diff options
author | Sam Hartman <hartmans@mit.edu> | 2004-02-24 21:07:22 +0000 |
---|---|---|
committer | Sam Hartman <hartmans@mit.edu> | 2004-02-24 21:07:22 +0000 |
commit | 6ce8b3450b2c24ba09a298895c724a40a929d024 (patch) | |
tree | 2f44dd7927da5c3fb5dc7d21938f2e009aa1bb08 /src/lib/crypto/dk | |
parent | 2d16d6cd6b2ecec6e8843ba17603875d1804c980 (diff) | |
download | krb5-6ce8b3450b2c24ba09a298895c724a40a929d024.tar.gz krb5-6ce8b3450b2c24ba09a298895c724a40a929d024.tar.xz krb5-6ce8b3450b2c24ba09a298895c724a40a929d024.zip |
Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1
Previously, MIT had support for a version of the des3 enctype with a
32-bit length prepended to encrypted data. Remove that support. This
is non-standard and is no longer needed even at MIT.
Ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16122 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/dk')
-rw-r--r-- | src/lib/crypto/dk/ChangeLog | 6 | ||||
-rw-r--r-- | src/lib/crypto/dk/checksum.c | 78 | ||||
-rw-r--r-- | src/lib/crypto/dk/dk.h | 25 | ||||
-rw-r--r-- | src/lib/crypto/dk/dk_decrypt.c | 139 | ||||
-rw-r--r-- | src/lib/crypto/dk/dk_encrypt.c | 147 |
5 files changed, 6 insertions, 389 deletions
diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog index af7d148da..fb32bfdc3 100644 --- a/src/lib/crypto/dk/ChangeLog +++ b/src/lib/crypto/dk/ChangeLog @@ -1,3 +1,9 @@ +2004-02-24 Sam Hartman <hartmans@avalanche-breakdown.mit.edu> + + * dk.h: As below. + + * checksum.c dk_decrypt.c dk_encrypt.c: Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 + 2004-02-18 Ken Raeburn <raeburn@mit.edu> * checksum.c, derive.c, dk_decrypt.c, dk_encrypt.c: Use ANSI C diff --git a/src/lib/crypto/dk/checksum.c b/src/lib/crypto/dk/checksum.c index 4cd540d39..2f30cb740 100644 --- a/src/lib/crypto/dk/checksum.c +++ b/src/lib/crypto/dk/checksum.c @@ -101,81 +101,3 @@ cleanup: return(ret); } -#ifdef ATHENA_DES3_KLUDGE -krb5_error_code -krb5_marc_dk_make_checksum(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *input, krb5_data *output) -{ - int i; - struct krb5_enc_provider *enc; - size_t blocksize, keybytes, keylength; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data datain[2]; - unsigned char *kcdata; - krb5_keyblock kc; - - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - enc = krb5_enctypes_list[i].enc; - - /* allocate and set to-be-derived keys */ - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - - /* key->length will be tested in enc->encrypt - output->length will be tested in krb5_hmac */ - - if ((kcdata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - - kc.contents = kcdata; - kc.length = keylength; - - /* derive the key */ - - datain[0].data = constantdata; - datain[0].length = K5CLENGTH; - - datain[0].data[0] = (usage>>24)&0xff; - datain[0].data[1] = (usage>>16)&0xff; - datain[0].data[2] = (usage>>8)&0xff; - datain[0].data[3] = usage&0xff; - - datain[0].data[4] = 0x99; - - if ((ret = krb5_derive_key(enc, key, &kc, &datain[0])) != 0) - goto cleanup; - - /* hash the data */ - - datain[0].length = 4; - datain[0].data[0] = (input->length>>24)&0xff; - datain[0].data[1] = (input->length>>16)&0xff; - datain[0].data[2] = (input->length>>8)&0xff; - datain[0].data[3] = input->length&0xff; - - datain[1] = *input; - - if ((ret = krb5_hmac(hash, &kc, 2, datain, output)) != 0) - memset(output->data, 0, output->length); - - /* ret is set correctly by the prior call */ - -cleanup: - memset(kcdata, 0, keylength); - - free(kcdata); - - return(ret); -} -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/dk/dk.h b/src/lib/crypto/dk/dk.h index a224167ea..b9c7f7007 100644 --- a/src/lib/crypto/dk/dk.h +++ b/src/lib/crypto/dk/dk.h @@ -79,28 +79,3 @@ krb5_error_code krb5_dk_make_checksum const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *input, krb5_data *output); -#ifdef ATHENA_DES3_KLUDGE -void krb5_marc_dk_encrypt_length -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); - -krb5_error_code krb5_marc_dk_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, krb5_data *output); - -krb5_error_code krb5_marc_dk_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); - -krb5_error_code krb5_marc_dk_make_checksum -(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *input, krb5_data *output); -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/dk/dk_decrypt.c b/src/lib/crypto/dk/dk_decrypt.c index bebd2665e..c4397382a 100644 --- a/src/lib/crypto/dk/dk_decrypt.c +++ b/src/lib/crypto/dk/dk_decrypt.c @@ -201,142 +201,3 @@ cleanup: return(ret); } -#ifdef ATHENA_DES3_KLUDGE -krb5_error_code -krb5_marc_dk_decrypt(enc, hash, key, usage, ivec, input, output) - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - const krb5_keyblock *key; - krb5_keyusage usage; - const krb5_data *ivec; - const krb5_data *input; - krb5_data *output; -{ - krb5_error_code ret; - size_t hashsize, blocksize, keybytes, keylength, enclen, plainlen; - unsigned char *plaindata, *kedata, *kidata, *cksum, *cn; - krb5_keyblock ke, ki; - krb5_data d1, d2; - unsigned char constantdata[K5CLENGTH]; - - /* allocate and set up ciphertext and to-be-derived keys */ - - hashsize = hash->hashsize; - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - - enclen = input->length - hashsize; - - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaindata = (unsigned char *) malloc(enclen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } - if ((cksum = (unsigned char *) malloc(hashsize)) == NULL) { - free(plaindata); - free(kidata); - free(kedata); - return(ENOMEM); - } - - ke.contents = kedata; - ke.length = keylength; - ki.contents = kidata; - ki.length = keylength; - - /* derive the keys */ - - d1.data = constantdata; - d1.length = K5CLENGTH; - - d1.data[0] = (usage>>24)&0xff; - d1.data[1] = (usage>>16)&0xff; - d1.data[2] = (usage>>8)&0xff; - d1.data[3] = usage&0xff; - - d1.data[4] = 0xAA; - - if ((ret = krb5_derive_key(enc, key, &ke, &d1)) != 0) - goto cleanup; - - d1.data[4] = 0x55; - - if ((ret = krb5_derive_key(enc, key, &ki, &d1)) != 0) - goto cleanup; - - /* decrypt the ciphertext */ - - d1.length = enclen; - d1.data = input->data; - - d2.length = enclen; - d2.data = plaindata; - - if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) - cn = d1.data + d1.length - blocksize; - else - cn = NULL; - - /* verify the hash */ - - d1.length = hashsize; - d1.data = cksum; - - if ((ret = krb5_hmac(hash, &ki, 1, &d2, &d1)) != 0) - goto cleanup; - - if (memcmp(cksum, input->data+enclen, hashsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - /* because this encoding isn't self-describing wrt length, the - best we can do here is to compute the length minus the - confounder. */ - - /* get the real plaintext length and copy the data into the output */ - - plainlen = ((((plaindata+blocksize)[0])<<24) | - (((plaindata+blocksize)[1])<<16) | - (((plaindata+blocksize)[2])<<8) | - ((plaindata+blocksize)[3])); - - if (plainlen > (enclen - blocksize - 4)) - return(KRB5_BAD_MSIZE); - - if (output->length < plainlen) - return(KRB5_BAD_MSIZE); - - output->length = plainlen; - - memcpy(output->data, d2.data+4+blocksize, output->length); - - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - - ret = 0; - -cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaindata, 0, enclen); - memset(cksum, 0, hashsize); - - free(cksum); - free(plaindata); - free(kidata); - free(kedata); - - return(ret); -} -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/dk/dk_encrypt.c b/src/lib/crypto/dk/dk_encrypt.c index 08d26856c..2431e61c8 100644 --- a/src/lib/crypto/dk/dk_encrypt.c +++ b/src/lib/crypto/dk/dk_encrypt.c @@ -360,150 +360,3 @@ cleanup: return(ret); } -#ifdef ATHENA_DES3_KLUDGE -void -krb5_marc_dk_encrypt_length(enc, hash, inputlen, length) - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - size_t inputlen; - size_t *length; -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - *length = krb5_roundup(blocksize+4+inputlen, blocksize) + hashsize; -} - -krb5_error_code -krb5_marc_dk_encrypt(enc, hash, key, usage, ivec, input, output) - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - const krb5_keyblock *key; - krb5_keyusage usage; - const krb5_data *ivec; - const krb5_data *input; - krb5_data *output; -{ - size_t blocksize, keybytes, keylength, plainlen, enclen; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data d1, d2; - unsigned char *plaintext, *kedata, *kidata, *cn; - krb5_keyblock ke, ki; - - /* allocate and set up plaintext and to-be-derived keys */ - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - plainlen = krb5_roundup(blocksize+4+input->length, blocksize); - - krb5_marc_dk_encrypt_length(enc, hash, input->length, &enclen); - - /* key->length, ivec will be tested in enc->encrypt */ - - if (output->length < enclen) - return(KRB5_BAD_MSIZE); - - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaintext = (unsigned char *) malloc(plainlen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } - - ke.contents = kedata; - ke.length = keylength; - ki.contents = kidata; - ki.length = keylength; - - /* derive the keys */ - - d1.data = constantdata; - d1.length = K5CLENGTH; - - d1.data[0] = (usage>>24)&0xff; - d1.data[1] = (usage>>16)&0xff; - d1.data[2] = (usage>>8)&0xff; - d1.data[3] = usage&0xff; - - d1.data[4] = 0xAA; - - if ((ret = krb5_derive_key(enc, key, &ke, &d1))) - goto cleanup; - - d1.data[4] = 0x55; - - if ((ret = krb5_derive_key(enc, key, &ki, &d1))) - goto cleanup; - - /* put together the plaintext */ - - d1.length = blocksize; - d1.data = plaintext; - - if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &d1))) - goto cleanup; - - (plaintext+blocksize)[0] = (input->length>>24)&0xff; - (plaintext+blocksize)[1] = (input->length>>16)&0xff; - (plaintext+blocksize)[2] = (input->length>>8)&0xff; - (plaintext+blocksize)[3] = input->length&0xff; - - memcpy(plaintext+blocksize+4, input->data, input->length); - - memset(plaintext+blocksize+4+input->length, 0, - plainlen - (blocksize+4+input->length)); - - /* encrypt the plaintext */ - - d1.length = plainlen; - d1.data = plaintext; - - d2.length = plainlen; - d2.data = output->data; - - if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2)))) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) - cn = d2.data + d2.length - blocksize; - else - cn = NULL; - - /* hash the plaintext */ - - d2.length = enclen - plainlen; - d2.data = output->data+plainlen; - - output->length = enclen; - - if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2))) { - memset(d2.data, 0, d2.length); - goto cleanup; - } - - /* update ivec */ - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - - /* ret is set correctly by the prior call */ - -cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaintext, 0, plainlen); - - free(plaintext); - free(kidata); - free(kedata); - - return(ret); -} -#endif /* ATHENA_DES3_KLUDGE */ |