diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-03-05 13:31:02 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-03-05 13:31:02 +0000 |
| commit | 624e6a7b3f59fd76a92f556b679f9d872167853b (patch) | |
| tree | 0f84a87bdda47919dd27a8b412fbab6d361427ca /src/lib/crypto/krb/dk | |
| parent | 094b3c111a35803ffc88682fd09b4471d7d5c5b6 (diff) | |
| download | krb5-624e6a7b3f59fd76a92f556b679f9d872167853b.tar.gz krb5-624e6a7b3f59fd76a92f556b679f9d872167853b.tar.xz krb5-624e6a7b3f59fd76a92f556b679f9d872167853b.zip | |
Flatten lib/crypto/krb, as its seven subdirectories only contained a
few source file each (often only 1-2).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24679 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/krb/dk')
| -rw-r--r-- | src/lib/crypto/krb/dk/Makefile.in | 48 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/checksum_cmac.c | 62 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/checksum_hmac.c | 59 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/deps | 84 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/derive.c | 299 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/dk_aead.c | 270 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/dk_cmac.c | 186 | ||||
| -rw-r--r-- | src/lib/crypto/krb/dk/stringtokey.c | 199 |
8 files changed, 0 insertions, 1207 deletions
diff --git a/src/lib/crypto/krb/dk/Makefile.in b/src/lib/crypto/krb/dk/Makefile.in deleted file mode 100644 index 56ab164d30..0000000000 --- a/src/lib/crypto/krb/dk/Makefile.in +++ /dev/null @@ -1,48 +0,0 @@ -mydir=lib$(S)crypto$(S)krb$(S)dk -BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) -DEFS= - -##DOS##BUILDTOP = ..\..\..\.. -##DOS##PREFIXDIR = krb\dk -##DOS##OBJFILE = ..\..\$(OUTPRE)dk.lst - -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - -STLIBOBJS=\ - checksum_hmac.o \ - checksum_cmac.o \ - dk_aead.o \ - dk_cmac.o \ - derive.o \ - stringtokey.o - -OBJS=\ - $(OUTPRE)checksum_hmac.$(OBJEXT)\ - $(OUTPRE)checksum_cmac.$(OBJEXT)\ - $(OUTPRE)dk_aead.$(OBJEXT) \ - $(OUTPRE)dk_cmac.$(OBJEXT) \ - $(OUTPRE)derive.$(OBJEXT) \ - $(OUTPRE)stringtokey.$(OBJEXT) - -SRCS=\ - $(srcdir)/checksum_hmac.c \ - $(srcdir)/checksum_cmac.c \ - $(srcdir)/dk_aead.c \ - $(srcdir)/dk_cmac.c \ - $(srcdir)/derive.c \ - $(srcdir)/stringtokey.c - -##DOS##LIBOBJS = $(OBJS) - -all-unix:: all-libobjs - -includes:: depend - -depend:: $(SRCS) - -clean-unix:: clean-libobjs - -@libobj_frag@ - diff --git a/src/lib/crypto/krb/dk/checksum_cmac.c b/src/lib/crypto/krb/dk/checksum_cmac.c deleted file mode 100644 index 166b7c7273..0000000000 --- a/src/lib/crypto/krb/dk/checksum_cmac.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * lib/crypto/krb/dk/checksum_cmac.c - * - * Copyright 2010 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "crypto_int.h" - -#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ - -#ifdef CAMELLIA - -krb5_error_code -krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) -{ - const struct krb5_enc_provider *enc = ctp->enc; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data datain; - krb5_key kc; - - /* Derive the key. */ - datain = make_data(constantdata, K5CLENGTH); - store_32_be(usage, constantdata); - constantdata[4] = (char) 0x99; - ret = krb5int_derive_key(enc, key, &kc, &datain, DERIVE_SP800_108_CMAC); - if (ret != 0) - return ret; - - /* Hash the data. */ - ret = krb5int_cmac_checksum(enc, kc, data, num_data, output); - if (ret != 0) - memset(output->data, 0, output->length); - - krb5_k_free_key(NULL, kc); - return ret; -} - -#endif /* CAMELLIA */ diff --git a/src/lib/crypto/krb/dk/checksum_hmac.c b/src/lib/crypto/krb/dk/checksum_hmac.c deleted file mode 100644 index 517a5f32c8..0000000000 --- a/src/lib/crypto/krb/dk/checksum_hmac.c +++ /dev/null @@ -1,59 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "crypto_int.h" - -#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ - -krb5_error_code -krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) -{ - const struct krb5_enc_provider *enc = ctp->enc; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data datain; - krb5_key kc; - - /* Derive the key. */ - datain = make_data(constantdata, K5CLENGTH); - store_32_be(usage, constantdata); - constantdata[4] = (char) 0x99; - ret = krb5int_derive_key(enc, key, &kc, &datain, DERIVE_RFC3961); - if (ret) - return ret; - - /* Hash the data. */ - ret = krb5int_hmac(ctp->hash, kc, data, num_data, output); - if (ret) - memset(output->data, 0, output->length); - - krb5_k_free_key(NULL, kc); - return ret; -} diff --git a/src/lib/crypto/krb/dk/deps b/src/lib/crypto/krb/dk/deps deleted file mode 100644 index 7dbace5dbe..0000000000 --- a/src/lib/crypto/krb/dk/deps +++ /dev/null @@ -1,84 +0,0 @@ -# -# Generated makefile dependencies follow. -# -checksum_hmac.so checksum_hmac.po $(OUTPRE)checksum_hmac.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ - $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ - $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - checksum_hmac.c -checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ - $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ - $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - checksum_cmac.c -dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ - $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ - $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h dk_aead.c -dk_cmac.so dk_cmac.po $(OUTPRE)dk_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ - $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ - $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h dk_cmac.c -derive.so derive.po $(OUTPRE)derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ - $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ - $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h derive.c -stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ - $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ - $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - stringtokey.c diff --git a/src/lib/crypto/krb/dk/derive.c b/src/lib/crypto/krb/dk/derive.c deleted file mode 100644 index 1cb47af4ba..0000000000 --- a/src/lib/crypto/krb/dk/derive.c +++ /dev/null @@ -1,299 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "crypto_int.h" - -static krb5_key -find_cached_dkey(struct derived_key *list, const krb5_data *constant) -{ - for (; list; list = list->next) { - if (data_eq(list->constant, *constant)) { - krb5_k_reference_key(NULL, list->dkey); - return list->dkey; - } - } - return NULL; -} - -static krb5_error_code -add_cached_dkey(krb5_key key, const krb5_data *constant, - const krb5_keyblock *dkeyblock, krb5_key *cached_dkey) -{ - krb5_key dkey; - krb5_error_code ret; - struct derived_key *dkent = NULL; - char *data = NULL; - - /* Allocate fields for the new entry. */ - dkent = malloc(sizeof(*dkent)); - if (dkent == NULL) - goto cleanup; - data = malloc(constant->length); - if (data == NULL) - goto cleanup; - ret = krb5_k_create_key(NULL, dkeyblock, &dkey); - if (ret != 0) - goto cleanup; - - /* Add the new entry to the list. */ - memcpy(data, constant->data, constant->length); - dkent->dkey = dkey; - dkent->constant.data = data; - dkent->constant.length = constant->length; - dkent->next = key->derived; - key->derived = dkent; - - /* Return a "copy" of the cached key. */ - krb5_k_reference_key(NULL, dkey); - *cached_dkey = dkey; - return 0; - -cleanup: - free(dkent); - free(data); - return ENOMEM; -} - -static krb5_error_code -derive_random_rfc3961(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant) -{ - size_t blocksize, keybytes, n; - krb5_error_code ret; - krb5_data block = empty_data(); - - blocksize = enc->block_size; - keybytes = enc->keybytes; - - if (blocksize == 1) - return KRB5_BAD_ENCTYPE; - if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) - return KRB5_CRYPTO_INTERNAL; - - /* Allocate encryption data buffer. */ - ret = alloc_data(&block, blocksize); - if (ret) - return ret; - - /* Initialize the input block. */ - if (in_constant->length == blocksize) { - memcpy(block.data, in_constant->data, blocksize); - } else { - krb5int_nfold(in_constant->length * 8, - (unsigned char *) in_constant->data, - blocksize * 8, (unsigned char *) block.data); - } - - /* Loop encrypting the blocks until enough key bytes are generated. */ - n = 0; - while (n < keybytes) { - ret = encrypt_block(enc, inkey, &block); - if (ret) - goto cleanup; - - if ((keybytes - n) <= blocksize) { - memcpy(outrnd->data + n, block.data, (keybytes - n)); - break; - } - - memcpy(outrnd->data + n, block.data, blocksize); - n += blocksize; - } - -cleanup: - zapfree(block.data, blocksize); - return ret; -} - -#ifdef CAMELLIA - -/* - * NIST SP800-108 KDF in feedback mode (section 5.2). - * Parameters: - * - CMAC (with enc as the enc provider) is the PRF. - * - A block counter of four bytes is used. - * - Label is the key derivation constant. - * - Context is empty. - * - Four bytes are used to encode the output length in the PRF input. - */ -static krb5_error_code -derive_random_sp800_108_cmac(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant) -{ - size_t blocksize, keybytes, n; - krb5_crypto_iov iov[6]; - krb5_error_code ret; - krb5_data prf; - unsigned int i; - unsigned char ibuf[4], Lbuf[4]; - - blocksize = enc->block_size; - keybytes = enc->keybytes; - - if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) - return KRB5_CRYPTO_INTERNAL; - - /* Allocate encryption data buffer. */ - ret = alloc_data(&prf, blocksize); - if (ret) - return ret; - - /* K(i-1): the previous block of PRF output, initially all-zeros. */ - iov[0].flags = KRB5_CRYPTO_TYPE_DATA; - iov[0].data = prf; - /* [i]2: four-byte big-endian binary string giving the block counter */ - iov[1].flags = KRB5_CRYPTO_TYPE_DATA; - iov[1].data = make_data(ibuf, sizeof(ibuf)); - /* Label: the fixed derived-key input */ - iov[2].flags = KRB5_CRYPTO_TYPE_DATA; - iov[2].data = *in_constant; - /* 0x00: separator byte */ - iov[3].flags = KRB5_CRYPTO_TYPE_DATA; - iov[3].data = make_data("", 1); - /* Context: (unused) */ - iov[4].flags = KRB5_CRYPTO_TYPE_DATA; - iov[4].data = empty_data(); - /* [L]2: four-byte big-endian binary string giving the output length */ - iov[5].flags = KRB5_CRYPTO_TYPE_DATA; - iov[5].data = make_data(Lbuf, sizeof(Lbuf)); - store_32_be(outrnd->length * 8, Lbuf); - - for (i = 1, n = 0; n < keybytes; i++) { - /* Update the block counter. */ - store_32_be(i, ibuf); - - /* Compute a CMAC checksum, storing the result into K(i-1). */ - ret = krb5int_cmac_checksum(enc, inkey, iov, 6, &prf); - if (ret) - goto cleanup; - - /* Copy the result into the appropriate part of the output buffer. */ - if (keybytes - n <= blocksize) { - memcpy(outrnd->data + n, prf.data, keybytes - n); - break; - } - memcpy(outrnd->data + n, prf.data, blocksize); - n += blocksize; - } - -cleanup: - zapfree(prf.data, blocksize); - return ret; -} - -#endif /* CAMELLIA */ - -krb5_error_code -krb5int_derive_random(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant, enum deriv_alg alg) -{ - switch (alg) { - case DERIVE_RFC3961: - return derive_random_rfc3961(enc, inkey, outrnd, in_constant); -#ifdef CAMELLIA - case DERIVE_SP800_108_CMAC: - return derive_random_sp800_108_cmac(enc, inkey, outrnd, in_constant); -#endif - default: - return EINVAL; - } -} - -/* - * Compute a derived key into the keyblock outkey. This variation on - * krb5int_derive_key does not cache the result, as it is only used - * directly in situations which are not expected to be repeated with - * the same inkey and constant. - */ -krb5_error_code -krb5int_derive_keyblock(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_keyblock *outkey, - const krb5_data *in_constant, enum deriv_alg alg) -{ - krb5_error_code ret; - krb5_data rawkey = empty_data(); - - /* Allocate a buffer for the raw key bytes. */ - ret = alloc_data(&rawkey, enc->keybytes); - if (ret) - goto cleanup; - - /* Derive pseudo-random data for the key bytes. */ - ret = krb5int_derive_random(enc, inkey, &rawkey, in_constant, alg); - if (ret) - goto cleanup; - - /* Postprocess the key. */ - ret = krb5_c_random_to_key(NULL, inkey->keyblock.enctype, &rawkey, outkey); - -cleanup: - zapfree(rawkey.data, enc->keybytes); - return ret; -} - -krb5_error_code -krb5int_derive_key(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_key *outkey, - const krb5_data *in_constant, enum deriv_alg alg) -{ - krb5_keyblock keyblock; - krb5_error_code ret; - krb5_key dkey; - - *outkey = NULL; - - /* Check for a cached result. */ - dkey = find_cached_dkey(inkey->derived, in_constant); - if (dkey != NULL) { - *outkey = dkey; - return 0; - } - - /* Derive into a temporary keyblock. */ - keyblock.length = enc->keylength; - keyblock.contents = malloc(keyblock.length); - keyblock.enctype = inkey->keyblock.enctype; - if (keyblock.contents == NULL) - return ENOMEM; - ret = krb5int_derive_keyblock(enc, inkey, &keyblock, in_constant, alg); - if (ret) - goto cleanup; - - /* Cache the derived key. */ - ret = add_cached_dkey(inkey, in_constant, &keyblock, &dkey); - if (ret != 0) - goto cleanup; - - *outkey = dkey; - -cleanup: - zapfree(keyblock.contents, keyblock.length); - return ret; -} diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c deleted file mode 100644 index 2e2163f69c..0000000000 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ /dev/null @@ -1,270 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/dk/dk_aead.c - * - * Copyright 2008, 2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include "crypto_int.h" - -#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ - -/* AEAD */ - -unsigned int -krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, krb5_cryptotype type) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - case KRB5_CRYPTO_TYPE_PADDING: - return ktp->enc->block_size; - case KRB5_CRYPTO_TYPE_TRAILER: - case KRB5_CRYPTO_TYPE_CHECKSUM: - return ktp->hash->hashsize; - default: - assert(0 && "invalid cryptotype passed to krb5int_dk_crypto_length"); - return 0; - } -} - -unsigned int -krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - return ktp->enc->block_size; - case KRB5_CRYPTO_TYPE_PADDING: - return 0; - case KRB5_CRYPTO_TYPE_TRAILER: - case KRB5_CRYPTO_TYPE_CHECKSUM: - return 96 / 8; - default: - assert(0 && "invalid cryptotype passed to krb5int_aes_crypto_length"); - return 0; - } -} - -krb5_error_code -krb5int_dk_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data) -{ - const struct krb5_enc_provider *enc = ktp->enc; - const struct krb5_hash_provider *hash = ktp->hash; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data d1, d2; - krb5_crypto_iov *header, *trailer, *padding; - krb5_key ke = NULL, ki = NULL; - size_t i; - unsigned int blocksize, hmacsize, plainlen = 0, padsize = 0; - unsigned char *cksum = NULL; - - /* E(Confounder | Plaintext | Pad) | Checksum */ - - blocksize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); - hmacsize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); - - for (i = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; - - if (iov->flags == KRB5_CRYPTO_TYPE_DATA) - plainlen += iov->data.length; - } - - /* Validate header and trailer lengths. */ - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || header->data.length < enc->block_size) - return KRB5_BAD_MSIZE; - - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer == NULL || trailer->data.length < hmacsize) - return KRB5_BAD_MSIZE; - - if (blocksize != 0) { - /* Check that the input data is correctly padded. */ - if (plainlen % blocksize) - padsize = blocksize - (plainlen % blocksize); - } - - padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING); - if (padsize && (padding == NULL || padding->data.length < padsize)) - return KRB5_BAD_MSIZE; - - if (padding != NULL) { - memset(padding->data.data, 0, padsize); - padding->data.length = padsize; - } - - cksum = k5alloc(hash->hashsize, &ret); - if (ret != 0) - goto cleanup; - - /* Derive the keys. */ - - d1.data = (char *)constantdata; - d1.length = K5CLENGTH; - - store_32_be(usage, constantdata); - - d1.data[4] = 0xAA; - - ret = krb5int_derive_key(enc, key, &ke, &d1, DERIVE_RFC3961); - if (ret != 0) - goto cleanup; - - d1.data[4] = 0x55; - - ret = krb5int_derive_key(enc, key, &ki, &d1, DERIVE_RFC3961); - if (ret != 0) - goto cleanup; - - /* Generate confounder. */ - - header->data.length = enc->block_size; - - ret = krb5_c_random_make_octets(/* XXX */ NULL, &header->data); - if (ret != 0) - goto cleanup; - - /* Hash the plaintext. */ - d2.length = hash->hashsize; - d2.data = (char *)cksum; - - ret = krb5int_hmac(hash, ki, data, num_data, &d2); - if (ret != 0) - goto cleanup; - - /* Encrypt the plaintext (header | data | padding) */ - ret = enc->encrypt(ke, ivec, data, num_data); - if (ret != 0) - goto cleanup; - - /* Possibly truncate the hash */ - assert(hmacsize <= d2.length); - - memcpy(trailer->data.data, cksum, hmacsize); - trailer->data.length = hmacsize; - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - free(cksum); - return ret; -} - -krb5_error_code -krb5int_dk_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data) -{ - const struct krb5_enc_provider *enc = ktp->enc; - const struct krb5_hash_provider *hash = ktp->hash; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data d1; - krb5_crypto_iov *header, *trailer; - krb5_key ke = NULL, ki = NULL; - size_t i; - unsigned int blocksize; /* enc block size, not confounder len */ - unsigned int hmacsize, cipherlen = 0; - unsigned char *cksum = NULL; - - /* E(Confounder | Plaintext | Pad) | Checksum */ - - blocksize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_PADDING); - hmacsize = ktp->crypto_length(ktp, KRB5_CRYPTO_TYPE_TRAILER); - - if (blocksize != 0) { - /* Check that the input data is correctly padded. */ - for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (ENCRYPT_DATA_IOV(iov)) - cipherlen += iov->data.length; - } - if (cipherlen % blocksize != 0) - return KRB5_BAD_MSIZE; - } - - /* Validate header and trailer lengths */ - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || header->data.length != enc->block_size) - return KRB5_BAD_MSIZE; - - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer == NULL || trailer->data.length != hmacsize) - return KRB5_BAD_MSIZE; - - cksum = k5alloc(hash->hashsize, &ret); - if (ret != 0) - goto cleanup; - - /* Derive the keys. */ - - d1.data = (char *)constantdata; - d1.length = K5CLENGTH; - - store_32_be(usage, constantdata); - - d1.data[4] = 0xAA; - - ret = krb5int_derive_key(enc, key, &ke, &d1, DERIVE_RFC3961); - if (ret != 0) - goto cleanup; - - d1.data[4] = 0x55; - - ret = krb5int_derive_key(enc, key, &ki, &d1, DERIVE_RFC3961); - if (ret != 0) - goto cleanup; - - /* Decrypt the plaintext (header | data | padding). */ - ret = enc->decrypt(ke, ivec, data, num_data); - if (ret != 0) - goto cleanup; - - /* Verify the hash. */ - d1.length = hash->hashsize; /* non-truncated length */ - d1.data = (char *)cksum; - - ret = krb5int_hmac(hash, ki, data, num_data, &d1); - if (ret != 0) - goto cleanup; - - /* Compare only the possibly truncated length. */ - if (memcmp(cksum, trailer->data.data, hmacsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - free(cksum); - return ret; -} diff --git a/src/lib/crypto/krb/dk/dk_cmac.c b/src/lib/crypto/krb/dk/dk_cmac.c deleted file mode 100644 index f00b8edc93..0000000000 --- a/src/lib/crypto/krb/dk/dk_cmac.c +++ /dev/null @@ -1,186 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/dk/dk_cmac.c - Derived-key enctype functions using CMAC */ -/* - * Copyright 2008, 2009, 2010 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include "crypto_int.h" - -#ifdef CAMELLIA - -#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ - -/* AEAD */ - -unsigned int -krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - return ktp->enc->block_size; - case KRB5_CRYPTO_TYPE_PADDING: - return 0; - case KRB5_CRYPTO_TYPE_TRAILER: - case KRB5_CRYPTO_TYPE_CHECKSUM: - return ktp->enc->block_size; - default: - assert(0 && "bad type passed to krb5int_camellia_crypto_length"); - return 0; - } -} - -/* Derive encryption and integrity keys for CMAC-using enctypes. */ -static krb5_error_code -derive_keys(const struct krb5_enc_provider *enc, krb5_key key, - krb5_keyusage usage, krb5_key *ke_out, krb5_key *ki_out) -{ - krb5_error_code ret; - unsigned char buf[K5CLENGTH]; - krb5_data constant = make_data(buf, K5CLENGTH); - krb5_key ke, ki; - - *ke_out = *ki_out = NULL; - - /* Derive the encryption key. */ - store_32_be(usage, buf); - buf[4] = 0xAA; - ret = krb5int_derive_key(enc, key, &ke, &constant, DERIVE_SP800_108_CMAC); - if (ret != 0) - return ret; - - /* Derive the integrity key. */ - buf[4] = 0x55; - ret = krb5int_derive_key(enc, key, &ki, &constant, DERIVE_SP800_108_CMAC); - if (ret != 0) { - krb5_k_free_key(NULL, ke); - return ret; - } - - *ke_out = ke; - *ki_out = ki; - return 0; -} - -krb5_error_code -krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data) -{ - const struct krb5_enc_provider *enc = ktp->enc; - krb5_error_code ret; - krb5_crypto_iov *header, *trailer, *padding; - krb5_data cksum = empty_data(); - krb5_key ke = NULL, ki = NULL; - - /* E(Confounder | Plaintext | Pad) | Checksum */ - - /* Validate header and trailer lengths, and zero out padding length. */ - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || header->data.length < enc->block_size) - return KRB5_BAD_MSIZE; - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer == NULL || trailer->data.length < enc->block_size) - return KRB5_BAD_MSIZE; - padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING); - if (padding != NULL) - padding->data.length = 0; - - /* Derive the encryption and integrity keys. */ - ret = derive_keys(enc, key, usage, &ke, &ki); - if (ret != 0) - goto cleanup; - - /* Generate confounder. */ - header->data.length = enc->block_size; - ret = krb5_c_random_make_octets(NULL, &header->data); - if (ret != 0) - goto cleanup; - - /* Checksum the plaintext. */ - ret = krb5int_cmac_checksum(enc, ki, data, num_data, &trailer->data); - if (ret != 0) - goto cleanup; - - /* Encrypt the plaintext (header | data | padding) */ - ret = enc->encrypt(ke, ivec, data, num_data); - if (ret != 0) - goto cleanup; - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - zapfree(cksum.data, cksum.length); - return ret; -} - -krb5_error_code -krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data) -{ - const struct krb5_enc_provider *enc = ktp->enc; - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_data cksum; - krb5_key ke = NULL, ki = NULL; - - /* E(Confounder | Plaintext | Pad) | Checksum */ - - /* Validate header and trailer lengths. */ - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || header->data.length != enc->block_size) - return KRB5_BAD_MSIZE; - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer == NULL || trailer->data.length != enc->block_size) - return KRB5_BAD_MSIZE; - - /* Derive the encryption and integrity keys. */ - ret = derive_keys(enc, key, usage, &ke, &ki); - if (ret != 0) - goto cleanup; - - /* Decrypt the plaintext (header | data | padding). */ - ret = enc->decrypt(ke, ivec, data, num_data); - if (ret != 0) - goto cleanup; - - /* Verify the hash. */ - ret = alloc_data(&cksum, enc->block_size); - if (ret != 0) - goto cleanup; - ret = krb5int_cmac_checksum(enc, ki, data, num_data, &cksum); - if (ret != 0) - goto cleanup; - if (!data_eq(cksum, trailer->data)) - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - -cleanup: - krb5_k_free_key(NULL, ke); - krb5_k_free_key(NULL, ki); - zapfree(cksum.data, cksum.length); - return ret; -} - -#endif /* CAMELLIA */ diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c deleted file mode 100644 index 90fe3c694e..0000000000 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ /dev/null @@ -1,199 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "crypto_int.h" - -static const unsigned char kerberos[] = "kerberos"; -#define kerberos_len (sizeof(kerberos)-1) - -krb5_error_code -krb5int_dk_string_to_key(const struct krb5_keytypes *ktp, - const krb5_data *string, const krb5_data *salt, - const krb5_data *parms, krb5_keyblock *keyblock) -{ - krb5_error_code ret; - size_t keybytes, keylength, concatlen; - unsigned char *concat = NULL, *foldstring = NULL, *foldkeydata = NULL; - krb5_data indata; - krb5_keyblock foldkeyblock; - krb5_key foldkey = NULL; - - /* keyblock->length is checked by krb5int_derive_key. */ - - keybytes = ktp->enc->keybytes; - keylength = ktp->enc->keylength; - - concatlen = string->length + (salt ? salt->length : 0); - - concat = k5alloc(concatlen, &ret); - if (ret != 0) - goto cleanup; - foldstring = k5alloc(keybytes, &ret); - if (ret != 0) - goto cleanup; - foldkeydata = k5alloc(keylength, &ret); - if (ret != 0) - goto cleanup; - - /* construct input string ( = string + salt), fold it, make_key it */ - - memcpy(concat, string->data, string->length); - if (salt) - memcpy(concat + string->length, salt->data, salt->length); - - krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring); - - indata.length = keybytes; - indata.data = (char *) foldstring; - foldkeyblock.length = keylength; - foldkeyblock.contents = foldkeydata; - foldkeyblock.enctype = ktp->etype; - - ret = ktp->rand2key(&indata, &foldkeyblock); - if (ret != 0) - goto cleanup; - - ret = krb5_k_create_key(NULL, &foldkeyblock, &foldkey); - if (ret != 0) - goto cleanup; - - /* now derive the key from this one */ - - indata.length = kerberos_len; - indata.data = (char *) kerberos; - - ret = krb5int_derive_keyblock(ktp->enc, foldkey, keyblock, &indata, - DERIVE_RFC3961); - if (ret != 0) - memset(keyblock->contents, 0, keyblock->length); - -cleanup: - zapfree(concat, concatlen); - zapfree(foldstring, keybytes); - zapfree(foldkeydata, keylength); - krb5_k_free_key(NULL, foldkey); - return ret; -} - - -#define MAX_ITERATION_COUNT 0x1000000L - -static krb5_error_code -pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string, - const krb5_data *salt, const krb5_data *pepper, - const krb5_data *params, krb5_keyblock *key, - enum deriv_alg deriv_alg, unsigned long def_iter_count) -{ - unsigned long iter_count; - krb5_data out; - static const krb5_data usage = { KV5M_DATA, 8, "kerberos" }; - krb5_key tempkey = NULL; - krb5_error_code err; - krb5_data sandp = empty_data(); - - if (params) { - unsigned char *p = (unsigned char *) params->data; - if (params->length != 4) - return KRB5_ERR_BAD_S2K_PARAMS; - /* The first two need casts in case 'int' is 16 bits. */ - iter_count = load_32_be(p); - if (iter_count == 0) { - iter_count = (1UL << 16) << 16; - if (((iter_count >> 16) >> 16) != 1) - return KRB5_ERR_BAD_S2K_PARAMS; - } - } else - iter_count = def_iter_count; - - /* This is not a protocol specification constraint; this is an - implementation limit, which should eventually be controlled by - a config file. */ - if (iter_count >= MAX_ITERATION_COUNT) - return KRB5_ERR_BAD_S2K_PARAMS; - - /* Use the output keyblock contents for temporary space. */ - out.data = (char *) key->contents; - out.length = key->length; - if (out.length != 16 && out.length != 32) - return KRB5_CRYPTO_INTERNAL; - - if (pepper != NULL) { - err = alloc_data(&sandp, pepper->length + 1 + salt->length); - if (err) - return err; - - memcpy(sandp.data, pepper->data, pepper->length); - sandp.data[pepper->length] = '\0'; - memcpy(&sandp.data[pepper->length + 1], salt->data, salt->length); - - salt = &sandp; - } - - err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt); - if (err) - goto cleanup; - - err = krb5_k_create_key (NULL, key, &tempkey); - if (err) - goto cleanup; - - err = krb5int_derive_keyblock(ktp->enc, tempkey, key, &usage, deriv_alg); - -cleanup: - if (sandp.data) - free(sandp.data); - if (err) - memset (out.data, 0, out.length); - krb5_k_free_key (NULL, tempkey); - return err; -} - -krb5_error_code -krb5int_aes_string_to_key(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key) -{ - return pbkdf2_string_to_key(ktp, string, salt, NULL, params, key, - DERIVE_RFC3961, 4096); -} - -#ifdef CAMELLIA -krb5_error_code -krb5int_camellia_string_to_key(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key) -{ - krb5_data pepper = string2data(ktp->name); - - return pbkdf2_string_to_key(ktp, string, salt, &pepper, params, key, - DERIVE_SP800_108_CMAC, 32768); -} -#endif |