diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-12-04 05:12:35 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-12-04 05:12:35 +0000 |
| commit | 5ffa313d9f6b7c509aa0d7579273150d71ea0f95 (patch) | |
| tree | 48f8d5606c919dd09d950c5cbf1609f312f2937d /src/lib/crypto/builtin/des | |
| parent | ea6f77d42700352fcb2a06444d1dc00acf7c20fc (diff) | |
| download | krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.gz krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.xz krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.zip | |
Consolidate the IOV and non-IOV encryption/decryption code paths, and
drop the _iov suffix from most encryption- and decryption-related
functions. The enc_provider encrypt and decrypt functions take IOVs,
as do the enctype entries in etypes.c, and there are no separate
encrypt_iov or decrypt_iov functions.
aead_provider is gone. Enctype functions now take pointers to the
enctype entry instead of pointers to the enc/hash/aead providers; this
allows dk_encrypt and dk_decrypt to be polymorphic in the length
function they use now that AES and DES3 can't differentiate by aead
provider.
aes_string_to_key needed to be moved into the krb/ fold for this since
it's an enctype function; it was duplicated between builtin/ and
openssl/ before. This leaves openssl/aes empty; the build system
currently demands that all modules have the same directory structure,
so the directory and Makefile will stick around for now.
Three separate copies of the derive_random logic are also now
consolidated into one.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/builtin/des')
| -rw-r--r-- | src/lib/crypto/builtin/des/Makefile.in | 8 | ||||
| -rw-r--r-- | src/lib/crypto/builtin/des/d3_aead.c | 22 | ||||
| -rw-r--r-- | src/lib/crypto/builtin/des/d3_cbc.c | 224 | ||||
| -rw-r--r-- | src/lib/crypto/builtin/des/deps | 80 | ||||
| -rw-r--r-- | src/lib/crypto/builtin/des/des_int.h | 90 | ||||
| -rw-r--r-- | src/lib/crypto/builtin/des/f_aead.c | 32 | ||||
| -rw-r--r-- | src/lib/crypto/builtin/des/f_cbc.c | 64 |
7 files changed, 112 insertions, 408 deletions
diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in index 9a2f682523..ff5e3fad09 100644 --- a/src/lib/crypto/builtin/des/Makefile.in +++ b/src/lib/crypto/builtin/des/Makefile.in @@ -14,11 +14,9 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS=\ afsstring2key.o \ - d3_cbc.o \ d3_aead.o \ d3_kysched.o \ f_aead.o \ - f_cbc.o \ f_cksum.o \ f_parity.o \ f_sched.o \ @@ -28,11 +26,9 @@ STLIBOBJS=\ weak_key.o OBJS= $(OUTPRE)afsstring2key.$(OBJEXT) \ - $(OUTPRE)d3_cbc.$(OBJEXT) \ $(OUTPRE)d3_aead.$(OBJEXT) \ $(OUTPRE)d3_kysched.$(OBJEXT) \ $(OUTPRE)f_aead.$(OBJEXT) \ - $(OUTPRE)f_cbc.$(OBJEXT) \ $(OUTPRE)f_cksum.$(OBJEXT) \ $(OUTPRE)f_parity.$(OBJEXT) \ $(OUTPRE)f_sched.$(OBJEXT) \ @@ -42,11 +38,9 @@ OBJS= $(OUTPRE)afsstring2key.$(OBJEXT) \ $(OUTPRE)weak_key.$(OBJEXT) SRCS= $(srcdir)/afsstring2key.c \ - $(srcdir)/d3_cbc.c \ $(srcdir)/d3_aead.c \ $(srcdir)/d3_kysched.c \ $(srcdir)/f_aead.c \ - $(srcdir)/f_cbc.c \ $(srcdir)/f_cksum.c \ $(srcdir)/f_parity.c \ $(srcdir)/f_sched.c \ @@ -55,7 +49,7 @@ SRCS= $(srcdir)/afsstring2key.c \ $(srcdir)/weak_key.c \ $(srcdir)/string2key.c -EXTRADEPSRCS = $(SRCDIR)destest.c +EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c index 549a27fd9d..4052a40583 100644 --- a/src/lib/crypto/builtin/des/d3_aead.c +++ b/src/lib/crypto/builtin/des/d3_aead.c @@ -27,12 +27,11 @@ #include "aead.h" void -krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec) +krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; @@ -89,12 +88,11 @@ krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, } void -krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec) +krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; diff --git a/src/lib/crypto/builtin/des/d3_cbc.c b/src/lib/crypto/builtin/des/d3_cbc.c deleted file mode 100644 index ea3cb436bb..0000000000 --- a/src/lib/crypto/builtin/des/d3_cbc.c +++ /dev/null @@ -1,224 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 1995 by Richard P. Basch. All Rights Reserved. - * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used - * in advertising or publicity pertaining to distribution of the software - * without specific, written prior permission. Richard P. Basch, - * Lehman Brothers and M.I.T. make no representations about the suitability - * of this software for any purpose. It is provided "as is" without - * express or implied warranty. - */ - -#include "des_int.h" -#include "f_tables.h" - -/* - * Triple-DES CBC encryption mode. - */ - -#undef mit_des3_cbc_encrypt -int -mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec, int enc) -{ - if (enc) - krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec); - else - krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec); - return 0; -} - -void -krb5int_des3_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec) -{ - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp1, *kp2, *kp3; - const unsigned char *ip; - unsigned char *op; - - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp1 = (const unsigned DES_INT32 *)ks1; - kp2 = (const unsigned DES_INT32 *)ks2; - kp3 = (const unsigned DES_INT32 *)ks3; - - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = *in; - op = *out; - while (length > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) length; - switch(length) { - case 7: right ^= (*(--ip) & FF_UINT32) << 8; - case 6: right ^= (*(--ip) & FF_UINT32) << 16; - case 5: right ^= (*(--ip) & FF_UINT32) << 24; - case 4: left ^= *(--ip) & FF_UINT32; - case 3: left ^= (*(--ip) & FF_UINT32) << 8; - case 2: left ^= (*(--ip) & FF_UINT32) << 16; - case 1: left ^= (*(--ip) & FF_UINT32) << 24; - - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp1); - DES_DO_DECRYPT(left, right, kp2); - DES_DO_ENCRYPT(left, right, kp3); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - } -} - -void -krb5int_des3_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec) -{ - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp1, *kp2, *kp3; - const unsigned char *ip; - unsigned char *op; - unsigned DES_INT32 ocipherl, ocipherr; - unsigned DES_INT32 cipherl, cipherr; - - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp1 = (const unsigned DES_INT32 *)ks1; - kp2 = (const unsigned DES_INT32 *)ks2; - kp3 = (const unsigned DES_INT32 *)ks3; - - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ - - if (length <= 0) - return; - - /* - * Prime the old cipher with ivec. - */ - ip = ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); - - /* - * Now do this in earnest until we run out of length. - */ - ip = *in; - op = *out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp3); - DES_DO_ENCRYPT(left, right, kp2); - DES_DO_DECRYPT(left, right, kp1); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: *(--op) = (unsigned char) (right & 0xff); - case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff); - case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff); - case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff); - case 4: *(--op) = (unsigned char) (left & 0xff); - case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff); - case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff); - case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff); - } - break; /* we're done */ - } - } -} diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps index 7e85bc1f74..7041f2918d 100644 --- a/src/lib/crypto/builtin/des/deps +++ b/src/lib/crypto/builtin/des/deps @@ -12,29 +12,18 @@ afsstring2key.so afsstring2key.po $(OUTPRE)afsstring2key.$(OBJEXT): \ $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ afsstring2key.c des_int.h -d3_cbc.so d3_cbc.po $(OUTPRE)d3_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h d3_cbc.c des_int.h \ - f_tables.h d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h d3_aead.c des_int.h \ - f_tables.h + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + d3_aead.c des_int.h f_tables.h d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -49,26 +38,15 @@ d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_aead.c \ - f_tables.h -f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \ - f_tables.h + $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h f_aead.c f_tables.h f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ @@ -155,3 +133,25 @@ destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ $(top_srcdir)/include/socket-utils.h des_int.h destest.c +f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \ + f_tables.h +t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + des_int.h t_verify.c diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h index ffa71238b1..9dd599453a 100644 --- a/src/lib/crypto/builtin/des/des_int.h +++ b/src/lib/crypto/builtin/des/des_int.h @@ -165,15 +165,11 @@ unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *, unsigned long, const mit_des_key_schedule, const krb5_octet *); -/* f_ecb.c */ -int mit_des_ecb_encrypt(const mit_des_cblock *, mit_des_cblock *, - mit_des_key_schedule, int ); - -/* f_cbc.c */ -int mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec, int enc); +/* f_cbc.c (used by test programs) */ +int +mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec, int enc); #define mit_des_zeroblock krb5int_c_mit_des_zeroblock extern const mit_des_cblock mit_des_zeroblock; @@ -243,85 +239,29 @@ extern unsigned long swap_long_bytes_bit_number(unsigned long); extern void test_set(FILE *, const char *, int, const char *, int); #endif -/* d3_ecb.c */ -extern int mit_des3_ecb_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - mit_des_key_schedule sched1, - mit_des_key_schedule sched2, - mit_des_key_schedule sched3, int enc); - -/* d3_cbc.c */ -extern int mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec, int enc); - void -krb5int_des3_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, +krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, const mit_des_key_schedule ks1, const mit_des_key_schedule ks2, const mit_des_key_schedule ks3, - const mit_des_cblock ivec); + mit_des_cblock ivec); + void -krb5int_des3_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, +krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, const mit_des_key_schedule ks1, const mit_des_key_schedule ks2, const mit_des_key_schedule ks3, - const mit_des_cblock ivec); - -void -krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec); - -void -krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec); - -#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \ - ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \ - (in, out, length, ks1, ks2, ks3, ivec), 0) + mit_des_cblock ivec); void -krb5int_des_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec); -void -krb5int_des_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, +krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, const mit_des_key_schedule schedule, - const mit_des_cblock ivec); - -#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \ - ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \ - (in, out, length, schedule, ivec), 0) - -void -krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec); + mit_des_cblock ivec); void -krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec); +krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec); /* d3_procky.c */ krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock, diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c index 1b92e05382..3f4fbae826 100644 --- a/src/lib/crypto/builtin/des/f_aead.c +++ b/src/lib/crypto/builtin/des/f_aead.c @@ -26,11 +26,12 @@ #include "f_tables.h" #include "aead.h" +const mit_des_cblock mit_des_zeroblock /* = all zero */; + void -krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec) +krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; @@ -83,10 +84,9 @@ krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, } void -krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec) +krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; @@ -151,3 +151,19 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, PUT_HALF_BLOCK(ocipherr, ptr); } } + +#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) +void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, + unsigned DES_INT32 *right, + const unsigned DES_INT32 *kp) +{ + DES_DO_ENCRYPT_1 (*left, *right, kp); +} + +void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, + unsigned DES_INT32 *right, + const unsigned DES_INT32 *kp) +{ + DES_DO_DECRYPT_1 (*left, *right, kp); +} +#endif diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c index c7e1f22d5b..887740bc15 100644 --- a/src/lib/crypto/builtin/des/f_cbc.c +++ b/src/lib/crypto/builtin/des/f_cbc.c @@ -24,7 +24,8 @@ * this software for any purpose. It is provided "as is" without express * or implied warranty. * - * DES implementation donated by Dennis Ferguson + * CBC functions; used only by the test programs at this time. (krb5 uses the + * functions in f_aead.c instead.) */ /* @@ -58,28 +59,10 @@ const mit_des_cblock mit_des_zeroblock /* = all zero */; -#undef mit_des_cbc_encrypt -int -mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, const mit_des_key_schedule schedule, - const mit_des_cblock ivec, int enc) -{ - /* - * Deal with encryption and decryption separately. - */ - if (enc) - krb5int_des_cbc_encrypt(in, out, length, schedule, ivec); - else - krb5int_des_cbc_decrypt(in, out, length, schedule, ivec); - return 0; -} - -void -krb5int_des_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec) +static void +des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; @@ -158,12 +141,10 @@ krb5int_des_cbc_encrypt(const mit_des_cblock *in, } } -void -krb5int_des_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec) +static void +des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; @@ -258,18 +239,17 @@ krb5int_des_cbc_decrypt(const mit_des_cblock *in, } } -#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) -void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, - unsigned DES_INT32 *right, - const unsigned DES_INT32 *kp) -{ - DES_DO_ENCRYPT_1 (*left, *right, kp); -} - -void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, - unsigned DES_INT32 *right, - const unsigned DES_INT32 *kp) +int +mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec, int enc) { - DES_DO_DECRYPT_1 (*left, *right, kp); + /* + * Deal with encryption and decryption separately. + */ + if (enc) + des_cbc_encrypt(in, out, length, schedule, ivec); + else + des_cbc_decrypt(in, out, length, schedule, ivec); + return 0; } -#endif |