From 0489db92b69f14ab4249992c1302bf8676cecc5c Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Thu, 24 Feb 2011 18:18:11 +0000 Subject: [PATCH] Unbreak the OpenSSL and NSS crypto builds in the wake of r24652 (Fortuna as default PRNG), and remove some unnecessary related files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24656 dc483132-0cff-0310-8789-dd5450dbe970 --- .../crypto/krb/prng/fortuna/prng_fortuna.c | 4 +- src/lib/crypto/nss/Makefile.in | 9 ++- src/lib/crypto/nss/sha2/Makefile.in | 19 ++--- src/lib/crypto/nss/sha2/sha2.c | 19 ----- src/lib/crypto/nss/sha2/sha2.h | 23 ------- src/lib/crypto/openssl/Makefile.in | 9 ++- src/lib/crypto/openssl/aes/Makefile.in | 6 +- .../openssl/{sha2/sha256.c => aes/aes.h} | 20 ++++-- src/lib/crypto/openssl/sha2/Makefile.in | 16 +++-- src/lib/crypto/openssl/sha2/sha2.h | 4 -- src/lib/crypto/openssl/stubs.c | 69 +++++++++++++++++++ 11 files changed, 119 insertions(+), 79 deletions(-) delete mode 100644 src/lib/crypto/nss/sha2/sha2.c delete mode 100644 src/lib/crypto/nss/sha2/sha2.h rename src/lib/crypto/openssl/{sha2/sha256.c => aes/aes.h} (68%) create mode 100644 src/lib/crypto/openssl/stubs.c diff --git a/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c b/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c index 72eac2035..a1ff73035 100644 --- a/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c +++ b/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c @@ -76,9 +76,7 @@ #include "k5-int.h" #include "prng.h" -#ifndef OPENSSL #include "aes.h" -#endif #include "enc_provider.h" #include "sha2.h" #include "enc_provider.h" @@ -189,7 +187,7 @@ inc_counter(struct fortuna_state *st) static void encrypt_counter(struct fortuna_state *st, unsigned char *dst) { - aes_enc_blk(st->counter, dst, &st->ciph); + krb5int_aes_enc_blk(st->counter, dst, &st->ciph); inc_counter(st); } diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in index 7016e924b..a1d587887 100644 --- a/src/lib/crypto/nss/Makefile.in +++ b/src/lib/crypto/nss/Makefile.in @@ -20,15 +20,18 @@ DEFS= STLIBOBJS=\ hmac.o \ - pbkdf2.o + pbkdf2.o \ + stubs.o OBJS=\ $(OUTPRE)hmac.$(OBJEXT) \ - $(OUTPRE)pbkdf2.$(OBJEXT) + $(OUTPRE)pbkdf2.$(OBJEXT) \ + $(OUTPRE)stubs.$(OBJEXT) SRCS=\ $(srcdir)/hmac.c \ - $(srcdir)/pbkdf2.c + $(srcdir)/pbkdf2.c \ + $(srcdir)/stubs.c STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ diff --git a/src/lib/crypto/nss/sha2/Makefile.in b/src/lib/crypto/nss/sha2/Makefile.in index a8edb60d9..1a2bcbb82 100644 --- a/src/lib/crypto/nss/sha2/Makefile.in +++ b/src/lib/crypto/nss/sha2/Makefile.in @@ -1,19 +1,23 @@ -mydir=lib$(S)crypto$(S)nss$(S)sha2 +# Nothing here! But we can't remove this directory as the build +# system currently assumes that all modules have the same directory +# structure. + +mydir=lib$(S)crypto$(S)nss$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include DEFS= -CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -STLIBOBJS= sha2.o +STLIBOBJS= + +OBJS= -OBJS= $(OUTPRE)sha2.$(OBJEXT) +SRCS= -SRCS= $(srcdir)/sha2.c -all-unix:: all-libobjs +all-unix:: all-libobjs includes:: depend @@ -22,4 +26,3 @@ depend:: $(SRCS) clean-unix:: clean-libobjs @libobj_frag@ - diff --git a/src/lib/crypto/nss/sha2/sha2.c b/src/lib/crypto/nss/sha2/sha2.c deleted file mode 100644 index 71f27b4e7..000000000 --- a/src/lib/crypto/nss/sha2/sha2.c +++ /dev/null @@ -1,19 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ - -#include "k5-int.h" -#include "sha2.h" - -void sha2Init(SHA2_INFO *shsInfo) -{ - return; -} - -void sha2Update(SHA2_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) -{ - return; -} - -void sha2Final(SHA2_INFO *shsInfo) -{ - return; -} diff --git a/src/lib/crypto/nss/sha2/sha2.h b/src/lib/crypto/nss/sha2/sha2.h deleted file mode 100644 index ade8b615a..000000000 --- a/src/lib/crypto/nss/sha2/sha2.h +++ /dev/null @@ -1,23 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#ifndef _SHA2_DEFINED - -#include "k5-int.h" - -#define _SHA2_DEFINED - -typedef krb5_octet SHS_BYTE; -#define SHA2_DIGESTSIZE 32 - -/* The structure for storing SHA2 info */ - -typedef struct { - void *nss_ctxt; - unsigned char digestBuf[SHA2_DIGESTSIZE]; /* output */ - unsigned int digestLen; /* output */ -} SHA2_INFO; - -void sha2Init(SHA2_INFO *shsInfo); -void sha2Update(SHA2_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count); -void sha2Final(SHA2_INFO *shsInfo); - -#endif /* _SHA2_DEFINED */ diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in index ff43d56d8..f3992c21a 100644 --- a/src/lib/crypto/openssl/Makefile.in +++ b/src/lib/crypto/openssl/Makefile.in @@ -18,17 +18,20 @@ DEFS= STLIBOBJS=\ hmac.o \ init.o \ - pbkdf2.o + pbkdf2.o \ + stubs.o OBJS=\ $(OUTPRE)hmac.$(OBJEXT) \ $(OUTPRE)init.$(OBJEXT) \ - $(OUTPRE)pbkdf2.$(OBJEXT) + $(OUTPRE)pbkdf2.$(OBJEXT) \ + $(OUTPRE)stubs.$(OBJEXT) SRCS=\ $(srcdir)/hmac.c \ $(srcdir)/init.c \ - $(srcdir)/pbkdf2.c + $(srcdir)/pbkdf2.c \ + $(srcdir)/stubs.c STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ diff --git a/src/lib/crypto/openssl/aes/Makefile.in b/src/lib/crypto/openssl/aes/Makefile.in index b8a7de924..6df0e0d44 100644 --- a/src/lib/crypto/openssl/aes/Makefile.in +++ b/src/lib/crypto/openssl/aes/Makefile.in @@ -4,12 +4,9 @@ mydir=lib$(S)crypto$(S)openssl$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES= DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS= @@ -25,4 +22,3 @@ depend:: $(SRCS) clean-unix:: clean-libobjs @libobj_frag@ - diff --git a/src/lib/crypto/openssl/sha2/sha256.c b/src/lib/crypto/openssl/aes/aes.h similarity index 68% rename from src/lib/crypto/openssl/sha2/sha256.c rename to src/lib/crypto/openssl/aes/aes.h index c57805203..4aa9eb848 100644 --- a/src/lib/crypto/openssl/sha2/sha256.c +++ b/src/lib/crypto/openssl/aes/aes.h @@ -1,8 +1,8 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/sha2/sha256.c - * - * Copyright (C) 2010 by the Massachusetts Institute of Technology. - * All rights reserved. +/* lib/crypto/openssl/aes/aes.h - AES translation macros */ +/* + * Copyright 2011 by the Massachusetts Institute of Technology. + * All Rights Reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. @@ -24,5 +24,15 @@ * or implied warranty. */ -#include "sha2.h" +#ifndef _AES_H +#define _AES_H + +/* This header maps some of the names of the built-in AES types and functions + * (those used by the Fortuna PRNG) to the OpenSSL equivalents. */ +#include + +#define aes_ctx AES_KEY +#define krb5int_aes_enc_key(k, len, ctx) AES_set_encrypt_key(k, 8*(len), ctx) +#define krb5int_aes_enc_blk(in, out, ctx) AES_encrypt(in, out, ctx) +#endif /* _AES_H */ diff --git a/src/lib/crypto/openssl/sha2/Makefile.in b/src/lib/crypto/openssl/sha2/Makefile.in index edb93bd27..cddb434e4 100644 --- a/src/lib/crypto/openssl/sha2/Makefile.in +++ b/src/lib/crypto/openssl/sha2/Makefile.in @@ -1,17 +1,22 @@ -mydir=lib$(S)crypto$(S)openssl$(S)sha2 +# Nothing here! But we can't remove this directory as the build +# system currently assumes that all modules have the same directory +# structure. + +mydir=lib$(S)crypto$(S)openssl$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES= DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -STLIBOBJS= sha256.o +STLIBOBJS= -OBJS= $(OUTPRE)sha256.$(OBJEXT) +OBJS= -SRCS= $(srcdir)/sha256.c +SRCS= -all-unix:: all-libobjs +all-unix:: all-libobjs includes:: depend @@ -20,4 +25,3 @@ depend:: $(SRCS) clean-unix:: clean-libobjs @libobj_frag@ - diff --git a/src/lib/crypto/openssl/sha2/sha2.h b/src/lib/crypto/openssl/sha2/sha2.h index a80fbcb7a..0f61d5dc4 100644 --- a/src/lib/crypto/openssl/sha2/sha2.h +++ b/src/lib/crypto/openssl/sha2/sha2.h @@ -27,14 +27,10 @@ #ifndef _SHA2_DEFINED -#include "k5-int.h" -#include #include #define _SHA2_DEFINED -#define SHA2_DIGESTSIZE 32 - #define sha2Init SHA256_Init #define sha2Update SHA256_Update #define sha2Final SHA256_Final diff --git a/src/lib/crypto/openssl/stubs.c b/src/lib/crypto/openssl/stubs.c new file mode 100644 index 000000000..220df388a --- /dev/null +++ b/src/lib/crypto/openssl/stubs.c @@ -0,0 +1,69 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/openssl/stubs.c - OpenSSL stub functions */ +/* + * Copyright (C) 2011 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* + * This file defines symbols which must be exported by libk5crypto because they + * are in the export list (for the sake of test programs), but which are not + * used when OpenSSL is the back end. + */ + +#include "k5-int.h" + +/* + * These functions are used by the Fortuna PRNG and test program. They are + * defined to OpenSSL equivalents when the OpenSSL back end headers are + * used. + */ +void krb5int_aes_enc_blk(void); +void krb5int_aes_enc_key(void); +void sha2Final(void); +void sha2Init(void); +void sha2Update(void); + +void krb5int_aes_enc_blk(void) +{ + abort(); +} + +void krb5int_aes_enc_key(void) +{ + abort(); +} + +void sha2Final(void) +{ + abort(); +} + +void sha2Init(void) +{ + abort(); +} + +void sha2Update(void) +{ + abort(); +} -- 2.26.2