diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-03-02 05:29:29 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-03-02 05:29:29 +0000 |
| commit | ce6d249fdf1dd7dda5b202836ed387500324ae2a (patch) | |
| tree | b0550b898743ddfdff76ac6647fca7a12d6db284 /src/lib/crypto/nss | |
| parent | e2d6d9ce23b878334d70a0f9c697064873619b75 (diff) | |
| download | krb5-ce6d249fdf1dd7dda5b202836ed387500324ae2a.tar.gz krb5-ce6d249fdf1dd7dda5b202836ed387500324ae2a.tar.xz krb5-ce6d249fdf1dd7dda5b202836ed387500324ae2a.zip | |
Consolidate almost all lib/crypto/krb headers into a single
crypto_int.h. In that header, define and document responsibilities
for crypto modules, some of which are satisfied through a
module-specific crypto_mod.h. In the OpenSSL and NSS modules, remove
many of the headers and sources providing functionality which isn't
needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and
SHA-1 hashing, as well as DES weak key testing). Change most
Makefile.ins to only include headers from lib/crypto/krb and
lib/crypto/$(CRYPTO_IMPL), instead of from many different directories.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/nss')
42 files changed, 155 insertions, 908 deletions
diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in index c2a2e4e9c..bb8b8c275 100644 --- a/src/lib/crypto/nss/Makefile.in +++ b/src/lib/crypto/nss/Makefile.in @@ -2,17 +2,7 @@ mydir=lib$(S)crypto$(S)nss BUILDTOP=$(REL)..$(S)..$(S).. SUBDIRS=des aes camellia md4 md5 sha1 sha2 enc_provider hash_provider CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/../krb \ - -I$(srcdir)/../krb/hash_provider \ - -I$(srcdir)/des \ - -I$(srcdir)/aes \ - -I$(srcdir)/sha1 \ - -I$(srcdir)/sha2 \ - -I$(srcdir)/md4 \ - -I$(srcdir)/md5 \ - -I$(srcdir)/enc_provider \ - -I$(srcdir)/hash_provider \ - $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) $(CRYPTO_IMPL_CFLAGS) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/crypto/nss/aes/Makefile.in b/src/lib/crypto/nss/aes/Makefile.in index ffbd4ba50..947ad11b2 100644 --- a/src/lib/crypto/nss/aes/Makefile.in +++ b/src/lib/crypto/nss/aes/Makefile.in @@ -4,12 +4,9 @@ mydir=lib$(S)crypto$(S)nss$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS= diff --git a/src/lib/crypto/nss/camellia/Makefile.in b/src/lib/crypto/nss/camellia/Makefile.in index b8feffc5d..041227132 100644 --- a/src/lib/crypto/nss/camellia/Makefile.in +++ b/src/lib/crypto/nss/camellia/Makefile.in @@ -4,12 +4,9 @@ mydir=lib$(S)crypto$(S)nss$(S)camellia BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= OBJS= diff --git a/src/lib/crypto/nss/crypto_mod.h b/src/lib/crypto/nss/crypto_mod.h new file mode 100644 index 000000000..2f82a2b0d --- /dev/null +++ b/src/lib/crypto/nss/crypto_mod.h @@ -0,0 +1,39 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/crypto_mod.h - NSS crypto module declarations */ +/* + * Copyright (C) 2011 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* + * This header is included from lib/crypto/krb/crypto_int.h to provide + * module-specific declarations. It is not included directly from source + * files. + */ + +#ifndef CRYPTO_MOD_H +#define CRYPTO_MOD_H + +/* Because the NSS crypto module doesn't work with the Fortuna PRNG, we don't + * need to declare anything here. */ + +#endif /* CRYPTO_MOD_H */ diff --git a/src/lib/crypto/nss/deps b/src/lib/crypto/nss/deps index e925336e6..0d5831e53 100644 --- a/src/lib/crypto/nss/deps +++ b/src/lib/crypto/nss/deps @@ -3,8 +3,7 @@ # hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/aead.h \ - $(srcdir)/../krb/cksumtypes.h $(srcdir)/../krb/etypes.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -12,10 +11,11 @@ hmac.so hmac.po $(OUTPRE)hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hmac.c nss_gen.h + $(top_srcdir)/include/socket-utils.h crypto_mod.h hmac.c \ + nss_gen.h pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -23,18 +23,20 @@ pbkdf2.so pbkdf2.po $(OUTPRE)pbkdf2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h nss_gen.h pbkdf2.c + $(top_srcdir)/include/socket-utils.h crypto_mod.h nss_gen.h \ + pbkdf2.c prng.so prng.po $(OUTPRE)prng.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ - $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ - $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ - $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ - $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ - $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ - $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ - $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - nss_gen.h nss_prng.h prng.c + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../krb/crypto_int.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ + $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ + $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ + $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_mod.h nss_gen.h \ + nss_prng.h prng.c stubs.so stubs.po $(OUTPRE)stubs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ diff --git a/src/lib/crypto/nss/des/Makefile.in b/src/lib/crypto/nss/des/Makefile.in index c8ab6e429..b751e6e65 100644 --- a/src/lib/crypto/nss/des/Makefile.in +++ b/src/lib/crypto/nss/des/Makefile.in @@ -1,8 +1,7 @@ mydir=lib$(S)crypto$(S)nss$(S)des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb \ - $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) DEFS= @@ -10,23 +9,18 @@ RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= des_oldapis.o \ f_parity.o \ - string2key.o \ - weak_key.o + string2key.o OBJS= $(OUTPRE)f_parity.$(OBJEXT) \ $(OUTPRE)des_oldapis.$(OBJEXT) \ - $(OUTPRE)string2key.$(OBJEXT) \ - $(OUTPRE)weak_key.$(OBJEXT) + $(OUTPRE)string2key.$(OBJEXT) SRCS= $(srcdir)/f_parity.c \ $(srcdir)/des_oldapis.c \ - $(srcdir)/weak_key.c \ $(srcdir)/string2key.c - all-unix:: all-libobjs includes:: depend diff --git a/src/lib/crypto/nss/des/deps b/src/lib/crypto/nss/des/deps index 45fe25677..18a124374 100644 --- a/src/lib/crypto/nss/des/deps +++ b/src/lib/crypto/nss/des/deps @@ -4,40 +4,32 @@ f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c + $(top_srcdir)/include/socket-utils.h f_parity.c des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h des_oldapis.c -weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c + $(top_srcdir)/include/socket-utils.h des_oldapis.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -45,4 +37,4 @@ string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - des_int.h string2key.c + string2key.c diff --git a/src/lib/crypto/nss/des/des_int.h b/src/lib/crypto/nss/des/des_int.h deleted file mode 100644 index e85fcbca9..000000000 --- a/src/lib/crypto/nss/des/des_int.h +++ /dev/null @@ -1,194 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/des/des_int.h - * - * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of - * Technology. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Private include file for the Data Encryption Standard library. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -/* only do the whole thing once */ -#ifndef DES_INTERNAL_DEFS -#define DES_INTERNAL_DEFS - -#include "k5-int.h" -/* - * Begin "mit-des.h" - */ -#ifndef KRB5_MIT_DES__ -#define KRB5_MIT_DES__ - -#if defined(__MACH__) && defined(__APPLE__) -#include <TargetConditionals.h> -#include <AvailabilityMacros.h> -#if TARGET_RT_MAC_CFM -#error "Use KfM 4.0 SDK headers for CFM compilation." -#endif -#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) -#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 -#endif -#endif /* defined(__MACH__) && defined(__APPLE__) */ - -/* Macro to add deprecated attribute to DES types and functions */ -/* Currently only defined on Mac OS X 10.5 and later. */ -#ifndef KRB5INT_DES_DEPRECATED -#define KRB5INT_DES_DEPRECATED -#endif - -#include <limits.h> - -#if UINT_MAX >= 0xFFFFFFFFUL -#define DES_INT32 int -#define DES_UINT32 unsigned int -#else -#define DES_INT32 long -#define DES_UINT32 unsigned long -#endif - -typedef unsigned char des_cblock[8] /* crypto-block size */ -KRB5INT_DES_DEPRECATED; - -/* - * Key schedule. - * - * This used to be - * - * typedef struct des_ks_struct { - * union { DES_INT32 pad; des_cblock _;} __; - * } des_key_schedule[16]; - * - * but it would cause trouble if DES_INT32 were ever more than 4 - * bytes. The reason is that all the encryption functions cast it to - * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If - * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the - * caller-allocated des_key_schedule will be overflowed by the key - * scheduling functions. We can't assume that every platform will - * have an exact 32-bit int, and nothing should be looking inside a - * des_key_schedule anyway. - */ -typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] -KRB5INT_DES_DEPRECATED; - -typedef des_cblock mit_des_cblock; -typedef des_key_schedule mit_des_key_schedule; - -/* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; - -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 - -typedef struct mit_des_ran_key_seed { - krb5_encrypt_block eblock; - krb5_data sequence; -} mit_des_random_state; - -/* the first byte of the key is already in the keyblock */ - -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH -/* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 - -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) - -/* - * Check if k5-int.h has been included before us. If so, then check to see - * that our view of the DES key size is the same as k5-int.h's. - */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE -error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES__ */ -/* - * End "mit-des.h" - */ - -#define mit_des_zeroblock krb5int_c_mit_des_zeroblock -extern const mit_des_cblock mit_des_zeroblock; - -/* des_oldapis.c */ -extern krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, - const krb5_data *data, - const krb5_data *salt); - -/* key_parity.c */ -extern void mit_des_fixup_key_parity (mit_des_cblock ); -extern int mit_des_check_key_parity (mit_des_cblock ); - -/* string2key.c */ -extern krb5_error_code mit_des_string_to_key - ( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); -extern krb5_error_code mit_des_string_to_key_int - (krb5_keyblock *, const krb5_data *, const krb5_data *); - -/* weak_key.c */ -extern int mit_des_is_weak_key (mit_des_cblock ); - -/* misc.c */ -extern void swap_bits (char *); -extern unsigned long long_swap_bits (unsigned long ); -extern unsigned long swap_six_bits_to_ansi (unsigned long ); -extern unsigned long swap_four_bits_to_ansi (unsigned long ); -extern unsigned long swap_bit_pos_1 (unsigned long ); -extern unsigned long swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); -extern unsigned long rev_swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_byte_bits (unsigned long ); -extern unsigned long swap_long_bytes_bit_number (unsigned long ); -#ifdef FILE -/* XXX depends on FILE being a #define! */ -extern void test_set (FILE *, const char *, int, const char *, int); -#endif -#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/nss/des/des_oldapis.c b/src/lib/crypto/nss/des/des_oldapis.c index eb1e58633..79163c40c 100644 --- a/src/lib/crypto/nss/des/des_oldapis.c +++ b/src/lib/crypto/nss/des/des_oldapis.c @@ -26,31 +26,11 @@ * */ -#include "k5-int.h" -#include "des_int.h" -#include <ctype.h> - -const mit_des_cblock mit_des_zeroblock /* = all zero */; - -unsigned long -mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) -{ - /* Unsupported operation */ - return KRB5_CRYPTO_INTERNAL; -} +#include "crypto_int.h" krb5_error_code -mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) -{ - return KRB5_CRYPTO_INTERNAL; -} - -int -mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) +mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { - /* Unsupported operation */ return KRB5_CRYPTO_INTERNAL; } diff --git a/src/lib/crypto/nss/des/f_parity.c b/src/lib/crypto/nss/des/f_parity.c index 460b5061b..ca1de3ed9 100644 --- a/src/lib/crypto/nss/des/f_parity.c +++ b/src/lib/crypto/nss/des/f_parity.c @@ -9,8 +9,7 @@ * Mark Eichin -- Cygnus Support */ - -#include "des_int.h" +#include "crypto_int.h" /* * des_fixup_key_parity: Forces odd parity per byte; parity is bits @@ -22,35 +21,11 @@ #define parity_char(x) pstep(pstep(pstep((x),4),2),1) void -mit_des_fixup_key_parity(mit_des_cblock key) +mit_des_fixup_key_parity(unsigned char *key) { unsigned int i; - for (i=0; i<sizeof(mit_des_cblock); i++) - { + for (i = 0; i < 8; i++) { key[i] &= 0xfe; key[i] |= 1^parity_char(key[i]); } - - return; -} - -/* - * des_check_key_parity: returns true iff key has the correct des parity. - * See des_fix_key_parity for the definition of - * correct des parity. - */ -int -mit_des_check_key_parity(mit_des_cblock key) -{ - unsigned int i; - - for (i=0; i<sizeof(mit_des_cblock); i++) - { - if((key[i] & 1) == parity_char(0xfe&key[i])) - { - return 0; - } - } - - return(1); } diff --git a/src/lib/crypto/nss/des/string2key.c b/src/lib/crypto/nss/des/string2key.c index 15c0adde8..d9f9e3a18 100644 --- a/src/lib/crypto/nss/des/string2key.c +++ b/src/lib/crypto/nss/des/string2key.c @@ -25,7 +25,7 @@ * or implied warranty. */ -#include "des_int.h" +#include "crypto_int.h" #include "pk11pub.h" #include "nss_gen.h" diff --git a/src/lib/crypto/nss/des/weak_key.c b/src/lib/crypto/nss/des/weak_key.c deleted file mode 100644 index 43fbe91c6..000000000 --- a/src/lib/crypto/nss/des/weak_key.c +++ /dev/null @@ -1,84 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/openssl/des/weak_key.c - * - * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - * Originally written 8/85 by Steve Miller, MIT Project Athena. - */ - -#include "des_int.h" - -/* - * The following are the weak DES keys: - */ -static const mit_des_cblock weak[16] = { - /* weak keys */ - {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, - {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, - {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, - {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, - - /* semi-weak */ - {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, - {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, - - {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, - {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, - - {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, - {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, - - {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, - {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, - - {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, - {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, - - {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, - {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} -}; - -/* - * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. - * - * Requires: key has correct odd parity. - */ -int -mit_des_is_weak_key(mit_des_cblock key) -{ - unsigned int i; - const mit_des_cblock *weak_p = weak; - - for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { - if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) - return 1; - } - return 0; -} diff --git a/src/lib/crypto/nss/enc_provider/Makefile.in b/src/lib/crypto/nss/enc_provider/Makefile.in index 579072df3..3657d597c 100644 --- a/src/lib/crypto/nss/enc_provider/Makefile.in +++ b/src/lib/crypto/nss/enc_provider/Makefile.in @@ -1,13 +1,7 @@ mydir=lib$(S)crypto$(S)nss$(S)enc_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/../des \ - -I$(srcdir)/../arcfour \ - -I$(srcdir)/../aes \ - -I$(srcdir)/../../krb \ - -I$(srcdir)/../../krb/rand2key \ - -I$(srcdir)/.. -I$(srcdir)/. \ - $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) DEFS= PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/lib/crypto/nss/enc_provider/aes.c b/src/lib/crypto/nss/enc_provider/aes.c index 69caecaf9..6f24e3f37 100644 --- a/src/lib/crypto/nss/enc_provider/aes.c +++ b/src/lib/crypto/nss/enc_provider/aes.c @@ -33,12 +33,9 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "aead.h" +#include "crypto_int.h" #include "nss_gen.h" - krb5_error_code krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) diff --git a/src/lib/crypto/nss/enc_provider/camellia.c b/src/lib/crypto/nss/enc_provider/camellia.c index 8005e481e..5a3495de7 100644 --- a/src/lib/crypto/nss/enc_provider/camellia.c +++ b/src/lib/crypto/nss/enc_provider/camellia.c @@ -33,9 +33,7 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" -#include "enc_provider.h" -#include "aead.h" +#include "crypto_int.h" #include "nss_gen.h" #ifdef CAMELLIA diff --git a/src/lib/crypto/nss/enc_provider/deps b/src/lib/crypto/nss/enc_provider/deps index 901fcd693..7899344f8 100644 --- a/src/lib/crypto/nss/enc_provider/deps +++ b/src/lib/crypto/nss/enc_provider/deps @@ -3,9 +3,8 @@ # enc_gen.so enc_gen.po $(OUTPRE)enc_gen.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -13,12 +12,11 @@ enc_gen.so enc_gen.po $(OUTPRE)enc_gen.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - enc_gen.c enc_provider.h + enc_gen.c des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../des/des_int.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -29,9 +27,8 @@ des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ des.c des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../des/des_int.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -42,9 +39,8 @@ des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ des3.c aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -52,25 +48,24 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - aes.c enc_provider.h + aes.c camellia.so camellia.po $(OUTPRE)camellia.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h camellia.c enc_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + camellia.c rc4.so rc4.po $(OUTPRE)rc4.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h \ - $(srcdir)/../../krb/cksumtypes.h $(srcdir)/../../krb/etypes.h \ - $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ + $(srcdir)/../crypto_mod.h $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ diff --git a/src/lib/crypto/nss/enc_provider/des.c b/src/lib/crypto/nss/enc_provider/des.c index b77aa1bf9..60b5097d1 100644 --- a/src/lib/crypto/nss/enc_provider/des.c +++ b/src/lib/crypto/nss/enc_provider/des.c @@ -33,11 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include <aead.h> -#include "des_int.h" - static krb5_error_code k5_des_encrypt_iov(krb5_key key, const krb5_data *ivec, diff --git a/src/lib/crypto/nss/enc_provider/des3.c b/src/lib/crypto/nss/enc_provider/des3.c index c22d6effc..b32e56897 100644 --- a/src/lib/crypto/nss/enc_provider/des3.c +++ b/src/lib/crypto/nss/enc_provider/des3.c @@ -33,11 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include <aead.h> -#include "des_int.h" - static krb5_error_code k5_des3_encrypt_iov(krb5_key key, const krb5_data *ivec, diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c index 756039a1a..19f8d2ccf 100644 --- a/src/lib/crypto/nss/enc_provider/enc_gen.c +++ b/src/lib/crypto/nss/enc_provider/enc_gen.c @@ -33,10 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include "enc_provider.h" -#include "aead.h" #include "seccomon.h" #include "secmod.h" #include "pk11pub.h" diff --git a/src/lib/crypto/nss/enc_provider/enc_provider.h b/src/lib/crypto/nss/enc_provider/enc_provider.h deleted file mode 100644 index 4365255ab..000000000 --- a/src/lib/crypto/nss/enc_provider/enc_provider.h +++ /dev/null @@ -1,40 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" - -extern const struct krb5_enc_provider krb5int_enc_des; -extern const struct krb5_enc_provider krb5int_enc_des3; -extern const struct krb5_enc_provider krb5int_enc_arcfour; -extern const struct krb5_enc_provider krb5int_enc_aes128; -extern const struct krb5_enc_provider krb5int_enc_aes256; -extern const struct krb5_enc_provider krb5int_enc_aes128_ctr; -extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; -#ifdef CAMELLIA -extern const struct krb5_enc_provider krb5int_enc_camellia128; -extern const struct krb5_enc_provider krb5int_enc_camellia256; -#endif diff --git a/src/lib/crypto/nss/enc_provider/rc4.c b/src/lib/crypto/nss/enc_provider/rc4.c index 633d0d181..908924358 100644 --- a/src/lib/crypto/nss/enc_provider/rc4.c +++ b/src/lib/crypto/nss/enc_provider/rc4.c @@ -33,8 +33,7 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" -#include <aead.h> +#include "crypto_int.h" #include "nss_gen.h" #define RC4_KEY_SIZE 16 diff --git a/src/lib/crypto/nss/hash_provider/Makefile.in b/src/lib/crypto/nss/hash_provider/Makefile.in index 719b50079..e6b25caca 100644 --- a/src/lib/crypto/nss/hash_provider/Makefile.in +++ b/src/lib/crypto/nss/hash_provider/Makefile.in @@ -1,8 +1,7 @@ mydir=lib$(S)crypto$(S)nss$(S)hash_provider BUILDTOP=$(REL)..$(S)..$(S)..$(S).. CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \ - -I$(srcdir)/.. -I$(srcdir)/../../krb \ +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. -I$(srcdir)/../md4 \ $(CRYPTO_IMPL_CFLAGS) DEFS= diff --git a/src/lib/crypto/nss/hash_provider/deps b/src/lib/crypto/nss/hash_provider/deps index e52f37d20..e92327394 100644 --- a/src/lib/crypto/nss/hash_provider/deps +++ b/src/lib/crypto/nss/hash_provider/deps @@ -4,21 +4,20 @@ hash_gen.so hash_gen.po $(OUTPRE)hash_gen.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_gen.c + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_gen.c hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/crc32/crc-32.h $(srcdir)/../../krb/etypes.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ @@ -26,24 +25,25 @@ hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_provider.h + $(top_srcdir)/include/socket-utils.h hash_crc32.c hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \ - $(srcdir)/../../krb/etypes.h $(srcdir)/../md4/rsa-md4.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h hash_md4.c hash_provider.h + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../md4/rsa-md4.h $(top_srcdir)/include/k5-buf.h \ + $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ + $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ + $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ + $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + hash_md4.c hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -51,11 +51,12 @@ hash_md5.so hash_md5.po $(OUTPRE)hash_md5.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - hash_md5.c hash_provider.h + hash_md5.c hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(srcdir)/../nss_gen.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ @@ -63,4 +64,4 @@ hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - hash_provider.h hash_sha1.c + hash_sha1.c diff --git a/src/lib/crypto/nss/hash_provider/hash_crc32.c b/src/lib/crypto/nss/hash_provider/hash_crc32.c index 3a2f94a3b..c8d0e0834 100644 --- a/src/lib/crypto/nss/hash_provider/hash_crc32.c +++ b/src/lib/crypto/nss/hash_provider/hash_crc32.c @@ -25,10 +25,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "crc-32.h" -#include "hash_provider.h" -#include "aead.h" +#include "crypto_int.h" static krb5_error_code k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hash_provider/hash_gen.c b/src/lib/crypto/nss/hash_provider/hash_gen.c index 7cc82f4ff..a11aa6d14 100644 --- a/src/lib/crypto/nss/hash_provider/hash_gen.c +++ b/src/lib/crypto/nss/hash_provider/hash_gen.c @@ -33,10 +33,9 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "sechash.h" #include "nss_gen.h" -#include "aead.h" krb5_error_code k5_nss_gen_hash(HASH_HashType hashType, const krb5_crypto_iov *data, diff --git a/src/lib/crypto/nss/hash_provider/hash_md4.c b/src/lib/crypto/nss/hash_provider/hash_md4.c index 91482f76b..7bf68909e 100644 --- a/src/lib/crypto/nss/hash_provider/hash_md4.c +++ b/src/lib/crypto/nss/hash_provider/hash_md4.c @@ -25,10 +25,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "k5-int.h" -#include "hash_provider.h" +#include "crypto_int.h" #include "rsa-md4.h" -#include "aead.h" static krb5_error_code k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hash_provider/hash_md5.c b/src/lib/crypto/nss/hash_provider/hash_md5.c index 65ea6fccc..2fb2998ef 100644 --- a/src/lib/crypto/nss/hash_provider/hash_md5.c +++ b/src/lib/crypto/nss/hash_provider/hash_md5.c @@ -33,9 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include "hash_provider.h" static krb5_error_code k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hash_provider/hash_provider.h b/src/lib/crypto/nss/hash_provider/hash_provider.h deleted file mode 100644 index eebe84588..000000000 --- a/src/lib/crypto/nss/hash_provider/hash_provider.h +++ /dev/null @@ -1,33 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "k5-int.h" - -extern const struct krb5_hash_provider krb5int_hash_crc32; -extern const struct krb5_hash_provider krb5int_hash_md4; -extern const struct krb5_hash_provider krb5int_hash_md5; -extern const struct krb5_hash_provider krb5int_hash_sha1; diff --git a/src/lib/crypto/nss/hash_provider/hash_sha1.c b/src/lib/crypto/nss/hash_provider/hash_sha1.c index c70d4393f..c78b45ac7 100644 --- a/src/lib/crypto/nss/hash_provider/hash_sha1.c +++ b/src/lib/crypto/nss/hash_provider/hash_sha1.c @@ -33,9 +33,8 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" -#include "hash_provider.h" static krb5_error_code k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) diff --git a/src/lib/crypto/nss/hmac.c b/src/lib/crypto/nss/hmac.c index c0db602b7..adf600ea0 100644 --- a/src/lib/crypto/nss/hmac.c +++ b/src/lib/crypto/nss/hmac.c @@ -33,8 +33,7 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "k5-int.h" -#include "aead.h" +#include "crypto_int.h" #include "nss_gen.h" #include "pk11pub.h" diff --git a/src/lib/crypto/nss/md4/Makefile.in b/src/lib/crypto/nss/md4/Makefile.in index dfb0182fa..3927d5719 100644 --- a/src/lib/crypto/nss/md4/Makefile.in +++ b/src/lib/crypto/nss/md4/Makefile.in @@ -1,11 +1,8 @@ mydir=lib$(S)crypto$(S)nss$(S)md4 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir) +LOCALINCLUDES = DEFS= -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - STLIBOBJS= md4.o OBJS= $(OUTPRE)md4.$(OBJEXT) diff --git a/src/lib/crypto/nss/md5/Makefile.in b/src/lib/crypto/nss/md5/Makefile.in index b0cde50e9..ec7279518 100644 --- a/src/lib/crypto/nss/md5/Makefile.in +++ b/src/lib/crypto/nss/md5/Makefile.in @@ -4,15 +4,14 @@ DEFS= PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -STLIBOBJS= md5.o +STLIBOBJS= -OBJS= $(OUTPRE)md5.$(OBJEXT) +OBJS= -SRCS= $(srcdir)/md5.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/nss/md5/deps b/src/lib/crypto/nss/md5/deps index bc7ef602b..2feac3c9d 100644 --- a/src/lib/crypto/nss/md5/deps +++ b/src/lib/crypto/nss/md5/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -md5.so md5.po $(OUTPRE)md5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h md5.c rsa-md5.h +# No dependencies here. diff --git a/src/lib/crypto/nss/md5/md5.c b/src/lib/crypto/nss/md5/md5.c deleted file mode 100644 index ee494e55f..000000000 --- a/src/lib/crypto/nss/md5/md5.c +++ /dev/null @@ -1,86 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/nss/md5/md5.c - * - * Copyright (c) 2010 Red Hat, Inc. - * All Rights Reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * * Neither the name of Red Hat, Inc., nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS - * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "k5-int.h" -#include "rsa-md5.h" -#include "pk11pub.h" -#include "nss_gen.h" - - -/* Initialize the message-digest context mdContext. */ -void -krb5int_MD5Init(krb5_MD5_CTX *mdContext) -{ - if (k5_nss_init()) { - mdContext->nss_ctxt = NULL; - return; - } - mdContext->nss_ctxt = PK11_CreateDigestContext(SEC_OID_MD5); - if (mdContext->nss_ctxt == NULL) - return; - PK11_DigestBegin((PK11Context *)mdContext->nss_ctxt); -} - -/* - * Update the message-digest context to account for the presence of each of the - * characters inBuf[0..inLen-1] in the message whose digest is being computed. - */ -void -krb5int_MD5Update(krb5_MD5_CTX *mdContext, const unsigned char *inBuf, - unsigned int inLen) -{ - if (mdContext->nss_ctxt == NULL) - return; - PK11_DigestOp((PK11Context *)mdContext->nss_ctxt, inBuf, inLen); -} - -/* Terminate the message-digest computation and end with the desired message - * digest in mdContext->digest[0...15]. */ -void -krb5int_MD5Final(krb5_MD5_CTX *mdContext) -{ - unsigned int digestLength; - - if (mdContext->nss_ctxt == NULL) - return; - PK11_DigestFinal((PK11Context *)mdContext->nss_ctxt, mdContext->digest, - &digestLength, sizeof (mdContext->digest)); - /* since there is not separate cleanup step, free the context now. - * (otherwise we could have reused the context for another MD5 operation - * in the future). - */ - PK11_DestroyContext((PK11Context *)mdContext->nss_ctxt, PR_TRUE); - mdContext->nss_ctxt = NULL; -} diff --git a/src/lib/crypto/nss/md5/rsa-md5.h b/src/lib/crypto/nss/md5/rsa-md5.h deleted file mode 100644 index 228eb0977..000000000 --- a/src/lib/crypto/nss/md5/rsa-md5.h +++ /dev/null @@ -1,90 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/openssl/md5/rsa-md5.h - * - * Copyright (C) 2009 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* - *********************************************************************** - ** md5.h -- header file for implementation of MD5 ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ** Revised (for MD5): RLR 4/27/91 ** - ** -- G modified to have y&~z instead of y&z ** - ** -- FF, GG, HH modified to add in last register done ** - ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** - ** -- distinct additive constant for each step ** - ** -- round 4 added, working mod 7 ** - *********************************************************************** - */ - -/* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ - - -#ifndef KRB5_RSA_MD5__ -#define KRB5_RSA_MD5__ - -/* Data structure for MD5 (Message-Digest) computation */ -typedef struct { - void *nss_ctxt; - krb5_int32 * digest_len; - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD5Final call */ -} krb5_MD5_CTX; - -extern void krb5int_MD5Init(krb5_MD5_CTX *); -extern void krb5int_MD5Update(krb5_MD5_CTX *, const unsigned char *, - unsigned int); -extern void krb5int_MD5Final(krb5_MD5_CTX *); - -#define RSA_MD5_CKSUM_LENGTH 16 -#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 -#define RSA_MD5_DES_CONFOUND_LENGTH 8 - -#endif /* KRB5_RSA_MD5__ */ diff --git a/src/lib/crypto/nss/pbkdf2.c b/src/lib/crypto/nss/pbkdf2.c index a966c364e..f89f00df6 100644 --- a/src/lib/crypto/nss/pbkdf2.c +++ b/src/lib/crypto/nss/pbkdf2.c @@ -34,8 +34,7 @@ */ #include <ctype.h> -#include "k5-int.h" -#include "hash_provider.h" +#include "crypto_int.h" #include "pk11pub.h" #include "nss_gen.h" diff --git a/src/lib/crypto/nss/prng.c b/src/lib/crypto/nss/prng.c index 61039171b..ebd1d3ac2 100644 --- a/src/lib/crypto/nss/prng.c +++ b/src/lib/crypto/nss/prng.c @@ -24,7 +24,7 @@ * or implied warranty. */ -#include "k5-int.h" +#include "crypto_int.h" #include "nss_gen.h" #include "nss_prng.h" #include <pk11pub.h> diff --git a/src/lib/crypto/nss/sha1/Makefile.in b/src/lib/crypto/nss/sha1/Makefile.in index 82d6d9b91..8e7809e7c 100644 --- a/src/lib/crypto/nss/sha1/Makefile.in +++ b/src/lib/crypto/nss/sha1/Makefile.in @@ -1,17 +1,13 @@ mydir=lib$(S)crypto$(S)nss$(S)sha1 BUILDTOP=$(REL)..$(S)..$(S)..$(S).. DEFS= -CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@ -LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS) +LOCALINCLUDES = -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) +STLIBOBJS= -STLIBOBJS= shs.o +OBJS= -OBJS= $(OUTPRE)shs.$(OBJEXT) - -SRCS= $(srcdir)/shs.c +SRCS= all-unix:: all-libobjs diff --git a/src/lib/crypto/nss/sha1/deps b/src/lib/crypto/nss/sha1/deps index 9133bb530..2feac3c9d 100644 --- a/src/lib/crypto/nss/sha1/deps +++ b/src/lib/crypto/nss/sha1/deps @@ -1,14 +1 @@ -# -# Generated makefile dependencies follow. -# -shs.so shs.po $(OUTPRE)shs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../nss_gen.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h shs.c shs.h +# No dependencies here. diff --git a/src/lib/crypto/nss/sha1/shs.c b/src/lib/crypto/nss/sha1/shs.c deleted file mode 100644 index edf4c9a28..000000000 --- a/src/lib/crypto/nss/sha1/shs.c +++ /dev/null @@ -1,77 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* lib/crypto/nss/sha1/shs.c - * - * Copyright (c) 2010 Red Hat, Inc. - * All Rights Reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * * Neither the name of Red Hat, Inc., nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS - * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "k5-int.h" -#include "shs.h" -#include "pk11pub.h" -#include "nss_gen.h" - -/* Initialize the SHS values */ -void shsInit(SHS_INFO *shsInfo) -{ - if (k5_nss_init()) { - shsInfo->nss_ctxt = NULL; - return; - } - shsInfo->nss_ctxt = PK11_CreateDigestContext(SEC_OID_SHA1); - if (shsInfo->nss_ctxt == NULL) - return; - PK11_DigestBegin((PK11Context *)shsInfo->nss_ctxt); -} - -/* Update SHS for a block of data */ -void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) -{ - if (shsInfo->nss_ctxt == NULL) - return; - PK11_DigestOp((PK11Context *)shsInfo->nss_ctxt, buffer, count); -} - - -/* Final wrapup - pad to SHS_DATASIZE-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) */ -void shsFinal(SHS_INFO *shsInfo) -{ - if (shsInfo->nss_ctxt == NULL) - return; - PK11_DigestFinal((PK11Context *)shsInfo->nss_ctxt, shsInfo->digestBuf, - &shsInfo->digestLen, sizeof (shsInfo->digestBuf)); - /* Since there is not separate cleanup step, free the context now. - * (otherwise we could have reused the context for another MD5 operation - * in the future). - */ - PK11_DestroyContext((PK11Context *)shsInfo->nss_ctxt, PR_TRUE); - shsInfo->nss_ctxt = NULL; -} diff --git a/src/lib/crypto/nss/sha1/shs.h b/src/lib/crypto/nss/sha1/shs.h deleted file mode 100644 index 7019504c1..000000000 --- a/src/lib/crypto/nss/sha1/shs.h +++ /dev/null @@ -1,46 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -#ifndef _SHS_DEFINED - -#include "k5-int.h" - -#define _SHS_DEFINED - -/* Some useful types */ - -typedef krb5_octet SHS_BYTE; -typedef krb5_ui_4 SHS_LONG; - -/* Define the following to use the updated SHS implementation */ -#define NEW_SHS /**/ - -/* The SHS block size and message digest sizes, in bytes */ - -#define SHS_DATASIZE 64 -#define SHS_DIGESTSIZE 20 - -/* The structure for storing SHS info */ - -typedef struct { - void *nss_ctxt; - unsigned char digestBuf[SHS_DIGESTSIZE]; /* output */ - unsigned int digestLen; /* output */ -} SHS_INFO; - -/* Message digest functions (shs.c) */ -void shsInit(SHS_INFO *shsInfo); -void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count); -void shsFinal(SHS_INFO *shsInfo); - - -/* Keyed Message digest functions (hmac_sha.c) */ -krb5_error_code hmac_sha(krb5_octet *text, - int text_len, - krb5_octet *key, - int key_len, - krb5_octet *digest); - - -#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE -#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE - -#endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/nss/sha2/Makefile.in b/src/lib/crypto/nss/sha2/Makefile.in index 1a2bcbb82..89662fa44 100644 --- a/src/lib/crypto/nss/sha2/Makefile.in +++ b/src/lib/crypto/nss/sha2/Makefile.in @@ -4,7 +4,7 @@ mydir=lib$(S)crypto$(S)nss$(S)aes BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +LOCALINCLUDES = DEFS= PROG_LIBPATH=-L$(TOPLIBD) |