diff options
author | Greg Hudson <ghudson@mit.edu> | 2008-12-18 18:31:16 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2008-12-18 18:31:16 +0000 |
commit | 3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37 (patch) | |
tree | f808e8013717b9f044e86d49a29a8288d0437783 /src/lib/des425 | |
parent | 1d86f863efc9f6bc838438f90c6fdda236b6cedd (diff) | |
download | krb5-3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37.tar.gz krb5-3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37.tar.xz krb5-3bee8ea39e56d0ddd369bfb365cca9d51fdcfc37.zip |
Remove krb524, lib/des425, lib/krb4, and include/kerberosIV.
Remove krb4 build system references and conditionals.
Move des425 header stuff referenced by des_int.h into des_int.h.
Remove krb4 test cases.
ticket: 6303
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21544 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/des425')
-rw-r--r-- | src/lib/des425/ISSUES | 28 | ||||
-rw-r--r-- | src/lib/des425/Makefile.in | 273 | ||||
-rw-r--r-- | src/lib/des425/cksum.c | 68 | ||||
-rw-r--r-- | src/lib/des425/des.c | 44 | ||||
-rw-r--r-- | src/lib/des425/enc_dec.c | 47 | ||||
-rw-r--r-- | src/lib/des425/key_parity.c | 52 | ||||
-rw-r--r-- | src/lib/des425/key_sched.c | 40 | ||||
-rw-r--r-- | src/lib/des425/libdes425.exports | 18 | ||||
-rw-r--r-- | src/lib/des425/mac_des_glue.c | 104 | ||||
-rw-r--r-- | src/lib/des425/new_rnd_key.c | 96 | ||||
-rw-r--r-- | src/lib/des425/pcbc_encrypt.c | 235 | ||||
-rw-r--r-- | src/lib/des425/quad_cksum.c | 200 | ||||
-rw-r--r-- | src/lib/des425/random_key.c | 74 | ||||
-rw-r--r-- | src/lib/des425/read_passwd.c | 128 | ||||
-rw-r--r-- | src/lib/des425/str_to_key.c | 168 | ||||
-rw-r--r-- | src/lib/des425/string2key.c | 174 | ||||
-rw-r--r-- | src/lib/des425/t_pcbc.c | 123 | ||||
-rw-r--r-- | src/lib/des425/t_quad.c | 101 | ||||
-rw-r--r-- | src/lib/des425/unix_time.c | 46 | ||||
-rw-r--r-- | src/lib/des425/util.c | 33 | ||||
-rw-r--r-- | src/lib/des425/verify.c | 317 | ||||
-rw-r--r-- | src/lib/des425/weak_key.c | 41 |
22 files changed, 0 insertions, 2410 deletions
diff --git a/src/lib/des425/ISSUES b/src/lib/des425/ISSUES deleted file mode 100644 index ec5ce0087..000000000 --- a/src/lib/des425/ISSUES +++ /dev/null @@ -1,28 +0,0 @@ --*- text -*- - -* unix_time.c also exists in ../krb4, and they're different; both - should probably call into the krb5 support anyways to avoid - duplicating code. - -* namespace intrusions - -* Check include/kerberosIV/des.h and see if all the prototyped - functions really are necessary to retain; if not, delete some of - these source files. - -* Much of this code requires that DES_INT32 be *exactly* 32 bits, and - 4 bytes. - -* Array types are used in function call signatures, which is unclean. - It makes trying to add "const" qualifications in the right places - really, um, interesting. But we're probably stuck with them. - -* quad_cksum is totally broken. I have no idea whether the author - actually believed it implemented the documented algorithm, but I'm - certain it doesn't. The only question is, is it still reasonably - secure, when the plaintext and checksum are visible to an attacker - as in the mk_safe message? - -* des_read_password and des_read_pw_string are not thread-safe. Also, - they should be calling into the k5crypto library instead of - duplicating functionality. diff --git a/src/lib/des425/Makefile.in b/src/lib/des425/Makefile.in deleted file mode 100644 index 218ceaf34..000000000 --- a/src/lib/des425/Makefile.in +++ /dev/null @@ -1,273 +0,0 @@ -thisconfigdir=../.. -myfulldir=lib/des425 -mydir=lib/des425 -BUILDTOP=$(REL)..$(S).. -LOCALINCLUDES = -I$(srcdir)/../crypto/des -I$(srcdir)/../../include/kerberosIV -DEFS= - -##DOS##BUILDTOP = ..\.. -##DOS##LIBNAME=$(OUTPRE)des425.lib -##DOS##OBJFILE=$(OUTPRE)des425.lst -##DOS##OBJFILEDEP=$(OUTPRE)des425.lst -##DOS##OBJFILELIST=@$(OUTPRE)des425.lst - -PROG_LIBPATH=-L$(TOPLIBD) -PROG_RPATH=$(KRB5_LIBDIR) - -RUN_SETUP=@KRB5_RUN_ENV@ - -LIBBASE=des425 -LIBMAJOR=3 -LIBMINOR=0 -RELDIR=des425 -# Depends on libk5crypto and libkrb5 -SHLIB_EXPDEPS = \ - $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ - $(TOPLIBD)/libkrb5$(SHLIBEXT) -SHLIB_EXPLIBS=-lkrb5 -lcom_err -lk5crypto -SHLIB_DIRS=-L$(TOPLIBD) -SHLIB_RDIRS=$(KRB5_LIBDIR) - -STOBJLISTS=OBJS.ST -STLIBOBJS=cksum.o \ - des.o \ - enc_dec.o \ - key_parity.o \ - key_sched.o \ - new_rnd_key.o \ - pcbc_encrypt.o \ - quad_cksum.o \ - random_key.o \ - read_passwd.o \ - str_to_key.o \ - unix_time.o \ - util.o \ - weak_key.o - - -OBJS= $(OUTPRE)cksum.$(OBJEXT) \ - $(OUTPRE)des.$(OBJEXT) \ - $(OUTPRE)enc_dec.$(OBJEXT) \ - $(OUTPRE)key_parity.$(OBJEXT) \ - $(OUTPRE)key_sched.$(OBJEXT) \ - $(OUTPRE)new_rnd_key.$(OBJEXT) \ - $(OUTPRE)pcbc_encrypt.$(OBJEXT) \ - $(OUTPRE)quad_cksum.$(OBJEXT) \ - $(OUTPRE)random_key.$(OBJEXT) \ - $(OUTPRE)read_passwd.$(OBJEXT) \ - $(OUTPRE)str_to_key.$(OBJEXT) \ - $(OUTPRE)unix_time.$(OBJEXT) \ - $(OUTPRE)util.$(OBJEXT) \ - $(OUTPRE)weak_key.$(OBJEXT) - -SRCS= $(srcdir)/cksum.c \ - $(srcdir)/des.c \ - $(srcdir)/enc_dec.c \ - $(srcdir)/key_parity.c \ - $(srcdir)/key_sched.c \ - $(srcdir)/new_rnd_key.c \ - $(srcdir)/pcbc_encrypt.c \ - $(srcdir)/quad_cksum.c \ - $(srcdir)/random_key.c \ - $(srcdir)/read_passwd.c \ - $(srcdir)/str_to_key.c \ - $(srcdir)/unix_time.c \ - $(srcdir)/util.c \ - $(srcdir)/weak_key.c - -all-unix:: all-liblinks - -##DOS##LIBOBJS = $(OBJS) - -shared: - mkdir shared - -verify: verify.o $(DES425_DEPLIB) $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o $@ verify.o $(DES425_LIB) $(KRB5_BASE_LIBS) - -t_quad: t_quad.o quad_cksum.o $(SUPPORT_DEPLIB) - $(CC_LINK) -o $@ t_quad.o quad_cksum.o $(SUPPORT_LIB) - -t_pcbc: t_pcbc.o pcbc_encrypt.o key_sched.o $(KRB5_BASE_DEPLIBS) - $(CC_LINK) -o $@ t_pcbc.o pcbc_encrypt.o key_sched.o $(KRB5_BASE_LIBS) - -check-unix:: verify t_quad t_pcbc - $(RUN_SETUP) $(VALGRIND) ./verify -z - $(RUN_SETUP) $(VALGRIND) ./verify -m - $(RUN_SETUP) $(VALGRIND) ./verify - $(RUN_SETUP) $(VALGRIND) ./t_quad - $(RUN_SETUP) $(VALGRIND) ./t_pcbc - -check-windows:: - -clean:: - $(RM) $(OUTPRE)verify$(EXEEXT) $(OUTPRE)verify.$(OBJEXT) \ - $(OUTPRE)t_quad$(EXEEXT) $(OUTPRE)t_quad.$(OBJEXT) \ - $(OUTPRE)t_pcbc$(EXEEXT) $(OUTPRE)t_pcbc.$(OBJEXT) - -clean-unix:: clean-liblinks clean-libs clean-libobjs - -install-unix:: install-libs - -@lib_frag@ -@libobj_frag@ - -# +++ Dependency line eater +++ -# -# Makefile dependencies follow. This must be the last section in -# the Makefile.in file -# -cksum.so cksum.po $(OUTPRE)cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kerberosIV/des.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../crypto/des/des_int.h \ - cksum.c -des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kerberosIV/des.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../crypto/des/des_int.h \ - des.c -enc_dec.so enc_dec.po $(OUTPRE)enc_dec.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kerberosIV/des.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../crypto/des/des_int.h \ - enc_dec.c -key_parity.so key_parity.po $(OUTPRE)key_parity.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h key_parity.c -key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h key_sched.c -new_rnd_key.so new_rnd_key.po $(OUTPRE)new_rnd_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h new_rnd_key.c -pcbc_encrypt.so pcbc_encrypt.po $(OUTPRE)pcbc_encrypt.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h $(srcdir)/../crypto/des/f_tables.h \ - pcbc_encrypt.c -quad_cksum.so quad_cksum.po $(OUTPRE)quad_cksum.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h quad_cksum.c -random_key.so random_key.po $(OUTPRE)random_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h random_key.c -read_passwd.so read_passwd.po $(OUTPRE)read_passwd.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h read_passwd.c -str_to_key.so str_to_key.po $(OUTPRE)str_to_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h str_to_key.c -unix_time.so unix_time.po $(OUTPRE)unix_time.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h unix_time.c -util.so util.po $(OUTPRE)util.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \ - $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kerberosIV/des.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../crypto/des/des_int.h \ - util.c -weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/kerberosIV/des.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../crypto/des/des_int.h weak_key.c diff --git a/src/lib/des425/cksum.c b/src/lib/des425/cksum.c deleted file mode 100644 index 33b5322ac..000000000 --- a/src/lib/des425/cksum.c +++ /dev/null @@ -1,68 +0,0 @@ -/* - * lib/des425/cksum.c - * - * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it-- fewer inner loops. - * (AUTH_DES_ITER defaults to 16, may be less.) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - * spm 8/85 MIT project athena - */ - -#include "des_int.h" -#include "des.h" - -/* - * This routine performs DES cipher-block-chaining checksum operation, - * a.k.a. Message Authentication Code. It ALWAYS encrypts from input - * to a single 64 bit output MAC checksum. - * - * The key schedule is passed as an arg, as well as the cleartext or - * ciphertext. The cleartext and ciphertext should be in host order. - * - * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was - * provided, your program will get trashed. - * - * The input is null padded, at the end (highest addr), to an integral - * multiple of eight bytes. - */ - -unsigned long KRB5_CALLCONV -des_cbc_cksum(in,out,length,key,iv) - const des_cblock *in; /* >= length bytes of inputtext */ - des_cblock *out; /* >= length bytes of outputtext */ - register unsigned long length; /* in bytes */ - const mit_des_key_schedule key; /* precomputed key schedule */ - const des_cblock *iv; /* 8 bytes of ivec */ -{ - return mit_des_cbc_cksum((const krb5_octet *)in, (krb5_octet *)out, - length, key, (krb5_octet *)iv); -} diff --git a/src/lib/des425/des.c b/src/lib/des425/des.c deleted file mode 100644 index 745b4bed5..000000000 --- a/src/lib/des425/des.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - * lib/des425/des.c - * - * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -#include "des_int.h" -#include "des.h" -#undef mit_des_cbc_encrypt - -int KRB5_CALLCONV -des_ecb_encrypt(clear, cipher, schedule, enc) - des_cblock *clear; - des_cblock *cipher; - const mit_des_key_schedule schedule; - int enc; /* 0 ==> decrypt, else encrypt */ -{ - static const des_cblock iv; - - return (mit_des_cbc_encrypt((const des_cblock *)clear, cipher, - 8, schedule, iv, enc)); -} diff --git a/src/lib/des425/enc_dec.c b/src/lib/des425/enc_dec.c deleted file mode 100644 index b75a63e20..000000000 --- a/src/lib/des425/enc_dec.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * lib/des425/enc_dec.c - * - * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - -#include "des_int.h" -#include "des.h" -#undef mit_des_cbc_encrypt - -int -des_cbc_encrypt(in,out,length,key,iv,enc) - des_cblock *in; /* >= length bytes of input text */ - des_cblock *out; /* >= length bytes of output text */ - register unsigned long length; /* in bytes */ - const mit_des_key_schedule key; /* precomputed key schedule */ - const des_cblock *iv; /* 8 bytes of ivec */ - int enc; /* 0 ==> decrypt, else encrypt */ -{ - return (mit_des_cbc_encrypt((const des_cblock *) in, - out, length, key, - (const unsigned char *)iv, /* YUCK! */ - enc)); -} diff --git a/src/lib/des425/key_parity.c b/src/lib/des425/key_parity.c deleted file mode 100644 index 96e13e2f4..000000000 --- a/src/lib/des425/key_parity.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * lib/des425/key_parity.c - * - * Copyright 1989, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -#include "des_int.h" -#include "des.h" - -/* - * des_fixup_key_parity: Forces odd parity per byte; parity is bits - * 8,16,...64 in des order, implies 0, 8, 16, ... - * vax order. - */ -void -des_fixup_key_parity(key) - register mit_des_cblock key; -{ - mit_des_fixup_key_parity(key); -} - -/* - * des_check_key_parity: returns true iff key has the correct des parity. - */ -int -des_check_key_parity(key) - register mit_des_cblock key; -{ - return(mit_des_check_key_parity(key)); -} - diff --git a/src/lib/des425/key_sched.c b/src/lib/des425/key_sched.c deleted file mode 100644 index 70f61ce5e..000000000 --- a/src/lib/des425/key_sched.c +++ /dev/null @@ -1,40 +0,0 @@ -/* - * lib/des425/key_sched.c - * - * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - - -#include <stdio.h> -#include "des_int.h" -#include "des.h" - -int KRB5_CALLCONV -des_key_sched(k,schedule) - des_cblock k; - des_key_schedule schedule; -{ - return (mit_des_key_sched(k, schedule)); -} diff --git a/src/lib/des425/libdes425.exports b/src/lib/des425/libdes425.exports deleted file mode 100644 index 5753a6e96..000000000 --- a/src/lib/des425/libdes425.exports +++ /dev/null @@ -1,18 +0,0 @@ -afs_string_to_key -des_cbc_cksum -des_cbc_encrypt -des_cblock_print_file -des_check_key_parity -des_ecb_encrypt -des_fixup_key_parity -des_init_random_number_generator -des_is_weak_key -des_key_sched -des_new_random_key -des_pcbc_encrypt -des_quad_cksum -des_random_key -des_read_password -des_read_pw_string -des_string_to_key -unix_time_gmt_unixsec diff --git a/src/lib/des425/mac_des_glue.c b/src/lib/des425/mac_des_glue.c deleted file mode 100644 index b7f3a6af8..000000000 --- a/src/lib/des425/mac_des_glue.c +++ /dev/null @@ -1,104 +0,0 @@ -#include "des_int.h" -#include "des.h" -#undef mit_des3_cbc_encrypt - -/* These functions are exported on KfM for ABI compatibility with - * older versions of the library. They have been pulled from the headers - * in the hope that someday we can remove them. - * - * Do not change the ABIs of any of these functions! - */ - -//int des_read_pw_string(char *, int, char *, int); -char *des_crypt(const char *, const char *); -char *des_fcrypt(const char *, const char *, char *); - -int make_key_sched(des_cblock *, des_key_schedule); -int des_set_key(des_cblock *, des_key_schedule); - -void des_3cbc_encrypt(des_cblock *, des_cblock *, long, - des_key_schedule, des_key_schedule, des_key_schedule, - des_cblock *, int); -void des_3ecb_encrypt(des_cblock *, des_cblock *, - des_key_schedule, des_key_schedule, des_key_schedule, - int); - -void des_generate_random_block(des_cblock); -void des_set_random_generator_seed(des_cblock); -void des_set_sequence_number(des_cblock); - -#pragma mark - - -/* Why was this exported on KfM? Who knows... */ -int des_debug = 0; - -char *des_crypt(const char *str, const char *salt) -{ - char afs_buf[16]; - - return des_fcrypt(str, salt, afs_buf); -} - - -char *des_fcrypt(const char *str, const char *salt, char *buf) -{ - return mit_afs_crypt(str, salt, buf); -} - - -int make_key_sched(des_cblock *k, des_key_schedule schedule) -{ - return mit_des_key_sched((unsigned char *)k, schedule); /* YUCK! */ -} - - -int des_set_key(des_cblock *key, des_key_schedule schedule) -{ - return make_key_sched(key, schedule); -} - - -void des_3cbc_encrypt(des_cblock *in, des_cblock *out, long length, - des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3, - des_cblock *iv, int enc) -{ - mit_des3_cbc_encrypt((const des_cblock *)in, out, (unsigned long)length, - ks1, ks2, ks3, - (const unsigned char *)iv, /* YUCK! */ - enc); -} - - -void des_3ecb_encrypt(des_cblock *clear, des_cblock *cipher, - des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3, - int enc) -{ - static const des_cblock iv; - - mit_des3_cbc_encrypt((const des_cblock *)clear, cipher, 8, ks1, ks2, ks3, iv, enc); -} - - -void des_generate_random_block(des_cblock block) -{ - krb5_data data; - - data.length = sizeof(des_cblock); - data.data = (char *)block; - - /* This function can return an error, however we must ignore it. */ - /* The worst that happens is that the resulting block is non-random */ - krb5_c_random_make_octets(/* XXX */ 0, &data); -} - - -void des_set_random_generator_seed(des_cblock block) -{ - des_init_random_number_generator(block); /* XXX */ -} - - -void des_set_sequence_number(des_cblock block) -{ - des_init_random_number_generator(block); /* XXX */ -} diff --git a/src/lib/des425/new_rnd_key.c b/src/lib/des425/new_rnd_key.c deleted file mode 100644 index 126ddf500..000000000 --- a/src/lib/des425/new_rnd_key.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * lib/des425/new_rnd_key.c - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "des_int.h" -#include "des.h" -#include "k5-int.h" - -void -des_init_random_number_generator(key) - mit_des_cblock key; -{ - krb5_data seed; - - seed.length = sizeof(key); - seed.data = (char *) key; - - if (krb5_c_random_seed(/* XXX */ 0, &seed)) - /* XXX */ abort(); -} - -/* - * des_new_random_key: create a random des key - * - * Requires: des_set_random_number_generater_seed must be at called least - * once before this routine is called. - * - * Notes: the returned key has correct parity and is guarenteed not - * to be a weak des key. Des_generate_random_block is used to - * provide the random bits. - */ -int KRB5_CALLCONV -des_new_random_key(key) - mit_des_cblock key; -{ - krb5_keyblock keyblock; - krb5_error_code kret; - - kret = krb5_c_make_random_key(/* XXX */ 0, ENCTYPE_DES_CBC_CRC, &keyblock); - if (kret) return kret; - - memcpy(key, keyblock.contents, sizeof(mit_des_cblock)); - krb5_free_keyblock_contents(/* XXX */ 0, &keyblock); - - return 0; -} diff --git a/src/lib/des425/pcbc_encrypt.c b/src/lib/des425/pcbc_encrypt.c deleted file mode 100644 index 130fd20f6..000000000 --- a/src/lib/des425/pcbc_encrypt.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * lib/des425/pcbc_encrypt.c - * - * Copyright (C) 1990 by the Massachusetts Institute of Technology. - * All rights reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * DES implementation donated by Dennis Ferguson - */ - -/* - * des_pcbc_encrypt.c - encrypt a string of characters in error propagation mode - */ - -#include "autoconf.h" /* in case this defines CONFIG_SMALL */ -#undef CONFIG_SMALL /* XXX needs non-exported crypto symbols */ -#include "des_int.h" -#include "des.h" -#include <f_tables.h> - -/* - * des_pcbc_encrypt - {en,de}crypt a stream in PCBC mode - */ -int KRB5_CALLCONV -des_pcbc_encrypt(in, out, length, schedule, ivec, enc) - des_cblock *in; - des_cblock *out; - long length; - const des_key_schedule schedule; - des_cblock *ivec; - int enc; -{ - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; - - /* - * Copy the key pointer, just once - */ - kp = (const unsigned DES_INT32 *)schedule; - - /* - * Deal with encryption and decryption separately. - */ - if (enc) { - /* Initialization isn't really needed here, but gcc - complains because it doesn't understand that the - only case where these can be used uninitialized is - to compute values that'll in turn be ignored - because we won't go around the loop again. */ - unsigned DES_INT32 plainl = 42; - unsigned DES_INT32 plainr = 17; - - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = *ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = *in; - op = *out; - while (length > 0) { - /* - * Get block of input. If the length is - * greater than 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length > 8) { - GET_HALF_BLOCK(plainl, ip); - GET_HALF_BLOCK(plainr, ip); - left ^= plainl; - right ^= plainr; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. We know this is the - * last block, though, so we don't have - * to save the plain text. - */ - ip += (int) length; - switch(length) { - case 8: - right ^= *(--ip) & 0xff; - case 7: - right ^= (*(--ip) & 0xff) << 8; - case 6: - right ^= (*(--ip) & 0xff) << 16; - case 5: - right ^= (*(--ip) & 0xff) << 24; - case 4: - left ^= *(--ip) & 0xff; - case 3: - left ^= (*(--ip) & 0xff) << 8; - case 2: - left ^= (*(--ip) & 0xff) << 16; - case 1: - left ^= (*(--ip) & 0xff) << 24; - break; - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - /* - * Xor with the old plain text - */ - left ^= plainl; - right ^= plainr; - } - } else { - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ - unsigned DES_INT32 ocipherl, ocipherr; - unsigned DES_INT32 cipherl, cipherr; - - if (length <= 0) - return 0; - - /* - * Prime the old cipher with ivec. - */ - ip = *ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); - - /* - * Now do this in earnest until we run out of length. - */ - ip = *in; - op = *out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl ^ left; - ocipherr = cipherr ^ right; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: - *(--op) = (unsigned char) (right & 0xff); - case 7: - *(--op) = (unsigned char) ((right >> 8) & 0xff); - case 6: - *(--op) = (unsigned char) ((right >> 16) & 0xff); - case 5: - *(--op) = (unsigned char) ((right >> 24) & 0xff); - case 4: - *(--op) = (unsigned char) (left & 0xff); - case 3: - *(--op) = (unsigned char) ((left >> 8) & 0xff); - case 2: - *(--op) = (unsigned char) ((left >> 16) & 0xff); - case 1: - *(--op) = (unsigned char) ((left >> 24) & 0xff); - break; - } - break; /* we're done */ - } - } - } - - /* - * Done, return nothing. - */ - return 0; -} diff --git a/src/lib/des425/quad_cksum.c b/src/lib/des425/quad_cksum.c deleted file mode 100644 index 2a7b78cfd..000000000 --- a/src/lib/des425/quad_cksum.c +++ /dev/null @@ -1,200 +0,0 @@ -/* - * lib/des425/quad_cksum.c - * - * Copyright 1985, 1986, 1987, 1988,1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine does not implement: - * - * - * Quadratic Congruential Manipulation Dectection Code - * - * ref: "Message Authentication" - * R.R. Jueneman, S. M. Matyas, C.H. Meyer - * IEEE Communications Magazine, - * Sept 1985 Vol 23 No 9 p 29-40 - * - * This routine, part of the Athena DES library built for the Kerberos - * authentication system, calculates a manipulation detection code for - * a message. It is a much faster alternative to the DES-checksum - * method. No guarantees are offered for its security. - * - * Implementation for 4.2bsd - * by S.P. Miller Project Athena/MIT - */ - -/* - * Algorithm (per paper): - * define: - * message to be composed of n m-bit blocks X1,...,Xn - * optional secret seed S in block X1 - * MDC in block Xn+1 - * prime modulus N - * accumulator Z - * initial (secret) value of accumulator C - * N, C, and S are known at both ends - * C and , optionally, S, are hidden from the end users - * then - * (read array references as subscripts over time) - * Z[0] = c; - * for i = 1...n - * Z[i] = (Z[i+1] + X[i])**2 modulo N - * X[n+1] = Z[n] = MDC - * - * Then pick - * N = 2**31 -1 - * m = 16 - * iterate 4 times over plaintext, also use Zn - * from iteration j as seed for iteration j+1, - * total MDC is then a 128 bit array of the four - * Zn; - * - * return the last Zn and optionally, all - * four as output args. - * - * Modifications: - * To inhibit brute force searches of the seed space, this - * implementation is modified to have - * Z = 64 bit accumulator - * C = 64 bit C seed - * N = 2**63 - 1 - * S = S seed is not implemented here - * arithmetic is not quite real double integer precision, since we - * cant get at the carry or high order results from multiply, - * but nontheless is 64 bit arithmetic. - */ -/* - * This code purports to implement the above algorithm, but fails. - * - * First of all, there was an implicit mod 2**32 being done on the - * machines where this was developed because of their word sizes, and - * for compabitility this has to be done on machines with 64-bit - * words, so we make it explicit. - * - * Second, in the squaring operation, I really doubt the carry-over - * from the low 31-bit half of the accumulator is being done right, - * and using a modulus of 0x7fffffff on the low half of the - * accumulator seems completely wrong. And I challenge anyone to - * explain where the number 83653421 comes from. - * - * --Ken Raeburn 2001-04-06 - */ - - -/* System include files */ -#include <stdio.h> -#include <errno.h> - -#include "des_int.h" -#include "des.h" - -/* Definitions for byte swapping */ - -/* vax byte order is LSB first. This is not performance critical, and - is far more readable this way. */ -#define four_bytes_vax_to_nets(x) ((((((x[3]<<8)|x[2])<<8)|x[1])<<8)|x[0]) -#define vaxtohl(x) four_bytes_vax_to_nets(((const unsigned char *)(x))) -#define two_bytes_vax_to_nets(x) ((x[1]<<8)|x[0]) -#define vaxtohs(x) two_bytes_vax_to_nets(((const unsigned char *)(x))) - -/* Externals */ -extern int des_debug; - -/*** Routines ***************************************************** */ - -unsigned long KRB5_CALLCONV -des_quad_cksum(in,out,length,out_count,c_seed) - const unsigned char *in; /* input block */ - unsigned DES_INT32 *out; /* optional longer output */ - long length; /* original length in bytes */ - int out_count; /* number of iterations */ - mit_des_cblock *c_seed; /* secret seed, 8 bytes */ -{ - - /* - * this routine both returns the low order of the final (last in - * time) 32bits of the checksum, and if "out" is not a null - * pointer, a longer version, up to entire 32 bytes of the - * checksum is written unto the address pointed to. - */ - - register unsigned DES_INT32 z; - register unsigned DES_INT32 z2; - register unsigned DES_INT32 x; - register unsigned DES_INT32 x2; - const unsigned char *p; - register DES_INT32 len; - register int i; - - /* use all 8 bytes of seed */ - - z = vaxtohl(c_seed); - z2 = vaxtohl((const char *)c_seed+4); - if (out == NULL) - out_count = 1; /* default */ - - /* This is repeated n times!! */ - for (i = 1; i <=4 && i<= out_count; i++) { - len = length; - p = in; - while (len) { - /* - * X = Z + Input ... sort of. Carry out from low half - * isn't done, so we're using all 32 bits of x now. - */ - if (len > 1) { - x = (z + vaxtohs(p)); - p += 2; - len -= 2; - } - else { - x = (z + *(const unsigned char *)p++); - len = 0; - } - x2 = z2; - /* - * I think this is supposed to be a squaring operation. - * What it really is, I haven't figured out yet. - * - * Explicit mod 2**32 is for backwards compatibility. Why - * mod 0x7fffffff and not 0x80000000 on the low half of - * the (supposed) accumulator? And where does the number - * 83653421 come from?? - */ - z = (((x * x) + (x2 * x2)) & 0xffffffff) % 0x7fffffff; - z2 = ((x * (x2+83653421)) & 0xffffffff) % 0x7fffffff; /* modulo */ -#ifdef DEBUG - if (des_debug & 8) - printf("%d %d\n",z,z2); -#endif - } - - if (out != NULL) { - *out++ = z; - *out++ = z2; - } - } - /* return final z value as 32 bit version of checksum */ - return z; -} diff --git a/src/lib/des425/random_key.c b/src/lib/des425/random_key.c deleted file mode 100644 index f367fc817..000000000 --- a/src/lib/des425/random_key.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * lib/des425/random_key.c - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#include "des_int.h" -#include "des.h" - -/* random_key */ -int -des_random_key(key) - mit_des_cblock *key; -{ - krb5_keyblock keyblock; - krb5_error_code kret; - - if ((kret = krb5_c_make_random_key(/* XXX */ 0, ENCTYPE_DES_CBC_CRC, - &keyblock))) - return(kret); - - memcpy(key, keyblock.contents, sizeof(mit_des_cblock)); - - return(0); -} - diff --git a/src/lib/des425/read_passwd.c b/src/lib/des425/read_passwd.c deleted file mode 100644 index bdcb32999..000000000 --- a/src/lib/des425/read_passwd.c +++ /dev/null @@ -1,128 +0,0 @@ -/* - * lib/des425/read_passwd.c - * - * Copyright 1985,1986,1987,1988,1991 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine prints the supplied string to standard - * output as a prompt, and reads a password string without - * echoing. - */ - -#if !defined(_WIN32) - -#include "des_int.h" -#include "des.h" -#include <stdio.h> -#include <errno.h> -#include <krb5.h> -/* This is re-declared here because des.h might not declare it. */ -int KRB5_CALLCONV des_read_pw_string(char *, int, char *, int); -static int des_rd_pwstr_2prompt(char *, int, char *, char *); - - -/*** Routines ****************************************************** */ -static int -des_rd_pwstr_2prompt(return_pwd, bufsize_in, prompt, prompt2) - char *return_pwd; - int bufsize_in; - char *prompt; - char *prompt2; -{ - krb5_data reply_data; - krb5_prompt k5prompt; - krb5_error_code retval; - reply_data.length = bufsize_in; - reply_data.data = return_pwd; - k5prompt.prompt = prompt; - k5prompt.hidden = 1; - k5prompt.reply = &reply_data; - retval = krb5_prompter_posix(NULL, - NULL, NULL, NULL, 1, &k5prompt); - - if ((retval==0) && prompt2) { - krb5_data verify_data; - verify_data.data = malloc(bufsize_in); - verify_data.length = bufsize_in; - k5prompt.prompt = prompt2; - k5prompt.reply = &verify_data; - if (!verify_data.data) - return ENOMEM; - retval = krb5_prompter_posix(NULL, - NULL,NULL, NULL, 1, &k5prompt); - if (retval) { - free(verify_data.data); - } else { - /* compare */ - if (strncmp(return_pwd, (char *)verify_data.data, bufsize_in)) { - retval = KRB5_LIBOS_BADPWDMATCH; - free(verify_data.data); - } - } - } - return retval; -} - - -int KRB5_CALLCONV -des_read_password(k,prompt,verify) - mit_des_cblock *k; - char *prompt; - int verify; -{ - int ok; - char key_string[BUFSIZ]; - - ok = des_read_pw_string(key_string, sizeof(key_string), prompt, verify); - if (ok == 0) - des_string_to_key(key_string, *k); - - memset(key_string, 0, sizeof (key_string)); - return ok; -} - -/* Note: this function is exported on KfM. Do not change its ABI. */ -int KRB5_CALLCONV -des_read_pw_string(s, max, prompt, verify) - char *s; - int max; - char *prompt; - int verify; -{ - int ok; - char prompt2[BUFSIZ]; - - if (verify) { - snprintf(prompt2, sizeof(prompt2), "Verifying, please re-enter %s", - prompt); - } - ok = des_rd_pwstr_2prompt(s, max, prompt, verify ? prompt2 : 0); - return ok; -} - -#else /* !unix */ -/* - * These are all just dummy functions to make the rest of the library happy... - */ -#endif /* _WINDOWS */ diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c deleted file mode 100644 index 4ddcaed4a..000000000 --- a/src/lib/des425/str_to_key.c +++ /dev/null @@ -1,168 +0,0 @@ -/* - * lib/des425/str_to_key.c - * - * Copyright 1985, 1986, 1987, 1988, 1989,1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it-- fewer inner loops. - * (AUTH_DES_ITER defaults to 16, may be less.) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * The key schedule is passed as an arg, as well as the cleartext or - * ciphertext. The cleartext and ciphertext should be in host order. - * - * These routines form the library interface to the DES facilities. - * - * spm 8/85 MIT project athena - */ - - -#include <stdio.h> -#include <string.h> -#include "des_int.h" -#include "des.h" - -extern int mit_des_debug; - -/* - * Convert an arbitrary length string to a DES key. - */ - -/* - * For krb5, a change was made to this algorithm: When each key is - * generated, after fixing parity, a check for weak and semi-weak keys - * is done. If the key is weak or semi-weak, we XOR the last byte - * with 0xF0. (In the case of the intermediate key, the weakness is - * probably irrelevant, but there it is.) The odds that this will - * generate a different key for a random input string are pretty low, - * but non-zero. So we need this different function for krb4 to use. - */ -int KRB5_CALLCONV -des_string_to_key(str,key) - const char *str; - register mit_des_cblock key; -{ - const char *in_str; - register unsigned temp; - register int j; - unsigned long i, length; - unsigned char *k_p; - int forward; - register char *p_char; - char k_char[64]; - mit_des_key_schedule key_sked; - - in_str = str; - forward = 1; - p_char = k_char; - length = strlen(str); - - /* init key array for bits */ - memset(k_char, 0,sizeof(k_char)); - -#ifdef DEBUG - if (mit_des_debug) - fprintf(stdout, - "\n\ninput str length = %ld string = %s\nstring = 0x ", - length,str); -#endif - - /* get next 8 bytes, strip parity, xor */ - for (i = 1; i <= length; i++) { - /* get next input key byte */ - temp = (unsigned int) *str++; -#ifdef DEBUG - if (mit_des_debug) - fprintf(stdout,"%02x ",temp & 0xff); -#endif - /* loop through bits within byte, ignore parity */ - for (j = 0; j <= 6; j++) { - if (forward) - *p_char++ ^= (int) temp & 01; - else - *--p_char ^= (int) temp & 01; - temp = temp >> 1; - } - - /* check and flip direction */ - if ((i%8) == 0) - forward = !forward; - } - - /* now stuff into the key des_cblock, and force odd parity */ - p_char = k_char; - k_p = (unsigned char *) key; - - for (i = 0; i <= 7; i++) { - temp = 0; - for (j = 0; j <= 6; j++) - temp |= *p_char++ << (1+j); - *k_p++ = (unsigned char) temp; - } - - /* fix key parity */ - des_fixup_key_parity(key); - - /* Now one-way encrypt it with the folded key */ - (void) des_key_sched(key, key_sked); - (void) des_cbc_cksum((const des_cblock *)in_str, (des_cblock *)key, - length, key_sked, (const des_cblock *)key); - /* erase key_sked */ - memset(key_sked, 0,sizeof(key_sked)); - - /* now fix up key parity again */ - des_fixup_key_parity(key); - -#ifdef DEBUG - if (mit_des_debug) - fprintf(stdout, - "\nResulting string_to_key = 0x%x 0x%x\n", - *((unsigned long *) key), - *((unsigned long *) key+1)); -#endif /* DEBUG */ - return 0; /* Really should be returning void, */ - /* but the original spec was for it to */ - /* return an int, and ANSI compilers */ - /* can do dumb things sometimes */ -} - -void afs_string_to_key(char *str, char *cell, des_cblock key) -{ - krb5_data str_data; - krb5_data cell_data; - krb5_keyblock keyblock; - - str_data.data = str; - str_data.length = strlen(str); - cell_data.data = cell; - cell_data.length = strlen(cell); - keyblock.enctype = ENCTYPE_DES_CBC_CRC; - keyblock.length = sizeof(des_cblock); - keyblock.contents = key; - - mit_afs_string_to_key(&keyblock, &str_data, &cell_data); -} diff --git a/src/lib/des425/string2key.c b/src/lib/des425/string2key.c deleted file mode 100644 index 8756787a1..000000000 --- a/src/lib/des425/string2key.c +++ /dev/null @@ -1,174 +0,0 @@ -/* THIS FILE DOES NOT GET COMPILED. AUDIT BEFORE USE. */ -/* - * lib/des425/string2key.c - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Wrapper for the V4 libdes for use with kerberos V5. - */ - - -#include "des.h" -#include "des_int.h" - -#ifdef DEBUG -#include <stdio.h> -extern int des_debug; -#endif - -/* - converts the string pointed to by "data" into an encryption key - of type "enctype". *keyblock is filled in with the key info; - in particular, keyblock->contents is to be set to allocated storage. - It is the responsibility of the caller to release this storage - when the generated key no longer needed. - - The routine may use "princ" to seed or alter the conversion - algorithm. - - If the particular function called does not know how to make a - key of type "enctype", an error may be returned. - - returns: errors - */ - -krb5_error_code mit_des_string_to_key (enctype, keyblock, data, princ) - const krb5_enctype enctype; - krb5_keyblock * keyblock; - const krb5_data * data; - krb5_const_principal princ; -{ - char copystr[512]; - - register char *str = copystr; - register krb5_octet *key; - - register unsigned temp,i; - register int j; - register long length; - unsigned char *k_p; - int forward; - register char *p_char; - char k_char[64]; - mit_des_key_schedule key_sked; - -#define min(A, B) ((A) < (B) ? (A): (B)) - - if ( enctype != ENCTYPE_DES ) - return (KRB5_PROG_ENCTYPE_NOSUPP); - - if ( !(keyblock->contents = (krb5_octet *)malloc(sizeof(mit_des_cblock))) ) - return(ENOMEM); - -#define cleanup() {memset(keyblock->contents, 0, sizeof(mit_des_cblock));\ - krb5_xfree(keyblock->contents);} - - keyblock->enctype = ENCTYPE_DES; - keyblock->length = sizeof(mit_des_cblock); - key = keyblock->contents; - - memset(copystr, 0, sizeof(copystr)); - j = min(data->length, 511); - (void) strncpy(copystr, data->data, j); - if ( princ != 0 ) - for (i=0; princ[i] != 0 && j < 511; i++) { - (void) strncpy(copystr+j, princ[i]->data, - min(princ[i]->length, 511-j)); - j += min(princ[i]->length, 511-j); - } - - /* convert copystr to des key */ - forward = 1; - p_char = k_char; - length = strlen(str); - - /* init key array for bits */ - memset(k_char,0,sizeof(k_char)); - -#ifdef DEBUG - if (mit_des_debug) - fprintf(stdout, - "\n\ninput str length = %d string = %s\nstring = 0x ", - length,str); -#endif - - /* get next 8 bytes, strip parity, xor */ - for (i = 1; i <= length; i++) { - /* get next input key byte */ - temp = (unsigned int) *str++; -#ifdef DEBUG - if (mit_des_debug) - fprintf(stdout,"%02x ",temp & 0xff); -#endif - /* loop through bits within byte, ignore parity */ - for (j = 0; j <= 6; j++) { - if (forward) - *p_char++ ^= (int) temp & 01; - else - *--p_char ^= (int) temp & 01; - temp = temp >> 1; - } - - /* check and flip direction */ - if ((i%8) == 0) - forward = !forward; - } - - /* now stuff into the key mit_des_cblock, and force odd parity */ - p_char = k_char; - k_p = (unsigned char *) key; - - for (i = 0; i <= 7; i++) { - temp = 0; - for (j = 0; j <= 6; j++) - temp |= *p_char++ << (1+j); - *k_p++ = (unsigned char) temp; - } - - /* fix key parity */ - mit_des_fixup_key_parity(key); - - /* Now one-way encrypt it with the folded key */ - (void) mit_des_key_sched(key, key_sked); - (void) mit_des_cbc_cksum((krb5_octet *)copystr, key, length, key_sked, key); - /* erase key_sked */ - memset((char *)key_sked, 0, sizeof(key_sked)); - - /* now fix up key parity again */ - mit_des_fixup_key_parity(key); - -#ifdef DEBUG - if (mit_des_debug) - fprintf(stdout, - "\nResulting string_to_key = 0x%x 0x%x\n", - *((unsigned long *) key), - *((unsigned long *) key+1)); -#endif - - return 0; -} - - - - diff --git a/src/lib/des425/t_pcbc.c b/src/lib/des425/t_pcbc.c deleted file mode 100644 index 2932148b7..000000000 --- a/src/lib/des425/t_pcbc.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * lib/des425/t_quad.c - * - * Copyright 2001 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include <stdio.h> -#include <errno.h> -#include "des_int.h" -#include "des.h" - -char *progname; -int des_debug; - -/* These test values were constructed by experimentation, because I - couldn't be bothered to look up the spec for the encryption mode - and see if any test vector is defined. But really, the thing we - need to test is that the operation we use doesn't changed. Like - with quad_cksum, compatibility is more important than strict - adherence to the spec, if we have to choose. In any case, if you - have a useful test vector, send it in.... */ -struct { - unsigned char text[32]; - des_cblock out[4]; -} tests[] = { - { - "Now is the time for all ", - { - { 0x7f, 0x81, 0x65, 0x41, 0x21, 0xdb, 0xd4, 0xcf, }, - { 0xf8, 0xaa, 0x09, 0x90, 0xeb, 0xc7, 0x60, 0x2b, }, - { 0x45, 0x3e, 0x4e, 0x65, 0x83, 0x6c, 0xf1, 0x98, }, - { 0x4c, 0xfc, 0x69, 0x72, 0x23, 0xdb, 0x48, 0x78, } - } - }, { - "7654321 Now is the time for ", - { - { 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, }, - { 0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15, }, - { 0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f, }, - { 0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88, } - } - }, { - "hi", - { { 0x76, 0x61, 0x0e, 0x8b, 0x23, 0xa4, 0x5f, 0x34, } } - }, -}; - -/* 0x0123456789abcdef */ -unsigned char default_key[8] = { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef -}; -des_cblock ivec = { - 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10 -}; - -int -main(argc,argv) - int argc; - char *argv[]; -{ - int i; - int fail=0; - des_cblock out[32/8]; - des_cblock out2[32/8]; - des_key_schedule sked; - - progname=argv[0]; /* salt away invoking program */ - - /* use known input and key */ - - for (i = 0; i < 3; i++) { - int wrong = 0, j, jmax; - des_key_sched (default_key, sked); - /* This could lose on alignment... */ - des_pcbc_encrypt ((des_cblock *)&tests[i].text, out, - strlen(tests[i].text) + 1, sked, &ivec, 1); - printf ("pcbc_encrypt(\"%s\") = {", tests[i].text); - jmax = (strlen (tests[i].text) + 8) & ~7U; - for (j = 0; j < jmax; j++) { - if (j % 8 == 0) - printf ("\n\t"); - printf (" 0x%02x,", out[j/8][j%8]); - if (out[j/8][j%8] != tests[i].out[j/8][j%8]) - wrong = 1; - } - printf ("\n}\n"); - - /* reverse it */ - des_pcbc_encrypt (out, out2, jmax, sked, &ivec, 0); - if (strcmp ((char *)out2, tests[i].text)) { - printf ("decrypt failed\n"); - wrong = 1; - } else - printf ("decrypt worked\n"); - - if (wrong) { - printf ("wrong result!\n"); - fail = 1; - } - } - return fail; -} diff --git a/src/lib/des425/t_quad.c b/src/lib/des425/t_quad.c deleted file mode 100644 index b9299fd20..000000000 --- a/src/lib/des425/t_quad.c +++ /dev/null @@ -1,101 +0,0 @@ -/* - * lib/des425/t_quad.c - * - * Copyright 2001 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include <stdio.h> -#include <errno.h> -#include "des_int.h" -#include "des.h" - -extern unsigned long quad_cksum(); -char *progname; -int des_debug; -unsigned DES_INT32 out[8]; -struct { - unsigned char text[64]; - unsigned DES_INT32 out[8]; -} tests[] = { - { - "Now is the time for all ", - { - 0x6c6240c5, 0x77db9b1c, 0x7991d316, 0x4e688989, - 0x27a0ae6a, 0x13be2da4, 0x4a2fdfc6, 0x7dfc494c, - } - }, { - "7654321 Now is the time for ", - { - 0x36839db5, 0x4d7be717, 0x15b0f5b6, 0x2304ff9c, - 0x75472d26, 0x6a5f833c, 0x7399a4ee, 0x1170fdfb, - } - }, { - {2,0,0,0, 1,0,0,0}, - { - 0x7c81f205, 0x63d38e38, 0x314ece44, 0x05d3a4f8, - 0x6e10db76, 0x3eda7685, 0x2e841332, 0x1bdc7fd3, - } - }, -}; - -/* 0x0123456789abcdef */ -unsigned char default_key[8] = { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef -}; - -int -main(argc,argv) - int argc; - char *argv[]; -{ - int i; - int fail=0; - - progname=argv[0]; /* salt away invoking program */ - - /* use known input and key */ - - for (i = 0; i < 3; i++) { - int wrong = 0, j; - des_quad_cksum (tests[i].text, out, 64L, 4, - (mit_des_cblock *) &default_key); - if (tests[i].text[0] == 2) - printf ("quad_cksum(<binary blob 1>) = {"); - else - printf ("quad_cksum(\"%s\"...zero fill...) = {", tests[i].text); - for (j = 0; j < 8; j++) { - if (j == 0 || j == 4) - printf ("\n\t"); - printf (" 0x%lx,", (unsigned long) out[j]); - if (out[j] != tests[i].out[j]) - wrong = 1; - } - printf ("\n}\n"); - if (wrong) { - printf ("wrong result!\n"); - fail = 1; - } - } - return fail; -} diff --git a/src/lib/des425/unix_time.c b/src/lib/des425/unix_time.c deleted file mode 100644 index 53ce03b68..000000000 --- a/src/lib/des425/unix_time.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * unix_time.c - * - * Glue code for pasting Kerberos into the Unix environment. - * - * Originally written by John Gilmore, Cygnus Support, May '94. - * Public Domain. - * - * Required for use by the Cygnus krb.a. - */ - - -#include "k5-int.h" - -#if !defined(_WIN32) -#include <sys/time.h> - -krb5_ui_4 -unix_time_gmt_unixsec (usecptr) - krb5_ui_4 *usecptr; -{ - struct timeval now; - - (void) gettimeofday (&now, (struct timezone *)0); - if (usecptr) - *usecptr = now.tv_usec; - return now.tv_sec; -} - -#endif /* !_WIN32 */ - -#ifdef _WIN32 -#include <time.h> - -krb5_ui_4 -unix_time_gmt_unixsec (usecptr) - krb5_ui_4 *usecptr; -{ - time_t gmt; - - time(&gmt); - if (usecptr) - *usecptr = gmt; - return gmt; -} -#endif /* _WIN32 */ diff --git a/src/lib/des425/util.c b/src/lib/des425/util.c deleted file mode 100644 index 2c5ef9216..000000000 --- a/src/lib/des425/util.c +++ /dev/null @@ -1,33 +0,0 @@ -/* - * lib/des425/util.c - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Miscellaneous debug printing utilities - */ - -#include <stdio.h> - -/* Application include files */ -#include "k5-int.h" -#include "des_int.h" -#include "des.h" - -void des_cblock_print_file(x, fp) - des_cblock *x; - FILE *fp; -{ - unsigned char *y = *x; - register int i = 0; - fprintf(fp," 0x { "); - - while (i++ < 8) { - fprintf(fp,"%x",*y++); - if (i < 8) - fprintf(fp,", "); - } - fprintf(fp," }"); -} diff --git a/src/lib/des425/verify.c b/src/lib/des425/verify.c deleted file mode 100644 index 653730a2f..000000000 --- a/src/lib/des425/verify.c +++ /dev/null @@ -1,317 +0,0 @@ -/* - * lib/des425/verify.c - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Program to test the correctness of the DES library - * implementation. - * - * exit returns 0 ==> success - * -1 ==> error - */ - - -#include <stdio.h> -#include <errno.h> -#include "des_int.h" -#include "des.h" - -char *progname; -int nflag = 2; -int vflag; -int mflag; -int zflag; -int pid; -int des_debug; -des_key_schedule KS; -unsigned char cipher_text[64]; -unsigned char clear_text[64] = "Now is the time for all " ; -unsigned char clear_text2[64] = "7654321 Now is the time for "; -unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0}; -unsigned char output[64]; -unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0}; -unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */ -unsigned char *input; - -/* 0x0123456789abcdef */ -unsigned char default_key[8] = { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef -}; -unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f }; -unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 }; -des_cblock s_key; -unsigned char default_ivec[8] = { - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef -}; -unsigned char *ivec; -unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */ -int i,j; - -unsigned char cipher1[8] = { - 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67 -}; -unsigned char cipher2[8] = { - 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15 -}; -unsigned char cipher3[64] = { - 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c, - 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f, - 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6 -}; -unsigned char checksum[8] = { - 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33 -}; - -unsigned char zresult[8] = { - 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7 -}; - -unsigned char mresult[8] = { - 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96 -}; - - -/* - * Can also add : - * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) - */ - -void do_encrypt (unsigned char *, unsigned char *); -void do_decrypt (unsigned char *, unsigned char *); - -int -main(argc,argv) - int argc; - char *argv[]; -{ - /* Local Declarations */ - unsigned long in_length; - - progname=argv[0]; /* salt away invoking program */ - - while (--argc > 0 && (*++argv)[0] == '-') - for (i=1; argv[0][i] != '\0'; i++) { - switch (argv[0][i]) { - - /* debug flag */ - case 'd': - des_debug=3; - continue; - - case 'z': - zflag = 1; - continue; - - case 'm': - mflag = 1; - continue; - - default: - printf("%s: illegal flag \"%c\" ", - progname,argv[0][i]); - exit(1); - } - }; - - if (argc) { - fprintf(stderr, "Usage: %s [-dmz]\n", progname); - exit(1); - } - - /* use known input and key */ - - /* ECB zero text zero key */ - if (zflag) { - input = zero_text; - des_key_sched(zero_key,KS); - printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { - printf("verify: error in zero key test\n"); - exit(-1); - } - exit(0); - } - - if (mflag) { - input = msb_text; - des_key_sched(key3,KS); - printf("plaintext = 0x00 00 00 00 00 00 00 40, "); - printf("key = 0, cipher = 0x??\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { - printf("verify: error in msb test\n"); - exit(-1); - } - exit(0); - } - - /* ECB mode Davies and Price */ - { - input = zero_text; - des_key_sched(key2,KS); - printf("Examples per FIPS publication 81, keys ivs and cipher\n"); - printf("in hex. These are the correct answers, see below for\n"); - printf("the actual answers.\n\n"); - printf("Examples per Davies and Price.\n\n"); - printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); - printf("\tclear = 0\n"); - printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); - printf("ACTUAL ECB\n"); - printf("\tclear \"%s\"\n", input); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { - printf("verify: error in ECB encryption\n"); - exit(-1); - } - else - printf("verify: ECB encription is correct\n\n"); - } - - /* ECB mode */ - { - des_key_sched(default_key,KS); - input = clear_text; - ivec = default_ivec; - printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); - printf("\tclear = \"Now is the time for all \"\n"); - printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); - printf("ACTUAL ECB\n\tclear \"%s\"",input); - do_encrypt(input,cipher_text); - printf("\n\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { - printf("verify: error in ECB encryption\n"); - exit(-1); - } - else - printf("verify: ECB encription is correct\n\n"); - } - - /* CBC mode */ - printf("EXAMPLE CBC\tkey = 0123456789abcdef"); - printf("\tiv = 1234567890abcdef\n"); - printf("\tclear = \"Now is the time for all \"\n"); - printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n"); - printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n"); - printf("\t\t\t68 37 88 49 9a 7c 05 f6\n"); - - printf("ACTUAL CBC\n\tclear \"%s\"\n",input); - in_length = strlen((char *) input); - des_cbc_encrypt(input,cipher_text, in_length,KS,ivec,1); - printf("\tciphertext = (low to high bytes)\n"); - for (i = 0; i <= 7; i++) { - printf("\t\t"); - for (j = 0; j <= 7; j++) { - printf("%02x ",cipher_text[i*8+j]); - } - printf("\n"); - } - des_cbc_encrypt(cipher_text,clear_text,in_length,KS,ivec,0); - printf("\tdecrypted clear_text = \"%s\"\n",clear_text); - - if ( memcmp(cipher_text, cipher3, (size_t) in_length) ) { - printf("verify: error in CBC encryption\n"); - exit(-1); - } - else - printf("verify: CBC encription is correct\n\n"); - - printf("EXAMPLE CBC checksum"); - printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n"); - printf("\tclear =\t\t\"7654321 Now is the time for \"\n"); - printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, "); - printf("or some part thereof\n"); - input = clear_text2; - des_cbc_cksum(input,cipher_text,(long) strlen((char *) input),KS,ivec); - printf("ACTUAL CBC checksum\n"); - printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n\n"); - if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) { - printf("verify: error in CBC cheksum\n"); - exit(-1); - } - else - printf("verify: CBC checksum is correct\n\n"); - exit(0); -} - -void -do_encrypt(in,out) - unsigned char *in; - unsigned char *out; -{ - for (i =1; i<=nflag; i++) { - des_ecb_encrypt((unsigned long *) in, (unsigned long *)out, KS, 1); - if (des_debug) { - printf("\nclear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } - } -} - -void -do_decrypt(in,out) - unsigned char *out; - unsigned char *in; - /* try to invert it */ -{ - for (i =1; i<=nflag; i++) { - des_ecb_encrypt((unsigned long *) out, (unsigned long *)in,KS,0); - if (des_debug) { - printf("clear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } - } -} diff --git a/src/lib/des425/weak_key.c b/src/lib/des425/weak_key.c deleted file mode 100644 index f4ef6fbc5..000000000 --- a/src/lib/des425/weak_key.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * lib/des425/weak_key.c - * - * Copyright 1989,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -#include "des_int.h" -#include "des.h" - -/* - * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. - * - * Requires: key has correct odd parity. - */ -int -des_is_weak_key(key) - mit_des_cblock key; -{ - return (mit_des_is_weak_key(key)); -} |