From d70f1f4bada3fb99c1a027e3414423214c77b38a Mon Sep 17 00:00:00 2001 From: Richard Basch Date: Tue, 28 Nov 1995 01:09:46 +0000 Subject: [PATCH] Triple DES support routines git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7128 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/des3_md5.c | 173 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 173 insertions(+) create mode 100644 src/lib/crypto/des3_md5.c diff --git a/src/lib/crypto/des3_md5.c b/src/lib/crypto/des3_md5.c new file mode 100644 index 000000000..e93f7ad9c --- /dev/null +++ b/src/lib/crypto/des3_md5.c @@ -0,0 +1,173 @@ +/* + * lib/crypto/des3-md5.32 + * + * Copyright 1994 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include "k5-int.h" +#include "rsa-md5.h" +#include "des_int.h" + +krb5_error_code mit_des3_md5_encrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +krb5_error_code mit_des3_md5_decrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +static mit_des_cblock zero_ivec = { 0 }; + +static krb5_cryptosystem_entry mit_des3_md5_cryptosystem_entry = { + 0, + mit_des3_md5_encrypt_func, + mit_des3_md5_decrypt_func, + mit_des3_process_key, + mit_des_finish_key, + mit_des3_string_to_key, + mit_des_init_random_key, + mit_des_finish_random_key, + mit_des3_random_key, + sizeof(mit_des_cblock), + RSA_MD5_CKSUM_LENGTH+sizeof(mit_des_cblock), + 3*sizeof(mit_des_cblock), + ENCTYPE_DES3_CBC_MD5 + }; + +krb5_cs_table_entry krb5_des3_md5_cst_entry = { + 0, + &mit_des3_md5_cryptosystem_entry, + 0 + }; + + +krb5_error_code +mit_des3_md5_encrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + krb5_checksum cksum; + krb5_octet contents[RSA_MD5_CKSUM_LENGTH]; + int sumsize; + krb5_error_code retval; + +/* if ( size < sizeof(mit_des_cblock) ) + return KRB5_BAD_MSIZE; */ + + /* caller passes data size, and saves room for the padding. */ + /* format of ciphertext, per RFC is: + +-----------+----------+-------------+-----+ + |confounder | check | msg-seq | pad | + +-----------+----------+-------------+-----+ + + our confounder is 8 bytes (one cblock); + our checksum is RSA_MD5_CKSUM_LENGTH + */ + sumsize = krb5_roundup(size+RSA_MD5_CKSUM_LENGTH+sizeof(mit_des_cblock), + sizeof(mit_des_cblock)); + + /* assemble crypto input into the output area, then encrypt in place. */ + + memset((char *)out, 0, sumsize); + + /* put in the confounder */ + if ((retval = krb5_random_confounder(sizeof(mit_des_cblock), out))) + return retval; + + memcpy((char *)out+sizeof(mit_des_cblock)+RSA_MD5_CKSUM_LENGTH, (char *)in, + size); + + cksum.contents = contents; + + /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_MD5,...) + but avoids use of the cryptosystem config table which can not be + referenced here if this object is to be included in a shared library. */ + if ((retval = rsa_md5_cksumtable_entry.sum_func((krb5_pointer) out, + sumsize, + (krb5_pointer)key->key->contents, + key->key->length, + &cksum))) + return retval; + + memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents, + RSA_MD5_CKSUM_LENGTH); + + /* We depend here on the ability of this DES-3 implementation to + encrypt plaintext to ciphertext in-place. */ + return (mit_des3_cbc_encrypt(out, + out, + sumsize, + (struct mit_des_ks_struct *) key->priv, + ((struct mit_des_ks_struct *) key->priv) + 1, + ((struct mit_des_ks_struct *) key->priv) + 2, + ivec ? ivec : (krb5_pointer)zero_ivec, + MIT_DES_ENCRYPT)); + +} + +krb5_error_code +mit_des3_md5_decrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + krb5_checksum cksum; + krb5_octet contents_prd[RSA_MD5_CKSUM_LENGTH]; + krb5_octet contents_get[RSA_MD5_CKSUM_LENGTH]; + char *p; + krb5_error_code retval; + + if ( size < 2*sizeof(mit_des_cblock) ) + return KRB5_BAD_MSIZE; + + retval = mit_des3_cbc_encrypt((const mit_des_cblock *) in, + out, + size, + (struct mit_des_ks_struct *) key->priv, + ((struct mit_des_ks_struct *) key->priv) + 1, + ((struct mit_des_ks_struct *) key->priv) + 2, + ivec ? ivec : (krb5_pointer)zero_ivec, + MIT_DES_DECRYPT); + if (retval) + return retval; + + cksum.contents = contents_prd; + p = (char *)out + sizeof(mit_des_cblock); + memcpy((char *)contents_get, p, RSA_MD5_CKSUM_LENGTH); + memset(p, 0, RSA_MD5_CKSUM_LENGTH); + + if ((retval = rsa_md5_cksumtable_entry.sum_func(out, size, + (krb5_pointer)key->key->contents, + key->key->length, + &cksum))) + return retval; + + if (memcmp((char *)contents_get, (char *)contents_prd, RSA_MD5_CKSUM_LENGTH) ) + return KRB5KRB_AP_ERR_BAD_INTEGRITY; + memmove((char *)out, (char *)out + + sizeof(mit_des_cblock) + RSA_MD5_CKSUM_LENGTH, + size - sizeof(mit_des_cblock) - RSA_MD5_CKSUM_LENGTH); + return 0; +} -- 2.26.2