diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-10-02 17:21:54 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-10-02 17:21:54 +0000 |
| commit | 23f90e6bf3c7888ffbd59935ced87156d0be5a53 (patch) | |
| tree | fefdfab6da9cc964de26d5915140aefe53103529 | |
| parent | 1827e342c54b79566e6270f764e14e01990633ab (diff) | |
| download | krb5-23f90e6bf3c7888ffbd59935ced87156d0be5a53.tar.gz krb5-23f90e6bf3c7888ffbd59935ced87156d0be5a53.tar.xz krb5-23f90e6bf3c7888ffbd59935ced87156d0be5a53.zip | |
Merge branches/nss to trunk
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24416 dc483132-0cff-0310-8789-dd5450dbe970
59 files changed, 3956 insertions, 20 deletions
@@ -173,7 +173,8 @@ src/lib/crypto/aes has the following copyright: -------------------- Portions contributed by Red Hat, including the pre-authentication -plug-ins framework, contain the following copyright: +plug-ins framework and the NSS crypto implementation, contain the +following copyright: Copyright (c) 2006 Red Hat, Inc. Portions copyright (c) 2006 Massachusetts Institute of Technology diff --git a/src/configure.in b/src/configure.in index 7d59a56d8..70e9817c3 100644 --- a/src/configure.in +++ b/src/configure.in @@ -123,8 +123,27 @@ AC_HELP_STRING([--with-crypto-impl=IMPL], [use specified crypto implementation @ [CRYPTO_IMPL=$withval AC_MSG_RESULT("k5crypto will use \'$withval\'") ], withval=builtin) +CRYPTO_IMPL_LIBS= +CRYPTO_IMPL_CFLAGS= +case "$withval" in +builtin) + ;; +openssl) + AC_CHECK_LIB(crypto, PKCS7_get_signer_info) + ;; +nss) + CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss` + CRYPTO_IMPL_LIBS="-lnss3 $(pkg-config --libs nss-util)" + AC_DEFINE(CRYPTO_IMPL_NSS,1,[Define if crypto implementation is NSS]) + ;; +*) + AC_MSG_ERROR([Unknown crypto implementation $withval]) + ;; +esac AC_CONFIG_COMMANDS(CRYPTO_IMPL, , CRYPTO_IMPL=$CRYPTO_IMPL) AC_SUBST(CRYPTO_IMPL) +AC_SUBST(CRYPTO_IMPL_CFLAGS) +AC_SUBST(CRYPTO_IMPL_LIBS) # --with-kdc-kdb-update makes the KDC update the database with last request # information and failure information. diff --git a/src/include/k5-int.h b/src/include/k5-int.h index cf14a6227..67f01925a 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -823,6 +823,7 @@ krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context, * Internal - for cleanup. */ extern void krb5int_prng_cleanup(void); +extern void krb5int_crypto_impl_cleanup(void); #ifdef KRB5_OLD_CRYPTO @@ -2654,6 +2655,7 @@ krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *); extern int krb5int_crypto_init (void); extern int krb5int_prng_init(void); +extern int krb5int_crypto_impl_init(void); /* * Referral definitions, debugging hooks, and subfunctions. diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index a05f086e7..579d0829c 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -46,7 +46,7 @@ SUBDIROBJLISTS=krb/crc32/OBJS.ST krb/dk/OBJS.ST \ # link editor and loader support it. DEPLIBS= SHLIB_DIRS=-L$(TOPLIBD) -SHLIB_EXPLIBS= $(SUPPORT_LIB) @CRYPTO_LIBS@ $(LIBS) +SHLIB_EXPLIBS= $(SUPPORT_LIB) @CRYPTO_LIBS@ @CRYPTO_IMPL_LIBS@ $(LIBS) SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB) SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@ SHLIB_LIBDIRS= @SHLIB_LIBDIRS@ diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in index 4e7e0cd87..5dd7fafdd 100644 --- a/src/lib/crypto/builtin/Makefile.in +++ b/src/lib/crypto/builtin/Makefile.in @@ -27,14 +27,17 @@ EXTRADEPSRCS= $(srcdir)/t_cf2.c STLIBOBJS=\ hmac.o \ - pbkdf2.o + init.o \ + pbkdf2.o OBJS=\ $(OUTPRE)hmac.$(OBJEXT) \ - $(OUTPRE)pbkdf2.$(OBJEXT) + $(OUTPRE)init.$(OBJEXT) \ + $(OUTPRE)pbkdf2.$(OBJEXT) SRCS=\ $(srcdir)/hmac.c \ + $(srcdir)/init.c \ $(srcdir)/pbkdf2.c STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ diff --git a/src/lib/crypto/builtin/init.c b/src/lib/crypto/builtin/init.c new file mode 100644 index 000000000..af69523af --- /dev/null +++ b/src/lib/crypto/builtin/init.c @@ -0,0 +1,40 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/builtin/init.c + * + * Copyright (C) 2010 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Built-in back-end library init functions + */ + +int +krb5int_crypto_impl_init(void) +{ + return 0; +} + +void +krb5int_crypto_impl_cleanup(void) +{ +} diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in index a0cbb1d1b..784d30701 100644 --- a/src/lib/crypto/crypto_tests/Makefile.in +++ b/src/lib/crypto/crypto_tests/Makefile.in @@ -45,6 +45,9 @@ EXTRADEPSRCS=\ # NOTE: The t_cksum known checksum values are primarily for regression # testing. They are not derived a priori, but are known to produce # checksums that interoperate. +# +# We use the NSS PRNG when NSS is the crypto back end, so don't test +# against the expected output for Yarrow. check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \ t_cksum4 t_cksum5 \ aes-test \ @@ -53,8 +56,9 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \ t_crc t_cts t_short t_str2key t_camellia_ccm $(RUN_SETUP) $(VALGRIND) ./t_nfold $(RUN_SETUP) $(VALGRIND) ./t_encrypt - $(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \ - diff t_prng.output $(srcdir)/t_prng.expected + if [ @CRYPTO_IMPL@ != nss ]; then \ + $(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \ + diff t_prng.output $(srcdir)/t_prng.expected; fi $(RUN_SETUP) $(VALGRIND) ./t_cmac $(RUN_SETUP) $(VALGRIND) ./t_hmac $(RUN_SETUP) $(VALGRIND) ./t_prf <$(srcdir)/t_prf.in >t_prf.output diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in index 119441aab..35dbc877f 100644 --- a/src/lib/crypto/krb/Makefile.in +++ b/src/lib/crypto/krb/Makefile.in @@ -9,7 +9,8 @@ LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../@CRYPTO_IMPL@/enc_provider -I$(srcdir -I$(srcdir)/../@CRYPTO_IMPL@/ -I$(srcdir)/../@CRYPTO_IMPL@/des \ -I$(srcdir)/../@CRYPTO_IMPL@/aes -I$(srcdir)/arcfour \ -I$(srcdir)/../@CRYPTO_IMPL@/camellia \ - -I$(srcdir)/../@CRYPTO_IMPL@/sha1 -I$(srcdir)/../@CRYPTO_IMPL@ + -I$(srcdir)/../@CRYPTO_IMPL@/sha1 -I$(srcdir)/../@CRYPTO_IMPL@ \ + @CRYPTO_IMPL_CFLAGS@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) DEFS= diff --git a/src/lib/crypto/krb/crypto_libinit.c b/src/lib/crypto/krb/crypto_libinit.c index a69db38e3..b94a01cc0 100644 --- a/src/lib/crypto/krb/crypto_libinit.c +++ b/src/lib/crypto/krb/crypto_libinit.c @@ -14,7 +14,11 @@ extern void krb5int_prng_cleanup (void); int cryptoint_initialize_library (void) { - return krb5int_prng_init(); + int err; + err = krb5int_prng_init(); + if (err) + return err; + return krb5int_crypto_impl_init(); } int krb5int_crypto_init(void) @@ -30,5 +34,6 @@ void cryptoint_cleanup_library (void) { if (!INITIALIZER_RAN(cryptoint_initialize_library)) return; - krb5int_prng_cleanup (); + krb5int_prng_cleanup(); + krb5int_crypto_impl_cleanup(); } diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c index ef326994a..a25cfcfcb 100644 --- a/src/lib/crypto/krb/prng.c +++ b/src/lib/crypto/krb/prng.c @@ -29,11 +29,77 @@ #include <assert.h> #include "k5-thread.h" -#include "yarrow.h" -static Yarrow_CTX y_ctx; #define yarrow_lock krb5int_yarrow_lock k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER; +#ifdef CRYPTO_IMPL_NSS + +/* + * Using Yarrow with NSS is a bit problematic because the MD5 contexts it holds + * open for the entropy pools would be invalidated by a fork(), causing us to + * lose the entropy contained therein. + * + * Therefore, use the NSS PRNG if NSS is the crypto implementation. Doing this + * via ifdefs here is temporary until we come up with better build logic for + * it. + */ + +#include "../nss/nss_gen.h" +#include <pk11pub.h> + +/* + * NSS gathers its own OS entropy, so it doesn't really matter how much we read + * in krb5_c_random_os_entropy. Use the same value as Yarrow (without using a + * Yarrow constant), so that we don't read too much from /dev/random. + */ +#define OS_ENTROPY_LEN 20 + +int krb5int_prng_init(void) +{ + return 0; +} + +krb5_error_code KRB5_CALLCONV +krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, + const krb5_data *data) +{ + krb5_error_code ret; + + ret = k5_nss_init(); + if (ret) + return ret; + if (PK11_RandomUpdate(data->data, data->length) != SECSuccess) + return k5_nss_map_last_error(); + return 0; +} + +krb5_error_code KRB5_CALLCONV +krb5_c_random_make_octets(krb5_context context, krb5_data *data) +{ + krb5_error_code ret; + + ret = k5_nss_init(); + if (ret) + return ret; + if (PK11_GenerateRandom((unsigned char *)data->data, + data->length) != SECSuccess) + return k5_nss_map_last_error(); + return 0; +} + +void +krb5int_prng_cleanup (void) +{ +} + +#else /* CRYPTO_IMPL_NSS */ + +#include "yarrow.h" +static Yarrow_CTX y_ctx; + +/* Gather enough OS entropy per call to trigger a Yarrow reseed. */ +#define OS_ENTROPY_LEN (YARROW_SLOW_THRESH/8) + /* Helper function to estimate entropy based on sample length * and where it comes from. */ @@ -100,12 +166,6 @@ krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, } krb5_error_code KRB5_CALLCONV -krb5_c_random_seed(krb5_context context, krb5_data *data) -{ - return krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OLDAPI, data); -} - -krb5_error_code KRB5_CALLCONV krb5_c_random_make_octets(krb5_context context, krb5_data *data) { int yerr; @@ -127,6 +187,13 @@ krb5int_prng_cleanup (void) k5_mutex_destroy(&yarrow_lock); } +#endif /* not CRYPTO_IMPL_NSS */ + +krb5_error_code KRB5_CALLCONV +krb5_c_random_seed(krb5_context context, krb5_data *data) +{ + return krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OLDAPI, data); +} /* * Routines to get entropy from the OS. For UNIX we try /dev/urandom @@ -163,7 +230,7 @@ read_entropy_from_device(krb5_context context, const char *device) krb5_data data; struct stat sb; int fd; - unsigned char buf[YARROW_SLOW_THRESH/8], *bp; + unsigned char buf[OS_ENTROPY_LEN], *bp; int left; fd = open (device, O_RDONLY); diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in new file mode 100644 index 000000000..f6b457b4a --- /dev/null +++ b/src/lib/crypto/nss/Makefile.in @@ -0,0 +1,145 @@ +mydir=lib/crypto/nss +BUILDTOP=$(REL)..$(S)..$(S).. +SUBDIRS=des aes camellia md4 md5 sha1 enc_provider hash_provider +LOCALINCLUDES = -I$(srcdir)/../krb \ + -I$(srcdir)/../krb/hash_provider \ + -I$(srcdir)/des \ + -I$(srcdir)/aes \ + -I$(srcdir)/sha1 \ + -I$(srcdir)/md4 \ + -I$(srcdir)/md5 \ + -I$(srcdir)/enc_provider \ + -I$(srcdir)/hash_provider \ + @CRYPTO_IMPL_CFLAGS@ + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) +DEFS= + +##DOSBUILDTOP = ..\..\.. +##DOSLIBNAME=$(OUTPRE)crypto.lib +##DOSOBJFILE=$(OUTPRE)crypto.lst +##DOSOBJFILELIST=@$(OUTPRE)crypto.lst @$(OUTPRE)des.lst @$(OUTPRE)md4.lst @$(OUTPRE)md5.lst @$(OUTPRE)sha1.lst @$(OUTPRE)crc32.lst @$(OUTPRE)dk.lst @$(OUTPRE)old.lst @$(OUTPRE)raw.lst @$(OUTPRE)enc_prov.lst @$(OUTPRE)hash_pro.lst @$(OUTPRE)kh_pro.lst @$(OUTPRE)yarrow.lst @$(OUTPRE)aes.lst +##DOSOBJFILEDEP =$(OUTPRE)crypto.lst $(OUTPRE)des.lst $(OUTPRE)md4.lst $(OUTPRE)md5.lst $(OUTPRE)sha1.lst $(OUTPRE)crc32.lst $(OUTPRE)dk.lst $(OUTPRE)old.lst $(OUTPRE)raw.lst $(OUTPRE)enc_prov.lst $(OUTPRE)hash_pro.lst $(OUTPRE)kh_pro.lst $(OUTPRE)aes.lst + +STLIBOBJS=\ + hmac.o \ + pbkdf2.o + +OBJS=\ + $(OUTPRE)hmac.$(OBJEXT) \ + $(OUTPRE)pbkdf2.$(OBJEXT) + +SRCS=\ + $(srcdir)/hmac.c \ + $(srcdir)/pbkdf2.c + +STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ + md5/OBJS.ST sha1/OBJS.ST \ + enc_provider/OBJS.ST \ + hash_provider/OBJS.ST \ + aes/OBJS.ST \ + camellia/OBJS.ST \ + OBJS.ST + +SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ + md5/OBJS.ST sha1/OBJS.ST \ + enc_provider/OBJS.ST \ + hash_provider/OBJS.ST \ + aes/OBJS.ST \ + camellia/OBJS.ST + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs +includes:: depend + +depend:: $(SRCS) + +clean-unix:: clean-libobjs + +all-windows:: + cd ..\des + @echo Making in crypto\des + $(MAKE) -$(MFLAGS) + cd ..\md4 + @echo Making in crypto\md4 + $(MAKE) -$(MFLAGS) + cd ..\md5 + @echo Making in crypto\md5 + $(MAKE) -$(MFLAGS) + cd ..\sha1 + @echo Making in crypto\sha1 + $(MAKE) -$(MFLAGS) + cd ..\hash_provider + @echo Making in crypto\hash_provider + $(MAKE) -$(MFLAGS) + cd ..\enc_provider + @echo Making in crypto\enc_provider + $(MAKE) -$(MFLAGS) + cd ..\aes + @echo Making in crypto\aes + $(MAKE) -$(MFLAGS) + cd ..\camellia + @echo Making in crypto\aes + $(MAKE) -$(MFLAGS) + cd .. + +clean-windows:: + cd ..\des + @echo Making clean in crypto\des + $(MAKE) -$(MFLAGS) clean + cd ..\md4 + @echo Making clean in crypto\md4 + $(MAKE) -$(MFLAGS) clean + cd ..\md5 + @echo Making clean in crypto\md5 + $(MAKE) -$(MFLAGS) clean + cd ..\sha1 + @echo Making clean in crypto\sha1 + $(MAKE) -$(MFLAGS) clean + cd ..\hash_provider + @echo Making clean in crypto\hash_provider + $(MAKE) -$(MFLAGS) clean + cd ..\enc_provider + @echo Making clean in crypto\enc_provider + $(MAKE) -$(MFLAGS) clean + cd ..\aes + @echo Making clean in crypto\aes + $(MAKE) -$(MFLAGS) clean + cd ..\camellia + @echo Making clean in crypto\aes + $(MAKE) -$(MFLAGS) clean + cd .. + +check-windows:: + cd ..\des + @echo Making check in crypto\des + $(MAKE) -$(MFLAGS) check + cd ..\md4 + @echo Making check in crypto\md4 + $(MAKE) -$(MFLAGS) check + cd ..\md5 + @echo Making check in crypto\md5 + $(MAKE) -$(MFLAGS) check + cd ..\sha1 + @echo Making check in crypto\sha1 + $(MAKE) -$(MFLAGS) check + cd ..\hash_provider + @echo Making check in crypto\hash_provider + $(MAKE) -$(MFLAGS) check + cd ..\enc_provider + @echo Making check in crypto\enc_provider + $(MAKE) -$(MFLAGS) check + cd ..\aes + @echo Making check in crypto\aes + $(MAKE) -$(MFLAGS) check + cd ..\camellia + @echo Making check in crypto\aes + $(MAKE) -$(MFLAGS) check + cd .. + + +@lib_frag@ +@libobj_frag@ + diff --git a/src/lib/crypto/nss/aes/Makefile.in b/src/lib/crypto/nss/aes/Makefile.in new file mode 100644 index 000000000..9855eafb0 --- /dev/null +++ b/src/lib/crypto/nss/aes/Makefile.in @@ -0,0 +1,40 @@ +# Nothing here! But we can't remove this directory as the build +# system currently assumes that all modules have the same directory +# structure. + +mydir=lib/crypto/nss/aes +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=aes +##DOS##OBJFILE=..\$(OUTPRE)aes.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= + +OBJS= + +SRCS= + + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +check:: + + +clean-unix:: clean-libobjs + +clean:: + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/aes/deps b/src/lib/crypto/nss/aes/deps new file mode 100644 index 000000000..2feac3c9d --- /dev/null +++ b/src/lib/crypto/nss/aes/deps @@ -0,0 +1 @@ +# No dependencies here. diff --git a/src/lib/crypto/nss/camellia/Makefile.in b/src/lib/crypto/nss/camellia/Makefile.in new file mode 100644 index 000000000..c937f2197 --- /dev/null +++ b/src/lib/crypto/nss/camellia/Makefile.in @@ -0,0 +1,40 @@ +# Nothing here! But we can't remove this directory as the build +# system currently assumes that all modules have the same directory +# structure. + +mydir=lib/crypto/nss/camellia +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=camellia +##DOS##OBJFILE=..\$(OUTPRE)camellia.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= + +OBJS= + +SRCS= + + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +check:: + + +clean-unix:: clean-libobjs + +clean:: + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/camellia/deps b/src/lib/crypto/nss/camellia/deps new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/src/lib/crypto/nss/camellia/deps diff --git a/src/lib/crypto/nss/deps b/src/lib/crypto/nss/deps new file mode 100644 index 000000000..7fc8427ae --- /dev/null +++ b/src/lib/crypto/nss/deps @@ -0,0 +1,25 @@ +# +# Generated makefile dependencies follow. +# +hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h $(srcdir)/hmac.c \ + $(srcdir)/../krb/aead.h $(srcdir)/../krb/cksumtypes.h +pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h $(srcdir)/hash_provider/hash_provider.h \ + $(srcdir)/pbkdf2.c diff --git a/src/lib/crypto/nss/des/Makefile.in b/src/lib/crypto/nss/des/Makefile.in new file mode 100644 index 000000000..d97fcfbd8 --- /dev/null +++ b/src/lib/crypto/nss/des/Makefile.in @@ -0,0 +1,49 @@ +mydir=lib/crypto/nss/des +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb @CRYPTO_IMPL_CFLAGS@ + +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=des +##DOS##OBJFILE=..\$(OUTPRE)des.lst + +RUN_SETUP = @KRB5_RUN_ENV@ +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + + +STLIBOBJS= des_oldapis.o \ + f_parity.o \ + string2key.o \ + weak_key.o + +OBJS= $(OUTPRE)f_parity.$(OBJEXT) \ + $(OUTPRE)des_oldapis.$(OBJEXT) \ + $(OUTPRE)string2key.$(OBJEXT) \ + $(OUTPRE)weak_key.$(OBJEXT) + +SRCS= $(srcdir)/f_parity.c \ + $(srcdir)/des_oldapis.c \ + $(srcdir)/weak_key.c \ + $(srcdir)/string2key.c + + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +check-unix:: + +includes:: depend + +depend:: $(SRCS) + +check-windows:: + +clean:: + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/des/deps b/src/lib/crypto/nss/des/deps new file mode 100644 index 000000000..206b3a4b4 --- /dev/null +++ b/src/lib/crypto/nss/des/deps @@ -0,0 +1,47 @@ +# +# Generated makefile dependencies follow. +# +f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/des_int.h $(srcdir)/f_parity.c +des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h $(srcdir)/des_int.h \ + $(srcdir)/des_oldapis.c +weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/des_int.h $(srcdir)/weak_key.c +string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/des_int.h $(srcdir)/string2key.c diff --git a/src/lib/crypto/nss/des/des_int.h b/src/lib/crypto/nss/des/des_int.h new file mode 100644 index 000000000..eb17eb9ae --- /dev/null +++ b/src/lib/crypto/nss/des/des_int.h @@ -0,0 +1,189 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/des/des_int.h + * + * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of + * Technology. All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Private include file for the Data Encryption Standard library. + */ + +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* only do the whole thing once */ +#ifndef DES_INTERNAL_DEFS +#define DES_INTERNAL_DEFS + +#include "k5-int.h" +/* + * Begin "mit-des.h" + */ +#ifndef KRB5_MIT_DES__ +#define KRB5_MIT_DES__ + +#if defined(__MACH__) && defined(__APPLE__) +#include <TargetConditionals.h> +#include <AvailabilityMacros.h> +#if TARGET_RT_MAC_CFM +#error "Use KfM 4.0 SDK headers for CFM compilation." +#endif +#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) +#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 +#endif +#endif /* defined(__MACH__) && defined(__APPLE__) */ + +/* Macro to add deprecated attribute to DES types and functions */ +/* Currently only defined on Mac OS X 10.5 and later. */ +#ifndef KRB5INT_DES_DEPRECATED +#define KRB5INT_DES_DEPRECATED +#endif + +#include <limits.h> + +#if UINT_MAX >= 0xFFFFFFFFUL +#define DES_INT32 int +#define DES_UINT32 unsigned int +#else +#define DES_INT32 long +#define DES_UINT32 unsigned long +#endif + +typedef unsigned char des_cblock[8] /* crypto-block size */ +KRB5INT_DES_DEPRECATED; + +/* + * Key schedule. + * + * This used to be + * + * typedef struct des_ks_struct { + * union { DES_INT32 pad; des_cblock _;} __; + * } des_key_schedule[16]; + * + * but it would cause trouble if DES_INT32 were ever more than 4 + * bytes. The reason is that all the encryption functions cast it to + * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If + * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the + * caller-allocated des_key_schedule will be overflowed by the key + * scheduling functions. We can't assume that every platform will + * have an exact 32-bit int, and nothing should be looking inside a + * des_key_schedule anyway. + */ +typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] +KRB5INT_DES_DEPRECATED; + +typedef des_cblock mit_des_cblock; +typedef des_key_schedule mit_des_key_schedule; + +/* Triple-DES structures */ +typedef mit_des_cblock mit_des3_cblock[3]; +typedef mit_des_key_schedule mit_des3_key_schedule[3]; + +#define MIT_DES_ENCRYPT 1 +#define MIT_DES_DECRYPT 0 + +typedef struct mit_des_ran_key_seed { + krb5_encrypt_block eblock; + krb5_data sequence; +} mit_des_random_state; + +/* the first byte of the key is already in the keyblock */ + +#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) +#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH +/* This used to be 8*sizeof(krb5_octet) */ +#define MIT_DES_KEYSIZE 8 + +#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) + +/* + * Check if k5-int.h has been included before us. If so, then check to see + * that our view of the DES key size is the same as k5-int.h's. + */ +#ifdef KRB5_MIT_DES_KEYSIZE +#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE +error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) +#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ +#endif /* KRB5_MIT_DES_KEYSIZE */ +#endif /* KRB5_MIT_DES__ */ +/* + * End "mit-des.h" + */ + +#define mit_des_zeroblock krb5int_c_mit_des_zeroblock +extern const mit_des_cblock mit_des_zeroblock; + +/* key_parity.c */ +extern void mit_des_fixup_key_parity (mit_des_cblock ); +extern int mit_des_check_key_parity (mit_des_cblock ); + +/* string2key.c */ +extern krb5_error_code mit_des_string_to_key + ( const krb5_encrypt_block *, + krb5_keyblock *, const krb5_data *, const krb5_data *); +extern krb5_error_code mit_des_string_to_key_int + (krb5_keyblock *, const krb5_data *, const krb5_data *); + +/* weak_key.c */ +extern int mit_des_is_weak_key (mit_des_cblock ); + +/* misc.c */ +extern void swap_bits (char *); +extern unsigned long long_swap_bits (unsigned long ); +extern unsigned long swap_six_bits_to_ansi (unsigned long ); +extern unsigned long swap_four_bits_to_ansi (unsigned long ); +extern unsigned long swap_bit_pos_1 (unsigned long ); +extern unsigned long swap_bit_pos_0 (unsigned long ); +extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); +extern unsigned long rev_swap_bit_pos_0 (unsigned long ); +extern unsigned long swap_byte_bits (unsigned long ); +extern unsigned long swap_long_bytes_bit_number (unsigned long ); +#ifdef FILE +/* XXX depends on FILE being a #define! */ +extern void test_set (FILE *, const char *, int, const char *, int); +#endif +#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/nss/des/des_oldapis.c b/src/lib/crypto/nss/des/des_oldapis.c new file mode 100644 index 000000000..eb1e58633 --- /dev/null +++ b/src/lib/crypto/nss/des/des_oldapis.c @@ -0,0 +1,56 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/openssl/des/des_oldapis.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + */ + +#include "k5-int.h" +#include "des_int.h" +#include <ctype.h> + +const mit_des_cblock mit_des_zeroblock /* = all zero */; + +unsigned long +mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, + unsigned long length, const mit_des_key_schedule schedule, + const krb5_octet *ivec) +{ + /* Unsupported operation */ + return KRB5_CRYPTO_INTERNAL; +} + +krb5_error_code +mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) +{ + return KRB5_CRYPTO_INTERNAL; +} + +int +mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) +{ + /* Unsupported operation */ + return KRB5_CRYPTO_INTERNAL; +} diff --git a/src/lib/crypto/nss/des/f_parity.c b/src/lib/crypto/nss/des/f_parity.c new file mode 100644 index 000000000..460b5061b --- /dev/null +++ b/src/lib/crypto/nss/des/f_parity.c @@ -0,0 +1,56 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * These routines check and fix parity of encryption keys for the DES + * algorithm. + * + * They are a replacement for routines in key_parity.c, that don't require + * the table building that they do. + * + * Mark Eichin -- Cygnus Support + */ + + +#include "des_int.h" + +/* + * des_fixup_key_parity: Forces odd parity per byte; parity is bits + * 8,16,...64 in des order, implies 0, 8, 16, ... + * vax order. + */ +#define smask(step) ((1<<step)-1) +#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step))) +#define parity_char(x) pstep(pstep(pstep((x),4),2),1) + +void +mit_des_fixup_key_parity(mit_des_cblock key) +{ + unsigned int i; + for (i=0; i<sizeof(mit_des_cblock); i++) + { + key[i] &= 0xfe; + key[i] |= 1^parity_char(key[i]); + } + + return; +} + +/* + * des_check_key_parity: returns true iff key has the correct des parity. + * See des_fix_key_parity for the definition of + * correct des parity. + */ +int +mit_des_check_key_parity(mit_des_cblock key) +{ + unsigned int i; + + for (i=0; i<sizeof(mit_des_cblock); i++) + { + if((key[i] & 1) == parity_char(0xfe&key[i])) + { + return 0; + } + } + + return(1); +} diff --git a/src/lib/crypto/nss/des/string2key.c b/src/lib/crypto/nss/des/string2key.c new file mode 100644 index 000000000..15c0adde8 --- /dev/null +++ b/src/lib/crypto/nss/des/string2key.c @@ -0,0 +1,86 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/openssl/des/string2key.c + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include "des_int.h" +#include "pk11pub.h" +#include "nss_gen.h" + +krb5_error_code +mit_des_string_to_key_int(krb5_keyblock *key, const krb5_data *pw, + const krb5_data *salt) +{ + PK11SlotInfo *slot = NULL; + PK11SymKey *symKey = NULL; + SECItem pwItem; + SECItem paramsItem; + CK_PBE_PARAMS pbe_params; + CK_MECHANISM_TYPE pbeMech = CKM_NETSCAPE_PBE_SHA1_DES_CBC; + krb5_error_code ret; + SECItem *keyData; + + ret = k5_nss_init(); + if (ret) + return ret; + + slot = PK11_GetBestSlot(pbeMech, NULL); + if (slot == NULL) { + ret = k5_nss_map_last_error(); + goto loser; + } + + pwItem.data = (unsigned char *)pw->data; + pwItem.len = pw->length; + memset(&pbe_params, 0, sizeof(pbe_params)); + pbe_params.pSalt = (unsigned char *)salt->data; + pbe_params.ulSaltLen = salt->length; + pbe_params.ulIteration = 1; + paramsItem.data = (unsigned char *)&pbe_params; + paramsItem.len = sizeof(pbe_params); + + symKey = PK11_RawPBEKeyGen(slot, pbeMech, ¶msItem, &pwItem, + PR_FALSE, NULL); + if (symKey == NULL) { + ret = k5_nss_map_last_error(); + goto loser; + } + PK11_ExtractKeyValue(symKey); + keyData = PK11_GetKeyData(symKey); + if (!keyData) { + ret = k5_nss_map_last_error(); + goto loser; + } + key->length = keyData->len; + memcpy(key->contents, keyData->data, key->length); + ret = 0; + +loser: + if (symKey) + PK11_FreeSymKey(symKey); + if (slot) + PK11_FreeSlot(slot); + return ret; +} diff --git a/src/lib/crypto/nss/des/weak_key.c b/src/lib/crypto/nss/des/weak_key.c new file mode 100644 index 000000000..43fbe91c6 --- /dev/null +++ b/src/lib/crypto/nss/des/weak_key.c @@ -0,0 +1,84 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/openssl/des/weak_key.c + * + * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Under U.S. law, this software may not be exported outside the US + * without license from the U.S. Commerce department. + * + * These routines form the library interface to the DES facilities. + * + * Originally written 8/85 by Steve Miller, MIT Project Athena. + */ + +#include "des_int.h" + +/* + * The following are the weak DES keys: + */ +static const mit_des_cblock weak[16] = { + /* weak keys */ + {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, + {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, + {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, + {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, + + /* semi-weak */ + {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, + {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, + + {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, + {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, + + {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, + {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, + + {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, + {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, + + {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, + {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, + + {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, + {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} +}; + +/* + * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. + * + * Requires: key has correct odd parity. + */ +int +mit_des_is_weak_key(mit_des_cblock key) +{ + unsigned int i; + const mit_des_cblock *weak_p = weak; + + for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { + if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) + return 1; + } + return 0; +} diff --git a/src/lib/crypto/nss/enc_provider/Makefile.in b/src/lib/crypto/nss/enc_provider/Makefile.in new file mode 100644 index 000000000..c7950d642 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/Makefile.in @@ -0,0 +1,54 @@ +mydir=lib/crypto/nss/enc_provider +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/../des \ + -I$(srcdir)/../arcfour \ + -I$(srcdir)/../aes \ + -I$(srcdir)/../../krb \ + -I$(srcdir)/../../krb/rand2key \ + -I$(srcdir)/.. -I$(srcdir)/. \ + @CRYPTO_IMPL_CFLAGS@ +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=enc_provider +##DOS##OBJFILE=..\$(OUTPRE)enc_prov.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= \ + enc_gen.o \ + des.o \ + des3.o \ + rc4.o \ + aes.o \ + camellia.o + +OBJS= \ + $(OUTPRE)enc_gen.$(OBJEXT) \ + $(OUTPRE)des.$(OBJEXT) \ + $(OUTPRE)des3.$(OBJEXT) \ + $(OUTPRE)aes.$(OBJEXT) \ + $(OUTPRE)camellia.$(OBJEXT) \ + $(OUTPRE)rc4.$(OBJEXT) + +SRCS= \ + $(srcdir)/enc_gen.c \ + $(srcdir)/des.c \ + $(srcdir)/des3.c \ + $(srcdir)/aes.c \ + $(srcdir)/camellia.c \ + $(srcdir)/rc4.c + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/enc_provider/aes.c b/src/lib/crypto/nss/enc_provider/aes.c new file mode 100644 index 000000000..77b796a38 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/aes.c @@ -0,0 +1,105 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/aes.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "enc_provider.h" +#include "rand2key.h" +#include "aead.h" +#include "nss_gen.h" + + +krb5_error_code +krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_AES_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_cts_iov(key, CKM_AES_CBC, CKA_ENCRYPT, + ivec, data, num_data); +} + +krb5_error_code +krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_AES_CBC, CKA_DECRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_cts_iov(key, CKM_AES_CBC, CKA_DECRYPT, + ivec, data, num_data); +} + +/* + * perhaps we should store the NSS context in the krb5_data state here? + */ +static krb5_error_code +aes_init_state(const krb5_keyblock *key, krb5_keyusage usage, + krb5_data *state) +{ + state->length = 16; + state->data = (void *) malloc(16); + if (state->data == NULL) + return ENOMEM; + memset(state->data, 0, state->length); + return 0; +} + +const struct krb5_enc_provider krb5int_enc_aes128 = { + 16, + 16, 16, + krb5int_aes_encrypt, + krb5int_aes_decrypt, + NULL, + krb5int_aes_make_key, + aes_init_state, + krb5int_default_free_state, +}; + +const struct krb5_enc_provider krb5int_enc_aes256 = { + 16, + 32, 32, + krb5int_aes_encrypt, + krb5int_aes_decrypt, + NULL, + krb5int_aes_make_key, + aes_init_state, + krb5int_default_free_state, + k5_nss_gen_cleanup +}; diff --git a/src/lib/crypto/nss/enc_provider/camellia.c b/src/lib/crypto/nss/enc_provider/camellia.c new file mode 100644 index 000000000..790320885 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/camellia.c @@ -0,0 +1,126 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/camellia.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "enc_provider.h" +#include "rand2key.h" +#include "aead.h" +#include "nss_gen.h" + +#ifdef CAMELLIA_CCM + +/* XXX These won't work yet (they're just the AES functions, which aren't right + * for CTR mode). Will fix later. */ + +krb5_error_code +krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT, + ivec, data, num_data); +} + +krb5_error_code +krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_DECRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_DECRYPT, + ivec, data, num_data); +} + +/* + * perhaps we should store the NSS context in the krb5_data state here? + */ +static krb5_error_code +camellia_init_state(const krb5_keyblock *key, krb5_keyusage usage, + krb5_data *state) +{ + state->length = 16; + state->data = (void *) malloc(16); + if (state->data == NULL) + return ENOMEM; + memset(state->data, 0, state->length); + return 0; +} + +const struct krb5_enc_provider krb5int_enc_camellia128 = { + 16, + 16, 16, + krb5int_camellia_encrypt, + krb5int_camellia_decrypt, + krb5int_camellia_cbc_mac, + krb5int_camellia_make_key, + camellia_init_state, + krb5int_default_free_state, +}; + +const struct krb5_enc_provider krb5int_enc_camellia256 = { + 16, + 32, 32, + krb5int_camellia_encrypt, + krb5int_camellia_decrypt, + krb5int_camellia_cbc_mac, + krb5int_camellia_make_key, + camellia_init_state, + krb5int_default_free_state, + k5_nss_gen_cleanup +}; + +#else /* CAMELLIA_CCM */ + +/* These won't be used, but are still in the export table. */ + +krb5_error_code +krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data, + size_t num_data, const krb5_data *iv, + krb5_data *output) +{ + return EINVAL; +} + +const struct krb5_enc_provider krb5int_enc_camellia128_ctr = { +}; + +#endif diff --git a/src/lib/crypto/nss/enc_provider/deps b/src/lib/crypto/nss/enc_provider/deps new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/deps diff --git a/src/lib/crypto/nss/enc_provider/des.c b/src/lib/crypto/nss/enc_provider/des.c new file mode 100644 index 000000000..1f28d390c --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/des.c @@ -0,0 +1,81 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/des.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "nss_gen.h" +#include <aead.h> +#include <rand2key.h> +#include "des_int.h" + + +static krb5_error_code +k5_des_encrypt_iov(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_DES_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_block_iov(key, CKM_DES_CBC, CKA_ENCRYPT, + ivec, data, num_data); +} + +static krb5_error_code +k5_des_decrypt_iov(krb5_key key, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_DES_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_block_iov(key, CKM_DES_CBC, CKA_DECRYPT, + ivec, data, num_data); +} + +const struct krb5_enc_provider krb5int_enc_des = { + 8, + 7, KRB5_MIT_DES_KEYSIZE, + k5_des_encrypt_iov, + k5_des_decrypt_iov, + NULL, + krb5int_des_make_key, + krb5int_des_init_state, + krb5int_default_free_state, + k5_nss_gen_cleanup +}; diff --git a/src/lib/crypto/nss/enc_provider/des3.c b/src/lib/crypto/nss/enc_provider/des3.c new file mode 100644 index 000000000..2d86c9baf --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/des3.c @@ -0,0 +1,79 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/des3.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "nss_gen.h" +#include <aead.h> +#include <rand2key.h> +#include "des_int.h" + + +static krb5_error_code +k5_des3_encrypt_iov(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_DES3_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_block_iov(key, CKM_DES3_CBC, CKA_ENCRYPT, + ivec, data, num_data); +} + +static krb5_error_code +k5_des3_decrypt_iov(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_DES3_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_block_iov(key, CKM_DES3_CBC, CKA_DECRYPT, + ivec, data, num_data); +} + +const struct krb5_enc_provider krb5int_enc_des3 = { + 8, + 21, KRB5_MIT_DES3_KEYSIZE, + k5_des3_encrypt_iov, + k5_des3_decrypt_iov, + NULL, + krb5int_des3_make_key, + krb5int_des_init_state, + krb5int_default_free_state, + k5_nss_gen_cleanup +}; diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c new file mode 100644 index 000000000..3edf3fc72 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/enc_gen.c @@ -0,0 +1,697 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/enc_gen.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "nss_gen.h" +#include "enc_provider.h" +#include "rand2key.h" +#include "aead.h" +#include "seccomon.h" +#include "pk11pub.h" +#include "nss.h" + +/* 512 bits is bigger than anything defined to date */ +#define MAX_KEY_LENGTH 64 +#define MAX_BLOCK_SIZE 64 + +static NSSInitContext *k5_nss_ctx = NULL; +static pid_t k5_nss_pid = 0; +static k5_mutex_t k5_nss_lock = K5_MUTEX_PARTIAL_INITIALIZER; + +struct stream_state { + struct stream_state *loopback; /* To detect copying */ + pid_t pid; /* To detect use across fork */ + PK11Context *ctx; +}; + +struct cached_key { + pid_t pid; /* To detect use across fork */ + PK11SymKey *symkey; +}; + +krb5_error_code +k5_nss_map_error(int nss_error) +{ + /* Currently KRB5 does not define a full set of CRYPTO failures. + * for now just use KRB5_CRYPTO_INTERNAL. We really should return + * errors for Not logged in, and maybe a few others. */ + return KRB5_CRYPTO_INTERNAL; +} + +krb5_error_code +k5_nss_map_last_error(void) +{ + return k5_nss_map_error(PORT_GetError()); +} + +int +krb5int_crypto_impl_init(void) +{ + return k5_mutex_finish_init(&k5_nss_lock); +} + +void +krb5int_crypto_impl_cleanup(void) +{ + k5_mutex_destroy(&k5_nss_lock); +} + +/* + * krb5 doesn't have a call into the crypto engine to initialize it, so we do + * it here. This code will try to piggyback on any application initialization + * done to NSS. Otherwise get our one library init context. + */ +#define NSS_KRB5_CONFIGDIR "sql:/etc/pki/nssdb" +krb5_error_code +k5_nss_init(void) +{ + PRUint32 flags = NSS_INIT_READONLY | NSS_INIT_NOROOTINIT; + krb5_error_code ret; + SECStatus rv; + pid_t pid; + + ret = k5_mutex_lock(&k5_nss_lock); + if (ret) + return ret; + + pid = getpid(); + if (k5_nss_ctx != NULL) { + /* Do nothing if the existing context is still good. */ + if (k5_nss_pid == pid) + goto cleanup; + + /* We've forked since the last init, and need to reinitialize. */ + rv = NSS_ShutdownContext(k5_nss_ctx); + k5_nss_ctx = NULL; + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + goto cleanup; + } + } + k5_nss_ctx = NSS_InitContext(NSS_KRB5_CONFIGDIR, "", "", "", NULL, flags); + if (k5_nss_ctx == NULL) { + /* There may be no system database; try again without it. */ + flags |= NSS_INIT_NOMODDB | NSS_INIT_NOCERTDB; + k5_nss_ctx = NSS_InitContext(NULL, "", "", "", NULL, flags); + if (k5_nss_ctx == NULL) { + ret = k5_nss_map_last_error(); + goto cleanup; + } + } + k5_nss_pid = pid; + +cleanup: + k5_mutex_unlock(&k5_nss_lock); + return ret; +} + +PK11Context * +k5_nss_create_context(krb5_key krb_key, CK_MECHANISM_TYPE mechanism, + CK_ATTRIBUTE_TYPE operation, SECItem *param) +{ + struct cached_key *ckey = krb_key->cache; + + return PK11_CreateContextBySymKey(mechanism, operation, ckey->symkey, + param); +} + +static void inline +xor(unsigned char *x, unsigned char *y, int size) +{ + int i; + +#define ALIGNED(x,type) (!(((size_t)(x))&(sizeof(type)-1))) + if (ALIGNED(x,unsigned long) && ALIGNED(y, unsigned long) + && ALIGNED(size, unsigned long)) { + unsigned long *ux = (unsigned long *)x; + unsigned long *uy = (unsigned long *)y; + for (i=0; i < (int)(size/sizeof(unsigned long)); i++) { + *ux++ ^= *uy++; + } + return; + } + for (i=0; i < size; i++) { + *x++ ^= *y++; + } +} + +krb5_error_code +k5_nss_gen_block_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret = 0; + PK11Context *ctx = NULL; + SECStatus rv; + SECItem *param = NULL; + struct iov_block_state input_pos, output_pos; + unsigned char storage[MAX_BLOCK_SIZE]; + unsigned char iv0[MAX_BLOCK_SIZE]; + unsigned char *ptr = NULL,*lastptr = NULL; + SECItem iv; + size_t blocksize; + int length = 0; + int lastblock = -1; + int currentblock; + + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); + + blocksize = PK11_GetBlockSize(mech, NULL); + assert(blocksize <= sizeof(storage)); + + if (ivec && ivec->data) { + iv.data = (unsigned char *)ivec->data; + iv.len = ivec->length; + if (operation == CKA_DECRYPT) { + int i, inputlength; + + /* Count the blocks so we know which block is last. */ + for (i = 0, inputlength = 0; i < (int)num_data; i++) { + krb5_crypto_iov *iov = &data[i]; + + if (ENCRYPT_IOV(iov)) + inputlength += iov->data.length; + } + lastblock = (inputlength/blocksize) -1; + } + } else { + memset(iv0, 0, sizeof(iv0)); + iv.data = iv0; + iv.len = blocksize; + } + param = PK11_ParamFromIV(mech, &iv); + + ctx = k5_nss_create_context(krb_key, mech, operation, param); + if (ctx == NULL) { + ret = k5_nss_map_last_error(); + goto done; + } + + for (currentblock = 0;;currentblock++) { + if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data, + &input_pos, &ptr)) + break; + + lastptr = NULL; + + /* only set if we are decrypting */ + if (lastblock == currentblock) + memcpy(ivec->data, ptr, blocksize); + + rv = PK11_CipherOp(ctx, ptr, &length, blocksize, ptr, blocksize); + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + break; + } + + lastptr = ptr; + krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize, + &output_pos, ptr); + } + + if (lastptr && ivec && ivec->data && operation == CKA_ENCRYPT) { + memcpy(ivec->data, lastptr, blocksize); + } +done: + if (ctx) { + PK11_Finalize(ctx); + PK11_DestroyContext(ctx, PR_TRUE); + } + if (param) + SECITEM_FreeItem(param, PR_TRUE); + return ret; +} + +krb5_error_code +k5_nss_stream_init_state(krb5_data *new_state) +{ + struct stream_state *sstate; + + /* Create a state structure with an uninitialized context. */ + sstate = calloc(1, sizeof(*sstate)); + if (sstate == NULL) + return ENOMEM; + sstate->loopback = NULL; + new_state->data = (char *) sstate; + new_state->length = sizeof(*sstate); + return 0; +} + +krb5_error_code +k5_nss_stream_free_state(krb5_data *state) +{ + struct stream_state *sstate = (struct stream_state *) state->data; + + /* Clean up the OpenSSL context if it was initialized. */ + if (sstate && sstate->loopback == sstate) { + PK11_Finalize(sstate->ctx); + PK11_DestroyContext(sstate->ctx, PR_TRUE); + } + free(sstate); + return 0; +} + +krb5_error_code +k5_nss_gen_stream_iov(krb5_key krb_key, krb5_data *state, + CK_MECHANISM_TYPE mech, CK_ATTRIBUTE_TYPE operation, + krb5_crypto_iov *data, size_t num_data) +{ + int ret = 0; + PK11Context *ctx = NULL; + SECStatus rv; + SECItem param; + krb5_crypto_iov *iov; + struct stream_state *sstate = NULL; + int i; + + param.data = NULL; + param.len = 0; + + sstate = (state == NULL) ? NULL : (struct stream_state *) state->data; + if (sstate == NULL || sstate->loopback == NULL) { + ctx = k5_nss_create_context(krb_key, mech, operation, ¶m); + if (ctx == NULL) { + ret = k5_nss_map_last_error(); + goto done; + } + if (sstate) { + sstate->loopback = sstate; + sstate->pid = getpid(); + sstate->ctx = ctx; + } + } else { + /* Cipher state can't be copied or used across a fork. */ + if (sstate->loopback != sstate || sstate->pid != getpid()) + return EINVAL; + ctx = sstate->ctx; + } + + for (i=0; i < (int)num_data; i++) { + int return_length; + iov = &data[i]; + if (iov->data.length <= 0) + break; + + if (ENCRYPT_IOV(iov)) { + rv = PK11_CipherOp(ctx, (unsigned char *)iov->data.data, + &return_length, iov->data.length, + (unsigned char *)iov->data.data, + iov->data.length); + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + goto done; + } + iov->data.length = return_length; + } + } +done: + if (!state && ctx) { + PK11_Finalize(ctx); + PK11_DestroyContext(ctx, PR_TRUE); + } + return ret; +} + +krb5_error_code +k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret = 0; + PK11Context *ctx = NULL; + SECStatus rv; + SECItem *param = NULL; + struct iov_block_state input_pos, output_pos; + unsigned char storage[MAX_BLOCK_SIZE]; + unsigned char recover1[MAX_BLOCK_SIZE]; + unsigned char recover2[MAX_BLOCK_SIZE]; + unsigned char block1[MAX_BLOCK_SIZE]; + unsigned char block2[MAX_BLOCK_SIZE]; + unsigned char iv0[MAX_BLOCK_SIZE]; + unsigned char *ptr = NULL; + SECItem iv; + size_t blocksize; + size_t bulk_length, remainder; + size_t input_length, lastblock; + size_t length; + int i, len; + + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); + + blocksize = PK11_GetBlockSize(mech, NULL); + assert(blocksize <= sizeof(storage)); + + if (ivec) { + iv.data = (unsigned char *)ivec->data; + iv.len = ivec->length; + } else { + memset(iv0, 0, sizeof(iv0)); + iv.data = iv0; + iv.len = blocksize; + } + param = PK11_ParamFromIV(mech, &iv); + + for (i = 0, input_length = 0; i < (int)num_data; i++) { + krb5_crypto_iov *iov = &data[i]; + + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; + } + /* Must be at least a block or we fail. */ + if (input_length < blocksize) { + ret = EINVAL; + goto done; + } + + bulk_length = (input_length / blocksize)*blocksize; + remainder = input_length - bulk_length; + /* Do the block swap even if the input data is aligned, only + * drop it if we are encrypting exactly one block. */ + if (remainder == 0 && bulk_length != blocksize) { + remainder = blocksize; + bulk_length -= blocksize; + } + + ctx = k5_nss_create_context(krb_key, mech, operation, param); + if (ctx == NULL) { + ret = k5_nss_map_last_error(); + goto done; + } + + /* Now we bulk encrypt each block in the loop. We need to know where to + * stop to do special processing. For single block operations we stop at + * the end. For all others we stop and the last second to last block + * (counting partial blocks). For decrypt operations we need to save cn-2 + * so we stop at the third to last block if it exists, otherwise cn-2 = the + * iv. */ + lastblock = bulk_length; + if (remainder) { + /* We need to process the last full block and last partitial block + * differently. */ + lastblock = bulk_length - blocksize; + if (operation == CKA_DECRYPT) { + if (bulk_length > blocksize) { + /* Stop at cn-2 so we can save it before going on. */ + lastblock = bulk_length - 2*blocksize; + } else { + /* iv is cn-2, save it now, cn - 2. */ + memcpy(recover1, iv.data, blocksize); + memcpy(recover2, iv.data, blocksize); + } + } + } + for (length = 0; length < lastblock; length += blocksize) { + if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data, + &input_pos, &ptr)) + break; + + rv = PK11_CipherOp(ctx, ptr, &len, blocksize, ptr, blocksize); + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + break; + } + + krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize, + &output_pos, ptr); + } + if (remainder) { + if (operation == CKA_DECRYPT) { + if (bulk_length > blocksize) { + /* we need to save cn-2 */ + if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, + num_data, &input_pos, + &ptr)) + goto done; /* shouldn't happen */ + + /* save cn-2 */ + memcpy(recover1, ptr, blocksize); + memcpy(recover2, ptr, blocksize); + + /* now process it as normal */ + rv = PK11_CipherOp(ctx, ptr, &len, blocksize, ptr, blocksize); + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + goto done; + } + + krb5int_c_iov_put_block_nocopy(data, num_data, storage, + blocksize, &output_pos, ptr); + } + } + /* fetch the last 2 blocks */ + memset(block1, 0, blocksize); /* last block, could be partial */ + krb5int_c_iov_get_block(block2, blocksize, data, num_data, &input_pos); + krb5int_c_iov_get_block(block1, remainder, data, num_data, &input_pos); + if (operation == CKA_DECRYPT) { + /* recover1 and recover2 are xor values to recover the true + * underlying data of the last 2 decrypts. This keeps us from + * having to try to reset our IV to do the final decryption. */ + /* Currently: block1 is cn || 0, block2 is cn-1. + * recover1 & recover2 is set to cn-2. */ + /* recover2 recovers pn || c' from p'n-1. The raw decrypted block + * will be p'n-1 xor with cn-2 while pn || c' = p'n-1 xor cn || 0. + * recover2 is cn-2 xor cn || 0, so we can simple xor recover1 + * with the raw decrypted block. */ + /* recover1 recovers pn-1 from the raw decryption of cn || c'. + * the raw decrypt of cn || c' = p'n xor cn-1 while + * pn-1 = p'n xor cn-2 + * recover1 is cn-2 xor cn-1, so we can simple xor recover 2 with + * the raw decrypt of cn||c' to get pn-1. */ + xor(recover1, block2, blocksize); + xor(recover2, block1, blocksize); + if (ivec && ivec->data) + memcpy(ivec->data, block2, blocksize); + } + rv = PK11_CipherOp(ctx, block2, &len, blocksize, block2, blocksize); + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + goto done; + } + if (operation == CKA_DECRYPT) { + /* block2 now has p'n-1 xor cn-2. */ + xor(block2, recover2, blocksize); + /* block 2 now has pn || c'. */ + /* copy c' into cn || c'. */ + memcpy(block1 + remainder, block2 + remainder, + blocksize - remainder); + } + rv = PK11_CipherOp(ctx, block1, &len, blocksize, block1, blocksize); + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + goto done; + } + if (operation == CKA_DECRYPT) { + /* block1 now has p'n xor cn-1 */ + xor(block1, recover1, blocksize); + /* block 1 now has pn-1 */ + } else { + if (ivec && ivec->data) { + memcpy(ivec->data, block1, blocksize); + } + } + krb5int_c_iov_put_block(data,num_data, block1, blocksize, &output_pos); + krb5int_c_iov_put_block(data,num_data, block2, remainder, &output_pos); + } + +done: + if (ctx) { + PK11_Finalize(ctx); + PK11_DestroyContext(ctx, PR_TRUE); + } + if (param) + SECITEM_FreeItem(param, PR_TRUE); + return ret; +} + +void +k5_nss_gen_cleanup(krb5_key krb_key) +{ + struct cached_key *ckey = krb_key->cache; + + if (ckey) { + PK11_FreeSymKey(ckey->symkey); + free(ckey); + krb_key->cache = NULL; + } +} + +krb5_error_code +k5_nss_gen_import(krb5_key krb_key, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation) +{ + krb5_error_code ret = 0; + pid_t pid = getpid(); + struct cached_key *ckey = krb_key->cache; + PK11SymKey *symkey; + PK11SlotInfo *slot = NULL; + SECItem raw_key; +#ifdef FAKE_FIPS + PK11SymKey *wrapping_key = NULL; + PK11Context *ctx = NULL; + SECItem wrapped_key; + SECItem params; + unsigned char wrapped_key_data[MAX_KEY_LENGTH]; + unsigned char padded_key_data[MAX_KEY_LENGTH]; + int wrapping_index, series, blocksize; + int keyLength; + CK_MECHANISM_TYPE mechanism; + SECStatus rv; +#endif + + if (ckey && ckey->pid == pid) + return 0; + + ret = k5_nss_init(); + if (ret) + return ret; + + if (ckey) { + /* Discard the no-longer-valid symkey and steal its container. */ + PK11_FreeSymKey(ckey->symkey); + ckey->symkey = NULL; + krb_key->cache = NULL; + } else { + /* Allocate a new container. */ + ckey = k5alloc(sizeof(*ckey), &ret); + if (ckey == NULL) + return ret; + } + + slot = PK11_GetBestSlot(mech, NULL); + if (slot == NULL) { + ret = k5_nss_map_last_error(); + goto done; + } + raw_key.data = krb_key->keyblock.contents; + raw_key.len = krb_key->keyblock.length; + +#ifdef FAKE_FIPS + /* First, fetch a wrapping key. */ + wrapping_index = PK11_GetCurrentWrapIndex(slot); + series = PK11_GetSlotSeries(slot); + wrapping_key = PK11_GetWrapKey(slot, wrapping_index, + CKM_INVALID_MECHANISM, series, NULL); + if (wrapping_key == NULL) { + /* One doesn't exist, create one. */ + mechanism = PK11_GetBestWrapMechanism(slot); + keyLength = PK11_GetBestKeyLength(slot, mechanism); + wrapping_key = PK11_TokenKeyGenWithFlags(slot, mechanism, NULL, + keyLength, NULL, + CKF_UNWRAP | CKF_ENCRYPT, 0, + NULL); + if (!wrapping_key) { + ret = k5_nss_map_last_error(); + goto done; + } + PK11_SetWrapKey(slot, wrapping_index, wrapping_key); + } + + /* Now encrypt the data with the wrapping key. */ + mechanism = PK11_GetMechanism(wrapping_key); + params.data = NULL; + params.len = 0; + ctx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT, + wrapping_key, ¶ms); + if (ctx == NULL) { + ret = k5_nss_map_last_error(); + goto done; + } + + wrapped_key.data = wrapped_key_data; + wrapped_key.len = sizeof(wrapped_key_data); + blocksize = PK11_GetBlockSize(mechanism, NULL); + keyLength = raw_key.len; + + /* + * ECB modes need keys in integral multiples of the block size. + * if the key isn't and integral multiple, pad it with zero. Unwrap + * will use the length parameter to appropriately set the key. + */ + if ((raw_key.len % blocksize) != 0) { + int keyblocks = (raw_key.len + (blocksize - 1)) / blocksize; + keyLength = keyblocks * blocksize; + assert(keyLength <= sizeof(padded_key_data)); + memset(padded_key_data, 0, keyLength); + memcpy(padded_key_data, raw_key.data, raw_key.len); + raw_key.data = padded_key_data; + } + rv = PK11_CipherOp(ctx, wrapped_key.data, (int *)&wrapped_key.len, + sizeof(wrapped_key_data), raw_key.data, keyLength); + if (keyLength != raw_key.len) { + /* Clear our copy of the key bits. */ + memset(padded_key_data, 0, keyLength); + } + if (rv != SECSuccess) { + ret = k5_nss_map_last_error(); + goto done; + } + PK11_Finalize(ctx); + PK11_DestroyContext(ctx, PR_TRUE); + ctx = NULL; + + /* Now now we have a 'wrapped' version of the, we can import it into + * the token without running afoul with FIPS. */ + symkey = PK11_UnwrapSymKey(wrapping_key, mechanism, ¶ms, &wrapped_key, + mech, operation, raw_key.len); +#else + symkey = PK11_ImportSymKey(slot, mech, PK11_OriginGenerated, operation, + &raw_key, NULL); +#endif + if (symkey == NULL) { + ret = k5_nss_map_last_error(); + goto done; + } + ckey->pid = pid; + ckey->symkey = symkey; + krb_key->cache = ckey; + ckey = NULL; + +done: + free(ckey); + if (slot) + PK11_FreeSlot(slot); +#ifdef FAKE_FIPS + if (ctx) { + PK11_Finalize(ctx); + PK11_DestroyContext(ctx, PR_TRUE); + } + if (wrapping_key) + PK11_FreeSymKey(wrapping_key); +#endif + + return ret; +} diff --git a/src/lib/crypto/nss/enc_provider/enc_provider.h b/src/lib/crypto/nss/enc_provider/enc_provider.h new file mode 100644 index 000000000..8144b6533 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/enc_provider.h @@ -0,0 +1,36 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include "k5-int.h" + +extern const struct krb5_enc_provider krb5int_enc_des; +extern const struct krb5_enc_provider krb5int_enc_des3; +extern const struct krb5_enc_provider krb5int_enc_arcfour; +extern const struct krb5_enc_provider krb5int_enc_aes128; +extern const struct krb5_enc_provider krb5int_enc_aes256; +extern const struct krb5_enc_provider krb5int_enc_aes128_ctr; +extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; diff --git a/src/lib/crypto/nss/enc_provider/rc4.c b/src/lib/crypto/nss/enc_provider/rc4.c new file mode 100644 index 000000000..8372c0486 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/rc4.c @@ -0,0 +1,102 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/rc4.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include <aead.h> +#include <rand2key.h> +#include "nss_gen.h" + +#define RC4_KEY_SIZE 16 +#define RC4_BLOCK_SIZE 1 + +/* In-place IOV crypto */ +static krb5_error_code +k5_arcfour_encrypt_iov(krb5_key key, const krb5_data *state, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_RC4, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_stream_iov(key, state, CKM_RC4, CKA_ENCRYPT, + data, num_data); +} + +/* In-place IOV crypto */ +static krb5_error_code +k5_arcfour_decrypt_iov(krb5_key key, const krb5_data *state, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_RC4, CKA_DECRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_stream_iov(key, state, CKM_RC4, CKA_DECRYPT, + data, num_data); +} + +static krb5_error_code +k5_arcfour_free_state(krb5_data *state) +{ + return k5_nss_stream_free_state(state); +} + +static krb5_error_code +k5_arcfour_init_state(const krb5_keyblock *key, + krb5_keyusage keyusage, krb5_data *new_state) +{ + /* key can't quite be used here. See comment in k5_arcfour_init_state. */ + return k5_nss_stream_init_state(new_state); +} + +const struct krb5_enc_provider krb5int_enc_arcfour = { + /* This seems to work... although I am not sure what the + implications are in other places in the kerberos library. */ + RC4_BLOCK_SIZE, + /* Keysize is arbitrary in arcfour, but the constraints of the + system, and to attempt to work with the MSFT system forces us + to 16byte/128bit. Since there is no parity in the key, the + byte and length are the same. */ + RC4_KEY_SIZE, RC4_KEY_SIZE, + k5_arcfour_encrypt_iov, + k5_arcfour_decrypt_iov, + NULL, + krb5int_arcfour_make_key, + k5_arcfour_init_state, + k5_arcfour_free_state, + k5_nss_gen_cleanup +}; diff --git a/src/lib/crypto/nss/hash_provider/Makefile.in b/src/lib/crypto/nss/hash_provider/Makefile.in new file mode 100644 index 000000000..2530559d9 --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/Makefile.in @@ -0,0 +1,46 @@ +mydir=lib/crypto/nss/hash_provider +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ + -I$(srcdir)/.. -I$(srcdir)/../../krb \ + @CRYPTO_IMPL_CFLAGS@ + +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=hash_provider +##DOS##OBJFILE=..\$(OUTPRE)hash_pro.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= \ + hash_gen.o \ + hash_crc32.o \ + hash_md4.o \ + hash_md5.o \ + hash_sha1.o + +OBJS= $(OUTPRE)hash_gen.$(OBJEXT) \ + $(OUTPRE)hash_crc32.$(OBJEXT) \ + $(OUTPRE)hash_md4.$(OBJEXT) \ + $(OUTPRE)hash_md5.$(OBJEXT) \ + $(OUTPRE)hash_sha1.$(OBJEXT) + +SRCS= $(srcdir)/hash_gen.c \ + $(srcdir)/hash_crc32.c \ + $(srcdir)/hash_md4.c \ + $(srcdir)/hash_md5.c \ + $(srcdir)/hash_sha1.c + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/hash_provider/deps b/src/lib/crypto/nss/hash_provider/deps new file mode 100644 index 000000000..86f018d2d --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/deps @@ -0,0 +1,52 @@ +# +# Generated makefile dependencies follow. +# +hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/hash_crc32.c \ + $(srcdir)/hash_provider.h \ + $(srcdir)/../../krb/crc32/crc-32.h +hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/hash_md4.c $(srcdir)/hash_provider.h \ + $(srcdir)/../md4/rsa-md4.h +hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/hash_md5.c $(srcdir)/hash_provider.h \ + $(srcdir)/../md5/rsa-md5.h +hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + $(srcdir)/hash_provider.h \ + $(srcdir)/hash_sha1.c $(srcdir)/../sha1/shs.h diff --git a/src/lib/crypto/nss/hash_provider/hash_crc32.c b/src/lib/crypto/nss/hash_provider/hash_crc32.c new file mode 100644 index 000000000..3a2f94a3b --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_crc32.c @@ -0,0 +1,59 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include "k5-int.h" +#include "crc-32.h" +#include "hash_provider.h" +#include "aead.h" + +static krb5_error_code +k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +{ + unsigned long c; + unsigned int i; + + if (output->length != CRC32_CKSUM_LENGTH) + return KRB5_CRYPTO_INTERNAL; + + c = 0; + for (i=0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) + mit_crc32(iov->data.data, iov->data.length, &c); + } + + store_32_le(c, output->data); + return 0; +} + +const struct krb5_hash_provider krb5int_hash_crc32 = { + "CRC32", + CRC32_CKSUM_LENGTH, + 1, + k5_crc32_hash +}; diff --git a/src/lib/crypto/nss/hash_provider/hash_gen.c b/src/lib/crypto/nss/hash_provider/hash_gen.c new file mode 100644 index 000000000..7cc82f4ff --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_gen.c @@ -0,0 +1,76 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/hash_provider/hash_gen.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "sechash.h" +#include "nss_gen.h" +#include "aead.h" + +krb5_error_code +k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data, + size_t num_data, krb5_data *output) +{ + unsigned int i; + HASHContext *ctx; + krb5_error_code ret; + + ret = k5_nss_init(); + if (ret) + return ret; + + if (output->length != HASH_ResultLen(hashType)) + return KRB5_CRYPTO_INTERNAL; + + ctx = HASH_Create(hashType); + if (!ctx) + return ENOMEM; + + HASH_Begin(ctx); + for (i=0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (iov->data.length && SIGN_IOV(iov)) { + HASH_Update(ctx, (unsigned char *) iov->data.data, + iov->data.length); + } + } + + HASH_End(ctx, (unsigned char *)output->data, + &output->length, output->length); + HASH_Destroy(ctx); + + return 0; +} + diff --git a/src/lib/crypto/nss/hash_provider/hash_gen.h b/src/lib/crypto/nss/hash_provider/hash_gen.h new file mode 100644 index 000000000..1658e745c --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_gen.h @@ -0,0 +1,40 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/hash_provider/hash_gen.h + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "sechash.h" +#include "k5-int.h" + +krb5_error_code k5_nss_gen_hash(HASH_HashType hashType, unsigned int icount, + const krb5_data *input, krb5_data *output); diff --git a/src/lib/crypto/nss/hash_provider/hash_md4.c b/src/lib/crypto/nss/hash_provider/hash_md4.c new file mode 100644 index 000000000..91482f76b --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_md4.c @@ -0,0 +1,63 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * Copyright (C) 2010 Red Hat, Inc. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include "k5-int.h" +#include "hash_provider.h" +#include "rsa-md4.h" +#include "aead.h" + +static krb5_error_code +k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +{ + krb5_MD4_CTX ctx; + unsigned long i; + + if (output->length != RSA_MD4_CKSUM_LENGTH) + return KRB5_CRYPTO_INTERNAL; + + krb5int_MD4Init(&ctx); + for (i=0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (SIGN_IOV(iov)) { + krb5int_MD4Update(&ctx, (unsigned char *)iov->data.data, + iov->data.length); + } + } + krb5int_MD4Final(&ctx); + + memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH); + + return 0; +} + +const struct krb5_hash_provider krb5int_hash_md4 = { + "MD4", + RSA_MD4_CKSUM_LENGTH, + 64, + k5_md4_hash +}; diff --git a/src/lib/crypto/nss/hash_provider/hash_md5.c b/src/lib/crypto/nss/hash_provider/hash_md5.c new file mode 100644 index 000000000..65ea6fccc --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_md5.c @@ -0,0 +1,51 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/hash_provider/hash_md5.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "nss_gen.h" +#include "hash_provider.h" + +static krb5_error_code +k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +{ + return k5_nss_gen_hash(HASH_AlgMD5, data, num_data, output); +} + +const struct krb5_hash_provider krb5int_hash_md5 = { + "MD5", + MD5_LENGTH, + 64, + k5_md5_hash +}; diff --git a/src/lib/crypto/nss/hash_provider/hash_provider.h b/src/lib/crypto/nss/hash_provider/hash_provider.h new file mode 100644 index 000000000..eebe84588 --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_provider.h @@ -0,0 +1,33 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#include "k5-int.h" + +extern const struct krb5_hash_provider krb5int_hash_crc32; +extern const struct krb5_hash_provider krb5int_hash_md4; +extern const struct krb5_hash_provider krb5int_hash_md5; +extern const struct krb5_hash_provider krb5int_hash_sha1; diff --git a/src/lib/crypto/nss/hash_provider/hash_sha1.c b/src/lib/crypto/nss/hash_provider/hash_sha1.c new file mode 100644 index 000000000..c70d4393f --- /dev/null +++ b/src/lib/crypto/nss/hash_provider/hash_sha1.c @@ -0,0 +1,51 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/hash_provider/hash_sha1.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "nss_gen.h" +#include "hash_provider.h" + +static krb5_error_code +k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +{ + return k5_nss_gen_hash(HASH_AlgSHA1, data, num_data, output); +} + +const struct krb5_hash_provider krb5int_hash_sha1 = { + "SHA1", + SHA1_LENGTH, + 64, + k5_sha1_hash +}; diff --git a/src/lib/crypto/nss/hmac.c b/src/lib/crypto/nss/hmac.c new file mode 100644 index 000000000..c0db602b7 --- /dev/null +++ b/src/lib/crypto/nss/hmac.c @@ -0,0 +1,141 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/hmac.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "aead.h" +#include "nss_gen.h" +#include "pk11pub.h" + +/* + * the HMAC transform looks like: + * + * H(K XOR opad, H(K XOR ipad, text)) + * + * where H is a cryptographic hash + * K is an n byte key + * ipad is the byte 0x36 repeated blocksize times + * opad is the byte 0x5c repeated blocksize times + * and text is the data being protected + */ + +static CK_MECHANISM_TYPE +digest_to_hmac(const struct krb5_hash_provider *hash) +{ + /* use strcmp so we don't confuse SHA1 with SHA128 */ + /* handle the obvious cases first */ + if (!strcmp(hash->hash_name, "SHA1")) + return CKM_SHA_1_HMAC; + if (!strcmp(hash->hash_name, "MD5")) + return CKM_MD5_HMAC; + return CKM_INVALID_MECHANISM; +} + +krb5_error_code +krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key, + const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +{ + unsigned int i = 0; + CK_MECHANISM_TYPE mech; + PK11Context *ctx = NULL; + krb5_error_code ret = 0; + SECStatus rv; + SECItem param; + + if (output->length < hash->hashsize) + return KRB5_BAD_MSIZE; + + mech = digest_to_hmac(hash); + if (mech == CKM_INVALID_MECHANISM) + return KRB5_CRYPTO_INTERNAL; /* unsupported alg */ + + ret = k5_nss_gen_import(key, mech, CKA_SIGN); + if (ret != 0) + return ret; + + param.data = NULL; + param.len = 0; + ctx = k5_nss_create_context(key, mech, CKA_SIGN, ¶m); + if (ctx == NULL) + goto fail; + + rv = PK11_DigestBegin(ctx); + if (rv != SECSuccess) + goto fail; + + for (i=0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + + if (iov->data.length && SIGN_IOV(iov)) { + rv = PK11_DigestOp(ctx,(const unsigned char*)iov->data.data, + iov->data.length); + if (rv != SECSuccess) + goto fail; + } + + } + rv = PK11_DigestFinal(ctx, (unsigned char *) output->data, &output->length, + output->length); + if (rv != SECSuccess) + goto fail; + PK11_DestroyContext(ctx, PR_TRUE); + return 0; +fail: + ret = k5_nss_map_last_error(); + if (ctx) + PK11_DestroyContext(ctx, PR_TRUE); + return ret; +} + +krb5_error_code +krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, + const krb5_keyblock *keyblock, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) +{ + krb5_key key; + krb5_error_code code; + + if (keyblock->length > hash->blocksize) + return KRB5_CRYPTO_INTERNAL; + + memset(&key, 0, sizeof(key)); + + code = krb5_k_create_key(NULL, keyblock, &key); + if (code) + return code; + code = krb5int_hmac(hash, key, data, num_data, output); + krb5_k_free_key(NULL, key); + return code; +} diff --git a/src/lib/crypto/nss/md4/Makefile.in b/src/lib/crypto/nss/md4/Makefile.in new file mode 100644 index 000000000..f7cb02835 --- /dev/null +++ b/src/lib/crypto/nss/md4/Makefile.in @@ -0,0 +1,37 @@ +mydir=lib/crypto/nss/md4 +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir) +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=md4 +##DOS##OBJFILE=..\$(OUTPRE)md4.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= md4.o + +OBJS= $(OUTPRE)md4.$(OBJEXT) + +SRCS= $(srcdir)/md4.c + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + + +check-unix:: + +check-windows:: + +clean:: + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/md4/deps b/src/lib/crypto/nss/md4/deps new file mode 100644 index 000000000..a28d9da9f --- /dev/null +++ b/src/lib/crypto/nss/md4/deps @@ -0,0 +1,13 @@ +# +# Generated makefile dependencies follow. +# +md4.so md4.po $(OUTPRE)md4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h md4.c rsa-md4.h diff --git a/src/lib/crypto/nss/md4/md4.c b/src/lib/crypto/nss/md4/md4.c new file mode 100644 index 000000000..6850e1329 --- /dev/null +++ b/src/lib/crypto/nss/md4/md4.c @@ -0,0 +1,247 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/md4/md4.c + */ + +/* +********************************************************************** +** md4.c ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version ** +********************************************************************** +*/ + +/* +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ + +#include "k5-int.h" +#include "rsa-md4.h" + +/* forward declaration */ +static void Transform (krb5_ui_4 *, krb5_ui_4 *); + +static const unsigned char PADDING[64] = { + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +/* F, G and H are basic MD4 functions: selection, majority, parity */ +#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) +#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) +#define H(x, y, z) ((x) ^ (y) ^ (z)) + +/* ROTATE_LEFT rotates x left n bits */ +#define ROTATE_LEFT(x, n) ((((x) << (n)) & 0xffffffff) | ((x) >> (32-(n)))) + +/* FF, GG and HH are MD4 transformations for rounds 1, 2 and 3 */ +/* Rotation is separate from addition to prevent recomputation */ +#define FF(a, b, c, d, x, s) \ + {(a) += F ((b), (c), (d)) + (x); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} +#define GG(a, b, c, d, x, s) \ + {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} +#define HH(a, b, c, d, x, s) \ + {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} + +void +krb5int_MD4Init (krb5_MD4_CTX *mdContext) +{ + mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; + + /* Load magic initialization constants. + */ + mdContext->buf[0] = 0x67452301UL; + mdContext->buf[1] = 0xefcdab89UL; + mdContext->buf[2] = 0x98badcfeUL; + mdContext->buf[3] = 0x10325476UL; +} + +void +krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) +{ + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* update number of bits */ + if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) + mdContext->i[1]++; + mdContext->i[0] += ((krb5_ui_4)inLen << 3); + mdContext->i[1] += ((krb5_ui_4)inLen >> 29); + + while (inLen--) { + /* add new character to buffer, increment mdi */ + mdContext->in[mdi++] = *inBuf++; + + /* transform if necessary */ + if (mdi == 0x40) { + for (i = 0, ii = 0; i < 16; i++, ii += 4) { + in[i] = load_32_le(mdContext->in+ii); + } + Transform (mdContext->buf, in); + mdi = 0; + } + } +} + +void +krb5int_MD4Final (krb5_MD4_CTX *mdContext) +{ + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + unsigned int padLen; + + /* save number of bits */ + in[14] = mdContext->i[0]; + in[15] = mdContext->i[1]; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* pad out to 56 mod 64 */ + padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); + krb5int_MD4Update (mdContext, PADDING, padLen); + + /* append length in bits and transform */ + for (i = 0, ii = 0; i < 14; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); + + + /* store buffer in digest */ + for (i = 0, ii = 0; i < 4; i++, ii += 4) { + store_32_le(mdContext->buf[i], mdContext->digest+ii); + } +} + +/* Basic MD4 step. Transform buf based on in. + */ +static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in) +{ + register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; + +#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) + int i; +#define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; } + for (i = 0; i < 16; i++) { + static const unsigned char round1consts[] = { 3, 7, 11, 19, }; + FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round2indices[] = { + 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15 + }; + static const unsigned char round2consts[] = { 3, 5, 9, 13 }; + GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round3indices[] = { + 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15 + }; + static const unsigned char round3consts[] = { 3, 9, 11, 15 }; + HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE; + } +#else + /* Round 1 */ + FF (a, b, c, d, in[ 0], 3); + FF (d, a, b, c, in[ 1], 7); + FF (c, d, a, b, in[ 2], 11); + FF (b, c, d, a, in[ 3], 19); + FF (a, b, c, d, in[ 4], 3); + FF (d, a, b, c, in[ 5], 7); + FF (c, d, a, b, in[ 6], 11); + FF (b, c, d, a, in[ 7], 19); + FF (a, b, c, d, in[ 8], 3); + FF (d, a, b, c, in[ 9], 7); + FF (c, d, a, b, in[10], 11); + FF (b, c, d, a, in[11], 19); + FF (a, b, c, d, in[12], 3); + FF (d, a, b, c, in[13], 7); + FF (c, d, a, b, in[14], 11); + FF (b, c, d, a, in[15], 19); + + /* Round 2 */ + GG (a, b, c, d, in[ 0], 3); + GG (d, a, b, c, in[ 4], 5); + GG (c, d, a, b, in[ 8], 9); + GG (b, c, d, a, in[12], 13); + GG (a, b, c, d, in[ 1], 3); + GG (d, a, b, c, in[ 5], 5); + GG (c, d, a, b, in[ 9], 9); + GG (b, c, d, a, in[13], 13); + GG (a, b, c, d, in[ 2], 3); + GG (d, a, b, c, in[ 6], 5); + GG (c, d, a, b, in[10], 9); + GG (b, c, d, a, in[14], 13); + GG (a, b, c, d, in[ 3], 3); + GG (d, a, b, c, in[ 7], 5); + GG (c, d, a, b, in[11], 9); + GG (b, c, d, a, in[15], 13); + + /* Round 3 */ + HH (a, b, c, d, in[ 0], 3); + HH (d, a, b, c, in[ 8], 9); + HH (c, d, a, b, in[ 4], 11); + HH (b, c, d, a, in[12], 15); + HH (a, b, c, d, in[ 2], 3); + HH (d, a, b, c, in[10], 9); + HH (c, d, a, b, in[ 6], 11); + HH (b, c, d, a, in[14], 15); + HH (a, b, c, d, in[ 1], 3); + HH (d, a, b, c, in[ 9], 9); + HH (c, d, a, b, in[ 5], 11); + HH (b, c, d, a, in[13], 15); + HH (a, b, c, d, in[ 3], 3); + HH (d, a, b, c, in[11], 9); + HH (c, d, a, b, in[ 7], 11); + HH (b, c, d, a, in[15], 15); +#endif + + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; +} + +/* +********************************************************************** +** End of md4.c ** +******************************* (cut) ******************************** +*/ diff --git a/src/lib/crypto/nss/md4/rsa-md4.h b/src/lib/crypto/nss/md4/rsa-md4.h new file mode 100644 index 000000000..408f2effe --- /dev/null +++ b/src/lib/crypto/nss/md4/rsa-md4.h @@ -0,0 +1,95 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/md4/rsa-md4.h + * + * Copyright 1991 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * RSA MD4 header file, with Kerberos/STDC additions. + */ + +#ifndef __KRB5_RSA_MD4_H__ +#define __KRB5_RSA_MD4_H__ + +#ifdef unicos61 +#include <sys/types.h> +#endif /* unicos61 */ + +/* 16 u_char's in the digest */ +#define RSA_MD4_CKSUM_LENGTH 16 +/* des blocksize is 8, so this works nicely... */ +#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16 +#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24 +#define RSA_MD4_DES_CONFOUND_LENGTH 8 + +/* +********************************************************************** +** md4.h -- Header file for implementation of MD4 ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +********************************************************************** +*/ + +/* +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ + +/* Data structure for MD4 (Message Digest) computation */ +typedef struct { + krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ + krb5_ui_4 buf[4]; /* scratch buffer */ + unsigned char in[64]; /* input buffer */ + unsigned char digest[16]; /* actual digest after MD4Final call */ +} krb5_MD4_CTX; + +extern void krb5int_MD4Init(krb5_MD4_CTX *); +extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned int); +extern void krb5int_MD4Final(krb5_MD4_CTX *); + +/* +********************************************************************** +** End of md4.h ** +******************************* (cut) ******************************** +*/ +#endif /* __KRB5_RSA_MD4_H__ */ diff --git a/src/lib/crypto/nss/md5/Makefile.in b/src/lib/crypto/nss/md5/Makefile.in new file mode 100644 index 000000000..94a9e5437 --- /dev/null +++ b/src/lib/crypto/nss/md5/Makefile.in @@ -0,0 +1,37 @@ +mydir=lib/crypto/nss/md5 +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=md5 +##DOS##OBJFILE=..\$(OUTPRE)md5.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) +LOCALINCLUDES = -I$(srcdir)/.. @CRYPTO_IMPL_CFLAGS@ + + +STLIBOBJS= md5.o + +OBJS= $(OUTPRE)md5.$(OBJEXT) + +SRCS= $(srcdir)/md5.c + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +check-unix:: + +check-windows:: + +clean:: + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/md5/deps b/src/lib/crypto/nss/md5/deps new file mode 100644 index 000000000..116d552a5 --- /dev/null +++ b/src/lib/crypto/nss/md5/deps @@ -0,0 +1,14 @@ +# +# Generated makefile dependencies follow. +# +md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h $(srcdir)/md5.c \ + $(srcdir)/rsa-md5.h diff --git a/src/lib/crypto/nss/md5/md5.c b/src/lib/crypto/nss/md5/md5.c new file mode 100644 index 000000000..ee494e55f --- /dev/null +++ b/src/lib/crypto/nss/md5/md5.c @@ -0,0 +1,86 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/md5/md5.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "rsa-md5.h" +#include "pk11pub.h" +#include "nss_gen.h" + + +/* Initialize the message-digest context mdContext. */ +void +krb5int_MD5Init(krb5_MD5_CTX *mdContext) +{ + if (k5_nss_init()) { + mdContext->nss_ctxt = NULL; + return; + } + mdContext->nss_ctxt = PK11_CreateDigestContext(SEC_OID_MD5); + if (mdContext->nss_ctxt == NULL) + return; + PK11_DigestBegin((PK11Context *)mdContext->nss_ctxt); +} + +/* + * Update the message-digest context to account for the presence of each of the + * characters inBuf[0..inLen-1] in the message whose digest is being computed. + */ +void +krb5int_MD5Update(krb5_MD5_CTX *mdContext, const unsigned char *inBuf, + unsigned int inLen) +{ + if (mdContext->nss_ctxt == NULL) + return; + PK11_DigestOp((PK11Context *)mdContext->nss_ctxt, inBuf, inLen); +} + +/* Terminate the message-digest computation and end with the desired message + * digest in mdContext->digest[0...15]. */ +void +krb5int_MD5Final(krb5_MD5_CTX *mdContext) +{ + unsigned int digestLength; + + if (mdContext->nss_ctxt == NULL) + return; + PK11_DigestFinal((PK11Context *)mdContext->nss_ctxt, mdContext->digest, + &digestLength, sizeof (mdContext->digest)); + /* since there is not separate cleanup step, free the context now. + * (otherwise we could have reused the context for another MD5 operation + * in the future). + */ + PK11_DestroyContext((PK11Context *)mdContext->nss_ctxt, PR_TRUE); + mdContext->nss_ctxt = NULL; +} diff --git a/src/lib/crypto/nss/md5/rsa-md5.h b/src/lib/crypto/nss/md5/rsa-md5.h new file mode 100644 index 000000000..228eb0977 --- /dev/null +++ b/src/lib/crypto/nss/md5/rsa-md5.h @@ -0,0 +1,90 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/openssl/md5/rsa-md5.h + * + * Copyright (C) 2009 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* + *********************************************************************** + ** md5.h -- header file for implementation of MD5 ** + ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** + ** Created: 2/17/90 RLR ** + ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** + ** Revised (for MD5): RLR 4/27/91 ** + ** -- G modified to have y&~z instead of y&z ** + ** -- FF, GG, HH modified to add in last register done ** + ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** + ** -- distinct additive constant for each step ** + ** -- round 4 added, working mod 7 ** + *********************************************************************** + */ + +/* + *********************************************************************** + ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** + ** ** + ** License to copy and use this software is granted provided that ** + ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** + ** Digest Algorithm" in all material mentioning or referencing this ** + ** software or this function. ** + ** ** + ** License is also granted to make and use derivative works ** + ** provided that such works are identified as "derived from the RSA ** + ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** + ** material mentioning or referencing the derived work. ** + ** ** + ** RSA Data Security, Inc. makes no representations concerning ** + ** either the merchantability of this software or the suitability ** + ** of this software for any particular purpose. It is provided "as ** + ** is" without express or implied warranty of any kind. ** + ** ** + ** These notices must be retained in any copies of any part of this ** + ** documentation and/or software. ** + *********************************************************************** + */ + + +#ifndef KRB5_RSA_MD5__ +#define KRB5_RSA_MD5__ + +/* Data structure for MD5 (Message-Digest) computation */ +typedef struct { + void *nss_ctxt; + krb5_int32 * digest_len; + krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ + krb5_ui_4 buf[4]; /* scratch buffer */ + unsigned char in[64]; /* input buffer */ + unsigned char digest[16]; /* actual digest after MD5Final call */ +} krb5_MD5_CTX; + +extern void krb5int_MD5Init(krb5_MD5_CTX *); +extern void krb5int_MD5Update(krb5_MD5_CTX *, const unsigned char *, + unsigned int); +extern void krb5int_MD5Final(krb5_MD5_CTX *); + +#define RSA_MD5_CKSUM_LENGTH 16 +#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 +#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 +#define RSA_MD5_DES_CONFOUND_LENGTH 8 + +#endif /* KRB5_RSA_MD5__ */ diff --git a/src/lib/crypto/nss/nss_gen.h b/src/lib/crypto/nss/nss_gen.h new file mode 100644 index 000000000..4eb8f2f74 --- /dev/null +++ b/src/lib/crypto/nss/nss_gen.h @@ -0,0 +1,104 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/nss_gen.h + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "pkcs11t.h" +#include "sechash.h" +#include "secmodt.h" + +/* 512 bits is bigger than anything defined to date */ +#define MAX_KEY_LENGTH 64 +#define MAX_BLOCK_SIZE 64 + +/* + * Common nss utils + */ + +/* Make sure NSS is properly initialized. */ +krb5_error_code k5_nss_init(void); + +/* Import a key into NSS and store the handle in krb5_key. */ +krb5_error_code +k5_nss_gen_import(krb5_key key, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation); + +/* Clean up an imported key. */ +void +k5_nss_gen_cleanup(krb5_key key); + +/* Create a new crypto/hash/sign context from a krb5_key. */ +PK11Context * +k5_nss_create_context(krb5_key krb_key, CK_MECHANISM_TYPE mechanism, + CK_ATTRIBUTE_TYPE operation, SECItem * param); + +/* Map an NSS error into a krb5_error_code. */ +krb5_error_code k5_nss_map_error(int nss_error); +krb5_error_code k5_nss_map_last_error(void); + + +/* + * Common encryption functions + */ + +/* Encrypt/decrypt block modes except cts using iov. */ +krb5_error_code +k5_nss_gen_block_iov(krb5_key key, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); + +/* Encrypt/decrypt stream modes using iov. */ +krb5_error_code +k5_nss_gen_stream_iov(krb5_key key, krb5_data *state, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation, krb5_crypto_iov *data, + size_t num_data); + +/* Encrypt/decrypt block modes using cts. */ +krb5_error_code +k5_nss_gen_cts_iov(krb5_key key, CK_MECHANISM_TYPE mech, + CK_ATTRIBUTE_TYPE operation, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); + +/* Stream state management calls. */ +krb5_error_code k5_nss_stream_init_state(krb5_data *new_state); +krb5_error_code k5_nss_stream_free_state(krb5_data *state); + +/* + * Common hash functions + */ + +/* All hash modes. */ +krb5_error_code +k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); diff --git a/src/lib/crypto/nss/pbkdf2.c b/src/lib/crypto/nss/pbkdf2.c new file mode 100644 index 000000000..a966c364e --- /dev/null +++ b/src/lib/crypto/nss/pbkdf2.c @@ -0,0 +1,120 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/pbkdf2.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <ctype.h> +#include "k5-int.h" +#include "hash_provider.h" +#include "pk11pub.h" +#include "nss_gen.h" + + +krb5_error_code +krb5int_pbkdf2_hmac_sha1(const krb5_data *out, unsigned long count, + const krb5_data *pass, const krb5_data *salt) +{ + + PK11SlotInfo *slot = NULL; + SECAlgorithmID *algid = NULL; + PK11SymKey *symKey = NULL; + SECItem saltItem, pwItem; + const SECItem *keydata = NULL; + SECOidTag pbeAlg = SEC_OID_PKCS5_PBKDF2; + SECOidTag cipherAlg = SEC_OID_AES_256_CBC; + SECOidTag prfAlg = SEC_OID_HMAC_SHA1; + krb5_error_code ret; + + ret = k5_nss_init(); + if (ret) + return ret; + + slot = PK11_GetBestSlot(PK11_AlgtagToMechanism(pbeAlg), NULL); + if (slot == NULL) + return k5_nss_map_last_error(); + + saltItem.type = siBuffer; + saltItem.data = (unsigned char *)salt->data; + saltItem.len = salt->length; + + /* PKCS 5 was designed to be DER encoded. Algid's carry all the + * information needed to describe the encoding the the recipient. + * This usually allows for crypto agility in the protocol automatically. + * Kerberos already had to solve it's crypto agility issues, so the + * algid is just and extra step we need that we will throw away */ + algid = PK11_CreatePBEV2AlgorithmID(pbeAlg, cipherAlg, prfAlg, + out->length, count, &saltItem); + if (algid == NULL) { + ret = k5_nss_map_last_error(); + goto loser; + } + + pwItem.type = siBuffer; + pwItem.data = (unsigned char *)pass->data; + pwItem.len = pass->length; + + symKey = PK11_PBEKeyGen(slot, algid, &pwItem, PR_FALSE, NULL); + if (symKey == NULL) { + ret = k5_nss_map_last_error(); + goto loser; + } + + /* At this point we should return symKey as a key, but kerberos is + * still passing bits around instead of key handles. */ + PK11_ExtractKeyValue(symKey); + + /* keydata here is a const * and is valid as long as the key has not been + * destroyed. */ + keydata = PK11_GetKeyData(symKey); + if (keydata == NULL) { + ret = k5_nss_map_last_error(); + goto loser; + } + + if (out->length != keydata->len) { + ret = -1; /* XXXXX */ + goto loser; + } + memcpy(out->data, keydata->data, keydata->len); + ret = 0; + +loser: + if (symKey) + PK11_FreeSymKey(symKey); + if (algid) + SECOID_DestroyAlgorithmID(algid, PR_TRUE); + if (slot) + PK11_FreeSlot(slot); + + return ret; +} diff --git a/src/lib/crypto/nss/sha1/Makefile.in b/src/lib/crypto/nss/sha1/Makefile.in new file mode 100644 index 000000000..a7cb6e824 --- /dev/null +++ b/src/lib/crypto/nss/sha1/Makefile.in @@ -0,0 +1,32 @@ +mydir=lib/crypto/nss/sha1 +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +DEFS= +LOCALINCLUDES = -I$(srcdir)/.. @CRYPTO_IMPL_CFLAGS@ + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=sha1 +##DOS##OBJFILE=..\$(OUTPRE)sha1.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= shs.o + +OBJS= $(OUTPRE)shs.$(OBJEXT) + +SRCS= $(srcdir)/shs.c + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +clean:: + +clean-unix:: clean-libobjs + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/sha1/deps b/src/lib/crypto/nss/sha1/deps new file mode 100644 index 000000000..e75ca6bcf --- /dev/null +++ b/src/lib/crypto/nss/sha1/deps @@ -0,0 +1,14 @@ +# +# Generated makefile dependencies follow. +# +shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/locate_plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h $(srcdir)/shs.c \ + $(srcdir)/shs.h diff --git a/src/lib/crypto/nss/sha1/shs.c b/src/lib/crypto/nss/sha1/shs.c new file mode 100644 index 000000000..edf4c9a28 --- /dev/null +++ b/src/lib/crypto/nss/sha1/shs.c @@ -0,0 +1,77 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/sha1/shs.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "shs.h" +#include "pk11pub.h" +#include "nss_gen.h" + +/* Initialize the SHS values */ +void shsInit(SHS_INFO *shsInfo) +{ + if (k5_nss_init()) { + shsInfo->nss_ctxt = NULL; + return; + } + shsInfo->nss_ctxt = PK11_CreateDigestContext(SEC_OID_SHA1); + if (shsInfo->nss_ctxt == NULL) + return; + PK11_DigestBegin((PK11Context *)shsInfo->nss_ctxt); +} + +/* Update SHS for a block of data */ +void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) +{ + if (shsInfo->nss_ctxt == NULL) + return; + PK11_DigestOp((PK11Context *)shsInfo->nss_ctxt, buffer, count); +} + + +/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern + * 1 0* (64-bit count of bits processed, MSB-first) */ +void shsFinal(SHS_INFO *shsInfo) +{ + if (shsInfo->nss_ctxt == NULL) + return; + PK11_DigestFinal((PK11Context *)shsInfo->nss_ctxt, shsInfo->digestBuf, + &shsInfo->digestLen, sizeof (shsInfo->digestBuf)); + /* Since there is not separate cleanup step, free the context now. + * (otherwise we could have reused the context for another MD5 operation + * in the future). + */ + PK11_DestroyContext((PK11Context *)shsInfo->nss_ctxt, PR_TRUE); + shsInfo->nss_ctxt = NULL; +} diff --git a/src/lib/crypto/nss/sha1/shs.h b/src/lib/crypto/nss/sha1/shs.h new file mode 100644 index 000000000..7019504c1 --- /dev/null +++ b/src/lib/crypto/nss/sha1/shs.h @@ -0,0 +1,46 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +#ifndef _SHS_DEFINED + +#include "k5-int.h" + +#define _SHS_DEFINED + +/* Some useful types */ + +typedef krb5_octet SHS_BYTE; +typedef krb5_ui_4 SHS_LONG; + +/* Define the following to use the updated SHS implementation */ +#define NEW_SHS /**/ + +/* The SHS block size and message digest sizes, in bytes */ + +#define SHS_DATASIZE 64 +#define SHS_DIGESTSIZE 20 + +/* The structure for storing SHS info */ + +typedef struct { + void *nss_ctxt; + unsigned char digestBuf[SHS_DIGESTSIZE]; /* output */ + unsigned int digestLen; /* output */ +} SHS_INFO; + +/* Message digest functions (shs.c) */ +void shsInit(SHS_INFO *shsInfo); +void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count); +void shsFinal(SHS_INFO *shsInfo); + + +/* Keyed Message digest functions (hmac_sha.c) */ +krb5_error_code hmac_sha(krb5_octet *text, + int text_len, + krb5_octet *key, + int key_len, + krb5_octet *digest); + + +#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE + +#endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/nss/yhash.h b/src/lib/crypto/nss/yhash.h new file mode 100644 index 000000000..151818f3a --- /dev/null +++ b/src/lib/crypto/nss/yhash.h @@ -0,0 +1,29 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/openssl/hash/yhash.h + */ + +#ifndef YHASH_H +#define YHASH_H + +/* hash function interface */ + +/* default to SHA1 for yarrow 160 */ + +#include "shs.h" + + +#define HASH_CTX SHS_INFO +#define HASH_Init(x) shsInit(x) +#define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz) + +#define HASH_Final(x, tdigest) do { \ + int loopvar; \ + unsigned char *out2 = (void *)(tdigest); \ + HASH_CTX *ctx = (x); \ + shsFinal(ctx); \ + memcpy(out2, ctx->digestBuf, ctx->digestLen); \ + } while(0) + +#define HASH_DIGEST_SIZE SHS_DIGESTSIZE + +#endif /* YHASH_H */ diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in index 3f4224d32..6efdbda74 100644 --- a/src/lib/crypto/openssl/Makefile.in +++ b/src/lib/crypto/openssl/Makefile.in @@ -22,14 +22,17 @@ DEFS= STLIBOBJS=\ hmac.o \ - pbkdf2.o + init.o \ + pbkdf2.o OBJS=\ $(OUTPRE)hmac.$(OBJEXT) \ - $(OUTPRE)pbkdf2.$(OBJEXT) + $(OUTPRE)init.$(OBJEXT) \ + $(OUTPRE)pbkdf2.$(OBJEXT) SRCS=\ $(srcdir)/hmac.c \ + $(srcdir)/init.c \ $(srcdir)/pbkdf2.c STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ diff --git a/src/lib/crypto/openssl/init.c b/src/lib/crypto/openssl/init.c new file mode 100644 index 000000000..aaa13ccd3 --- /dev/null +++ b/src/lib/crypto/openssl/init.c @@ -0,0 +1,40 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/openssl/init.c + * + * Copyright (C) 2010 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * OpenSSL back-end library init functions + */ + +int +krb5int_crypto_impl_init(void) +{ + return 0; +} + +void +krb5int_crypto_impl_cleanup(void) +{ +} |