* Add krb5_c_init_state and krb5_c_free_state functions

* Add init_state and free_state to enc_providers as operations that need to be filled in
* Implement generic free_state and des-specific init_state
* Implement arcfour-specific init_state
* Add functions to find enctype state functions and call them
* Add tests for above

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13948 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 46 insertions, 4 deletions

diff --git a/src/include/ChangeLog b/src/include/ChangeLog
index b7be66241..e1818dde5 100644
--- a/src/include/ChangeLog
+++ b/src/include/ChangeLog
@@ -1,3 +1,15 @@
+2001-11-06  Sam Hartman  <hartmans@tir-na-nogth.mit.edu>
+
+	* k5-int.h: Add krb5int_des_init_state and krb5int_default_free_state
+
+2001-11-06  Sam Hartman  <hartmans@mit.edu>
+
+	* k5-int.h: Add init_state and free_state to enc_provider struct
+
+2001-11-05  Sam Hartman  <hartmans@mit.edu>
+
+	* krb5.hin:  Add krb5_c_init_state and krb5_c_free_state
+
 2001-10-30  Ezra Peisach  <epeisach@mit.edu>
 
 	* fake-addrinfo.c (freeaddrinfo): Do not free NULL pointers.
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index fa8c9c28a..4d04738ca 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -521,9 +521,9 @@ struct krb5_enc_provider {
        keylength is the output size */
     void (*keysize) (size_t *keybytes, size_t *keylength);
 
-    /* ivec == 0 is an all-zeros ivec */
+    /* cipher-state == 0 fresh state thrown away at end */
     krb5_error_code (*encrypt) (krb5_const krb5_keyblock *key,
-				krb5_const krb5_data *ivec,
+				krb5_const krb5_data *cipher_state,
 				krb5_const krb5_data *input,
 				krb5_data *output);
 
@@ -534,6 +534,11 @@ struct krb5_enc_provider {
 
     krb5_error_code (*make_key) (krb5_const krb5_data *randombits,
 				 krb5_keyblock *key);
+
+  krb5_error_code (*init_state) (krb5_const krb5_keyblock *key,
+				 krb5_keyusage keyusage, krb5_data *out_state);
+  krb5_error_code (*free_state) (krb5_data *state);
+  
 };
 
 struct krb5_hash_provider {
@@ -623,6 +628,21 @@ krb5_error_code krb5_hmac
 		krb5_const krb5_keyblock *key, unsigned int icount,
 		krb5_const krb5_data *input, krb5_data *output);
 
+/* A definition of init_state for DES based encryption systems.
+ * sets up an 8-byte IV of all zeros
+ */
+
+krb5_error_code krb5int_des_init_state
+(krb5_const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state);
+
+/* 
+ * normally to free a cipher_state you can just memset the length to zero and
+ * free it.
+ */
+krb5_error_code krb5int_default_free_state
+(krb5_data *state);
+
+
 /* 
  * These declarations are here, so both krb5 and k5crypto
  * can get to them.
diff --git a/src/include/krb5.hin b/src/include/krb5.hin
index 4119085a3..88185c2e9 100644
--- a/src/include/krb5.hin
+++ b/src/include/krb5.hin
@@ -371,13 +371,13 @@ typedef struct _krb5_enc_data {
 krb5_error_code KRB5_CALLCONV
     krb5_c_encrypt
     (krb5_context context, krb5_const krb5_keyblock *key,
-		    krb5_keyusage usage, krb5_const krb5_data *ivec,
+		    krb5_keyusage usage, krb5_const krb5_data *cipher_state,
 		    krb5_const krb5_data *input, krb5_enc_data *output);
 
 krb5_error_code KRB5_CALLCONV
     krb5_c_decrypt
     (krb5_context context, krb5_const krb5_keyblock *key,
-		    krb5_keyusage usage, krb5_const krb5_data *ivec,
+		    krb5_keyusage usage, krb5_const krb5_data *cipher_state,
 		    krb5_const krb5_enc_data *input, krb5_data *output);
 
 krb5_error_code KRB5_CALLCONV
@@ -391,6 +391,16 @@ krb5_error_code KRB5_CALLCONV
 		    size_t *blocksize);
 
 krb5_error_code KRB5_CALLCONV
+	krb5_c_init_state
+(krb5_context context,
+krb5_const krb5_keyblock *key, krb5_keyusage usage,
+krb5_data *new_state);
+
+krb5_error_code KRB5_CALLCONV
+	krb5_c_free_state
+(krb5_context context, krb5_const krb5_keyblock *key, krb5_data *state);
+
+krb5_error_code KRB5_CALLCONV
     krb5_c_make_random_key
     (krb5_context context, krb5_enctype enctype,
 		    krb5_keyblock *k5_random_key);