Consolidate almost all lib/crypto/krb headers into a single

crypto_int.h.  In that header, define and document responsibilities
for crypto modules, some of which are satisfied through a
module-specific crypto_mod.h.  In the OpenSSL and NSS modules, remove
many of the headers and sources providing functionality which isn't
needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and
SHA-1 hashing, as well as DES weak key testing).  Change most
Makefile.ins to only include headers from lib/crypto/krb and
lib/crypto/$(CRYPTO_IMPL), instead of from many different directories.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 5 insertions, 195 deletions

diff --git a/src/lib/crypto/nss/md5/Makefile.in b/src/lib/crypto/nss/md5/Makefile.in
index b0cde50e96..ec7279518e 100644
--- a/src/lib/crypto/nss/md5/Makefile.in
+++ b/src/lib/crypto/nss/md5/Makefile.in
@@ -4,15 +4,14 @@ DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
-CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS)
+LOCALINCLUDES =
 
 
-STLIBOBJS= md5.o
+STLIBOBJS=
 
-OBJS= $(OUTPRE)md5.$(OBJEXT) 
+OBJS=
 
-SRCS= $(srcdir)/md5.c
+SRCS=
 
 all-unix:: all-libobjs
 
diff --git a/src/lib/crypto/nss/md5/deps b/src/lib/crypto/nss/md5/deps
index bc7ef602b8..2feac3c9d3 100644
--- a/src/lib/crypto/nss/md5/deps
+++ b/src/lib/crypto/nss/md5/deps
@@ -1,14 +1 @@
-# 
-# Generated makefile dependencies follow.
-#
-md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h
+# No dependencies here.
diff --git a/src/lib/crypto/nss/md5/md5.c b/src/lib/crypto/nss/md5/md5.c
deleted file mode 100644
index ee494e55f2..0000000000
--- a/src/lib/crypto/nss/md5/md5.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/nss/md5/md5.c
- *
- * Copyright (c) 2010 Red Hat, Inc.
- * All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- *  * Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- *  * Redistributions in binary form must reproduce the above
- *    copyright notice, this list of conditions and the following
- *    disclaimer in the documentation and/or other materials provided
- *    with the distribution.
- *
- *  * Neither the name of Red Hat, Inc., nor the names of its
- *    contributors may be used to endorse or promote products derived
- *    from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
- * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "k5-int.h"
-#include "rsa-md5.h"
-#include "pk11pub.h"
-#include "nss_gen.h"
-
-
-/* Initialize the message-digest context mdContext. */
-void
-krb5int_MD5Init(krb5_MD5_CTX *mdContext)
-{
-    if (k5_nss_init()) {
-        mdContext->nss_ctxt = NULL;
-        return;
-    }
-    mdContext->nss_ctxt = PK11_CreateDigestContext(SEC_OID_MD5);
-    if (mdContext->nss_ctxt == NULL)
-        return;
-    PK11_DigestBegin((PK11Context *)mdContext->nss_ctxt);
-}
-
-/*
- * Update the message-digest context to account for the presence of each of the
- * characters inBuf[0..inLen-1] in the message whose digest is being computed.
- */
-void
-krb5int_MD5Update(krb5_MD5_CTX *mdContext, const unsigned char *inBuf,
-                  unsigned int inLen)
-{
-   if (mdContext->nss_ctxt == NULL)
-        return;
-   PK11_DigestOp((PK11Context *)mdContext->nss_ctxt, inBuf, inLen);
-}
-
-/* Terminate the message-digest computation and end with the desired message
- * digest in mdContext->digest[0...15]. */
-void
-krb5int_MD5Final(krb5_MD5_CTX *mdContext)
-{
-   unsigned int digestLength;
-
-   if (mdContext->nss_ctxt == NULL)
-        return;
-   PK11_DigestFinal((PK11Context *)mdContext->nss_ctxt, mdContext->digest,
-                    &digestLength, sizeof (mdContext->digest));
-   /* since there is not separate cleanup step, free the context now.
-    * (otherwise we could have reused the context for another MD5 operation
-    * in the future).
-    */
-   PK11_DestroyContext((PK11Context *)mdContext->nss_ctxt, PR_TRUE);
-   mdContext->nss_ctxt = NULL;
-}
diff --git a/src/lib/crypto/nss/md5/rsa-md5.h b/src/lib/crypto/nss/md5/rsa-md5.h
deleted file mode 100644
index 228eb09777..0000000000
--- a/src/lib/crypto/nss/md5/rsa-md5.h
+++ /dev/null
@@ -1,90 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/md5/rsa-md5.h
- *
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- ***********************************************************************
- ** md5.h -- header file for implementation of MD5                    **
- ** RSA Data Security, Inc. MD5 Message-Digest Algorithm              **
- ** Created: 2/17/90 RLR                                              **
- ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version               **
- ** Revised (for MD5): RLR 4/27/91                                    **
- **   -- G modified to have y&~z instead of y&z                       **
- **   -- FF, GG, HH modified to add in last register done             **
- **   -- Access pattern: round 2 works mod 5, round 3 works mod 3     **
- **   -- distinct additive constant for each step                     **
- **   -- round 4 added, working mod 7                                 **
- ***********************************************************************
- */
-
-/*
- ***********************************************************************
- ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved.  **
- **                                                                   **
- ** License to copy and use this software is granted provided that    **
- ** it is identified as the "RSA Data Security, Inc. MD5 Message-     **
- ** Digest Algorithm" in all material mentioning or referencing this  **
- ** software or this function.                                        **
- **                                                                   **
- ** License is also granted to make and use derivative works          **
- ** provided that such works are identified as "derived from the RSA  **
- ** Data Security, Inc. MD5 Message-Digest Algorithm" in all          **
- ** material mentioning or referencing the derived work.              **
- **                                                                   **
- ** RSA Data Security, Inc. makes no representations concerning       **
- ** either the merchantability of this software or the suitability    **
- ** of this software for any particular purpose.  It is provided "as  **
- ** is" without express or implied warranty of any kind.              **
- **                                                                   **
- ** These notices must be retained in any copies of any part of this  **
- ** documentation and/or software.                                    **
- ***********************************************************************
- */
-
-
-#ifndef    KRB5_RSA_MD5__
-#define    KRB5_RSA_MD5__
-
-/* Data structure for MD5 (Message-Digest) computation */
-typedef struct {
-    void *nss_ctxt;
-    krb5_int32 * digest_len;
-    krb5_ui_4 i[2];              /* number of _bits_ handled mod 2^64 */
-    krb5_ui_4 buf[4];            /* scratch buffer */
-    unsigned char in[64];        /* input buffer */
-    unsigned char digest[16];    /* actual digest after MD5Final call */
-} krb5_MD5_CTX;
-
-extern void krb5int_MD5Init(krb5_MD5_CTX *);
-extern void krb5int_MD5Update(krb5_MD5_CTX *, const unsigned char *,
-                              unsigned int);
-extern void krb5int_MD5Final(krb5_MD5_CTX *);
-
-#define    RSA_MD5_CKSUM_LENGTH            16
-#define    OLD_RSA_MD5_DES_CKSUM_LENGTH    16
-#define    NEW_RSA_MD5_DES_CKSUM_LENGTH    24
-#define    RSA_MD5_DES_CONFOUND_LENGTH     8
-
-#endif /* KRB5_RSA_MD5__ */