From 9993244e1697c30543f513c206e1194cda739b0d Mon Sep 17 00:00:00 2001 From: Paul Park Date: Fri, 7 Jul 1995 20:59:52 +0000 Subject: [PATCH] Add checksum verifier procedure/dispatch git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6251 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/crc32/ChangeLog | 5 ++++ src/lib/crypto/crc32/crc.c | 45 ++++++++++++++++++++++++---- src/lib/crypto/des/ChangeLog | 5 ++++ src/lib/crypto/des/cbc_cksum.c | 55 ++++++++++++++++++++++++++++++++++ src/lib/crypto/des/cs_entry.c | 7 +++++ 5 files changed, 112 insertions(+), 5 deletions(-) diff --git a/src/lib/crypto/crc32/ChangeLog b/src/lib/crypto/crc32/ChangeLog index 778c9e57a..fa046fbf4 100644 --- a/src/lib/crypto/crc32/ChangeLog +++ b/src/lib/crypto/crc32/ChangeLog @@ -1,3 +1,8 @@ + +Fri Jul 7 16:10:52 EDT 1995 Paul Park (pjpark@mit.edu) + * crc.c - Use CRC32_CKSUM_LENGTH where appropriate. Add checksum + verifier procedure. + Wed Jun 21 10:51:33 1995 * crc.c: Change PROTOTYPE -> KRB5_PROTOTYPE diff --git a/src/lib/crypto/crc32/crc.c b/src/lib/crypto/crc32/crc.c index 1b96bab33..34152e1d0 100644 --- a/src/lib/crypto/crc32/crc.c +++ b/src/lib/crypto/crc32/crc.c @@ -143,10 +143,6 @@ static u_long const crc_table[256] = { 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d }; -krb5_error_code -crc32_sum_func KRB5_NPROTOTYPE((krb5_pointer in, size_t in_length, - krb5_pointer seed, size_t seed_length, krb5_checksum *outcksum)); - krb5_error_code crc32_sum_func(in, in_length, seed, seed_length, outcksum) krb5_pointer in; @@ -169,7 +165,7 @@ krb5_checksum FAR *outcksum; } /* c now holds the result */ outcksum->checksum_type = CKSUMTYPE_CRC32; - outcksum->length = 4; + outcksum->length = CRC32_CKSUM_LENGTH; outcksum->contents[0] = (krb5_octet) (c & 0xff); outcksum->contents[1] = (krb5_octet) ((c >> 8) & 0xff); outcksum->contents[2] = (krb5_octet) ((c >> 16) & 0xff); @@ -177,10 +173,49 @@ krb5_checksum FAR *outcksum; return 0; } +krb5_error_code +crc32_verify_func(cksum, in, in_length, seed, seed_length) +krb5_checksum FAR *cksum; +krb5_pointer in; +size_t in_length; +krb5_pointer seed; +size_t seed_length; +{ + register u_char *data; + register u_long c = 0; + register int idx; + size_t i; + krb5_error_code retval; + + retval = 0; + if (cksum->checksum_type == CKSUMTYPE_CRC32) { + if (cksum->length == CRC32_CKSUM_LENGTH) { + data = (u_char *)in; + for (i = 0; i < in_length; i++) { + idx = (int) (data[i] ^ c); + idx &= 0xff; + c >>= 8; + c ^= crc_table[idx]; + } + if ((cksum->contents[0] != (krb5_octet) (c & 0xff)) || + (cksum->contents[1] != (krb5_octet) ((c >> 8) & 0xff)) || + (cksum->contents[2] != (krb5_octet) ((c >> 16) & 0xff)) || + (cksum->contents[3] != (krb5_octet) ((c >> 32) & 0xff))) + retval = KRB5KRB_AP_ERR_BAD_INTEGRITY; + } + else + retval = KRB5KRB_AP_ERR_BAD_INTEGRITY; + } + else + retval = KRB5KRB_AP_ERR_INAPP_CKSUM; + return(retval); +} + krb5_checksum_entry crc32_cksumtable_entry = { 0, crc32_sum_func, + crc32_verify_func, CRC32_CKSUM_LENGTH, /* CRC-32 is 4 octets */ 0, /* not collision proof */ 0, /* doesn't use key */ diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog index 1464b12da..7d4517f8d 100644 --- a/src/lib/crypto/des/ChangeLog +++ b/src/lib/crypto/des/ChangeLog @@ -1,3 +1,8 @@ + +Fri Jul 7 16:12:29 EDT 1995 Paul Park (pjpark@mit.edu) + * cbc_cksum.c - Add checksum verifier procedure. + * cs_entry.c - Add entry for checksum verifier. + Thu Jul 6 17:16:17 1995 Tom Yu * new_rn_key.c (mit_des_init_random_number_generator): don't call diff --git a/src/lib/crypto/des/cbc_cksum.c b/src/lib/crypto/des/cbc_cksum.c index dc795f962..a5ea5ce4d 100644 --- a/src/lib/crypto/des/cbc_cksum.c +++ b/src/lib/crypto/des/cbc_cksum.c @@ -91,3 +91,58 @@ mit_des_cbc_checksum(in, in_length, key, key_size, cksum) return 0; } +krb5_error_code +mit_des_cbc_verf_cksum(cksum, in, in_length, key, key_size) + krb5_checksum FAR * cksum; + krb5_pointer in; + size_t in_length; + krb5_pointer key; + size_t key_size; +{ + struct mit_des_ks_struct *schedule; /* pointer to key schedules */ + mit_des_cblock contents; + krb5_error_code retval; + + if (key_size != sizeof(mit_des_cblock)) + return KRB5_BAD_KEYSIZE; + + if (!(schedule = (struct mit_des_ks_struct *) malloc(sizeof(mit_des_key_schedule)))) + return ENOMEM; + +#define cleanup() { memset((char *)schedule, 0, sizeof(mit_des_key_schedule));\ + free( (char *) schedule); } + + switch (mit_des_key_sched ((krb5_octet *)key, schedule)) { + case -1: + cleanup(); + return KRB5DES_BAD_KEYPAR; + + case -2: + cleanup(); + return KRB5DES_WEAK_KEY; + + default: + ; + } + + mit_des_cbc_cksum((krb5_octet *)in, contents, in_length, + schedule, (krb5_octet *)key); + + retval = 0; + if (cksum->checksum_type == CKSUMTYPE_DESCBC) { + if (cksum->length == sizeof(mit_des_cblock)) { + if (memcmp((char *) cksum->contents, + (char *) contents, + sizeof(mit_des_cblock))) + retval = KRB5KRB_AP_ERR_BAD_INTEGRITY; + } + else + retval = KRB5KRB_AP_ERR_BAD_INTEGRITY; + } + else + retval = KRB5KRB_AP_ERR_INAPP_CKSUM; + cleanup(); + + return retval; +} + diff --git a/src/lib/crypto/des/cs_entry.c b/src/lib/crypto/des/cs_entry.c index 9bf9d7c02..91d00013d 100644 --- a/src/lib/crypto/des/cs_entry.c +++ b/src/lib/crypto/des/cs_entry.c @@ -34,10 +34,17 @@ extern krb5_error_code mit_des_cbc_checksum PROTOTYPE (( size_t , krb5_checksum FAR * )); +extern krb5_error_code mit_des_cbc_verf_cksum PROTOTYPE (( + krb5_checksum FAR *, + krb5_pointer , + size_t , + krb5_pointer , + size_t )); krb5_checksum_entry krb5_des_cbc_cksumtable_entry = { 0, mit_des_cbc_checksum, + mit_des_cbc_verf_cksum, sizeof(mit_des_cblock), 1, /* is collision proof */ 1, /* is keyed */ -- 2.26.2