diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-03-02 05:29:29 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-03-02 05:29:29 +0000 |
| commit | ce6d249fdf1dd7dda5b202836ed387500324ae2a (patch) | |
| tree | b0550b898743ddfdff76ac6647fca7a12d6db284 /src/lib/crypto/krb | |
| parent | e2d6d9ce23b878334d70a0f9c697064873619b75 (diff) | |
| download | krb5-ce6d249fdf1dd7dda5b202836ed387500324ae2a.tar.gz krb5-ce6d249fdf1dd7dda5b202836ed387500324ae2a.tar.xz krb5-ce6d249fdf1dd7dda5b202836ed387500324ae2a.zip | |
Consolidate almost all lib/crypto/krb headers into a single
crypto_int.h. In that header, define and document responsibilities
for crypto modules, some of which are satisfied through a
module-specific crypto_mod.h. In the OpenSSL and NSS modules, remove
many of the headers and sources providing functionality which isn't
needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and
SHA-1 hashing, as well as DES weak key testing). Change most
Makefile.ins to only include headers from lib/crypto/krb and
lib/crypto/$(CRYPTO_IMPL), instead of from many different directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/krb')
88 files changed, 1261 insertions, 1494 deletions
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in index 7eaccb4ff..838f128f9 100644 --- a/src/lib/crypto/krb/Makefile.in +++ b/src/lib/crypto/krb/Makefile.in @@ -1,16 +1,7 @@ mydir=lib$(S)crypto$(S)krb BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS= arcfour checksum crc32 dk prf old raw -LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../$(CRYPTO_IMPL)/enc_provider \ - -I$(srcdir)/dk -I$(srcdir)/../$(CRYPTO_IMPL)/hash_provider \ - -I$(srcdir)/prf -I$(srcdir)/old -I$(srcdir)/raw \ - -I$(srcdir)/../$(CRYPTO_IMPL) \ - -I$(srcdir)/../$(CRYPTO_IMPL)/des \ - -I$(srcdir)/../$(CRYPTO_IMPL)/aes -I$(srcdir)/arcfour \ - -I$(srcdir)/../$(CRYPTO_IMPL)/sha2 \ - -I$(srcdir)/../$(CRYPTO_IMPL)/camellia \ - -I$(srcdir)/../$(CRYPTO_IMPL)/sha1 \ - -I$(srcdir)/../$(CRYPTO_IMPL) +LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/../$(CRYPTO_IMPL) RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/crypto/krb/aead.c b/src/lib/crypto/krb/aead.c index 3d9111abb..2bb341cb9 100644 --- a/src/lib/crypto/krb/aead.c +++ b/src/lib/crypto/krb/aead.c @@ -25,11 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "cksumtypes.h" -#include "dk.h" -#include "aead.h" +#include "crypto_int.h" krb5_crypto_iov * krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data, diff --git a/src/lib/crypto/krb/aead.h b/src/lib/crypto/krb/aead.h deleted file mode 100644 index 5cc94f449..000000000 --- a/src/lib/crypto/krb/aead.h +++ /dev/null @@ -1,314 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/aead.h - * - * Copyright 2008, 2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "cksumtypes.h" -#include "etypes.h" - -/* AEAD helpers */ - -krb5_crypto_iov * -krb5int_c_locate_iov(krb5_crypto_iov *data, - size_t num_data, - krb5_cryptotype type); - -#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER) - -#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \ - (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING) - -#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov)) - -#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \ - (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ) - -struct iov_block_state { - size_t iov_pos; /* index into iov array */ - size_t data_pos; /* index into iov contents */ - unsigned int ignore_header : 1; /* have/should we process HEADER */ - unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */ - unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */ -}; - -#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \ - (_state)->data_pos = \ - (_state)->ignore_header = \ - (_state)->include_sign_only = \ - (_state)->pad_to_boundary = 0) - -krb5_error_code -krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage keyusage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -unsigned int -krb5int_c_padding_length(const struct krb5_keytypes *ktp, size_t data_length); - -#ifdef DEBUG_IOV -static inline void -dump_block(const char *tag, - size_t i, - size_t j, - unsigned char *block, - size_t block_size) -{ - size_t k; - - printf("[%s: %lu.%lu] ", tag, i, j); - - for (k = 0; k < block_size; k++) - printf("%02x ", block[k] & 0xFF); - - printf("\n"); -} -#endif - -static inline int -process_block_p(const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - size_t i) -{ - const krb5_crypto_iov *iov = &data[i]; - int process_block; - - switch (iov->flags) { - case KRB5_CRYPTO_TYPE_SIGN_ONLY: - process_block = iov_state->include_sign_only; - break; - case KRB5_CRYPTO_TYPE_PADDING: - process_block = (iov_state->pad_to_boundary == 0); - break; - case KRB5_CRYPTO_TYPE_HEADER: - process_block = (iov_state->ignore_header == 0); - break; - case KRB5_CRYPTO_TYPE_DATA: - process_block = 1; - break; - default: - process_block = 0; - break; - } - - return process_block; -} - -/* - * Returns TRUE if, having reached the end of the current buffer, - * we should pad the rest of the block with zeros. - */ -static inline int -pad_to_boundary_p(const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - size_t i, - size_t j) -{ - /* If the pad_to_boundary flag is unset, return FALSE */ - if (iov_state->pad_to_boundary == 0) - return 0; - - /* If we haven't got any data, we need to get some */ - if (j == 0) - return 0; - - /* No boundary between adjacent buffers marked for processing */ - if (data[iov_state->iov_pos].flags == data[i].flags) - return 0; - - return 1; -} - -/* - * Retrieve a block from the IOV. If p is non-NULL and the next block is - * completely contained within the current buffer, then *p will contain an - * alias into the buffer; otherwise, a copy will be made into storage. - * - * After calling this function, encrypt the returned block and then call - * krb5int_c_iov_put_block_nocopy() (with a separate output cursor). If - * p was non-NULL on the call to get_block(), then pass that pointer in. - */ -static inline krb5_boolean -krb5int_c_iov_get_block_nocopy(unsigned char *storage, - size_t block_size, - const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state, - unsigned char **p) -{ - size_t i, j = 0; - - if (p != NULL) - *p = storage; - - for (i = iov_state->iov_pos; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - size_t nbytes; - - if (!process_block_p(data, num_data, iov_state, i)) - continue; - - if (pad_to_boundary_p(data, num_data, iov_state, i, j)) - break; - - iov_state->iov_pos = i; - - nbytes = iov->data.length - iov_state->data_pos; - if (nbytes > block_size - j) - nbytes = block_size - j; - - /* - * If we can return a pointer into a complete block, then do so. - */ - if (p != NULL && j == 0 && nbytes == block_size) { - *p = (unsigned char *)iov->data.data + iov_state->data_pos; - } else { - memcpy(storage + j, iov->data.data + iov_state->data_pos, nbytes); - } - - iov_state->data_pos += nbytes; - j += nbytes; - - assert(j <= block_size); - - if (j == block_size) - break; - - assert(iov_state->data_pos == iov->data.length); - - iov_state->data_pos = 0; - } - - iov_state->iov_pos = i; - - if (j == 0) - return FALSE; - else if (j != block_size) - memset(storage + j, 0, block_size - j); - -#ifdef DEBUG_IOV - dump_block("get_block", i, j, (p && *p) ? *p : storage, block_size); -#endif - - return TRUE; -} - -/* - * Store a block retrieved with krb5int_c_iov_get_block_no_copy if - * necessary, and advance the output cursor. - */ -static inline krb5_boolean -krb5int_c_iov_put_block_nocopy(const krb5_crypto_iov *data, - size_t num_data, - unsigned char *storage, - size_t block_size, - struct iov_block_state *iov_state, - unsigned char *p) -{ - size_t i, j = 0; - - assert(p != NULL); - - for (i = iov_state->iov_pos; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - size_t nbytes; - - if (!process_block_p(data, num_data, iov_state, i)) - continue; - - if (pad_to_boundary_p(data, num_data, iov_state, i, j)) - break; - - iov_state->iov_pos = i; - - nbytes = iov->data.length - iov_state->data_pos; - if (nbytes > block_size - j) - nbytes = block_size - j; - - /* - * If we had previously returned a pointer into a complete block, - * then no action is required. - */ - if (p == storage) { - memcpy(iov->data.data + iov_state->data_pos, storage + j, nbytes); - } else { - /* Ensure correctly paired with a call to get_block_nocopy(). */ - assert(j == 0); - assert(nbytes == 0 || nbytes == block_size); - } - - iov_state->data_pos += nbytes; - j += nbytes; - - assert(j <= block_size); - - if (j == block_size) - break; - - assert(iov_state->data_pos == iov->data.length); - - iov_state->data_pos = 0; - } - - iov_state->iov_pos = i; - -#ifdef DEBUG_IOV - dump_block("put_block", i, j, p, block_size); -#endif - - return (iov_state->iov_pos < num_data); -} - -/* - * A wrapper for krb5int_c_iov_get_block_nocopy() that always makes - * a copy. - */ -static inline krb5_boolean -krb5int_c_iov_get_block(unsigned char *block, - size_t block_size, - const krb5_crypto_iov *data, - size_t num_data, - struct iov_block_state *iov_state) -{ - return krb5int_c_iov_get_block_nocopy(block, block_size, data, num_data, - iov_state, NULL); -} - -/* - * A wrapper for krb5int_c_iov_put_block_nocopy() that always copies - * the block. - */ -static inline krb5_boolean -krb5int_c_iov_put_block(const krb5_crypto_iov *data, - size_t num_data, - unsigned char *block, - size_t block_size, - struct iov_block_state *iov_state) -{ - return krb5int_c_iov_put_block_nocopy(data, num_data, block, block_size, - iov_state, block); -} diff --git a/src/lib/crypto/krb/arcfour/Makefile.in b/src/lib/crypto/krb/arcfour/Makefile.in index ce2912884..6f217d6f6 100644 --- a/src/lib/crypto/krb/arcfour/Makefile.in +++ b/src/lib/crypto/krb/arcfour/Makefile.in @@ -1,7 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)arcfour BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) \ - -I$(srcdir)/../../$(CRYPTO_IMPL)/hash_provider +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/arcfour/arcfour.c b/src/lib/crypto/krb/arcfour/arcfour.c index 4793cc38d..265e3c1d0 100644 --- a/src/lib/crypto/krb/arcfour/arcfour.c +++ b/src/lib/crypto/krb/arcfour/arcfour.c @@ -7,10 +7,7 @@ of RSA Data Security) */ -#include "k5-int.h" -#include "arcfour.h" -#include "aead.h" -#include "hash_provider/hash_provider.h" +#include "crypto_int.h" #define CONFOUNDERLENGTH 8 diff --git a/src/lib/crypto/krb/arcfour/arcfour.h b/src/lib/crypto/krb/arcfour/arcfour.h deleted file mode 100644 index 34cbcc0f3..000000000 --- a/src/lib/crypto/krb/arcfour/arcfour.h +++ /dev/null @@ -1,34 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#ifndef ARCFOUR_H -#define ARCFOUR_H - -#include "etypes.h" - -krb5_keyusage -krb5int_arcfour_translate_usage(krb5_keyusage usage); - -unsigned int -krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -extern krb5_error_code -krb5int_arcfour_string_to_key( - const struct krb5_keytypes *, - const krb5_data *, - const krb5_data *, - const krb5_data *, - krb5_keyblock *); - -extern const struct krb5_enc_provider krb5int_enc_arcfour; - -#endif /* ARCFOUR_H */ diff --git a/src/lib/crypto/krb/arcfour/arcfour_s2k.c b/src/lib/crypto/krb/arcfour/arcfour_s2k.c index 5dc75332b..49ad89d32 100644 --- a/src/lib/crypto/krb/arcfour/arcfour_s2k.c +++ b/src/lib/crypto/krb/arcfour/arcfour_s2k.c @@ -1,8 +1,6 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include "k5-int.h" +#include "crypto_int.h" #include "k5-utf8.h" -#include "hash_provider.h" -#include "arcfour.h" krb5_error_code krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/arcfour/deps b/src/lib/crypto/krb/arcfour/deps index 2bfa78931..b430d941f 100644 --- a/src/lib/crypto/krb/arcfour/deps +++ b/src/lib/crypto/krb/arcfour/deps @@ -3,21 +3,23 @@ # arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - arcfour.c arcfour.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h arcfour.c arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -25,4 +27,4 @@ arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h arcfour.h arcfour_s2k.c + $(top_srcdir)/include/socket-utils.h arcfour_s2k.c diff --git a/src/lib/crypto/krb/block_size.c b/src/lib/crypto/krb/block_size.c index 7d65a5ae3..d50c94469 100644 --- a/src/lib/crypto/krb/block_size.c +++ b/src/lib/crypto/krb/block_size.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_block_size(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/cf2.c b/src/lib/crypto/krb/cf2.c index 6e7ecdc3d..029916144 100644 --- a/src/lib/crypto/krb/cf2.c +++ b/src/lib/crypto/krb/cf2.c @@ -31,10 +31,7 @@ *pepper strings as input and return a combined key. */ -#include <k5-int.h> -#include <assert.h> -#include "etypes.h" - +#include "crypto_int.h" /* * Call the PRF function multiple times with the pepper prefixed with diff --git a/src/lib/crypto/krb/checksum/Makefile.in b/src/lib/crypto/krb/checksum/Makefile.in index 2d4148168..9948f3eba 100644 --- a/src/lib/crypto/krb/checksum/Makefile.in +++ b/src/lib/crypto/krb/checksum/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)checksum BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../arcfour +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/checksum/cbc.c b/src/lib/crypto/krb/checksum/cbc.c index 6beadf894..3a8c0bc62 100644 --- a/src/lib/crypto/krb/checksum/cbc.c +++ b/src/lib/crypto/krb/checksum/cbc.c @@ -28,8 +28,7 @@ * input. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, diff --git a/src/lib/crypto/krb/checksum/cmac.c b/src/lib/crypto/krb/checksum/cmac.c index ec4d65ff6..3e9dfb14b 100644 --- a/src/lib/crypto/krb/checksum/cmac.c +++ b/src/lib/crypto/krb/checksum/cmac.c @@ -39,11 +39,7 @@ * WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" -#include "etypes.h" -#include "cksumtypes.h" +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/krb/checksum/confounder.c b/src/lib/crypto/krb/checksum/confounder.c index d74ad380f..7006043b8 100644 --- a/src/lib/crypto/krb/checksum/confounder.c +++ b/src/lib/crypto/krb/checksum/confounder.c @@ -29,8 +29,7 @@ * where xorkey is the key XOR'd with 0xf0 bytes. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" /* Derive a key by XOR with 0xF0 bytes. */ static krb5_error_code diff --git a/src/lib/crypto/krb/checksum/deps b/src/lib/crypto/krb/checksum/deps index 99cea9c8a..c755d258d 100644 --- a/src/lib/crypto/krb/checksum/deps +++ b/src/lib/crypto/krb/checksum/deps @@ -3,32 +3,22 @@ # cbc.so cbc.po $(OUTPRE)cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cbc.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h cbc.c cmac.so cmac.po $(OUTPRE)cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cmac.c -confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -36,12 +26,13 @@ confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h confounder.c -hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ + $(top_srcdir)/include/socket-utils.h cmac.c +confounder.so confounder.po $(OUTPRE)confounder.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../arcfour/arcfour.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -49,11 +40,13 @@ hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - hmac_md5.c -unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + confounder.c +hmac_md5.so hmac_md5.po $(OUTPRE)hmac_md5.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -61,4 +54,17 @@ unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - unkeyed.c + hmac_md5.c +unkeyed.so unkeyed.po $(OUTPRE)unkeyed.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h unkeyed.c diff --git a/src/lib/crypto/krb/checksum/hmac_md5.c b/src/lib/crypto/krb/checksum/hmac_md5.c index 521ecaedd..4d0010a72 100644 --- a/src/lib/crypto/krb/checksum/hmac_md5.c +++ b/src/lib/crypto/krb/checksum/hmac_md5.c @@ -30,9 +30,7 @@ * MD5-HMAC. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "arcfour.h" +#include "crypto_int.h" krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, krb5_key key, krb5_keyusage usage, diff --git a/src/lib/crypto/krb/checksum/unkeyed.c b/src/lib/crypto/krb/checksum/unkeyed.c index fddd676d5..cdbc492fa 100644 --- a/src/lib/crypto/krb/checksum/unkeyed.c +++ b/src/lib/crypto/krb/checksum/unkeyed.c @@ -27,8 +27,7 @@ * Unkeyed hash checksum implementation. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, diff --git a/src/lib/crypto/krb/checksum_length.c b/src/lib/crypto/krb/checksum_length.c index 2e869cb80..d4071e104 100644 --- a/src/lib/crypto/krb/checksum_length.c +++ b/src/lib/crypto/krb/checksum_length.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, diff --git a/src/lib/crypto/krb/cksumtype_to_string.c b/src/lib/crypto/krb/cksumtype_to_string.c index 1c084e6a2..758940a18 100644 --- a/src/lib/crypto/krb/cksumtype_to_string.c +++ b/src/lib/crypto/krb/cksumtype_to_string.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen) diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c index a8b1c8729..fd95057c4 100644 --- a/src/lib/crypto/krb/cksumtypes.c +++ b/src/lib/crypto/krb/cksumtypes.c @@ -25,11 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "hash_provider.h" -#include "dk.h" -#include "cksumtypes.h" +#include "crypto_int.h" const struct krb5_cksumtypes krb5int_cksumtypes_list[] = { { CKSUMTYPE_CRC32, diff --git a/src/lib/crypto/krb/cksumtypes.h b/src/lib/crypto/krb/cksumtypes.h deleted file mode 100644 index c5eb493f2..000000000 --- a/src/lib/crypto/krb/cksumtypes.h +++ /dev/null @@ -1,147 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef CKSUMTYPES_H -#define CKSUMTYPES_H -#include "k5-int.h" -#include "etypes.h" - -struct krb5_cksumtypes; - -/* - * Compute a checksum over the header, data, padding, and sign-only fields of - * the iov array data (of size num_data). The output buffer will already be - * allocated with ctp->compute_size bytes available; the handler just needs to - * fill in the contents. If ctp->enc is not NULL, the handler can assume that - * key is a valid-length key of an enctype which uses that enc provider. - */ -typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -/* - * Verify a checksum over the header, data, padding, and sign-only fields of - * the iov array data (of size num_data), and store the boolean result in - * *valid. The handler can assume that hash has length ctp->output_size. If - * ctp->enc is not NULL, the handler can assume that key a valid-length key of - * an enctype which uses that enc provider. - */ -typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - const krb5_data *input, - krb5_boolean *valid); - -struct krb5_cksumtypes { - krb5_cksumtype ctype; - char *name; - char *aliases[2]; - char *out_string; - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - checksum_func checksum; - verify_func verify; /* NULL means recompute checksum and compare */ - unsigned int compute_size; /* Allocation size for checksum computation */ - unsigned int output_size; /* Possibly truncated output size */ - krb5_flags flags; -}; - -#define CKSUM_UNKEYED 0x0001 -#define CKSUM_NOT_COLL_PROOF 0x0002 - -extern const struct krb5_cksumtypes krb5int_cksumtypes_list[]; -extern const size_t krb5int_cksumtypes_length; - -krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc, - krb5_key key, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - krb5_data *output); - -krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, - size_t num_data, - const krb5_data *input, - krb5_boolean *valid); - -static inline const struct krb5_cksumtypes * -find_cksumtype(krb5_cksumtype ctype) -{ - size_t i; - - for (i = 0; i < krb5int_cksumtypes_length; i++) { - if (krb5int_cksumtypes_list[i].ctype == ctype) - break; - } - - if (i == krb5int_cksumtypes_length) - return NULL; - return &krb5int_cksumtypes_list[i]; -} - -static inline krb5_error_code -verify_key(const struct krb5_cksumtypes *ctp, krb5_key key) -{ - const struct krb5_keytypes *ktp; - - ktp = key ? find_enctype(key->keyblock.enctype) : NULL; - if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc)) - return KRB5_BAD_ENCTYPE; - if (key && (!ktp || key->keyblock.length != ktp->enc->keylength)) - return KRB5_BAD_KEYSIZE; - return 0; -} - -#endif diff --git a/src/lib/crypto/krb/coll_proof_cksum.c b/src/lib/crypto/krb/coll_proof_cksum.c index bc13ba489..13cb182ae 100644 --- a/src/lib/crypto/krb/coll_proof_cksum.c +++ b/src/lib/crypto/krb/coll_proof_cksum.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype) diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c index 979281d4a..d70e16f2a 100644 --- a/src/lib/crypto/krb/combine_keys.c +++ b/src/lib/crypto/krb/combine_keys.c @@ -43,9 +43,7 @@ * ASCII encoding of the string "combine" */ -#include "k5-int.h" -#include "etypes.h" -#include "dk.h" +#include "crypto_int.h" static krb5_error_code dr(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, unsigned char *outdata, diff --git a/src/lib/crypto/krb/crc32/Makefile.in b/src/lib/crypto/krb/crc32/Makefile.in index 5360339e7..2f117bf61 100644 --- a/src/lib/crypto/krb/crc32/Makefile.in +++ b/src/lib/crypto/krb/crc32/Makefile.in @@ -1,6 +1,7 @@ mydir=lib$(S)crypto$(S)krb$(S)crc32 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR = krb\crc32 diff --git a/src/lib/crypto/krb/crc32/crc-32.h b/src/lib/crypto/krb/crc32/crc-32.h deleted file mode 100644 index 08fce6dc7..000000000 --- a/src/lib/crypto/krb/crc32/crc-32.h +++ /dev/null @@ -1,67 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * include/krb5/crc-32.h - * - * Copyright 1989,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Definitions for the CRC-32 checksum - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - - -#ifndef KRB5_CRC32__ -#define KRB5_CRC32__ - -#define CRC32_CKSUM_LENGTH 4 - -/* c is in-out to allow chaining; initialize to 0. */ -void -mit_crc32 (krb5_pointer in, size_t in_length, unsigned long *c); - -#endif /* KRB5_CRC32__ */ diff --git a/src/lib/crypto/krb/crc32/crc32.c b/src/lib/crypto/krb/crc32/crc32.c index 659e61199..39e3e3487 100644 --- a/src/lib/crypto/krb/crc32/crc32.c +++ b/src/lib/crypto/krb/crc32/crc32.c @@ -28,8 +28,7 @@ * CRC-32/AUTODIN-II routines */ -#include "k5-int.h" -#include "crc-32.h" +#include "crypto_int.h" /* This table and block of comments are taken from code labeled: */ /* diff --git a/src/lib/crypto/krb/crc32/deps b/src/lib/crypto/krb/crc32/deps index d77b5cf36..320556649 100644 --- a/src/lib/crypto/krb/crc32/deps +++ b/src/lib/crypto/krb/crc32/deps @@ -3,12 +3,14 @@ # crc32.so crc32.po $(OUTPRE)crc32.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - crc-32.h crc32.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crc32.c diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h new file mode 100644 index 000000000..6d05095e2 --- /dev/null +++ b/src/lib/crypto/krb/crypto_int.h @@ -0,0 +1,832 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/krb/crypto_int.h - Master libk5crypto internal header */ +/* + * Copyright (C) 2011 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* This header is the entry point for libk5crypto sources, and also documents + * requirements for crypto modules and PRNG modules. */ + +#ifndef CRYPTO_INT_H +#define CRYPTO_INT_H + +#include <k5-int.h> + +/* Enc providers and hash providers specify well-known ciphers and hashes to be + * implemented by the crypto module. */ + +struct krb5_enc_provider { + /* keybytes is the input size to make_key; + keylength is the output size */ + size_t block_size, keybytes, keylength; + + krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data); + + krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data); + + /* May be NULL if the cipher is not used for a cbc-mac checksum. */ + krb5_error_code (*cbc_mac)(krb5_key key, const krb5_crypto_iov *data, + size_t num_data, const krb5_data *ivec, + krb5_data *output); + + krb5_error_code (*init_state)(const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *out_state); + krb5_error_code (*free_state)(krb5_data *state); + + /* May be NULL if there is no key-derived data cached. */ + void (*key_cleanup)(krb5_key key); +}; + +struct krb5_hash_provider { + char hash_name[8]; + size_t hashsize, blocksize; + + krb5_error_code (*hash)(const krb5_crypto_iov *data, size_t num_data, + krb5_data *output); +}; + +/*** RFC 3961 enctypes table ***/ + +#define MAX_ETYPE_ALIASES 2 + +struct krb5_keytypes; + +typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + +typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage keyusage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); + +typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *parm, + krb5_keyblock *key); + +typedef krb5_error_code (*rand2key_func)(const krb5_data *randombits, + krb5_keyblock *key); + +typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp, + krb5_key key, + const krb5_data *in, krb5_data *out); + +typedef krb5_error_code (*init_state_func)(const struct krb5_keytypes *ktp, + const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *out_state); + +typedef void (*free_state_func)(const struct krb5_keytypes *ktp, + krb5_data *state); + +struct krb5_keytypes { + krb5_enctype etype; + char *name; + char *aliases[MAX_ETYPE_ALIASES]; + char *out_string; + const struct krb5_enc_provider *enc; + const struct krb5_hash_provider *hash; + size_t prf_length; + crypto_length_func crypto_length; + crypt_func encrypt; + crypt_func decrypt; + str2key_func str2key; + rand2key_func rand2key; + prf_func prf; + init_state_func init_state; + free_state_func free_state; + krb5_cksumtype required_ctype; + krb5_flags flags; +}; + +#define ETYPE_WEAK 1 + +extern const struct krb5_keytypes krb5int_enctypes_list[]; +extern const int krb5int_enctypes_length; + +/*** RFC 3961 checksum types table ***/ + +struct krb5_cksumtypes; + +/* + * Compute a checksum over the header, data, padding, and sign-only fields of + * the iov array data (of size num_data). The output buffer will already be + * allocated with ctp->compute_size bytes available; the handler just needs to + * fill in the contents. If ctp->enc is not NULL, the handler can assume that + * key is a valid-length key of an enctype which uses that enc provider. + */ +typedef krb5_error_code (*checksum_func)(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +/* + * Verify a checksum over the header, data, padding, and sign-only fields of + * the iov array data (of size num_data), and store the boolean result in + * *valid. The handler can assume that hash has length ctp->output_size. If + * ctp->enc is not NULL, the handler can assume that key a valid-length key of + * an enctype which uses that enc provider. + */ +typedef krb5_error_code (*verify_func)(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid); + +struct krb5_cksumtypes { + krb5_cksumtype ctype; + char *name; + char *aliases[2]; + char *out_string; + const struct krb5_enc_provider *enc; + const struct krb5_hash_provider *hash; + checksum_func checksum; + verify_func verify; /* NULL means recompute checksum and compare */ + unsigned int compute_size; /* Allocation size for checksum computation */ + unsigned int output_size; /* Possibly truncated output size */ + krb5_flags flags; +}; + +#define CKSUM_UNKEYED 0x0001 +#define CKSUM_NOT_COLL_PROOF 0x0002 + +extern const struct krb5_cksumtypes krb5int_cksumtypes_list[]; +extern const size_t krb5int_cksumtypes_length; + +/*** Prototypes for enctype table functions ***/ + +/* Length */ +unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); +unsigned int krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + +/* Encrypt */ +krb5_error_code krb5int_old_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_raw_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); +krb5_error_code krb5int_dk_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); + +/* Decrypt */ +krb5_error_code krb5int_old_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_raw_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); +krb5_error_code krb5int_dk_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); + +/* String to key */ +krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_dk_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_aes_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); +krb5_error_code krb5int_camellia_string_to_key(const struct krb5_keytypes *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); + +/* Random to key */ +krb5_error_code k5_rand2key_direct(const krb5_data *randombits, + krb5_keyblock *keyblock); +krb5_error_code k5_rand2key_des(const krb5_data *randombits, + krb5_keyblock *keyblock); +krb5_error_code k5_rand2key_des3(const krb5_data *randombits, + krb5_keyblock *keyblock); + +/* Pseudo-random function */ +krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp, + krb5_key key, const krb5_data *in, + krb5_data *out); +krb5_error_code krb5int_arcfour_prf(const struct krb5_keytypes *ktp, + krb5_key key, const krb5_data *in, + krb5_data *out); +krb5_error_code krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, + const krb5_data *in, krb5_data *out); +krb5_error_code krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp, + krb5_key key, const krb5_data *in, + krb5_data *out); + +/* State initialization/cleanup handlers */ +krb5_error_code krb5int_init_state_enc(const struct krb5_keytypes *ktp, + const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *out_state); +void krb5int_free_state_enc(const struct krb5_keytypes *ktp, + krb5_data *state); + +/*** Prototypes for cksumtype handler functions ***/ + +krb5_error_code krb5int_unkeyed_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_cbc_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); +krb5_error_code krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); +krb5_error_code krb5int_confounder_checksum(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); +krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, + krb5_key key, krb5_keyusage usage, + const krb5_crypto_iov *data, + size_t num_data, + const krb5_data *input, + krb5_boolean *valid); + +/*** Key derivation functions ***/ + +enum deriv_alg { + DERIVE_RFC3961, /* RFC 3961 section 5.1 */ +#ifdef CAMELLIA + DERIVE_SP800_108_CMAC /* NIST SP 800-108 with CMAC as PRF */ +#endif +}; + +krb5_error_code krb5int_derive_keyblock(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_keyblock *outkey, + const krb5_data *in_constant, + enum deriv_alg alg); +krb5_error_code krb5int_derive_key(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_key *outkey, + const krb5_data *in_constant, + enum deriv_alg alg); +krb5_error_code krb5int_derive_random(const struct krb5_enc_provider *enc, + krb5_key inkey, krb5_data *outrnd, + const krb5_data *in_constant, + enum deriv_alg alg); + +/*** Miscellaneous prototypes ***/ + +/* nfold algorithm from RFC 3961 */ +void krb5int_nfold(unsigned int inbits, const unsigned char *in, + unsigned int outbits, unsigned char *out); + +/* Compute a CMAC checksum over data. */ +krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc, + krb5_key key, + const krb5_crypto_iov *data, + size_t num_data, + krb5_data *output); + +/* Compute a CRC-32 checksum. c is in-out to allow chaining; init to 0. */ +#define CRC32_CKSUM_LENGTH 4 +void mit_crc32(krb5_pointer in, size_t in_length, unsigned long *c); + +/* Translate an RFC 3961 key usage to a Microsoft RC4 usage. */ +krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); + +/* Ensure library initialization has occurred. */ +int krb5int_crypto_init(void); + +/* DES default state initialization handler (used by module enc providers). */ +krb5_error_code krb5int_des_init_state(const krb5_keyblock *key, + krb5_keyusage keyusage, + krb5_data *new_state); + +/* Default state cleanup handler (used by module enc providers). */ +krb5_error_code krb5int_default_free_state(krb5_data *state); + +/*** Input/output vector processing declarations **/ + +#define ENCRYPT_CONF_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_HEADER) + +#define ENCRYPT_DATA_IOV(_iov) ((_iov)->flags == KRB5_CRYPTO_TYPE_DATA || \ + (_iov)->flags == KRB5_CRYPTO_TYPE_PADDING) + +#define ENCRYPT_IOV(_iov) (ENCRYPT_CONF_IOV(_iov) || ENCRYPT_DATA_IOV(_iov)) + +#define SIGN_IOV(_iov) (ENCRYPT_IOV(_iov) || \ + (_iov)->flags == KRB5_CRYPTO_TYPE_SIGN_ONLY ) + +struct iov_block_state { + size_t iov_pos; /* index into iov array */ + size_t data_pos; /* index into iov contents */ + unsigned int ignore_header : 1; /* have/should we process HEADER */ + unsigned int include_sign_only : 1; /* should we process SIGN_ONLY blocks */ + unsigned int pad_to_boundary : 1; /* should we zero fill blocks until next buffer */ +}; + +#define IOV_BLOCK_STATE_INIT(_state) ((_state)->iov_pos = \ + (_state)->data_pos = \ + (_state)->ignore_header = \ + (_state)->include_sign_only = \ + (_state)->pad_to_boundary = 0) + +krb5_crypto_iov *krb5int_c_locate_iov(krb5_crypto_iov *data, size_t num_data, + krb5_cryptotype type); + +krb5_error_code krb5int_c_iov_decrypt_stream(const struct krb5_keytypes *ktp, + krb5_key key, + krb5_keyusage keyusage, + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data); + +unsigned int krb5int_c_padding_length(const struct krb5_keytypes *ktp, + size_t data_length); + +/*** Crypto module declarations ***/ + +/* Modules must implement the following enc_providers and hash_providers: */ +extern const struct krb5_enc_provider krb5int_enc_des; +extern const struct krb5_enc_provider krb5int_enc_des3; +extern const struct krb5_enc_provider krb5int_enc_arcfour; +extern const struct krb5_enc_provider krb5int_enc_aes128; +extern const struct krb5_enc_provider krb5int_enc_aes256; +extern const struct krb5_enc_provider krb5int_enc_aes128_ctr; +extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; +#ifdef CAMELLIA +extern const struct krb5_enc_provider krb5int_enc_camellia128; +extern const struct krb5_enc_provider krb5int_enc_camellia256; +#endif + +extern const struct krb5_hash_provider krb5int_hash_crc32; +extern const struct krb5_hash_provider krb5int_hash_md4; +extern const struct krb5_hash_provider krb5int_hash_md5; +extern const struct krb5_hash_provider krb5int_hash_sha1; + +/* Modules must implement the following functions. */ + +/* Set the parity bits in a DES key. */ +void mit_des_fixup_key_parity(unsigned char *key); + +/* Convert a password to a DES key (see RFC 3961). */ +krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, + const krb5_data *password, + const krb5_data *salt); +krb5_error_code mit_des_string_to_key_int(krb5_keyblock *key, + const krb5_data *password, + const krb5_data *salt); + +/* Compute an HMAC using the provided hash function, key, and data, storing the + * result into output (caller-allocated). */ +krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, + krb5_key key, const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); + +/* As above, using a keyblock as the key input. */ +krb5_error_code krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, + const krb5_keyblock *keyblock, + const krb5_crypto_iov *data, + size_t num_data, krb5_data *output); + +/* + * Compute the PBKDF2 (see RFC 2898) of password and salt, with the specified + * count, using HMAC-SHA-1 as the pseudorandom function, storing the result + * into out (caller-allocated). + */ +krb5_error_code krb5int_pbkdf2_hmac_sha1(const krb5_data *out, + unsigned long count, + const krb5_data *password, + const krb5_data *salt); + +/* The following are used by test programs and are just handler functions from + * the AES and Camellia enc providers. Define a stub krb5int_camellia_cbc_mac + * even if CAMELLIA isn't defined, since it's in the export list. */ +krb5_error_code krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data); +krb5_error_code krb5int_camellia_cbc_mac(krb5_key key, + const krb5_crypto_iov *data, + size_t num_data, const krb5_data *iv, + krb5_data *output); + +/* These can be used to safely set up and tear down module global state. */ +int krb5int_crypto_impl_init(void); +void krb5int_crypto_impl_cleanup(void); + +/* + * Modules must provide a crypto_mod.h header at the top level. To work with + * the default PRNG module (prng_fortuna.c), crypto_mod.h must #define or + * prototype the following symbols: + * + * aes_ctx - Stack-allocatable type for an AES-128 or AES-256 key schedule + * krb5int_aes_enc_key(key, keybits, ctxptr) -- initialize a key schedule + * krb5int_aes_enc_blk(in, out, ctxptr) -- encrypt a block + * SHA256_CTX - Stack-allocatable type for a SHA-256 hash state + * k5_sha256_init(ctxptr) - Initialize a hash state + * k5_sha256_update(ctxptr, data, size) -- Hash some data + * k5_sha256_final(ctxptr, out) -- Finalize a state, writing hash into out + * + * These functions must never fail on valid inputs, and contexts must remain + * valid across forks. If the module cannot meet those constraints, then it + * should provide its own PRNG module and the build system should ensure that + * it is used; for an example, see how nss uses prng_nss. + * + * The function symbols named above are also in the library export list (so + * they can be used by the t_fortuna.c test code), so even if the module + * defines them away or doesn't work with Fortuna, the module must provide + * stubs; see stubs.c in the openssl or nss modules for examples. + */ + +#include <crypto_mod.h> + +/*** PRNG module declarations ***/ + +/* + * PRNG modules must implement the following APIs from krb5.h: + * krb5_c_random_add_entropy + * krb5_c_random_make_octets + * + * PRNG modules should implement these functions. They are called from the + * crypto library init and cleanup functions, and can be used to setup and tear + * down static state without thread safety concerns. + */ +int k5_prng_init(void); +void k5_prng_cleanup(void); + +/* Used by PRNG modules to gather OS entropy. Returns true on success. */ +krb5_boolean k5_get_os_entropy(unsigned char *buf, size_t len); + +/*** Inline helper functions ***/ + +/* Find an enctype by number in the enctypes table. */ +static inline const struct krb5_keytypes * +find_enctype(krb5_enctype enctype) +{ + int i; + + for (i = 0; i < krb5int_enctypes_length; i++) { + if (krb5int_enctypes_list[i].etype == enctype) + break; + } + + if (i == krb5int_enctypes_length) + return NULL; + return &krb5int_enctypes_list[i]; +} + +/* Find a checksum type by number in the cksumtypes table. */ +static inline const struct krb5_cksumtypes * +find_cksumtype(krb5_cksumtype ctype) +{ + size_t i; + + for (i = 0; i < krb5int_cksumtypes_length; i++) { + if (krb5int_cksumtypes_list[i].ctype == ctype) + break; + } + + if (i == krb5int_cksumtypes_length) + return NULL; + return &krb5int_cksumtypes_list[i]; +} + +/* Verify that a key is appropriate for a checksum type. */ +static inline krb5_error_code +verify_key(const struct krb5_cksumtypes *ctp, krb5_key key) +{ + const struct krb5_keytypes *ktp; + + ktp = key ? find_enctype(key->keyblock.enctype) : NULL; + if (ctp->enc != NULL && (!ktp || ktp->enc != ctp->enc)) + return KRB5_BAD_ENCTYPE; + if (key && (!ktp || key->keyblock.length != ktp->enc->keylength)) + return KRB5_BAD_KEYSIZE; + return 0; +} + +/* Encrypt one block of plaintext in place, for block ciphers. */ +static inline krb5_error_code +encrypt_block(const struct krb5_enc_provider *enc, krb5_key key, + krb5_data *block) +{ + krb5_crypto_iov iov; + + /* Verify that this is a block cipher and block is the right length. */ + if (block->length != enc->block_size || enc->block_size == 1) + return EINVAL; + iov.flags = KRB5_CRYPTO_TYPE_DATA; + iov.data = *block; + if (enc->cbc_mac != NULL) /* One-block cbc-mac with no ivec. */ + return enc->cbc_mac(key, &iov, 1, NULL, block); + else /* Assume cbc-mode encrypt. */ + return enc->encrypt(key, 0, &iov, 1); +} + +/* Decide whether to process an IOV block. */ +static inline int +process_block_p(const krb5_crypto_iov *data, size_t num_data, + struct iov_block_state *iov_state, size_t i) +{ + const krb5_crypto_iov *iov = &data[i]; + int process_block; + + switch (iov->flags) { + case KRB5_CRYPTO_TYPE_SIGN_ONLY: + process_block = iov_state->include_sign_only; + break; + case KRB5_CRYPTO_TYPE_PADDING: + process_block = (iov_state->pad_to_boundary == 0); + break; + case KRB5_CRYPTO_TYPE_HEADER: + process_block = (iov_state->ignore_header == 0); + break; + case KRB5_CRYPTO_TYPE_DATA: + process_block = 1; + break; + default: + process_block = 0; + break; + } + + return process_block; +} + +/* + * Returns TRUE if, having reached the end of the current buffer, + * we should pad the rest of the block with zeros. + */ +static inline int +pad_to_boundary_p(const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state, + size_t i, + size_t j) +{ + /* If the pad_to_boundary flag is unset, return FALSE */ + if (iov_state->pad_to_boundary == 0) + return 0; + + /* If we haven't got any data, we need to get some */ + if (j == 0) + return 0; + + /* No boundary between adjacent buffers marked for processing */ + if (data[iov_state->iov_pos].flags == data[i].flags) + return 0; + + return 1; +} + +/* + * Retrieve a block from the IOV. If p is non-NULL and the next block is + * completely contained within the current buffer, then *p will contain an + * alias into the buffer; otherwise, a copy will be made into storage. + * + * After calling this function, encrypt the returned block and then call + * krb5int_c_iov_put_block_nocopy() (with a separate output cursor). If + * p was non-NULL on the call to get_block(), then pass that pointer in. + */ +static inline krb5_boolean +krb5int_c_iov_get_block_nocopy(unsigned char *storage, + size_t block_size, + const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state, + unsigned char **p) +{ + size_t i, j = 0; + + if (p != NULL) + *p = storage; + + for (i = iov_state->iov_pos; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + size_t nbytes; + + if (!process_block_p(data, num_data, iov_state, i)) + continue; + + if (pad_to_boundary_p(data, num_data, iov_state, i, j)) + break; + + iov_state->iov_pos = i; + + nbytes = iov->data.length - iov_state->data_pos; + if (nbytes > block_size - j) + nbytes = block_size - j; + + /* + * If we can return a pointer into a complete block, then do so. + */ + if (p != NULL && j == 0 && nbytes == block_size) { + *p = (unsigned char *)iov->data.data + iov_state->data_pos; + } else { + memcpy(storage + j, iov->data.data + iov_state->data_pos, nbytes); + } + + iov_state->data_pos += nbytes; + j += nbytes; + + assert(j <= block_size); + + if (j == block_size) + break; + + assert(iov_state->data_pos == iov->data.length); + + iov_state->data_pos = 0; + } + + iov_state->iov_pos = i; + + if (j == 0) + return FALSE; + else if (j != block_size) + memset(storage + j, 0, block_size - j); + + return TRUE; +} + +/* + * Store a block retrieved with krb5int_c_iov_get_block_no_copy if + * necessary, and advance the output cursor. + */ +static inline krb5_boolean +krb5int_c_iov_put_block_nocopy(const krb5_crypto_iov *data, + size_t num_data, + unsigned char *storage, + size_t block_size, + struct iov_block_state *iov_state, + unsigned char *p) +{ + size_t i, j = 0; + + assert(p != NULL); + + for (i = iov_state->iov_pos; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; + size_t nbytes; + + if (!process_block_p(data, num_data, iov_state, i)) + continue; + + if (pad_to_boundary_p(data, num_data, iov_state, i, j)) + break; + + iov_state->iov_pos = i; + + nbytes = iov->data.length - iov_state->data_pos; + if (nbytes > block_size - j) + nbytes = block_size - j; + + /* + * If we had previously returned a pointer into a complete block, + * then no action is required. + */ + if (p == storage) { + memcpy(iov->data.data + iov_state->data_pos, storage + j, nbytes); + } else { + /* Ensure correctly paired with a call to get_block_nocopy(). */ + assert(j == 0); + assert(nbytes == 0 || nbytes == block_size); + } + + iov_state->data_pos += nbytes; + j += nbytes; + + assert(j <= block_size); + + if (j == block_size) + break; + + assert(iov_state->data_pos == iov->data.length); + + iov_state->data_pos = 0; + } + + iov_state->iov_pos = i; + +#ifdef DEBUG_IOV + dump_block("put_block", i, j, p, block_size); +#endif + + return (iov_state->iov_pos < num_data); +} + +/* + * A wrapper for krb5int_c_iov_get_block_nocopy() that always makes + * a copy. + */ +static inline krb5_boolean +krb5int_c_iov_get_block(unsigned char *block, + size_t block_size, + const krb5_crypto_iov *data, + size_t num_data, + struct iov_block_state *iov_state) +{ + return krb5int_c_iov_get_block_nocopy(block, block_size, data, num_data, + iov_state, NULL); +} + +/* + * A wrapper for krb5int_c_iov_put_block_nocopy() that always copies + * the block. + */ +static inline krb5_boolean +krb5int_c_iov_put_block(const krb5_crypto_iov *data, + size_t num_data, + unsigned char *block, + size_t block_size, + struct iov_block_state *iov_state) +{ + return krb5int_c_iov_put_block_nocopy(data, num_data, block, block_size, + iov_state, block); +} + +#endif /* CRYPTO_INT_H */ diff --git a/src/lib/crypto/krb/crypto_length.c b/src/lib/crypto/krb/crypto_length.c index 3b0a9ac7f..84c56cc9f 100644 --- a/src/lib/crypto/krb/crypto_length.c +++ b/src/lib/crypto/krb/crypto_length.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_crypto_length(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/crypto_libinit.c b/src/lib/crypto/krb/crypto_libinit.c index f97713501..3b62ff5de 100644 --- a/src/lib/crypto/krb/crypto_libinit.c +++ b/src/lib/crypto/krb/crypto_libinit.c @@ -1,7 +1,5 @@ /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#include <assert.h> -#include "k5-int.h" -#include "prng.h" +#include "crypto_int.h" MAKE_INIT_FUNCTION(cryptoint_initialize_library); MAKE_FINI_FUNCTION(cryptoint_cleanup_library); diff --git a/src/lib/crypto/krb/decrypt.c b/src/lib/crypto/krb/decrypt.c index c12c90d33..775e10a9b 100644 --- a/src/lib/crypto/krb/decrypt.c +++ b/src/lib/crypto/krb/decrypt.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_decrypt(krb5_context context, krb5_key key, diff --git a/src/lib/crypto/krb/decrypt_iov.c b/src/lib/crypto/krb/decrypt_iov.c index f52a727b3..39844d42c 100644 --- a/src/lib/crypto/krb/decrypt_iov.c +++ b/src/lib/crypto/krb/decrypt_iov.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c index d44b31fba..4968a7767 100644 --- a/src/lib/crypto/krb/default_state.c +++ b/src/lib/crypto/krb/default_state.c @@ -30,7 +30,7 @@ * contains that default code. */ -#include "k5-int.h" +#include "crypto_int.h" krb5_error_code krb5int_des_init_state (const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state ) diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps index a728ae11b..4c8737887 100644 --- a/src/lib/crypto/krb/deps +++ b/src/lib/crypto/krb/deps @@ -3,31 +3,36 @@ # aead.so aead.po $(OUTPRE)aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/dk/dk.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.c aead.h \ - cksumtypes.h etypes.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + aead.c crypto_int.h block_size.so block_size.po $(OUTPRE)block_size.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h block_size.c etypes.h + $(top_srcdir)/include/socket-utils.h block_size.c crypto_int.h checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ @@ -35,11 +40,13 @@ checksum_length.so checksum_length.po $(OUTPRE)checksum_length.$(OBJEXT): \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ $(top_srcdir)/include/socket-utils.h checksum_length.c \ - cksumtypes.h etypes.h + crypto_int.h cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ @@ -47,83 +54,92 @@ cksumtype_to_string.so cksumtype_to_string.po $(OUTPRE)cksumtype_to_string.$(OBJ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ $(top_srcdir)/include/socket-utils.h cksumtype_to_string.c \ - cksumtypes.h etypes.h + crypto_int.h cksumtypes.so cksumtypes.po $(OUTPRE)cksumtypes.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../builtin/enc_provider/enc_provider.h \ - $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.c cksumtypes.h \ - etypes.h + $(top_srcdir)/include/socket-utils.h cksumtypes.c crypto_int.h coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h coll_proof_cksum.c \ - etypes.h + $(top_srcdir)/include/socket-utils.h coll_proof_cksum.c \ + crypto_int.h combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cksumtypes.h combine_keys.c etypes.h + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h combine_keys.c \ + crypto_int.h crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - crypto_length.c etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h crypto_length.c crypto_libinit.so crypto_libinit.po $(OUTPRE)crypto_libinit.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h crypto_libinit.c \ - prng.h + $(top_srcdir)/include/socket-utils.h crypto_int.h crypto_libinit.c default_state.so default_state.po $(OUTPRE)default_state.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h default_state.c + $(top_srcdir)/include/socket-utils.h crypto_int.h default_state.c decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -131,22 +147,25 @@ decrypt.so decrypt.po $(OUTPRE)decrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aead.h cksumtypes.h decrypt.c etypes.h + crypto_int.h decrypt.c decrypt_iov.so decrypt_iov.po $(OUTPRE)decrypt_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - decrypt_iov.c etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h decrypt_iov.c encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -154,49 +173,51 @@ encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aead.h cksumtypes.h encrypt.c etypes.h + crypto_int.h encrypt.c encrypt_iov.so encrypt_iov.po $(OUTPRE)encrypt_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h encrypt_iov.c \ - etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h encrypt_iov.c encrypt_length.so encrypt_length.po $(OUTPRE)encrypt_length.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - encrypt_length.c etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h encrypt_length.c enctype_util.so enctype_util.po $(OUTPRE)enctype_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h enctype_util.c \ - etypes.h + $(top_srcdir)/include/socket-utils.h crypto_int.h enctype_util.c etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \ - $(srcdir)/../builtin/enc_provider/enc_provider.h $(srcdir)/../builtin/hash_provider/hash_provider.h \ - $(srcdir)/arcfour/arcfour.h $(srcdir)/dk/dk.h $(srcdir)/old/old.h \ - $(srcdir)/prf/prf_int.h $(srcdir)/raw/raw.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -204,10 +225,12 @@ etypes.so etypes.po $(OUTPRE)etypes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cksumtypes.h etypes.c etypes.h + crypto_int.h etypes.c key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -215,102 +238,116 @@ key.so key.po $(OUTPRE)key.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - etypes.h key.c + crypto_int.h key.c keyblocks.so keyblocks.po $(OUTPRE)keyblocks.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h keyblocks.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keyblocks.c keyed_cksum.so keyed_cksum.po $(OUTPRE)keyed_cksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - keyed_cksum.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keyed_cksum.c keyed_checksum_types.so keyed_checksum_types.po $(OUTPRE)keyed_checksum_types.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - keyed_checksum_types.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keyed_checksum_types.c keylengths.so keylengths.po $(OUTPRE)keylengths.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h keylengths.c + $(top_srcdir)/include/socket-utils.h crypto_int.h keylengths.c make_checksum.so make_checksum.po $(OUTPRE)make_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/dk/dk.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cksumtypes.h etypes.h make_checksum.c + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h make_checksum.c make_checksum_iov.so make_checksum_iov.po $(OUTPRE)make_checksum_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - etypes.h make_checksum_iov.c + $(top_srcdir)/include/socket-utils.h crypto_int.h make_checksum_iov.c make_random_key.so make_random_key.po $(OUTPRE)make_random_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h make_random_key.c + $(top_srcdir)/include/socket-utils.h crypto_int.h make_random_key.c mandatory_sumtype.so mandatory_sumtype.po $(OUTPRE)mandatory_sumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h mandatory_sumtype.c + $(top_srcdir)/include/socket-utils.h crypto_int.h mandatory_sumtype.c nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -318,21 +355,25 @@ nfold.so nfold.po $(OUTPRE)nfold.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - nfold.c + crypto_int.h nfold.c old_api_glue.so old_api_glue.po $(OUTPRE)old_api_glue.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h old_api_glue.c + $(top_srcdir)/include/socket-utils.h crypto_int.h old_api_glue.c prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -340,10 +381,12 @@ prf.so prf.po $(OUTPRE)prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - etypes.h prf.c + crypto_int.h prf.c prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -351,23 +394,25 @@ prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prng.c prng.h + crypto_int.h prng.c prng_fortuna.so prng_fortuna.po $(OUTPRE)prng_fortuna.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ - $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prng.h prng_fortuna.c + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h prng_fortuna.c cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -375,11 +420,12 @@ cf2.so cf2.po $(OUTPRE)cf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cf2.c etypes.h + cf2.c crypto_int.h random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../builtin/des/des_int.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -387,10 +433,12 @@ random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h random_to_key.c + $(top_srcdir)/include/socket-utils.h crypto_int.h random_to_key.c state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ + $(srcdir)/../builtin/aes/uitypes.h $(srcdir)/../builtin/crypto_mod.h \ + $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -398,76 +446,83 @@ state.so state.po $(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - etypes.h state.c + crypto_int.h state.c string_to_cksumtype.so string_to_cksumtype.po $(OUTPRE)string_to_cksumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - string_to_cksumtype.c + $(top_srcdir)/include/socket-utils.h crypto_int.h string_to_cksumtype.c string_to_key.so string_to_key.po $(OUTPRE)string_to_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h etypes.h string_to_key.c + $(top_srcdir)/include/socket-utils.h crypto_int.h string_to_key.c t_fortuna.so t_fortuna.po $(OUTPRE)t_fortuna.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ - $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prng.h prng_fortuna.c t_fortuna.c + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h prng_fortuna.c \ + t_fortuna.c valid_cksumtype.so valid_cksumtype.po $(OUTPRE)valid_cksumtype.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - valid_cksumtype.c + $(top_srcdir)/include/socket-utils.h crypto_int.h valid_cksumtype.c verify_checksum.so verify_checksum.po $(OUTPRE)verify_checksum.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h cksumtypes.h etypes.h \ - verify_checksum.c + $(top_srcdir)/include/socket-utils.h crypto_int.h verify_checksum.c verify_checksum_iov.so verify_checksum_iov.po $(OUTPRE)verify_checksum_iov.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/aes/uitypes.h \ + $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h aead.h cksumtypes.h \ - etypes.h verify_checksum_iov.c + $(top_srcdir)/include/socket-utils.h crypto_int.h verify_checksum_iov.c diff --git a/src/lib/crypto/krb/dk/Makefile.in b/src/lib/crypto/krb/dk/Makefile.in index 63e55b6ff..56ab164d3 100644 --- a/src/lib/crypto/krb/dk/Makefile.in +++ b/src/lib/crypto/krb/dk/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)dk BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/dk/checksum_cmac.c b/src/lib/crypto/krb/dk/checksum_cmac.c index ac3e4e998..166b7c727 100644 --- a/src/lib/crypto/krb/dk/checksum_cmac.c +++ b/src/lib/crypto/krb/dk/checksum_cmac.c @@ -24,11 +24,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" -#include "dk.h" -#include "aead.h" -#include "cksumtypes.h" +#include "crypto_int.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ diff --git a/src/lib/crypto/krb/dk/checksum_hmac.c b/src/lib/crypto/krb/dk/checksum_hmac.c index 686af8d08..517a5f32c 100644 --- a/src/lib/crypto/krb/dk/checksum_hmac.c +++ b/src/lib/crypto/krb/dk/checksum_hmac.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "dk.h" -#include "cksumtypes.h" +#include "crypto_int.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ diff --git a/src/lib/crypto/krb/dk/deps b/src/lib/crypto/krb/dk/deps index da0589cea..7dbace5db 100644 --- a/src/lib/crypto/krb/dk/deps +++ b/src/lib/crypto/krb/dk/deps @@ -4,21 +4,9 @@ checksum_hmac.so checksum_hmac.po $(OUTPRE)checksum_hmac.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h checksum_hmac.c \ - dk.h -checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -26,11 +14,13 @@ checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - checksum_cmac.c dk.h -dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + checksum_hmac.c +checksum_cmac.so checksum_cmac.po $(OUTPRE)checksum_cmac.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -38,35 +28,38 @@ dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - dk.h dk_aead.c + checksum_cmac.c +dk_aead.so dk_aead.po $(OUTPRE)dk_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_aead.c dk_cmac.so dk_cmac.po $(OUTPRE)dk_cmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../aead.h \ - $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - dk.h dk_cmac.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_cmac.c derive.so derive.po $(OUTPRE)derive.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - derive.c dk.h -stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -74,4 +67,18 @@ stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h dk.h stringtokey.c + $(top_srcdir)/include/socket-utils.h derive.c +stringtokey.so stringtokey.po $(OUTPRE)stringtokey.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + stringtokey.c diff --git a/src/lib/crypto/krb/dk/derive.c b/src/lib/crypto/krb/dk/derive.c index 7fa6c80ad..1cb47af4b 100644 --- a/src/lib/crypto/krb/dk/derive.c +++ b/src/lib/crypto/krb/dk/derive.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "dk.h" +#include "crypto_int.h" static krb5_key find_cached_dkey(struct derived_key *list, const krb5_data *constant) diff --git a/src/lib/crypto/krb/dk/dk.h b/src/lib/crypto/krb/dk/dk.h deleted file mode 100644 index 079977847..000000000 --- a/src/lib/crypto/krb/dk/dk.h +++ /dev/null @@ -1,114 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "etypes.h" -#include "cksumtypes.h" - -unsigned int -krb5int_dk_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -unsigned int -krb5int_aes_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -unsigned int -krb5int_camellia_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); -krb5_error_code -krb5int_dk_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_dk_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_dk_string_to_key(const struct krb5_keytypes *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key); - -krb5_error_code -krb5int_aes_string_to_key(const struct krb5_keytypes *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key); - -krb5_error_code -krb5int_camellia_string_to_key(const struct krb5_keytypes *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); - -enum deriv_alg { - DERIVE_RFC3961, /* RFC 3961 section 5.1 */ -#ifdef CAMELLIA - DERIVE_SP800_108_CMAC /* NIST SP 800-108 with CMAC as PRF */ -#endif -}; - -krb5_error_code -krb5int_derive_keyblock(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_keyblock *outkey, - const krb5_data *in_constant, enum deriv_alg alg); - -krb5_error_code -krb5int_derive_key(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_key *outkey, - const krb5_data *in_constant, enum deriv_alg alg); - -krb5_error_code -krb5int_dk_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); - -krb5_error_code -krb5int_derive_random(const struct krb5_enc_provider *enc, - krb5_key inkey, krb5_data *outrnd, - const krb5_data *in_constant, enum deriv_alg alg); - -krb5_error_code -krb5int_dk_cmac_encrypt(const struct krb5_keytypes *ktp, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code -krb5int_dk_cmac_decrypt(const struct krb5_keytypes *ktp, - krb5_key key, krb5_keyusage usage, - const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code -krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp, - krb5_key key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c index 4e9a7c4cf..2e2163f69 100644 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ b/src/lib/crypto/krb/dk/dk_aead.c @@ -26,9 +26,7 @@ */ -#include "k5-int.h" -#include "dk.h" -#include "aead.h" +#include "crypto_int.h" #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ diff --git a/src/lib/crypto/krb/dk/dk_cmac.c b/src/lib/crypto/krb/dk/dk_cmac.c index 9ac5bee8f..f00b8edc9 100644 --- a/src/lib/crypto/krb/dk/dk_cmac.c +++ b/src/lib/crypto/krb/dk/dk_cmac.c @@ -25,9 +25,7 @@ */ -#include "k5-int.h" -#include "dk.h" -#include "aead.h" +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c index 2c5188bdb..90fe3c694 100644 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ b/src/lib/crypto/krb/dk/stringtokey.c @@ -25,7 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "dk.h" +#include "crypto_int.h" static const unsigned char kerberos[] = "kerberos"; #define kerberos_len (sizeof(kerberos)-1) diff --git a/src/lib/crypto/krb/encrypt.c b/src/lib/crypto/krb/encrypt.c index 8f5c481b5..3c7bbdacd 100644 --- a/src/lib/crypto/krb/encrypt.c +++ b/src/lib/crypto/krb/encrypt.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_encrypt(krb5_context context, krb5_key key, diff --git a/src/lib/crypto/krb/encrypt_iov.c b/src/lib/crypto/krb/encrypt_iov.c index 26bb82b8a..9f56c1f0b 100644 --- a/src/lib/crypto/krb/encrypt_iov.c +++ b/src/lib/crypto/krb/encrypt_iov.c @@ -25,8 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, diff --git a/src/lib/crypto/krb/encrypt_length.c b/src/lib/crypto/krb/encrypt_length.c index be99f17fa..5428e429c 100644 --- a/src/lib/crypto/krb/encrypt_length.c +++ b/src/lib/crypto/krb/encrypt_length.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c index 1a9caf667..2641537fc 100644 --- a/src/lib/crypto/krb/enctype_util.c +++ b/src/lib/crypto/krb/enctype_util.c @@ -34,8 +34,7 @@ * krb5_enctype_to_string() */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype(krb5_enctype etype) diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c index 476a0e626..f6da99cc5 100644 --- a/src/lib/crypto/krb/etypes.c +++ b/src/lib/crypto/krb/etypes.c @@ -25,16 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "hash_provider.h" -#include "etypes.h" -#include "old.h" -#include "raw.h" -#include "dk.h" -#include "prf_int.h" -#include "arcfour.h" -#include "des/des_int.h" +#include "crypto_int.h" /* these will be linear searched. if they ever get big, a binary search or hash table would be better, which means these would need diff --git a/src/lib/crypto/krb/etypes.h b/src/lib/crypto/krb/etypes.h deleted file mode 100644 index 98ed58ed7..000000000 --- a/src/lib/crypto/krb/etypes.h +++ /dev/null @@ -1,143 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef ETYPES_H -#define ETYPES_H - -#include "k5-int.h" - -#define MAX_ETYPE_ALIASES 2 - -struct krb5_keytypes; - -typedef unsigned int (*crypto_length_func)(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -typedef krb5_error_code (*crypt_func)(const struct krb5_keytypes *ktp, - krb5_key key, krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -typedef krb5_error_code (*str2key_func)(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *parm, - krb5_keyblock *key); - -typedef krb5_error_code (*rand2key_func)(const krb5_data *randombits, - krb5_keyblock *key); - -typedef krb5_error_code (*prf_func)(const struct krb5_keytypes *ktp, - krb5_key key, - const krb5_data *in, krb5_data *out); - -typedef krb5_error_code (*init_state_func)(const struct krb5_keytypes *ktp, - const krb5_keyblock *key, - krb5_keyusage keyusage, - krb5_data *out_state); - -typedef void (*free_state_func)(const struct krb5_keytypes *ktp, - krb5_data *state); - -struct krb5_keytypes { - krb5_enctype etype; - char *name; - char *aliases[MAX_ETYPE_ALIASES]; - char *out_string; - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - size_t prf_length; - crypto_length_func crypto_length; - crypt_func encrypt; - crypt_func decrypt; - str2key_func str2key; - rand2key_func rand2key; - prf_func prf; - init_state_func init_state; - free_state_func free_state; - krb5_cksumtype required_ctype; - krb5_flags flags; -}; - -#define ETYPE_WEAK 1 - -extern const struct krb5_keytypes krb5int_enctypes_list[]; -extern const int krb5int_enctypes_length; - -static inline const struct krb5_keytypes * -find_enctype(krb5_enctype enctype) -{ - int i; - - for (i = 0; i < krb5int_enctypes_length; i++) { - if (krb5int_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5int_enctypes_length) - return NULL; - return &krb5int_enctypes_list[i]; -} - -/* This belongs with the declaration of struct krb5_enc_provider... but not - * while that's still in k5-int.h. */ -/* Encrypt one block of plaintext in place. */ -static inline krb5_error_code -encrypt_block(const struct krb5_enc_provider *enc, krb5_key key, - krb5_data *block) -{ - krb5_crypto_iov iov; - - /* Verify that this is a block cipher and block is the right length. */ - if (block->length != enc->block_size || enc->block_size == 1) - return EINVAL; - iov.flags = KRB5_CRYPTO_TYPE_DATA; - iov.data = *block; - if (enc->cbc_mac != NULL) /* One-block cbc-mac with no ivec. */ - return enc->cbc_mac(key, &iov, 1, NULL, block); - else /* Assume cbc-mode encrypt. */ - return enc->encrypt(key, 0, &iov, 1); -} - -krb5_error_code -krb5int_init_state_enc(const struct krb5_keytypes *ktp, - const krb5_keyblock *key, krb5_keyusage keyusage, - krb5_data *out_state); - -void -krb5int_free_state_enc(const struct krb5_keytypes *ktp, krb5_data *state); - -krb5_error_code -k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock); - -krb5_error_code -k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock); - -krb5_error_code -k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock); - -#endif diff --git a/src/lib/crypto/krb/key.c b/src/lib/crypto/krb/key.c index a64c7a00c..550ac20d3 100644 --- a/src/lib/crypto/krb/key.c +++ b/src/lib/crypto/krb/key.c @@ -25,8 +25,7 @@ * Functions for manipulating krb5_key structures */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" /* * The krb5_key data type wraps an exposed keyblock in an opaque data diff --git a/src/lib/crypto/krb/keyblocks.c b/src/lib/crypto/krb/keyblocks.c index 732a877a0..b1ef6f2ac 100644 --- a/src/lib/crypto/krb/keyblocks.c +++ b/src/lib/crypto/krb/keyblocks.c @@ -30,9 +30,7 @@ * an empty keyblock */ - -#include "k5-int.h" -#include <assert.h> +#include "crypto_int.h" krb5_error_code krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/keyed_checksum_types.c b/src/lib/crypto/krb/keyed_checksum_types.c index 3cd1ebcae..4b211fb46 100644 --- a/src/lib/crypto/krb/keyed_checksum_types.c +++ b/src/lib/crypto/krb/keyed_checksum_types.c @@ -25,9 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" -#include "cksumtypes.h" +#include "crypto_int.h" static krb5_boolean is_keyed_for(const struct krb5_cksumtypes *ctp, diff --git a/src/lib/crypto/krb/keyed_cksum.c b/src/lib/crypto/krb/keyed_cksum.c index b6d3e3db4..d3db8f31b 100644 --- a/src/lib/crypto/krb/keyed_cksum.c +++ b/src/lib/crypto/krb/keyed_cksum.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum(krb5_cksumtype ctype) diff --git a/src/lib/crypto/krb/keylengths.c b/src/lib/crypto/krb/keylengths.c index fa65be11c..2bbd1cc6b 100644 --- a/src/lib/crypto/krb/keylengths.c +++ b/src/lib/crypto/krb/keylengths.c @@ -29,8 +29,7 @@ * SUCH DAMAGES. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" /* * keybytes is the number of bytes required as input to make a key, diff --git a/src/lib/crypto/krb/make_checksum.c b/src/lib/crypto/krb/make_checksum.c index d0dc62237..398c84a8d 100644 --- a/src/lib/crypto/krb/make_checksum.c +++ b/src/lib/crypto/krb/make_checksum.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "etypes.h" -#include "dk.h" +#include "crypto_int.h" /* A 0 checksum type means use the mandatory checksum. */ diff --git a/src/lib/crypto/krb/make_checksum_iov.c b/src/lib/crypto/krb/make_checksum_iov.c index a7a3cb3dd..1c54077fc 100644 --- a/src/lib/crypto/krb/make_checksum_iov.c +++ b/src/lib/crypto/krb/make_checksum_iov.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_make_checksum_iov(krb5_context context, diff --git a/src/lib/crypto/krb/make_random_key.c b/src/lib/crypto/krb/make_random_key.c index 4032676a1..f5af18780 100644 --- a/src/lib/crypto/krb/make_random_key.c +++ b/src/lib/crypto/krb/make_random_key.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/mandatory_sumtype.c b/src/lib/crypto/krb/mandatory_sumtype.c index 3adeaf215..55ea81fa1 100644 --- a/src/lib/crypto/krb/mandatory_sumtype.c +++ b/src/lib/crypto/krb/mandatory_sumtype.c @@ -23,8 +23,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code krb5int_c_mandatory_cksumtype(krb5_context ctx, krb5_enctype etype, diff --git a/src/lib/crypto/krb/nfold.c b/src/lib/crypto/krb/nfold.c index 11082acca..ea02fddcf 100644 --- a/src/lib/crypto/krb/nfold.c +++ b/src/lib/crypto/krb/nfold.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#ifdef HAVE_MEMORY_H -#include <memory.h> -#endif +#include "crypto_int.h" /* * n-fold(k-bits): diff --git a/src/lib/crypto/krb/old/Makefile.in b/src/lib/crypto/krb/old/Makefile.in index 8cbd7fc0b..0563f4cb1 100644 --- a/src/lib/crypto/krb/old/Makefile.in +++ b/src/lib/crypto/krb/old/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)old BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../../$(CRYPTO_IMPL)/des -I$(srcdir)/.. -I$(srcdir) +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/old/deps b/src/lib/crypto/krb/old/deps index 0e51f504a..f8762e621 100644 --- a/src/lib/crypto/krb/old/deps +++ b/src/lib/crypto/krb/old/deps @@ -4,8 +4,9 @@ des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../builtin/des/des_int.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -13,12 +14,13 @@ des_stringtokey.so des_stringtokey.po $(OUTPRE)des_stringtokey.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des_stringtokey.c old.h + des_stringtokey.c old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -26,4 +28,4 @@ old_aead.so old_aead.po $(OUTPRE)old_aead.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - old.h old_aead.c + old_aead.c diff --git a/src/lib/crypto/krb/old/des_stringtokey.c b/src/lib/crypto/krb/old/des_stringtokey.c index 71ee0de1d..751aa72da 100644 --- a/src/lib/crypto/krb/old/des_stringtokey.c +++ b/src/lib/crypto/krb/old/des_stringtokey.c @@ -25,15 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "old.h" -#include <des_int.h> - -/* XXX */ -extern krb5_error_code mit_des_string_to_key_int -(krb5_keyblock * keyblock, - const krb5_data * data, - const krb5_data * salt); +#include "crypto_int.h" krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/old/old.h b/src/lib/crypto/krb/old/old.h deleted file mode 100644 index d092686d3..000000000 --- a/src/lib/crypto/krb/old/old.h +++ /dev/null @@ -1,49 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "etypes.h" - -unsigned int -krb5int_old_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -krb5_error_code -krb5int_old_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code krb5int_des_string_to_key(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key); diff --git a/src/lib/crypto/krb/old/old_aead.c b/src/lib/crypto/krb/old/old_aead.c index f7d1f10a7..00ce609ec 100644 --- a/src/lib/crypto/krb/old/old_aead.c +++ b/src/lib/crypto/krb/old/old_aead.c @@ -25,10 +25,7 @@ * or implied warranty. */ - -#include "k5-int.h" -#include "old.h" -#include "aead.h" +#include "crypto_int.h" unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/old_api_glue.c b/src/lib/crypto/krb/old_api_glue.c index 49f554dd2..585ed11a3 100644 --- a/src/lib/crypto/krb/old_api_glue.c +++ b/src/lib/crypto/krb/old_api_glue.c @@ -25,7 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" +#include "crypto_int.h" /* * The following functions were removed from the API in krb5 1.3 but diff --git a/src/lib/crypto/krb/prf.c b/src/lib/crypto/krb/prf.c index e42d36361..a315c42a1 100644 --- a/src/lib/crypto/krb/prf.c +++ b/src/lib/crypto/krb/prf.c @@ -31,11 +31,7 @@ *function yields krb5_c_prf_length bytes of output. */ - -#include "k5-int.h" -#include "etypes.h" - -#include <assert.h> +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_prf_length(krb5_context context, krb5_enctype enctype, size_t *len) diff --git a/src/lib/crypto/krb/prf/Makefile.in b/src/lib/crypto/krb/prf/Makefile.in index b57029fa0..f7b4ddc38 100644 --- a/src/lib/crypto/krb/prf/Makefile.in +++ b/src/lib/crypto/krb/prf/Makefile.in @@ -1,10 +1,6 @@ mydir=lib$(S)crypto$(S)krb$(S)prf BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir) -I$(srcdir)/.. \ - -I$(srcdir)/../dk \ - -I$(srcdir)/../../$(CRYPTO_IMPL) \ - -I$(srcdir)/../../$(CRYPTO_IMPL)/md5 \ - -I$(srcdir)/../../$(CRYPTO_IMPL)/sha1 +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) DEFS= ##DOS##BUILDTOP = ..\..\..\.. diff --git a/src/lib/crypto/krb/prf/cmac_prf.c b/src/lib/crypto/krb/prf/cmac_prf.c index 78d11641c..0a02bf1ea 100644 --- a/src/lib/crypto/krb/prf/cmac_prf.c +++ b/src/lib/crypto/krb/prf/cmac_prf.c @@ -30,8 +30,7 @@ *simplified profile enctypes. */ -#include "prf_int.h" -#include <dk.h> +#include "crypto_int.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/krb/prf/deps b/src/lib/crypto/krb/prf/deps index dbf083fa5..40bba2481 100644 --- a/src/lib/crypto/krb/prf/deps +++ b/src/lib/crypto/krb/prf/deps @@ -3,45 +3,49 @@ # des_prf.so des_prf.po $(OUTPRE)des_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des_prf.c prf_int.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h des_prf.c dk_prf.so dk_prf.po $(OUTPRE)dk_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h \ - $(srcdir)/../dk/dk.h $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - dk_prf.c prf_int.h + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h dk_prf.c rc4_prf.so rc4_prf.po $(OUTPRE)rc4_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - prf_int.h rc4_prf.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h \ + $(srcdir)/../../builtin/aes/uitypes.h $(srcdir)/../../builtin/crypto_mod.h \ + $(srcdir)/../../builtin/sha2/sha2.h $(srcdir)/../crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h rc4_prf.c cmac_prf.so cmac_prf.po $(OUTPRE)cmac_prf.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../cksumtypes.h $(srcdir)/../dk/dk.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -49,4 +53,4 @@ cmac_prf.so cmac_prf.po $(OUTPRE)cmac_prf.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - cmac_prf.c prf_int.h + cmac_prf.c diff --git a/src/lib/crypto/krb/prf/des_prf.c b/src/lib/crypto/krb/prf/des_prf.c index a111423a5..3bb420b57 100644 --- a/src/lib/crypto/krb/prf/des_prf.c +++ b/src/lib/crypto/krb/prf/des_prf.c @@ -30,8 +30,7 @@ * des-cbc-crc, des-cbc-md4, and des-cbc-md5 enctypes. */ -#include "prf_int.h" -#include "hash_provider/hash_provider.h" +#include "crypto_int.h" krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, diff --git a/src/lib/crypto/krb/prf/dk_prf.c b/src/lib/crypto/krb/prf/dk_prf.c index a824e2b57..b6e69988c 100644 --- a/src/lib/crypto/krb/prf/dk_prf.c +++ b/src/lib/crypto/krb/prf/dk_prf.c @@ -30,8 +30,7 @@ *simplified profile enctypes. */ -#include "prf_int.h" -#include <dk.h> +#include "crypto_int.h" krb5_error_code krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, diff --git a/src/lib/crypto/krb/prf/prf_int.h b/src/lib/crypto/krb/prf/prf_int.h deleted file mode 100644 index 1c9872047..000000000 --- a/src/lib/crypto/krb/prf/prf_int.h +++ /dev/null @@ -1,50 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/krb/prf/prf_int.h - * - * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of - * Technology. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef PRF_INTERNAL_DEFS -#define PRF_INTERNAL_DEFS - -#include "k5-int.h" -#include "etypes.h" - -krb5_error_code -krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -krb5_error_code -krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -krb5_error_code -krb5int_dk_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -krb5_error_code -krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp, krb5_key key, - const krb5_data *in, krb5_data *out); - -#endif /*PRF_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/krb/prf/rc4_prf.c b/src/lib/crypto/krb/prf/rc4_prf.c index e34ab2602..be54f361f 100644 --- a/src/lib/crypto/krb/prf/rc4_prf.c +++ b/src/lib/crypto/krb/prf/rc4_prf.c @@ -26,9 +26,7 @@ * */ -#include "prf_int.h" -#include "k5-int.h" -#include <hash_provider/hash_provider.h> +#include "crypto_int.h" krb5_error_code krb5int_arcfour_prf(const struct krb5_keytypes *ktp, krb5_key key, diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c index b65223b8b..acece29bf 100644 --- a/src/lib/crypto/krb/prng.c +++ b/src/lib/crypto/krb/prng.c @@ -24,7 +24,7 @@ * or implied warranty. */ -#include "prng.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_random_seed(krb5_context context, krb5_data *data) diff --git a/src/lib/crypto/krb/prng.h b/src/lib/crypto/krb/prng.h deleted file mode 100644 index f75d5f731..000000000 --- a/src/lib/crypto/krb/prng.h +++ /dev/null @@ -1,48 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/krb/prng.h - Header for PRNG modules */ -/* - * Copyright 2010 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#ifndef PRNG_H -#define PRNG_H - -#include "k5-int.h" - -/* - * PRNG modules must implement the following APIs from krb5.h: - * krb5_c_random_add_entropy - * krb5_c_random_make_octets - * - * PRNG modules should implement these functions. They are called from the - * crypto library init and cleanup functions, and can be used to setup and tear - * down static state without thread safety concerns. - */ -int k5_prng_init(void); -void k5_prng_cleanup(void); - -/* Used by PRNG modules to gather OS entropy. Returns true on success. */ -krb5_boolean k5_get_os_entropy(unsigned char *buf, size_t len); - -#endif diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c index 3acf96b3a..cdc5acf15 100644 --- a/src/lib/crypto/krb/prng_fortuna.c +++ b/src/lib/crypto/krb/prng_fortuna.c @@ -74,10 +74,7 @@ * such as a KDC which can submit periodic entropy inputs to the PRNG. */ -#include "k5-int.h" -#include "prng.h" -#include "aes.h" -#include "sha2.h" +#include "crypto_int.h" /* The accumulator's number of pools. */ #define NUM_POOLS 32 diff --git a/src/lib/crypto/krb/prng_nss.c b/src/lib/crypto/krb/prng_nss.c index 4d2b9c4a0..905b24dd3 100644 --- a/src/lib/crypto/krb/prng_nss.c +++ b/src/lib/crypto/krb/prng_nss.c @@ -26,9 +26,8 @@ * or implied warranty. */ -#include "prng.h" -#include <assert.h> -#include "k5-thread.h" +#include "crypto_int.h" +#include "nss_prng.h" /* * This PRNG module should be used whenever the NSS crypto implementation is @@ -36,8 +35,6 @@ * AES-256 and SHA-256 contexts across forks. */ -#include "nss_prng.h" - int k5_prng_init(void) { diff --git a/src/lib/crypto/krb/prng_os.c b/src/lib/crypto/krb/prng_os.c index 2da8b1986..51af17be9 100644 --- a/src/lib/crypto/krb/prng_os.c +++ b/src/lib/crypto/krb/prng_os.c @@ -31,8 +31,7 @@ * in the operating system's native PRNG quality. */ -#include "k5-int.h" -#include "prng.h" +#include "crypto_int.h" #define DEVICE "/dev/urandom" diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c index cb83129a2..93d033eb7 100644 --- a/src/lib/crypto/krb/random_to_key.c +++ b/src/lib/crypto/krb/random_to_key.c @@ -34,9 +34,7 @@ * already been initialized and random_key->contents have been allocated * with the correct length. */ -#include "k5-int.h" -#include "etypes.h" -#include "des_int.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_random_to_key(krb5_context context, krb5_enctype enctype, diff --git a/src/lib/crypto/krb/raw/deps b/src/lib/crypto/krb/raw/deps index 283622b17..2423c9fbd 100644 --- a/src/lib/crypto/krb/raw/deps +++ b/src/lib/crypto/krb/raw/deps @@ -4,8 +4,9 @@ raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h \ - $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/aes/aes.h $(srcdir)/../../builtin/aes/uitypes.h \ + $(srcdir)/../../builtin/crypto_mod.h $(srcdir)/../../builtin/sha2/sha2.h \ + $(srcdir)/../crypto_int.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -13,4 +14,4 @@ raw_aead.so raw_aead.po $(OUTPRE)raw_aead.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - raw.h raw_aead.c + raw_aead.c diff --git a/src/lib/crypto/krb/raw/raw.h b/src/lib/crypto/krb/raw/raw.h deleted file mode 100644 index ee54d5874..000000000 --- a/src/lib/crypto/krb/raw/raw.h +++ /dev/null @@ -1,43 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" -#include "etypes.h" - -unsigned int -krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type); - -krb5_error_code -krb5int_raw_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - -krb5_error_code -krb5int_raw_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); diff --git a/src/lib/crypto/krb/raw/raw_aead.c b/src/lib/crypto/krb/raw/raw_aead.c index 75f23241c..3364a7d0b 100644 --- a/src/lib/crypto/krb/raw/raw_aead.c +++ b/src/lib/crypto/krb/raw/raw_aead.c @@ -26,9 +26,7 @@ */ -#include "k5-int.h" -#include "raw.h" -#include "aead.h" +#include "crypto_int.h" unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, diff --git a/src/lib/crypto/krb/state.c b/src/lib/crypto/krb/state.c index 4a0bafd8b..2c3371c3a 100644 --- a/src/lib/crypto/krb/state.c +++ b/src/lib/crypto/krb/state.c @@ -33,8 +33,7 @@ * krb5_c_init_state and krb5_c_free_state used by clients of the * Kerberos crypto library. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" /* Most enctypes delegate cipher state handling to the enc provider by using * this function as their init_state methods. */ diff --git a/src/lib/crypto/krb/string_to_cksumtype.c b/src/lib/crypto/krb/string_to_cksumtype.c index b130b6c73..3498d2a05 100644 --- a/src/lib/crypto/krb/string_to_cksumtype.c +++ b/src/lib/crypto/krb/string_to_cksumtype.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep) diff --git a/src/lib/crypto/krb/string_to_key.c b/src/lib/crypto/krb/string_to_key.c index 356940455..7a7a04f61 100644 --- a/src/lib/crypto/krb/string_to_key.c +++ b/src/lib/crypto/krb/string_to_key.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "etypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_c_string_to_key_with_params(krb5_context context, diff --git a/src/lib/crypto/krb/valid_cksumtype.c b/src/lib/crypto/krb/valid_cksumtype.c index 07b84fec7..eb7807f7e 100644 --- a/src/lib/crypto/krb/valid_cksumtype.c +++ b/src/lib/crypto/krb/valid_cksumtype.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype(krb5_cksumtype ctype) diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c index cb19c23a9..8727cb35d 100644 --- a/src/lib/crypto/krb/verify_checksum.c +++ b/src/lib/crypto/krb/verify_checksum.c @@ -25,8 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "cksumtypes.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum(krb5_context context, krb5_key key, diff --git a/src/lib/crypto/krb/verify_checksum_iov.c b/src/lib/crypto/krb/verify_checksum_iov.c index d5427baec..da8f487bf 100644 --- a/src/lib/crypto/krb/verify_checksum_iov.c +++ b/src/lib/crypto/krb/verify_checksum_iov.c @@ -25,9 +25,7 @@ * or implied warranty. */ -#include "k5-int.h" -#include "cksumtypes.h" -#include "aead.h" +#include "crypto_int.h" krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum_iov(krb5_context context, |