From: Greg Hudson Date: Fri, 27 Nov 2009 09:15:50 +0000 (+0000) Subject: Move the arcfour directory from the crypto module dirs into krb. This X-Git-Tag: krb5-1.8-alpha1~139 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=a405b2509099df5725fbbdb7d19113d11d58ed5b;p=krb5.git Move the arcfour directory from the crypto module dirs into krb. This directory contains the token encryption code (similar to dk, old, and raw) which is Kerberos-specific. The actual stream cipher lives in enc_provider/rc4.c, which is still in the module dirs. arcfour/arcfour-int.h contained the definitions of some structures used only in enc_provider/rc4.c. Move those definitions into that source file so that everything in arcfour is at the right level of abstraction to live in krb. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23367 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/configure.in b/src/configure.in index ec8637a17..4fa8ea935 100644 --- a/src/configure.in +++ b/src/configure.in @@ -1064,7 +1064,7 @@ V5_AC_OUTPUT_MAKEFILE(. lib/crypto/krb/prf lib/crypto/krb/rand2key lib/crypto/$CRYPTO_IMPL lib/crypto/$CRYPTO_IMPL/md4 lib/crypto/$CRYPTO_IMPL/md5 lib/crypto/krb/old lib/crypto/krb/raw lib/crypto/$CRYPTO_IMPL/sha1 - lib/crypto/$CRYPTO_IMPL/arcfour lib/crypto/krb/yarrow lib/crypto/$CRYPTO_IMPL/aes + lib/crypto/krb/arcfour lib/crypto/krb/yarrow lib/crypto/$CRYPTO_IMPL/aes lib/crypto/crypto_tests lib/krb5 lib/krb5/error_tables lib/krb5/asn.1 lib/krb5/ccache diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index 336bc55f6..ce3ea4fc9 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -23,7 +23,7 @@ STOBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST @CRYPTO_IMPL@/enc_provider/OBJS.ST \ krb/prf/OBJS.ST krb/rand2key/OBJS.ST \ krb/old/OBJS.ST krb/raw/OBJS.ST krb/yarrow/OBJS.ST \ @CRYPTO_IMPL@/md4/OBJS.ST @CRYPTO_IMPL@/md5/OBJS.ST @CRYPTO_IMPL@/sha1/OBJS.ST \ - @CRYPTO_IMPL@/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ + krb/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ krb/OBJS.ST @CRYPTO_IMPL@/OBJS.ST SUBDIROBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST @CRYPTO_IMPL@/enc_provider/OBJS.ST \ @@ -31,7 +31,7 @@ SUBDIROBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST @CRYPTO_IMPL@/enc_provider/OBJS. krb/prf/OBJS.ST krb/rand2key/OBJS.ST \ krb/old/OBJS.ST krb/raw/OBJS.ST krb/yarrow/OBJS.ST \ @CRYPTO_IMPL@/md4/OBJS.ST @CRYPTO_IMPL@/md5/OBJS.ST @CRYPTO_IMPL@/sha1/OBJS.ST \ - @CRYPTO_IMPL@/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ + krb/arcfour/OBJS.ST @CRYPTO_IMPL@/aes/OBJS.ST @CRYPTO_IMPL@/des/OBJS.ST \ krb/OBJS.ST @CRYPTO_IMPL@/OBJS.ST # No dependencies. Record places to find this shared object if the target diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in index a7224d516..a65f64df9 100644 --- a/src/lib/crypto/builtin/Makefile.in +++ b/src/lib/crypto/builtin/Makefile.in @@ -1,11 +1,10 @@ mydir=lib/crypto/builtin BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS=des arcfour aes md4 md5 sha1 enc_provider hash_provider +SUBDIRS=des aes md4 md5 sha1 enc_provider hash_provider LOCALINCLUDES = -I$(srcdir)/../krb \ -I$(srcdir)/../krb/hash_provider \ -I$(srcdir)/des \ -I$(srcdir)/aes \ - -I$(srcdir)/arcfour \ -I$(srcdir)/sha1 \ -I$(srcdir)/md4 \ -I$(srcdir)/md5 \ @@ -22,8 +21,8 @@ EXTRADEPSRCS= $(srcdir)/t_cf2.c ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME=$(OUTPRE)crypto.lib ##DOSOBJFILE=$(OUTPRE)crypto.lst -##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)arcfour.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst -##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)arcfour.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst +##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst +##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst STLIBOBJS=\ hmac.o \ @@ -41,7 +40,6 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST \ OBJS.ST @@ -49,7 +47,6 @@ SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST ##DOS##LIBOBJS = $(OBJS) @@ -92,9 +89,6 @@ all-windows:: cd ..\enc_provider @echo Making in crypto\enc_provider $(MAKE) -$(MFLAGS) - cd ..\arcfour - @echo Making in crypto\arcfour - $(MAKE) -$(MFLAGS) cd ..\aes @echo Making in crypto\aes $(MAKE) -$(MFLAGS) @@ -119,9 +113,6 @@ clean-windows:: cd ..\enc_provider @echo Making clean in crypto\enc_provider $(MAKE) -$(MFLAGS) clean - cd ..\arcfour - @echo Making clean in crypto\arcfour - $(MAKE) -$(MFLAGS) clean cd ..\aes @echo Making clean in crypto\aes $(MAKE) -$(MFLAGS) clean @@ -146,9 +137,6 @@ check-windows:: cd ..\enc_provider @echo Making check in crypto\enc_provider $(MAKE) -$(MFLAGS) check - cd ..\arcfour - @echo Making check in crypto\arcfour - $(MAKE) -$(MFLAGS) check cd ..\aes @echo Making check in crypto\aes $(MAKE) -$(MFLAGS) check diff --git a/src/lib/crypto/builtin/arcfour/Makefile.in b/src/lib/crypto/builtin/arcfour/Makefile.in deleted file mode 100644 index cb050a738..000000000 --- a/src/lib/crypto/builtin/arcfour/Makefile.in +++ /dev/null @@ -1,39 +0,0 @@ -mydir=lib/crypto/builtin/arcfour -BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../md4 -I$(srcdir)/../../krb -DEFS= - -##DOS##BUILDTOP = ..\..\..\.. -##DOS##PREFIXDIR=arcfour -##DOS##OBJFILE=..\$(OUTPRE)arcfour.lst - -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - -STLIBOBJS=\ - arcfour.o \ - arcfour_aead.o \ - arcfour_s2k.o - -OBJS=\ - $(OUTPRE)arcfour.$(OBJEXT) \ - $(OUTPRE)arcfour_aead.$(OBJEXT) \ - $(OUTPRE)arcfour_s2k.$(OBJEXT) - -SRCS=\ - $(srcdir)/arcfour.c \ - $(srcdir)/arcfour_aead.c\ - $(srcdir)/arcfour_s2k.c - -##DOS##LIBOBJS = $(OBJS) - -all-unix:: all-libobjs - -includes:: depend - -depend:: $(SRCS) - -clean-unix:: clean-libobjs - -@libobj_frag@ - diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps index bb90fa20c..ec82b80db 100644 --- a/src/lib/crypto/builtin/enc_provider/deps +++ b/src/lib/crypto/builtin/enc_provider/deps @@ -41,7 +41,6 @@ rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ - $(srcdir)/../arcfour/arcfour-int.h $(srcdir)/../arcfour/arcfour.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ diff --git a/src/lib/crypto/builtin/enc_provider/rc4.c b/src/lib/crypto/builtin/enc_provider/rc4.c index 3c3e0f131..0a1f61804 100644 --- a/src/lib/crypto/builtin/enc_provider/rc4.c +++ b/src/lib/crypto/builtin/enc_provider/rc4.c @@ -7,11 +7,22 @@ */ #include "k5-int.h" -#include "arcfour-int.h" #include "enc_provider.h" #include #include +typedef struct +{ + unsigned int x; + unsigned int y; + unsigned char state[256]; +} ArcfourContext; + +typedef struct { + int initialized; + ArcfourContext ctx; +} ArcFourCipherState; + /* gets the next byte from the PRNG */ #if ((__GNUC__ >= 2) ) static __inline__ unsigned int k5_arcfour_byte(ArcfourContext *); diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in index 1c75d4c9a..c59341c0c 100644 --- a/src/lib/crypto/krb/Makefile.in +++ b/src/lib/crypto/krb/Makefile.in @@ -1,13 +1,13 @@ mydir=lib/crypto/krb BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS= crc32 dk keyhash_provider \ +SUBDIRS= arcfour crc32 dk keyhash_provider \ prf rand2key old raw yarrow LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../@CRYPTO_IMPL@/enc_provider -I$(srcdir)/dk \ -I$(srcdir)/../@CRYPTO_IMPL@/hash_provider -I$(srcdir)/keyhash_provider \ -I$(srcdir)/prf -I$(srcdir)/rand2key \ -I$(srcdir)/old -I$(srcdir)/raw -I$(srcdir)/yarrow \ -I$(srcdir)/../@CRYPTO_IMPL@/ -I$(srcdir)/../@CRYPTO_IMPL@/des \ - -I$(srcdir)/../@CRYPTO_IMPL@/aes -I$(srcdir)/../@CRYPTO_IMPL@/arcfour \ + -I$(srcdir)/../@CRYPTO_IMPL@/aes -I$(srcdir)/arcfour \ -I$(srcdir)/../@CRYPTO_IMPL@/sha1 -I$(srcdir)/../@CRYPTO_IMPL@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -151,12 +151,12 @@ SRCS=\ $(srcdir)/verify_checksum.c \ $(srcdir)/verify_checksum_iov.c -STOBJLISTS=crc32/OBJS.ST dk/OBJS.ST \ +STOBJLISTS=arcfour/OBJS.ST crc32/OBJS.ST dk/OBJS.ST \ keyhash_provider/OBJS.ST \ prf/OBJS.ST rand2key/OBJS.ST \ old/OBJS.ST raw/OBJS.ST yarrow/OBJS.ST OBJS.ST -SUBDIROBJLISTS=crc32/OBJS.ST dk/OBJS.ST \ +SUBDIROBJLISTS=arcfour/OBJS.ST crc32/OBJS.ST dk/OBJS.ST \ keyhash_provider/OBJS.ST \ prf/OBJS.ST rand2key/OBJS.ST \ old/OBJS.ST raw/OBJS.ST yarrow/OBJS.ST @@ -171,7 +171,10 @@ depend:: $(SRCS) clean-unix:: clean-libobjs all-windows:: - cd crc32 + cd arcfour + @echo Making in crypto\arcfour + $(MAKE) -$(MFLAGS) + cd ..\crc32 @echo Making in crypto\crc32 $(MAKE) -$(MFLAGS) cd ..\dk @@ -198,7 +201,10 @@ all-windows:: cd .. clean-windows:: - cd crc32 + cd arcfour + @echo Making in clean crypto\arcfour + $(MAKE) -$(MFLAGS) clean + cd ..\crc32 @echo Making in clean crypto\crc32 $(MAKE) -$(MFLAGS) clean cd ..\dk @@ -225,7 +231,10 @@ clean-windows:: cd .. check-windows:: - cd crc32 + cd arcfour + @echo Making in check crypto\arcfour + $(MAKE) -$(MFLAGS) check + cd ..\crc32 @echo Making in check crypto\crc32 $(MAKE) -$(MFLAGS) check cd ..\dk diff --git a/src/lib/crypto/openssl/arcfour/Makefile.in b/src/lib/crypto/krb/arcfour/Makefile.in similarity index 81% rename from src/lib/crypto/openssl/arcfour/Makefile.in rename to src/lib/crypto/krb/arcfour/Makefile.in index ae02de136..bd234faff 100644 --- a/src/lib/crypto/openssl/arcfour/Makefile.in +++ b/src/lib/crypto/krb/arcfour/Makefile.in @@ -1,6 +1,7 @@ -mydir=lib/crypto/openssl/arcfour +mydir=lib/crypto/krb/arcfour BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../md4 -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../@CRYPTO_IMPL@ \ + -I$(srcdir)/../../@CRYPTO_IMPL@/md4 DEFS= ##DOS##BUILDTOP = ..\..\..\.. @@ -10,7 +11,6 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS=\ arcfour.o \ arcfour_aead.o \ diff --git a/src/lib/crypto/builtin/arcfour/arcfour-int.h b/src/lib/crypto/krb/arcfour/arcfour-int.h similarity index 72% rename from src/lib/crypto/builtin/arcfour/arcfour-int.h rename to src/lib/crypto/krb/arcfour/arcfour-int.h index efd7a0282..6881dc454 100644 --- a/src/lib/crypto/builtin/arcfour/arcfour-int.h +++ b/src/lib/crypto/krb/arcfour/arcfour-int.h @@ -13,18 +13,6 @@ of RSA Data Security) #define CONFOUNDERLENGTH 8 -typedef struct -{ - unsigned int x; - unsigned int y; - unsigned char state[256]; -} ArcfourContext; - -typedef struct { - int initialized; - ArcfourContext ctx; -} ArcFourCipherState; - krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); extern const char *const krb5int_arcfour_l40; diff --git a/src/lib/crypto/builtin/arcfour/arcfour.c b/src/lib/crypto/krb/arcfour/arcfour.c similarity index 100% rename from src/lib/crypto/builtin/arcfour/arcfour.c rename to src/lib/crypto/krb/arcfour/arcfour.c diff --git a/src/lib/crypto/builtin/arcfour/arcfour.h b/src/lib/crypto/krb/arcfour/arcfour.h similarity index 100% rename from src/lib/crypto/builtin/arcfour/arcfour.h rename to src/lib/crypto/krb/arcfour/arcfour.h diff --git a/src/lib/crypto/builtin/arcfour/arcfour_aead.c b/src/lib/crypto/krb/arcfour/arcfour_aead.c similarity index 100% rename from src/lib/crypto/builtin/arcfour/arcfour_aead.c rename to src/lib/crypto/krb/arcfour/arcfour_aead.c diff --git a/src/lib/crypto/builtin/arcfour/arcfour_s2k.c b/src/lib/crypto/krb/arcfour/arcfour_s2k.c similarity index 100% rename from src/lib/crypto/builtin/arcfour/arcfour_s2k.c rename to src/lib/crypto/krb/arcfour/arcfour_s2k.c diff --git a/src/lib/crypto/builtin/arcfour/deps b/src/lib/crypto/krb/arcfour/deps similarity index 67% rename from src/lib/crypto/builtin/arcfour/deps rename to src/lib/crypto/krb/arcfour/deps index 3504e386b..7be960ceb 100644 --- a/src/lib/crypto/builtin/arcfour/deps +++ b/src/lib/crypto/krb/arcfour/deps @@ -3,7 +3,7 @@ # arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -15,7 +15,7 @@ arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ + $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -27,12 +27,13 @@ arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \ arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../md4/rsa-md4.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-utf8.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - arcfour-int.h arcfour.h arcfour_s2k.c + $(COM_ERR_DEPS) $(srcdir)/../../builtin/md4/rsa-md4.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h arcfour-int.h \ + arcfour.h arcfour_s2k.c diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps index ce7dfe127..1bd41ecfe 100644 --- a/src/lib/crypto/krb/deps +++ b/src/lib/crypto/krb/deps @@ -193,10 +193,10 @@ enctype_to_string.so enctype_to_string.po $(OUTPRE)enctype_to_string.$(OBJEXT): etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes_s2k.h \ - $(srcdir)/../builtin/arcfour/arcfour.h $(srcdir)/../builtin/des/des_int.h \ - $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/dk/dk.h $(srcdir)/old/old.h $(srcdir)/prf/prf_int.h \ - $(srcdir)/raw/raw.h $(top_srcdir)/include/k5-buf.h \ + $(srcdir)/../builtin/des/des_int.h $(srcdir)/../builtin/enc_provider/enc_provider.h \ + $(srcdir)/../builtin/hash_provider/hash_provider.h \ + $(srcdir)/arcfour/arcfour.h $(srcdir)/dk/dk.h $(srcdir)/old/old.h \ + $(srcdir)/prf/prf_int.h $(srcdir)/raw/raw.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ diff --git a/src/lib/crypto/krb/keyhash_provider/Makefile.in b/src/lib/crypto/krb/keyhash_provider/Makefile.in index e1ee9ce32..c6bec1d5b 100644 --- a/src/lib/crypto/krb/keyhash_provider/Makefile.in +++ b/src/lib/crypto/krb/keyhash_provider/Makefile.in @@ -1,7 +1,7 @@ mydir=lib/crypto/krb/keyhash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES = -I$(srcdir)/../../@CRYPTO_IMPL@/des -I$(srcdir)/../../@CRYPTO_IMPL@/md4 \ - -I$(srcdir)/../../@CRYPTO_IMPL@/md5 -I$(srcdir)/../../@CRYPTO_IMPL@/arcfour \ + -I$(srcdir)/../../@CRYPTO_IMPL@/md5 -I$(srcdir)/../arcfour \ -I$(srcdir)/../../@CRYPTO_IMPL@/hash_provider -I$(srcdir)/../../@CRYPTO_IMPL@ DEFS= diff --git a/src/lib/crypto/krb/keyhash_provider/deps b/src/lib/crypto/krb/keyhash_provider/deps index 4d730cb70..b375e8896 100644 --- a/src/lib/crypto/krb/keyhash_provider/deps +++ b/src/lib/crypto/krb/keyhash_provider/deps @@ -39,9 +39,9 @@ k5_md5des.so k5_md5des.po $(OUTPRE)k5_md5des.$(OBJEXT): \ hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/arcfour/arcfour-int.h \ - $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/hash_provider/hash_provider.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ $(srcdir)/../../builtin/md5/rsa-md5.h $(srcdir)/../aead.h \ + $(srcdir)/../arcfour/arcfour-int.h $(srcdir)/../arcfour/arcfour.h \ $(srcdir)/../cksumtypes.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ @@ -53,9 +53,9 @@ hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ md5_hmac.so md5_hmac.po $(OUTPRE)md5_hmac.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/arcfour/arcfour-int.h \ - $(srcdir)/../../builtin/arcfour/arcfour.h $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../../builtin/md5/rsa-md5.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ + $(srcdir)/../../builtin/md5/rsa-md5.h $(srcdir)/../arcfour/arcfour-int.h \ + $(srcdir)/../arcfour/arcfour.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in index 81fb3ee37..e95227340 100644 --- a/src/lib/crypto/openssl/Makefile.in +++ b/src/lib/crypto/openssl/Makefile.in @@ -1,11 +1,10 @@ mydir=lib/crypto/openssl BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS=des arcfour aes md4 md5 sha1 enc_provider hash_provider +SUBDIRS=des aes md4 md5 sha1 enc_provider hash_provider LOCALINCLUDES = -I$(srcdir)/../krb \ -I$(srcdir)/../krb/hash_provider \ -I$(srcdir)/des \ -I$(srcdir)/aes \ - -I$(srcdir)/arcfour \ -I$(srcdir)/sha1 \ -I$(srcdir)/md4 \ -I$(srcdir)/md5 \ @@ -15,14 +14,11 @@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) DEFS= -EXTRADEPSRCS= $(srcdir)/t_cf2.c - - ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME=$(OUTPRE)crypto.lib ##DOSOBJFILE=$(OUTPRE)crypto.lst -##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)arcfour.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst -##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)arcfour.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst +##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst +##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst STLIBOBJS=\ hmac.o \ @@ -40,7 +36,6 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST \ OBJS.ST @@ -48,7 +43,6 @@ SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - arcfour/OBJS.ST \ aes/OBJS.ST ##DOS##LIBOBJS = $(OBJS) @@ -91,9 +85,6 @@ all-windows:: cd ..\enc_provider @echo Making in crypto\enc_provider $(MAKE) -$(MFLAGS) - cd ..\arcfour - @echo Making in crypto\arcfour - $(MAKE) -$(MFLAGS) cd ..\aes @echo Making in crypto\aes $(MAKE) -$(MFLAGS) @@ -118,9 +109,6 @@ clean-windows:: cd ..\enc_provider @echo Making clean in crypto\enc_provider $(MAKE) -$(MFLAGS) clean - cd ..\arcfour - @echo Making clean in crypto\arcfour - $(MAKE) -$(MFLAGS) clean cd ..\aes @echo Making clean in crypto\aes $(MAKE) -$(MFLAGS) clean @@ -145,9 +133,6 @@ check-windows:: cd ..\enc_provider @echo Making check in crypto\enc_provider $(MAKE) -$(MFLAGS) check - cd ..\arcfour - @echo Making check in crypto\arcfour - $(MAKE) -$(MFLAGS) check cd ..\aes @echo Making check in crypto\aes $(MAKE) -$(MFLAGS) check diff --git a/src/lib/crypto/openssl/aes/deps b/src/lib/crypto/openssl/aes/deps index 52a545856..93ce8c90f 100644 --- a/src/lib/crypto/openssl/aes/deps +++ b/src/lib/crypto/openssl/aes/deps @@ -3,12 +3,12 @@ # aes_s2k.so aes_s2k.po $(OUTPRE)aes_s2k.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/aes_s2k.c \ - $(srcdir)/aes_s2k.h $(srcdir)/../../krb/dk/dk.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/dk/dk.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + aes_s2k.c aes_s2k.h diff --git a/src/lib/crypto/openssl/arcfour/arcfour-int.h b/src/lib/crypto/openssl/arcfour/arcfour-int.h deleted file mode 100644 index bb4cf4201..000000000 --- a/src/lib/crypto/openssl/arcfour/arcfour-int.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - -ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). -This cipher is widely believed and has been tested to be equivalent -with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark -of RSA Data Security) - -*/ -#ifndef ARCFOUR_INT_H -#define ARCFOUR_INT_H - -#include "arcfour.h" -#include - -#define CONFOUNDERLENGTH 8 - -typedef struct -{ - EVP_CIPHER_CTX evp_ctx; - unsigned int x; - unsigned int y; - unsigned char state[256]; - -} ArcfourContext; - -typedef struct { - int initialized; - ArcfourContext ctx; -} ArcFourCipherState; - -krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); - -extern const char *const krb5int_arcfour_l40; - -#endif /* ARCFOUR_INT_H */ diff --git a/src/lib/crypto/openssl/arcfour/arcfour.c b/src/lib/crypto/openssl/arcfour/arcfour.c deleted file mode 100644 index ac96c8605..000000000 --- a/src/lib/crypto/openssl/arcfour/arcfour.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - -ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). -This cipher is widely believed and has been tested to be equivalent -with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark -of RSA Data Security) - -*/ -#include "k5-int.h" -#include "arcfour-int.h" -#include "hash_provider/hash_provider.h" - -const char *const krb5int_arcfour_l40 = "fortybits"; - -void -krb5int_arcfour_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length) -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - - /* checksum + (confounder + inputlen, in even blocksize) */ - *length = hashsize + krb5_roundup(8 + inputlen, blocksize); -} - - krb5_keyusage - krb5int_arcfour_translate_usage(krb5_keyusage usage) -{ - switch (usage) { - case 1: /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */ - return 1; - case 2: /* ticket from kdc */ - return 2; - case 3: /* as-rep encrypted part */ - return 8; - case 4: /* tgs-req authz data */ - return 4; - case 5: /* tgs-req authz data in subkey */ - return 5; - case 6: /* tgs-req authenticator cksum */ - return 6; -case 7: /* tgs-req authenticator */ - return 7; - case 8: - return 8; - case 9: /* tgs-rep encrypted with subkey */ - return 9; - case 10: /* ap-rep authentication cksum */ - return 10; /* xxx Microsoft never uses this*/ - case 11: /* app-req authenticator */ - return 11; - case 12: /* app-rep encrypted part */ - return 12; - case 23: /* sign wrap token*/ - return 13; - default: - return usage; -} -} - -/* RFC 4757 */ -krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - krb5_keyblock k1, k2, k3; - krb5_key k3key = NULL; - krb5_data d1, d2, d3, salt, plaintext, checksum, ciphertext, confounder; - krb5_keyusage ms_usage; - size_t keylength, keybytes, blocksize, hashsize; - krb5_error_code ret; - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - hashsize = hash->hashsize; - - d1.length=keybytes; - d1.data=malloc(d1.length); - if (d1.data == NULL) - return (ENOMEM); - k1 = key->keyblock; - k1.length=d1.length; - k1.contents= (void *) d1.data; - - d2.length=keybytes; - d2.data=malloc(d2.length); - if (d2.data == NULL) { - free(d1.data); - return (ENOMEM); - } - k2 = key->keyblock; - k2.length=d2.length; - k2.contents=(void *) d2.data; - - d3.length=keybytes; - d3.data=malloc(d3.length); - if (d3.data == NULL) { - free(d1.data); - free(d2.data); - return (ENOMEM); - } - k3 = key->keyblock; - k3.length=d3.length; - k3.contents= (void *) d3.data; - - salt.length=14; - salt.data=malloc(salt.length); - if (salt.data == NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - return (ENOMEM); - } - - /* is "input" already blocksize aligned? if it is, then we need this - step, otherwise we do not */ - plaintext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize); - plaintext.data=malloc(plaintext.length); - if (plaintext.data == NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - return(ENOMEM); - } - - /* setup convienient pointers into the allocated data */ - checksum.length=hashsize; - checksum.data=output->data; - ciphertext.length=krb5_roundup(input->length+CONFOUNDERLENGTH,blocksize); - ciphertext.data=output->data+hashsize; - confounder.length=CONFOUNDERLENGTH; - confounder.data=plaintext.data; - output->length = plaintext.length+hashsize; - - /* begin the encryption, computer K1 */ - ms_usage=krb5int_arcfour_translate_usage(usage); - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, salt.data+10); - } else { - salt.length=4; - store_32_le(ms_usage, salt.data); - } - krb5int_hmac(hash, key, 1, &salt, &d1); - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype==ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents+7, 0xab, 9); - - ret=krb5_c_random_make_octets(/* XXX */ 0, &confounder); - memcpy(plaintext.data+confounder.length, input->data, input->length); - if (ret) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &checksum); - if (ret) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret) - goto cleanup; - - ret=(*(enc->encrypt))(k3key, ivec, &plaintext, &ciphertext); - - cleanup: - memset(d1.data, 0, d1.length); - memset(d2.data, 0, d2.length); - memset(d3.data, 0, d3.length); - memset(salt.data, 0, salt.length); - memset(plaintext.data, 0, plaintext.length); - - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - free(plaintext.data); - krb5_k_free_key(NULL, k3key); - return (ret); -} - -/* This is the arcfour-hmac decryption routine */ -krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *output) -{ - krb5_keyblock k1,k2,k3; - krb5_key k3key; - krb5_data d1,d2,d3,salt,ciphertext,plaintext,checksum; - krb5_keyusage ms_usage; - size_t keybytes, keylength, hashsize, blocksize; - krb5_error_code ret; - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - hashsize = hash->hashsize; - - d1.length=keybytes; - d1.data=malloc(d1.length); - if (d1.data == NULL) - return (ENOMEM); - k1 = key->keyblock; - k1.length=d1.length; - k1.contents= (void *) d1.data; - - d2.length=keybytes; - d2.data=malloc(d2.length); - if (d2.data == NULL) { - free(d1.data); - return (ENOMEM); - } - k2 = key->keyblock; - k2.length=d2.length; - k2.contents= (void *) d2.data; - - d3.length=keybytes; - d3.data=malloc(d3.length); - if (d3.data == NULL) { - free(d1.data); - free(d2.data); - return (ENOMEM); - } - k3 = key->keyblock; - k3.length=d3.length; - k3.contents= (void *) d3.data; - - salt.length=14; - salt.data=malloc(salt.length); - if(salt.data==NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - return (ENOMEM); - } - - ciphertext.length=input->length-hashsize; - ciphertext.data=input->data+hashsize; - plaintext.length=ciphertext.length; - plaintext.data=malloc(plaintext.length); - if (plaintext.data == NULL) { - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - return (ENOMEM); - } - - checksum.length=hashsize; - checksum.data=input->data; - - ms_usage=krb5int_arcfour_translate_usage(usage); - - /* We may have to try two ms_usage values; see below. */ - do { - /* compute the salt */ - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, salt.data + 10); - } else { - salt.length = 4; - store_32_le(ms_usage, salt.data); - } - ret = krb5int_hmac(hash, key, 1, &salt, &d1); - if (ret) - goto cleanup; - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents + 7, 0xab, 9); - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret) - goto cleanup; - ret = (*(enc->decrypt))(k3key, ivec, &ciphertext, &plaintext); - krb5_k_free_key(NULL, k3key); - if (ret) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k2, 1, &plaintext, &d1); - if (ret) - goto cleanup; - - if (memcmp(checksum.data, d1.data, hashsize) != 0) { - if (ms_usage == 9) { - /* - * RFC 4757 specifies usage 8 for TGS-REP encrypted - * parts encrypted in a subkey, but the value used by MS - * is actually 9. We now use 9 to start with, but fall - * back to 8 on failure in case we are communicating - * with a KDC using the value from the RFC. - */ - ms_usage = 8; - continue; - } - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - break; - } while (1); - - memcpy(output->data, plaintext.data+CONFOUNDERLENGTH, - (plaintext.length-CONFOUNDERLENGTH)); - output->length=plaintext.length-CONFOUNDERLENGTH; - - cleanup: - memset(d1.data, 0, d1.length); - memset(d2.data, 0, d2.length); - memset(d3.data, 0, d2.length); - memset(salt.data, 0, salt.length); - memset(plaintext.data, 0, plaintext.length); - - free(d1.data); - free(d2.data); - free(d3.data); - free(salt.data); - free(plaintext.data); - return (ret); -} diff --git a/src/lib/crypto/openssl/arcfour/arcfour.h b/src/lib/crypto/openssl/arcfour/arcfour.h deleted file mode 100644 index e00708a7c..000000000 --- a/src/lib/crypto/openssl/arcfour/arcfour.h +++ /dev/null @@ -1,39 +0,0 @@ -#ifndef ARCFOUR_H -#define ARCFOUR_H - -extern void -krb5int_arcfour_encrypt_length(const struct krb5_enc_provider *, - const struct krb5_hash_provider *, - size_t, - size_t *); - -extern krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_enc_provider *, - const struct krb5_hash_provider *, - krb5_key, - krb5_keyusage, - const krb5_data *, - const krb5_data *, - krb5_data *); - -extern krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_enc_provider *, - const struct krb5_hash_provider *, - krb5_key, - krb5_keyusage, - const krb5_data *, - const krb5_data *, - krb5_data *); - -extern krb5_error_code -krb5int_arcfour_string_to_key( - const struct krb5_enc_provider *, - const krb5_data *, - const krb5_data *, - const krb5_data *, - krb5_keyblock *); - -extern const struct krb5_enc_provider krb5int_enc_arcfour; -extern const struct krb5_aead_provider krb5int_aead_arcfour; - -#endif /* ARCFOUR_H */ diff --git a/src/lib/crypto/openssl/arcfour/arcfour_aead.c b/src/lib/crypto/openssl/arcfour/arcfour_aead.c deleted file mode 100644 index 66eb3576b..000000000 --- a/src/lib/crypto/openssl/arcfour/arcfour_aead.c +++ /dev/null @@ -1,336 +0,0 @@ -/* - * lib/crypto/arcfour/arcfour_aead.c - * - * Copyright 2008, 2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include "k5-int.h" -#include "arcfour.h" -#include "arcfour-int.h" -#include "aead.h" - -/* AEAD */ - -static krb5_error_code -krb5int_arcfour_crypto_length(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - *length = hash->hashsize + CONFOUNDERLENGTH; - break; - case KRB5_CRYPTO_TYPE_PADDING: - *length = 0; - break; - case KRB5_CRYPTO_TYPE_TRAILER: - *length = 0; - break; - case KRB5_CRYPTO_TYPE_CHECKSUM: - *length = hash->hashsize; - break; - default: - assert(0 && "invalid cryptotype passed to krb5int_arcfour_crypto_length"); - break; - } - - return 0; -} - -static krb5_error_code -alloc_derived_key(const struct krb5_enc_provider *enc, - krb5_keyblock *dst, - krb5_data *data, - const krb5_keyblock *src) -{ - data->length = enc->keybytes; - data->data = malloc(data->length); - if (data->data == NULL) - return ENOMEM; - - *dst = *src; - dst->length = data->length; - dst->contents = (void *)data->data; - - return 0; -} - -static krb5_error_code -krb5int_arcfour_encrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_keyblock k1, k2, k3; - krb5_key k3key = NULL; - krb5_data d1, d2, d3; - krb5_data checksum, confounder, header_data; - krb5_keyusage ms_usage; - char salt_data[14]; - krb5_data salt; - size_t i; - - d1.length = d2.length = d3.length = 0; - d1.data = d2.data = d3.data = NULL; - - /* - * Caller must have provided space for the header, padding - * and trailer; per RFC 4757 we will arrange it as: - * - * Checksum | E(Confounder | Plaintext) - */ - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || - header->data.length < hash->hashsize + CONFOUNDERLENGTH) - return KRB5_BAD_MSIZE; - - header_data = header->data; - - /* Trailer may be absent */ - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer != NULL) - trailer->data.length = 0; - - /* Ensure that there is no padding */ - for (i = 0; i < num_data; i++) { - if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING) - data[i].data.length = 0; - } - - ret = alloc_derived_key(enc, &k1, &d1, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k2, &d2, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k3, &d3, &key->keyblock); - if (ret != 0) - goto cleanup; - - /* Begin the encryption, compute K1 */ - salt.data = salt_data; - salt.length = sizeof(salt_data); - - ms_usage = krb5int_arcfour_translate_usage(usage); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, salt.data + 10); - } else { - salt.length = 4; - store_32_le(ms_usage, salt.data); - } - ret = krb5int_hmac(hash, key, 1, &salt, &d1); - if (ret != 0) - goto cleanup; - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents + 7, 0xAB, 9); - - header->data.length = hash->hashsize + CONFOUNDERLENGTH; - - confounder.data = header->data.data + hash->hashsize; - confounder.length = CONFOUNDERLENGTH; - - ret = krb5_c_random_make_octets(0, &confounder); - if (ret != 0) - goto cleanup; - - checksum.data = header->data.data; - checksum.length = hash->hashsize; - - /* Adjust pointers so confounder is at start of header */ - header->data.length -= hash->hashsize; - header->data.data += hash->hashsize; - - ret = krb5int_hmac_iov_keyblock(hash, &k2, data, num_data, &checksum); - if (ret != 0) - goto cleanup; - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret != 0) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret != 0) - goto cleanup; - - ret = enc->encrypt_iov(k3key, ivec, data, num_data); - if (ret != 0) - goto cleanup; - -cleanup: - header->data = header_data; /* restore header pointers */ - - if (d1.data != NULL) { - memset(d1.data, 0, d1.length); - free(d1.data); - } - if (d2.data != NULL) { - memset(d2.data, 0, d2.length); - free(d2.data); - } - if (d3.data != NULL) { - memset(d3.data, 0, d3.length); - free(d3.data); - } - - krb5_k_free_key(NULL, k3key); - return ret; -} - -static krb5_error_code -krb5int_arcfour_decrypt_iov(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) -{ - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_keyblock k1, k2, k3; - krb5_key k3key = NULL; - krb5_data d1, d2, d3; - krb5_data checksum, header_data; - krb5_keyusage ms_usage; - char salt_data[14]; - krb5_data salt; - - d1.length = d2.length = d3.length = 0; - d1.data = d2.data = d3.data = NULL; - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || - header->data.length != hash->hashsize + CONFOUNDERLENGTH) - return KRB5_BAD_MSIZE; - - header_data = header->data; - - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer != NULL && trailer->data.length != 0) - return KRB5_BAD_MSIZE; - - ret = alloc_derived_key(enc, &k1, &d1, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k2, &d2, &key->keyblock); - if (ret != 0) - goto cleanup; - - ret = alloc_derived_key(enc, &k3, &d3, &key->keyblock); - if (ret != 0) - goto cleanup; - - /* Begin the decryption, compute K1 */ - salt.data = salt_data; - salt.length = sizeof(salt_data); - - ms_usage = krb5int_arcfour_translate_usage(usage); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) { - strncpy(salt.data, krb5int_arcfour_l40, salt.length); - store_32_le(ms_usage, (unsigned char *)salt.data + 10); - } else { - salt.length = 4; - store_32_le(ms_usage, (unsigned char *)salt.data); - } - ret = krb5int_hmac(hash, key, 1, &salt, &d1); - if (ret != 0) - goto cleanup; - - memcpy(k2.contents, k1.contents, k2.length); - - if (key->keyblock.enctype == ENCTYPE_ARCFOUR_HMAC_EXP) - memset(k1.contents + 7, 0xAB, 9); - - checksum.data = header->data.data; - checksum.length = hash->hashsize; - - /* Adjust pointers so confounder is at start of header */ - header->data.length -= hash->hashsize; - header->data.data += hash->hashsize; - - ret = krb5int_hmac_keyblock(hash, &k1, 1, &checksum, &d3); - if (ret != 0) - goto cleanup; - - ret = krb5_k_create_key(NULL, &k3, &k3key); - if (ret != 0) - goto cleanup; - - ret = enc->decrypt_iov(k3key, ivec, data, num_data); - if (ret != 0) - goto cleanup; - - ret = krb5int_hmac_iov_keyblock(hash, &k2, data, num_data, &d1); - if (ret != 0) - goto cleanup; - - if (memcmp(checksum.data, d1.data, hash->hashsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - -cleanup: - header->data = header_data; /* restore header pointers */ - - if (d1.data != NULL) { - memset(d1.data, 0, d1.length); - free(d1.data); - } - if (d2.data != NULL) { - memset(d2.data, 0, d2.length); - free(d2.data); - } - if (d3.data != NULL) { - memset(d3.data, 0, d3.length); - free(d3.data); - } - - krb5_k_free_key(NULL, k3key); - return ret; -} - -const struct krb5_aead_provider krb5int_aead_arcfour = { - krb5int_arcfour_crypto_length, - krb5int_arcfour_encrypt_iov, - krb5int_arcfour_decrypt_iov -}; diff --git a/src/lib/crypto/openssl/arcfour/arcfour_s2k.c b/src/lib/crypto/openssl/arcfour/arcfour_s2k.c deleted file mode 100644 index 1aaaa1cc4..000000000 --- a/src/lib/crypto/openssl/arcfour/arcfour_s2k.c +++ /dev/null @@ -1,59 +0,0 @@ -#include "k5-int.h" -#include "k5-utf8.h" -#include "rsa-md4.h" -#include "arcfour-int.h" - -#if TARGET_OS_MAC && !defined(DEPEND) -#include -#endif - -krb5_error_code -krb5int_arcfour_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key) -{ - krb5_error_code err = 0; - krb5_MD4_CTX md4_context; - unsigned char *copystr; - size_t copystrlen; - - if (params != NULL) - return KRB5_ERR_BAD_S2K_PARAMS; - - if (key->length != 16) - return (KRB5_BAD_MSIZE); - - /* We ignore salt per the Microsoft spec*/ - - /* compute the space needed for the new string. - Since the password must be stored in unicode, we need to increase - that number by 2x. - */ - - err = krb5int_utf8cs_to_ucs2les(string->data, string->length, ©str, ©strlen); - if (err) - return err; - - /* the actual MD4 hash of the data */ - krb5int_MD4Init(&md4_context); - krb5int_MD4Update(&md4_context, copystr, copystrlen); - krb5int_MD4Final(&md4_context); - memcpy(key->contents, md4_context.digest, 16); - -#if 0 - /* test the string_to_key function */ - printf("Hash="); - { - int counter; - for(counter=0;counter<16;counter++) - printf("%02x", md4_context.digest[counter]); - printf("\n"); - } -#endif /* 0 */ - - /* Zero out the data behind us */ - memset(copystr, 0, copystrlen); - memset(&md4_context, 0, sizeof(md4_context)); - free(copystr); - return err; -} diff --git a/src/lib/crypto/openssl/arcfour/deps b/src/lib/crypto/openssl/arcfour/deps deleted file mode 100644 index 07fd55ef8..000000000 --- a/src/lib/crypto/openssl/arcfour/deps +++ /dev/null @@ -1,41 +0,0 @@ -# -# Generated makefile dependencies follow. -# -arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/arcfour-int.h \ - $(srcdir)/arcfour.c $(srcdir)/arcfour.h \ - $(srcdir)/../hash_provider/hash_provider.h -arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/arcfour-int.h $(srcdir)/arcfour.h \ - $(srcdir)/arcfour_aead.c $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h -arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/arcfour-int.h \ - $(srcdir)/arcfour.h $(srcdir)/arcfour_s2k.c \ - $(srcdir)/../md4/rsa-md4.h diff --git a/src/lib/crypto/openssl/deps b/src/lib/crypto/openssl/deps index 7fc8427ae..6cf7e30c9 100644 --- a/src/lib/crypto/openssl/deps +++ b/src/lib/crypto/openssl/deps @@ -3,23 +3,23 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ + $(srcdir)/../krb/cksumtypes.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/hmac.c \ - $(srcdir)/../krb/aead.h $(srcdir)/../krb/cksumtypes.h + $(top_srcdir)/include/socket-utils.h hmac.c pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/hash_provider/hash_provider.h \ - $(srcdir)/pbkdf2.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + pbkdf2.c diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps index 206b3a4b4..3c0891ec3 100644 --- a/src/lib/crypto/openssl/des/deps +++ b/src/lib/crypto/openssl/des/deps @@ -11,18 +11,18 @@ f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/des_int.h $(srcdir)/f_parity.c -des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/des_int.h \ - $(srcdir)/des_oldapis.c + des_int.h f_parity.c +des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h des_oldapis.c weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -33,7 +33,7 @@ weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/des_int.h $(srcdir)/weak_key.c + des_int.h weak_key.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -44,4 +44,4 @@ string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/des_int.h $(srcdir)/string2key.c + des_int.h string2key.c diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps index 3cae3a674..2254ccd51 100644 --- a/src/lib/crypto/openssl/enc_provider/deps +++ b/src/lib/crypto/openssl/enc_provider/deps @@ -3,53 +3,49 @@ # des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ + $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/../des/des_int.h \ - $(srcdir)/des.c $(srcdir)/enc_provider.h \ - $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/rand2key/rand2key.h + $(top_srcdir)/include/socket-utils.h des.c des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ + $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/../des/des_int.h \ - $(srcdir)/des3.c $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h + $(top_srcdir)/include/socket-utils.h des3.c aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ + $(srcdir)/../hash_provider/hash_provider.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/aes.c \ - $(srcdir)/enc_provider.h \ - $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/rand2key/rand2key.h + $(top_srcdir)/include/socket-utils.h aes.c enc_provider.h rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/../arcfour/arcfour-int.h \ - $(srcdir)/../arcfour/arcfour.h $(srcdir)/enc_provider.h \ - $(srcdir)/rc4.c $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/rand2key/rand2key.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + rc4.c diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c index a7c3020ea..b5e69ff67 100644 --- a/src/lib/crypto/openssl/enc_provider/rc4.c +++ b/src/lib/crypto/openssl/enc_provider/rc4.c @@ -39,6 +39,20 @@ #include #include +typedef struct +{ + EVP_CIPHER_CTX evp_ctx; + unsigned int x; + unsigned int y; + unsigned char state[256]; + +} ArcfourContext; + +typedef struct { + int initialized; + ArcfourContext ctx; +} ArcFourCipherState; + #define RC4_KEY_SIZE 16 #define RC4_BLOCK_SIZE 1 diff --git a/src/lib/crypto/openssl/hash_provider/deps b/src/lib/crypto/openssl/hash_provider/deps index 86f018d2d..592ab9ac5 100644 --- a/src/lib/crypto/openssl/hash_provider/deps +++ b/src/lib/crypto/openssl/hash_provider/deps @@ -4,49 +4,46 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crc32/crc-32.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/hash_crc32.c \ - $(srcdir)/hash_provider.h \ - $(srcdir)/../../krb/crc32/crc-32.h + hash_crc32.c hash_provider.h hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/hash_md4.c $(srcdir)/hash_provider.h \ - $(srcdir)/../md4/rsa-md4.h + $(COM_ERR_DEPS) $(srcdir)/../md4/rsa-md4.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/hash_md5.c $(srcdir)/hash_provider.h \ - $(srcdir)/../md5/rsa-md5.h + $(COM_ERR_DEPS) $(srcdir)/../md5/rsa-md5.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h hash_md5.c hash_provider.h hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - $(srcdir)/hash_provider.h \ - $(srcdir)/hash_sha1.c $(srcdir)/../sha1/shs.h + $(COM_ERR_DEPS) $(srcdir)/../sha1/shs.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h hash_provider.h \ + hash_sha1.c diff --git a/src/lib/crypto/openssl/md4/deps b/src/lib/crypto/openssl/md4/deps index 0a9bb56af..a28d9da9f 100644 --- a/src/lib/crypto/openssl/md4/deps +++ b/src/lib/crypto/openssl/md4/deps @@ -10,5 +10,4 @@ md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/md4.c \ - $(srcdir)/rsa-md4.h + $(top_srcdir)/include/socket-utils.h md4.c rsa-md4.h diff --git a/src/lib/crypto/openssl/md5/deps b/src/lib/crypto/openssl/md5/deps index 116d552a5..876368d54 100644 --- a/src/lib/crypto/openssl/md5/deps +++ b/src/lib/crypto/openssl/md5/deps @@ -10,5 +10,4 @@ md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/md5.c \ - $(srcdir)/rsa-md5.h + $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h diff --git a/src/lib/crypto/openssl/sha1/deps b/src/lib/crypto/openssl/sha1/deps index e75ca6bcf..40fa5fa9d 100644 --- a/src/lib/crypto/openssl/sha1/deps +++ b/src/lib/crypto/openssl/sha1/deps @@ -10,5 +10,4 @@ shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h $(srcdir)/shs.c \ - $(srcdir)/shs.h + $(top_srcdir)/include/socket-utils.h shs.c shs.h