From: Greg Hudson Date: Wed, 2 Mar 2011 05:29:29 +0000 (+0000) Subject: Consolidate almost all lib/crypto/krb headers into a single X-Git-Tag: krb5-1.10-alpha1~559 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=ce6d249fdf1dd7dda5b202836ed387500324ae2a;p=krb5.git Consolidate almost all lib/crypto/krb headers into a single crypto_int.h. In that header, define and document responsibilities for crypto modules, some of which are satisfied through a module-specific crypto_mod.h. In the OpenSSL and NSS modules, remove many of the headers and sources providing functionality which isn't needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and SHA-1 hashing, as well as DES weak key testing). Change most Makefile.ins to only include headers from lib/crypto/krb and lib/crypto/$(CRYPTO_IMPL), instead of from many different directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 779b25bdb..830abd5e0 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -643,61 +643,6 @@ struct krb5_key_st { void *cache; }; -/* new encryption provider api */ - -struct krb5_enc_provider { - /* keybytes is the input size to make_key; - keylength is the output size */ - size_t block_size, keybytes, keylength; - - krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state, - krb5_crypto_iov *data, size_t num_data); - - krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state, - krb5_crypto_iov *data, size_t num_data); - - /* May be NULL if the cipher is not used for a cbc-mac checksum. */ - krb5_error_code (*cbc_mac)(krb5_key key, const krb5_crypto_iov *data, - size_t num_data, const krb5_data *ivec, - krb5_data *output); - - krb5_error_code (*init_state)(const krb5_keyblock *key, - krb5_keyusage keyusage, - krb5_data *out_state); - krb5_error_code (*free_state)(krb5_data *state); - - /* May be NULL if there is no key-derived data cached. */ - void (*key_cleanup)(krb5_key key); -}; - -struct krb5_hash_provider { - char hash_name[8]; - size_t hashsize, blocksize; - - krb5_error_code (*hash)(const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); -}; - -/* - * in here to deal with stuff from lib/crypto - */ - -void krb5int_nfold(unsigned int inbits, const unsigned char *in, - unsigned int outbits, unsigned char *out); - -krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, - krb5_key key, const krb5_crypto_iov *data, - size_t num_data, krb5_data *output); - -krb5_error_code -krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *keyblock, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_pbkdf2_hmac_sha1(const krb5_data *, unsigned long, - const krb5_data *, const krb5_data *); - /* These crypto functions are used by GSSAPI via the accessor. */ krb5_error_code @@ -757,21 +702,6 @@ zapfree(void *ptr, size_t len) } } -/* A definition of init_state for DES based encryption systems. - * sets up an 8-byte IV of all zeros - */ - -krb5_error_code -krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage keyusage, - krb5_data *new_state); - -/* - * normally to free a cipher_state you can just memset the length to zero and - * free it. - */ -krb5_error_code krb5int_default_free_state(krb5_data *state); - - /* * Combine two keys (normally used by the hardware preauth mechanism) */ @@ -790,13 +720,6 @@ krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to); -/* - * Internal - for cleanup. - */ -extern void krb5int_prng_cleanup(void); -extern void krb5int_crypto_impl_cleanup(void); - - #ifdef KRB5_OLD_CRYPTO /* old provider api */ @@ -2603,10 +2526,6 @@ extern krb5_error_code krb5int_translate_gai_error(int); extern krb5_error_code krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *); -extern int krb5int_crypto_init (void); -extern int krb5int_prng_init(void); -extern int krb5int_crypto_impl_init(void); - /* * Referral definitions, debugging hooks, and subfunctions. */ @@ -2621,19 +2540,6 @@ void krb5int_dbgref_dump_principal(char *, krb5_principal); krb5_error_code krb5int_clean_hostname(krb5_context, const char *, char *, size_t); -krb5_error_code -krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code -krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code -krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data, - size_t num_data, const krb5_data *iv, - krb5_data *output); - #if 0 /* * There are no IANA assignments for these enctypes or cksumtypes yet. They diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in index 66e16ce69..4da51b705 100644 --- a/src/lib/crypto/builtin/Makefile.in +++ b/src/lib/crypto/builtin/Makefile.in @@ -1,17 +1,7 @@ mydir=lib$(S)crypto$(S)builtin BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider -LOCALINCLUDES = -I$(srcdir)/../krb \ - -I$(srcdir)/../krb/hash_provider \ - -I$(srcdir)/des \ - -I$(srcdir)/aes \ - -I$(srcdir)/camellia \ - -I$(srcdir)/sha1 \ - -I$(srcdir)/sha2 \ - -I$(srcdir)/md4 \ - -I$(srcdir)/md5 \ - -I$(srcdir)/enc_provider \ - -I$(srcdir)/hash_provider +LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/crypto/openssl/sha2/sha2.h b/src/lib/crypto/builtin/crypto_mod.h similarity index 73% rename from src/lib/crypto/openssl/sha2/sha2.h rename to src/lib/crypto/builtin/crypto_mod.h index afc1d4660..f85e32215 100644 --- a/src/lib/crypto/openssl/sha2/sha2.h +++ b/src/lib/crypto/builtin/crypto_mod.h @@ -1,9 +1,8 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/builtin/crypto_mod.h - Builtin crypto module declarations */ /* - * lib/crypto/openssl/sha2/sha2.h - * - * Copyright 2010 by the Massachusetts Institute of Technology. - * All Rights Reserved. + * Copyright (C) 2011 by the Massachusetts Institute of Technology. + * All rights reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. @@ -25,14 +24,16 @@ * or implied warranty. */ -#ifndef _SHA2_DEFINED - -#include +/* + * This header is included from lib/crypto/krb/crypto_int.h to provide + * module-specific declarations. It is not included directly from source + * files. + */ -#define _SHA2_DEFINED +#ifndef CRYPTO_MOD_H +#define CRYPTO_MOD_H -#define k5_sha256_init SHA256_Init -#define k5_sha256_update SHA256_Update -#define k5_sha256_final SHA256_Final +#include +#include -#endif /* _SHA2_DEFINED */ +#endif /* CRYPTO_MOD_H */ diff --git a/src/lib/crypto/builtin/deps b/src/lib/crypto/builtin/deps index 66b6826c5..d8decdd68 100644 --- a/src/lib/crypto/builtin/deps +++ b/src/lib/crypto/builtin/deps @@ -3,8 +3,8 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ - $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(srcdir)/aes/aes.h $(srcdir)/aes/uitypes.h $(srcdir)/sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -12,21 +12,23 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hmac.c + $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c init.so init.po $(OUTPRE)init.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - init.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(srcdir)/aes/aes.h $(srcdir)/aes/uitypes.h $(srcdir)/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_mod.h init.c pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(srcdir)/aes/aes.h $(srcdir)/aes/uitypes.h $(srcdir)/sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -34,6 +36,6 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h pbkdf2.c + $(top_srcdir)/include/socket-utils.h crypto_mod.h pbkdf2.c t_cf2.so t_cf2.po $(OUTPRE)t_cf2.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h t_cf2.c diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in index 9b5d81402..9ac2f6cc6 100644 --- a/src/lib/crypto/builtin/des/Makefile.in +++ b/src/lib/crypto/builtin/des/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)builtin$(S)des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/builtin/des/afsstring2key.c b/src/lib/crypto/builtin/des/afsstring2key.c index 8c880464b..701b50a0f 100644 --- a/src/lib/crypto/builtin/des/afsstring2key.c +++ b/src/lib/crypto/builtin/des/afsstring2key.c @@ -58,7 +58,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "des_int.h" #include diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c index 182f631e5..af34fe9b1 100644 --- a/src/lib/crypto/builtin/des/d3_aead.c +++ b/src/lib/crypto/builtin/des/d3_aead.c @@ -22,9 +22,9 @@ * express or implied warranty. */ +#include "crypto_int.h" #include "des_int.h" #include "f_tables.h" -#include "aead.h" void krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps index 12e583c10..7ab3fe33e 100644 --- a/src/lib/crypto/builtin/des/deps +++ b/src/lib/crypto/builtin/des/deps @@ -4,28 +4,30 @@ afsstring2key.so afsstring2key.po $(OUTPRE)afsstring2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h afsstring2key.c \ - des_int.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + afsstring2key.c des_int.h d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h d3_aead.c des_int.h \ - f_tables.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + d3_aead.c des_int.h f_tables.h d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -39,17 +41,17 @@ d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ $(top_srcdir)/include/socket-utils.h d3_kysched.c des_int.h f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_aead.c \ - f_tables.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h f_aead.c f_tables.h f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ @@ -64,14 +66,17 @@ f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h f_parity.c f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ @@ -120,14 +125,17 @@ weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h string2key.c + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h string2key.c destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h index 419459d22..d3a7cc960 100644 --- a/src/lib/crypto/builtin/des/des_int.h +++ b/src/lib/crypto/builtin/des/des_int.h @@ -187,7 +187,6 @@ krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *, krb5_pointer *); /* key_parity.c */ -void mit_des_fixup_key_parity(mit_des_cblock); int mit_des_check_key_parity(mit_des_cblock); /* key_sched.c */ diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c index 34eee2cbd..08bd5f8b2 100644 --- a/src/lib/crypto/builtin/des/f_aead.c +++ b/src/lib/crypto/builtin/des/f_aead.c @@ -22,9 +22,9 @@ * express or implied warranty. */ +#include "crypto_int.h" #include "des_int.h" #include "f_tables.h" -#include "aead.h" const mit_des_cblock mit_des_zeroblock /* = all zero */; diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c index 460b5061b..501a1b35b 100644 --- a/src/lib/crypto/builtin/des/f_parity.c +++ b/src/lib/crypto/builtin/des/f_parity.c @@ -9,7 +9,7 @@ * Mark Eichin -- Cygnus Support */ - +#include "crypto_int.h" #include "des_int.h" /* @@ -22,10 +22,10 @@ #define parity_char(x) pstep(pstep(pstep((x),4),2),1) void -mit_des_fixup_key_parity(mit_des_cblock key) +mit_des_fixup_key_parity(unsigned char *key) { unsigned int i; - for (i=0; i #define CHECK_SIZES 0 diff --git a/src/lib/crypto/builtin/enc_provider/camellia.c b/src/lib/crypto/builtin/enc_provider/camellia.c index 7c71434c7..16723422c 100644 --- a/src/lib/crypto/builtin/enc_provider/camellia.c +++ b/src/lib/crypto/builtin/enc_provider/camellia.c @@ -24,10 +24,8 @@ * or implied warranty. */ -#include "k5-int.h" -#include "enc_provider.h" +#include "crypto_int.h" #include "camellia.h" -#include #ifdef CAMELLIA diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps index ddb4757a0..e1b8cbde7 100644 --- a/src/lib/crypto/builtin/enc_provider/deps +++ b/src/lib/crypto/builtin/enc_provider/deps @@ -3,35 +3,35 @@ # des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des.c enc_provider.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../des/des_int.h $(srcdir)/../sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des.c des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des3.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../des/des_int.h $(srcdir)/../sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des3.c aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -39,25 +39,13 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aes.c enc_provider.h + aes.c camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../aes/uitypes.h \ - $(srcdir)/../camellia/camellia.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - camellia.c enc_provider.h -rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../camellia/camellia.h \ + $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -65,5 +53,17 @@ rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h enc_provider.h \ + $(top_srcdir)/include/socket-utils.h camellia.c +rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../aes/aes.h $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ rc4.c diff --git a/src/lib/crypto/builtin/enc_provider/des.c b/src/lib/crypto/builtin/enc_provider/des.c index 1ff964890..72a3ffc3b 100644 --- a/src/lib/crypto/builtin/enc_provider/des.c +++ b/src/lib/crypto/builtin/enc_provider/des.c @@ -25,10 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "des_int.h" -#include "enc_provider.h" -#include static krb5_error_code validate_and_schedule(krb5_key key, const krb5_data *ivec, diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c index fa4234e81..793db5e56 100644 --- a/src/lib/crypto/builtin/enc_provider/des3.c +++ b/src/lib/crypto/builtin/enc_provider/des3.c @@ -25,9 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "des_int.h" -#include static krb5_error_code validate_and_schedule(krb5_key key, const krb5_data *ivec, diff --git a/src/lib/crypto/builtin/enc_provider/rc4.c b/src/lib/crypto/builtin/enc_provider/rc4.c index b8d7e3616..13255567b 100644 --- a/src/lib/crypto/builtin/enc_provider/rc4.c +++ b/src/lib/crypto/builtin/enc_provider/rc4.c @@ -7,9 +7,7 @@ * #include STD_DISCLAIMER */ -#include "k5-int.h" -#include "enc_provider.h" -#include +#include "crypto_int.h" typedef struct { diff --git a/src/lib/crypto/builtin/hash_provider/Makefile.in b/src/lib/crypto/builtin/hash_provider/Makefile.in index f008e7118..ad40ef6e3 100644 --- a/src/lib/crypto/builtin/hash_provider/Makefile.in +++ b/src/lib/crypto/builtin/hash_provider/Makefile.in @@ -1,7 +1,7 @@ mydir=lib$(S)crypto$(S)builtin$(S)hash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ - -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb -I$(srcdir)/../md4 \ + -I$(srcdir)/../md5 -I$(srcdir)/../sha1 DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/builtin/hash_provider/deps b/src/lib/crypto/builtin/hash_provider/deps index b31059e43..845d97627 100644 --- a/src/lib/crypto/builtin/hash_provider/deps +++ b/src/lib/crypto/builtin/hash_provider/deps @@ -4,21 +4,23 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_crc32.c hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../md4/rsa-md4.h $(srcdir)/../sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -26,12 +28,13 @@ hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_md4.c hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../md5/rsa-md5.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../md5/rsa-md5.h $(srcdir)/../sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -39,18 +42,18 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_md5.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_md5.c hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../sha1/shs.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_provider.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ + $(srcdir)/../aes/uitypes.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../sha1/shs.h $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ hash_sha1.c diff --git a/src/lib/crypto/builtin/hash_provider/hash_crc32.c b/src/lib/crypto/builtin/hash_provider/hash_crc32.c index c9cafb0eb..1d0be5563 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_crc32.c +++ b/src/lib/crypto/builtin/hash_provider/hash_crc32.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "crc-32.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" static krb5_error_code k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/builtin/hash_provider/hash_md4.c b/src/lib/crypto/builtin/hash_provider/hash_md4.c index 85f18f66d..e7daf5277 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_md4.c +++ b/src/lib/crypto/builtin/hash_provider/hash_md4.c @@ -25,10 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "rsa-md4.h" -#include "hash_provider.h" -#include "aead.h" static krb5_error_code k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/builtin/hash_provider/hash_md5.c b/src/lib/crypto/builtin/hash_provider/hash_md5.c index 583a8fb12..0f655ddae 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_md5.c +++ b/src/lib/crypto/builtin/hash_provider/hash_md5.c @@ -25,10 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "rsa-md5.h" -#include "hash_provider.h" -#include "aead.h" static krb5_error_code k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/builtin/hash_provider/hash_sha1.c b/src/lib/crypto/builtin/hash_provider/hash_sha1.c index 7a9cda5f7..535e8e584 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_sha1.c +++ b/src/lib/crypto/builtin/hash_provider/hash_sha1.c @@ -25,10 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "shs.h" -#include "hash_provider.h" -#include "aead.h" static krb5_error_code k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/builtin/hmac.c b/src/lib/crypto/builtin/hmac.c index 3cb4146eb..c697a76e8 100644 --- a/src/lib/crypto/builtin/hmac.c +++ b/src/lib/crypto/builtin/hmac.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "aead.h" +#include "crypto_int.h" /* * Because our built-in HMAC implementation doesn't need to invoke any diff --git a/src/lib/crypto/builtin/init.c b/src/lib/crypto/builtin/init.c index 5f8d3b1c6..cc35ba7e6 100644 --- a/src/lib/crypto/builtin/init.c +++ b/src/lib/crypto/builtin/init.c @@ -28,7 +28,7 @@ * Built-in back-end library init functions */ -#include "k5-int.h" +#include "crypto_int.h" int krb5int_crypto_impl_init(void) diff --git a/src/lib/crypto/builtin/pbkdf2.c b/src/lib/crypto/builtin/pbkdf2.c index 31de329c0..ce721c9c6 100644 --- a/src/lib/crypto/builtin/pbkdf2.c +++ b/src/lib/crypto/builtin/pbkdf2.c @@ -29,8 +29,7 @@ */ #include -#include "k5-int.h" -#include "hash_provider.h" +#include "crypto_int.h" /* * RFC 2898 specifies PBKDF2 in terms of an underlying pseudo-random @@ -42,18 +41,18 @@ * longer than the block size.) * * For efficiency, it is better to generate the key from the password - * once at the beginning, so we specify prf_func in terms of a + * once at the beginning, so we specify prf_fn in terms of a * krb5_key first argument. That might not be convenient for a PRF * which uses the password in some other way, so this might need to be * adjusted in the future. */ -typedef krb5_error_code (*prf_func)(krb5_key pass, krb5_data *salt, - krb5_data *out); +typedef krb5_error_code (*prf_fn)(krb5_key pass, krb5_data *salt, + krb5_data *out); /* Not exported, for now. */ static krb5_error_code -krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass, +krb5int_pbkdf2 (prf_fn prf, size_t hlen, krb5_key pass, const krb5_data *salt, unsigned long count, const krb5_data *output); @@ -81,7 +80,7 @@ static void printd (const char *descr, krb5_data *d) { } static krb5_error_code -F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, +F(char *output, char *u_tmp1, char *u_tmp2, prf_fn prf, size_t hlen, krb5_key pass, const krb5_data *salt, unsigned long count, int i) { unsigned char ibytes[4]; @@ -151,7 +150,7 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, } static krb5_error_code -krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass, +krb5int_pbkdf2 (prf_fn prf, size_t hlen, krb5_key pass, const krb5_data *salt, unsigned long count, const krb5_data *output) { diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in index 81f9b5e0a..e137083ec 100644 --- a/src/lib/crypto/crypto_tests/Makefile.in +++ b/src/lib/crypto/crypto_tests/Makefile.in @@ -1,16 +1,6 @@ mydir=lib$(S)crypto$(S)crypto_tests BUILDTOP=$(REL)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)/../$(CRYPTO_IMPL)/enc_provider \ - -I$(srcdir)/../$(CRYPTO_IMPL)/hash_provider \ - -I$(srcdir)/../krb/keyhash_provider -I$(srcdir)/../krb/dk \ - -I$(srcdir)/../$(CRYPTO_IMPL) -I$(srcdir)/../krb/prng \ - -I$(srcdir)/../krb/prng/$(PRNG_ALG) -I$(srcdir)/../krb/crc32 \ - -I$(srcdir)/../krb/old -I$(srcdir)/../krb/raw \ - -I$(srcdir)/../$(CRYPTO_IMPL)/aes -I$(srcdir)/../$(CRYPTO_IMPL)/des \ - -I$(srcdir)/../$(CRYPTO_IMPL)/arcfour \ - -I$(srcdir)/../$(CRYPTO_IMPL)/sha1 \ - -I$(srcdir)/../$(CRYPTO_IMPL)/md5 -I$(srcdir)/../$(CRYPTO_IMPL)/md4 \ - -I$(srcdir)/../$(CRYPTO_IMPL)/camellia +LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)/../$(CRYPTO_IMPL) RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/crypto/crypto_tests/aes-test.c b/src/lib/crypto/crypto_tests/aes-test.c index 4c0618a47..b86b5ab8c 100644 --- a/src/lib/crypto/crypto_tests/aes-test.c +++ b/src/lib/crypto/crypto_tests/aes-test.c @@ -30,7 +30,7 @@ */ #include -#include "k5-int.h" +#include "crypto_int.h" static char key[32]; static char plain[16], cipher[16], zero[16]; diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps index 7849b8afe..01aa2dc0f 100644 --- a/src/lib/crypto/crypto_tests/deps +++ b/src/lib/crypto/crypto_tests/deps @@ -3,18 +3,22 @@ # $(OUTPRE)t_nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - t_nfold.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_nfold.c $(OUTPRE)t_encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -58,8 +62,9 @@ $(OUTPRE)t_prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ t_prng.c $(OUTPRE)t_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/cksumtypes.h \ - $(srcdir)/../krb/etypes.h $(srcdir)/../openssl/enc_provider/enc_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -70,7 +75,9 @@ $(OUTPRE)t_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/socket-utils.h t_cmac.c $(OUTPRE)t_hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -92,7 +99,9 @@ $(OUTPRE)t_pkcs5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ t_pkcs5.c $(OUTPRE)t_cts.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -103,7 +112,9 @@ $(OUTPRE)t_cts.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/socket-utils.h t_cts.c $(OUTPRE)vectors.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -114,15 +125,17 @@ $(OUTPRE)vectors.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/socket-utils.h vectors.c $(OUTPRE)aes-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aes-test.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h aes-test.c $(OUTPRE)camellia-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ @@ -158,7 +171,9 @@ $(OUTPRE)t_cksums.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ t_cksums.c $(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crc32/crc-32.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -169,7 +184,9 @@ $(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/socket-utils.h t_crc.c $(OUTPRE)t_mddriver.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../openssl/md5/rsa-md5.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -213,17 +230,17 @@ $(OUTPRE)t_str2key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ t_str2key.c $(OUTPRE)t_derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/cksumtypes.h \ - $(srcdir)/../krb/dk/dk.h $(srcdir)/../krb/etypes.h \ - $(srcdir)/../openssl/enc_provider/enc_provider.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - t_derive.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_derive.c $(OUTPRE)t_fork.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ diff --git a/src/lib/crypto/crypto_tests/t_cmac.c b/src/lib/crypto/crypto_tests/t_cmac.c index 47afd53f3..c140f24f5 100644 --- a/src/lib/crypto/crypto_tests/t_cmac.c +++ b/src/lib/crypto/crypto_tests/t_cmac.c @@ -38,9 +38,7 @@ * krb5int_cmac_checksum. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "cksumtypes.h" +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/crypto_tests/t_crc.c b/src/lib/crypto/crypto_tests/t_crc.c index 99b2b5ee7..d8b0ea74f 100644 --- a/src/lib/crypto/crypto_tests/t_crc.c +++ b/src/lib/crypto/crypto_tests/t_crc.c @@ -31,8 +31,7 @@ #include #include #include -#include "k5-int.h" -#include "crc-32.h" +#include "crypto_int.h" #define HEX 1 #define STR 2 diff --git a/src/lib/crypto/crypto_tests/t_cts.c b/src/lib/crypto/crypto_tests/t_cts.c index da697bde1..90155f780 100644 --- a/src/lib/crypto/crypto_tests/t_cts.c +++ b/src/lib/crypto/crypto_tests/t_cts.c @@ -37,7 +37,7 @@ #include #include #include -#include "hash_provider.h" +#include "crypto_int.h" #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0])) diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c index 49b0bb5fa..f221ebff5 100644 --- a/src/lib/crypto/crypto_tests/t_derive.c +++ b/src/lib/crypto/crypto_tests/t_derive.c @@ -29,9 +29,7 @@ * With the -v flag, results for all tests are displayed. */ -#include "k5-int.h" -#include "../krb/dk/dk.h" -#include "enc_provider/enc_provider.h" +#include "crypto_int.h" struct test { krb5_enctype enctype; diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c index 5008ab015..db75e22a8 100644 --- a/src/lib/crypto/crypto_tests/t_encrypt.c +++ b/src/lib/crypto/crypto_tests/t_encrypt.c @@ -31,8 +31,7 @@ * Some black-box tests of crypto systems. Make sure that we can decrypt things we encrypt, etc. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" #include /* What enctypes should we test?*/ diff --git a/src/lib/crypto/crypto_tests/t_hmac.c b/src/lib/crypto/crypto_tests/t_hmac.c index 1056ff62f..ec49d615d 100644 --- a/src/lib/crypto/crypto_tests/t_hmac.c +++ b/src/lib/crypto/crypto_tests/t_hmac.c @@ -34,7 +34,7 @@ #include #include -#include "hash_provider.h" +#include "crypto_int.h" #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0])) diff --git a/src/lib/crypto/crypto_tests/t_mddriver.c b/src/lib/crypto/crypto_tests/t_mddriver.c index b3af381f6..68435139c 100644 --- a/src/lib/crypto/crypto_tests/t_mddriver.c +++ b/src/lib/crypto/crypto_tests/t_mddriver.c @@ -21,28 +21,17 @@ #define MD 5 #endif -#include "k5-int.h" - -#if MD == 2 -#include "md2.h" -#endif -#if MD == 4 -#include "rsa-md4.h" -#endif -#if MD == 5 -#include "rsa-md5.h" -#endif +#include "crypto_int.h" /* Length of test block, number of test blocks. */ #define TEST_BLOCK_LEN 1000 #define TEST_BLOCK_COUNT 1000 +static void MDHash (char *, size_t, size_t, unsigned char *); static void MDString (char *); static void MDTimeTrial (void); static void MDTestSuite (void); -static void MDFile (char *); -static void MDFilter (void); static void MDPrint (unsigned char [16]); struct md_test_entry { @@ -50,18 +39,8 @@ struct md_test_entry { unsigned char digest[16]; }; -#if MD == 2 -#define MD_CTX krb5_MD2_CTX -#define MDInit krb5_MD2Init -#define MDUpdate krb5_MD2Update -#define MDFinal krb5_MD2Final -#endif - #if MD == 4 -#define MD_CTX krb5_MD4_CTX -#define MDInit krb5int_MD4Init -#define MDUpdate krb5int_MD4Update -#define MDFinal krb5int_MD4Final +#define MDProvider krb5int_hash_md4 #define HAVE_TEST_SUITE /* Test suite from RFC 1320 */ @@ -94,10 +73,7 @@ struct md_test_entry md_test_suite[] = { #endif #if MD == 5 -#define MD_CTX krb5_MD5_CTX -#define MDInit krb5int_MD5Init -#define MDUpdate krb5int_MD5Update -#define MDFinal krb5int_MD5Final +#define MDProvider krb5int_hash_md5 #define HAVE_TEST_SUITE /* Test suite from RFC 1321 */ @@ -135,8 +111,6 @@ struct md_test_entry md_test_suite[] = { -sstring - digests string -t - runs time trial -x - runs test script - filename - digests file - (none) - digests standard input */ int main (argc, argv) int argc; @@ -144,36 +118,47 @@ int main (argc, argv) { int i; - if (argc > 1) - for (i = 1; i < argc; i++) - if (argv[i][0] == '-' && argv[i][1] == 's') - MDString (argv[i] + 2); - else if (strcmp (argv[i], "-t") == 0) - MDTimeTrial (); - else if (strcmp (argv[i], "-x") == 0) - MDTestSuite (); - else - MDFile (argv[i]); - else - MDFilter (); - + for (i = 1; i < argc; i++) { + if (argv[i][0] == '-' && argv[i][1] == 's') + MDString (argv[i] + 2); + else if (strcmp (argv[i], "-t") == 0) + MDTimeTrial (); + else if (strcmp (argv[i], "-x") == 0) + MDTestSuite (); + } return (0); } +static void MDHash (bytes, len, count, out) + char *bytes; + size_t len, count; + unsigned char *out; +{ + krb5_crypto_iov *iov; + krb5_data outdata = make_data (out, MDProvider.hashsize); + size_t i; + + iov = malloc (count * sizeof(*iov)); + if (iov == NULL) + abort (); + for (i = 0; i < count; i++) { + iov[i].flags = KRB5_CRYPTO_TYPE_DATA; + iov[i].data = make_data (bytes, len); + } + MDProvider.hash(iov, count, &outdata); + free(iov); +} + /* Digests a string and prints the result. */ static void MDString (string) char *string; { - MD_CTX context; - unsigned int len = strlen (string); - - MDInit (&context); - MDUpdate (&context, (unsigned char *) string, len); - MDFinal (&context); + unsigned char digest[16]; + MDHash (string, strlen(string), 1, digest); printf ("MD%d (\"%s\") = ", MD, string); - MDPrint (context.digest); + MDPrint (digest); printf ("\n"); } @@ -182,9 +167,8 @@ static void MDString (string) */ static void MDTimeTrial () { - MD_CTX context; time_t endTime, startTime; - unsigned char block[TEST_BLOCK_LEN]; + unsigned char block[TEST_BLOCK_LEN], digest[16]; unsigned int i; printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD, @@ -198,17 +182,14 @@ static void MDTimeTrial () time (&startTime); /* Digest blocks */ - MDInit (&context); - for (i = 0; i < TEST_BLOCK_COUNT; i++) - MDUpdate (&context, block, TEST_BLOCK_LEN); - MDFinal (&context); + MDHash ((char *)block, TEST_BLOCK_LEN, TEST_BLOCK_COUNT, digest); /* Stop timer */ time (&endTime); printf (" done\n"); printf ("Digest = "); - MDPrint (context.digest); + MDPrint (digest); printf ("\nTime = %ld seconds\n", (long)(endTime-startTime)); printf ("Speed = %ld bytes/second\n", @@ -220,29 +201,24 @@ static void MDTimeTrial () static void MDTestSuite () { #ifdef HAVE_TEST_SUITE - MD_CTX context; struct md_test_entry *entry; int i, num_tests = 0, num_failed = 0; + unsigned char digest[16]; printf ("MD%d test suite:\n\n", MD); for (entry = md_test_suite; entry->string; entry++) { unsigned int len = strlen (entry->string); - MDInit (&context); - MDUpdate (&context, (unsigned char *) entry->string, len); - MDFinal (&context); + MDHash (entry->string, len, 1, digest); printf ("MD%d (\"%s\") = ", MD, entry->string); - MDPrint (context.digest); + MDPrint (digest); printf ("\n"); - for (i=0; i < 16; i++) { - if (context.digest[i] != entry->digest[i]) { - printf("\tIncorrect MD%d digest! Should have been:\n\t\t ", - MD); - MDPrint(entry->digest); - printf("\n"); - num_failed++; - } + if (memcmp(digest, entry->digest, 16) != 0) { + printf("\tIncorrect MD%d digest! Should have been:\n\t\t ", MD); + MDPrint(entry->digest); + printf("\n"); + num_failed++; } num_tests++; } @@ -269,49 +245,6 @@ static void MDTestSuite () #endif } -/* Digests a file and prints the result. */ - -static void MDFile (filename) - char *filename; -{ - FILE *file; - MD_CTX context; - int len; - unsigned char buffer[1024]; - - if ((file = fopen (filename, "rb")) == NULL) - printf ("%s can't be opened\n", filename); - else { - MDInit (&context); - while ((len = fread (buffer, 1, 1024, file)) != 0) - MDUpdate (&context, buffer, len); - MDFinal (&context); - - fclose (file); - - printf ("MD%d (%s) = ", MD, filename); - MDPrint (context.digest); - printf ("\n"); - } -} - -/* Digests the standard input and prints the result. - */ -static void MDFilter () -{ - MD_CTX context; - int len; - unsigned char buffer[16]; - - MDInit (&context); - while ((len = fread (buffer, 1, 16, stdin)) != 0) - MDUpdate (&context, buffer, len); - MDFinal (&context); - - MDPrint (context.digest); - printf ("\n"); -} - /* Prints a message digest in hexadecimal. */ static void MDPrint (digest) diff --git a/src/lib/crypto/crypto_tests/t_nfold.c b/src/lib/crypto/crypto_tests/t_nfold.c index 25361338f..6a8e7f725 100644 --- a/src/lib/crypto/crypto_tests/t_nfold.c +++ b/src/lib/crypto/crypto_tests/t_nfold.c @@ -35,7 +35,7 @@ #include #include -#include "k5-int.h" +#include "crypto_int.h" #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0])) diff --git a/src/lib/crypto/crypto_tests/vectors.c b/src/lib/crypto/crypto_tests/vectors.c index f984a1788..8e9728765 100644 --- a/src/lib/crypto/crypto_tests/vectors.c +++ b/src/lib/crypto/crypto_tests/vectors.c @@ -37,7 +37,7 @@ #include #include #include -#include "hash_provider.h" +#include "crypto_int.h" #define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0])) diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in index 7eaccb4ff..838f128f9 100644 --- a/src/lib/crypto/krb/Makefile.in +++ b/src/lib/crypto/krb/Makefile.in @@ -1,16 +1,7 @@ mydir=lib$(S)crypto$(S)krb BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS= arcfour checksum crc32 dk prf old raw -LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../$(CRYPTO_IMPL)/enc_provider \ - -I$(srcdir)/dk -I$(srcdir)/../$(CRYPTO_IMPL)/hash_provider \ - -I$(srcdir)/prf -I$(srcdir)/old -I$(srcdir)/raw \ - -I$(srcdir)/../$(CRYPTO_IMPL) \ - -I$(srcdir)/../$(CRYPTO_IMPL)/des \ - -I$(srcdir)/../$(CRYPTO_IMPL)/aes -I$(srcdir)/arcfour \ - -I$(srcdir)/../$(CRYPTO_IMPL)/sha2 \ - -I$(srcdir)/../$(CRYPTO_IMPL)/camellia \ - -I$(srcdir)/../$(CRYPTO_IMPL)/sha1 \ - -I$(srcdir)/../$(CRYPTO_IMPL) +LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../$(CRYPTO_IMPL) RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/crypto/krb/aead.c b/src/lib/crypto/krb/aead.c index 3d9111abb..2bb341cb9 100644 --- a/src/lib/crypto/krb/aead.c +++ b/src/lib/crypto/krb/aead.c @@ -25,11 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "cksumtypes.h" -#include "dk.h" -#include "aead.h" +#include "crypto_int.h" krb5_crypto_iov * krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data, diff --git a/src/lib/crypto/krb/aead.h b/src/lib/crypto/krb/aead.h deleted file mode 100644 index 5cc94f449..000000000 --- a/src/lib/crypto/krb/aead.h +++ /dev/null @@ -1,314 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/aead.h - * - * Copyright 2008, 2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "cksumtypes.h" -#include "etypes.h" - -/* AEAD helpers */ - -krb5_crypto_iov * -krb5int_c_locate_iov(krb5_crypto_iov *data, - size_t num_data, - krb5_cryptotype type); - -#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER) - -#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \ - (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING) - -#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov)) - -#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \ - (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ) - -struct iov_block_state { - size_t iov_pos; /* index into iov array */ - size_t data_pos; /* index into iov contents */ - unsigned int ignore_header : 1; /* have/should we process HEADER */ - unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */ - unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */ -}; - -#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \ - (_state)->data_pos = \ - (_state)->ignore_header = \ - (_state)->include_sign_only = \ - (_state)->pad_to_boundary = 0) - -krb5_error_code -krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage keyusage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -unsigned int -krb5int_c_padding_length(const struct krb5_keytypes *ktp, size_t data_length); - -#ifdef DEBUG_IOV -static inline void -dump_block(const char *tag, - size_t i, - size_t j, - unsigned char *block, - size_t block_size) -{ - size_t k; - - printf("[%s: %lu.%lu] ", tag, i, j); - - for (k = 0; k < block_size; k++) - printf("%02x ", block[k] & 0xFF); - - printf("\n"); -} -#endif - -static inline int -process_block_p(const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - size_t i) -{ - const krb5_crypto_iov *iov = &data[i]; - int process_block; - - switch (iov->flags) { - case KRB5_CRYPTO_TYPE_SIGN_ONLY: - process_block = iov_state->include_sign_only; - break; - case KRB5_CRYPTO_TYPE_PADDING: - process_block = (iov_state->pad_to_boundary == 0); - break; - case KRB5_CRYPTO_TYPE_HEADER: - process_block = (iov_state->ignore_header == 0); - break; - case KRB5_CRYPTO_TYPE_DATA: - process_block = 1; - break; - default: - process_block = 0; - break; - } - - return process_block; -} - -/* - * Returns TRUE if, having reached the end of the current buffer, - * we should pad the rest of the block with zeros. - */ -static inline int -pad_to_boundary_p(const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - size_t i, - size_t j) -{ - /* If the pad_to_boundary flag is unset, return FALSE */ - if (iov_state->pad_to_boundary == 0) - return 0; - - /* If we haven't got any data, we need to get some */ - if (j == 0) - return 0; - - /* No boundary between adjacent buffers marked for processing */ - if (data[iov_state->iov_pos].flags == data[i].flags) - return 0; - - return 1; -} - -/* - * Retrieve a block from the IOV. If p is non-NULL and the next block is - * completely contained within the current buffer, then *p will contain an - * alias into the buffer; otherwise, a copy will be made into storage. - * - * After calling this function, encrypt the returned block and then call - * krb5int_c_iov_put_block_nocopy() (with a separate output cursor). If - * p was non-NULL on the call to get_block(), then pass that pointer in. - */ -static inline krb5_boolean -krb5int_c_iov_get_block_nocopy(unsigned char *storage, - size_t block_size, - const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - unsigned char **p) -{ - size_t i, j = 0; - - if (p != NULL) - *p = storage; - - for (i = iov_state->iov_pos; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - size_t nbytes; - - if (!process_block_p(data, num_data, iov_state, i)) - continue; - - if (pad_to_boundary_p(data, num_data, iov_state, i, j)) - break; - - iov_state->iov_pos = i; - - nbytes = iov->data.length - iov_state->data_pos; - if (nbytes > block_size - j) - nbytes = block_size - j; - - /* - * If we can return a pointer into a complete block, then do so. - */ - if (p != NULL && j == 0 && nbytes == block_size) { - *p = (unsigned char *)iov->data.data + iov_state->data_pos; - } else { - memcpy(storage + j, iov->data.data + iov_state->data_pos, nbytes); - } - - iov_state->data_pos += nbytes; - j += nbytes; - - assert(j <= block_size); - - if (j == block_size) - break; - - assert(iov_state->data_pos == iov->data.length); - - iov_state->data_pos = 0; - } - - iov_state->iov_pos = i; - - if (j == 0) - return FALSE; - else if (j != block_size) - memset(storage + j, 0, block_size - j); - -#ifdef DEBUG_IOV - dump_block("get_block", i, j, (p && *p) ? *p : storage, block_size); -#endif - - return TRUE; -} - -/* - * Store a block retrieved with krb5int_c_iov_get_block_no_copy if - * necessary, and advance the output cursor. - */ -static inline krb5_boolean -krb5int_c_iov_put_block_nocopy(const krb5_crypto_iov *data, - size_t num_data, - unsigned char *storage, - size_t block_size, - struct iov_block_state *iov_state, - unsigned char *p) -{ - size_t i, j = 0; - - assert(p != NULL); - - for (i = iov_state->iov_pos; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - size_t nbytes; - - if (!process_block_p(data, num_data, iov_state, i)) - continue; - - if (pad_to_boundary_p(data, num_data, iov_state, i, j)) - break; - - iov_state->iov_pos = i; - - nbytes = iov->data.length - iov_state->data_pos; - if (nbytes > block_size - j) - nbytes = block_size - j; - - /* - * If we had previously returned a pointer into a complete block, - * then no action is required. - */ - if (p == storage) { - memcpy(iov->data.data + iov_state->data_pos, storage + j, nbytes); - } else { - /* Ensure correctly paired with a call to get_block_nocopy(). */ - assert(j == 0); - assert(nbytes == 0 || nbytes == block_size); - } - - iov_state->data_pos += nbytes; - j += nbytes; - - assert(j <= block_size); - - if (j == block_size) - break; - - assert(iov_state->data_pos == iov->data.length); - - iov_state->data_pos = 0; - } - - iov_state->iov_pos = i; - -#ifdef DEBUG_IOV - dump_block("put_block", i, j, p, block_size); -#endif - - return (iov_state->iov_pos < num_data); -} - -/* - * A wrapper for krb5int_c_iov_get_block_nocopy() that always makes - * a copy. - */ -static inline krb5_boolean -krb5int_c_iov_get_block(unsigned char *block, - size_t block_size, - const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state) -{ - return krb5int_c_iov_get_block_nocopy(block, block_size, data, num_data, - iov_state, NULL); -} - -/* - * A wrapper for krb5int_c_iov_put_block_nocopy() that always copies - * the block. - */ -static inline krb5_boolean -krb5int_c_iov_put_block(const krb5_crypto_iov *data, - size_t num_data, - unsigned char *block, - size_t block_size, - struct iov_block_state *iov_state) -{ - return krb5int_c_iov_put_block_nocopy(data, num_data, block, block_size, - iov_state, block); -} diff --git a/src/lib/crypto/krb/arcfour/Makefile.in b/src/lib/crypto/krb/arcfour/Makefile.in index ce2912884..6f217d6f6 100644 --- a/src/lib/crypto/krb/arcfour/Makefile.in +++ b/src/lib/crypto/krb/arcfour/Makefile.in @@ -1,7 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)arcfour BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) \ - -I$(srcdir)/../../$(CRYPTO_IMPL)/hash_provider +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/arcfour/arcfour.c b/src/lib/crypto/krb/arcfour/arcfour.c index 4793cc38d..265e3c1d0 100644 --- a/src/lib/crypto/krb/arcfour/arcfour.c +++ b/src/lib/crypto/krb/arcfour/arcfour.c @@ -7,10 +7,7 @@ of RSA Data Security) */ -#include "k5-int.h" -#include "arcfour.h" -#include "aead.h" -#include "hash_provider/hash_provider.h" +#include "crypto_int.h" #define CONFOUNDERLENGTH 8 diff --git a/src/lib/crypto/krb/arcfour/arcfour.h b/src/lib/crypto/krb/arcfour/arcfour.h deleted file mode 100644 index 34cbcc0f3..000000000 --- a/src/lib/crypto/krb/arcfour/arcfour.h +++ /dev/null @@ -1,34 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#ifndef ARCFOUR_H -#define ARCFOUR_H - -#include "etypes.h" - -krb5_keyusage -krb5int_arcfour_translate_usage(krb5_keyusage usage); - -unsigned int -krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -extern krb5_error_code -krb5int_arcfour_string_to_key( - const struct krb5_keytypes *, - const krb5_data *, - const krb5_data *, - const krb5_data *, - krb5_keyblock *); - -extern const struct krb5_enc_provider krb5int_enc_arcfour; - -#endif /* ARCFOUR_H */ diff --git a/src/lib/crypto/krb/arcfour/arcfour_s2k.c b/src/lib/crypto/krb/arcfour/arcfour_s2k.c index 5dc75332b..49ad89d32 100644 --- a/src/lib/crypto/krb/arcfour/arcfour_s2k.c +++ b/src/lib/crypto/krb/arcfour/arcfour_s2k.c @@ -1,8 +1,6 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include "k5-int.h" +#include "crypto_int.h" #include "k5-utf8.h" -#include "hash_provider.h" -#include "arcfour.h" krb5_error_code krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/arcfour/deps b/src/lib/crypto/krb/arcfour/deps index 2bfa78931..b430d941f 100644 --- a/src/lib/crypto/krb/arcfour/deps +++ b/src/lib/crypto/krb/arcfour/deps @@ -3,21 +3,23 @@ # arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - arcfour.c arcfour.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h arcfour.c arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -25,4 +27,4 @@ arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h arcfour.h arcfour_s2k.c + $(top_srcdir)/include/socket-utils.h arcfour_s2k.c diff --git a/src/lib/crypto/krb/block_size.c b/src/lib/crypto/krb/block_size.c index 7d65a5ae3..d50c94469 100644 --- a/src/lib/crypto/krb/block_size.c +++ b/src/lib/crypto/krb/block_size.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_block_size(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/cf2.c b/src/lib/crypto/krb/cf2.c index 6e7ecdc3d..029916144 100644 --- a/src/lib/crypto/krb/cf2.c +++ b/src/lib/crypto/krb/cf2.c @@ -31,10 +31,7 @@ *pepper strings as input and return a combined key. */ -#include -#include -#include "etypes.h" - +#include "crypto_int.h" /* * Call the PRF function multiple times with the pepper prefixed with diff --git a/src/lib/crypto/krb/checksum/Makefile.in b/src/lib/crypto/krb/checksum/Makefile.in index 2d4148168..9948f3eba 100644 --- a/src/lib/crypto/krb/checksum/Makefile.in +++ b/src/lib/crypto/krb/checksum/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)checksum BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../arcfour +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/checksum/cbc.c b/src/lib/crypto/krb/checksum/cbc.c index 6beadf894..3a8c0bc62 100644 --- a/src/lib/crypto/krb/checksum/cbc.c +++ b/src/lib/crypto/krb/checksum/cbc.c @@ -28,8 +28,7 @@ * input. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, diff --git a/src/lib/crypto/krb/checksum/cmac.c b/src/lib/crypto/krb/checksum/cmac.c index ec4d65ff6..3e9dfb14b 100644 --- a/src/lib/crypto/krb/checksum/cmac.c +++ b/src/lib/crypto/krb/checksum/cmac.c @@ -39,11 +39,7 @@ * WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" -#include "etypes.h" -#include "cksumtypes.h" +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/krb/checksum/confounder.c b/src/lib/crypto/krb/checksum/confounder.c index d74ad380f..7006043b8 100644 --- a/src/lib/crypto/krb/checksum/confounder.c +++ b/src/lib/crypto/krb/checksum/confounder.c @@ -29,8 +29,7 @@ * where xorkey is the key XOR'd with 0xf0 bytes. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" /* Derive a key by XOR with 0xF0 bytes. */ static krb5_error_code diff --git a/src/lib/crypto/krb/checksum/deps b/src/lib/crypto/krb/checksum/deps index 99cea9c8a..c755d258d 100644 --- a/src/lib/crypto/krb/checksum/deps +++ b/src/lib/crypto/krb/checksum/deps @@ -3,32 +3,22 @@ # cbc.so cbc.po $(OUTPRE)cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cbc.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cbc.c cmac.so cmac.po $(OUTPRE)cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cmac.c -confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -36,12 +26,13 @@ confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h confounder.c -hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ + $(top_srcdir)/include/socket-utils.h cmac.c +confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../arcfour/arcfour.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -49,11 +40,13 @@ hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - hmac_md5.c -unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + confounder.c +hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -61,4 +54,17 @@ unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - unkeyed.c + hmac_md5.c +unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h unkeyed.c diff --git a/src/lib/crypto/krb/checksum/hmac_md5.c b/src/lib/crypto/krb/checksum/hmac_md5.c index 521ecaedd..4d0010a72 100644 --- a/src/lib/crypto/krb/checksum/hmac_md5.c +++ b/src/lib/crypto/krb/checksum/hmac_md5.c @@ -30,9 +30,7 @@ * MD5-HMAC. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "arcfour.h" +#include "crypto_int.h" krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, krb5_key key, krb5_keyusage usage, diff --git a/src/lib/crypto/krb/checksum/unkeyed.c b/src/lib/crypto/krb/checksum/unkeyed.c index fddd676d5..cdbc492fa 100644 --- a/src/lib/crypto/krb/checksum/unkeyed.c +++ b/src/lib/crypto/krb/checksum/unkeyed.c @@ -27,8 +27,7 @@ * Unkeyed hash checksum implementation. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, diff --git a/src/lib/crypto/krb/checksum_length.c b/src/lib/crypto/krb/checksum_length.c index 2e869cb80..d4071e104 100644 --- a/src/lib/crypto/krb/checksum_length.c +++ b/src/lib/crypto/krb/checksum_length.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, diff --git a/src/lib/crypto/krb/cksumtype_to_string.c b/src/lib/crypto/krb/cksumtype_to_string.c index 1c084e6a2..758940a18 100644 --- a/src/lib/crypto/krb/cksumtype_to_string.c +++ b/src/lib/crypto/krb/cksumtype_to_string.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen) diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c index a8b1c8729..fd95057c4 100644 --- a/src/lib/crypto/krb/cksumtypes.c +++ b/src/lib/crypto/krb/cksumtypes.c @@ -25,11 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "hash_provider.h" -#include "dk.h" -#include "cksumtypes.h" +#include "crypto_int.h" const struct krb5_cksumtypes krb5int_cksumtypes_list[] = { { CKSUMTYPE_CRC32, diff --git a/src/lib/crypto/krb/cksumtypes.h b/src/lib/crypto/krb/cksumtypes.h deleted file mode 100644 index c5eb493f2..000000000 --- a/src/lib/crypto/krb/cksumtypes.h +++ /dev/null @@ -1,147 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef CKSUMTYPES_H -#define CKSUMTYPES_H -#include "k5-int.h" -#include "etypes.h" - -struct krb5_cksumtypes; - -/* - * Compute a checksum over the header, data, padding, and sign-only fields of - * the iov array data (of size num_data). The output buffer will already be - * allocated with ctp->compute_size bytes available; the handler just needs to - * fill in the contents. If ctp->enc is not NULL, the handler can assume that - * key is a valid-length key of an enctype which uses that enc provider. - */ -typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -/* - * Verify a checksum over the header, data, padding, and sign-only fields of - * the iov array data (of size num_data), and store the boolean result in - * *valid. The handler can assume that hash has length ctp->output_size. If - * ctp->enc is not NULL, the handler can assume that key a valid-length key of - * an enctype which uses that enc provider. - */ -typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - const krb5_data *input, - krb5_boolean *valid); - -struct krb5_cksumtypes { - krb5_cksumtype ctype; - char *name; - char *aliases[2]; - char *out_string; - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - checksum_func checksum; - verify_func verify; /* NULL means recompute checksum and compare */ - unsigned int compute_size; /* Allocation size for checksum computation */ - unsigned int output_size; /* Possibly truncated output size */ - krb5_flags flags; -}; - -#define CKSUM_UNKEYED 0x0001 -#define CKSUM_NOT_COLL_PROOF 0x0002 - -extern const struct krb5_cksumtypes krb5int_cksumtypes_list[]; -extern const size_t krb5int_cksumtypes_length; - -krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc, - krb5_key key, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - const krb5_data *input, - krb5_boolean *valid); - -static inline const struct krb5_cksumtypes * -find_cksumtype(krb5_cksumtype ctype) -{ - size_t i; - - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == ctype) - break; - } - - if (i == krb5int_cksumtypes_length) - return NULL; - return &krb5int_cksumtypes_list[i]; -} - -static inline krb5_error_code -verify_key(const struct krb5_cksumtypes *ctp, krb5_key key) -{ - const struct krb5_keytypes *ktp; - - ktp = key ? find_enctype(key->keyblock.enctype) : NULL; - if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc)) - return KRB5_BAD_ENCTYPE; - if (key && (!ktp || key->keyblock.length != ktp->enc->keylength)) - return KRB5_BAD_KEYSIZE; - return 0; -} - -#endif diff --git a/src/lib/crypto/krb/coll_proof_cksum.c b/src/lib/crypto/krb/coll_proof_cksum.c index bc13ba489..13cb182ae 100644 --- a/src/lib/crypto/krb/coll_proof_cksum.c +++ b/src/lib/crypto/krb/coll_proof_cksum.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype) diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c index 979281d4a..d70e16f2a 100644 --- a/src/lib/crypto/krb/combine_keys.c +++ b/src/lib/crypto/krb/combine_keys.c @@ -43,9 +43,7 @@ * ASCII encoding of the string "combine" */ -#include "k5-int.h" -#include "etypes.h" -#include "dk.h" +#include "crypto_int.h" static krb5_error_code dr(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, unsigned char *outdata, diff --git a/src/lib/crypto/krb/crc32/Makefile.in b/src/lib/crypto/krb/crc32/Makefile.in index 5360339e7..2f117bf61 100644 --- a/src/lib/crypto/krb/crc32/Makefile.in +++ b/src/lib/crypto/krb/crc32/Makefile.in @@ -1,6 +1,7 @@ mydir=lib$(S)crypto$(S)krb$(S)crc32 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR = krb\crc32 diff --git a/src/lib/crypto/krb/crc32/crc-32.h b/src/lib/crypto/krb/crc32/crc-32.h deleted file mode 100644 index 08fce6dc7..000000000 --- a/src/lib/crypto/krb/crc32/crc-32.h +++ /dev/null @@ -1,67 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * include/krb5/crc-32.h - * - * Copyright 1989,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Definitions for the CRC-32 checksum - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - - -#ifndef KRB5_CRC32__ -#define KRB5_CRC32__ - -#define CRC32_CKSUM_LENGTH 4 - -/* c is in-out to allow chaining; initialize to 0. */ -void -mit_crc32 (krb5_pointer in, size_t in_length, unsigned long *c); - -#endif /* KRB5_CRC32__ */ diff --git a/src/lib/crypto/krb/crc32/crc32.c b/src/lib/crypto/krb/crc32/crc32.c index 659e61199..39e3e3487 100644 --- a/src/lib/crypto/krb/crc32/crc32.c +++ b/src/lib/crypto/krb/crc32/crc32.c @@ -28,8 +28,7 @@ * CRC-32/AUTODIN-II routines */ -#include "k5-int.h" -#include "crc-32.h" +#include "crypto_int.h" /* This table and block of comments are taken from code labeled: */ /* diff --git a/src/lib/crypto/krb/crc32/deps b/src/lib/crypto/krb/crc32/deps index d77b5cf36..320556649 100644 --- a/src/lib/crypto/krb/crc32/deps +++ b/src/lib/crypto/krb/crc32/deps @@ -3,12 +3,14 @@ # crc32.so crc32.po $(OUTPRE)crc32.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - crc-32.h crc32.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crc32.c diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h new file mode 100644 index 000000000..6d05095e2 --- /dev/null +++ b/src/lib/crypto/krb/crypto_int.h @@ -0,0 +1,832 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/krb/crypto_int.h - Master libk5crypto internal header */ +/* + * Copyright (C) 2011 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* This header is the entry point for libk5crypto sources, and also documents + * requirements for crypto modules and PRNG modules. */ + +#ifndef CRYPTO_INT_H +#define CRYPTO_INT_H + +#include + +/* Enc providers and hash providers specify well-known ciphers and hashes to be + * implemented by the crypto module. */ + +struct krb5_enc_provider { + /* keybytes is the input size to make_key; + keylength is the output size */ + size_t block_size, keybytes, keylength; + + krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data); + + krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data); + + /* May be NULL if the cipher is not used for a cbc-mac checksum. */ + krb5_error_code (*cbc_mac)(krb5_key key, const krb5_crypto_iov *data, + size_t num_data, const krb5_data *ivec, + krb5_data *output); + + krb5_error_code (*init_state)(const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *out_state); + krb5_error_code (*free_state)(krb5_data *state); + + /* May be NULL if there is no key-derived data cached. */ + void (*key_cleanup)(krb5_key key); +}; + +struct krb5_hash_provider { + char hash_name[8]; + size_t hashsize, blocksize; + + krb5_error_code (*hash)(const krb5_crypto_iov *data, size_t num_data, + krb5_data *output); +}; + +/*** RFC 3961 enctypes table ***/ + +#define MAX_ETYPE_ALIASES 2 + +struct krb5_keytypes; + +typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + +typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage keyusage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); + +typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *parm, + krb5_keyblock *key); + +typedef krb5_error_code (*rand2key_func)(const krb5_data *randombits, + krb5_keyblock *key); + +typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp, + krb5_key key, + const krb5_data *in, krb5_data *out); + +typedef krb5_error_code (*init_state_func)(const struct krb5_keytypes *ktp, + const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *out_state); + +typedef void (*free_state_func)(const struct krb5_keytypes *ktp, + krb5_data *state); + +struct krb5_keytypes { + krb5_enctype etype; + char *name; + char *aliases[MAX_ETYPE_ALIASES]; + char *out_string; + const struct krb5_enc_provider *enc; + const struct krb5_hash_provider *hash; + size_t prf_length; + crypto_length_func crypto_length; + crypt_func encrypt; + crypt_func decrypt; + str2key_func str2key; + rand2key_func rand2key; + prf_func prf; + init_state_func init_state; + free_state_func free_state; + krb5_cksumtype required_ctype; + krb5_flags flags; +}; + +#define ETYPE_WEAK 1 + +extern const struct krb5_keytypes krb5int_enctypes_list[]; +extern const int krb5int_enctypes_length; + +/*** RFC 3961 checksum types table ***/ + +struct krb5_cksumtypes; + +/* + * Compute a checksum over the header, data, padding, and sign-only fields of + * the iov array data (of size num_data). The output buffer will already be + * allocated with ctp->compute_size bytes available; the handler just needs to + * fill in the contents. If ctp->enc is not NULL, the handler can assume that + * key is a valid-length key of an enctype which uses that enc provider. + */ +typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +/* + * Verify a checksum over the header, data, padding, and sign-only fields of + * the iov array data (of size num_data), and store the boolean result in + * *valid. The handler can assume that hash has length ctp->output_size. If + * ctp->enc is not NULL, the handler can assume that key a valid-length key of + * an enctype which uses that enc provider. + */ +typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid); + +struct krb5_cksumtypes { + krb5_cksumtype ctype; + char *name; + char *aliases[2]; + char *out_string; + const struct krb5_enc_provider *enc; + const struct krb5_hash_provider *hash; + checksum_func checksum; + verify_func verify; /* NULL means recompute checksum and compare */ + unsigned int compute_size; /* Allocation size for checksum computation */ + unsigned int output_size; /* Possibly truncated output size */ + krb5_flags flags; +}; + +#define CKSUM_UNKEYED 0x0001 +#define CKSUM_NOT_COLL_PROOF 0x0002 + +extern const struct krb5_cksumtypes krb5int_cksumtypes_list[]; +extern const size_t krb5int_cksumtypes_length; + +/*** Prototypes for enctype table functions ***/ + +/* Length */ +unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + +/* Encrypt */ +krb5_error_code krb5int_old_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_raw_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); +krb5_error_code krb5int_dk_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); + +/* Decrypt */ +krb5_error_code krb5int_old_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_raw_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); +krb5_error_code krb5int_dk_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); + +/* String to key */ +krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_dk_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_aes_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_camellia_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); + +/* Random to key */ +krb5_error_code k5_rand2key_direct(const krb5_data *randombits, + krb5_keyblock *keyblock); +krb5_error_code k5_rand2key_des(const krb5_data *randombits, + krb5_keyblock *keyblock); +krb5_error_code k5_rand2key_des3(const krb5_data *randombits, + krb5_keyblock *keyblock); + +/* Pseudo-random function */ +krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp, + krb5_key key, const krb5_data *in, + krb5_data *out); +krb5_error_code krb5int_arcfour_prf(const struct krb5_keytypes *ktp, + krb5_key key, const krb5_data *in, + krb5_data *out); +krb5_error_code krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out); +krb5_error_code krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp, + krb5_key key, const krb5_data *in, + krb5_data *out); + +/* State initialization/cleanup handlers */ +krb5_error_code krb5int_init_state_enc(const struct krb5_keytypes *ktp, + const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *out_state); +void krb5int_free_state_enc(const struct krb5_keytypes *ktp, + krb5_data *state); + +/*** Prototypes for cksumtype handler functions ***/ + +krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); +krb5_error_code krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); +krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid); + +/*** Key derivation functions ***/ + +enum deriv_alg { + DERIVE_RFC3961, /* RFC 3961 section 5.1 */ +#ifdef CAMELLIA + DERIVE_SP800_108_CMAC /* NIST SP 800-108 with CMAC as PRF */ +#endif +}; + +krb5_error_code krb5int_derive_keyblock(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_keyblock *outkey, + const krb5_data *in_constant, + enum deriv_alg alg); +krb5_error_code krb5int_derive_key(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_key *outkey, + const krb5_data *in_constant, + enum deriv_alg alg); +krb5_error_code krb5int_derive_random(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_data *outrnd, + const krb5_data *in_constant, + enum deriv_alg alg); + +/*** Miscellaneous prototypes ***/ + +/* nfold algorithm from RFC 3961 */ +void krb5int_nfold(unsigned int inbits, const unsigned char *in, + unsigned int outbits, unsigned char *out); + +/* Compute a CMAC checksum over data. */ +krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc, + krb5_key key, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +/* Compute a CRC-32 checksum. c is in-out to allow chaining; init to 0. */ +#define CRC32_CKSUM_LENGTH 4 +void mit_crc32(krb5_pointer in, size_t in_length, unsigned long *c); + +/* Translate an RFC 3961 key usage to a Microsoft RC4 usage. */ +krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); + +/* Ensure library initialization has occurred. */ +int krb5int_crypto_init(void); + +/* DES default state initialization handler (used by module enc providers). */ +krb5_error_code krb5int_des_init_state(const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *new_state); + +/* Default state cleanup handler (used by module enc providers). */ +krb5_error_code krb5int_default_free_state(krb5_data *state); + +/*** Input/output vector processing declarations **/ + +#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER) + +#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \ + (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING) + +#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov)) + +#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \ + (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ) + +struct iov_block_state { + size_t iov_pos; /* index into iov array */ + size_t data_pos; /* index into iov contents */ + unsigned int ignore_header : 1; /* have/should we process HEADER */ + unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */ + unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */ +}; + +#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \ + (_state)->data_pos = \ + (_state)->ignore_header = \ + (_state)->include_sign_only = \ + (_state)->pad_to_boundary = 0) + +krb5_crypto_iov *krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data, + krb5_cryptotype type); + +krb5_error_code krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, + krb5_key key, + krb5_keyusage keyusage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); + +unsigned int krb5int_c_padding_length(const struct krb5_keytypes *ktp, + size_t data_length); + +/*** Crypto module declarations ***/ + +/* Modules must implement the following enc_providers and hash_providers: */ +extern const struct krb5_enc_provider krb5int_enc_des; +extern const struct krb5_enc_provider krb5int_enc_des3; +extern const struct krb5_enc_provider krb5int_enc_arcfour; +extern const struct krb5_enc_provider krb5int_enc_aes128; +extern const struct krb5_enc_provider krb5int_enc_aes256; +extern const struct krb5_enc_provider krb5int_enc_aes128_ctr; +extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; +#ifdef CAMELLIA +extern const struct krb5_enc_provider krb5int_enc_camellia128; +extern const struct krb5_enc_provider krb5int_enc_camellia256; +#endif + +extern const struct krb5_hash_provider krb5int_hash_crc32; +extern const struct krb5_hash_provider krb5int_hash_md4; +extern const struct krb5_hash_provider krb5int_hash_md5; +extern const struct krb5_hash_provider krb5int_hash_sha1; + +/* Modules must implement the following functions. */ + +/* Set the parity bits in a DES key. */ +void mit_des_fixup_key_parity(unsigned char *key); + +/* Convert a password to a DES key (see RFC 3961). */ +krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, + const krb5_data *password, + const krb5_data *salt); +krb5_error_code mit_des_string_to_key_int(krb5_keyblock *key, + const krb5_data *password, + const krb5_data *salt); + +/* Compute an HMAC using the provided hash function, key, and data, storing the + * result into output (caller-allocated). */ +krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, + krb5_key key, const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); + +/* As above, using a keyblock as the key input. */ +krb5_error_code krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, + const krb5_keyblock *keyblock, + const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); + +/* + * Compute the PBKDF2 (see RFC 2898) of password and salt, with the specified + * count, using HMAC-SHA-1 as the pseudorandom function, storing the result + * into out (caller-allocated). + */ +krb5_error_code krb5int_pbkdf2_hmac_sha1(const krb5_data *out, + unsigned long count, + const krb5_data *password, + const krb5_data *salt); + +/* The following are used by test programs and are just handler functions from + * the AES and Camellia enc providers. Define a stub krb5int_camellia_cbc_mac + * even if CAMELLIA isn't defined, since it's in the export list. */ +krb5_error_code krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_camellia_cbc_mac(krb5_key key, + const krb5_crypto_iov *data, + size_t num_data, const krb5_data *iv, + krb5_data *output); + +/* These can be used to safely set up and tear down module global state. */ +int krb5int_crypto_impl_init(void); +void krb5int_crypto_impl_cleanup(void); + +/* + * Modules must provide a crypto_mod.h header at the top level. To work with + * the default PRNG module (prng_fortuna.c), crypto_mod.h must #define or + * prototype the following symbols: + * + * aes_ctx - Stack-allocatable type for an AES-128 or AES-256 key schedule + * krb5int_aes_enc_key(key, keybits, ctxptr) -- initialize a key schedule + * krb5int_aes_enc_blk(in, out, ctxptr) -- encrypt a block + * SHA256_CTX - Stack-allocatable type for a SHA-256 hash state + * k5_sha256_init(ctxptr) - Initialize a hash state + * k5_sha256_update(ctxptr, data, size) -- Hash some data + * k5_sha256_final(ctxptr, out) -- Finalize a state, writing hash into out + * + * These functions must never fail on valid inputs, and contexts must remain + * valid across forks. If the module cannot meet those constraints, then it + * should provide its own PRNG module and the build system should ensure that + * it is used; for an example, see how nss uses prng_nss. + * + * The function symbols named above are also in the library export list (so + * they can be used by the t_fortuna.c test code), so even if the module + * defines them away or doesn't work with Fortuna, the module must provide + * stubs; see stubs.c in the openssl or nss modules for examples. + */ + +#include + +/*** PRNG module declarations ***/ + +/* + * PRNG modules must implement the following APIs from krb5.h: + * krb5_c_random_add_entropy + * krb5_c_random_make_octets + * + * PRNG modules should implement these functions. They are called from the + * crypto library init and cleanup functions, and can be used to setup and tear + * down static state without thread safety concerns. + */ +int k5_prng_init(void); +void k5_prng_cleanup(void); + +/* Used by PRNG modules to gather OS entropy. Returns true on success. */ +krb5_boolean k5_get_os_entropy(unsigned char *buf, size_t len); + +/*** Inline helper functions ***/ + +/* Find an enctype by number in the enctypes table. */ +static inline const struct krb5_keytypes * +find_enctype(krb5_enctype enctype) +{ + int i; + + for (i = 0; i < krb5int_enctypes_length; i++) { + if (krb5int_enctypes_list[i].etype == enctype) + break; + } + + if (i == krb5int_enctypes_length) + return NULL; + return &krb5int_enctypes_list[i]; +} + +/* Find a checksum type by number in the cksumtypes table. */ +static inline const struct krb5_cksumtypes * +find_cksumtype(krb5_cksumtype ctype) +{ + size_t i; + + for (i = 0; i < krb5int_cksumtypes_length; i++) { + if (krb5int_cksumtypes_list[i].ctype == ctype) + break; + } + + if (i == krb5int_cksumtypes_length) + return NULL; + return &krb5int_cksumtypes_list[i]; +} + +/* Verify that a key is appropriate for a checksum type. */ +static inline krb5_error_code +verify_key(const struct krb5_cksumtypes *ctp, krb5_key key) +{ + const struct krb5_keytypes *ktp; + + ktp = key ? find_enctype(key->keyblock.enctype) : NULL; + if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc)) + return KRB5_BAD_ENCTYPE; + if (key && (!ktp || key->keyblock.length != ktp->enc->keylength)) + return KRB5_BAD_KEYSIZE; + return 0; +} + +/* Encrypt one block of plaintext in place, for block ciphers. */ +static inline krb5_error_code +encrypt_block(const struct krb5_enc_provider *enc, krb5_key key, + krb5_data *block) +{ + krb5_crypto_iov iov; + + /* Verify that this is a block cipher and block is the right length. */ + if (block->length != enc->block_size || enc->block_size == 1) + return EINVAL; + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *block; + if (enc->cbc_mac != NULL) /* One-block cbc-mac with no ivec. */ + return enc->cbc_mac(key, &iov, 1, NULL, block); + else /* Assume cbc-mode encrypt. */ + return enc->encrypt(key, 0, &iov, 1); +} + +/* Decide whether to process an IOV block. */ +static inline int +process_block_p(const krb5_crypto_iov *data, size_t num_data, + struct iov_block_state *iov_state, size_t i) +{ + const krb5_crypto_iov *iov = &data[i]; + int process_block; + + switch (iov->flags) { + case KRB5_CRYPTO_TYPE_SIGN_ONLY: + process_block = iov_state->include_sign_only; + break; + case KRB5_CRYPTO_TYPE_PADDING: + process_block = (iov_state->pad_to_boundary == 0); + break; + case KRB5_CRYPTO_TYPE_HEADER: + process_block = (iov_state->ignore_header == 0); + break; + case KRB5_CRYPTO_TYPE_DATA: + process_block = 1; + break; + default: + process_block = 0; + break; + } + + return process_block; +} + +/* + * Returns TRUE if, having reached the end of the current buffer, + * we should pad the rest of the block with zeros. + */ +static inline int +pad_to_boundary_p(const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state, + size_t i, + size_t j) +{ + /* If the pad_to_boundary flag is unset, return FALSE */ + if (iov_state->pad_to_boundary == 0) + return 0; + + /* If we haven't got any data, we need to get some */ + if (j == 0) + return 0; + + /* No boundary between adjacent buffers marked for processing */ + if (data[iov_state->iov_pos].flags == data[i].flags) + return 0; + + return 1; +} + +/* + * Retrieve a block from the IOV. If p is non-NULL and the next block is + * completely contained within the current buffer, then *p will contain an + * alias into the buffer; otherwise, a copy will be made into storage. + * + * After calling this function, encrypt the returned block and then call + * krb5int_c_iov_put_block_nocopy() (with a separate output cursor). If + * p was non-NULL on the call to get_block(), then pass that pointer in. + */ +static inline krb5_boolean +krb5int_c_iov_get_block_nocopy(unsigned char *storage, + size_t block_size, + const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state, + unsigned char **p) +{ + size_t i, j = 0; + + if (p != NULL) + *p = storage; + + for (i = iov_state->iov_pos; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + size_t nbytes; + + if (!process_block_p(data, num_data, iov_state, i)) + continue; + + if (pad_to_boundary_p(data, num_data, iov_state, i, j)) + break; + + iov_state->iov_pos = i; + + nbytes = iov->data.length - iov_state->data_pos; + if (nbytes > block_size - j) + nbytes = block_size - j; + + /* + * If we can return a pointer into a complete block, then do so. + */ + if (p != NULL && j == 0 && nbytes == block_size) { + *p = (unsigned char *)iov->data.data + iov_state->data_pos; + } else { + memcpy(storage + j, iov->data.data + iov_state->data_pos, nbytes); + } + + iov_state->data_pos += nbytes; + j += nbytes; + + assert(j <= block_size); + + if (j == block_size) + break; + + assert(iov_state->data_pos == iov->data.length); + + iov_state->data_pos = 0; + } + + iov_state->iov_pos = i; + + if (j == 0) + return FALSE; + else if (j != block_size) + memset(storage + j, 0, block_size - j); + + return TRUE; +} + +/* + * Store a block retrieved with krb5int_c_iov_get_block_no_copy if + * necessary, and advance the output cursor. + */ +static inline krb5_boolean +krb5int_c_iov_put_block_nocopy(const krb5_crypto_iov *data, + size_t num_data, + unsigned char *storage, + size_t block_size, + struct iov_block_state *iov_state, + unsigned char *p) +{ + size_t i, j = 0; + + assert(p != NULL); + + for (i = iov_state->iov_pos; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + size_t nbytes; + + if (!process_block_p(data, num_data, iov_state, i)) + continue; + + if (pad_to_boundary_p(data, num_data, iov_state, i, j)) + break; + + iov_state->iov_pos = i; + + nbytes = iov->data.length - iov_state->data_pos; + if (nbytes > block_size - j) + nbytes = block_size - j; + + /* + * If we had previously returned a pointer into a complete block, + * then no action is required. + */ + if (p == storage) { + memcpy(iov->data.data + iov_state->data_pos, storage + j, nbytes); + } else { + /* Ensure correctly paired with a call to get_block_nocopy(). */ + assert(j == 0); + assert(nbytes == 0 || nbytes == block_size); + } + + iov_state->data_pos += nbytes; + j += nbytes; + + assert(j <= block_size); + + if (j == block_size) + break; + + assert(iov_state->data_pos == iov->data.length); + + iov_state->data_pos = 0; + } + + iov_state->iov_pos = i; + +#ifdef DEBUG_IOV + dump_block("put_block", i, j, p, block_size); +#endif + + return (iov_state->iov_pos < num_data); +} + +/* + * A wrapper for krb5int_c_iov_get_block_nocopy() that always makes + * a copy. + */ +static inline krb5_boolean +krb5int_c_iov_get_block(unsigned char *block, + size_t block_size, + const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state) +{ + return krb5int_c_iov_get_block_nocopy(block, block_size, data, num_data, + iov_state, NULL); +} + +/* + * A wrapper for krb5int_c_iov_put_block_nocopy() that always copies + * the block. + */ +static inline krb5_boolean +krb5int_c_iov_put_block(const krb5_crypto_iov *data, + size_t num_data, + unsigned char *block, + size_t block_size, + struct iov_block_state *iov_state) +{ + return krb5int_c_iov_put_block_nocopy(data, num_data, block, block_size, + iov_state, block); +} + +#endif /* CRYPTO_INT_H */ diff --git a/src/lib/crypto/krb/crypto_length.c b/src/lib/crypto/krb/crypto_length.c index 3b0a9ac7f..84c56cc9f 100644 --- a/src/lib/crypto/krb/crypto_length.c +++ b/src/lib/crypto/krb/crypto_length.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_crypto_length(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/crypto_libinit.c b/src/lib/crypto/krb/crypto_libinit.c index f97713501..3b62ff5de 100644 --- a/src/lib/crypto/krb/crypto_libinit.c +++ b/src/lib/crypto/krb/crypto_libinit.c @@ -1,7 +1,5 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include -#include "k5-int.h" -#include "prng.h" +#include "crypto_int.h" MAKE_INIT_FUNCTION(cryptoint_initialize_library); MAKE_FINI_FUNCTION(cryptoint_cleanup_library); diff --git a/src/lib/crypto/krb/decrypt.c b/src/lib/crypto/krb/decrypt.c index c12c90d33..775e10a9b 100644 --- a/src/lib/crypto/krb/decrypt.c +++ b/src/lib/crypto/krb/decrypt.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_decrypt(krb5_context context, krb5_key key, diff --git a/src/lib/crypto/krb/decrypt_iov.c b/src/lib/crypto/krb/decrypt_iov.c index f52a727b3..39844d42c 100644 --- a/src/lib/crypto/krb/decrypt_iov.c +++ b/src/lib/crypto/krb/decrypt_iov.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c index d44b31fba..4968a7767 100644 --- a/src/lib/crypto/krb/default_state.c +++ b/src/lib/crypto/krb/default_state.c @@ -30,7 +30,7 @@ * contains that default code. */ -#include "k5-int.h" +#include "crypto_int.h" krb5_error_code krb5int_des_init_state (const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state ) diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps index a728ae11b..4c8737887 100644 --- a/src/lib/crypto/krb/deps +++ b/src/lib/crypto/krb/deps @@ -3,31 +3,36 @@ # aead.so aead.po $(OUTPRE)aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/dk/dk.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.c aead.h \ - cksumtypes.h etypes.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + aead.c crypto_int.h block_size.so block_size.po $(OUTPRE)block_size.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h block_size.c etypes.h + $(top_srcdir)/include/socket-utils.h block_size.c crypto_int.h checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ @@ -35,11 +40,13 @@ checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ $(top_srcdir)/include/socket-utils.h checksum_length.c \ - cksumtypes.h etypes.h + crypto_int.h cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ @@ -47,83 +54,92 @@ cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ $(top_srcdir)/include/socket-utils.h cksumtype_to_string.c \ - cksumtypes.h etypes.h + crypto_int.h cksumtypes.so cksumtypes.po $(OUTPRE)cksumtypes.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../builtin/enc_provider/enc_provider.h \ - $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.c cksumtypes.h \ - etypes.h + $(top_srcdir)/include/socket-utils.h cksumtypes.c crypto_int.h coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h coll_proof_cksum.c \ - etypes.h + $(top_srcdir)/include/socket-utils.h coll_proof_cksum.c \ + crypto_int.h combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cksumtypes.h combine_keys.c etypes.h + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h combine_keys.c \ + crypto_int.h crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - crypto_length.c etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h crypto_length.c crypto_libinit.so crypto_libinit.po $(OUTPRE)crypto_libinit.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h crypto_libinit.c \ - prng.h + $(top_srcdir)/include/socket-utils.h crypto_int.h crypto_libinit.c default_state.so default_state.po $(OUTPRE)default_state.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h default_state.c + $(top_srcdir)/include/socket-utils.h crypto_int.h default_state.c decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -131,22 +147,25 @@ decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aead.h cksumtypes.h decrypt.c etypes.h + crypto_int.h decrypt.c decrypt_iov.so decrypt_iov.po $(OUTPRE)decrypt_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - decrypt_iov.c etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h decrypt_iov.c encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -154,49 +173,51 @@ encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aead.h cksumtypes.h encrypt.c etypes.h + crypto_int.h encrypt.c encrypt_iov.so encrypt_iov.po $(OUTPRE)encrypt_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h encrypt_iov.c \ - etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h encrypt_iov.c encrypt_length.so encrypt_length.po $(OUTPRE)encrypt_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - encrypt_length.c etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h encrypt_length.c enctype_util.so enctype_util.po $(OUTPRE)enctype_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h enctype_util.c \ - etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h enctype_util.c etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \ - $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/arcfour/arcfour.h $(srcdir)/dk/dk.h $(srcdir)/old/old.h \ - $(srcdir)/prf/prf_int.h $(srcdir)/raw/raw.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -204,10 +225,12 @@ etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cksumtypes.h etypes.c etypes.h + crypto_int.h etypes.c key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -215,102 +238,116 @@ key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - etypes.h key.c + crypto_int.h key.c keyblocks.so keyblocks.po $(OUTPRE)keyblocks.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h keyblocks.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keyblocks.c keyed_cksum.so keyed_cksum.po $(OUTPRE)keyed_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - keyed_cksum.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keyed_cksum.c keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - keyed_checksum_types.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keyed_checksum_types.c keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h keylengths.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keylengths.c make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cksumtypes.h etypes.h make_checksum.c + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h make_checksum.c make_checksum_iov.so make_checksum_iov.po $(OUTPRE)make_checksum_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - etypes.h make_checksum_iov.c + $(top_srcdir)/include/socket-utils.h crypto_int.h make_checksum_iov.c make_random_key.so make_random_key.po $(OUTPRE)make_random_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h make_random_key.c + $(top_srcdir)/include/socket-utils.h crypto_int.h make_random_key.c mandatory_sumtype.so mandatory_sumtype.po $(OUTPRE)mandatory_sumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h mandatory_sumtype.c + $(top_srcdir)/include/socket-utils.h crypto_int.h mandatory_sumtype.c nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -318,21 +355,25 @@ nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - nfold.c + crypto_int.h nfold.c old_api_glue.so old_api_glue.po $(OUTPRE)old_api_glue.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h old_api_glue.c + $(top_srcdir)/include/socket-utils.h crypto_int.h old_api_glue.c prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -340,10 +381,12 @@ prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - etypes.h prf.c + crypto_int.h prf.c prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -351,23 +394,25 @@ prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prng.c prng.h + crypto_int.h prng.c prng_fortuna.so prng_fortuna.po $(OUTPRE)prng_fortuna.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ - $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prng.h prng_fortuna.c + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h prng_fortuna.c cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -375,11 +420,12 @@ cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cf2.c etypes.h + cf2.c crypto_int.h random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -387,10 +433,12 @@ random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h random_to_key.c + $(top_srcdir)/include/socket-utils.h crypto_int.h random_to_key.c state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -398,76 +446,83 @@ state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - etypes.h state.c + crypto_int.h state.c string_to_cksumtype.so string_to_cksumtype.po $(OUTPRE)string_to_cksumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - string_to_cksumtype.c + $(top_srcdir)/include/socket-utils.h crypto_int.h string_to_cksumtype.c string_to_key.so string_to_key.po $(OUTPRE)string_to_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h string_to_key.c + $(top_srcdir)/include/socket-utils.h crypto_int.h string_to_key.c t_fortuna.so t_fortuna.po $(OUTPRE)t_fortuna.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ - $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prng.h prng_fortuna.c t_fortuna.c + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h prng_fortuna.c \ + t_fortuna.c valid_cksumtype.so valid_cksumtype.po $(OUTPRE)valid_cksumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - valid_cksumtype.c + $(top_srcdir)/include/socket-utils.h crypto_int.h valid_cksumtype.c verify_checksum.so verify_checksum.po $(OUTPRE)verify_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - verify_checksum.c + $(top_srcdir)/include/socket-utils.h crypto_int.h verify_checksum.c verify_checksum_iov.so verify_checksum_iov.po $(OUTPRE)verify_checksum_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - etypes.h verify_checksum_iov.c + $(top_srcdir)/include/socket-utils.h crypto_int.h verify_checksum_iov.c diff --git a/src/lib/crypto/krb/dk/Makefile.in b/src/lib/crypto/krb/dk/Makefile.in index 63e55b6ff..56ab164d3 100644 --- a/src/lib/crypto/krb/dk/Makefile.in +++ b/src/lib/crypto/krb/dk/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)dk BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/dk/checksum_cmac.c b/src/lib/crypto/krb/dk/checksum_cmac.c index ac3e4e998..166b7c727 100644 --- a/src/lib/crypto/krb/dk/checksum_cmac.c +++ b/src/lib/crypto/krb/dk/checksum_cmac.c @@ -24,11 +24,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "dk.h" -#include "aead.h" -#include "cksumtypes.h" +#include "crypto_int.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ diff --git a/src/lib/crypto/krb/dk/checksum_hmac.c b/src/lib/crypto/krb/dk/checksum_hmac.c index 686af8d08..517a5f32c 100644 --- a/src/lib/crypto/krb/dk/checksum_hmac.c +++ b/src/lib/crypto/krb/dk/checksum_hmac.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "dk.h" -#include "cksumtypes.h" +#include "crypto_int.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ diff --git a/src/lib/crypto/krb/dk/deps b/src/lib/crypto/krb/dk/deps index da0589cea..7dbace5db 100644 --- a/src/lib/crypto/krb/dk/deps +++ b/src/lib/crypto/krb/dk/deps @@ -4,21 +4,9 @@ checksum_hmac.so checksum_hmac.po $(OUTPRE)checksum_hmac.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h checksum_hmac.c \ - dk.h -checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -26,11 +14,13 @@ checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - checksum_cmac.c dk.h -dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + checksum_hmac.c +checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -38,35 +28,38 @@ dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - dk.h dk_aead.c + checksum_cmac.c +dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_aead.c dk_cmac.so dk_cmac.po $(OUTPRE)dk_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - dk.h dk_cmac.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_cmac.c derive.so derive.po $(OUTPRE)derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - derive.c dk.h -stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -74,4 +67,18 @@ stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h dk.h stringtokey.c + $(top_srcdir)/include/socket-utils.h derive.c +stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + stringtokey.c diff --git a/src/lib/crypto/krb/dk/derive.c b/src/lib/crypto/krb/dk/derive.c index 7fa6c80ad..1cb47af4b 100644 --- a/src/lib/crypto/krb/dk/derive.c +++ b/src/lib/crypto/krb/dk/derive.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "dk.h" +#include "crypto_int.h" static krb5_key find_cached_dkey(struct derived_key *list, const krb5_data *constant) diff --git a/src/lib/crypto/krb/dk/dk.h b/src/lib/crypto/krb/dk/dk.h deleted file mode 100644 index 079977847..000000000 --- a/src/lib/crypto/krb/dk/dk.h +++ /dev/null @@ -1,114 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "etypes.h" -#include "cksumtypes.h" - -unsigned int -krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -unsigned int -krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -unsigned int -krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); -krb5_error_code -krb5int_dk_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_dk_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_dk_string_to_key(const struct krb5_keytypes *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key); - -krb5_error_code -krb5int_aes_string_to_key(const struct krb5_keytypes *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key); - -krb5_error_code -krb5int_camellia_string_to_key(const struct krb5_keytypes *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); - -enum deriv_alg { - DERIVE_RFC3961, /* RFC 3961 section 5.1 */ -#ifdef CAMELLIA - DERIVE_SP800_108_CMAC /* NIST SP 800-108 with CMAC as PRF */ -#endif -}; - -krb5_error_code -krb5int_derive_keyblock(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_keyblock *outkey, - const krb5_data *in_constant, enum deriv_alg alg); - -krb5_error_code -krb5int_derive_key(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_key *outkey, - const krb5_data *in_constant, enum deriv_alg alg); - -krb5_error_code -krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); - -krb5_error_code -krb5int_derive_random(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant, enum deriv_alg alg); - -krb5_error_code -krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code -krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code -krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c index 4e9a7c4cf..2e2163f69 100644 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ b/src/lib/crypto/krb/dk/dk_aead.c @@ -26,9 +26,7 @@ */ -#include "k5-int.h" -#include "dk.h" -#include "aead.h" +#include "crypto_int.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ diff --git a/src/lib/crypto/krb/dk/dk_cmac.c b/src/lib/crypto/krb/dk/dk_cmac.c index 9ac5bee8f..f00b8edc9 100644 --- a/src/lib/crypto/krb/dk/dk_cmac.c +++ b/src/lib/crypto/krb/dk/dk_cmac.c @@ -25,9 +25,7 @@ */ -#include "k5-int.h" -#include "dk.h" -#include "aead.h" +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c index 2c5188bdb..90fe3c694 100644 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ b/src/lib/crypto/krb/dk/stringtokey.c @@ -25,7 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "dk.h" +#include "crypto_int.h" static const unsigned char kerberos[] = "kerberos"; #define kerberos_len (sizeof(kerberos)-1) diff --git a/src/lib/crypto/krb/encrypt.c b/src/lib/crypto/krb/encrypt.c index 8f5c481b5..3c7bbdacd 100644 --- a/src/lib/crypto/krb/encrypt.c +++ b/src/lib/crypto/krb/encrypt.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_encrypt(krb5_context context, krb5_key key, diff --git a/src/lib/crypto/krb/encrypt_iov.c b/src/lib/crypto/krb/encrypt_iov.c index 26bb82b8a..9f56c1f0b 100644 --- a/src/lib/crypto/krb/encrypt_iov.c +++ b/src/lib/crypto/krb/encrypt_iov.c @@ -25,8 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, diff --git a/src/lib/crypto/krb/encrypt_length.c b/src/lib/crypto/krb/encrypt_length.c index be99f17fa..5428e429c 100644 --- a/src/lib/crypto/krb/encrypt_length.c +++ b/src/lib/crypto/krb/encrypt_length.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c index 1a9caf667..2641537fc 100644 --- a/src/lib/crypto/krb/enctype_util.c +++ b/src/lib/crypto/krb/enctype_util.c @@ -34,8 +34,7 @@ * krb5_enctype_to_string() */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype(krb5_enctype etype) diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c index 476a0e626..f6da99cc5 100644 --- a/src/lib/crypto/krb/etypes.c +++ b/src/lib/crypto/krb/etypes.c @@ -25,16 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "hash_provider.h" -#include "etypes.h" -#include "old.h" -#include "raw.h" -#include "dk.h" -#include "prf_int.h" -#include "arcfour.h" -#include "des/des_int.h" +#include "crypto_int.h" /* these will be linear searched. if they ever get big, a binary search or hash table would be better, which means these would need diff --git a/src/lib/crypto/krb/etypes.h b/src/lib/crypto/krb/etypes.h deleted file mode 100644 index 98ed58ed7..000000000 --- a/src/lib/crypto/krb/etypes.h +++ /dev/null @@ -1,143 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef ETYPES_H -#define ETYPES_H - -#include "k5-int.h" - -#define MAX_ETYPE_ALIASES 2 - -struct krb5_keytypes; - -typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp, - krb5_key key, krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *parm, - krb5_keyblock *key); - -typedef krb5_error_code (*rand2key_func)(const krb5_data *randombits, - krb5_keyblock *key); - -typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp, - krb5_key key, - const krb5_data *in, krb5_data *out); - -typedef krb5_error_code (*init_state_func)(const struct krb5_keytypes *ktp, - const krb5_keyblock *key, - krb5_keyusage keyusage, - krb5_data *out_state); - -typedef void (*free_state_func)(const struct krb5_keytypes *ktp, - krb5_data *state); - -struct krb5_keytypes { - krb5_enctype etype; - char *name; - char *aliases[MAX_ETYPE_ALIASES]; - char *out_string; - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - size_t prf_length; - crypto_length_func crypto_length; - crypt_func encrypt; - crypt_func decrypt; - str2key_func str2key; - rand2key_func rand2key; - prf_func prf; - init_state_func init_state; - free_state_func free_state; - krb5_cksumtype required_ctype; - krb5_flags flags; -}; - -#define ETYPE_WEAK 1 - -extern const struct krb5_keytypes krb5int_enctypes_list[]; -extern const int krb5int_enctypes_length; - -static inline const struct krb5_keytypes * -find_enctype(krb5_enctype enctype) -{ - int i; - - for (i = 0; i < krb5int_enctypes_length; i++) { - if (krb5int_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5int_enctypes_length) - return NULL; - return &krb5int_enctypes_list[i]; -} - -/* This belongs with the declaration of struct krb5_enc_provider... but not - * while that's still in k5-int.h. */ -/* Encrypt one block of plaintext in place. */ -static inline krb5_error_code -encrypt_block(const struct krb5_enc_provider *enc, krb5_key key, - krb5_data *block) -{ - krb5_crypto_iov iov; - - /* Verify that this is a block cipher and block is the right length. */ - if (block->length != enc->block_size || enc->block_size == 1) - return EINVAL; - iov.flags = KRB5_CRYPTO_TYPE_DATA; - iov.data = *block; - if (enc->cbc_mac != NULL) /* One-block cbc-mac with no ivec. */ - return enc->cbc_mac(key, &iov, 1, NULL, block); - else /* Assume cbc-mode encrypt. */ - return enc->encrypt(key, 0, &iov, 1); -} - -krb5_error_code -krb5int_init_state_enc(const struct krb5_keytypes *ktp, - const krb5_keyblock *key, krb5_keyusage keyusage, - krb5_data *out_state); - -void -krb5int_free_state_enc(const struct krb5_keytypes *ktp, krb5_data *state); - -krb5_error_code -k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock); - -krb5_error_code -k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock); - -krb5_error_code -k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock); - -#endif diff --git a/src/lib/crypto/krb/key.c b/src/lib/crypto/krb/key.c index a64c7a00c..550ac20d3 100644 --- a/src/lib/crypto/krb/key.c +++ b/src/lib/crypto/krb/key.c @@ -25,8 +25,7 @@ * Functions for manipulating krb5_key structures */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" /* * The krb5_key data type wraps an exposed keyblock in an opaque data diff --git a/src/lib/crypto/krb/keyblocks.c b/src/lib/crypto/krb/keyblocks.c index 732a877a0..b1ef6f2ac 100644 --- a/src/lib/crypto/krb/keyblocks.c +++ b/src/lib/crypto/krb/keyblocks.c @@ -30,9 +30,7 @@ * an empty keyblock */ - -#include "k5-int.h" -#include +#include "crypto_int.h" krb5_error_code krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/keyed_checksum_types.c b/src/lib/crypto/krb/keyed_checksum_types.c index 3cd1ebcae..4b211fb46 100644 --- a/src/lib/crypto/krb/keyed_checksum_types.c +++ b/src/lib/crypto/krb/keyed_checksum_types.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "cksumtypes.h" +#include "crypto_int.h" static krb5_boolean is_keyed_for(const struct krb5_cksumtypes *ctp, diff --git a/src/lib/crypto/krb/keyed_cksum.c b/src/lib/crypto/krb/keyed_cksum.c index b6d3e3db4..d3db8f31b 100644 --- a/src/lib/crypto/krb/keyed_cksum.c +++ b/src/lib/crypto/krb/keyed_cksum.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum(krb5_cksumtype ctype) diff --git a/src/lib/crypto/krb/keylengths.c b/src/lib/crypto/krb/keylengths.c index fa65be11c..2bbd1cc6b 100644 --- a/src/lib/crypto/krb/keylengths.c +++ b/src/lib/crypto/krb/keylengths.c @@ -29,8 +29,7 @@ * SUCH DAMAGES. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" /* * keybytes is the number of bytes required as input to make a key, diff --git a/src/lib/crypto/krb/make_checksum.c b/src/lib/crypto/krb/make_checksum.c index d0dc62237..398c84a8d 100644 --- a/src/lib/crypto/krb/make_checksum.c +++ b/src/lib/crypto/krb/make_checksum.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "etypes.h" -#include "dk.h" +#include "crypto_int.h" /* A 0 checksum type means use the mandatory checksum. */ diff --git a/src/lib/crypto/krb/make_checksum_iov.c b/src/lib/crypto/krb/make_checksum_iov.c index a7a3cb3dd..1c54077fc 100644 --- a/src/lib/crypto/krb/make_checksum_iov.c +++ b/src/lib/crypto/krb/make_checksum_iov.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_make_checksum_iov(krb5_context context, diff --git a/src/lib/crypto/krb/make_random_key.c b/src/lib/crypto/krb/make_random_key.c index 4032676a1..f5af18780 100644 --- a/src/lib/crypto/krb/make_random_key.c +++ b/src/lib/crypto/krb/make_random_key.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/mandatory_sumtype.c b/src/lib/crypto/krb/mandatory_sumtype.c index 3adeaf215..55ea81fa1 100644 --- a/src/lib/crypto/krb/mandatory_sumtype.c +++ b/src/lib/crypto/krb/mandatory_sumtype.c @@ -23,8 +23,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code krb5int_c_mandatory_cksumtype(krb5_context ctx, krb5_enctype etype, diff --git a/src/lib/crypto/krb/nfold.c b/src/lib/crypto/krb/nfold.c index 11082acca..ea02fddcf 100644 --- a/src/lib/crypto/krb/nfold.c +++ b/src/lib/crypto/krb/nfold.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#ifdef HAVE_MEMORY_H -#include -#endif +#include "crypto_int.h" /* * n-fold(k-bits): diff --git a/src/lib/crypto/krb/old/Makefile.in b/src/lib/crypto/krb/old/Makefile.in index 8cbd7fc0b..0563f4cb1 100644 --- a/src/lib/crypto/krb/old/Makefile.in +++ b/src/lib/crypto/krb/old/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)old BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../../$(CRYPTO_IMPL)/des -I$(srcdir)/.. -I$(srcdir) +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/old/deps b/src/lib/crypto/krb/old/deps index 0e51f504a..f8762e621 100644 --- a/src/lib/crypto/krb/old/deps +++ b/src/lib/crypto/krb/old/deps @@ -4,8 +4,9 @@ des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/des/des_int.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -13,12 +14,13 @@ des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des_stringtokey.c old.h + des_stringtokey.c old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -26,4 +28,4 @@ old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - old.h old_aead.c + old_aead.c diff --git a/src/lib/crypto/krb/old/des_stringtokey.c b/src/lib/crypto/krb/old/des_stringtokey.c index 71ee0de1d..751aa72da 100644 --- a/src/lib/crypto/krb/old/des_stringtokey.c +++ b/src/lib/crypto/krb/old/des_stringtokey.c @@ -25,15 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "old.h" -#include - -/* XXX */ -extern krb5_error_code mit_des_string_to_key_int -(krb5_keyblock * keyblock, - const krb5_data * data, - const krb5_data * salt); +#include "crypto_int.h" krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/old/old.h b/src/lib/crypto/krb/old/old.h deleted file mode 100644 index d092686d3..000000000 --- a/src/lib/crypto/krb/old/old.h +++ /dev/null @@ -1,49 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "etypes.h" - -unsigned int -krb5int_old_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -krb5_error_code -krb5int_old_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); diff --git a/src/lib/crypto/krb/old/old_aead.c b/src/lib/crypto/krb/old/old_aead.c index f7d1f10a7..00ce609ec 100644 --- a/src/lib/crypto/krb/old/old_aead.c +++ b/src/lib/crypto/krb/old/old_aead.c @@ -25,10 +25,7 @@ * or implied warranty. */ - -#include "k5-int.h" -#include "old.h" -#include "aead.h" +#include "crypto_int.h" unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/old_api_glue.c b/src/lib/crypto/krb/old_api_glue.c index 49f554dd2..585ed11a3 100644 --- a/src/lib/crypto/krb/old_api_glue.c +++ b/src/lib/crypto/krb/old_api_glue.c @@ -25,7 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" /* * The following functions were removed from the API in krb5 1.3 but diff --git a/src/lib/crypto/krb/prf.c b/src/lib/crypto/krb/prf.c index e42d36361..a315c42a1 100644 --- a/src/lib/crypto/krb/prf.c +++ b/src/lib/crypto/krb/prf.c @@ -31,11 +31,7 @@ *function yields krb5_c_prf_length bytes of output. */ - -#include "k5-int.h" -#include "etypes.h" - -#include +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_prf_length(krb5_context context, krb5_enctype enctype, size_t *len) diff --git a/src/lib/crypto/krb/prf/Makefile.in b/src/lib/crypto/krb/prf/Makefile.in index b57029fa0..f7b4ddc38 100644 --- a/src/lib/crypto/krb/prf/Makefile.in +++ b/src/lib/crypto/krb/prf/Makefile.in @@ -1,10 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)prf BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/.. \ - -I$(srcdir)/../dk \ - -I$(srcdir)/../../$(CRYPTO_IMPL) \ - -I$(srcdir)/../../$(CRYPTO_IMPL)/md5 \ - -I$(srcdir)/../../$(CRYPTO_IMPL)/sha1 +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/prf/cmac_prf.c b/src/lib/crypto/krb/prf/cmac_prf.c index 78d11641c..0a02bf1ea 100644 --- a/src/lib/crypto/krb/prf/cmac_prf.c +++ b/src/lib/crypto/krb/prf/cmac_prf.c @@ -30,8 +30,7 @@ *simplified profile enctypes. */ -#include "prf_int.h" -#include +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/krb/prf/deps b/src/lib/crypto/krb/prf/deps index dbf083fa5..40bba2481 100644 --- a/src/lib/crypto/krb/prf/deps +++ b/src/lib/crypto/krb/prf/deps @@ -3,45 +3,49 @@ # des_prf.so des_prf.po $(OUTPRE)des_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des_prf.c prf_int.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_prf.c dk_prf.so dk_prf.po $(OUTPRE)dk_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../dk/dk.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - dk_prf.c prf_int.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_prf.c rc4_prf.so rc4_prf.po $(OUTPRE)rc4_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prf_int.h rc4_prf.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc4_prf.c cmac_prf.so cmac_prf.po $(OUTPRE)cmac_prf.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../dk/dk.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -49,4 +53,4 @@ cmac_prf.so cmac_prf.po $(OUTPRE)cmac_prf.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cmac_prf.c prf_int.h + cmac_prf.c diff --git a/src/lib/crypto/krb/prf/des_prf.c b/src/lib/crypto/krb/prf/des_prf.c index a111423a5..3bb420b57 100644 --- a/src/lib/crypto/krb/prf/des_prf.c +++ b/src/lib/crypto/krb/prf/des_prf.c @@ -30,8 +30,7 @@ * des-cbc-crc, des-cbc-md4, and des-cbc-md5 enctypes. */ -#include "prf_int.h" -#include "hash_provider/hash_provider.h" +#include "crypto_int.h" krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, diff --git a/src/lib/crypto/krb/prf/dk_prf.c b/src/lib/crypto/krb/prf/dk_prf.c index a824e2b57..b6e69988c 100644 --- a/src/lib/crypto/krb/prf/dk_prf.c +++ b/src/lib/crypto/krb/prf/dk_prf.c @@ -30,8 +30,7 @@ *simplified profile enctypes. */ -#include "prf_int.h" -#include +#include "crypto_int.h" krb5_error_code krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, diff --git a/src/lib/crypto/krb/prf/prf_int.h b/src/lib/crypto/krb/prf/prf_int.h deleted file mode 100644 index 1c9872047..000000000 --- a/src/lib/crypto/krb/prf/prf_int.h +++ /dev/null @@ -1,50 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/krb/prf/prf_int.h - * - * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of - * Technology. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef PRF_INTERNAL_DEFS -#define PRF_INTERNAL_DEFS - -#include "k5-int.h" -#include "etypes.h" - -krb5_error_code -krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -krb5_error_code -krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -krb5_error_code -krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -krb5_error_code -krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -#endif /*PRF_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/krb/prf/rc4_prf.c b/src/lib/crypto/krb/prf/rc4_prf.c index e34ab2602..be54f361f 100644 --- a/src/lib/crypto/krb/prf/rc4_prf.c +++ b/src/lib/crypto/krb/prf/rc4_prf.c @@ -26,9 +26,7 @@ * */ -#include "prf_int.h" -#include "k5-int.h" -#include +#include "crypto_int.h" krb5_error_code krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key, diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c index b65223b8b..acece29bf 100644 --- a/src/lib/crypto/krb/prng.c +++ b/src/lib/crypto/krb/prng.c @@ -24,7 +24,7 @@ * or implied warranty. */ -#include "prng.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_random_seed(krb5_context context, krb5_data *data) diff --git a/src/lib/crypto/krb/prng.h b/src/lib/crypto/krb/prng.h deleted file mode 100644 index f75d5f731..000000000 --- a/src/lib/crypto/krb/prng.h +++ /dev/null @@ -1,48 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/krb/prng.h - Header for PRNG modules */ -/* - * Copyright 2010 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#ifndef PRNG_H -#define PRNG_H - -#include "k5-int.h" - -/* - * PRNG modules must implement the following APIs from krb5.h: - * krb5_c_random_add_entropy - * krb5_c_random_make_octets - * - * PRNG modules should implement these functions. They are called from the - * crypto library init and cleanup functions, and can be used to setup and tear - * down static state without thread safety concerns. - */ -int k5_prng_init(void); -void k5_prng_cleanup(void); - -/* Used by PRNG modules to gather OS entropy. Returns true on success. */ -krb5_boolean k5_get_os_entropy(unsigned char *buf, size_t len); - -#endif diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c index 3acf96b3a..cdc5acf15 100644 --- a/src/lib/crypto/krb/prng_fortuna.c +++ b/src/lib/crypto/krb/prng_fortuna.c @@ -74,10 +74,7 @@ * such as a KDC which can submit periodic entropy inputs to the PRNG. */ -#include "k5-int.h" -#include "prng.h" -#include "aes.h" -#include "sha2.h" +#include "crypto_int.h" /* The accumulator's number of pools. */ #define NUM_POOLS 32 diff --git a/src/lib/crypto/krb/prng_nss.c b/src/lib/crypto/krb/prng_nss.c index 4d2b9c4a0..905b24dd3 100644 --- a/src/lib/crypto/krb/prng_nss.c +++ b/src/lib/crypto/krb/prng_nss.c @@ -26,9 +26,8 @@ * or implied warranty. */ -#include "prng.h" -#include -#include "k5-thread.h" +#include "crypto_int.h" +#include "nss_prng.h" /* * This PRNG module should be used whenever the NSS crypto implementation is @@ -36,8 +35,6 @@ * AES-256 and SHA-256 contexts across forks. */ -#include "nss_prng.h" - int k5_prng_init(void) { diff --git a/src/lib/crypto/krb/prng_os.c b/src/lib/crypto/krb/prng_os.c index 2da8b1986..51af17be9 100644 --- a/src/lib/crypto/krb/prng_os.c +++ b/src/lib/crypto/krb/prng_os.c @@ -31,8 +31,7 @@ * in the operating system's native PRNG quality. */ -#include "k5-int.h" -#include "prng.h" +#include "crypto_int.h" #define DEVICE "/dev/urandom" diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c index cb83129a2..93d033eb7 100644 --- a/src/lib/crypto/krb/random_to_key.c +++ b/src/lib/crypto/krb/random_to_key.c @@ -34,9 +34,7 @@ * already been initialized and random_key->contents have been allocated * with the correct length. */ -#include "k5-int.h" -#include "etypes.h" -#include "des_int.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_random_to_key(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/raw/deps b/src/lib/crypto/krb/raw/deps index 283622b17..2423c9fbd 100644 --- a/src/lib/crypto/krb/raw/deps +++ b/src/lib/crypto/krb/raw/deps @@ -4,8 +4,9 @@ raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -13,4 +14,4 @@ raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - raw.h raw_aead.c + raw_aead.c diff --git a/src/lib/crypto/krb/raw/raw.h b/src/lib/crypto/krb/raw/raw.h deleted file mode 100644 index ee54d5874..000000000 --- a/src/lib/crypto/krb/raw/raw.h +++ /dev/null @@ -1,43 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "etypes.h" - -unsigned int -krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -krb5_error_code -krb5int_raw_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_raw_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); diff --git a/src/lib/crypto/krb/raw/raw_aead.c b/src/lib/crypto/krb/raw/raw_aead.c index 75f23241c..3364a7d0b 100644 --- a/src/lib/crypto/krb/raw/raw_aead.c +++ b/src/lib/crypto/krb/raw/raw_aead.c @@ -26,9 +26,7 @@ */ -#include "k5-int.h" -#include "raw.h" -#include "aead.h" +#include "crypto_int.h" unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/state.c b/src/lib/crypto/krb/state.c index 4a0bafd8b..2c3371c3a 100644 --- a/src/lib/crypto/krb/state.c +++ b/src/lib/crypto/krb/state.c @@ -33,8 +33,7 @@ * krb5_c_init_state and krb5_c_free_state used by clients of the * Kerberos crypto library. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" /* Most enctypes delegate cipher state handling to the enc provider by using * this function as their init_state methods. */ diff --git a/src/lib/crypto/krb/string_to_cksumtype.c b/src/lib/crypto/krb/string_to_cksumtype.c index b130b6c73..3498d2a05 100644 --- a/src/lib/crypto/krb/string_to_cksumtype.c +++ b/src/lib/crypto/krb/string_to_cksumtype.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep) diff --git a/src/lib/crypto/krb/string_to_key.c b/src/lib/crypto/krb/string_to_key.c index 356940455..7a7a04f61 100644 --- a/src/lib/crypto/krb/string_to_key.c +++ b/src/lib/crypto/krb/string_to_key.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_string_to_key_with_params(krb5_context context, diff --git a/src/lib/crypto/krb/valid_cksumtype.c b/src/lib/crypto/krb/valid_cksumtype.c index 07b84fec7..eb7807f7e 100644 --- a/src/lib/crypto/krb/valid_cksumtype.c +++ b/src/lib/crypto/krb/valid_cksumtype.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype(krb5_cksumtype ctype) diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c index cb19c23a9..8727cb35d 100644 --- a/src/lib/crypto/krb/verify_checksum.c +++ b/src/lib/crypto/krb/verify_checksum.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum(krb5_context context, krb5_key key, diff --git a/src/lib/crypto/krb/verify_checksum_iov.c b/src/lib/crypto/krb/verify_checksum_iov.c index d5427baec..da8f487bf 100644 --- a/src/lib/crypto/krb/verify_checksum_iov.c +++ b/src/lib/crypto/krb/verify_checksum_iov.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum_iov(krb5_context context, diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports index 6307303cf..2d91592ec 100644 --- a/src/lib/crypto/libk5crypto.exports +++ b/src/lib/crypto/libk5crypto.exports @@ -65,11 +65,10 @@ krb5int_c_copy_keyblock_contents krb5int_c_free_keyblock_contents krb5int_c_free_keyblock krb5int_c_init_keyblock +krb5int_hash_md4 krb5int_hash_md5 krb5int_enc_arcfour krb5int_hmac -mit_des_fixup_key_parity -mit_des_is_weak_key krb5_k_create_key krb5_k_decrypt krb5_k_decrypt_iov @@ -86,12 +85,6 @@ krb5_k_verify_checksum krb5_k_verify_checksum_iov mit_crc32 krb5int_aes_encrypt -krb5int_MD4Init -krb5int_MD4Update -krb5int_MD4Final -krb5int_MD5Init -krb5int_MD5Update -krb5int_MD5Final krb5int_aes_decrypt krb5int_enc_des3 krb5int_arcfour_gsscrypt diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in index c2a2e4e9c..bb8b8c275 100644 --- a/src/lib/crypto/nss/Makefile.in +++ b/src/lib/crypto/nss/Makefile.in @@ -2,17 +2,7 @@ mydir=lib$(S)crypto$(S)nss BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS=des aes camellia md4 md5 sha1 sha2 enc_provider hash_provider CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/../krb \ - -I$(srcdir)/../krb/hash_provider \ - -I$(srcdir)/des \ - -I$(srcdir)/aes \ - -I$(srcdir)/sha1 \ - -I$(srcdir)/sha2 \ - -I$(srcdir)/md4 \ - -I$(srcdir)/md5 \ - -I$(srcdir)/enc_provider \ - -I$(srcdir)/hash_provider \ - $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) $(CRYPTO_IMPL_CFLAGS) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/crypto/nss/aes/Makefile.in b/src/lib/crypto/nss/aes/Makefile.in index ffbd4ba50..947ad11b2 100644 --- a/src/lib/crypto/nss/aes/Makefile.in +++ b/src/lib/crypto/nss/aes/Makefile.in @@ -4,12 +4,9 @@ mydir=lib$(S)crypto$(S)nss$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS= diff --git a/src/lib/crypto/nss/camellia/Makefile.in b/src/lib/crypto/nss/camellia/Makefile.in index b8feffc5d..041227132 100644 --- a/src/lib/crypto/nss/camellia/Makefile.in +++ b/src/lib/crypto/nss/camellia/Makefile.in @@ -4,12 +4,9 @@ mydir=lib$(S)crypto$(S)nss$(S)camellia BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS= diff --git a/src/lib/crypto/openssl/md4/md4.c b/src/lib/crypto/nss/crypto_mod.h similarity index 63% rename from src/lib/crypto/openssl/md4/md4.c rename to src/lib/crypto/nss/crypto_mod.h index 8d2cd48a2..2f82a2b0d 100644 --- a/src/lib/crypto/openssl/md4/md4.c +++ b/src/lib/crypto/nss/crypto_mod.h @@ -1,8 +1,7 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/crypto_mod.h - NSS crypto module declarations */ /* - * lib/crypto/openssl/md4/md4.c - * - * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * Copyright (C) 2011 by the Massachusetts Institute of Technology. * All rights reserved. * * Export of this software from the United States of America may @@ -25,27 +24,16 @@ * or implied warranty. */ -#include "k5-int.h" -#include "rsa-md4.h" -#include -#include +/* + * This header is included from lib/crypto/krb/crypto_int.h to provide + * module-specific declarations. It is not included directly from source + * files. + */ -void -krb5int_MD4Init (krb5_MD4_CTX *mdContext) -{ - EVP_MD_CTX_init(&mdContext->ossl_md4_ctx ); - EVP_DigestInit_ex(&mdContext->ossl_md4_ctx, EVP_md4(), NULL); +#ifndef CRYPTO_MOD_H +#define CRYPTO_MOD_H -} -void -krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) -{ - EVP_DigestUpdate(&mdContext->ossl_md4_ctx, inBuf, inLen); -} +/* Because the NSS crypto module doesn't work with the Fortuna PRNG, we don't + * need to declare anything here. */ -void -krb5int_MD4Final (krb5_MD4_CTX *mdContext) -{ - EVP_DigestFinal_ex(&mdContext->ossl_md4_ctx, mdContext->digest , NULL); - EVP_MD_CTX_cleanup(&mdContext->ossl_md4_ctx ); -} +#endif /* CRYPTO_MOD_H */ diff --git a/src/lib/crypto/nss/deps b/src/lib/crypto/nss/deps index e925336e6..0d5831e53 100644 --- a/src/lib/crypto/nss/deps +++ b/src/lib/crypto/nss/deps @@ -3,8 +3,7 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ - $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -12,10 +11,11 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hmac.c nss_gen.h + $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c \ + nss_gen.h pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -23,18 +23,20 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h nss_gen.h pbkdf2.c + $(top_srcdir)/include/socket-utils.h crypto_mod.h nss_gen.h \ + pbkdf2.c prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - nss_gen.h nss_prng.h prng.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_mod.h nss_gen.h \ + nss_prng.h prng.c stubs.so stubs.po $(OUTPRE)stubs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ diff --git a/src/lib/crypto/nss/des/Makefile.in b/src/lib/crypto/nss/des/Makefile.in index c8ab6e429..b751e6e65 100644 --- a/src/lib/crypto/nss/des/Makefile.in +++ b/src/lib/crypto/nss/des/Makefile.in @@ -1,8 +1,7 @@ mydir=lib$(S)crypto$(S)nss$(S)des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb \ - $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) DEFS= @@ -10,23 +9,18 @@ RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= des_oldapis.o \ f_parity.o \ - string2key.o \ - weak_key.o + string2key.o OBJS= $(OUTPRE)f_parity.$(OBJEXT) \ $(OUTPRE)des_oldapis.$(OBJEXT) \ - $(OUTPRE)string2key.$(OBJEXT) \ - $(OUTPRE)weak_key.$(OBJEXT) + $(OUTPRE)string2key.$(OBJEXT) SRCS= $(srcdir)/f_parity.c \ $(srcdir)/des_oldapis.c \ - $(srcdir)/weak_key.c \ $(srcdir)/string2key.c - all-unix:: all-libobjs includes:: depend diff --git a/src/lib/crypto/nss/des/deps b/src/lib/crypto/nss/des/deps index 45fe25677..18a124374 100644 --- a/src/lib/crypto/nss/des/deps +++ b/src/lib/crypto/nss/des/deps @@ -4,40 +4,32 @@ f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c + $(top_srcdir)/include/socket-utils.h f_parity.c des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h des_oldapis.c -weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c + $(top_srcdir)/include/socket-utils.h des_oldapis.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -45,4 +37,4 @@ string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des_int.h string2key.c + string2key.c diff --git a/src/lib/crypto/nss/des/des_int.h b/src/lib/crypto/nss/des/des_int.h deleted file mode 100644 index e85fcbca9..000000000 --- a/src/lib/crypto/nss/des/des_int.h +++ /dev/null @@ -1,194 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/des/des_int.h - * - * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of - * Technology. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Private include file for the Data Encryption Standard library. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -/* only do the whole thing once */ -#ifndef DES_INTERNAL_DEFS -#define DES_INTERNAL_DEFS - -#include "k5-int.h" -/* - * Begin "mit-des.h" - */ -#ifndef KRB5_MIT_DES__ -#define KRB5_MIT_DES__ - -#if defined(__MACH__) && defined(__APPLE__) -#include -#include -#if TARGET_RT_MAC_CFM -#error "Use KfM 4.0 SDK headers for CFM compilation." -#endif -#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) -#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 -#endif -#endif /* defined(__MACH__) && defined(__APPLE__) */ - -/* Macro to add deprecated attribute to DES types and functions */ -/* Currently only defined on Mac OS X 10.5 and later. */ -#ifndef KRB5INT_DES_DEPRECATED -#define KRB5INT_DES_DEPRECATED -#endif - -#include - -#if UINT_MAX >= 0xFFFFFFFFUL -#define DES_INT32 int -#define DES_UINT32 unsigned int -#else -#define DES_INT32 long -#define DES_UINT32 unsigned long -#endif - -typedef unsigned char des_cblock[8] /* crypto-block size */ -KRB5INT_DES_DEPRECATED; - -/* - * Key schedule. - * - * This used to be - * - * typedef struct des_ks_struct { - * union { DES_INT32 pad; des_cblock _;} __; - * } des_key_schedule[16]; - * - * but it would cause trouble if DES_INT32 were ever more than 4 - * bytes. The reason is that all the encryption functions cast it to - * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If - * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the - * caller-allocated des_key_schedule will be overflowed by the key - * scheduling functions. We can't assume that every platform will - * have an exact 32-bit int, and nothing should be looking inside a - * des_key_schedule anyway. - */ -typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] -KRB5INT_DES_DEPRECATED; - -typedef des_cblock mit_des_cblock; -typedef des_key_schedule mit_des_key_schedule; - -/* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; - -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 - -typedef struct mit_des_ran_key_seed { - krb5_encrypt_block eblock; - krb5_data sequence; -} mit_des_random_state; - -/* the first byte of the key is already in the keyblock */ - -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH -/* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 - -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) - -/* - * Check if k5-int.h has been included before us. If so, then check to see - * that our view of the DES key size is the same as k5-int.h's. - */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE -error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES__ */ -/* - * End "mit-des.h" - */ - -#define mit_des_zeroblock krb5int_c_mit_des_zeroblock -extern const mit_des_cblock mit_des_zeroblock; - -/* des_oldapis.c */ -extern krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, - const krb5_data *data, - const krb5_data *salt); - -/* key_parity.c */ -extern void mit_des_fixup_key_parity (mit_des_cblock ); -extern int mit_des_check_key_parity (mit_des_cblock ); - -/* string2key.c */ -extern krb5_error_code mit_des_string_to_key - ( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); -extern krb5_error_code mit_des_string_to_key_int - (krb5_keyblock *, const krb5_data *, const krb5_data *); - -/* weak_key.c */ -extern int mit_des_is_weak_key (mit_des_cblock ); - -/* misc.c */ -extern void swap_bits (char *); -extern unsigned long long_swap_bits (unsigned long ); -extern unsigned long swap_six_bits_to_ansi (unsigned long ); -extern unsigned long swap_four_bits_to_ansi (unsigned long ); -extern unsigned long swap_bit_pos_1 (unsigned long ); -extern unsigned long swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); -extern unsigned long rev_swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_byte_bits (unsigned long ); -extern unsigned long swap_long_bytes_bit_number (unsigned long ); -#ifdef FILE -/* XXX depends on FILE being a #define! */ -extern void test_set (FILE *, const char *, int, const char *, int); -#endif -#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/nss/des/des_oldapis.c b/src/lib/crypto/nss/des/des_oldapis.c index eb1e58633..79163c40c 100644 --- a/src/lib/crypto/nss/des/des_oldapis.c +++ b/src/lib/crypto/nss/des/des_oldapis.c @@ -26,31 +26,11 @@ * */ -#include "k5-int.h" -#include "des_int.h" -#include - -const mit_des_cblock mit_des_zeroblock /* = all zero */; - -unsigned long -mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) -{ - /* Unsupported operation */ - return KRB5_CRYPTO_INTERNAL; -} +#include "crypto_int.h" krb5_error_code -mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) -{ - return KRB5_CRYPTO_INTERNAL; -} - -int -mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) +mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { - /* Unsupported operation */ return KRB5_CRYPTO_INTERNAL; } diff --git a/src/lib/crypto/nss/des/f_parity.c b/src/lib/crypto/nss/des/f_parity.c index 460b5061b..ca1de3ed9 100644 --- a/src/lib/crypto/nss/des/f_parity.c +++ b/src/lib/crypto/nss/des/f_parity.c @@ -9,8 +9,7 @@ * Mark Eichin -- Cygnus Support */ - -#include "des_int.h" +#include "crypto_int.h" /* * des_fixup_key_parity: Forces odd parity per byte; parity is bits @@ -22,35 +21,11 @@ #define parity_char(x) pstep(pstep(pstep((x),4),2),1) void -mit_des_fixup_key_parity(mit_des_cblock key) +mit_des_fixup_key_parity(unsigned char *key) { unsigned int i; - for (i=0; i -#include "des_int.h" - static krb5_error_code k5_des_encrypt_iov(krb5_key key, const krb5_data *ivec, diff --git a/src/lib/crypto/nss/enc_provider/des3.c b/src/lib/crypto/nss/enc_provider/des3.c index c22d6effc..b32e56897 100644 --- a/src/lib/crypto/nss/enc_provider/des3.c +++ b/src/lib/crypto/nss/enc_provider/des3.c @@ -33,11 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include -#include "des_int.h" - static krb5_error_code k5_des3_encrypt_iov(krb5_key key, const krb5_data *ivec, diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c index 756039a1a..19f8d2ccf 100644 --- a/src/lib/crypto/nss/enc_provider/enc_gen.c +++ b/src/lib/crypto/nss/enc_provider/enc_gen.c @@ -33,10 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include "enc_provider.h" -#include "aead.h" #include "seccomon.h" #include "secmod.h" #include "pk11pub.h" diff --git a/src/lib/crypto/nss/enc_provider/enc_provider.h b/src/lib/crypto/nss/enc_provider/enc_provider.h deleted file mode 100644 index 4365255ab..000000000 --- a/src/lib/crypto/nss/enc_provider/enc_provider.h +++ /dev/null @@ -1,40 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" - -extern const struct krb5_enc_provider krb5int_enc_des; -extern const struct krb5_enc_provider krb5int_enc_des3; -extern const struct krb5_enc_provider krb5int_enc_arcfour; -extern const struct krb5_enc_provider krb5int_enc_aes128; -extern const struct krb5_enc_provider krb5int_enc_aes256; -extern const struct krb5_enc_provider krb5int_enc_aes128_ctr; -extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; -#ifdef CAMELLIA -extern const struct krb5_enc_provider krb5int_enc_camellia128; -extern const struct krb5_enc_provider krb5int_enc_camellia256; -#endif diff --git a/src/lib/crypto/nss/enc_provider/rc4.c b/src/lib/crypto/nss/enc_provider/rc4.c index 633d0d181..908924358 100644 --- a/src/lib/crypto/nss/enc_provider/rc4.c +++ b/src/lib/crypto/nss/enc_provider/rc4.c @@ -33,8 +33,7 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" -#include +#include "crypto_int.h" #include "nss_gen.h" #define RC4_KEY_SIZE 16 diff --git a/src/lib/crypto/nss/hash_provider/Makefile.in b/src/lib/crypto/nss/hash_provider/Makefile.in index 719b50079..e6b25caca 100644 --- a/src/lib/crypto/nss/hash_provider/Makefile.in +++ b/src/lib/crypto/nss/hash_provider/Makefile.in @@ -1,8 +1,7 @@ mydir=lib$(S)crypto$(S)nss$(S)hash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ - -I$(srcdir)/.. -I$(srcdir)/../../krb \ +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. -I$(srcdir)/../md4 \ $(CRYPTO_IMPL_CFLAGS) DEFS= diff --git a/src/lib/crypto/nss/hash_provider/deps b/src/lib/crypto/nss/hash_provider/deps index e52f37d20..e92327394 100644 --- a/src/lib/crypto/nss/hash_provider/deps +++ b/src/lib/crypto/nss/hash_provider/deps @@ -4,21 +4,20 @@ hash_gen.so hash_gen.po $(OUTPRE)hash_gen.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_gen.c + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_gen.c hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -26,24 +25,25 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../md4/rsa-md4.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_md4.c hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -51,11 +51,12 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - hash_md5.c hash_provider.h + hash_md5.c hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -63,4 +64,4 @@ hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - hash_provider.h hash_sha1.c + hash_sha1.c diff --git a/src/lib/crypto/nss/hash_provider/hash_crc32.c b/src/lib/crypto/nss/hash_provider/hash_crc32.c index 3a2f94a3b..c8d0e0834 100644 --- a/src/lib/crypto/nss/hash_provider/hash_crc32.c +++ b/src/lib/crypto/nss/hash_provider/hash_crc32.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "crc-32.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" static krb5_error_code k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hash_provider/hash_gen.c b/src/lib/crypto/nss/hash_provider/hash_gen.c index 7cc82f4ff..a11aa6d14 100644 --- a/src/lib/crypto/nss/hash_provider/hash_gen.c +++ b/src/lib/crypto/nss/hash_provider/hash_gen.c @@ -33,10 +33,9 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "sechash.h" #include "nss_gen.h" -#include "aead.h" krb5_error_code k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data, diff --git a/src/lib/crypto/nss/hash_provider/hash_md4.c b/src/lib/crypto/nss/hash_provider/hash_md4.c index 91482f76b..7bf68909e 100644 --- a/src/lib/crypto/nss/hash_provider/hash_md4.c +++ b/src/lib/crypto/nss/hash_provider/hash_md4.c @@ -25,10 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "hash_provider.h" +#include "crypto_int.h" #include "rsa-md4.h" -#include "aead.h" static krb5_error_code k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hash_provider/hash_md5.c b/src/lib/crypto/nss/hash_provider/hash_md5.c index 65ea6fccc..2fb2998ef 100644 --- a/src/lib/crypto/nss/hash_provider/hash_md5.c +++ b/src/lib/crypto/nss/hash_provider/hash_md5.c @@ -33,9 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include "hash_provider.h" static krb5_error_code k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hash_provider/hash_provider.h b/src/lib/crypto/nss/hash_provider/hash_provider.h deleted file mode 100644 index eebe84588..000000000 --- a/src/lib/crypto/nss/hash_provider/hash_provider.h +++ /dev/null @@ -1,33 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" - -extern const struct krb5_hash_provider krb5int_hash_crc32; -extern const struct krb5_hash_provider krb5int_hash_md4; -extern const struct krb5_hash_provider krb5int_hash_md5; -extern const struct krb5_hash_provider krb5int_hash_sha1; diff --git a/src/lib/crypto/nss/hash_provider/hash_sha1.c b/src/lib/crypto/nss/hash_provider/hash_sha1.c index c70d4393f..c78b45ac7 100644 --- a/src/lib/crypto/nss/hash_provider/hash_sha1.c +++ b/src/lib/crypto/nss/hash_provider/hash_sha1.c @@ -33,9 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include "hash_provider.h" static krb5_error_code k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hmac.c b/src/lib/crypto/nss/hmac.c index c0db602b7..adf600ea0 100644 --- a/src/lib/crypto/nss/hmac.c +++ b/src/lib/crypto/nss/hmac.c @@ -33,8 +33,7 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" -#include "aead.h" +#include "crypto_int.h" #include "nss_gen.h" #include "pk11pub.h" diff --git a/src/lib/crypto/nss/md4/Makefile.in b/src/lib/crypto/nss/md4/Makefile.in index dfb0182fa..3927d5719 100644 --- a/src/lib/crypto/nss/md4/Makefile.in +++ b/src/lib/crypto/nss/md4/Makefile.in @@ -1,11 +1,8 @@ mydir=lib$(S)crypto$(S)nss$(S)md4 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir) +LOCALINCLUDES = DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= md4.o OBJS= $(OUTPRE)md4.$(OBJEXT) diff --git a/src/lib/crypto/nss/md5/Makefile.in b/src/lib/crypto/nss/md5/Makefile.in index b0cde50e9..ec7279518 100644 --- a/src/lib/crypto/nss/md5/Makefile.in +++ b/src/lib/crypto/nss/md5/Makefile.in @@ -4,15 +4,14 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -STLIBOBJS= md5.o +STLIBOBJS= -OBJS= $(OUTPRE)md5.$(OBJEXT) +OBJS= -SRCS= $(srcdir)/md5.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/nss/md5/deps b/src/lib/crypto/nss/md5/deps index bc7ef602b..2feac3c9d 100644 --- a/src/lib/crypto/nss/md5/deps +++ b/src/lib/crypto/nss/md5/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h +# No dependencies here. diff --git a/src/lib/crypto/nss/md5/md5.c b/src/lib/crypto/nss/md5/md5.c deleted file mode 100644 index ee494e55f..000000000 --- a/src/lib/crypto/nss/md5/md5.c +++ /dev/null @@ -1,86 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/nss/md5/md5.c - * - * Copyright (c) 2010 Red Hat, Inc. - * All Rights Reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * * Neither the name of Red Hat, Inc., nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS - * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "k5-int.h" -#include "rsa-md5.h" -#include "pk11pub.h" -#include "nss_gen.h" - - -/* Initialize the message-digest context mdContext. */ -void -krb5int_MD5Init(krb5_MD5_CTX *mdContext) -{ - if (k5_nss_init()) { - mdContext->nss_ctxt = NULL; - return; - } - mdContext->nss_ctxt = PK11_CreateDigestContext(SEC_OID_MD5); - if (mdContext->nss_ctxt == NULL) - return; - PK11_DigestBegin((PK11Context *)mdContext->nss_ctxt); -} - -/* - * Update the message-digest context to account for the presence of each of the - * characters inBuf[0..inLen-1] in the message whose digest is being computed. - */ -void -krb5int_MD5Update(krb5_MD5_CTX *mdContext, const unsigned char *inBuf, - unsigned int inLen) -{ - if (mdContext->nss_ctxt == NULL) - return; - PK11_DigestOp((PK11Context *)mdContext->nss_ctxt, inBuf, inLen); -} - -/* Terminate the message-digest computation and end with the desired message - * digest in mdContext->digest[0...15]. */ -void -krb5int_MD5Final(krb5_MD5_CTX *mdContext) -{ - unsigned int digestLength; - - if (mdContext->nss_ctxt == NULL) - return; - PK11_DigestFinal((PK11Context *)mdContext->nss_ctxt, mdContext->digest, - &digestLength, sizeof (mdContext->digest)); - /* since there is not separate cleanup step, free the context now. - * (otherwise we could have reused the context for another MD5 operation - * in the future). - */ - PK11_DestroyContext((PK11Context *)mdContext->nss_ctxt, PR_TRUE); - mdContext->nss_ctxt = NULL; -} diff --git a/src/lib/crypto/nss/md5/rsa-md5.h b/src/lib/crypto/nss/md5/rsa-md5.h deleted file mode 100644 index 228eb0977..000000000 --- a/src/lib/crypto/nss/md5/rsa-md5.h +++ /dev/null @@ -1,90 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/md5/rsa-md5.h - * - * Copyright (C) 2009 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* - *********************************************************************** - ** md5.h -- header file for implementation of MD5 ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ** Revised (for MD5): RLR 4/27/91 ** - ** -- G modified to have y&~z instead of y&z ** - ** -- FF, GG, HH modified to add in last register done ** - ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** - ** -- distinct additive constant for each step ** - ** -- round 4 added, working mod 7 ** - *********************************************************************** - */ - -/* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ - - -#ifndef KRB5_RSA_MD5__ -#define KRB5_RSA_MD5__ - -/* Data structure for MD5 (Message-Digest) computation */ -typedef struct { - void *nss_ctxt; - krb5_int32 * digest_len; - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD5Final call */ -} krb5_MD5_CTX; - -extern void krb5int_MD5Init(krb5_MD5_CTX *); -extern void krb5int_MD5Update(krb5_MD5_CTX *, const unsigned char *, - unsigned int); -extern void krb5int_MD5Final(krb5_MD5_CTX *); - -#define RSA_MD5_CKSUM_LENGTH 16 -#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 -#define RSA_MD5_DES_CONFOUND_LENGTH 8 - -#endif /* KRB5_RSA_MD5__ */ diff --git a/src/lib/crypto/nss/pbkdf2.c b/src/lib/crypto/nss/pbkdf2.c index a966c364e..f89f00df6 100644 --- a/src/lib/crypto/nss/pbkdf2.c +++ b/src/lib/crypto/nss/pbkdf2.c @@ -34,8 +34,7 @@ */ #include -#include "k5-int.h" -#include "hash_provider.h" +#include "crypto_int.h" #include "pk11pub.h" #include "nss_gen.h" diff --git a/src/lib/crypto/nss/prng.c b/src/lib/crypto/nss/prng.c index 61039171b..ebd1d3ac2 100644 --- a/src/lib/crypto/nss/prng.c +++ b/src/lib/crypto/nss/prng.c @@ -24,7 +24,7 @@ * or implied warranty. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" #include "nss_prng.h" #include diff --git a/src/lib/crypto/nss/sha1/Makefile.in b/src/lib/crypto/nss/sha1/Makefile.in index 82d6d9b91..8e7809e7c 100644 --- a/src/lib/crypto/nss/sha1/Makefile.in +++ b/src/lib/crypto/nss/sha1/Makefile.in @@ -1,17 +1,13 @@ mydir=lib$(S)crypto$(S)nss$(S)sha1 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= -CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) +STLIBOBJS= -STLIBOBJS= shs.o +OBJS= -OBJS= $(OUTPRE)shs.$(OBJEXT) - -SRCS= $(srcdir)/shs.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/nss/sha1/deps b/src/lib/crypto/nss/sha1/deps index 9133bb530..2feac3c9d 100644 --- a/src/lib/crypto/nss/sha1/deps +++ b/src/lib/crypto/nss/sha1/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h shs.c shs.h +# No dependencies here. diff --git a/src/lib/crypto/nss/sha1/shs.c b/src/lib/crypto/nss/sha1/shs.c deleted file mode 100644 index edf4c9a28..000000000 --- a/src/lib/crypto/nss/sha1/shs.c +++ /dev/null @@ -1,77 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/nss/sha1/shs.c - * - * Copyright (c) 2010 Red Hat, Inc. - * All Rights Reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * * Neither the name of Red Hat, Inc., nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS - * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "k5-int.h" -#include "shs.h" -#include "pk11pub.h" -#include "nss_gen.h" - -/* Initialize the SHS values */ -void shsInit(SHS_INFO *shsInfo) -{ - if (k5_nss_init()) { - shsInfo->nss_ctxt = NULL; - return; - } - shsInfo->nss_ctxt = PK11_CreateDigestContext(SEC_OID_SHA1); - if (shsInfo->nss_ctxt == NULL) - return; - PK11_DigestBegin((PK11Context *)shsInfo->nss_ctxt); -} - -/* Update SHS for a block of data */ -void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) -{ - if (shsInfo->nss_ctxt == NULL) - return; - PK11_DigestOp((PK11Context *)shsInfo->nss_ctxt, buffer, count); -} - - -/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) */ -void shsFinal(SHS_INFO *shsInfo) -{ - if (shsInfo->nss_ctxt == NULL) - return; - PK11_DigestFinal((PK11Context *)shsInfo->nss_ctxt, shsInfo->digestBuf, - &shsInfo->digestLen, sizeof (shsInfo->digestBuf)); - /* Since there is not separate cleanup step, free the context now. - * (otherwise we could have reused the context for another MD5 operation - * in the future). - */ - PK11_DestroyContext((PK11Context *)shsInfo->nss_ctxt, PR_TRUE); - shsInfo->nss_ctxt = NULL; -} diff --git a/src/lib/crypto/nss/sha1/shs.h b/src/lib/crypto/nss/sha1/shs.h deleted file mode 100644 index 7019504c1..000000000 --- a/src/lib/crypto/nss/sha1/shs.h +++ /dev/null @@ -1,46 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#ifndef _SHS_DEFINED - -#include "k5-int.h" - -#define _SHS_DEFINED - -/* Some useful types */ - -typedef krb5_octet SHS_BYTE; -typedef krb5_ui_4 SHS_LONG; - -/* Define the following to use the updated SHS implementation */ -#define NEW_SHS /**/ - -/* The SHS block size and message digest sizes, in bytes */ - -#define SHS_DATASIZE 64 -#define SHS_DIGESTSIZE 20 - -/* The structure for storing SHS info */ - -typedef struct { - void *nss_ctxt; - unsigned char digestBuf[SHS_DIGESTSIZE]; /* output */ - unsigned int digestLen; /* output */ -} SHS_INFO; - -/* Message digest functions (shs.c) */ -void shsInit(SHS_INFO *shsInfo); -void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count); -void shsFinal(SHS_INFO *shsInfo); - - -/* Keyed Message digest functions (hmac_sha.c) */ -krb5_error_code hmac_sha(krb5_octet *text, - int text_len, - krb5_octet *key, - int key_len, - krb5_octet *digest); - - -#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE -#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE - -#endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/nss/sha2/Makefile.in b/src/lib/crypto/nss/sha2/Makefile.in index 1a2bcbb82..89662fa44 100644 --- a/src/lib/crypto/nss/sha2/Makefile.in +++ b/src/lib/crypto/nss/sha2/Makefile.in @@ -4,7 +4,7 @@ mydir=lib$(S)crypto$(S)nss$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = DEFS= PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in index f3992c21a..c889cbed1 100644 --- a/src/lib/crypto/openssl/Makefile.in +++ b/src/lib/crypto/openssl/Makefile.in @@ -1,16 +1,7 @@ mydir=lib$(S)crypto$(S)openssl BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider -LOCALINCLUDES = -I$(srcdir)/../krb \ - -I$(srcdir)/../krb/hash_provider \ - -I$(srcdir)/des \ - -I$(srcdir)/aes \ - -I$(srcdir)/sha1 \ - -I$(srcdir)/sha2 \ - -I$(srcdir)/md4 \ - -I$(srcdir)/md5 \ - -I$(srcdir)/enc_provider \ - -I$(srcdir)/hash_provider +LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) DEFS= diff --git a/src/lib/crypto/openssl/camellia/Makefile.in b/src/lib/crypto/openssl/camellia/Makefile.in index c300cd455..b805e9fad 100644 --- a/src/lib/crypto/openssl/camellia/Makefile.in +++ b/src/lib/crypto/openssl/camellia/Makefile.in @@ -4,12 +4,9 @@ mydir=lib$(S)crypto$(S)openssl$(S)camellia BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS= diff --git a/src/lib/crypto/openssl/aes/aes.h b/src/lib/crypto/openssl/crypto_mod.h similarity index 72% rename from src/lib/crypto/openssl/aes/aes.h rename to src/lib/crypto/openssl/crypto_mod.h index 4aa9eb848..56fb16896 100644 --- a/src/lib/crypto/openssl/aes/aes.h +++ b/src/lib/crypto/openssl/crypto_mod.h @@ -1,8 +1,8 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/aes/aes.h - AES translation macros */ +/* lib/crypto/openssl/crypto_mod.h - OpenSSL crypto module declarations */ /* - * Copyright 2011 by the Massachusetts Institute of Technology. - * All Rights Reserved. + * Copyright (C) 2011 by the Massachusetts Institute of Technology. + * All rights reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. @@ -24,15 +24,23 @@ * or implied warranty. */ -#ifndef _AES_H -#define _AES_H +/* + * This header is included from lib/crypto/krb/crypto_int.h to provide + * module-specific declarations. It is not included directly from source + * files. + */ + +#ifndef CRYPTO_MOD_H +#define CRYPTO_MOD_H -/* This header maps some of the names of the built-in AES types and functions - * (those used by the Fortuna PRNG) to the OpenSSL equivalents. */ #include +#include #define aes_ctx AES_KEY #define krb5int_aes_enc_key(k, len, ctx) AES_set_encrypt_key(k, 8*(len), ctx) #define krb5int_aes_enc_blk(in, out, ctx) AES_encrypt(in, out, ctx) +#define k5_sha256_init SHA256_Init +#define k5_sha256_update SHA256_Update +#define k5_sha256_final SHA256_Final -#endif /* _AES_H */ +#endif /* CRYPTO_MOD_H */ diff --git a/src/lib/crypto/openssl/deps b/src/lib/crypto/openssl/deps index e72befff5..3e63b63a9 100644 --- a/src/lib/crypto/openssl/deps +++ b/src/lib/crypto/openssl/deps @@ -3,8 +3,7 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ - $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -12,11 +11,21 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hmac.c -init.so init.po $(OUTPRE)init.$(OBJEXT): init.c + $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c +init.so init.po $(OUTPRE)init.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_mod.h init.c pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -24,15 +33,15 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h pbkdf2.c + $(top_srcdir)/include/socket-utils.h crypto_mod.h pbkdf2.c stubs.so stubs.po $(OUTPRE)stubs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - stubs.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_mod.h stubs.c diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in index 335c7e53c..4907bc89d 100644 --- a/src/lib/crypto/openssl/des/Makefile.in +++ b/src/lib/crypto/openssl/des/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)openssl$(S)des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= RUN_SETUP = @KRB5_RUN_ENV@ @@ -10,20 +10,16 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS= des_oldapis.o \ f_parity.o \ - string2key.o \ - weak_key.o + string2key.o OBJS= $(OUTPRE)f_parity.$(OBJEXT) \ $(OUTPRE)des_oldapis.$(OBJEXT) \ - $(OUTPRE)string2key.$(OBJEXT) \ - $(OUTPRE)weak_key.$(OBJEXT) + $(OUTPRE)string2key.$(OBJEXT) SRCS= $(srcdir)/f_parity.c \ $(srcdir)/des_oldapis.c \ - $(srcdir)/weak_key.c \ $(srcdir)/string2key.c - all-unix:: all-libobjs includes:: depend diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps index 0c269398d..50a5ca029 100644 --- a/src/lib/crypto/openssl/des/deps +++ b/src/lib/crypto/openssl/des/deps @@ -4,44 +4,36 @@ f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c + $(top_srcdir)/include/socket-utils.h f_parity.c des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h des_oldapis.c -weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c + $(top_srcdir)/include/socket-utils.h des_oldapis.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h string2key.c + $(top_srcdir)/include/socket-utils.h string2key.c diff --git a/src/lib/crypto/openssl/des/des_int.h b/src/lib/crypto/openssl/des/des_int.h deleted file mode 100644 index 9443c96ed..000000000 --- a/src/lib/crypto/openssl/des/des_int.h +++ /dev/null @@ -1,194 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/des/des_int.h - * - * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of - * Technology. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Private include file for the Data Encryption Standard library. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -/* only do the whole thing once */ -#ifndef DES_INTERNAL_DEFS -#define DES_INTERNAL_DEFS - -#include "k5-int.h" -/* - * Begin "mit-des.h" - */ -#ifndef KRB5_MIT_DES__ -#define KRB5_MIT_DES__ - -#if defined(__MACH__) && defined(__APPLE__) -#include -#include -#if TARGET_RT_MAC_CFM -#error "Use KfM 4.0 SDK headers for CFM compilation." -#endif -#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) -#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 -#endif -#endif /* defined(__MACH__) && defined(__APPLE__) */ - -/* Macro to add deprecated attribute to DES types and functions */ -/* Currently only defined on Mac OS X 10.5 and later. */ -#ifndef KRB5INT_DES_DEPRECATED -#define KRB5INT_DES_DEPRECATED -#endif - -#include - -#if UINT_MAX >= 0xFFFFFFFFUL -#define DES_INT32 int -#define DES_UINT32 unsigned int -#else -#define DES_INT32 long -#define DES_UINT32 unsigned long -#endif - -typedef unsigned char des_cblock[8] /* crypto-block size */ -KRB5INT_DES_DEPRECATED; - -/* - * Key schedule. - * - * This used to be - * - * typedef struct des_ks_struct { - * union { DES_INT32 pad; des_cblock _;} __; - * } des_key_schedule[16]; - * - * but it would cause trouble if DES_INT32 were ever more than 4 - * bytes. The reason is that all the encryption functions cast it to - * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If - * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the - * caller-allocated des_key_schedule will be overflowed by the key - * scheduling functions. We can't assume that every platform will - * have an exact 32-bit int, and nothing should be looking inside a - * des_key_schedule anyway. - */ -typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] -KRB5INT_DES_DEPRECATED; - -typedef des_cblock mit_des_cblock; -typedef des_key_schedule mit_des_key_schedule; - -/* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; - -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 - -typedef struct mit_des_ran_key_seed { - krb5_encrypt_block eblock; - krb5_data sequence; -} mit_des_random_state; - -/* the first byte of the key is already in the keyblock */ - -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH -/* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 - -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) - -/* - * Check if k5-int.h has been included before us. If so, then check to see - * that our view of the DES key size is the same as k5-int.h's. - */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE -error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES__ */ -/* - * End "mit-des.h" - */ - -#define mit_des_zeroblock krb5int_c_mit_des_zeroblock -extern const mit_des_cblock mit_des_zeroblock; - -/* des_oldapis.c */ -extern krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, - const krb5_data *data, - const krb5_data *salt); - -/* key_parity.c */ -extern void mit_des_fixup_key_parity (mit_des_cblock ); -extern int mit_des_check_key_parity (mit_des_cblock ); - -/* string2key.c */ -extern krb5_error_code mit_des_string_to_key -( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); -extern krb5_error_code mit_des_string_to_key_int -(krb5_keyblock *, const krb5_data *, const krb5_data *); - -/* weak_key.c */ -extern int mit_des_is_weak_key (mit_des_cblock ); - -/* misc.c */ -extern void swap_bits (char *); -extern unsigned long long_swap_bits (unsigned long ); -extern unsigned long swap_six_bits_to_ansi (unsigned long ); -extern unsigned long swap_four_bits_to_ansi (unsigned long ); -extern unsigned long swap_bit_pos_1 (unsigned long ); -extern unsigned long swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); -extern unsigned long rev_swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_byte_bits (unsigned long ); -extern unsigned long swap_long_bytes_bit_number (unsigned long ); -#ifdef FILE -/* XXX depends on FILE being a #define! */ -extern void test_set (FILE *, const char *, int, const char *, int); -#endif -#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/openssl/des/des_oldapis.c b/src/lib/crypto/openssl/des/des_oldapis.c index eb1e58633..79163c40c 100644 --- a/src/lib/crypto/openssl/des/des_oldapis.c +++ b/src/lib/crypto/openssl/des/des_oldapis.c @@ -26,31 +26,11 @@ * */ -#include "k5-int.h" -#include "des_int.h" -#include - -const mit_des_cblock mit_des_zeroblock /* = all zero */; - -unsigned long -mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) -{ - /* Unsupported operation */ - return KRB5_CRYPTO_INTERNAL; -} +#include "crypto_int.h" krb5_error_code -mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) -{ - return KRB5_CRYPTO_INTERNAL; -} - -int -mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) +mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { - /* Unsupported operation */ return KRB5_CRYPTO_INTERNAL; } diff --git a/src/lib/crypto/openssl/des/f_parity.c b/src/lib/crypto/openssl/des/f_parity.c index b8baac9d2..4956af266 100644 --- a/src/lib/crypto/openssl/des/f_parity.c +++ b/src/lib/crypto/openssl/des/f_parity.c @@ -25,24 +25,11 @@ * or implied warranty. */ -#include "des_int.h" +#include "crypto_int.h" #include void -mit_des_fixup_key_parity(mit_des_cblock key) +mit_des_fixup_key_parity(unsigned char *key) { DES_set_odd_parity(key); } - -/* - * des_check_key_parity: returns true iff key has the correct des parity. - * See des_fix_key_parity for the definition of - * correct des parity. - */ -int -mit_des_check_key_parity(mit_des_cblock key) -{ - if (!DES_check_key_parity(key)) - return(0); - return (1); -} diff --git a/src/lib/crypto/openssl/des/string2key.c b/src/lib/crypto/openssl/des/string2key.c index c192734ce..bc37da63b 100644 --- a/src/lib/crypto/openssl/des/string2key.c +++ b/src/lib/crypto/openssl/des/string2key.c @@ -25,17 +25,16 @@ * or implied warranty. */ -#include "des_int.h" +#include "crypto_int.h" #include - krb5_error_code -mit_des_string_to_key_int (krb5_keyblock *key, - const krb5_data *pw, const krb5_data *salt) +mit_des_string_to_key_int(krb5_keyblock *key, const krb5_data *pw, + const krb5_data *salt) { DES_cblock outkey; DES_string_to_key(pw->data, &outkey); - if ( key->length < sizeof(outkey)) + if (key->length < sizeof(outkey)) return KRB5_CRYPTO_INTERNAL; key->length = sizeof(outkey); memcpy(key->contents, outkey, key->length); diff --git a/src/lib/crypto/openssl/des/weak_key.c b/src/lib/crypto/openssl/des/weak_key.c deleted file mode 100644 index c739bc29f..000000000 --- a/src/lib/crypto/openssl/des/weak_key.c +++ /dev/null @@ -1,88 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/openssl/des/weak_key.c - * - * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - * Originally written 8/85 by Steve Miller, MIT Project Athena. - */ - -#include "des_int.h" -#include - -/* - * The following are the weak DES keys: - */ -static const mit_des_cblock weak[16] = { - /* weak keys */ - {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, - {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, - {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, - {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, - - /* semi-weak */ - {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, - {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, - - {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, - {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, - - {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, - {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, - - {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, - {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, - - {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, - {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, - - {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, - {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} -}; - -/* - * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. - * - * Requires: key has correct odd parity. - */ -int -mit_des_is_weak_key(mit_des_cblock key) -{ - unsigned int i; - const mit_des_cblock *weak_p = weak; - - for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { - if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) - return 1; - } - if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */ - return 1; - - return 0; -} diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in index 4d184ef80..fd0335f43 100644 --- a/src/lib/crypto/openssl/enc_provider/Makefile.in +++ b/src/lib/crypto/openssl/enc_provider/Makefile.in @@ -1,11 +1,6 @@ mydir=lib$(S)crypto$(S)openssl$(S)enc_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../des \ - -I$(srcdir)/../arcfour \ - -I$(srcdir)/../aes \ - -I$(srcdir)/../camellia \ - -I$(srcdir)/../../krb \ - -I$(srcdir)/.. -I$(srcdir)/. +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/lib/crypto/openssl/enc_provider/aes.c b/src/lib/crypto/openssl/enc_provider/aes.c index 624e79d84..1b16c0ca4 100644 --- a/src/lib/crypto/openssl/enc_provider/aes.c +++ b/src/lib/crypto/openssl/enc_provider/aes.c @@ -25,10 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "aead.h" -#include "hash_provider/hash_provider.h" +#include "crypto_int.h" #include #include #include diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c index 0aeee99ae..ab7370feb 100644 --- a/src/lib/crypto/openssl/enc_provider/camellia.c +++ b/src/lib/crypto/openssl/enc_provider/camellia.c @@ -25,10 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "aead.h" -#include "hash_provider/hash_provider.h" +#include "crypto_int.h" #include #include #include diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps index b1296195f..163864bc5 100644 --- a/src/lib/crypto/openssl/enc_provider/deps +++ b/src/lib/crypto/openssl/enc_provider/deps @@ -3,9 +3,8 @@ # des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -16,9 +15,8 @@ des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ des.c des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -29,9 +27,8 @@ des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ des3.c aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../hash_provider/hash_provider.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -39,12 +36,11 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aes.c enc_provider.h + aes.c camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../hash_provider/hash_provider.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -52,16 +48,16 @@ camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h camellia.c enc_provider.h + $(top_srcdir)/include/socket-utils.h camellia.c rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h rc4.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + rc4.c diff --git a/src/lib/crypto/openssl/enc_provider/des.c b/src/lib/crypto/openssl/enc_provider/des.c index 34da10b54..151b6ddfb 100644 --- a/src/lib/crypto/openssl/enc_provider/des.c +++ b/src/lib/crypto/openssl/enc_provider/des.c @@ -50,13 +50,12 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include +#include "crypto_int.h" #include -#include "des_int.h" -#define DES_BLOCK_SIZE 8 -#define DES_KEY_BYTES 7 +#define DES_BLOCK_SIZE 8 +#define DES_KEY_SIZE 8 +#define DES_KEY_BYTES 7 static krb5_error_code validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, @@ -70,7 +69,7 @@ validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, input_length += iov->data.length; } - if (key->keyblock.length != KRB5_MIT_DES_KEYSIZE) + if (key->keyblock.length != DES_KEY_SIZE) return(KRB5_BAD_KEYSIZE); if ((input_length%DES_BLOCK_SIZE) != 0) return(KRB5_BAD_MSIZE); @@ -85,8 +84,8 @@ static krb5_error_code k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) { - int ret, olen = MIT_DES_BLOCK_LENGTH; - unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; + int ret, olen = DES_BLOCK_SIZE; + unsigned char iblock[DES_BLOCK_SIZE], oblock[DES_BLOCK_SIZE]; struct iov_block_state input_pos, output_pos; EVP_CIPHER_CTX ciph_ctx; krb5_boolean empty; @@ -109,21 +108,21 @@ k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, for (;;) { - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, + if (!krb5int_c_iov_get_block(iblock, DES_BLOCK_SIZE, data, num_data, &input_pos)) break; ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen, - (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH); + (unsigned char *)iblock, DES_BLOCK_SIZE); if (!ret) break; - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, + krb5int_c_iov_put_block(data, num_data, oblock, DES_BLOCK_SIZE, &output_pos); } if (ivec != NULL) - memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec->data, oblock, DES_BLOCK_SIZE); EVP_CIPHER_CTX_cleanup(&ciph_ctx); @@ -139,8 +138,8 @@ static krb5_error_code k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) { - int ret, olen = MIT_DES_BLOCK_LENGTH; - unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; + int ret, olen = DES_BLOCK_SIZE; + unsigned char iblock[DES_BLOCK_SIZE], oblock[DES_BLOCK_SIZE]; struct iov_block_state input_pos, output_pos; EVP_CIPHER_CTX ciph_ctx; krb5_boolean empty; @@ -164,20 +163,20 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, for (;;) { - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, + if (!krb5int_c_iov_get_block(iblock, DES_BLOCK_SIZE, data, num_data, &input_pos)) break; ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen, - iblock, MIT_DES_BLOCK_LENGTH); + iblock, DES_BLOCK_SIZE); if (!ret) break; krb5int_c_iov_put_block(data, num_data, oblock, - MIT_DES_BLOCK_LENGTH, &output_pos); + DES_BLOCK_SIZE, &output_pos); } if (ivec != NULL) - memcpy(ivec->data, iblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec->data, iblock, DES_BLOCK_SIZE); EVP_CIPHER_CTX_cleanup(&ciph_ctx); @@ -191,7 +190,7 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, const struct krb5_enc_provider krb5int_enc_des = { DES_BLOCK_SIZE, - DES_KEY_BYTES, KRB5_MIT_DES_KEYSIZE, + DES_KEY_BYTES, DES_KEY_SIZE, k5_des_encrypt, k5_des_decrypt, NULL, diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c index 68a91bedd..fe41ef772 100644 --- a/src/lib/crypto/openssl/enc_provider/des3.c +++ b/src/lib/crypto/openssl/enc_provider/des3.c @@ -49,13 +49,13 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "des_int.h" -#include +#include "crypto_int.h" #include -#define DES_BLOCK_SIZE 8 +#define DES3_BLOCK_SIZE 8 +#define DES3_KEY_SIZE 24 +#define DES3_KEY_BYTES 21 static krb5_error_code validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, @@ -69,9 +69,9 @@ validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, input_length += iov->data.length; } - if (key->keyblock.length != KRB5_MIT_DES3_KEYSIZE) + if (key->keyblock.length != DES3_KEY_SIZE) return(KRB5_BAD_KEYSIZE); - if ((input_length%DES_BLOCK_SIZE) != 0) + if ((input_length%DES3_BLOCK_SIZE) != 0) return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) return(KRB5_BAD_MSIZE); @@ -84,8 +84,8 @@ static krb5_error_code k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) { - int ret, olen = MIT_DES_BLOCK_LENGTH; - unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; + int ret, olen = DES3_BLOCK_SIZE; + unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE]; struct iov_block_state input_pos, output_pos; EVP_CIPHER_CTX ciph_ctx; krb5_boolean empty; @@ -109,21 +109,21 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, for (;;) { - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, + if (!krb5int_c_iov_get_block(iblock, DES3_BLOCK_SIZE, data, num_data, &input_pos)) break; ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen, - (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH); + (unsigned char *)iblock, DES3_BLOCK_SIZE); if (!ret) break; krb5int_c_iov_put_block(data, num_data, - oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + oblock, DES3_BLOCK_SIZE, &output_pos); } if (ivec != NULL) - memcpy(ivec->data, oblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec->data, oblock, DES3_BLOCK_SIZE); EVP_CIPHER_CTX_cleanup(&ciph_ctx); @@ -139,8 +139,8 @@ static krb5_error_code k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) { - int ret, olen = MIT_DES_BLOCK_LENGTH; - unsigned char iblock[MIT_DES_BLOCK_LENGTH], oblock[MIT_DES_BLOCK_LENGTH]; + int ret, olen = DES3_BLOCK_SIZE; + unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE]; struct iov_block_state input_pos, output_pos; EVP_CIPHER_CTX ciph_ctx; krb5_boolean empty; @@ -164,21 +164,21 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, for (;;) { - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, + if (!krb5int_c_iov_get_block(iblock, DES3_BLOCK_SIZE, data, num_data, &input_pos)) break; ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen, - (unsigned char *)iblock, MIT_DES_BLOCK_LENGTH); + (unsigned char *)iblock, DES3_BLOCK_SIZE); if (!ret) break; - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, + krb5int_c_iov_put_block(data, num_data, oblock, DES3_BLOCK_SIZE, &output_pos); } if (ivec != NULL) - memcpy(ivec->data, iblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec->data, iblock, DES3_BLOCK_SIZE); EVP_CIPHER_CTX_cleanup(&ciph_ctx); @@ -191,8 +191,8 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, } const struct krb5_enc_provider krb5int_enc_des3 = { - DES_BLOCK_SIZE, - KRB5_MIT_DES3_KEY_BYTES, KRB5_MIT_DES3_KEYSIZE, + DES3_BLOCK_SIZE, + DES3_KEY_BYTES, DES3_KEY_SIZE, k5_des3_encrypt, k5_des3_decrypt, NULL, diff --git a/src/lib/crypto/openssl/enc_provider/enc_provider.h b/src/lib/crypto/openssl/enc_provider/enc_provider.h deleted file mode 100644 index 4365255ab..000000000 --- a/src/lib/crypto/openssl/enc_provider/enc_provider.h +++ /dev/null @@ -1,40 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" - -extern const struct krb5_enc_provider krb5int_enc_des; -extern const struct krb5_enc_provider krb5int_enc_des3; -extern const struct krb5_enc_provider krb5int_enc_arcfour; -extern const struct krb5_enc_provider krb5int_enc_aes128; -extern const struct krb5_enc_provider krb5int_enc_aes256; -extern const struct krb5_enc_provider krb5int_enc_aes128_ctr; -extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; -#ifdef CAMELLIA -extern const struct krb5_enc_provider krb5int_enc_camellia128; -extern const struct krb5_enc_provider krb5int_enc_camellia256; -#endif diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c index fcaec944f..73e25bc7a 100644 --- a/src/lib/crypto/openssl/enc_provider/rc4.c +++ b/src/lib/crypto/openssl/enc_provider/rc4.c @@ -35,8 +35,7 @@ */ -#include "k5-int.h" -#include +#include "crypto_int.h" #include /* diff --git a/src/lib/crypto/openssl/hash_provider/Makefile.in b/src/lib/crypto/openssl/hash_provider/Makefile.in index 472dbd393..47dfe72f3 100644 --- a/src/lib/crypto/openssl/hash_provider/Makefile.in +++ b/src/lib/crypto/openssl/hash_provider/Makefile.in @@ -1,7 +1,6 @@ mydir=lib$(S)crypto$(S)openssl$(S)hash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ - -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/lib/crypto/openssl/hash_provider/deps b/src/lib/crypto/openssl/hash_provider/deps index b31059e43..1aea7bbfb 100644 --- a/src/lib/crypto/openssl/hash_provider/deps +++ b/src/lib/crypto/openssl/hash_provider/deps @@ -4,8 +4,7 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -13,12 +12,11 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -26,12 +24,11 @@ hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_md4.c hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../md5/rsa-md5.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -39,12 +36,11 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_md5.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_md5.c hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../sha1/shs.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -52,5 +48,4 @@ hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_provider.h \ - hash_sha1.c + $(top_srcdir)/include/socket-utils.h hash_sha1.c diff --git a/src/lib/crypto/openssl/hash_provider/hash_crc32.c b/src/lib/crypto/openssl/hash_provider/hash_crc32.c index 68a01cb13..4013843ed 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_crc32.c +++ b/src/lib/crypto/openssl/hash_provider/hash_crc32.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "crc-32.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" static krb5_error_code k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/openssl/hash_provider/hash_md4.c b/src/lib/crypto/openssl/hash_provider/hash_md4.c index 85f18f66d..0fc1a34fc 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_md4.c +++ b/src/lib/crypto/openssl/hash_provider/hash_md4.c @@ -25,39 +25,34 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "rsa-md4.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" +#include +#include static krb5_error_code k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { - krb5_MD4_CTX ctx; + EVP_MD_CTX ctx; unsigned int i; - if (output->length != RSA_MD4_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + if (output->length != MD4_DIGEST_LENGTH) + return KRB5_CRYPTO_INTERNAL; - krb5int_MD4Init(&ctx); + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, EVP_md4(), NULL); for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) { - krb5int_MD4Update(&ctx, (unsigned char *) iov->data.data, - iov->data.length); - } + const krb5_data *d = &data[i].data; + if (SIGN_IOV(&data[i])) + EVP_DigestUpdate(&ctx, (unsigned char *)d->data, d->length); } - krb5int_MD4Final(&ctx); - - memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH); - - return(0); + EVP_DigestFinal_ex(&ctx, (unsigned char *)output->data, NULL); + EVP_MD_CTX_cleanup(&ctx); + return 0; } const struct krb5_hash_provider krb5int_hash_md4 = { "MD4", - RSA_MD4_CKSUM_LENGTH, + MD4_DIGEST_LENGTH, 64, k5_md4_hash }; diff --git a/src/lib/crypto/openssl/hash_provider/hash_md5.c b/src/lib/crypto/openssl/hash_provider/hash_md5.c index 182e6c08e..5c1b3a9ff 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_md5.c +++ b/src/lib/crypto/openssl/hash_provider/hash_md5.c @@ -25,39 +25,34 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "rsa-md5.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" +#include +#include static krb5_error_code k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { - krb5_MD5_CTX ctx; + EVP_MD_CTX ctx; unsigned int i; - if (output->length != RSA_MD5_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + if (output->length != MD5_DIGEST_LENGTH) + return KRB5_CRYPTO_INTERNAL; - krb5int_MD5Init(&ctx); + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, EVP_md5(), NULL); for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) { - krb5int_MD5Update(&ctx, (unsigned char *) iov->data.data, - iov->data.length); - } + const krb5_data *d = &data[i].data; + if (SIGN_IOV(&data[i])) + EVP_DigestUpdate(&ctx, (unsigned char *)d->data, d->length); } - krb5int_MD5Final(&ctx); - - memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH); - - return(0); + EVP_DigestFinal_ex(&ctx, (unsigned char *)output->data, NULL); + EVP_MD_CTX_cleanup(&ctx); + return 0; } const struct krb5_hash_provider krb5int_hash_md5 = { "MD5", - RSA_MD5_CKSUM_LENGTH, + MD5_DIGEST_LENGTH, 64, k5_md5_hash }; diff --git a/src/lib/crypto/openssl/hash_provider/hash_provider.h b/src/lib/crypto/openssl/hash_provider/hash_provider.h deleted file mode 100644 index eebe84588..000000000 --- a/src/lib/crypto/openssl/hash_provider/hash_provider.h +++ /dev/null @@ -1,33 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" - -extern const struct krb5_hash_provider krb5int_hash_crc32; -extern const struct krb5_hash_provider krb5int_hash_md4; -extern const struct krb5_hash_provider krb5int_hash_md5; -extern const struct krb5_hash_provider krb5int_hash_sha1; diff --git a/src/lib/crypto/openssl/hash_provider/hash_sha1.c b/src/lib/crypto/openssl/hash_provider/hash_sha1.c index f60241107..f6f1a6569 100644 --- a/src/lib/crypto/openssl/hash_provider/hash_sha1.c +++ b/src/lib/crypto/openssl/hash_provider/hash_sha1.c @@ -26,42 +26,34 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "shs.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" +#include +#include static krb5_error_code k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { - SHS_INFO ctx; + EVP_MD_CTX ctx; unsigned int i; - if (output->length != SHS_DIGESTSIZE) - return(KRB5_CRYPTO_INTERNAL); + if (output->length != SHA_DIGEST_LENGTH) + return KRB5_CRYPTO_INTERNAL; - shsInit(&ctx); + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, EVP_sha1(), NULL); for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (SIGN_IOV(iov)) { - shsUpdate(&ctx, (unsigned char *) iov->data.data, - iov->data.length); - } - } - shsFinal(&ctx); - - if (ctx.digestLen > 0 && ctx.digestLen <= output->length){ - output->length = ctx.digestLen; - memcpy(output->data, ctx.digestBuf,ctx.digestLen); + const krb5_data *d = &data[i].data; + if (SIGN_IOV(&data[i])) + EVP_DigestUpdate(&ctx, (unsigned char *)d->data, d->length); } - - return(0); + EVP_DigestFinal_ex(&ctx, (unsigned char *)output->data, NULL); + EVP_MD_CTX_cleanup(&ctx); + return 0; } const struct krb5_hash_provider krb5int_hash_sha1 = { "SHA1", - SHS_DIGESTSIZE, - SHS_DATASIZE, + SHA_DIGEST_LENGTH, + 64, k5_sha1_hash }; diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c index 7ef3d3f60..ac5af3fc0 100644 --- a/src/lib/crypto/openssl/hmac.c +++ b/src/lib/crypto/openssl/hmac.c @@ -51,8 +51,7 @@ */ -#include "k5-int.h" -#include "aead.h" +#include "crypto_int.h" #include #include diff --git a/src/lib/crypto/openssl/init.c b/src/lib/crypto/openssl/init.c index aaa13ccd3..b3db6c214 100644 --- a/src/lib/crypto/openssl/init.c +++ b/src/lib/crypto/openssl/init.c @@ -28,6 +28,8 @@ * OpenSSL back-end library init functions */ +#include "crypto_int.h" + int krb5int_crypto_impl_init(void) { diff --git a/src/lib/crypto/openssl/md4/Makefile.in b/src/lib/crypto/openssl/md4/Makefile.in index 550d7df60..0b9569000 100644 --- a/src/lib/crypto/openssl/md4/Makefile.in +++ b/src/lib/crypto/openssl/md4/Makefile.in @@ -1,16 +1,13 @@ mydir=lib$(S)crypto$(S)openssl$(S)md4 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir) +LOCALINCLUDES = DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) +STLIBOBJS= -STLIBOBJS= md4.o +OBJS= -OBJS= $(OUTPRE)md4.$(OBJEXT) - -SRCS= $(srcdir)/md4.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/openssl/md4/deps b/src/lib/crypto/openssl/md4/deps index b7e9615e4..2feac3c9d 100644 --- a/src/lib/crypto/openssl/md4/deps +++ b/src/lib/crypto/openssl/md4/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - md4.c rsa-md4.h +# No dependencies here. diff --git a/src/lib/crypto/openssl/md4/rsa-md4.h b/src/lib/crypto/openssl/md4/rsa-md4.h deleted file mode 100644 index 3d32f0857..000000000 --- a/src/lib/crypto/openssl/md4/rsa-md4.h +++ /dev/null @@ -1,100 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/md4/rsa-md4.h - * - * Copyright 1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * RSA MD4 header file, with Kerberos/STDC additions. - */ - -#ifndef __KRB5_RSA_MD4_H__ -#define __KRB5_RSA_MD4_H__ - -#ifdef unicos61 -#include -#endif /* unicos61 */ - -#include -#include - -/* 16 u_char's in the digest */ -#define RSA_MD4_CKSUM_LENGTH 16 -/* des blocksize is 8, so this works nicely... */ -#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24 -#define RSA_MD4_DES_CONFOUND_LENGTH 8 - -/* -********************************************************************** -** md4.h -- Header file for implementation of MD4 ** -** RSA Data Security, Inc. MD4 Message Digest Algorithm ** -** Created: 2/17/90 RLR ** -** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** -********************************************************************** -*/ - -/* -********************************************************************** -** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** -** ** -** License to copy and use this software is granted provided that ** -** it is identified as the "RSA Data Security, Inc. MD4 Message ** -** Digest Algorithm" in all material mentioning or referencing this ** -** software or this function. ** -** ** -** License is also granted to make and use derivative works ** -** provided that such works are identified as "derived from the RSA ** -** Data Security, Inc. MD4 Message Digest Algorithm" in all ** -** material mentioning or referencing the derived work. ** -** ** -** RSA Data Security, Inc. makes no representations concerning ** -** either the merchantability of this software or the suitability ** -** of this software for any particular purpose. It is provided "as ** -** is" without express or implied warranty of any kind. ** -** ** -** These notices must be retained in any copies of any part of this ** -** documentation and/or software. ** -********************************************************************** -*/ - -/* Data structure for MD4 (Message Digest) computation */ -typedef struct { - EVP_MD_CTX ossl_md4_ctx; - krb5_int32 * digest_len; - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD4Final call */ -} krb5_MD4_CTX; - -extern void krb5int_MD4Init(krb5_MD4_CTX *); -extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned int); -extern void krb5int_MD4Final(krb5_MD4_CTX *); - -/* -********************************************************************** -** End of md4.h ** -******************************* (cut) ******************************** -*/ -#endif /* __KRB5_RSA_MD4_H__ */ diff --git a/src/lib/crypto/openssl/md5/Makefile.in b/src/lib/crypto/openssl/md5/Makefile.in index 9c3d34091..4128e98c5 100644 --- a/src/lib/crypto/openssl/md5/Makefile.in +++ b/src/lib/crypto/openssl/md5/Makefile.in @@ -2,14 +2,11 @@ mydir=lib$(S)crypto$(S)openssl$(S)md5 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) +STLIBOBJS= -STLIBOBJS= md5.o +OBJS= -OBJS= $(OUTPRE)md5.$(OBJEXT) - -SRCS= $(srcdir)/md5.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/openssl/md5/deps b/src/lib/crypto/openssl/md5/deps index f32dbe9c7..2feac3c9d 100644 --- a/src/lib/crypto/openssl/md5/deps +++ b/src/lib/crypto/openssl/md5/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - md5.c rsa-md5.h +# No dependencies here. diff --git a/src/lib/crypto/openssl/md5/md5.c b/src/lib/crypto/openssl/md5/md5.c deleted file mode 100644 index 41a8498f3..000000000 --- a/src/lib/crypto/openssl/md5/md5.c +++ /dev/null @@ -1,60 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/md5/md5.c - * - * Copyright (C) 2009 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "rsa-md5.h" -#include -#include - -/* The routine krb5int_MD5Init initializes the message-digest context - mdContext. All fields are set to zero. -*/ -void -krb5int_MD5Init (krb5_MD5_CTX *mdContext) -{ - EVP_MD_CTX_init(&mdContext->ossl_md5_ctx); - EVP_DigestInit_ex(&mdContext->ossl_md5_ctx, EVP_md5(), NULL); -} - -/* The routine krb5int_MD5Update updates the message-digest context to - account for the presence of each of the characters inBuf[0..inLen-1] - in the message whose digest is being computed. -*/ -void -krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) -{ - EVP_DigestUpdate(&mdContext->ossl_md5_ctx, inBuf, inLen); -} - -/* The routine krb5int_MD5Final terminates the message-digest computation and - ends with the desired message digest in mdContext->digest[0...15]. -*/ -void -krb5int_MD5Final (krb5_MD5_CTX *mdContext) -{ - EVP_DigestFinal_ex(&mdContext->ossl_md5_ctx, mdContext->digest, NULL); - EVP_MD_CTX_cleanup(&mdContext->ossl_md5_ctx); -} diff --git a/src/lib/crypto/openssl/md5/rsa-md5.h b/src/lib/crypto/openssl/md5/rsa-md5.h deleted file mode 100644 index a8380f449..000000000 --- a/src/lib/crypto/openssl/md5/rsa-md5.h +++ /dev/null @@ -1,92 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/md5/rsa-md5.h - * - * Copyright (C) 2009 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* -*********************************************************************** -** md5.h -- header file for implementation of MD5 ** -** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** -** Created: 2/17/90 RLR ** -** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** -** Revised (for MD5): RLR 4/27/91 ** -** -- G modified to have y&~z instead of y&z ** -** -- FF, GG, HH modified to add in last register done ** -** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** -** -- distinct additive constant for each step ** -** -- round 4 added, working mod 7 ** -*********************************************************************** -*/ - -/* -*********************************************************************** -** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** -** ** -** License to copy and use this software is granted provided that ** -** it is identified as the "RSA Data Security, Inc. MD5 Message- ** -** Digest Algorithm" in all material mentioning or referencing this ** -** software or this function. ** -** ** -** License is also granted to make and use derivative works ** -** provided that such works are identified as "derived from the RSA ** -** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** -** material mentioning or referencing the derived work. ** -** ** -** RSA Data Security, Inc. makes no representations concerning ** -** either the merchantability of this software or the suitability ** -** of this software for any particular purpose. It is provided "as ** -** is" without express or implied warranty of any kind. ** -** ** -** These notices must be retained in any copies of any part of this ** -** documentation and/or software. ** -*********************************************************************** -*/ - - -#ifndef KRB5_RSA_MD5__ -#define KRB5_RSA_MD5__ - -#include -#include - -/* Data structure for MD5 (Message-Digest) computation */ -typedef struct { - EVP_MD_CTX ossl_md5_ctx; - krb5_int32 * digest_len; - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD5Final call */ -} krb5_MD5_CTX; - -extern void krb5int_MD5Init(krb5_MD5_CTX *); -extern void krb5int_MD5Update(krb5_MD5_CTX *,const unsigned char *,unsigned int); -extern void krb5int_MD5Final(krb5_MD5_CTX *); - -#define RSA_MD5_CKSUM_LENGTH 16 -#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 -#define RSA_MD5_DES_CONFOUND_LENGTH 8 - -#endif /* KRB5_RSA_MD5__ */ diff --git a/src/lib/crypto/openssl/pbkdf2.c b/src/lib/crypto/openssl/pbkdf2.c index e64e562e7..ba51ad4a0 100644 --- a/src/lib/crypto/openssl/pbkdf2.c +++ b/src/lib/crypto/openssl/pbkdf2.c @@ -29,15 +29,11 @@ * Not currently used; likely to be used when we get around to AES support. */ -#include -#include "k5-int.h" -#include "hash_provider.h" - +#include "crypto_int.h" #include #include #include - krb5_error_code krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count, const krb5_data *pass, const krb5_data *salt) diff --git a/src/lib/crypto/openssl/sha1/Makefile.in b/src/lib/crypto/openssl/sha1/Makefile.in index b2dcec6b9..08fe83080 100644 --- a/src/lib/crypto/openssl/sha1/Makefile.in +++ b/src/lib/crypto/openssl/sha1/Makefile.in @@ -2,14 +2,11 @@ mydir=lib$(S)crypto$(S)openssl$(S)sha1 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) +STLIBOBJS= -STLIBOBJS= shs.o +OBJS= -OBJS= $(OUTPRE)shs.$(OBJEXT) - -SRCS= $(srcdir)/shs.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/openssl/sha1/deps b/src/lib/crypto/openssl/sha1/deps index 096d30440..2feac3c9d 100644 --- a/src/lib/crypto/openssl/sha1/deps +++ b/src/lib/crypto/openssl/sha1/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - shs.c shs.h +# No dependencies here. diff --git a/src/lib/crypto/openssl/sha1/shs.c b/src/lib/crypto/openssl/sha1/shs.c deleted file mode 100644 index 42d260d3d..000000000 --- a/src/lib/crypto/openssl/sha1/shs.c +++ /dev/null @@ -1,60 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/sha1/shs.c - * - * Copyright (C) 2009 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "shs.h" -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include -#define h0init 0x67452301L -#define h1init 0xEFCDAB89L -#define h2init 0x98BADCFEL -#define h3init 0x10325476L -#define h4init 0xC3D2E1F0L - -/* Initialize the SHS values */ -void shsInit(SHS_INFO *shsInfo) -{ - EVP_MD_CTX_init(&shsInfo->ossl_sha1_ctx ); - EVP_DigestInit_ex(&shsInfo->ossl_sha1_ctx , EVP_sha1(), NULL); - shsInfo->digestLen = 0; - memset(shsInfo->digestBuf, 0 , sizeof(shsInfo->digestBuf)); -} - -/* Update SHS for a block of data */ - -void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) -{ - EVP_DigestUpdate(&shsInfo->ossl_sha1_ctx , buffer, count); -} -/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) */ - -void shsFinal(SHS_INFO *shsInfo) -{ - EVP_DigestFinal_ex(&shsInfo->ossl_sha1_ctx ,(unsigned char *)shsInfo->digestBuf , &shsInfo->digestLen); - EVP_MD_CTX_cleanup(&shsInfo->ossl_sha1_ctx ); -} diff --git a/src/lib/crypto/openssl/sha1/shs.h b/src/lib/crypto/openssl/sha1/shs.h deleted file mode 100644 index 60cf2ad2c..000000000 --- a/src/lib/crypto/openssl/sha1/shs.h +++ /dev/null @@ -1,48 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#ifndef _SHS_DEFINED - -#include "k5-int.h" -#include -#include - -#define _SHS_DEFINED - -/* Some useful types */ - -typedef krb5_octet SHS_BYTE; -typedef krb5_ui_4 SHS_LONG; - -/* Define the following to use the updated SHS implementation */ -#define NEW_SHS /**/ - -/* The SHS block size and message digest sizes, in bytes */ - -#define SHS_DATASIZE 64 -#define SHS_DIGESTSIZE 20 - -/* The structure for storing SHS info */ - -typedef struct { - EVP_MD_CTX ossl_sha1_ctx; - unsigned char digestBuf[SHS_DIGESTSIZE]; /* output */ - unsigned int digestLen; /* output */ -} SHS_INFO; - -/* Message digest functions (shs.c) */ -void shsInit(SHS_INFO *shsInfo); -void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count); -void shsFinal(SHS_INFO *shsInfo); - - -/* Keyed Message digest functions (hmac_sha.c) */ -krb5_error_code hmac_sha(krb5_octet *text, - int text_len, - krb5_octet *key, - int key_len, - krb5_octet *digest); - - -#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE -#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE - -#endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/openssl/sha2/Makefile.in b/src/lib/crypto/openssl/sha2/Makefile.in index cddb434e4..6df0e0d44 100644 --- a/src/lib/crypto/openssl/sha2/Makefile.in +++ b/src/lib/crypto/openssl/sha2/Makefile.in @@ -7,9 +7,6 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S).. LOCALINCLUDES= DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS=