Consolidate almost all lib/crypto/krb headers into a single
authorGreg Hudson <ghudson@mit.edu>
Wed, 2 Mar 2011 05:29:29 +0000 (05:29 +0000)
committerGreg Hudson <ghudson@mit.edu>
Wed, 2 Mar 2011 05:29:29 +0000 (05:29 +0000)
crypto_int.h.  In that header, define and document responsibilities
for crypto modules, some of which are satisfied through a
module-specific crypto_mod.h.  In the OpenSSL and NSS modules, remove
many of the headers and sources providing functionality which isn't
needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and
SHA-1 hashing, as well as DES weak key testing).  Change most
Makefile.ins to only include headers from lib/crypto/krb and
lib/crypto/$(CRYPTO_IMPL), instead of from many different directories.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970

212 files changed:
src/include/k5-int.h
src/lib/crypto/builtin/Makefile.in
src/lib/crypto/builtin/crypto_mod.h [moved from src/lib/crypto/openssl/sha2/sha2.h with 73% similarity]
src/lib/crypto/builtin/deps
src/lib/crypto/builtin/des/Makefile.in
src/lib/crypto/builtin/des/afsstring2key.c
src/lib/crypto/builtin/des/d3_aead.c
src/lib/crypto/builtin/des/deps
src/lib/crypto/builtin/des/des_int.h
src/lib/crypto/builtin/des/f_aead.c
src/lib/crypto/builtin/des/f_parity.c
src/lib/crypto/builtin/des/string2key.c
src/lib/crypto/builtin/enc_provider/Makefile.in
src/lib/crypto/builtin/enc_provider/aes.c
src/lib/crypto/builtin/enc_provider/camellia.c
src/lib/crypto/builtin/enc_provider/deps
src/lib/crypto/builtin/enc_provider/des.c
src/lib/crypto/builtin/enc_provider/des3.c
src/lib/crypto/builtin/enc_provider/rc4.c
src/lib/crypto/builtin/hash_provider/Makefile.in
src/lib/crypto/builtin/hash_provider/deps
src/lib/crypto/builtin/hash_provider/hash_crc32.c
src/lib/crypto/builtin/hash_provider/hash_md4.c
src/lib/crypto/builtin/hash_provider/hash_md5.c
src/lib/crypto/builtin/hash_provider/hash_sha1.c
src/lib/crypto/builtin/hmac.c
src/lib/crypto/builtin/init.c
src/lib/crypto/builtin/pbkdf2.c
src/lib/crypto/crypto_tests/Makefile.in
src/lib/crypto/crypto_tests/aes-test.c
src/lib/crypto/crypto_tests/deps
src/lib/crypto/crypto_tests/t_cmac.c
src/lib/crypto/crypto_tests/t_crc.c
src/lib/crypto/crypto_tests/t_cts.c
src/lib/crypto/crypto_tests/t_derive.c
src/lib/crypto/crypto_tests/t_encrypt.c
src/lib/crypto/crypto_tests/t_hmac.c
src/lib/crypto/crypto_tests/t_mddriver.c
src/lib/crypto/crypto_tests/t_nfold.c
src/lib/crypto/crypto_tests/vectors.c
src/lib/crypto/krb/Makefile.in
src/lib/crypto/krb/aead.c
src/lib/crypto/krb/aead.h [deleted file]
src/lib/crypto/krb/arcfour/Makefile.in
src/lib/crypto/krb/arcfour/arcfour.c
src/lib/crypto/krb/arcfour/arcfour.h [deleted file]
src/lib/crypto/krb/arcfour/arcfour_s2k.c
src/lib/crypto/krb/arcfour/deps
src/lib/crypto/krb/block_size.c
src/lib/crypto/krb/cf2.c
src/lib/crypto/krb/checksum/Makefile.in
src/lib/crypto/krb/checksum/cbc.c
src/lib/crypto/krb/checksum/cmac.c
src/lib/crypto/krb/checksum/confounder.c
src/lib/crypto/krb/checksum/deps
src/lib/crypto/krb/checksum/hmac_md5.c
src/lib/crypto/krb/checksum/unkeyed.c
src/lib/crypto/krb/checksum_length.c
src/lib/crypto/krb/cksumtype_to_string.c
src/lib/crypto/krb/cksumtypes.c
src/lib/crypto/krb/cksumtypes.h [deleted file]
src/lib/crypto/krb/coll_proof_cksum.c
src/lib/crypto/krb/combine_keys.c
src/lib/crypto/krb/crc32/Makefile.in
src/lib/crypto/krb/crc32/crc-32.h [deleted file]
src/lib/crypto/krb/crc32/crc32.c
src/lib/crypto/krb/crc32/deps
src/lib/crypto/krb/crypto_int.h [new file with mode: 0644]
src/lib/crypto/krb/crypto_length.c
src/lib/crypto/krb/crypto_libinit.c
src/lib/crypto/krb/decrypt.c
src/lib/crypto/krb/decrypt_iov.c
src/lib/crypto/krb/default_state.c
src/lib/crypto/krb/deps
src/lib/crypto/krb/dk/Makefile.in
src/lib/crypto/krb/dk/checksum_cmac.c
src/lib/crypto/krb/dk/checksum_hmac.c
src/lib/crypto/krb/dk/deps
src/lib/crypto/krb/dk/derive.c
src/lib/crypto/krb/dk/dk.h [deleted file]
src/lib/crypto/krb/dk/dk_aead.c
src/lib/crypto/krb/dk/dk_cmac.c
src/lib/crypto/krb/dk/stringtokey.c
src/lib/crypto/krb/encrypt.c
src/lib/crypto/krb/encrypt_iov.c
src/lib/crypto/krb/encrypt_length.c
src/lib/crypto/krb/enctype_util.c
src/lib/crypto/krb/etypes.c
src/lib/crypto/krb/etypes.h [deleted file]
src/lib/crypto/krb/key.c
src/lib/crypto/krb/keyblocks.c
src/lib/crypto/krb/keyed_checksum_types.c
src/lib/crypto/krb/keyed_cksum.c
src/lib/crypto/krb/keylengths.c
src/lib/crypto/krb/make_checksum.c
src/lib/crypto/krb/make_checksum_iov.c
src/lib/crypto/krb/make_random_key.c
src/lib/crypto/krb/mandatory_sumtype.c
src/lib/crypto/krb/nfold.c
src/lib/crypto/krb/old/Makefile.in
src/lib/crypto/krb/old/deps
src/lib/crypto/krb/old/des_stringtokey.c
src/lib/crypto/krb/old/old.h [deleted file]
src/lib/crypto/krb/old/old_aead.c
src/lib/crypto/krb/old_api_glue.c
src/lib/crypto/krb/prf.c
src/lib/crypto/krb/prf/Makefile.in
src/lib/crypto/krb/prf/cmac_prf.c
src/lib/crypto/krb/prf/deps
src/lib/crypto/krb/prf/des_prf.c
src/lib/crypto/krb/prf/dk_prf.c
src/lib/crypto/krb/prf/prf_int.h [deleted file]
src/lib/crypto/krb/prf/rc4_prf.c
src/lib/crypto/krb/prng.c
src/lib/crypto/krb/prng.h [deleted file]
src/lib/crypto/krb/prng_fortuna.c
src/lib/crypto/krb/prng_nss.c
src/lib/crypto/krb/prng_os.c
src/lib/crypto/krb/random_to_key.c
src/lib/crypto/krb/raw/deps
src/lib/crypto/krb/raw/raw.h [deleted file]
src/lib/crypto/krb/raw/raw_aead.c
src/lib/crypto/krb/state.c
src/lib/crypto/krb/string_to_cksumtype.c
src/lib/crypto/krb/string_to_key.c
src/lib/crypto/krb/valid_cksumtype.c
src/lib/crypto/krb/verify_checksum.c
src/lib/crypto/krb/verify_checksum_iov.c
src/lib/crypto/libk5crypto.exports
src/lib/crypto/nss/Makefile.in
src/lib/crypto/nss/aes/Makefile.in
src/lib/crypto/nss/camellia/Makefile.in
src/lib/crypto/nss/crypto_mod.h [moved from src/lib/crypto/openssl/md4/md4.c with 63% similarity]
src/lib/crypto/nss/deps
src/lib/crypto/nss/des/Makefile.in
src/lib/crypto/nss/des/deps
src/lib/crypto/nss/des/des_int.h [deleted file]
src/lib/crypto/nss/des/des_oldapis.c
src/lib/crypto/nss/des/f_parity.c
src/lib/crypto/nss/des/string2key.c
src/lib/crypto/nss/des/weak_key.c [deleted file]
src/lib/crypto/nss/enc_provider/Makefile.in
src/lib/crypto/nss/enc_provider/aes.c
src/lib/crypto/nss/enc_provider/camellia.c
src/lib/crypto/nss/enc_provider/deps
src/lib/crypto/nss/enc_provider/des.c
src/lib/crypto/nss/enc_provider/des3.c
src/lib/crypto/nss/enc_provider/enc_gen.c
src/lib/crypto/nss/enc_provider/enc_provider.h [deleted file]
src/lib/crypto/nss/enc_provider/rc4.c
src/lib/crypto/nss/hash_provider/Makefile.in
src/lib/crypto/nss/hash_provider/deps
src/lib/crypto/nss/hash_provider/hash_crc32.c
src/lib/crypto/nss/hash_provider/hash_gen.c
src/lib/crypto/nss/hash_provider/hash_md4.c
src/lib/crypto/nss/hash_provider/hash_md5.c
src/lib/crypto/nss/hash_provider/hash_provider.h [deleted file]
src/lib/crypto/nss/hash_provider/hash_sha1.c
src/lib/crypto/nss/hmac.c
src/lib/crypto/nss/md4/Makefile.in
src/lib/crypto/nss/md5/Makefile.in
src/lib/crypto/nss/md5/deps
src/lib/crypto/nss/md5/md5.c [deleted file]
src/lib/crypto/nss/md5/rsa-md5.h [deleted file]
src/lib/crypto/nss/pbkdf2.c
src/lib/crypto/nss/prng.c
src/lib/crypto/nss/sha1/Makefile.in
src/lib/crypto/nss/sha1/deps
src/lib/crypto/nss/sha1/shs.c [deleted file]
src/lib/crypto/nss/sha1/shs.h [deleted file]
src/lib/crypto/nss/sha2/Makefile.in
src/lib/crypto/openssl/Makefile.in
src/lib/crypto/openssl/camellia/Makefile.in
src/lib/crypto/openssl/crypto_mod.h [moved from src/lib/crypto/openssl/aes/aes.h with 72% similarity]
src/lib/crypto/openssl/deps
src/lib/crypto/openssl/des/Makefile.in
src/lib/crypto/openssl/des/deps
src/lib/crypto/openssl/des/des_int.h [deleted file]
src/lib/crypto/openssl/des/des_oldapis.c
src/lib/crypto/openssl/des/f_parity.c
src/lib/crypto/openssl/des/string2key.c
src/lib/crypto/openssl/des/weak_key.c [deleted file]
src/lib/crypto/openssl/enc_provider/Makefile.in
src/lib/crypto/openssl/enc_provider/aes.c
src/lib/crypto/openssl/enc_provider/camellia.c
src/lib/crypto/openssl/enc_provider/deps
src/lib/crypto/openssl/enc_provider/des.c
src/lib/crypto/openssl/enc_provider/des3.c
src/lib/crypto/openssl/enc_provider/enc_provider.h [deleted file]
src/lib/crypto/openssl/enc_provider/rc4.c
src/lib/crypto/openssl/hash_provider/Makefile.in
src/lib/crypto/openssl/hash_provider/deps
src/lib/crypto/openssl/hash_provider/hash_crc32.c
src/lib/crypto/openssl/hash_provider/hash_md4.c
src/lib/crypto/openssl/hash_provider/hash_md5.c
src/lib/crypto/openssl/hash_provider/hash_provider.h [deleted file]
src/lib/crypto/openssl/hash_provider/hash_sha1.c
src/lib/crypto/openssl/hmac.c
src/lib/crypto/openssl/init.c
src/lib/crypto/openssl/md4/Makefile.in
src/lib/crypto/openssl/md4/deps
src/lib/crypto/openssl/md4/rsa-md4.h [deleted file]
src/lib/crypto/openssl/md5/Makefile.in
src/lib/crypto/openssl/md5/deps
src/lib/crypto/openssl/md5/md5.c [deleted file]
src/lib/crypto/openssl/md5/rsa-md5.h [deleted file]
src/lib/crypto/openssl/pbkdf2.c
src/lib/crypto/openssl/sha1/Makefile.in
src/lib/crypto/openssl/sha1/deps
src/lib/crypto/openssl/sha1/shs.c [deleted file]
src/lib/crypto/openssl/sha1/shs.h [deleted file]
src/lib/crypto/openssl/sha2/Makefile.in

index 779b25bdbea5c33086624480aa1c6a0db1ec79be..830abd5e040d6b02bfa2c204dce2e7fbb2faec15 100644 (file)
@@ -643,61 +643,6 @@ struct krb5_key_st {
     void *cache;
 };
 
-/* new encryption provider api */
-
-struct krb5_enc_provider {
-    /* keybytes is the input size to make_key;
-       keylength is the output size */
-    size_t block_size, keybytes, keylength;
-
-    krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state,
-                               krb5_crypto_iov *data, size_t num_data);
-
-    krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state,
-                               krb5_crypto_iov *data, size_t num_data);
-
-    /* May be NULL if the cipher is not used for a cbc-mac checksum. */
-    krb5_error_code (*cbc_mac)(krb5_key key, const krb5_crypto_iov *data,
-                               size_t num_data, const krb5_data *ivec,
-                               krb5_data *output);
-
-    krb5_error_code (*init_state)(const krb5_keyblock *key,
-                                  krb5_keyusage keyusage,
-                                  krb5_data *out_state);
-    krb5_error_code (*free_state)(krb5_data *state);
-
-    /* May be NULL if there is no key-derived data cached.  */
-    void (*key_cleanup)(krb5_key key);
-};
-
-struct krb5_hash_provider {
-    char hash_name[8];
-    size_t hashsize, blocksize;
-
-    krb5_error_code (*hash)(const krb5_crypto_iov *data, size_t num_data,
-                            krb5_data *output);
-};
-
-/*
- * in here to deal with stuff from lib/crypto
- */
-
-void krb5int_nfold(unsigned int inbits, const unsigned char *in,
-                   unsigned int outbits, unsigned char *out);
-
-krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
-                             krb5_key key, const krb5_crypto_iov *data,
-                             size_t num_data, krb5_data *output);
-
-krb5_error_code
-krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
-                      const krb5_keyblock *keyblock,
-                      const krb5_crypto_iov *data, size_t num_data,
-                      krb5_data *output);
-
-krb5_error_code krb5int_pbkdf2_hmac_sha1(const krb5_data *, unsigned long,
-                                         const krb5_data *, const krb5_data *);
-
 /* These crypto functions are used by GSSAPI via the accessor. */
 
 krb5_error_code
@@ -757,21 +702,6 @@ zapfree(void *ptr, size_t len)
     }
 }
 
-/* A definition of init_state for DES based encryption systems.
- * sets up an 8-byte IV of all zeros
- */
-
-krb5_error_code
-krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage keyusage,
-                       krb5_data *new_state);
-
-/*
- * normally to free a cipher_state you can just memset the length to zero and
- * free it.
- */
-krb5_error_code krb5int_default_free_state(krb5_data *state);
-
-
 /*
  * Combine two keys (normally used by the hardware preauth mechanism)
  */
@@ -790,13 +720,6 @@ krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context,
                                                  const krb5_keyblock *from,
                                                  krb5_keyblock *to);
 
-/*
- * Internal - for cleanup.
- */
-extern void krb5int_prng_cleanup(void);
-extern void krb5int_crypto_impl_cleanup(void);
-
-
 #ifdef KRB5_OLD_CRYPTO
 /* old provider api */
 
@@ -2603,10 +2526,6 @@ extern krb5_error_code krb5int_translate_gai_error(int);
 extern krb5_error_code
 krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *);
 
-extern int krb5int_crypto_init (void);
-extern int krb5int_prng_init(void);
-extern int krb5int_crypto_impl_init(void);
-
 /*
  * Referral definitions, debugging hooks, and subfunctions.
  */
@@ -2621,19 +2540,6 @@ void krb5int_dbgref_dump_principal(char *, krb5_principal);
 krb5_error_code
 krb5int_clean_hostname(krb5_context, const char *, char *, size_t);
 
-krb5_error_code
-krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-                    size_t num_data);
-
-krb5_error_code
-krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-                    size_t num_data);
-
-krb5_error_code
-krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
-                         size_t num_data, const krb5_data *iv,
-                         krb5_data *output);
-
 #if 0
 /*
  * There are no IANA assignments for these enctypes or cksumtypes yet.  They
index 66e16ce69e896b271f38c3312722cf4b7853a014..4da51b70597cdefef8dc93e89d1c797c0e731fc2 100644 (file)
@@ -1,17 +1,7 @@
 mydir=lib$(S)crypto$(S)builtin
 BUILDTOP=$(REL)..$(S)..$(S)..
 SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
-LOCALINCLUDES = -I$(srcdir)/../krb                     \
-               -I$(srcdir)/../krb/hash_provider        \
-               -I$(srcdir)/des         \
-               -I$(srcdir)/aes         \
-               -I$(srcdir)/camellia    \
-               -I$(srcdir)/sha1        \
-               -I$(srcdir)/sha2        \
-               -I$(srcdir)/md4         \
-               -I$(srcdir)/md5 \
-               -I$(srcdir)/enc_provider        \
-               -I$(srcdir)/hash_provider       
+LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
 RUN_SETUP = @KRB5_RUN_ENV@
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
similarity index 73%
rename from src/lib/crypto/openssl/sha2/sha2.h
rename to src/lib/crypto/builtin/crypto_mod.h
index afc1d46606a4b74aaa78619385717f0e34389ebd..f85e32215572a1aacd1ac815ae1e07c9f23b2f64 100644 (file)
@@ -1,9 +1,8 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/builtin/crypto_mod.h - Builtin crypto module declarations */
 /*
- * lib/crypto/openssl/sha2/sha2.h
- *
- * Copyright 2010 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
+ * Copyright (C) 2011 by the Massachusetts Institute of Technology.
+ * All rights reserved.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
  * or implied warranty.
  */
 
-#ifndef _SHA2_DEFINED
-
-#include <openssl/sha.h>
+/*
+ * This header is included from lib/crypto/krb/crypto_int.h to provide
+ * module-specific declarations.  It is not included directly from source
+ * files.
+ */
 
-#define _SHA2_DEFINED
+#ifndef CRYPTO_MOD_H
+#define CRYPTO_MOD_H
 
-#define k5_sha256_init SHA256_Init
-#define k5_sha256_update SHA256_Update
-#define k5_sha256_final SHA256_Final
+#include <aes/aes.h>
+#include <sha2/sha2.h>
 
-#endif /* _SHA2_DEFINED */
+#endif /* CRYPTO_MOD_H */
index 66b6826c5cfa0e25092d6bd5b29884e7d649cd24..d8decdd68f47216c1b7eb85dc667eb7567ce2b46 100644 (file)
@@ -3,8 +3,8 @@
 #
 hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \
-  $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
+  $(srcdir)/aes/aes.h $(srcdir)/aes/uitypes.h $(srcdir)/sha2/sha2.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -12,21 +12,23 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hmac.c
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c
 init.so init.po $(OUTPRE)init.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  init.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
+  $(srcdir)/aes/aes.h $(srcdir)/aes/uitypes.h $(srcdir)/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h init.c
 pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
+  $(srcdir)/aes/aes.h $(srcdir)/aes/uitypes.h $(srcdir)/sha2/sha2.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -34,6 +36,6 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h pbkdf2.c
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h pbkdf2.c
 t_cf2.so t_cf2.po $(OUTPRE)t_cf2.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \
   $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h t_cf2.c
index 9b5d81402914333c34dab85fb06f180c6ad5d41d..9ac2f6cc6c3feb1ea59e4e4bde55da513a1fc50d 100644 (file)
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)builtin$(S)des
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index 8c880464bf0cf607e40d3312a226c447c5a22634..701b50a0f5c9647ffea532891a5de5e92dfd918a 100644 (file)
@@ -58,7 +58,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "des_int.h"
 #include <ctype.h>
 
index 182f631e545a9833c676fa17c00ce965f3d200a1..af34fe9b1e8125b499e31df26227c71d26e7f1db 100644 (file)
@@ -22,9 +22,9 @@
  * express or implied warranty.
  */
 
+#include "crypto_int.h"
 #include "des_int.h"
 #include "f_tables.h"
-#include "aead.h"
 
 void
 krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
index 12e583c10fea8f490a3fcabf005c75f8556fd95b..7ab3fe33e9a0311d87a12f9c6d17d74b75a1a949 100644 (file)
@@ -4,28 +4,30 @@
 afsstring2key.so afsstring2key.po $(OUTPRE)afsstring2key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h afsstring2key.c \
-  des_int.h
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  afsstring2key.c des_int.h
 d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h d3_aead.c des_int.h \
-  f_tables.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  d3_aead.c des_int.h f_tables.h
 d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
@@ -39,17 +41,17 @@ d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
   $(top_srcdir)/include/socket-utils.h d3_kysched.c des_int.h
 f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_aead.c \
-  f_tables.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  des_int.h f_aead.c f_tables.h
 f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -64,14 +66,17 @@ f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h
 f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  des_int.h f_parity.c
 f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -120,14 +125,17 @@ weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
 string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h string2key.c
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  des_int.h string2key.c
 destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
index 419459d22c6a872b1b4e09f65fa20148b401d5c6..d3a7cc96027c5f78b7513bc2096646c4bbd5e891 100644 (file)
@@ -187,7 +187,6 @@ krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
                                         krb5_pointer *);
 
 /* key_parity.c */
-void mit_des_fixup_key_parity(mit_des_cblock);
 int mit_des_check_key_parity(mit_des_cblock);
 
 /* key_sched.c */
index 34eee2cbde159488cb901afc45ac24735ee7d919..08bd5f8b29382a0140de67610a406bb3950aa4be 100644 (file)
@@ -22,9 +22,9 @@
  * express or implied warranty.
  */
 
+#include "crypto_int.h"
 #include "des_int.h"
 #include "f_tables.h"
-#include "aead.h"
 
 const mit_des_cblock mit_des_zeroblock /* = all zero */;
 
index 460b5061b5bc2313ba2da944c5f4246717e3f6f4..501a1b35b7fd6f4751b9cff87598e2f0359abc70 100644 (file)
@@ -9,7 +9,7 @@
  * Mark Eichin -- Cygnus Support
  */
 
-
+#include "crypto_int.h"
 #include "des_int.h"
 
 /*
 #define parity_char(x) pstep(pstep(pstep((x),4),2),1)
 
 void
-mit_des_fixup_key_parity(mit_des_cblock key)
+mit_des_fixup_key_parity(unsigned char *key)
 {
     unsigned int i;
-    for (i=0; i<sizeof(mit_des_cblock); i++)
+    for (i=0; i<8; i++)
     {
         key[i] &= 0xfe;
         key[i] |= 1^parity_char(key[i]);
index 7ddee27d9e5ecb204ad378a4201dc0707ae88ca3..8941936bbf354f846fd24c608e1e32ed6f7d5336 100644 (file)
@@ -28,7 +28,7 @@
  * Compute encryption key from salt and pass phrase.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "des_int.h"
 
 krb5_error_code
index 7a7b550cc8b6edde8712470f800d9a2fcc492371..6a7e96f3fa457cbca8c1612d6ad822742022863f 100644 (file)
@@ -1,11 +1,10 @@
 mydir=lib$(S)crypto$(S)builtin$(S)enc_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 LOCALINCLUDES = -I$(srcdir)/../des     \
-               -I$(srcdir)/../arcfour \
                -I$(srcdir)/../aes      \
-               -I$(srcdir)/../camellia         \
-               -I$(srcdir)/../../krb                   \
-               -I$(srcdir)/.. -I$(srcdir)/. 
+               -I$(srcdir)/../camellia \
+               -I$(srcdir)/../../krb   \
+               -I$(srcdir)/..
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index a8d73a216a1b4e93b193d41ecea232a75b915525..e1f7eca4acc387d0cdcd0519749d5e8d09be9c41 100644 (file)
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
+#include "crypto_int.h"
 #include "aes.h"
-#include <aead.h>
 
 #define CHECK_SIZES 0
 
index 7c71434c7390355acf9965b10f8edbc392f3e648..16723422c3b6f81da000d6d43dc8db48d80eb6cb 100644 (file)
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
+#include "crypto_int.h"
 #include "camellia.h"
-#include <aead.h>
 
 #ifdef CAMELLIA
 
index ddb4757a09498e36b189c54311d59643fa3058d9..e1b8cbde779a2fba465ea583e3fba6f730654b92 100644 (file)
@@ -3,35 +3,35 @@
 #
 des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des.c enc_provider.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../des/des_int.h $(srcdir)/../sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h des.c
 des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des3.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../des/des_int.h $(srcdir)/../sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h des3.c
 aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -39,25 +39,13 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  aes.c enc_provider.h
+  aes.c
 camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../aes/uitypes.h \
-  $(srcdir)/../camellia/camellia.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  camellia.c enc_provider.h
-rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../camellia/camellia.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -65,5 +53,17 @@ rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h enc_provider.h \
+  $(top_srcdir)/include/socket-utils.h camellia.c
+rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
   rc4.c
index 1ff964890c1765f05e16d76c120865e21a895693..72a3ffc3b749d3ab0b142c8478602e5e8953b38b 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "des_int.h"
-#include "enc_provider.h"
-#include <aead.h>
 
 static krb5_error_code
 validate_and_schedule(krb5_key key, const krb5_data *ivec,
index fa4234e81c221f6253e40349da10586a9131bc94..793db5e563871d6c423ab4b3ba610c3f03521166 100644 (file)
@@ -25,9 +25,8 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "des_int.h"
-#include <aead.h>
 
 static krb5_error_code
 validate_and_schedule(krb5_key key, const krb5_data *ivec,
index b8d7e36169c7a032653b6225931e09ea275dd202..13255567b60f2c9f5a062b51d8b7ee06baa11df2 100644 (file)
@@ -7,9 +7,7 @@
  * #include STD_DISCLAIMER
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include <aead.h>
+#include "crypto_int.h"
 
 typedef struct
 {
index f008e7118bf7d9a1ee26dfe0746b0d625386f415..ad40ef6e3a6caa53e3ebccd480894db511ed6240 100644 (file)
@@ -1,7 +1,7 @@
 mydir=lib$(S)crypto$(S)builtin$(S)hash_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \
-       -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb -I$(srcdir)/../md4 \
+       -I$(srcdir)/../md5 -I$(srcdir)/../sha1
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index b31059e434c89fea8d3496ac1a3e5e27d8976237..845d976272c053dec284295fdb2b6deeec4a7d3c 100644 (file)
@@ -4,21 +4,23 @@
 hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  hash_crc32.c
 hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../md4/rsa-md4.h $(srcdir)/../sha2/sha2.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -26,12 +28,13 @@ hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h
+  $(top_srcdir)/include/socket-utils.h hash_md4.c
 hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../md5/rsa-md5.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../md5/rsa-md5.h $(srcdir)/../sha2/sha2.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -39,18 +42,18 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_md5.c hash_provider.h
+  $(top_srcdir)/include/socket-utils.h hash_md5.c
 hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../sha1/shs.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_provider.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../sha1/shs.h $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
   hash_sha1.c
index c9cafb0eb100f662953c2313d7532ebb869106bd..1d0be55637a90d958976728ef2d039c6bf106155 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "crc-32.h"
-#include "hash_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 static krb5_error_code
 k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 85f18f66d74292dc5d0b564fd5a60ee41fcbdaff..e7daf527762244193ce0795f757e14509976d032 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "rsa-md4.h"
-#include "hash_provider.h"
-#include "aead.h"
 
 static krb5_error_code
 k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 583a8fb12ff8fa0207d8256b3478108003b28ae8..0f655ddae85cec8fef94b7771489b00e6a3d4902 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "rsa-md5.h"
-#include "hash_provider.h"
-#include "aead.h"
 
 static krb5_error_code
 k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 7a9cda5f7e0d926526982984aff4df42570165e5..535e8e584a95c835c9e199394b5ccf80b138c521 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "shs.h"
-#include "hash_provider.h"
-#include "aead.h"
 
 static krb5_error_code
 k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 3cb4146eb25856ad3ddae378714d6b3c369acd38..c697a76e85afaacfa3aab6b227d6c8b308ab48e9 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 /*
  * Because our built-in HMAC implementation doesn't need to invoke any
index 5f8d3b1c677931ee53cce56c5e0e3a6599343473..cc35ba7e63975285c21aeaeddbd1c4cbeb534ad9 100644 (file)
@@ -28,7 +28,7 @@
  * Built-in back-end library init functions
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 
 int
 krb5int_crypto_impl_init(void)
index 31de329c0de78575655e24cba1e4a49eb45608f3..ce721c9c6de240a7de3b76caeae765c589cd41b6 100644 (file)
@@ -29,8 +29,7 @@
  */
 
 #include <ctype.h>
-#include "k5-int.h"
-#include "hash_provider.h"
+#include "crypto_int.h"
 
 /*
  * RFC 2898 specifies PBKDF2 in terms of an underlying pseudo-random
  * longer than the block size.)
  *
  * For efficiency, it is better to generate the key from the password
- * once at the beginning, so we specify prf_func in terms of a
+ * once at the beginning, so we specify prf_fn in terms of a
  * krb5_key first argument.  That might not be convenient for a PRF
  * which uses the password in some other way, so this might need to be
  * adjusted in the future.
  */
 
-typedef krb5_error_code (*prf_func)(krb5_key pass, krb5_data *salt,
-                                    krb5_data *out);
+typedef krb5_error_code (*prf_fn)(krb5_key pass, krb5_data *salt,
+                                  krb5_data *out);
 
 /* Not exported, for now.  */
 static krb5_error_code
-krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass,
+krb5int_pbkdf2 (prf_fn prf, size_t hlen, krb5_key pass,
                 const krb5_data *salt, unsigned long count,
                 const krb5_data *output);
 
@@ -81,7 +80,7 @@ static void printd (const char *descr, krb5_data *d) {
 }
 
 static krb5_error_code
-F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen,
+F(char *output, char *u_tmp1, char *u_tmp2, prf_fn prf, size_t hlen,
   krb5_key pass, const krb5_data *salt, unsigned long count, int i)
 {
     unsigned char ibytes[4];
@@ -151,7 +150,7 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen,
 }
 
 static krb5_error_code
-krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass,
+krb5int_pbkdf2 (prf_fn prf, size_t hlen, krb5_key pass,
                 const krb5_data *salt, unsigned long count,
                 const krb5_data *output)
 {
index 81f9b5e0ae55e3b355389cbbf61e41c91b14b1bc..e137083ece54430769a35a8889b0acff42bd0c98 100644 (file)
@@ -1,16 +1,6 @@
 mydir=lib$(S)crypto$(S)crypto_tests
 BUILDTOP=$(REL)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)/../$(CRYPTO_IMPL)/enc_provider \
-       -I$(srcdir)/../$(CRYPTO_IMPL)/hash_provider \
-       -I$(srcdir)/../krb/keyhash_provider -I$(srcdir)/../krb/dk \
-       -I$(srcdir)/../$(CRYPTO_IMPL) -I$(srcdir)/../krb/prng \
-       -I$(srcdir)/../krb/prng/$(PRNG_ALG) -I$(srcdir)/../krb/crc32 \
-       -I$(srcdir)/../krb/old -I$(srcdir)/../krb/raw \
-       -I$(srcdir)/../$(CRYPTO_IMPL)/aes -I$(srcdir)/../$(CRYPTO_IMPL)/des \
-       -I$(srcdir)/../$(CRYPTO_IMPL)/arcfour \
-       -I$(srcdir)/../$(CRYPTO_IMPL)/sha1 \
-       -I$(srcdir)/../$(CRYPTO_IMPL)/md5 -I$(srcdir)/../$(CRYPTO_IMPL)/md4 \
-       -I$(srcdir)/../$(CRYPTO_IMPL)/camellia
+LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)/../$(CRYPTO_IMPL)
 RUN_SETUP = @KRB5_RUN_ENV@
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
index 4c0618a4706ab945a6aa57e24c1bbe768f4950b0..b86b5ab8cba26a5656e64b8d71d2629eb6f631aa 100644 (file)
@@ -30,7 +30,7 @@
  */
 
 #include <stdio.h>
-#include "k5-int.h"
+#include "crypto_int.h"
 
 static char key[32];
 static char plain[16], cipher[16], zero[16];
index 7849b8afeecb2ef287166681fac5e6fd8e5190e5..01aa2dc0f00b444ba0bb77992765c1a13b0c2bdf 100644 (file)
@@ -3,18 +3,22 @@
 #
 $(OUTPRE)t_nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  t_nfold.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h t_nfold.c
 $(OUTPRE)t_encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/etypes.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -58,8 +62,9 @@ $(OUTPRE)t_prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   t_prng.c
 $(OUTPRE)t_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/cksumtypes.h \
-  $(srcdir)/../krb/etypes.h $(srcdir)/../openssl/enc_provider/enc_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -70,7 +75,9 @@ $(OUTPRE)t_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/socket-utils.h t_cmac.c
 $(OUTPRE)t_hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/hash_provider/hash_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -92,7 +99,9 @@ $(OUTPRE)t_pkcs5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   t_pkcs5.c
 $(OUTPRE)t_cts.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/hash_provider/hash_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -103,7 +112,9 @@ $(OUTPRE)t_cts.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/socket-utils.h t_cts.c
 $(OUTPRE)vectors.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/hash_provider/hash_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -114,15 +125,17 @@ $(OUTPRE)vectors.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/socket-utils.h vectors.c
 $(OUTPRE)aes-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  aes-test.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h aes-test.c
 $(OUTPRE)camellia-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -158,7 +171,9 @@ $(OUTPRE)t_cksums.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   t_cksums.c
 $(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crc32/crc-32.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -169,7 +184,9 @@ $(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/socket-utils.h t_crc.c
 $(OUTPRE)t_mddriver.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/md5/rsa-md5.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -213,17 +230,17 @@ $(OUTPRE)t_str2key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   t_str2key.c
 $(OUTPRE)t_derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/cksumtypes.h \
-  $(srcdir)/../krb/dk/dk.h $(srcdir)/../krb/etypes.h \
-  $(srcdir)/../openssl/enc_provider/enc_provider.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  t_derive.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h t_derive.c
 $(OUTPRE)t_fork.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
index 47afd53f3efe6ff3d6233fc119c13f188c2dbe4e..c140f24f5aaaff2399b439b27dd520d6ebedd4c3 100644 (file)
@@ -38,9 +38,7 @@
  * krb5int_cmac_checksum.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 #ifdef CAMELLIA
 
index 99b2b5ee7aa2bd955c6bd7f43c5ad929c4e5f275..d8b0ea74f51e7e5c0f3292e51fd0998d8950bf94 100644 (file)
@@ -31,8 +31,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include "k5-int.h"
-#include "crc-32.h"
+#include "crypto_int.h"
 
 #define HEX 1
 #define STR 2
index da697bde1f2574edc8e8c43266be3b06e1d11d29..90155f7805f33a109c9b09eff8448df2c62cd14c 100644 (file)
@@ -37,7 +37,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <ctype.h>
-#include "hash_provider.h"
+#include "crypto_int.h"
 
 #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0]))
 
index 49b0bb5fa27ec697663dea134dc1eaee1744f0a1..f221ebff54087bffa4eb9910788a0b5b338d800c 100644 (file)
@@ -29,9 +29,7 @@
  * With the -v flag, results for all tests are displayed.
  */
 
-#include "k5-int.h"
-#include "../krb/dk/dk.h"
-#include "enc_provider/enc_provider.h"
+#include "crypto_int.h"
 
 struct test {
     krb5_enctype enctype;
index 5008ab015628017a1dae21cdae9257e667a89ace..db75e22a86758ea13d20da2dc7a7261fb3a1dbcc 100644 (file)
@@ -31,8 +31,7 @@
  * Some black-box tests of crypto systems.  Make sure that we can decrypt things we encrypt, etc.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 #include <stdio.h>
 
 /* What enctypes should we test?*/
index 1056ff62fe15f04e8a43411620eb07432f15c179..ec49d615d85ea0fca95f1a5f188a0a460008196f 100644 (file)
@@ -34,7 +34,7 @@
 #include <string.h>
 #include <ctype.h>
 
-#include "hash_provider.h"
+#include "crypto_int.h"
 
 #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0]))
 
index b3af381f6758b9b275d53baef2e623d817cb0da6..68435139c66a0fd284e7f0c491a667b4963e348c 100644 (file)
 #define MD 5
 #endif
 
-#include "k5-int.h"
-
-#if MD == 2
-#include "md2.h"
-#endif
-#if MD == 4
-#include "rsa-md4.h"
-#endif
-#if MD == 5
-#include "rsa-md5.h"
-#endif
+#include "crypto_int.h"
 
 /* Length of test block, number of test blocks.
  */
 #define TEST_BLOCK_LEN 1000
 #define TEST_BLOCK_COUNT 1000
 
+static void MDHash (char *, size_t, size_t, unsigned char *);
 static void MDString (char *);
 static void MDTimeTrial (void);
 static void MDTestSuite (void);
-static void MDFile (char *);
-static void MDFilter (void);
 static void MDPrint (unsigned char [16]);
 
 struct md_test_entry {
@@ -50,18 +39,8 @@ struct md_test_entry {
     unsigned char digest[16];
 };
 
-#if MD == 2
-#define MD_CTX krb5_MD2_CTX
-#define MDInit krb5_MD2Init
-#define MDUpdate krb5_MD2Update
-#define MDFinal krb5_MD2Final
-#endif
-
 #if MD == 4
-#define MD_CTX krb5_MD4_CTX
-#define MDInit krb5int_MD4Init
-#define MDUpdate krb5int_MD4Update
-#define MDFinal krb5int_MD4Final
+#define MDProvider krb5int_hash_md4
 
 #define HAVE_TEST_SUITE
 /* Test suite from RFC 1320 */
@@ -94,10 +73,7 @@ struct md_test_entry md_test_suite[] = {
 #endif
 
 #if MD == 5
-#define MD_CTX krb5_MD5_CTX
-#define MDInit krb5int_MD5Init
-#define MDUpdate krb5int_MD5Update
-#define MDFinal krb5int_MD5Final
+#define MDProvider krb5int_hash_md5
 
 #define HAVE_TEST_SUITE
 /* Test suite from RFC 1321 */
@@ -135,8 +111,6 @@ struct md_test_entry md_test_suite[] = {
    -sstring - digests string
    -t       - runs time trial
    -x       - runs test script
-   filename - digests file
-   (none)   - digests standard input
 */
 int main (argc, argv)
     int argc;
@@ -144,36 +118,47 @@ int main (argc, argv)
 {
     int i;
 
-    if (argc > 1)
-        for (i = 1; i < argc; i++)
-            if (argv[i][0] == '-' && argv[i][1] == 's')
-                MDString (argv[i] + 2);
-            else if (strcmp (argv[i], "-t") == 0)
-                MDTimeTrial ();
-            else if (strcmp (argv[i], "-x") == 0)
-                MDTestSuite ();
-            else
-                MDFile (argv[i]);
-    else
-        MDFilter ();
-
+    for (i = 1; i < argc; i++) {
+        if (argv[i][0] == '-' && argv[i][1] == 's')
+            MDString (argv[i] + 2);
+        else if (strcmp (argv[i], "-t") == 0)
+            MDTimeTrial ();
+        else if (strcmp (argv[i], "-x") == 0)
+            MDTestSuite ();
+    }
     return (0);
 }
 
+static void MDHash (bytes, len, count, out)
+    char *bytes;
+    size_t len, count;
+    unsigned char *out;
+{
+    krb5_crypto_iov *iov;
+    krb5_data outdata = make_data (out, MDProvider.hashsize);
+    size_t i;
+
+    iov = malloc (count * sizeof(*iov));
+    if (iov == NULL)
+        abort ();
+    for (i = 0; i < count; i++) {
+        iov[i].flags = KRB5_CRYPTO_TYPE_DATA;
+        iov[i].data = make_data (bytes, len);
+    }
+    MDProvider.hash(iov, count, &outdata);
+    free(iov);
+}
+
 /* Digests a string and prints the result.
  */
 static void MDString (string)
     char *string;
 {
-    MD_CTX context;
-    unsigned int len = strlen (string);
-
-    MDInit (&context);
-    MDUpdate (&context, (unsigned char *) string, len);
-    MDFinal (&context);
+    unsigned char digest[16];
 
+    MDHash (string, strlen(string), 1, digest);
     printf ("MD%d (\"%s\") = ", MD, string);
-    MDPrint (context.digest);
+    MDPrint (digest);
     printf ("\n");
 }
 
@@ -182,9 +167,8 @@ static void MDString (string)
 */
 static void MDTimeTrial ()
 {
-    MD_CTX context;
     time_t endTime, startTime;
-    unsigned char block[TEST_BLOCK_LEN];
+    unsigned char block[TEST_BLOCK_LEN], digest[16];
     unsigned int i;
 
     printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD,
@@ -198,17 +182,14 @@ static void MDTimeTrial ()
     time (&startTime);
 
     /* Digest blocks */
-    MDInit (&context);
-    for (i = 0; i < TEST_BLOCK_COUNT; i++)
-        MDUpdate (&context, block, TEST_BLOCK_LEN);
-    MDFinal (&context);
+    MDHash ((char *)block, TEST_BLOCK_LEN, TEST_BLOCK_COUNT, digest);
 
     /* Stop timer */
     time (&endTime);
 
     printf (" done\n");
     printf ("Digest = ");
-    MDPrint (context.digest);
+    MDPrint (digest);
     printf ("\nTime = %ld seconds\n", (long)(endTime-startTime));
     printf
         ("Speed = %ld bytes/second\n",
@@ -220,29 +201,24 @@ static void MDTimeTrial ()
 static void MDTestSuite ()
 {
 #ifdef HAVE_TEST_SUITE
-    MD_CTX context;
     struct md_test_entry *entry;
     int i, num_tests = 0, num_failed = 0;
+    unsigned char digest[16];
 
     printf ("MD%d test suite:\n\n", MD);
     for (entry = md_test_suite; entry->string; entry++) {
         unsigned int len = strlen (entry->string);
 
-        MDInit (&context);
-        MDUpdate (&context, (unsigned char *) entry->string, len);
-        MDFinal (&context);
+        MDHash (entry->string, len, 1, digest);
 
         printf ("MD%d (\"%s\") = ", MD, entry->string);
-        MDPrint (context.digest);
+        MDPrint (digest);
         printf ("\n");
-        for (i=0; i < 16; i++) {
-            if (context.digest[i] != entry->digest[i]) {
-                printf("\tIncorrect MD%d digest!  Should have been:\n\t\t ",
-                       MD);
-                MDPrint(entry->digest);
-                printf("\n");
-                num_failed++;
-            }
+        if (memcmp(digest, entry->digest, 16) != 0) {
+            printf("\tIncorrect MD%d digest!  Should have been:\n\t\t ", MD);
+            MDPrint(entry->digest);
+            printf("\n");
+            num_failed++;
         }
         num_tests++;
     }
@@ -269,49 +245,6 @@ static void MDTestSuite ()
 #endif
 }
 
-/* Digests a file and prints the result. */
-
-static void MDFile (filename)
-    char *filename;
-{
-    FILE *file;
-    MD_CTX context;
-    int len;
-    unsigned char buffer[1024];
-
-    if ((file = fopen (filename, "rb")) == NULL)
-        printf ("%s can't be opened\n", filename);
-    else {
-        MDInit (&context);
-        while ((len = fread (buffer, 1, 1024, file)) != 0)
-            MDUpdate (&context, buffer, len);
-        MDFinal (&context);
-
-        fclose (file);
-
-        printf ("MD%d (%s) = ", MD, filename);
-        MDPrint (context.digest);
-        printf ("\n");
-    }
-}
-
-/* Digests the standard input and prints the result.
- */
-static void MDFilter ()
-{
-    MD_CTX context;
-    int len;
-    unsigned char buffer[16];
-
-    MDInit (&context);
-    while ((len = fread (buffer, 1, 16, stdin)) != 0)
-        MDUpdate (&context, buffer, len);
-    MDFinal (&context);
-
-    MDPrint (context.digest);
-    printf ("\n");
-}
-
 /* Prints a message digest in hexadecimal.
  */
 static void MDPrint (digest)
index 25361338f9016e44e39476510d0190a3ca0d39ce..6a8e7f7259429388318bd4d39737ad370cf00bde 100644 (file)
@@ -35,7 +35,7 @@
 #include <string.h>
 #include <assert.h>
 
-#include "k5-int.h"
+#include "crypto_int.h"
 
 #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0]))
 
index f984a1788fcc06ab0986afceca217f59264d8041..8e97287653c2223b343fedb18204a00326def1ac 100644 (file)
@@ -37,7 +37,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <ctype.h>
-#include "hash_provider.h"
+#include "crypto_int.h"
 
 #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0]))
 
index 7eaccb4ff4e8a29ee6b5eddcac6307a737334d98..838f128f9e25ba72dffb9cc6057fed86d8568246 100644 (file)
@@ -1,16 +1,7 @@
 mydir=lib$(S)crypto$(S)krb
 BUILDTOP=$(REL)..$(S)..$(S)..
 SUBDIRS= arcfour checksum crc32 dk prf old raw 
-LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../$(CRYPTO_IMPL)/enc_provider \
-               -I$(srcdir)/dk -I$(srcdir)/../$(CRYPTO_IMPL)/hash_provider \
-               -I$(srcdir)/prf -I$(srcdir)/old -I$(srcdir)/raw \
-               -I$(srcdir)/../$(CRYPTO_IMPL) \
-               -I$(srcdir)/../$(CRYPTO_IMPL)/des \
-               -I$(srcdir)/../$(CRYPTO_IMPL)/aes -I$(srcdir)/arcfour   \
-               -I$(srcdir)/../$(CRYPTO_IMPL)/sha2 \
-               -I$(srcdir)/../$(CRYPTO_IMPL)/camellia \
-               -I$(srcdir)/../$(CRYPTO_IMPL)/sha1 \
-               -I$(srcdir)/../$(CRYPTO_IMPL)
+LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../$(CRYPTO_IMPL)
 RUN_SETUP = @KRB5_RUN_ENV@
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
index 3d9111abb48aa578b46fdaee78190a54ff2773fe..2bb341cb9b20997a2b242988644c5ad7c4b0451f 100644 (file)
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "cksumtypes.h"
-#include "dk.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_crypto_iov *
 krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data,
diff --git a/src/lib/crypto/krb/aead.h b/src/lib/crypto/krb/aead.h
deleted file mode 100644 (file)
index 5cc94f4..0000000
+++ /dev/null
@@ -1,314 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/aead.h
- *
- * Copyright 2008, 2009 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "k5-int.h"
-#include "cksumtypes.h"
-#include "etypes.h"
-
-/* AEAD helpers */
-
-krb5_crypto_iov *
-krb5int_c_locate_iov(krb5_crypto_iov *data,
-                     size_t num_data,
-                     krb5_cryptotype type);
-
-#define ENCRYPT_CONF_IOV(_iov)  ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER)
-
-#define ENCRYPT_DATA_IOV(_iov)  ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \
-                                 (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING)
-
-#define ENCRYPT_IOV(_iov)       (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov))
-
-#define SIGN_IOV(_iov)          (ENCRYPT_IOV(_iov) ||                   \
-                                 (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY )
-
-struct iov_block_state {
-    size_t iov_pos;                     /* index into iov array */
-    size_t data_pos;                    /* index into iov contents */
-    unsigned int ignore_header : 1;     /* have/should we process HEADER */
-    unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */
-    unsigned int pad_to_boundary : 1;   /* should we zero fill blocks until next buffer */
-};
-
-#define IOV_BLOCK_STATE_INIT(_state)    ((_state)->iov_pos =            \
-                                         (_state)->data_pos =           \
-                                         (_state)->ignore_header =      \
-                                         (_state)->include_sign_only =  \
-                                         (_state)->pad_to_boundary = 0)
-
-krb5_error_code
-krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, krb5_key key,
-                             krb5_keyusage keyusage, const krb5_data *ivec,
-                             krb5_crypto_iov *data, size_t num_data);
-
-unsigned int
-krb5int_c_padding_length(const struct krb5_keytypes *ktp, size_t data_length);
-
-#ifdef DEBUG_IOV
-static inline void
-dump_block(const char *tag,
-           size_t i,
-           size_t j,
-           unsigned char *block,
-           size_t block_size)
-{
-    size_t k;
-
-    printf("[%s: %lu.%lu] ", tag, i, j);
-
-    for (k = 0; k < block_size; k++)
-        printf("%02x ", block[k] & 0xFF);
-
-    printf("\n");
-}
-#endif
-
-static inline int
-process_block_p(const krb5_crypto_iov *data,
-                size_t num_data,
-                struct iov_block_state *iov_state,
-                size_t i)
-{
-    const krb5_crypto_iov *iov = &data[i];
-    int process_block;
-
-    switch (iov->flags) {
-    case KRB5_CRYPTO_TYPE_SIGN_ONLY:
-        process_block = iov_state->include_sign_only;
-        break;
-    case KRB5_CRYPTO_TYPE_PADDING:
-        process_block = (iov_state->pad_to_boundary == 0);
-        break;
-    case KRB5_CRYPTO_TYPE_HEADER:
-        process_block = (iov_state->ignore_header == 0);
-        break;
-    case KRB5_CRYPTO_TYPE_DATA:
-        process_block = 1;
-        break;
-    default:
-        process_block = 0;
-        break;
-    }
-
-    return process_block;
-}
-
-/*
- * Returns TRUE if, having reached the end of the current buffer,
- * we should pad the rest of the block with zeros.
- */
-static inline int
-pad_to_boundary_p(const krb5_crypto_iov *data,
-                  size_t num_data,
-                  struct iov_block_state *iov_state,
-                  size_t i,
-                  size_t j)
-{
-    /* If the pad_to_boundary flag is unset, return FALSE */
-    if (iov_state->pad_to_boundary == 0)
-        return 0;
-
-    /* If we haven't got any data, we need to get some */
-    if (j == 0)
-        return 0;
-
-    /* No boundary between adjacent buffers marked for processing */
-    if (data[iov_state->iov_pos].flags == data[i].flags)
-        return 0;
-
-    return 1;
-}
-
-/*
- * Retrieve a block from the IOV. If p is non-NULL and the next block is
- * completely contained within the current buffer, then *p will contain an
- * alias into the buffer; otherwise, a copy will be made into storage.
- *
- * After calling this function, encrypt the returned block and then call
- * krb5int_c_iov_put_block_nocopy() (with a separate output cursor). If
- * p was non-NULL on the call to get_block(), then pass that pointer in.
- */
-static inline krb5_boolean
-krb5int_c_iov_get_block_nocopy(unsigned char *storage,
-                               size_t block_size,
-                               const krb5_crypto_iov *data,
-                               size_t num_data,
-                               struct iov_block_state *iov_state,
-                               unsigned char **p)
-{
-    size_t i, j = 0;
-
-    if (p != NULL)
-        *p = storage;
-
-    for (i = iov_state->iov_pos; i < num_data; i++) {
-        const krb5_crypto_iov *iov = &data[i];
-        size_t nbytes;
-
-        if (!process_block_p(data, num_data, iov_state, i))
-            continue;
-
-        if (pad_to_boundary_p(data, num_data, iov_state, i, j))
-            break;
-
-        iov_state->iov_pos = i;
-
-        nbytes = iov->data.length - iov_state->data_pos;
-        if (nbytes > block_size - j)
-            nbytes = block_size - j;
-
-        /*
-         * If we can return a pointer into a complete block, then do so.
-         */
-        if (p != NULL && j == 0 && nbytes == block_size) {
-            *p = (unsigned char *)iov->data.data + iov_state->data_pos;
-        } else {
-            memcpy(storage + j, iov->data.data + iov_state->data_pos, nbytes);
-        }
-
-        iov_state->data_pos += nbytes;
-        j += nbytes;
-
-        assert(j <= block_size);
-
-        if (j == block_size)
-            break;
-
-        assert(iov_state->data_pos == iov->data.length);
-
-        iov_state->data_pos = 0;
-    }
-
-    iov_state->iov_pos = i;
-
-    if (j == 0)
-        return FALSE;
-    else if (j != block_size)
-        memset(storage + j, 0, block_size - j);
-
-#ifdef DEBUG_IOV
-    dump_block("get_block", i, j, (p && *p) ? *p : storage, block_size);
-#endif
-
-    return TRUE;
-}
-
-/*
- * Store a block retrieved with krb5int_c_iov_get_block_no_copy if
- * necessary, and advance the output cursor.
- */
-static inline krb5_boolean
-krb5int_c_iov_put_block_nocopy(const krb5_crypto_iov *data,
-                               size_t num_data,
-                               unsigned char *storage,
-                               size_t block_size,
-                               struct iov_block_state *iov_state,
-                               unsigned char *p)
-{
-    size_t i, j = 0;
-
-    assert(p != NULL);
-
-    for (i = iov_state->iov_pos; i < num_data; i++) {
-        const krb5_crypto_iov *iov = &data[i];
-        size_t nbytes;
-
-        if (!process_block_p(data, num_data, iov_state, i))
-            continue;
-
-        if (pad_to_boundary_p(data, num_data, iov_state, i, j))
-            break;
-
-        iov_state->iov_pos = i;
-
-        nbytes = iov->data.length - iov_state->data_pos;
-        if (nbytes > block_size - j)
-            nbytes = block_size - j;
-
-        /*
-         * If we had previously returned a pointer into a complete block,
-         * then no action is required.
-         */
-        if (p == storage) {
-            memcpy(iov->data.data + iov_state->data_pos, storage + j, nbytes);
-        } else {
-            /* Ensure correctly paired with a call to get_block_nocopy(). */
-            assert(j == 0);
-            assert(nbytes == 0 || nbytes == block_size);
-        }
-
-        iov_state->data_pos += nbytes;
-        j += nbytes;
-
-        assert(j <= block_size);
-
-        if (j == block_size)
-            break;
-
-        assert(iov_state->data_pos == iov->data.length);
-
-        iov_state->data_pos = 0;
-    }
-
-    iov_state->iov_pos = i;
-
-#ifdef DEBUG_IOV
-    dump_block("put_block", i, j, p, block_size);
-#endif
-
-    return (iov_state->iov_pos < num_data);
-}
-
-/*
- * A wrapper for krb5int_c_iov_get_block_nocopy() that always makes
- * a copy.
- */
-static inline krb5_boolean
-krb5int_c_iov_get_block(unsigned char *block,
-                        size_t block_size,
-                        const krb5_crypto_iov *data,
-                        size_t num_data,
-                        struct iov_block_state *iov_state)
-{
-    return krb5int_c_iov_get_block_nocopy(block, block_size, data, num_data,
-                                          iov_state, NULL);
-}
-
-/*
- * A wrapper for krb5int_c_iov_put_block_nocopy() that always copies
- * the block.
- */
-static inline krb5_boolean
-krb5int_c_iov_put_block(const krb5_crypto_iov *data,
-                        size_t num_data,
-                        unsigned char *block,
-                        size_t block_size,
-                        struct iov_block_state *iov_state)
-{
-    return krb5int_c_iov_put_block_nocopy(data, num_data, block, block_size,
-                                          iov_state, block);
-}
index ce2912884ef38586ee21c0bb0f63fb4fa1414056..6f217d6f66e8dc5f0483cc1b3780ae5bb9c5c3f7 100644 (file)
@@ -1,7 +1,6 @@
 mydir=lib$(S)crypto$(S)krb$(S)arcfour
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) \
-       -I$(srcdir)/../../$(CRYPTO_IMPL)/hash_provider
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL)
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index 4793cc38dd12b396448b05df1bac99cb582e1247..265e3c1d038ce7c298876cdc8fb0e553947bddd4 100644 (file)
@@ -7,10 +7,7 @@
   of RSA Data Security)
 
 */
-#include "k5-int.h"
-#include "arcfour.h"
-#include "aead.h"
-#include "hash_provider/hash_provider.h"
+#include "crypto_int.h"
 
 #define CONFOUNDERLENGTH 8
 
diff --git a/src/lib/crypto/krb/arcfour/arcfour.h b/src/lib/crypto/krb/arcfour/arcfour.h
deleted file mode 100644 (file)
index 34cbcc0..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#ifndef ARCFOUR_H
-#define ARCFOUR_H
-
-#include "etypes.h"
-
-krb5_keyusage
-krb5int_arcfour_translate_usage(krb5_keyusage usage);
-
-unsigned int
-krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp,
-                              krb5_cryptotype type);
-
-krb5_error_code
-krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                        krb5_keyusage usage, const krb5_data *ivec,
-                        krb5_crypto_iov *data, size_t num_data);
-
-krb5_error_code
-krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                        krb5_keyusage usage, const krb5_data *ivec,
-                        krb5_crypto_iov *data, size_t num_data);
-
-extern krb5_error_code
-krb5int_arcfour_string_to_key(
-    const struct krb5_keytypes *,
-    const krb5_data *,
-    const krb5_data *,
-    const krb5_data *,
-    krb5_keyblock *);
-
-extern const struct krb5_enc_provider krb5int_enc_arcfour;
-
-#endif /* ARCFOUR_H */
index 5dc75332b2463c2021b84d65700ea1f481d08d4f..49ad89d323b0f6629f23bad571934fdc2109df67 100644 (file)
@@ -1,8 +1,6 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "k5-utf8.h"
-#include "hash_provider.h"
-#include "arcfour.h"
 
 krb5_error_code
 krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
index 2bfa78931c27e06527363ea652dd12c4ebf6ef97..b430d941faef5ecd9a7d6f2a165f97467c346b4b 100644 (file)
@@ -3,21 +3,23 @@
 #
 arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  arcfour.c arcfour.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h arcfour.c
 arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -25,4 +27,4 @@ arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \
   $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h arcfour.h arcfour_s2k.c
+  $(top_srcdir)/include/socket-utils.h arcfour_s2k.c
index 7d65a5ae36f930a1458e11b3c3ab3fc93b191851..d50c94469b35ceda3d97d933ece6ba13d6b8f212 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_block_size(krb5_context context, krb5_enctype enctype,
index 6e7ecdc3d14924a1e35dec665bb49634fde6fc3b..0299161449117a01781d30f3462cb8ac5fa9654a 100644 (file)
  *pepper strings as input and return a combined key.
  */
 
-#include <k5-int.h>
-#include <assert.h>
-#include "etypes.h"
-
+#include "crypto_int.h"
 
 /*
  * Call the PRF function multiple times with the pepper prefixed with
index 2d4148168fe397b1e34c252a900eeb69b22fb15c..9948f3eba1022945fbf40632f91882b3f22d39e1 100644 (file)
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)krb$(S)checksum
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../arcfour
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL)
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index 6beadf894775e6fe7111bbe39c1403ce72bbadfb..3a8c0bc626fe6dcacc1b9961a01a0adb65f2d6ab 100644 (file)
@@ -28,8 +28,7 @@
  * input.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp,
index ec4d65ff66e9dda3b136f2046a7931d84b039c90..3e9dfb14be648b8dfdaa2780cafa8466a591491b 100644 (file)
  * WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "aead.h"
-#include "etypes.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 #ifdef CAMELLIA
 
index d74ad380fe46eae0c44e0ed6762c85bf2688c966..7006043b8d4d8bad724fd69efb9ff46af8c9e35b 100644 (file)
@@ -29,8 +29,7 @@
  * where xorkey is the key XOR'd with 0xf0 bytes.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 /* Derive a key by XOR with 0xF0 bytes. */
 static krb5_error_code
index 99cea9c8a64c68cd5a61f01c17cf732653eeb2a7..c755d258dc3bd69d70652daaa46c6045c806d8c4 100644 (file)
@@ -3,32 +3,22 @@
 #
 cbc.so cbc.po $(OUTPRE)cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cbc.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h cbc.c
 cmac.so cmac.po $(OUTPRE)cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \
-  $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cmac.c
-confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -36,12 +26,13 @@ confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h confounder.c
-hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \
+  $(top_srcdir)/include/socket-utils.h cmac.c
+confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../arcfour/arcfour.h $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -49,11 +40,13 @@ hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  hmac_md5.c
-unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  confounder.c
+hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -61,4 +54,17 @@ unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  unkeyed.c
+  hmac_md5.c
+unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h unkeyed.c
index 521ecaeddd860a4255709b9770b95609183d5005..4d0010a72f53351c6b527a214f2220e7d5981d6b 100644 (file)
@@ -30,9 +30,7 @@
  * MD5-HMAC.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
-#include "arcfour.h"
+#include "crypto_int.h"
 
 krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp,
                                          krb5_key key, krb5_keyusage usage,
index fddd676d582ae1181833f2f386166f3f3a6f66d0..cdbc492fa765b323779574762034d05cfba3c2b5 100644 (file)
@@ -27,8 +27,7 @@
  * Unkeyed hash checksum implementation.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp,
index 2e869cb8060bc40551c3aaf1e7c347c521b4572a..d4071e1046c75ed1104e2b331af429c373dc37b7 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype,
index 1c084e6a298b3fade6b8abedf99aff05a67de6f6..758940a1802774bb551f937798f7aee63293e280 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen)
index a8b1c872903ba4e6d1db33a61153d16c9759c50e..fd95057c45e19abb68b6d70ac1b6557cdb9c4ff6 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "hash_provider.h"
-#include "dk.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 const struct krb5_cksumtypes krb5int_cksumtypes_list[] = {
     { CKSUMTYPE_CRC32,
diff --git a/src/lib/crypto/krb/cksumtypes.h b/src/lib/crypto/krb/cksumtypes.h
deleted file mode 100644 (file)
index c5eb493..0000000
+++ /dev/null
@@ -1,147 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#ifndef CKSUMTYPES_H
-#define CKSUMTYPES_H
-#include "k5-int.h"
-#include "etypes.h"
-
-struct krb5_cksumtypes;
-
-/*
- * Compute a checksum over the header, data, padding, and sign-only fields of
- * the iov array data (of size num_data).  The output buffer will already be
- * allocated with ctp->compute_size bytes available; the handler just needs to
- * fill in the contents.  If ctp->enc is not NULL, the handler can assume that
- * key is a valid-length key of an enctype which uses that enc provider.
- */
-typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp,
-                                         krb5_key key, krb5_keyusage usage,
-                                         const krb5_crypto_iov *data,
-                                         size_t num_data,
-                                         krb5_data *output);
-
-/*
- * Verify a checksum over the header, data, padding, and sign-only fields of
- * the iov array data (of size num_data), and store the boolean result in
- * *valid.  The handler can assume that hash has length ctp->output_size.  If
- * ctp->enc is not NULL, the handler can assume that key a valid-length key of
- * an enctype which uses that enc provider.
- */
-typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp,
-                                       krb5_key key, krb5_keyusage usage,
-                                       const krb5_crypto_iov *data,
-                                       size_t num_data,
-                                       const krb5_data *input,
-                                       krb5_boolean *valid);
-
-struct krb5_cksumtypes {
-    krb5_cksumtype ctype;
-    char *name;
-    char *aliases[2];
-    char *out_string;
-    const struct krb5_enc_provider *enc;
-    const struct krb5_hash_provider *hash;
-    checksum_func checksum;
-    verify_func verify;         /* NULL means recompute checksum and compare */
-    unsigned int compute_size;  /* Allocation size for checksum computation */
-    unsigned int output_size;   /* Possibly truncated output size */
-    krb5_flags flags;
-};
-
-#define CKSUM_UNKEYED          0x0001
-#define CKSUM_NOT_COLL_PROOF   0x0002
-
-extern const struct krb5_cksumtypes krb5int_cksumtypes_list[];
-extern const size_t krb5int_cksumtypes_length;
-
-krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp,
-                                         krb5_key key, krb5_keyusage usage,
-                                         const krb5_crypto_iov *data,
-                                         size_t num_data,
-                                         krb5_data *output);
-
-krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp,
-                                     krb5_key key, krb5_keyusage usage,
-                                     const krb5_crypto_iov *data,
-                                     size_t num_data,
-                                     krb5_data *output);
-
-krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp,
-                                         krb5_key key, krb5_keyusage usage,
-                                         const krb5_crypto_iov *data,
-                                         size_t num_data,
-                                         krb5_data *output);
-
-krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc,
-                                      krb5_key key,
-                                      const krb5_crypto_iov *data,
-                                      size_t num_data,
-                                      krb5_data *output);
-
-krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp,
-                                            krb5_key key, krb5_keyusage usage,
-                                            const krb5_crypto_iov *data,
-                                            size_t num_data,
-                                            krb5_data *output);
-
-krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp,
-                                          krb5_key key, krb5_keyusage usage,
-                                          const krb5_crypto_iov *data,
-                                          size_t num_data,
-                                          const krb5_data *input,
-                                          krb5_boolean *valid);
-
-static inline const struct krb5_cksumtypes *
-find_cksumtype(krb5_cksumtype ctype)
-{
-    size_t i;
-
-    for (i = 0; i < krb5int_cksumtypes_length; i++) {
-        if (krb5int_cksumtypes_list[i].ctype == ctype)
-            break;
-    }
-
-    if (i == krb5int_cksumtypes_length)
-        return NULL;
-    return &krb5int_cksumtypes_list[i];
-}
-
-static inline krb5_error_code
-verify_key(const struct krb5_cksumtypes *ctp, krb5_key key)
-{
-    const struct krb5_keytypes *ktp;
-
-    ktp = key ? find_enctype(key->keyblock.enctype) : NULL;
-    if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc))
-        return KRB5_BAD_ENCTYPE;
-    if (key && (!ktp || key->keyblock.length != ktp->enc->keylength))
-        return KRB5_BAD_KEYSIZE;
-    return 0;
-}
-
-#endif
index bc13ba48913dd3cde0c2ec24c8d9ae6a2c1087c0..13cb182aee83719920bf0288d14113848b8d9566 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_boolean KRB5_CALLCONV
 krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype)
index 979281d4a21e2aba45bd8eb411ad20d17d65abf5..d70e16f2a8a110252b423c9623f46194261270b7 100644 (file)
@@ -43,9 +43,7 @@
  * ASCII encoding of the string "combine"
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "dk.h"
+#include "crypto_int.h"
 
 static krb5_error_code dr(const struct krb5_enc_provider *enc,
                           const krb5_keyblock *inkey, unsigned char *outdata,
index 5360339e731e6097af312abbfee74b3671f14f1b..2f117bf61c9bf7530253bbb499cf94258f48df1f 100644 (file)
@@ -1,6 +1,7 @@
 mydir=lib$(S)crypto$(S)krb$(S)crc32
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 DEFS=
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL)
 
 ##DOS##BUILDTOP = ..\..\..\..
 ##DOS##PREFIXDIR = krb\crc32
diff --git a/src/lib/crypto/krb/crc32/crc-32.h b/src/lib/crypto/krb/crc32/crc-32.h
deleted file mode 100644 (file)
index 08fce6d..0000000
+++ /dev/null
@@ -1,67 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * include/krb5/crc-32.h
- *
- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Definitions for the CRC-32 checksum
- */
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-
-#ifndef KRB5_CRC32__
-#define KRB5_CRC32__
-
-#define CRC32_CKSUM_LENGTH      4
-
-/* c is in-out to allow chaining; initialize to 0. */
-void
-mit_crc32 (krb5_pointer in, size_t in_length, unsigned long *c);
-
-#endif /* KRB5_CRC32__ */
index 659e61199ce406ce2936f5a012705d274434e09f..39e3e3487812a893e7a78c7a49087c7b96aaf8af 100644 (file)
@@ -28,8 +28,7 @@
  * CRC-32/AUTODIN-II routines
  */
 
-#include "k5-int.h"
-#include "crc-32.h"
+#include "crypto_int.h"
 
 /* This table and block of comments are taken from code labeled: */
 /*
index d77b5cf36e3328ab0115079db0e67e63f009e2aa..320556649e161556a1cccc0473ddf2380a964677 100644 (file)
@@ -3,12 +3,14 @@
 #
 crc32.so crc32.po $(OUTPRE)crc32.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  crc-32.h crc32.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crc32.c
diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
new file mode 100644 (file)
index 0000000..6d05095
--- /dev/null
@@ -0,0 +1,832 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/krb/crypto_int.h - Master libk5crypto internal header */
+/*
+ * Copyright (C) 2011 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/* This header is the entry point for libk5crypto sources, and also documents
+ * requirements for crypto modules and PRNG modules.  */
+
+#ifndef CRYPTO_INT_H
+#define CRYPTO_INT_H
+
+#include <k5-int.h>
+
+/* Enc providers and hash providers specify well-known ciphers and hashes to be
+ * implemented by the crypto module. */
+
+struct krb5_enc_provider {
+    /* keybytes is the input size to make_key;
+       keylength is the output size */
+    size_t block_size, keybytes, keylength;
+
+    krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state,
+                               krb5_crypto_iov *data, size_t num_data);
+
+    krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state,
+                               krb5_crypto_iov *data, size_t num_data);
+
+    /* May be NULL if the cipher is not used for a cbc-mac checksum. */
+    krb5_error_code (*cbc_mac)(krb5_key key, const krb5_crypto_iov *data,
+                               size_t num_data, const krb5_data *ivec,
+                               krb5_data *output);
+
+    krb5_error_code (*init_state)(const krb5_keyblock *key,
+                                  krb5_keyusage keyusage,
+                                  krb5_data *out_state);
+    krb5_error_code (*free_state)(krb5_data *state);
+
+    /* May be NULL if there is no key-derived data cached.  */
+    void (*key_cleanup)(krb5_key key);
+};
+
+struct krb5_hash_provider {
+    char hash_name[8];
+    size_t hashsize, blocksize;
+
+    krb5_error_code (*hash)(const krb5_crypto_iov *data, size_t num_data,
+                            krb5_data *output);
+};
+
+/*** RFC 3961 enctypes table ***/
+
+#define MAX_ETYPE_ALIASES 2
+
+struct krb5_keytypes;
+
+typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp,
+                                           krb5_cryptotype type);
+
+typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp,
+                                      krb5_key key, krb5_keyusage keyusage,
+                                      const krb5_data *ivec,
+                                      krb5_crypto_iov *data, size_t num_data);
+
+typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp,
+                                        const krb5_data *string,
+                                        const krb5_data *salt,
+                                        const krb5_data *parm,
+                                        krb5_keyblock *key);
+
+typedef krb5_error_code (*rand2key_func)(const krb5_data *randombits,
+                                         krb5_keyblock *key);
+
+typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp,
+                                    krb5_key key,
+                                    const krb5_data *in, krb5_data *out);
+
+typedef krb5_error_code (*init_state_func)(const struct krb5_keytypes *ktp,
+                                           const krb5_keyblock *key,
+                                           krb5_keyusage keyusage,
+                                           krb5_data *out_state);
+
+typedef void (*free_state_func)(const struct krb5_keytypes *ktp,
+                                krb5_data *state);
+
+struct krb5_keytypes {
+    krb5_enctype etype;
+    char *name;
+    char *aliases[MAX_ETYPE_ALIASES];
+    char *out_string;
+    const struct krb5_enc_provider *enc;
+    const struct krb5_hash_provider *hash;
+    size_t prf_length;
+    crypto_length_func crypto_length;
+    crypt_func encrypt;
+    crypt_func decrypt;
+    str2key_func str2key;
+    rand2key_func rand2key;
+    prf_func prf;
+    init_state_func init_state;
+    free_state_func free_state;
+    krb5_cksumtype required_ctype;
+    krb5_flags flags;
+};
+
+#define ETYPE_WEAK 1
+
+extern const struct krb5_keytypes krb5int_enctypes_list[];
+extern const int krb5int_enctypes_length;
+
+/*** RFC 3961 checksum types table ***/
+
+struct krb5_cksumtypes;
+
+/*
+ * Compute a checksum over the header, data, padding, and sign-only fields of
+ * the iov array data (of size num_data).  The output buffer will already be
+ * allocated with ctp->compute_size bytes available; the handler just needs to
+ * fill in the contents.  If ctp->enc is not NULL, the handler can assume that
+ * key is a valid-length key of an enctype which uses that enc provider.
+ */
+typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp,
+                                         krb5_key key, krb5_keyusage usage,
+                                         const krb5_crypto_iov *data,
+                                         size_t num_data,
+                                         krb5_data *output);
+
+/*
+ * Verify a checksum over the header, data, padding, and sign-only fields of
+ * the iov array data (of size num_data), and store the boolean result in
+ * *valid.  The handler can assume that hash has length ctp->output_size.  If
+ * ctp->enc is not NULL, the handler can assume that key a valid-length key of
+ * an enctype which uses that enc provider.
+ */
+typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp,
+                                       krb5_key key, krb5_keyusage usage,
+                                       const krb5_crypto_iov *data,
+                                       size_t num_data,
+                                       const krb5_data *input,
+                                       krb5_boolean *valid);
+
+struct krb5_cksumtypes {
+    krb5_cksumtype ctype;
+    char *name;
+    char *aliases[2];
+    char *out_string;
+    const struct krb5_enc_provider *enc;
+    const struct krb5_hash_provider *hash;
+    checksum_func checksum;
+    verify_func verify;         /* NULL means recompute checksum and compare */
+    unsigned int compute_size;  /* Allocation size for checksum computation */
+    unsigned int output_size;   /* Possibly truncated output size */
+    krb5_flags flags;
+};
+
+#define CKSUM_UNKEYED          0x0001
+#define CKSUM_NOT_COLL_PROOF   0x0002
+
+extern const struct krb5_cksumtypes krb5int_cksumtypes_list[];
+extern const size_t krb5int_cksumtypes_length;
+
+/*** Prototypes for enctype table functions ***/
+
+/* Length */
+unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp,
+                                      krb5_cryptotype type);
+unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp,
+                                      krb5_cryptotype type);
+unsigned int krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp,
+                                          krb5_cryptotype type);
+unsigned int krb5int_dk_crypto_length(const struct krb5_keytypes *ktp,
+                                     krb5_cryptotype type);
+unsigned int krb5int_aes_crypto_length(const struct krb5_keytypes *ktp,
+                                      krb5_cryptotype type);
+unsigned int krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp,
+                                           krb5_cryptotype type);
+
+/* Encrypt */
+krb5_error_code krb5int_old_encrypt(const struct krb5_keytypes *ktp,
+                                   krb5_key key, krb5_keyusage usage,
+                                   const krb5_data *ivec,
+                                   krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_raw_encrypt(const struct krb5_keytypes *ktp,
+                                   krb5_key key, krb5_keyusage usage,
+                                   const krb5_data *ivec,
+                                   krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp,
+                                       krb5_key key, krb5_keyusage usage,
+                                       const krb5_data *ivec,
+                                       krb5_crypto_iov *data,
+                                       size_t num_data);
+krb5_error_code krb5int_dk_encrypt(const struct krb5_keytypes *ktp,
+                                  krb5_key key, krb5_keyusage usage,
+                                  const krb5_data *ivec,
+                                  krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp,
+                                       krb5_key key, krb5_keyusage usage,
+                                       const krb5_data *ivec,
+                                       krb5_crypto_iov *data,
+                                       size_t num_data);
+
+/* Decrypt */
+krb5_error_code krb5int_old_decrypt(const struct krb5_keytypes *ktp,
+                                   krb5_key key, krb5_keyusage usage,
+                                   const krb5_data *ivec,
+                                   krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_raw_decrypt(const struct krb5_keytypes *ktp,
+                                   krb5_key key, krb5_keyusage usage,
+                                   const krb5_data *ivec,
+                                   krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp,
+                                       krb5_key key, krb5_keyusage usage,
+                                       const krb5_data *ivec,
+                                       krb5_crypto_iov *data,
+                                       size_t num_data);
+krb5_error_code krb5int_dk_decrypt(const struct krb5_keytypes *ktp,
+                                  krb5_key key, krb5_keyusage usage,
+                                  const krb5_data *ivec,
+                                  krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp,
+                                       krb5_key key, krb5_keyusage usage,
+                                       const krb5_data *ivec,
+                                       krb5_crypto_iov *data,
+                                       size_t num_data);
+
+/* String to key */
+krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp,
+                                          const krb5_data *string,
+                                          const krb5_data *salt,
+                                          const krb5_data *params,
+                                          krb5_keyblock *key);
+krb5_error_code krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
+                                             const krb5_data *string,
+                                             const krb5_data *salt,
+                                             const krb5_data *params,
+                                             krb5_keyblock *key);
+krb5_error_code krb5int_dk_string_to_key(const struct krb5_keytypes *enc,
+                                        const krb5_data *string,
+                                        const krb5_data *salt,
+                                        const krb5_data *params,
+                                        krb5_keyblock *key);
+krb5_error_code krb5int_aes_string_to_key(const struct krb5_keytypes *enc,
+                                         const krb5_data *string,
+                                         const krb5_data *salt,
+                                         const krb5_data *params,
+                                         krb5_keyblock *key);
+krb5_error_code krb5int_camellia_string_to_key(const struct krb5_keytypes *enc,
+                                              const krb5_data *string,
+                                              const krb5_data *salt,
+                                              const krb5_data *params,
+                                              krb5_keyblock *key);
+
+/* Random to key */
+krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
+                                  krb5_keyblock *keyblock);
+krb5_error_code k5_rand2key_des(const krb5_data *randombits,
+                               krb5_keyblock *keyblock);
+krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
+                                krb5_keyblock *keyblock);
+
+/* Pseudo-random function */
+krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
+                               krb5_key key, const krb5_data *in,
+                               krb5_data *out);
+krb5_error_code krb5int_arcfour_prf(const struct krb5_keytypes *ktp,
+                                   krb5_key key, const krb5_data *in,
+                                   krb5_data *out);
+krb5_error_code krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key,
+                              const krb5_data *in, krb5_data *out);
+krb5_error_code krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp,
+                                   krb5_key key, const krb5_data *in,
+                                   krb5_data *out);
+
+/* State initialization/cleanup handlers */
+krb5_error_code krb5int_init_state_enc(const struct krb5_keytypes *ktp,
+                                      const krb5_keyblock *key,
+                                      krb5_keyusage keyusage,
+                                      krb5_data *out_state);
+void krb5int_free_state_enc(const struct krb5_keytypes *ktp,
+                           krb5_data *state);
+
+/*** Prototypes for cksumtype handler functions ***/
+
+krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp,
+                                         krb5_key key, krb5_keyusage usage,
+                                         const krb5_crypto_iov *data,
+                                         size_t num_data,
+                                         krb5_data *output);
+krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp,
+                                     krb5_key key, krb5_keyusage usage,
+                                     const krb5_crypto_iov *data,
+                                     size_t num_data,
+                                     krb5_data *output);
+krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp,
+                                         krb5_key key, krb5_keyusage usage,
+                                         const krb5_crypto_iov *data,
+                                         size_t num_data,
+                                         krb5_data *output);
+krb5_error_code krb5int_dk_checksum(const struct krb5_cksumtypes *ctp,
+                                   krb5_key key, krb5_keyusage usage,
+                                   const krb5_crypto_iov *data,
+                                   size_t num_data, krb5_data *output);
+krb5_error_code krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp,
+                                        krb5_key key, krb5_keyusage usage,
+                                        const krb5_crypto_iov *data,
+                                        size_t num_data, krb5_data *output);
+krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp,
+                                            krb5_key key, krb5_keyusage usage,
+                                            const krb5_crypto_iov *data,
+                                            size_t num_data,
+                                            krb5_data *output);
+krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp,
+                                          krb5_key key, krb5_keyusage usage,
+                                          const krb5_crypto_iov *data,
+                                          size_t num_data,
+                                          const krb5_data *input,
+                                          krb5_boolean *valid);
+
+/*** Key derivation functions ***/
+
+enum deriv_alg {
+    DERIVE_RFC3961,             /* RFC 3961 section 5.1 */
+#ifdef CAMELLIA
+    DERIVE_SP800_108_CMAC       /* NIST SP 800-108 with CMAC as PRF */
+#endif
+};
+
+krb5_error_code krb5int_derive_keyblock(const struct krb5_enc_provider *enc,
+                                       krb5_key inkey, krb5_keyblock *outkey,
+                                       const krb5_data *in_constant,
+                                       enum deriv_alg alg);
+krb5_error_code krb5int_derive_key(const struct krb5_enc_provider *enc,
+                                  krb5_key inkey, krb5_key *outkey,
+                                  const krb5_data *in_constant,
+                                  enum deriv_alg alg);
+krb5_error_code krb5int_derive_random(const struct krb5_enc_provider *enc,
+                                     krb5_key inkey, krb5_data *outrnd,
+                                     const krb5_data *in_constant,
+                                     enum deriv_alg alg);
+
+/*** Miscellaneous prototypes ***/
+
+/* nfold algorithm from RFC 3961 */
+void krb5int_nfold(unsigned int inbits, const unsigned char *in,
+                   unsigned int outbits, unsigned char *out);
+
+/* Compute a CMAC checksum over data. */
+krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc,
+                                      krb5_key key,
+                                      const krb5_crypto_iov *data,
+                                      size_t num_data,
+                                      krb5_data *output);
+
+/* Compute a CRC-32 checksum.  c is in-out to allow chaining; init to 0. */
+#define CRC32_CKSUM_LENGTH 4
+void mit_crc32(krb5_pointer in, size_t in_length, unsigned long *c);
+
+/* Translate an RFC 3961 key usage to a Microsoft RC4 usage. */
+krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage);
+
+/* Ensure library initialization has occurred. */
+int krb5int_crypto_init(void);
+
+/* DES default state initialization handler (used by module enc providers). */
+krb5_error_code krb5int_des_init_state(const krb5_keyblock *key,
+                                       krb5_keyusage keyusage,
+                                       krb5_data *new_state);
+
+/* Default state cleanup handler (used by module enc providers). */
+krb5_error_code krb5int_default_free_state(krb5_data *state);
+
+/*** Input/output vector processing declarations **/
+
+#define ENCRYPT_CONF_IOV(_iov)  ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER)
+
+#define ENCRYPT_DATA_IOV(_iov)  ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \
+                                 (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING)
+
+#define ENCRYPT_IOV(_iov)       (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov))
+
+#define SIGN_IOV(_iov)          (ENCRYPT_IOV(_iov) ||                   \
+                                 (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY )
+
+struct iov_block_state {
+    size_t iov_pos;                     /* index into iov array */
+    size_t data_pos;                    /* index into iov contents */
+    unsigned int ignore_header : 1;     /* have/should we process HEADER */
+    unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */
+    unsigned int pad_to_boundary : 1;   /* should we zero fill blocks until next buffer */
+};
+
+#define IOV_BLOCK_STATE_INIT(_state)    ((_state)->iov_pos =            \
+                                         (_state)->data_pos =           \
+                                         (_state)->ignore_header =      \
+                                         (_state)->include_sign_only =  \
+                                         (_state)->pad_to_boundary = 0)
+
+krb5_crypto_iov *krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data,
+                                     krb5_cryptotype type);
+
+krb5_error_code krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp,
+                                            krb5_key key,
+                                            krb5_keyusage keyusage,
+                                            const krb5_data *ivec,
+                                            krb5_crypto_iov *data,
+                                            size_t num_data);
+
+unsigned int krb5int_c_padding_length(const struct krb5_keytypes *ktp,
+                                     size_t data_length);
+
+/*** Crypto module declarations ***/
+
+/* Modules must implement the following enc_providers and hash_providers: */
+extern const struct krb5_enc_provider krb5int_enc_des;
+extern const struct krb5_enc_provider krb5int_enc_des3;
+extern const struct krb5_enc_provider krb5int_enc_arcfour;
+extern const struct krb5_enc_provider krb5int_enc_aes128;
+extern const struct krb5_enc_provider krb5int_enc_aes256;
+extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
+extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
+#ifdef CAMELLIA
+extern const struct krb5_enc_provider krb5int_enc_camellia128;
+extern const struct krb5_enc_provider krb5int_enc_camellia256;
+#endif
+
+extern const struct krb5_hash_provider krb5int_hash_crc32;
+extern const struct krb5_hash_provider krb5int_hash_md4;
+extern const struct krb5_hash_provider krb5int_hash_md5;
+extern const struct krb5_hash_provider krb5int_hash_sha1;
+
+/* Modules must implement the following functions. */
+
+/* Set the parity bits in a DES key. */
+void mit_des_fixup_key_parity(unsigned char *key);
+
+/* Convert a password to a DES key (see RFC 3961). */
+krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
+                                      const krb5_data *password,
+                                      const krb5_data *salt);
+krb5_error_code mit_des_string_to_key_int(krb5_keyblock *key,
+                                          const krb5_data *password,
+                                          const krb5_data *salt);
+
+/* Compute an HMAC using the provided hash function, key, and data, storing the
+ * result into output (caller-allocated). */
+krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
+                             krb5_key key, const krb5_crypto_iov *data,
+                             size_t num_data, krb5_data *output);
+
+/* As above, using a keyblock as the key input. */
+krb5_error_code krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
+                                      const krb5_keyblock *keyblock,
+                                      const krb5_crypto_iov *data,
+                                      size_t num_data, krb5_data *output);
+
+/*
+ * Compute the PBKDF2 (see RFC 2898) of password and salt, with the specified
+ * count, using HMAC-SHA-1 as the pseudorandom function, storing the result
+ * into out (caller-allocated).
+ */
+krb5_error_code krb5int_pbkdf2_hmac_sha1(const krb5_data *out,
+                                         unsigned long count,
+                                         const krb5_data *password,
+                                         const krb5_data *salt);
+
+/* The following are used by test programs and are just handler functions from
+ * the AES and Camellia enc providers.  Define a stub krb5int_camellia_cbc_mac
+ * even if CAMELLIA isn't defined, since it's in the export list. */
+krb5_error_code krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
+                                    krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec,
+                                    krb5_crypto_iov *data, size_t num_data);
+krb5_error_code krb5int_camellia_cbc_mac(krb5_key key,
+                                         const krb5_crypto_iov *data,
+                                         size_t num_data, const krb5_data *iv,
+                                         krb5_data *output);
+
+/* These can be used to safely set up and tear down module global state. */
+int krb5int_crypto_impl_init(void);
+void krb5int_crypto_impl_cleanup(void);
+
+/*
+ * Modules must provide a crypto_mod.h header at the top level.  To work with
+ * the default PRNG module (prng_fortuna.c), crypto_mod.h must #define or
+ * prototype the following symbols:
+ *
+ *   aes_ctx - Stack-allocatable type for an AES-128 or AES-256 key schedule
+ *   krb5int_aes_enc_key(key, keybits, ctxptr) -- initialize a key schedule
+ *   krb5int_aes_enc_blk(in, out, ctxptr) -- encrypt a block
+ *   SHA256_CTX - Stack-allocatable type for a SHA-256 hash state
+ *   k5_sha256_init(ctxptr) - Initialize a hash state
+ *   k5_sha256_update(ctxptr, data, size) -- Hash some data
+ *   k5_sha256_final(ctxptr, out) -- Finalize a state, writing hash into out
+ *
+ * These functions must never fail on valid inputs, and contexts must remain
+ * valid across forks.  If the module cannot meet those constraints, then it
+ * should provide its own PRNG module and the build system should ensure that
+ * it is used; for an example, see how nss uses prng_nss.
+ *
+ * The function symbols named above are also in the library export list (so
+ * they can be used by the t_fortuna.c test code), so even if the module
+ * defines them away or doesn't work with Fortuna, the module must provide
+ * stubs; see stubs.c in the openssl or nss modules for examples.
+ */
+
+#include <crypto_mod.h>
+
+/*** PRNG module declarations ***/
+
+/*
+ * PRNG modules must implement the following APIs from krb5.h:
+ *   krb5_c_random_add_entropy
+ *   krb5_c_random_make_octets
+ *
+ * PRNG modules should implement these functions.  They are called from the
+ * crypto library init and cleanup functions, and can be used to setup and tear
+ * down static state without thread safety concerns.
+ */
+int k5_prng_init(void);
+void k5_prng_cleanup(void);
+
+/* Used by PRNG modules to gather OS entropy.  Returns true on success. */
+krb5_boolean k5_get_os_entropy(unsigned char *buf, size_t len);
+
+/*** Inline helper functions ***/
+
+/* Find an enctype by number in the enctypes table. */
+static inline const struct krb5_keytypes *
+find_enctype(krb5_enctype enctype)
+{
+    int i;
+
+    for (i = 0; i < krb5int_enctypes_length; i++) {
+        if (krb5int_enctypes_list[i].etype == enctype)
+            break;
+    }
+
+    if (i == krb5int_enctypes_length)
+        return NULL;
+    return &krb5int_enctypes_list[i];
+}
+
+/* Find a checksum type by number in the cksumtypes table. */
+static inline const struct krb5_cksumtypes *
+find_cksumtype(krb5_cksumtype ctype)
+{
+    size_t i;
+
+    for (i = 0; i < krb5int_cksumtypes_length; i++) {
+        if (krb5int_cksumtypes_list[i].ctype == ctype)
+            break;
+    }
+
+    if (i == krb5int_cksumtypes_length)
+        return NULL;
+    return &krb5int_cksumtypes_list[i];
+}
+
+/* Verify that a key is appropriate for a checksum type. */
+static inline krb5_error_code
+verify_key(const struct krb5_cksumtypes *ctp, krb5_key key)
+{
+    const struct krb5_keytypes *ktp;
+
+    ktp = key ? find_enctype(key->keyblock.enctype) : NULL;
+    if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc))
+        return KRB5_BAD_ENCTYPE;
+    if (key && (!ktp || key->keyblock.length != ktp->enc->keylength))
+        return KRB5_BAD_KEYSIZE;
+    return 0;
+}
+
+/* Encrypt one block of plaintext in place, for block ciphers. */
+static inline krb5_error_code
+encrypt_block(const struct krb5_enc_provider *enc, krb5_key key,
+              krb5_data *block)
+{
+    krb5_crypto_iov iov;
+
+    /* Verify that this is a block cipher and block is the right length. */
+    if (block->length != enc->block_size || enc->block_size == 1)
+        return EINVAL;
+    iov.flags = KRB5_CRYPTO_TYPE_DATA;
+    iov.data = *block;
+    if (enc->cbc_mac != NULL)   /* One-block cbc-mac with no ivec. */
+        return enc->cbc_mac(key, &iov, 1, NULL, block);
+    else                        /* Assume cbc-mode encrypt. */
+        return enc->encrypt(key, 0, &iov, 1);
+}
+
+/* Decide whether to process an IOV block. */
+static inline int
+process_block_p(const krb5_crypto_iov *data, size_t num_data,
+                struct iov_block_state *iov_state, size_t i)
+{
+    const krb5_crypto_iov *iov = &data[i];
+    int process_block;
+
+    switch (iov->flags) {
+    case KRB5_CRYPTO_TYPE_SIGN_ONLY:
+        process_block = iov_state->include_sign_only;
+        break;
+    case KRB5_CRYPTO_TYPE_PADDING:
+        process_block = (iov_state->pad_to_boundary == 0);
+        break;
+    case KRB5_CRYPTO_TYPE_HEADER:
+        process_block = (iov_state->ignore_header == 0);
+        break;
+    case KRB5_CRYPTO_TYPE_DATA:
+        process_block = 1;
+        break;
+    default:
+        process_block = 0;
+        break;
+    }
+
+    return process_block;
+}
+
+/*
+ * Returns TRUE if, having reached the end of the current buffer,
+ * we should pad the rest of the block with zeros.
+ */
+static inline int
+pad_to_boundary_p(const krb5_crypto_iov *data,
+                  size_t num_data,
+                  struct iov_block_state *iov_state,
+                  size_t i,
+                  size_t j)
+{
+    /* If the pad_to_boundary flag is unset, return FALSE */
+    if (iov_state->pad_to_boundary == 0)
+        return 0;
+
+    /* If we haven't got any data, we need to get some */
+    if (j == 0)
+        return 0;
+
+    /* No boundary between adjacent buffers marked for processing */
+    if (data[iov_state->iov_pos].flags == data[i].flags)
+        return 0;
+
+    return 1;
+}
+
+/*
+ * Retrieve a block from the IOV. If p is non-NULL and the next block is
+ * completely contained within the current buffer, then *p will contain an
+ * alias into the buffer; otherwise, a copy will be made into storage.
+ *
+ * After calling this function, encrypt the returned block and then call
+ * krb5int_c_iov_put_block_nocopy() (with a separate output cursor). If
+ * p was non-NULL on the call to get_block(), then pass that pointer in.
+ */
+static inline krb5_boolean
+krb5int_c_iov_get_block_nocopy(unsigned char *storage,
+                               size_t block_size,
+                               const krb5_crypto_iov *data,
+                               size_t num_data,
+                               struct iov_block_state *iov_state,
+                               unsigned char **p)
+{
+    size_t i, j = 0;
+
+    if (p != NULL)
+        *p = storage;
+
+    for (i = iov_state->iov_pos; i < num_data; i++) {
+        const krb5_crypto_iov *iov = &data[i];
+        size_t nbytes;
+
+        if (!process_block_p(data, num_data, iov_state, i))
+            continue;
+
+        if (pad_to_boundary_p(data, num_data, iov_state, i, j))
+            break;
+
+        iov_state->iov_pos = i;
+
+        nbytes = iov->data.length - iov_state->data_pos;
+        if (nbytes > block_size - j)
+            nbytes = block_size - j;
+
+        /*
+         * If we can return a pointer into a complete block, then do so.
+         */
+        if (p != NULL && j == 0 && nbytes == block_size) {
+            *p = (unsigned char *)iov->data.data + iov_state->data_pos;
+        } else {
+            memcpy(storage + j, iov->data.data + iov_state->data_pos, nbytes);
+        }
+
+        iov_state->data_pos += nbytes;
+        j += nbytes;
+
+        assert(j <= block_size);
+
+        if (j == block_size)
+            break;
+
+        assert(iov_state->data_pos == iov->data.length);
+
+        iov_state->data_pos = 0;
+    }
+
+    iov_state->iov_pos = i;
+
+    if (j == 0)
+        return FALSE;
+    else if (j != block_size)
+        memset(storage + j, 0, block_size - j);
+
+    return TRUE;
+}
+
+/*
+ * Store a block retrieved with krb5int_c_iov_get_block_no_copy if
+ * necessary, and advance the output cursor.
+ */
+static inline krb5_boolean
+krb5int_c_iov_put_block_nocopy(const krb5_crypto_iov *data,
+                               size_t num_data,
+                               unsigned char *storage,
+                               size_t block_size,
+                               struct iov_block_state *iov_state,
+                               unsigned char *p)
+{
+    size_t i, j = 0;
+
+    assert(p != NULL);
+
+    for (i = iov_state->iov_pos; i < num_data; i++) {
+        const krb5_crypto_iov *iov = &data[i];
+        size_t nbytes;
+
+        if (!process_block_p(data, num_data, iov_state, i))
+            continue;
+
+        if (pad_to_boundary_p(data, num_data, iov_state, i, j))
+            break;
+
+        iov_state->iov_pos = i;
+
+        nbytes = iov->data.length - iov_state->data_pos;
+        if (nbytes > block_size - j)
+            nbytes = block_size - j;
+
+        /*
+         * If we had previously returned a pointer into a complete block,
+         * then no action is required.
+         */
+        if (p == storage) {
+            memcpy(iov->data.data + iov_state->data_pos, storage + j, nbytes);
+        } else {
+            /* Ensure correctly paired with a call to get_block_nocopy(). */
+            assert(j == 0);
+            assert(nbytes == 0 || nbytes == block_size);
+        }
+
+        iov_state->data_pos += nbytes;
+        j += nbytes;
+
+        assert(j <= block_size);
+
+        if (j == block_size)
+            break;
+
+        assert(iov_state->data_pos == iov->data.length);
+
+        iov_state->data_pos = 0;
+    }
+
+    iov_state->iov_pos = i;
+
+#ifdef DEBUG_IOV
+    dump_block("put_block", i, j, p, block_size);
+#endif
+
+    return (iov_state->iov_pos < num_data);
+}
+
+/*
+ * A wrapper for krb5int_c_iov_get_block_nocopy() that always makes
+ * a copy.
+ */
+static inline krb5_boolean
+krb5int_c_iov_get_block(unsigned char *block,
+                        size_t block_size,
+                        const krb5_crypto_iov *data,
+                        size_t num_data,
+                        struct iov_block_state *iov_state)
+{
+    return krb5int_c_iov_get_block_nocopy(block, block_size, data, num_data,
+                                          iov_state, NULL);
+}
+
+/*
+ * A wrapper for krb5int_c_iov_put_block_nocopy() that always copies
+ * the block.
+ */
+static inline krb5_boolean
+krb5int_c_iov_put_block(const krb5_crypto_iov *data,
+                        size_t num_data,
+                        unsigned char *block,
+                        size_t block_size,
+                        struct iov_block_state *iov_state)
+{
+    return krb5int_c_iov_put_block_nocopy(data, num_data, block, block_size,
+                                          iov_state, block);
+}
+
+#endif /* CRYPTO_INT_H */
index 3b0a9ac7fcace51aebe0219c823a80018d97b772..84c56cc9f8771f0a1d97314a45f7b9fc026494d2 100644 (file)
@@ -25,9 +25,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_crypto_length(krb5_context context, krb5_enctype enctype,
index f977135015a26eb42eda62c5a7b25eeef68da075..3b62ff5de0eb8b8abb4f8c10503f31740ff5f9b0 100644 (file)
@@ -1,7 +1,5 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#include <assert.h>
-#include "k5-int.h"
-#include "prng.h"
+#include "crypto_int.h"
 
 MAKE_INIT_FUNCTION(cryptoint_initialize_library);
 MAKE_FINI_FUNCTION(cryptoint_cleanup_library);
index c12c90d339b499398c3fbb5ee6f54338391c8a25..775e10a9bd3032e2b0ffa2a5387012590f57bad0 100644 (file)
@@ -25,9 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_decrypt(krb5_context context, krb5_key key,
index f52a727b331d8b2661fd4afcef7e1c3e1694ff4a..39844d42c76f224f5a5ffa9a5573e0d2036c3235 100644 (file)
@@ -25,9 +25,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage,
index d44b31fbaf4bfe13f94653aa079a763fa68710cf..4968a7767ce254665aa916ccd44c196eef6b11ca 100644 (file)
@@ -30,7 +30,7 @@
  * contains that default code.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 
 krb5_error_code krb5int_des_init_state
 (const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state )
index a728ae11ba0a55652fdc4cebe54a9214ede87293..4c87378870235116a0c5f759d82c7bf838fc0e63 100644 (file)
@@ -3,31 +3,36 @@
 #
 aead.so aead.po $(OUTPRE)aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/dk/dk.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h aead.c aead.h \
-  cksumtypes.h etypes.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  aead.c crypto_int.h
 block_size.so block_size.po $(OUTPRE)block_size.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h block_size.c etypes.h
+  $(top_srcdir)/include/socket-utils.h block_size.c crypto_int.h
 checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
@@ -35,11 +40,13 @@ checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h checksum_length.c \
-  cksumtypes.h etypes.h
+  crypto_int.h
 cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
@@ -47,83 +54,92 @@ cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJ
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h cksumtype_to_string.c \
-  cksumtypes.h etypes.h
+  crypto_int.h
 cksumtypes.so cksumtypes.po $(OUTPRE)cksumtypes.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../builtin/enc_provider/enc_provider.h \
-  $(srcdir)/../builtin/hash_provider/hash_provider.h \
-  $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.c cksumtypes.h \
-  etypes.h
+  $(top_srcdir)/include/socket-utils.h cksumtypes.c crypto_int.h
 coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.h coll_proof_cksum.c \
-  etypes.h
+  $(top_srcdir)/include/socket-utils.h coll_proof_cksum.c \
+  crypto_int.h
 combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cksumtypes.h combine_keys.c etypes.h
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h combine_keys.c \
+  crypto_int.h
 crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \
-  crypto_length.c etypes.h
+  $(top_srcdir)/include/socket-utils.h crypto_int.h crypto_length.c
 crypto_libinit.so crypto_libinit.po $(OUTPRE)crypto_libinit.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h crypto_libinit.c \
-  prng.h
+  $(top_srcdir)/include/socket-utils.h crypto_int.h crypto_libinit.c
 default_state.so default_state.po $(OUTPRE)default_state.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h default_state.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h default_state.c
 decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -131,22 +147,25 @@ decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  aead.h cksumtypes.h decrypt.c etypes.h
+  crypto_int.h decrypt.c
 decrypt_iov.so decrypt_iov.po $(OUTPRE)decrypt_iov.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \
-  decrypt_iov.c etypes.h
+  $(top_srcdir)/include/socket-utils.h crypto_int.h decrypt_iov.c
 encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -154,49 +173,51 @@ encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  aead.h cksumtypes.h encrypt.c etypes.h
+  crypto_int.h encrypt.c
 encrypt_iov.so encrypt_iov.po $(OUTPRE)encrypt_iov.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h encrypt_iov.c \
-  etypes.h
+  $(top_srcdir)/include/socket-utils.h crypto_int.h encrypt_iov.c
 encrypt_length.so encrypt_length.po $(OUTPRE)encrypt_length.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \
-  encrypt_length.c etypes.h
+  $(top_srcdir)/include/socket-utils.h crypto_int.h encrypt_length.c
 enctype_util.so enctype_util.po $(OUTPRE)enctype_util.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h enctype_util.c \
-  etypes.h
+  $(top_srcdir)/include/socket-utils.h crypto_int.h enctype_util.c
 etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \
-  $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/hash_provider/hash_provider.h \
-  $(srcdir)/arcfour/arcfour.h $(srcdir)/dk/dk.h $(srcdir)/old/old.h \
-  $(srcdir)/prf/prf_int.h $(srcdir)/raw/raw.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -204,10 +225,12 @@ etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cksumtypes.h etypes.c etypes.h
+  crypto_int.h etypes.c
 key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -215,102 +238,116 @@ key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  etypes.h key.c
+  crypto_int.h key.c
 keyblocks.so keyblocks.po $(OUTPRE)keyblocks.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h keyblocks.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h keyblocks.c
 keyed_cksum.so keyed_cksum.po $(OUTPRE)keyed_cksum.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \
-  keyed_cksum.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h keyed_cksum.c
 keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \
-  keyed_checksum_types.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h keyed_checksum_types.c
 keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h etypes.h keylengths.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h keylengths.c
 make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cksumtypes.h etypes.h make_checksum.c
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_int.h make_checksum.c
 make_checksum_iov.so make_checksum_iov.po $(OUTPRE)make_checksum_iov.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \
-  etypes.h make_checksum_iov.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h make_checksum_iov.c
 make_random_key.so make_random_key.po $(OUTPRE)make_random_key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h etypes.h make_random_key.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h make_random_key.c
 mandatory_sumtype.so mandatory_sumtype.po $(OUTPRE)mandatory_sumtype.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h etypes.h mandatory_sumtype.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h mandatory_sumtype.c
 nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -318,21 +355,25 @@ nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  nfold.c
+  crypto_int.h nfold.c
 old_api_glue.so old_api_glue.po $(OUTPRE)old_api_glue.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h old_api_glue.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h old_api_glue.c
 prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -340,10 +381,12 @@ prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  etypes.h prf.c
+  crypto_int.h prf.c
 prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -351,23 +394,25 @@ prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  prng.c prng.h
+  crypto_int.h prng.c
 prng_fortuna.so prng_fortuna.po $(OUTPRE)prng_fortuna.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
   $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
-  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  prng.h prng_fortuna.c
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_int.h prng_fortuna.c
 cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -375,11 +420,12 @@ cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cf2.c etypes.h
+  cf2.c crypto_int.h
 random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -387,10 +433,12 @@ random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h etypes.h random_to_key.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h random_to_key.c
 state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \
+  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -398,76 +446,83 @@ state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  etypes.h state.c
+  crypto_int.h state.c
 string_to_cksumtype.so string_to_cksumtype.po $(OUTPRE)string_to_cksumtype.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \
-  string_to_cksumtype.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h string_to_cksumtype.c
 string_to_key.so string_to_key.po $(OUTPRE)string_to_key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h etypes.h string_to_key.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h string_to_key.c
 t_fortuna.so t_fortuna.po $(OUTPRE)t_fortuna.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
   $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
-  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  prng.h prng_fortuna.c t_fortuna.c
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_int.h prng_fortuna.c \
+  t_fortuna.c
 valid_cksumtype.so valid_cksumtype.po $(OUTPRE)valid_cksumtype.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \
-  valid_cksumtype.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h valid_cksumtype.c
 verify_checksum.so verify_checksum.po $(OUTPRE)verify_checksum.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \
-  verify_checksum.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h verify_checksum.c
 verify_checksum_iov.so verify_checksum_iov.po $(OUTPRE)verify_checksum_iov.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \
-  etypes.h verify_checksum_iov.c
+  $(top_srcdir)/include/socket-utils.h crypto_int.h verify_checksum_iov.c
index 63e55b6ffe77ed7089d7262e6e5537eba3f16670..56ab164d30baf43f20b12329cb8e851685f2e266 100644 (file)
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)krb$(S)dk
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/..  -I$(srcdir)/../../$(CRYPTO_IMPL)
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL)
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index ac3e4e9985bc422b8e288bf5d101226af0e77f53..166b7c72731d7d5b285dcd822a2c4108c4d22bb0 100644 (file)
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "dk.h"
-#include "aead.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */
 
index 686af8d081d0538447bf604e68e3a30ebce7345b..517a5f32c89b2e42aab17172766fb8cffd742d08 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "dk.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */
 
index da0589cea7a15cc801c0bab9c7367feb6b19a6b0..7dbace5dbe97c2f068c0372fc15bc341f6d9dbe5 100644 (file)
@@ -4,21 +4,9 @@
 checksum_hmac.so checksum_hmac.po $(OUTPRE)checksum_hmac.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h checksum_hmac.c \
-  dk.h
-checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -26,11 +14,13 @@ checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  checksum_cmac.c dk.h
-dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \
-  $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  checksum_hmac.c
+checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -38,35 +28,38 @@ dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  dk.h dk_aead.c
+  checksum_cmac.c
+dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h dk_aead.c
 dk_cmac.so dk_cmac.po $(OUTPRE)dk_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \
-  $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  dk.h dk_cmac.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h dk_cmac.c
 derive.so derive.po $(OUTPRE)derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  derive.c dk.h
-stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -74,4 +67,18 @@ stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h dk.h stringtokey.c
+  $(top_srcdir)/include/socket-utils.h derive.c
+stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  stringtokey.c
index 7fa6c80ada48dce30f777c94ee8bc1dbf05c00a4..1cb47af4baa2570768dd9b65dcb328ae3b2ba9f5 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "dk.h"
+#include "crypto_int.h"
 
 static krb5_key
 find_cached_dkey(struct derived_key *list, const krb5_data *constant)
diff --git a/src/lib/crypto/krb/dk/dk.h b/src/lib/crypto/krb/dk/dk.h
deleted file mode 100644 (file)
index 0799778..0000000
+++ /dev/null
@@ -1,114 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-#include "etypes.h"
-#include "cksumtypes.h"
-
-unsigned int
-krb5int_dk_crypto_length(const struct krb5_keytypes *ktp,
-                         krb5_cryptotype type);
-
-unsigned int
-krb5int_aes_crypto_length(const struct krb5_keytypes *ktp,
-                          krb5_cryptotype type);
-
-unsigned int
-krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp,
-                               krb5_cryptotype type);
-krb5_error_code
-krb5int_dk_encrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                   krb5_keyusage usage, const krb5_data *ivec,
-                   krb5_crypto_iov *data, size_t num_data);
-
-krb5_error_code
-krb5int_dk_decrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                   krb5_keyusage usage, const krb5_data *ivec,
-                   krb5_crypto_iov *data, size_t num_data);
-
-krb5_error_code
-krb5int_dk_string_to_key(const struct krb5_keytypes *enc,
-                         const krb5_data *string, const krb5_data *salt,
-                         const krb5_data *params, krb5_keyblock *key);
-
-krb5_error_code
-krb5int_aes_string_to_key(const struct krb5_keytypes *enc,
-                          const krb5_data *string, const krb5_data *salt,
-                          const krb5_data *params, krb5_keyblock *key);
-
-krb5_error_code
-krb5int_camellia_string_to_key(const struct krb5_keytypes *enc,
-                               const krb5_data *string,
-                               const krb5_data *salt,
-                               const krb5_data *params,
-                               krb5_keyblock *key);
-
-enum deriv_alg {
-    DERIVE_RFC3961,             /* RFC 3961 section 5.1 */
-#ifdef CAMELLIA
-    DERIVE_SP800_108_CMAC       /* NIST SP 800-108 with CMAC as PRF */
-#endif
-};
-
-krb5_error_code
-krb5int_derive_keyblock(const struct krb5_enc_provider *enc,
-                        krb5_key inkey, krb5_keyblock *outkey,
-                        const krb5_data *in_constant, enum deriv_alg alg);
-
-krb5_error_code
-krb5int_derive_key(const struct krb5_enc_provider *enc,
-                   krb5_key inkey, krb5_key *outkey,
-                   const krb5_data *in_constant, enum deriv_alg alg);
-
-krb5_error_code
-krb5int_dk_checksum(const struct krb5_cksumtypes *ctp,
-                    krb5_key key, krb5_keyusage usage,
-                    const krb5_crypto_iov *data, size_t num_data,
-                    krb5_data *output);
-
-krb5_error_code
-krb5int_derive_random(const struct krb5_enc_provider *enc,
-                      krb5_key inkey, krb5_data *outrnd,
-                      const krb5_data *in_constant, enum deriv_alg alg);
-
-krb5_error_code
-krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp,
-                        krb5_key key, krb5_keyusage usage,
-                        const krb5_data *ivec, krb5_crypto_iov *data,
-                        size_t num_data);
-
-krb5_error_code
-krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp,
-                        krb5_key key, krb5_keyusage usage,
-                        const krb5_data *ivec, krb5_crypto_iov *data,
-                        size_t num_data);
-
-krb5_error_code
-krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp,
-                         krb5_key key, krb5_keyusage usage,
-                         const krb5_crypto_iov *data, size_t num_data,
-                         krb5_data *output);
index 4e9a7c4cf3db552d372188963f11595d99f16c6d..2e2163f69cc4df033b386e0487b62797b6d92935 100644 (file)
@@ -26,9 +26,7 @@
  */
 
 
-#include "k5-int.h"
-#include "dk.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */
 
index 9ac5bee8f923a990dec68a123860d5d12a2c4113..f00b8edc93b5065c9ee1d778c5b9d40aefd1858a 100644 (file)
@@ -25,9 +25,7 @@
  */
 
 
-#include "k5-int.h"
-#include "dk.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 #ifdef CAMELLIA
 
index 2c5188bdb8db3d4ff0918b3f5fc8ce371b45c53e..90fe3c694ef336b3dd6285cb67e135d39aa631a9 100644 (file)
@@ -25,7 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "dk.h"
+#include "crypto_int.h"
 
 static const unsigned char kerberos[] = "kerberos";
 #define kerberos_len (sizeof(kerberos)-1)
index 8f5c481b589b524e7c92fb7624dec0cea1a6a0a6..3c7bbdacd20f37f437884fd8ed0c753fa3e3ee69 100644 (file)
@@ -25,9 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_encrypt(krb5_context context, krb5_key key,
index 26bb82b8af85ec44a342e9b47ecdcad09df315c2..9f56c1f0ba682c2cc575ca193a24218c95ffa0c4 100644 (file)
@@ -25,8 +25,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage,
index be99f17fa3802cd0d64c865c7779b9f0f353b8e2..5428e429c7071d5e3d9b510b4050ce7a99637041 100644 (file)
@@ -25,9 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype,
index 1a9caf667fb5424c8022e2c9711f9ba6827e2293..2641537fca64a1289636e60a601e096bf05107dc 100644 (file)
@@ -34,8 +34,7 @@
  * krb5_enctype_to_string()
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 krb5_boolean KRB5_CALLCONV
 krb5_c_valid_enctype(krb5_enctype etype)
index 476a0e626aee46b53a6d65c8fc6e7e683736710d..f6da99cc5e914fc55583b128810bb088977ebf26 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "hash_provider.h"
-#include "etypes.h"
-#include "old.h"
-#include "raw.h"
-#include "dk.h"
-#include "prf_int.h"
-#include "arcfour.h"
-#include "des/des_int.h"
+#include "crypto_int.h"
 
 /* these will be linear searched.  if they ever get big, a binary
    search or hash table would be better, which means these would need
diff --git a/src/lib/crypto/krb/etypes.h b/src/lib/crypto/krb/etypes.h
deleted file mode 100644 (file)
index 98ed58e..0000000
+++ /dev/null
@@ -1,143 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#ifndef ETYPES_H
-#define ETYPES_H
-
-#include "k5-int.h"
-
-#define MAX_ETYPE_ALIASES 2
-
-struct krb5_keytypes;
-
-typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp,
-                                           krb5_cryptotype type);
-
-typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp,
-                                      krb5_key key, krb5_keyusage keyusage,
-                                      const krb5_data *ivec,
-                                      krb5_crypto_iov *data, size_t num_data);
-
-typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp,
-                                        const krb5_data *string,
-                                        const krb5_data *salt,
-                                        const krb5_data *parm,
-                                        krb5_keyblock *key);
-
-typedef krb5_error_code (*rand2key_func)(const krb5_data *randombits,
-                                         krb5_keyblock *key);
-
-typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp,
-                                    krb5_key key,
-                                    const krb5_data *in, krb5_data *out);
-
-typedef krb5_error_code (*init_state_func)(const struct krb5_keytypes *ktp,
-                                           const krb5_keyblock *key,
-                                           krb5_keyusage keyusage,
-                                           krb5_data *out_state);
-
-typedef void (*free_state_func)(const struct krb5_keytypes *ktp,
-                                krb5_data *state);
-
-struct krb5_keytypes {
-    krb5_enctype etype;
-    char *name;
-    char *aliases[MAX_ETYPE_ALIASES];
-    char *out_string;
-    const struct krb5_enc_provider *enc;
-    const struct krb5_hash_provider *hash;
-    size_t prf_length;
-    crypto_length_func crypto_length;
-    crypt_func encrypt;
-    crypt_func decrypt;
-    str2key_func str2key;
-    rand2key_func rand2key;
-    prf_func prf;
-    init_state_func init_state;
-    free_state_func free_state;
-    krb5_cksumtype required_ctype;
-    krb5_flags flags;
-};
-
-#define ETYPE_WEAK 1
-
-extern const struct krb5_keytypes krb5int_enctypes_list[];
-extern const int krb5int_enctypes_length;
-
-static inline const struct krb5_keytypes *
-find_enctype(krb5_enctype enctype)
-{
-    int i;
-
-    for (i = 0; i < krb5int_enctypes_length; i++) {
-        if (krb5int_enctypes_list[i].etype == enctype)
-            break;
-    }
-
-    if (i == krb5int_enctypes_length)
-        return NULL;
-    return &krb5int_enctypes_list[i];
-}
-
-/* This belongs with the declaration of struct krb5_enc_provider... but not
- * while that's still in k5-int.h. */
-/* Encrypt one block of plaintext in place. */
-static inline krb5_error_code
-encrypt_block(const struct krb5_enc_provider *enc, krb5_key key,
-              krb5_data *block)
-{
-    krb5_crypto_iov iov;
-
-    /* Verify that this is a block cipher and block is the right length. */
-    if (block->length != enc->block_size || enc->block_size == 1)
-        return EINVAL;
-    iov.flags = KRB5_CRYPTO_TYPE_DATA;
-    iov.data = *block;
-    if (enc->cbc_mac != NULL)   /* One-block cbc-mac with no ivec. */
-        return enc->cbc_mac(key, &iov, 1, NULL, block);
-    else                        /* Assume cbc-mode encrypt. */
-        return enc->encrypt(key, 0, &iov, 1);
-}
-
-krb5_error_code
-krb5int_init_state_enc(const struct krb5_keytypes *ktp,
-                       const krb5_keyblock *key, krb5_keyusage keyusage,
-                       krb5_data *out_state);
-
-void
-krb5int_free_state_enc(const struct krb5_keytypes *ktp, krb5_data *state);
-
-krb5_error_code
-k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock);
-
-krb5_error_code
-k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock);
-
-krb5_error_code
-k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock);
-
-#endif
index a64c7a00cd40e09ebd816817577da4276f556309..550ac20d376f186691ecaf6316d73be1a5dd7971 100644 (file)
@@ -25,8 +25,7 @@
  * Functions for manipulating krb5_key structures
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 /*
  * The krb5_key data type wraps an exposed keyblock in an opaque data
index 732a877a0aca32e498675e3508b5ee14d8943712..b1ef6f2ac32519dca0e8c46cd406410006776f42 100644 (file)
@@ -30,9 +30,7 @@
  *  an empty keyblock
  */
 
-
-#include "k5-int.h"
-#include <assert.h>
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype,
index 3cd1ebcae24a6e2284fbe3807852f2d8431457b2..4b211fb46b69258a863d392ed016c8cc466166eb 100644 (file)
@@ -25,9 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 static krb5_boolean
 is_keyed_for(const struct krb5_cksumtypes *ctp,
index b6d3e3db47b0957239ba537f03cd516ecf1f766f..d3db8f31b706a20badedf95da07967bc14617b9b 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_boolean KRB5_CALLCONV
 krb5_c_is_keyed_cksum(krb5_cksumtype ctype)
index fa65be11c8ef0243940fb0d8a226837c9cf89fe0..2bbd1cc6bdec2b8a10a54df3af7bd09f05acebee 100644 (file)
@@ -29,8 +29,7 @@
  * SUCH DAMAGES.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 /*
  * keybytes is the number of bytes required as input to make a key,
index d0dc6223706395fe500b280cedb8e802a10e2b61..398c84a8dbb1acca1bf2a51c6c2ab2057c7c9f1e 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
-#include "etypes.h"
-#include "dk.h"
+#include "crypto_int.h"
 
 /* A 0 checksum type means use the mandatory checksum. */
 
index a7a3cb3ddfd028fdc43b2d748e4da680c11f57bf..1c54077fce4934ddca5017ed62b4d454446993f9 100644 (file)
@@ -25,9 +25,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_make_checksum_iov(krb5_context context,
index 4032676a1ad6e183ccf2db74891da6e1ac4457dc..f5af18780eb7a6099337459ea58bd6bc2a7dd80b 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_make_random_key(krb5_context context, krb5_enctype enctype,
index 3adeaf21518c97993977898fa5b78654741f5430..55ea81fa18035da2e6573368b111315441dbd1d8 100644 (file)
@@ -23,8 +23,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_c_mandatory_cksumtype(krb5_context ctx, krb5_enctype etype,
index 11082accac579b01e28237bf758e4722c2e4282c..ea02fddcf060893786890e8b8714e68d3d655fea 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#ifdef HAVE_MEMORY_H
-#include <memory.h>
-#endif
+#include "crypto_int.h"
 
 /*
  * n-fold(k-bits):
index 8cbd7fc0bdb1fba492b0b7d52674bb30d74ce36a..0563f4cb127c701c2b3fb35fe9aac027b6160728 100644 (file)
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)krb$(S)old
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../../$(CRYPTO_IMPL)/des -I$(srcdir)/.. -I$(srcdir)
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL)
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index 0e51f504a2f9a0a3df8209576ef32b2640b45b72..f8762e6211454c20870ba56a61c8417f08deb1ac 100644 (file)
@@ -4,8 +4,9 @@
 des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../builtin/des/des_int.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -13,12 +14,13 @@ des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_stringtokey.c old.h
+  des_stringtokey.c
 old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -26,4 +28,4 @@ old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  old.h old_aead.c
+  old_aead.c
index 71ee0de1d6437e7b9b4b7fdef5ceca913e46123b..751aa72da2280e1677a4266af8e66a66b7dc6346 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "old.h"
-#include <des_int.h>
-
-/* XXX */
-extern krb5_error_code mit_des_string_to_key_int
-(krb5_keyblock * keyblock,
- const krb5_data * data,
- const krb5_data * salt);
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_des_string_to_key(const struct krb5_keytypes *ktp,
diff --git a/src/lib/crypto/krb/old/old.h b/src/lib/crypto/krb/old/old.h
deleted file mode 100644 (file)
index d092686..0000000
+++ /dev/null
@@ -1,49 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-#include "etypes.h"
-
-unsigned int
-krb5int_old_crypto_length(const struct krb5_keytypes *ktp,
-                          krb5_cryptotype type);
-
-krb5_error_code
-krb5int_old_encrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                    krb5_keyusage usage, const krb5_data *ivec,
-                    krb5_crypto_iov *data, size_t num_data);
-
-krb5_error_code
-krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                    krb5_keyusage usage, const krb5_data *ivec,
-                    krb5_crypto_iov *data, size_t num_data);
-
-krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp,
-                                          const krb5_data *string,
-                                          const krb5_data *salt,
-                                          const krb5_data *params,
-                                          krb5_keyblock *key);
index f7d1f10a7a6304f2df9a1461d1a22923bde17182..00ce609ecc9b85b8d5a3a4a5827af2b665712a79 100644 (file)
  * or implied warranty.
  */
 
-
-#include "k5-int.h"
-#include "old.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 unsigned int
 krb5int_old_crypto_length(const struct krb5_keytypes *ktp,
index 49f554dd283b8b11edc13db194f39e88dda77c61..585ed11a3f16cebf48aabf038eaae9df1b26cd7d 100644 (file)
@@ -25,7 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 
 /*
  * The following functions were removed from the API in krb5 1.3 but
index e42d363610ef0f0eea4d98c7ffac9ed4a9f12090..a315c42a1de1ab7822b379b5146cc05577608f57 100644 (file)
  *function yields krb5_c_prf_length bytes of output.
  */
 
-
-#include "k5-int.h"
-#include "etypes.h"
-
-#include <assert.h>
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_prf_length(krb5_context context, krb5_enctype enctype, size_t *len)
index b57029fa05012052fb8091bfe0393783dbebb4ed..f7b4ddc38ff4e12c8cd03589ca3db720f719f35c 100644 (file)
@@ -1,10 +1,6 @@
 mydir=lib$(S)crypto$(S)krb$(S)prf
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/..             \
-               -I$(srcdir)/../dk                       \
-               -I$(srcdir)/../../$(CRYPTO_IMPL)        \
-               -I$(srcdir)/../../$(CRYPTO_IMPL)/md5    \
-               -I$(srcdir)/../../$(CRYPTO_IMPL)/sha1 
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL)
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..
index 78d11641c1db1762f557a1140be8addb0f24dfe3..0a02bf1ea4f3e0f6249a1f35913dc7467c218782 100644 (file)
@@ -30,8 +30,7 @@
  *simplified profile enctypes.
  */
 
-#include "prf_int.h"
-#include <dk.h>
+#include "crypto_int.h"
 
 #ifdef CAMELLIA
 
index dbf083fa561ee2b285f39d1e48a1b19e9faca797..40bba24810cb743d278566abb4a3e8acf1068d9d 100644 (file)
@@ -3,45 +3,49 @@
 #
 des_prf.so des_prf.po $(OUTPRE)des_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_prf.c prf_int.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h des_prf.c
 dk_prf.so dk_prf.po $(OUTPRE)dk_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../dk/dk.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  dk_prf.c prf_int.h
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h dk_prf.c
 rc4_prf.so rc4_prf.po $(OUTPRE)rc4_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  prf_int.h rc4_prf.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \
+  $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \
+  $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h rc4_prf.c
 cmac_prf.so cmac_prf.po $(OUTPRE)cmac_prf.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../dk/dk.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -49,4 +53,4 @@ cmac_prf.so cmac_prf.po $(OUTPRE)cmac_prf.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  cmac_prf.c prf_int.h
+  cmac_prf.c
index a111423a5ec7e65d225da9305572bb38bcb62571..3bb420b57a712ddfc606115b50f971150148d953 100644 (file)
@@ -30,8 +30,7 @@
  * des-cbc-crc, des-cbc-md4, and des-cbc-md5 enctypes.
  */
 
-#include "prf_int.h"
-#include "hash_provider/hash_provider.h"
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
index a824e2b572d98d11c584af13d3427ae0c30cf1f4..b6e69988cc91f1e1ac6dee3ec460046b3b9f8ee5 100644 (file)
@@ -30,8 +30,7 @@
  *simplified profile enctypes.
  */
 
-#include "prf_int.h"
-#include <dk.h>
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key,
diff --git a/src/lib/crypto/krb/prf/prf_int.h b/src/lib/crypto/krb/prf/prf_int.h
deleted file mode 100644 (file)
index 1c98720..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/krb/prf/prf_int.h
- *
- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
- * Technology.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifndef PRF_INTERNAL_DEFS
-#define PRF_INTERNAL_DEFS
-
-#include "k5-int.h"
-#include "etypes.h"
-
-krb5_error_code
-krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key,
-                    const krb5_data *in, krb5_data *out);
-
-krb5_error_code
-krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
-                const krb5_data *in, krb5_data *out);
-
-krb5_error_code
-krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key,
-               const krb5_data *in, krb5_data *out);
-
-krb5_error_code
-krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp, krb5_key key,
-                    const krb5_data *in, krb5_data *out);
-
-#endif  /*PRF_INTERNAL_DEFS*/
index e34ab2602224c2766aa1e699b16906b79e1be358..be54f361f489d197508e54402e7a4f0245606901 100644 (file)
@@ -26,9 +26,7 @@
  *
  */
 
-#include "prf_int.h"
-#include "k5-int.h"
-#include <hash_provider/hash_provider.h>
+#include "crypto_int.h"
 
 krb5_error_code
 krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key,
index b65223b8bb39223f2d719afbcd28cb81a4f2d05a..acece29bfe682decbe11986f07be5b3fef6a4577 100644 (file)
@@ -24,7 +24,7 @@
  * or implied warranty.
  */
 
-#include "prng.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_random_seed(krb5_context context, krb5_data *data)
diff --git a/src/lib/crypto/krb/prng.h b/src/lib/crypto/krb/prng.h
deleted file mode 100644 (file)
index f75d5f7..0000000
+++ /dev/null
@@ -1,48 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/krb/prng.h - Header for PRNG modules */
-/*
- * Copyright 2010 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-
-#ifndef PRNG_H
-#define PRNG_H
-
-#include "k5-int.h"
-
-/*
- * PRNG modules must implement the following APIs from krb5.h:
- *   krb5_c_random_add_entropy
- *   krb5_c_random_make_octets
- *
- * PRNG modules should implement these functions.  They are called from the
- * crypto library init and cleanup functions, and can be used to setup and tear
- * down static state without thread safety concerns.
- */
-int k5_prng_init(void);
-void k5_prng_cleanup(void);
-
-/* Used by PRNG modules to gather OS entropy.  Returns true on success. */
-krb5_boolean k5_get_os_entropy(unsigned char *buf, size_t len);
-
-#endif
index 3acf96b3a2cfc9195e31efe2cf0efc3449324d41..cdc5acf1586525cc04d7d8f2bbcaa35c6e06237c 100644 (file)
  * such as a KDC which can submit periodic entropy inputs to the PRNG.
  */
 
-#include "k5-int.h"
-#include "prng.h"
-#include "aes.h"
-#include "sha2.h"
+#include "crypto_int.h"
 
 /* The accumulator's number of pools. */
 #define NUM_POOLS 32
index 4d2b9c4a0d08a3b1fef84106e544d819ed80457e..905b24dd32201dc715d8f2bac6a1be297cab2020 100644 (file)
@@ -26,9 +26,8 @@
  * or implied warranty.
  */
 
-#include "prng.h"
-#include <assert.h>
-#include "k5-thread.h"
+#include "crypto_int.h"
+#include "nss_prng.h"
 
 /*
  * This PRNG module should be used whenever the NSS crypto implementation is
@@ -36,8 +35,6 @@
  * AES-256 and SHA-256 contexts across forks.
  */
 
-#include "nss_prng.h"
-
 int
 k5_prng_init(void)
 {
index 2da8b19864ebdc9a0f1a5bbba28a085bfa03c4ad..51af17be9e6d18ba7b73666866bf81b54cad00c3 100644 (file)
@@ -31,8 +31,7 @@
  * in the operating system's native PRNG quality.
  */
 
-#include "k5-int.h"
-#include "prng.h"
+#include "crypto_int.h"
 
 #define DEVICE "/dev/urandom"
 
index cb83129a24d4a0f99d64e4129fc74210cbcb3129..93d033eb7108b7e2b070ee326c7055a9d85efc22 100644 (file)
@@ -34,9 +34,7 @@
  * already been initialized and random_key->contents have been allocated
  * with the correct length.
  */
-#include "k5-int.h"
-#include "etypes.h"
-#include "des_int.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_random_to_key(krb5_context context, krb5_enctype enctype,
index 283622b1793d7ba956712c80e211eb35f7c6d4be..2423c9fbd41e22cde55a728078625f3b4b2e0091 100644 (file)
@@ -4,8 +4,9 @@
 raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \
-  $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \
+  $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \
+  $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -13,4 +14,4 @@ raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  raw.h raw_aead.c
+  raw_aead.c
diff --git a/src/lib/crypto/krb/raw/raw.h b/src/lib/crypto/krb/raw/raw.h
deleted file mode 100644 (file)
index ee54d58..0000000
+++ /dev/null
@@ -1,43 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-#include "etypes.h"
-
-unsigned int
-krb5int_raw_crypto_length(const struct krb5_keytypes *ktp,
-                          krb5_cryptotype type);
-
-krb5_error_code
-krb5int_raw_encrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                    krb5_keyusage usage, const krb5_data *ivec,
-                    krb5_crypto_iov *data, size_t num_data);
-
-krb5_error_code
-krb5int_raw_decrypt(const struct krb5_keytypes *ktp, krb5_key key,
-                    krb5_keyusage usage, const krb5_data *ivec,
-                    krb5_crypto_iov *data, size_t num_data);
index 75f23241c3c655e2cea036bcab8490edccf11f44..3364a7d0b7a72dfb51316cff8990c106c5cbdf8c 100644 (file)
@@ -26,9 +26,7 @@
  */
 
 
-#include "k5-int.h"
-#include "raw.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 unsigned int
 krb5int_raw_crypto_length(const struct krb5_keytypes *ktp,
index 4a0bafd8b0fc043e195cde596e84324d8d1adda1..2c3371c3af6afa144fdd3b11da4bd03a9bf1ce59 100644 (file)
@@ -33,8 +33,7 @@
  * krb5_c_init_state and krb5_c_free_state used by clients of the
  * Kerberos crypto library.
  */
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 /* Most enctypes delegate cipher state handling to the enc provider by using
  * this function as their init_state methods. */
index b130b6c73eb6548acd4373fc24fcb952aae2ce01..3498d2a0539d796733fa8100b9106b6505e496ce 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep)
index 3569404557de8b9e45d28589af6ed1e10c634dee..7a7a04f612f664a12db55cad32e4ed4de3f051d4 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "etypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_c_string_to_key_with_params(krb5_context context,
index 07b84fec70f710ddb08eecab812c3540e820b92a..eb7807f7eda27475be6e7c7b88e99fa6299b026f 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_boolean KRB5_CALLCONV
 krb5_c_valid_cksumtype(krb5_cksumtype ctype)
index cb19c23a9a7812155fd37d76f5b554ab783ba885..8727cb35dc008e6f2d1f8140d78653927974373e 100644 (file)
@@ -25,8 +25,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_verify_checksum(krb5_context context, krb5_key key,
index d5427baecd9b6a48c0a7a23051769983b96729e3..da8f487bf6d409a60fb60bca680b34848b699310 100644 (file)
@@ -25,9 +25,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "cksumtypes.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 krb5_error_code KRB5_CALLCONV
 krb5_k_verify_checksum_iov(krb5_context context,
index 6307303cf56f2f237c494ca254464b079ae71829..2d91592ecaf862b2a5e938c1e6cd993ede1a77d8 100644 (file)
@@ -65,11 +65,10 @@ krb5int_c_copy_keyblock_contents
 krb5int_c_free_keyblock_contents
 krb5int_c_free_keyblock
 krb5int_c_init_keyblock
+krb5int_hash_md4
 krb5int_hash_md5
 krb5int_enc_arcfour
 krb5int_hmac
-mit_des_fixup_key_parity
-mit_des_is_weak_key
 krb5_k_create_key
 krb5_k_decrypt
 krb5_k_decrypt_iov
@@ -86,12 +85,6 @@ krb5_k_verify_checksum
 krb5_k_verify_checksum_iov
 mit_crc32
 krb5int_aes_encrypt
-krb5int_MD4Init
-krb5int_MD4Update
-krb5int_MD4Final
-krb5int_MD5Init
-krb5int_MD5Update
-krb5int_MD5Final
 krb5int_aes_decrypt
 krb5int_enc_des3
 krb5int_arcfour_gsscrypt
index c2a2e4e9c669252ae24070378168734b4d57d6e9..bb8b8c27576b121f2646be321d45ecb0d99e3e31 100644 (file)
@@ -2,17 +2,7 @@ mydir=lib$(S)crypto$(S)nss
 BUILDTOP=$(REL)..$(S)..$(S)..
 SUBDIRS=des aes        camellia md4 md5  sha1 sha2 enc_provider hash_provider
 CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/../krb                     \
-               -I$(srcdir)/../krb/hash_provider        \
-               -I$(srcdir)/des         \
-               -I$(srcdir)/aes         \
-               -I$(srcdir)/sha1        \
-               -I$(srcdir)/sha2        \
-               -I$(srcdir)/md4         \
-               -I$(srcdir)/md5 \
-               -I$(srcdir)/enc_provider        \
-               -I$(srcdir)/hash_provider       \
-               $(CRYPTO_IMPL_CFLAGS)
+LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) $(CRYPTO_IMPL_CFLAGS)
 
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
index ffbd4ba50ca2db104f20eeeea68747811bacbb22..947ad11b23aa1122dd676779fe01d86425a00132 100644 (file)
@@ -4,12 +4,9 @@
 
 mydir=lib$(S)crypto$(S)nss$(S)aes
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
 STLIBOBJS=
 
 OBJS=
index b8feffc5d78c7e11115833e65506985419fe5092..041227132f1d708b9bc5e455bf0d46212c19ee12 100644 (file)
@@ -4,12 +4,9 @@
 
 mydir=lib$(S)crypto$(S)nss$(S)camellia
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
 STLIBOBJS=
 
 OBJS=
similarity index 63%
rename from src/lib/crypto/openssl/md4/md4.c
rename to src/lib/crypto/nss/crypto_mod.h
index 8d2cd48a2ef997dd2b7650b3d760da74aa69225f..2f82a2b0d44700318e9eaf3b4f43305403a2b6f6 100644 (file)
@@ -1,8 +1,7 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/crypto_mod.h - NSS crypto module declarations */
 /*
- *      lib/crypto/openssl/md4/md4.c
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * Copyright (C) 2011 by the Massachusetts Institute of Technology.
  * All rights reserved.
  *
  * Export of this software from the United States of America may
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "rsa-md4.h"
-#include <openssl/evp.h>
-#include <openssl/md4.h>
+/*
+ * This header is included from lib/crypto/krb/crypto_int.h to provide
+ * module-specific declarations.  It is not included directly from source
+ * files.
+ */
 
-void
-krb5int_MD4Init (krb5_MD4_CTX *mdContext)
-{
-    EVP_MD_CTX_init(&mdContext->ossl_md4_ctx );
-    EVP_DigestInit_ex(&mdContext->ossl_md4_ctx, EVP_md4(), NULL);
+#ifndef CRYPTO_MOD_H
+#define CRYPTO_MOD_H
 
-}
-void
-krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen)
-{
-    EVP_DigestUpdate(&mdContext->ossl_md4_ctx, inBuf, inLen);
-}
+/* Because the NSS crypto module doesn't work with the Fortuna PRNG, we don't
+ * need to declare anything here. */
 
-void
-krb5int_MD4Final (krb5_MD4_CTX *mdContext)
-{
-    EVP_DigestFinal_ex(&mdContext->ossl_md4_ctx, mdContext->digest , NULL);
-    EVP_MD_CTX_cleanup(&mdContext->ossl_md4_ctx );
-}
+#endif /* CRYPTO_MOD_H */
index e925336e6ea4c4d89fbcd6aa7db2f5c93d6b4a8c..0d5831e531f23f83a385ee9cffef1486da95a720 100644 (file)
@@ -3,8 +3,7 @@
 #
 hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \
-  $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -12,10 +11,11 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hmac.c nss_gen.h
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c \
+  nss_gen.h
 pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -23,18 +23,20 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h nss_gen.h pbkdf2.c
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h nss_gen.h \
+  pbkdf2.c
 prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  nss_gen.h nss_prng.h prng.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h nss_gen.h \
+  nss_prng.h prng.c
 stubs.so stubs.po $(OUTPRE)stubs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
index c8ab6e4297a56d0f38f0e77ee206c1d5d321d16c..b751e6e65a4896298b7c359412aa79b99a4946f3 100644 (file)
@@ -1,8 +1,7 @@
 mydir=lib$(S)crypto$(S)nss$(S)des
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb \
-       $(CRYPTO_IMPL_CFLAGS)
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS)
 
 DEFS=
 
@@ -10,23 +9,18 @@ RUN_SETUP = @KRB5_RUN_ENV@
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
 
-
 STLIBOBJS= des_oldapis.o \
        f_parity.o      \
-       string2key.o    \
-       weak_key.o
+       string2key.o
 
 OBJS=  $(OUTPRE)f_parity.$(OBJEXT)     \
        $(OUTPRE)des_oldapis.$(OBJEXT)  \
-       $(OUTPRE)string2key.$(OBJEXT)   \
-       $(OUTPRE)weak_key.$(OBJEXT)
+       $(OUTPRE)string2key.$(OBJEXT)
 
 SRCS=  $(srcdir)/f_parity.c    \
        $(srcdir)/des_oldapis.c \
-       $(srcdir)/weak_key.c    \
        $(srcdir)/string2key.c
 
-
 all-unix:: all-libobjs
 
 includes:: depend
index 45fe25677c1354711849f5ab807f8f592218d820..18a1243746c3cb82300960e4ec7c65f1cad20275 100644 (file)
@@ -4,40 +4,32 @@
 f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c
+  $(top_srcdir)/include/socket-utils.h f_parity.c
 des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h des_oldapis.c
-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c
+  $(top_srcdir)/include/socket-utils.h des_oldapis.c
 string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -45,4 +37,4 @@ string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h string2key.c
+  string2key.c
diff --git a/src/lib/crypto/nss/des/des_int.h b/src/lib/crypto/nss/des/des_int.h
deleted file mode 100644 (file)
index e85fcbc..0000000
+++ /dev/null
@@ -1,194 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/des/des_int.h
- *
- * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of
- * Technology.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Private include file for the Data Encryption Standard library.
- */
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* only do the whole thing once  */
-#ifndef DES_INTERNAL_DEFS
-#define DES_INTERNAL_DEFS
-
-#include "k5-int.h"
-/*
- * Begin "mit-des.h"
- */
-#ifndef KRB5_MIT_DES__
-#define KRB5_MIT_DES__
-
-#if defined(__MACH__) && defined(__APPLE__)
-#include <TargetConditionals.h>
-#include <AvailabilityMacros.h>
-#if TARGET_RT_MAC_CFM
-#error "Use KfM 4.0 SDK headers for CFM compilation."
-#endif
-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
-#endif
-#endif /* defined(__MACH__) && defined(__APPLE__) */
-
-/* Macro to add deprecated attribute to DES types and functions */
-/* Currently only defined on Mac OS X 10.5 and later.           */
-#ifndef KRB5INT_DES_DEPRECATED
-#define KRB5INT_DES_DEPRECATED
-#endif
-
-#include <limits.h>
-
-#if UINT_MAX >= 0xFFFFFFFFUL
-#define DES_INT32 int
-#define DES_UINT32 unsigned int
-#else
-#define DES_INT32 long
-#define DES_UINT32 unsigned long
-#endif
-
-typedef unsigned char des_cblock[8]     /* crypto-block size */
-KRB5INT_DES_DEPRECATED;
-
-/*
- * Key schedule.
- *
- * This used to be
- *
- * typedef struct des_ks_struct {
- *     union { DES_INT32 pad; des_cblock _;} __;
- * } des_key_schedule[16];
- *
- * but it would cause trouble if DES_INT32 were ever more than 4
- * bytes.  The reason is that all the encryption functions cast it to
- * (DES_INT32 *), and treat it as if it were DES_INT32[32].  If
- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
- * caller-allocated des_key_schedule will be overflowed by the key
- * scheduling functions.  We can't assume that every platform will
- * have an exact 32-bit int, and nothing should be looking inside a
- * des_key_schedule anyway.
- */
-typedef struct des_ks_struct {  DES_INT32 _[2]; } des_key_schedule[16]
-KRB5INT_DES_DEPRECATED;
-
-typedef des_cblock mit_des_cblock;
-typedef des_key_schedule mit_des_key_schedule;
-
-/* Triple-DES structures */
-typedef mit_des_cblock          mit_des3_cblock[3];
-typedef mit_des_key_schedule    mit_des3_key_schedule[3];
-
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
-
-typedef struct mit_des_ran_key_seed {
-    krb5_encrypt_block eblock;
-    krb5_data sequence;
-} mit_des_random_state;
-
-/* the first byte of the key is already in the keyblock */
-
-#define MIT_DES_BLOCK_LENGTH            (8*sizeof(krb5_octet))
-#define MIT_DES_CBC_CRC_PAD_MINIMUM     CRC32_CKSUM_LENGTH
-/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE                 8
-
-#define MIT_DES_CBC_CKSUM_LENGTH        (4*sizeof(krb5_octet))
-
-/*
- * Check if k5-int.h has been included before us.  If so, then check to see
- * that our view of the DES key size is the same as k5-int.h's.
- */
-#ifdef  KRB5_MIT_DES_KEYSIZE
-#if     MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
-error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif  /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif  /* KRB5_MIT_DES_KEYSIZE */
-#endif /* KRB5_MIT_DES__ */
-/*
- * End "mit-des.h"
- */
-
-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
-extern const mit_des_cblock mit_des_zeroblock;
-
-/* des_oldapis.c */
-extern krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
-                                             const krb5_data *data,
-                                             const krb5_data *salt);
-
-/* key_parity.c */
-extern void mit_des_fixup_key_parity (mit_des_cblock );
-extern int mit_des_check_key_parity (mit_des_cblock );
-
-/* string2key.c */
-extern krb5_error_code mit_des_string_to_key
-    ( const krb5_encrypt_block *,
-               krb5_keyblock *, const krb5_data *, const krb5_data *);
-extern krb5_error_code mit_des_string_to_key_int
-        (krb5_keyblock *, const krb5_data *, const krb5_data *);
-
-/* weak_key.c */
-extern int mit_des_is_weak_key (mit_des_cblock );
-
-/* misc.c */
-extern void swap_bits (char *);
-extern unsigned long long_swap_bits (unsigned long );
-extern unsigned long swap_six_bits_to_ansi (unsigned long );
-extern unsigned long swap_four_bits_to_ansi (unsigned long );
-extern unsigned long swap_bit_pos_1 (unsigned long );
-extern unsigned long swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
-extern unsigned long rev_swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_byte_bits (unsigned long );
-extern unsigned long swap_long_bytes_bit_number (unsigned long );
-#ifdef FILE
-/* XXX depends on FILE being a #define! */
-extern void test_set (FILE *, const char *, int, const char *, int);
-#endif
-#endif  /*DES_INTERNAL_DEFS*/
index eb1e58633334b0e0b91cd9464f0cad7f517717c1..79163c40c76c76e4a0cb059cae214a4f864e3451 100644 (file)
  *
  */
 
-#include "k5-int.h"
-#include "des_int.h"
-#include <ctype.h>
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-unsigned long
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
-                  unsigned long length, const mit_des_key_schedule schedule,
-                  const krb5_octet *ivec)
-{
-    /* Unsupported operation */
-    return KRB5_CRYPTO_INTERNAL;
-}
+#include "crypto_int.h"
 
 krb5_error_code
-mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
-                       const krb5_data *salt)
-{
-    return KRB5_CRYPTO_INTERNAL;
-}
-
-int
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data,
+                      const krb5_data *salt)
 {
-    /* Unsupported operation */
     return KRB5_CRYPTO_INTERNAL;
 }
index 460b5061b5bc2313ba2da944c5f4246717e3f6f4..ca1de3ed9263467375d866f8ea5e9fcaec31be2c 100644 (file)
@@ -9,8 +9,7 @@
  * Mark Eichin -- Cygnus Support
  */
 
-
-#include "des_int.h"
+#include "crypto_int.h"
 
 /*
  * des_fixup_key_parity: Forces odd parity per byte; parity is bits
 #define parity_char(x) pstep(pstep(pstep((x),4),2),1)
 
 void
-mit_des_fixup_key_parity(mit_des_cblock key)
+mit_des_fixup_key_parity(unsigned char *key)
 {
     unsigned int i;
-    for (i=0; i<sizeof(mit_des_cblock); i++)
-    {
+    for (i = 0; i < 8; i++) {
         key[i] &= 0xfe;
         key[i] |= 1^parity_char(key[i]);
     }
-
-    return;
-}
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- *                       See des_fix_key_parity for the definition of
- *                       correct des parity.
- */
-int
-mit_des_check_key_parity(mit_des_cblock key)
-{
-    unsigned int i;
-
-    for (i=0; i<sizeof(mit_des_cblock); i++)
-    {
-        if((key[i] & 1) == parity_char(0xfe&key[i]))
-        {
-            return 0;
-        }
-    }
-
-    return(1);
 }
index 15c0adde8cacc5d69c618bd34abaa37e4143e24c..d9f9e3a184d9b41b88cae67905834fb8627757f0 100644 (file)
@@ -25,7 +25,7 @@
  * or implied warranty.
  */
 
-#include "des_int.h"
+#include "crypto_int.h"
 #include "pk11pub.h"
 #include "nss_gen.h"
 
diff --git a/src/lib/crypto/nss/des/weak_key.c b/src/lib/crypto/nss/des/weak_key.c
deleted file mode 100644 (file)
index 43fbe91..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/openssl/des/weak_key.c
- *
- * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "des_int.h"
-
-/*
- * The following are the weak DES keys:
- */
-static const mit_des_cblock weak[16] = {
-    /* weak keys */
-    {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-    {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
-    {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
-    {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
-
-    /* semi-weak */
-    {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
-    {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
-
-    {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
-    {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
-
-    {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
-    {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
-
-    {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
-    {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
-
-    {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
-    {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
-
-    {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
-    {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
-};
-
-/*
- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
- *
- * Requires: key has correct odd parity.
- */
-int
-mit_des_is_weak_key(mit_des_cblock key)
-{
-    unsigned int i;
-    const mit_des_cblock *weak_p = weak;
-
-    for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
-        if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
-            return 1;
-    }
-    return 0;
-}
index 579072df3a6655ed789787f079d031bba2cc55cf..3657d597c4b56a3764c177e0cf3f097df90006c9 100644 (file)
@@ -1,13 +1,7 @@
 mydir=lib$(S)crypto$(S)nss$(S)enc_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/../des     \
-               -I$(srcdir)/../arcfour \
-               -I$(srcdir)/../aes      \
-               -I$(srcdir)/../../krb                   \
-               -I$(srcdir)/../../krb/rand2key          \
-               -I$(srcdir)/.. -I$(srcdir)/.  \
-               $(CRYPTO_IMPL_CFLAGS)
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS)
 DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
index 69caecaf9260123007ffcb544a2d88c503e8d17c..6f24e3f3783783d9fe4e3b93cf5f90a26b1b8085 100644 (file)
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
 
-
 krb5_error_code
 krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
                     krb5_crypto_iov *data, size_t num_data)
index 8005e481e89cb739fbaef634f03a571b75919a5e..5a3495de7e0b4542ce988d53c7d49fbaa8cdf74b 100644 (file)
@@ -33,9 +33,7 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
 
 #ifdef CAMELLIA
index 901fcd6931e31a923ecef0a2c326d2997bd1ae68..7899344f8ee00688e64b0e93d205d84da5d6ca38 100644 (file)
@@ -3,9 +3,8 @@
 #
 enc_gen.so enc_gen.po $(OUTPRE)enc_gen.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -13,12 +12,11 @@ enc_gen.so enc_gen.po $(OUTPRE)enc_gen.$(OBJEXT): $(BUILDTOP)/include/autoconf.h
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  enc_gen.c enc_provider.h
+  enc_gen.c
 des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../des/des_int.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -29,9 +27,8 @@ des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   des.c
 des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../des/des_int.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -42,9 +39,8 @@ des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   des3.c
 aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -52,25 +48,24 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  aes.c enc_provider.h
+  aes.c
 camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../nss_gen.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h camellia.c enc_provider.h
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  camellia.c
 rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
index b77aa1bf90554fa1bc665991a01c6750810d7196..60b5097d1bd95501eb14b47a82a8a505494ef1fa 100644 (file)
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
-#include <aead.h>
-#include "des_int.h"
-
 
 static krb5_error_code
 k5_des_encrypt_iov(krb5_key key, const krb5_data *ivec,
index c22d6effcf24e2d6359748c6ae3e3ef8380849dd..b32e568972aad8acb98b6ffbf1d03cf72cd94958 100644 (file)
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
-#include <aead.h>
-#include "des_int.h"
-
 
 static krb5_error_code
 k5_des3_encrypt_iov(krb5_key key, const krb5_data *ivec,
index 756039a1a4f38b414e0675f00416f3fb468a52ca..19f8d2ccf76217288ac6781044ee9ebe9050648f 100644 (file)
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
-#include "enc_provider.h"
-#include "aead.h"
 #include "seccomon.h"
 #include "secmod.h"
 #include "pk11pub.h"
diff --git a/src/lib/crypto/nss/enc_provider/enc_provider.h b/src/lib/crypto/nss/enc_provider/enc_provider.h
deleted file mode 100644 (file)
index 4365255..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-
-extern const struct krb5_enc_provider krb5int_enc_des;
-extern const struct krb5_enc_provider krb5int_enc_des3;
-extern const struct krb5_enc_provider krb5int_enc_arcfour;
-extern const struct krb5_enc_provider krb5int_enc_aes128;
-extern const struct krb5_enc_provider krb5int_enc_aes256;
-extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
-extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
-#ifdef CAMELLIA
-extern const struct krb5_enc_provider krb5int_enc_camellia128;
-extern const struct krb5_enc_provider krb5int_enc_camellia256;
-#endif
index 633d0d18178218c350500f41b6b0be5f909e7fba..908924358f71c2f92c86b75f7c65f2ae2f1288d3 100644 (file)
@@ -33,8 +33,7 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
-#include <aead.h>
+#include "crypto_int.h"
 #include "nss_gen.h"
 
 #define RC4_KEY_SIZE 16
index 719b50079dd2d1cb754562a5c6635b41d446d040..e6b25caca637473e6b188ef5e0637410a62c169f 100644 (file)
@@ -1,8 +1,7 @@
 mydir=lib$(S)crypto$(S)nss$(S)hash_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \
-       -I$(srcdir)/.. -I$(srcdir)/../../krb \
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. -I$(srcdir)/../md4 \
        $(CRYPTO_IMPL_CFLAGS)
 
 DEFS=
index e52f37d206613d689ce61384346ebef18935890f..e9232739442448b5cf8b3cc18969ef724d21738a 100644 (file)
@@ -4,21 +4,20 @@
 hash_gen.so hash_gen.po $(OUTPRE)hash_gen.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../nss_gen.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_gen.c
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  hash_gen.c
 hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -26,24 +25,25 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h
+  $(top_srcdir)/include/socket-utils.h hash_crc32.c
 hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../md4/rsa-md4.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  hash_md4.c
 hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -51,11 +51,12 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  hash_md5.c hash_provider.h
+  hash_md5.c
 hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -63,4 +64,4 @@ hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  hash_provider.h hash_sha1.c
+  hash_sha1.c
index 3a2f94a3b81eda5217df13f6457777efd542e62f..c8d0e0834598f837e346429fa09a9c4264aef9ba 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "crc-32.h"
-#include "hash_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 static krb5_error_code
 k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 7cc82f4ffe2e164d4c60ccef809e13f82e8ab240..a11aa6d141c02082f92fb67f05e6a2203bd70258 100644 (file)
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "sechash.h"
 #include "nss_gen.h"
-#include "aead.h"
 
 krb5_error_code
 k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data,
index 91482f76b0229c59e6ea39a64de5fb4bffad1157..7bf68909e5a1386e555f280d5cb3a2a3554883a8 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "hash_provider.h"
+#include "crypto_int.h"
 #include "rsa-md4.h"
-#include "aead.h"
 
 static krb5_error_code
 k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 65ea6fccc6a62cba159b1c433ac8c62ab5e1ba89..2fb2998ef08c3ad751b6bbb3b83f4949b429591a 100644 (file)
@@ -33,9 +33,8 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
-#include "hash_provider.h"
 
 static krb5_error_code
 k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
diff --git a/src/lib/crypto/nss/hash_provider/hash_provider.h b/src/lib/crypto/nss/hash_provider/hash_provider.h
deleted file mode 100644 (file)
index eebe845..0000000
+++ /dev/null
@@ -1,33 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-
-extern const struct krb5_hash_provider krb5int_hash_crc32;
-extern const struct krb5_hash_provider krb5int_hash_md4;
-extern const struct krb5_hash_provider krb5int_hash_md5;
-extern const struct krb5_hash_provider krb5int_hash_sha1;
index c70d4393fbd5f5e419aae57ef38b6f98f8b3faa8..c78b45ac731ecf54ef1d07210d03ae0542238c81 100644 (file)
@@ -33,9 +33,8 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
-#include "hash_provider.h"
 
 static krb5_error_code
 k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index c0db602b7d319a702e2661ddc7c437bf86e60cd4..adf600ea04c7bd970585e0b9bdb9600cd80d1c79 100644 (file)
@@ -33,8 +33,7 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include "k5-int.h"
-#include "aead.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
 #include "pk11pub.h"
 
index dfb0182fa2ee1c43746b80a068dff4bd3bf1b301..3927d57191dead75832bac5cef6f934eee415da5 100644 (file)
@@ -1,11 +1,8 @@
 mydir=lib$(S)crypto$(S)nss$(S)md4
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)
+LOCALINCLUDES =
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
 STLIBOBJS= md4.o
 
 OBJS= $(OUTPRE)md4.$(OBJEXT) 
index b0cde50e9617f4345d0aca3bc5943e4995dec28f..ec7279518e1411bc98324c984bde91a63e65d110 100644 (file)
@@ -4,15 +4,14 @@ DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
-CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS)
+LOCALINCLUDES =
 
 
-STLIBOBJS= md5.o
+STLIBOBJS=
 
-OBJS= $(OUTPRE)md5.$(OBJEXT) 
+OBJS=
 
-SRCS= $(srcdir)/md5.c
+SRCS=
 
 all-unix:: all-libobjs
 
index bc7ef602b854fdec93519151d88de2f2e66c092c..2feac3c9d38856b5efb7d0477f708535725a2640 100644 (file)
@@ -1,14 +1 @@
-# 
-# Generated makefile dependencies follow.
-#
-md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h
+# No dependencies here.
diff --git a/src/lib/crypto/nss/md5/md5.c b/src/lib/crypto/nss/md5/md5.c
deleted file mode 100644 (file)
index ee494e5..0000000
+++ /dev/null
@@ -1,86 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/nss/md5/md5.c
- *
- * Copyright (c) 2010 Red Hat, Inc.
- * All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- *  * Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- *  * Redistributions in binary form must reproduce the above
- *    copyright notice, this list of conditions and the following
- *    disclaimer in the documentation and/or other materials provided
- *    with the distribution.
- *
- *  * Neither the name of Red Hat, Inc., nor the names of its
- *    contributors may be used to endorse or promote products derived
- *    from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
- * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "k5-int.h"
-#include "rsa-md5.h"
-#include "pk11pub.h"
-#include "nss_gen.h"
-
-
-/* Initialize the message-digest context mdContext. */
-void
-krb5int_MD5Init(krb5_MD5_CTX *mdContext)
-{
-    if (k5_nss_init()) {
-        mdContext->nss_ctxt = NULL;
-        return;
-    }
-    mdContext->nss_ctxt = PK11_CreateDigestContext(SEC_OID_MD5);
-    if (mdContext->nss_ctxt == NULL)
-        return;
-    PK11_DigestBegin((PK11Context *)mdContext->nss_ctxt);
-}
-
-/*
- * Update the message-digest context to account for the presence of each of the
- * characters inBuf[0..inLen-1] in the message whose digest is being computed.
- */
-void
-krb5int_MD5Update(krb5_MD5_CTX *mdContext, const unsigned char *inBuf,
-                  unsigned int inLen)
-{
-   if (mdContext->nss_ctxt == NULL)
-        return;
-   PK11_DigestOp((PK11Context *)mdContext->nss_ctxt, inBuf, inLen);
-}
-
-/* Terminate the message-digest computation and end with the desired message
- * digest in mdContext->digest[0...15]. */
-void
-krb5int_MD5Final(krb5_MD5_CTX *mdContext)
-{
-   unsigned int digestLength;
-
-   if (mdContext->nss_ctxt == NULL)
-        return;
-   PK11_DigestFinal((PK11Context *)mdContext->nss_ctxt, mdContext->digest,
-                    &digestLength, sizeof (mdContext->digest));
-   /* since there is not separate cleanup step, free the context now.
-    * (otherwise we could have reused the context for another MD5 operation
-    * in the future).
-    */
-   PK11_DestroyContext((PK11Context *)mdContext->nss_ctxt, PR_TRUE);
-   mdContext->nss_ctxt = NULL;
-}
diff --git a/src/lib/crypto/nss/md5/rsa-md5.h b/src/lib/crypto/nss/md5/rsa-md5.h
deleted file mode 100644 (file)
index 228eb09..0000000
+++ /dev/null
@@ -1,90 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/md5/rsa-md5.h
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- ***********************************************************************
- ** md5.h -- header file for implementation of MD5                    **
- ** RSA Data Security, Inc. MD5 Message-Digest Algorithm              **
- ** Created: 2/17/90 RLR                                              **
- ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version               **
- ** Revised (for MD5): RLR 4/27/91                                    **
- **   -- G modified to have y&~z instead of y&z                       **
- **   -- FF, GG, HH modified to add in last register done             **
- **   -- Access pattern: round 2 works mod 5, round 3 works mod 3     **
- **   -- distinct additive constant for each step                     **
- **   -- round 4 added, working mod 7                                 **
- ***********************************************************************
- */
-
-/*
- ***********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved.  **
- **                                                                   **
- ** License to copy and use this software is granted provided that    **
- ** it is identified as the "RSA Data Security, Inc. MD5 Message-     **
- ** Digest Algorithm" in all material mentioning or referencing this  **
- ** software or this function.                                        **
- **                                                                   **
- ** License is also granted to make and use derivative works          **
- ** provided that such works are identified as "derived from the RSA  **
- ** Data Security, Inc. MD5 Message-Digest Algorithm" in all          **
- ** material mentioning or referencing the derived work.              **
- **                                                                   **
- ** RSA Data Security, Inc. makes no representations concerning       **
- ** either the merchantability of this software or the suitability    **
- ** of this software for any particular purpose.  It is provided "as  **
- ** is" without express or implied warranty of any kind.              **
- **                                                                   **
- ** These notices must be retained in any copies of any part of this  **
- ** documentation and/or software.                                    **
- ***********************************************************************
- */
-
-
-#ifndef    KRB5_RSA_MD5__
-#define    KRB5_RSA_MD5__
-
-/* Data structure for MD5 (Message-Digest) computation */
-typedef struct {
-    void *nss_ctxt;
-    krb5_int32 * digest_len;
-    krb5_ui_4 i[2];              /* number of _bits_ handled mod 2^64 */
-    krb5_ui_4 buf[4];            /* scratch buffer */
-    unsigned char in[64];        /* input buffer */
-    unsigned char digest[16];    /* actual digest after MD5Final call */
-} krb5_MD5_CTX;
-
-extern void krb5int_MD5Init(krb5_MD5_CTX *);
-extern void krb5int_MD5Update(krb5_MD5_CTX *, const unsigned char *,
-                              unsigned int);
-extern void krb5int_MD5Final(krb5_MD5_CTX *);
-
-#define    RSA_MD5_CKSUM_LENGTH            16
-#define    OLD_RSA_MD5_DES_CKSUM_LENGTH    16
-#define    NEW_RSA_MD5_DES_CKSUM_LENGTH    24
-#define    RSA_MD5_DES_CONFOUND_LENGTH     8
-
-#endif /* KRB5_RSA_MD5__ */
index a966c364e044d08993f476358e00b530f73077f3..f89f00df67bcc56be7b99df720d44e75311c423e 100644 (file)
@@ -34,8 +34,7 @@
  */
 
 #include <ctype.h>
-#include "k5-int.h"
-#include "hash_provider.h"
+#include "crypto_int.h"
 #include "pk11pub.h"
 #include "nss_gen.h"
 
index 61039171b4f7a4dff4c93cba9f436fde91e02b5c..ebd1d3ac23062a1997fa3d78b46babcd39817f02 100644 (file)
@@ -24,7 +24,7 @@
  * or implied warranty.
  */
 
-#include "k5-int.h"
+#include "crypto_int.h"
 #include "nss_gen.h"
 #include "nss_prng.h"
 #include <pk11pub.h>
index 82d6d9b91ddd417a33df41f2c0ad9a1d7eb957a9..8e7809e7c3bf5ecafd2e1f83197335e477ac1eba 100644 (file)
@@ -1,17 +1,13 @@
 mydir=lib$(S)crypto$(S)nss$(S)sha1
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 DEFS=
-CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS)
+LOCALINCLUDES =
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
+STLIBOBJS=
 
-STLIBOBJS= shs.o
+OBJS=
 
-OBJS= $(OUTPRE)shs.$(OBJEXT) 
-
-SRCS= $(srcdir)/shs.c
+SRCS=
 
 all-unix:: all-libobjs
 
index 9133bb53023d9c3f0619789b0d82e2a7b42dc211..2feac3c9d38856b5efb7d0477f708535725a2640 100644 (file)
@@ -1,14 +1 @@
-# 
-# Generated makefile dependencies follow.
-#
-shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h shs.c shs.h
+# No dependencies here.
diff --git a/src/lib/crypto/nss/sha1/shs.c b/src/lib/crypto/nss/sha1/shs.c
deleted file mode 100644 (file)
index edf4c9a..0000000
+++ /dev/null
@@ -1,77 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/nss/sha1/shs.c
- *
- * Copyright (c) 2010 Red Hat, Inc.
- * All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- *  * Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- *  * Redistributions in binary form must reproduce the above
- *    copyright notice, this list of conditions and the following
- *    disclaimer in the documentation and/or other materials provided
- *    with the distribution.
- *
- *  * Neither the name of Red Hat, Inc., nor the names of its
- *    contributors may be used to endorse or promote products derived
- *    from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
- * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "k5-int.h"
-#include "shs.h"
-#include "pk11pub.h"
-#include "nss_gen.h"
-
-/* Initialize the SHS values */
-void shsInit(SHS_INFO *shsInfo)
-{
-    if (k5_nss_init()) {
-        shsInfo->nss_ctxt = NULL;
-        return;
-    }
-    shsInfo->nss_ctxt = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (shsInfo->nss_ctxt == NULL)
-        return;
-    PK11_DigestBegin((PK11Context *)shsInfo->nss_ctxt);
-}
-
-/* Update SHS for a block of data */
-void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count)
-{
-    if (shsInfo->nss_ctxt == NULL)
-        return;
-    PK11_DigestOp((PK11Context *)shsInfo->nss_ctxt, buffer, count);
-}
-
-
-/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern
- * 1 0* (64-bit count of bits processed, MSB-first) */
-void shsFinal(SHS_INFO *shsInfo)
-{
-   if (shsInfo->nss_ctxt == NULL)
-        return;
-   PK11_DigestFinal((PK11Context *)shsInfo->nss_ctxt, shsInfo->digestBuf,
-                    &shsInfo->digestLen, sizeof (shsInfo->digestBuf));
-   /* Since there is not separate cleanup step, free the context now.
-    * (otherwise we could have reused the context for another MD5 operation
-    * in the future).
-    */
-   PK11_DestroyContext((PK11Context *)shsInfo->nss_ctxt, PR_TRUE);
-   shsInfo->nss_ctxt = NULL;
-}
diff --git a/src/lib/crypto/nss/sha1/shs.h b/src/lib/crypto/nss/sha1/shs.h
deleted file mode 100644 (file)
index 7019504..0000000
+++ /dev/null
@@ -1,46 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#ifndef _SHS_DEFINED
-
-#include "k5-int.h"
-
-#define _SHS_DEFINED
-
-/* Some useful types */
-
-typedef krb5_octet      SHS_BYTE;
-typedef krb5_ui_4       SHS_LONG;
-
-/* Define the following to use the updated SHS implementation */
-#define NEW_SHS         /**/
-
-/* The SHS block size and message digest sizes, in bytes */
-
-#define SHS_DATASIZE    64
-#define SHS_DIGESTSIZE  20
-
-/* The structure for storing SHS info */
-
-typedef struct {
-    void *nss_ctxt;
-    unsigned char   digestBuf[SHS_DIGESTSIZE]; /* output */
-    unsigned int    digestLen; /* output */
-} SHS_INFO;
-
-/* Message digest functions (shs.c) */
-void shsInit(SHS_INFO *shsInfo);
-void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count);
-void shsFinal(SHS_INFO *shsInfo);
-
-
-/* Keyed Message digest functions (hmac_sha.c) */
-krb5_error_code hmac_sha(krb5_octet *text,
-                        int text_len,
-                        krb5_octet *key,
-                        int key_len,
-                        krb5_octet *digest);
-
-
-#define NIST_SHA_CKSUM_LENGTH           SHS_DIGESTSIZE
-#define HMAC_SHA_CKSUM_LENGTH           SHS_DIGESTSIZE
-
-#endif /* _SHS_DEFINED */
index 1a2bcbb823f1e795afe801374a67765d2377d16a..89662fa44674a73f8d66e7160fdf3bdff62ccdcb 100644 (file)
@@ -4,7 +4,7 @@
 
 mydir=lib$(S)crypto$(S)nss$(S)aes
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+LOCALINCLUDES =
 DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
index f3992c21ace8371d6d51e372df07b315f80dc424..c889cbed1f05a7e0b36d711be24523a0062a2b85 100644 (file)
@@ -1,16 +1,7 @@
 mydir=lib$(S)crypto$(S)openssl
 BUILDTOP=$(REL)..$(S)..$(S)..
 SUBDIRS=camellia des aes md4 md5  sha1 sha2 enc_provider hash_provider
-LOCALINCLUDES = -I$(srcdir)/../krb                     \
-               -I$(srcdir)/../krb/hash_provider        \
-               -I$(srcdir)/des         \
-               -I$(srcdir)/aes         \
-               -I$(srcdir)/sha1        \
-               -I$(srcdir)/sha2        \
-               -I$(srcdir)/md4         \
-               -I$(srcdir)/md5 \
-               -I$(srcdir)/enc_provider        \
-               -I$(srcdir)/hash_provider       
+LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
 DEFS=
index c300cd45502f6fc46bda771aa299a6ec6258ba3c..b805e9fad5ca96399c39a6687cd8ad3f901b3b91 100644 (file)
@@ -4,12 +4,9 @@
 
 mydir=lib$(S)crypto$(S)openssl$(S)camellia
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+LOCALINCLUDES =
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
 STLIBOBJS=
 
 OBJS=
similarity index 72%
rename from src/lib/crypto/openssl/aes/aes.h
rename to src/lib/crypto/openssl/crypto_mod.h
index 4aa9eb84809f94ce7c562c5df84ce8316dc44b55..56fb1689603ed67e2fbd4e31bd7948ba81200644 100644 (file)
@@ -1,8 +1,8 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/aes/aes.h - AES translation macros */
+/* lib/crypto/openssl/crypto_mod.h - OpenSSL crypto module declarations */
 /*
- * Copyright 2011 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
+ * Copyright (C) 2011 by the Massachusetts Institute of Technology.
+ * All rights reserved.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
  * or implied warranty.
  */
 
-#ifndef _AES_H
-#define _AES_H
+/*
+ * This header is included from lib/crypto/krb/crypto_int.h to provide
+ * module-specific declarations.  It is not included directly from source
+ * files.
+ */
+
+#ifndef CRYPTO_MOD_H
+#define CRYPTO_MOD_H
 
-/* This header maps some of the names of the built-in AES types and functions
- * (those used by the Fortuna PRNG) to the OpenSSL equivalents. */
 #include <openssl/aes.h>
+#include <openssl/sha.h>
 
 #define aes_ctx AES_KEY
 #define krb5int_aes_enc_key(k, len, ctx) AES_set_encrypt_key(k, 8*(len), ctx)
 #define krb5int_aes_enc_blk(in, out, ctx) AES_encrypt(in, out, ctx)
+#define k5_sha256_init SHA256_Init
+#define k5_sha256_update SHA256_Update
+#define k5_sha256_final SHA256_Final
 
-#endif /* _AES_H */
+#endif /* CRYPTO_MOD_H */
index e72befff5619791a95347f7cee452cd4e4256d5c..3e63b63a946238e3493adee19f875fc49a678479 100644 (file)
@@ -3,8 +3,7 @@
 #
 hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \
-  $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -12,11 +11,21 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hmac.c
-init.so init.po $(OUTPRE)init.$(OBJEXT): init.c
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c
+init.so init.po $(OUTPRE)init.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h init.c
 pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -24,15 +33,15 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h pbkdf2.c
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h pbkdf2.c
 stubs.so stubs.po $(OUTPRE)stubs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  stubs.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h crypto_mod.h stubs.c
index 335c7e53cbd8de5f9f399ab361b7a01bc66dd67a..4907bc89d94e2f6424db8575688a3b035ebf1b51 100644 (file)
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)openssl$(S)des
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
 DEFS=
 
 RUN_SETUP = @KRB5_RUN_ENV@
@@ -10,20 +10,16 @@ PROG_RPATH=$(KRB5_LIBDIR)
 
 STLIBOBJS= des_oldapis.o \
        f_parity.o      \
-       string2key.o    \
-       weak_key.o
+       string2key.o
 
 OBJS=  $(OUTPRE)f_parity.$(OBJEXT)     \
        $(OUTPRE)des_oldapis.$(OBJEXT)  \
-       $(OUTPRE)string2key.$(OBJEXT)   \
-       $(OUTPRE)weak_key.$(OBJEXT)
+       $(OUTPRE)string2key.$(OBJEXT)
 
 SRCS=  $(srcdir)/f_parity.c    \
        $(srcdir)/des_oldapis.c \
-       $(srcdir)/weak_key.c    \
        $(srcdir)/string2key.c
 
-
 all-unix:: all-libobjs
 
 includes:: depend
index 0c269398d6e2a0d9e45aaf6e1320655478b3ee0c..50a5ca0290ac6dd70391d7fcc30bada568b7cb56 100644 (file)
@@ -4,44 +4,36 @@
 f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c
+  $(top_srcdir)/include/socket-utils.h f_parity.c
 des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h des_oldapis.c
-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c
+  $(top_srcdir)/include/socket-utils.h des_oldapis.c
 string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
   $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h string2key.c
+  $(top_srcdir)/include/socket-utils.h string2key.c
diff --git a/src/lib/crypto/openssl/des/des_int.h b/src/lib/crypto/openssl/des/des_int.h
deleted file mode 100644 (file)
index 9443c96..0000000
+++ /dev/null
@@ -1,194 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/des/des_int.h
- *
- * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of
- * Technology.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Private include file for the Data Encryption Standard library.
- */
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* only do the whole thing once  */
-#ifndef DES_INTERNAL_DEFS
-#define DES_INTERNAL_DEFS
-
-#include "k5-int.h"
-/*
- * Begin "mit-des.h"
- */
-#ifndef KRB5_MIT_DES__
-#define KRB5_MIT_DES__
-
-#if defined(__MACH__) && defined(__APPLE__)
-#include <TargetConditionals.h>
-#include <AvailabilityMacros.h>
-#if TARGET_RT_MAC_CFM
-#error "Use KfM 4.0 SDK headers for CFM compilation."
-#endif
-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
-#endif
-#endif /* defined(__MACH__) && defined(__APPLE__) */
-
-/* Macro to add deprecated attribute to DES types and functions */
-/* Currently only defined on Mac OS X 10.5 and later.           */
-#ifndef KRB5INT_DES_DEPRECATED
-#define KRB5INT_DES_DEPRECATED
-#endif
-
-#include <limits.h>
-
-#if UINT_MAX >= 0xFFFFFFFFUL
-#define DES_INT32 int
-#define DES_UINT32 unsigned int
-#else
-#define DES_INT32 long
-#define DES_UINT32 unsigned long
-#endif
-
-typedef unsigned char des_cblock[8]     /* crypto-block size */
-KRB5INT_DES_DEPRECATED;
-
-/*
- * Key schedule.
- *
- * This used to be
- *
- * typedef struct des_ks_struct {
- *     union { DES_INT32 pad; des_cblock _;} __;
- * } des_key_schedule[16];
- *
- * but it would cause trouble if DES_INT32 were ever more than 4
- * bytes.  The reason is that all the encryption functions cast it to
- * (DES_INT32 *), and treat it as if it were DES_INT32[32].  If
- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
- * caller-allocated des_key_schedule will be overflowed by the key
- * scheduling functions.  We can't assume that every platform will
- * have an exact 32-bit int, and nothing should be looking inside a
- * des_key_schedule anyway.
- */
-typedef struct des_ks_struct {  DES_INT32 _[2]; } des_key_schedule[16]
-KRB5INT_DES_DEPRECATED;
-
-typedef des_cblock mit_des_cblock;
-typedef des_key_schedule mit_des_key_schedule;
-
-/* Triple-DES structures */
-typedef mit_des_cblock          mit_des3_cblock[3];
-typedef mit_des_key_schedule    mit_des3_key_schedule[3];
-
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
-
-typedef struct mit_des_ran_key_seed {
-    krb5_encrypt_block eblock;
-    krb5_data sequence;
-} mit_des_random_state;
-
-/* the first byte of the key is already in the keyblock */
-
-#define MIT_DES_BLOCK_LENGTH            (8*sizeof(krb5_octet))
-#define MIT_DES_CBC_CRC_PAD_MINIMUM     CRC32_CKSUM_LENGTH
-/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE                 8
-
-#define MIT_DES_CBC_CKSUM_LENGTH        (4*sizeof(krb5_octet))
-
-/*
- * Check if k5-int.h has been included before us.  If so, then check to see
- * that our view of the DES key size is the same as k5-int.h's.
- */
-#ifdef  KRB5_MIT_DES_KEYSIZE
-#if     MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
-error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif  /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif  /* KRB5_MIT_DES_KEYSIZE */
-#endif /* KRB5_MIT_DES__ */
-/*
- * End "mit-des.h"
- */
-
-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
-extern const mit_des_cblock mit_des_zeroblock;
-
-/* des_oldapis.c */
-extern krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
-                                             const krb5_data *data,
-                                             const krb5_data *salt);
-
-/* key_parity.c */
-extern void mit_des_fixup_key_parity (mit_des_cblock );
-extern int mit_des_check_key_parity (mit_des_cblock );
-
-/* string2key.c */
-extern krb5_error_code mit_des_string_to_key
-( const krb5_encrypt_block *,
-  krb5_keyblock *, const krb5_data *, const krb5_data *);
-extern krb5_error_code mit_des_string_to_key_int
-(krb5_keyblock *, const krb5_data *, const krb5_data *);
-
-/* weak_key.c */
-extern int mit_des_is_weak_key (mit_des_cblock );
-
-/* misc.c */
-extern void swap_bits (char *);
-extern unsigned long long_swap_bits (unsigned long );
-extern unsigned long swap_six_bits_to_ansi (unsigned long );
-extern unsigned long swap_four_bits_to_ansi (unsigned long );
-extern unsigned long swap_bit_pos_1 (unsigned long );
-extern unsigned long swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
-extern unsigned long rev_swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_byte_bits (unsigned long );
-extern unsigned long swap_long_bytes_bit_number (unsigned long );
-#ifdef FILE
-/* XXX depends on FILE being a #define! */
-extern void test_set (FILE *, const char *, int, const char *, int);
-#endif
-#endif  /*DES_INTERNAL_DEFS*/
index eb1e58633334b0e0b91cd9464f0cad7f517717c1..79163c40c76c76e4a0cb059cae214a4f864e3451 100644 (file)
  *
  */
 
-#include "k5-int.h"
-#include "des_int.h"
-#include <ctype.h>
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-unsigned long
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
-                  unsigned long length, const mit_des_key_schedule schedule,
-                  const krb5_octet *ivec)
-{
-    /* Unsupported operation */
-    return KRB5_CRYPTO_INTERNAL;
-}
+#include "crypto_int.h"
 
 krb5_error_code
-mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
-                       const krb5_data *salt)
-{
-    return KRB5_CRYPTO_INTERNAL;
-}
-
-int
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data,
+                      const krb5_data *salt)
 {
-    /* Unsupported operation */
     return KRB5_CRYPTO_INTERNAL;
 }
index b8baac9d206380d046262ea3ef60624db3845149..4956af266c16e5e57ba95c0531e90abf40edcd1f 100644 (file)
  * or implied warranty.
  */
 
-#include "des_int.h"
+#include "crypto_int.h"
 #include <openssl/des.h>
 
 void
-mit_des_fixup_key_parity(mit_des_cblock key)
+mit_des_fixup_key_parity(unsigned char *key)
 {
     DES_set_odd_parity(key);
 }
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- *                       See des_fix_key_parity for the definition of
- *                       correct des parity.
- */
-int
-mit_des_check_key_parity(mit_des_cblock key)
-{
-    if (!DES_check_key_parity(key))
-        return(0);
-    return (1);
-}
index c192734ceb3f5ef3e49fd5a9d65710ec90a76179..bc37da63b0492e14be6c9c116fa2aac5f6e9631c 100644 (file)
  * or implied warranty.
  */
 
-#include "des_int.h"
+#include "crypto_int.h"
 #include <openssl/des.h>
 
-
 krb5_error_code
-mit_des_string_to_key_int (krb5_keyblock *key,
-                           const krb5_data *pw, const krb5_data *salt)
+mit_des_string_to_key_int(krb5_keyblock *key, const krb5_data *pw,
+                          const krb5_data *salt)
 {
     DES_cblock outkey;
     DES_string_to_key(pw->data, &outkey);
-    if ( key->length <  sizeof(outkey))
+    if (key->length < sizeof(outkey))
         return KRB5_CRYPTO_INTERNAL;
     key->length = sizeof(outkey);
     memcpy(key->contents, outkey, key->length);
diff --git a/src/lib/crypto/openssl/des/weak_key.c b/src/lib/crypto/openssl/des/weak_key.c
deleted file mode 100644 (file)
index c739bc2..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/openssl/des/weak_key.c
- *
- * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "des_int.h"
-#include <openssl/des.h>
-
-/*
- * The following are the weak DES keys:
- */
-static const mit_des_cblock weak[16] = {
-    /* weak keys */
-    {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-    {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
-    {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
-    {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
-
-    /* semi-weak */
-    {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
-    {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
-
-    {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
-    {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
-
-    {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
-    {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
-
-    {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
-    {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
-
-    {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
-    {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
-
-    {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
-    {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
-};
-
-/*
- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
- *
- * Requires: key has correct odd parity.
- */
-int
-mit_des_is_weak_key(mit_des_cblock key)
-{
-    unsigned int i;
-    const mit_des_cblock *weak_p = weak;
-
-    for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
-        if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
-            return 1;
-    }
-    if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */
-        return 1;
-
-    return 0;
-}
index 4d184ef80373deee31074086ace90430fccf4d53..fd0335f43622ff0028c4a89142c28ba318e7eca3 100644 (file)
@@ -1,11 +1,6 @@
 mydir=lib$(S)crypto$(S)openssl$(S)enc_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../des     \
-               -I$(srcdir)/../arcfour \
-               -I$(srcdir)/../aes      \
-               -I$(srcdir)/../camellia         \
-               -I$(srcdir)/../../krb                   \
-               -I$(srcdir)/.. -I$(srcdir)/.
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
 DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
index 624e79d849e4d700b7a0637d0e7674ed18037403..1b16c0ca4aed6c1a1836db59455671aed7131200 100644 (file)
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "aead.h"
-#include "hash_provider/hash_provider.h"
+#include "crypto_int.h"
 #include <openssl/evp.h>
 #include <openssl/aes.h>
 #include <openssl/modes.h>
index 0aeee99aebe79285ea6b6e3808e1ac89661db385..ab7370feb87935d6da5175bb293d4f3ded456323 100644 (file)
  * or implied warranty.
  */
 
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "aead.h"
-#include "hash_provider/hash_provider.h"
+#include "crypto_int.h"
 #include <openssl/evp.h>
 #include <openssl/camellia.h>
 #include <openssl/modes.h>
index b1296195f183d8b998b40325a522ec0230686bf4..163864bc5e35219044f29c300ac710bc50ef3c45 100644 (file)
@@ -3,9 +3,8 @@
 #
 des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -16,9 +15,8 @@ des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   des.c
 des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -29,9 +27,8 @@ des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   des3.c
 aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(srcdir)/../hash_provider/hash_provider.h $(top_srcdir)/include/k5-buf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
   $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
   $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
   $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
@@ -39,12 +36,11 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  aes.c enc_provider.h
+  aes.c
 camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../hash_provider/hash_provider.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -52,16 +48,16 @@ camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h camellia.c enc_provider.h
+  $(top_srcdir)/include/socket-utils.h camellia.c
 rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \
-  $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h rc4.c
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
+  $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  rc4.c
index 34da10b54178b1275e0cac786174c9fc08fc3a64..151b6ddfb2a09df52790b7904d10537e062c930e 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include <aead.h>
+#include "crypto_int.h"
 #include <openssl/evp.h>
-#include "des_int.h"
 
-#define DES_BLOCK_SIZE  8
-#define DES_KEY_BYTES   7
+#define DES_BLOCK_SIZE 8
+#define DES_KEY_SIZE 8
+#define DES_KEY_BYTES 7
 
 static krb5_error_code
 validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
@@ -70,7 +69,7 @@ validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
             input_length += iov->data.length;
     }
 
-    if (key->keyblock.length != KRB5_MIT_DES_KEYSIZE)
+    if (key->keyblock.length != DES_KEY_SIZE)
         return(KRB5_BAD_KEYSIZE);
     if ((input_length%DES_BLOCK_SIZE) != 0)
         return(KRB5_BAD_MSIZE);
@@ -85,8 +84,8 @@ static krb5_error_code
 k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
                size_t num_data)
 {
-    int ret, olen = MIT_DES_BLOCK_LENGTH;
-    unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH];
+    int ret, olen = DES_BLOCK_SIZE;
+    unsigned char iblock[DES_BLOCK_SIZE], oblock[DES_BLOCK_SIZE];
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX ciph_ctx;
     krb5_boolean empty;
@@ -109,21 +108,21 @@ k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
 
     for (;;) {
 
-        if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data,
+        if (!krb5int_c_iov_get_block(iblock, DES_BLOCK_SIZE, data,
                                      num_data, &input_pos))
             break;
 
         ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen,
-                                (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH);
+                                (unsigned char *)iblock, DES_BLOCK_SIZE);
         if (!ret)
             break;
 
-        krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH,
+        krb5int_c_iov_put_block(data, num_data, oblock, DES_BLOCK_SIZE,
                                 &output_pos);
     }
 
     if (ivec != NULL)
-        memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH);
+        memcpy(ivec->data, oblock, DES_BLOCK_SIZE);
 
     EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
@@ -139,8 +138,8 @@ static krb5_error_code
 k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
                size_t num_data)
 {
-    int ret, olen = MIT_DES_BLOCK_LENGTH;
-    unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH];
+    int ret, olen = DES_BLOCK_SIZE;
+    unsigned char iblock[DES_BLOCK_SIZE], oblock[DES_BLOCK_SIZE];
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX ciph_ctx;
     krb5_boolean empty;
@@ -164,20 +163,20 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
 
     for (;;) {
 
-        if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH,
+        if (!krb5int_c_iov_get_block(iblock, DES_BLOCK_SIZE,
                                      data, num_data, &input_pos))
             break;
 
         ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen,
-                                iblock, MIT_DES_BLOCK_LENGTH);
+                                iblock, DES_BLOCK_SIZE);
         if (!ret) break;
 
         krb5int_c_iov_put_block(data, num_data, oblock,
-                                MIT_DES_BLOCK_LENGTH, &output_pos);
+                                DES_BLOCK_SIZE, &output_pos);
     }
 
     if (ivec != NULL)
-        memcpy(ivec->data, iblock, MIT_DES_BLOCK_LENGTH);
+        memcpy(ivec->data, iblock, DES_BLOCK_SIZE);
 
     EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
@@ -191,7 +190,7 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
 
 const struct krb5_enc_provider krb5int_enc_des = {
     DES_BLOCK_SIZE,
-    DES_KEY_BYTES, KRB5_MIT_DES_KEYSIZE,
+    DES_KEY_BYTES, DES_KEY_SIZE,
     k5_des_encrypt,
     k5_des_decrypt,
     NULL,
index 68a91beddfa79d606e789aa6efc0fa6142c65a05..fe41ef7727930ace8d236fecfc6baab1044e6075 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "des_int.h"
-#include <aead.h>
+#include "crypto_int.h"
 #include <openssl/evp.h>
 
 
-#define DES_BLOCK_SIZE  8
+#define DES3_BLOCK_SIZE 8
+#define DES3_KEY_SIZE 24
+#define DES3_KEY_BYTES 21
 
 static krb5_error_code
 validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
@@ -69,9 +69,9 @@ validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
             input_length += iov->data.length;
     }
 
-    if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE)
+    if (key->keyblock.length != DES3_KEY_SIZE)
         return(KRB5_BAD_KEYSIZE);
-    if ((input_length%DES_BLOCK_SIZE) != 0)
+    if ((input_length%DES3_BLOCK_SIZE) != 0)
         return(KRB5_BAD_MSIZE);
     if (ivec && (ivec->length != 8))
         return(KRB5_BAD_MSIZE);
@@ -84,8 +84,8 @@ static krb5_error_code
 k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
                 size_t num_data)
 {
-    int ret, olen = MIT_DES_BLOCK_LENGTH;
-    unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH];
+    int ret, olen = DES3_BLOCK_SIZE;
+    unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX ciph_ctx;
     krb5_boolean empty;
@@ -109,21 +109,21 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
 
     for (;;) {
 
-        if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH,
+        if (!krb5int_c_iov_get_block(iblock, DES3_BLOCK_SIZE,
                                      data, num_data, &input_pos))
             break;
 
         ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen,
-                                (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH);
+                                (unsigned char *)iblock, DES3_BLOCK_SIZE);
         if (!ret)
             break;
 
         krb5int_c_iov_put_block(data, num_data,
-                                oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
+                                oblock, DES3_BLOCK_SIZE, &output_pos);
     }
 
     if (ivec != NULL)
-        memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH);
+        memcpy(ivec->data, oblock, DES3_BLOCK_SIZE);
 
     EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
@@ -139,8 +139,8 @@ static krb5_error_code
 k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
                 size_t num_data)
 {
-    int ret, olen = MIT_DES_BLOCK_LENGTH;
-    unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH];
+    int ret, olen = DES3_BLOCK_SIZE;
+    unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX ciph_ctx;
     krb5_boolean empty;
@@ -164,21 +164,21 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
 
     for (;;) {
 
-        if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH,
+        if (!krb5int_c_iov_get_block(iblock, DES3_BLOCK_SIZE,
                                      data, num_data, &input_pos))
             break;
 
         ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen,
-                                (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH);
+                                (unsigned char *)iblock, DES3_BLOCK_SIZE);
         if (!ret)
             break;
 
-        krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH,
+        krb5int_c_iov_put_block(data, num_data, oblock, DES3_BLOCK_SIZE,
                                 &output_pos);
     }
 
     if (ivec != NULL)
-        memcpy(ivec->data, iblock, MIT_DES_BLOCK_LENGTH);
+        memcpy(ivec->data, iblock, DES3_BLOCK_SIZE);
 
     EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
@@ -191,8 +191,8 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
 }
 
 const struct krb5_enc_provider krb5int_enc_des3 = {
-    DES_BLOCK_SIZE,
-    KRB5_MIT_DES3_KEY_BYTES, KRB5_MIT_DES3_KEYSIZE,
+    DES3_BLOCK_SIZE,
+    DES3_KEY_BYTES, DES3_KEY_SIZE,
     k5_des3_encrypt,
     k5_des3_decrypt,
     NULL,
diff --git a/src/lib/crypto/openssl/enc_provider/enc_provider.h b/src/lib/crypto/openssl/enc_provider/enc_provider.h
deleted file mode 100644 (file)
index 4365255..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-
-extern const struct krb5_enc_provider krb5int_enc_des;
-extern const struct krb5_enc_provider krb5int_enc_des3;
-extern const struct krb5_enc_provider krb5int_enc_arcfour;
-extern const struct krb5_enc_provider krb5int_enc_aes128;
-extern const struct krb5_enc_provider krb5int_enc_aes256;
-extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
-extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
-#ifdef CAMELLIA
-extern const struct krb5_enc_provider krb5int_enc_camellia128;
-extern const struct krb5_enc_provider krb5int_enc_camellia256;
-#endif
index fcaec944fdf6d214258d6687e38897d7b2db87b2..73e25bc7a83e0d824183eca56b25f0c998f04006 100644 (file)
@@ -35,8 +35,7 @@
  */
 
 
-#include "k5-int.h"
-#include <aead.h>
+#include "crypto_int.h"
 #include <openssl/evp.h>
 
 /*
index 472dbd39353707e6141046de41a950bacf8e95a1..47dfe72f3721713107aceec4f6d5b3cd39eb152f 100644 (file)
@@ -1,7 +1,6 @@
 mydir=lib$(S)crypto$(S)openssl$(S)hash_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \
-       -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb
+LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
 DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
index b31059e434c89fea8d3496ac1a3e5e27d8976237..1aea7bbfbadaa363b155564c1007d2c9ec7940f5 100644 (file)
@@ -4,8 +4,7 @@
 hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -13,12 +12,11 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h
+  $(top_srcdir)/include/socket-utils.h hash_crc32.c
 hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -26,12 +24,11 @@ hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h
+  $(top_srcdir)/include/socket-utils.h hash_md4.c
 hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../md5/rsa-md5.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -39,12 +36,11 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_md5.c hash_provider.h
+  $(top_srcdir)/include/socket-utils.h hash_md5.c
 hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
-  $(srcdir)/../../krb/etypes.h $(srcdir)/../sha1/shs.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
   $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
   $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
   $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
@@ -52,5 +48,4 @@ hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h hash_provider.h \
-  hash_sha1.c
+  $(top_srcdir)/include/socket-utils.h hash_sha1.c
index 68a01cb13799d165df422580a521d2976f63efc1..4013843edfd78b12e12a75e766640213eb4bb36b 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "crc-32.h"
-#include "hash_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
 
 static krb5_error_code
 k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
index 85f18f66d74292dc5d0b564fd5a60ee41fcbdaff..0fc1a34fc66dcf6bb8c5096e127e5828f2315c63 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "rsa-md4.h"
-#include "hash_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
+#include <openssl/evp.h>
+#include <openssl/md4.h>
 
 static krb5_error_code
 k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
 {
-    krb5_MD4_CTX ctx;
+    EVP_MD_CTX ctx;
     unsigned int i;
 
-    if (output->length != RSA_MD4_CKSUM_LENGTH)
-        return(KRB5_CRYPTO_INTERNAL);
+    if (output->length != MD4_DIGEST_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
 
-    krb5int_MD4Init(&ctx);
+    EVP_MD_CTX_init(&ctx);
+    EVP_DigestInit_ex(&ctx, EVP_md4(), NULL);
     for (i = 0; i < num_data; i++) {
-        const krb5_crypto_iov *iov = &data[i];
-
-        if (SIGN_IOV(iov)) {
-            krb5int_MD4Update(&ctx, (unsigned char *) iov->data.data,
-                              iov->data.length);
-        }
+        const krb5_data *d = &data[i].data;
+        if (SIGN_IOV(&data[i]))
+            EVP_DigestUpdate(&ctx, (unsigned char *)d->data, d->length);
     }
-    krb5int_MD4Final(&ctx);
-
-    memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH);
-
-    return(0);
+    EVP_DigestFinal_ex(&ctx, (unsigned char *)output->data, NULL);
+    EVP_MD_CTX_cleanup(&ctx);
+    return 0;
 }
 
 const struct krb5_hash_provider krb5int_hash_md4 = {
     "MD4",
-    RSA_MD4_CKSUM_LENGTH,
+    MD4_DIGEST_LENGTH,
     64,
     k5_md4_hash
 };
index 182e6c08e239d9d36931d08b3003ca1768df6b7e..5c1b3a9ff46f467f3a8f4c5edb5eac055892bd89 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "rsa-md5.h"
-#include "hash_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
+#include <openssl/evp.h>
+#include <openssl/md5.h>
 
 static krb5_error_code
 k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
 {
-    krb5_MD5_CTX ctx;
+    EVP_MD_CTX ctx;
     unsigned int i;
 
-    if (output->length != RSA_MD5_CKSUM_LENGTH)
-        return(KRB5_CRYPTO_INTERNAL);
+    if (output->length != MD5_DIGEST_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
 
-    krb5int_MD5Init(&ctx);
+    EVP_MD_CTX_init(&ctx);
+    EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
     for (i = 0; i < num_data; i++) {
-        const krb5_crypto_iov *iov = &data[i];
-
-        if (SIGN_IOV(iov)) {
-            krb5int_MD5Update(&ctx, (unsigned char *) iov->data.data,
-                              iov->data.length);
-        }
+        const krb5_data *d = &data[i].data;
+        if (SIGN_IOV(&data[i]))
+            EVP_DigestUpdate(&ctx, (unsigned char *)d->data, d->length);
     }
-    krb5int_MD5Final(&ctx);
-
-    memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH);
-
-    return(0);
+    EVP_DigestFinal_ex(&ctx, (unsigned char *)output->data, NULL);
+    EVP_MD_CTX_cleanup(&ctx);
+    return 0;
 }
 
 const struct krb5_hash_provider krb5int_hash_md5 = {
     "MD5",
-    RSA_MD5_CKSUM_LENGTH,
+    MD5_DIGEST_LENGTH,
     64,
     k5_md5_hash
 };
diff --git a/src/lib/crypto/openssl/hash_provider/hash_provider.h b/src/lib/crypto/openssl/hash_provider/hash_provider.h
deleted file mode 100644 (file)
index eebe845..0000000
+++ /dev/null
@@ -1,33 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-
-extern const struct krb5_hash_provider krb5int_hash_crc32;
-extern const struct krb5_hash_provider krb5int_hash_md4;
-extern const struct krb5_hash_provider krb5int_hash_md5;
-extern const struct krb5_hash_provider krb5int_hash_sha1;
index f6024110749dffa1f041fc26a42dd2ea61689704..f6f1a6569654aa26095c474a3a811b6ae2007b16 100644 (file)
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "k5-int.h"
-#include "shs.h"
-#include "hash_provider.h"
-#include "aead.h"
+#include "crypto_int.h"
+#include <openssl/evp.h>
+#include <openssl/sha.h>
 
 static krb5_error_code
 k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
 {
-    SHS_INFO ctx;
+    EVP_MD_CTX ctx;
     unsigned int i;
 
-    if (output->length != SHS_DIGESTSIZE)
-        return(KRB5_CRYPTO_INTERNAL);
+    if (output->length != SHA_DIGEST_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
 
-    shsInit(&ctx);
+    EVP_MD_CTX_init(&ctx);
+    EVP_DigestInit_ex(&ctx, EVP_sha1(), NULL);
     for (i = 0; i < num_data; i++) {
-        const krb5_crypto_iov *iov = &data[i];
-
-        if (SIGN_IOV(iov)) {
-            shsUpdate(&ctx, (unsigned char *) iov->data.data,
-                      iov->data.length);
-        }
-    }
-    shsFinal(&ctx);
-
-    if (ctx.digestLen > 0 && ctx.digestLen <= output->length){
-        output->length = ctx.digestLen;
-        memcpy(output->data, ctx.digestBuf,ctx.digestLen);
+        const krb5_data *d = &data[i].data;
+        if (SIGN_IOV(&data[i]))
+            EVP_DigestUpdate(&ctx, (unsigned char *)d->data, d->length);
     }
-
-    return(0);
+    EVP_DigestFinal_ex(&ctx, (unsigned char *)output->data, NULL);
+    EVP_MD_CTX_cleanup(&ctx);
+    return 0;
 }
 
 const struct krb5_hash_provider krb5int_hash_sha1 = {
     "SHA1",
-    SHS_DIGESTSIZE,
-    SHS_DATASIZE,
+    SHA_DIGEST_LENGTH,
+    64,
     k5_sha1_hash
 };
index 7ef3d3f600ba5f09f9ee4eef7013edceea6aa372..ac5af3fc0b648c0eb8dbd160185b115ba222f9b0 100644 (file)
@@ -51,8 +51,7 @@
  */
 
 
-#include "k5-int.h"
-#include "aead.h"
+#include "crypto_int.h"
 #include <openssl/hmac.h>
 #include <openssl/evp.h>
 
index aaa13ccd34828fabea7d97f8291ebf5dd2728eb3..b3db6c214d0a13c1edc7b4944dc7582789b3f39f 100644 (file)
@@ -28,6 +28,8 @@
  * OpenSSL back-end library init functions
  */
 
+#include "crypto_int.h"
+
 int
 krb5int_crypto_impl_init(void)
 {
index 550d7df60c43dcef0966ea08b5c624416bec069f..0b9569000599b6b4343e5bb5b6e9e567f2ccd513 100644 (file)
@@ -1,16 +1,13 @@
 mydir=lib$(S)crypto$(S)openssl$(S)md4
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)
+LOCALINCLUDES =
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
+STLIBOBJS=
 
-STLIBOBJS= md4.o
+OBJS=
 
-OBJS= $(OUTPRE)md4.$(OBJEXT) 
-
-SRCS= $(srcdir)/md4.c
+SRCS=
 
 all-unix:: all-libobjs
 
index b7e9615e47cb1a00cb75019ed583a164eb1f3ef5..2feac3c9d38856b5efb7d0477f708535725a2640 100644 (file)
@@ -1,14 +1 @@
-# 
-# Generated makefile dependencies follow.
-#
-md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  md4.c rsa-md4.h
+# No dependencies here.
diff --git a/src/lib/crypto/openssl/md4/rsa-md4.h b/src/lib/crypto/openssl/md4/rsa-md4.h
deleted file mode 100644 (file)
index 3d32f08..0000000
+++ /dev/null
@@ -1,100 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/crypto/md4/rsa-md4.h
- *
- * Copyright 1991 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- *
- * RSA MD4 header file, with Kerberos/STDC additions.
- */
-
-#ifndef __KRB5_RSA_MD4_H__
-#define __KRB5_RSA_MD4_H__
-
-#ifdef unicos61
-#include <sys/types.h>
-#endif /* unicos61 */
-
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-/* 16 u_char's in the digest */
-#define RSA_MD4_CKSUM_LENGTH            16
-/* des blocksize is 8, so this works nicely... */
-#define OLD_RSA_MD4_DES_CKSUM_LENGTH    16
-#define NEW_RSA_MD4_DES_CKSUM_LENGTH    24
-#define RSA_MD4_DES_CONFOUND_LENGTH     8
-
-/*
-**********************************************************************
-** md4.h -- Header file for implementation of MD4                   **
-** RSA Data Security, Inc. MD4 Message Digest Algorithm             **
-** Created: 2/17/90 RLR                                             **
-** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version              **
-**********************************************************************
-*/
-
-/*
-**********************************************************************
-** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
-**                                                                  **
-** License to copy and use this software is granted provided that   **
-** it is identified as the "RSA Data Security, Inc. MD4 Message     **
-** Digest Algorithm" in all material mentioning or referencing this **
-** software or this function.                                       **
-**                                                                  **
-** License is also granted to make and use derivative works         **
-** provided that such works are identified as "derived from the RSA **
-** Data Security, Inc. MD4 Message Digest Algorithm" in all         **
-** material mentioning or referencing the derived work.             **
-**                                                                  **
-** RSA Data Security, Inc. makes no representations concerning      **
-** either the merchantability of this software or the suitability   **
-** of this software for any particular purpose.  It is provided "as **
-** is" without express or implied warranty of any kind.             **
-**                                                                  **
-** These notices must be retained in any copies of any part of this **
-** documentation and/or software.                                   **
-**********************************************************************
-*/
-
-/* Data structure for MD4 (Message Digest) computation */
-typedef struct {
-    EVP_MD_CTX ossl_md4_ctx;
-    krb5_int32 * digest_len;
-    krb5_ui_4 i[2];              /* number of _bits_ handled mod 2^64 */
-    krb5_ui_4 buf[4];            /* scratch buffer */
-    unsigned char in[64];        /* input buffer */
-    unsigned char digest[16];    /* actual digest after MD4Final call */
-} krb5_MD4_CTX;
-
-extern void krb5int_MD4Init(krb5_MD4_CTX *);
-extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned int);
-extern void krb5int_MD4Final(krb5_MD4_CTX *);
-
-/*
-**********************************************************************
-** End of md4.h                                                     **
-******************************* (cut) ********************************
-*/
-#endif /* __KRB5_RSA_MD4_H__ */
index 9c3d3409122b012ecf47957dec420f53cc9d98ca..4128e98c5b8a7080e3b6c9619036b5ccad7c6a61 100644 (file)
@@ -2,14 +2,11 @@ mydir=lib$(S)crypto$(S)openssl$(S)md5
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
+STLIBOBJS=
 
-STLIBOBJS= md5.o
+OBJS=
 
-OBJS= $(OUTPRE)md5.$(OBJEXT) 
-
-SRCS= $(srcdir)/md5.c
+SRCS=
 
 all-unix:: all-libobjs
 
index f32dbe9c71b8832f897f8ae1b57ce8f8a1c7cbcf..2feac3c9d38856b5efb7d0477f708535725a2640 100644 (file)
@@ -1,14 +1 @@
-# 
-# Generated makefile dependencies follow.
-#
-md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  md5.c rsa-md5.h
+# No dependencies here.
diff --git a/src/lib/crypto/openssl/md5/md5.c b/src/lib/crypto/openssl/md5/md5.c
deleted file mode 100644 (file)
index 41a8498..0000000
+++ /dev/null
@@ -1,60 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/md5/md5.c
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "k5-int.h"
-#include "rsa-md5.h"
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-/* The routine krb5int_MD5Init initializes the message-digest context
-   mdContext. All fields are set to zero.
-*/
-void
-krb5int_MD5Init (krb5_MD5_CTX *mdContext)
-{
-    EVP_MD_CTX_init(&mdContext->ossl_md5_ctx);
-    EVP_DigestInit_ex(&mdContext->ossl_md5_ctx, EVP_md5(), NULL);
-}
-
-/* The routine krb5int_MD5Update updates the message-digest context to
-   account for the presence of each of the characters inBuf[0..inLen-1]
-   in the message whose digest is being computed.
-*/
-void
-krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen)
-{
-    EVP_DigestUpdate(&mdContext->ossl_md5_ctx, inBuf, inLen);
-}
-
-/* The routine krb5int_MD5Final terminates the message-digest computation and
-   ends with the desired message digest in mdContext->digest[0...15].
-*/
-void
-krb5int_MD5Final (krb5_MD5_CTX *mdContext)
-{
-    EVP_DigestFinal_ex(&mdContext->ossl_md5_ctx, mdContext->digest, NULL);
-    EVP_MD_CTX_cleanup(&mdContext->ossl_md5_ctx);
-}
diff --git a/src/lib/crypto/openssl/md5/rsa-md5.h b/src/lib/crypto/openssl/md5/rsa-md5.h
deleted file mode 100644 (file)
index a8380f4..0000000
+++ /dev/null
@@ -1,92 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/md5/rsa-md5.h
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
-***********************************************************************
-** md5.h -- header file for implementation of MD5                    **
-** RSA Data Security, Inc. MD5 Message-Digest Algorithm              **
-** Created: 2/17/90 RLR                                              **
-** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version               **
-** Revised (for MD5): RLR 4/27/91                                    **
-**   -- G modified to have y&~z instead of y&z                       **
-**   -- FF, GG, HH modified to add in last register done             **
-**   -- Access pattern: round 2 works mod 5, round 3 works mod 3     **
-**   -- distinct additive constant for each step                     **
-**   -- round 4 added, working mod 7                                 **
-***********************************************************************
-*/
-
-/*
-***********************************************************************
-** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved.  **
-**                                                                   **
-** License to copy and use this software is granted provided that    **
-** it is identified as the "RSA Data Security, Inc. MD5 Message-     **
-** Digest Algorithm" in all material mentioning or referencing this  **
-** software or this function.                                        **
-**                                                                   **
-** License is also granted to make and use derivative works          **
-** provided that such works are identified as "derived from the RSA  **
-** Data Security, Inc. MD5 Message-Digest Algorithm" in all          **
-** material mentioning or referencing the derived work.              **
-**                                                                   **
-** RSA Data Security, Inc. makes no representations concerning       **
-** either the merchantability of this software or the suitability    **
-** of this software for any particular purpose.  It is provided "as  **
-** is" without express or implied warranty of any kind.              **
-**                                                                   **
-** These notices must be retained in any copies of any part of this  **
-** documentation and/or software.                                    **
-***********************************************************************
-*/
-
-
-#ifndef    KRB5_RSA_MD5__
-#define    KRB5_RSA_MD5__
-
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-/* Data structure for MD5 (Message-Digest) computation */
-typedef struct {
-    EVP_MD_CTX ossl_md5_ctx;
-    krb5_int32 * digest_len;
-    krb5_ui_4 i[2];              /* number of _bits_ handled mod 2^64 */
-    krb5_ui_4 buf[4];            /* scratch buffer */
-    unsigned char in[64];        /* input buffer */
-    unsigned char digest[16];    /* actual digest after MD5Final call */
-} krb5_MD5_CTX;
-
-extern void krb5int_MD5Init(krb5_MD5_CTX *);
-extern void krb5int_MD5Update(krb5_MD5_CTX *,const unsigned char *,unsigned int);
-extern void krb5int_MD5Final(krb5_MD5_CTX *);
-
-#define    RSA_MD5_CKSUM_LENGTH            16
-#define    OLD_RSA_MD5_DES_CKSUM_LENGTH    16
-#define    NEW_RSA_MD5_DES_CKSUM_LENGTH    24
-#define    RSA_MD5_DES_CONFOUND_LENGTH     8
-
-#endif /* KRB5_RSA_MD5__ */
index e64e562e764c6afbd9acf9c891bba7e038fa9cea..ba51ad4a0f0e4ea0e0850f05ffe4375fb61db956 100644 (file)
  * Not currently used; likely to be used when we get around to AES support.
  */
 
-#include <ctype.h>
-#include "k5-int.h"
-#include "hash_provider.h"
-
+#include "crypto_int.h"
 #include <openssl/x509.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 
-
 krb5_error_code
 krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count,
                           const krb5_data *pass, const krb5_data *salt)
index b2dcec6b9dea672c98de721a2623ffc9575456b9..08fe83080eafa4c2f7c209e44191cac95b24ec60 100644 (file)
@@ -2,14 +2,11 @@ mydir=lib$(S)crypto$(S)openssl$(S)sha1
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
+STLIBOBJS=
 
-STLIBOBJS= shs.o
+OBJS=
 
-OBJS= $(OUTPRE)shs.$(OBJEXT) 
-
-SRCS= $(srcdir)/shs.c
+SRCS=
 
 all-unix:: all-libobjs
 
index 096d3044044dbd7cbcf7e991eb7d170587bef788..2feac3c9d38856b5efb7d0477f708535725a2640 100644 (file)
@@ -1,14 +1 @@
-# 
-# Generated makefile dependencies follow.
-#
-shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  shs.c shs.h
+# No dependencies here.
diff --git a/src/lib/crypto/openssl/sha1/shs.c b/src/lib/crypto/openssl/sha1/shs.c
deleted file mode 100644 (file)
index 42d260d..0000000
+++ /dev/null
@@ -1,60 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/sha1/shs.c
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "shs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#include <string.h>
-#define h0init  0x67452301L
-#define h1init  0xEFCDAB89L
-#define h2init  0x98BADCFEL
-#define h3init  0x10325476L
-#define h4init  0xC3D2E1F0L
-
-/* Initialize the SHS values */
-void shsInit(SHS_INFO *shsInfo)
-{
-    EVP_MD_CTX_init(&shsInfo->ossl_sha1_ctx );
-    EVP_DigestInit_ex(&shsInfo->ossl_sha1_ctx , EVP_sha1(), NULL);
-    shsInfo->digestLen = 0;
-    memset(shsInfo->digestBuf, 0 , sizeof(shsInfo->digestBuf));
-}
-
-/* Update SHS for a block of data */
-
-void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count)
-{
-    EVP_DigestUpdate(&shsInfo->ossl_sha1_ctx , buffer, count);
-}
-/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern
-   1 0* (64-bit count of bits processed, MSB-first) */
-
-void shsFinal(SHS_INFO *shsInfo)
-{
-    EVP_DigestFinal_ex(&shsInfo->ossl_sha1_ctx ,(unsigned char *)shsInfo->digestBuf , &shsInfo->digestLen);
-    EVP_MD_CTX_cleanup(&shsInfo->ossl_sha1_ctx );
-}
diff --git a/src/lib/crypto/openssl/sha1/shs.h b/src/lib/crypto/openssl/sha1/shs.h
deleted file mode 100644 (file)
index 60cf2ad..0000000
+++ /dev/null
@@ -1,48 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-#ifndef _SHS_DEFINED
-
-#include "k5-int.h"
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#define _SHS_DEFINED
-
-/* Some useful types */
-
-typedef krb5_octet      SHS_BYTE;
-typedef krb5_ui_4       SHS_LONG;
-
-/* Define the following to use the updated SHS implementation */
-#define NEW_SHS         /**/
-
-/* The SHS block size and message digest sizes, in bytes */
-
-#define SHS_DATASIZE    64
-#define SHS_DIGESTSIZE  20
-
-/* The structure for storing SHS info */
-
-typedef struct {
-    EVP_MD_CTX ossl_sha1_ctx;
-    unsigned char   digestBuf[SHS_DIGESTSIZE]; /* output */
-    unsigned int    digestLen; /* output */
-} SHS_INFO;
-
-/* Message digest functions (shs.c) */
-void shsInit(SHS_INFO *shsInfo);
-void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count);
-void shsFinal(SHS_INFO *shsInfo);
-
-
-/* Keyed Message digest functions (hmac_sha.c) */
-krb5_error_code hmac_sha(krb5_octet *text,
-                         int text_len,
-                         krb5_octet *key,
-                         int key_len,
-                         krb5_octet *digest);
-
-
-#define NIST_SHA_CKSUM_LENGTH           SHS_DIGESTSIZE
-#define HMAC_SHA_CKSUM_LENGTH           SHS_DIGESTSIZE
-
-#endif /* _SHS_DEFINED */
index cddb434e497cbed33ad8bb59fb830c8836b555b0..6df0e0d44eb96fcdc5c841d3b46eabc2d545edb1 100644 (file)
@@ -7,9 +7,6 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 LOCALINCLUDES=
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
 STLIBOBJS=
 
 OBJS=