From: Theodore Tso Date: Fri, 14 Oct 1994 04:36:50 +0000 (+0000) Subject: Remove declarations of the cryptosystem specific structures to X-Git-Tag: krb5-1.0-beta5~1121 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0a505ecc5c29eb46e90107b9a1d5b362ea04e03a;p=krb5.git Remove declarations of the cryptosystem specific structures to raw-des.c and des-crc.c in the parent directory. They're strictly speaking not DES specific. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4506 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog index bf4c17306..31371e9b4 100644 --- a/src/lib/crypto/des/ChangeLog +++ b/src/lib/crypto/des/ChangeLog @@ -1,3 +1,15 @@ +Fri Oct 14 00:33:17 1994 Theodore Y. Ts'o (tytso@dcl) + + * des_int.h, f_cbc.c, verify.c: Fix function declarations to + (slightly) better match the conventions used by the krb5 + source tree. + + * cs_entry.c: Remove declarations of the cryptosystem specific + structures to raw-des.c and des-crc.c in the parent + directory. They're strictly speaking not DES specific. + + * Makefile.in: Remove file krb_glue.c; we don't use it any more. + Thu Oct 6 12:49:29 1994 Theodore Y. Ts'o (tytso@dcl) * Makefile.in: Make sure the "make check" programs get cleaned up diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in index 8ae0ccfbb..717cb2dc6 100644 --- a/src/lib/crypto/des/Makefile.in +++ b/src/lib/crypto/des/Makefile.in @@ -17,7 +17,6 @@ OTHEROBJS=f_cbc.o f_cksum.o f_pcbc.o f_sched.o f_ecb.o f_parity.o f_tables.o OBJS= cbc_cksum.o \ cs_entry.o \ - krb_glue.o \ finish_key.o \ fin_rndkey.o \ init_rkey.o \ @@ -31,7 +30,6 @@ OBJS= cbc_cksum.o \ SRCS= $(srcdir)/cs_entry.c \ $(srcdir)/cbc_cksum.c \ - $(srcdir)/krb_glue.c \ $(srcdir)/finish_key.c \ $(srcdir)/fin_rndkey.c \ $(srcdir)/init_rkey.c \ diff --git a/src/lib/crypto/des/cs_entry.c b/src/lib/crypto/des/cs_entry.c index 8baa8778f..941f174de 100644 --- a/src/lib/crypto/des/cs_entry.c +++ b/src/lib/crypto/des/cs_entry.c @@ -31,52 +31,6 @@ #include "des_int.h" -static krb5_cryptosystem_entry mit_raw_des_cryptosystem_entry = { - 0, - mit_raw_des_encrypt_func, - mit_raw_des_decrypt_func, - mit_des_process_key, - mit_des_finish_key, - mit_des_string_to_key, - mit_des_init_random_key, - mit_des_finish_random_key, - mit_des_random_key, - sizeof(mit_des_cblock), - 0, - sizeof(mit_des_cblock), - ETYPE_RAW_DES_CBC, - KEYTYPE_DES - }; - -static krb5_cryptosystem_entry mit_des_cryptosystem_entry = { - 0, - mit_des_encrypt_func, - mit_des_decrypt_func, - mit_des_process_key, - mit_des_finish_key, - mit_des_string_to_key, - mit_des_init_random_key, - mit_des_finish_random_key, - mit_des_random_key, - sizeof(mit_des_cblock), - CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock), - sizeof(mit_des_cblock), - ETYPE_DES_CBC_CRC, - KEYTYPE_DES - }; - -krb5_cs_table_entry krb5_raw_des_cst_entry = { - 0, - &mit_raw_des_cryptosystem_entry, - 0 - }; - -krb5_cs_table_entry krb5_des_cst_entry = { - 0, - &mit_des_cryptosystem_entry, - 0 - }; - extern krb5_error_code mit_des_cbc_checksum PROTOTYPE ((krb5_pointer , size_t , krb5_pointer , diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h index 37be4aa45..038423a97 100644 --- a/src/lib/crypto/des/des_int.h +++ b/src/lib/crypto/des/des_int.h @@ -119,11 +119,12 @@ extern void mit_des_cbc_cksum extern int mit_des_ecb_encrypt PROTOTYPE((unsigned long *, unsigned long *, mit_des_key_schedule , int )); -/* enc_dec.c */ -extern krb5_error_code mit_des_cbc_encrypt - PROTOTYPE((krb5_octet *, krb5_octet *, long, mit_des_key_schedule, - krb5_octet *, int)); - +/* f_cbc.c */ +extern int mit_des_cbc_encrypt + PROTOTYPE((const mit_des_cblock *in, mit_des_cblock *out, long length, + mit_des_key_schedule schedule, mit_des_cblock ivec, + int encrypt)); + /* fin_rndkey.c */ extern krb5_error_code mit_des_finish_random_key PROTOTYPE(( krb5_pointer *)); @@ -144,20 +145,6 @@ extern int mit_des_check_key_parity PROTOTYPE((mit_des_cblock )); extern int mit_des_key_sched PROTOTYPE((mit_des_cblock , mit_des_key_schedule )); -/* krb_glue.c */ -extern krb5_error_code mit_raw_des_encrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); -extern krb5_error_code mit_des_encrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); -extern krb5_error_code mit_raw_des_decrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); -extern krb5_error_code mit_des_decrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - /* new_rnd_key.c */ extern int mit_des_new_random_key PROTOTYPE((mit_des_cblock , mit_des_random_key_seed *)); diff --git a/src/lib/crypto/des/f_cbc.c b/src/lib/crypto/des/f_cbc.c index 72a9198e1..2d6ce9c3b 100644 --- a/src/lib/crypto/des/f_cbc.c +++ b/src/lib/crypto/des/f_cbc.c @@ -38,7 +38,7 @@ int mit_des_cbc_encrypt(in, out, length, schedule, ivec, encrypt) - des_cblock *in; + const des_cblock *in; des_cblock *out; long length; des_key_schedule schedule; diff --git a/src/lib/crypto/des/krb_glue.c b/src/lib/crypto/des/krb_glue.c deleted file mode 100644 index 7b2b5b87f..000000000 --- a/src/lib/crypto/des/krb_glue.c +++ /dev/null @@ -1,276 +0,0 @@ -/* - * lib/crypto/des/krb_glue.c - * - * Copyright 1985, 1986, 1987, 1988, 1990, 1991 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it -- fewer inner loops. - * (AUTH_DES_ITER defaults to 16, may be less.) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - * Originally written 8/85 by Steve Miller, MIT Project Athena. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - -/* - * These routines were extracted out of enc_dec.c because they will - * drag in the kerberos library, if someone references mit_des_cbc_encrypt, - * even no kerberos routines are called - */ - - - -#include -#include -#include -#include - -#include "des_int.h" - -/* - encrypts "size" bytes at "in", storing result in "out". - "eblock" points to an encrypt block which has been initialized - by process_key(). - - "out" must be preallocated by the caller to contain sufficient - storage to hold the output; the macro krb5_encrypt_size() can - be used to compute this size. - - returns: errors -*/ -static krb5_error_code -mit_des_encrypt_f(DECLARG(krb5_const_pointer, in), - DECLARG(krb5_pointer, out), - DECLARG(const size_t, size), - DECLARG(krb5_encrypt_block *, key), - DECLARG(krb5_pointer, ivec)) -OLDDECLARG(krb5_const_pointer, in) -OLDDECLARG(krb5_pointer, out) -OLDDECLARG(const size_t, size) -OLDDECLARG(krb5_encrypt_block *, key) -OLDDECLARG(krb5_pointer, ivec) -{ - krb5_octet *iv; - - if ( ivec == 0 ) - iv = key->key->contents; - else - iv = (krb5_octet *)ivec; - - return (mit_des_cbc_encrypt((krb5_octet *)in, - (krb5_octet *)out, - size, - (struct mit_des_ks_struct *)key->priv, - iv, - MIT_DES_ENCRYPT)); -} - - -/* - - decrypts "size" bytes at "in", storing result in "out". - "eblock" points to an encrypt block which has been initialized - by process_key(). - - "out" must be preallocated by the caller to contain sufficient - storage to hold the output; this is guaranteed to be no more than - the input size. - - returns: errors - - */ -static krb5_error_code -mit_des_decrypt_f(DECLARG(krb5_const_pointer, in), - DECLARG(krb5_pointer, out), - DECLARG(const size_t, size), - DECLARG(krb5_encrypt_block *, key), - DECLARG(krb5_pointer, ivec)) -OLDDECLARG(krb5_const_pointer, in) -OLDDECLARG(krb5_pointer, out) -OLDDECLARG(const size_t, size) -OLDDECLARG(krb5_encrypt_block *, key) -OLDDECLARG(krb5_pointer, ivec) -{ - krb5_octet *iv; - - if ( ivec == 0 ) - iv = key->key->contents; - else - iv = (krb5_octet *)ivec; - - return (mit_des_cbc_encrypt ((krb5_octet *)in, - (krb5_octet *)out, - size, - (struct mit_des_ks_struct *)key->priv, - iv, - MIT_DES_DECRYPT)); -} - -krb5_error_code mit_raw_des_encrypt_func(DECLARG(krb5_const_pointer, in), - DECLARG(krb5_pointer, out), - DECLARG(const size_t, size), - DECLARG(krb5_encrypt_block *, key), - DECLARG(krb5_pointer, ivec)) -OLDDECLARG(krb5_const_pointer, in) -OLDDECLARG(krb5_pointer, out) -OLDDECLARG(const size_t, size) -OLDDECLARG(krb5_encrypt_block *, key) -OLDDECLARG(krb5_pointer, ivec) -{ - int sumsize; - - /* round up to des block size */ - - sumsize = krb5_roundup(size, sizeof(mit_des_cblock)); - - /* assemble crypto input into the output area, then encrypt in place. */ - - memset((char *)out, 0, sumsize); - memcpy((char *)out, (char *)in, size); - - /* We depend here on the ability of this DES implementation to - encrypt plaintext to ciphertext in-place. */ - return (mit_des_encrypt_f(out, out, sumsize, key, ivec)); -} - -krb5_error_code mit_des_encrypt_func(DECLARG(krb5_const_pointer, in), - DECLARG(krb5_pointer, out), - DECLARG(const size_t, size), - DECLARG(krb5_encrypt_block *, key), - DECLARG(krb5_pointer, ivec)) -OLDDECLARG(krb5_const_pointer, in) -OLDDECLARG(krb5_pointer, out) -OLDDECLARG(const size_t, size) -OLDDECLARG(krb5_encrypt_block *, key) -OLDDECLARG(krb5_pointer, ivec) -{ - krb5_checksum cksum; - krb5_octet contents[CRC32_CKSUM_LENGTH]; - int sumsize; - krb5_error_code retval; - -/* if ( size < sizeof(mit_des_cblock) ) - return KRB5_BAD_MSIZE; */ - - /* caller passes data size, and saves room for the padding. */ - /* format of ciphertext, per RFC is: - +-----------+----------+-------------+-----+ - |confounder | check | msg-seq | pad | - +-----------+----------+-------------+-----+ - - our confounder is 8 bytes (one cblock); - our checksum is CRC32_CKSUM_LENGTH - */ - sumsize = krb5_roundup(size+CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock), - sizeof(mit_des_cblock)); - - /* assemble crypto input into the output area, then encrypt in place. */ - - memset((char *)out, 0, sumsize); - - /* put in the confounder */ - if (retval = krb5_random_confounder(sizeof(mit_des_cblock), out)) - return retval; - - memcpy((char *)out+sizeof(mit_des_cblock)+CRC32_CKSUM_LENGTH, (char *)in, - size); - - cksum.contents = contents; - - /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_CRC32,...) - but avoids use of the cryptosystem config table which can not be - referenced here if this object is to be included in a shared library. */ - if (retval = crc32_cksumtable_entry.sum_func((krb5_pointer) out, - sumsize, - (krb5_pointer)key->key->contents, - sizeof(mit_des_cblock), - &cksum)) - return retval; - - memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents, - CRC32_CKSUM_LENGTH); - - /* We depend here on the ability of this DES implementation to - encrypt plaintext to ciphertext in-place. */ - return (mit_des_encrypt_f(out, out, sumsize, key, ivec)); -} - -krb5_error_code mit_raw_des_decrypt_func(DECLARG(krb5_const_pointer, in), - DECLARG(krb5_pointer, out), - DECLARG(const size_t, size), - DECLARG(krb5_encrypt_block *, key), - DECLARG(krb5_pointer, ivec)) -OLDDECLARG(krb5_const_pointer, in) -OLDDECLARG(krb5_pointer, out) -OLDDECLARG(const size_t, size) -OLDDECLARG(krb5_encrypt_block *, key) -OLDDECLARG(krb5_pointer, ivec) -{ - return(mit_des_decrypt_f(in, out, size, key, ivec)); -} - -krb5_error_code mit_des_decrypt_func(DECLARG(krb5_const_pointer, in), - DECLARG(krb5_pointer, out), - DECLARG(const size_t, size), - DECLARG(krb5_encrypt_block *, key), - DECLARG(krb5_pointer, ivec)) -OLDDECLARG(krb5_const_pointer, in) -OLDDECLARG(krb5_pointer, out) -OLDDECLARG(const size_t, size) -OLDDECLARG(krb5_encrypt_block *, key) -OLDDECLARG(krb5_pointer, ivec) -{ - krb5_checksum cksum; - krb5_octet contents_prd[CRC32_CKSUM_LENGTH]; - krb5_octet contents_get[CRC32_CKSUM_LENGTH]; - char *p; - krb5_error_code retval; - - if ( size < 2*sizeof(mit_des_cblock) ) - return KRB5_BAD_MSIZE; - - if (retval = mit_des_decrypt_f(in, out, size, key, ivec)) - return retval; - - cksum.contents = contents_prd; - p = (char *)out + sizeof(mit_des_cblock); - memcpy((char *)contents_get, p, CRC32_CKSUM_LENGTH); - memset(p, 0, CRC32_CKSUM_LENGTH); - - if (retval = crc32_cksumtable_entry.sum_func(out, size, - (krb5_pointer)key->key->contents, - sizeof(mit_des_cblock), - &cksum)) - return retval; - - if (memcmp((char *)contents_get, (char *)contents_prd, CRC32_CKSUM_LENGTH) ) - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - memmove((char *)out, (char *)out + - sizeof(mit_des_cblock) + CRC32_CKSUM_LENGTH, - size - sizeof(mit_des_cblock) - CRC32_CKSUM_LENGTH); - return 0; -} - diff --git a/src/lib/crypto/des/verify.c b/src/lib/crypto/des/verify.c index 73f071e8d..387e2c7cb 100644 --- a/src/lib/crypto/des/verify.c +++ b/src/lib/crypto/des/verify.c @@ -280,11 +280,11 @@ main(argc,argv) printf("ACTUAL CBC\n\tclear \"%s\"\n",input); in_length = strlen((char *)input); - if (retval = mit_des_cbc_encrypt((krb5_octet *) input, - (krb5_octet *) cipher_text, + if (retval = mit_des_cbc_encrypt((mit_des_cblock *) input, + (mit_des_cblock *) cipher_text, (size_t) in_length, (struct mit_des_ks_struct *)eblock.priv, - (krb5_octet *) ivec, + ivec, MIT_DES_ENCRYPT)) { com_err("des verify", retval, "can't encrypt"); exit(-1); @@ -297,11 +297,11 @@ main(argc,argv) } printf("\n"); } - if (retval = mit_des_cbc_encrypt((krb5_octet *) cipher_text, - (krb5_octet *) clear_text, + if (retval = mit_des_cbc_encrypt((mit_des_cblock *) cipher_text, + (mit_des_cblock *) clear_text, (size_t) in_length, eblock.priv, - (krb5_octet *) ivec, + ivec, MIT_DES_DECRYPT)) { com_err("des verify", retval, "can't decrypt"); exit(-1);