diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2003-03-05 03:03:04 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2003-03-05 03:03:04 +0000 |
| commit | 805904312e781e852c4c198ad91b32bac3c95c4e (patch) | |
| tree | 5261c67dbc2a85df358f98101194500da5ed3740 /src/include | |
| parent | 3d02caa5af4dc5f8ece6286c138d08404d87936b (diff) | |
| download | krb5-805904312e781e852c4c198ad91b32bac3c95c4e.tar.gz krb5-805904312e781e852c4c198ad91b32bac3c95c4e.tar.xz krb5-805904312e781e852c4c198ad91b32bac3c95c4e.zip | |
Clean up PBKDF2 interface. Add s2k-params to string-to-key interface, except
no new decl in krb5.h yet; rename changed s2k functions to use krb5int_ prefix.
Add AES to etype table. Delete some unused declarations.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15229 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/ChangeLog | 10 | ||||
| -rw-r--r-- | src/include/k5-int.h | 74 | ||||
| -rw-r--r-- | src/include/krb5.hin | 4 |
3 files changed, 19 insertions, 69 deletions
diff --git a/src/include/ChangeLog b/src/include/ChangeLog index dffc4cb7a2..d0ea27f22e 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -1,3 +1,13 @@ +2003-03-04 Ken Raeburn <raeburn@mit.edu> + + * krb5.h (ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_AES256_CTS_HMAC_SHA1_96, CKSUMTYPE_HMAC_SHA1_96_AES128, + CKSUMTYPE_HMAC_SHA1_96_AES256): New macros. + * k5-int.h (krb5_str2key_func): Added params argument. + (krb5int_pbkdf2_hmac_sha1): Declare. + (krb5_cryptosystem_entry, krb5_cs_table_entry, SUM_FUNC, + SUM_VERF_FUNC, krb5_checksum_entry): Delete unused declarations. + 2003-02-26 Ken Raeburn <raeburn@mit.edu> * configure.in: Set and substitute maybe_kerberosIV. diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 2bfce56e68..82f25163a8 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -620,7 +620,7 @@ typedef krb5_error_code (*krb5_crypt_func) (const struct krb5_enc_provider *enc, const krb5_data *input, krb5_data *output); typedef krb5_error_code (*krb5_str2key_func) (const struct krb5_enc_provider *enc, const krb5_data *string, - const krb5_data *salt, krb5_keyblock *key); + const krb5_data *salt, const krb5_data *parm, krb5_keyblock *key); struct krb5_keytypes { krb5_enctype etype; @@ -669,6 +669,10 @@ krb5_error_code krb5_hmac const krb5_keyblock *key, unsigned int icount, const krb5_data *input, krb5_data *output); +krb5_error_code krb5int_pbkdf2_hmac_sha1 (const krb5_data *, unsigned long, + const krb5_data *, + const krb5_data *); + /* A definition of init_state for DES based encryption systems. * sets up an 8-byte IV of all zeros */ @@ -704,74 +708,6 @@ extern const struct krb5_hash_provider krb5int_hash_md5; #ifdef KRB5_OLD_CRYPTO /* old provider api */ -typedef struct _krb5_cryptosystem_entry { - krb5_magic magic; - krb5_error_code (*encrypt_func) ( krb5_const_pointer /* in */, - krb5_pointer /* out */, - const size_t, - krb5_encrypt_block *, - krb5_pointer); - krb5_error_code (*decrypt_func) ( krb5_const_pointer /* in */, - krb5_pointer /* out */, - const size_t, - krb5_encrypt_block *, - krb5_pointer); - krb5_error_code (*process_key) ( krb5_encrypt_block *, - const krb5_keyblock *); - krb5_error_code (*finish_key) ( krb5_encrypt_block *); - krb5_error_code (*string_to_key) (const krb5_encrypt_block *, - krb5_keyblock *, - const krb5_data *, - const krb5_data *); - krb5_error_code (*init_random_key) ( const krb5_encrypt_block *, - const krb5_keyblock *, - krb5_pointer *); - krb5_error_code (*finish_random_key) ( const krb5_encrypt_block *, - krb5_pointer *); - krb5_error_code (*random_key) ( const krb5_encrypt_block *, - krb5_pointer, - krb5_keyblock **); - int block_length; - int pad_minimum; /* needed for cksum size computation */ - int keysize; - krb5_enctype proto_enctype; /* key type, - (assigned protocol number AND - table index) */ -} krb5_cryptosystem_entry; - -typedef struct _krb5_cs_table_entry { - krb5_magic magic; - krb5_cryptosystem_entry * system; - krb5_pointer random_sequence; /* from init_random_key() */ -} krb5_cs_table_entry; - - -/* could be used in a table to find a sumtype */ -typedef krb5_error_code - (*SUM_FUNC) ( - const krb5_pointer /* in */, - const size_t /* in_length */, - const krb5_pointer /* key/seed */, - const size_t /* key/seed size */, - krb5_checksum * /* out_cksum */); - -typedef krb5_error_code - (*SUM_VERF_FUNC) ( - const krb5_checksum * /* out_cksum */, - const krb5_pointer /* in */, - const size_t /* in_length */, - const krb5_pointer /* key/seed */, - const size_t /* key/seed size */); - -typedef struct _krb5_checksum_entry { - krb5_magic magic; - SUM_FUNC sum_func; /* Checksum generator */ - SUM_VERF_FUNC sum_verf_func; /* Verifier of checksum */ - int checksum_length; /* length returned by sum_func */ - unsigned int is_collision_proof:1; - unsigned int uses_key:1; -} krb5_checksum_entry; - krb5_error_code krb5_crypto_os_localaddr (krb5_address ***); diff --git a/src/include/krb5.hin b/src/include/krb5.hin index e53606c20a..c6f7040a5a 100644 --- a/src/include/krb5.hin +++ b/src/include/krb5.hin @@ -361,6 +361,8 @@ typedef struct _krb5_enc_data { #define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ #define ENCTYPE_DES_HMAC_SHA1 0x0008 #define ENCTYPE_DES3_CBC_SHA1 0x0010 +#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 +#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 #define ENCTYPE_ARCFOUR_HMAC 0x0017 #define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 #define ENCTYPE_UNKNOWN 0x01ff @@ -378,6 +380,8 @@ typedef struct _krb5_enc_data { #define CKSUMTYPE_RSA_MD5_DES 0x0008 #define CKSUMTYPE_NIST_SHA 0x0009 #define CKSUMTYPE_HMAC_SHA1_DES3 0x000c +#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f +#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 #define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/ /* The following are entropy source designations. Whenever |