#include <krb5/osconf.h>
#include <krb5/krb5.h>
-#if defined(PROVIDE_DES_CBC_CRC) || defined(PROVIDE_LUCIFER_CRC) || defined(PROVIDE_CRC32)
+#if defined(PROVIDE_DES_CBC_CRC) || defined(PROVIDE_CRC32)
#include <krb5/crc-32.h>
#define CRC32_CKENTRY &crc32_cksumtable_entry
#else
#ifdef PROVIDE_DES_CBC_CKSUM
#include <krb5/mit-des.h>
#define _DES_DONE__
-#define DES_CBC_CKENTRY &mit_des_cbc_cksumtable_entry
+#define DES_CBC_CKENTRY &krb5_des_cbc_cksumtable_entry
#else
#define DES_CBC_CKENTRY 0
#endif
#include <krb5/mit-des.h>
#define _DES_DONE__
#endif
-static krb5_cs_table_entry mit_des_cbc_crc_csentry = {
- &mit_des_cryptosystem_entry, 0 };
-#define DES_CBC_CRC_CSENTRY &mit_des_cbc_crc_csentry
+#define DES_CBC_CRC_CSENTRY &krb5_des_cst_entry
#else
#define DES_CBC_CRC_CSENTRY 0
#endif
-#ifdef PROVIDE_LUCIFER_CRC
-static krb5_cs_table_entry lucifer_crc_csentry = {
- &lucifer_cryptosystem_entry, 0 };
-#define LUCIFER_CRC_CSENTRY &lucifer_crc_csentry
+#ifdef PROVIDE_RAW_DES_CBC
+#ifndef _DES_DONE__
+#include <krb5/mit-des.h>
+#define _DES_DONE__
+#endif
+#define RAW_DES_CBC_CSENTRY &krb5_des_cst_entry
#else
-#define LUCIFER_CRC_CSENTRY 0
+#define RAW_DES_CBC_CSENTRY 0
#endif
+
/* WARNING:
make sure the order of entries in these tables matches the #defines in
<krb5/encryption.h>
*/
krb5_cs_table_entry *krb5_csarray[] = {
- 0,
- DES_CBC_CRC_CSENTRY,
- LUCIFER_CRC_CSENTRY,
+ 0, /* ETYPE_NULL */
+ DES_CBC_CRC_CSENTRY, /* ETYPE_DES_CBC_CRC */
+ 0, /* ETYPE_DES_CBC_MD4 */
+ 0, /* ETYPE_DES_CBC_MD5 */
+ RAW_DES_CBC_CSENTRY, /* ETYPE_RAW_DES_CBC */
};
int krb5_max_cryptosystem = sizeof(krb5_csarray)/sizeof(krb5_csarray[0]) - 1;
krb5_cs_table_entry *krb5_keytype_array[] = {
- 0,
- DES_CBC_CRC_CSENTRY,
- LUCIFER_CRC_CSENTRY,
+ 0, /* KEYTYPE_NULL */
+ DES_CBC_CRC_CSENTRY /* KEYTYPE_DES */
};
int krb5_max_keytype = sizeof(krb5_keytype_array)/sizeof(krb5_keytype_array[0]) - 1;
krb5_checksum_entry *krb5_cksumarray[] = {
0,
- CRC32_CKENTRY,
- MD4_CKENTRY,
- MD4_DES_CKENTRY,
- DES_CBC_CKENTRY,
- 0,
- 0,
- MD5_CKENTRY,
- MD5_DES_CKENTRY
+ CRC32_CKENTRY, /* CKSUMTYPE_CRC32 */
+ MD4_CKENTRY, /* CKSUMTYPE_RSA_MD4 */
+ MD4_DES_CKENTRY, /* CKSUMTYPE_RSA_MD4_DES */
+ DES_CBC_CKENTRY, /* CKSUMTYPE_DESCBC */
+ 0, /* des-mac */
+ 0, /* des-mac-k */
+ MD5_CKENTRY, /* CKSUMTYPE_RSA_MD5 */
+ MD5_DES_CKENTRY /* CKSUMTYPE_RSA_MD5_DES */
};
int krb5_max_cksum = sizeof(krb5_cksumarray)/sizeof(krb5_cksumarray[0]);
#include "des_int.h"
-krb5_cryptosystem_entry mit_des_cryptosystem_entry = {
+static krb5_cryptosystem_entry mit_raw_des_cryptosystem_entry = {
+ mit_raw_des_encrypt_func,
+ mit_raw_des_decrypt_func,
+ mit_des_process_key,
+ mit_des_finish_key,
+ mit_des_string_to_key,
+ mit_des_init_random_key,
+ mit_des_finish_random_key,
+ mit_des_random_key,
+ sizeof(mit_des_cblock),
+ 0,
+ sizeof(mit_des_cblock),
+ ETYPE_DES_CBC_CRC,
+ KEYTYPE_DES
+ };
+
+static krb5_cryptosystem_entry mit_des_cryptosystem_entry = {
mit_des_encrypt_func,
mit_des_decrypt_func,
mit_des_process_key,
KEYTYPE_DES
};
+krb5_cs_table_entry krb5_raw_des_cst_entry = {
+ &mit_raw_des_cryptosystem_entry,
+ 0
+ };
+
krb5_cs_table_entry krb5_des_cst_entry = {
&mit_des_cryptosystem_entry,
0
};
+
extern krb5_error_code mit_des_cbc_checksum PROTOTYPE ((krb5_pointer ,
size_t ,
krb5_pointer ,
krb5_checksum * ));
-krb5_checksum_entry mit_des_cbc_cksumtable_entry = {
+krb5_checksum_entry krb5_des_cbc_cksumtable_entry = {
mit_des_cbc_checksum,
sizeof(mit_des_cblock),
1, /* is collision proof */
PROTOTYPE((unsigned long *, unsigned long *, mit_des_key_schedule , int ));
/* enc_dec.c */
-extern krb5_error_code mit_des_encrypt_func
- PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
- krb5_encrypt_block *, krb5_pointer ));
-extern krb5_error_code mit_des_decrypt_func
- PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
- krb5_encrypt_block *, krb5_pointer ));
extern krb5_error_code mit_des_cbc_encrypt
PROTOTYPE((krb5_octet *, krb5_octet *, long, mit_des_key_schedule,
krb5_octet *, int));
extern int mit_des_key_sched
PROTOTYPE((mit_des_cblock , mit_des_key_schedule ));
+/* krb_glue.c */
+extern krb5_error_code mit_raw_des_encrypt_func
+ PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+ krb5_encrypt_block *, krb5_pointer ));
+extern krb5_error_code mit_des_encrypt_func
+ PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+ krb5_encrypt_block *, krb5_pointer ));
+extern krb5_error_code mit_raw_des_decrypt_func
+ PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+ krb5_encrypt_block *, krb5_pointer ));
+extern krb5_error_code mit_des_decrypt_func
+ PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+ krb5_encrypt_block *, krb5_pointer ));
+
/* new_rnd_key.c */
extern int mit_des_new_random_key
PROTOTYPE((mit_des_cblock , mit_des_random_key_seed *));
MIT_DES_DECRYPT));
}
+krb5_error_code mit_raw_des_encrypt_func(DECLARG(krb5_const_pointer, in),
+ DECLARG(krb5_pointer, out),
+ DECLARG(const size_t, size),
+ DECLARG(krb5_encrypt_block *, key),
+ DECLARG(krb5_pointer, ivec))
+OLDDECLARG(krb5_const_pointer, in)
+OLDDECLARG(krb5_pointer, out)
+OLDDECLARG(const size_t, size)
+OLDDECLARG(krb5_encrypt_block *, key)
+OLDDECLARG(krb5_pointer, ivec)
+{
+ int sumsize;
+
+ /* round up to des block size */
+
+ sumsize = krb5_roundup(size, sizeof(mit_des_cblock));
+
+ /* assemble crypto input into the output area, then encrypt in place. */
+
+ memset((char *)out, 0, sumsize);
+ memcpy((char *)out, (char *)in, size);
+
+ /* We depend here on the ability of this DES implementation to
+ encrypt plaintext to ciphertext in-place. */
+ return (mit_des_encrypt_f(out, out, sumsize, key, ivec));
+}
+
krb5_error_code mit_des_encrypt_func(DECLARG(krb5_const_pointer, in),
DECLARG(krb5_pointer, out),
DECLARG(const size_t, size),
return (mit_des_encrypt_f(out, out, sumsize, key, ivec));
}
+krb5_error_code mit_raw_des_decrypt_func(DECLARG(krb5_const_pointer, in),
+ DECLARG(krb5_pointer, out),
+ DECLARG(const size_t, size),
+ DECLARG(krb5_encrypt_block *, key),
+ DECLARG(krb5_pointer, ivec))
+OLDDECLARG(krb5_const_pointer, in)
+OLDDECLARG(krb5_pointer, out)
+OLDDECLARG(const size_t, size)
+OLDDECLARG(krb5_encrypt_block *, key)
+OLDDECLARG(krb5_pointer, ivec)
+{
+ return(mit_des_decrypt_f(in, out, size, key, ivec));
+}
+
krb5_error_code mit_des_decrypt_func(DECLARG(krb5_const_pointer, in),
DECLARG(krb5_pointer, out),
DECLARG(const size_t, size),
if (memcmp((char *)contents_get, (char *)contents_prd, CRC32_CKSUM_LENGTH) )
return KRB5KRB_AP_ERR_BAD_INTEGRITY;
- memcpy((char *)out, (char *)out +
+ memmove((char *)out, (char *)out +
sizeof(mit_des_cblock) + CRC32_CKSUM_LENGTH,
size - sizeof(mit_des_cblock) - CRC32_CKSUM_LENGTH);
return 0;