Crypto modularity proj: Populate openssl/des dir.
authorZhanna Tsitkov <tsitkova@mit.edu>
Thu, 1 Oct 2009 21:46:57 +0000 (21:46 +0000)
committerZhanna Tsitkov <tsitkova@mit.edu>
Thu, 1 Oct 2009 21:46:57 +0000 (21:46 +0000)
To avoid breaking the export list some functions (mostly mit_xxx) are left in place with the disabled functionality.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22821 dc483132-0cff-0310-8789-dd5450dbe970

15 files changed:
src/lib/crypto/openssl/des/afsstring2key.c [new file with mode: 0644]
src/lib/crypto/openssl/des/d3_aead.c [new file with mode: 0644]
src/lib/crypto/openssl/des/d3_cbc.c [new file with mode: 0644]
src/lib/crypto/openssl/des/d3_kysched.c [new file with mode: 0644]
src/lib/crypto/openssl/des/des_int.h [new file with mode: 0644]
src/lib/crypto/openssl/des/f_aead.c [new file with mode: 0644]
src/lib/crypto/openssl/des/f_cbc.c [new file with mode: 0644]
src/lib/crypto/openssl/des/f_cksum.c [new file with mode: 0644]
src/lib/crypto/openssl/des/f_parity.c [new file with mode: 0644]
src/lib/crypto/openssl/des/f_sched.c [new file with mode: 0644]
src/lib/crypto/openssl/des/f_tables.c [new file with mode: 0644]
src/lib/crypto/openssl/des/f_tables.h [new file with mode: 0644]
src/lib/crypto/openssl/des/key_sched.c [new file with mode: 0644]
src/lib/crypto/openssl/des/string2key.c [new file with mode: 0644]
src/lib/crypto/openssl/des/weak_key.c [new file with mode: 0644]

diff --git a/src/lib/crypto/openssl/des/afsstring2key.c b/src/lib/crypto/openssl/des/afsstring2key.c
new file mode 100644 (file)
index 0000000..031db58
--- /dev/null
@@ -0,0 +1,27 @@
+/* lib/crypto/openss/des/afsstring2key.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "k5-int.h"
+#include "des_int.h"
+#include <ctype.h>
+
+krb5_error_code
+mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
+                      const krb5_data *salt)
+{
+    return KRB5_CRYPTO_INTERNAL; 
+}
+char *
+mit_afs_crypt(const char *pw, const char *salt,
+                char *iobuf)
+{
+    /* Unsupported operation */
+    return NULL;
+}
+
+
diff --git a/src/lib/crypto/openssl/des/d3_aead.c b/src/lib/crypto/openssl/des/d3_aead.c
new file mode 100644 (file)
index 0000000..cd99886
--- /dev/null
@@ -0,0 +1,34 @@
+/* lib/crypto/openssl/des/d3_aead.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+#include "des_int.h"
+#include "aead.h"
+
+void
+krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
+                            unsigned long num_data,
+                            const mit_des_key_schedule ks1,
+                            const mit_des_key_schedule ks2,
+                            const mit_des_key_schedule ks3,
+                            mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort();
+}
+
+void
+krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
+                            unsigned long num_data,
+                            const mit_des_key_schedule ks1,
+                            const mit_des_key_schedule ks2,
+                            const mit_des_key_schedule ks3,
+                            mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort();
+}
+
diff --git a/src/lib/crypto/openssl/des/d3_cbc.c b/src/lib/crypto/openssl/des/d3_cbc.c
new file mode 100644 (file)
index 0000000..98caab5
--- /dev/null
@@ -0,0 +1,51 @@
+/* lib/crypto/openssl/des/d3_cbc.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+#include "des_int.h"
+
+/*
+ * Triple-DES CBC encryption mode.
+ */
+
+#undef mit_des3_cbc_encrypt
+int
+mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+                    unsigned long length, const mit_des_key_schedule ks1,
+                    const mit_des_key_schedule ks2,
+                    const mit_des_key_schedule ks3,
+                    const mit_des_cblock ivec, int enc)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL;
+}
+
+void
+krb5int_des3_cbc_encrypt(const mit_des_cblock *input,
+                        mit_des_cblock *output,
+                        unsigned long length,
+                        const mit_des_key_schedule key,
+                        const mit_des_key_schedule ks2,
+                        const mit_des_key_schedule ks3,
+                        const mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort();
+}
+
+void
+krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
+                        mit_des_cblock *out,
+                        unsigned long length,
+                        const mit_des_key_schedule ks1,
+                        const mit_des_key_schedule ks2,
+                        const mit_des_key_schedule ks3,
+                        const mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort();
+}
+
diff --git a/src/lib/crypto/openssl/des/d3_kysched.c b/src/lib/crypto/openssl/des/d3_kysched.c
new file mode 100644 (file)
index 0000000..fb42e79
--- /dev/null
@@ -0,0 +1,18 @@
+/* lib/crypto/openssl/des/d3_kysched.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+
+int
+mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL;
+}
+
+
diff --git a/src/lib/crypto/openssl/des/des_int.h b/src/lib/crypto/openssl/des/des_int.h
new file mode 100644 (file)
index 0000000..fd2024a
--- /dev/null
@@ -0,0 +1,377 @@
+/*
+ * lib/crypto/des/des_int.h
+ *
+ * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
+ * Technology.  All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ *
+ * Private include file for the Data Encryption Standard library.
+ */
+
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* only do the whole thing once         */
+#ifndef DES_INTERNAL_DEFS
+#define DES_INTERNAL_DEFS
+
+#include "k5-int.h"
+/*
+ * Begin "mit-des.h"
+ */
+#ifndef KRB5_MIT_DES__
+#define KRB5_MIT_DES__
+
+#if defined(__MACH__) && defined(__APPLE__)
+#include <TargetConditionals.h>
+#include <AvailabilityMacros.h>
+#if TARGET_RT_MAC_CFM
+#error "Use KfM 4.0 SDK headers for CFM compilation."
+#endif
+#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
+#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
+#endif
+#endif /* defined(__MACH__) && defined(__APPLE__) */
+
+/* Macro to add deprecated attribute to DES types and functions */
+/* Currently only defined on Mac OS X 10.5 and later.           */
+#ifndef KRB5INT_DES_DEPRECATED
+#define KRB5INT_DES_DEPRECATED
+#endif
+
+#include <limits.h>
+
+#if UINT_MAX >= 0xFFFFFFFFUL
+#define DES_INT32 int
+#define DES_UINT32 unsigned int
+#else
+#define DES_INT32 long
+#define DES_UINT32 unsigned long
+#endif
+
+typedef unsigned char des_cblock[8]    /* crypto-block size */
+KRB5INT_DES_DEPRECATED;
+
+/*
+ * Key schedule.
+ *
+ * This used to be
+ *
+ * typedef struct des_ks_struct {
+ *     union { DES_INT32 pad; des_cblock _;} __;
+ * } des_key_schedule[16];
+ *
+ * but it would cause trouble if DES_INT32 were ever more than 4
+ * bytes.  The reason is that all the encryption functions cast it to
+ * (DES_INT32 *), and treat it as if it were DES_INT32[32].  If
+ * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
+ * caller-allocated des_key_schedule will be overflowed by the key
+ * scheduling functions.  We can't assume that every platform will
+ * have an exact 32-bit int, and nothing should be looking inside a
+ * des_key_schedule anyway.
+ */
+typedef struct des_ks_struct {  DES_INT32 _[2]; } des_key_schedule[16] 
+KRB5INT_DES_DEPRECATED;
+
+typedef des_cblock mit_des_cblock;
+typedef des_key_schedule mit_des_key_schedule;
+
+/* Triple-DES structures */
+typedef mit_des_cblock         mit_des3_cblock[3];
+typedef mit_des_key_schedule   mit_des3_key_schedule[3];
+
+#define MIT_DES_ENCRYPT        1
+#define MIT_DES_DECRYPT        0
+
+typedef struct mit_des_ran_key_seed {
+    krb5_encrypt_block eblock;
+    krb5_data sequence;
+} mit_des_random_state;
+
+/* the first byte of the key is already in the keyblock */
+
+#define MIT_DES_BLOCK_LENGTH           (8*sizeof(krb5_octet))
+#define        MIT_DES_CBC_CRC_PAD_MINIMUM     CRC32_CKSUM_LENGTH
+/* This used to be 8*sizeof(krb5_octet) */
+#define MIT_DES_KEYSIZE                        8
+
+#define MIT_DES_CBC_CKSUM_LENGTH       (4*sizeof(krb5_octet))
+
+/*
+ * Check if k5-int.h has been included before us.  If so, then check to see
+ * that our view of the DES key size is the same as k5-int.h's.
+ */
+#ifdef KRB5_MIT_DES_KEYSIZE
+#if    MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
+error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
+#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES__ */
+/*
+ * End "mit-des.h"
+ */
+
+/* afsstring2key.c */
+extern krb5_error_code mit_afs_string_to_key
+       (krb5_keyblock *keyblock,
+                  const krb5_data *data,
+                  const krb5_data *salt);
+extern char *mit_afs_crypt
+    (const char *pw, const char *salt, char *iobuf);
+
+/* f_cksum.c */
+extern unsigned long mit_des_cbc_cksum
+    (const krb5_octet *, krb5_octet *, unsigned long ,
+     const mit_des_key_schedule, const krb5_octet *);
+
+/* f_ecb.c */
+extern int mit_des_ecb_encrypt
+    (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int );
+
+/* f_cbc.c */
+extern int mit_des_cbc_encrypt (const mit_des_cblock *in,
+                               mit_des_cblock *out,
+                               unsigned long length,
+                               const mit_des_key_schedule schedule,
+                               const mit_des_cblock ivec, int enc);
+    
+#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
+extern const mit_des_cblock mit_des_zeroblock;
+
+/* fin_rndkey.c */
+extern krb5_error_code mit_des_finish_random_key
+    ( const krb5_encrypt_block *,
+               krb5_pointer *);
+
+/* finish_key.c */
+extern krb5_error_code mit_des_finish_key
+    ( krb5_encrypt_block *);
+
+/* init_rkey.c */
+extern krb5_error_code mit_des_init_random_key
+    ( const krb5_encrypt_block *,
+               const krb5_keyblock *,
+               krb5_pointer *);
+
+/* key_parity.c */
+extern void mit_des_fixup_key_parity (mit_des_cblock );
+extern int mit_des_check_key_parity (mit_des_cblock );
+
+/* key_sched.c */
+extern int mit_des_key_sched
+    (mit_des_cblock , mit_des_key_schedule );
+
+/* process_ky.c */
+extern krb5_error_code mit_des_process_key
+    ( krb5_encrypt_block *,  const krb5_keyblock *);
+
+/* random_key.c */
+extern krb5_error_code mit_des_random_key
+    ( const krb5_encrypt_block *, krb5_pointer ,
+                krb5_keyblock **);
+
+/* string2key.c */
+extern krb5_error_code mit_des_string_to_key
+    ( const krb5_encrypt_block *, 
+              krb5_keyblock *, const krb5_data *, const krb5_data *);
+extern krb5_error_code mit_des_string_to_key_int
+       (krb5_keyblock *, const krb5_data *, const krb5_data *);
+
+/* weak_key.c */
+extern int mit_des_is_weak_key (mit_des_cblock );
+
+/* cmb_keys.c */
+krb5_error_code mit_des_combine_subkeys
+    (const krb5_keyblock *, const krb5_keyblock *,
+              krb5_keyblock **);
+
+/* f_pcbc.c */
+int mit_des_pcbc_encrypt ();
+
+/* f_sched.c */
+int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
+
+
+/* misc.c */
+extern void swap_bits (char *);
+extern unsigned long long_swap_bits (unsigned long );
+extern unsigned long swap_six_bits_to_ansi (unsigned long );
+extern unsigned long swap_four_bits_to_ansi (unsigned long );
+extern unsigned long swap_bit_pos_1 (unsigned long );
+extern unsigned long swap_bit_pos_0 (unsigned long );
+extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
+extern unsigned long rev_swap_bit_pos_0 (unsigned long );
+extern unsigned long swap_byte_bits (unsigned long );
+extern unsigned long swap_long_bytes_bit_number (unsigned long );
+#ifdef FILE
+/* XXX depends on FILE being a #define! */
+extern void test_set (FILE *, const char *, int, const char *, int);
+#endif
+
+/* d3_ecb.c */
+extern int mit_des3_ecb_encrypt
+       (const mit_des_cblock *in,
+                  mit_des_cblock *out,
+                  mit_des_key_schedule sched1,
+                  mit_des_key_schedule sched2,
+                  mit_des_key_schedule sched3,
+                  int enc);
+
+/* d3_cbc.c */
+extern int mit_des3_cbc_encrypt
+       (const mit_des_cblock *in,
+        mit_des_cblock *out,
+        unsigned long length,
+        const mit_des_key_schedule ks1,
+        const mit_des_key_schedule ks2,
+        const mit_des_key_schedule ks3,
+        const mit_des_cblock ivec,
+        int enc);
+
+void
+krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
+                        mit_des_cblock *out,
+                        unsigned long length,
+                        const mit_des_key_schedule ks1,
+                        const mit_des_key_schedule ks2,
+                        const mit_des_key_schedule ks3,
+                        const mit_des_cblock ivec);
+void
+krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
+                        mit_des_cblock *out,
+                        unsigned long length,
+                        const mit_des_key_schedule ks1,
+                        const mit_des_key_schedule ks2,
+                        const mit_des_key_schedule ks3,
+                        const mit_des_cblock ivec);
+
+void
+krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
+                            unsigned long num_data,
+                            const mit_des_key_schedule ks1,
+                            const mit_des_key_schedule ks2,
+                            const mit_des_key_schedule ks3,
+                            mit_des_cblock ivec);
+
+void
+krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
+                            unsigned long num_data,
+                            const mit_des_key_schedule ks1,
+                            const mit_des_key_schedule ks2,
+                            const mit_des_key_schedule ks3,
+                            mit_des_cblock ivec);
+
+#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \
+    ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \
+     (in, out, length, ks1, ks2, ks3, ivec), 0)
+
+void
+krb5int_des_cbc_encrypt(const mit_des_cblock *in,
+                       mit_des_cblock *out,
+                       unsigned long length,
+                       const mit_des_key_schedule schedule,
+                       const mit_des_cblock ivec);
+void
+krb5int_des_cbc_decrypt(const mit_des_cblock *in,
+                       mit_des_cblock *out,
+                       unsigned long length,
+                       const mit_des_key_schedule schedule,
+                       const mit_des_cblock ivec);
+
+#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \
+    ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \
+     (in, out, length, schedule, ivec), 0)
+
+void
+krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
+                           unsigned long num_data,
+                           const mit_des_key_schedule schedule,
+                           mit_des_cblock ivec);
+
+void
+krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
+                           unsigned long num_data,
+                           const mit_des_key_schedule schedule,
+                           mit_des_cblock ivec);
+
+/* d3_procky.c */
+extern krb5_error_code mit_des3_process_key
+       (krb5_encrypt_block * eblock,
+                  const krb5_keyblock * keyblock);
+
+/* d3_kysched.c */
+extern int mit_des3_key_sched
+       (mit_des3_cblock key,
+                  mit_des3_key_schedule schedule);
+
+/* d3_str2ky.c */
+extern krb5_error_code mit_des3_string_to_key
+       (const krb5_encrypt_block * eblock,
+                  krb5_keyblock * keyblock,
+                  const krb5_data * data,
+                  const krb5_data * salt);
+
+/* u_nfold.c */
+extern krb5_error_code mit_des_n_fold
+       (const krb5_octet * input,
+                  const size_t in_len,
+                  krb5_octet * output,
+                  const size_t out_len);
+
+/* u_rn_key.c */
+extern int mit_des_is_weak_keyblock
+       (krb5_keyblock *keyblock);
+
+extern void mit_des_fixup_keyblock_parity
+       (krb5_keyblock *keyblock);
+
+extern krb5_error_code mit_des_set_random_generator_seed
+       (const krb5_data * seed,
+                  krb5_pointer random_state);
+
+extern krb5_error_code mit_des_set_random_sequence_number
+       (const krb5_data * sequence,
+                  krb5_pointer random_state);
+#endif /*DES_INTERNAL_DEFS*/
diff --git a/src/lib/crypto/openssl/des/f_aead.c b/src/lib/crypto/openssl/des/f_aead.c
new file mode 100644 (file)
index 0000000..2046475
--- /dev/null
@@ -0,0 +1,33 @@
+/* lib/crypto/openssl/des/f_aead.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+#include "aead.h"
+
+
+void
+krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
+                           unsigned long num_data,
+                           const mit_des_key_schedule schedule,
+                           mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort(); 
+}
+
+void
+krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
+                           unsigned long num_data,
+                           const mit_des_key_schedule schedule,
+                            mit_des_cblock iv)
+{
+    /* Unsupported operation */
+    abort(); 
+}
+
+
diff --git a/src/lib/crypto/openssl/des/f_cbc.c b/src/lib/crypto/openssl/des/f_cbc.c
new file mode 100644 (file)
index 0000000..55b648f
--- /dev/null
@@ -0,0 +1,89 @@
+/*
+ * lib/crypto/openssldes/f_cbc.c
+ *
+ * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * DES implementation donated by Dennis Ferguson
+ */
+
+/*
+ * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
+ */
+#include "des_int.h"
+
+/*
+ * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
+ */
+
+/*
+ * This routine performs DES cipher-block-chaining operation, either
+ * encrypting from cleartext to ciphertext, if encrypt != 0 or
+ * decrypting from ciphertext to cleartext, if encrypt == 0.
+ *
+ * The key schedule is passed as an arg, as well as the cleartext or
+ * ciphertext.  The cleartext and ciphertext should be in host order.
+ *
+ * NOTE-- the output is ALWAYS an multiple of 8 bytes long.  If not
+ * enough space was provided, your program will get trashed.
+ *
+ * For encryption, the cleartext string is null padded, at the end, to
+ * an integral multiple of eight bytes.
+ *
+ * For decryption, the ciphertext will be used in integral multiples
+ * of 8 bytes, but only the first "length" bytes returned into the
+ * cleartext.
+ */
+
+const mit_des_cblock mit_des_zeroblock /* = all zero */;
+
+#undef mit_des_cbc_encrypt
+int
+mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+                   unsigned long length, const mit_des_key_schedule schedule,
+                   const mit_des_cblock ivec, int enc)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL;
+}
+void
+krb5int_des_cbc_encrypt(const mit_des_cblock *in,
+                       mit_des_cblock *out,
+                       unsigned long length,
+                       const mit_des_key_schedule schedule,
+                       const mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort();
+}
+
+void
+krb5int_des_cbc_decrypt(const mit_des_cblock *in,
+                       mit_des_cblock *out,
+                       unsigned long length,
+                       const mit_des_key_schedule schedule,
+                       const mit_des_cblock ivec)
+{
+    /* Unsupported operation */
+    abort();
+}
+
diff --git a/src/lib/crypto/openssl/des/f_cksum.c b/src/lib/crypto/openssl/des/f_cksum.c
new file mode 100644 (file)
index 0000000..c49c8fd
--- /dev/null
@@ -0,0 +1,18 @@
+/*
+ * lib/crypto/openssl/des/f_cksum.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ */
+
+#include "des_int.h"
+
+unsigned long
+mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
+                 unsigned long length, const mit_des_key_schedule schedule,
+                 const krb5_octet *ivec)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL; 
+}
+
diff --git a/src/lib/crypto/openssl/des/f_parity.c b/src/lib/crypto/openssl/des/f_parity.c
new file mode 100644 (file)
index 0000000..1a83db6
--- /dev/null
@@ -0,0 +1,29 @@
+/*
+ * lib/crypto/openssl/des/f_parity.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ */
+
+#include "des_int.h"
+#include <openssl/des.h>
+
+void
+mit_des_fixup_key_parity(mit_des_cblock key)
+{
+   DES_set_odd_parity(key);
+}
+
+/*
+ * des_check_key_parity: returns true iff key has the correct des parity.
+ *                       See des_fix_key_parity for the definition of
+ *                       correct des parity.
+ */
+int
+mit_des_check_key_parity(mit_des_cblock key)
+{
+    if (!DES_check_key_parity(key))
+                return(0);
+    return (1);
+}
+
diff --git a/src/lib/crypto/openssl/des/f_sched.c b/src/lib/crypto/openssl/des/f_sched.c
new file mode 100644 (file)
index 0000000..e833132
--- /dev/null
@@ -0,0 +1,15 @@
+/*
+ * lib/crypto/openssl/des/f_sched.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ */
+
+#include "des_int.h"
+
+int
+mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
+{
+    return KRB5_CRYPTO_INTERNAL; // CRYPTO_UNSOPPERTED_OP
+}
+
diff --git a/src/lib/crypto/openssl/des/f_tables.c b/src/lib/crypto/openssl/des/f_tables.c
new file mode 100644 (file)
index 0000000..a8d161d
--- /dev/null
@@ -0,0 +1,17 @@
+/*
+ * lib/crypto/openssl/des/f_tables.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+#include "f_tables.h"
+
+const unsigned DES_INT32 des_IP_table[] = {};
+const unsigned DES_INT32 des_FP_table[] = {};
+const unsigned DES_INT32 des_SP_table[] = {};
+
+
diff --git a/src/lib/crypto/openssl/des/f_tables.h b/src/lib/crypto/openssl/des/f_tables.h
new file mode 100644 (file)
index 0000000..af20cd5
--- /dev/null
@@ -0,0 +1,9 @@
+/*
+ * lib/crypto/des/f_tables.h
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
diff --git a/src/lib/crypto/openssl/des/key_sched.c b/src/lib/crypto/openssl/des/key_sched.c
new file mode 100644 (file)
index 0000000..1007ec9
--- /dev/null
@@ -0,0 +1,18 @@
+/*
+ * lib/crypto/openssl/des/key_sched.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+
+int
+mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+{
+    /* Unsupported operation */
+    return KRB5_CRYPTO_INTERNAL; 
+}
+
diff --git a/src/lib/crypto/openssl/des/string2key.c b/src/lib/crypto/openssl/des/string2key.c
new file mode 100644 (file)
index 0000000..775a153
--- /dev/null
@@ -0,0 +1,26 @@
+/*
+ * lib/crypto/openssl/des/string2key.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+#include <openssl/des.h>
+
+
+krb5_error_code
+mit_des_string_to_key_int (krb5_keyblock *key,
+                          const krb5_data *pw, const krb5_data *salt)
+{
+    DES_cblock outkey;
+    DES_string_to_key(pw->data, &outkey);
+    if ( key->length <  sizeof(outkey))
+        return KRB5_CRYPTO_INTERNAL;
+    key->length = sizeof(outkey);
+    memcpy(key->contents, outkey, key->length); 
+    return 0;
+}
+
diff --git a/src/lib/crypto/openssl/des/weak_key.c b/src/lib/crypto/openssl/des/weak_key.c
new file mode 100644 (file)
index 0000000..7f97083
--- /dev/null
@@ -0,0 +1,87 @@
+/*
+ * lib/crypto/openssl/des/weak_key.c
+ *
+ * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ *
+ * Under U.S. law, this software may not be exported outside the US
+ * without license from the U.S. Commerce department.
+ *
+ * These routines form the library interface to the DES facilities.
+ *
+ * Originally written 8/85 by Steve Miller, MIT Project Athena.
+ */
+
+#include "des_int.h"
+
+/*
+ * The following are the weak DES keys:
+ */
+static const mit_des_cblock weak[16] = {
+    /* weak keys */
+    {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+    {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
+    {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
+    {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
+
+    /* semi-weak */
+    {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
+    {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
+
+    {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
+    {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
+
+    {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
+    {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
+
+    {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
+    {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
+
+    {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
+    {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
+
+    {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
+    {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
+};
+
+/*
+ * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
+ *
+ * Requires: key has correct odd parity.
+ */
+int
+mit_des_is_weak_key(mit_des_cblock key)
+{
+    unsigned int i;
+    const mit_des_cblock *weak_p = weak;
+
+    for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
+       if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))  
+           return 1;
+    }
+    if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */
+           return 1;
+
+    return 0;
+}
+