Crypto modularity proj: Separate files under crypto directory based on their functionality. Move Kerberos specific files into krb subdir and MIT specific - into builtin subdir. Place all tests into crypto_tests subfolder.

bigredbutton: whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22477 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 435 insertions, 0 deletions

diff --git a/src/lib/crypto/krb/old/Makefile.in b/src/lib/crypto/krb/old/Makefile.in
new file mode 100644
index 000000000..4370f1ffb
--- /dev/null
+++ b/src/lib/crypto/krb/old/Makefile.in
@@ -0,0 +1,35 @@
+thisconfigdir=../../../..
+myfulldir=lib/crypto/krb/old
+mydir=lib/crypto/krb/old
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/../../@CRYPTO_IMPL@/des -I$(srcdir)
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..
+##DOS##PREFIXDIR=old
+##DOS##OBJFILE=..\$(OUTPRE)old.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+RUN_SETUP = @KRB5_RUN_ENV@ KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf
+
+STLIBOBJS= old_decrypt.o old_encrypt.o des_stringtokey.o
+
+OBJS= $(OUTPRE)des_stringtokey.$(OBJEXT) $(OUTPRE)old_decrypt.$(OBJEXT) $(OUTPRE)old_encrypt.$(OBJEXT)
+
+SRCS= $(srcdir)/des_stringtokey.c $(srcdir)/old_decrypt.c \
+	$(srcdir)/old_encrypt.c
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs
+
+includes:: depend
+
+depend:: $(SRCS)
+
+clean-unix:: clean-libobjs
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/krb/old/deps b/src/lib/crypto/krb/old/deps
new file mode 100644
index 000000000..e2e71c213
--- /dev/null
+++ b/src/lib/crypto/krb/old/deps
@@ -0,0 +1,37 @@
+# 
+# Generated makefile dependencies follow.
+#
+des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(SRCTOP)/include/autoconf.h $(SRCTOP)/include/k5-buf.h \
+  $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+  $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+  $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+  $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+  $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+  $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+  $(srcdir)/../../builtin/des/des_int.h des_stringtokey.c \
+  old.h
+old_decrypt.so old_decrypt.po $(OUTPRE)old_decrypt.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(SRCTOP)/include/autoconf.h $(SRCTOP)/include/k5-buf.h \
+  $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+  $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+  $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+  $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+  $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+  $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+  old.h old_decrypt.c
+old_encrypt.so old_encrypt.po $(OUTPRE)old_encrypt.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(SRCTOP)/include/autoconf.h $(SRCTOP)/include/k5-buf.h \
+  $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
+  $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
+  $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
+  $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
+  $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
+  $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+  old.h old_encrypt.c
diff --git a/src/lib/crypto/krb/old/des_stringtokey.c b/src/lib/crypto/krb/old/des_stringtokey.c
new file mode 100644
index 000000000..2bacb4ef9
--- /dev/null
+++ b/src/lib/crypto/krb/old/des_stringtokey.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "old.h"
+#include <des_int.h>
+
+/* XXX */
+extern krb5_error_code mit_des_string_to_key_int
+(krb5_keyblock * keyblock,
+		 const krb5_data * data,
+		 const krb5_data * salt);
+
+krb5_error_code
+krb5int_des_string_to_key(const struct krb5_enc_provider *enc,
+			  const krb5_data *string,
+			  const krb5_data *salt, const krb5_data *parm,
+			  krb5_keyblock *key)
+{
+    int type;
+    if (parm ) {
+	if (parm->length != 1)
+	    return KRB5_ERR_BAD_S2K_PARAMS;
+	type = parm->data[0];
+    }
+    else type = 0;
+    switch(type) {
+    case 0:
+    return(mit_des_string_to_key_int(key, string, salt));
+    case 1:
+	return mit_afs_string_to_key(key, string, salt);
+    default:
+	return KRB5_ERR_BAD_S2K_PARAMS;
+    }
+}
diff --git a/src/lib/crypto/krb/old/old.h b/src/lib/crypto/krb/old/old.h
new file mode 100644
index 000000000..94ee6421e
--- /dev/null
+++ b/src/lib/crypto/krb/old/old.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+
+void krb5_old_encrypt_length
+(const struct krb5_enc_provider *enc,
+		const struct krb5_hash_provider *hash,
+		size_t input, size_t *length);
+
+krb5_error_code krb5_old_encrypt
+(const struct krb5_enc_provider *enc,
+		const struct krb5_hash_provider *hash,
+		const krb5_keyblock *key, krb5_keyusage usage,
+		const krb5_data *ivec, const krb5_data *input,
+		krb5_data *output);
+
+krb5_error_code krb5_old_decrypt
+(const struct krb5_enc_provider *enc,
+		const struct krb5_hash_provider *hash,
+		const krb5_keyblock *key, krb5_keyusage usage,
+		const krb5_data *ivec, const krb5_data *input,
+		krb5_data *arg_output);
+
+krb5_error_code krb5int_des_string_to_key
+(const struct krb5_enc_provider *enc,
+		const krb5_data *string, const krb5_data *salt,
+		const krb5_data *params,
+		krb5_keyblock *key);
diff --git a/src/lib/crypto/krb/old/old_decrypt.c b/src/lib/crypto/krb/old/old_decrypt.c
new file mode 100644
index 000000000..cfbbd7272
--- /dev/null
+++ b/src/lib/crypto/krb/old/old_decrypt.c
@@ -0,0 +1,143 @@
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "old.h"
+
+krb5_error_code
+krb5_old_decrypt(const struct krb5_enc_provider *enc,
+		 const struct krb5_hash_provider *hash,
+		 const krb5_keyblock *key,
+		 krb5_keyusage usage,
+		 const krb5_data *ivec,
+		 const krb5_data *input,
+		 krb5_data *arg_output)
+{
+    krb5_error_code ret;
+    size_t blocksize, hashsize, plainsize;
+    unsigned char *cksumdata, *cn;
+    krb5_data output, cksum, crcivec;
+    int alloced;
+
+    blocksize = enc->block_size;
+    hashsize = hash->hashsize;
+
+    plainsize = input->length - blocksize - hashsize;
+
+    if (arg_output->length < plainsize)
+	return(KRB5_BAD_MSIZE);
+
+    /* if there's enough space to work in the app buffer, use it,
+       otherwise allocate our own */
+
+    if ((cksumdata = (unsigned char *) malloc(hashsize)) == NULL)
+	return(ENOMEM);
+
+    if (arg_output->length < input->length) {
+	output.length = input->length;
+
+	if ((output.data = (char *) malloc(output.length)) == NULL) {
+	    free(cksumdata);
+	    return(ENOMEM);
+	}
+
+	alloced = 1;
+    } else {
+	output.length = input->length;
+
+	output.data = arg_output->data;
+
+	alloced = 0;
+    }
+
+    /* decrypt it */
+
+    /* save last ciphertext block in case we decrypt in place */
+    if (ivec != NULL && ivec->length == blocksize) {
+	cn = malloc(blocksize);
+	if (cn == NULL) {
+	    ret = ENOMEM;
+	    goto cleanup;
+	}
+	memcpy(cn, input->data + input->length - blocksize, blocksize);
+    } else
+	cn = NULL;
+
+    /* XXX this is gross, but I don't have much choice */
+    if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) {
+	crcivec.length = key->length;
+	crcivec.data = (char *) key->contents;
+	ivec = &crcivec;
+    }
+
+    if ((ret = ((*(enc->decrypt))(key, ivec, input, &output))))
+	goto cleanup;
+
+    /* verify the checksum */
+
+    memcpy(cksumdata, output.data+blocksize, hashsize);
+    memset(output.data+blocksize, 0, hashsize);
+
+    cksum.length = hashsize;
+    cksum.data = output.data+blocksize;
+
+    if ((ret = ((*(hash->hash))(1, &output, &cksum))))
+	goto cleanup;
+
+    if (memcmp(cksum.data, cksumdata, cksum.length) != 0) {
+	ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+	goto cleanup;
+    }
+
+    /* copy the plaintext around */
+
+    if (alloced) {
+	memcpy(arg_output->data, output.data+blocksize+hashsize,
+	       plainsize);
+    } else {
+	memmove(arg_output->data, arg_output->data+blocksize+hashsize,
+		plainsize);
+    }
+    arg_output->length = plainsize;
+
+    /* update ivec */
+    if (cn != NULL)
+	memcpy(ivec->data, cn, blocksize);
+
+    ret = 0;
+
+cleanup:
+    if (alloced) {
+	memset(output.data, 0, output.length);
+	free(output.data);
+    }
+
+    if (cn != NULL)
+	free(cn);
+    memset(cksumdata, 0, hashsize);
+    free(cksumdata);
+    return(ret);
+}
diff --git a/src/lib/crypto/krb/old/old_encrypt.c b/src/lib/crypto/krb/old/old_encrypt.c
new file mode 100644
index 000000000..98bd109e0
--- /dev/null
+++ b/src/lib/crypto/krb/old/old_encrypt.c
@@ -0,0 +1,110 @@
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include "k5-int.h"
+#include "old.h"
+
+void
+krb5_old_encrypt_length(const struct krb5_enc_provider *enc,
+			const struct krb5_hash_provider *hash,
+			size_t inputlen,
+			size_t *length)
+{
+    size_t blocksize, hashsize;
+
+    blocksize = enc->block_size;
+    hashsize = hash->hashsize;
+
+    *length = krb5_roundup(blocksize+hashsize+inputlen, blocksize);
+}
+
+krb5_error_code
+krb5_old_encrypt(const struct krb5_enc_provider *enc,
+		 const struct krb5_hash_provider *hash,
+		 const krb5_keyblock *key,
+		 krb5_keyusage usage,
+		 const krb5_data *ivec,
+		 const krb5_data *input,
+		 krb5_data *output)
+{
+    krb5_error_code ret;
+    size_t blocksize, hashsize, enclen;
+    krb5_data datain, crcivec;
+    int real_ivec;
+
+    blocksize = enc->block_size;
+    hashsize = hash->hashsize;
+
+    krb5_old_encrypt_length(enc, hash, input->length, &enclen);
+
+    if (output->length < enclen)
+	return(KRB5_BAD_MSIZE);
+
+    output->length = enclen;
+
+    /* fill in confounded, padded, plaintext buffer with zero checksum */
+
+    memset(output->data, 0, output->length);
+
+    datain.length = blocksize;
+    datain.data = output->data;
+
+    if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &datain)))
+	return(ret);
+    memcpy(output->data+blocksize+hashsize, input->data, input->length);
+
+    /* compute the checksum */
+
+    datain.length = hashsize;
+    datain.data = output->data+blocksize;
+
+    if ((ret = ((*(hash->hash))(1, output, &datain))))
+	goto cleanup;
+
+    /* encrypt it */
+
+    /* XXX this is gross, but I don't have much choice */
+    if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) {
+	crcivec.length = key->length;
+	crcivec.data = (char *) key->contents;
+	ivec = &crcivec;
+	real_ivec = 0;
+    } else
+	real_ivec = 1;
+
+    if ((ret = ((*(enc->encrypt))(key, ivec, output, output))))
+	goto cleanup;
+
+    /* update ivec */
+    if (real_ivec && ivec != NULL && ivec->length == blocksize)
+	memcpy(ivec->data, output->data + output->length - blocksize,
+	       blocksize);
+cleanup:
+    if (ret)
+	memset(output->data, 0, output->length);
+
+    return(ret);
+}