krb5.git/src/lib/crypto, branch kinit-c MIT Kerberos patches Modify k5buf interfaces for easier use 2014-07-30T16:11:38+00:00 Greg Hudson ghudson@mit.edu 2014-07-02T16:03:54+00:00 651f3af251d172361a954f55f2d87561ae42c2d0 Make struct k5buf less opaque and get rid of k5buf-int.h. Make it easy to initialize a k5buf in an error state so that it can be freed in a cleanup handler. Add a function k5_buf_status which returns 0 or ENOMEM. Remove k5_buf_data and k5_buf_len. Rename k5_free_buf to k5_buf_free. Adjust all callers to match. 
Make struct k5buf less opaque and get rid of k5buf-int.h.  Make it
easy to initialize a k5buf in an error state so that it can be freed
in a cleanup handler.  Add a function k5_buf_status which returns 0 or
ENOMEM.  Remove k5_buf_data and k5_buf_len.  Rename k5_free_buf to
k5_buf_free.  Adjust all callers to match.
Improve error message for PRNG seeding failure 2014-07-16T01:19:33+00:00 Greg Hudson ghudson@mit.edu 2014-07-16T00:23:15+00:00 4f41a0d4a6a62439f21aacdd650595a065f15056 In prng_fortuna.c, if krb5_c_random_make_octets detects that we do not have entropy, set an error message saying that the random number generator could not be seeded, as we likely failed previously to read from /dev/urandom or the Windows equivalent. ticket: 7968 (new) 
In prng_fortuna.c, if krb5_c_random_make_octets detects that we do not
have entropy, set an error message saying that the random number
generator could not be seeded, as we likely failed previously to read
from /dev/urandom or the Windows equivalent.

ticket: 7968 (new)
Include autoconf.h before system headers 2014-07-08T23:19:24+00:00 Greg Hudson ghudson@mit.edu 2014-07-05T15:50:58+00:00 02a1123cf44381690c28f18ab2c4ba8036200539 Include autoconf.h (either directly or via proxy) before system headers, so that feature test macros defined there can affect the system namespace. Where include order was changed, eliminate some redundant or unnecessary includes. ticket: 7961 
Include autoconf.h (either directly or via proxy) before system
headers, so that feature test macros defined there can affect the
system namespace.  Where include order was changed, eliminate some
redundant or unnecessary includes.

ticket: 7961
Add tests for krb5int_c_combine_keys 2014-05-21T15:33:25+00:00 Greg Hudson ghudson@mit.edu 2014-05-20T18:52:44+00:00 6e8b2fba84df2ef74ce071330b4c3f843f4b7541 krb5int_c_combine_keys is used only by SAM-2 preauth with neither the send-encrypted-sad nor use-sad-as-key flags, so it isn't covered by any automated function tests. Add some unit tests to make sure that it works and returns the expected results for two randomly generated test vectors. ticket: 7914 target_version: 1.12.2 tags: pullup 
krb5int_c_combine_keys is used only by SAM-2 preauth with neither the
send-encrypted-sad nor use-sad-as-key flags, so it isn't covered by
any automated function tests.  Add some unit tests to make sure that
it works and returns the expected results for two randomly generated
test vectors.

ticket: 7914
target_version: 1.12.2
tags: pullup
Fix krb5int_c_combine_keys 2014-05-21T15:33:24+00:00 Ken Hornstein kenh@cmf.nrl.navy.mil 2014-05-20T18:50:22+00:00 89803a5a781107365d5a4534eebf48dbaf010f96 When krb5int_c_combine_keys was updated to use the new crypto interface, a small bug was introduced. It turns out the temporary keyblock created needs to have its enctype set; otherwise, when krb5int_derive_keyblock() is called later, it will fail with KRB5_BAD_ENCTYPE. ticket: 7914 target_version: 1.12.2 tags: pullup 
When krb5int_c_combine_keys was updated to use the new crypto
interface, a small bug was introduced.  It turns out the temporary
keyblock created needs to have its enctype set; otherwise, when
krb5int_derive_keyblock() is called later, it will fail with
KRB5_BAD_ENCTYPE.

ticket: 7914
target_version: 1.12.2
tags: pullup
Modernize default_state.c 2014-03-25T22:08:21+00:00 Greg Hudson ghudson@mit.edu 2014-03-25T14:52:38+00:00 7d87754d7d4c0398c0504f2cae0937c0d005a339 Use alloc_data() and empty_data() where appropriate. Keep mainline logic to the left where possible. Name the output parameter of krb5int_des_init_state with an _out suffix. Use a professional tone in comments. Partly based on a patch from Alok Menghrajani. 
Use alloc_data() and empty_data() where appropriate.  Keep mainline
logic to the left where possible.  Name the output parameter of
krb5int_des_init_state with an _out suffix.  Use a professional tone
in comments.  Partly based on a patch from Alok Menghrajani.
Eliminate internal fixed-width type wrappers 2014-02-26T21:15:20+00:00 Greg Hudson ghudson@mit.edu 2014-02-01T21:26:51+00:00 1041af9f85e4be342339475cf5c8878fef1de10d Directly use stdint.h names for integer types in preference to the various internal names we have made up for them. 
Directly use stdint.h names for integer types in preference to the
various internal names we have made up for them.
Get rid of builtin AES uitypes.h 2014-02-26T21:15:20+00:00 Greg Hudson ghudson@mit.edu 2014-02-01T20:23:58+00:00 42cc0d3cd2cfa02a6ba9b3e0b94000e73d83ff92 Remove uitypes.h and just include stdint.h; all we need from it is uint{8,16,32}_t. 
Remove uitypes.h and just include stdint.h; all we need from it is
uint{8,16,32}_t.
Clean up AES-NI code 2014-01-10T21:01:16+00:00 Tom Yu tlyu@mit.edu 2014-01-10T20:45:45+00:00 d658d91bb16adb5410ee2b34437630ee43cbd939 Items in .data other than shuffle_mask are unused; delete them. Delete the unused macro load_and_inc4. Move shuffle_mask to .rodata. 
Items in .data other than shuffle_mask are unused; delete them.
Delete the unused macro load_and_inc4.  Move shuffle_mask to .rodata.
Avoid text relocations in iaesx86.s 2014-01-10T20:04:32+00:00 Tom Yu tlyu@mit.edu 2014-01-10T20:04:32+00:00 3847aa109e8ff3f2781d53315f81e8d29ee35892 Use PC-relative addressing to avoid runtime text relocations on i386. Adapted patch from Nalin Dahyabhai. ticket: 7815 target_version: 1.12.1 tags: pullup 
Use PC-relative addressing to avoid runtime text relocations on i386.

Adapted patch from Nalin Dahyabhai.

ticket: 7815
target_version: 1.12.1
tags: pullup