diff options
author | Zhanna Tsitkov <tsitkova@mit.edu> | 2009-09-16 16:51:13 +0000 |
---|---|---|
committer | Zhanna Tsitkov <tsitkova@mit.edu> | 2009-09-16 16:51:13 +0000 |
commit | b794a46deda934234a09c083920c84b9c822108c (patch) | |
tree | 52eaf049a8c619ca6ea114846b0808fbd5ad9da6 /src/lib/crypto/openssl | |
parent | 2b607418f2d745472a0f9d70e6ddc61f21ee9a01 (diff) | |
download | krb5-b794a46deda934234a09c083920c84b9c822108c.tar.gz krb5-b794a46deda934234a09c083920c84b9c822108c.tar.xz krb5-b794a46deda934234a09c083920c84b9c822108c.zip |
Crypto modularity proj.: Move prf and random-to-key ops from backend to krb
bigredbutton: whitespace
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22769 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/openssl')
-rw-r--r-- | src/lib/crypto/openssl/enc_provider/des.c | 34 | ||||
-rw-r--r-- | src/lib/crypto/openssl/enc_provider/des3.c | 42 | ||||
-rw-r--r-- | src/lib/crypto/openssl/enc_provider/rc4.c | 23 |
3 files changed, 12 insertions, 87 deletions
diff --git a/src/lib/crypto/openssl/enc_provider/des.c b/src/lib/crypto/openssl/enc_provider/des.c index bc4313659..3aed648fd 100644 --- a/src/lib/crypto/openssl/enc_provider/des.c +++ b/src/lib/crypto/openssl/enc_provider/des.c @@ -5,11 +5,11 @@ #include "des_int.h" #include "enc_provider.h" #include <aead.h> +#include <rand2key.h> #include <openssl/evp.h> #define DES_BLOCK_SIZE 8 #define DES_KEY_BYTES 7 -#define DES_KEY_LEN 8 static krb5_error_code k5_des_encrypt(const krb5_keyblock *key, const krb5_data *ivec, @@ -21,7 +21,7 @@ k5_des_encrypt(const krb5_keyblock *key, const krb5_data *ivec, unsigned char *tmp_buf = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; - if (key->length != DES_KEY_LEN) + if (key->length != KRB5_MIT_DES_KEYSIZE) return(KRB5_BAD_KEYSIZE); if ((input->length%8) != 0) return(KRB5_BAD_MSIZE); @@ -81,7 +81,7 @@ k5_des_decrypt(const krb5_keyblock *key, const krb5_data *ivec, unsigned char *tmp_buf; unsigned char iv[EVP_MAX_IV_LENGTH]; - if (key->length != DES_KEY_LEN) + if (key->length != KRB5_MIT_DES_KEYSIZE) return(KRB5_BAD_KEYSIZE); if ((input->length%8) != 0) return(KRB5_BAD_MSIZE); @@ -131,30 +131,6 @@ k5_des_decrypt(const krb5_keyblock *key, const krb5_data *ivec, } static krb5_error_code -k5_des_make_key(const krb5_data *randombits, krb5_keyblock *key) -{ - if (key->length != DES_KEY_LEN) - return(KRB5_BAD_KEYSIZE); - if (randombits->length != 7) - return(KRB5_CRYPTO_INTERNAL); - - key->magic = KV5M_KEYBLOCK; - - /* take the seven bytes, move them around into the top 7 bits of the - 8 key bytes, then compute the parity bits */ - - memcpy(key->contents, randombits->data, randombits->length); - key->contents[7] = (((key->contents[0]&1)<<1) | ((key->contents[1]&1)<<2) | - ((key->contents[2]&1)<<3) | ((key->contents[3]&1)<<4) | - ((key->contents[4]&1)<<5) | ((key->contents[5]&1)<<6) | - ((key->contents[6]&1)<<7)); - - mit_des_fixup_key_parity(key->contents); - - return(0); -} - -static krb5_error_code k5_des_encrypt_iov(const krb5_keyblock *key, const krb5_data *ivec, krb5_crypto_iov *data, @@ -259,10 +235,10 @@ k5_des_decrypt_iov(const krb5_keyblock *key, const struct krb5_enc_provider krb5int_enc_des = { DES_BLOCK_SIZE, - DES_KEY_BYTES, DES_KEY_LEN, + DES_KEY_BYTES, KRB5_MIT_DES_KEYSIZE, k5_des_encrypt, k5_des_decrypt, - k5_des_make_key, + krb5int_des_make_key, krb5int_des_init_state, krb5int_default_free_state, k5_des_encrypt_iov, diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c index 1cc67483d..ab3c6641b 100644 --- a/src/lib/crypto/openssl/enc_provider/des3.c +++ b/src/lib/crypto/openssl/enc_provider/des3.c @@ -4,12 +4,11 @@ #include "k5-int.h" #include "des_int.h" #include <aead.h> +#include <rand2key.h> #include <openssl/evp.h> #define DES_BLOCK_SIZE 8 -#define DES3_KEY_BYTES 21 -#define DES3_KEY_LEN 24 static krb5_error_code validate(const krb5_keyblock *key, const krb5_data *ivec, @@ -19,7 +18,7 @@ validate(const krb5_keyblock *key, const krb5_data *ivec, /* key->enctype was checked by the caller */ - if (key->length != DES3_KEY_LEN) + if (key->length != KRB5_MIT_DES3_KEYSIZE) return(KRB5_BAD_KEYSIZE); if ((input->length%DES_BLOCK_SIZE) != 0) return(KRB5_BAD_MSIZE); @@ -52,7 +51,7 @@ validate_iov(const krb5_keyblock *key, const krb5_data *ivec, input_length += iov->data.length; } - if (key->length != DES3_KEY_LEN) + if (key->length != KRB5_MIT_DES3_KEYSIZE) return(KRB5_BAD_KEYSIZE); if ((input_length%DES_BLOCK_SIZE) != 0) return(KRB5_BAD_MSIZE); @@ -178,37 +177,6 @@ k5_des3_decrypt(const krb5_keyblock *key, const krb5_data *ivec, } static krb5_error_code -k5_des3_make_key(const krb5_data *randombits, krb5_keyblock *key) -{ - int i; - - if (key->length != DES3_KEY_LEN) - return(KRB5_BAD_KEYSIZE); - if (randombits->length != DES3_KEY_BYTES) - return(KRB5_CRYPTO_INTERNAL); - - key->magic = KV5M_KEYBLOCK; - - /* take the seven bytes, move them around into the top 7 bits of the - 8 key bytes, then compute the parity bits. Do this three times. */ - - for (i=0; i<3; i++) { - memcpy(key->contents+i*8, randombits->data+i*7, 7); - key->contents[i*8+7] = (((key->contents[i*8]&1)<<1) | - ((key->contents[i*8+1]&1)<<2) | - ((key->contents[i*8+2]&1)<<3) | - ((key->contents[i*8+3]&1)<<4) | - ((key->contents[i*8+4]&1)<<5) | - ((key->contents[i*8+5]&1)<<6) | - ((key->contents[i*8+6]&1)<<7)); - - mit_des_fixup_key_parity(key->contents+i*8); - } - - return(0); -} - -static krb5_error_code validate_and_schedule_iov(const krb5_keyblock *key, const krb5_data *ivec, const krb5_crypto_iov *data, size_t num_data, mit_des3_key_schedule *schedule) @@ -340,10 +308,10 @@ k5_des3_decrypt_iov(const krb5_keyblock *key, const struct krb5_enc_provider krb5int_enc_des3 = { DES_BLOCK_SIZE, - DES3_KEY_BYTES, DES3_KEY_LEN, + KRB5_MIT_DES3_KEY_BYTES, KRB5_MIT_DES3_KEYSIZE, k5_des3_encrypt, k5_des3_decrypt, - k5_des3_make_key, + krb5int_des3_make_key, krb5int_des_init_state, krb5int_default_free_state, k5_des3_encrypt_iov, diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c index b82af5247..08bd859bd 100644 --- a/src/lib/crypto/openssl/enc_provider/rc4.c +++ b/src/lib/crypto/openssl/enc_provider/rc4.c @@ -7,6 +7,7 @@ #include "arcfour-int.h" #include "enc_provider.h" #include <aead.h> +#include <rand2key.h> #include <openssl/evp.h> #define RC4_KEY_SIZE 16 @@ -17,10 +18,6 @@ static krb5_error_code k5_arcfour_docrypt(const krb5_keyblock *, const krb5_data *, const krb5_data *, krb5_data *); -/* from a random bitstrem, construct a key */ -static krb5_error_code -k5_arcfour_make_key(const krb5_data *, krb5_keyblock *); - static krb5_error_code k5_arcfour_free_state ( krb5_data *state); static krb5_error_code @@ -114,22 +111,6 @@ k5_arcfour_docrypt_iov(const krb5_keyblock *key, return 0; } - -static krb5_error_code -k5_arcfour_make_key(const krb5_data *randombits, krb5_keyblock *key) -{ - if (key->length != RC4_KEY_SIZE) - return(KRB5_BAD_KEYSIZE); - if (randombits->length != RC4_KEY_SIZE) - return(KRB5_CRYPTO_INTERNAL); - - key->magic = KV5M_KEYBLOCK; - - memcpy(key->contents, randombits->data, randombits->length); - - return(0); -} - static krb5_error_code k5_arcfour_free_state ( krb5_data *state) { @@ -158,7 +139,7 @@ const struct krb5_enc_provider krb5int_enc_arcfour = { RC4_KEY_SIZE, RC4_KEY_SIZE, k5_arcfour_docrypt, k5_arcfour_docrypt, - k5_arcfour_make_key, + krb5int_arcfour_make_key, k5_arcfour_init_state, /*xxx not implemented */ k5_arcfour_free_state, /*xxx not implemented */ k5_arcfour_docrypt_iov, |