x03030003,
+ 0x01010203, 0x03010203, 0x01030203, 0x03030203,
+ 0x00000101, 0x02000101, 0x00020101, 0x02020101,
+ 0x00000301, 0x02000301, 0x00020301, 0x02020301,
+ 0x00000103, 0x02000103, 0x00020103, 0x02020103,
+ 0x00000303, 0x02000303, 0x00020303, 0x02020303,
+ 0x01000101, 0x03000101, 0x01020101, 0x03020101,
+ 0x01000301, 0x03000301, 0x01020301, 0x03020301,
+ 0x01000103, 0x03000103, 0x01020103, 0x03020103,
+ 0x01000303, 0x03000303, 0x01020303, 0x03020303,
+ 0x00010101, 0x02010101, 0x00030101, 0x02030101,
+ 0x00010301, 0x02010301, 0x00030301, 0x02030301,
+ 0x00010103, 0x02010103, 0x00030103, 0x02030103,
+ 0x00010303, 0x02010303, 0x00030303, 0x02030303,
+ 0x01010101, 0x03010101, 0x01030101, 0x03030101,
+ 0x01010301, 0x03010301, 0x01030301, 0x03030301,
+ 0x01010103, 0x03010103, 0x01030103, 0x03030103,
+ 0x01010303, 0x03010303, 0x01030303, 0x03030303
};
* spec, to match the order of key application we follow.
*/
const unsigned DES_INT32 des_SP_table[8][64] = {
- {
- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
- 0x00000400, 0x02000401, 0x00100401, 0x02100400,
- 0x02100401, 0x00100000, 0x00000000, 0x02000001,
- 0x00000001, 0x02000000, 0x02100001, 0x00000401,
- 0x02000400, 0x00100401, 0x00100001, 0x02000400,
- 0x02000001, 0x02100000, 0x02100400, 0x00100001,
- 0x02100000, 0x00000400, 0x00000401, 0x02100401,
- 0x00100400, 0x00000001, 0x02000000, 0x00100400,
- 0x02000000, 0x00100400, 0x00100000, 0x02000401,
- 0x02000401, 0x02100001, 0x02100001, 0x00000001,
- 0x00100001, 0x02000000, 0x02000400, 0x00100000,
- 0x02100400, 0x00000401, 0x00100401, 0x02100400,
- 0x00000401, 0x02000001, 0x02100401, 0x02100000,
- 0x00100400, 0x00000000, 0x00000001, 0x02100401,
- 0x00000000, 0x00100401, 0x02100000, 0x00000400,
- 0x02000001, 0x02000400, 0x00000400, 0x00100001,
- },
- {
- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
- 0x00808002, 0x00008202, 0x00000002, 0x00008000,
- 0x00000200, 0x00808200, 0x00808202, 0x00000200,
- 0x00800202, 0x00808002, 0x00800000, 0x00000002,
- 0x00000202, 0x00800200, 0x00800200, 0x00008200,
- 0x00008200, 0x00808000, 0x00808000, 0x00800202,
- 0x00008002, 0x00800002, 0x00800002, 0x00008002,
- 0x00000000, 0x00000202, 0x00008202, 0x00800000,
- 0x00008000, 0x00808202, 0x00000002, 0x00808000,
- 0x00808200, 0x00800000, 0x00800000, 0x00000200,
- 0x00808002, 0x00008000, 0x00008200, 0x00800002,
- 0x00000200, 0x00000002, 0x00800202, 0x00008202,
- 0x00808202, 0x00008002, 0x00808000, 0x00800202,
- 0x00800002, 0x00000202, 0x00008202, 0x00808200,
- 0x00000202, 0x00800200, 0x00800200, 0x00000000,
- 0x00008002, 0x00008200, 0x00000000, 0x00808002,
- },
- {
- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
- 0x04000100, 0x00000000, 0x00010104, 0x04000100,
- 0x00010004, 0x04000004, 0x04000004, 0x00010000,
- 0x04010104, 0x00010004, 0x04010000, 0x00000104,
- 0x04000000, 0x00000004, 0x04010100, 0x00000100,
- 0x00010100, 0x04010000, 0x04010004, 0x00010104,
- 0x04000104, 0x00010100, 0x00010000, 0x04000104,
- 0x00000004, 0x04010104, 0x00000100, 0x04000000,
- 0x04010100, 0x04000000, 0x00010004, 0x00000104,
- 0x00010000, 0x04010100, 0x04000100, 0x00000000,
- 0x00000100, 0x00010004, 0x04010104, 0x04000100,
- 0x04000004, 0x00000100, 0x00000000, 0x04010004,
- 0x04000104, 0x00010000, 0x04000000, 0x04010104,
- 0x00000004, 0x00010104, 0x00010100, 0x04000004,
- 0x04010000, 0x04000104, 0x00000104, 0x04010000,
- 0x00010104, 0x00000004, 0x04010004, 0x00010100,
- },
- {
- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
- 0x00040000, 0x00000080, 0x20000000, 0x01040000,
- 0x20040080, 0x00040000, 0x01000080, 0x20040080,
- 0x21000080, 0x21040000, 0x00040080, 0x20000000,
- 0x01000000, 0x20040000, 0x20040000, 0x00000000,
- 0x20000080, 0x21040080, 0x21040080, 0x01000080,
- 0x21040000, 0x20000080, 0x00000000, 0x21000000,
- 0x01040080, 0x01000000, 0x21000000, 0x00040080,
- 0x00040000, 0x21000080, 0x00000080, 0x01000000,
- 0x20000000, 0x01040000, 0x21000080, 0x20040080,
- 0x01000080, 0x20000000, 0x21040000, 0x01040080,
- 0x20040080, 0x00000080, 0x01000000, 0x21040000,
- 0x21040080, 0x00040080, 0x21000000, 0x21040080,
- 0x01040000, 0x00000000, 0x20040000, 0x21000000,
- 0x00040080, 0x01000080, 0x20000080, 0x00040000,
- 0x00000000, 0x20040000, 0x01040080, 0x20000080,
- },
- {
- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
- 0x00401040, 0x80400040, 0x80400000, 0x80001000,
- 0x00000000, 0x00401000, 0x00401000, 0x80401040,
- 0x80000040, 0x00000000, 0x00400040, 0x80400000,
- 0x80000000, 0x00001000, 0x00400000, 0x80401000,
- 0x00000040, 0x00400000, 0x80001000, 0x00001040,
- 0x80400040, 0x80000000, 0x00001040, 0x00400040,
- 0x00001000, 0x00401040, 0x80401040, 0x80000040,
- 0x00400040, 0x80400000, 0x00401000, 0x80401040,
- 0x80000040, 0x00000000, 0x00000000, 0x00401000,
- 0x00001040, 0x00400040, 0x80400040, 0x80000000,
- 0x80401000, 0x80001040, 0x80001040, 0x00000040,
- 0x80401040, 0x80000040, 0x80000000, 0x00001000,
- 0x80400000, 0x80001000, 0x00401040, 0x80400040,
- 0x80001000, 0x00001040, 0x00400000, 0x80401000,
- 0x00000040, 0x00400000, 0x00001000, 0x00401040,
- },
- {
- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
- 0x10200000, 0x00000008, 0x10202008, 0x00200000,
- 0x10002000, 0x00202008, 0x00200000, 0x10000008,
- 0x00200008, 0x10002000, 0x10000000, 0x00002008,
- 0x00000000, 0x00200008, 0x10002008, 0x00002000,
- 0x00202000, 0x10002008, 0x00000008, 0x10200008,
- 0x10200008, 0x00000000, 0x00202008, 0x10202000,
- 0x00002008, 0x00202000, 0x10202000, 0x10000000,
- 0x10002000, 0x00000008, 0x10200008, 0x00202000,
- 0x10202008, 0x00200000, 0x00002008, 0x10000008,
- 0x00200000, 0x10002000, 0x10000000, 0x00002008,
- 0x10000008, 0x10202008, 0x00202000, 0x10200000,
- 0x00202008, 0x10202000, 0x00000000, 0x10200008,
- 0x00000008, 0x00002000, 0x10200000, 0x00202008,
- 0x00002000, 0x00200008, 0x10002008, 0x00000000,
- 0x10202000, 0x10000000, 0x00200008, 0x10002008,
- },
- {
- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
- 0x08000000, 0x08000820, 0x00000020, 0x08000000,
- 0x00020020, 0x08020000, 0x08020820, 0x00020800,
- 0x08020800, 0x00020820, 0x00000800, 0x00000020,
- 0x08020000, 0x08000020, 0x08000800, 0x00000820,
- 0x00020800, 0x00020020, 0x08020020, 0x08020800,
- 0x00000820, 0x00000000, 0x00000000, 0x08020020,
- 0x08000020, 0x08000800, 0x00020820, 0x00020000,
- 0x00020820, 0x00020000, 0x08020800, 0x00000800,
- 0x00000020, 0x08020020, 0x00000800, 0x00020820,
- 0x08000800, 0x00000020, 0x08000020, 0x08020000,
- 0x08020020, 0x08000000, 0x00020000, 0x08000820,
- 0x00000000, 0x08020820, 0x00020020, 0x08000020,
- 0x08020000, 0x08000800, 0x08000820, 0x00000000,
- 0x08020820, 0x00020800, 0x00020800, 0x00000820,
- 0x00000820, 0x00020020, 0x08000000, 0x08020800,
- },
- {
- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
- 0x00080000, 0x00000010, 0x40080010, 0x40004010,
- 0x40000010, 0x40084010, 0x40084000, 0x40000000,
- 0x40004000, 0x00080000, 0x00000010, 0x40080010,
- 0x00084000, 0x00080010, 0x40004010, 0x00000000,
- 0x40000000, 0x00004000, 0x00084010, 0x40080000,
- 0x00080010, 0x40000010, 0x00000000, 0x00084000,
- 0x00004010, 0x40084000, 0x40080000, 0x00004010,
- 0x00000000, 0x00084010, 0x40080010, 0x00080000,
- 0x40004010, 0x40080000, 0x40084000, 0x00004000,
- 0x40080000, 0x40004000, 0x00000010, 0x40084010,
- 0x00084010, 0x00000010, 0x00004000, 0x40000000,
- 0x00004010, 0x40084000, 0x00080000, 0x40000010,
- 0x00080010, 0x40004010, 0x40000010, 0x00080010,
- 0x00084000, 0x00000000, 0x40004000, 0x00004010,
- 0x40000000, 0x40080010, 0x40084010, 0x00084000
- },
+ {
+ 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
+ 0x00000400, 0x02000401, 0x00100401, 0x02100400,
+ 0x02100401, 0x00100000, 0x00000000, 0x02000001,
+ 0x00000001, 0x02000000, 0x02100001, 0x00000401,
+ 0x02000400, 0x00100401, 0x00100001, 0x02000400,
+ 0x02000001, 0x02100000, 0x02100400, 0x00100001,
+ 0x02100000, 0x00000400, 0x00000401, 0x02100401,
+ 0x00100400, 0x00000001, 0x02000000, 0x00100400,
+ 0x02000000, 0x00100400, 0x00100000, 0x02000401,
+ 0x02000401, 0x02100001, 0x02100001, 0x00000001,
+ 0x00100001, 0x02000000, 0x02000400, 0x00100000,
+ 0x02100400, 0x00000401, 0x00100401, 0x02100400,
+ 0x00000401, 0x02000001, 0x02100401, 0x02100000,
+ 0x00100400, 0x00000000, 0x00000001, 0x02100401,
+ 0x00000000, 0x00100401, 0x02100000, 0x00000400,
+ 0x02000001, 0x02000400, 0x00000400, 0x00100001,
+ },
+ {
+ 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
+ 0x00808002, 0x00008202, 0x00000002, 0x00008000,
+ 0x00000200, 0x00808200, 0x00808202, 0x00000200,
+ 0x00800202, 0x00808002, 0x00800000, 0x00000002,
+ 0x00000202, 0x00800200, 0x00800200, 0x00008200,
+ 0x00008200, 0x00808000, 0x00808000, 0x00800202,
+ 0x00008002, 0x00800002, 0x00800002, 0x00008002,
+ 0x00000000, 0x00000202, 0x00008202, 0x00800000,
+ 0x00008000, 0x00808202, 0x00000002, 0x00808000,
+ 0x00808200, 0x00800000, 0x00800000, 0x00000200,
+ 0x00808002, 0x00008000, 0x00008200, 0x00800002,
+ 0x00000200, 0x00000002, 0x00800202, 0x00008202,
+ 0x00808202, 0x00008002, 0x00808000, 0x00800202,
+ 0x00800002, 0x00000202, 0x00008202, 0x00808200,
+ 0x00000202, 0x00800200, 0x00800200, 0x00000000,
+ 0x00008002, 0x00008200, 0x00000000, 0x00808002,
+ },
+ {
+ 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
+ 0x04000100, 0x00000000, 0x00010104, 0x04000100,
+ 0x00010004, 0x04000004, 0x04000004, 0x00010000,
+ 0x04010104, 0x00010004, 0x04010000, 0x00000104,
+ 0x04000000, 0x00000004, 0x04010100, 0x00000100,
+ 0x00010100, 0x04010000, 0x04010004, 0x00010104,
+ 0x04000104, 0x00010100, 0x00010000, 0x04000104,
+ 0x00000004, 0x04010104, 0x00000100, 0x04000000,
+ 0x04010100, 0x04000000, 0x00010004, 0x00000104,
+ 0x00010000, 0x04010100, 0x04000100, 0x00000000,
+ 0x00000100, 0x00010004, 0x04010104, 0x04000100,
+ 0x04000004, 0x00000100, 0x00000000, 0x04010004,
+ 0x04000104, 0x00010000, 0x04000000, 0x04010104,
+ 0x00000004, 0x00010104, 0x00010100, 0x04000004,
+ 0x04010000, 0x04000104, 0x00000104, 0x04010000,
+ 0x00010104, 0x00000004, 0x04010004, 0x00010100,
+ },
+ {
+ 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
+ 0x00040000, 0x00000080, 0x20000000, 0x01040000,
+ 0x20040080, 0x00040000, 0x01000080, 0x20040080,
+ 0x21000080, 0x21040000, 0x00040080, 0x20000000,
+ 0x01000000, 0x20040000, 0x20040000, 0x00000000,
+ 0x20000080, 0x21040080, 0x21040080, 0x01000080,
+ 0x21040000, 0x20000080, 0x00000000, 0x21000000,
+ 0x01040080, 0x01000000, 0x21000000, 0x00040080,
+ 0x00040000, 0x21000080, 0x00000080, 0x01000000,
+ 0x20000000, 0x01040000, 0x21000080, 0x20040080,
+ 0x01000080, 0x20000000, 0x21040000, 0x01040080,
+ 0x20040080, 0x00000080, 0x01000000, 0x21040000,
+ 0x21040080, 0x00040080, 0x21000000, 0x21040080,
+ 0x01040000, 0x00000000, 0x20040000, 0x21000000,
+ 0x00040080, 0x01000080, 0x20000080, 0x00040000,
+ 0x00000000, 0x20040000, 0x01040080, 0x20000080,
+ },
+ {
+ 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
+ 0x00401040, 0x80400040, 0x80400000, 0x80001000,
+ 0x00000000, 0x00401000, 0x00401000, 0x80401040,
+ 0x80000040, 0x00000000, 0x00400040, 0x80400000,
+ 0x80000000, 0x00001000, 0x00400000, 0x80401000,
+ 0x00000040, 0x00400000, 0x80001000, 0x00001040,
+ 0x80400040, 0x80000000, 0x00001040, 0x00400040,
+ 0x00001000, 0x00401040, 0x80401040, 0x80000040,
+ 0x00400040, 0x80400000, 0x00401000, 0x80401040,
+ 0x80000040, 0x00000000, 0x00000000, 0x00401000,
+ 0x00001040, 0x00400040, 0x80400040, 0x80000000,
+ 0x80401000, 0x80001040, 0x80001040, 0x00000040,
+ 0x80401040, 0x80000040, 0x80000000, 0x00001000,
+ 0x80400000, 0x80001000, 0x00401040, 0x80400040,
+ 0x80001000, 0x00001040, 0x00400000, 0x80401000,
+ 0x00000040, 0x00400000, 0x00001000, 0x00401040,
+ },
+ {
+ 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
+ 0x10200000, 0x00000008, 0x10202008, 0x00200000,
+ 0x10002000, 0x00202008, 0x00200000, 0x10000008,
+ 0x00200008, 0x10002000, 0x10000000, 0x00002008,
+ 0x00000000, 0x00200008, 0x10002008, 0x00002000,
+ 0x00202000, 0x10002008, 0x00000008, 0x10200008,
+ 0x10200008, 0x00000000, 0x00202008, 0x10202000,
+ 0x00002008, 0x00202000, 0x10202000, 0x10000000,
+ 0x10002000, 0x00000008, 0x10200008, 0x00202000,
+ 0x10202008, 0x00200000, 0x00002008, 0x10000008,
+ 0x00200000, 0x10002000, 0x10000000, 0x00002008,
+ 0x10000008, 0x10202008, 0x00202000, 0x10200000,
+ 0x00202008, 0x10202000, 0x00000000, 0x10200008,
+ 0x00000008, 0x00002000, 0x10200000, 0x00202008,
+ 0x00002000, 0x00200008, 0x10002008, 0x00000000,
+ 0x10202000, 0x10000000, 0x00200008, 0x10002008,
+ },
+ {
+ 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
+ 0x08000000, 0x08000820, 0x00000020, 0x08000000,
+ 0x00020020, 0x08020000, 0x08020820, 0x00020800,
+ 0x08020800, 0x00020820, 0x00000800, 0x00000020,
+ 0x08020000, 0x08000020, 0x08000800, 0x00000820,
+ 0x00020800, 0x00020020, 0x08020020, 0x08020800,
+ 0x00000820, 0x00000000, 0x00000000, 0x08020020,
+ 0x08000020, 0x08000800, 0x00020820, 0x00020000,
+ 0x00020820, 0x00020000, 0x08020800, 0x00000800,
+ 0x00000020, 0x08020020, 0x00000800, 0x00020820,
+ 0x08000800, 0x00000020, 0x08000020, 0x08020000,
+ 0x08020020, 0x08000000, 0x00020000, 0x08000820,
+ 0x00000000, 0x08020820, 0x00020020, 0x08000020,
+ 0x08020000, 0x08000800, 0x08000820, 0x00000000,
+ 0x08020820, 0x00020800, 0x00020800, 0x00000820,
+ 0x00000820, 0x00020020, 0x08000000, 0x08020800,
+ },
+ {
+ 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
+ 0x00080000, 0x00000010, 0x40080010, 0x40004010,
+ 0x40000010, 0x40084010, 0x40084000, 0x40000000,
+ 0x40004000, 0x00080000, 0x00000010, 0x40080010,
+ 0x00084000, 0x00080010, 0x40004010, 0x00000000,
+ 0x40000000, 0x00004000, 0x00084010, 0x40080000,
+ 0x00080010, 0x40000010, 0x00000000, 0x00084000,
+ 0x00004010, 0x40084000, 0x40080000, 0x00004010,
+ 0x00000000, 0x00084010, 0x40080010, 0x00080000,
+ 0x40004010, 0x40080000, 0x40084000, 0x00004000,
+ 0x40080000, 0x40004000, 0x00000010, 0x40084010,
+ 0x00084010, 0x00000010, 0x00004000, 0x40000000,
+ 0x00004010, 0x40084000, 0x00080000, 0x40000010,
+ 0x00080010, 0x40004010, 0x40000010, 0x00080010,
+ 0x00084000, 0x00000000, 0x40004000, 0x00004010,
+ 0x40000000, 0x40080010, 0x40084010, 0x00084000
+ },
};
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/f_tables.h
*
/*
* des_tables.h - declarations to import the DES tables, used internally
- * by some of the library routines.
+ * by some of the library routines.
*/
-#ifndef __DES_TABLES_H__
-#define __DES_TABLES_H__ /* nothing */
+#ifndef __DES_TABLES_H__
+#define __DES_TABLES_H__ /* nothing */
#include "k5-platform.h"
/*
/*
* Use standard shortforms to reference these to save typing
*/
-#define IP des_IP_table
-#define FP des_FP_table
-#define SP des_SP_table
+#define IP des_IP_table
+#define FP des_FP_table
+#define SP des_SP_table
#ifdef DEBUG
-#define DEB(foofraw) printf foofraw
+#define DEB(foofraw) printf foofraw
#else
-#define DEB(foofraw) /* nothing */
+#define DEB(foofraw) /* nothing */
#endif
/*
*
* When using this, the inner loop of the DES function might look like:
*
- * for (i = 0; i < 8; i++) {
- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
- * }
+ * for (i = 0; i < 8; i++) {
+ * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
+ * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
+ * }
*
* Note the trick above. You are supposed to do 16 rounds, swapping
* left and right at the end of each round. By doing two rounds at
* a time and swapping left and right in the code we can avoid the
* swaps altogether.
*/
-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
- (left) ^= SP[0][((temp) >> 24) & 0x3f] \
- | SP[1][((temp) >> 16) & 0x3f] \
- | SP[2][((temp) >> 8) & 0x3f] \
- | SP[3][((temp) ) & 0x3f]; \
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
- (left) ^= SP[4][((temp) >> 24) & 0x3f] \
- | SP[5][((temp) >> 16) & 0x3f] \
- | SP[6][((temp) >> 8) & 0x3f] \
- | SP[7][((temp) ) & 0x3f]
+#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \
+ (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
+ (left) ^= SP[0][((temp) >> 24) & 0x3f] \
+ | SP[1][((temp) >> 16) & 0x3f] \
+ | SP[2][((temp) >> 8) & 0x3f] \
+ | SP[3][((temp) ) & 0x3f]; \
+ (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
+ (left) ^= SP[4][((temp) >> 24) & 0x3f] \
+ | SP[5][((temp) >> 16) & 0x3f] \
+ | SP[6][((temp) >> 8) & 0x3f] \
+ | SP[7][((temp) ) & 0x3f]
-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
- (left) ^= SP[7][((temp) ) & 0x3f] \
- | SP[6][((temp) >> 8) & 0x3f] \
- | SP[5][((temp) >> 16) & 0x3f] \
- | SP[4][((temp) >> 24) & 0x3f]; \
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
- (left) ^= SP[3][((temp) ) & 0x3f] \
- | SP[2][((temp) >> 8) & 0x3f] \
- | SP[1][((temp) >> 16) & 0x3f] \
- | SP[0][((temp) >> 24) & 0x3f]
+#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \
+ (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
+ (left) ^= SP[7][((temp) ) & 0x3f] \
+ | SP[6][((temp) >> 8) & 0x3f] \
+ | SP[5][((temp) >> 16) & 0x3f] \
+ | SP[4][((temp) >> 24) & 0x3f]; \
+ (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
+ (left) ^= SP[3][((temp) ) & 0x3f] \
+ | SP[2][((temp) >> 8) & 0x3f] \
+ | SP[1][((temp) >> 16) & 0x3f] \
+ | SP[0][((temp) >> 24) & 0x3f]
/*
* Macros to help deal with the initial permutation table. Note
* the Macintosh MPW 3.2 C compiler which loses the unsignedness and
* propagates the high-order bit in the shift.
*/
-#define DES_IP_LEFT_BITS(left, right) \
- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
-#define DES_IP_RIGHT_BITS(left, right) \
- (((left) & 0xaaaaaaaa) | \
- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
+#define DES_IP_LEFT_BITS(left, right) \
+ ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
+#define DES_IP_RIGHT_BITS(left, right) \
+ (((left) & 0xaaaaaaaa) | \
+ ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
/*
* The following macro does an in-place initial permutation given
* are dealing with. If you use this, though, try to make left,
* right and temp register unsigned DES_INT32s.
*/
-#define DES_INITIAL_PERM(left, right, temp) \
- (temp) = DES_IP_RIGHT_BITS((left), (right)); \
- (right) = DES_IP_LEFT_BITS((left), (right)); \
- (left) = IP[((right) >> 24) & 0xff] \
- | (IP[((right) >> 16) & 0xff] << 1) \
- | (IP[((right) >> 8) & 0xff] << 2) \
- | (IP[(right) & 0xff] << 3); \
- (right) = IP[((temp) >> 24) & 0xff] \
- | (IP[((temp) >> 16) & 0xff] << 1) \
- | (IP[((temp) >> 8) & 0xff] << 2) \
- | (IP[(temp) & 0xff] << 3)
+#define DES_INITIAL_PERM(left, right, temp) \
+ (temp) = DES_IP_RIGHT_BITS((left), (right)); \
+ (right) = DES_IP_LEFT_BITS((left), (right)); \
+ (left) = IP[((right) >> 24) & 0xff] \
+ | (IP[((right) >> 16) & 0xff] << 1) \
+ | (IP[((right) >> 8) & 0xff] << 2) \
+ | (IP[(right) & 0xff] << 3); \
+ (right) = IP[((temp) >> 24) & 0xff] \
+ | (IP[((temp) >> 16) & 0xff] << 1) \
+ | (IP[((temp) >> 8) & 0xff] << 2) \
+ | (IP[(temp) & 0xff] << 3)
/*
* Now the final permutation stuff. The same comments apply to
* the Macintosh MPW 3.2 C compiler which loses the unsignedness and
* propagates the high-order bit in the shift.
*/
-#define DES_FP_LEFT_BITS(left, right) \
- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
-#define DES_FP_RIGHT_BITS(left, right) \
- (((left) & 0xf0f0f0f0) | \
- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
+#define DES_FP_LEFT_BITS(left, right) \
+ ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
+#define DES_FP_RIGHT_BITS(left, right) \
+ (((left) & 0xf0f0f0f0) | \
+ ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
/*
* swapping internally, which is why left and right are confused
* at the beginning.
*/
-#define DES_FINAL_PERM(left, right, temp) \
- (temp) = DES_FP_RIGHT_BITS((right), (left)); \
- (right) = DES_FP_LEFT_BITS((right), (left)); \
- (left) = (FP[((right) >> 24) & 0xff] << 6) \
- | (FP[((right) >> 16) & 0xff] << 4) \
- | (FP[((right) >> 8) & 0xff] << 2) \
- | FP[(right) & 0xff]; \
- (right) = (FP[((temp) >> 24) & 0xff] << 6) \
- | (FP[((temp) >> 16) & 0xff] << 4) \
- | (FP[((temp) >> 8) & 0xff] << 2) \
- | FP[temp & 0xff]
+#define DES_FINAL_PERM(left, right, temp) \
+ (temp) = DES_FP_RIGHT_BITS((right), (left)); \
+ (right) = DES_FP_LEFT_BITS((right), (left)); \
+ (left) = (FP[((right) >> 24) & 0xff] << 6) \
+ | (FP[((right) >> 16) & 0xff] << 4) \
+ | (FP[((right) >> 8) & 0xff] << 2) \
+ | FP[(right) & 0xff]; \
+ (right) = (FP[((temp) >> 24) & 0xff] << 6) \
+ | (FP[((temp) >> 16) & 0xff] << 4) \
+ | (FP[((temp) >> 8) & 0xff] << 2) \
+ | FP[temp & 0xff]
/*
* at each stage of the encryption, so that by comparing the output to
* a known good machine, the location of the first error can be found.
*/
-#define DES_DO_ENCRYPT_1(left, right, kp) \
- do { \
- register int i; \
- register unsigned DES_INT32 temp1; \
- DEB (("do_encrypt %8lX %8lX \n", left, right)); \
- DES_INITIAL_PERM((left), (right), (temp1)); \
- DEB ((" after IP %8lX %8lX\n", left, right)); \
- for (i = 0; i < 8; i++) { \
- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
- } \
- DES_FINAL_PERM((left), (right), (temp1)); \
- (kp) -= (2 * 16); \
- DEB ((" after FP %8lX %8lX \n", left, right)); \
- } while (0)
+#define DES_DO_ENCRYPT_1(left, right, kp) \
+ do { \
+ register int i; \
+ register unsigned DES_INT32 temp1; \
+ DEB (("do_encrypt %8lX %8lX \n", left, right)); \
+ DES_INITIAL_PERM((left), (right), (temp1)); \
+ DEB ((" after IP %8lX %8lX\n", left, right)); \
+ for (i = 0; i < 8; i++) { \
+ DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
+ DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
+ DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
+ DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
+ } \
+ DES_FINAL_PERM((left), (right), (temp1)); \
+ (kp) -= (2 * 16); \
+ DEB ((" after FP %8lX %8lX \n", left, right)); \
+ } while (0)
-#define DES_DO_DECRYPT_1(left, right, kp) \
- do { \
- register int i; \
- register unsigned DES_INT32 temp2; \
- DES_INITIAL_PERM((left), (right), (temp2)); \
- (kp) += (2 * 16); \
- for (i = 0; i < 8; i++) { \
- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
- } \
- DES_FINAL_PERM((left), (right), (temp2)); \
- } while (0)
+#define DES_DO_DECRYPT_1(left, right, kp) \
+ do { \
+ register int i; \
+ register unsigned DES_INT32 temp2; \
+ DES_INITIAL_PERM((left), (right), (temp2)); \
+ (kp) += (2 * 16); \
+ for (i = 0; i < 8; i++) { \
+ DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
+ DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
+ } \
+ DES_FINAL_PERM((left), (right), (temp2)); \
+ } while (0)
#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
- unsigned DES_INT32 *r,
- const unsigned DES_INT32 *k);
+ unsigned DES_INT32 *r,
+ const unsigned DES_INT32 *k);
extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
- unsigned DES_INT32 *r,
- const unsigned DES_INT32 *k);
+ unsigned DES_INT32 *r,
+ const unsigned DES_INT32 *k);
#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
#else
* These are handy dandy utility thingies for straightening out bytes.
* Included here because they're used a couple of places.
*/
-#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
-#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
+#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
+#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
/* Shorthand that we'll need in several places, for creating values that
really can hold 32 bits regardless of the prevailing int size. */
-#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
+#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
-#endif /* __DES_TABLES_H__ */
+#endif /* __DES_TABLES_H__ */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/key_sched.c
*
{
mit_des_make_key_sched(k,schedule);
- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
- return(-1);
+ if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
+ return(-1);
if (mit_des_is_weak_key(k))
- return(-2);
+ return(-2);
/* if key was good, return 0 */
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/des_s2k.c
*
krb5_error_code
mit_des_string_to_key_int (krb5_keyblock *key,
- const krb5_data *pw, const krb5_data *salt)
+ const krb5_data *pw, const krb5_data *salt)
{
union {
- /* 8 "forward" bytes, 8 "reverse" bytes */
- unsigned char uc[16];
- krb5_ui_4 ui[4];
- mit_des_cblock cb;
+ /* 8 "forward" bytes, 8 "reverse" bytes */
+ unsigned char uc[16];
+ krb5_ui_4 ui[4];
+ mit_des_cblock cb;
} temp;
unsigned int i;
krb5_ui_4 x, y, z;
current algorithm is dependent on having four 8-bit char values
exactly overlay a 32-bit integral type. */
if (sizeof(temp.uc) != sizeof(temp.ui)
- || (unsigned char)~0 != 0xFF
- || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF
- || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4,
- !(temp.ui[0] == 0x01020304
- || temp.ui[0] == 0x04030201)))
- abort();
-#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4]
-#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR
+ || (unsigned char)~0 != 0xFF
+ || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF
+ || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4,
+ !(temp.ui[0] == 0x01020304
+ || temp.ui[0] == 0x04030201)))
+ abort();
+#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4]
+#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR
if (salt
- && (salt->length == SALT_TYPE_AFS_LENGTH
- /* XXX Yuck! Aren't we done with this yet? */
- || salt->length == (unsigned) -1)) {
- krb5_data afssalt;
- char *at;
+ && (salt->length == SALT_TYPE_AFS_LENGTH
+ /* XXX Yuck! Aren't we done with this yet? */
+ || salt->length == (unsigned) -1)) {
+ krb5_data afssalt;
+ char *at;
- afssalt.data = salt->data;
- at = strchr(afssalt.data, '@');
- if (at) {
- *at = 0;
- afssalt.length = at - afssalt.data;
- } else
- afssalt.length = strlen(afssalt.data);
- return mit_afs_string_to_key(key, pw, &afssalt);
+ afssalt.data = salt->data;
+ at = strchr(afssalt.data, '@');
+ if (at) {
+ *at = 0;
+ afssalt.length = at - afssalt.data;
+ } else
+ afssalt.length = strlen(afssalt.data);
+ return mit_afs_string_to_key(key, pw, &afssalt);
}
copylen = pw->length + (salt ? salt->length : 0);
a byte array, not a string. */
copy = malloc(copylen);
if (copy == NULL)
- return ENOMEM;
+ return ENOMEM;
memcpy(copy, pw->data, pw->length);
if (salt)
- memcpy(copy + pw->length, salt->data, salt->length);
+ memcpy(copy + pw->length, salt->data, salt->length);
memset(&temp, 0, sizeof(temp));
p = temp.uc;
forward and reverse sections, and combine them later, rather
than having to do the reversal over and over again. */
for (i = 0; i < copylen; i++) {
- *p++ ^= copy[i];
- if (p == temp.uc+16) {
- p = temp.uc;
+ *p++ ^= copy[i];
+ if (p == temp.uc+16) {
+ p = temp.uc;
#ifdef PRINT_TEST_VECTORS
- {
- int j;
- printf("after %d input bytes:\nforward block:\t", i+1);
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\nreverse block:\t");
- for (j = 8; j < 16; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
+ {
+ int j;
+ printf("after %d input bytes:\nforward block:\t", i+1);
+ for (j = 0; j < 8; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\nreverse block:\t");
+ for (j = 8; j < 16; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\n");
+ }
#endif
- }
+ }
}
#ifdef PRINT_TEST_VECTORS
if (p != temp.uc) {
- int j;
- printf("at end, after %d input bytes:\nforward block:\t", i);
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\nreverse block:\t");
- for (j = 8; j < 16; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
+ int j;
+ printf("at end, after %d input bytes:\nforward block:\t", i);
+ for (j = 0; j < 8; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\nreverse block:\t");
+ for (j = 8; j < 16; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\n");
}
#endif
#if 0
If we could rely on 64-bit math, another 7 ops would save us
from having to do double the work. */
-#define REVERSE_STEP(VAR, SHIFT, MASK) \
+#define REVERSE_STEP(VAR, SHIFT, MASK) \
VAR = ((VAR >> SHIFT) & MASK) | ((VAR << SHIFT) & (0xFFFFFFFFUL & ~MASK))
-#define REVERSE(VAR) \
- REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \
- REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \
- REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \
- REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \
+#define REVERSE(VAR) \
+ REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \
+ REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \
+ REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \
+ REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \
REVERSE_STEP (VAR, 16, 0x0000FFFFUL);
#else /* shorter */
-#define REVERSE(VAR) \
- { \
- krb5_ui_4 old = VAR, temp1 = 0; \
- int j; \
- for (j = 0; j < 32; j++) { \
- temp1 = (temp1 << 1) | (old & 1); \
- old >>= 1; \
- } \
- VAR = temp1; \
+#define REVERSE(VAR) \
+ { \
+ krb5_ui_4 old = VAR, temp1 = 0; \
+ int j; \
+ for (j = 0; j < 32; j++) { \
+ temp1 = (temp1 << 1) | (old & 1); \
+ old >>= 1; \
+ } \
+ VAR = temp1; \
}
#endif
REVERSE (y);
#ifdef PRINT_TEST_VECTORS
{
- int j;
- union { unsigned char uc[4]; krb5_ui_4 ui; } t2;
- printf("after reversal, reversed block:\n\t\t");
- t2.ui = y;
- for (j = 0; j < 4; j++)
- printf(" %02x", t2.uc[j] & 0xff);
- t2.ui = x;
- for (j = 0; j < 4; j++)
- printf(" %02x", t2.uc[j] & 0xff);
- printf("\n");
+ int j;
+ union { unsigned char uc[4]; krb5_ui_4 ui; } t2;
+ printf("after reversal, reversed block:\n\t\t");
+ t2.ui = y;
+ for (j = 0; j < 4; j++)
+ printf(" %02x", t2.uc[j] & 0xff);
+ t2.ui = x;
+ for (j = 0; j < 4; j++)
+ printf(" %02x", t2.uc[j] & 0xff);
+ printf("\n");
}
#endif
/* Ignored bits are now at the bottom of each byte, where we'll
#ifdef PRINT_TEST_VECTORS
{
- int j;
- printf("after reversal, combined block:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
+ int j;
+ printf("after reversal, combined block:\n\t\t");
+ for (j = 0; j < 8; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\n");
}
#endif
-#define FIXUP(K) \
- (mit_des_fixup_key_parity(K), \
+#define FIXUP(K) \
+ (mit_des_fixup_key_parity(K), \
mit_des_is_weak_key(K) ? (K[7] ^= 0xF0) : 0)
/* Now temp.cb is the temporary key, with invalid parity. */
#ifdef PRINT_TEST_VECTORS
{
- int j;
- printf("after fixing parity and weak keys:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
+ int j;
+ printf("after fixing parity and weak keys:\n\t\t");
+ for (j = 0; j < 8; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\n");
}
#endif
#ifdef PRINT_TEST_VECTORS
{
- int j;
- printf("cbc checksum:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
+ int j;
+ printf("cbc checksum:\n\t\t");
+ for (j = 0; j < 8; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\n");
}
#endif
#ifdef PRINT_TEST_VECTORS
{
- int j;
- printf("after fixing parity and weak keys:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
+ int j;
+ printf("after fixing parity and weak keys:\n\t\t");
+ for (j = 0; j < 8; j++)
+ printf(" %02x", temp.uc[j] & 0xff);
+ printf("\n");
}
#endif
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#include "des_int.h"
static const char *me;
struct test_case {
- char *saltstr;
- int saltlen;
- unsigned char keys[12][8];
+ char *saltstr;
+ int saltlen;
+ unsigned char keys[12][8];
};
struct test_case test_cases[] = {
- {
- "Sodium Chloride", -1,
- {
- { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, },
- { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, },
- { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, },
- { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, },
- { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, },
- { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, },
- { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, },
- { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, },
- { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, },
- { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, },
- { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, },
- { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, },
- }
- },
- {
- "NaCl", 4,
- {
- { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
- { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
- { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
- { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
- { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
- { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
- { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
- { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
- { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
- { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
- { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
- { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
- }
- },
- {
- /* This one intentionally supplies a length shorter
- than the string. The point of this is to ensure
- that s[len] is not zero, so that anything actually
- relying on that value (i.e., reading out of bounds)
- should generate incorrect results. */
- "NaCl2", 4,
- {
- { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
- { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
- { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
- { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
- { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
- { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
- { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
- { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
- { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
- { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
- { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
- { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
- }
- },
+ {
+ "Sodium Chloride", -1,
+ {
+ { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, },
+ { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, },
+ { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, },
+ { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, },
+ { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, },
+ { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, },
+ { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, },
+ { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, },
+ { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, },
+ { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, },
+ { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, },
+ { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, },
+ }
+ },
+ {
+ "NaCl", 4,
+ {
+ { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
+ { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
+ { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
+ { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
+ { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
+ { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
+ { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
+ { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
+ { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
+ { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
+ { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
+ { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
+ }
+ },
+ {
+ /* This one intentionally supplies a length shorter
+ than the string. The point of this is to ensure
+ that s[len] is not zero, so that anything actually
+ relying on that value (i.e., reading out of bounds)
+ should generate incorrect results. */
+ "NaCl2", 4,
+ {
+ { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
+ { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
+ { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
+ { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
+ { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
+ { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
+ { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
+ { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
+ { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
+ { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
+ { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
+ { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
+ }
+ },
};
static void do_it (struct test_case *tcase);
int
main (int argc, char *argv[])
{
- int i;
+ int i;
- me = argv[0];
- for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++)
- do_it (&test_cases[i]);
- return 0;
+ me = argv[0];
+ for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++)
+ do_it (&test_cases[i]);
+ return 0;
}
static void
do_it (struct test_case *tcase)
{
- unsigned char keydata[8];
- krb5_data salt, passwd;
- krb5_keyblock key;
- krb5_error_code err;
- int i;
- unsigned char longpass[2048];
+ unsigned char keydata[8];
+ krb5_data salt, passwd;
+ krb5_keyblock key;
+ krb5_error_code err;
+ int i;
+ unsigned char longpass[2048];
- key.contents = keydata;
- key.length = sizeof (keydata);
+ key.contents = keydata;
+ key.length = sizeof (keydata);
- salt.data = tcase->saltstr;
- if (tcase->saltlen == -1)
- salt.length = strlen (tcase->saltstr);
- else
- salt.length = tcase->saltlen;
+ salt.data = tcase->saltstr;
+ if (tcase->saltlen == -1)
+ salt.length = strlen (tcase->saltstr);
+ else
+ salt.length = tcase->saltlen;
- /*
- * Try passwords with lengths equal to, greater than, and less
- * than 8 characters, since the AFS s2k algorithm does
- * interesting stuff depending on the length.
- */
- passwd.data = "My Password";
- for (i = 0; i < 12; i++) {
- passwd.length = i;
- err = mit_afs_string_to_key (&key, &passwd, &salt);
- if (err != 0) {
- com_err (me, err, "");
- exit (1);
- }
- if (memcmp (tcase->keys[i], keydata, 8) != 0)
- abort ();
- }
+ /*
+ * Try passwords with lengths equal to, greater than, and less
+ * than 8 characters, since the AFS s2k algorithm does
+ * interesting stuff depending on the length.
+ */
+ passwd.data = "My Password";
+ for (i = 0; i < 12; i++) {
+ passwd.length = i;
+ err = mit_afs_string_to_key (&key, &passwd, &salt);
+ if (err != 0) {
+ com_err (me, err, "");
+ exit (1);
+ }
+ if (memcmp (tcase->keys[i], keydata, 8) != 0)
+ abort ();
+ }
- /* Run another pass to make sure the characters after the
- password in the buffer aren't influencing the output. The
- password is *not* required to be null-terminated. */
- memset (longpass, '!', sizeof (longpass));
- longpass[sizeof (longpass)-1] = '\0';
- memcpy (longpass, "My Password", strlen ("My Password"));
- passwd.data = (char *) longpass;
- for (i = 0; i < 12; i++) {
- passwd.length = i;
- err = mit_afs_string_to_key (&key, &passwd, &salt);
- if (err != 0) {
- com_err (me, err, "");
- exit (1);
- }
- if (memcmp (tcase->keys[i], keydata, 8) != 0)
- abort ();
- }
+ /* Run another pass to make sure the characters after the
+ password in the buffer aren't influencing the output. The
+ password is *not* required to be null-terminated. */
+ memset (longpass, '!', sizeof (longpass));
+ longpass[sizeof (longpass)-1] = '\0';
+ memcpy (longpass, "My Password", strlen ("My Password"));
+ passwd.data = (char *) longpass;
+ for (i = 0; i < 12; i++) {
+ passwd.length = i;
+ err = mit_afs_string_to_key (&key, &passwd, &salt);
+ if (err != 0) {
+ com_err (me, err, "");
+ exit (1);
+ }
+ if (memcmp (tcase->keys[i], keydata, 8) != 0)
+ abort ();
+ }
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/verify.c
*
* Program to test the correctness of the DES library
* implementation.
*
- * exit returns 0 ==> success
- * -1 ==> error
+ * exit returns 0 ==> success
+ * -1 ==> error
*/
/*
/* Set screen window buffer to infinite size -- MS default is tiny. */
_wsetscreenbuf (fileno (stdout), _WINBUFINF);
#endif
- progname=argv[0]; /* salt away invoking program */
+ progname=argv[0]; /* salt away invoking program */
while (--argc > 0 && (*++argv)[0] == '-')
- for (i=1; argv[0][i] != '\0'; i++) {
- switch (argv[0][i]) {
+ for (i=1; argv[0][i] != '\0'; i++) {
+ switch (argv[0][i]) {
- /* debug flag */
- case 'd':
- mit_des_debug=3;
- continue;
+ /* debug flag */
+ case 'd':
+ mit_des_debug=3;
+ continue;
- case 'z':
- zflag = 1;
- continue;
+ case 'z':
+ zflag = 1;
+ continue;
- case 'm':
- mflag = 1;
- continue;
+ case 'm':
+ mflag = 1;
+ continue;
- default:
- printf("%s: illegal flag \"%c\" ",
- progname,argv[0][i]);
- exit(1);
- }
- };
+ default:
+ printf("%s: illegal flag \"%c\" ",
+ progname,argv[0][i]);
+ exit(1);
+ }
+ };
if (argc) {
- fprintf(stderr, "Usage: %s [-dmz]\n", progname);
- exit(1);
+ fprintf(stderr, "Usage: %s [-dmz]\n", progname);
+ exit(1);
}
/* do some initialisation */
/* ECB zero text zero key */
if (zflag) {
- input = zero_text;
- mit_des_key_sched(zero_key, sched);
- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
- printf("verify: error in zero key test\n");
- exit(-1);
- }
-
- exit(0);
+ input = zero_text;
+ mit_des_key_sched(zero_key, sched);
+ printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
+ do_encrypt(input,cipher_text);
+ printf("\tcipher = (low to high bytes)\n\t\t");
+ for (j = 0; j<=7; j++)
+ printf("%02x ",cipher_text[j]);
+ printf("\n");
+ do_decrypt(output,cipher_text);
+ if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
+ printf("verify: error in zero key test\n");
+ exit(-1);
+ }
+
+ exit(0);
}
if (mflag) {
- input = msb_text;
- mit_des_key_sched(key3, sched);
- printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
- printf("key = 0x80 01 01 01 01 01 01 01\n");
- printf(" cipher = 0xa380e02a6be54696\n");
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++) {
- printf("%02x ",cipher_text[j]);
- }
- printf("\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
- printf("verify: error in msb test\n");
- exit(-1);
- }
- exit(0);
+ input = msb_text;
+ mit_des_key_sched(key3, sched);
+ printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
+ printf("key = 0x80 01 01 01 01 01 01 01\n");
+ printf(" cipher = 0xa380e02a6be54696\n");
+ do_encrypt(input,cipher_text);
+ printf("\tcipher = (low to high bytes)\n\t\t");
+ for (j = 0; j<=7; j++) {
+ printf("%02x ",cipher_text[j]);
+ }
+ printf("\n");
+ do_decrypt(output,cipher_text);
+ if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
+ printf("verify: error in msb test\n");
+ exit(-1);
+ }
+ exit(0);
}
/* ECB mode Davies and Price */
{
- input = zero_text;
- mit_des_key_sched(key2, sched);
- printf("Examples per FIPS publication 81, keys ivs and cipher\n");
- printf("in hex. These are the correct answers, see below for\n");
- printf("the actual answers.\n\n");
- printf("Examples per Davies and Price.\n\n");
- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
- printf("\tclear = 0\n");
- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
- printf("ACTUAL ECB\n");
- printf("\tclear \"%s\"\n", input);
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
- printf("verify: error in ECB encryption\n");
- exit(-1);
- }
- else
- printf("verify: ECB encryption is correct\n\n");
+ input = zero_text;
+ mit_des_key_sched(key2, sched);
+ printf("Examples per FIPS publication 81, keys ivs and cipher\n");
+ printf("in hex. These are the correct answers, see below for\n");
+ printf("the actual answers.\n\n");
+ printf("Examples per Davies and Price.\n\n");
+ printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
+ printf("\tclear = 0\n");
+ printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
+ printf("ACTUAL ECB\n");
+ printf("\tclear \"%s\"\n", input);
+ do_encrypt(input,cipher_text);
+ printf("\tcipher = (low to high bytes)\n\t\t");
+ for (j = 0; j<=7; j++)
+ printf("%02x ",cipher_text[j]);
+ printf("\n\n");
+ do_decrypt(output,cipher_text);
+ if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
+ printf("verify: error in ECB encryption\n");
+ exit(-1);
+ }
+ else
+ printf("verify: ECB encryption is correct\n\n");
}
/* ECB mode */
{
- mit_des_key_sched(default_key, sched);
- input = clear_text;
- ivec = default_ivec;
- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
- printf("\tclear = \"Now is the time for all \"\n");
- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
- printf("ACTUAL ECB\n\tclear \"%s\"",input);
- do_encrypt(input,cipher_text);
- printf("\n\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++) {
- printf("%02x ",cipher_text[j]);
- }
- printf("\n\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
- printf("verify: error in ECB encryption\n");
- exit(-1);
- }
- else
- printf("verify: ECB encryption is correct\n\n");
+ mit_des_key_sched(default_key, sched);
+ input = clear_text;
+ ivec = default_ivec;
+ printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
+ printf("\tclear = \"Now is the time for all \"\n");
+ printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
+ printf("ACTUAL ECB\n\tclear \"%s\"",input);
+ do_encrypt(input,cipher_text);
+ printf("\n\tcipher = (low to high bytes)\n\t\t");
+ for (j = 0; j<=7; j++) {
+ printf("%02x ",cipher_text[j]);
+ }
+ printf("\n\n");
+ do_decrypt(output,cipher_text);
+ if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
+ printf("verify: error in ECB encryption\n");
+ exit(-1);
+ }
+ else
+ printf("verify: ECB encryption is correct\n\n");
}
/* CBC mode */
printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
in_length = strlen((char *)input);
if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
- (mit_des_cblock *) cipher_text,
- (size_t) in_length,
- sched,
- ivec,
- MIT_DES_ENCRYPT))) {
- com_err("des verify", retval, "can't encrypt");
- exit(-1);
+ (mit_des_cblock *) cipher_text,
+ (size_t) in_length,
+ sched,
+ ivec,
+ MIT_DES_ENCRYPT))) {
+ com_err("des verify", retval, "can't encrypt");
+ exit(-1);
}
printf("\tciphertext = (low to high bytes)\n");
for (i = 0; i <= 2; i++) {
- printf("\t\t");
- for (j = 0; j <= 7; j++) {
- printf("%02x ",cipher_text[i*8+j]);
- }
- printf("\n");
+ printf("\t\t");
+ for (j = 0; j <= 7; j++) {
+ printf("%02x ",cipher_text[i*8+j]);
+ }
+ printf("\n");
}
if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
- (mit_des_cblock *) clear_text,
- (size_t) in_length,
- sched,
- ivec,
- MIT_DES_DECRYPT))) {
- com_err("des verify", retval, "can't decrypt");
- exit(-1);
+ (mit_des_cblock *) clear_text,
+ (size_t) in_length,
+ sched,
+ ivec,
+ MIT_DES_DECRYPT))) {
+ com_err("des verify", retval, "can't decrypt");
+ exit(-1);
}
printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
- printf("verify: error in CBC encryption\n");
- exit(-1);
+ printf("verify: error in CBC encryption\n");
+ exit(-1);
}
else
- printf("verify: CBC encryption is correct\n\n");
+ printf("verify: CBC encryption is correct\n\n");
printf("EXAMPLE CBC checksum");
printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
printf("or some part thereof\n");
input = clear_text2;
mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
- sched,ivec);
+ sched,ivec);
printf("ACTUAL CBC checksum\n");
printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
+ printf("%02x ",cipher_text[j]);
printf("\n\n");
if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
- printf("verify: error in CBC cheksum\n");
- exit(-1);
+ printf("verify: error in CBC cheksum\n");
+ exit(-1);
}
else
- printf("verify: CBC checksum is correct\n\n");
+ printf("verify: CBC checksum is correct\n\n");
exit(0);
}
register int old,new,i,j;
/* flips the bit order within each byte from 0 lsb to 0 msb */
for (i = 0; i<=7; i++) {
- old = *array;
- new = 0;
- for (j = 0; j<=7; j++) {
- if (old & 01)
- new = new | 01;
- if (j < 7) {
- old = old >> 1;
- new = new << 1;
- }
- }
- *array = new;
- array++;
+ old = *array;
+ new = 0;
+ for (j = 0; j<=7; j++) {
+ if (old & 01)
+ new = new | 01;
+ if (j < 7) {
+ old = old >> 1;
+ new = new << 1;
+ }
+ }
+ *array = new;
+ array++;
}
}
#endif
{
int i, j;
for (i =1; i<=nflag; i++) {
- mit_des_cbc_encrypt((const mit_des_cblock *)in,
- (mit_des_cblock *)out,
- 8,
- sched,
- zero_text,
- MIT_DES_ENCRYPT);
- if (mit_des_debug) {
- printf("\nclear %s\n",in);
- for (j = 0; j<=7; j++)
- printf("%02X ",in[j] & 0xff);
- printf("\tcipher ");
- for (j = 0; j<=7; j++)
- printf("%02X ",out[j] & 0xff);
- }
+ mit_des_cbc_encrypt((const mit_des_cblock *)in,
+ (mit_des_cblock *)out,
+ 8,
+ sched,
+ zero_text,
+ MIT_DES_ENCRYPT);
+ if (mit_des_debug) {
+ printf("\nclear %s\n",in);
+ for (j = 0; j<=7; j++)
+ printf("%02X ",in[j] & 0xff);
+ printf("\tcipher ");
+ for (j = 0; j<=7; j++)
+ printf("%02X ",out[j] & 0xff);
+ }
}
}
{
int i, j;
for (i =1; i<=nflag; i++) {
- mit_des_cbc_encrypt((const mit_des_cblock *)out,
- (mit_des_cblock *)in,
- 8,
- sched,
- zero_text,
- MIT_DES_DECRYPT);
- if (mit_des_debug) {
- printf("clear %s\n",in);
- for (j = 0; j<=7; j++)
- printf("%02X ",in[j] & 0xff);
- printf("\tcipher ");
- for (j = 0; j<=7; j++)
- printf("%02X ",out[j] & 0xff);
- }
+ mit_des_cbc_encrypt((const mit_des_cblock *)out,
+ (mit_des_cblock *)in,
+ 8,
+ sched,
+ zero_text,
+ MIT_DES_DECRYPT);
+ if (mit_des_debug) {
+ printf("clear %s\n",in);
+ for (j = 0; j<=7; j++)
+ printf("%02X ",in[j] & 0xff);
+ printf("\tcipher ");
+ for (j = 0; j<=7; j++)
+ printf("%02X ",out[j] & 0xff);
+ }
}
}
mit_des_is_weak_key(key)
mit_des_cblock key;
{
- return 0; /* fake it out for testing */
+ return 0; /* fake it out for testing */
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/weak_key.c
*
const mit_des_cblock *weak_p = weak;
for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
- return 1;
+ if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
+ return 1;
}
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/enc_provider/aes.c
*
printf("%s:", descr);
for (i = 0; i < d->length; i += r) {
- printf("\n %04x: ", i);
- for (j = i; j < i + r && j < d->length; j++)
- printf(" %02x", 0xff & d->data[j]);
+ printf("\n %04x: ", i);
+ for (j = i; j < i + r && j < d->length; j++)
+ printf(" %02x", 0xff & d->data[j]);
#ifdef SHOW_TEXT
- for (; j < i + r; j++)
- printf(" ");
- printf(" ");
- for (j = i; j < i + r && j < d->length; j++) {
- int c = 0xff & d->data[j];
- printf("%c", isprint(c) ? c : '.');
- }
+ for (; j < i + r; j++)
+ printf(" ");
+ printf(" ");
+ for (j = i; j < i + r && j < d->length; j++) {
+ int c = 0xff & d->data[j];
+ printf("%c", isprint(c) ? c : '.');
+ }
#endif
}
printf("\n");
static inline void enc(char *out, const char *in, aes_ctx *ctx)
{
if (aes_enc_blk((const unsigned char *)in, (unsigned char *)out, ctx)
- != aes_good)
- abort();
+ != aes_good)
+ abort();
}
static inline void dec(char *out, const char *in, aes_ctx *ctx)
{
if (aes_dec_blk((const unsigned char *)in, (unsigned char *)out, ctx)
- != aes_good)
- abort();
+ != aes_good)
+ abort();
}
static void xorblock(char *out, const char *in)
{
int z;
for (z = 0; z < BLOCK_SIZE; z++)
- out[z] ^= in[z];
+ out[z] ^= in[z];
}
krb5_error_code
krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
aes_ctx ctx;
char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
/* CHECK_SIZES; */
if (aes_enc_key(key->keyblock.contents, key->keyblock.length,
- &ctx) != aes_good)
- abort();
+ &ctx) != aes_good)
+ abort();
if (ivec)
- memcpy(tmp, ivec->data, BLOCK_SIZE);
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
else
- memset(tmp, 0, BLOCK_SIZE);
+ memset(tmp, 0, BLOCK_SIZE);
nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE;
if (nblocks == 1) {
- /* XXX Used for DK function. */
- enc(output->data, input->data, &ctx);
+ /* XXX Used for DK function. */
+ enc(output->data, input->data, &ctx);
} else {
- unsigned int nleft;
-
- for (blockno = 0; blockno < nblocks - 2; blockno++) {
- xorblock(tmp, input->data + blockno * BLOCK_SIZE);
- enc(tmp2, tmp, &ctx);
- memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE);
-
- /* Set up for next block. */
- memcpy(tmp, tmp2, BLOCK_SIZE);
- }
- /* Do final CTS step for last two blocks (the second of which
- may or may not be incomplete). */
- xorblock(tmp, input->data + (nblocks - 2) * BLOCK_SIZE);
- enc(tmp2, tmp, &ctx);
- nleft = input->length - (nblocks - 1) * BLOCK_SIZE;
- memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, nleft);
- memcpy(tmp, tmp2, BLOCK_SIZE);
-
- memset(tmp3, 0, sizeof(tmp3));
- memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, nleft);
- xorblock(tmp, tmp3);
- enc(tmp2, tmp, &ctx);
- memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE);
- if (ivec)
- memcpy(ivec->data, tmp2, BLOCK_SIZE);
+ unsigned int nleft;
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ xorblock(tmp, input->data + blockno * BLOCK_SIZE);
+ enc(tmp2, tmp, &ctx);
+ memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+
+ /* Set up for next block. */
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+ }
+ /* Do final CTS step for last two blocks (the second of which
+ may or may not be incomplete). */
+ xorblock(tmp, input->data + (nblocks - 2) * BLOCK_SIZE);
+ enc(tmp2, tmp, &ctx);
+ nleft = input->length - (nblocks - 1) * BLOCK_SIZE;
+ memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, nleft);
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+
+ memset(tmp3, 0, sizeof(tmp3));
+ memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, nleft);
+ xorblock(tmp, tmp3);
+ enc(tmp2, tmp, &ctx);
+ memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+ if (ivec)
+ memcpy(ivec->data, tmp2, BLOCK_SIZE);
}
return 0;
krb5_error_code
krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
aes_ctx ctx;
char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
CHECK_SIZES;
if (aes_dec_key(key->keyblock.contents, key->keyblock.length,
- &ctx) != aes_good)
- abort();
+ &ctx) != aes_good)
+ abort();
if (ivec)
- memcpy(tmp, ivec->data, BLOCK_SIZE);
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
else
- memset(tmp, 0, BLOCK_SIZE);
+ memset(tmp, 0, BLOCK_SIZE);
nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE;
if (nblocks == 1) {
- if (input->length < BLOCK_SIZE)
- abort();
- dec(output->data, input->data, &ctx);
+ if (input->length < BLOCK_SIZE)
+ abort();
+ dec(output->data, input->data, &ctx);
} else {
- for (blockno = 0; blockno < nblocks - 2; blockno++) {
- dec(tmp2, input->data + blockno * BLOCK_SIZE, &ctx);
- xorblock(tmp2, tmp);
- memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE);
- memcpy(tmp, input->data + blockno * BLOCK_SIZE, BLOCK_SIZE);
- }
- /* Do last two blocks, the second of which (next-to-last block
- of plaintext) may be incomplete. */
- dec(tmp2, input->data + (nblocks - 2) * BLOCK_SIZE, &ctx);
- /* Set tmp3 to last ciphertext block, padded. */
- memset(tmp3, 0, sizeof(tmp3));
- memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE,
- input->length - (nblocks - 1) * BLOCK_SIZE);
- /* Set tmp2 to last (possibly partial) plaintext block, and
- save it. */
- xorblock(tmp2, tmp3);
- memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2,
- input->length - (nblocks - 1) * BLOCK_SIZE);
- /* Maybe keep the trailing part, and copy in the last
- ciphertext block. */
- memcpy(tmp2, tmp3, input->length - (nblocks - 1) * BLOCK_SIZE);
- /* Decrypt, to get next to last plaintext block xor previous
- ciphertext. */
- dec(tmp3, tmp2, &ctx);
- xorblock(tmp3, tmp);
- memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE);
- if (ivec)
- memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE,
- BLOCK_SIZE);
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ dec(tmp2, input->data + blockno * BLOCK_SIZE, &ctx);
+ xorblock(tmp2, tmp);
+ memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+ memcpy(tmp, input->data + blockno * BLOCK_SIZE, BLOCK_SIZE);
+ }
+ /* Do last two blocks, the second of which (next-to-last block
+ of plaintext) may be incomplete. */
+ dec(tmp2, input->data + (nblocks - 2) * BLOCK_SIZE, &ctx);
+ /* Set tmp3 to last ciphertext block, padded. */
+ memset(tmp3, 0, sizeof(tmp3));
+ memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE,
+ input->length - (nblocks - 1) * BLOCK_SIZE);
+ /* Set tmp2 to last (possibly partial) plaintext block, and
+ save it. */
+ xorblock(tmp2, tmp3);
+ memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2,
+ input->length - (nblocks - 1) * BLOCK_SIZE);
+ /* Maybe keep the trailing part, and copy in the last
+ ciphertext block. */
+ memcpy(tmp2, tmp3, input->length - (nblocks - 1) * BLOCK_SIZE);
+ /* Decrypt, to get next to last plaintext block xor previous
+ ciphertext. */
+ dec(tmp3, tmp2, &ctx);
+ xorblock(tmp3, tmp);
+ memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE);
+ if (ivec)
+ memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE,
+ BLOCK_SIZE);
}
return 0;
static krb5_error_code
krb5int_aes_encrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
aes_ctx ctx;
char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE];
size_t input_length, i;
if (aes_enc_key(key->keyblock.contents, key->keyblock.length, &ctx)
- != aes_good)
- abort();
+ != aes_good)
+ abort();
if (ivec != NULL)
- memcpy(tmp, ivec->data, BLOCK_SIZE);
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
else
- memset(tmp, 0, BLOCK_SIZE);
+ memset(tmp, 0, BLOCK_SIZE);
for (i = 0, input_length = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- input_length += iov->data.length;
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
}
nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
assert(nblocks > 1);
{
- char blockN2[BLOCK_SIZE]; /* second last */
- char blockN1[BLOCK_SIZE]; /* last block */
- struct iov_block_state input_pos, output_pos;
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- for (blockno = 0; blockno < nblocks - 2; blockno++) {
- char blockN[BLOCK_SIZE];
-
- krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
- xorblock(tmp, blockN);
- enc(tmp2, tmp, &ctx);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
-
- /* Set up for next block. */
- memcpy(tmp, tmp2, BLOCK_SIZE);
- }
-
- /* Do final CTS step for last two blocks (the second of which
- may or may not be incomplete). */
-
- /* First, get the last two blocks */
- memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
- krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
- krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
-
- /* Encrypt second last block */
- xorblock(tmp, blockN2);
- enc(tmp2, tmp, &ctx);
- memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */
- memcpy(tmp, tmp2, BLOCK_SIZE);
-
- /* Encrypt last block */
- xorblock(tmp, blockN1);
- enc(tmp2, tmp, &ctx);
- memcpy(blockN1, tmp2, BLOCK_SIZE);
-
- /* Put the last two blocks back into the iovec (reverse order) */
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
-
- if (ivec != NULL)
- memcpy(ivec->data, blockN1, BLOCK_SIZE);
+ char blockN2[BLOCK_SIZE]; /* second last */
+ char blockN1[BLOCK_SIZE]; /* last block */
+ struct iov_block_state input_pos, output_pos;
+
+ IOV_BLOCK_STATE_INIT(&input_pos);
+ IOV_BLOCK_STATE_INIT(&output_pos);
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ char blockN[BLOCK_SIZE];
+
+ krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
+ xorblock(tmp, blockN);
+ enc(tmp2, tmp, &ctx);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
+
+ /* Set up for next block. */
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+ }
+
+ /* Do final CTS step for last two blocks (the second of which
+ may or may not be incomplete). */
+
+ /* First, get the last two blocks */
+ memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
+ krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
+ krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
+
+ /* Encrypt second last block */
+ xorblock(tmp, blockN2);
+ enc(tmp2, tmp, &ctx);
+ memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */
+ memcpy(tmp, tmp2, BLOCK_SIZE);
+
+ /* Encrypt last block */
+ xorblock(tmp, blockN1);
+ enc(tmp2, tmp, &ctx);
+ memcpy(blockN1, tmp2, BLOCK_SIZE);
+
+ /* Put the last two blocks back into the iovec (reverse order) */
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
+
+ if (ivec != NULL)
+ memcpy(ivec->data, blockN1, BLOCK_SIZE);
}
return 0;
static krb5_error_code
krb5int_aes_decrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
aes_ctx ctx;
char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE];
CHECK_SIZES;
if (aes_dec_key(key->keyblock.contents, key->keyblock.length,
- &ctx) != aes_good)
- abort();
+ &ctx) != aes_good)
+ abort();
if (ivec != NULL)
- memcpy(tmp, ivec->data, BLOCK_SIZE);
+ memcpy(tmp, ivec->data, BLOCK_SIZE);
else
- memset(tmp, 0, BLOCK_SIZE);
+ memset(tmp, 0, BLOCK_SIZE);
for (i = 0, input_length = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- input_length += iov->data.length;
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
}
nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
assert(nblocks > 1);
{
- char blockN2[BLOCK_SIZE]; /* second last */
- char blockN1[BLOCK_SIZE]; /* last block */
- struct iov_block_state input_pos, output_pos;
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- for (blockno = 0; blockno < nblocks - 2; blockno++) {
- char blockN[BLOCK_SIZE];
-
- krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
- dec(tmp2, blockN, &ctx);
- xorblock(tmp2, tmp);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
- memcpy(tmp, blockN, BLOCK_SIZE);
- }
-
- /* Do last two blocks, the second of which (next-to-last block
- of plaintext) may be incomplete. */
-
- /* First, get the last two encrypted blocks */
- memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
- krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
- krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
-
- if (ivec != NULL)
- memcpy(ivec->data, blockN2, BLOCK_SIZE);
-
- /* Decrypt second last block */
- dec(tmp2, blockN2, &ctx);
- /* Set tmp2 to last (possibly partial) plaintext block, and
- save it. */
- xorblock(tmp2, blockN1);
- memcpy(blockN2, tmp2, BLOCK_SIZE);
-
- /* Maybe keep the trailing part, and copy in the last
- ciphertext block. */
- input_length %= BLOCK_SIZE;
- memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE);
- dec(tmp3, tmp2, &ctx);
- xorblock(tmp3, tmp);
- memcpy(blockN1, tmp3, BLOCK_SIZE);
-
- /* Put the last two blocks back into the iovec */
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
+ char blockN2[BLOCK_SIZE]; /* second last */
+ char blockN1[BLOCK_SIZE]; /* last block */
+ struct iov_block_state input_pos, output_pos;
+
+ IOV_BLOCK_STATE_INIT(&input_pos);
+ IOV_BLOCK_STATE_INIT(&output_pos);
+
+ for (blockno = 0; blockno < nblocks - 2; blockno++) {
+ char blockN[BLOCK_SIZE];
+
+ krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos);
+ dec(tmp2, blockN, &ctx);
+ xorblock(tmp2, tmp);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos);
+ memcpy(tmp, blockN, BLOCK_SIZE);
+ }
+
+ /* Do last two blocks, the second of which (next-to-last block
+ of plaintext) may be incomplete. */
+
+ /* First, get the last two encrypted blocks */
+ memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */
+ krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos);
+ krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos);
+
+ if (ivec != NULL)
+ memcpy(ivec->data, blockN2, BLOCK_SIZE);
+
+ /* Decrypt second last block */
+ dec(tmp2, blockN2, &ctx);
+ /* Set tmp2 to last (possibly partial) plaintext block, and
+ save it. */
+ xorblock(tmp2, blockN1);
+ memcpy(blockN2, tmp2, BLOCK_SIZE);
+
+ /* Maybe keep the trailing part, and copy in the last
+ ciphertext block. */
+ input_length %= BLOCK_SIZE;
+ memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE);
+ dec(tmp3, tmp2, &ctx);
+ xorblock(tmp3, tmp);
+ memcpy(blockN1, tmp3, BLOCK_SIZE);
+
+ /* Put the last two blocks back into the iovec */
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos);
+ krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos);
}
return 0;
static krb5_error_code
krb5int_aes_init_state (const krb5_keyblock *key, krb5_keyusage usage,
- krb5_data *state)
+ krb5_data *state)
{
state->length = 16;
state->data = (void *) malloc(16);
if (state->data == NULL)
- return ENOMEM;
+ return ENOMEM;
memset(state->data, 0, state->length);
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_des_docrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output, int enc)
+ const krb5_data *input, krb5_data *output, int enc)
{
mit_des_key_schedule schedule;
/* key->keyblock.enctype was checked by the caller */
if (key->keyblock.length != 8)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if ((input->length%8) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (input->length != output->length)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
switch (mit_des_key_sched(key->keyblock.contents, schedule)) {
case -1:
- return(KRB5DES_BAD_KEYPAR);
+ return(KRB5DES_BAD_KEYPAR);
case -2:
- return(KRB5DES_WEAK_KEY);
+ return(KRB5DES_WEAK_KEY);
}
/* this has a return value, but the code always returns zero */
mit_des_cbc_encrypt((krb5_pointer) input->data,
- (krb5_pointer) output->data, input->length,
- schedule,
- (ivec
- ? (const unsigned char *) ivec->data
- : (const unsigned char *) mit_des_zeroblock),
- enc);
+ (krb5_pointer) output->data, input->length,
+ schedule,
+ (ivec
+ ? (const unsigned char *) ivec->data
+ : (const unsigned char *) mit_des_zeroblock),
+ enc);
memset(schedule, 0, sizeof(schedule));
static krb5_error_code
k5_des_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
return(k5_des_docrypt(key, ivec, input, output, 1));
}
static krb5_error_code
k5_des_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
return(k5_des_docrypt(key, ivec, input, output, 0));
}
static krb5_error_code
k5_des_docrypt_iov(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data, int enc)
+ krb5_crypto_iov *data, size_t num_data, int enc)
{
mit_des_key_schedule schedule;
size_t input_length = 0;
/* key->keyblock.enctype was checked by the caller */
if (key->keyblock.length != 8)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
for (i = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
+ const krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_DATA_IOV(iov))
- input_length += iov->data.length;
+ if (ENCRYPT_DATA_IOV(iov))
+ input_length += iov->data.length;
}
if ((input_length % 8) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
switch (mit_des_key_sched(key->keyblock.contents, schedule)) {
case -1:
- return(KRB5DES_BAD_KEYPAR);
+ return(KRB5DES_BAD_KEYPAR);
case -2:
- return(KRB5DES_WEAK_KEY);
+ return(KRB5DES_WEAK_KEY);
}
/* this has a return value, but the code always returns zero */
if (enc)
- krb5int_des_cbc_encrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL);
+ krb5int_des_cbc_encrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL);
else
- krb5int_des_cbc_decrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL);
+ krb5int_des_cbc_decrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL);
memset(schedule, 0, sizeof(schedule));
static krb5_error_code
k5_des_encrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
return k5_des_docrypt_iov(key, ivec, data, num_data, 1);
}
static krb5_error_code
k5_des_decrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
return k5_des_docrypt_iov(key, ivec, data, num_data, 0);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
validate_and_schedule(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, const krb5_data *output,
- mit_des3_key_schedule *schedule)
+ const krb5_data *input, const krb5_data *output,
+ mit_des3_key_schedule *schedule)
{
/* key->keyblock.enctype was checked by the caller */
if (key->keyblock.length != 24)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if ((input->length%8) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (input->length != output->length)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
- *schedule)) {
+ *schedule)) {
case -1:
- return(KRB5DES_BAD_KEYPAR);
+ return(KRB5DES_BAD_KEYPAR);
case -2:
- return(KRB5DES_WEAK_KEY);
+ return(KRB5DES_WEAK_KEY);
}
return 0;
}
static krb5_error_code
validate_and_schedule_iov(krb5_key key, const krb5_data *ivec,
- const krb5_crypto_iov *data, size_t num_data,
- mit_des3_key_schedule *schedule)
+ const krb5_crypto_iov *data, size_t num_data,
+ mit_des3_key_schedule *schedule)
{
size_t i, input_length;
for (i = 0, input_length = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
+ const krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- input_length += iov->data.length;
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
}
if (key->keyblock.length != 24)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if ((input_length%8) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
- *schedule)) {
+ *schedule)) {
case -1:
- return(KRB5DES_BAD_KEYPAR);
+ return(KRB5DES_BAD_KEYPAR);
case -2:
- return(KRB5DES_WEAK_KEY);
+ return(KRB5DES_WEAK_KEY);
}
return 0;
}
static krb5_error_code
k5_des3_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
mit_des3_key_schedule schedule;
krb5_error_code err;
err = validate_and_schedule(key, ivec, input, output, &schedule);
if (err)
- return err;
+ return err;
/* this has a return value, but the code always returns zero */
krb5int_des3_cbc_encrypt((krb5_pointer) input->data,
- (krb5_pointer) output->data, input->length,
- schedule[0], schedule[1], schedule[2],
- ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock);
+ (krb5_pointer) output->data, input->length,
+ schedule[0], schedule[1], schedule[2],
+ ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock);
zap(schedule, sizeof(schedule));
static krb5_error_code
k5_des3_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
mit_des3_key_schedule schedule;
krb5_error_code err;
err = validate_and_schedule(key, ivec, input, output, &schedule);
if (err)
- return err;
+ return err;
/* this has a return value, but the code always returns zero */
krb5int_des3_cbc_decrypt((krb5_pointer) input->data,
- (krb5_pointer) output->data, input->length,
- schedule[0], schedule[1], schedule[2],
- ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock);
+ (krb5_pointer) output->data, input->length,
+ schedule[0], schedule[1], schedule[2],
+ ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock);
zap(schedule, sizeof(schedule));
static krb5_error_code
k5_des3_encrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
mit_des3_key_schedule schedule;
krb5_error_code err;
err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule);
if (err)
- return err;
+ return err;
/* this has a return value, but the code always returns zero */
krb5int_des3_cbc_encrypt_iov(data, num_data,
- schedule[0], schedule[1], schedule[2],
- ivec != NULL ? (unsigned char *) ivec->data : NULL);
+ schedule[0], schedule[1], schedule[2],
+ ivec != NULL ? (unsigned char *) ivec->data : NULL);
zap(schedule, sizeof(schedule));
static krb5_error_code
k5_des3_decrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
mit_des3_key_schedule schedule;
krb5_error_code err;
err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule);
if (err)
- return err;
+ return err;
/* this has a return value, but the code always returns zero */
krb5int_des3_cbc_decrypt_iov(data, num_data,
- schedule[0], schedule[1], schedule[2],
- ivec != NULL ? (unsigned char *) ivec->data : NULL);
+ schedule[0], schedule[1], schedule[2],
+ ivec != NULL ? (unsigned char *) ivec->data : NULL);
zap(schedule, sizeof(schedule));
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* arcfour.c
*
* Copyright (c) 2000 by Computer Science Laboratory,
typedef struct
{
- unsigned int x;
- unsigned int y;
- unsigned char state[256];
+ unsigned int x;
+ unsigned int y;
+ unsigned char state[256];
} ArcfourContext;
typedef struct {
- int initialized;
- ArcfourContext ctx;
+ int initialized;
+ ArcfourContext ctx;
} ArcFourCipherState;
/* gets the next byte from the PRNG */
/* Initializes the context and sets the key. */
static krb5_error_code k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key,
- unsigned int keylen);
+ unsigned int keylen);
/* Encrypts/decrypts data. */
static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest,
- const unsigned char *src, unsigned int len);
+ const unsigned char *src, unsigned int len);
/* Interface layer to kerb5 crypto layer */
static krb5_error_code
k5_arcfour_docrypt(krb5_key, const krb5_data *,
- const krb5_data *, krb5_data *);
+ const krb5_data *, krb5_data *);
static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd};
static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc};
static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx)
{
- unsigned int x;
- unsigned int y;
- unsigned int sx, sy;
- unsigned char *state;
+ unsigned int x;
+ unsigned int y;
+ unsigned int sx, sy;
+ unsigned char *state;
- state = ctx->state;
- x = (ctx->x + 1) & 0xff;
- sx = state[x];
- y = (sx + ctx->y) & 0xff;
- sy = state[y];
- ctx->x = x;
- ctx->y = y;
- state[y] = sx;
- state[x] = sy;
- return state[(sx + sy) & 0xff];
+ state = ctx->state;
+ x = (ctx->x + 1) & 0xff;
+ sx = state[x];
+ y = (sx + ctx->y) & 0xff;
+ sy = state[y];
+ ctx->x = x;
+ ctx->y = y;
+ state[y] = sx;
+ state[x] = sy;
+ return state[(sx + sy) & 0xff];
}
static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest,
- const unsigned char *src, unsigned int len)
+ const unsigned char *src, unsigned int len)
{
- unsigned int i;
- for (i = 0; i < len; i++)
- dest[i] = src[i] ^ k5_arcfour_byte(ctx);
+ unsigned int i;
+ for (i = 0; i < len; i++)
+ dest[i] = src[i] ^ k5_arcfour_byte(ctx);
}
static krb5_error_code
k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key,
- unsigned int key_len)
+ unsigned int key_len)
{
- unsigned int t, u;
- unsigned int keyindex;
- unsigned int stateindex;
- unsigned char* state;
- unsigned int counter;
+ unsigned int t, u;
+ unsigned int keyindex;
+ unsigned int stateindex;
+ unsigned char* state;
+ unsigned int counter;
- if (key_len != 16)
- return KRB5_BAD_MSIZE; /*this is probably not the correct error code
- to return */
- for (counter=0;
- counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]);
- counter++)
- if (!memcmp(key, arcfour_weakkeys[counter].data,
- arcfour_weakkeys[counter].length))
- return KRB5DES_WEAK_KEY; /* most certainly not the correct error */
+ if (key_len != 16)
+ return KRB5_BAD_MSIZE; /*this is probably not the correct error code
+ to return */
+ for (counter=0;
+ counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]);
+ counter++)
+ if (!memcmp(key, arcfour_weakkeys[counter].data,
+ arcfour_weakkeys[counter].length))
+ return KRB5DES_WEAK_KEY; /* most certainly not the correct error */
- state = &ctx->state[0];
- ctx->x = 0;
- ctx->y = 0;
- for (counter = 0; counter < 256; counter++)
- state[counter] = counter;
- keyindex = 0;
- stateindex = 0;
- for (counter = 0; counter < 256; counter++)
+ state = &ctx->state[0];
+ ctx->x = 0;
+ ctx->y = 0;
+ for (counter = 0; counter < 256; counter++)
+ state[counter] = counter;
+ keyindex = 0;
+ stateindex = 0;
+ for (counter = 0; counter < 256; counter++)
{
- t = state[counter];
- stateindex = (stateindex + key[keyindex] + t) & 0xff;
- u = state[stateindex];
- state[stateindex] = t;
- state[counter] = u;
- if (++keyindex >= key_len)
- keyindex = 0;
+ t = state[counter];
+ stateindex = (stateindex + key[keyindex] + t) & 0xff;
+ u = state[stateindex];
+ state[stateindex] = t;
+ state[counter] = u;
+ if (++keyindex >= key_len)
+ keyindex = 0;
}
- return 0;
+ return 0;
}
/* The workhorse of the arcfour system, this impliments the cipher */
static krb5_error_code
k5_arcfour_docrypt(krb5_key key, const krb5_data *state,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
- ArcfourContext *arcfour_ctx;
- ArcFourCipherState *cipher_state;
- int ret;
+ ArcfourContext *arcfour_ctx;
+ ArcFourCipherState *cipher_state;
+ int ret;
- if (key->keyblock.length != 16)
- return(KRB5_BAD_KEYSIZE);
- if (state && (state->length != sizeof (ArcFourCipherState)))
- return(KRB5_BAD_MSIZE);
- if (input->length != output->length)
- return(KRB5_BAD_MSIZE);
+ if (key->keyblock.length != 16)
+ return(KRB5_BAD_KEYSIZE);
+ if (state && (state->length != sizeof (ArcFourCipherState)))
+ return(KRB5_BAD_MSIZE);
+ if (input->length != output->length)
+ return(KRB5_BAD_MSIZE);
- if (state) {
- cipher_state = (ArcFourCipherState *) state->data;
- arcfour_ctx=&cipher_state->ctx;
- if (cipher_state->initialized == 0) {
- if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
- key->keyblock.length))) {
- return ret;
- }
- cipher_state->initialized = 1;
+ if (state) {
+ cipher_state = (ArcFourCipherState *) state->data;
+ arcfour_ctx=&cipher_state->ctx;
+ if (cipher_state->initialized == 0) {
+ if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
+ key->keyblock.length))) {
+ return ret;
+ }
+ cipher_state->initialized = 1;
+ }
+ k5_arcfour_crypt(arcfour_ctx, (unsigned char *) output->data, (const unsigned char *) input->data, input->length);
}
- k5_arcfour_crypt(arcfour_ctx, (unsigned char *) output->data, (const unsigned char *) input->data, input->length);
- }
- else {
- arcfour_ctx=malloc(sizeof (ArcfourContext));
- if (arcfour_ctx == NULL)
- return ENOMEM;
- if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
- key->keyblock.length))) {
- free(arcfour_ctx);
- return (ret);
+ else {
+ arcfour_ctx=malloc(sizeof (ArcfourContext));
+ if (arcfour_ctx == NULL)
+ return ENOMEM;
+ if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
+ key->keyblock.length))) {
+ free(arcfour_ctx);
+ return (ret);
+ }
+ k5_arcfour_crypt(arcfour_ctx, (unsigned char * ) output->data,
+ (const unsigned char * ) input->data, input->length);
+ memset(arcfour_ctx, 0, sizeof (ArcfourContext));
+ free(arcfour_ctx);
}
- k5_arcfour_crypt(arcfour_ctx, (unsigned char * ) output->data,
- (const unsigned char * ) input->data, input->length);
- memset(arcfour_ctx, 0, sizeof (ArcfourContext));
- free(arcfour_ctx);
- }
- return 0;
+ return 0;
}
/* In-place encryption */
static krb5_error_code
k5_arcfour_docrypt_iov(krb5_key key,
- const krb5_data *state,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *state,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
ArcfourContext *arcfour_ctx = NULL;
ArcFourCipherState *cipher_state = NULL;
size_t i;
if (key->keyblock.length != 16)
- return KRB5_BAD_KEYSIZE;
+ return KRB5_BAD_KEYSIZE;
if (state != NULL && (state->length != sizeof(ArcFourCipherState)))
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
if (state != NULL) {
- cipher_state = (ArcFourCipherState *)state->data;
- arcfour_ctx = &cipher_state->ctx;
- if (cipher_state->initialized == 0) {
- ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
- key->keyblock.length);
- if (ret != 0)
- return ret;
+ cipher_state = (ArcFourCipherState *)state->data;
+ arcfour_ctx = &cipher_state->ctx;
+ if (cipher_state->initialized == 0) {
+ ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
+ key->keyblock.length);
+ if (ret != 0)
+ return ret;
- cipher_state->initialized = 1;
- }
+ cipher_state->initialized = 1;
+ }
} else {
- arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext));
- if (arcfour_ctx == NULL)
- return ENOMEM;
+ arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext));
+ if (arcfour_ctx == NULL)
+ return ENOMEM;
- ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
- key->keyblock.length);
- if (ret != 0) {
- free(arcfour_ctx);
- return ret;
- }
+ ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents,
+ key->keyblock.length);
+ if (ret != 0) {
+ free(arcfour_ctx);
+ return ret;
+ }
}
for (i = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data,
- (const unsigned char *)iov->data.data, iov->data.length);
+ if (ENCRYPT_IOV(iov))
+ k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data,
+ (const unsigned char *)iov->data.data, iov->data.length);
}
if (state == NULL) {
- memset(arcfour_ctx, 0, sizeof(ArcfourContext));
- free(arcfour_ctx);
+ memset(arcfour_ctx, 0, sizeof(ArcfourContext));
+ free(arcfour_ctx);
}
return 0;
static krb5_error_code
k5_arcfour_init_state (const krb5_keyblock *key,
- krb5_keyusage keyusage, krb5_data *new_state)
+ krb5_keyusage keyusage, krb5_data *new_state)
{
- /* Note that we can't actually set up the state here because the key
- * will change between now and when encrypt is called
- * because it is data dependent. Yeah, this has strange
- * properties. --SDH
- */
- new_state->length = sizeof (ArcFourCipherState);
- new_state->data = malloc (new_state->length);
- if (new_state->data) {
- memset (new_state->data, 0 , new_state->length);
- /* That will set initialized to zero*/
- }else {
- return (ENOMEM);
- }
- return 0;
+ /* Note that we can't actually set up the state here because the key
+ * will change between now and when encrypt is called
+ * because it is data dependent. Yeah, this has strange
+ * properties. --SDH
+ */
+ new_state->length = sizeof (ArcFourCipherState);
+ new_state->data = malloc (new_state->length);
+ if (new_state->data) {
+ memset (new_state->data, 0 , new_state->length);
+ /* That will set initialized to zero*/
+ }else {
+ return (ENOMEM);
+ }
+ return 0;
}
/* Since the arcfour cipher is identical going forwards and backwards,
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_crc32_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
unsigned long c, cn;
unsigned int i;
if (output->length != CRC32_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
c = 0;
for (i=0; i<icount; i++) {
- mit_crc32(input[i].data, input[i].length, &cn);
- c ^= cn;
+ mit_crc32(input[i].data, input[i].length, &cn);
+ c ^= cn;
}
store_32_le(c, output->data);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_md4_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
krb5_MD4_CTX ctx;
unsigned int i;
if (output->length != RSA_MD4_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
krb5int_MD4Init(&ctx);
for (i=0; i<icount; i++)
- krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length);
+ krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length);
krb5int_MD4Final(&ctx);
memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_md5_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
krb5_MD5_CTX ctx;
unsigned int i;
if (output->length != RSA_MD5_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
krb5int_MD5Init(&ctx);
for (i=0; i<icount; i++)
- krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length);
+ krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length);
krb5int_MD5Final(&ctx);
memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_sha1_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
SHS_INFO ctx;
unsigned int i;
if (output->length != SHS_DIGESTSIZE)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
shsInit(&ctx);
for (i=0; i<icount; i++)
- shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length);
+ shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length);
shsFinal(&ctx);
for (i=0; i<(sizeof(ctx.digest)/sizeof(ctx.digest[0])); i++) {
- store_32_be(ctx.digest[i], &output->data[i*4]);
+ store_32_be(ctx.digest[i], &output->data[i*4]);
}
return(0);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code
krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key, unsigned int icount,
- const krb5_data *input, krb5_data *output)
+ const krb5_keyblock *key, unsigned int icount,
+ const krb5_data *input, krb5_data *output)
{
size_t hashsize, blocksize;
unsigned char *xorkey, *ihash;
krb5_error_code
krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
+ const krb5_keyblock *key,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
krb5_data *sign_data;
size_t num_sign_data;
krb5_error_code
krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key,
- unsigned int icount, const krb5_data *input, krb5_data *output)
+ unsigned int icount, const krb5_data *input, krb5_data *output)
{
return krb5int_hmac_keyblock(hash, &key->keyblock, icount, input, output);
}
krb5_error_code
krb5int_hmac_iov(const struct krb5_hash_provider *hash, krb5_key key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
return krb5int_hmac_iov_keyblock(hash, &key->keyblock, data, num_data,
- output);
+ output);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
- * lib/crypto/md4/md4.c
+ * lib/crypto/md4/md4.c
*/
/*
- **********************************************************************
- ** md4.c **
- ** RSA Data Security, Inc. MD4 Message Digest Algorithm **
- ** Created: 2/17/90 RLR **
- ** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version **
- **********************************************************************
- */
+**********************************************************************
+** md4.c **
+** RSA Data Security, Inc. MD4 Message Digest Algorithm **
+** Created: 2/17/90 RLR **
+** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version **
+**********************************************************************
+*/
/*
- **********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
- ** **
- ** License to copy and use this software is granted provided that **
- ** it is identified as the "RSA Data Security, Inc. MD4 Message **
- ** Digest Algorithm" in all material mentioning or referencing this **
- ** software or this function. **
- ** **
- ** License is also granted to make and use derivative works **
- ** provided that such works are identified as "derived from the RSA **
- ** Data Security, Inc. MD4 Message Digest Algorithm" in all **
- ** material mentioning or referencing the derived work. **
- ** **
- ** RSA Data Security, Inc. makes no representations concerning **
- ** either the merchantability of this software or the suitability **
- ** of this software for any particular purpose. It is provided "as **
- ** is" without express or implied warranty of any kind. **
- ** **
- ** These notices must be retained in any copies of any part of this **
- ** documentation and/or software. **
- **********************************************************************
- */
+**********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+** **
+** License to copy and use this software is granted provided that **
+** it is identified as the "RSA Data Security, Inc. MD4 Message **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function. **
+** **
+** License is also granted to make and use derivative works **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD4 Message Digest Algorithm" in all **
+** material mentioning or referencing the derived work. **
+** **
+** RSA Data Security, Inc. makes no representations concerning **
+** either the merchantability of this software or the suitability **
+** of this software for any particular purpose. It is provided "as **
+** is" without express or implied warranty of any kind. **
+** **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software. **
+**********************************************************************
+*/
#include "k5-int.h"
#include "rsa-md4.h"
static void Transform (krb5_ui_4 *, krb5_ui_4 *);
static const unsigned char PADDING[64] = {
- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* F, G and H are basic MD4 functions: selection, majority, parity */
/* FF, GG and HH are MD4 transformations for rounds 1, 2 and 3 */
/* Rotation is separate from addition to prevent recomputation */
-#define FF(a, b, c, d, x, s) \
- {(a) += F ((b), (c), (d)) + (x); \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s));}
-#define GG(a, b, c, d, x, s) \
- {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s));}
-#define HH(a, b, c, d, x, s) \
- {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s));}
+#define FF(a, b, c, d, x, s) \
+ {(a) += F ((b), (c), (d)) + (x); \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s));}
+#define GG(a, b, c, d, x, s) \
+ {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s));}
+#define HH(a, b, c, d, x, s) \
+ {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s));}
void
krb5int_MD4Init (krb5_MD4_CTX *mdContext)
{
- mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0;
-
- /* Load magic initialization constants.
- */
- mdContext->buf[0] = 0x67452301UL;
- mdContext->buf[1] = 0xefcdab89UL;
- mdContext->buf[2] = 0x98badcfeUL;
- mdContext->buf[3] = 0x10325476UL;
+ mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0;
+
+ /* Load magic initialization constants.
+ */
+ mdContext->buf[0] = 0x67452301UL;
+ mdContext->buf[1] = 0xefcdab89UL;
+ mdContext->buf[2] = 0x98badcfeUL;
+ mdContext->buf[3] = 0x10325476UL;
}
void
krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen)
{
- krb5_ui_4 in[16];
- int mdi;
- unsigned int i, ii;
-
- /* compute number of bytes mod 64 */
- mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
-
- /* update number of bits */
- if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0])
- mdContext->i[1]++;
- mdContext->i[0] += ((krb5_ui_4)inLen << 3);
- mdContext->i[1] += ((krb5_ui_4)inLen >> 29);
-
- while (inLen--) {
- /* add new character to buffer, increment mdi */
- mdContext->in[mdi++] = *inBuf++;
-
- /* transform if necessary */
- if (mdi == 0x40) {
- for (i = 0, ii = 0; i < 16; i++, ii += 4) {
- in[i] = load_32_le(mdContext->in+ii);
- }
- Transform (mdContext->buf, in);
- mdi = 0;
+ krb5_ui_4 in[16];
+ int mdi;
+ unsigned int i, ii;
+
+ /* compute number of bytes mod 64 */
+ mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
+
+ /* update number of bits */
+ if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0])
+ mdContext->i[1]++;
+ mdContext->i[0] += ((krb5_ui_4)inLen << 3);
+ mdContext->i[1] += ((krb5_ui_4)inLen >> 29);
+
+ while (inLen--) {
+ /* add new character to buffer, increment mdi */
+ mdContext->in[mdi++] = *inBuf++;
+
+ /* transform if necessary */
+ if (mdi == 0x40) {
+ for (i = 0, ii = 0; i < 16; i++, ii += 4) {
+ in[i] = load_32_le(mdContext->in+ii);
+ }
+ Transform (mdContext->buf, in);
+ mdi = 0;
+ }
}
- }
}
void
krb5int_MD4Final (krb5_MD4_CTX *mdContext)
{
- krb5_ui_4 in[16];
- int mdi;
- unsigned int i, ii;
- unsigned int padLen;
+ krb5_ui_4 in[16];
+ int mdi;
+ unsigned int i, ii;
+ unsigned int padLen;
- /* save number of bits */
- in[14] = mdContext->i[0];
- in[15] = mdContext->i[1];
+ /* save number of bits */
+ in[14] = mdContext->i[0];
+ in[15] = mdContext->i[1];
- /* compute number of bytes mod 64 */
- mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
+ /* compute number of bytes mod 64 */
+ mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
- /* pad out to 56 mod 64 */
- padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
- krb5int_MD4Update (mdContext, PADDING, padLen);
+ /* pad out to 56 mod 64 */
+ padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
+ krb5int_MD4Update (mdContext, PADDING, padLen);
- /* append length in bits and transform */
- for (i = 0, ii = 0; i < 14; i++, ii += 4)
- in[i] = load_32_le(mdContext->in+ii);
- Transform (mdContext->buf, in);
+ /* append length in bits and transform */
+ for (i = 0, ii = 0; i < 14; i++, ii += 4)
+ in[i] = load_32_le(mdContext->in+ii);
+ Transform (mdContext->buf, in);
- /* store buffer in digest */
- for (i = 0, ii = 0; i < 4; i++, ii += 4) {
- store_32_le(mdContext->buf[i], mdContext->digest+ii);
- }
+ /* store buffer in digest */
+ for (i = 0, ii = 0; i < 4; i++, ii += 4) {
+ store_32_le(mdContext->buf[i], mdContext->digest+ii);
+ }
}
/* Basic MD4 step. Transform buf based on in.
*/
static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in)
{
- register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
+ register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
- int i;
+ int i;
#define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; }
- for (i = 0; i < 16; i++) {
- static const unsigned char round1consts[] = { 3, 7, 11, 19, };
- FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE;
- }
- for (i = 0; i < 16; i++) {
- static const unsigned char round2indices[] = {
- 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15
- };
- static const unsigned char round2consts[] = { 3, 5, 9, 13 };
- GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE;
- }
- for (i = 0; i < 16; i++) {
- static const unsigned char round3indices[] = {
- 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15
- };
- static const unsigned char round3consts[] = { 3, 9, 11, 15 };
- HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE;
- }
+ for (i = 0; i < 16; i++) {
+ static const unsigned char round1consts[] = { 3, 7, 11, 19, };
+ FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE;
+ }
+ for (i = 0; i < 16; i++) {
+ static const unsigned char round2indices[] = {
+ 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15
+ };
+ static const unsigned char round2consts[] = { 3, 5, 9, 13 };
+ GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE;
+ }
+ for (i = 0; i < 16; i++) {
+ static const unsigned char round3indices[] = {
+ 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15
+ };
+ static const unsigned char round3consts[] = { 3, 9, 11, 15 };
+ HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE;
+ }
#else
- /* Round 1 */
- FF (a, b, c, d, in[ 0], 3);
- FF (d, a, b, c, in[ 1], 7);
- FF (c, d, a, b, in[ 2], 11);
- FF (b, c, d, a, in[ 3], 19);
- FF (a, b, c, d, in[ 4], 3);
- FF (d, a, b, c, in[ 5], 7);
- FF (c, d, a, b, in[ 6], 11);
- FF (b, c, d, a, in[ 7], 19);
- FF (a, b, c, d, in[ 8], 3);
- FF (d, a, b, c, in[ 9], 7);
- FF (c, d, a, b, in[10], 11);
- FF (b, c, d, a, in[11], 19);
- FF (a, b, c, d, in[12], 3);
- FF (d, a, b, c, in[13], 7);
- FF (c, d, a, b, in[14], 11);
- FF (b, c, d, a, in[15], 19);
-
- /* Round 2 */
- GG (a, b, c, d, in[ 0], 3);
- GG (d, a, b, c, in[ 4], 5);
- GG (c, d, a, b, in[ 8], 9);
- GG (b, c, d, a, in[12], 13);
- GG (a, b, c, d, in[ 1], 3);
- GG (d, a, b, c, in[ 5], 5);
- GG (c, d, a, b, in[ 9], 9);
- GG (b, c, d, a, in[13], 13);
- GG (a, b, c, d, in[ 2], 3);
- GG (d, a, b, c, in[ 6], 5);
- GG (c, d, a, b, in[10], 9);
- GG (b, c, d, a, in[14], 13);
- GG (a, b, c, d, in[ 3], 3);
- GG (d, a, b, c, in[ 7], 5);
- GG (c, d, a, b, in[11], 9);
- GG (b, c, d, a, in[15], 13);
-
- /* Round 3 */
- HH (a, b, c, d, in[ 0], 3);
- HH (d, a, b, c, in[ 8], 9);
- HH (c, d, a, b, in[ 4], 11);
- HH (b, c, d, a, in[12], 15);
- HH (a, b, c, d, in[ 2], 3);
- HH (d, a, b, c, in[10], 9);
- HH (c, d, a, b, in[ 6], 11);
- HH (b, c, d, a, in[14], 15);
- HH (a, b, c, d, in[ 1], 3);
- HH (d, a, b, c, in[ 9], 9);
- HH (c, d, a, b, in[ 5], 11);
- HH (b, c, d, a, in[13], 15);
- HH (a, b, c, d, in[ 3], 3);
- HH (d, a, b, c, in[11], 9);
- HH (c, d, a, b, in[ 7], 11);
- HH (b, c, d, a, in[15], 15);
+ /* Round 1 */
+ FF (a, b, c, d, in[ 0], 3);
+ FF (d, a, b, c, in[ 1], 7);
+ FF (c, d, a, b, in[ 2], 11);
+ FF (b, c, d, a, in[ 3], 19);
+ FF (a, b, c, d, in[ 4], 3);
+ FF (d, a, b, c, in[ 5], 7);
+ FF (c, d, a, b, in[ 6], 11);
+ FF (b, c, d, a, in[ 7], 19);
+ FF (a, b, c, d, in[ 8], 3);
+ FF (d, a, b, c, in[ 9], 7);
+ FF (c, d, a, b, in[10], 11);
+ FF (b, c, d, a, in[11], 19);
+ FF (a, b, c, d, in[12], 3);
+ FF (d, a, b, c, in[13], 7);
+ FF (c, d, a, b, in[14], 11);
+ FF (b, c, d, a, in[15], 19);
+
+ /* Round 2 */
+ GG (a, b, c, d, in[ 0], 3);
+ GG (d, a, b, c, in[ 4], 5);
+ GG (c, d, a, b, in[ 8], 9);
+ GG (b, c, d, a, in[12], 13);
+ GG (a, b, c, d, in[ 1], 3);
+ GG (d, a, b, c, in[ 5], 5);
+ GG (c, d, a, b, in[ 9], 9);
+ GG (b, c, d, a, in[13], 13);
+ GG (a, b, c, d, in[ 2], 3);
+ GG (d, a, b, c, in[ 6], 5);
+ GG (c, d, a, b, in[10], 9);
+ GG (b, c, d, a, in[14], 13);
+ GG (a, b, c, d, in[ 3], 3);
+ GG (d, a, b, c, in[ 7], 5);
+ GG (c, d, a, b, in[11], 9);
+ GG (b, c, d, a, in[15], 13);
+
+ /* Round 3 */
+ HH (a, b, c, d, in[ 0], 3);
+ HH (d, a, b, c, in[ 8], 9);
+ HH (c, d, a, b, in[ 4], 11);
+ HH (b, c, d, a, in[12], 15);
+ HH (a, b, c, d, in[ 2], 3);
+ HH (d, a, b, c, in[10], 9);
+ HH (c, d, a, b, in[ 6], 11);
+ HH (b, c, d, a, in[14], 15);
+ HH (a, b, c, d, in[ 1], 3);
+ HH (d, a, b, c, in[ 9], 9);
+ HH (c, d, a, b, in[ 5], 11);
+ HH (b, c, d, a, in[13], 15);
+ HH (a, b, c, d, in[ 3], 3);
+ HH (d, a, b, c, in[11], 9);
+ HH (c, d, a, b, in[ 7], 11);
+ HH (b, c, d, a, in[15], 15);
#endif
- buf[0] += a;
- buf[1] += b;
- buf[2] += c;
- buf[3] += d;
+ buf[0] += a;
+ buf[1] += b;
+ buf[2] += c;
+ buf[3] += d;
}
/*
- **********************************************************************
- ** End of md4.c **
- ******************************* (cut) ********************************
- */
+**********************************************************************
+** End of md4.c **
+******************************* (cut) ********************************
+*/
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/md4/rsa-md4.h
*
#endif /* unicos61 */
/* 16 u_char's in the digest */
-#define RSA_MD4_CKSUM_LENGTH 16
+#define RSA_MD4_CKSUM_LENGTH 16
/* des blocksize is 8, so this works nicely... */
-#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16
-#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24
-#define RSA_MD4_DES_CONFOUND_LENGTH 8
+#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16
+#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24
+#define RSA_MD4_DES_CONFOUND_LENGTH 8
/*
- **********************************************************************
- ** md4.h -- Header file for implementation of MD4 **
- ** RSA Data Security, Inc. MD4 Message Digest Algorithm **
- ** Created: 2/17/90 RLR **
- ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
- **********************************************************************
- */
+**********************************************************************
+** md4.h -- Header file for implementation of MD4 **
+** RSA Data Security, Inc. MD4 Message Digest Algorithm **
+** Created: 2/17/90 RLR **
+** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
+**********************************************************************
+*/
/*
- **********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
- ** **
- ** License to copy and use this software is granted provided that **
- ** it is identified as the "RSA Data Security, Inc. MD4 Message **
- ** Digest Algorithm" in all material mentioning or referencing this **
- ** software or this function. **
- ** **
- ** License is also granted to make and use derivative works **
- ** provided that such works are identified as "derived from the RSA **
- ** Data Security, Inc. MD4 Message Digest Algorithm" in all **
- ** material mentioning or referencing the derived work. **
- ** **
- ** RSA Data Security, Inc. makes no representations concerning **
- ** either the merchantability of this software or the suitability **
- ** of this software for any particular purpose. It is provided "as **
- ** is" without express or implied warranty of any kind. **
- ** **
- ** These notices must be retained in any copies of any part of this **
- ** documentation and/or software. **
- **********************************************************************
- */
+**********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+** **
+** License to copy and use this software is granted provided that **
+** it is identified as the "RSA Data Security, Inc. MD4 Message **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function. **
+** **
+** License is also granted to make and use derivative works **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD4 Message Digest Algorithm" in all **
+** material mentioning or referencing the derived work. **
+** **
+** RSA Data Security, Inc. makes no representations concerning **
+** either the merchantability of this software or the suitability **
+** of this software for any particular purpose. It is provided "as **
+** is" without express or implied warranty of any kind. **
+** **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software. **
+**********************************************************************
+*/
/* Data structure for MD4 (Message Digest) computation */
typedef struct {
- krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */
- krb5_ui_4 buf[4]; /* scratch buffer */
- unsigned char in[64]; /* input buffer */
- unsigned char digest[16]; /* actual digest after MD4Final call */
+ krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */
+ krb5_ui_4 buf[4]; /* scratch buffer */
+ unsigned char in[64]; /* input buffer */
+ unsigned char digest[16]; /* actual digest after MD4Final call */
} krb5_MD4_CTX;
extern void krb5int_MD4Init(krb5_MD4_CTX *);
extern void krb5int_MD4Final(krb5_MD4_CTX *);
/*
- **********************************************************************
- ** End of md4.h **
- ******************************* (cut) ********************************
- */
+**********************************************************************
+** End of md4.h **
+******************************* (cut) ********************************
+*/
#endif /* __KRB5_RSA_MD4_H__ */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
- ***********************************************************************
- ** md5.c -- the source code for MD5 routines **
- ** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
- ** Created: 2/17/90 RLR **
- ** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. **
- ***********************************************************************
- */
+***********************************************************************
+** md5.c -- the source code for MD5 routines **
+** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
+** Created: 2/17/90 RLR **
+** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. **
+***********************************************************************
+*/
/*
* Modified by John Carr, MIT, to use Kerberos 5 typedefs.
*/
/*
- ***********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
- ** **
- ** License to copy and use this software is granted provided that **
- ** it is identified as the "RSA Data Security, Inc. MD5 Message- **
- ** Digest Algorithm" in all material mentioning or referencing this **
- ** software or this function. **
- ** **
- ** License is also granted to make and use derivative works **
- ** provided that such works are identified as "derived from the RSA **
- ** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
- ** material mentioning or referencing the derived work. **
- ** **
- ** RSA Data Security, Inc. makes no representations concerning **
- ** either the merchantability of this software or the suitability **
- ** of this software for any particular purpose. It is provided "as **
- ** is" without express or implied warranty of any kind. **
- ** **
- ** These notices must be retained in any copies of any part of this **
- ** documentation and/or software. **
- ***********************************************************************
- */
+***********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+** **
+** License to copy and use this software is granted provided that **
+** it is identified as the "RSA Data Security, Inc. MD5 Message- **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function. **
+** **
+** License is also granted to make and use derivative works **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
+** material mentioning or referencing the derived work. **
+** **
+** RSA Data Security, Inc. makes no representations concerning **
+** either the merchantability of this software or the suitability **
+** of this software for any particular purpose. It is provided "as **
+** is" without express or implied warranty of any kind. **
+** **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software. **
+***********************************************************************
+*/
#include "k5-int.h"
#include "rsa-md5.h"
/*
- ***********************************************************************
- ** Message-digest routines: **
- ** To form the message digest for a message M **
- ** (1) Initialize a context buffer mdContext using krb5int_MD5Init **
- ** (2) Call krb5int_MD5Update on mdContext and M **
- ** (3) Call krb5int_MD5Final on mdContext **
- ** The message digest is now in mdContext->digest[0...15] **
- ***********************************************************************
- */
+***********************************************************************
+** Message-digest routines: **
+** To form the message digest for a message M **
+** (1) Initialize a context buffer mdContext using krb5int_MD5Init **
+** (2) Call krb5int_MD5Update on mdContext and M **
+** (3) Call krb5int_MD5Final on mdContext **
+** The message digest is now in mdContext->digest[0...15] **
+***********************************************************************
+*/
/* forward declaration */
static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in);
static const unsigned char PADDING[64] = {
- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* F, G, H and I are basic MD5 functions */
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */
/* Rotation is separate from addition to prevent recomputation */
-#define FF(a, b, c, d, x, s, ac) \
- {(a) += F ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- (a) &= 0xffffffff; \
- }
-#define GG(a, b, c, d, x, s, ac) \
- {(a) += G ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- (a) &= 0xffffffff; \
- }
-#define HH(a, b, c, d, x, s, ac) \
- {(a) += H ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- (a) &= 0xffffffff; \
- }
-#define II(a, b, c, d, x, s, ac) \
- {(a) += I ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
- (a) &= 0xffffffff; \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- (a) &= 0xffffffff; \
- }
+#define FF(a, b, c, d, x, s, ac) \
+ {(a) += F ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ (a) &= 0xffffffff; \
+ }
+#define GG(a, b, c, d, x, s, ac) \
+ {(a) += G ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ (a) &= 0xffffffff; \
+ }
+#define HH(a, b, c, d, x, s, ac) \
+ {(a) += H ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ (a) &= 0xffffffff; \
+ }
+#define II(a, b, c, d, x, s, ac) \
+ {(a) += I ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \
+ (a) &= 0xffffffff; \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ (a) &= 0xffffffff; \
+ }
/* The routine krb5int_MD5Init initializes the message-digest context
mdContext. All fields are set to zero.
- */
+*/
void
krb5int_MD5Init (krb5_MD5_CTX *mdContext)
{
- mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0;
-
- /* Load magic initialization constants.
- */
- mdContext->buf[0] = 0x67452301UL;
- mdContext->buf[1] = 0xefcdab89UL;
- mdContext->buf[2] = 0x98badcfeUL;
- mdContext->buf[3] = 0x10325476UL;
+ mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0;
+
+ /* Load magic initialization constants.
+ */
+ mdContext->buf[0] = 0x67452301UL;
+ mdContext->buf[1] = 0xefcdab89UL;
+ mdContext->buf[2] = 0x98badcfeUL;
+ mdContext->buf[3] = 0x10325476UL;
}
/* The routine krb5int_MD5Update updates the message-digest context to
account for the presence of each of the characters inBuf[0..inLen-1]
in the message whose digest is being computed.
- */
+*/
void
krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen)
{
- krb5_ui_4 in[16];
- int mdi;
- unsigned int i, ii;
-
- /* compute number of bytes mod 64 */
- mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
-
- /* update number of bits */
- if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0])
- mdContext->i[1]++;
- mdContext->i[0] += ((krb5_ui_4)inLen << 3);
- mdContext->i[1] += ((krb5_ui_4)inLen >> 29);
-
- while (inLen--) {
- /* add new character to buffer, increment mdi */
- mdContext->in[mdi++] = *inBuf++;
-
- /* transform if necessary */
- if (mdi == 0x40) {
- for (i = 0, ii = 0; i < 16; i++, ii += 4)
- in[i] = load_32_le(mdContext->in+ii);
- Transform (mdContext->buf, in);
- mdi = 0;
+ krb5_ui_4 in[16];
+ int mdi;
+ unsigned int i, ii;
+
+ /* compute number of bytes mod 64 */
+ mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
+
+ /* update number of bits */
+ if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0])
+ mdContext->i[1]++;
+ mdContext->i[0] += ((krb5_ui_4)inLen << 3);
+ mdContext->i[1] += ((krb5_ui_4)inLen >> 29);
+
+ while (inLen--) {
+ /* add new character to buffer, increment mdi */
+ mdContext->in[mdi++] = *inBuf++;
+
+ /* transform if necessary */
+ if (mdi == 0x40) {
+ for (i = 0, ii = 0; i < 16; i++, ii += 4)
+ in[i] = load_32_le(mdContext->in+ii);
+ Transform (mdContext->buf, in);
+ mdi = 0;
+ }
}
- }
}
/* The routine krb5int_MD5Final terminates the message-digest computation and
ends with the desired message digest in mdContext->digest[0...15].
- */
+*/
void
krb5int_MD5Final (krb5_MD5_CTX *mdContext)
{
- krb5_ui_4 in[16];
- int mdi;
- unsigned int i, ii;
- unsigned int padLen;
-
- /* save number of bits */
- in[14] = mdContext->i[0];
- in[15] = mdContext->i[1];
-
- /* compute number of bytes mod 64 */
- mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
-
- /* pad out to 56 mod 64 */
- padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
- krb5int_MD5Update (mdContext, PADDING, padLen);
-
- /* append length in bits and transform */
- for (i = 0, ii = 0; i < 14; i++, ii += 4)
- in[i] = load_32_le(mdContext->in+ii);
- Transform (mdContext->buf, in);
-
- /* store buffer in digest */
- for (i = 0, ii = 0; i < 4; i++, ii += 4) {
- store_32_le(mdContext->buf[i], mdContext->digest+ii);
- }
+ krb5_ui_4 in[16];
+ int mdi;
+ unsigned int i, ii;
+ unsigned int padLen;
+
+ /* save number of bits */
+ in[14] = mdContext->i[0];
+ in[15] = mdContext->i[1];
+
+ /* compute number of bytes mod 64 */
+ mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
+
+ /* pad out to 56 mod 64 */
+ padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
+ krb5int_MD5Update (mdContext, PADDING, padLen);
+
+ /* append length in bits and transform */
+ for (i = 0, ii = 0; i < 14; i++, ii += 4)
+ in[i] = load_32_le(mdContext->in+ii);
+ Transform (mdContext->buf, in);
+
+ /* store buffer in digest */
+ for (i = 0, ii = 0; i < 4; i++, ii += 4) {
+ store_32_le(mdContext->buf[i], mdContext->digest+ii);
+ }
}
/* Basic MD5 step. Transforms buf based on in.
*/
static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in)
{
- register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
+ register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
- int i;
+ int i;
#define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; }
- for (i = 0; i < 16; i++) {
- const unsigned char round1s[] = { 7, 12, 17, 22 };
- const krb5_ui_4 round1consts[] = {
- 3614090360UL, 3905402710UL, 606105819UL, 3250441966UL,
- 4118548399UL, 1200080426UL, 2821735955UL, 4249261313UL,
- 1770035416UL, 2336552879UL, 4294925233UL, 2304563134UL,
- 1804603682UL, 4254626195UL, 2792965006UL, 1236535329UL,
- };
- FF (a, b, c, d, in[i], round1s[i%4], round1consts[i]);
- ROTATE;
- }
- for (i = 0; i < 16; i++) {
- const unsigned char round2s[] = { 5, 9, 14, 20 };
- const krb5_ui_4 round2consts[] = {
- 4129170786UL, 3225465664UL, 643717713UL, 3921069994UL,
- 3593408605UL, 38016083UL, 3634488961UL, 3889429448UL,
- 568446438UL, 3275163606UL, 4107603335UL, 1163531501UL,
- 2850285829UL, 4243563512UL, 1735328473UL, 2368359562UL,
- };
- int r2index = (1 + i * 5) % 16;
- GG (a, b, c, d, in[r2index], round2s[i%4], round2consts[i]);
- ROTATE;
- }
- for (i = 0; i < 16; i++) {
- static const unsigned char round3s[] = { 4, 11, 16, 23 };
- static const krb5_ui_4 round3consts[] = {
- 4294588738UL, 2272392833UL, 1839030562UL, 4259657740UL,
- 2763975236UL, 1272893353UL, 4139469664UL, 3200236656UL,
- 681279174UL, 3936430074UL, 3572445317UL, 76029189UL,
- 3654602809UL, 3873151461UL, 530742520UL, 3299628645UL,
- };
- int r3index = (5 + i * 3) % 16;
- HH (a, b, c, d, in[r3index], round3s[i%4], round3consts[i]);
- ROTATE;
- }
- for (i = 0; i < 16; i++) {
- static const unsigned char round4s[] = { 6, 10, 15, 21 };
- static const krb5_ui_4 round4consts[] = {
- 4096336452UL, 1126891415UL, 2878612391UL, 4237533241UL,
- 1700485571UL, 2399980690UL, 4293915773UL, 2240044497UL,
- 1873313359UL, 4264355552UL, 2734768916UL, 1309151649UL,
- 4149444226UL, 3174756917UL, 718787259UL, 3951481745UL,
- };
- int r4index = (7 * i) % 16;
- II (a, b, c, d, in[r4index], round4s[i%4], round4consts[i]);
- ROTATE;
- }
+ for (i = 0; i < 16; i++) {
+ const unsigned char round1s[] = { 7, 12, 17, 22 };
+ const krb5_ui_4 round1consts[] = {
+ 3614090360UL, 3905402710UL, 606105819UL, 3250441966UL,
+ 4118548399UL, 1200080426UL, 2821735955UL, 4249261313UL,
+ 1770035416UL, 2336552879UL, 4294925233UL, 2304563134UL,
+ 1804603682UL, 4254626195UL, 2792965006UL, 1236535329UL,
+ };
+ FF (a, b, c, d, in[i], round1s[i%4], round1consts[i]);
+ ROTATE;
+ }
+ for (i = 0; i < 16; i++) {
+ const unsigned char round2s[] = { 5, 9, 14, 20 };
+ const krb5_ui_4 round2consts[] = {
+ 4129170786UL, 3225465664UL, 643717713UL, 3921069994UL,
+ 3593408605UL, 38016083UL, 3634488961UL, 3889429448UL,
+ 568446438UL, 3275163606UL, 4107603335UL, 1163531501UL,
+ 2850285829UL, 4243563512UL, 1735328473UL, 2368359562UL,
+ };
+ int r2index = (1 + i * 5) % 16;
+ GG (a, b, c, d, in[r2index], round2s[i%4], round2consts[i]);
+ ROTATE;
+ }
+ for (i = 0; i < 16; i++) {
+ static const unsigned char round3s[] = { 4, 11, 16, 23 };
+ static const krb5_ui_4 round3consts[] = {
+ 4294588738UL, 2272392833UL, 1839030562UL, 4259657740UL,
+ 2763975236UL, 1272893353UL, 4139469664UL, 3200236656UL,
+ 681279174UL, 3936430074UL, 3572445317UL, 76029189UL,
+ 3654602809UL, 3873151461UL, 530742520UL, 3299628645UL,
+ };
+ int r3index = (5 + i * 3) % 16;
+ HH (a, b, c, d, in[r3index], round3s[i%4], round3consts[i]);
+ ROTATE;
+ }
+ for (i = 0; i < 16; i++) {
+ static const unsigned char round4s[] = { 6, 10, 15, 21 };
+ static const krb5_ui_4 round4consts[] = {
+ 4096336452UL, 1126891415UL, 2878612391UL, 4237533241UL,
+ 1700485571UL, 2399980690UL, 4293915773UL, 2240044497UL,
+ 1873313359UL, 4264355552UL, 2734768916UL, 1309151649UL,
+ 4149444226UL, 3174756917UL, 718787259UL, 3951481745UL,
+ };
+ int r4index = (7 * i) % 16;
+ II (a, b, c, d, in[r4index], round4s[i%4], round4consts[i]);
+ ROTATE;
+ }
#else
- /* Round 1 */
+ /* Round 1 */
#define S11 7
#define S12 12
#define S13 17
#define S14 22
- FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */
- FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */
- FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */
- FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */
- FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */
- FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */
- FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */
- FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */
- FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */
- FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */
- FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */
- FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */
- FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */
- FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */
- FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */
- FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */
-
- /* Round 2 */
+ FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */
+ FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */
+ FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */
+ FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */
+ FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */
+ FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */
+ FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */
+ FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */
+ FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */
+ FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */
+ FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */
+ FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */
+ FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */
+ FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */
+ FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */
+ FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */
+
+ /* Round 2 */
#define S21 5
#define S22 9
#define S23 14
#define S24 20
- GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */
- GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */
- GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */
- GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */
- GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */
- GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */
- GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */
- GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */
- GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */
- GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */
- GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */
- GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */
- GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */
- GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */
- GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */
- GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */
-
- /* Round 3 */
+ GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */
+ GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */
+ GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */
+ GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */
+ GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */
+ GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */
+ GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */
+ GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */
+ GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */
+ GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */
+ GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */
+ GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */
+ GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */
+ GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */
+ GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */
+ GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */
+
+ /* Round 3 */
#define S31 4
#define S32 11
#define S33 16
#define S34 23
- HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */
- HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */
- HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */
- HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */
- HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */
- HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */
- HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */
- HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */
- HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */
- HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */
- HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */
- HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */
- HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */
- HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */
- HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */
- HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */
-
- /* Round 4 */
+ HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */
+ HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */
+ HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */
+ HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */
+ HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */
+ HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */
+ HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */
+ HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */
+ HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */
+ HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */
+ HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */
+ HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */
+ HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */
+ HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */
+ HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */
+ HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */
+
+ /* Round 4 */
#define S41 6
#define S42 10
#define S43 15
#define S44 21
- II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */
- II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */
- II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */
- II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */
- II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */
- II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */
- II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */
- II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */
- II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */
- II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */
- II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */
- II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */
- II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */
- II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */
- II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */
- II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */
+ II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */
+ II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */
+ II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */
+ II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */
+ II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */
+ II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */
+ II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */
+ II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */
+ II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */
+ II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */
+ II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */
+ II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */
+ II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */
+ II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */
+ II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */
+ II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */
#endif /* small? */
- buf[0] += a;
- buf[1] += b;
- buf[2] += c;
- buf[3] += d;
+ buf[0] += a;
+ buf[1] += b;
+ buf[2] += c;
+ buf[3] += d;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
- ***********************************************************************
- ** md5.h -- header file for implementation of MD5 **
- ** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
- ** Created: 2/17/90 RLR **
- ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
- ** Revised (for MD5): RLR 4/27/91 **
- ** -- G modified to have y&~z instead of y&z **
- ** -- FF, GG, HH modified to add in last register done **
- ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 **
- ** -- distinct additive constant for each step **
- ** -- round 4 added, working mod 7 **
- ***********************************************************************
- */
+***********************************************************************
+** md5.h -- header file for implementation of MD5 **
+** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
+** Created: 2/17/90 RLR **
+** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
+** Revised (for MD5): RLR 4/27/91 **
+** -- G modified to have y&~z instead of y&z **
+** -- FF, GG, HH modified to add in last register done **
+** -- Access pattern: round 2 works mod 5, round 3 works mod 3 **
+** -- distinct additive constant for each step **
+** -- round 4 added, working mod 7 **
+***********************************************************************
+*/
/*
- ***********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
- ** **
- ** License to copy and use this software is granted provided that **
- ** it is identified as the "RSA Data Security, Inc. MD5 Message- **
- ** Digest Algorithm" in all material mentioning or referencing this **
- ** software or this function. **
- ** **
- ** License is also granted to make and use derivative works **
- ** provided that such works are identified as "derived from the RSA **
- ** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
- ** material mentioning or referencing the derived work. **
- ** **
- ** RSA Data Security, Inc. makes no representations concerning **
- ** either the merchantability of this software or the suitability **
- ** of this software for any particular purpose. It is provided "as **
- ** is" without express or implied warranty of any kind. **
- ** **
- ** These notices must be retained in any copies of any part of this **
- ** documentation and/or software. **
- ***********************************************************************
- */
+***********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+** **
+** License to copy and use this software is granted provided that **
+** it is identified as the "RSA Data Security, Inc. MD5 Message- **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function. **
+** **
+** License is also granted to make and use derivative works **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
+** material mentioning or referencing the derived work. **
+** **
+** RSA Data Security, Inc. makes no representations concerning **
+** either the merchantability of this software or the suitability **
+** of this software for any particular purpose. It is provided "as **
+** is" without express or implied warranty of any kind. **
+** **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software. **
+***********************************************************************
+*/
-#ifndef KRB5_RSA_MD5__
-#define KRB5_RSA_MD5__
+#ifndef KRB5_RSA_MD5__
+#define KRB5_RSA_MD5__
/* Data structure for MD5 (Message-Digest) computation */
typedef struct {
- krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */
- krb5_ui_4 buf[4]; /* scratch buffer */
- unsigned char in[64]; /* input buffer */
- unsigned char digest[16]; /* actual digest after MD5Final call */
+ krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */
+ krb5_ui_4 buf[4]; /* scratch buffer */
+ unsigned char in[64]; /* input buffer */
+ unsigned char digest[16]; /* actual digest after MD5Final call */
} krb5_MD5_CTX;
extern void krb5int_MD5Init(krb5_MD5_CTX *);
extern void krb5int_MD5Update(krb5_MD5_CTX *,const unsigned char *,unsigned int);
extern void krb5int_MD5Final(krb5_MD5_CTX *);
-#define RSA_MD5_CKSUM_LENGTH 16
-#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16
-#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24
-#define RSA_MD5_DES_CONFOUND_LENGTH 8
+#define RSA_MD5_CKSUM_LENGTH 16
+#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16
+#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24
+#define RSA_MD5_DES_CONFOUND_LENGTH 8
#endif /* KRB5_RSA_MD5__ */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/pbkdf2.c
*
*/
typedef krb5_error_code (*prf_func)(krb5_key pass, krb5_data *salt,
- krb5_data *out);
+ krb5_data *out);
/* Not exported, for now. */
static krb5_error_code
krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass,
- const krb5_data *salt, unsigned long count,
- const krb5_data *output);
+ const krb5_data *salt, unsigned long count,
+ const krb5_data *output);
static int debug_hmac = 0;
printf("%s:", descr);
for (i = 0; i < d->length; i += r) {
- printf("\n %04x: ", i);
- for (j = i; j < i + r && j < d->length; j++)
- printf(" %02x", 0xff & d->data[j]);
- for (; j < i + r; j++)
- printf(" ");
- printf(" ");
- for (j = i; j < i + r && j < d->length; j++) {
- int c = 0xff & d->data[j];
- printf("%c", isprint(c) ? c : '.');
- }
+ printf("\n %04x: ", i);
+ for (j = i; j < i + r && j < d->length; j++)
+ printf(" %02x", 0xff & d->data[j]);
+ for (; j < i + r; j++)
+ printf(" ");
+ printf(" ");
+ for (j = i; j < i + r && j < d->length; j++) {
+ int c = 0xff & d->data[j];
+ printf("%c", isprint(c) ? c : '.');
+ }
}
printf("\n");
}
#if 0
printf("F(i=%d, count=%lu, pass=%d:%s)\n", i, count,
- pass->length, pass->data);
+ pass->length, pass->data);
#endif
/* Compute U_1. */
#endif
err = (*prf)(pass, &sdata, &out);
if (err)
- return err;
+ return err;
#if 0
printd("F: prf return value", &out);
#endif
sdata.length = hlen;
for (j = 2; j <= count; j++) {
#if 0
- printf("F: computing hmac #%d (U_%d)\n", j, j);
+ printf("F: computing hmac #%d (U_%d)\n", j, j);
#endif
- memcpy(u_tmp2, u_tmp1, hlen);
- err = (*prf)(pass, &sdata, &out);
- if (err)
- return err;
+ memcpy(u_tmp2, u_tmp1, hlen);
+ err = (*prf)(pass, &sdata, &out);
+ if (err)
+ return err;
#if 0
- printd("F: prf return value", &out);
+ printd("F: prf return value", &out);
#endif
- /* And xor them together. */
- for (k = 0; k < hlen; k++)
- output[k] ^= u_tmp1[k];
+ /* And xor them together. */
+ for (k = 0; k < hlen; k++)
+ output[k] ^= u_tmp1[k];
#if 0
- printf("F: xor result:\n");
- for (k = 0; k < hlen; k++)
- printf(" %02x", 0xff & output[k]);
- printf("\n");
+ printf("F: xor result:\n");
+ for (k = 0; k < hlen; k++)
+ printf(" %02x", 0xff & output[k]);
+ printf("\n");
#endif
}
return 0;
static krb5_error_code
krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass,
- const krb5_data *salt, unsigned long count,
- const krb5_data *output)
+ const krb5_data *salt, unsigned long count,
+ const krb5_data *output)
{
int l, r, i;
char *utmp1, *utmp2;
- char utmp3[20]; /* XXX length shouldn't be hardcoded! */
+ char utmp3[20]; /* XXX length shouldn't be hardcoded! */
if (output->length == 0 || hlen == 0)
- abort();
+ abort();
/* Step 1 & 2. */
if (output->length / hlen > 0xffffffff)
- abort();
+ abort();
/* Step 2. */
l = (output->length + hlen - 1) / hlen;
r = output->length - (l - 1) * hlen;
utmp1 = /*output + dklen; */ malloc(hlen);
if (utmp1 == NULL)
- return ENOMEM;
+ return ENOMEM;
utmp2 = /*utmp1 + hlen; */ malloc(salt->length + 4 + hlen);
if (utmp2 == NULL) {
- free(utmp1);
- return ENOMEM;
+ free(utmp1);
+ return ENOMEM;
}
/* Step 3. */
for (i = 1; i <= l; i++) {
#if 0
- int j;
+ int j;
#endif
- krb5_error_code err;
- char *out;
+ krb5_error_code err;
+ char *out;
- if (i == l)
- out = utmp3;
- else
- out = output->data + (i-1) * hlen;
- err = F(out, utmp1, utmp2, prf, hlen, pass, salt, count, i);
- if (err) {
- free(utmp1);
- free(utmp2);
- return err;
- }
- if (i == l)
- memcpy(output->data + (i-1) * hlen, utmp3,
- output->length - (i-1) * hlen);
+ if (i == l)
+ out = utmp3;
+ else
+ out = output->data + (i-1) * hlen;
+ err = F(out, utmp1, utmp2, prf, hlen, pass, salt, count, i);
+ if (err) {
+ free(utmp1);
+ free(utmp2);
+ return err;
+ }
+ if (i == l)
+ memcpy(output->data + (i-1) * hlen, utmp3,
+ output->length - (i-1) * hlen);
#if 0
- printf("after F(%d), @%p:\n", i, output->data);
- for (j = (i-1) * hlen; j < i * hlen; j++)
- printf(" %02x", 0xff & output->data[j]);
- printf ("\n");
+ printf("after F(%d), @%p:\n", i, output->data);
+ for (j = (i-1) * hlen; j < i * hlen; j++)
+ printf(" %02x", 0xff & output->data[j]);
+ printf ("\n");
#endif
}
free(utmp1);
krb5_error_code err;
if (debug_hmac)
- printd(" hmac input", salt);
+ printd(" hmac input", salt);
err = krb5int_hmac(h, pass, 1, salt, out);
if (err == 0 && debug_hmac)
- printd(" hmac output", out);
+ printd(" hmac output", out);
return err;
}
krb5_error_code
krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count,
- const krb5_data *pass, const krb5_data *salt)
+ const krb5_data *pass, const krb5_data *salt)
{
const struct krb5_hash_provider *h = &krb5int_hash_sha1;
krb5_keyblock keyblock;
assert(h->hashsize <= sizeof(tmp));
if (pass->length > h->blocksize) {
- d.data = tmp;
- d.length = h->hashsize;
- err = h->hash (1, pass, &d);
- if (err)
- return err;
- keyblock.length = d.length;
- keyblock.contents = (krb5_octet *) d.data;
+ d.data = tmp;
+ d.length = h->hashsize;
+ err = h->hash (1, pass, &d);
+ if (err)
+ return err;
+ keyblock.length = d.length;
+ keyblock.contents = (krb5_octet *) d.data;
} else {
- keyblock.length = pass->length;
- keyblock.contents = (krb5_octet *) pass->data;
+ keyblock.length = pass->length;
+ keyblock.contents = (krb5_octet *) pass->data;
}
err = krb5_k_create_key(NULL, &keyblock, &key);
if (err)
- return err;
+ return err;
err = krb5int_pbkdf2(hmac_sha1, 20, key, salt, count, out);
krb5_k_free_key(NULL, key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#include "shs.h"
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
80-word expanded input array W, where the first 16 are copies of the input
data, and the remaining 64 are defined by
- W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ]
+ W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ]
This implementation generates these values on the fly in a circular
buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this
#ifdef NEW_SHS
#define expand(W,i) ( W[ i & 15 ] = ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \
- W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] )))
+ W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] )))
#else
-#define expand(W,i) ( W[ i & 15 ] ^= W[ (i - 14) & 15 ] ^ \
- W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] )
+#define expand(W,i) ( W[ i & 15 ] ^= W[ (i - 14) & 15 ] ^ \
+ W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] )
#endif /* NEW_SHS */
/* The prototype SHS sub-round. The fundamental sub-round is:
- a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data;
- b' = a;
- c' = ROTL( 30, b );
- d' = c;
- e' = d;
+ a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data;
+ b' = a;
+ c' = ROTL( 30, b );
+ d' = c;
+ e' = d;
but this is implemented by unrolling the loop 5 times and renaming the
variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration.
This code is then replicated 20 times for each of the 4 functions, using
the next 20 values from the W[] array each time */
-#define subRound(a, b, c, d, e, f, k, data) \
- ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, \
+#define subRound(a, b, c, d, e, f, k, data) \
+ ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, \
e &= 0xffffffff, b = ROTL( 30, b ) )
/* Initialize the SHS values */
#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
{
- int i;
- SHS_LONG temp;
- for (i = 0; i < 20; i++) {
- SHS_LONG x = (i < 16) ? eData[i] : expand(eData, i);
- subRound(A, B, C, D, E, f1, K1, x);
- temp = E, E = D, D = C, C = B, B = A, A = temp;
- }
- for (i = 20; i < 40; i++) {
- subRound(A, B, C, D, E, f2, K2, expand(eData, i));
- temp = E, E = D, D = C, C = B, B = A, A = temp;
- }
- for (i = 40; i < 60; i++) {
- subRound(A, B, C, D, E, f3, K3, expand(eData, i));
- temp = E, E = D, D = C, C = B, B = A, A = temp;
- }
- for (i = 60; i < 80; i++) {
- subRound(A, B, C, D, E, f4, K4, expand(eData, i));
- temp = E, E = D, D = C, C = B, B = A, A = temp;
- }
+ int i;
+ SHS_LONG temp;
+ for (i = 0; i < 20; i++) {
+ SHS_LONG x = (i < 16) ? eData[i] : expand(eData, i);
+ subRound(A, B, C, D, E, f1, K1, x);
+ temp = E, E = D, D = C, C = B, B = A, A = temp;
+ }
+ for (i = 20; i < 40; i++) {
+ subRound(A, B, C, D, E, f2, K2, expand(eData, i));
+ temp = E, E = D, D = C, C = B, B = A, A = temp;
+ }
+ for (i = 40; i < 60; i++) {
+ subRound(A, B, C, D, E, f3, K3, expand(eData, i));
+ temp = E, E = D, D = C, C = B, B = A, A = temp;
+ }
+ for (i = 60; i < 80; i++) {
+ subRound(A, B, C, D, E, f4, K4, expand(eData, i));
+ temp = E, E = D, D = C, C = B, B = A, A = temp;
+ }
}
#else
tmp = shsInfo->countLo;
shsInfo->countLo = tmp + (((SHS_LONG) count) << 3 );
if ((shsInfo->countLo &= 0xffffffff) < tmp)
- shsInfo->countHi++; /* Carry from low to high */
+ shsInfo->countHi++; /* Carry from low to high */
shsInfo->countHi += count >> 29;
/* Get count of bytes already in data */
/* Handle any leading odd-sized chunks */
if (dataCount) {
- lp = shsInfo->data + dataCount / 4;
- dataCount = SHS_DATASIZE - dataCount;
- canfill = (count >= dataCount);
-
- if (dataCount % 4) {
- /* Fill out a full 32 bit word first if needed -- this
- is not very efficient (computed shift amount),
- but it shouldn't happen often. */
- while (dataCount % 4 && count > 0) {
- *lp |= (SHS_LONG) *buffer++ << ((--dataCount % 4) * 8);
- count--;
- }
- lp++;
- }
- while (lp < shsInfo->data + 16) {
- if (count < 4) {
- *lp = 0;
- switch (count % 4) {
- case 3:
- *lp |= (SHS_LONG) buffer[2] << 8;
- case 2:
- *lp |= (SHS_LONG) buffer[1] << 16;
- case 1:
- *lp |= (SHS_LONG) buffer[0] << 24;
- }
- count = 0;
- break; /* out of while loop */
- }
- *lp++ = load_32_be(buffer);
- buffer += 4;
- count -= 4;
- }
- if (canfill) {
- SHSTransform(shsInfo->digest, shsInfo->data);
- }
+ lp = shsInfo->data + dataCount / 4;
+ dataCount = SHS_DATASIZE - dataCount;
+ canfill = (count >= dataCount);
+
+ if (dataCount % 4) {
+ /* Fill out a full 32 bit word first if needed -- this
+ is not very efficient (computed shift amount),
+ but it shouldn't happen often. */
+ while (dataCount % 4 && count > 0) {
+ *lp |= (SHS_LONG) *buffer++ << ((--dataCount % 4) * 8);
+ count--;
+ }
+ lp++;
+ }
+ while (lp < shsInfo->data + 16) {
+ if (count < 4) {
+ *lp = 0;
+ switch (count % 4) {
+ case 3:
+ *lp |= (SHS_LONG) buffer[2] << 8;
+ case 2:
+ *lp |= (SHS_LONG) buffer[1] << 16;
+ case 1:
+ *lp |= (SHS_LONG) buffer[0] << 24;
+ }
+ count = 0;
+ break; /* out of while loop */
+ }
+ *lp++ = load_32_be(buffer);
+ buffer += 4;
+ count -= 4;
+ }
+ if (canfill) {
+ SHSTransform(shsInfo->digest, shsInfo->data);
+ }
}
/* Process data in SHS_DATASIZE chunks */
while (count >= SHS_DATASIZE) {
- lp = shsInfo->data;
- while (lp < shsInfo->data + 16) {
- *lp++ = load_32_be(buffer);
- buffer += 4;
- }
- SHSTransform(shsInfo->digest, shsInfo->data);
- count -= SHS_DATASIZE;
+ lp = shsInfo->data;
+ while (lp < shsInfo->data + 16) {
+ *lp++ = load_32_be(buffer);
+ buffer += 4;
+ }
+ SHSTransform(shsInfo->digest, shsInfo->data);
+ count -= SHS_DATASIZE;
}
if (count > 0) {
- lp = shsInfo->data;
- while (count > 4) {
- *lp++ = load_32_be(buffer);
- buffer += 4;
- count -= 4;
- }
- *lp = 0;
- switch (count % 4) {
- case 0:
- *lp |= ((SHS_LONG) buffer[3]);
- case 3:
- *lp |= ((SHS_LONG) buffer[2]) << 8;
- case 2:
- *lp |= ((SHS_LONG) buffer[1]) << 16;
- case 1:
- *lp |= ((SHS_LONG) buffer[0]) << 24;
- }
+ lp = shsInfo->data;
+ while (count > 4) {
+ *lp++ = load_32_be(buffer);
+ buffer += 4;
+ count -= 4;
+ }
+ *lp = 0;
+ switch (count % 4) {
+ case 0:
+ *lp |= ((SHS_LONG) buffer[3]);
+ case 3:
+ *lp |= ((SHS_LONG) buffer[2]) << 8;
+ case 2:
+ *lp |= ((SHS_LONG) buffer[1]) << 16;
+ case 1:
+ *lp |= ((SHS_LONG) buffer[0]) << 24;
+ }
}
}
lp = shsInfo->data + count / 4;
switch (count % 4) {
case 3:
- *lp++ |= (SHS_LONG) 0x80;
- break;
+ *lp++ |= (SHS_LONG) 0x80;
+ break;
case 2:
- *lp++ |= (SHS_LONG) 0x80 << 8;
- break;
+ *lp++ |= (SHS_LONG) 0x80 << 8;
+ break;
case 1:
- *lp++ |= (SHS_LONG) 0x80 << 16;
- break;
+ *lp++ |= (SHS_LONG) 0x80 << 16;
+ break;
case 0:
- *lp++ = (SHS_LONG) 0x80 << 24;
+ *lp++ = (SHS_LONG) 0x80 << 24;
}
/* at this point, lp can point *past* shsInfo->data. If it points
enough room for length words */
if (lp == shsInfo->data + 15)
- *lp++ = 0;
+ *lp++ = 0;
if (lp == shsInfo->data + 16) {
- SHSTransform(shsInfo->digest, shsInfo->data);
- lp = shsInfo->data;
+ SHSTransform(shsInfo->digest, shsInfo->data);
+ lp = shsInfo->data;
}
/* Pad out to 56 bytes */
while (lp < shsInfo->data + 14)
- *lp++ = 0;
+ *lp++ = 0;
/* Append length in bits and transform */
*lp++ = shsInfo->countHi;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef _SHS_DEFINED
#include "k5-int.h"
/* Some useful types */
-typedef krb5_octet SHS_BYTE;
-typedef krb5_ui_4 SHS_LONG;
+typedef krb5_octet SHS_BYTE;
+typedef krb5_ui_4 SHS_LONG;
/* Define the following to use the updated SHS implementation */
#define NEW_SHS /**/
/* The structure for storing SHS info */
typedef struct {
- SHS_LONG digest[ 5 ]; /* Message digest */
- SHS_LONG countLo, countHi; /* 64-bit bit count */
- SHS_LONG data[ 16 ]; /* SHS data buffer */
- } SHS_INFO;
+ SHS_LONG digest[ 5 ]; /* Message digest */
+ SHS_LONG countLo, countHi; /* 64-bit bit count */
+ SHS_LONG data[ 16 ]; /* SHS data buffer */
+} SHS_INFO;
/* Message digest functions (shs.c) */
void shsInit(SHS_INFO *shsInfo);
/* Keyed Message digest functions (hmac_sha.c) */
krb5_error_code hmac_sha(krb5_octet *text,
- int text_len,
- krb5_octet *key,
- int key_len,
- krb5_octet *digest);
+ int text_len,
+ krb5_octet *key,
+ int key_len,
+ krb5_octet *digest);
-#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
-#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
+#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
+#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
#endif /* _SHS_DEFINED */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/****************************************************************************
-* *
-* SHS Test Code *
-* *
-****************************************************************************/
+ * *
+ * SHS Test Code *
+ * *
+ ****************************************************************************/
#include <stdio.h>
#include <stdlib.h>
{ 0xA9993E36L, 0x4706816AL, 0xBA3E2571L, 0x7850C26CL, 0x9CD0D89DL, },
{ 0x84983E44L, 0x1C3BD26EL, 0xBAAE4AA1L, 0xF95129E5L, 0xE54670F1L, },
{ 0x34AA973CL, 0xD4C4DAA4L, 0xF61EEB2BL, 0xDBAD2731L, 0x6534016FL, }
- };
+};
#else
{ 0x0164B8A9L, 0x14CD2A5EL, 0x74C4F7FFL, 0x082C4D97L, 0xF1EDF880L },
{ 0xD2516EE1L, 0xACFA5BAFL, 0x33DFC1C4L, 0x71E43844L, 0x9EF134C8L },
{ 0x3232AFFAL, 0x48628A26L, 0x653B5AAAL, 0x44541FD9L, 0x0D690603L }
- };
+};
#endif /* NEW_SHS */
static int compareSHSresults(shsInfo, shsTestLevel)
-SHS_INFO *shsInfo;
-int shsTestLevel;
+ SHS_INFO *shsInfo;
+ int shsTestLevel;
{
int i, fail = 0;
/* Compare the returned digest and required values */
for( i = 0; i < 5; i++ )
if( shsInfo->digest[ i ] != shsTestResults[ shsTestLevel ][ i ] )
- fail = 1;
+ fail = 1;
if (fail) {
- printf("\nExpected: ");
- for (i = 0; i < 5; i++) {
- printf("%8.8lx ", (unsigned long) shsTestResults[shsTestLevel][i]);
- }
- printf("\nGot: ");
- for (i = 0; i < 5; i++) {
- printf("%8.8lx ", (unsigned long) shsInfo->digest[i]);
- }
- printf("\n");
- return( -1 );
+ printf("\nExpected: ");
+ for (i = 0; i < 5; i++) {
+ printf("%8.8lx ", (unsigned long) shsTestResults[shsTestLevel][i]);
+ }
+ printf("\nGot: ");
+ for (i = 0; i < 5; i++) {
+ printf("%8.8lx ", (unsigned long) shsInfo->digest[i]);
+ }
+ printf("\n");
+ return( -1 );
}
return( 0 );
}
shsUpdate( &shsInfo, ( SHS_BYTE * ) "abc", 3 );
shsFinal( &shsInfo );
if( compareSHSresults( &shsInfo, 0 ) == -1 )
- {
+ {
putchar( '\n' );
puts( "SHS test 1 failed" );
exit( -1 );
- }
+ }
#ifdef NEW_SHS
puts( "passed, result= A9993E364706816ABA3E25717850C26C9CD0D89D" );
#else
shsUpdate( &shsInfo, ( SHS_BYTE * ) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56 );
shsFinal( &shsInfo );
if( compareSHSresults( &shsInfo, 1 ) == -1 )
- {
+ {
putchar( '\n' );
puts( "SHS test 2 failed" );
exit( -1 );
- }
+ }
#ifdef NEW_SHS
puts( "passed, result= 84983E441C3BD26EBAAE4AA1F95129E5E54670F1" );
#else
shsUpdate( &shsInfo, ( SHS_BYTE * ) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 64 );
shsFinal( &shsInfo );
if( compareSHSresults( &shsInfo, 2 ) == -1 )
- {
+ {
putchar( '\n' );
puts( "SHS test 3 failed" );
exit( -1 );
- }
+ }
#ifdef NEW_SHS
puts( "passed, result= 34AA973CD4C4DAA4F61EEB2BDBAD27316534016F" );
#else
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* test shs code */
#include <stdio.h>
switch (init) {
case 0:
- init=1;
- cp = (char *) &init;
- if (*cp == 1) {
- init=2;
- break;
- }
- init=1;
- /* fall through - MSB */
+ init=1;
+ cp = (char *) &init;
+ if (*cp == 1) {
+ init=2;
+ break;
+ }
+ init=1;
+ /* fall through - MSB */
case 1:
- return;
+ return;
}
byteCount /= sizeof( SHS_LONG );
while( byteCount-- ) {
value = *buffer;
value = ( ( value & 0xFF00FF00L ) >> 8 ) |
- ( ( value & 0x00FF00FFL ) << 8 );
+ ( ( value & 0x00FF00FFL ) << 8 );
*buffer++ = ( value << 16 ) | ( value >> 16 );
}
}
int
main(argc,argv)
- char **argv;
+ char **argv;
{
- char *argp;
-
- while (--argc > 0) if (*(argp = *++argv)=='-')
- while (*++argp) switch(*argp)
- {
- case '1':
- case '2':
- case '3':
- case '4':
- case '5':
- case '6':
- case '7':
- if (mode) goto Usage;
- mode = *argp;
- break;
- case 'D':
- if (argc <= 1) goto Usage;
- --argc;
- Dflag = atoi(*++argv);
- break;
- case '-':
- break;
- default:
- fprintf (stderr,"Bad switch char <%c>\n", *argp);
- Usage:
- fprintf(stderr, "Usage: t_shs [-1234567] [-D #]\n");
- exit(1);
- }
- else goto Usage;
-
- process();
- exit(rc);
+ char *argp;
+
+ while (--argc > 0) if (*(argp = *++argv)=='-')
+ while (*++argp) switch(*argp)
+ {
+ case '1':
+ case '2':
+ case '3':
+ case '4':
+ case '5':
+ case '6':
+ case '7':
+ if (mode) goto Usage;
+ mode = *argp;
+ break;
+ case 'D':
+ if (argc <= 1) goto Usage;
+ --argc;
+ Dflag = atoi(*++argv);
+ break;
+ case '-':
+ break;
+ default:
+ fprintf (stderr,"Bad switch char <%c>\n", *argp);
+ Usage:
+ fprintf(stderr, "Usage: t_shs [-1234567] [-D #]\n");
+ exit(1);
+ }
+ else goto Usage;
+
+ process();
+ exit(rc);
}
static void process(void)
{
- switch(mode)
- {
- case '1':
- test1();
- break;
- case '2':
- test2();
- break;
- case '3':
- test3();
- break;
- case '4':
- test4();
- break;
- case '5':
- test5();
- break;
- case '6':
- test6();
- break;
- case '7':
- test7();
- break;
- default:
- test1();
- test2();
- test3();
- test4();
- test5();
- test6();
- test7();
- }
+ switch(mode)
+ {
+ case '1':
+ test1();
+ break;
+ case '2':
+ test2();
+ break;
+ case '3':
+ test3();
+ break;
+ case '4':
+ test4();
+ break;
+ case '5':
+ test5();
+ break;
+ case '6':
+ test6();
+ break;
+ case '7':
+ test7();
+ break;
+ default:
+ test1();
+ test2();
+ test3();
+ test4();
+ test5();
+ test6();
+ test7();
+ }
}
#ifndef shsDigest
static unsigned char *
shsDigest(si)
- SHS_INFO *si;
+ SHS_INFO *si;
{
- longReverse(si->digest, SHS_DIGESTSIZE);
- return (unsigned char*) si->digest;
+ longReverse(si->digest, SHS_DIGESTSIZE);
+ return (unsigned char*) si->digest;
}
#endif
unsigned char results1[SHS_DIGESTSIZE] = {
-0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e,
-0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d};
+ 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e,
+ 0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d};
static void test1(void)
{
- SHS_INFO si[1];
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- int i;
-
- printf("Running SHS test 1 ...\n");
- shsInit(si);
- shsUpdate(si, (SHS_BYTE *) "abc", 3);
- shsFinal(si);
- memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results1, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 1 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results1[i]);
- }
- printf("\n");
+ SHS_INFO si[1];
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ int i;
+
+ printf("Running SHS test 1 ...\n");
+ shsInit(si);
+ shsUpdate(si, (SHS_BYTE *) "abc", 3);
+ shsFinal(si);
+ memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results1, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 1 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results1[i]);
+ }
+ printf("\n");
}
unsigned char results2[SHS_DIGESTSIZE] = {
-0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae,
-0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1};
+ 0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae,
+ 0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1};
static void test2(void)
{
- SHS_INFO si[1];
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- int i;
-
- printf("Running SHS test 2 ...\n");
- shsInit(si);
- shsUpdate(si,
- (SHS_BYTE *) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
- 56);
- shsFinal(si);
- memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results2, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 2 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results2[i]);
- }
- printf("\n");
+ SHS_INFO si[1];
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ int i;
+
+ printf("Running SHS test 2 ...\n");
+ shsInit(si);
+ shsUpdate(si,
+ (SHS_BYTE *) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ 56);
+ shsFinal(si);
+ memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results2, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 2 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results2[i]);
+ }
+ printf("\n");
}
unsigned char results3[SHS_DIGESTSIZE] = {
-0x34,0xaa,0x97,0x3c,0xd4,0xc4,0xda,0xa4,0xf6,0x1e,
-0xeb,0x2b,0xdb,0xad,0x27,0x31,0x65,0x34,0x01,0x6f};
+ 0x34,0xaa,0x97,0x3c,0xd4,0xc4,0xda,0xa4,0xf6,0x1e,
+ 0xeb,0x2b,0xdb,0xad,0x27,0x31,0x65,0x34,0x01,0x6f};
static void test3(void)
{
- SHS_INFO si[1];
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- int i;
-
- printf("Running SHS test 3 ...\n");
- shsInit(si);
- for (i = 0; i < 15625; ++i)
- shsUpdate(si,
-(SHS_BYTE *) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
- 64);
- shsFinal(si);
- memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results3, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 3 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results3[i]);
- }
- printf("\n");
+ SHS_INFO si[1];
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ int i;
+
+ printf("Running SHS test 3 ...\n");
+ shsInit(si);
+ for (i = 0; i < 15625; ++i)
+ shsUpdate(si,
+ (SHS_BYTE *) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+ 64);
+ shsFinal(si);
+ memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results3, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 3 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results3[i]);
+ }
+ printf("\n");
}
unsigned char randdata[] = {
-0xfe,0x28,0x79,0x25,0xf5,0x03,0xf9,0x1c,0xcd,0x70,0x7b,0xb0,0x42,0x02,0xb8,0x2f,
-0xf3,0x63,0xa2,0x79,0x8e,0x9b,0x33,0xd7,0x2b,0xc4,0xb4,0xd2,0xcb,0x61,0xec,0xbb,
-0x94,0xe1,0x8f,0x53,0x80,0x55,0xd9,0x90,0xb2,0x03,0x58,0xfa,0xa6,0xe5,0x18,0x57,
-0x68,0x04,0x24,0x98,0x41,0x7e,0x84,0xeb,0xc1,0x39,0xbc,0x1d,0xf7,0x4e,0x92,0x72,
-0x1a,0x5b,0xb6,0x99,0x43,0xa5,0x0a,0x45,0x73,0x55,0xfd,0x57,0x83,0x45,0x36,0x5c,
-0xfd,0x39,0x08,0x6e,0xe2,0x01,0x9a,0x8c,0x4e,0x39,0xd2,0x0d,0x5f,0x0e,0x35,0x15,
-0xb9,0xac,0x5f,0xa1,0x8a,0xe6,0xdd,0x6e,0x68,0x9d,0xf6,0x29,0x95,0xf6,0x7d,0x7b,
-0xd9,0x5e,0xf4,0x67,0x25,0xbd,0xee,0xed,0x53,0x60,0xb0,0x47,0xdf,0xef,0xf4,0x41,
-0xbd,0x45,0xcf,0x5c,0x93,0x41,0x87,0x97,0x82,0x39,0x20,0x66,0xb4,0xda,0xcb,0x66,
-0x93,0x02,0x2e,0x7f,0x94,0x4c,0xc7,0x3b,0x2c,0xcf,0xf6,0x99,0x6f,0x13,0xf1,0xc5,
-0x28,0x2b,0xa6,0x6c,0x39,0x26,0x7f,0x76,0x24,0x4a,0x6e,0x01,0x40,0x63,0xf8,0x00,
-0x06,0x23,0x5a,0xaa,0xa6,0x2f,0xd1,0x37,0xc7,0xcc,0x76,0xe9,0x54,0x1e,0x57,0x73,
-0xf5,0x33,0xaa,0x96,0xbe,0x35,0xcd,0x1d,0xd5,0x7d,0xac,0x50,0xd5,0xf8,0x47,0x2d,
-0xd6,0x93,0x5f,0x6e,0x38,0xd3,0xac,0xd0,0x7e,0xad,0x9e,0xf8,0x87,0x95,0x63,0x15,
-0x65,0xa3,0xd4,0xb3,0x9a,0x6c,0xac,0xcd,0x2a,0x54,0x83,0x13,0xc4,0xb4,0x94,0xfa,
-0x76,0x87,0xc5,0x8b,0x4a,0x10,0x92,0x05,0xd1,0x0e,0x97,0xfd,0xc8,0xfb,0xc5,0xdc,
-0x21,0x4c,0xc8,0x77,0x5c,0xed,0x32,0x22,0x77,0xc1,0x38,0x30,0xd7,0x8e,0x2a,0x70,
-0x72,0x67,0x13,0xe4,0xb7,0x18,0xd4,0x76,0xdd,0x32,0x12,0xf4,0x5d,0xc9,0xec,0xc1,
-0x2c,0x8a,0xfe,0x08,0x6c,0xea,0xf6,0xab,0x5a,0x0e,0x8e,0x81,0x1d,0xc8,0x5a,0x4b,
-0xed,0xb9,0x7f,0x4b,0x67,0xe3,0x65,0x46,0xc9,0xf2,0xab,0x37,0x0a,0x98,0x67,0x5b,
-0xb1,0x3b,0x02,0x91,0x38,0x71,0xea,0x62,0x88,0xae,0xb6,0xdb,0xfc,0x55,0x79,0x33,
-0x69,0x95,0x51,0xb6,0xe1,0x3b,0xab,0x22,0x68,0x54,0xf9,0x89,0x9c,0x94,0xe0,0xe3,
-0xd3,0x48,0x5c,0xe9,0x78,0x5b,0xb3,0x4b,0xba,0xd8,0x48,0xd8,0xaf,0x91,0x4e,0x23,
-0x38,0x23,0x23,0x6c,0xdf,0x2e,0xf0,0xff,0xac,0x1d,0x2d,0x27,0x10,0x45,0xa3,0x2d,
-0x8b,0x00,0xcd,0xe2,0xfc,0xb7,0xdb,0x52,0x13,0xb7,0x66,0x79,0xd9,0xd8,0x29,0x0e,
-0x32,0xbd,0x52,0x6b,0x75,0x71,0x08,0x83,0x1b,0x67,0x28,0x93,0x97,0x97,0x32,0xff,
-0x8b,0xd3,0x98,0xa3,0xce,0x2b,0x88,0x37,0x1c,0xcc,0xa0,0xd1,0x19,0x9b,0xe6,0x11,
-0xfc,0xc0,0x3c,0x4e,0xe1,0x35,0x49,0x29,0x19,0xcf,0x1d,0xe1,0x60,0x74,0xc0,0xe9,
-0xf7,0xb4,0x99,0xa0,0x23,0x50,0x51,0x78,0xcf,0xc0,0xe5,0xc2,0x1c,0x16,0xd2,0x24,
-0x5a,0x63,0x54,0x83,0xaa,0x74,0x3d,0x41,0x0d,0x52,0xee,0xfe,0x0f,0x4d,0x13,0xe1,
-0x27,0x00,0xc4,0xf3,0x2b,0x55,0xe0,0x9c,0x81,0xe0,0xfc,0xc2,0x13,0xd4,0x39,0x09
+ 0xfe,0x28,0x79,0x25,0xf5,0x03,0xf9,0x1c,0xcd,0x70,0x7b,0xb0,0x42,0x02,0xb8,0x2f,
+ 0xf3,0x63,0xa2,0x79,0x8e,0x9b,0x33,0xd7,0x2b,0xc4,0xb4,0xd2,0xcb,0x61,0xec,0xbb,
+ 0x94,0xe1,0x8f,0x53,0x80,0x55,0xd9,0x90,0xb2,0x03,0x58,0xfa,0xa6,0xe5,0x18,0x57,
+ 0x68,0x04,0x24,0x98,0x41,0x7e,0x84,0xeb,0xc1,0x39,0xbc,0x1d,0xf7,0x4e,0x92,0x72,
+ 0x1a,0x5b,0xb6,0x99,0x43,0xa5,0x0a,0x45,0x73,0x55,0xfd,0x57,0x83,0x45,0x36,0x5c,
+ 0xfd,0x39,0x08,0x6e,0xe2,0x01,0x9a,0x8c,0x4e,0x39,0xd2,0x0d,0x5f,0x0e,0x35,0x15,
+ 0xb9,0xac,0x5f,0xa1,0x8a,0xe6,0xdd,0x6e,0x68,0x9d,0xf6,0x29,0x95,0xf6,0x7d,0x7b,
+ 0xd9,0x5e,0xf4,0x67,0x25,0xbd,0xee,0xed,0x53,0x60,0xb0,0x47,0xdf,0xef,0xf4,0x41,
+ 0xbd,0x45,0xcf,0x5c,0x93,0x41,0x87,0x97,0x82,0x39,0x20,0x66,0xb4,0xda,0xcb,0x66,
+ 0x93,0x02,0x2e,0x7f,0x94,0x4c,0xc7,0x3b,0x2c,0xcf,0xf6,0x99,0x6f,0x13,0xf1,0xc5,
+ 0x28,0x2b,0xa6,0x6c,0x39,0x26,0x7f,0x76,0x24,0x4a,0x6e,0x01,0x40,0x63,0xf8,0x00,
+ 0x06,0x23,0x5a,0xaa,0xa6,0x2f,0xd1,0x37,0xc7,0xcc,0x76,0xe9,0x54,0x1e,0x57,0x73,
+ 0xf5,0x33,0xaa,0x96,0xbe,0x35,0xcd,0x1d,0xd5,0x7d,0xac,0x50,0xd5,0xf8,0x47,0x2d,
+ 0xd6,0x93,0x5f,0x6e,0x38,0xd3,0xac,0xd0,0x7e,0xad,0x9e,0xf8,0x87,0x95,0x63,0x15,
+ 0x65,0xa3,0xd4,0xb3,0x9a,0x6c,0xac,0xcd,0x2a,0x54,0x83,0x13,0xc4,0xb4,0x94,0xfa,
+ 0x76,0x87,0xc5,0x8b,0x4a,0x10,0x92,0x05,0xd1,0x0e,0x97,0xfd,0xc8,0xfb,0xc5,0xdc,
+ 0x21,0x4c,0xc8,0x77,0x5c,0xed,0x32,0x22,0x77,0xc1,0x38,0x30,0xd7,0x8e,0x2a,0x70,
+ 0x72,0x67,0x13,0xe4,0xb7,0x18,0xd4,0x76,0xdd,0x32,0x12,0xf4,0x5d,0xc9,0xec,0xc1,
+ 0x2c,0x8a,0xfe,0x08,0x6c,0xea,0xf6,0xab,0x5a,0x0e,0x8e,0x81,0x1d,0xc8,0x5a,0x4b,
+ 0xed,0xb9,0x7f,0x4b,0x67,0xe3,0x65,0x46,0xc9,0xf2,0xab,0x37,0x0a,0x98,0x67,0x5b,
+ 0xb1,0x3b,0x02,0x91,0x38,0x71,0xea,0x62,0x88,0xae,0xb6,0xdb,0xfc,0x55,0x79,0x33,
+ 0x69,0x95,0x51,0xb6,0xe1,0x3b,0xab,0x22,0x68,0x54,0xf9,0x89,0x9c,0x94,0xe0,0xe3,
+ 0xd3,0x48,0x5c,0xe9,0x78,0x5b,0xb3,0x4b,0xba,0xd8,0x48,0xd8,0xaf,0x91,0x4e,0x23,
+ 0x38,0x23,0x23,0x6c,0xdf,0x2e,0xf0,0xff,0xac,0x1d,0x2d,0x27,0x10,0x45,0xa3,0x2d,
+ 0x8b,0x00,0xcd,0xe2,0xfc,0xb7,0xdb,0x52,0x13,0xb7,0x66,0x79,0xd9,0xd8,0x29,0x0e,
+ 0x32,0xbd,0x52,0x6b,0x75,0x71,0x08,0x83,0x1b,0x67,0x28,0x93,0x97,0x97,0x32,0xff,
+ 0x8b,0xd3,0x98,0xa3,0xce,0x2b,0x88,0x37,0x1c,0xcc,0xa0,0xd1,0x19,0x9b,0xe6,0x11,
+ 0xfc,0xc0,0x3c,0x4e,0xe1,0x35,0x49,0x29,0x19,0xcf,0x1d,0xe1,0x60,0x74,0xc0,0xe9,
+ 0xf7,0xb4,0x99,0xa0,0x23,0x50,0x51,0x78,0xcf,0xc0,0xe5,0xc2,0x1c,0x16,0xd2,0x24,
+ 0x5a,0x63,0x54,0x83,0xaa,0x74,0x3d,0x41,0x0d,0x52,0xee,0xfe,0x0f,0x4d,0x13,0xe1,
+ 0x27,0x00,0xc4,0xf3,0x2b,0x55,0xe0,0x9c,0x81,0xe0,0xfc,0xc2,0x13,0xd4,0x39,0x09
};
unsigned char results4[SHS_DIGESTSIZE] = {
-0x13,0x62,0xfc,0x87,0x68,0x33,0xd5,0x1d,0x2f,0x0c,
-0x73,0xe3,0xfb,0x87,0x6a,0x6b,0xc3,0x25,0x54,0xfc};
+ 0x13,0x62,0xfc,0x87,0x68,0x33,0xd5,0x1d,0x2f,0x0c,
+ 0x73,0xe3,0xfb,0x87,0x6a,0x6b,0xc3,0x25,0x54,0xfc};
static void test4(void)
{
- SHS_INFO si[1];
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- int i;
-
- printf("Running SHS test 4 ...\n");
- shsInit(si);
- shsUpdate(si, randdata, 19);
- shsFinal(si);
- memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results4, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 4 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results4[i]);
- }
- printf("\n");
+ SHS_INFO si[1];
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ int i;
+
+ printf("Running SHS test 4 ...\n");
+ shsInit(si);
+ shsUpdate(si, randdata, 19);
+ shsFinal(si);
+ memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results4, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 4 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results4[i]);
+ }
+ printf("\n");
}
unsigned char results5[SHS_DIGESTSIZE] = {
-0x19,0x4d,0xf6,0xeb,0x8e,0x02,0x6d,0x37,0x58,0x64,
-0xe5,0x95,0x19,0x2a,0xdd,0x1c,0xc4,0x3c,0x24,0x86};
+ 0x19,0x4d,0xf6,0xeb,0x8e,0x02,0x6d,0x37,0x58,0x64,
+ 0xe5,0x95,0x19,0x2a,0xdd,0x1c,0xc4,0x3c,0x24,0x86};
static void test5(void)
{
- SHS_INFO si[1];
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- int i;
-
- printf("Running SHS test 5 ...\n");
- shsInit(si);
- shsUpdate(si, randdata, 19);
- shsUpdate(si, randdata+32, 15);
- shsFinal(si);
- memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results5, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 5 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results5[i]);
- }
- printf("\n");
+ SHS_INFO si[1];
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ int i;
+
+ printf("Running SHS test 5 ...\n");
+ shsInit(si);
+ shsUpdate(si, randdata, 19);
+ shsUpdate(si, randdata+32, 15);
+ shsFinal(si);
+ memcpy(digest, shsDigest(si), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results5, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 5 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results5[i]);
+ }
+ printf("\n");
}
unsigned char results6[SHS_DIGESTSIZE] = {
-0x4e,0x16,0x57,0x9d,0x4b,0x48,0xa9,0x1c,0x88,0x72,
-0x83,0xdb,0x88,0xd1,0xea,0x3a,0x45,0xdf,0xa1,0x10};
+ 0x4e,0x16,0x57,0x9d,0x4b,0x48,0xa9,0x1c,0x88,0x72,
+ 0x83,0xdb,0x88,0xd1,0xea,0x3a,0x45,0xdf,0xa1,0x10};
static void test6(void)
{
- struct {
- long pad1;
- SHS_INFO si1;
- long pad2;
- SHS_INFO si2;
- long pad3;
- } sdata;
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- unsigned int i, j;
-
- printf("Running SHS test 6 ...\n");
- sdata.pad1 = 0x12345678;
- sdata.pad2 = 0x87654321;
- sdata.pad3 = 0x78563412;
- shsInit((&sdata.si2));
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #20 %#lx\n",
-sdata.pad2);
-sdata.pad2 = 0x87654321;
-}
-if (sdata.pad3 != 0x78563412) {
-printf ("Overrun #21 %#lx\n",
-sdata.pad3);
-sdata.pad3 = 0x78563412;
-}
- for (i = 0; i < 400; ++i)
- {
- shsInit(&sdata.si1);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #22 %#lx at %d\n",
-sdata.pad1, i);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #23 %#lx at %d\n",
-sdata.pad2, i);
-sdata.pad2 = 0x87654321;
-}
- shsUpdate(&sdata.si1, (randdata+sizeof(randdata))-i, i);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #24 %#lx at %d\n",
-sdata.pad1, i);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #25 %#lx at %d\n",
-sdata.pad2, i);
-sdata.pad2 = 0x87654321;
-}
- shsFinal(&sdata.si1);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #26 %#lx at %d\n",
-sdata.pad1, i);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #27 %#lx at %d\n",
-sdata.pad2, i);
-sdata.pad2 = 0x87654321;
-}
- memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE);
- if (Dflag & 1)
- {
- printf ("%d: ", i);
- for (j = 0; j < SHS_DIGESTSIZE; ++j)
- printf("%02x",digest[j]);
- printf("\n");
- }
- shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE);
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #28 %#lx at %d\n",
-sdata.pad2, i);
-sdata.pad2 = 0x87654321;
-}
-if (sdata.pad3 != 0x78563412) {
-printf ("Overrun #29 %#lx at %d\n",
-sdata.pad3, i);
-sdata.pad3 = 0x78563412;
-}
- if (Dflag & 2)
- printf ("%d: %08lx%08lx%08lx%08lx%08lx\n",
- i,
- (unsigned long) sdata.si2.digest[0],
- (unsigned long) sdata.si2.digest[1],
- (unsigned long) sdata.si2.digest[2],
- (unsigned long) sdata.si2.digest[3],
- (unsigned long) sdata.si2.digest[4]);
- }
- shsFinal((&sdata.si2));
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #30 %#lx\n",
-sdata.pad2);
-sdata.pad2 = 0x87654321;
-}
-if (sdata.pad3 != 0x78563412) {
-printf ("Overrun #31 %#lx\n",
-sdata.pad3);
-sdata.pad3 = 0x78563412;
-}
- memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results6, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 6 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results6[i]);
- }
- printf("\n");
+ struct {
+ long pad1;
+ SHS_INFO si1;
+ long pad2;
+ SHS_INFO si2;
+ long pad3;
+ } sdata;
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ unsigned int i, j;
+
+ printf("Running SHS test 6 ...\n");
+ sdata.pad1 = 0x12345678;
+ sdata.pad2 = 0x87654321;
+ sdata.pad3 = 0x78563412;
+ shsInit((&sdata.si2));
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #20 %#lx\n",
+ sdata.pad2);
+ sdata.pad2 = 0x87654321;
+ }
+ if (sdata.pad3 != 0x78563412) {
+ printf ("Overrun #21 %#lx\n",
+ sdata.pad3);
+ sdata.pad3 = 0x78563412;
+ }
+ for (i = 0; i < 400; ++i)
+ {
+ shsInit(&sdata.si1);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #22 %#lx at %d\n",
+ sdata.pad1, i);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #23 %#lx at %d\n",
+ sdata.pad2, i);
+ sdata.pad2 = 0x87654321;
+ }
+ shsUpdate(&sdata.si1, (randdata+sizeof(randdata))-i, i);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #24 %#lx at %d\n",
+ sdata.pad1, i);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #25 %#lx at %d\n",
+ sdata.pad2, i);
+ sdata.pad2 = 0x87654321;
+ }
+ shsFinal(&sdata.si1);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #26 %#lx at %d\n",
+ sdata.pad1, i);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #27 %#lx at %d\n",
+ sdata.pad2, i);
+ sdata.pad2 = 0x87654321;
+ }
+ memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE);
+ if (Dflag & 1)
+ {
+ printf ("%d: ", i);
+ for (j = 0; j < SHS_DIGESTSIZE; ++j)
+ printf("%02x",digest[j]);
+ printf("\n");
+ }
+ shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE);
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #28 %#lx at %d\n",
+ sdata.pad2, i);
+ sdata.pad2 = 0x87654321;
+ }
+ if (sdata.pad3 != 0x78563412) {
+ printf ("Overrun #29 %#lx at %d\n",
+ sdata.pad3, i);
+ sdata.pad3 = 0x78563412;
+ }
+ if (Dflag & 2)
+ printf ("%d: %08lx%08lx%08lx%08lx%08lx\n",
+ i,
+ (unsigned long) sdata.si2.digest[0],
+ (unsigned long) sdata.si2.digest[1],
+ (unsigned long) sdata.si2.digest[2],
+ (unsigned long) sdata.si2.digest[3],
+ (unsigned long) sdata.si2.digest[4]);
+ }
+ shsFinal((&sdata.si2));
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #30 %#lx\n",
+ sdata.pad2);
+ sdata.pad2 = 0x87654321;
+ }
+ if (sdata.pad3 != 0x78563412) {
+ printf ("Overrun #31 %#lx\n",
+ sdata.pad3);
+ sdata.pad3 = 0x78563412;
+ }
+ memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results6, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 6 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results6[i]);
+ }
+ printf("\n");
}
unsigned char results7[SHS_DIGESTSIZE] = {
-0x89,0x41,0x65,0xce,0x76,0xc1,0xd1,0xd1,0xc3,0x6f,
-0xab,0x92,0x79,0x30,0x01,0x71,0x63,0x1f,0x74,0xfe};
+ 0x89,0x41,0x65,0xce,0x76,0xc1,0xd1,0xd1,0xc3,0x6f,
+ 0xab,0x92,0x79,0x30,0x01,0x71,0x63,0x1f,0x74,0xfe};
unsigned int jfsize[] = {0,1,31,32,
- 33,55,56,63,
- 64,65,71,72,
- 73,95,96,97,
- 119,120,123,127};
+ 33,55,56,63,
+ 64,65,71,72,
+ 73,95,96,97,
+ 119,120,123,127};
unsigned int kfsize[] = {0,1,31,32,33,55,56,63};
static void test7(void)
{
- struct {
- long pad1;
- SHS_INFO si1;
- long pad2;
- SHS_INFO si2;
- long pad3;
- } sdata;
- unsigned char digest[SHS_DIGESTSIZE];
- int failed;
- unsigned int i, j, k, l;
-
- printf("Running SHS test 7 ...\n");
- sdata.pad1 = 0x12345678;
- sdata.pad2 = 0x87654321;
- sdata.pad3 = 0x78563412;
- shsInit((&sdata.si2));
- for (i = 1; i <= 128; ++i)
- for (j = 0; j < 20; ++j)
- for (k = 0; k < 8; ++k)
- {
- shsInit(&sdata.si1);
- shsUpdate(&sdata.si1, (randdata+80+j), i);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #1 %#lx at %d,%d,%d\n",
-sdata.pad1, i,j,k);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #2 %#lx at %d,%d,%d\n",
-sdata.pad2, i,j,k);
-sdata.pad2 = 0x87654321;
-}
- shsUpdate(&sdata.si1, randdata+i, jfsize[j]);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #3 %#lx at %d,%d,%d\n",
-sdata.pad1, i,j,k);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #4 %#lx at %d,%d,%d\n",
-sdata.pad2, i,j,k);
-sdata.pad2 = 0x87654321;
-}
- if (k) shsUpdate(&sdata.si1, randdata+(i^j), kfsize[k]);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #5 %#lx at %d,%d,%d\n",
-sdata.pad1, i,j,k);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #6 %#lx at %d,%d,%d\n",
-sdata.pad2, i,j,k);
-sdata.pad2 = 0x87654321;
-}
- shsFinal(&sdata.si1);
-if (sdata.pad1 != 0x12345678) {
-printf ("Overrun #7 %#lx at %d,%d,%d\n",
-sdata.pad1, i,j,k);
-sdata.pad1 = 0x12345678;
-}
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #8 %#lx at %d,%d,%d\n",
-sdata.pad2, i,j,k);
-sdata.pad2 = 0x87654321;
-}
- memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE);
- if (Dflag & 1)
- {
- printf ("%d,%d,%d: ", i, j, k);
- for (l = 0; l < SHS_DIGESTSIZE; ++l)
- printf("%02x",digest[l]);
- printf("\n");
- }
- shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE);
-if (sdata.pad2 != 0x87654321) {
-printf ("Overrun #9 %#lx at %d,%d,%d\n",
-sdata.pad2, i,j,k);
-sdata.pad2 = 0x87654321;
-}
-if (sdata.pad3 != 0x78563412) {
-printf ("Overrun #10 %#lx at %d,%d,%d\n",
-sdata.pad3, i,j,k);
-sdata.pad3 = 0x78563412;
-}
- if (Dflag & 2)
- printf ("%d,%d,%d: %08lx%08lx%08lx%08lx%08lx\n",
- i,j,k,
- (unsigned long) sdata.si2.digest[0],
- (unsigned long) sdata.si2.digest[1],
- (unsigned long) sdata.si2.digest[2],
- (unsigned long) sdata.si2.digest[3],
- (unsigned long) sdata.si2.digest[4]);
- }
- shsFinal((&sdata.si2));
- memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE);
- if ((failed = memcmp(digest, results7, SHS_DIGESTSIZE)) != 0)
- {
- fprintf(stderr,"SHS test 7 failed!\n");
- rc = 1;
- }
- printf ("%s, results = ", failed ? "Failed" : "Passed");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",digest[i]);
- if (failed)
- {
- printf ("\n, expected ");
- for (i = 0; i < SHS_DIGESTSIZE; ++i)
- printf("%02x",results7[i]);
- }
- printf("\n");
+ struct {
+ long pad1;
+ SHS_INFO si1;
+ long pad2;
+ SHS_INFO si2;
+ long pad3;
+ } sdata;
+ unsigned char digest[SHS_DIGESTSIZE];
+ int failed;
+ unsigned int i, j, k, l;
+
+ printf("Running SHS test 7 ...\n");
+ sdata.pad1 = 0x12345678;
+ sdata.pad2 = 0x87654321;
+ sdata.pad3 = 0x78563412;
+ shsInit((&sdata.si2));
+ for (i = 1; i <= 128; ++i)
+ for (j = 0; j < 20; ++j)
+ for (k = 0; k < 8; ++k)
+ {
+ shsInit(&sdata.si1);
+ shsUpdate(&sdata.si1, (randdata+80+j), i);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #1 %#lx at %d,%d,%d\n",
+ sdata.pad1, i,j,k);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #2 %#lx at %d,%d,%d\n",
+ sdata.pad2, i,j,k);
+ sdata.pad2 = 0x87654321;
+ }
+ shsUpdate(&sdata.si1, randdata+i, jfsize[j]);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #3 %#lx at %d,%d,%d\n",
+ sdata.pad1, i,j,k);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #4 %#lx at %d,%d,%d\n",
+ sdata.pad2, i,j,k);
+ sdata.pad2 = 0x87654321;
+ }
+ if (k) shsUpdate(&sdata.si1, randdata+(i^j), kfsize[k]);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #5 %#lx at %d,%d,%d\n",
+ sdata.pad1, i,j,k);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #6 %#lx at %d,%d,%d\n",
+ sdata.pad2, i,j,k);
+ sdata.pad2 = 0x87654321;
+ }
+ shsFinal(&sdata.si1);
+ if (sdata.pad1 != 0x12345678) {
+ printf ("Overrun #7 %#lx at %d,%d,%d\n",
+ sdata.pad1, i,j,k);
+ sdata.pad1 = 0x12345678;
+ }
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #8 %#lx at %d,%d,%d\n",
+ sdata.pad2, i,j,k);
+ sdata.pad2 = 0x87654321;
+ }
+ memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE);
+ if (Dflag & 1)
+ {
+ printf ("%d,%d,%d: ", i, j, k);
+ for (l = 0; l < SHS_DIGESTSIZE; ++l)
+ printf("%02x",digest[l]);
+ printf("\n");
+ }
+ shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE);
+ if (sdata.pad2 != 0x87654321) {
+ printf ("Overrun #9 %#lx at %d,%d,%d\n",
+ sdata.pad2, i,j,k);
+ sdata.pad2 = 0x87654321;
+ }
+ if (sdata.pad3 != 0x78563412) {
+ printf ("Overrun #10 %#lx at %d,%d,%d\n",
+ sdata.pad3, i,j,k);
+ sdata.pad3 = 0x78563412;
+ }
+ if (Dflag & 2)
+ printf ("%d,%d,%d: %08lx%08lx%08lx%08lx%08lx\n",
+ i,j,k,
+ (unsigned long) sdata.si2.digest[0],
+ (unsigned long) sdata.si2.digest[1],
+ (unsigned long) sdata.si2.digest[2],
+ (unsigned long) sdata.si2.digest[3],
+ (unsigned long) sdata.si2.digest[4]);
+ }
+ shsFinal((&sdata.si2));
+ memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE);
+ if ((failed = memcmp(digest, results7, SHS_DIGESTSIZE)) != 0)
+ {
+ fprintf(stderr,"SHS test 7 failed!\n");
+ rc = 1;
+ }
+ printf ("%s, results = ", failed ? "Failed" : "Passed");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",digest[i]);
+ if (failed)
+ {
+ printf ("\n, expected ");
+ for (i = 0; i < SHS_DIGESTSIZE; ++i)
+ printf("%02x",results7[i]);
+ }
+ printf("\n");
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_cf2.c
*
#include <string.h>
int main () {
- char pepper1[1024], pepper2[1024];
- krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL;
- krb5_data s2k;
- unsigned int i;
- while (1) {
- krb5_enctype enctype;
- char s[1025];
+ char pepper1[1024], pepper2[1024];
+ krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL;
+ krb5_data s2k;
+ unsigned int i;
+ while (1) {
+ krb5_enctype enctype;
+ char s[1025];
- if (scanf( "%d", &enctype) == EOF)
- break;
- if (scanf("%1024s", &s[0]) == EOF)
- break;
- assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0);
- s2k.data = &s[0];
- s2k.length = strlen(s);
- assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0);
- if (scanf("%1024s", &s[0]) == EOF)
- break;
- assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0);
- s2k.data = &s[0];
- s2k.length = strlen(s);
- assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0);
- if (scanf("%1024s %1024s", pepper1, pepper2) == EOF)
- break;
- assert(krb5_c_fx_cf2_simple(0, k1, pepper1,
- k2, pepper2, &out) ==0);
- i = out->length;
- for (; i > 0; i--) {
- printf ("%02x",
- (unsigned int) ((unsigned char) out->contents[out->length-i]));
- }
- printf ("\n");
+ if (scanf( "%d", &enctype) == EOF)
+ break;
+ if (scanf("%1024s", &s[0]) == EOF)
+ break;
+ assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0);
+ s2k.data = &s[0];
+ s2k.length = strlen(s);
+ assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0);
+ if (scanf("%1024s", &s[0]) == EOF)
+ break;
+ assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0);
+ s2k.data = &s[0];
+ s2k.length = strlen(s);
+ assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0);
+ if (scanf("%1024s %1024s", pepper1, pepper2) == EOF)
+ break;
+ assert(krb5_c_fx_cf2_simple(0, k1, pepper1,
+ k2, pepper2, &out) ==0);
+ i = out->length;
+ for (; i > 0; i--) {
+ printf ("%02x",
+ (unsigned int) ((unsigned char) out->contents[out->length-i]));
+ }
+ printf ("\n");
- krb5_free_keyblock(0,out);
- out = NULL;
+ krb5_free_keyblock(0,out);
+ out = NULL;
- krb5_free_keyblock(0, k1);
- k1 = NULL;
- krb5_free_keyblock(0, k2);
- k2 = NULL;
- }
+ krb5_free_keyblock(0, k1);
+ k1 = NULL;
+ krb5_free_keyblock(0, k2);
+ k2 = NULL;
+ }
- return (0);
+ return (0);
}
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YHASH_H
#define YHASH_H
#define HASH_CTX SHS_INFO
#define HASH_Init(x) shsInit(x)
#define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz)
-#define HASH_Final(x, tdigest) do { \
- size_t loopvar; \
- unsigned char *out2 = (void *)(tdigest); \
- HASH_CTX *ctx = (x); \
- shsFinal(ctx); \
- for (loopvar=0; loopvar<(sizeof(ctx->digest)/sizeof(ctx->digest[0])); loopvar++) \
- store_32_be(ctx->digest[loopvar], &out2[loopvar*4]); \
- } while(0)
+#define HASH_Final(x, tdigest) do { \
+ size_t loopvar; \
+ unsigned char *out2 = (void *)(tdigest); \
+ HASH_CTX *ctx = (x); \
+ shsFinal(ctx); \
+ for (loopvar=0; loopvar<(sizeof(ctx->digest)/sizeof(ctx->digest[0])); loopvar++) \
+ store_32_be(ctx->digest[loopvar], &out2[loopvar*4]); \
+ } while(0)
#define HASH_DIGEST_SIZE SHS_DIGESTSIZE
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/aes/aes-test.c
*
memset(plain, 0, sizeof(plain));
hexdump("PT", plain, 16);
for (i = 0; i < len * 8; i++) {
- memset(key, 0, len);
- set_bit(key, i);
- printf("\nI=%d\n", i+1);
- hexdump("KEY", key, len);
- enc();
- hexdump("CT", cipher, 16);
+ memset(key, 0, len);
+ set_bit(key, i);
+ printf("\nI=%d\n", i+1);
+ hexdump("KEY", key, len);
+ enc();
+ hexdump("CT", cipher, 16);
}
printf("\n==========\n");
}
memset(key, 0, len);
hexdump("KEY", key, len);
for (i = 0; i < 16 * 8; i++) {
- memset(plain, 0, sizeof(plain));
- set_bit(plain, i);
- printf("\nI=%d\n", i+1);
- hexdump("PT", plain, 16);
- enc();
- hexdump("CT", cipher, 16);
+ memset(plain, 0, sizeof(plain));
+ set_bit(plain, i);
+ printf("\nI=%d\n", i+1);
+ hexdump("PT", plain, 16);
+ enc();
+ hexdump("CT", cipher, 16);
}
printf("\n==========\n");
}
int main (int argc, char *argv[])
{
if (argc > 2 || (argc == 2 && strcmp(argv[1], "-k"))) {
- fprintf(stderr,
- "usage:\t%s -k\tfor variable-key tests\n"
- " or:\t%s \tfor variable-plaintext tests\n",
- argv[0], argv[0]);
- return 1;
+ fprintf(stderr,
+ "usage:\t%s -k\tfor variable-key tests\n"
+ " or:\t%s \tfor variable-plaintext tests\n",
+ argv[0], argv[0]);
+ return 1;
}
init();
if (argc == 2)
- vk_test();
+ vk_test();
else
- vt_test();
+ vt_test();
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/md5/t_cksum.c
*
#define MD5_K5BETA_COMPAT
#define MD4_K5BETA_COMPAT
-#if MD == 4
+#if MD == 4
extern struct krb5_keyhash_provider krb5int_keyhash_md4des;
#define khp krb5int_keyhash_md4des
#endif
-#if MD == 5
+#if MD == 5
extern struct krb5_keyhash_provider krb5int_keyhash_md5des;
#define khp krb5int_keyhash_md5des
#endif
static void
print_checksum(text, number, message, checksum)
- char *text;
- int number;
- char *message;
- krb5_data *checksum;
+ char *text;
+ int number;
+ char *message;
+ krb5_data *checksum;
{
- int i;
+ int i;
- printf("%s MD%d checksum(\"%s\") = ", text, number, message);
- for (i=0; i<checksum->length; i++)
- printf("%02x", (unsigned char) checksum->data[i]);
- printf("\n");
+ printf("%s MD%d checksum(\"%s\") = ", text, number, message);
+ for (i=0; i<checksum->length; i++)
+ printf("%02x", (unsigned char) checksum->data[i]);
+ printf("\n");
}
static void
parse_hexstring(const char *s, krb5_data *dat)
{
- size_t i, len;
- unsigned int byte;
- unsigned char *cp;
-
- len = strlen(s);
- cp = malloc(len / 2);
- dat->data = (char *)cp;
- if (cp == NULL) {
- dat->length = 0;
- return;
- }
- dat->length = len / 2;
- for (i = 0; i + 1 < len; i += 2) {
- sscanf(&s[i], "%2x", &byte);
- *cp++ = byte;
- }
+ size_t i, len;
+ unsigned int byte;
+ unsigned char *cp;
+
+ len = strlen(s);
+ cp = malloc(len / 2);
+ dat->data = (char *)cp;
+ if (cp == NULL) {
+ dat->length = 0;
+ return;
+ }
+ dat->length = len / 2;
+ for (i = 0; i + 1 < len; i += 2) {
+ sscanf(&s[i], "%2x", &byte);
+ *cp++ = byte;
+ }
}
/*
int
main(argc, argv)
- int argc;
- char **argv;
+ int argc;
+ char **argv;
{
- int msgindex;
- krb5_boolean valid;
- size_t length;
- krb5_keyblock keyblock;
- krb5_key key;
- krb5_error_code kret=0;
- krb5_data plaintext, newstyle_checksum, knowncksum_dat;
-
- /* this is a terrible seed, but that's ok for the test. */
+ int msgindex;
+ krb5_boolean valid;
+ size_t length;
+ krb5_keyblock keyblock;
+ krb5_key key;
+ krb5_error_code kret=0;
+ krb5_data plaintext, newstyle_checksum, knowncksum_dat;
- plaintext.length = 8;
- plaintext.data = (char *) testkey;
+ /* this is a terrible seed, but that's ok for the test. */
- krb5_c_random_seed(/* XXX */ 0, &plaintext);
+ plaintext.length = 8;
+ plaintext.data = (char *) testkey;
- keyblock.enctype = ENCTYPE_DES_CBC_CRC;
- keyblock.length = sizeof(testkey);
- keyblock.contents = testkey;
+ krb5_c_random_seed(/* XXX */ 0, &plaintext);
- krb5_k_create_key(NULL, &keyblock, &key);
+ keyblock.enctype = ENCTYPE_DES_CBC_CRC;
+ keyblock.length = sizeof(testkey);
+ keyblock.contents = testkey;
- length = khp.hashsize;
+ krb5_k_create_key(NULL, &keyblock, &key);
- newstyle_checksum.length = length;
+ length = khp.hashsize;
- if (!(newstyle_checksum.data = (char *)
- malloc((unsigned) newstyle_checksum.length))) {
- printf("cannot get memory for new style checksum\n");
- return(ENOMEM);
- }
- for (msgindex = 1; msgindex + 1 < argc; msgindex += 2) {
- plaintext.length = strlen(argv[msgindex]);
- plaintext.data = argv[msgindex];
+ newstyle_checksum.length = length;
- if ((kret = (*(khp.hash))(key, 0, 0, &plaintext, &newstyle_checksum))) {
- printf("krb5_calculate_checksum choked with %d\n", kret);
- break;
- }
- print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
-
- if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &newstyle_checksum,
- &valid))) {
- printf("verify on new checksum choked with %d\n", kret);
- break;
- }
- if (!valid) {
- printf("verify on new checksum failed\n");
- kret = 1;
- break;
- }
- printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
-
- newstyle_checksum.data[0]++;
- if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &newstyle_checksum,
- &valid))) {
- printf("verify on new checksum choked with %d\n", kret);
- break;
- }
- if (valid) {
- printf("verify on new checksum succeeded, but shouldn't have\n");
- kret = 1;
- break;
- }
- printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
- parse_hexstring(argv[msgindex+1], &knowncksum_dat);
- if (knowncksum_dat.data == NULL) {
- printf("parse_hexstring failed\n");
- kret = 1;
- break;
- }
- if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &knowncksum_dat,
- &valid))) {
- printf("verify on known checksum choked with %d\n", kret);
- break;
+ if (!(newstyle_checksum.data = (char *)
+ malloc((unsigned) newstyle_checksum.length))) {
+ printf("cannot get memory for new style checksum\n");
+ return(ENOMEM);
}
- if (!valid) {
- printf("verify on known checksum failed\n");
- kret = 1;
- break;
+ for (msgindex = 1; msgindex + 1 < argc; msgindex += 2) {
+ plaintext.length = strlen(argv[msgindex]);
+ plaintext.data = argv[msgindex];
+
+ if ((kret = (*(khp.hash))(key, 0, 0, &plaintext, &newstyle_checksum))) {
+ printf("krb5_calculate_checksum choked with %d\n", kret);
+ break;
+ }
+ print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
+
+ if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &newstyle_checksum,
+ &valid))) {
+ printf("verify on new checksum choked with %d\n", kret);
+ break;
+ }
+ if (!valid) {
+ printf("verify on new checksum failed\n");
+ kret = 1;
+ break;
+ }
+ printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
+
+ newstyle_checksum.data[0]++;
+ if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &newstyle_checksum,
+ &valid))) {
+ printf("verify on new checksum choked with %d\n", kret);
+ break;
+ }
+ if (valid) {
+ printf("verify on new checksum succeeded, but shouldn't have\n");
+ kret = 1;
+ break;
+ }
+ printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
+ parse_hexstring(argv[msgindex+1], &knowncksum_dat);
+ if (knowncksum_dat.data == NULL) {
+ printf("parse_hexstring failed\n");
+ kret = 1;
+ break;
+ }
+ if ((kret = (*(khp.verify))(key, 0, 0, &plaintext, &knowncksum_dat,
+ &valid))) {
+ printf("verify on known checksum choked with %d\n", kret);
+ break;
+ }
+ if (!valid) {
+ printf("verify on known checksum failed\n");
+ kret = 1;
+ break;
+ }
+ printf("Verify on known checksum succeeded\n");
+ kret = 0;
}
- printf("Verify on known checksum succeeded\n");
- kret = 0;
- }
- free(newstyle_checksum.data);
- if (!kret)
- printf("%d tests passed successfully for MD%d checksum\n", (argc-1)/2, MD);
+ free(newstyle_checksum.data);
+ if (!kret)
+ printf("%d tests passed successfully for MD%d checksum\n", (argc-1)/2, MD);
- krb5_k_free_key(NULL, key);
+ krb5_k_free_key(NULL, key);
- return(kret);
+ return(kret);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/crc32/t_crc.c
*
#define HEX 1
#define STR 2
struct crc_trial {
- int type;
- char *data;
- unsigned long sum;
+ int type;
+ char *data;
+ unsigned long sum;
};
struct crc_trial trials[] = {
block = malloc(blksiz * nblk);
if (block == NULL)
- exit(1);
+ exit(1);
for (i = 0; i < blksiz * nblk; i++)
- block[i] = i % 256;
+ block[i] = i % 256;
times(&before);
for (i = 0; i < nblk; i++) {
- mit_crc32(block + i * blksiz, blksiz, &cksum);
+ mit_crc32(block + i * blksiz, blksiz, &cksum);
}
times(&after);
printf("shift-8 implementation, %d blocks of %d bytes:\n",
- nblk, blksiz);
+ nblk, blksiz);
printf("\tu=%ld s=%ld cu=%ld cs=%ld\n",
- (long)(after.tms_utime - before.tms_utime),
- (long)(after.tms_stime - before.tms_stime),
- (long)(after.tms_cutime - before.tms_cutime),
- (long)(after.tms_cstime - before.tms_cstime));
+ (long)(after.tms_utime - before.tms_utime),
+ (long)(after.tms_stime - before.tms_stime),
+ (long)(after.tms_cutime - before.tms_cutime),
+ (long)(after.tms_cstime - before.tms_cstime));
#ifdef CRC32_SHIFT4
times(&before);
for (i = 0; i < nblk; i++) {
- mit_crc32_shift4(block + i * blksiz, blksiz, &cksum);
+ mit_crc32_shift4(block + i * blksiz, blksiz, &cksum);
}
times(&after);
printf("shift-4 implementation, %d blocks of %d bytes:\n",
- nblk, blksiz);
+ nblk, blksiz);
printf("\tu=%ld s=%ld cu=%ld cs=%ld\n",
- (long)(after.tms_utime - before.tms_utime),
- (long)(after.tms_stime - before.tms_stime),
- (long)(after.tms_cutime - before.tms_cutime),
- (long)(after.tms_cstime - before.tms_cstime));
+ (long)(after.tms_utime - before.tms_utime),
+ (long)(after.tms_stime - before.tms_stime),
+ (long)(after.tms_cutime - before.tms_cutime),
+ (long)(after.tms_cstime - before.tms_cstime));
#endif
free(block);
}
static void gethexstr(char *data, size_t *outlen, unsigned char *outbuf,
- size_t buflen)
+ size_t buflen)
{
size_t inlen;
char *cp, buf[3];
inlen = strlen(data);
*outlen = 0;
for (cp = data; cp - data < inlen; cp += 2) {
- strncpy(buf, cp, 2);
- buf[2] = '\0';
- n = strtol(buf, NULL, 16);
- outbuf[(*outlen)++] = n;
- if (*outlen > buflen)
- break;
+ strncpy(buf, cp, 2);
+ buf[2] = '\0';
+ n = strtol(buf, NULL, 16);
+ outbuf[(*outlen)++] = n;
+ if (*outlen > buflen)
+ break;
}
}
char *typestr;
for (i = 0; i < NTRIALS; i++) {
- trial = trials[i];
- switch (trial.type) {
- case STR:
- len = strlen(trial.data);
- typestr = "STR";
- mit_crc32(trial.data, len, &cksum);
- break;
- case HEX:
- typestr = "HEX";
- gethexstr(trial.data, &len, buf, 4);
- mit_crc32(buf, len, &cksum);
- break;
- default:
- typestr = "BOGUS";
- fprintf(stderr, "bad trial type %d\n", trial.type);
- exit(1);
- }
- printf("%s: %s \"%s\" = 0x%08lx\n",
- (trial.sum == cksum) ? "OK" : "***BAD***",
- typestr, trial.data, cksum);
+ trial = trials[i];
+ switch (trial.type) {
+ case STR:
+ len = strlen(trial.data);
+ typestr = "STR";
+ mit_crc32(trial.data, len, &cksum);
+ break;
+ case HEX:
+ typestr = "HEX";
+ gethexstr(trial.data, &len, buf, 4);
+ mit_crc32(buf, len, &cksum);
+ break;
+ default:
+ typestr = "BOGUS";
+ fprintf(stderr, "bad trial type %d\n", trial.type);
+ exit(1);
+ }
+ printf("%s: %s \"%s\" = 0x%08lx\n",
+ (trial.sum == cksum) ? "OK" : "***BAD***",
+ typestr, trial.data, cksum);
}
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/vectors.c
*
static void printhex (size_t len, const char *p)
{
while (len--)
- printf ("%02x", 0xff & *p++);
+ printf ("%02x", 0xff & *p++);
}
static void printstringhex (const char *p) { printhex (strlen (p), p); }
void check_error (int r, int line) {
if (r != 0) {
- fprintf (stderr, "%s:%d: %s\n", __FILE__, line,
- error_message (r));
- exit (1);
+ fprintf (stderr, "%s:%d: %s\n", __FILE__, line,
+ error_message (r));
+ exit (1);
}
}
#define CHECK check_error(r, __LINE__)
printf("%s:", descr);
for (i = 0; i < d->length; i += r) {
- printf("\n %04x: ", i);
- for (j = i; j < i + r && j < d->length; j++)
- printf(" %02x", 0xff & d->data[j]);
+ printf("\n %04x: ", i);
+ for (j = i; j < i + r && j < d->length; j++)
+ printf(" %02x", 0xff & d->data[j]);
#ifdef SHOW_TEXT
- for (; j < i + r; j++)
- printf(" ");
- printf(" ");
- for (j = i; j < i + r && j < d->length; j++) {
- int c = 0xff & d->data[j];
- printf("%c", isprint(c) ? c : '.');
- }
+ for (; j < i + r; j++)
+ printf(" ");
+ printf(" ");
+ for (j = i; j < i + r && j < d->length; j++) {
+ int c = 0xff & d->data[j];
+ printf("%c", isprint(c) ? c : '.');
+ }
#endif
}
printf("\n");
static void test_cts()
{
static const char input[4*16] =
- "I would like the General Gau's Chicken, please, and wonton soup.";
+ "I would like the General Gau's Chicken, please, and wonton soup.";
static const unsigned char aeskey[16] = "chicken teriyaki";
static const int lengths[] = { 17, 31, 32, 47, 48, 64 };
err = krb5_k_create_key(NULL, &keyblock, &key);
if (err) {
- printf("error %ld from krb5_k_create_key\n", (long)err);
- exit(1);
+ printf("error %ld from krb5_k_create_key\n", (long)err);
+ exit(1);
}
memset(enciv.data, 0, 16);
printk("AES 128-bit key", &keyblock);
for (i = 0; i < sizeof(lengths)/sizeof(lengths[0]); i++) {
- memset(enciv.data, 0, 16);
- memset(deciv.data, 0, 16);
-
- printf("\n");
- in.length = out.length = lengths[i];
- printd("IV", &enciv);
- err = krb5int_aes_encrypt(key, &enciv, &in, &out);
- if (err) {
- printf("error %ld from krb5int_aes_encrypt\n", (long)err);
- exit(1);
- }
- printd("Input", &in);
- printd("Output", &out);
- printd("Next IV", &enciv);
- out2.length = out.length;
- err = krb5int_aes_decrypt(key, &deciv, &out, &out2);
- if (err) {
- printf("error %ld from krb5int_aes_decrypt\n", (long)err);
- exit(1);
- }
- if (!data_eq(out2, in)) {
- printd("Decryption result DOESN'T MATCH", &out2);
- exit(1);
- }
- if (memcmp(enciv.data, deciv.data, 16)) {
- printd("Decryption IV result DOESN'T MATCH", &deciv);
- exit(1);
- }
+ memset(enciv.data, 0, 16);
+ memset(deciv.data, 0, 16);
+
+ printf("\n");
+ in.length = out.length = lengths[i];
+ printd("IV", &enciv);
+ err = krb5int_aes_encrypt(key, &enciv, &in, &out);
+ if (err) {
+ printf("error %ld from krb5int_aes_encrypt\n", (long)err);
+ exit(1);
+ }
+ printd("Input", &in);
+ printd("Output", &out);
+ printd("Next IV", &enciv);
+ out2.length = out.length;
+ err = krb5int_aes_decrypt(key, &deciv, &out, &out2);
+ if (err) {
+ printf("error %ld from krb5int_aes_decrypt\n", (long)err);
+ exit(1);
+ }
+ if (!data_eq(out2, in)) {
+ printd("Decryption result DOESN'T MATCH", &out2);
+ exit(1);
+ }
+ if (memcmp(enciv.data, deciv.data, 16)) {
+ printd("Decryption IV result DOESN'T MATCH", &deciv);
+ exit(1);
+ }
}
krb5_k_free_key(NULL, key);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_encrypt.c
*
/* What enctypes should we test?*/
krb5_enctype interesting_enctypes[] = {
- ENCTYPE_DES_CBC_CRC,
- ENCTYPE_DES_CBC_MD4,
- ENCTYPE_DES_CBC_MD5,
- ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_ARCFOUR_HMAC,
- ENCTYPE_ARCFOUR_HMAC_EXP,
- ENCTYPE_AES256_CTS_HMAC_SHA1_96,
- ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- 0
+ ENCTYPE_DES_CBC_CRC,
+ ENCTYPE_DES_CBC_MD4,
+ ENCTYPE_DES_CBC_MD5,
+ ENCTYPE_DES3_CBC_SHA1,
+ ENCTYPE_ARCFOUR_HMAC,
+ ENCTYPE_ARCFOUR_HMAC_EXP,
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ 0
};
static void
{
printf("%s: . . . ", msg);
if (retval) {
- printf("Failed: %s\n", error_message(retval));
- abort();
+ printf("Failed: %s\n", error_message(retval));
+ abort();
} else
- printf("OK\n");
+ printf("OK\n");
}
static int compare_results(krb5_data *d1, krb5_data *d2)
{
if (d1->length != d2->length) {
- /* Decryption can leave a little trailing cruft.
- For the current cryptosystems, this can be up to 7 bytes. */
- if (d1->length + 8 <= d2->length)
- return EINVAL;
- if (d1->length > d2->length)
- return EINVAL;
+ /* Decryption can leave a little trailing cruft.
+ For the current cryptosystems, this can be up to 7 bytes. */
+ if (d1->length + 8 <= d2->length)
+ return EINVAL;
+ if (d1->length > d2->length)
+ return EINVAL;
}
if (memcmp(d1->data, d2->data, d1->length)) {
- return EINVAL;
+ return EINVAL;
}
return 0;
}
int
main ()
{
- krb5_context context = 0;
- krb5_data in, in2, out, out2, check, check2, state, signdata;
- krb5_crypto_iov iov[5];
- int i, j, pos;
- unsigned int dummy;
- size_t len;
- krb5_enc_data enc_out, enc_out2;
- krb5_keyblock *keyblock;
- krb5_key key;
+ krb5_context context = 0;
+ krb5_data in, in2, out, out2, check, check2, state, signdata;
+ krb5_crypto_iov iov[5];
+ int i, j, pos;
+ unsigned int dummy;
+ size_t len;
+ krb5_enc_data enc_out, enc_out2;
+ krb5_keyblock *keyblock;
+ krb5_key key;
- memset(iov, 0, sizeof(iov));
+ memset(iov, 0, sizeof(iov));
- in.data = "This is a test.\n";
- in.length = strlen (in.data);
- in2.data = "This is another test.\n";
- in2.length = strlen (in2.data);
+ in.data = "This is a test.\n";
+ in.length = strlen (in.data);
+ in2.data = "This is another test.\n";
+ in2.length = strlen (in2.data);
- test ("Seeding random number generator",
- krb5_c_random_seed (context, &in));
+ test ("Seeding random number generator",
+ krb5_c_random_seed (context, &in));
- /* Set up output buffers. */
- out.data = malloc(2048);
- out2.data = malloc(2048);
- check.data = malloc(2048);
- check2.data = malloc(2048);
- if (out.data == NULL || out2.data == NULL
- || check.data == NULL || check2.data == NULL)
- abort();
- out.magic = KV5M_DATA;
- out.length = 2048;
- out2.magic = KV5M_DATA;
- out2.length = 2048;
- check.length = 2048;
- check2.length = 2048;
+ /* Set up output buffers. */
+ out.data = malloc(2048);
+ out2.data = malloc(2048);
+ check.data = malloc(2048);
+ check2.data = malloc(2048);
+ if (out.data == NULL || out2.data == NULL
+ || check.data == NULL || check2.data == NULL)
+ abort();
+ out.magic = KV5M_DATA;
+ out.length = 2048;
+ out2.magic = KV5M_DATA;
+ out2.length = 2048;
+ check.length = 2048;
+ check2.length = 2048;
- for (i = 0; interesting_enctypes[i]; i++) {
- krb5_enctype enctype = interesting_enctypes [i];
+ for (i = 0; interesting_enctypes[i]; i++) {
+ krb5_enctype enctype = interesting_enctypes [i];
- printf ("Testing enctype %d\n", enctype);
- test ("Initializing a keyblock",
- krb5_init_keyblock (context, enctype, 0, &keyblock));
- test ("Generating random keyblock",
- krb5_c_make_random_key (context, enctype, keyblock));
- test ("Creating opaque key from keyblock",
- krb5_k_create_key (context, keyblock, &key));
+ printf ("Testing enctype %d\n", enctype);
+ test ("Initializing a keyblock",
+ krb5_init_keyblock (context, enctype, 0, &keyblock));
+ test ("Generating random keyblock",
+ krb5_c_make_random_key (context, enctype, keyblock));
+ test ("Creating opaque key from keyblock",
+ krb5_k_create_key (context, keyblock, &key));
- enc_out.ciphertext = out;
- enc_out2.ciphertext = out2;
- /* We use an intermediate `len' because size_t may be different size
- than `int' */
- krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len);
- enc_out.ciphertext.length = len;
+ enc_out.ciphertext = out;
+ enc_out2.ciphertext = out2;
+ /* We use an intermediate `len' because size_t may be different size
+ than `int' */
+ krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len);
+ enc_out.ciphertext.length = len;
- /* Encrypt, decrypt, and see if we got the plaintext back again. */
- test ("Encrypting (c)",
- krb5_c_encrypt (context, keyblock, 7, 0, &in, &enc_out));
- test ("Decrypting",
- krb5_c_decrypt (context, keyblock, 7, 0, &enc_out, &check));
- test ("Comparing", compare_results (&in, &check));
+ /* Encrypt, decrypt, and see if we got the plaintext back again. */
+ test ("Encrypting (c)",
+ krb5_c_encrypt (context, keyblock, 7, 0, &in, &enc_out));
+ test ("Decrypting",
+ krb5_c_decrypt (context, keyblock, 7, 0, &enc_out, &check));
+ test ("Comparing", compare_results (&in, &check));
- /* Try again with the opaque-key-using variants. */
- memset(out.data, 0, out.length);
- test ("Encrypting (k)",
- krb5_k_encrypt (context, key, 7, 0, &in, &enc_out));
- test ("Decrypting",
- krb5_k_decrypt (context, key, 7, 0, &enc_out, &check));
- test ("Comparing", compare_results (&in, &check));
+ /* Try again with the opaque-key-using variants. */
+ memset(out.data, 0, out.length);
+ test ("Encrypting (k)",
+ krb5_k_encrypt (context, key, 7, 0, &in, &enc_out));
+ test ("Decrypting",
+ krb5_k_decrypt (context, key, 7, 0, &enc_out, &check));
+ test ("Comparing", compare_results (&in, &check));
- /* Check if this enctype supports IOV encryption. */
- if ( krb5_c_crypto_length(context, keyblock->enctype,
- KRB5_CRYPTO_TYPE_HEADER, &dummy) == 0 ){
- /* Set up iovecs for stream decryption. */
- memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length);
- iov[0].flags= KRB5_CRYPTO_TYPE_STREAM;
- iov[0].data.data = out2.data;
- iov[0].data.length = enc_out.ciphertext.length;
- iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
+ /* Check if this enctype supports IOV encryption. */
+ if ( krb5_c_crypto_length(context, keyblock->enctype,
+ KRB5_CRYPTO_TYPE_HEADER, &dummy) == 0 ){
+ /* Set up iovecs for stream decryption. */
+ memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length);
+ iov[0].flags= KRB5_CRYPTO_TYPE_STREAM;
+ iov[0].data.data = out2.data;
+ iov[0].data.length = enc_out.ciphertext.length;
+ iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
- /* Decrypt the encrypted data from above and check it. */
- test("IOV stream decrypting (c)",
- krb5_c_decrypt_iov( context, keyblock, 7, 0, iov, 2));
- test("Comparing results",
- compare_results(&in, &iov[1].data));
+ /* Decrypt the encrypted data from above and check it. */
+ test("IOV stream decrypting (c)",
+ krb5_c_decrypt_iov( context, keyblock, 7, 0, iov, 2));
+ test("Comparing results",
+ compare_results(&in, &iov[1].data));
- /* Try again with the opaque-key-using variant. */
- memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length);
- test("IOV stream decrypting (k)",
- krb5_k_decrypt_iov( context, key, 7, 0, iov, 2));
- test("Comparing results",
- compare_results(&in, &iov[1].data));
+ /* Try again with the opaque-key-using variant. */
+ memcpy(out2.data, enc_out.ciphertext.data, enc_out.ciphertext.length);
+ test("IOV stream decrypting (k)",
+ krb5_k_decrypt_iov( context, key, 7, 0, iov, 2));
+ test("Comparing results",
+ compare_results(&in, &iov[1].data));
- /* Set up iovecs for AEAD encryption. */
- signdata.magic = KV5M_DATA;
- signdata.data = (char *) "This should be signed";
- signdata.length = strlen(signdata.data);
- iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
- iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
- iov[1].data = in; /*We'll need to copy memory before encrypt*/
- iov[2].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
- iov[2].data = signdata;
- iov[3].flags = KRB5_CRYPTO_TYPE_PADDING;
- iov[4].flags = KRB5_CRYPTO_TYPE_TRAILER;
+ /* Set up iovecs for AEAD encryption. */
+ signdata.magic = KV5M_DATA;
+ signdata.data = (char *) "This should be signed";
+ signdata.length = strlen(signdata.data);
+ iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
+ iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
+ iov[1].data = in; /*We'll need to copy memory before encrypt*/
+ iov[2].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
+ iov[2].data = signdata;
+ iov[3].flags = KRB5_CRYPTO_TYPE_PADDING;
+ iov[4].flags = KRB5_CRYPTO_TYPE_TRAILER;
- /* "Allocate" data for the iovec buffers from the "out" buffer. */
- test("Setting up iov lengths",
- krb5_c_crypto_length_iov(context, keyblock->enctype, iov, 5));
- for (j=0,pos=0; j <= 4; j++ ){
- if (iov[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY)
- continue;
- iov[j].data.data = &out.data[pos];
- pos += iov[j].data.length;
- }
- assert (iov[1].data.length == in.length);
- memcpy(iov[1].data.data, in.data, in.length);
+ /* "Allocate" data for the iovec buffers from the "out" buffer. */
+ test("Setting up iov lengths",
+ krb5_c_crypto_length_iov(context, keyblock->enctype, iov, 5));
+ for (j=0,pos=0; j <= 4; j++ ){
+ if (iov[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY)
+ continue;
+ iov[j].data.data = &out.data[pos];
+ pos += iov[j].data.length;
+ }
+ assert (iov[1].data.length == in.length);
+ memcpy(iov[1].data.data, in.data, in.length);
- /* Encrypt and decrypt in place, and check the result. */
- test("iov encrypting (c)",
- krb5_c_encrypt_iov(context, keyblock, 7, 0, iov, 5));
- assert(iov[1].data.length == in.length);
- test("iov decrypting",
- krb5_c_decrypt_iov(context, keyblock, 7, 0, iov, 5));
- test("Comparing results",
- compare_results(&in, &iov[1].data));
+ /* Encrypt and decrypt in place, and check the result. */
+ test("iov encrypting (c)",
+ krb5_c_encrypt_iov(context, keyblock, 7, 0, iov, 5));
+ assert(iov[1].data.length == in.length);
+ test("iov decrypting",
+ krb5_c_decrypt_iov(context, keyblock, 7, 0, iov, 5));
+ test("Comparing results",
+ compare_results(&in, &iov[1].data));
- /* Try again with opaque-key-using variants. */
- test("iov encrypting (k)",
- krb5_k_encrypt_iov(context, key, 7, 0, iov, 5));
- assert(iov[1].data.length == in.length);
- test("iov decrypting",
- krb5_k_decrypt_iov(context, key, 7, 0, iov, 5));
- test("Comparing results",
- compare_results(&in, &iov[1].data));
- }
+ /* Try again with opaque-key-using variants. */
+ test("iov encrypting (k)",
+ krb5_k_encrypt_iov(context, key, 7, 0, iov, 5));
+ assert(iov[1].data.length == in.length);
+ test("iov decrypting",
+ krb5_k_decrypt_iov(context, key, 7, 0, iov, 5));
+ test("Comparing results",
+ compare_results(&in, &iov[1].data));
+ }
- enc_out.ciphertext.length = out.length;
- check.length = 2048;
+ enc_out.ciphertext.length = out.length;
+ check.length = 2048;
- test ("init_state",
- krb5_c_init_state (context, keyblock, 7, &state));
- test ("Encrypting with state",
- krb5_c_encrypt (context, keyblock, 7, &state, &in, &enc_out));
- test ("Encrypting again with state",
- krb5_c_encrypt (context, keyblock, 7, &state, &in2, &enc_out2));
- test ("free_state",
- krb5_c_free_state (context, keyblock, &state));
- test ("init_state",
- krb5_c_init_state (context, keyblock, 7, &state));
- test ("Decrypting with state",
- krb5_c_decrypt (context, keyblock, 7, &state, &enc_out, &check));
- test ("Decrypting again with state",
- krb5_c_decrypt (context, keyblock, 7, &state, &enc_out2, &check2));
- test ("free_state",
- krb5_c_free_state (context, keyblock, &state));
- test ("Comparing",
- compare_results (&in, &check));
- test ("Comparing",
- compare_results (&in2, &check2));
+ test ("init_state",
+ krb5_c_init_state (context, keyblock, 7, &state));
+ test ("Encrypting with state",
+ krb5_c_encrypt (context, keyblock, 7, &state, &in, &enc_out));
+ test ("Encrypting again with state",
+ krb5_c_encrypt (context, keyblock, 7, &state, &in2, &enc_out2));
+ test ("free_state",
+ krb5_c_free_state (context, keyblock, &state));
+ test ("init_state",
+ krb5_c_init_state (context, keyblock, 7, &state));
+ test ("Decrypting with state",
+ krb5_c_decrypt (context, keyblock, 7, &state, &enc_out, &check));
+ test ("Decrypting again with state",
+ krb5_c_decrypt (context, keyblock, 7, &state, &enc_out2, &check2));
+ test ("free_state",
+ krb5_c_free_state (context, keyblock, &state));
+ test ("Comparing",
+ compare_results (&in, &check));
+ test ("Comparing",
+ compare_results (&in2, &check2));
- krb5_free_keyblock (context, keyblock);
- krb5_k_free_key (context, key);
- }
+ krb5_free_keyblock (context, keyblock);
+ krb5_k_free_key (context, key);
+ }
- /* Test the RC4 decrypt fallback from key usage 9 to 8. */
- test ("Initializing an RC4 keyblock",
- krb5_init_keyblock (context, ENCTYPE_ARCFOUR_HMAC, 0, &keyblock));
- test ("Generating random RC4 key",
- krb5_c_make_random_key (context, ENCTYPE_ARCFOUR_HMAC, keyblock));
- enc_out.ciphertext = out;
- krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len);
- enc_out.ciphertext.length = len;
- check.length = 2048;
- test ("Encrypting with RC4 key usage 8",
- krb5_c_encrypt (context, keyblock, 8, 0, &in, &enc_out));
- test ("Decrypting with RC4 key usage 9",
- krb5_c_decrypt (context, keyblock, 9, 0, &enc_out, &check));
- test ("Comparing", compare_results (&in, &check));
+ /* Test the RC4 decrypt fallback from key usage 9 to 8. */
+ test ("Initializing an RC4 keyblock",
+ krb5_init_keyblock (context, ENCTYPE_ARCFOUR_HMAC, 0, &keyblock));
+ test ("Generating random RC4 key",
+ krb5_c_make_random_key (context, ENCTYPE_ARCFOUR_HMAC, keyblock));
+ enc_out.ciphertext = out;
+ krb5_c_encrypt_length (context, keyblock->enctype, in.length, &len);
+ enc_out.ciphertext.length = len;
+ check.length = 2048;
+ test ("Encrypting with RC4 key usage 8",
+ krb5_c_encrypt (context, keyblock, 8, 0, &in, &enc_out));
+ test ("Decrypting with RC4 key usage 9",
+ krb5_c_decrypt (context, keyblock, 9, 0, &enc_out, &check));
+ test ("Comparing", compare_results (&in, &check));
- krb5_free_keyblock (context, keyblock);
- free(out.data);
- free(out2.data);
- free(check.data);
- free(check2.data);
- return 0;
+ krb5_free_keyblock (context, keyblock);
+ free(out.data);
+ free(out2.data);
+ free(check.data);
+ free(check2.data);
+ return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_hmac.c
*
#if 0
static void check_error (int r, int line) {
if (r != 0) {
- fprintf (stderr, "%s:%d: %s\n", __FILE__, line,
- error_message (r));
- exit (1);
+ fprintf (stderr, "%s:%d: %s\n", __FILE__, line,
+ error_message (r));
+ exit (1);
}
}
#define CHECK check_error(r, __LINE__)
printf("%s (%d bytes):", descr, d->length);
for (i = 0; i < d->length; i += r) {
- printf("\n %04x: ", i);
- for (j = i; j < i + r && j < d->length; j++)
- printf(" %02x", 0xff & d->data[j]);
- for (; j < i + r; j++)
- printf(" ");
- printf(" ");
- for (j = i; j < i + r && j < d->length; j++) {
- int c = 0xff & d->data[j];
- printf("%c", isprint(c) ? c : '.');
- }
+ printf("\n %04x: ", i);
+ for (j = i; j < i + r && j < d->length; j++)
+ printf(" %02x", 0xff & d->data[j]);
+ for (; j < i + r; j++)
+ printf(" ");
+ printf(" ");
+ for (j = i; j < i + r && j < d->length; j++) {
+ int c = 0xff & d->data[j];
+ printf("%c", isprint(c) ? c : '.');
+ }
}
printf("\n");
}
};
static krb5_error_code hmac1(const struct krb5_hash_provider *h,
- krb5_keyblock *key,
- krb5_data *in, krb5_data *out)
+ krb5_keyblock *key,
+ krb5_data *in, krb5_data *out)
{
char tmp[40];
size_t blocksize, hashsize;
blocksize = h->blocksize;
hashsize = h->hashsize;
if (hashsize > sizeof(tmp))
- abort();
+ abort();
if (key->length > blocksize) {
- krb5_data d, d2;
- d.data = (char *) key->contents;
- d.length = key->length;
- d2.data = tmp;
- d2.length = hashsize;
- err = h->hash (1, &d, &d2);
- if (err) {
- com_err(whoami, err, "hashing key before calling hmac");
- exit(1);
- }
- key->length = d2.length;
- key->contents = (krb5_octet *) d2.data;
- printk(" pre-hashed key", key);
+ krb5_data d, d2;
+ d.data = (char *) key->contents;
+ d.length = key->length;
+ d2.data = tmp;
+ d2.length = hashsize;
+ err = h->hash (1, &d, &d2);
+ if (err) {
+ com_err(whoami, err, "hashing key before calling hmac");
+ exit(1);
+ }
+ key->length = d2.length;
+ key->contents = (krb5_octet *) d2.data;
+ printk(" pre-hashed key", key);
}
printd(" hmac input", in);
krb5_k_create_key(NULL, key, &k);
err = krb5int_hmac(h, k, 1, in, out);
krb5_k_free_key(NULL, k);
if (err == 0)
- printd(" hmac output", out);
+ printd(" hmac output", out);
return err;
}
/* RFC 2202 test vector. */
static const struct hmac_test md5tests[] = {
- {
- 16, {
- 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb,
- 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb,
- },
- 8, "Hi There",
- "0x9294727a3638bb1c13f48ef8158bfc9d"
- },
+ {
+ 16, {
+ 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb,
+ 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb,
+ },
+ 8, "Hi There",
+ "0x9294727a3638bb1c13f48ef8158bfc9d"
+ },
- {
- 4, "Jefe",
- 28, "what do ya want for nothing?",
- "0x750c783e6ab0b503eaa86e310a5db738"
- },
+ {
+ 4, "Jefe",
+ 28, "what do ya want for nothing?",
+ "0x750c783e6ab0b503eaa86e310a5db738"
+ },
- {
- 16, {
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
- },
- 50, {
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- },
- "0x56be34521d144c88dbb8c733f0e8b3f6"
- },
+ {
+ 16, {
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
+ },
+ 50, {
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ },
+ "0x56be34521d144c88dbb8c733f0e8b3f6"
+ },
- {
- 25, {
- 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
- 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
- 0x15, 0x16, 0x17, 0x18, 0x19
- },
- 50, {
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- },
- "0x697eaf0aca3a3aea3a75164746ffaa79"
- },
+ {
+ 25, {
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
+ 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
+ 0x15, 0x16, 0x17, 0x18, 0x19
+ },
+ 50, {
+ 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+ 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+ 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+ 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+ 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+ },
+ "0x697eaf0aca3a3aea3a75164746ffaa79"
+ },
- {
- 16, {
- 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
- 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
- },
- 20, "Test With Truncation",
- "0x56461ef2342edc00f9bab995690efd4c"
- },
+ {
+ 16, {
+ 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
+ 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
+ },
+ 20, "Test With Truncation",
+ "0x56461ef2342edc00f9bab995690efd4c"
+ },
- {
- 80, {
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- },
- 54, "Test Using Larger Than Block-Size Key - Hash Key First",
- "0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
- },
+ {
+ 80, {
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ },
+ 54, "Test Using Larger Than Block-Size Key - Hash Key First",
+ "0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
+ },
- {
- 80, {
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- },
- 73,
- "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
- "0x6f630fad67cda0ee1fb1f562db3aa53e"
- },
+ {
+ 80, {
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ },
+ 73,
+ "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
+ "0x6f630fad67cda0ee1fb1f562db3aa53e"
+ },
};
for (i = 0; i < sizeof(md5tests)/sizeof(md5tests[0]); i++) {
- key.contents = md5tests[i].key;
- key.length = md5tests[i].key_len;
- in.data = md5tests[i].data;
- in.length = md5tests[i].data_len;
+ key.contents = md5tests[i].key;
+ key.length = md5tests[i].key_len;
+ in.data = md5tests[i].data;
+ in.length = md5tests[i].data_len;
- out.data = outbuf;
- out.length = 20;
- printf("\nTest #%d:\n", i+1);
- err = hmac1(&krb5int_hash_md5, &key, &in, &out);
- if (err) {
- com_err(whoami, err, "computing hmac");
- exit(1);
- }
+ out.data = outbuf;
+ out.length = 20;
+ printf("\nTest #%d:\n", i+1);
+ err = hmac1(&krb5int_hash_md5, &key, &in, &out);
+ if (err) {
+ com_err(whoami, err, "computing hmac");
+ exit(1);
+ }
- krb5int_buf_init_fixed(&buf, stroutbuf, sizeof(stroutbuf));
- krb5int_buf_add(&buf, "0x");
- for (j = 0; j < out.length; j++)
- krb5int_buf_add_fmt(&buf, "%02x", 0xff & outbuf[j]);
- if (krb5int_buf_data(&buf) == NULL)
- abort();
- if (strcmp(stroutbuf, md5tests[i].hexdigest)) {
- printf("*** CHECK FAILED!\n"
- "\tReturned: %s.\n"
- "\tExpected: %s.\n", stroutbuf, md5tests[i].hexdigest);
- lose++;
- } else
- printf("Matches expected result.\n");
+ krb5int_buf_init_fixed(&buf, stroutbuf, sizeof(stroutbuf));
+ krb5int_buf_add(&buf, "0x");
+ for (j = 0; j < out.length; j++)
+ krb5int_buf_add_fmt(&buf, "%02x", 0xff & outbuf[j]);
+ if (krb5int_buf_data(&buf) == NULL)
+ abort();
+ if (strcmp(stroutbuf, md5tests[i].hexdigest)) {
+ printf("*** CHECK FAILED!\n"
+ "\tReturned: %s.\n"
+ "\tExpected: %s.\n", stroutbuf, md5tests[i].hexdigest);
+ lose++;
+ } else
+ printf("Matches expected result.\n");
}
/* Do again with SHA-1 tests.... */
if (lose) {
- printf("%d failures; exiting.\n", lose);
- exit(1);
+ printf("%d failures; exiting.\n", lose);
+ exit(1);
}
}
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/crypto_tests/t_kperf.c
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/md5/t_cksum.c
*
* t_cksum.c - Test checksum and checksum compatability for rsa-md[4,5]-des
*/
-#ifndef MD
-#define MD 5
-#endif /* MD */
+#ifndef MD
+#define MD 5
+#endif /* MD */
#include "k5-int.h"
-#if MD == 4
+#if MD == 4
#include "rsa-md4.h"
-#endif /* MD == 4 */
-#if MD == 5
+#endif /* MD == 4 */
+#if MD == 5
#include "rsa-md5.h"
-#endif /* MD == 5 */
+#endif /* MD == 5 */
#include "des_int.h"
#define MD5_K5BETA_COMPAT
#define MD4_K5BETA_COMPAT
-#if MD == 4
-#define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH
-#define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH
-#define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH
-#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES
-#ifdef MD4_K5BETA_COMPAT
-#define K5BETA_COMPAT 1
-#else /* MD4_K5BETA_COMPAT */
-#undef K5BETA_COMPAT
-#endif /* MD4_K5BETA_COMPAT */
-#define CKSUM_FUNCTION krb5_md4_crypto_sum_func
-#define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func
-#define VERIFY_FUNCTION krb5_md4_crypto_verify_func
-#endif /* MD == 4 */
+#if MD == 4
+#define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH
+#define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH
+#define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH
+#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES
+#ifdef MD4_K5BETA_COMPAT
+#define K5BETA_COMPAT 1
+#else /* MD4_K5BETA_COMPAT */
+#undef K5BETA_COMPAT
+#endif /* MD4_K5BETA_COMPAT */
+#define CKSUM_FUNCTION krb5_md4_crypto_sum_func
+#define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func
+#define VERIFY_FUNCTION krb5_md4_crypto_verify_func
+#endif /* MD == 4 */
-#if MD == 5
-#define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH
-#define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH
-#define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH
-#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES
-#ifdef MD5_K5BETA_COMPAT
-#define K5BETA_COMPAT 1
-#else /* MD5_K5BETA_COMPAT */
-#undef K5BETA_COMPAT
-#endif /* MD5_K5BETA_COMPAT */
-#define CKSUM_FUNCTION krb5_md5_crypto_sum_func
-#define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func
-#define VERIFY_FUNCTION krb5_md5_crypto_verify_func
-#endif /* MD == 5 */
+#if MD == 5
+#define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH
+#define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH
+#define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH
+#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES
+#ifdef MD5_K5BETA_COMPAT
+#define K5BETA_COMPAT 1
+#else /* MD5_K5BETA_COMPAT */
+#undef K5BETA_COMPAT
+#endif /* MD5_K5BETA_COMPAT */
+#define CKSUM_FUNCTION krb5_md5_crypto_sum_func
+#define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func
+#define VERIFY_FUNCTION krb5_md5_crypto_verify_func
+#endif /* MD == 5 */
static void
print_checksum(text, number, message, checksum)
- char *text;
- int number;
- char *message;
- krb5_checksum *checksum;
+ char *text;
+ int number;
+ char *message;
+ krb5_checksum *checksum;
{
- int i;
+ int i;
- printf("%s MD%d checksum(\"%s\") = ", text, number, message);
- for (i=0; i<checksum->length; i++)
- printf("%02x", checksum->contents[i]);
- printf("\n");
+ printf("%s MD%d checksum(\"%s\") = ", text, number, message);
+ for (i=0; i<checksum->length; i++)
+ printf("%02x", checksum->contents[i]);
+ printf("\n");
}
/*
*/
int
main(argc, argv)
- int argc;
- char **argv;
+ int argc;
+ char **argv;
{
- int msgindex;
- krb5_context kcontext;
- krb5_encrypt_block encblock;
- krb5_keyblock keyblock;
- krb5_error_code kret;
- krb5_checksum oldstyle_checksum;
- krb5_checksum newstyle_checksum;
- krb5_data pwdata;
- char *pwd;
+ int msgindex;
+ krb5_context kcontext;
+ krb5_encrypt_block encblock;
+ krb5_keyblock keyblock;
+ krb5_error_code kret;
+ krb5_checksum oldstyle_checksum;
+ krb5_checksum newstyle_checksum;
+ krb5_data pwdata;
+ char *pwd;
- pwd = "test password";
- pwdata.length = strlen(pwd);
- pwdata.data = pwd;
- krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE);
- if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) {
- printf("mit_des_string_to_key choked with %d\n", kret);
- return(kret);
- }
- if ((kret = mit_des_process_key(&encblock, &keyblock))) {
- printf("mit_des_process_key choked with %d\n", kret);
- return(kret);
- }
-
- oldstyle_checksum.length = OLD_CHECKSUM_LENGTH;
- if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) {
- printf("cannot get memory for old style checksum\n");
- return(ENOMEM);
- }
- newstyle_checksum.length = NEW_CHECKSUM_LENGTH;
- if (!(newstyle_checksum.contents = (krb5_octet *)
- malloc(NEW_CHECKSUM_LENGTH))) {
- printf("cannot get memory for new style checksum\n");
- return(ENOMEM);
- }
- for (msgindex = 1; msgindex < argc; msgindex++) {
- if ((kret = CKSUM_FUNCTION(argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length,
- &newstyle_checksum))) {
- printf("krb5_calculate_checksum choked with %d\n", kret);
- break;
+ pwd = "test password";
+ pwdata.length = strlen(pwd);
+ pwdata.data = pwd;
+ krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE);
+ if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) {
+ printf("mit_des_string_to_key choked with %d\n", kret);
+ return(kret);
}
- print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
-#ifdef K5BETA_COMPAT
- if ((kret = COMPAT_FUNCTION(argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length,
- &oldstyle_checksum))) {
- printf("old style calculate_checksum choked with %d\n", kret);
- break;
+ if ((kret = mit_des_process_key(&encblock, &keyblock))) {
+ printf("mit_des_process_key choked with %d\n", kret);
+ return(kret);
}
- print_checksum("old", MD, argv[msgindex], &oldstyle_checksum);
-#endif /* K5BETA_COMPAT */
- if ((kret = VERIFY_FUNCTION(&newstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on new checksum choked with %d\n", kret);
- break;
- }
- printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
-#ifdef K5BETA_COMPAT
- if ((kret = VERIFY_FUNCTION(&oldstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on old checksum choked with %d\n", kret);
- break;
+
+ oldstyle_checksum.length = OLD_CHECKSUM_LENGTH;
+ if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) {
+ printf("cannot get memory for old style checksum\n");
+ return(ENOMEM);
}
- printf("Compatible checksum verify succeeded for \"%s\"\n",
- argv[msgindex]);
-#endif /* K5BETA_COMPAT */
- newstyle_checksum.contents[0]++;
- if (!(kret = VERIFY_FUNCTION(&newstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on new checksum should have choked\n");
- break;
+ newstyle_checksum.length = NEW_CHECKSUM_LENGTH;
+ if (!(newstyle_checksum.contents = (krb5_octet *)
+ malloc(NEW_CHECKSUM_LENGTH))) {
+ printf("cannot get memory for new style checksum\n");
+ return(ENOMEM);
}
- printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
-#ifdef K5BETA_COMPAT
- oldstyle_checksum.contents[0]++;
- if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on old checksum should have choked\n");
- break;
+ for (msgindex = 1; msgindex < argc; msgindex++) {
+ if ((kret = CKSUM_FUNCTION(argv[msgindex],
+ strlen(argv[msgindex]),
+ (krb5_pointer) keyblock.contents,
+ keyblock.length,
+ &newstyle_checksum))) {
+ printf("krb5_calculate_checksum choked with %d\n", kret);
+ break;
+ }
+ print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
+#ifdef K5BETA_COMPAT
+ if ((kret = COMPAT_FUNCTION(argv[msgindex],
+ strlen(argv[msgindex]),
+ (krb5_pointer) keyblock.contents,
+ keyblock.length,
+ &oldstyle_checksum))) {
+ printf("old style calculate_checksum choked with %d\n", kret);
+ break;
+ }
+ print_checksum("old", MD, argv[msgindex], &oldstyle_checksum);
+#endif /* K5BETA_COMPAT */
+ if ((kret = VERIFY_FUNCTION(&newstyle_checksum,
+ argv[msgindex],
+ strlen(argv[msgindex]),
+ (krb5_pointer) keyblock.contents,
+ keyblock.length))) {
+ printf("verify on new checksum choked with %d\n", kret);
+ break;
+ }
+ printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
+#ifdef K5BETA_COMPAT
+ if ((kret = VERIFY_FUNCTION(&oldstyle_checksum,
+ argv[msgindex],
+ strlen(argv[msgindex]),
+ (krb5_pointer) keyblock.contents,
+ keyblock.length))) {
+ printf("verify on old checksum choked with %d\n", kret);
+ break;
+ }
+ printf("Compatible checksum verify succeeded for \"%s\"\n",
+ argv[msgindex]);
+#endif /* K5BETA_COMPAT */
+ newstyle_checksum.contents[0]++;
+ if (!(kret = VERIFY_FUNCTION(&newstyle_checksum,
+ argv[msgindex],
+ strlen(argv[msgindex]),
+ (krb5_pointer) keyblock.contents,
+ keyblock.length))) {
+ printf("verify on new checksum should have choked\n");
+ break;
+ }
+ printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
+#ifdef K5BETA_COMPAT
+ oldstyle_checksum.contents[0]++;
+ if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum,
+ argv[msgindex],
+ strlen(argv[msgindex]),
+ (krb5_pointer) keyblock.contents,
+ keyblock.length))) {
+ printf("verify on old checksum should have choked\n");
+ break;
+ }
+ printf("Compatible checksum verify of altered checksum OK for \"%s\"\n",
+ argv[msgindex]);
+#endif /* K5BETA_COMPAT */
+ kret = 0;
}
- printf("Compatible checksum verify of altered checksum OK for \"%s\"\n",
- argv[msgindex]);
-#endif /* K5BETA_COMPAT */
- kret = 0;
- }
- if (!kret)
- printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD);
- return(kret);
+ if (!kret)
+ printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD);
+ return(kret);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* MDDRIVER.C - test driver for MD2, MD4 and MD5
*/
/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
-rights reserved.
+ rights reserved.
-RSA Data Security, Inc. makes no representations concerning either
-the merchantability of this software or the suitability of this
-software for any particular purpose. It is provided "as is"
-without express or implied warranty of any kind.
+ RSA Data Security, Inc. makes no representations concerning either
+ the merchantability of this software or the suitability of this
+ software for any particular purpose. It is provided "as is"
+ without express or implied warranty of any kind.
-These notices must be retained in any copies of any part of this
-documentation and/or software.
- */
+ These notices must be retained in any copies of any part of this
+ documentation and/or software.
+*/
/* The following makes MD default to MD5 if it has not already been
- defined with C compiler flags.
- */
+ defined with C compiler flags.
+*/
#ifndef MD
#define MD 5
#endif
struct md_test_entry md_test_suite[] = {
{ "",
- {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31,
- 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 }},
+ {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31,
+ 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 }},
{ "a",
- {0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46,
- 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 }},
+ {0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46,
+ 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 }},
{ "abc",
- {0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52,
- 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d }},
+ {0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52,
+ 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d }},
{ "message digest",
- {0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8,
- 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b }},
+ {0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8,
+ 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b }},
{ "abcdefghijklmnopqrstuvwxyz",
- {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd,
- 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 }},
+ {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd,
+ 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 }},
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- {0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35,
- 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 }},
+ {0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35,
+ 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 }},
{ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19,
- 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 }},
+ {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19,
+ 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 }},
{0, {0}}
};
struct md_test_entry md_test_suite[] = {
{ "",
- {0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
- 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e }},
+ {0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
+ 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e }},
{ "a",
- {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8,
- 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 }},
+ {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8,
+ 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 }},
{ "abc",
- {0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0,
- 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 }},
+ {0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0,
+ 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 }},
{ "message digest",
- {0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d,
- 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 }},
+ {0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d,
+ 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 }},
{ "abcdefghijklmnopqrstuvwxyz",
- {0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00,
- 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b }},
+ {0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00,
+ 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b }},
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
- {0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5,
- 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f }},
+ {0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5,
+ 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f }},
{ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
- {0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55,
- 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a }},
+ {0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55,
+ 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a }},
{ 0, {0} }
};
/* Main driver.
-Arguments (may be any combination):
- -sstring - digests string
- -t - runs time trial
- -x - runs test script
- filename - digests file
- (none) - digests standard input
- */
+ Arguments (may be any combination):
+ -sstring - digests string
+ -t - runs time trial
+ -x - runs test script
+ filename - digests file
+ (none) - digests standard input
+*/
int main (argc, argv)
-int argc;
-char *argv[];
+ int argc;
+ char *argv[];
{
- int i;
-
- if (argc > 1)
- for (i = 1; i < argc; i++)
- if (argv[i][0] == '-' && argv[i][1] == 's')
- MDString (argv[i] + 2);
- else if (strcmp (argv[i], "-t") == 0)
- MDTimeTrial ();
- else if (strcmp (argv[i], "-x") == 0)
- MDTestSuite ();
- else
- MDFile (argv[i]);
- else
- MDFilter ();
-
- return (0);
+ int i;
+
+ if (argc > 1)
+ for (i = 1; i < argc; i++)
+ if (argv[i][0] == '-' && argv[i][1] == 's')
+ MDString (argv[i] + 2);
+ else if (strcmp (argv[i], "-t") == 0)
+ MDTimeTrial ();
+ else if (strcmp (argv[i], "-x") == 0)
+ MDTestSuite ();
+ else
+ MDFile (argv[i]);
+ else
+ MDFilter ();
+
+ return (0);
}
/* Digests a string and prints the result.
*/
static void MDString (string)
-char *string;
+ char *string;
{
- MD_CTX context;
- unsigned int len = strlen (string);
+ MD_CTX context;
+ unsigned int len = strlen (string);
- MDInit (&context);
- MDUpdate (&context, (unsigned char *) string, len);
- MDFinal (&context);
+ MDInit (&context);
+ MDUpdate (&context, (unsigned char *) string, len);
+ MDFinal (&context);
- printf ("MD%d (\"%s\") = ", MD, string);
- MDPrint (context.digest);
- printf ("\n");
+ printf ("MD%d (\"%s\") = ", MD, string);
+ MDPrint (context.digest);
+ printf ("\n");
}
/* Measures the time to digest TEST_BLOCK_COUNT TEST_BLOCK_LEN-byte
- blocks.
- */
+ blocks.
+*/
static void MDTimeTrial ()
{
- MD_CTX context;
- time_t endTime, startTime;
- unsigned char block[TEST_BLOCK_LEN];
- unsigned int i;
-
- printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD,
- TEST_BLOCK_LEN, TEST_BLOCK_COUNT);
-
- /* Initialize block */
- for (i = 0; i < TEST_BLOCK_LEN; i++)
- block[i] = (unsigned char)(i & 0xff);
-
- /* Start timer */
- time (&startTime);
-
- /* Digest blocks */
- MDInit (&context);
- for (i = 0; i < TEST_BLOCK_COUNT; i++)
- MDUpdate (&context, block, TEST_BLOCK_LEN);
- MDFinal (&context);
-
- /* Stop timer */
- time (&endTime);
-
- printf (" done\n");
- printf ("Digest = ");
- MDPrint (context.digest);
- printf ("\nTime = %ld seconds\n", (long)(endTime-startTime));
- printf
- ("Speed = %ld bytes/second\n",
- (long)TEST_BLOCK_LEN * (long)TEST_BLOCK_COUNT/(endTime-startTime));
+ MD_CTX context;
+ time_t endTime, startTime;
+ unsigned char block[TEST_BLOCK_LEN];
+ unsigned int i;
+
+ printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD,
+ TEST_BLOCK_LEN, TEST_BLOCK_COUNT);
+
+ /* Initialize block */
+ for (i = 0; i < TEST_BLOCK_LEN; i++)
+ block[i] = (unsigned char)(i & 0xff);
+
+ /* Start timer */
+ time (&startTime);
+
+ /* Digest blocks */
+ MDInit (&context);
+ for (i = 0; i < TEST_BLOCK_COUNT; i++)
+ MDUpdate (&context, block, TEST_BLOCK_LEN);
+ MDFinal (&context);
+
+ /* Stop timer */
+ time (&endTime);
+
+ printf (" done\n");
+ printf ("Digest = ");
+ MDPrint (context.digest);
+ printf ("\nTime = %ld seconds\n", (long)(endTime-startTime));
+ printf
+ ("Speed = %ld bytes/second\n",
+ (long)TEST_BLOCK_LEN * (long)TEST_BLOCK_COUNT/(endTime-startTime));
}
/* Digests a reference suite of strings and prints the results.
#ifdef HAVE_TEST_SUITE
MD_CTX context;
struct md_test_entry *entry;
- int i, num_tests = 0, num_failed = 0;
+ int i, num_tests = 0, num_failed = 0;
printf ("MD%d test suite:\n\n", MD);
for (entry = md_test_suite; entry->string; entry++) {
- unsigned int len = strlen (entry->string);
-
- MDInit (&context);
- MDUpdate (&context, (unsigned char *) entry->string, len);
- MDFinal (&context);
-
- printf ("MD%d (\"%s\") = ", MD, entry->string);
- MDPrint (context.digest);
- printf ("\n");
- for (i=0; i < 16; i++) {
- if (context.digest[i] != entry->digest[i]) {
- printf("\tIncorrect MD%d digest! Should have been:\n\t\t ",
- MD);
- MDPrint(entry->digest);
- printf("\n");
- num_failed++;
- }
- }
- num_tests++;
+ unsigned int len = strlen (entry->string);
+
+ MDInit (&context);
+ MDUpdate (&context, (unsigned char *) entry->string, len);
+ MDFinal (&context);
+
+ printf ("MD%d (\"%s\") = ", MD, entry->string);
+ MDPrint (context.digest);
+ printf ("\n");
+ for (i=0; i < 16; i++) {
+ if (context.digest[i] != entry->digest[i]) {
+ printf("\tIncorrect MD%d digest! Should have been:\n\t\t ",
+ MD);
+ MDPrint(entry->digest);
+ printf("\n");
+ num_failed++;
+ }
+ }
+ num_tests++;
}
if (num_failed) {
- printf("%d out of %d tests failed for MD%d!!!\n", num_failed,
- num_tests, MD);
- exit(1);
+ printf("%d out of %d tests failed for MD%d!!!\n", num_failed,
+ num_tests, MD);
+ exit(1);
} else {
- printf ("%d tests passed successfully for MD%d.\n", num_tests, MD);
- exit(0);
+ printf ("%d tests passed successfully for MD%d.\n", num_tests, MD);
+ exit(0);
}
#else
MDString ("message digest");
MDString ("abcdefghijklmnopqrstuvwxyz");
MDString
- ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
+ ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
MDString
- ("12345678901234567890123456789012345678901234567890123456789012345678901234567890");
+ ("12345678901234567890123456789012345678901234567890123456789012345678901234567890");
#endif
}
unsigned char buffer[1024];
if ((file = fopen (filename, "rb")) == NULL)
- printf ("%s can't be opened\n", filename);
+ printf ("%s can't be opened\n", filename);
else {
- MDInit (&context);
- while ((len = fread (buffer, 1, 1024, file)) != 0)
- MDUpdate (&context, buffer, len);
- MDFinal (&context);
+ MDInit (&context);
+ while ((len = fread (buffer, 1, 1024, file)) != 0)
+ MDUpdate (&context, buffer, len);
+ MDFinal (&context);
- fclose (file);
+ fclose (file);
- printf ("MD%d (%s) = ", MD, filename);
- MDPrint (context.digest);
- printf ("\n");
+ printf ("MD%d (%s) = ", MD, filename);
+ MDPrint (context.digest);
+ printf ("\n");
}
}
*/
static void MDFilter ()
{
- MD_CTX context;
- int len;
- unsigned char buffer[16];
+ MD_CTX context;
+ int len;
+ unsigned char buffer[16];
- MDInit (&context);
- while ((len = fread (buffer, 1, 16, stdin)) != 0)
- MDUpdate (&context, buffer, len);
- MDFinal (&context);
+ MDInit (&context);
+ while ((len = fread (buffer, 1, 16, stdin)) != 0)
+ MDUpdate (&context, buffer, len);
+ MDFinal (&context);
- MDPrint (context.digest);
- printf ("\n");
+ MDPrint (context.digest);
+ printf ("\n");
}
/* Prints a message digest in hexadecimal.
*/
static void MDPrint (digest)
-unsigned char digest[16];
+ unsigned char digest[16];
{
- unsigned int i;
+ unsigned int i;
- for (i = 0; i < 16; i++)
- printf ("%02x", digest[i]);
+ for (i = 0; i < 16; i++)
+ printf ("%02x", digest[i]);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_nfold.c
*
*
* Program to test the correctness of nfold implementation.
*
- * exit returns 0 ==> success
- * -1 ==> error
+ * exit returns 0 ==> success
+ * -1 ==> error
*/
#include <stdio.h>
static void printhex (size_t len, const unsigned char *p)
{
while (len--)
- printf ("%02x", 0xff & *p++);
+ printf ("%02x", 0xff & *p++);
}
static void printstringhex (const unsigned char *p) {
{
int i;
struct {
- char *input;
- unsigned int n;
- unsigned char exp[192/8];
+ char *input;
+ unsigned int n;
+ unsigned char exp[192/8];
} tests[] = {
- { "012345", 64,
- { 0xbe,0x07,0x26,0x31,0x27,0x6b,0x19,0x55, }
- },
- { "password", 56,
- { 0x78,0xa0,0x7b,0x6c,0xaf,0x85,0xfa, }
- },
- { "Rough Consensus, and Running Code", 64,
- { 0xbb,0x6e,0xd3,0x08,0x70,0xb7,0xf0,0xe0, }
- },
- { "password", 168,
- { 0x59,0xe4,0xa8,0xca,0x7c,0x03,0x85,0xc3,
- 0xc3,0x7b,0x3f,0x6d,0x20,0x00,0x24,0x7c,
- 0xb6,0xe6,0xbd,0x5b,0x3e, }
- },
- { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192,
- { 0xdb,0x3b,0x0d,0x8f,0x0b,0x06,0x1e,0x60,
- 0x32,0x82,0xb3,0x08,0xa5,0x08,0x41,0x22,
- 0x9a,0xd7,0x98,0xfa,0xb9,0x54,0x0c,0x1b, }
- },
+ { "012345", 64,
+ { 0xbe,0x07,0x26,0x31,0x27,0x6b,0x19,0x55, }
+ },
+ { "password", 56,
+ { 0x78,0xa0,0x7b,0x6c,0xaf,0x85,0xfa, }
+ },
+ { "Rough Consensus, and Running Code", 64,
+ { 0xbb,0x6e,0xd3,0x08,0x70,0xb7,0xf0,0xe0, }
+ },
+ { "password", 168,
+ { 0x59,0xe4,0xa8,0xca,0x7c,0x03,0x85,0xc3,
+ 0xc3,0x7b,0x3f,0x6d,0x20,0x00,0x24,0x7c,
+ 0xb6,0xe6,0xbd,0x5b,0x3e, }
+ },
+ { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192,
+ { 0xdb,0x3b,0x0d,0x8f,0x0b,0x06,0x1e,0x60,
+ 0x32,0x82,0xb3,0x08,0xa5,0x08,0x41,0x22,
+ 0x9a,0xd7,0x98,0xfa,0xb9,0x54,0x0c,0x1b, }
+ },
};
unsigned char outbuf[192/8];
printf ("RFC tests:\n");
for (i = 0; i < ASIZE (tests); i++) {
- unsigned char *p = (unsigned char *) tests[i].input;
- assert (tests[i].n / 8 <= sizeof (outbuf));
- krb5int_nfold (8 * strlen ((char *) p), p, tests[i].n, outbuf);
- printf ("%d-fold(\"%s\") =\n", tests[i].n, p);
- printf ("%d-fold(", tests[i].n);
- printstringhex (p);
- printf (") =\n\t");
- printhex (tests[i].n / 8, outbuf);
- printf ("\n\n");
- if (memcmp (outbuf, tests[i].exp, tests[i].n/8) != 0) {
- printf ("wrong value! expected:\n\t");
- printhex (tests[i].n / 8, tests[i].exp);
- exit (1);
- }
+ unsigned char *p = (unsigned char *) tests[i].input;
+ assert (tests[i].n / 8 <= sizeof (outbuf));
+ krb5int_nfold (8 * strlen ((char *) p), p, tests[i].n, outbuf);
+ printf ("%d-fold(\"%s\") =\n", tests[i].n, p);
+ printf ("%d-fold(", tests[i].n);
+ printstringhex (p);
+ printf (") =\n\t");
+ printhex (tests[i].n / 8, outbuf);
+ printf ("\n\n");
+ if (memcmp (outbuf, tests[i].exp, tests[i].n/8) != 0) {
+ printf ("wrong value! expected:\n\t");
+ printhex (tests[i].n / 8, tests[i].exp);
+ exit (1);
+ }
}
}
int j;
if (nbytes > 300)
- abort();
+ abort();
printf("%d-fold(\"kerberos\") =\n\t", nbytes*8);
krb5int_nfold(64, (unsigned char *) "kerberos", 8*nbytes, cipher_text);
for (j=0; j<nbytes; j++)
- printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]);
+ printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]);
printf("\n");
}
int
main(argc, argv)
- int argc;
- char *argv[];
+ int argc;
+ char *argv[];
{
unsigned char cipher_text[64];
int i, j;
printf("N-fold\n");
for (i=0; i<sizeof(nfold_in)/sizeof(char *); i++) {
- printf("\tInput:\t\"%.*s\"\n", (int) strlen((char *) nfold_in[i]),
- nfold_in[i]);
- printf("\t192-Fold:\t");
- krb5int_nfold(strlen((char *) nfold_in[i])*8, nfold_in[i], 24*8,
- cipher_text);
- for (j=0; j<24; j++)
- printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]);
- printf("\n");
- if (memcmp(cipher_text, nfold_192[i], 24)) {
- printf("verify: error in n-fold\n");
- exit(-1);
- };
+ printf("\tInput:\t\"%.*s\"\n", (int) strlen((char *) nfold_in[i]),
+ nfold_in[i]);
+ printf("\t192-Fold:\t");
+ krb5int_nfold(strlen((char *) nfold_in[i])*8, nfold_in[i], 24*8,
+ cipher_text);
+ for (j=0; j<24; j++)
+ printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]);
+ printf("\n");
+ if (memcmp(cipher_text, nfold_192[i], 24)) {
+ printf("verify: error in n-fold\n");
+ exit(-1);
+ };
}
rfc_tests ();
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_pkcs5.c
*
static void printhex (size_t len, const char *p)
{
while (len--)
- printf (" %02X", 0xff & *p++);
+ printf (" %02X", 0xff & *p++);
}
static void printdata (krb5_data *d) {
/* RFC 3211 test cases. */
static const struct {
- const char *pass;
- const char *salt;
- unsigned int count;
- size_t len;
- const unsigned char expected[24];
+ const char *pass;
+ const char *salt;
+ unsigned int count;
+ size_t len;
+ const unsigned char expected[24];
} t[] = {
- { "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 5, 8,
- { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 } },
- { "All n-entities must communicate with other "
- "n-entities via n-1 entiteeheehees",
- "\x12\x34\x56\x78\x78\x56\x34\x12", 500, 24,
- { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE,
- 0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86,
- 0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D } },
+ { "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 5, 8,
+ { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 } },
+ { "All n-entities must communicate with other "
+ "n-entities via n-1 entiteeheehees",
+ "\x12\x34\x56\x78\x78\x56\x34\x12", 500, 24,
+ { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE,
+ 0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86,
+ 0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D } },
};
d.data = x;
for (i = 0; i < sizeof(t)/sizeof(t[0]); i++) {
- printf("pkbdf2(iter_count=%d, dklen=%d (%d bytes), salt=12 34 56 78 78 56 34 12,\n"
- " pass=%s):\n ->",
- t[i].count, t[i].len * 8, t[i].len, t[i].pass);
+ printf("pkbdf2(iter_count=%d, dklen=%d (%d bytes), salt=12 34 56 78 78 56 34 12,\n"
+ " pass=%s):\n ->",
+ t[i].count, t[i].len * 8, t[i].len, t[i].pass);
- d.length = t[i].len;
- pass.data = t[i].pass;
- pass.length = strlen(pass.data);
- salt.data = t[i].salt;
- salt.length = strlen(salt.data);
- err = krb5int_pbkdf2_hmac_sha1 (&d, t[i].count, &pass, &salt);
- if (err) {
- printf("error in computing pbkdf2: %s\n", error_message(err));
- exit(1);
- }
- printdata(&d);
- if (!memcmp(x, t[i].expected, t[i].len))
- printf("\nTest passed.\n\n");
- else {
- printf("\n*** CHECK FAILED!\n");
- exit(1);
- }
+ d.length = t[i].len;
+ pass.data = t[i].pass;
+ pass.length = strlen(pass.data);
+ salt.data = t[i].salt;
+ salt.length = strlen(salt.data);
+ err = krb5int_pbkdf2_hmac_sha1 (&d, t[i].count, &pass, &salt);
+ if (err) {
+ printf("error in computing pbkdf2: %s\n", error_message(err));
+ exit(1);
+ }
+ printdata(&d);
+ if (!memcmp(x, t[i].expected, t[i].len))
+ printf("\nTest passed.\n\n");
+ else {
+ printf("\n*** CHECK FAILED!\n");
+ exit(1);
+ }
}
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_prf.c
*
#include <assert.h>
int main () {
- krb5_data input, output;
- krb5_keyblock *key = NULL;
- unsigned int in_length;
- unsigned int i;
- size_t prfsz;
+ krb5_data input, output;
+ krb5_keyblock *key = NULL;
+ unsigned int in_length;
+ unsigned int i;
+ size_t prfsz;
- while (1) {
- krb5_enctype enctype;
- char s[1025];
+ while (1) {
+ krb5_enctype enctype;
+ char s[1025];
- if (scanf( "%d", &enctype) == EOF)
- break;
- if (scanf("%1024s", &s[0]) == EOF)
- break;
- assert (krb5_init_keyblock(0, enctype, 0, &key) == 0);
- input.data = &s[0];
- input.length = strlen(s);
- assert(krb5_c_string_to_key (0, enctype, &input, &input, key) == 0);
+ if (scanf( "%d", &enctype) == EOF)
+ break;
+ if (scanf("%1024s", &s[0]) == EOF)
+ break;
+ assert (krb5_init_keyblock(0, enctype, 0, &key) == 0);
+ input.data = &s[0];
+ input.length = strlen(s);
+ assert(krb5_c_string_to_key (0, enctype, &input, &input, key) == 0);
- if (scanf("%u", &in_length) == EOF)
- break;
+ if (scanf("%u", &in_length) == EOF)
+ break;
- if (in_length ) {
- unsigned int lc;
- assert ((input.data = malloc(in_length)) != NULL);
- for (lc = in_length; lc > 0; lc--) {
- scanf ("%2x", &i);
- input.data[in_length-lc] = (unsigned) (i&0xff);
- }
- input.length = in_length;
- assert (krb5_c_prf_length(0, enctype, &prfsz) == 0);
- assert (output.data = malloc(prfsz));
- output.length = prfsz;
- assert (krb5_c_prf(0, key, &input, &output) == 0);
+ if (in_length ) {
+ unsigned int lc;
+ assert ((input.data = malloc(in_length)) != NULL);
+ for (lc = in_length; lc > 0; lc--) {
+ scanf ("%2x", &i);
+ input.data[in_length-lc] = (unsigned) (i&0xff);
+ }
+ input.length = in_length;
+ assert (krb5_c_prf_length(0, enctype, &prfsz) == 0);
+ assert (output.data = malloc(prfsz));
+ output.length = prfsz;
+ assert (krb5_c_prf(0, key, &input, &output) == 0);
- free (input.data);
- input.data = NULL;
- }
- for (; prfsz > 0; prfsz--) {
- printf ("%02x",
- (unsigned int) ((unsigned char ) output.data[output.length-prfsz]));
- }
- printf ("\n");
+ free (input.data);
+ input.data = NULL;
+ }
+ for (; prfsz > 0; prfsz--) {
+ printf ("%02x",
+ (unsigned int) ((unsigned char ) output.data[output.length-prfsz]));
+ }
+ printf ("\n");
- free (output.data);
- output.data = NULL;
- krb5_free_keyblock(0, key);
- key = NULL;
- }
+ free (output.data);
+ output.data = NULL;
+ krb5_free_keyblock(0, key);
+ key = NULL;
+ }
- return (0);
+ return (0);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/t_prng.c
*
#include <assert.h>
int main () {
- krb5_error_code ret;
- krb5_data input, output;
- unsigned int source_id, seed_length;
- unsigned int i;
- while (1) {
+ krb5_error_code ret;
+ krb5_data input, output;
+ unsigned int source_id, seed_length;
+ unsigned int i;
+ while (1) {
/* Read source*/
- if (scanf ("%u", &source_id ) == EOF )
- break;
+ if (scanf ("%u", &source_id ) == EOF )
+ break;
/* Read seed length*/
- if (scanf ("%u", &seed_length) == EOF)
- break;
- if (seed_length ) {
- unsigned int lc;
- assert ((input.data = malloc(seed_length)) != NULL);
- for (lc = seed_length; lc > 0; lc--) {
- scanf ("%2x", &i);
- input.data[seed_length-lc] = (unsigned) (i&0xff);
- }
- input.length = seed_length;
- assert (krb5_c_random_add_entropy (0, source_id, &input) == 0);
- free (input.data);
- input.data = NULL;
+ if (scanf ("%u", &seed_length) == EOF)
+ break;
+ if (seed_length ) {
+ unsigned int lc;
+ assert ((input.data = malloc(seed_length)) != NULL);
+ for (lc = seed_length; lc > 0; lc--) {
+ scanf ("%2x", &i);
+ input.data[seed_length-lc] = (unsigned) (i&0xff);
+ }
+ input.length = seed_length;
+ assert (krb5_c_random_add_entropy (0, source_id, &input) == 0);
+ free (input.data);
+ input.data = NULL;
+ }
+ if (scanf ("%u", &i) == EOF)
+ break;
+ if (i) {
+ assert ((output.data = malloc (i)) != NULL);
+ output.length = i;
+ ret = krb5_c_random_make_octets (0, &output);
+ if (ret)
+ printf ("failed\n");
+ else {
+ for (; i > 0; i--) {
+ printf ("%02x",
+ (unsigned int) ((unsigned char ) output.data[output.length-i]));
+ }
+ printf ("\n");
+ }
+ free (output.data);
+ output.data = NULL;
+ }
}
- if (scanf ("%u", &i) == EOF)
- break;
- if (i) {
- assert ((output.data = malloc (i)) != NULL);
- output.length = i;
- ret = krb5_c_random_make_octets (0, &output);
- if (ret)
- printf ("failed\n");
- else {
- for (; i > 0; i--) {
- printf ("%02x",
- (unsigned int) ((unsigned char ) output.data[output.length-i]));
- }
- printf ("\n");
- }
- free (output.data);
- output.data = NULL;
- }
- }
- return (0);
+ return (0);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/vectors.c
*
static void printhex (size_t len, const char *p)
{
while (len--)
- printf ("%02x", 0xff & *p++);
+ printf ("%02x", 0xff & *p++);
}
static void printstringhex (const char *p) { printhex (strlen (p), p); }
{
int i;
static const struct {
- char *input;
- int n;
+ char *input;
+ int n;
} tests[] = {
- { "012345", 64, },
- { "password", 56, },
- { "Rough Consensus, and Running Code", 64, },
- { "password", 168, },
- { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192 },
- { "Q", 168 },
- { "ba", 168 },
+ { "012345", 64, },
+ { "password", 56, },
+ { "Rough Consensus, and Running Code", 64, },
+ { "password", 168, },
+ { "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 192 },
+ { "Q", 168 },
+ { "ba", 168 },
};
unsigned char outbuf[192/8];
for (i = 0; i < ASIZE (tests); i++) {
- char *p = tests[i].input;
- assert (tests[i].n / 8 <= sizeof (outbuf));
- printf ("%d-fold(\"%s\") =\n", tests[i].n, p);
- printf ("%d-fold(", tests[i].n);
- printstringhex (p);
- printf (") =\n\t");
- krb5int_nfold (8 * strlen (p), p, tests[i].n, outbuf);
- printhex (tests[i].n / 8U, outbuf);
- printf ("\n\n");
+ char *p = tests[i].input;
+ assert (tests[i].n / 8 <= sizeof (outbuf));
+ printf ("%d-fold(\"%s\") =\n", tests[i].n, p);
+ printf ("%d-fold(", tests[i].n);
+ printstringhex (p);
+ printf (") =\n\t");
+ krb5int_nfold (8 * strlen (p), p, tests[i].n, outbuf);
+ printhex (tests[i].n / 8U, outbuf);
+ printf ("\n\n");
}
}
#define GCLEF "\360\235\204\236" /* outside BMP, woo hoo! */
/* Some weak keys:
- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
+ {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
+ {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
so try to generate them. */
static void
test_mit_des_s2k ()
{
static const struct {
- const char *pass;
- const char *salt;
+ const char *pass;
+ const char *salt;
} pairs[] = {
- { "password", "ATHENA.MIT.EDUraeburn" },
- { "potatoe", "WHITEHOUSE.GOVdanny" },
- { "penny", "EXAMPLE.COMbuckaroo", },
- { GCLEF, "EXAMPLE.COMpianist" },
- { ESZETT, "ATHENA.MIT.EDU" JURISIC },
- /* These two trigger weak-key fixups. */
- { "11119999", "AAAAAAAA" },
- { "NNNN6666", "FFFFAAAA" },
+ { "password", "ATHENA.MIT.EDUraeburn" },
+ { "potatoe", "WHITEHOUSE.GOVdanny" },
+ { "penny", "EXAMPLE.COMbuckaroo", },
+ { GCLEF, "EXAMPLE.COMpianist" },
+ { ESZETT, "ATHENA.MIT.EDU" JURISIC },
+ /* These two trigger weak-key fixups. */
+ { "11119999", "AAAAAAAA" },
+ { "NNNN6666", "FFFFAAAA" },
};
int i;
for (i = 0; i < ASIZE (pairs); i++) {
- const char *p = pairs[i].pass;
- const char *s = pairs[i].salt;
- krb5_data pd;
- krb5_data sd;
- unsigned char key_contents[60];
- krb5_keyblock key;
- krb5_error_code r;
- char buf[80];
-
- key.contents = key_contents;
-
- pd.length = strlen (p);
- pd.data = (char *) p;
- sd.length = strlen (s);
- sd.data = (char *) s;
-
- assert (strlen (s) + 4 < sizeof (buf));
- snprintf (buf, sizeof (buf), "\"%s\"", s);
- printf ( "salt: %-25s", buf);
- printhex (strlen(s), s);
- snprintf (buf, sizeof (buf), "\"%s\"", p);
- printf ("\npassword: %-25s", buf);
- printhex (strlen(p), p);
- printf ("\n");
- r = krb5int_des_string_to_key (0, &pd, &sd, 0, &key);
- printf ( "DES key: %-25s", "");
- printhex (key.length, key.contents);
- printf ("\n\n");
+ const char *p = pairs[i].pass;
+ const char *s = pairs[i].salt;
+ krb5_data pd;
+ krb5_data sd;
+ unsigned char key_contents[60];
+ krb5_keyblock key;
+ krb5_error_code r;
+ char buf[80];
+
+ key.contents = key_contents;
+
+ pd.length = strlen (p);
+ pd.data = (char *) p;
+ sd.length = strlen (s);
+ sd.data = (char *) s;
+
+ assert (strlen (s) + 4 < sizeof (buf));
+ snprintf (buf, sizeof (buf), "\"%s\"", s);
+ printf ( "salt: %-25s", buf);
+ printhex (strlen(s), s);
+ snprintf (buf, sizeof (buf), "\"%s\"", p);
+ printf ("\npassword: %-25s", buf);
+ printhex (strlen(p), p);
+ printf ("\n");
+ r = krb5int_des_string_to_key (0, &pd, &sd, 0, &key);
+ printf ( "DES key: %-25s", "");
+ printhex (key.length, key.contents);
+ printf ("\n\n");
}
}
test_s2k (krb5_enctype enctype)
{
static const struct {
- const char *pass;
- const char *salt;
+ const char *pass;
+ const char *salt;
} pairs[] = {
- { "password", "ATHENA.MIT.EDUraeburn" },
- { "potatoe", "WHITEHOUSE.GOVdanny" },
- { "penny", "EXAMPLE.COMbuckaroo", },
- { ESZETT, "ATHENA.MIT.EDU" JURISIC },
- { GCLEF, "EXAMPLE.COMpianist" },
+ { "password", "ATHENA.MIT.EDUraeburn" },
+ { "potatoe", "WHITEHOUSE.GOVdanny" },
+ { "penny", "EXAMPLE.COMbuckaroo", },
+ { ESZETT, "ATHENA.MIT.EDU" JURISIC },
+ { GCLEF, "EXAMPLE.COMpianist" },
};
int i;
for (i = 0; i < ASIZE (pairs); i++) {
- const char *p = pairs[i].pass;
- const char *s = pairs[i].salt;
- krb5_data pd, sd;
- unsigned char key_contents[60];
- krb5_keyblock key;
- krb5_error_code r;
- char buf[80];
-
- pd.length = strlen (p);
- pd.data = (char *) p;
- sd.length = strlen (s);
- sd.data = (char *) s;
- key.contents = key_contents;
-
- assert (strlen (s) + 4 < sizeof (buf));
- snprintf (buf, sizeof(buf), "\"%s\"", s);
- printf ( "salt:\t%s\n\t", buf);
- printhex (strlen(s), s);
- snprintf (buf, sizeof(buf), "\"%s\"", p);
- printf ("\npasswd:\t%s\n\t", buf);
- printhex (strlen(p), p);
- printf ("\n");
- r = krb5_c_string_to_key (0, enctype, &pd, &sd, &key);
- printf ( "key:\t");
- printhex (key.length, key.contents);
- printf ("\n\n");
+ const char *p = pairs[i].pass;
+ const char *s = pairs[i].salt;
+ krb5_data pd, sd;
+ unsigned char key_contents[60];
+ krb5_keyblock key;
+ krb5_error_code r;
+ char buf[80];
+
+ pd.length = strlen (p);
+ pd.data = (char *) p;
+ sd.length = strlen (s);
+ sd.data = (char *) s;
+ key.contents = key_contents;
+
+ assert (strlen (s) + 4 < sizeof (buf));
+ snprintf (buf, sizeof(buf), "\"%s\"", s);
+ printf ( "salt:\t%s\n\t", buf);
+ printhex (strlen(s), s);
+ snprintf (buf, sizeof(buf), "\"%s\"", p);
+ printf ("\npasswd:\t%s\n\t", buf);
+ printhex (strlen(p), p);
+ printf ("\n");
+ r = krb5_c_string_to_key (0, enctype, &pd, &sd, &key);
+ printf ( "key:\t");
+ printhex (key.length, key.contents);
+ printf ("\n\n");
}
}
void check_error (int r, int line) {
if (r != 0) {
- fprintf (stderr, "%s:%d: %s\n", __FILE__, line,
- error_message (r));
- exit (1);
+ fprintf (stderr, "%s:%d: %s\n", __FILE__, line,
+ error_message (r));
+ exit (1);
}
}
#define CHECK check_error(r, __LINE__)
void test_dr_dk ()
{
static const struct {
- unsigned char keydata[KEYLENGTH];
- int usage_len;
- unsigned char usage[8];
+ unsigned char keydata[KEYLENGTH];
+ int usage_len;
+ unsigned char usage[8];
} derive_tests[] = {
- {
- {
- 0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1,
- 0x1c, 0x3d, 0xb5, 0x7c, 0x51, 0x89, 0x9b, 0x2c,
- 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, 0x3b, 0x92,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
- },
- {
- {
- 0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57,
- 0x46, 0x57, 0x85, 0x31, 0xcb, 0x51, 0xc1, 0x5b,
- 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, 0xe9, 0xf2,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
- },
- {
- {
- 0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85,
- 0x9b, 0x75, 0xa1, 0x76, 0x54, 0x0b, 0x97, 0x52,
- 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, 0x52, 0xbc,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
- },
- {
- {
- 0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad,
- 0x70, 0x94, 0x68, 0x0b, 0x7c, 0x64, 0x94, 0x02,
- 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, 0x92, 0xb5,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
- },
- {
- {
- 0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38,
- 0xdc, 0xb9, 0xb9, 0x3e, 0xe5, 0xa7, 0x62, 0x92,
- 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, 0x02, 0xfb,
- },
- 8, { 'k', 'e', 'r', 'b', 'e', 'r', 'o', 's' },
- },
- {
- {
- 0xb5, 0x5e, 0x98, 0x34, 0x67, 0xe5, 0x51, 0xb3,
- 0xe5, 0xd0, 0xe5, 0xb6, 0xc8, 0x0d, 0x45, 0x76,
- 0x94, 0x23, 0xa8, 0x73, 0xdc, 0x62, 0xb3, 0x0e,
- },
- 7, { 'c', 'o', 'm', 'b', 'i', 'n', 'e', },
- },
- {
- {
- 0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62,
- 0xe6, 0xa1, 0x45, 0x9d, 0x01, 0xdf, 0xd3, 0x0d,
- 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, 0x04, 0xda,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
- },
- {
- {
- 0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13,
- 0x15, 0x57, 0x19, 0xd5, 0x5e, 0x2f, 0x1f, 0x79,
- 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, 0x91, 0x7c,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
- },
- {
- {
- 0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57,
- 0xdc, 0x8c, 0x34, 0x3b, 0xa1, 0x7f, 0x2c, 0xa1,
- 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, 0xc4, 0x43,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
- },
- {
- {
- 0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f,
- 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4,
- 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16,
- },
- 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
- },
+ {
+ {
+ 0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1,
+ 0x1c, 0x3d, 0xb5, 0x7c, 0x51, 0x89, 0x9b, 0x2c,
+ 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, 0x3b, 0x92,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
+ },
+ {
+ {
+ 0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57,
+ 0x46, 0x57, 0x85, 0x31, 0xcb, 0x51, 0xc1, 0x5b,
+ 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, 0xe9, 0xf2,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
+ },
+ {
+ {
+ 0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85,
+ 0x9b, 0x75, 0xa1, 0x76, 0x54, 0x0b, 0x97, 0x52,
+ 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, 0x52, 0xbc,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
+ },
+ {
+ {
+ 0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad,
+ 0x70, 0x94, 0x68, 0x0b, 0x7c, 0x64, 0x94, 0x02,
+ 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, 0x92, 0xb5,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
+ },
+ {
+ {
+ 0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38,
+ 0xdc, 0xb9, 0xb9, 0x3e, 0xe5, 0xa7, 0x62, 0x92,
+ 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, 0x02, 0xfb,
+ },
+ 8, { 'k', 'e', 'r', 'b', 'e', 'r', 'o', 's' },
+ },
+ {
+ {
+ 0xb5, 0x5e, 0x98, 0x34, 0x67, 0xe5, 0x51, 0xb3,
+ 0xe5, 0xd0, 0xe5, 0xb6, 0xc8, 0x0d, 0x45, 0x76,
+ 0x94, 0x23, 0xa8, 0x73, 0xdc, 0x62, 0xb3, 0x0e,
+ },
+ 7, { 'c', 'o', 'm', 'b', 'i', 'n', 'e', },
+ },
+ {
+ {
+ 0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62,
+ 0xe6, 0xa1, 0x45, 0x9d, 0x01, 0xdf, 0xd3, 0x0d,
+ 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, 0x04, 0xda,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
+ },
+ {
+ {
+ 0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13,
+ 0x15, 0x57, 0x19, 0xd5, 0x5e, 0x2f, 0x1f, 0x79,
+ 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, 0x91, 0x7c,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
+ },
+ {
+ {
+ 0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57,
+ 0xdc, 0x8c, 0x34, 0x3b, 0xa1, 0x7f, 0x2c, 0xa1,
+ 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, 0xc4, 0x43,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0x55 },
+ },
+ {
+ {
+ 0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f,
+ 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4,
+ 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16,
+ },
+ 5, { 0x00, 0x00, 0x00, 0x01, 0xaa },
+ },
};
int i;
for (i = 0; i < ASIZE(derive_tests); i++) {
#define D (derive_tests[i])
- krb5_keyblock key;
- krb5_data usage;
-
- unsigned char drData[KEYBYTES];
- krb5_data dr;
- unsigned char dkData[KEYLENGTH];
- krb5_keyblock dk;
-
- key.length = KEYLENGTH, key.contents = D.keydata;
- usage.length = D.usage_len, usage.data = D.usage;
- dr.length = KEYBYTES, dr.data = drData;
- dk.length = KEYLENGTH, dk.contents = dkData;
-
- printf ("key:\t"); printkey (&key); printf ("\n");
- printf ("usage:\t"); printdata (&usage); printf ("\n");
- DR (&dr, &key, &usage);
- printf ("DR:\t"); printdata (&dr); printf ("\n");
- DK (&dk, &key, &usage);
- printf ("DK:\t"); printkey (&dk); printf ("\n\n");
+ krb5_keyblock key;
+ krb5_data usage;
+
+ unsigned char drData[KEYBYTES];
+ krb5_data dr;
+ unsigned char dkData[KEYLENGTH];
+ krb5_keyblock dk;
+
+ key.length = KEYLENGTH, key.contents = D.keydata;
+ usage.length = D.usage_len, usage.data = D.usage;
+ dr.length = KEYBYTES, dr.data = drData;
+ dk.length = KEYLENGTH, dk.contents = dkData;
+
+ printf ("key:\t"); printkey (&key); printf ("\n");
+ printf ("usage:\t"); printdata (&usage); printf ("\n");
+ DR (&dr, &key, &usage);
+ printf ("DR:\t"); printdata (&dr); printf ("\n");
+ DK (&dk, &key, &usage);
+ printf ("DK:\t"); printkey (&dk); printf ("\n\n");
}
}
printf("%s:", descr);
for (i = 0; i < d->length; i += r) {
- printf("\n %04x: ", i);
- for (j = i; j < i + r && j < d->length; j++)
- printf(" %02x", 0xff & d->data[j]);
- for (; j < i + r; j++)
- printf(" ");
- printf(" ");
- for (j = i; j < i + r && j < d->length; j++) {
- int c = 0xff & d->data[j];
- printf("%c", isprint(c) ? c : '.');
- }
+ printf("\n %04x: ", i);
+ for (j = i; j < i + r && j < d->length; j++)
+ printf(" %02x", 0xff & d->data[j]);
+ for (; j < i + r; j++)
+ printf(" ");
+ printf(" ");
+ for (j = i; j < i + r && j < d->length; j++) {
+ int c = 0xff & d->data[j];
+ printf("%c", isprint(c) ? c : '.');
+ }
}
printf("\n");
}
test_pbkdf2()
{
static struct {
- int count;
- char *pass;
- char *salt;
+ int count;
+ char *pass;
+ char *salt;
} test[] = {
- { 1, "password", "ATHENA.MIT.EDUraeburn" },
- { 2, "password", "ATHENA.MIT.EDUraeburn" },
- { 1200, "password", "ATHENA.MIT.EDUraeburn" },
- { 5, "password", "\x12\x34\x56\x78\x78\x56\x34\x12" },
- { 1200,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase equals block size" },
- { 1200,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase exceeds block size" },
- { 50, "\xf0\x9d\x84\x9e", "EXAMPLE.COMpianist" },
+ { 1, "password", "ATHENA.MIT.EDUraeburn" },
+ { 2, "password", "ATHENA.MIT.EDUraeburn" },
+ { 1200, "password", "ATHENA.MIT.EDUraeburn" },
+ { 5, "password", "\x12\x34\x56\x78\x78\x56\x34\x12" },
+ { 1200,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size" },
+ { 1200,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size" },
+ { 50, "\xf0\x9d\x84\x9e", "EXAMPLE.COMpianist" },
};
unsigned char x[100];
unsigned char x2[100];
usage.length = 8;
for (j = 0; j < sizeof(test)/sizeof(test[0]); j++) {
- printf("pkbdf2(count=%d, pass=\"%s\", salt=",
- test[j].count, test[j].pass);
- if (isprint(test[j].salt[0]))
- printf("\"%s\")\n", test[j].salt);
- else {
- char *s = test[j].salt;
- printf("0x");
- while (*s)
- printf("%02X", 0xff & *s++);
- printf(")\n");
- }
-
- d.length = 16;
- pass.data = test[j].pass;
- pass.length = strlen(pass.data);
- salt.data = test[j].salt;
- salt.length = strlen(salt.data);
- err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt);
- printd("128-bit PBKDF2 output", &d);
- enc = &krb5int_enc_aes128;
- k.contents = d.data;
- k.length = d.length;
- dk.length = d.length;
- DK (&dk, &k, &usage);
- printk("128-bit AES key",&dk);
-
- d.length = 32;
- err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt);
- printd("256-bit PBKDF2 output", &d);
- enc = &krb5int_enc_aes256;
- k.contents = d.data;
- k.length = d.length;
- dk.length = d.length;
- DK (&dk, &k, &usage);
- printk("256-bit AES key", &dk);
-
- printf("\n");
+ printf("pkbdf2(count=%d, pass=\"%s\", salt=",
+ test[j].count, test[j].pass);
+ if (isprint(test[j].salt[0]))
+ printf("\"%s\")\n", test[j].salt);
+ else {
+ char *s = test[j].salt;
+ printf("0x");
+ while (*s)
+ printf("%02X", 0xff & *s++);
+ printf(")\n");
+ }
+
+ d.length = 16;
+ pass.data = test[j].pass;
+ pass.length = strlen(pass.data);
+ salt.data = test[j].salt;
+ salt.length = strlen(salt.data);
+ err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt);
+ printd("128-bit PBKDF2 output", &d);
+ enc = &krb5int_enc_aes128;
+ k.contents = d.data;
+ k.length = d.length;
+ dk.length = d.length;
+ DK (&dk, &k, &usage);
+ printk("128-bit AES key",&dk);
+
+ d.length = 32;
+ err = krb5int_pbkdf2_hmac_sha1 (&d, test[j].count, &pass, &salt);
+ printd("256-bit PBKDF2 output", &d);
+ enc = &krb5int_enc_aes256;
+ k.contents = d.data;
+ k.length = d.length;
+ dk.length = d.length;
+ DK (&dk, &k, &usage);
+ printk("256-bit AES key", &dk);
+
+ printf("\n");
}
}
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Yarrow - Cryptographic Pseudo-Random Number Generator
* Copyright (c) 2000 Zero-Knowledge Systems, Inc.
for ( pool = 0; pool < 2; pool++ )
{
- printf( " %s: ", pool == YARROW_SLOW_POOL ? "slow" : "fast" );
- for ( sid = 0; sid < y->num_sources; sid++ )
- {
- source = &y->source[ sid ];
- printf( "#%d=%d/%d, ", sid, source->entropy[pool],
- pool == YARROW_SLOW_POOL ?
- y->slow_thresh : y->fast_thresh );
- }
+ printf( " %s: ", pool == YARROW_SLOW_POOL ? "slow" : "fast" );
+ for ( sid = 0; sid < y->num_sources; sid++ )
+ {
+ source = &y->source[ sid ];
+ printf( "#%d=%d/%d, ", sid, source->entropy[pool],
+ pool == YARROW_SLOW_POOL ?
+ y->slow_thresh : y->fast_thresh );
+ }
}
printf( "\n" );
}
#define VERBOSE( x ) if ( yarrow_verbose ) { x }
int Instrumented_krb5int_yarrow_input( Yarrow_CTX* y, int sid, void* sample,
- size_t size, int entropy )
+ size_t size, int entropy )
{
int ret;
VERBOSE( printf( "krb5int_yarrow_input( #%d, %d bits, %s ) = [", sid, entropy,
- y->source[sid].pool ==
- YARROW_SLOW_POOL ? "slow" : "fast" ); );
+ y->source[sid].pool ==
+ YARROW_SLOW_POOL ? "slow" : "fast" ); );
ret = krb5int_yarrow_input( y, sid, sample, size, entropy );
VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
printf( "[%s]\n", krb5int_yarrow_str_error( ret ) ); fflush( stdout );
THROW( ret );
- CATCH:
+CATCH:
THROW( EXCEP_BOOL );
EXCEP_RET;
}
for ( argvp = argv+1, i = 1; i < argc; i++, argvp++ )
{
- arg = *argvp;
- if ( arg[0] == '-' )
- {
- switch ( arg[1] )
- {
- case 'v': yarrow_verbose = 1; continue;
- default: fprintf( stderr, "usage: test [-v] [[test] ... ]\n" );
- THROW( YARROW_FAIL );
- }
- }
- conv_ok = NULL;
- test = strtoul( arg, &conv_ok, 10 );
- if ( !conv_ok || test < 1 || test > num_tests )
- {
- fprintf( stderr, "usage: test [-v] [[test] ... ]\n" );
- THROW( YARROW_FAIL );
- }
- else
- {
- ret = do_test( test );
- if ( ok ) { ok = ret; }
- done_some_tests = 1;
- }
+ arg = *argvp;
+ if ( arg[0] == '-' )
+ {
+ switch ( arg[1] )
+ {
+ case 'v': yarrow_verbose = 1; continue;
+ default: fprintf( stderr, "usage: test [-v] [[test] ... ]\n" );
+ THROW( YARROW_FAIL );
+ }
+ }
+ conv_ok = NULL;
+ test = strtoul( arg, &conv_ok, 10 );
+ if ( !conv_ok || test < 1 || test > num_tests )
+ {
+ fprintf( stderr, "usage: test [-v] [[test] ... ]\n" );
+ THROW( YARROW_FAIL );
+ }
+ else
+ {
+ ret = do_test( test );
+ if ( ok ) { ok = ret; }
+ done_some_tests = 1;
+ }
}
if ( !done_some_tests )
{
- for ( i = 1; i <= num_tests; i++ )
- {
- ret = do_test( i );
- if ( ok ) { ok = ret; }
- }
+ for ( i = 1; i <= num_tests; i++ )
+ {
+ ret = do_test( i );
+ if ( ok ) { ok = ret; }
+ }
}
THROW( ok );
- CATCH:
+CATCH:
switch (EXCEPTION)
{
case YARROW_OK:
- exit (EXIT_SUCCESS);
+ exit (EXIT_SUCCESS);
default:
- exit (EXIT_FAILURE);
+ exit (EXIT_FAILURE);
}
}
VERBOSE( printf( "\nunknown hash function\n\n" ); );
THROW( YARROW_NOT_IMPL );
#endif
- CATCH:
+CATCH:
EXCEP_RET;
}
VERBOSE( printf( "\nunknown encryption function\n\n" ); );
THROW( YARROW_NOT_IMPL );
#endif
- CATCH:
+CATCH:
EXCEP_RET;
}
VERBOSE( printf( "\nkrb5int_yarrow_stretch\n\n" ); );
THROW( YARROW_NOT_IMPL );
- CATCH:
+CATCH:
EXCEP_RET;
}
VERBOSE( printf( "\nGeneral workout test\n\n" ); )
- VERBOSE( printf( "krb5int_yarrow_init() = [" ); );
+ VERBOSE( printf( "krb5int_yarrow_init() = [" ); );
ret = krb5int_yarrow_init( &yarrow, YARROW_SEED_FILE );
VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
ret = krb5int_yarrow_new_source( &yarrow, &user );
VERBOSE( printf( "krb5int_yarrow_new_source() = [%s]\n",
- krb5int_yarrow_str_error( ret ) ); );
+ krb5int_yarrow_str_error( ret ) ); );
if ( ret != YARROW_OK ) { THROW( ret ); }
VERBOSE( printf( "Yarrow_Poll( #%d ) = [", user ); );
ret = krb5int_yarrow_new_source( &yarrow, &mouse );
VERBOSE( printf( "krb5int_yarrow_new_source() = [%s]\n",
- krb5int_yarrow_str_error( ret ) ); );
+ krb5int_yarrow_str_error( ret ) ); );
if ( ret != YARROW_OK ) { THROW( ret ); }
ret = krb5int_yarrow_new_source( &yarrow, &keyboard );
VERBOSE( printf( "krb5int_yarrow_new_source() = [%s]\n",
- krb5int_yarrow_str_error( ret ) ); );
+ krb5int_yarrow_str_error( ret ) ); );
if ( ret != YARROW_OK ) { THROW( ret ); }
/* prematurely try to draw output, to check failure when no
for ( i = 0; i < 2; i++ )
{
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample,
- sizeof( mouse_sample ), 2 ) );
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample,
+ sizeof( mouse_sample ), 2 ) );
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, keyboard, keyboard_sample,
- sizeof( keyboard_sample ), 2 ) );
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, keyboard, keyboard_sample,
+ sizeof( keyboard_sample ), 2 ) );
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample,
- sizeof( user_sample ), 2 ) );
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample,
+ sizeof( user_sample ), 2 ) );
}
#if defined( YARROW_DEBUG )
#endif
VERBOSE( printf( "\nInduce user source (#%d) to reach "
- "slow threshold\n\n", user ); );
+ "slow threshold\n\n", user ); );
/* induce fast reseed */
for ( i = 0; i < 7; i++ )
{
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample,
- sizeof( user_sample ),
- sizeof( user_sample ) * 3 ) );
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, user_sample,
+ sizeof( user_sample ),
+ sizeof( user_sample ) * 3 ) );
}
VERBOSE( printf( "\nInduce mouse source (#%d) to reach "
- "slow threshold reseed\n\n", mouse ); );
+ "slow threshold reseed\n\n", mouse ); );
/* induce slow reseed, by triggering a second source to reach it's
threshold */
for ( i = 0; i < 40; i++ )
{
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample,
- sizeof( mouse_sample ),
- sizeof( mouse_sample )*2 ) );
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, mouse_sample,
+ sizeof( mouse_sample ),
+ sizeof( mouse_sample )*2 ) );
}
VERBOSE( printf( "\nProduce some output\n\n" ); );
for ( i = 0; i < 30; i++ )
{
- VERBOSE( printf( "krb5int_yarrow_output( %d ) = [", sizeof( junk ) ); );
- ret = krb5int_yarrow_output( &yarrow, junk, sizeof( junk ) );
- VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
- if ( ret != YARROW_OK ) { THROW( ret ); }
+ VERBOSE( printf( "krb5int_yarrow_output( %d ) = [", sizeof( junk ) ); );
+ ret = krb5int_yarrow_output( &yarrow, junk, sizeof( junk ) );
+ VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
+ if ( ret != YARROW_OK ) { THROW( ret ); }
}
memset( junk, 0, sizeof( junk ) );
for ( i = 0; i < 30; i++ )
{
- /* odd input to a different source so there are some slow reseeds */
-
- if ( i % 16 == 0 )
- {
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, junk,
- sizeof( junk ),
- sizeof( junk ) * 3 ) );
- }
- else
- {
- TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, junk,
- sizeof( junk ),
- sizeof( junk ) * 3 ) );
- }
+ /* odd input to a different source so there are some slow reseeds */
+
+ if ( i % 16 == 0 )
+ {
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, mouse, junk,
+ sizeof( junk ),
+ sizeof( junk ) * 3 ) );
+ }
+ else
+ {
+ TRY( Instrumented_krb5int_yarrow_input( &yarrow, user, junk,
+ sizeof( junk ),
+ sizeof( junk ) * 3 ) );
+ }
}
VERBOSE( printf( "\nPrint some random output\n\n" ); );
VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
if ( ret != YARROW_OK )
{
- THROW( ret );
+ THROW( ret );
}
else
{
- VERBOSE( hex_print( stdout, "random", random, sizeof( random ) ); );
+ VERBOSE( hex_print( stdout, "random", random, sizeof( random ) ); );
}
VERBOSE( printf( "\nClose down Yarrow\n\n" ); );
- CATCH:
+CATCH:
if ( initialized )
{
- VERBOSE( printf( "krb5int_yarrow_final() = [" ); );
- ret = krb5int_yarrow_final( &yarrow );
- VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
- THROW( ret );
+ VERBOSE( printf( "krb5int_yarrow_final() = [" ); );
+ ret = krb5int_yarrow_final( &yarrow );
+ VERBOSE( printf( "%s]\n", krb5int_yarrow_str_error( ret ) ); );
+ THROW( ret );
}
EXCEP_RET;
}
fprintf( f, " = " );
for ( i = 0; i < size; i++ )
{
- c = conv[ (p[ i ] >> 4) & 0xf ];
- d = conv[ p[ i ] & 0xf ];
- fprintf( f, "%c%c", c, d );
+ c = conv[ (p[ i ] >> 4) & 0xf ];
+ d = conv[ p[ i ] & 0xf ];
+ fprintf( f, "%c%c", c, d );
}
fprintf( f, "\n" );
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/aead.c
*
krb5_crypto_iov *
krb5int_c_locate_iov(krb5_crypto_iov *data,
- size_t num_data,
- krb5_cryptotype type)
+ size_t num_data,
+ krb5_cryptotype type)
{
size_t i;
krb5_crypto_iov *iov = NULL;
if (data == NULL)
- return NULL;
+ return NULL;
for (i = 0; i < num_data; i++) {
- if (data[i].flags == type) {
- if (iov == NULL)
- iov = &data[i];
- else
- return NULL; /* can't appear twice */
- }
+ if (data[i].flags == type) {
+ if (iov == NULL)
+ iov = &data[i];
+ else
+ return NULL; /* can't appear twice */
+ }
}
return iov;
static krb5_error_code
make_unkeyed_checksum_iov(const struct krb5_hash_provider *hash_provider,
- const krb5_crypto_iov *data,
- size_t num_data,
- krb5_data *output)
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ krb5_data *output)
{
krb5_data *sign_data;
size_t num_sign_data;
/* Create a checksum over all the data to be signed */
for (i = 0, num_sign_data = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
+ const krb5_crypto_iov *iov = &data[i];
- if (SIGN_IOV(iov))
- num_sign_data++;
+ if (SIGN_IOV(iov))
+ num_sign_data++;
}
/* XXX cleanup to avoid alloc. */
sign_data = calloc(num_sign_data, sizeof(krb5_data));
if (sign_data == NULL)
- return ENOMEM;
+ return ENOMEM;
for (i = 0, j = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
+ const krb5_crypto_iov *iov = &data[i];
- if (SIGN_IOV(iov))
- sign_data[j++] = iov->data;
+ if (SIGN_IOV(iov))
+ sign_data[j++] = iov->data;
}
ret = (*hash_provider->hash)(num_sign_data, sign_data, output);
krb5_error_code
krb5int_c_make_checksum_iov(const struct krb5_cksumtypes *cksum_type,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_crypto_iov *data,
- size_t num_data,
- krb5_data *cksum_data)
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ krb5_data *cksum_data)
{
const struct krb5_keytypes *e1, *e2;
krb5_error_code ret;
if (cksum_type->keyhash != NULL) {
- /* Check if key is compatible. */
-
- if (cksum_type->keyed_etype) {
- e1 = find_enctype(cksum_type->keyed_etype);
- e2 = find_enctype(key->keyblock.enctype);
- if (e1 == NULL || e2 == NULL || e1->enc != e2->enc) {
- ret = KRB5_BAD_ENCTYPE;
- goto cleanup;
- }
- }
-
- if (cksum_type->keyhash->hash_iov == NULL)
- return KRB5_BAD_ENCTYPE;
-
- ret = (*cksum_type->keyhash->hash_iov)(key, usage, 0, data, num_data,
- cksum_data);
+ /* Check if key is compatible. */
+
+ if (cksum_type->keyed_etype) {
+ e1 = find_enctype(cksum_type->keyed_etype);
+ e2 = find_enctype(key->keyblock.enctype);
+ if (e1 == NULL || e2 == NULL || e1->enc != e2->enc) {
+ ret = KRB5_BAD_ENCTYPE;
+ goto cleanup;
+ }
+ }
+
+ if (cksum_type->keyhash->hash_iov == NULL)
+ return KRB5_BAD_ENCTYPE;
+
+ ret = (*cksum_type->keyhash->hash_iov)(key, usage, 0, data, num_data,
+ cksum_data);
} else if (cksum_type->flags & KRB5_CKSUMFLAG_DERIVE) {
- ret = krb5int_dk_make_checksum_iov(cksum_type->hash,
- key, usage, data, num_data,
- cksum_data);
+ ret = krb5int_dk_make_checksum_iov(cksum_type->hash,
+ key, usage, data, num_data,
+ cksum_data);
} else {
- ret = make_unkeyed_checksum_iov(cksum_type->hash, data, num_data,
- cksum_data);
+ ret = make_unkeyed_checksum_iov(cksum_type->hash, data, num_data,
+ cksum_data);
}
if (ret == 0) {
- if (cksum_type->trunc_size) {
- cksum_data->length = cksum_type->trunc_size;
- }
+ if (cksum_type->trunc_size) {
+ cksum_data->length = cksum_type->trunc_size;
+ }
}
cleanup:
if (ret != 0) {
- memset(cksum_data->data, 0, cksum_data->length);
+ memset(cksum_data->data, 0, cksum_data->length);
}
return ret;
size_t i;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == cksumtype)
- break;
+ if (krb5int_cksumtypes_list[i].ctype == cksumtype)
+ break;
}
if (i == krb5int_cksumtypes_length)
- return NULL;
+ return NULL;
return &krb5int_cksumtypes_list[i];
}
#ifdef DEBUG_IOV
static void
dump_block(const char *tag,
- size_t i,
- size_t j,
- unsigned char *block,
- size_t block_size)
+ size_t i,
+ size_t j,
+ unsigned char *block,
+ size_t block_size)
{
size_t k;
printf("[%s: %d.%d] ", tag, i, j);
for (k = 0; k < block_size; k++)
- printf("%02x ", block[k] & 0xFF);
+ printf("%02x ", block[k] & 0xFF);
printf("\n");
}
static int
process_block_p(const krb5_crypto_iov *data,
- size_t num_data,
- struct iov_block_state *iov_state,
- size_t i)
+ size_t num_data,
+ struct iov_block_state *iov_state,
+ size_t i)
{
const krb5_crypto_iov *iov = &data[i];
int process_block;
switch (iov->flags) {
case KRB5_CRYPTO_TYPE_SIGN_ONLY:
- process_block = iov_state->include_sign_only;
- break;
+ process_block = iov_state->include_sign_only;
+ break;
case KRB5_CRYPTO_TYPE_PADDING:
- process_block = (iov_state->pad_to_boundary == 0);
- break;
+ process_block = (iov_state->pad_to_boundary == 0);
+ break;
case KRB5_CRYPTO_TYPE_HEADER:
- process_block = (iov_state->ignore_header == 0);
- break;
+ process_block = (iov_state->ignore_header == 0);
+ break;
case KRB5_CRYPTO_TYPE_DATA:
- process_block = 1;
- break;
+ process_block = 1;
+ break;
default:
- process_block = 0;
- break;
+ process_block = 0;
+ break;
}
return process_block;
*/
static int
pad_to_boundary_p(const krb5_crypto_iov *data,
- size_t num_data,
- struct iov_block_state *iov_state,
- size_t i,
- size_t j)
+ size_t num_data,
+ struct iov_block_state *iov_state,
+ size_t i,
+ size_t j)
{
/* If the pad_to_boundary flag is unset, return FALSE */
if (iov_state->pad_to_boundary == 0)
- return 0;
+ return 0;
/* If we haven't got any data, we need to get some */
if (j == 0)
- return 0;
+ return 0;
/* No boundary between adjacent buffers marked for processing */
if (data[iov_state->iov_pos].flags == data[i].flags)
- return 0;
+ return 0;
return 1;
}
krb5_boolean
krb5int_c_iov_get_block(unsigned char *block,
- size_t block_size,
- const krb5_crypto_iov *data,
- size_t num_data,
- struct iov_block_state *iov_state)
+ size_t block_size,
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ struct iov_block_state *iov_state)
{
size_t i, j = 0;
for (i = iov_state->iov_pos; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
- size_t nbytes;
+ const krb5_crypto_iov *iov = &data[i];
+ size_t nbytes;
- if (!process_block_p(data, num_data, iov_state, i))
- continue;
+ if (!process_block_p(data, num_data, iov_state, i))
+ continue;
- if (pad_to_boundary_p(data, num_data, iov_state, i, j))
- break;
+ if (pad_to_boundary_p(data, num_data, iov_state, i, j))
+ break;
- iov_state->iov_pos = i;
+ iov_state->iov_pos = i;
- nbytes = iov->data.length - iov_state->data_pos;
- if (nbytes > block_size - j)
- nbytes = block_size - j;
+ nbytes = iov->data.length - iov_state->data_pos;
+ if (nbytes > block_size - j)
+ nbytes = block_size - j;
- memcpy(block + j, iov->data.data + iov_state->data_pos, nbytes);
+ memcpy(block + j, iov->data.data + iov_state->data_pos, nbytes);
- iov_state->data_pos += nbytes;
- j += nbytes;
+ iov_state->data_pos += nbytes;
+ j += nbytes;
- assert(j <= block_size);
+ assert(j <= block_size);
- if (j == block_size)
- break;
+ if (j == block_size)
+ break;
- assert(iov_state->data_pos == iov->data.length);
+ assert(iov_state->data_pos == iov->data.length);
- iov_state->data_pos = 0;
+ iov_state->data_pos = 0;
}
iov_state->iov_pos = i;
if (j != block_size)
- memset(block + j, 0, block_size - j);
+ memset(block + j, 0, block_size - j);
#ifdef DEBUG_IOV
dump_block("get_block", i, j, block, block_size);
krb5_boolean
krb5int_c_iov_put_block(const krb5_crypto_iov *data,
- size_t num_data,
- unsigned char *block,
- size_t block_size,
- struct iov_block_state *iov_state)
+ size_t num_data,
+ unsigned char *block,
+ size_t block_size,
+ struct iov_block_state *iov_state)
{
size_t i, j = 0;
for (i = iov_state->iov_pos; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
- size_t nbytes;
+ const krb5_crypto_iov *iov = &data[i];
+ size_t nbytes;
- if (!process_block_p(data, num_data, iov_state, i))
- continue;
+ if (!process_block_p(data, num_data, iov_state, i))
+ continue;
- if (pad_to_boundary_p(data, num_data, iov_state, i, j))
- break;
+ if (pad_to_boundary_p(data, num_data, iov_state, i, j))
+ break;
- iov_state->iov_pos = i;
+ iov_state->iov_pos = i;
- nbytes = iov->data.length - iov_state->data_pos;
- if (nbytes > block_size - j)
- nbytes = block_size - j;
+ nbytes = iov->data.length - iov_state->data_pos;
+ if (nbytes > block_size - j)
+ nbytes = block_size - j;
- memcpy(iov->data.data + iov_state->data_pos, block + j, nbytes);
+ memcpy(iov->data.data + iov_state->data_pos, block + j, nbytes);
- iov_state->data_pos += nbytes;
- j += nbytes;
+ iov_state->data_pos += nbytes;
+ j += nbytes;
- assert(j <= block_size);
+ assert(j <= block_size);
- if (j == block_size)
- break;
+ if (j == block_size)
+ break;
- assert(iov_state->data_pos == iov->data.length);
+ assert(iov_state->data_pos == iov->data.length);
- iov_state->data_pos = 0;
+ iov_state->data_pos = 0;
}
iov_state->iov_pos = i;
krb5_error_code
krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
unsigned int header_len, trailer_len, padding_len;
assert(stream != NULL);
ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER,
- &header_len);
+ &header_len);
if (ret != 0)
- return ret;
+ return ret;
ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER,
- &trailer_len);
+ &trailer_len);
if (ret != 0)
- return ret;
+ return ret;
ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING,
- &padding_len);
+ &padding_len);
if (ret != 0)
- return ret;
+ return ret;
if (stream->data.length < header_len + trailer_len)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
iov = calloc(num_data + 2, sizeof(krb5_crypto_iov));
if (iov == NULL)
- return ENOMEM;
+ return ENOMEM;
i = 0;
i++;
for (j = 0; j < num_data; j++) {
- if (data[j].flags == KRB5_CRYPTO_TYPE_DATA) {
- if (got_data) {
- free(iov);
- return KRB5_BAD_MSIZE;
- }
-
- got_data++;
-
- data[j].data.data = stream->data.data + header_len;
- data[j].data.length = stream->data.length - header_len
- - trailer_len;
- }
- if (data[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ||
- data[j].flags == KRB5_CRYPTO_TYPE_DATA)
- iov[i++] = data[j];
+ if (data[j].flags == KRB5_CRYPTO_TYPE_DATA) {
+ if (got_data) {
+ free(iov);
+ return KRB5_BAD_MSIZE;
+ }
+
+ got_data++;
+
+ data[j].data.data = stream->data.data + header_len;
+ data[j].data.length = stream->data.length - header_len
+ - trailer_len;
+ }
+ if (data[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ||
+ data[j].flags == KRB5_CRYPTO_TYPE_DATA)
+ iov[i++] = data[j];
}
/*
krb5_error_code
krb5int_c_padding_length(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t data_length,
- unsigned int *pad_length)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ size_t data_length,
+ unsigned int *pad_length)
{
unsigned int padding;
krb5_error_code ret;
ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING,
- &padding);
+ &padding);
if (ret != 0)
- return ret;
+ return ret;
if (padding == 0 || (data_length % padding) == 0)
- *pad_length = 0;
+ *pad_length = 0;
else
- *pad_length = padding - (data_length % padding);
+ *pad_length = padding - (data_length % padding);
return 0;
}
krb5_error_code
krb5int_c_encrypt_aead_compat(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
krb5_crypto_iov iov[4];
krb5_error_code ret;
unsigned int trailer_len = 0;
ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER,
- &header_len);
+ &header_len);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5int_c_padding_length(aead, enc, hash, input->length,
- &padding_len);
+ &padding_len);
if (ret != 0)
- return ret;
+ return ret;
ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER,
- &trailer_len);
+ &trailer_len);
if (ret != 0)
- return ret;
+ return ret;
if (output->length <
- header_len + input->length + padding_len + trailer_len)
- return KRB5_BAD_MSIZE;
+ header_len + input->length + padding_len + trailer_len)
+ return KRB5_BAD_MSIZE;
iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
iov[0].data.data = output->data;
iov[3].data.length = trailer_len;
ret = (*aead->encrypt_iov)(aead, enc, hash, key, usage, ivec,
- iov, sizeof(iov) / sizeof(iov[0]));
+ iov, sizeof(iov) / sizeof(iov[0]));
if (ret != 0)
- zap(iov[1].data.data, iov[1].data.length);
+ zap(iov[1].data.data, iov[1].data.length);
output->length = iov[0].data.length + iov[1].data.length +
- iov[2].data.length + iov[3].data.length;
+ iov[2].data.length + iov[3].data.length;
return ret;
}
krb5_error_code
krb5int_c_decrypt_aead_compat(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
krb5_crypto_iov iov[2];
krb5_error_code ret;
iov[0].flags = KRB5_CRYPTO_TYPE_STREAM;
iov[0].data.data = malloc(input->length);
if (iov[0].data.data == NULL)
- return ENOMEM;
+ return ENOMEM;
memcpy(iov[0].data.data, input->data, input->length);
iov[0].data.length = input->length;
iov[1].data.length = 0;
ret = krb5int_c_iov_decrypt_stream(aead, enc, hash, key,
- usage, ivec,
- iov, sizeof(iov)/sizeof(iov[0]));
+ usage, ivec,
+ iov, sizeof(iov)/sizeof(iov[0]));
if (ret != 0)
- goto cleanup;
+ goto cleanup;
if (output->length < iov[1].data.length) {
- ret = KRB5_BAD_MSIZE;
- goto cleanup;
+ ret = KRB5_BAD_MSIZE;
+ goto cleanup;
}
memcpy(output->data, iov[1].data.data, iov[1].data.length);
void
krb5int_c_encrypt_length_aead_compat(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length)
{
unsigned int header_len = 0;
unsigned int padding_len = 0;
unsigned int trailer_len = 0;
(*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER,
- &header_len);
+ &header_len);
krb5int_c_padding_length(aead, enc, hash, inputlen, &padding_len);
(*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER,
- &trailer_len);
+ &trailer_len);
*length = header_len + inputlen + padding_len + trailer_len;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/aead.h
*
krb5_crypto_iov *
krb5int_c_locate_iov(krb5_crypto_iov *data,
- size_t num_data,
- krb5_cryptotype type);
+ size_t num_data,
+ krb5_cryptotype type);
krb5_error_code
krb5int_c_make_checksum_iov(const struct krb5_cksumtypes *cksum,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_crypto_iov *data,
- size_t num_data,
- krb5_data *cksum_data);
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ krb5_data *cksum_data);
const struct krb5_cksumtypes *
krb5int_c_find_checksum_type(krb5_cksumtype cksumtype);
-#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER)
+#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER)
-#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \
- (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING)
+#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \
+ (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING)
-#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov))
+#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov))
-#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \
- (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY )
+#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \
+ (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY )
struct iov_block_state {
- size_t iov_pos; /* index into iov array */
- size_t data_pos; /* index into iov contents */
- unsigned int ignore_header : 1; /* have/should we process HEADER */
- unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */
- unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */
+ size_t iov_pos; /* index into iov array */
+ size_t data_pos; /* index into iov contents */
+ unsigned int ignore_header : 1; /* have/should we process HEADER */
+ unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */
+ unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */
};
-#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \
- (_state)->data_pos = \
- (_state)->ignore_header = \
- (_state)->include_sign_only = \
- (_state)->pad_to_boundary = 0)
+#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \
+ (_state)->data_pos = \
+ (_state)->ignore_header = \
+ (_state)->include_sign_only = \
+ (_state)->pad_to_boundary = 0)
krb5_boolean
krb5int_c_iov_get_block(unsigned char *block,
- size_t block_size,
- const krb5_crypto_iov *data,
- size_t num_data,
- struct iov_block_state *iov_state);
+ size_t block_size,
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ struct iov_block_state *iov_state);
krb5_boolean
krb5int_c_iov_put_block(const krb5_crypto_iov *data,
- size_t num_data,
- unsigned char *block,
- size_t block_size,
- struct iov_block_state *iov_state);
+ size_t num_data,
+ unsigned char *block,
+ size_t block_size,
+ struct iov_block_state *iov_state);
krb5_error_code
krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data);
krb5_error_code
krb5int_c_decrypt_aead_compat(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output);
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output);
krb5_error_code
krb5int_c_encrypt_aead_compat(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output);
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output);
void
krb5int_c_encrypt_length_aead_compat(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length);
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length);
krb5_error_code
krb5int_c_padding_length(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t data_length,
- unsigned int *pad_length);
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ size_t data_length,
+ unsigned int *pad_length);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
-ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95).
-This cipher is widely believed and has been tested to be equivalent
-with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark
-of RSA Data Security)
+ ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95).
+ This cipher is widely believed and has been tested to be equivalent
+ with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark
+ of RSA Data Security)
*/
#ifndef ARCFOUR_INT_H
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
-ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95).
-This cipher is widely believed and has been tested to be equivalent
-with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark
-of RSA Data Security)
+ ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95).
+ This cipher is widely believed and has been tested to be equivalent
+ with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark
+ of RSA Data Security)
*/
#include "k5-int.h"
void
krb5int_arcfour_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length)
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length)
{
- size_t blocksize, hashsize;
+ size_t blocksize, hashsize;
- blocksize = enc->block_size;
- hashsize = hash->hashsize;
+ blocksize = enc->block_size;
+ hashsize = hash->hashsize;
- /* checksum + (confounder + inputlen, in even blocksize) */
- *length = hashsize + krb5_roundup(8 + inputlen, blocksize);
+ /* checksum + (confounder + inputlen, in even blocksize) */
+ *length = hashsize + krb5_roundup(8 + inputlen, blocksize);
}
- krb5_keyusage
- krb5int_arcfour_translate_usage(krb5_keyusage usage)
+krb5_keyusage
+krb5int_arcfour_translate_usage(krb5_keyusage usage)
{
- switch (usage) {
- case 1: /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */
- return 1;
- case 2: /* ticket from kdc */
- return 2;
- case 3: /* as-rep encrypted part */
- return 8;
- case 4: /* tgs-req authz data */
- return 4;
- case 5: /* tgs-req authz data in subkey */
- return 5;
- case 6: /* tgs-req authenticator cksum */
- return 6;
-case 7: /* tgs-req authenticator */
- return 7;
+ switch (usage) {
+ case 1: /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */
+ return 1;
+ case 2: /* ticket from kdc */
+ return 2;
+ case 3: /* as-rep encrypted part */
+ return 8;
+ case 4: /* tgs-req authz data */
+ return 4;
+ case 5: /* tgs-req authz data in subkey */
+ return 5;
+ case 6: /* tgs-req authenticator cksum */
+ return 6;
+ case 7: /* tgs-req authenticator */
+ return 7;
case 8:
- return 8;
- case 9: /* tgs-rep encrypted with subkey */
- return 9;
- case 10: /* ap-rep authentication cksum */
- return 10; /* xxx Microsoft never uses this*/
- case 11: /* app-req authenticator */
- return 11;
- case 12: /* app-rep encrypted part */
- return 12;
- case 23: /* sign wrap token*/
- return 13;
- default:
- return usage;
-}
+ return 8;
+ case 9: /* tgs-rep encrypted with subkey */
+ return 9;
+ case 10: /* ap-rep authentication cksum */
+ return 10; /* xxx Microsoft never uses this*/
+ case 11: /* app-req authenticator */
+ return 11;
+ case 12: /* app-rep encrypted part */
+ return 12;
+ case 23: /* sign wrap token*/
+ return 13;
+ default:
+ return usage;
+ }
}
krb5_error_code
krb5int_arcfour_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
- krb5_keyblock k1, k2, k3;
- krb5_key k3key = NULL;
- krb5_data d1, d2, d3, salt, plaintext, checksum, ciphertext, confounder;
- krb5_keyusage ms_usage;
- size_t keylength, keybytes, blocksize, hashsize;
- krb5_error_code ret;
-
- blocksize = enc->block_size;
- keybytes = enc->keybytes;
- keylength = enc->keylength;
- hashsize = hash->hashsize;
-
- d1.length=keybytes;
- d1.data=malloc(d1.length);
- if (d1.data == NULL)
- return (ENOMEM);
- k1 = key->keyblock;
- k1.length=d1.length;
- k1.contents= (void *) d1.data;
-
- d2.length=keybytes;
- d2.data=malloc(d2.length);
- if (d2.data == NULL) {
- free(d1.data);
- return (ENOMEM);
- }
- k2 = key->keyblock;
- k2.length=d2.length;
- k2.contents=(void *) d2.data;
-
- d3.length=keybytes;
- d3.data=malloc(d3.length);
- if (d3.data == NULL) {
- free(d1.data);
- free(d2.data);
- return (ENOMEM);
- }
- k3 = key->keyblock;
- k3.length=d3.length;
- k3.contents= (void *) d3.data;
-
- salt.length=14;
- salt.data=malloc(salt.length);
- if (salt.data == NULL) {
- free(d1.data);
- free(d2.data);
- free(d3.data);
- return (ENOMEM);
- }
-
- /* is "input" already blocksize aligned? if it is, then we need this
- step, otherwise we do not */
- plaintext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize);
- plaintext.data=malloc(plaintext.length);
- if (plaintext.data == NULL) {
+ krb5_keyblock k1, k2, k3;
+ krb5_key k3key = NULL;
+ krb5_data d1, d2, d3, salt, plaintext, checksum, ciphertext, confounder;
+ krb5_keyusage ms_usage;
+ size_t keylength, keybytes, blocksize, hashsize;
+ krb5_error_code ret;
+
+ blocksize = enc->block_size;
+ keybytes = enc->keybytes;
+ keylength = enc->keylength;
+ hashsize = hash->hashsize;
+
+ d1.length=keybytes;
+ d1.data=malloc(d1.length);
+ if (d1.data == NULL)
+ return (ENOMEM);
+ k1 = key->keyblock;
+ k1.length=d1.length;
+ k1.contents= (void *) d1.data;
+
+ d2.length=keybytes;
+ d2.data=malloc(d2.length);
+ if (d2.data == NULL) {
+ free(d1.data);
+ return (ENOMEM);
+ }
+ k2 = key->keyblock;
+ k2.length=d2.length;
+ k2.contents=(void *) d2.data;
+
+ d3.length=keybytes;
+ d3.data=malloc(d3.length);
+ if (d3.data == NULL) {
+ free(d1.data);
+ free(d2.data);
+ return (ENOMEM);
+ }
+ k3 = key->keyblock;
+ k3.length=d3.length;
+ k3.contents= (void *) d3.data;
+
+ salt.length=14;
+ salt.data=malloc(salt.length);
+ if (salt.data == NULL) {
+ free(d1.data);
+ free(d2.data);
+ free(d3.data);
+ return (ENOMEM);
+ }
+
+ /* is "input" already blocksize aligned? if it is, then we need this
+ step, otherwise we do not */
+ plaintext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize);
+ plaintext.data=malloc(plaintext.length);
+ if (plaintext.data == NULL) {
+ free(d1.data);
+ free(d2.data);
+ free(d3.data);
+ free(salt.data);
+ return(ENOMEM);
+ }
+
+ /* setup convienient pointers into the allocated data */
+ checksum.length=hashsize;
+ checksum.data=output->data;
+ ciphertext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize);
+ ciphertext.data=output->data+hashsize;
+ confounder.length=CONFOUNDERLENGTH;
+ confounder.data=plaintext.data;
+ output->length = plaintext.length+hashsize;
+
+ /* begin the encryption, computer K1 */
+ ms_usage=krb5int_arcfour_translate_usage(usage);
+ if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+ strncpy(salt.data, krb5int_arcfour_l40, salt.length);
+ store_32_le(ms_usage, salt.data+10);
+ } else {
+ salt.length=4;
+ store_32_le(ms_usage, salt.data);
+ }
+ krb5int_hmac(hash, key, 1, &salt, &d1);
+
+ memcpy(k2.contents, k1.contents, k2.length);
+
+ if (key->keyblock.enctype==ENCTYPE_ARCFOUR_HMAC_EXP)
+ memset(k1.contents+7, 0xab, 9);
+
+ ret=krb5_c_random_make_octets(/* XXX */ 0, &confounder);
+ memcpy(plaintext.data+confounder.length, input->data, input->length);
+ if (ret)
+ goto cleanup;
+
+ ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &checksum);
+ if (ret)
+ goto cleanup;
+
+ ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3);
+ if (ret)
+ goto cleanup;
+
+ ret = krb5_k_create_key(NULL, &k3, &k3key);
+ if (ret)
+ goto cleanup;
+
+ ret=(*(enc->encrypt))(k3key, ivec, &plaintext, &ciphertext);
+
+cleanup:
+ memset(d1.data, 0, d1.length);
+ memset(d2.data, 0, d2.length);
+ memset(d3.data, 0, d3.length);
+ memset(salt.data, 0, salt.length);
+ memset(plaintext.data, 0, plaintext.length);
+
free(d1.data);
free(d2.data);
free(d3.data);
free(salt.data);
- return(ENOMEM);
- }
-
- /* setup convienient pointers into the allocated data */
- checksum.length=hashsize;
- checksum.data=output->data;
- ciphertext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize);
- ciphertext.data=output->data+hashsize;
- confounder.length=CONFOUNDERLENGTH;
- confounder.data=plaintext.data;
- output->length = plaintext.length+hashsize;
-
- /* begin the encryption, computer K1 */
- ms_usage=krb5int_arcfour_translate_usage(usage);
- if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
- strncpy(salt.data, krb5int_arcfour_l40, salt.length);
- store_32_le(ms_usage, salt.data+10);
- } else {
- salt.length=4;
- store_32_le(ms_usage, salt.data);
- }
- krb5int_hmac(hash, key, 1, &salt, &d1);
-
- memcpy(k2.contents, k1.contents, k2.length);
-
- if (key->keyblock.enctype==ENCTYPE_ARCFOUR_HMAC_EXP)
- memset(k1.contents+7, 0xab, 9);
-
- ret=krb5_c_random_make_octets(/* XXX */ 0, &confounder);
- memcpy(plaintext.data+confounder.length, input->data, input->length);
- if (ret)
- goto cleanup;
-
- ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &checksum);
- if (ret)
- goto cleanup;
-
- ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3);
- if (ret)
- goto cleanup;
-
- ret = krb5_k_create_key(NULL, &k3, &k3key);
- if (ret)
- goto cleanup;
-
- ret=(*(enc->encrypt))(k3key, ivec, &plaintext, &ciphertext);
-
- cleanup:
- memset(d1.data, 0, d1.length);
- memset(d2.data, 0, d2.length);
- memset(d3.data, 0, d3.length);
- memset(salt.data, 0, salt.length);
- memset(plaintext.data, 0, plaintext.length);
-
- free(d1.data);
- free(d2.data);
- free(d3.data);
- free(salt.data);
- free(plaintext.data);
- krb5_k_free_key(NULL, k3key);
- return (ret);
+ free(plaintext.data);
+ krb5_k_free_key(NULL, k3key);
+ return (ret);
}
/* This is the arcfour-hmac decryption routine */
krb5_error_code
krb5int_arcfour_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
- krb5_keyblock k1,k2,k3;
- krb5_key k3key;
- krb5_data d1,d2,d3,salt,ciphertext,plaintext,checksum;
- krb5_keyusage ms_usage;
- size_t keybytes, keylength, hashsize, blocksize;
- krb5_error_code ret;
-
- blocksize = enc->block_size;
- keybytes = enc->keybytes;
- keylength = enc->keylength;
- hashsize = hash->hashsize;
-
- d1.length=keybytes;
- d1.data=malloc(d1.length);
- if (d1.data == NULL)
- return (ENOMEM);
- k1 = key->keyblock;
- k1.length=d1.length;
- k1.contents= (void *) d1.data;
-
- d2.length=keybytes;
- d2.data=malloc(d2.length);
- if (d2.data == NULL) {
- free(d1.data);
- return (ENOMEM);
- }
- k2 = key->keyblock;
- k2.length=d2.length;
- k2.contents= (void *) d2.data;
-
- d3.length=keybytes;
- d3.data=malloc(d3.length);
- if (d3.data == NULL) {
- free(d1.data);
- free(d2.data);
- return (ENOMEM);
- }
- k3 = key->keyblock;
- k3.length=d3.length;
- k3.contents= (void *) d3.data;
-
- salt.length=14;
- salt.data=malloc(salt.length);
- if(salt.data==NULL) {
- free(d1.data);
- free(d2.data);
- free(d3.data);
- return (ENOMEM);
- }
-
- ciphertext.length=input->length-hashsize;
- ciphertext.data=input->data+hashsize;
- plaintext.length=ciphertext.length;
- plaintext.data=malloc(plaintext.length);
- if (plaintext.data == NULL) {
+ krb5_keyblock k1,k2,k3;
+ krb5_key k3key;
+ krb5_data d1,d2,d3,salt,ciphertext,plaintext,checksum;
+ krb5_keyusage ms_usage;
+ size_t keybytes, keylength, hashsize, blocksize;
+ krb5_error_code ret;
+
+ blocksize = enc->block_size;
+ keybytes = enc->keybytes;
+ keylength = enc->keylength;
+ hashsize = hash->hashsize;
+
+ d1.length=keybytes;
+ d1.data=malloc(d1.length);
+ if (d1.data == NULL)
+ return (ENOMEM);
+ k1 = key->keyblock;
+ k1.length=d1.length;
+ k1.contents= (void *) d1.data;
+
+ d2.length=keybytes;
+ d2.data=malloc(d2.length);
+ if (d2.data == NULL) {
+ free(d1.data);
+ return (ENOMEM);
+ }
+ k2 = key->keyblock;
+ k2.length=d2.length;
+ k2.contents= (void *) d2.data;
+
+ d3.length=keybytes;
+ d3.data=malloc(d3.length);
+ if (d3.data == NULL) {
+ free(d1.data);
+ free(d2.data);
+ return (ENOMEM);
+ }
+ k3 = key->keyblock;
+ k3.length=d3.length;
+ k3.contents= (void *) d3.data;
+
+ salt.length=14;
+ salt.data=malloc(salt.length);
+ if(salt.data==NULL) {
+ free(d1.data);
+ free(d2.data);
+ free(d3.data);
+ return (ENOMEM);
+ }
+
+ ciphertext.length=input->length-hashsize;
+ ciphertext.data=input->data+hashsize;
+ plaintext.length=ciphertext.length;
+ plaintext.data=malloc(plaintext.length);
+ if (plaintext.data == NULL) {
+ free(d1.data);
+ free(d2.data);
+ free(d3.data);
+ free(salt.data);
+ return (ENOMEM);
+ }
+
+ checksum.length=hashsize;
+ checksum.data=input->data;
+
+ ms_usage=krb5int_arcfour_translate_usage(usage);
+
+ /* We may have to try two ms_usage values; see below. */
+ do {
+ /* compute the salt */
+ if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+ strncpy(salt.data, krb5int_arcfour_l40, salt.length);
+ store_32_le(ms_usage, salt.data + 10);
+ } else {
+ salt.length = 4;
+ store_32_le(ms_usage, salt.data);
+ }
+ ret = krb5int_hmac(hash, key, 1, &salt, &d1);
+ if (ret)
+ goto cleanup;
+
+ memcpy(k2.contents, k1.contents, k2.length);
+
+ if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP)
+ memset(k1.contents + 7, 0xab, 9);
+
+ ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3);
+ if (ret)
+ goto cleanup;
+
+ ret = krb5_k_create_key(NULL, &k3, &k3key);
+ if (ret)
+ goto cleanup;
+ ret = (*(enc->decrypt))(k3key, ivec, &ciphertext, &plaintext);
+ krb5_k_free_key(NULL, k3key);
+ if (ret)
+ goto cleanup;
+
+ ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &d1);
+ if (ret)
+ goto cleanup;
+
+ if (memcmp(checksum.data, d1.data, hashsize) != 0) {
+ if (ms_usage == 9) {
+ /*
+ * RFC 4757 specifies usage 8 for TGS-REP encrypted
+ * parts encrypted in a subkey, but the value used by MS
+ * is actually 9. We now use 9 to start with, but fall
+ * back to 8 on failure in case we are communicating
+ * with a KDC using the value from the RFC.
+ */
+ ms_usage = 8;
+ continue;
+ }
+ ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto cleanup;
+ }
+
+ break;
+ } while (1);
+
+ memcpy(output->data, plaintext.data+CONFOUNDERLENGTH,
+ (plaintext.length-CONFOUNDERLENGTH));
+ output->length=plaintext.length-CONFOUNDERLENGTH;
+
+cleanup:
+ memset(d1.data, 0, d1.length);
+ memset(d2.data, 0, d2.length);
+ memset(d3.data, 0, d2.length);
+ memset(salt.data, 0, salt.length);
+ memset(plaintext.data, 0, plaintext.length);
+
free(d1.data);
free(d2.data);
free(d3.data);
free(salt.data);
- return (ENOMEM);
- }
-
- checksum.length=hashsize;
- checksum.data=input->data;
-
- ms_usage=krb5int_arcfour_translate_usage(usage);
-
- /* We may have to try two ms_usage values; see below. */
- do {
- /* compute the salt */
- if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
- strncpy(salt.data, krb5int_arcfour_l40, salt.length);
- store_32_le(ms_usage, salt.data + 10);
- } else {
- salt.length = 4;
- store_32_le(ms_usage, salt.data);
- }
- ret = krb5int_hmac(hash, key, 1, &salt, &d1);
- if (ret)
- goto cleanup;
-
- memcpy(k2.contents, k1.contents, k2.length);
-
- if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP)
- memset(k1.contents + 7, 0xab, 9);
-
- ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3);
- if (ret)
- goto cleanup;
-
- ret = krb5_k_create_key(NULL, &k3, &k3key);
- if (ret)
- goto cleanup;
- ret = (*(enc->decrypt))(k3key, ivec, &ciphertext, &plaintext);
- krb5_k_free_key(NULL, k3key);
- if (ret)
- goto cleanup;
-
- ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &d1);
- if (ret)
- goto cleanup;
-
- if (memcmp(checksum.data, d1.data, hashsize) != 0) {
- if (ms_usage == 9) {
- /*
- * RFC 4757 specifies usage 8 for TGS-REP encrypted
- * parts encrypted in a subkey, but the value used by MS
- * is actually 9. We now use 9 to start with, but fall
- * back to 8 on failure in case we are communicating
- * with a KDC using the value from the RFC.
- */
- ms_usage = 8;
- continue;
- }
- ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto cleanup;
- }
-
- break;
- } while (1);
-
- memcpy(output->data, plaintext.data+CONFOUNDERLENGTH,
- (plaintext.length-CONFOUNDERLENGTH));
- output->length=plaintext.length-CONFOUNDERLENGTH;
-
- cleanup:
- memset(d1.data, 0, d1.length);
- memset(d2.data, 0, d2.length);
- memset(d3.data, 0, d2.length);
- memset(salt.data, 0, salt.length);
- memset(plaintext.data, 0, plaintext.length);
-
- free(d1.data);
- free(d2.data);
- free(d3.data);
- free(salt.data);
- free(plaintext.data);
- return (ret);
+ free(plaintext.data);
+ return (ret);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef ARCFOUR_H
#define ARCFOUR_H
extern void
krb5int_arcfour_encrypt_length(const struct krb5_enc_provider *,
- const struct krb5_hash_provider *,
- size_t,
- size_t *);
+ const struct krb5_hash_provider *,
+ size_t,
+ size_t *);
extern krb5_error_code
krb5int_arcfour_encrypt(const struct krb5_enc_provider *,
- const struct krb5_hash_provider *,
- krb5_key,
- krb5_keyusage,
- const krb5_data *,
- const krb5_data *,
- krb5_data *);
+ const struct krb5_hash_provider *,
+ krb5_key,
+ krb5_keyusage,
+ const krb5_data *,
+ const krb5_data *,
+ krb5_data *);
extern krb5_error_code
krb5int_arcfour_decrypt(const struct krb5_enc_provider *,
- const struct krb5_hash_provider *,
- krb5_key,
- krb5_keyusage,
- const krb5_data *,
- const krb5_data *,
- krb5_data *);
+ const struct krb5_hash_provider *,
+ krb5_key,
+ krb5_keyusage,
+ const krb5_data *,
+ const krb5_data *,
+ krb5_data *);
extern krb5_error_code
krb5int_arcfour_string_to_key(
- const struct krb5_enc_provider *,
- const krb5_data *,
- const krb5_data *,
- const krb5_data *,
- krb5_keyblock *);
+ const struct krb5_enc_provider *,
+ const krb5_data *,
+ const krb5_data *,
+ const krb5_data *,
+ krb5_keyblock *);
extern const struct krb5_enc_provider krb5int_enc_arcfour;
extern const struct krb5_aead_provider krb5int_aead_arcfour;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/arcfour/arcfour_aead.c
*
static krb5_error_code
krb5int_arcfour_crypto_length(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_cryptotype type,
- unsigned int *length)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_cryptotype type,
+ unsigned int *length)
{
switch (type) {
case KRB5_CRYPTO_TYPE_HEADER:
- *length = hash->hashsize + CONFOUNDERLENGTH;
- break;
+ *length = hash->hashsize + CONFOUNDERLENGTH;
+ break;
case KRB5_CRYPTO_TYPE_PADDING:
- *length = 0;
- break;
+ *length = 0;
+ break;
case KRB5_CRYPTO_TYPE_TRAILER:
- *length = 0;
- break;
+ *length = 0;
+ break;
case KRB5_CRYPTO_TYPE_CHECKSUM:
- *length = hash->hashsize;
- break;
+ *length = hash->hashsize;
+ break;
default:
- assert(0 && "invalid cryptotype passed to krb5int_arcfour_crypto_length");
- break;
+ assert(0 && "invalid cryptotype passed to krb5int_arcfour_crypto_length");
+ break;
}
return 0;
static krb5_error_code
alloc_derived_key(const struct krb5_enc_provider *enc,
- krb5_keyblock *dst,
- krb5_data *data,
- const krb5_keyblock *src)
+ krb5_keyblock *dst,
+ krb5_data *data,
+ const krb5_keyblock *src)
{
data->length = enc->keybytes;
data->data = malloc(data->length);
if (data->data == NULL)
- return ENOMEM;
+ return ENOMEM;
*dst = *src;
dst->length = data->length;
static krb5_error_code
krb5int_arcfour_encrypt_iov(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
krb5_crypto_iov *header, *trailer;
* Caller must have provided space for the header, padding
* and trailer; per RFC 4757 we will arrange it as:
*
- * Checksum | E(Confounder | Plaintext)
+ * Checksum | E(Confounder | Plaintext)
*/
header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER);
if (header == NULL ||
- header->data.length < hash->hashsize + CONFOUNDERLENGTH)
- return KRB5_BAD_MSIZE;
+ header->data.length < hash->hashsize + CONFOUNDERLENGTH)
+ return KRB5_BAD_MSIZE;
header_data = header->data;
/* Trailer may be absent */
trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER);
if (trailer != NULL)
- trailer->data.length = 0;
+ trailer->data.length = 0;
/* Ensure that there is no padding */
for (i = 0; i < num_data; i++) {
- if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING)
- data[i].data.length = 0;
+ if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING)
+ data[i].data.length = 0;
}
ret = alloc_derived_key(enc, &k1, &d1, &key->keyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = alloc_derived_key(enc, &k2, &d2, &key->keyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = alloc_derived_key(enc, &k3, &d3, &key->keyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Begin the encryption, compute K1 */
salt.data = salt_data;
ms_usage = krb5int_arcfour_translate_usage(usage);
if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
- strncpy(salt.data, krb5int_arcfour_l40, salt.length);
- store_32_le(ms_usage, salt.data + 10);
+ strncpy(salt.data, krb5int_arcfour_l40, salt.length);
+ store_32_le(ms_usage, salt.data + 10);
} else {
- salt.length = 4;
- store_32_le(ms_usage, salt.data);
+ salt.length = 4;
+ store_32_le(ms_usage, salt.data);
}
ret = krb5int_hmac(hash, key, 1, &salt, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
memcpy(k2.contents, k1.contents, k2.length);
if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP)
- memset(k1.contents + 7, 0xAB, 9);
+ memset(k1.contents + 7, 0xAB, 9);
header->data.length = hash->hashsize + CONFOUNDERLENGTH;
ret = krb5_c_random_make_octets(0, &confounder);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
checksum.data = header->data.data;
checksum.length = hash->hashsize;
ret = krb5int_hmac_iov_keyblock(hash, &k2, data, num_data, &checksum);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = krb5_k_create_key(NULL, &k3, &k3key);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = enc->encrypt_iov(k3key, ivec, data, num_data);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
cleanup:
header->data = header_data; /* restore header pointers */
if (d1.data != NULL) {
- memset(d1.data, 0, d1.length);
- free(d1.data);
+ memset(d1.data, 0, d1.length);
+ free(d1.data);
}
if (d2.data != NULL) {
- memset(d2.data, 0, d2.length);
- free(d2.data);
+ memset(d2.data, 0, d2.length);
+ free(d2.data);
}
if (d3.data != NULL) {
- memset(d3.data, 0, d3.length);
- free(d3.data);
+ memset(d3.data, 0, d3.length);
+ free(d3.data);
}
krb5_k_free_key(NULL, k3key);
static krb5_error_code
krb5int_arcfour_decrypt_iov(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
krb5_crypto_iov *header, *trailer;
header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER);
if (header == NULL ||
header->data.length != hash->hashsize + CONFOUNDERLENGTH)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
header_data = header->data;
trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER);
if (trailer != NULL && trailer->data.length != 0)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
ret = alloc_derived_key(enc, &k1, &d1, &key->keyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = alloc_derived_key(enc, &k2, &d2, &key->keyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = alloc_derived_key(enc, &k3, &d3, &key->keyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Begin the decryption, compute K1 */
salt.data = salt_data;
ms_usage = krb5int_arcfour_translate_usage(usage);
if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
- strncpy(salt.data, krb5int_arcfour_l40, salt.length);
- store_32_le(ms_usage, (unsigned char *)salt.data + 10);
+ strncpy(salt.data, krb5int_arcfour_l40, salt.length);
+ store_32_le(ms_usage, (unsigned char *)salt.data + 10);
} else {
- salt.length = 4;
- store_32_le(ms_usage, (unsigned char *)salt.data);
+ salt.length = 4;
+ store_32_le(ms_usage, (unsigned char *)salt.data);
}
ret = krb5int_hmac(hash, key, 1, &salt, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
memcpy(k2.contents, k1.contents, k2.length);
if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP)
- memset(k1.contents + 7, 0xAB, 9);
+ memset(k1.contents + 7, 0xAB, 9);
checksum.data = header->data.data;
checksum.length = hash->hashsize;
ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = krb5_k_create_key(NULL, &k3, &k3key);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = enc->decrypt_iov(k3key, ivec, data, num_data);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = krb5int_hmac_iov_keyblock(hash, &k2, data, num_data, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
if (memcmp(checksum.data, d1.data, hash->hashsize) != 0) {
- ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto cleanup;
+ ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto cleanup;
}
cleanup:
header->data = header_data; /* restore header pointers */
if (d1.data != NULL) {
- memset(d1.data, 0, d1.length);
- free(d1.data);
+ memset(d1.data, 0, d1.length);
+ free(d1.data);
}
if (d2.data != NULL) {
- memset(d2.data, 0, d2.length);
- free(d2.data);
+ memset(d2.data, 0, d2.length);
+ free(d2.data);
}
if (d3.data != NULL) {
- memset(d3.data, 0, d3.length);
- free(d3.data);
+ memset(d3.data, 0, d3.length);
+ free(d3.data);
}
krb5_k_free_key(NULL, k3key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#include "k5-int.h"
#include "k5-utf8.h"
#include "rsa-md4.h"
krb5_error_code
krb5int_arcfour_string_to_key(const struct krb5_enc_provider *enc,
- const krb5_data *string, const krb5_data *salt,
- const krb5_data *params, krb5_keyblock *key)
+ const krb5_data *string, const krb5_data *salt,
+ const krb5_data *params, krb5_keyblock *key)
{
- krb5_error_code err = 0;
- krb5_MD4_CTX md4_context;
- unsigned char *copystr;
- size_t copystrlen;
+ krb5_error_code err = 0;
+ krb5_MD4_CTX md4_context;
+ unsigned char *copystr;
+ size_t copystrlen;
- if (params != NULL)
- return KRB5_ERR_BAD_S2K_PARAMS;
+ if (params != NULL)
+ return KRB5_ERR_BAD_S2K_PARAMS;
- if (key->length != 16)
- return (KRB5_BAD_MSIZE);
+ if (key->length != 16)
+ return (KRB5_BAD_MSIZE);
- /* We ignore salt per the Microsoft spec*/
+ /* We ignore salt per the Microsoft spec*/
- /* compute the space needed for the new string.
- Since the password must be stored in unicode, we need to increase
- that number by 2x.
- */
+ /* compute the space needed for the new string.
+ Since the password must be stored in unicode, we need to increase
+ that number by 2x.
+ */
- err = krb5int_utf8cs_to_ucs2les(string->data, string->length, ©str, ©strlen);
- if (err)
- return err;
+ err = krb5int_utf8cs_to_ucs2les(string->data, string->length, ©str, ©strlen);
+ if (err)
+ return err;
- /* the actual MD4 hash of the data */
- krb5int_MD4Init(&md4_context);
- krb5int_MD4Update(&md4_context, copystr, copystrlen);
- krb5int_MD4Final(&md4_context);
- memcpy(key->contents, md4_context.digest, 16);
+ /* the actual MD4 hash of the data */
+ krb5int_MD4Init(&md4_context);
+ krb5int_MD4Update(&md4_context, copystr, copystrlen);
+ krb5int_MD4Final(&md4_context);
+ memcpy(key->contents, md4_context.digest, 16);
#if 0
- /* test the string_to_key function */
- printf("Hash=");
- {
- int counter;
- for(counter=0;counter<16;counter++)
- printf("%02x", md4_context.digest[counter]);
- printf("\n");
- }
+ /* test the string_to_key function */
+ printf("Hash=");
+ {
+ int counter;
+ for(counter=0;counter<16;counter++)
+ printf("%02x", md4_context.digest[counter]);
+ printf("\n");
+ }
#endif /* 0 */
- /* Zero out the data behind us */
- memset(copystr, 0, copystrlen);
- memset(&md4_context, 0, sizeof(md4_context));
- free(copystr);
- return err;
+ /* Zero out the data behind us */
+ memset(copystr, 0, copystrlen);
+ memset(&md4_context, 0, sizeof(md4_context));
+ free(copystr);
+ return err;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_block_size(krb5_context context, krb5_enctype enctype,
- size_t *blocksize)
+ size_t *blocksize)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
*blocksize = ktp->enc->block_size;
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/cf2.c
*
*/
static krb5_error_code
prf_plus(krb5_context context, krb5_keyblock *k, const char *pepper,
- size_t keybytes, char **out)
+ size_t keybytes, char **out)
{
krb5_error_code retval = 0;
size_t prflen, iterations;
krb5int_buf_add(&prf_inbuf, pepper);
retval = krb5_c_prf_length( context, k->enctype, &prflen);
if (retval)
- goto cleanup;
+ goto cleanup;
iterations = keybytes / prflen;
if (keybytes % prflen != 0)
- iterations++;
+ iterations++;
assert(iterations <= 254);
buffer = k5alloc(iterations * prflen, &retval);
if (retval)
- goto cleanup;
+ goto cleanup;
if (krb5int_buf_len(&prf_inbuf) == -1) {
- retval = ENOMEM;
- goto cleanup;
+ retval = ENOMEM;
+ goto cleanup;
}
in_data.length = (krb5_int32) krb5int_buf_len(&prf_inbuf);
in_data.data = krb5int_buf_data(&prf_inbuf);
out_data.data = buffer;
while (iterations > 0) {
- retval = krb5_c_prf(context, k, &in_data, &out_data);
- if (retval)
- goto cleanup;
- out_data.data += prflen;
- in_data.data[0]++;
- iterations--;
+ retval = krb5_c_prf(context, k, &in_data, &out_data);
+ if (retval)
+ goto cleanup;
+ out_data.data += prflen;
+ in_data.data[0]++;
+ iterations--;
}
*out = buffer;
krb5_error_code KRB5_CALLCONV
krb5_c_fx_cf2_simple(krb5_context context,
- krb5_keyblock *k1, const char *pepper1,
- krb5_keyblock *k2, const char *pepper2,
- krb5_keyblock **out)
+ krb5_keyblock *k1, const char *pepper1,
+ krb5_keyblock *k2, const char *pepper2,
+ krb5_keyblock **out)
{
const struct krb5_keytypes *out_enctype;
size_t keybytes, keylength, i;
krb5_keyblock *out_key = NULL;
if (k1 == NULL || !krb5_c_valid_enctype(k1->enctype))
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (k2 == NULL || !krb5_c_valid_enctype(k2->enctype))
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
out_enctype_num = k1->enctype;
assert(out != NULL);
assert((out_enctype = find_enctype(out_enctype_num)) != NULL);
if (out_enctype->prf == NULL) {
- if (context)
- krb5int_set_error(&(context->err), KRB5_CRYPTO_INTERNAL,
- "Enctype %d has no PRF", out_enctype_num);
- return KRB5_CRYPTO_INTERNAL;
+ if (context)
+ krb5int_set_error(&(context->err), KRB5_CRYPTO_INTERNAL,
+ "Enctype %d has no PRF", out_enctype_num);
+ return KRB5_CRYPTO_INTERNAL;
}
keybytes = out_enctype->enc->keybytes;
keylength = out_enctype->enc->keylength;
retval = prf_plus(context, k1, pepper1, keybytes, &prf1);
if (retval)
- goto cleanup;
+ goto cleanup;
retval = prf_plus(context, k2, pepper2, keybytes, &prf2);
if (retval)
- goto cleanup;
+ goto cleanup;
for (i = 0; i < keybytes; i++)
- prf1[i] ^= prf2[i];
+ prf1[i] ^= prf2[i];
retval = krb5int_c_init_keyblock(context, out_enctype_num, keylength,
- &out_key);
+ &out_key);
if (retval)
- goto cleanup;
+ goto cleanup;
keydata.data = prf1;
keydata.length = keybytes;
retval = (*out_enctype->enc->make_key)(&keydata, out_key);
if (retval)
- goto cleanup;
+ goto cleanup;
*out = out_key;
out_key = NULL;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype,
- size_t *length)
+ size_t *length)
{
unsigned int i;
for (i=0; i<krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == cksumtype)
- break;
+ if (krb5int_cksumtypes_list[i].ctype == cksumtype)
+ break;
}
if (i == krb5int_cksumtypes_length)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (krb5int_cksumtypes_list[i].keyhash)
- *length = krb5int_cksumtypes_list[i].keyhash->hashsize;
+ *length = krb5int_cksumtypes_list[i].keyhash->hashsize;
else if (krb5int_cksumtypes_list[i].trunc_size)
- *length = krb5int_cksumtypes_list[i].trunc_size;
+ *length = krb5int_cksumtypes_list[i].trunc_size;
else
- *length = krb5int_cksumtypes_list[i].hash->hashsize;
+ *length = krb5int_cksumtypes_list[i].hash->hashsize;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
unsigned int i;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == cksumtype) {
- if (strlcpy(buffer, krb5int_cksumtypes_list[i].out_string,
- buflen) >= buflen)
- return ENOMEM;
- return 0;
- }
+ if (krb5int_cksumtypes_list[i].ctype == cksumtype) {
+ if (strlcpy(buffer, krb5int_cksumtypes_list[i].out_string,
+ buflen) >= buflen)
+ return ENOMEM;
+ return 0;
+ }
}
return EINVAL;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
unsigned int trunc_size;
};
-#define KRB5_CKSUMFLAG_DERIVE 0x0001
-#define KRB5_CKSUMFLAG_NOT_COLL_PROOF 0x0002
+#define KRB5_CKSUMFLAG_DERIVE 0x0001
+#define KRB5_CKSUMFLAG_NOT_COLL_PROOF 0x0002
extern const struct krb5_cksumtypes krb5int_cksumtypes_list[];
extern const unsigned int krb5int_cksumtypes_length;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
unsigned int i;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == ctype)
- return((krb5int_cksumtypes_list[i].flags &
- KRB5_CKSUMFLAG_NOT_COLL_PROOF) ? FALSE : TRUE);
+ if (krb5int_cksumtypes_list[i].ctype == ctype)
+ return((krb5int_cksumtypes_list[i].flags &
+ KRB5_CKSUMFLAG_NOT_COLL_PROOF) ? FALSE : TRUE);
}
/* ick, but it's better than coredumping, which is what the
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (c) 2002 Naval Research Laboratory (NRL/CCS)
*
* R2 = DR(Key2, n-fold(Key1)) [ Output is length of Key2 ]
*
* rnd = n-fold(R1 | R2) [ Note: output size of nfold must be appropriately
- * sized for random-to-key function ]
+ * sized for random-to-key function ]
* tkey = random-to-key(rnd)
* Combine-Key(Key1, Key2) = DK(tkey, CombineConstant)
*
#include "dk.h"
static krb5_error_code dr(const struct krb5_enc_provider *enc,
- const krb5_keyblock *inkey, unsigned char *outdata,
- const krb5_data *in_constant);
+ const krb5_keyblock *inkey, unsigned char *outdata,
+ const krb5_data *in_constant);
/*
* We only support this combine_keys algorithm for des and 3des keys.
case ENCTYPE_DES_CBC_MD4:
case ENCTYPE_DES_CBC_MD5:
case ENCTYPE_DES3_CBC_SHA1:
- return TRUE;
+ return TRUE;
default:
- return FALSE;
+ return FALSE;
}
}
krb5_error_code
krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
- krb5_keyblock *key2, krb5_keyblock *outkey)
+ krb5_keyblock *key2, krb5_keyblock *outkey)
{
unsigned char *r1 = NULL, *r2 = NULL, *combined = NULL, *rnd = NULL;
unsigned char *output = NULL;
krb5_boolean myalloc = FALSE;
if (!enctype_ok(key1->enctype) || !enctype_ok(key2->enctype))
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
if (key1->length != key2->length || key1->enctype != key2->enctype)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
/* Find our encryption algorithm. */
ktp = find_enctype(key1->enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
enc = ktp->enc;
keybytes = enc->keybytes;
/* Allocate and set up buffers. */
r1 = k5alloc(keybytes, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
r2 = k5alloc(keybytes, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
rnd = k5alloc(keybytes, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
combined = k5alloc(keybytes * 2, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
output = k5alloc(keylength, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
/*
* Get R1 and R2 (by running the input keys through the DR algorithm.
input.data = (char *) key2->contents;
ret = dr(enc, key1, r1, &input);
if (ret)
- goto cleanup;
+ goto cleanup;
input.length = key1->length;
input.data = (char *) key1->contents;
ret = dr(enc, key2, r2, &input);
if (ret)
- goto cleanup;
+ goto cleanup;
/*
* Concatenate the two keys together, and then run them through
ret = (*enc->make_key)(&randbits, &tkeyblock);
if (ret)
- goto cleanup;
+ goto cleanup;
ret = krb5_k_create_key(NULL, &tkeyblock, &tkey);
if (ret)
- goto cleanup;
+ goto cleanup;
/*
* Run through derive-key one more time to produce the final key.
*/
if (outkey->length == 0 || outkey->contents == NULL) {
- outkey->contents = k5alloc(keylength, &ret);
- if (ret)
- goto cleanup;
- outkey->length = keylength;
- outkey->enctype = key1->enctype;
- myalloc = TRUE;
+ outkey->contents = k5alloc(keylength, &ret);
+ if (ret)
+ goto cleanup;
+ outkey->length = keylength;
+ outkey->enctype = key1->enctype;
+ myalloc = TRUE;
}
ret = krb5int_derive_keyblock(enc, tkey, outkey, &input);
if (ret) {
- if (myalloc) {
- free(outkey->contents);
- outkey->contents = NULL;
- }
- goto cleanup;
+ if (myalloc) {
+ free(outkey->contents);
+ outkey->contents = NULL;
+ }
+ goto cleanup;
}
cleanup:
/* Allocate and set up buffers. */
inblockdata = k5alloc(blocksize, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
outblockdata = k5alloc(blocksize, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
ret = krb5_k_create_key(NULL, inkey, &key);
if (ret)
- goto cleanup;
+ goto cleanup;
inblock.data = (char *) inblockdata;
inblock.length = blocksize;
/* initialize the input block */
if (in_constant->length == inblock.length) {
- memcpy(inblock.data, in_constant->data, inblock.length);
+ memcpy(inblock.data, in_constant->data, inblock.length);
} else {
- krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data,
- inblock.length*8, (unsigned char *) inblock.data);
+ krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data,
+ inblock.length*8, (unsigned char *) inblock.data);
}
/* loop encrypting the blocks until enough key bytes are generated */
n = 0;
while (n < keybytes) {
- ret = (*enc->encrypt)(key, 0, &inblock, &outblock);
- if (ret)
- goto cleanup;
-
- if ((keybytes - n) <= outblock.length) {
- memcpy(out + n, outblock.data, (keybytes - n));
- break;
- }
-
- memcpy(out + n, outblock.data, outblock.length);
- memcpy(inblock.data, outblock.data, outblock.length);
- n += outblock.length;
+ ret = (*enc->encrypt)(key, 0, &inblock, &outblock);
+ if (ret)
+ goto cleanup;
+
+ if ((keybytes - n) <= outblock.length) {
+ memcpy(out + n, outblock.data, (keybytes - n));
+ break;
+ }
+
+ memcpy(out + n, outblock.data, outblock.length);
+ memcpy(inblock.data, outblock.data, outblock.length);
+ n += outblock.length;
}
cleanup:
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/krb5/crc-32.h
*
#ifndef KRB5_CRC32__
#define KRB5_CRC32__
-#define CRC32_CKSUM_LENGTH 4
+#define CRC32_CKSUM_LENGTH 4
void
mit_crc32 (krb5_pointer in, size_t in_length, unsigned long *c);
#ifdef CRC32_SHIFT4
void mit_crc32_shift4(krb5_pointer /* in */,
- size_t /* in_length */,
- unsigned long * /* cksum */);
+ size_t /* in_length */,
+ unsigned long * /* cksum */);
#endif
#endif /* KRB5_CRC32__ */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/crc32/crc.c
*
0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf,
0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
- };
+};
void
mit_crc32(krb5_pointer in, size_t in_length, unsigned long *cksum)
data = (u_char *)in;
for (i = 0; i < in_length; i++) {
- idx = (int) (data[i] ^ c);
- idx &= 0xff;
- c >>= 8;
- c ^= crc_table[idx];
+ idx = (int) (data[i] ^ c);
+ idx &= 0xff;
+ c >>= 8;
+ c ^= crc_table[idx];
}
*cksum = c;
data = (u_char *)in;
for (i = 0; i < in_length; i++) {
- b = data[i];
- c = (c >> 4) ^ tbl4[(b ^ c) & 0x0f];
- b >>= 4;
- c = (c >> 4) ^ tbl4[(b ^ c) & 0x0f];
+ b = data[i];
+ c = (c >> 4) ^ tbl4[(b ^ c) & 0x0f];
+ b >>= 4;
+ c = (c >> 4) ^ tbl4[(b ^ c) & 0x0f];
}
*cksum = c;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/crypto_length.c
*
krb5_error_code KRB5_CALLCONV
krb5_c_crypto_length(krb5_context context, krb5_enctype enctype,
- krb5_cryptotype type, unsigned int *size)
+ krb5_cryptotype type, unsigned int *size)
{
const struct krb5_keytypes *ktp;
krb5_error_code ret;
ktp = find_enctype(enctype);
if (ktp == NULL || ktp->aead == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
switch (type) {
case KRB5_CRYPTO_TYPE_EMPTY:
case KRB5_CRYPTO_TYPE_SIGN_ONLY:
- *size = 0;
- ret = 0;
- break;
+ *size = 0;
+ ret = 0;
+ break;
case KRB5_CRYPTO_TYPE_DATA:
- *size = (size_t)~0; /* match Heimdal */
- ret = 0;
- break;
+ *size = (size_t)~0; /* match Heimdal */
+ ret = 0;
+ break;
case KRB5_CRYPTO_TYPE_HEADER:
case KRB5_CRYPTO_TYPE_PADDING:
case KRB5_CRYPTO_TYPE_TRAILER:
case KRB5_CRYPTO_TYPE_CHECKSUM:
- ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash,
- type, size);
- break;
+ ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash,
+ type, size);
+ break;
default:
- ret = EINVAL;
- break;
+ ret = EINVAL;
+ break;
}
return ret;
krb5_error_code KRB5_CALLCONV
krb5_c_padding_length(krb5_context context, krb5_enctype enctype,
- size_t data_length, unsigned int *pad_length)
+ size_t data_length, unsigned int *pad_length)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(enctype);
if (ktp == NULL || ktp->aead == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
return krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash,
- data_length, pad_length);
+ data_length, pad_length);
}
krb5_error_code KRB5_CALLCONV
krb5_c_crypto_length_iov(krb5_context context, krb5_enctype enctype,
- krb5_crypto_iov *data, size_t num_data)
+ krb5_crypto_iov *data, size_t num_data)
{
krb5_error_code ret = 0;
size_t i;
ktp = find_enctype(enctype);
if (ktp == NULL || ktp->aead == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
for (i = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
-
- switch (iov->flags) {
- case KRB5_CRYPTO_TYPE_DATA:
- data_length += iov->data.length;
- break;
- case KRB5_CRYPTO_TYPE_PADDING:
- if (padding != NULL)
- return EINVAL;
-
- padding = iov;
- break;
- case KRB5_CRYPTO_TYPE_HEADER:
- case KRB5_CRYPTO_TYPE_TRAILER:
- case KRB5_CRYPTO_TYPE_CHECKSUM:
- ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash,
- iov->flags, &iov->data.length);
- break;
- case KRB5_CRYPTO_TYPE_EMPTY:
- case KRB5_CRYPTO_TYPE_SIGN_ONLY:
- default:
- break;
- }
-
- if (ret != 0)
- break;
+ krb5_crypto_iov *iov = &data[i];
+
+ switch (iov->flags) {
+ case KRB5_CRYPTO_TYPE_DATA:
+ data_length += iov->data.length;
+ break;
+ case KRB5_CRYPTO_TYPE_PADDING:
+ if (padding != NULL)
+ return EINVAL;
+
+ padding = iov;
+ break;
+ case KRB5_CRYPTO_TYPE_HEADER:
+ case KRB5_CRYPTO_TYPE_TRAILER:
+ case KRB5_CRYPTO_TYPE_CHECKSUM:
+ ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash,
+ iov->flags, &iov->data.length);
+ break;
+ case KRB5_CRYPTO_TYPE_EMPTY:
+ case KRB5_CRYPTO_TYPE_SIGN_ONLY:
+ default:
+ break;
+ }
+
+ if (ret != 0)
+ break;
}
if (ret != 0)
- return ret;
+ return ret;
ret = krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash,
- data_length, &pad_length);
+ data_length, &pad_length);
if (ret != 0)
- return ret;
+ return ret;
if (pad_length != 0 && padding == NULL)
- return EINVAL;
+ return EINVAL;
if (padding != NULL)
- padding->data.length = pad_length;
+ padding->data.length = pad_length;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#include <assert.h>
#include "k5-int.h"
void cryptoint_cleanup_library (void)
{
if (!INITIALIZER_RAN(cryptoint_initialize_library))
- return;
+ return;
krb5int_prng_cleanup ();
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_k_decrypt(krb5_context context, krb5_key key,
- krb5_keyusage usage, const krb5_data *ivec,
- const krb5_enc_data *input, krb5_data *output)
+ krb5_keyusage usage, const krb5_data *ivec,
+ const krb5_enc_data *input, krb5_data *output)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (input->enctype != ENCTYPE_UNKNOWN && ktp->etype != input->enctype)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (ktp->decrypt == NULL) {
- assert(ktp->aead != NULL);
+ assert(ktp->aead != NULL);
- return krb5int_c_decrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash,
- key, usage, ivec,
- &input->ciphertext, output);
+ return krb5int_c_decrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash,
+ key, usage, ivec,
+ &input->ciphertext, output);
}
return (*ktp->decrypt)(ktp->enc, ktp->hash, key, usage, ivec,
- &input->ciphertext, output);
+ &input->ciphertext, output);
}
krb5_error_code KRB5_CALLCONV
krb5_c_decrypt(krb5_context context, const krb5_keyblock *keyblock,
- krb5_keyusage usage, const krb5_data *ivec,
- const krb5_enc_data *input, krb5_data *output)
+ krb5_keyusage usage, const krb5_data *ivec,
+ const krb5_enc_data *input, krb5_data *output)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_decrypt(context, key, usage, ivec, input, output);
krb5_k_free_key(context, key);
return ret;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/encrypt_iov.c
*
krb5_error_code KRB5_CALLCONV
krb5_k_decrypt_iov(krb5_context context,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *cipher_state,
- krb5_crypto_iov *data,
- size_t num_data)
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *cipher_state,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL || ktp->aead == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (krb5int_c_locate_iov(data, num_data,
- KRB5_CRYPTO_TYPE_STREAM) != NULL) {
- return krb5int_c_iov_decrypt_stream(ktp->aead, ktp->enc, ktp->hash,
- key, usage, cipher_state, data,
- num_data);
+ KRB5_CRYPTO_TYPE_STREAM) != NULL) {
+ return krb5int_c_iov_decrypt_stream(ktp->aead, ktp->enc, ktp->hash,
+ key, usage, cipher_state, data,
+ num_data);
}
return (*ktp->aead->decrypt_iov)(ktp->aead, ktp->enc, ktp->hash, key,
- usage, cipher_state, data, num_data);
+ usage, cipher_state, data, num_data);
}
krb5_error_code KRB5_CALLCONV
krb5_c_decrypt_iov(krb5_context context,
- const krb5_keyblock *keyblock,
- krb5_keyusage usage,
- const krb5_data *cipher_state,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_keyblock *keyblock,
+ krb5_keyusage usage,
+ const krb5_data *cipher_state,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_decrypt_iov(context, key, usage, cipher_state, data,
- num_data);
+ num_data);
krb5_k_free_key(context, key);
return ret;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2001 by the Massachusetts Institute of Technology.
* All rights reserved.
krb5_error_code krb5int_des_init_state
(const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state )
{
- new_state->length = 8;
- new_state->data = (void *) malloc(8);
- if (new_state->data) {
- memset (new_state->data, 0, new_state->length);
- /* We need to copy in the key for des-cbc-cr--ick, but that's how it works*/
- if (key->enctype == ENCTYPE_DES_CBC_CRC) {
- memcpy (new_state->data, key->contents, new_state->length);
- }
- } else {
- return ENOMEM;
- }
- return 0;
+ new_state->length = 8;
+ new_state->data = (void *) malloc(8);
+ if (new_state->data) {
+ memset (new_state->data, 0, new_state->length);
+ /* We need to copy in the key for des-cbc-cr--ick, but that's how it works*/
+ if (key->enctype == ENCTYPE_DES_CBC_CRC) {
+ memcpy (new_state->data, key->contents, new_state->length);
+ }
+ } else {
+ return ENOMEM;
+ }
+ return 0;
}
krb5_error_code krb5int_default_free_state
(krb5_data *state)
{
- if (state->data) {
- free (state->data);
- state-> data = NULL;
- state->length = 0;
- }
- return 0;
+ if (state->data) {
+ free (state->data);
+ state-> data = NULL;
+ state->length = 0;
+ }
+ return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code
krb5int_dk_make_checksum(const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *input, krb5_data *output)
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *input, krb5_data *output)
{
const struct krb5_keytypes *ktp;
const struct krb5_enc_provider *enc;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
enc = ktp->enc;
/*
ret = krb5int_derive_key(enc, key, &kc, &datain);
if (ret)
- return ret;
+ return ret;
/* hash the data */
ret = krb5int_hmac(hash, kc, 1, &datain, output);
if (ret)
- memset(output->data, 0, output->length);
+ memset(output->data, 0, output->length);
krb5_k_free_key(NULL, kc);
return ret;
krb5_error_code
krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
+ krb5_key key, krb5_keyusage usage,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
const struct krb5_keytypes *ktp;
const struct krb5_enc_provider *enc;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
enc = ktp->enc;
/*
ret = krb5int_derive_key(enc, key, &kc, &datain);
if (ret)
- return ret;
+ return ret;
/* Hash the data. */
ret = krb5int_hmac_iov(hash, kc, data, num_data, output);
if (ret)
- memset(output->data, 0, output->length);
+ memset(output->data, 0, output->length);
krb5_k_free_key(NULL, kc);
return ret;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
find_cached_dkey(struct derived_key *list, const krb5_data *constant)
{
for (; list; list = list->next) {
- if (data_eq(list->constant, *constant)) {
- krb5_k_reference_key(NULL, list->dkey);
- return list->dkey;
- }
+ if (data_eq(list->constant, *constant)) {
+ krb5_k_reference_key(NULL, list->dkey);
+ return list->dkey;
+ }
}
return NULL;
}
static krb5_error_code
add_cached_dkey(krb5_key key, const krb5_data *constant,
- const krb5_keyblock *dkeyblock, krb5_key *cached_dkey)
+ const krb5_keyblock *dkeyblock, krb5_key *cached_dkey)
{
krb5_key dkey;
krb5_error_code ret;
/* Allocate fields for the new entry. */
dkent = malloc(sizeof(*dkent));
if (dkent == NULL)
- goto cleanup;
+ goto cleanup;
data = malloc(constant->length);
if (data == NULL)
- goto cleanup;
+ goto cleanup;
ret = krb5_k_create_key(NULL, dkeyblock, &dkey);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Add the new entry to the list. */
memcpy(data, constant->data, constant->length);
*/
krb5_error_code
krb5int_derive_keyblock(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_keyblock *outkey,
- const krb5_data *in_constant)
+ krb5_key inkey, krb5_keyblock *outkey,
+ const krb5_data *in_constant)
{
size_t blocksize, keybytes, n;
unsigned char *inblockdata = NULL, *outblockdata = NULL, *rawkey = NULL;
keybytes = enc->keybytes;
if (inkey->keyblock.length != enc->keylength ||
- outkey->length != enc->keylength)
- return KRB5_CRYPTO_INTERNAL;
+ outkey->length != enc->keylength)
+ return KRB5_CRYPTO_INTERNAL;
/* Allocate and set up buffers. */
inblockdata = k5alloc(blocksize, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
outblockdata = k5alloc(blocksize, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
rawkey = k5alloc(keybytes, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
inblock.data = (char *) inblockdata;
inblock.length = blocksize;
/* Initialize the input block. */
if (in_constant->length == inblock.length) {
- memcpy(inblock.data, in_constant->data, inblock.length);
+ memcpy(inblock.data, in_constant->data, inblock.length);
} else {
- krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data,
- inblock.length*8, (unsigned char *) inblock.data);
+ krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data,
+ inblock.length*8, (unsigned char *) inblock.data);
}
/* Loop encrypting the blocks until enough key bytes are generated */
n = 0;
while (n < keybytes) {
- ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock);
- if (ret)
- goto cleanup;
-
- if ((keybytes - n) <= outblock.length) {
- memcpy(rawkey + n, outblock.data, (keybytes - n));
- break;
- }
-
- memcpy(rawkey+n, outblock.data, outblock.length);
- memcpy(inblock.data, outblock.data, outblock.length);
- n += outblock.length;
+ ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock);
+ if (ret)
+ goto cleanup;
+
+ if ((keybytes - n) <= outblock.length) {
+ memcpy(rawkey + n, outblock.data, (keybytes - n));
+ break;
+ }
+
+ memcpy(rawkey+n, outblock.data, outblock.length);
+ memcpy(inblock.data, outblock.data, outblock.length);
+ n += outblock.length;
}
/* postprocess the key */
ret = (*enc->make_key)(&inblock, outkey);
if (ret)
- goto cleanup;
+ goto cleanup;
cleanup:
zapfree(inblockdata, blocksize);
krb5_error_code
krb5int_derive_key(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_key *outkey,
- const krb5_data *in_constant)
+ krb5_key inkey, krb5_key *outkey,
+ const krb5_data *in_constant)
{
krb5_keyblock keyblock;
krb5_error_code ret;
/* Check for a cached result. */
dkey = find_cached_dkey(inkey->derived, in_constant);
if (dkey != NULL) {
- *outkey = dkey;
- return 0;
+ *outkey = dkey;
+ return 0;
}
/* Derive into a temporary keyblock. */
keyblock.length = enc->keylength;
keyblock.contents = malloc(keyblock.length);
if (keyblock.contents == NULL)
- return ENOMEM;
+ return ENOMEM;
ret = krb5int_derive_keyblock(enc, inkey, &keyblock, in_constant);
if (ret)
- goto cleanup;
+ goto cleanup;
/* Cache the derived key. */
ret = add_cached_dkey(inkey, in_constant, &keyblock, &dkey);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
*outkey = dkey;
krb5_error_code
krb5int_derive_random(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_data *outrnd,
- const krb5_data *in_constant)
+ krb5_key inkey, krb5_data *outrnd,
+ const krb5_data *in_constant)
{
size_t blocksize, keybytes, n;
unsigned char *inblockdata = NULL, *outblockdata = NULL, *rawkey = NULL;
keybytes = enc->keybytes;
if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
/* Allocate and set up buffers. */
inblockdata = k5alloc(blocksize, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
outblockdata = k5alloc(blocksize, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
rawkey = k5alloc(keybytes, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
inblock.data = (char *) inblockdata;
inblock.length = blocksize;
/* Initialize the input block. */
if (in_constant->length == inblock.length) {
- memcpy(inblock.data, in_constant->data, inblock.length);
+ memcpy(inblock.data, in_constant->data, inblock.length);
} else {
- krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data,
- inblock.length*8, (unsigned char *) inblock.data);
+ krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data,
+ inblock.length*8, (unsigned char *) inblock.data);
}
/* Loop encrypting the blocks until enough key bytes are generated. */
n = 0;
while (n < keybytes) {
- ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock);
- if (ret)
- goto cleanup;
-
- if ((keybytes - n) <= outblock.length) {
- memcpy(rawkey + n, outblock.data, (keybytes - n));
- break;
- }
-
- memcpy(rawkey+n, outblock.data, outblock.length);
- memcpy(inblock.data, outblock.data, outblock.length);
- n += outblock.length;
+ ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock);
+ if (ret)
+ goto cleanup;
+
+ if ((keybytes - n) <= outblock.length) {
+ memcpy(rawkey + n, outblock.data, (keybytes - n));
+ break;
+ }
+
+ memcpy(rawkey+n, outblock.data, outblock.length);
+ memcpy(inblock.data, outblock.data, outblock.length);
+ n += outblock.length;
}
/* Postprocess the key. */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
void
krb5int_dk_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t input, size_t *length);
+ const struct krb5_hash_provider *hash,
+ size_t input, size_t *length);
krb5_error_code
krb5int_dk_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output);
void
krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t input, size_t *length);
+ const struct krb5_hash_provider *hash,
+ size_t input, size_t *length);
krb5_error_code
krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *output);
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *output);
krb5_error_code
krb5int_dk_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *arg_output);
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *arg_output);
krb5_error_code
krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *arg_output);
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *arg_output);
krb5_error_code
krb5int_dk_string_to_key(const struct krb5_enc_provider *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
krb5_error_code
krb5int_derive_keyblock(const struct krb5_enc_provider *enc,
- krb5_key inkey,
- krb5_keyblock *outkey,
- const krb5_data *in_constant);
+ krb5_key inkey,
+ krb5_keyblock *outkey,
+ const krb5_data *in_constant);
krb5_error_code
krb5int_derive_key(const struct krb5_enc_provider *enc,
- krb5_key inkey,
- krb5_key *outkey,
- const krb5_data *in_constant);
+ krb5_key inkey,
+ krb5_key *outkey,
+ const krb5_data *in_constant);
krb5_error_code
krb5int_dk_make_checksum(const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *input,
- krb5_data *output);
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *input,
+ krb5_data *output);
krb5_error_code
krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output);
krb5_error_code
krb5int_derive_random(const struct krb5_enc_provider *enc,
- krb5_key inkey, krb5_data *outrnd,
- const krb5_data *in_constant);
+ krb5_key inkey, krb5_data *outrnd,
+ const krb5_data *in_constant);
/* AEAD */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/dk/dk_aead.c
*
static krb5_error_code
krb5int_dk_crypto_length(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_cryptotype type,
- unsigned int *length)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_cryptotype type,
+ unsigned int *length)
{
switch (type) {
case KRB5_CRYPTO_TYPE_HEADER:
case KRB5_CRYPTO_TYPE_PADDING:
- *length = enc->block_size;
- break;
+ *length = enc->block_size;
+ break;
case KRB5_CRYPTO_TYPE_TRAILER:
case KRB5_CRYPTO_TYPE_CHECKSUM:
- *length = hash->hashsize;
- break;
+ *length = hash->hashsize;
+ break;
default:
- assert(0 && "invalid cryptotype passed to krb5int_dk_crypto_length");
- break;
+ assert(0 && "invalid cryptotype passed to krb5int_dk_crypto_length");
+ break;
}
return 0;
static krb5_error_code
krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
unsigned char constantdata[K5CLENGTH];
/* E(Confounder | Plaintext | Pad) | Checksum */
ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING,
- &blocksize);
+ &blocksize);
if (ret != 0)
- return ret;
+ return ret;
ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER,
- &hmacsize);
+ &hmacsize);
if (ret != 0)
- return ret;
+ return ret;
for (i = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ krb5_crypto_iov *iov = &data[i];
- if (iov->flags == KRB5_CRYPTO_TYPE_DATA)
- plainlen += iov->data.length;
+ if (iov->flags == KRB5_CRYPTO_TYPE_DATA)
+ plainlen += iov->data.length;
}
/* Validate header and trailer lengths. */
header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER);
if (header == NULL || header->data.length < enc->block_size)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER);
if (trailer == NULL || trailer->data.length < hmacsize)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
if (blocksize != 0) {
- /* Check that the input data is correctly padded. */
- if (plainlen % blocksize)
- padsize = blocksize - (plainlen % blocksize);
+ /* Check that the input data is correctly padded. */
+ if (plainlen % blocksize)
+ padsize = blocksize - (plainlen % blocksize);
}
padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING);
if (padsize && (padding == NULL || padding->data.length < padsize))
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
if (padding != NULL) {
- memset(padding->data.data, 0, padsize);
- padding->data.length = padsize;
+ memset(padding->data.data, 0, padsize);
+ padding->data.length = padsize;
}
cksum = k5alloc(hash->hashsize, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Derive the keys. */
ret = krb5int_derive_key(enc, key, &ke, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
d1.data[4] = 0x55;
ret = krb5int_derive_key(enc, key, &ki, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Generate confounder. */
ret = krb5_c_random_make_octets(/* XXX */ NULL, &header->data);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Hash the plaintext. */
d2.length = hash->hashsize;
ret = krb5int_hmac_iov(hash, ki, data, num_data, &d2);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Encrypt the plaintext (header | data | padding) */
assert(enc->encrypt_iov != NULL);
ret = (*enc->encrypt_iov)(ke, ivec, data, num_data); /* updates ivec */
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Possibly truncate the hash */
assert(hmacsize <= d2.length);
static krb5_error_code
krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
unsigned char constantdata[K5CLENGTH];
unsigned char *cksum = NULL;
if (krb5int_c_locate_iov(data, num_data,
- KRB5_CRYPTO_TYPE_STREAM) != NULL) {
- return krb5int_c_iov_decrypt_stream(aead, enc, hash, key,
- usage, ivec, data, num_data);
+ KRB5_CRYPTO_TYPE_STREAM) != NULL) {
+ return krb5int_c_iov_decrypt_stream(aead, enc, hash, key,
+ usage, ivec, data, num_data);
}
/* E(Confounder | Plaintext | Pad) | Checksum */
ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING,
- &blocksize);
+ &blocksize);
if (ret != 0)
- return ret;
+ return ret;
ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER,
- &hmacsize);
+ &hmacsize);
if (ret != 0)
- return ret;
+ return ret;
for (i = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
+ const krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_DATA_IOV(iov))
- cipherlen += iov->data.length;
+ if (ENCRYPT_DATA_IOV(iov))
+ cipherlen += iov->data.length;
}
if (blocksize == 0) {
- /* Check for correct input length in CTS mode */
- if (enc->block_size != 0 && cipherlen < enc->block_size)
- return KRB5_BAD_MSIZE;
+ /* Check for correct input length in CTS mode */
+ if (enc->block_size != 0 && cipherlen < enc->block_size)
+ return KRB5_BAD_MSIZE;
} else {
- /* Check that the input data is correctly padded */
- if ((cipherlen % blocksize) != 0)
- return KRB5_BAD_MSIZE;
+ /* Check that the input data is correctly padded */
+ if ((cipherlen % blocksize) != 0)
+ return KRB5_BAD_MSIZE;
}
/* Validate header and trailer lengths */
header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER);
if (header == NULL || header->data.length != enc->block_size)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER);
if (trailer == NULL || trailer->data.length != hmacsize)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
cksum = k5alloc(hash->hashsize, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Derive the keys. */
ret = krb5int_derive_key(enc, key, &ke, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
d1.data[4] = 0x55;
ret = krb5int_derive_key(enc, key, &ki, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Decrypt the plaintext (header | data | padding). */
assert(enc->decrypt_iov != NULL);
ret = (*enc->decrypt_iov)(ke, ivec, data, num_data); /* updates ivec */
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Verify the hash. */
d1.length = hash->hashsize; /* non-truncated length */
ret = krb5int_hmac_iov(hash, ki, data, num_data, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Compare only the possibly truncated length. */
if (memcmp(cksum, trailer->data.data, hmacsize) != 0) {
- ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto cleanup;
+ ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto cleanup;
}
cleanup:
static krb5_error_code
krb5int_aes_crypto_length(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_cryptotype type,
- unsigned int *length)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_cryptotype type,
+ unsigned int *length)
{
switch (type) {
case KRB5_CRYPTO_TYPE_HEADER:
- *length = enc->block_size;
- break;
+ *length = enc->block_size;
+ break;
case KRB5_CRYPTO_TYPE_PADDING:
- *length = 0;
- break;
+ *length = 0;
+ break;
case KRB5_CRYPTO_TYPE_TRAILER:
case KRB5_CRYPTO_TYPE_CHECKSUM:
- *length = 96 / 8;
- break;
+ *length = 96 / 8;
+ break;
default:
- assert(0 && "invalid cryptotype passed to krb5int_aes_crypto_length");
- break;
+ assert(0 && "invalid cryptotype passed to krb5int_aes_crypto_length");
+ break;
}
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *output,
- size_t hmacsize,
- int ivec_mode);
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *output,
+ size_t hmacsize,
+ int ivec_mode);
krb5_error_code
krb5int_dk_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
return krb5_dk_decrypt_maybe_trunc_hmac(enc, hash, key, usage,
- ivec, input, output, 0, 0);
+ ivec, input, output, 0, 0);
}
krb5_error_code
krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
return krb5_dk_decrypt_maybe_trunc_hmac(enc, hash, key, usage,
- ivec, input, output, 96 / 8, 1);
+ ivec, input, output, 96 / 8, 1);
}
static krb5_error_code
krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output, size_t hmacsize,
- int ivec_mode)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output, size_t hmacsize,
+ int ivec_mode)
{
krb5_error_code ret;
size_t hashsize, blocksize, enclen, plainlen;
blocksize = enc->block_size;
if (hmacsize == 0)
- hmacsize = hashsize;
+ hmacsize = hashsize;
else if (hmacsize > hashsize)
- return KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ return KRB5KRB_AP_ERR_BAD_INTEGRITY;
enclen = input->length - hmacsize;
/* Allocate and set up ciphertext and to-be-derived keys. */
plaindata = k5alloc(enclen, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
cksum = k5alloc(hashsize, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Derive the keys. */
ret = krb5int_derive_key(enc, key, &ke, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
d1.data[4] = 0x55;
ret = krb5int_derive_key(enc, key, &ki, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* decrypt the ciphertext */
ret = (*enc->decrypt)(ke, ivec, &d1, &d2);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
if (ivec != NULL && ivec->length == blocksize) {
- if (ivec_mode == 0)
- cn = (unsigned char *) d1.data + d1.length - blocksize;
- else if (ivec_mode == 1) {
- int nblocks = (d1.length + blocksize - 1) / blocksize;
- cn = (unsigned char *) d1.data + blocksize * (nblocks - 2);
- } else
- abort();
+ if (ivec_mode == 0)
+ cn = (unsigned char *) d1.data + d1.length - blocksize;
+ else if (ivec_mode == 1) {
+ int nblocks = (d1.length + blocksize - 1) / blocksize;
+ cn = (unsigned char *) d1.data + blocksize * (nblocks - 2);
+ } else
+ abort();
} else
- cn = NULL;
+ cn = NULL;
/* Verify the hash. */
ret = krb5int_hmac(hash, ki, 1, &d2, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
if (memcmp(cksum, input->data+enclen, hmacsize) != 0) {
- ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto cleanup;
+ ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto cleanup;
}
/*
plainlen = enclen - blocksize;
if (output->length < plainlen)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
output->length = plainlen;
memcpy(output->data, d2.data+blocksize, output->length);
if (cn != NULL)
- memcpy(ivec->data, cn, blocksize);
+ memcpy(ivec->data, cn, blocksize);
cleanup:
krb5_k_free_key(NULL, ke);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
void
krb5int_dk_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length)
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length)
{
size_t blocksize, hashsize;
krb5_error_code
krb5int_dk_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
size_t blocksize, plainlen, enclen;
krb5_error_code ret;
/* key->length, ivec will be tested in enc->encrypt. */
if (output->length < enclen)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
/* Allocate and set up plaintext and to-be-derived keys. */
plaintext = malloc(plainlen);
if (plaintext == NULL)
- return ENOMEM;
+ return ENOMEM;
/* Derive the keys. */
ret = krb5int_derive_key(enc, key, &ke, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
d1.data[4] = 0x55;
ret = krb5int_derive_key(enc, key, &ki, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* Put together the plaintext. */
ret = krb5_c_random_make_octets(/* XXX */ 0, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
memcpy(plaintext + blocksize, input->data, input->length);
memset(plaintext + blocksize + input->length, 0,
- plainlen - (blocksize + input->length));
+ plainlen - (blocksize + input->length));
/* Encrypt the plaintext. */
ret = (*enc->encrypt)(ke, ivec, &d1, &d2);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
if (ivec != NULL && ivec->length == blocksize)
- cn = d2.data + d2.length - blocksize;
+ cn = d2.data + d2.length - blocksize;
else
- cn = NULL;
+ cn = NULL;
/* Hash the plaintext. */
ret = krb5int_hmac(hash, ki, 1, &d1, &d2);
if (ret != 0) {
- memset(d2.data, 0, d2.length);
- goto cleanup;
+ memset(d2.data, 0, d2.length);
+ goto cleanup;
}
/* Update ivec. */
if (cn != NULL)
- memcpy(ivec->data, cn, blocksize);
+ memcpy(ivec->data, cn, blocksize);
cleanup:
krb5_k_free_key(NULL, ke);
with a 96-bit truncated HMAC". */
void
krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length)
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length)
{
size_t blocksize, hashsize;
static krb5_error_code
trunc_hmac (const struct krb5_hash_provider *hash,
- krb5_key ki, unsigned int num,
- const krb5_data *input, const krb5_data *output)
+ krb5_key ki, unsigned int num,
+ const krb5_data *input, const krb5_data *output)
{
size_t hashsize;
krb5_data tmp;
hashsize = hash->hashsize;
if (hashsize < output->length)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
tmp.length = hashsize;
tmp.data = malloc(hashsize);
if (tmp.data == NULL)
- return ENOMEM;
+ return ENOMEM;
ret = krb5int_hmac(hash, ki, num, input, &tmp);
if (ret == 0)
- memcpy(output->data, tmp.data, output->length);
+ memcpy(output->data, tmp.data, output->length);
memset(tmp.data, 0, hashsize);
free(tmp.data);
return ret;
krb5_error_code
krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
size_t blocksize, keybytes, plainlen, enclen;
krb5_error_code ret;
/* key->length, ivec will be tested in enc->encrypt */
if (output->length < enclen)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
plaintext = malloc(plainlen);
if (plaintext == NULL)
- return ENOMEM;
+ return ENOMEM;
/* Derive the keys. */
ret = krb5int_derive_key(enc, key, &ke, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
d1.data[4] = 0x55;
ret = krb5int_derive_key(enc, key, &ki, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* put together the plaintext */
ret = krb5_c_random_make_octets(NULL, &d1);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
memcpy(plaintext + blocksize, input->data, input->length);
/* Ciphertext stealing; there should be no more. */
if (plainlen != blocksize + input->length)
- abort();
+ abort();
/* Encrypt the plaintext. */
ret = (*enc->encrypt)(ke, ivec, &d1, &d2);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
if (ivec != NULL && ivec->length == blocksize) {
- int nblocks = (d2.length + blocksize - 1) / blocksize;
- cn = d2.data + blocksize * (nblocks - 2);
+ int nblocks = (d2.length + blocksize - 1) / blocksize;
+ cn = d2.data + blocksize * (nblocks - 2);
} else
- cn = NULL;
+ cn = NULL;
/* Hash the plaintext. */
d2.length = enclen - plainlen;
d2.data = output->data+plainlen;
if (d2.length != 96 / 8)
- abort();
+ abort();
ret = trunc_hmac(hash, ki, 1, &d1, &d2);
if (ret != 0) {
- memset(d2.data, 0, d2.length);
- goto cleanup;
+ memset(d2.data, 0, d2.length);
+ goto cleanup;
}
output->length = enclen;
/* Update ivec. */
if (cn != NULL)
- memcpy(ivec->data, cn, blocksize);
+ memcpy(ivec->data, cn, blocksize);
cleanup:
krb5_k_free_key(NULL, ke);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code
krb5int_dk_string_to_key(const struct krb5_enc_provider *enc,
- const krb5_data *string, const krb5_data *salt,
- const krb5_data *parms, krb5_keyblock *keyblock)
+ const krb5_data *string, const krb5_data *salt,
+ const krb5_data *parms, krb5_keyblock *keyblock)
{
krb5_error_code ret;
size_t keybytes, keylength, concatlen;
concat = k5alloc(concatlen, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
foldstring = k5alloc(keybytes, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
foldkeydata = k5alloc(keylength, &ret);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* construct input string ( = string + salt), fold it, make_key it */
memcpy(concat, string->data, string->length);
if (salt)
- memcpy(concat + string->length, salt->data, salt->length);
+ memcpy(concat + string->length, salt->data, salt->length);
krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring);
ret = (*enc->make_key)(&indata, &foldkeyblock);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
ret = krb5_k_create_key(NULL, &foldkeyblock, &foldkey);
if (ret != 0)
- goto cleanup;
+ goto cleanup;
/* now derive the key from this one */
ret = krb5int_derive_keyblock(enc, foldkey, keyblock, &indata);
if (ret != 0)
- memset(keyblock->contents, 0, keyblock->length);
+ memset(keyblock->contents, 0, keyblock->length);
cleanup:
zapfree(concat, concatlen);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_k_encrypt(krb5_context context, krb5_key key,
- krb5_keyusage usage, const krb5_data *ivec,
- const krb5_data *input, krb5_enc_data *output)
+ krb5_keyusage usage, const krb5_data *ivec,
+ const krb5_data *input, krb5_enc_data *output)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
output->magic = KV5M_ENC_DATA;
output->kvno = 0;
output->enctype = key->keyblock.enctype;
if (ktp->encrypt == NULL) {
- assert(ktp->aead != NULL);
+ assert(ktp->aead != NULL);
- return krb5int_c_encrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash,
- key, usage, ivec, input,
- &output->ciphertext);
+ return krb5int_c_encrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash,
+ key, usage, ivec, input,
+ &output->ciphertext);
}
return (*ktp->encrypt)(ktp->enc, ktp->hash, key, usage, ivec, input,
- &output->ciphertext);
+ &output->ciphertext);
}
krb5_error_code KRB5_CALLCONV
krb5_c_encrypt(krb5_context context, const krb5_keyblock *keyblock,
- krb5_keyusage usage, const krb5_data *ivec,
- const krb5_data *input, krb5_enc_data *output)
+ krb5_keyusage usage, const krb5_data *ivec,
+ const krb5_data *input, krb5_enc_data *output)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_encrypt(context, key, usage, ivec, input, output);
krb5_k_free_key(context, key);
return ret;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/encrypt_iov.c
*
krb5_error_code KRB5_CALLCONV
krb5_k_encrypt_iov(krb5_context context,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *cipher_state,
- krb5_crypto_iov *data,
- size_t num_data)
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *cipher_state,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL || ktp->aead == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
return (*ktp->aead->encrypt_iov)(ktp->aead, ktp->enc, ktp->hash,
- key, usage, cipher_state, data, num_data);
+ key, usage, cipher_state, data, num_data);
}
krb5_error_code KRB5_CALLCONV
krb5_c_encrypt_iov(krb5_context context,
- const krb5_keyblock *keyblock,
- krb5_keyusage usage,
- const krb5_data *cipher_state,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_keyblock *keyblock,
+ krb5_keyusage usage,
+ const krb5_data *cipher_state,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_encrypt_iov(context, key, usage, cipher_state, data,
- num_data);
+ num_data);
krb5_k_free_key(context, key);
return ret;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype,
- size_t inputlen, size_t *length)
+ size_t inputlen, size_t *length)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (ktp->encrypt_len == NULL) {
- assert(ktp->aead != NULL);
+ assert(ktp->aead != NULL);
- krb5int_c_encrypt_length_aead_compat(ktp->aead, ktp->enc, ktp->hash,
- inputlen, length);
+ krb5int_c_encrypt_length_aead_compat(ktp->aead, ktp->enc, ktp->hash,
+ inputlen, length);
} else {
- (*ktp->encrypt_len)(ktp->enc, ktp->hash, inputlen, length);
+ (*ktp->encrypt_len)(ktp->enc, ktp->hash, inputlen, length);
}
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2,
- krb5_boolean *similar)
+ krb5_boolean *similar)
{
const struct krb5_keytypes *ktp1, *ktp2;
ktp1 = find_enctype(e1);
ktp2 = find_enctype(e2);
if (ktp1 == NULL || ktp2 == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
*similar = (ktp1->enc == ktp2->enc && ktp1->str2key == ktp2->str2key);
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
ktp = find_enctype(enctype);
if (ktp == NULL)
- return EINVAL;
+ return EINVAL;
if (strlcpy(buffer, ktp->out_string, buflen) >= buflen)
- return ENOMEM;
+ return ENOMEM;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
#include "k5-int.h"
typedef void (*krb5_encrypt_length_func)(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length);
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length);
typedef krb5_error_code (*krb5_crypt_func)(const struct krb5_enc_provider *enc,
- const struct
- krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *output);
+ const struct
+ krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *output);
typedef krb5_error_code (*krb5_str2key_func)(const struct
- krb5_enc_provider *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *parm,
- krb5_keyblock *key);
+ krb5_enc_provider *enc,
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *parm,
+ krb5_keyblock *key);
typedef krb5_error_code (*krb5_prf_func)(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- const krb5_data *in, krb5_data *out);
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ const krb5_data *in, krb5_data *out);
struct krb5_keytypes {
krb5_enctype etype;
int i;
for (i = 0; i < krb5int_enctypes_length; i++) {
- if (krb5int_enctypes_list[i].etype == enctype)
- break;
+ if (krb5int_enctypes_list[i].etype == enctype)
+ break;
}
if (i == krb5int_enctypes_length)
- return NULL;
+ return NULL;
return &krb5int_enctypes_list[i];
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
* All rights reserved.
/* Create a krb5_key from the enctype and key data in a keyblock. */
krb5_error_code KRB5_CALLCONV
krb5_k_create_key(krb5_context context, const krb5_keyblock *key_data,
- krb5_key *out)
+ krb5_key *out)
{
krb5_key key = NULL;
krb5_error_code code;
key = malloc(sizeof(*key));
if (key == NULL)
- return ENOMEM;
+ return ENOMEM;
code = krb5int_c_copy_keyblock_contents(context, key_data, &key->keyblock);
if (code)
- goto cleanup;
+ goto cleanup;
key->refcount = 1;
key->derived = NULL;
krb5_k_reference_key(krb5_context context, krb5_key key)
{
if (key)
- key->refcount++;
+ key->refcount++;
}
/* Free the memory used by a krb5_key. */
struct derived_key *dk;
if (key == NULL || --key->refcount > 0)
- return;
+ return;
/* Free the derived key cache. */
while ((dk = key->derived) != NULL) {
- key->derived = dk->next;
- free(dk->constant.data);
- krb5_k_free_key(context, dk->dkey);
- free(dk);
+ key->derived = dk->next;
+ free(dk->constant.data);
+ krb5_k_free_key(context, dk->dkey);
+ free(dk);
}
krb5int_c_free_keyblock_contents(context, &key->keyblock);
free(key);
/* Retrieve a copy of the keyblock from a krb5_key. */
krb5_error_code KRB5_CALLCONV
krb5_k_key_keyblock(krb5_context context, krb5_key key,
- krb5_keyblock **key_data)
+ krb5_keyblock **key_data)
{
return krb5int_c_copy_keyblock(context, &key->keyblock, key_data);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/keyblocks.c
*
krb5_error_code
krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype,
- size_t length, krb5_keyblock **out)
+ size_t length, krb5_keyblock **out)
{
krb5_keyblock *kb;
kb = malloc(sizeof(krb5_keyblock));
if (kb == NULL)
- return ENOMEM;
+ return ENOMEM;
kb->magic = KV5M_KEYBLOCK;
kb->enctype = enctype;
kb->length = length;
if (length) {
- kb->contents = malloc(length);
- if (!kb->contents) {
- free(kb);
- return ENOMEM;
- }
+ kb->contents = malloc(length);
+ if (!kb->contents) {
+ free(kb);
+ return ENOMEM;
+ }
} else {
- kb->contents = NULL;
+ kb->contents = NULL;
}
*out = kb;
krb5int_c_free_keyblock_contents(krb5_context context, krb5_keyblock *key)
{
if (key && key->contents) {
- zapfree(key->contents, key->length);
- key->contents = NULL;
+ zapfree(key->contents, key->length);
+ key->contents = NULL;
}
}
krb5_error_code
krb5int_c_copy_keyblock(krb5_context context, const krb5_keyblock *from,
- krb5_keyblock **to)
+ krb5_keyblock **to)
{
krb5_keyblock *new_key;
krb5_error_code code;
*to = NULL;
new_key = malloc(sizeof(*new_key));
if (!new_key)
- return ENOMEM;
+ return ENOMEM;
code = krb5int_c_copy_keyblock_contents(context, from, new_key);
if (code) {
- free(new_key);
- return code;
+ free(new_key);
+ return code;
}
*to = new_key;
return 0;
krb5_error_code
krb5int_c_copy_keyblock_contents(krb5_context context,
- const krb5_keyblock *from, krb5_keyblock *to)
+ const krb5_keyblock *from, krb5_keyblock *to)
{
*to = *from;
if (to->length) {
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype,
- unsigned int *count, krb5_cksumtype **cksumtypes)
+ unsigned int *count, krb5_cksumtype **cksumtypes)
{
unsigned int i, c, nctypes;
krb5_cksumtype *ctypes;
nctypes = 0;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- ct = &krb5int_cksumtypes_list[i];
- if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) ||
- (ct->flags & KRB5_CKSUMFLAG_DERIVE))
- nctypes++;
+ ct = &krb5int_cksumtypes_list[i];
+ if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) ||
+ (ct->flags & KRB5_CKSUMFLAG_DERIVE))
+ nctypes++;
}
ctypes = malloc(nctypes * sizeof(krb5_cksumtype));
if (ctypes == NULL)
- return ENOMEM;
+ return ENOMEM;
c = 0;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- ct = &krb5int_cksumtypes_list[i];
- if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) ||
- (ct->flags & KRB5_CKSUMFLAG_DERIVE))
- ctypes[c++] = krb5int_cksumtypes_list[i].ctype;
+ ct = &krb5int_cksumtypes_list[i];
+ if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) ||
+ (ct->flags & KRB5_CKSUMFLAG_DERIVE))
+ ctypes[c++] = krb5int_cksumtypes_list[i].ctype;
}
*count = nctypes;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
const struct krb5_cksumtypes *ctp;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- ctp = &krb5int_cksumtypes_list[i];
- if (ctp->ctype == ctype) {
- return (ctp->keyhash != NULL ||
- (ctp->flags & KRB5_CKSUMFLAG_DERIVE));
- }
+ ctp = &krb5int_cksumtypes_list[i];
+ if (ctp->ctype == ctype) {
+ return (ctp->keyhash != NULL ||
+ (ctp->flags & KRB5_CKSUMFLAG_DERIVE));
+ }
}
/* Invalid ctype. This is misleading, but better than dumping core. */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_descbc_hash(krb5_key key, krb5_keyusage usage, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
mit_des_key_schedule schedule;
if (key->keyblock.length != 8)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if ((input->length%8) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
if (output->length != 8)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
switch (mit_des_key_sched(key->keyblock.contents, schedule)) {
case -1:
- return(KRB5DES_BAD_KEYPAR);
+ return(KRB5DES_BAD_KEYPAR);
case -2:
- return(KRB5DES_WEAK_KEY);
+ return(KRB5DES_WEAK_KEY);
}
/* this has a return value, but it's useless to us */
mit_des_cbc_cksum((unsigned char *) input->data,
- (unsigned char *) output->data, input->length,
- schedule,
- ivec? (const unsigned char *)ivec->data:
- (const unsigned char *)mit_des_zeroblock);
+ (unsigned char *) output->data, input->length,
+ schedule,
+ ivec? (const unsigned char *)ivec->data:
+ (const unsigned char *)mit_des_zeroblock);
memset(schedule, 0, sizeof(schedule));
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/keyhash_provider/hmac_md5.c
*
static krb5_error_code
k5_hmac_md5_hash (krb5_key key, krb5_keyusage usage,
- const krb5_data *iv,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *iv,
+ const krb5_data *input, krb5_data *output)
{
- krb5_keyusage ms_usage;
- krb5_error_code ret;
- krb5_keyblock keyblock;
- krb5_key ks = NULL;
- krb5_data ds, ks_constant, md5tmp;
- krb5_MD5_CTX ctx;
- char t[4];
-
-
- ds.length = key->keyblock.length;
- ds.data = malloc(ds.length);
- if (ds.data == NULL)
- return ENOMEM;
-
- ks_constant.data = "signaturekey";
- ks_constant.length = strlen(ks_constant.data)+1; /* Including null*/
-
- ret = krb5int_hmac( &krb5int_hash_md5, key, 1,
- &ks_constant, &ds);
- if (ret)
- goto cleanup;
-
- keyblock.length = key->keyblock.length;
- keyblock.contents = (void *) ds.data;
- ret = krb5_k_create_key(NULL, &keyblock, &ks);
- if (ret)
- goto cleanup;
-
- krb5int_MD5Init (&ctx);
- ms_usage = krb5int_arcfour_translate_usage (usage);
- store_32_le(ms_usage, t);
- krb5int_MD5Update (&ctx, (unsigned char * ) &t, 4);
- krb5int_MD5Update (&ctx, (unsigned char *) input-> data,
- (unsigned int) input->length );
- krb5int_MD5Final(&ctx);
- md5tmp.data = (void *) ctx.digest;
- md5tmp.length = 16;
-
- ret = krb5int_hmac ( &krb5int_hash_md5, ks, 1, &md5tmp,
- output);
-
- cleanup:
- memset(&ctx, 0, sizeof(ctx));
- zapfree(ds.data, ds.length);
- krb5_k_free_key(NULL, ks);
- return ret;
+ krb5_keyusage ms_usage;
+ krb5_error_code ret;
+ krb5_keyblock keyblock;
+ krb5_key ks = NULL;
+ krb5_data ds, ks_constant, md5tmp;
+ krb5_MD5_CTX ctx;
+ char t[4];
+
+
+ ds.length = key->keyblock.length;
+ ds.data = malloc(ds.length);
+ if (ds.data == NULL)
+ return ENOMEM;
+
+ ks_constant.data = "signaturekey";
+ ks_constant.length = strlen(ks_constant.data)+1; /* Including null*/
+
+ ret = krb5int_hmac( &krb5int_hash_md5, key, 1,
+ &ks_constant, &ds);
+ if (ret)
+ goto cleanup;
+
+ keyblock.length = key->keyblock.length;
+ keyblock.contents = (void *) ds.data;
+ ret = krb5_k_create_key(NULL, &keyblock, &ks);
+ if (ret)
+ goto cleanup;
+
+ krb5int_MD5Init (&ctx);
+ ms_usage = krb5int_arcfour_translate_usage (usage);
+ store_32_le(ms_usage, t);
+ krb5int_MD5Update (&ctx, (unsigned char * ) &t, 4);
+ krb5int_MD5Update (&ctx, (unsigned char *) input-> data,
+ (unsigned int) input->length );
+ krb5int_MD5Final(&ctx);
+ md5tmp.data = (void *) ctx.digest;
+ md5tmp.length = 16;
+
+ ret = krb5int_hmac ( &krb5int_hash_md5, ks, 1, &md5tmp,
+ output);
+
+cleanup:
+ memset(&ctx, 0, sizeof(ctx));
+ zapfree(ds.data, ds.length);
+ krb5_k_free_key(NULL, ks);
+ return ret;
}
static krb5_error_code
k5_hmac_md5_hash_iov (krb5_key key, krb5_keyusage usage,
- const krb5_data *iv,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
+ const krb5_data *iv,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
- krb5_keyusage ms_usage;
- krb5_error_code ret;
- krb5_keyblock keyblock;
- krb5_key ks = NULL;
- krb5_data ds, ks_constant, md5tmp;
- krb5_MD5_CTX ctx;
- char t[4];
- size_t i;
-
- keyblock.contents = NULL;
- keyblock.length = 0;
-
- ds.length = key->keyblock.length;
- ds.data = malloc(ds.length);
- if (ds.data == NULL)
- return ENOMEM;
-
- ks_constant.data = "signaturekey";
- ks_constant.length = strlen(ks_constant.data)+1; /* Including null*/
-
- ret = krb5int_hmac( &krb5int_hash_md5, key, 1,
- &ks_constant, &ds);
- if (ret)
- goto cleanup;
-
- keyblock.length = key->keyblock.length;
- keyblock.contents = (void *) ds.data;
- ret = krb5_k_create_key(NULL, &keyblock, &ks);
- if (ret)
- goto cleanup;
-
- krb5int_MD5Init (&ctx);
- ms_usage = krb5int_arcfour_translate_usage (usage);
- store_32_le(ms_usage, t);
- krb5int_MD5Update (&ctx, (unsigned char * ) &t, 4);
- for (i = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
-
- if (SIGN_IOV(iov))
- krb5int_MD5Update (&ctx, (unsigned char *)iov->data.data,
- (unsigned int)iov->data.length);
- }
- krb5int_MD5Final(&ctx);
- md5tmp.data = (void *) ctx.digest;
- md5tmp.length = 16;
- ret = krb5int_hmac ( &krb5int_hash_md5, ks, 1, &md5tmp,
- output);
-
- cleanup:
- memset(&ctx, 0, sizeof(ctx));
- zapfree(keyblock.contents, keyblock.length);
- krb5_k_free_key(NULL, ks);
- return ret;
+ krb5_keyusage ms_usage;
+ krb5_error_code ret;
+ krb5_keyblock keyblock;
+ krb5_key ks = NULL;
+ krb5_data ds, ks_constant, md5tmp;
+ krb5_MD5_CTX ctx;
+ char t[4];
+ size_t i;
+
+ keyblock.contents = NULL;
+ keyblock.length = 0;
+
+ ds.length = key->keyblock.length;
+ ds.data = malloc(ds.length);
+ if (ds.data == NULL)
+ return ENOMEM;
+
+ ks_constant.data = "signaturekey";
+ ks_constant.length = strlen(ks_constant.data)+1; /* Including null*/
+
+ ret = krb5int_hmac( &krb5int_hash_md5, key, 1,
+ &ks_constant, &ds);
+ if (ret)
+ goto cleanup;
+
+ keyblock.length = key->keyblock.length;
+ keyblock.contents = (void *) ds.data;
+ ret = krb5_k_create_key(NULL, &keyblock, &ks);
+ if (ret)
+ goto cleanup;
+
+ krb5int_MD5Init (&ctx);
+ ms_usage = krb5int_arcfour_translate_usage (usage);
+ store_32_le(ms_usage, t);
+ krb5int_MD5Update (&ctx, (unsigned char * ) &t, 4);
+ for (i = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (SIGN_IOV(iov))
+ krb5int_MD5Update (&ctx, (unsigned char *)iov->data.data,
+ (unsigned int)iov->data.length);
+ }
+ krb5int_MD5Final(&ctx);
+ md5tmp.data = (void *) ctx.digest;
+ md5tmp.length = 16;
+ ret = krb5int_hmac ( &krb5int_hash_md5, ks, 1, &md5tmp,
+ output);
+
+cleanup:
+ memset(&ctx, 0, sizeof(ctx));
+ zapfree(keyblock.contents, keyblock.length);
+ krb5_k_free_key(NULL, ks);
+ return ret;
}
const struct krb5_keyhash_provider krb5int_keyhash_hmac_md5 = {
- 16,
- k5_hmac_md5_hash,
- NULL, /*checksum again*/
- k5_hmac_md5_hash_iov,
- NULL /*checksum again */
+ 16,
+ k5_hmac_md5_hash,
+ NULL, /*checksum again*/
+ k5_hmac_md5_hash_iov,
+ NULL /*checksum again */
};
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
size_t i = 0;
if (origkey->keyblock.length != sizeof(xorbytes))
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
memcpy(xorbytes, origkey->keyblock.contents, sizeof(xorbytes));
for (i = 0; i < sizeof(xorbytes); i++)
- xorbytes[i] ^= 0xf0;
+ xorbytes[i] ^= 0xf0;
/* Do a shallow copy here. */
xorkeyblock = origkey->keyblock;
static krb5_error_code
k5_md4des_hash(krb5_key key, krb5_keyusage usage, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
krb5_error_code ret;
krb5_data data;
struct krb5_enc_provider *enc = &krb5int_enc_des;
if (output->length != (CONFLENGTH+RSA_MD4_CKSUM_LENGTH))
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
/* create the confouder */
data.length = CONFLENGTH;
data.data = (char *) conf;
if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &data)))
- return(ret);
+ return(ret);
ret = mk_xorkey(key, &xorkey);
if (ret)
- return ret;
+ return ret;
/* hash the confounder, then the input data */
krb5int_MD4Init(&ctx);
krb5int_MD4Update(&ctx, conf, CONFLENGTH);
krb5int_MD4Update(&ctx, (unsigned char *) input->data,
- (unsigned int) input->length);
+ (unsigned int) input->length);
krb5int_MD4Final(&ctx);
/* construct the buffer to be encrypted */
static krb5_error_code
k5_md4des_verify(krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input, const krb5_data *hash,
- krb5_boolean *valid)
+ const krb5_data *ivec,
+ const krb5_data *input, const krb5_data *hash,
+ krb5_boolean *valid)
{
krb5_error_code ret;
krb5_MD4_CTX ctx;
iv.length = 0;
if (key->keyblock.length != 8)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if (hash->length != (CONFLENGTH+RSA_MD4_CKSUM_LENGTH)) {
#ifdef KRB5int_MD4DES_BETA5_COMPAT
- if (hash->length != RSA_MD4_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
- else
- compathash = 1;
+ if (hash->length != RSA_MD4_CKSUM_LENGTH)
+ return(KRB5_CRYPTO_INTERNAL);
+ else
+ compathash = 1;
#else
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
#endif
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
}
if (compathash) {
if (key->keyblock.contents)
memcpy(iv.data, key->keyblock.contents, key->keyblock.length);
} else {
- ret = mk_xorkey(key, &xorkey);
- if (ret)
- return ret;
+ ret = mk_xorkey(key, &xorkey);
+ if (ret)
+ return ret;
}
/* decrypt it */
if (!compathash) {
ret = enc->decrypt(xorkey, NULL, hash, &output);
- krb5_k_free_key(NULL, xorkey);
+ krb5_k_free_key(NULL, xorkey);
} else {
ret = enc->decrypt(key, &iv, hash, &output);
- zap(iv.data, iv.length);
+ zap(iv.data, iv.length);
free(iv.data);
}
krb5int_MD4Init(&ctx);
if (!compathash) {
- krb5int_MD4Update(&ctx, plaintext, CONFLENGTH);
+ krb5int_MD4Update(&ctx, plaintext, CONFLENGTH);
}
krb5int_MD4Update(&ctx, (unsigned char *) input->data,
- (unsigned int) input->length);
+ (unsigned int) input->length);
krb5int_MD4Final(&ctx);
/* compare the decrypted hash to the computed one */
if (!compathash) {
- *valid =
- (memcmp(plaintext+CONFLENGTH, ctx.digest, RSA_MD4_CKSUM_LENGTH)
- == 0);
+ *valid =
+ (memcmp(plaintext+CONFLENGTH, ctx.digest, RSA_MD4_CKSUM_LENGTH)
+ == 0);
} else {
- *valid =
- (memcmp(plaintext, ctx.digest, RSA_MD4_CKSUM_LENGTH) == 0);
+ *valid =
+ (memcmp(plaintext, ctx.digest, RSA_MD4_CKSUM_LENGTH) == 0);
}
memset(plaintext, 0, sizeof(plaintext));
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
size_t i = 0;
if (origkey->keyblock.length != sizeof(xorbytes))
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
memcpy(xorbytes, origkey->keyblock.contents, sizeof(xorbytes));
for (i = 0; i < sizeof(xorbytes); i++)
- xorbytes[i] ^= 0xf0;
+ xorbytes[i] ^= 0xf0;
/* Do a shallow copy here. */
xorkeyblock = origkey->keyblock;
static krb5_error_code
k5_md5des_hash(krb5_key key, krb5_keyusage usage, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
krb5_error_code ret;
krb5_data data;
struct krb5_enc_provider *enc = &krb5int_enc_des;
if (output->length != (CONFLENGTH+RSA_MD5_CKSUM_LENGTH))
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
/* create the confouder */
data.length = CONFLENGTH;
data.data = (char *) conf;
if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &data)))
- return(ret);
+ return(ret);
ret = mk_xorkey(key, &xorkey);
if (ret)
- return ret;
+ return ret;
/* hash the confounder, then the input data */
krb5int_MD5Init(&ctx);
krb5int_MD5Update(&ctx, conf, CONFLENGTH);
krb5int_MD5Update(&ctx, (unsigned char *) input->data,
- (unsigned int) input->length);
+ (unsigned int) input->length);
krb5int_MD5Final(&ctx);
/* construct the buffer to be encrypted */
static krb5_error_code
k5_md5des_verify(krb5_key key, krb5_keyusage usage, const krb5_data *ivec,
- const krb5_data *input, const krb5_data *hash,
- krb5_boolean *valid)
+ const krb5_data *input, const krb5_data *hash,
+ krb5_boolean *valid)
{
krb5_error_code ret;
krb5_MD5_CTX ctx;
iv.length = 0;
if (key->keyblock.length != 8)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if (hash->length != (CONFLENGTH+RSA_MD5_CKSUM_LENGTH)) {
#ifdef KRB5int_MD5DES_BETA5_COMPAT
- if (hash->length != RSA_MD5_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
- else
- compathash = 1;
+ if (hash->length != RSA_MD5_CKSUM_LENGTH)
+ return(KRB5_CRYPTO_INTERNAL);
+ else
+ compathash = 1;
#else
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
#endif
}
if (key->keyblock.contents)
memcpy(iv.data, key->keyblock.contents, key->keyblock.length);
} else {
- ret = mk_xorkey(key, &xorkey);
- if (ret)
- return ret;
+ ret = mk_xorkey(key, &xorkey);
+ if (ret)
+ return ret;
}
/* decrypt it */
if (!compathash) {
ret = enc->decrypt(xorkey, NULL, hash, &output);
- krb5_k_free_key(NULL, xorkey);
+ krb5_k_free_key(NULL, xorkey);
} else {
ret = enc->decrypt(key, &iv, hash, &output);
- zap(iv.data, iv.length);
+ zap(iv.data, iv.length);
free(iv.data);
}
krb5int_MD5Init(&ctx);
if (!compathash) {
- krb5int_MD5Update(&ctx, plaintext, CONFLENGTH);
+ krb5int_MD5Update(&ctx, plaintext, CONFLENGTH);
}
krb5int_MD5Update(&ctx, (unsigned char *) input->data,
- (unsigned) input->length);
+ (unsigned) input->length);
krb5int_MD5Final(&ctx);
/* compare the decrypted hash to the computed one */
if (!compathash) {
- *valid =
- (memcmp(plaintext+CONFLENGTH, ctx.digest, RSA_MD5_CKSUM_LENGTH)
- == 0);
+ *valid =
+ (memcmp(plaintext+CONFLENGTH, ctx.digest, RSA_MD5_CKSUM_LENGTH)
+ == 0);
} else {
- *valid =
- (memcmp(plaintext, ctx.digest, RSA_MD5_CKSUM_LENGTH) == 0);
+ *valid =
+ (memcmp(plaintext, ctx.digest, RSA_MD5_CKSUM_LENGTH) == 0);
}
memset(plaintext, 0, sizeof(plaintext));
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/keyhash_provider/md5_hmac.c
*
static krb5_error_code
k5_md5_hmac_hash (krb5_key key, krb5_keyusage usage,
- const krb5_data *iv,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *iv,
+ const krb5_data *input, krb5_data *output)
{
- krb5_keyusage ms_usage;
- krb5_MD5_CTX ctx;
- unsigned char t[4];
- krb5_data ds;
+ krb5_keyusage ms_usage;
+ krb5_MD5_CTX ctx;
+ unsigned char t[4];
+ krb5_data ds;
- krb5int_MD5Init(&ctx);
+ krb5int_MD5Init(&ctx);
- ms_usage = krb5int_arcfour_translate_usage (usage);
- store_32_le(ms_usage, t);
- krb5int_MD5Update(&ctx, t, sizeof(t));
- krb5int_MD5Update(&ctx, (unsigned char *)input->data, input->length);
- krb5int_MD5Final(&ctx);
+ ms_usage = krb5int_arcfour_translate_usage (usage);
+ store_32_le(ms_usage, t);
+ krb5int_MD5Update(&ctx, t, sizeof(t));
+ krb5int_MD5Update(&ctx, (unsigned char *)input->data, input->length);
+ krb5int_MD5Final(&ctx);
- ds.magic = KV5M_DATA;
- ds.length = 16;
- ds.data = (char *)ctx.digest;
+ ds.magic = KV5M_DATA;
+ ds.length = 16;
+ ds.data = (char *)ctx.digest;
- return krb5int_hmac ( &krb5int_hash_md5, key, 1, &ds, output);
+ return krb5int_hmac ( &krb5int_hash_md5, key, 1, &ds, output);
}
const struct krb5_keyhash_provider krb5int_keyhash_md5_hmac = {
- 16,
- k5_md5_hmac_hash,
- NULL, /*checksum again*/
- NULL, NULL
+ 16,
+ k5_md5_hmac_hash,
+ NULL, /*checksum again*/
+ NULL, NULL
};
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* COPYRIGHT (c) 2006
* The Regents of the University of Michigan
*/
krb5_error_code KRB5_CALLCONV
krb5_c_keylengths(krb5_context context, krb5_enctype enctype,
- size_t *keybytes, size_t *keylength)
+ size_t *keybytes, size_t *keylength)
{
const struct krb5_keytypes *ktp;
if (keybytes == NULL && keylength == NULL)
- return EINVAL;
+ return EINVAL;
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (keybytes)
- *keybytes = ktp->enc->keybytes;
+ *keybytes = ktp->enc->keybytes;
if (keylength)
- *keylength = ktp->enc->keylength;
+ *keylength = ktp->enc->keylength;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_k_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *input, krb5_checksum *cksum)
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *input, krb5_checksum *cksum)
{
unsigned int i;
const struct krb5_cksumtypes *ctp;
size_t cksumlen;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == cksumtype)
- break;
+ if (krb5int_cksumtypes_list[i].ctype == cksumtype)
+ break;
}
if (i == krb5int_cksumtypes_length)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
ctp = &krb5int_cksumtypes_list[i];
if (ctp->keyhash != NULL)
- cksumlen = ctp->keyhash->hashsize;
+ cksumlen = ctp->keyhash->hashsize;
else
- cksumlen = ctp->hash->hashsize;
+ cksumlen = ctp->hash->hashsize;
cksum->length = cksumlen;
cksum->contents = malloc(cksum->length);
if (cksum->contents == NULL)
- return ENOMEM;
+ return ENOMEM;
data.length = cksum->length;
data.data = (char *) cksum->contents;
if (ctp->keyhash) {
- /* check if key is compatible */
- if (ctp->keyed_etype) {
- ktp1 = find_enctype(ctp->keyed_etype);
- ktp2 = key ? find_enctype(key->keyblock.enctype) : NULL;
- if (ktp1 == NULL || ktp2 == NULL || ktp1->enc != ktp2->enc) {
- ret = KRB5_BAD_ENCTYPE;
- goto cleanup;
- }
- }
-
- keyhash = ctp->keyhash;
- if (keyhash->hash == NULL) {
- krb5_crypto_iov iov[1];
-
- iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
- iov[0].data.data = input->data;
- iov[0].data.length = input->length;
-
- assert(keyhash->hash_iov != NULL);
-
- ret = (*keyhash->hash_iov)(key, usage, 0, iov, 1, &data);
- } else {
- ret = (*keyhash->hash)(key, usage, 0, input, &data);
- }
+ /* check if key is compatible */
+ if (ctp->keyed_etype) {
+ ktp1 = find_enctype(ctp->keyed_etype);
+ ktp2 = key ? find_enctype(key->keyblock.enctype) : NULL;
+ if (ktp1 == NULL || ktp2 == NULL || ktp1->enc != ktp2->enc) {
+ ret = KRB5_BAD_ENCTYPE;
+ goto cleanup;
+ }
+ }
+
+ keyhash = ctp->keyhash;
+ if (keyhash->hash == NULL) {
+ krb5_crypto_iov iov[1];
+
+ iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
+ iov[0].data.data = input->data;
+ iov[0].data.length = input->length;
+
+ assert(keyhash->hash_iov != NULL);
+
+ ret = (*keyhash->hash_iov)(key, usage, 0, iov, 1, &data);
+ } else {
+ ret = (*keyhash->hash)(key, usage, 0, input, &data);
+ }
} else if (ctp->flags & KRB5_CKSUMFLAG_DERIVE) {
- ret = krb5int_dk_make_checksum(ctp->hash, key, usage, input, &data);
+ ret = krb5int_dk_make_checksum(ctp->hash, key, usage, input, &data);
} else {
- /* No key is used. */
- ret = (*ctp->hash->hash)(1, input, &data);
+ /* No key is used. */
+ ret = (*ctp->hash->hash)(1, input, &data);
}
if (!ret) {
- cksum->magic = KV5M_CHECKSUM;
- cksum->checksum_type = cksumtype;
- if (ctp->trunc_size) {
- cksum->length = ctp->trunc_size;
- trunc = realloc(cksum->contents, cksum->length);
- if (trunc)
- cksum->contents = trunc;
- }
+ cksum->magic = KV5M_CHECKSUM;
+ cksum->checksum_type = cksumtype;
+ if (ctp->trunc_size) {
+ cksum->length = ctp->trunc_size;
+ trunc = realloc(cksum->contents, cksum->length);
+ if (trunc)
+ cksum->contents = trunc;
+ }
}
cleanup:
if (ret) {
- zapfree(cksum->contents, cksum->length);
- cksum->contents = NULL;
+ zapfree(cksum->contents, cksum->length);
+ cksum->contents = NULL;
}
return ret;
krb5_error_code KRB5_CALLCONV
krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
- const krb5_keyblock *keyblock, krb5_keyusage usage,
- const krb5_data *input, krb5_checksum *cksum)
+ const krb5_keyblock *keyblock, krb5_keyusage usage,
+ const krb5_data *input, krb5_checksum *cksum)
{
krb5_key key = NULL;
krb5_error_code ret;
if (keyblock != NULL) {
- ret = krb5_k_create_key(context, keyblock, &key);
- if (ret != 0)
- return ret;
+ ret = krb5_k_create_key(context, keyblock, &key);
+ if (ret != 0)
+ return ret;
}
ret = krb5_k_make_checksum(context, cksumtype, key, usage, input, cksum);
krb5_k_free_key(context, key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/make_checksum_iov.c
*
krb5_error_code KRB5_CALLCONV
krb5_k_make_checksum_iov(krb5_context context,
- krb5_cksumtype cksumtype,
- krb5_key key,
- krb5_keyusage usage,
- krb5_crypto_iov *data,
- size_t num_data)
+ krb5_cksumtype cksumtype,
+ krb5_key key,
+ krb5_keyusage usage,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
unsigned int i;
size_t cksumlen;
const struct krb5_cksumtypes *ctp;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == cksumtype)
- break;
+ if (krb5int_cksumtypes_list[i].ctype == cksumtype)
+ break;
}
if (i == krb5int_cksumtypes_length)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
ctp = &krb5int_cksumtypes_list[i];
if (ctp->keyhash != NULL)
- cksum_data.length = ctp->keyhash->hashsize;
+ cksum_data.length = ctp->keyhash->hashsize;
else
- cksum_data.length = ctp->hash->hashsize;
+ cksum_data.length = ctp->hash->hashsize;
if (ctp->trunc_size != 0)
- cksumlen = ctp->trunc_size;
+ cksumlen = ctp->trunc_size;
else
- cksumlen = cksum_data.length;
+ cksumlen = cksum_data.length;
checksum = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_CHECKSUM);
if (checksum == NULL || checksum->data.length < cksumlen)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
cksum_data.data = malloc(cksum_data.length);
if (cksum_data.data == NULL)
- return(ENOMEM);
+ return(ENOMEM);
ret = krb5int_c_make_checksum_iov(&krb5int_cksumtypes_list[i],
- key, usage, data, num_data,
- &cksum_data);
+ key, usage, data, num_data,
+ &cksum_data);
if (ret == 0) {
- memcpy(checksum->data.data, cksum_data.data, cksumlen);
- checksum->data.length = cksumlen;
+ memcpy(checksum->data.data, cksum_data.data, cksumlen);
+ checksum->data.length = cksumlen;
}
free(cksum_data.data);
krb5_error_code KRB5_CALLCONV
krb5_c_make_checksum_iov(krb5_context context,
- krb5_cksumtype cksumtype,
- const krb5_keyblock *keyblock,
- krb5_keyusage usage,
- krb5_crypto_iov *data,
- size_t num_data)
+ krb5_cksumtype cksumtype,
+ const krb5_keyblock *keyblock,
+ krb5_keyusage usage,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_make_checksum_iov(context, cksumtype, key, usage,
- data, num_data);
+ data, num_data);
krb5_k_free_key(context, key);
return ret;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_make_random_key(krb5_context context, krb5_enctype enctype,
- krb5_keyblock *random_key)
+ krb5_keyblock *random_key)
{
krb5_error_code ret;
const struct krb5_keytypes *ktp;
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
enc = ktp->enc;
keybytes = enc->keybytes;
bytes = k5alloc(keybytes, &ret);
if (ret)
- return ret;
+ return ret;
random_key->contents = k5alloc(keylength, &ret);
if (ret)
- goto cleanup;
+ goto cleanup;
random_data.data = (char *) bytes;
random_data.length = keybytes;
ret = krb5_c_random_make_octets(context, &random_data);
if (ret)
- goto cleanup;
+ goto cleanup;
random_key->magic = KV5M_KEYBLOCK;
random_key->enctype = enctype;
cleanup:
if (ret) {
- zapfree(random_key->contents, keylength);
- random_key->contents = NULL;
+ zapfree(random_key->contents, keylength);
+ random_key->contents = NULL;
}
zapfree(bytes, keybytes);
return ret;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2003 by the Massachusetts Institute of Technology.
* All rights reserved.
krb5_error_code
krb5int_c_mandatory_cksumtype(krb5_context ctx, krb5_enctype etype,
- krb5_cksumtype *cksumtype)
+ krb5_cksumtype *cksumtype)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(etype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
*cksumtype = ktp->required_ctype;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
#endif
/*
-n-fold(k-bits):
- l = lcm(n,k)
- r = l/k
- s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1)
- compute the 1's complement sum:
- n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1]
-*/
+ * n-fold(k-bits):
+ * l = lcm(n,k)
+ * r = l/k
+ * s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1)
+ * compute the 1's complement sum:
+ * n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1]
+ */
/* representation: msb first, assume n and k are multiples of 8, and
- that k>=16. this is the case of all the cryptosystems which are
- likely to be used. this function can be replaced if that
- assumption ever fails. */
+ * that k>=16. this is the case of all the cryptosystems which are
+ * likely to be used. this function can be replaced if that
+ * assumption ever fails. */
/* input length is in bits */
void
krb5int_nfold(unsigned int inbits, const unsigned char *in, unsigned int outbits,
- unsigned char *out)
+ unsigned char *out)
{
int a,b,c,lcm;
int byte, i, msbit;
b = inbits;
while(b != 0) {
- c = b;
- b = a%b;
- a = c;
+ c = b;
+ b = a%b;
+ a = c;
}
lcm = outbits*inbits/a;
/* this will end up cycling through k lcm(k,n)/k times, which
is correct */
for (i=lcm-1; i>=0; i--) {
- /* compute the msbit in k which gets added into this byte */
- msbit = (/* first, start with the msbit in the first, unrotated
- byte */
- ((inbits<<3)-1)
- /* then, for each byte, shift to the right for each
- repetition */
- +(((inbits<<3)+13)*(i/inbits))
- /* last, pick out the correct byte within that
- shifted repetition */
- +((inbits-(i%inbits))<<3)
- )%(inbits<<3);
-
- /* pull out the byte value itself */
- byte += (((in[((inbits-1)-(msbit>>3))%inbits]<<8)|
- (in[((inbits)-(msbit>>3))%inbits]))
- >>((msbit&7)+1))&0xff;
-
- /* do the addition */
- byte += out[i%outbits];
- out[i%outbits] = byte&0xff;
+ /* compute the msbit in k which gets added into this byte */
+ msbit = (/* first, start with the msbit in the first, unrotated
+ byte */
+ ((inbits<<3)-1)
+ /* then, for each byte, shift to the right for each
+ repetition */
+ +(((inbits<<3)+13)*(i/inbits))
+ /* last, pick out the correct byte within that
+ shifted repetition */
+ +((inbits-(i%inbits))<<3)
+ )%(inbits<<3);
+
+ /* pull out the byte value itself */
+ byte += (((in[((inbits-1)-(msbit>>3))%inbits]<<8)|
+ (in[((inbits)-(msbit>>3))%inbits]))
+ >>((msbit&7)+1))&0xff;
+
+ /* do the addition */
+ byte += out[i%outbits];
+ out[i%outbits] = byte&0xff;
#if 0
- printf("msbit[%d] = %d\tbyte = %02x\tsum = %03x\n", i, msbit,
- (((in[((inbits-1)-(msbit>>3))%inbits]<<8)|
- (in[((inbits)-(msbit>>3))%inbits]))
- >>((msbit&7)+1))&0xff, byte);
+ printf("msbit[%d] = %d\tbyte = %02x\tsum = %03x\n", i, msbit,
+ (((in[((inbits-1)-(msbit>>3))%inbits]<<8)|
+ (in[((inbits)-(msbit>>3))%inbits]))
+ >>((msbit&7)+1))&0xff, byte);
#endif
- /* keep around the carry bit, if any */
- byte >>= 8;
+ /* keep around the carry bit, if any */
+ byte >>= 8;
#if 0
- printf("carry=%d\n", byte);
+ printf("carry=%d\n", byte);
#endif
}
/* if there's a carry bit left over, add it back in */
if (byte) {
- for (i=outbits-1; i>=0; i--) {
- /* do the addition */
- byte += out[i];
- out[i] = byte&0xff;
-
- /* keep around the carry bit, if any */
- byte >>= 8;
- }
+ for (i=outbits-1; i>=0; i--) {
+ /* do the addition */
+ byte += out[i];
+ out[i] = byte&0xff;
+
+ /* keep around the carry bit, if any */
+ byte >>= 8;
+ }
}
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
/* XXX */
extern krb5_error_code mit_des_string_to_key_int
(krb5_keyblock * keyblock,
- const krb5_data * data,
- const krb5_data * salt);
+ const krb5_data * data,
+ const krb5_data * salt);
krb5_error_code
krb5int_des_string_to_key(const struct krb5_enc_provider *enc,
- const krb5_data *string,
- const krb5_data *salt, const krb5_data *parm,
- krb5_keyblock *key)
+ const krb5_data *string,
+ const krb5_data *salt, const krb5_data *parm,
+ krb5_keyblock *key)
{
int type;
if (parm ) {
- if (parm->length != 1)
- return KRB5_ERR_BAD_S2K_PARAMS;
- type = parm->data[0];
+ if (parm->length != 1)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ type = parm->data[0];
}
else type = 0;
switch(type) {
case 0:
- return(mit_des_string_to_key_int(key, string, salt));
+ return(mit_des_string_to_key_int(key, string, salt));
case 1:
- return mit_afs_string_to_key(key, string, salt);
+ return mit_afs_string_to_key(key, string, salt);
default:
- return KRB5_ERR_BAD_S2K_PARAMS;
+ return KRB5_ERR_BAD_S2K_PARAMS;
}
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
#include "k5-int.h"
-void krb5int_old_encrypt_length
-(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t input, size_t *length);
+void krb5int_old_encrypt_length(const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ size_t input, size_t *length);
-krb5_error_code krb5int_old_encrypt
-(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output);
+krb5_error_code krb5int_old_encrypt(const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output);
-krb5_error_code krb5int_old_decrypt
-(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *arg_output);
+krb5_error_code krb5int_old_decrypt(const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *arg_output);
-krb5_error_code krb5int_des_string_to_key
-(const struct krb5_enc_provider *enc,
- const krb5_data *string, const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+krb5_error_code krb5int_des_string_to_key(const struct krb5_enc_provider *enc,
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code
krb5int_old_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *arg_output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *arg_output)
{
krb5_error_code ret;
size_t blocksize, hashsize, plainsize;
plainsize = input->length - blocksize - hashsize;
if (arg_output->length < plainsize)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
/* if there's enough space to work in the app buffer, use it,
otherwise allocate our own */
if ((cksumdata = (unsigned char *) malloc(hashsize)) == NULL)
- return(ENOMEM);
+ return(ENOMEM);
if (arg_output->length < input->length) {
- output.length = input->length;
+ output.length = input->length;
- if ((output.data = (char *) malloc(output.length)) == NULL) {
- free(cksumdata);
- return(ENOMEM);
- }
+ if ((output.data = (char *) malloc(output.length)) == NULL) {
+ free(cksumdata);
+ return(ENOMEM);
+ }
- alloced = 1;
+ alloced = 1;
} else {
- output.length = input->length;
+ output.length = input->length;
- output.data = arg_output->data;
+ output.data = arg_output->data;
- alloced = 0;
+ alloced = 0;
}
/* decrypt it */
/* save last ciphertext block in case we decrypt in place */
if (ivec != NULL && ivec->length == blocksize) {
- cn = malloc(blocksize);
- if (cn == NULL) {
- ret = ENOMEM;
- goto cleanup;
- }
- memcpy(cn, input->data + input->length - blocksize, blocksize);
+ cn = malloc(blocksize);
+ if (cn == NULL) {
+ ret = ENOMEM;
+ goto cleanup;
+ }
+ memcpy(cn, input->data + input->length - blocksize, blocksize);
} else
- cn = NULL;
+ cn = NULL;
/* XXX this is gross, but I don't have much choice */
if ((key->keyblock.enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) {
- crcivec.length = key->keyblock.length;
- crcivec.data = (char *) key->keyblock.contents;
- ivec = &crcivec;
+ crcivec.length = key->keyblock.length;
+ crcivec.data = (char *) key->keyblock.contents;
+ ivec = &crcivec;
}
if ((ret = ((*(enc->decrypt))(key, ivec, input, &output))))
- goto cleanup;
+ goto cleanup;
/* verify the checksum */
cksum.data = output.data+blocksize;
if ((ret = ((*(hash->hash))(1, &output, &cksum))))
- goto cleanup;
+ goto cleanup;
if (memcmp(cksum.data, cksumdata, cksum.length) != 0) {
- ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
- goto cleanup;
+ ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ goto cleanup;
}
/* copy the plaintext around */
if (alloced) {
- memcpy(arg_output->data, output.data+blocksize+hashsize,
- plainsize);
+ memcpy(arg_output->data, output.data+blocksize+hashsize,
+ plainsize);
} else {
- memmove(arg_output->data, arg_output->data+blocksize+hashsize,
- plainsize);
+ memmove(arg_output->data, arg_output->data+blocksize+hashsize,
+ plainsize);
}
arg_output->length = plainsize;
/* update ivec */
if (cn != NULL)
- memcpy(ivec->data, cn, blocksize);
+ memcpy(ivec->data, cn, blocksize);
ret = 0;
cleanup:
if (alloced) {
- memset(output.data, 0, output.length);
- free(output.data);
+ memset(output.data, 0, output.length);
+ free(output.data);
}
if (cn != NULL)
- free(cn);
+ free(cn);
memset(cksumdata, 0, hashsize);
free(cksumdata);
return(ret);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
void
krb5int_old_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen,
- size_t *length)
+ const struct krb5_hash_provider *hash,
+ size_t inputlen,
+ size_t *length)
{
size_t blocksize, hashsize;
krb5_error_code
krb5int_old_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *output)
{
krb5_error_code ret;
size_t blocksize, hashsize, enclen;
krb5int_old_encrypt_length(enc, hash, input->length, &enclen);
if (output->length < enclen)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
output->length = enclen;
datain.data = output->data;
if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &datain)))
- return(ret);
+ return(ret);
memcpy(output->data+blocksize+hashsize, input->data, input->length);
/* compute the checksum */
datain.data = output->data+blocksize;
if ((ret = ((*(hash->hash))(1, output, &datain))))
- goto cleanup;
+ goto cleanup;
/* encrypt it */
/* XXX this is gross, but I don't have much choice */
if ((key->keyblock.enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) {
- crcivec.length = key->keyblock.length;
- crcivec.data = (char *) key->keyblock.contents;
- ivec = &crcivec;
- real_ivec = 0;
+ crcivec.length = key->keyblock.length;
+ crcivec.data = (char *) key->keyblock.contents;
+ ivec = &crcivec;
+ real_ivec = 0;
} else
- real_ivec = 1;
+ real_ivec = 1;
if ((ret = ((*(enc->encrypt))(key, ivec, output, output))))
- goto cleanup;
+ goto cleanup;
/* update ivec */
if (real_ivec && ivec != NULL && ivec->length == blocksize)
- memcpy(ivec->data, output->data + output->length - blocksize,
- blocksize);
+ memcpy(ivec->data, output->data + output->length - blocksize,
+ blocksize);
cleanup:
if (ret)
- memset(output->data, 0, output->length);
+ memset(output->data, 0, output->length);
return(ret);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_boolean KRB5_CALLCONV is_keyed_cksum(krb5_cksumtype ctype);
krb5_error_code KRB5_CALLCONV krb5_random_confounder(size_t, krb5_pointer);
krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key,
- krb5_pointer ivec, krb5_data *data,
- krb5_enc_data *enc_data);
+ krb5_pointer ivec, krb5_data *data,
+ krb5_enc_data *enc_data);
krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key,
- krb5_pointer ivec, krb5_enc_data *data,
- krb5_data *enc_data);
+ krb5_pointer ivec, krb5_enc_data *data,
+ krb5_data *enc_data);
krb5_error_code KRB5_CALLCONV
krb5_encrypt(krb5_context context, krb5_const_pointer inptr,
- krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
- krb5_pointer ivec)
+ krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
+ krb5_pointer ivec)
{
krb5_data inputd, ivecd;
krb5_enc_data outputd;
krb5_error_code ret;
if (ivec) {
- ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize);
- if (ret)
- return ret;
+ ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize);
+ if (ret)
+ return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd.length = blocksize;
+ ivecd.data = ivec;
}
/* size is the length of the input cleartext data. */
*/
ret = krb5_c_encrypt_length(context, eblock->key->enctype, size, &outlen);
if (ret)
- return ret;
+ return ret;
outputd.ciphertext.length = outlen;
outputd.ciphertext.data = outptr;
return krb5_c_encrypt(context, eblock->key, 0, ivec ? &ivecd : 0,
- &inputd, &outputd);
+ &inputd, &outputd);
}
krb5_error_code KRB5_CALLCONV
krb5_decrypt(krb5_context context, krb5_const_pointer inptr,
- krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
- krb5_pointer ivec)
+ krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
+ krb5_pointer ivec)
{
krb5_enc_data inputd;
krb5_data outputd, ivecd;
krb5_error_code ret;
if (ivec) {
- ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize);
- if (ret)
- return ret;
+ ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize);
+ if (ret)
+ return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd.length = blocksize;
+ ivecd.data = ivec;
}
/* size is the length of the input ciphertext data */
outputd.data = outptr;
return krb5_c_decrypt(context, eblock->key, 0, ivec ? &ivecd : 0,
- &inputd, &outputd);
+ &inputd, &outputd);
}
krb5_error_code KRB5_CALLCONV
krb5_process_key(krb5_context context, krb5_encrypt_block *eblock,
- const krb5_keyblock *key)
+ const krb5_keyblock *key)
{
eblock->key = (krb5_keyblock *) key;
krb5_error_code KRB5_CALLCONV
krb5_string_to_key(krb5_context context, const krb5_encrypt_block *eblock,
- krb5_keyblock *keyblock, const krb5_data *data,
- const krb5_data *salt)
+ krb5_keyblock *keyblock, const krb5_data *data,
+ const krb5_data *salt)
{
return krb5_c_string_to_key(context, eblock->crypto_entry, data, salt,
- keyblock);
+ keyblock);
}
krb5_error_code KRB5_CALLCONV
krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock,
- const krb5_keyblock *keyblock, krb5_pointer *ptr)
+ const krb5_keyblock *keyblock, krb5_pointer *ptr)
{
krb5_data data;
krb5_error_code KRB5_CALLCONV
krb5_finish_random_key(krb5_context context, const krb5_encrypt_block *eblock,
- krb5_pointer *ptr)
+ krb5_pointer *ptr)
{
return 0;
}
krb5_error_code KRB5_CALLCONV
krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock,
- krb5_pointer ptr, krb5_keyblock **keyblock)
+ krb5_pointer ptr, krb5_keyblock **keyblock)
{
krb5_keyblock *key;
krb5_error_code ret;
key = malloc(sizeof(krb5_keyblock));
if (key == NULL)
- return ENOMEM;
+ return ENOMEM;
ret = krb5_c_make_random_key(context, eblock->crypto_entry, key);
if (ret) {
- free(key);
- return ret;
+ free(key);
+ return ret;
}
*keyblock = key;
krb5_error_code KRB5_CALLCONV
krb5_use_enctype(krb5_context context, krb5_encrypt_block *eblock,
- krb5_enctype enctype)
+ krb5_enctype enctype)
{
eblock->crypto_entry = enctype;
size_t ret;
if (krb5_c_encrypt_length(NULL, crypto, length, &ret))
- return (size_t) -1; /* XXX */
+ return (size_t) -1; /* XXX */
return ret;
}
size_t ret;
if (krb5_c_checksum_length(context, ctype, &ret))
- return (size_t) -1; /* XXX */
+ return (size_t) -1; /* XXX */
return ret;
}
krb5_error_code KRB5_CALLCONV
krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype,
- krb5_const_pointer in, size_t in_length,
- krb5_const_pointer seed, size_t seed_length,
- krb5_checksum *outcksum)
+ krb5_const_pointer in, size_t in_length,
+ krb5_const_pointer seed, size_t seed_length,
+ krb5_checksum *outcksum)
{
krb5_data input;
krb5_keyblock key;
ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum);
if (ret)
- return ret;
+ return ret;
if (outcksum->length < cksum.length) {
- memset(cksum.contents, 0, cksum.length);
- free(cksum.contents);
- return KRB5_BAD_MSIZE;
+ memset(cksum.contents, 0, cksum.length);
+ free(cksum.contents);
+ return KRB5_BAD_MSIZE;
}
outcksum->magic = cksum.magic;
krb5_error_code KRB5_CALLCONV
krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype,
- const krb5_checksum *cksum, krb5_const_pointer in,
- size_t in_length, krb5_const_pointer seed,
- size_t seed_length)
+ const krb5_checksum *cksum, krb5_const_pointer in,
+ size_t in_length, krb5_const_pointer seed,
+ size_t seed_length)
{
krb5_data input;
krb5_keyblock key;
ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum, &valid);
if (ret)
- return ret;
+ return ret;
if (!valid)
- return KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ return KRB5KRB_AP_ERR_BAD_INTEGRITY;
return 0;
}
}
krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key,
- krb5_pointer ivec, krb5_data *data,
- krb5_enc_data *enc_data)
+ krb5_pointer ivec, krb5_data *data,
+ krb5_enc_data *enc_data)
{
krb5_error_code ret;
size_t enclen, blocksize;
ret = krb5_c_encrypt_length(context, key->enctype, data->length, &enclen);
if (ret)
- return ret;
+ return ret;
if (ivec) {
- ret = krb5_c_block_size(context, key->enctype, &blocksize);
- if (ret)
- return ret;
+ ret = krb5_c_block_size(context, key->enctype, &blocksize);
+ if (ret)
+ return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd.length = blocksize;
+ ivecd.data = ivec;
}
enc_data->magic = KV5M_ENC_DATA;
enc_data->ciphertext.length = enclen;
enc_data->ciphertext.data = malloc(enclen);
if (enc_data->ciphertext.data == NULL)
- return ENOMEM;
+ return ENOMEM;
ret = krb5_c_encrypt(context, key, 0, ivec ? &ivecd : 0, data, enc_data);
if (ret)
- free(enc_data->ciphertext.data);
+ free(enc_data->ciphertext.data);
return ret;
}
krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key,
- krb5_pointer ivec, krb5_enc_data *enc_data,
- krb5_data *data)
+ krb5_pointer ivec, krb5_enc_data *enc_data,
+ krb5_data *data)
{
krb5_error_code ret;
krb5_data ivecd;
size_t blocksize;
if (ivec) {
- ret = krb5_c_block_size(context, key->enctype, &blocksize);
- if (ret)
- return ret;
+ ret = krb5_c_block_size(context, key->enctype, &blocksize);
+ if (ret)
+ return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd.length = blocksize;
+ ivecd.data = ivec;
}
data->length = enc_data->ciphertext.length;
data->data = malloc(data->length);
if (data->data == NULL)
- return ENOMEM;
+ return ENOMEM;
ret = krb5_c_decrypt(context, key, 0, ivec ? &ivecd : 0, enc_data, data);
if (ret)
- free(data->data);
+ free(data->data);
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/prf.c
*
assert(len);
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
*len = ktp->prf_length;
return 0;
}
krb5_error_code KRB5_CALLCONV
krb5_k_prf(krb5_context context, krb5_key key,
- krb5_data *input, krb5_data *output)
+ krb5_data *input, krb5_data *output)
{
const struct krb5_keytypes *ktp;
krb5_error_code ret;
ktp = find_enctype(key->keyblock.enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
if (ktp->prf == NULL)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
output->magic = KV5M_DATA;
if (ktp->prf_length != output->length)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
ret = (*ktp->prf)(ktp->enc, ktp->hash, key, input, output);
return ret;
}
krb5_error_code KRB5_CALLCONV
krb5_c_prf(krb5_context context, const krb5_keyblock *keyblock,
- krb5_data *input, krb5_data *output)
+ krb5_data *input, krb5_data *output)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_prf(context, key, input, output);
krb5_k_free_key(context, key);
return ret;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/prf//des_prf.c
*
*/
#include "prf_int.h"
-//#include <hash_provider/hash_provider.h> /* XXX is this ok? */
+//#include <hash_provider/hash_provider.h> /* XXX is this ok? */
krb5_error_code
krb5int_des_prf (const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, const krb5_data *in, krb5_data *out)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, const krb5_data *in, krb5_data *out)
{
- krb5_data tmp;
- krb5_error_code ret = 0;
+ krb5_data tmp;
+ krb5_error_code ret = 0;
- hash = &krb5int_hash_md5; /* MD5 is always used. */
- tmp.length = hash->hashsize;
- tmp.data = malloc(hash->hashsize);
- if (tmp.data == NULL)
- return ENOMEM;
- ret = hash->hash(1, in, &tmp);
- if (ret == 0)
- ret = enc->encrypt(key, NULL, &tmp, out);
- free(tmp.data);
- return ret;
+ hash = &krb5int_hash_md5; /* MD5 is always used. */
+ tmp.length = hash->hashsize;
+ tmp.data = malloc(hash->hashsize);
+ if (tmp.data == NULL)
+ return ENOMEM;
+ ret = hash->hash(1, in, &tmp);
+ if (ret == 0)
+ ret = enc->encrypt(key, NULL, &tmp, out);
+ free(tmp.data);
+ return ret;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/prf/dk_prf.c
*
krb5_error_code
krb5int_dk_prf (const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, const krb5_data *in, krb5_data *out)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, const krb5_data *in, krb5_data *out)
{
- krb5_data tmp;
- krb5_data prfconst;
- krb5_key kp = NULL;
- krb5_error_code ret = 0;
+ krb5_data tmp;
+ krb5_data prfconst;
+ krb5_key kp = NULL;
+ krb5_error_code ret = 0;
- prfconst.data = (char *) "prf";
- prfconst.length = 3;
- tmp.length = hash->hashsize;
- tmp.data = malloc(hash->hashsize);
- if (tmp.data == NULL)
- return ENOMEM;
- hash->hash(1, in, &tmp);
- tmp.length = (tmp.length/enc->block_size)*enc->block_size; /*truncate to block size*/
- ret = krb5int_derive_key(enc, key, &kp, &prfconst);
- if (ret == 0)
- ret = enc->encrypt(kp, NULL, &tmp, out);
- krb5_k_free_key(NULL, kp);
- free (tmp.data);
- return ret;
+ prfconst.data = (char *) "prf";
+ prfconst.length = 3;
+ tmp.length = hash->hashsize;
+ tmp.data = malloc(hash->hashsize);
+ if (tmp.data == NULL)
+ return ENOMEM;
+ hash->hash(1, in, &tmp);
+ tmp.length = (tmp.length/enc->block_size)*enc->block_size; /*truncate to block size*/
+ ret = krb5int_derive_key(enc, key, &kp, &prfconst);
+ if (ret == 0)
+ ret = enc->encrypt(kp, NULL, &tmp, out);
+ krb5_k_free_key(NULL, kp);
+ free (tmp.data);
+ return ret;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/prf/prf_int.h
*
krb5_error_code
krb5int_des_prf (const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, const krb5_data *in, krb5_data *out);
+ const struct krb5_hash_provider *hash,
+ krb5_key key, const krb5_data *in, krb5_data *out);
krb5_error_code
krb5int_dk_prf(const struct krb5_enc_provider *enc,
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/prf/rc4_prf.c
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2001, 2002, 2004, 2007, 2008 by the Massachusetts Institute of Technology.
* All rights reserved.
{
switch (randsource) {
case KRB5_C_RANDSOURCE_OLDAPI:
- return 4 * length;
+ return 4 * length;
case KRB5_C_RANDSOURCE_OSRAND:
- return 8 * length;
+ return 8 * length;
case KRB5_C_RANDSOURCE_TRUSTEDPARTY:
- return 4 * length;
+ return 4 * length;
case KRB5_C_RANDSOURCE_TIMING:
- return 2;
+ return 2;
case KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL:
- return 0;
+ return 0;
default:
- abort();
+ abort();
}
return 0;
}
yerr = k5_mutex_finish_init(&yarrow_lock);
if (yerr)
- return yerr;
+ return yerr;
yerr = krb5int_yarrow_init (&y_ctx, NULL);
if (yerr != YARROW_OK && yerr != YARROW_NOT_SEEDED)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
for (i=0; i < KRB5_C_RANDSOURCE_MAX; i++ ) {
- if (krb5int_yarrow_new_source(&y_ctx, &source_id) != YARROW_OK)
- return KRB5_CRYPTO_INTERNAL;
- assert (source_id == i);
+ if (krb5int_yarrow_new_source(&y_ctx, &source_id) != YARROW_OK)
+ return KRB5_CRYPTO_INTERNAL;
+ assert (source_id == i);
}
return 0;
krb5_error_code KRB5_CALLCONV
krb5_c_random_add_entropy(krb5_context context, unsigned int randsource,
- const krb5_data *data)
+ const krb5_data *data)
{
int yerr;
/* Make sure the mutex got initialized. */
yerr = krb5int_crypto_init();
if (yerr)
- return yerr;
+ return yerr;
/* Now, finally, feed in the data. */
yerr = krb5int_yarrow_input(&y_ctx, randsource,
- data->data, data->length,
- entropy_estimate(randsource, data->length));
+ data->data, data->length,
+ entropy_estimate(randsource, data->length));
if (yerr != YARROW_OK)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
return 0;
}
int yerr;
yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length);
if (yerr == YARROW_NOT_SEEDED) {
- yerr = krb5int_yarrow_reseed(&y_ctx, YARROW_SLOW_POOL);
- if (yerr == YARROW_OK)
- yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length);
+ yerr = krb5int_yarrow_reseed(&y_ctx, YARROW_SLOW_POOL);
+ if (yerr == YARROW_OK)
+ yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length);
}
if (yerr != YARROW_OK)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
return 0;
}
krb5_c_random_os_entropy(krb5_context context, int strong, int *success)
{
if (success)
- *success = 0;
+ *success = 0;
return 0;
}
fd = open (device, O_RDONLY);
if (fd == -1)
- return 0;
+ return 0;
set_cloexec_fd(fd);
if (fstat(fd, &sb) == -1 || S_ISREG(sb.st_mode)) {
- close(fd);
- return 0;
+ close(fd);
+ return 0;
}
for (bp = buf, left = sizeof(buf); left > 0;) {
- ssize_t count;
- count = read(fd, bp, (unsigned) left);
- if (count <= 0) {
- close(fd);
- return 0;
- }
- left -= count;
- bp += count;
+ ssize_t count;
+ count = read(fd, bp, (unsigned) left);
+ if (count <= 0) {
+ close(fd);
+ return 0;
+ }
+ left -= count;
+ bp += count;
}
close(fd);
data.length = sizeof (buf);
data.data = (char *) buf;
return (krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OSRAND,
- &data) == 0);
+ &data) == 0);
}
krb5_error_code KRB5_CALLCONV
we have both /dev/random and /dev/urandom. We want the strong
data included in the reseed so we get it first.*/
if (strong) {
- if (read_entropy_from_device(context, "/dev/random"))
- *oursuccess = 1;
+ if (read_entropy_from_device(context, "/dev/random"))
+ *oursuccess = 1;
}
if (read_entropy_from_device(context, "/dev/urandom"))
- *oursuccess = 1;
+ *oursuccess = 1;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/rand2key/aes_rand2key.c
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/rand2key/des3_rand2key.c
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/rand2key/des_rand2key.c
*
krb5int_des_make_key(const krb5_data *randombits, krb5_keyblock *key)
{
if (key->length != KRB5_MIT_DES_KEYSIZE)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if (randombits->length != 7)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
key->magic = KV5M_KEYBLOCK;
memcpy(key->contents, randombits->data, randombits->length);
key->contents[7] = (((key->contents[0]&1)<<1) | ((key->contents[1]&1)<<2) |
- ((key->contents[2]&1)<<3) | ((key->contents[3]&1)<<4) |
- ((key->contents[4]&1)<<5) | ((key->contents[5]&1)<<6) |
- ((key->contents[6]&1)<<7));
+ ((key->contents[2]&1)<<3) | ((key->contents[3]&1)<<4) |
+ ((key->contents[4]&1)<<5) | ((key->contents[5]&1)<<6) |
+ ((key->contents[6]&1)<<7));
mit_des_fixup_key_parity(key->contents);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#include "k5-int.h"
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/krb/rand2key/rc4_rand2key.c
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* COPYRIGHT (c) 2006
* The Regents of the University of Michigan
krb5_error_code KRB5_CALLCONV
krb5_c_random_to_key(krb5_context context, krb5_enctype enctype,
- krb5_data *random_data, krb5_keyblock *random_key)
+ krb5_data *random_data, krb5_keyblock *random_key)
{
krb5_error_code ret;
const struct krb5_keytypes *ktp;
const struct krb5_enc_provider *enc;
if (random_data == NULL || random_key == NULL ||
- random_key->contents == NULL)
- return EINVAL;
+ random_key->contents == NULL)
+ return EINVAL;
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
enc = ktp->enc;
if (random_key->length != enc->keylength)
- return KRB5_BAD_KEYSIZE;
+ return KRB5_BAD_KEYSIZE;
ret = (*enc->make_key)(random_data, random_key);
if (ret)
- memset(random_key->contents, 0, random_key->length);
+ memset(random_key->contents, 0, random_key->length);
return ret;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
#include "k5-int.h"
-void krb5_raw_encrypt_length
-(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t input, size_t *length);
+void krb5_raw_encrypt_length(const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ size_t input, size_t *length);
-krb5_error_code krb5int_raw_encrypt
-(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output);
+krb5_error_code krb5int_raw_encrypt(const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *output);
-krb5_error_code krb5int_raw_decrypt
-(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *arg_output);
+krb5_error_code krb5int_raw_decrypt(const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec,
+ const krb5_data *input,
+ krb5_data *arg_output);
extern const struct krb5_aead_provider krb5int_aead_raw;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/raw/raw_aead.c
*
static krb5_error_code
krb5int_raw_crypto_length(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_cryptotype type,
- unsigned int *length)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_cryptotype type,
+ unsigned int *length)
{
switch (type) {
case KRB5_CRYPTO_TYPE_PADDING:
- *length = enc->block_size;
- break;
+ *length = enc->block_size;
+ break;
default:
- *length = 0;
- break;
+ *length = 0;
+ break;
}
return 0;
static krb5_error_code
krb5int_raw_encrypt_iov(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
krb5_crypto_iov *padding;
ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &blocksize);
if (ret != 0)
- return ret;
+ return ret;
for (i = 0; i < num_data; i++) {
- krb5_crypto_iov *iov = &data[i];
+ krb5_crypto_iov *iov = &data[i];
- if (iov->flags == KRB5_CRYPTO_TYPE_DATA)
- plainlen += iov->data.length;
+ if (iov->flags == KRB5_CRYPTO_TYPE_DATA)
+ plainlen += iov->data.length;
}
if (blocksize != 0) {
- /* Check that the input data is correctly padded */
- if (plainlen % blocksize)
- padsize = blocksize - (plainlen % blocksize);
+ /* Check that the input data is correctly padded */
+ if (plainlen % blocksize)
+ padsize = blocksize - (plainlen % blocksize);
}
padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING);
if (padsize && (padding == NULL || padding->data.length < padsize))
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
if (padding != NULL) {
- memset(padding->data.data, 0, padsize);
- padding->data.length = padsize;
+ memset(padding->data.data, 0, padsize);
+ padding->data.length = padsize;
}
assert(enc->encrypt_iov != NULL);
static krb5_error_code
krb5int_raw_decrypt_iov(const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
krb5_error_code ret;
size_t i;
unsigned int cipherlen = 0;
if (krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_STREAM) != NULL) {
- return krb5int_c_iov_decrypt_stream(aead, enc, hash, key,
- usage, ivec, data, num_data);
+ return krb5int_c_iov_decrypt_stream(aead, enc, hash, key,
+ usage, ivec, data, num_data);
}
ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &blocksize);
if (ret != 0)
- return ret;
+ return ret;
for (i = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
+ const krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_DATA_IOV(iov))
- cipherlen += iov->data.length;
+ if (ENCRYPT_DATA_IOV(iov))
+ cipherlen += iov->data.length;
}
if (blocksize == 0) {
- /* Check for correct input length in CTS mode */
- if (enc->block_size != 0 && cipherlen < enc->block_size)
- return KRB5_BAD_MSIZE;
+ /* Check for correct input length in CTS mode */
+ if (enc->block_size != 0 && cipherlen < enc->block_size)
+ return KRB5_BAD_MSIZE;
} else {
- /* Check that the input data is correctly padded */
- if ((cipherlen % blocksize) != 0)
- return KRB5_BAD_MSIZE;
+ /* Check that the input data is correctly padded */
+ if ((cipherlen % blocksize) != 0)
+ return KRB5_BAD_MSIZE;
}
/* Validate header and trailer lengths */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code
krb5int_raw_decrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
return((*(enc->decrypt))(key, ivec, input, output));
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
void
krb5_raw_encrypt_length(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- size_t inputlen, size_t *length)
+ const struct krb5_hash_provider *hash,
+ size_t inputlen, size_t *length)
{
size_t blocksize;
krb5_error_code
krb5int_raw_encrypt(const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key, krb5_keyusage usage,
- const krb5_data *ivec, const krb5_data *input,
- krb5_data *output)
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output)
{
return((*(enc->encrypt))(key, ivec, input, output));
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/state.c
*
krb5_error_code KRB5_CALLCONV
krb5_c_init_state (krb5_context context, const krb5_keyblock *key,
- krb5_keyusage keyusage, krb5_data *new_state)
+ krb5_keyusage keyusage, krb5_data *new_state)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(key->enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
return ktp->enc->init_state(key, keyusage, new_state);
}
krb5_error_code KRB5_CALLCONV
krb5_c_free_state(krb5_context context, const krb5_keyblock *key,
- krb5_data *state)
+ krb5_data *state)
{
const struct krb5_keytypes *ktp;
ktp = find_enctype(key->enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
return ktp->enc->free_state(state);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
const struct krb5_cksumtypes *ctp;
for (i=0; i<krb5int_cksumtypes_length; i++) {
- ctp = &krb5int_cksumtypes_list[i];
- if (strcasecmp(ctp->name, string) == 0) {
- *cksumtypep = ctp->ctype;
- return 0;
- }
+ ctp = &krb5int_cksumtypes_list[i];
+ if (strcasecmp(ctp->name, string) == 0) {
+ *cksumtypep = ctp->ctype;
+ return 0;
+ }
#define MAX_ALIASES (sizeof(ctp->aliases) / sizeof(ctp->aliases[0]))
- for (j = 0; j < MAX_ALIASES; j++) {
- alias = ctp->aliases[j];
- if (alias == NULL)
- break;
- if (strcasecmp(alias, string) == 0) {
- *cksumtypep = ctp->ctype;
- return 0;
- }
- }
+ for (j = 0; j < MAX_ALIASES; j++) {
+ alias = ctp->aliases[j];
+ if (alias == NULL)
+ break;
+ if (strcasecmp(alias, string) == 0) {
+ *cksumtypep = ctp->ctype;
+ return 0;
+ }
+ }
}
return EINVAL;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
const struct krb5_keytypes *ktp;
for (i = 0; i < krb5int_enctypes_length; i++) {
- ktp = &krb5int_enctypes_list[i];
- if (strcasecmp(ktp->name, string) == 0) {
- *enctypep = ktp->etype;
- return 0;
- }
+ ktp = &krb5int_enctypes_list[i];
+ if (strcasecmp(ktp->name, string) == 0) {
+ *enctypep = ktp->etype;
+ return 0;
+ }
#define MAX_ALIASES (sizeof(ktp->aliases) / sizeof(ktp->aliases[0]))
- for (j = 0; j < MAX_ALIASES; j++) {
- alias = ktp->aliases[j];
- if (alias == NULL)
- break;
- if (strcasecmp(alias, string) == 0) {
- *enctypep = ktp->etype;
- return 0;
- }
- }
+ for (j = 0; j < MAX_ALIASES; j++) {
+ alias = ktp->aliases[j];
+ if (alias == NULL)
+ break;
+ if (strcasecmp(alias, string) == 0) {
+ *enctypep = ktp->etype;
+ return 0;
+ }
+ }
}
return EINVAL;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_c_string_to_key_with_params(krb5_context context,
- krb5_enctype enctype,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
+ krb5_enctype enctype,
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
krb5_error_code KRB5_CALLCONV
krb5_c_string_to_key(krb5_context context, krb5_enctype enctype,
- const krb5_data *string, const krb5_data *salt,
- krb5_keyblock *key)
+ const krb5_data *string, const krb5_data *salt,
+ krb5_keyblock *key)
{
return krb5_c_string_to_key_with_params(context, enctype, string, salt,
- NULL, key);
+ NULL, key);
}
krb5_error_code KRB5_CALLCONV
krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params, krb5_keyblock *key)
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params, krb5_keyblock *key)
{
krb5_error_code ret;
const struct krb5_keytypes *ktp;
ktp = find_enctype(enctype);
if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
keylength = ktp->enc->keylength;
/*
* deal with this. Using s2kparams would be a much better solution.
*/
if (salt && salt->length == SALT_TYPE_AFS_LENGTH) {
- switch (enctype) {
- case ENCTYPE_DES_CBC_CRC:
- case ENCTYPE_DES_CBC_MD4:
- case ENCTYPE_DES_CBC_MD5:
- break;
- default:
- return KRB5_CRYPTO_INTERNAL;
- }
+ switch (enctype) {
+ case ENCTYPE_DES_CBC_CRC:
+ case ENCTYPE_DES_CBC_MD4:
+ case ENCTYPE_DES_CBC_MD5:
+ break;
+ default:
+ return KRB5_CRYPTO_INTERNAL;
+ }
}
key->contents = malloc(keylength);
if (key->contents == NULL)
- return ENOMEM;
+ return ENOMEM;
key->magic = KV5M_KEYBLOCK;
key->enctype = enctype;
ret = (*ktp->str2key)(ktp->enc, string, salt, params, key);
if (ret) {
- zapfree(key->contents, keylength);
- key->length = 0;
- key->contents = NULL;
+ zapfree(key->contents, keylength);
+ key->length = 0;
+ key->contents = NULL;
}
return ret;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
unsigned int i;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == ctype)
- return TRUE;
+ if (krb5int_cksumtypes_list[i].ctype == ctype)
+ return TRUE;
}
return FALSE;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
krb5_error_code KRB5_CALLCONV
krb5_k_verify_checksum(krb5_context context, krb5_key key,
- krb5_keyusage usage, const krb5_data *data,
- const krb5_checksum *cksum, krb5_boolean *valid)
+ krb5_keyusage usage, const krb5_data *data,
+ const krb5_checksum *cksum, krb5_boolean *valid)
{
unsigned int i;
const struct krb5_cksumtypes *ctp;
krb5_checksum computed;
for (i=0; i<krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == cksum->checksum_type)
- break;
+ if (krb5int_cksumtypes_list[i].ctype == cksum->checksum_type)
+ break;
}
if (i == krb5int_cksumtypes_length)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
ctp = &krb5int_cksumtypes_list[i];
indata.length = cksum->length;
/* If there's actually a verify function, call it. */
if (ctp->keyhash) {
- keyhash = ctp->keyhash;
+ keyhash = ctp->keyhash;
- if (keyhash->verify == NULL && keyhash->verify_iov != NULL) {
- krb5_crypto_iov iov[1];
+ if (keyhash->verify == NULL && keyhash->verify_iov != NULL) {
+ krb5_crypto_iov iov[1];
- iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
- iov[0].data.data = data->data;
- iov[0].data.length = data->length;
+ iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
+ iov[0].data.data = data->data;
+ iov[0].data.length = data->length;
- return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata,
- valid);
- } else if (keyhash->verify != NULL) {
- return (*keyhash->verify)(key, usage, 0, data, &indata, valid);
- }
+ return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata,
+ valid);
+ } else if (keyhash->verify != NULL) {
+ return (*keyhash->verify)(key, usage, 0, data, &indata, valid);
+ }
}
/* Otherwise, make the checksum again, and compare. */
ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize);
if (ret)
- return ret;
+ return ret;
if (cksum->length != hashsize)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
computed.length = hashsize;
ret = krb5_k_make_checksum(context, cksum->checksum_type, key, usage,
- data, &computed);
+ data, &computed);
if (ret)
- return ret;
+ return ret;
*valid = (memcmp(computed.contents, cksum->contents, hashsize) == 0);
krb5_error_code KRB5_CALLCONV
krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *keyblock,
- krb5_keyusage usage, const krb5_data *data,
- const krb5_checksum *cksum, krb5_boolean *valid)
+ krb5_keyusage usage, const krb5_data *data,
+ const krb5_checksum *cksum, krb5_boolean *valid)
{
krb5_key key = NULL;
krb5_error_code ret;
if (keyblock != NULL) {
- ret = krb5_k_create_key(context, keyblock, &key);
- if (ret != 0)
- return ret;
+ ret = krb5_k_create_key(context, keyblock, &key);
+ if (ret != 0)
+ return ret;
}
ret = krb5_k_verify_checksum(context, key, usage, data, cksum, valid);
krb5_k_free_key(context, key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/verify_checksum_iov.c
*
krb5_error_code KRB5_CALLCONV
krb5_k_verify_checksum_iov(krb5_context context,
- krb5_cksumtype checksum_type,
- krb5_key key,
- krb5_keyusage usage,
- const krb5_crypto_iov *data,
- size_t num_data,
- krb5_boolean *valid)
+ krb5_cksumtype checksum_type,
+ krb5_key key,
+ krb5_keyusage usage,
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ krb5_boolean *valid)
{
unsigned int i;
const struct krb5_cksumtypes *ctp;
krb5_crypto_iov *checksum;
for (i = 0; i < krb5int_cksumtypes_length; i++) {
- if (krb5int_cksumtypes_list[i].ctype == checksum_type)
- break;
+ if (krb5int_cksumtypes_list[i].ctype == checksum_type)
+ break;
}
if (i == krb5int_cksumtypes_length)
- return KRB5_BAD_ENCTYPE;
+ return KRB5_BAD_ENCTYPE;
ctp = &krb5int_cksumtypes_list[i];
checksum = krb5int_c_locate_iov((krb5_crypto_iov *)data, num_data,
- KRB5_CRYPTO_TYPE_CHECKSUM);
+ KRB5_CRYPTO_TYPE_CHECKSUM);
if (checksum == NULL)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
/* If there's actually a verify function, call it. */
if (ctp->keyhash && ctp->keyhash->verify_iov) {
- return (*ctp->keyhash->verify_iov)(key, usage, 0, data, num_data,
- &checksum->data, valid);
+ return (*ctp->keyhash->verify_iov)(key, usage, 0, data, num_data,
+ &checksum->data, valid);
}
/* Otherwise, make the checksum again, and compare. */
if (ctp->keyhash != NULL)
- computed.length = ctp->keyhash->hashsize;
+ computed.length = ctp->keyhash->hashsize;
else
- computed.length = ctp->hash->hashsize;
+ computed.length = ctp->hash->hashsize;
if (ctp->trunc_size != 0)
- cksumlen = ctp->trunc_size;
+ cksumlen = ctp->trunc_size;
else
- cksumlen = computed.length;
+ cksumlen = computed.length;
if (checksum->data.length != cksumlen)
- return KRB5_BAD_MSIZE;
+ return KRB5_BAD_MSIZE;
computed.data = malloc(computed.length);
if (computed.data == NULL)
- return ENOMEM;
+ return ENOMEM;
ret = krb5int_c_make_checksum_iov(&krb5int_cksumtypes_list[i], key, usage,
- data, num_data, &computed);
+ data, num_data, &computed);
if (ret) {
- free(computed.data);
- return ret;
+ free(computed.data);
+ return ret;
}
*valid = (computed.length == cksumlen) &&
- (memcmp(computed.data, checksum->data.data, cksumlen) == 0);
+ (memcmp(computed.data, checksum->data.data, cksumlen) == 0);
free(computed.data);
return 0;
krb5_error_code KRB5_CALLCONV
krb5_c_verify_checksum_iov(krb5_context context,
- krb5_cksumtype checksum_type,
- const krb5_keyblock *keyblock,
- krb5_keyusage usage,
- const krb5_crypto_iov *data,
- size_t num_data,
- krb5_boolean *valid)
+ krb5_cksumtype checksum_type,
+ const krb5_keyblock *keyblock,
+ krb5_keyusage usage,
+ const krb5_crypto_iov *data,
+ size_t num_data,
+ krb5_boolean *valid)
{
krb5_key key;
krb5_error_code ret;
ret = krb5_k_create_key(context, keyblock, &key);
if (ret != 0)
- return ret;
+ return ret;
ret = krb5_k_verify_checksum_iov(context, checksum_type, key, usage, data,
- num_data, valid);
+ num_data, valid);
krb5_k_free_key(context, key);
return ret;
}
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Yarrow - Cryptographic Pseudo-Random Number Generator
limit = min(tmp1, tmp2);
if (limit < COUNTER_MAX)
{
- y->gates_limit = limit;
+ y->gates_limit = limit;
}
else
{
- y->gates_limit = COUNTER_MAX;
+ y->gates_limit = COUNTER_MAX;
}
}
static int
yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
- const void *sample,
- size_t size, size_t entropy_bits );
+ const void *sample,
+ size_t size, size_t entropy_bits );
static int Yarrow_detect_fork(Yarrow_CTX *y)
{
/* this does not work for multi-threaded apps if threads have different
* pids */
- newpid = getpid();
+ newpid = getpid();
if ( y->pid != newpid )
{
- /* we input the pid twice, so it will get into the fast pool at least once
- * Then we reseed. This doesn't really increase entropy, but does make the
- * streams distinct assuming we already have good entropy*/
- y->pid = newpid;
- TRY (yarrow_input_locked (y, 0, &newpid,
- sizeof (newpid), 0));
- TRY (yarrow_input_locked (y, 0, &newpid,
- sizeof (newpid), 0));
- TRY (yarrow_reseed_locked (y, YARROW_FAST_POOL));
+ /* we input the pid twice, so it will get into the fast pool at least once
+ * Then we reseed. This doesn't really increase entropy, but does make the
+ * streams distinct assuming we already have good entropy*/
+ y->pid = newpid;
+ TRY (yarrow_input_locked (y, 0, &newpid,
+ sizeof (newpid), 0));
+ TRY (yarrow_input_locked (y, 0, &newpid,
+ sizeof (newpid), 0));
+ TRY (yarrow_reseed_locked (y, YARROW_FAST_POOL));
}
- CATCH:
+CATCH:
EXCEP_RET;
}
#if defined( YARROW_SAVE_STATE )
if ( y->entropyfile != NULL )
{
- int ret = Yarrow_Load_State( y );
- if ( ret != YARROW_OK && ret != YARROW_NO_STATE )
- {
- THROW( ret );
- }
-
- /* if load suceeded then write new state back immediately
- */
-
- /* Also check that it's not already saved, because the reseed in
- * Yarrow_Load_State may trigger a save
- */
-
- if ( ret == YARROW_OK && !y->saved )
- {
- TRY( Yarrow_Save_State( y ) );
- }
+ int ret = Yarrow_Load_State( y );
+ if ( ret != YARROW_OK && ret != YARROW_NO_STATE )
+ {
+ THROW( ret );
+ }
+
+ /* if load suceeded then write new state back immediately
+ */
+
+ /* Also check that it's not already saved, because the reseed in
+ * Yarrow_Load_State may trigger a save
+ */
+
+ if ( ret == YARROW_OK && !y->saved )
+ {
+ TRY( Yarrow_Save_State( y ) );
+ }
}
#endif
if ( !y->seeded )
{
- THROW( YARROW_NOT_SEEDED );
+ THROW( YARROW_NOT_SEEDED );
}
- CATCH:
+CATCH:
if ( locked ) { TRY( UNLOCK() ); }
EXCEP_RET;
}
static
int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id,
- const void* sample,
- size_t size, size_t entropy_bits,
- int do_lock )
+ const void* sample,
+ size_t size, size_t entropy_bits,
+ int do_lock )
{
EXCEP_DECL;
int ret;
size_t estimate;
if (do_lock) {
- TRY( LOCK() );
- locked = 1;
+ TRY( LOCK() );
+ locked = 1;
}
k5_assert_locked(&krb5int_yarrow_lock);
if(source->pool != YARROW_FAST_POOL && source->pool != YARROW_SLOW_POOL)
{
- THROW( YARROW_BAD_SOURCE );
+ THROW( YARROW_BAD_SOURCE );
}
/* hash in the sample */
/* only update entropy estimate if pool is not full */
if ( (source->pool == YARROW_FAST_POOL &&
- source->entropy[source->pool] < y->fast_thresh) ||
- (source->pool == YARROW_SLOW_POOL &&
- source->entropy[source->pool] < y->slow_thresh) )
+ source->entropy[source->pool] < y->fast_thresh) ||
+ (source->pool == YARROW_SLOW_POOL &&
+ source->entropy[source->pool] < y->slow_thresh) )
{
- new_entropy = min(entropy_bits, size * 8 * YARROW_ENTROPY_MULTIPLIER);
- if (source->estimator)
- {
- estimate = source->estimator(sample, size);
- new_entropy = min(new_entropy, estimate);
- }
- source->entropy[source->pool] += new_entropy;
- if ( source->entropy[source->pool] > YARROW_POOL_SIZE )
- {
- source->entropy[source->pool] = YARROW_POOL_SIZE;
- }
-
- if (source->pool == YARROW_FAST_POOL)
- {
- if (source->entropy[YARROW_FAST_POOL] >= y->fast_thresh)
- {
- ret = yarrow_reseed_locked(y, YARROW_FAST_POOL);
- if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED )
- {
- THROW( ret );
- }
- }
- }
- else
- {
- if (!source->reached_slow_thresh &&
- source->entropy[YARROW_SLOW_POOL] >= y->slow_thresh)
- {
- source->reached_slow_thresh = 1;
- y->slow_k_of_n++;
- if (y->slow_k_of_n >= y->slow_k_of_n_thresh)
- {
- y->slow_k_of_n = 0;
- ret = yarrow_reseed_locked(y, YARROW_SLOW_POOL);
- if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED )
- {
- THROW( ret );
- }
- }
- }
- }
+ new_entropy = min(entropy_bits, size * 8 * YARROW_ENTROPY_MULTIPLIER);
+ if (source->estimator)
+ {
+ estimate = source->estimator(sample, size);
+ new_entropy = min(new_entropy, estimate);
+ }
+ source->entropy[source->pool] += new_entropy;
+ if ( source->entropy[source->pool] > YARROW_POOL_SIZE )
+ {
+ source->entropy[source->pool] = YARROW_POOL_SIZE;
+ }
+
+ if (source->pool == YARROW_FAST_POOL)
+ {
+ if (source->entropy[YARROW_FAST_POOL] >= y->fast_thresh)
+ {
+ ret = yarrow_reseed_locked(y, YARROW_FAST_POOL);
+ if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED )
+ {
+ THROW( ret );
+ }
+ }
+ }
+ else
+ {
+ if (!source->reached_slow_thresh &&
+ source->entropy[YARROW_SLOW_POOL] >= y->slow_thresh)
+ {
+ source->reached_slow_thresh = 1;
+ y->slow_k_of_n++;
+ if (y->slow_k_of_n >= y->slow_k_of_n_thresh)
+ {
+ y->slow_k_of_n = 0;
+ ret = yarrow_reseed_locked(y, YARROW_SLOW_POOL);
+ if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED )
+ {
+ THROW( ret );
+ }
+ }
+ }
+ }
}
/* put samples in alternate pools */
source->pool = (source->pool + 1) % 2;
- CATCH:
+CATCH:
if ( locked ) { TRY( UNLOCK() ); }
EXCEP_RET;
}
YARROW_DLL
int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
- const void* sample,
- size_t size, size_t entropy_bits )
+ const void* sample,
+ size_t size, size_t entropy_bits )
{
return yarrow_input_maybe_locking(y, source_id, sample, size,
- entropy_bits, 1);
+ entropy_bits, 1);
}
static int
yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
- const void *sample,
- size_t size, size_t entropy_bits )
+ const void *sample,
+ size_t size, size_t entropy_bits )
{
return yarrow_input_maybe_locking(y, source_id, sample, size,
- entropy_bits, 0);
+ entropy_bits, 0);
}
YARROW_DLL
if (y->num_sources + 1 > YARROW_MAX_SOURCES)
{
- THROW( YARROW_TOO_MANY_SOURCES );
+ THROW( YARROW_TOO_MANY_SOURCES );
}
*source_id = y->num_sources;
}
int krb5int_yarrow_register_source_estimator(Yarrow_CTX* y, unsigned source_id,
- estimator_fn* fptr)
+ estimator_fn* fptr)
{
EXCEP_DECL;
Source* source;
source->estimator = fptr;
- CATCH:
+CATCH:
EXCEP_RET;
}
y->out_count++;
if (y->out_count >= y->Pg)
{
- y->out_count = 0;
- TRY( yarrow_gate_locked( y ) );
+ y->out_count = 0;
+ TRY( yarrow_gate_locked( y ) );
- /* require new seed after reaching gates_limit */
+ /* require new seed after reaching gates_limit */
- y->gate_count++;
- if ( y->gate_count >= y->gates_limit )
- {
- y->gate_count = 0;
+ y->gate_count++;
+ if ( y->gate_count >= y->gates_limit )
+ {
+ y->gate_count = 0;
- /* not defined whether to do slow or fast reseed */
+ /* not defined whether to do slow or fast reseed */
- TRACE( printf( "OUTPUT LIMIT REACHED," ); );
+ TRACE( printf( "OUTPUT LIMIT REACHED," ); );
- TRY( yarrow_reseed_locked( y, YARROW_SLOW_POOL ) );
- }
+ TRY( yarrow_reseed_locked( y, YARROW_SLOW_POOL ) );
+ }
}
/* C <- (C + 1) mod 2^n */
hex_print( stdout, "output: K", y->K, CIPHER_KEY_SIZE );
hex_print( stdout, "output: O", out, CIPHER_BLOCK_SIZE );
#endif
- CATCH:
+CATCH:
EXCEP_RET;
}
YARROW_DLL
int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id,
- size_t *entropy_bits, size_t *entropy_max )
+ size_t *entropy_bits, size_t *entropy_max )
{
EXCEP_DECL;
int num = y->slow_k_of_n_thresh;
if (y->seeded)
{
- if (num_sources) { *num_sources = 0; }
- if (entropy_bits) { *entropy_bits = emax; }
- THROW( YARROW_OK );
+ if (num_sources) { *num_sources = 0; }
+ if (entropy_bits) { *entropy_bits = emax; }
+ THROW( YARROW_OK );
}
for (i = 0; i < y->num_sources; i++)
{
- if (y->source[i].entropy[YARROW_SLOW_POOL] >= y->slow_thresh)
- {
- num--;
- }
- else if (y->source[i].entropy[YARROW_SLOW_POOL] > entropy)
- {
- source = i;
- entropy = y->source[i].entropy[YARROW_SLOW_POOL];
- }
+ if (y->source[i].entropy[YARROW_SLOW_POOL] >= y->slow_thresh)
+ {
+ num--;
+ }
+ else if (y->source[i].entropy[YARROW_SLOW_POOL] > entropy)
+ {
+ source = i;
+ entropy = y->source[i].entropy[YARROW_SLOW_POOL];
+ }
}
if (num_sources) { *num_sources = num; }
if (entropy_bits) { *entropy_bits = entropy; }
THROW( YARROW_NOT_SEEDED );
- CATCH:
+CATCH:
EXCEP_RET;
}
if (y->out_left > 0)
{
- use = min(left, y->out_left);
- mem_copy(outp, y->out + CIPHER_BLOCK_SIZE - y->out_left, use);
- left -= use;
- y->out_left -= use;
- outp += use;
+ use = min(left, y->out_left);
+ mem_copy(outp, y->out + CIPHER_BLOCK_SIZE - y->out_left, use);
+ left -= use;
+ y->out_left -= use;
+ outp += use;
}
for ( ;
- left >= CIPHER_BLOCK_SIZE;
- left -= CIPHER_BLOCK_SIZE, outp += CIPHER_BLOCK_SIZE)
+ left >= CIPHER_BLOCK_SIZE;
+ left -= CIPHER_BLOCK_SIZE, outp += CIPHER_BLOCK_SIZE)
{
- TRY( krb5int_yarrow_output_Block(y, outp) );
+ TRY( krb5int_yarrow_output_Block(y, outp) );
}
if (left > 0)
{
- TRY( krb5int_yarrow_output_Block(y, y->out) );
- mem_copy(outp, y->out, left);
- y->out_left = CIPHER_BLOCK_SIZE - left;
+ TRY( krb5int_yarrow_output_Block(y, y->out) );
+ mem_copy(outp, y->out, left);
+ y->out_left = CIPHER_BLOCK_SIZE - left;
}
- CATCH:
+CATCH:
EXCEP_RET;
}
TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K));
- CATCH:
+CATCH:
TRACE( printf( "]," ); );
mem_zero(new_K, sizeof(new_K));
EXCEP_RET;
TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K));
- CATCH:
+CATCH:
TRACE( printf( "]," ); );
mem_zero(new_K, sizeof(new_K));
EXCEP_RET;
if ( y->entropyfile )
{
- TRY( STATE_Load(y->entropyfile, &state) );
- TRACE( printf( "LOAD STATE," ); );
+ TRY( STATE_Load(y->entropyfile, &state) );
+ TRACE( printf( "LOAD STATE," ); );
#if defined( YARROW_DEBUG )
- hex_print( stderr, "state.load", state.seed, sizeof(state.seed));
+ hex_print( stderr, "state.load", state.seed, sizeof(state.seed));
#endif
- /* what to do here is not defined by the Yarrow paper */
- /* this is a place holder until we get some clarification */
+ /* what to do here is not defined by the Yarrow paper */
+ /* this is a place holder until we get some clarification */
- HASH_Update( &y->pool[YARROW_FAST_POOL],
- state.seed, sizeof(state.seed) );
+ HASH_Update( &y->pool[YARROW_FAST_POOL],
+ state.seed, sizeof(state.seed) );
- Yarrow_Make_Seeded( y );
+ Yarrow_Make_Seeded( y );
- TRY( krb5int_yarrow_reseed(y, YARROW_FAST_POOL) );
+ TRY( krb5int_yarrow_reseed(y, YARROW_FAST_POOL) );
}
- CATCH:
+CATCH:
mem_zero(state.seed, sizeof(state.seed));
EXCEP_RET;
}
if ( y->entropyfile && y->seeded )
{
- TRACE( printf( "SAVE STATE[" ); );
- TRY( krb5int_yarrow_output( y, state.seed, sizeof(state.seed) ) );
- TRY( STATE_Save(y->entropyfile, &state) );
+ TRACE( printf( "SAVE STATE[" ); );
+ TRY( krb5int_yarrow_output( y, state.seed, sizeof(state.seed) ) );
+ TRY( STATE_Save(y->entropyfile, &state) );
}
y->saved = 1;
# if defined(YARROW_DEBUG)
hex_print(stdout, "state.save", state.seed, sizeof(state.seed));
# endif
- CATCH:
+CATCH:
TRACE( printf( "]," ); );
mem_zero(state.seed, sizeof(state.seed));
EXCEP_RET;
slow_pool = &y->pool[YARROW_SLOW_POOL];
if( pool != YARROW_FAST_POOL && pool != YARROW_SLOW_POOL )
{
- THROW( YARROW_BAD_ARG );
+ THROW( YARROW_BAD_ARG );
}
TRACE( printf( "%s RESEED,",
- pool == YARROW_SLOW_POOL ? "SLOW" : "FAST" ); );
+ pool == YARROW_SLOW_POOL ? "SLOW" : "FAST" ); );
if (pool == YARROW_SLOW_POOL)
{
- /* SLOW RESEED */
+ /* SLOW RESEED */
- /* feed hash of slow pool into the fast pool */
+ /* feed hash of slow pool into the fast pool */
- HASH_Final(slow_pool, digest);
+ HASH_Final(slow_pool, digest);
- /* Each pool contains the running hash of all inputs fed into it
- * since it was last used to carry out a reseed -- this implies
- * that the pool must be reinitialized after a reseed
- */
+ /* Each pool contains the running hash of all inputs fed into it
+ * since it was last used to carry out a reseed -- this implies
+ * that the pool must be reinitialized after a reseed
+ */
- HASH_Init(slow_pool); /* reinitialize slow pool */
- HASH_Update(fast_pool, digest, sizeof(digest));
+ HASH_Init(slow_pool); /* reinitialize slow pool */
+ HASH_Update(fast_pool, digest, sizeof(digest));
- if (y->seeded == 0)
- {
- Yarrow_Make_Seeded( y );
- }
+ if (y->seeded == 0)
+ {
+ Yarrow_Make_Seeded( y );
+ }
}
/* step 1. v_0 <- hash of all inputs into fast pool */
for ( i = 0; i < y->Pt[pool]; i++ )
{
- HASH_Init(&hash);
- HASH_Update(&hash, v_i, sizeof(v_i));
- HASH_Update(&hash, v_0, sizeof(v_0));
- big_endian_int32 = make_big_endian32(0); /* MS word */
- HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4));
- big_endian_int32 = make_big_endian32(i & 0xFFFFFFFF); /* LS word */
- HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4));
- HASH_Final(&hash, &v_i);
+ HASH_Init(&hash);
+ HASH_Update(&hash, v_i, sizeof(v_i));
+ HASH_Update(&hash, v_0, sizeof(v_0));
+ big_endian_int32 = make_big_endian32(0); /* MS word */
+ HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4));
+ big_endian_int32 = make_big_endian32(i & 0xFFFFFFFF); /* LS word */
+ HASH_Update(&hash, &big_endian_int32, sizeof(krb5_ui_4));
+ HASH_Final(&hash, &v_i);
}
/* step3. K = h'(h(v_Pt|K)) */
for (i = 0; i < y->num_sources; i++)
{
- y->source[i].entropy[pool] = 0;
- if (pool == YARROW_SLOW_POOL)
- {
- /* if this is a slow reseed, reset the fast pool entropy
- * accumulator also
- */
- y->source[i].entropy[YARROW_FAST_POOL] = 0;
- y->source[i].reached_slow_thresh = 0;
- }
+ y->source[i].entropy[pool] = 0;
+ if (pool == YARROW_SLOW_POOL)
+ {
+ /* if this is a slow reseed, reset the fast pool entropy
+ * accumulator also
+ */
+ y->source[i].entropy[YARROW_FAST_POOL] = 0;
+ y->source[i].reached_slow_thresh = 0;
+ }
}
/* step 7. If a seed file is in use, the next 2k bits of output
#if defined( YARROW_SAVE_STATE )
if ( y->seeded && y->entropyfile )
{
- TRY( Yarrow_Save_State( y ) );
+ TRY( Yarrow_Save_State( y ) );
}
#endif
- CATCH:
+CATCH:
/* step 6. Wipe the memory of all intermediate values
*
*/
}
int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool)
{
- int r;
- LOCK();
- r = yarrow_reseed_locked(y, pool);
- UNLOCK();
- return r;
+ int r;
+ LOCK();
+ r = yarrow_reseed_locked(y, pool);
+ UNLOCK();
+ return r;
}
int krb5int_yarrow_stretch(const byte* m, size_t size, byte* out, size_t out_size)
if (m == NULL || size == 0 || out == NULL || out_size == 0)
{
- THROW( YARROW_BAD_ARG );
+ THROW( YARROW_BAD_ARG );
}
/*
HASH_Init(&hash);
for ( ;
- left > 0;
- left -= HASH_DIGEST_SIZE)
+ left > 0;
+ left -= HASH_DIGEST_SIZE)
{
- HASH_Update(&hash, s_i, use);
+ HASH_Update(&hash, s_i, use);
- /* have to save hash state to one side as HASH_final changes state */
+ /* have to save hash state to one side as HASH_final changes state */
- mem_copy(&save, &hash, sizeof(hash));
- HASH_Final(&hash, digest);
+ mem_copy(&save, &hash, sizeof(hash));
+ HASH_Final(&hash, digest);
- use = min(HASH_DIGEST_SIZE, left);
- mem_copy(outp, digest, use);
+ use = min(HASH_DIGEST_SIZE, left);
+ mem_copy(outp, digest, use);
- /* put state back for next time */
+ /* put state back for next time */
- mem_copy(&hash, &save, sizeof(hash));
+ mem_copy(&hash, &save, sizeof(hash));
- s_i = outp; /* retain pointer to s_i */
- outp += use;
+ s_i = outp; /* retain pointer to s_i */
+ outp += use;
}
- CATCH:
+CATCH:
mem_zero(&hash, sizeof(hash));
mem_zero(digest, sizeof(digest));
for (i = sz-1; (++b[i]) == 0 && i > 0; i--)
{
- ; /* nothing */
+ ; /* nothing */
}
}
#if defined( YARROW_SAVE_STATE )
if ( y->seeded && y->entropyfile )
{
- TRY( Yarrow_Save_State( y ) );
+ TRY( Yarrow_Save_State( y ) );
}
#endif
- CATCH:
+CATCH:
if ( y )
{
- krb5int_yarrow_cipher_final(&y->cipher);
- mem_zero( y, sizeof(Yarrow_CTX) );
+ krb5int_yarrow_cipher_final(&y->cipher);
+ mem_zero( y, sizeof(Yarrow_CTX) );
}
if ( locked ) { TRY( UNLOCK() ); }
EXCEP_RET;
{
err = 1-err;
if ( err < 0 ||
- (unsigned int) err >= sizeof( yarrow_str_error ) / sizeof( char* ) )
+ (unsigned int) err >= sizeof( yarrow_str_error ) / sizeof( char* ) )
{
- err = 1-YARROW_FAIL;
+ err = 1-YARROW_FAIL;
}
return yarrow_str_error[ err ];
}
fprintf(f, " = ");
for (i = 0; i < size; i++)
{
- c = conv[(p[i] >> 4) & 0xf];
- d = conv[p[i] & 0xf];
- fprintf(f, "%c%c", c, d);
+ c = conv[(p[i] >> 4) & 0xf];
+ d = conv[p[i] & 0xf];
+ fprintf(f, "%c%c", c, d);
}
fprintf(f, "\n");
}
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YARROW_H
#define YARROW_H
YARROW_DLL
int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
- const void* sample,
- size_t size, size_t entropy_bits );
+ const void* sample,
+ size_t size, size_t entropy_bits );
YARROW_DLL
int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id,
- size_t *entropy_bits, size_t *entropy_max );
+ size_t *entropy_bits, size_t *entropy_max );
YARROW_DLL
int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size );
YARROW_DLL
int krb5int_yarrow_register_source_estimator( Yarrow_CTX* y, unsigned source_id,
- estimator_fn* fptr );
+ estimator_fn* fptr );
YARROW_DLL
int krb5int_yarrow_stretch( const byte* m, size_t size, byte* out, size_t out_size );
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/yarrow/ycipher.c
*
(CIPHER_CTX *ctx,
unsigned const char * key)
{
- size_t keybytes, keylength;
- const struct krb5_enc_provider *enc = &yarrow_enc_provider;
- krb5_error_code ret;
- krb5_data randombits;
- krb5_keyblock keyblock;
+ size_t keybytes, keylength;
+ const struct krb5_enc_provider *enc = &yarrow_enc_provider;
+ krb5_error_code ret;
+ krb5_data randombits;
+ krb5_keyblock keyblock;
- keybytes = enc->keybytes;
- keylength = enc->keylength;
- assert (keybytes == CIPHER_KEY_SIZE);
- krb5_k_free_key(NULL, ctx->key);
- ctx->key = NULL;
- keyblock.contents = malloc(keylength);
- keyblock.length = keylength;
- if (keyblock.contents == NULL)
- return (YARROW_NOMEM);
- randombits.data = (char *) key;
- randombits.length = keybytes;
- ret = enc->make_key(&randombits, &keyblock);
- if (ret != 0)
- goto cleanup;
- ret = krb5_k_create_key(NULL, &keyblock, &ctx->key);
+ keybytes = enc->keybytes;
+ keylength = enc->keylength;
+ assert (keybytes == CIPHER_KEY_SIZE);
+ krb5_k_free_key(NULL, ctx->key);
+ ctx->key = NULL;
+ keyblock.contents = malloc(keylength);
+ keyblock.length = keylength;
+ if (keyblock.contents == NULL)
+ return (YARROW_NOMEM);
+ randombits.data = (char *) key;
+ randombits.length = keybytes;
+ ret = enc->make_key(&randombits, &keyblock);
+ if (ret != 0)
+ goto cleanup;
+ ret = krb5_k_create_key(NULL, &keyblock, &ctx->key);
cleanup:
- free(keyblock.contents);
- if (ret)
- return YARROW_FAIL;
- return YARROW_OK;
+ free(keyblock.contents);
+ if (ret)
+ return YARROW_FAIL;
+ return YARROW_OK;
}
int krb5int_yarrow_cipher_encrypt_block
(CIPHER_CTX *ctx, const unsigned char *in,
unsigned char *out)
{
- krb5_error_code ret;
- krb5_data ind, outd;
- const struct krb5_enc_provider *enc = &yarrow_enc_provider;
- ind.data = (char *) in;
- ind.length = CIPHER_BLOCK_SIZE;
- outd.data = (char *) out;
- outd.length = CIPHER_BLOCK_SIZE;
- ret = enc->encrypt(ctx->key, 0, &ind, &outd);
- if (ret)
- return YARROW_FAIL;
- return YARROW_OK;
+ krb5_error_code ret;
+ krb5_data ind, outd;
+ const struct krb5_enc_provider *enc = &yarrow_enc_provider;
+ ind.data = (char *) in;
+ ind.length = CIPHER_BLOCK_SIZE;
+ outd.data = (char *) out;
+ outd.length = CIPHER_BLOCK_SIZE;
+ ret = enc->encrypt(ctx->key, 0, &ind, &outd);
+ if (ret)
+ return YARROW_FAIL;
+ return YARROW_OK;
}
void
(CIPHER_CTX *ctx)
{
- krb5_k_free_key(NULL, ctx->key);
- ctx->key = NULL;
+ krb5_k_free_key(NULL, ctx->key);
+ ctx->key = NULL;
}
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YCIPHER_H
#define YCIPHER_H
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YEXCEP_H
#define YEXCEP_H
#define EXCEP_OK 1
#define EXCEP_DECL int _thr = 0, _ret2 = 0, _ret = _ret2+EXCEP_OK
-#define THROW( x ) \
- do { \
- _ret = (x); \
- if( !_thr ) { goto _catch; } \
+#define THROW( x ) \
+ do { \
+ _ret = (x); \
+ if( !_thr ) { goto _catch; } \
} while ( 0 )
-#define TRY( x ) \
- do { \
- _ret2 = (x); \
- if ( _ret > 0 && _ret2 <= 0 ) { THROW( _ret2 ); } \
+#define TRY( x ) \
+ do { \
+ _ret2 = (x); \
+ if ( _ret > 0 && _ret2 <= 0 ) { THROW( _ret2 ); } \
} while ( 0 )
#define SET( x ) (_ret = (x))
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YLOCK_H
#define YLOCK_H
#else
#include "k5-thread.h"
extern k5_mutex_t krb5int_yarrow_lock;
-#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
#define UNLOCK() (k5_mutex_unlock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
#endif
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YSTATE_H
#define YSTATE_H
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef YTYPES_H
#define YTYPES_H
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/aes/aes_s2k.c
*
#include "dk.h"
#include "aes_s2k.h"
-#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */
-#define MAX_ITERATION_COUNT 0x1000000L
+#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */
+#define MAX_ITERATION_COUNT 0x1000000L
krb5_error_code
krb5int_aes_string_to_key(const struct krb5_enc_provider *enc,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key)
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key)
{
unsigned long iter_count;
krb5_data out;
krb5_error_code err;
if (params) {
- unsigned char *p = (unsigned char *) params->data;
- if (params->length != 4)
- return KRB5_ERR_BAD_S2K_PARAMS;
- /* The first two need casts in case 'int' is 16 bits. */
- iter_count = load_32_be(p);
- if (iter_count == 0) {
- iter_count = (1UL << 16) << 16;
- if (((iter_count >> 16) >> 16) != 1)
- return KRB5_ERR_BAD_S2K_PARAMS;
- }
+ unsigned char *p = (unsigned char *) params->data;
+ if (params->length != 4)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ /* The first two need casts in case 'int' is 16 bits. */
+ iter_count = load_32_be(p);
+ if (iter_count == 0) {
+ iter_count = (1UL << 16) << 16;
+ if (((iter_count >> 16) >> 16) != 1)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+ }
} else
- iter_count = DEFAULT_ITERATION_COUNT;
+ iter_count = DEFAULT_ITERATION_COUNT;
/* This is not a protocol specification constraint; this is an
implementation limit, which should eventually be controlled by
a config file. */
if (iter_count >= MAX_ITERATION_COUNT)
- return KRB5_ERR_BAD_S2K_PARAMS;
+ return KRB5_ERR_BAD_S2K_PARAMS;
/* Use the output keyblock contents for temporary space. */
out.data = (char *) key->contents;
out.length = key->length;
if (out.length != 16 && out.length != 32)
- return KRB5_CRYPTO_INTERNAL;
+ return KRB5_CRYPTO_INTERNAL;
err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt);
if (err)
- goto cleanup;
+ goto cleanup;
err = krb5_k_create_key (NULL, key, &tempkey);
if (err)
- goto cleanup;
+ goto cleanup;
err = krb5int_derive_keyblock (enc, tempkey, key, &usage);
cleanup:
if (err)
- memset (out.data, 0, out.length);
+ memset (out.data, 0, out.length);
krb5_k_free_key (NULL, tempkey);
return err;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/aes/aes_s2k.h
*/
extern krb5_error_code
krb5int_aes_string_to_key (const struct krb5_enc_provider *,
- const krb5_data *, const krb5_data *,
- const krb5_data *, krb5_keyblock *key);
+ const krb5_data *, const krb5_data *,
+ const krb5_data *, krb5_keyblock *key);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/des/des_int.h
*
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
-/* only do the whole thing once */
+/* only do the whole thing once */
#ifndef DES_INTERNAL_DEFS
#define DES_INTERNAL_DEFS
#define DES_UINT32 unsigned long
#endif
-typedef unsigned char des_cblock[8] /* crypto-block size */
+typedef unsigned char des_cblock[8] /* crypto-block size */
KRB5INT_DES_DEPRECATED;
/*
typedef des_key_schedule mit_des_key_schedule;
/* Triple-DES structures */
-typedef mit_des_cblock mit_des3_cblock[3];
-typedef mit_des_key_schedule mit_des3_key_schedule[3];
+typedef mit_des_cblock mit_des3_cblock[3];
+typedef mit_des_key_schedule mit_des3_key_schedule[3];
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
+#define MIT_DES_ENCRYPT 1
+#define MIT_DES_DECRYPT 0
typedef struct mit_des_ran_key_seed {
krb5_encrypt_block eblock;
/* the first byte of the key is already in the keyblock */
-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
-#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH
+#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
+#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH
/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE 8
+#define MIT_DES_KEYSIZE 8
-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
+#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
/*
* Check if k5-int.h has been included before us. If so, then check to see
* that our view of the DES key size is the same as k5-int.h's.
*/
-#ifdef KRB5_MIT_DES_KEYSIZE
-#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
+#ifdef KRB5_MIT_DES_KEYSIZE
+#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif /* KRB5_MIT_DES_KEYSIZE */
+#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES_KEYSIZE */
#endif /* KRB5_MIT_DES__ */
/*
* End "mit-des.h"
/* string2key.c */
extern krb5_error_code mit_des_string_to_key
- ( const krb5_encrypt_block *,
- krb5_keyblock *, const krb5_data *, const krb5_data *);
+( const krb5_encrypt_block *,
+ krb5_keyblock *, const krb5_data *, const krb5_data *);
extern krb5_error_code mit_des_string_to_key_int
- (krb5_keyblock *, const krb5_data *, const krb5_data *);
+(krb5_keyblock *, const krb5_data *, const krb5_data *);
/* weak_key.c */
extern int mit_des_is_weak_key (mit_des_cblock );
/* XXX depends on FILE being a #define! */
extern void test_set (FILE *, const char *, int, const char *, int);
#endif
-#endif /*DES_INTERNAL_DEFS*/
+#endif /*DES_INTERNAL_DEFS*/
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/des/des_oldapis.c
*
unsigned long
mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const krb5_octet *ivec)
+ unsigned long length, const mit_des_key_schedule schedule,
+ const krb5_octet *ivec)
{
/* Unsupported operation */
return KRB5_CRYPTO_INTERNAL;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/des/f_parity.c
*
void
mit_des_fixup_key_parity(mit_des_cblock key)
{
- DES_set_odd_parity(key);
+ DES_set_odd_parity(key);
}
/*
mit_des_check_key_parity(mit_des_cblock key)
{
if (!DES_check_key_parity(key))
- return(0);
+ return(0);
return (1);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/des/string2key.c
*
krb5_error_code
mit_des_string_to_key_int (krb5_keyblock *key,
- const krb5_data *pw, const krb5_data *salt)
+ const krb5_data *pw, const krb5_data *salt)
{
DES_cblock outkey;
DES_string_to_key(pw->data, &outkey);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/des/weak_key.c
*
const mit_des_cblock *weak_p = weak;
for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
- return 1;
+ if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
+ return 1;
}
if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */
- return 1;
+ return 1;
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/enc_provider/aes.c
*
/* proto's */
static krb5_error_code
cts_enc(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const krb5_data *input, krb5_data *output);
static krb5_error_code
cbc_enc(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const krb5_data *input, krb5_data *output);
static krb5_error_code
cts_decr(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const krb5_data *input, krb5_data *output);
static krb5_error_code
cbc_decr(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const krb5_data *input, krb5_data *output);
static krb5_error_code
cts_encr_iov(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data, size_t dlen);
+ krb5_crypto_iov *data, size_t num_data, size_t dlen);
static krb5_error_code
cts_decr_iov(krb5_key key, const krb5_data *ivec,
- krb5_crypto_iov *data, size_t num_data, size_t dlen);
+ krb5_crypto_iov *data, size_t num_data, size_t dlen);
#define BLOCK_SIZE 16
#define NUM_BITS 8
static krb5_error_code
cbc_enc(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
- NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
+ NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (ret == 1){
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
- (unsigned char *)input->data, input->length);
+ (unsigned char *)input->data, input->length);
output->length = tmp_len;
if(ret)
ret = EVP_EncryptFinal_ex(&ciph_ctx,tmp_buf+tmp_len,&tmp_len);
static krb5_error_code
cbc_decr(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
unsigned char *tmp_buf = NULL;
EVP_CIPHER_CTX_init(&ciph_ctx);
ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
- NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
+ NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
if (ret == 1) {
EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
- (unsigned char *)input->data, input->length);
+ (unsigned char *)input->data, input->length);
output->length = tmp_len;
if (ret == 1)
ret = EVP_DecryptFinal_ex(&ciph_ctx,tmp_buf+tmp_len,&tmp_len);
static krb5_error_code
cts_enc(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
size_t size = 0;
tmp_len = input->length;
AES_set_encrypt_key(key->keyblock.contents,
- NUM_BITS * key->keyblock.length, &enck);
+ NUM_BITS * key->keyblock.length, &enck);
size = CRYPTO_cts128_encrypt((unsigned char *)input->data, tmp_buf,
input->length, &enck,
static krb5_error_code
cts_decr(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
size_t size = 0;
tmp_len = input->length;
AES_set_decrypt_key(key->keyblock.contents,
- NUM_BITS * key->keyblock.length, &deck);
+ NUM_BITS * key->keyblock.length, &deck);
size = CRYPTO_cts128_decrypt((unsigned char *)input->data, tmp_buf,
input->length, &deck,
static krb5_error_code
cts_encr_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data, size_t dlen)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data, size_t dlen)
{
int ret = 0;
int oblock_len = BLOCK_SIZE * num_data;
tlen = 0;
for (;;) {
if (krb5int_c_iov_get_block(iblock, BLOCK_SIZE,
- data, num_data, &input_pos)){
+ data, num_data, &input_pos)){
memcpy(dbuf+tlen,iblock, BLOCK_SIZE);
tlen += BLOCK_SIZE;
- } else {
+ } else {
memcpy(dbuf+tlen,iblock, dlen - tlen);
break;
- }
+ }
if (tlen > dlen) break;
}
AES_set_encrypt_key(key->keyblock.contents,
- NUM_BITS * key->keyblock.length, &enck);
+ NUM_BITS * key->keyblock.length, &enck);
size = CRYPTO_cts128_encrypt((unsigned char *)dbuf, oblock, dlen, &enck,
iv_cts, (cbc128_f)AES_cbc_encrypt);
static krb5_error_code
cts_decr_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data, size_t dlen)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data, size_t dlen)
{
int ret = 0;
int oblock_len = BLOCK_SIZE*num_data;
memset(dbuf, 0, dlen);
AES_set_decrypt_key(key->keyblock.contents,
- NUM_BITS * key->keyblock.length, &deck);
+ NUM_BITS * key->keyblock.length, &deck);
tlen = 0;
for (;;) {
if (krb5int_c_iov_get_block(iblock, BLOCK_SIZE,
- data, num_data, &input_pos)){
+ data, num_data, &input_pos)){
memcpy(dbuf+tlen,iblock, BLOCK_SIZE);
tlen += BLOCK_SIZE;
- } else {
+ } else {
memcpy(dbuf+tlen,iblock, dlen - tlen);
break;
- }
+ }
if (tlen > dlen) break;
}
krb5_error_code
krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0;
krb5_error_code
krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0;
int nblocks = 0;
static krb5_error_code
krb5int_aes_encrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
int ret = 0;
int nblocks = 0;
static krb5_error_code
krb5int_aes_decrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
int ret = 0;
int nblocks = 0;
static krb5_error_code
krb5int_aes_init_state (const krb5_keyblock *key, krb5_keyusage usage,
- krb5_data *state)
+ krb5_data *state)
{
state->length = 16;
state->data = (void *) malloc(16);
if (state->data == NULL)
- return ENOMEM;
+ return ENOMEM;
memset(state->data, 0, state->length);
return 0;
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/enc_provider/des.c
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
static krb5_error_code
validate(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, const krb5_data *output)
+ const krb5_data *input, const krb5_data *output)
{
/* key->keyblock.enctype was checked by the caller */
if (key->keyblock.length != KRB5_MIT_DES_KEYSIZE)
static krb5_error_code
validate_iov(krb5_key key, const krb5_data *ivec,
- const krb5_crypto_iov *data, size_t num_data)
+ const krb5_crypto_iov *data, size_t num_data)
{
size_t i, input_length;
static krb5_error_code
k5_des_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
unsigned int tmp_buf_len = 0;
static krb5_error_code
k5_des_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
/* key->keyblock.enctype was checked by the caller */
int ret = 0, tmp_len = 0;
static krb5_error_code
k5_des_encrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
int ret = 0, tmp_len = MIT_DES_BLOCK_LENGTH;
int oblock_len = MIT_DES_BLOCK_LENGTH * num_data;
static krb5_error_code
k5_des_decrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
int ret = 0;
int tmp_len = MIT_DES_BLOCK_LENGTH;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/enc_provider/des3.c
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
static krb5_error_code
validate(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, const krb5_data *output)
+ const krb5_data *input, const krb5_data *output)
{
/* key->keyblock.enctype was checked by the caller */
if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if ((input->length%DES_BLOCK_SIZE) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (input->length != output->length)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
return 0;
}
static krb5_error_code
validate_iov(krb5_key key, const krb5_data *ivec,
- const krb5_crypto_iov *data, size_t num_data)
+ const krb5_crypto_iov *data, size_t num_data)
{
size_t i, input_length;
for (i = 0, input_length = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
- if (ENCRYPT_IOV(iov))
- input_length += iov->data.length;
+ const krb5_crypto_iov *iov = &data[i];
+ if (ENCRYPT_IOV(iov))
+ input_length += iov->data.length;
}
if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE)
- return(KRB5_BAD_KEYSIZE);
+ return(KRB5_BAD_KEYSIZE);
if ((input_length%DES_BLOCK_SIZE) != 0)
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
+ return(KRB5_BAD_MSIZE);
return 0;
}
static krb5_error_code
k5_des3_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
unsigned int tmp_buf_len = 0;
ret = validate(key, ivec, input, output);
if (ret)
- return ret;
+ return ret;
tmp_buf_len = output->length * 2;
tmp_buf = OPENSSL_malloc(tmp_buf_len);
static krb5_error_code
k5_des3_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
unsigned int tmp_buf_len = 0;
ret = validate(key, ivec, input, output);
if (ret)
- return ret;
+ return ret;
tmp_buf_len = output->length;
static krb5_error_code
k5_des3_encrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
int ret = 0;
int tmp_len = MIT_DES_BLOCK_LENGTH;
if(ret) {
/*if (ivec != NULL && ivec->data)
- memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */
+ memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */
ret = EVP_EncryptFinal_ex(&ciph_ctx, oblock+input_pos.data_pos, &tmp_len);
}
static krb5_error_code
k5_des3_decrypt_iov(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *ivec,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
int ret = 0;
int tmp_len = MIT_DES_BLOCK_LENGTH;
if(ret) {
/*if (ivec != NULL && ivec->data)
- memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */
+ memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); */
ret = EVP_DecryptFinal_ex(&ciph_ctx,
oblock + input_pos.data_pos, &tmp_len);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/enc_provider/rc4.c
*
* #include STD_DISCLAIMER
/* prototypes */
static krb5_error_code
k5_arcfour_docrypt(krb5_key, const krb5_data *,
- const krb5_data *, krb5_data *);
+ const krb5_data *, krb5_data *);
static krb5_error_code
k5_arcfour_free_state ( krb5_data *state);
static krb5_error_code
k5_arcfour_init_state (const krb5_keyblock *key,
- krb5_keyusage keyusage, krb5_data *new_state);
+ krb5_keyusage keyusage, krb5_data *new_state);
/* The workhorse of the arcfour system,
* this impliments the cipher
/* In-place rc4 crypto */
static krb5_error_code
k5_arcfour_docrypt(krb5_key key, const krb5_data *state,
- const krb5_data *input, krb5_data *output)
+ const krb5_data *input, krb5_data *output)
{
int ret = 0, tmp_len = 0;
unsigned char *tmp_buf = NULL;
/* In-place IOV crypto */
static krb5_error_code
k5_arcfour_docrypt_iov(krb5_key key,
- const krb5_data *state,
- krb5_crypto_iov *data,
- size_t num_data)
+ const krb5_data *state,
+ krb5_crypto_iov *data,
+ size_t num_data)
{
size_t i;
int ret = 0, tmp_len = 0;
if (ENCRYPT_IOV(iov)) {
tmp_buf=(unsigned char *)iov->data.data;
ret = EVP_EncryptUpdate(&ciph_ctx,
- tmp_buf, &tmp_len,
- (unsigned char *)iov->data.data, iov->data.length);
+ tmp_buf, &tmp_len,
+ (unsigned char *)iov->data.data, iov->data.length);
if (!ret) break;
iov->data.length = tmp_len;
}
static krb5_error_code
k5_arcfour_free_state ( krb5_data *state)
{
- return 0; /* not implemented */
+ return 0; /* not implemented */
}
static krb5_error_code
k5_arcfour_init_state (const krb5_keyblock *key,
krb5_keyusage keyusage, krb5_data *new_state)
{
- return 0; /* not implemented */
+ return 0; /* not implemented */
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_crc32_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
unsigned long c, cn;
unsigned int i;
if (output->length != CRC32_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
c = 0;
for (i=0; i<icount; i++) {
- mit_crc32(input[i].data, input[i].length, &cn);
- c ^= cn;
+ mit_crc32(input[i].data, input[i].length, &cn);
+ c ^= cn;
}
store_32_le(c, output->data);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_md4_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
krb5_MD4_CTX ctx;
unsigned int i;
if (output->length != RSA_MD4_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
krb5int_MD4Init(&ctx);
for (i=0; i<icount; i++)
- krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length);
+ krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length);
krb5int_MD4Final(&ctx);
memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
static krb5_error_code
k5_md5_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
krb5_MD5_CTX ctx;
unsigned int i;
if (output->length != RSA_MD5_CKSUM_LENGTH)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
krb5int_MD5Init(&ctx);
for (i=0; i<icount; i++)
- krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length);
+ krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length);
krb5int_MD5Final(&ctx);
memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH);
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/hash/yhash.h
*
* Copyright (C) 1998 by the FundsXpress, INC.
static krb5_error_code
k5_sha1_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+ krb5_data *output)
{
SHS_INFO ctx;
unsigned int i;
if (output->length != SHS_DIGESTSIZE)
- return(KRB5_CRYPTO_INTERNAL);
+ return(KRB5_CRYPTO_INTERNAL);
shsInit(&ctx);
for (i=0; i<icount; i++)
- shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length);
+ shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length);
shsFinal(&ctx);
if (ctx.digestLen > 0 && ctx.digestLen <= output->length){
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/hmac.c
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
krb5_error_code
krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key, unsigned int icount,
- const krb5_data *input, krb5_data *output)
+ const krb5_keyblock *key, unsigned int icount,
+ const krb5_data *input, krb5_data *output)
{
unsigned int i = 0, md_len = 0;
unsigned char md[EVP_MAX_MD_SIZE];
krb5_error_code
krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key,
- unsigned int icount, const krb5_data *input, krb5_data *output)
+ unsigned int icount, const krb5_data *input, krb5_data *output)
{
return krb5int_hmac_keyblock(hash, &key->keyblock, icount, input, output);
}
krb5_error_code
krb5int_hmac_iov(const struct krb5_hash_provider *hash, krb5_key key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
return krb5int_hmac_iov_keyblock(hash, &key->keyblock, data, num_data,
- output);
+ output);
}
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
- * lib/crypto/openssl/md4/md4.c
+ * lib/crypto/openssl/md4/md4.c
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
* All rights reserved.
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/md4/rsa-md4.h
*
#define RSA_MD4_DES_CONFOUND_LENGTH 8
/*
- **********************************************************************
- ** md4.h -- Header file for implementation of MD4 **
- ** RSA Data Security, Inc. MD4 Message Digest Algorithm **
- ** Created: 2/17/90 RLR **
- ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
- **********************************************************************
- */
+**********************************************************************
+** md4.h -- Header file for implementation of MD4 **
+** RSA Data Security, Inc. MD4 Message Digest Algorithm **
+** Created: 2/17/90 RLR **
+** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
+**********************************************************************
+*/
/*
- **********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
- ** **
- ** License to copy and use this software is granted provided that **
- ** it is identified as the "RSA Data Security, Inc. MD4 Message **
- ** Digest Algorithm" in all material mentioning or referencing this **
- ** software or this function. **
- ** **
- ** License is also granted to make and use derivative works **
- ** provided that such works are identified as "derived from the RSA **
- ** Data Security, Inc. MD4 Message Digest Algorithm" in all **
- ** material mentioning or referencing the derived work. **
- ** **
- ** RSA Data Security, Inc. makes no representations concerning **
- ** either the merchantability of this software or the suitability **
- ** of this software for any particular purpose. It is provided "as **
- ** is" without express or implied warranty of any kind. **
- ** **
- ** These notices must be retained in any copies of any part of this **
- ** documentation and/or software. **
- **********************************************************************
- */
+**********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+** **
+** License to copy and use this software is granted provided that **
+** it is identified as the "RSA Data Security, Inc. MD4 Message **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function. **
+** **
+** License is also granted to make and use derivative works **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD4 Message Digest Algorithm" in all **
+** material mentioning or referencing the derived work. **
+** **
+** RSA Data Security, Inc. makes no representations concerning **
+** either the merchantability of this software or the suitability **
+** of this software for any particular purpose. It is provided "as **
+** is" without express or implied warranty of any kind. **
+** **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software. **
+**********************************************************************
+*/
/* Data structure for MD4 (Message Digest) computation */
typedef struct {
extern void krb5int_MD4Final(krb5_MD4_CTX *);
/*
- **********************************************************************
- ** End of md4.h **
- ******************************* (cut) ********************************
- */
+**********************************************************************
+** End of md4.h **
+******************************* (cut) ********************************
+*/
#endif /* __KRB5_RSA_MD4_H__ */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/md5/md5.c
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
/* The routine krb5int_MD5Init initializes the message-digest context
mdContext. All fields are set to zero.
- */
+*/
void
krb5int_MD5Init (krb5_MD5_CTX *mdContext)
{
/* The routine krb5int_MD5Update updates the message-digest context to
account for the presence of each of the characters inBuf[0..inLen-1]
in the message whose digest is being computed.
- */
+*/
void
krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen)
{
/* The routine krb5int_MD5Final terminates the message-digest computation and
ends with the desired message digest in mdContext->digest[0...15].
- */
+*/
void
krb5int_MD5Final (krb5_MD5_CTX *mdContext)
{
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/md5/rsa-md5.h
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
*/
/*
- ***********************************************************************
- ** md5.h -- header file for implementation of MD5 **
- ** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
- ** Created: 2/17/90 RLR **
- ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
- ** Revised (for MD5): RLR 4/27/91 **
- ** -- G modified to have y&~z instead of y&z **
- ** -- FF, GG, HH modified to add in last register done **
- ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 **
- ** -- distinct additive constant for each step **
- ** -- round 4 added, working mod 7 **
- ***********************************************************************
- */
+***********************************************************************
+** md5.h -- header file for implementation of MD5 **
+** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
+** Created: 2/17/90 RLR **
+** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version **
+** Revised (for MD5): RLR 4/27/91 **
+** -- G modified to have y&~z instead of y&z **
+** -- FF, GG, HH modified to add in last register done **
+** -- Access pattern: round 2 works mod 5, round 3 works mod 3 **
+** -- distinct additive constant for each step **
+** -- round 4 added, working mod 7 **
+***********************************************************************
+*/
/*
- ***********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
- ** **
- ** License to copy and use this software is granted provided that **
- ** it is identified as the "RSA Data Security, Inc. MD5 Message- **
- ** Digest Algorithm" in all material mentioning or referencing this **
- ** software or this function. **
- ** **
- ** License is also granted to make and use derivative works **
- ** provided that such works are identified as "derived from the RSA **
- ** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
- ** material mentioning or referencing the derived work. **
- ** **
- ** RSA Data Security, Inc. makes no representations concerning **
- ** either the merchantability of this software or the suitability **
- ** of this software for any particular purpose. It is provided "as **
- ** is" without express or implied warranty of any kind. **
- ** **
- ** These notices must be retained in any copies of any part of this **
- ** documentation and/or software. **
- ***********************************************************************
- */
+***********************************************************************
+** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
+** **
+** License to copy and use this software is granted provided that **
+** it is identified as the "RSA Data Security, Inc. MD5 Message- **
+** Digest Algorithm" in all material mentioning or referencing this **
+** software or this function. **
+** **
+** License is also granted to make and use derivative works **
+** provided that such works are identified as "derived from the RSA **
+** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
+** material mentioning or referencing the derived work. **
+** **
+** RSA Data Security, Inc. makes no representations concerning **
+** either the merchantability of this software or the suitability **
+** of this software for any particular purpose. It is provided "as **
+** is" without express or implied warranty of any kind. **
+** **
+** These notices must be retained in any copies of any part of this **
+** documentation and/or software. **
+***********************************************************************
+*/
#ifndef KRB5_RSA_MD5__
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/crypto/openssl/pbkdf2.c
*
krb5_error_code
krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count,
- const krb5_data *pass, const krb5_data *salt)
+ const krb5_data *pass, const krb5_data *salt)
{
/*
* This is an implementation of PKCS#5 v2.0
* Does not return an error
*/
- PKCS5_PBKDF2_HMAC_SHA1(pass->data, pass->length,
+ PKCS5_PBKDF2_HMAC_SHA1(pass->data, pass->length,
(unsigned char *)salt->data, salt->length, count,
out->length, (unsigned char *)out->data);
return 0;
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/sha1/shs.c
*
* Copyright (C) 2009 by the Massachusetts Institute of Technology.
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef _SHS_DEFINED
#include "k5-int.h"
/* Some useful types */
-typedef krb5_octet SHS_BYTE;
-typedef krb5_ui_4 SHS_LONG;
+typedef krb5_octet SHS_BYTE;
+typedef krb5_ui_4 SHS_LONG;
/* Define the following to use the updated SHS implementation */
#define NEW_SHS /**/
/* Keyed Message digest functions (hmac_sha.c) */
krb5_error_code hmac_sha(krb5_octet *text,
- int text_len,
- krb5_octet *key,
- int key_len,
- krb5_octet *digest);
+ int text_len,
+ krb5_octet *key,
+ int key_len,
+ krb5_octet *digest);
-#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
-#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
+#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
+#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE
#endif /* _SHS_DEFINED */
-/* -*- Mode: C; c-file-style: "bsd" -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/crypto/openssl/hash/yhash.h
*/
#define HASH_Init(x) shsInit(x)
#define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz)
-#define HASH_Final(x, tdigest) do { \
- int loopvar; \
- unsigned char *out2 = (void *)(tdigest); \
- HASH_CTX *ctx = (x); \
- shsFinal(ctx); \
- memcpy(out2, ctx->digestBuf, ctx->digestLen); \
- } while(0)
+#define HASH_Final(x, tdigest) do { \
+ int loopvar; \
+ unsigned char *out2 = (void *)(tdigest); \
+ HASH_CTX *ctx = (x); \
+ shsFinal(ctx); \
+ memcpy(out2, ctx->digestBuf, ctx->digestLen); \
+ } while(0)
#define HASH_DIGEST_SIZE SHS_DIGESTSIZE