Fix DES_INT32 definition

Intial merge of KfM des library API. Update krb.h to use offsets from krb_err.et constants as error codes. Fix up definitions of KRB4_32, KRB_INT32, KRB_UINT32. ticket: 1189 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14904 dc483132-0cff-0310-8789-dd5450dbe970
author: Tom Yu <tlyu@mit.edu> 2002-09-27 04:26:59 +0000
committer: Tom Yu <tlyu@mit.edu> 2002-09-27 04:26:59 +0000
commit: 505c79ff465e719a5c22d80047a54aee7e3cf4f6 (patch)
tree: dc0c6a9b11327c98dd7b1795e8ddb6a37d76dd9b /src/lib
parent: 16f8791b67032adfc3282675a4d40f60acd0e58d (diff)
download: krb5-505c79ff465e719a5c22d80047a54aee7e3cf4f6.tar.gz
krb5-505c79ff465e719a5c22d80047a54aee7e3cf4f6.tar.xz
krb5-505c79ff465e719a5c22d80047a54aee7e3cf4f6.zip
15 files changed, 205 insertions, 81 deletions
diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog
index 254324fbc..d1246b641 100644
--- a/src/lib/crypto/des/ChangeLog
+++ b/src/lib/crypto/des/ChangeLog
@@ -1,3 +1,21 @@
+2002-09-26  Tom Yu  <tlyu@mit.edu>
+
+	* afsstring2key.c (krb5_afs_crypt): Leak this function out as as
+	mit_afs_crypt to allow for des_crypt and des_fcrypt
+	implementations for the KfM merge.
+
+	* des_int.h: Change DES_INT32 strategy to include kerberosIV/des.h
+	with a magic macro defined for skipping krb4-specific stuff.  Make
+	renaming of make_key_sched explicit, to avoid conflict with
+	kerberosIV/des.h.
+
+	* f_sched.c, key_sched.c, d3_kysched.c: Make renaming of
+	make_key_sched explicit.
+
+	* f_cksum.c (mit_des_cbc_cksum): Return only the rightmost 32
+	bits; this should optimize out on any platform where longs are
+	exactly 32 bits wide.
+
 2002-08-29  Ken Raeburn  <raeburn@mit.edu>
 
 	* Makefile.in: Revert $(S)=>/ change, for Windows support.
diff --git a/src/lib/crypto/des/afsstring2key.c b/src/lib/crypto/des/afsstring2key.c
index 8773397f5..0fe65ba01 100644
--- a/src/lib/crypto/des/afsstring2key.c
+++ b/src/lib/crypto/des/afsstring2key.c
@@ -61,7 +61,8 @@
 #include "des_int.h"
 #include <ctype.h>
 
-static char *afs_crypt (char*,char*,char*);
+#define afs_crypt mit_afs_crypt
+char *afs_crypt (const char *, const char *, char *);
 
 #undef min
 #define min(a,b) ((a)>(b)?(b):(a))
@@ -337,9 +338,9 @@ static const char	S[8][64] = {
 };
  
  
-static char *afs_crypt(pw, salt, iobuf)
-     char *pw;
-     char *salt;
+char *afs_crypt(pw, salt, iobuf)
+     const char *pw;
+     const char *salt;
      char *iobuf;		/* must be at least 16 bytes */
 {
 	int i, j, c;
diff --git a/src/lib/crypto/des/d3_kysched.c b/src/lib/crypto/des/d3_kysched.c
index 6d9c27697..2bc93a9a2 100644
--- a/src/lib/crypto/des/d3_kysched.c
+++ b/src/lib/crypto/des/d3_kysched.c
@@ -28,9 +28,9 @@ mit_des3_key_sched(k,schedule)
     mit_des3_cblock k;
     mit_des3_key_schedule schedule;
 {
-    make_key_sched(k[0],schedule[0]);
-    make_key_sched(k[1],schedule[1]);
-    make_key_sched(k[2],schedule[2]);
+    mit_des_make_key_sched(k[0],schedule[0]);
+    mit_des_make_key_sched(k[1],schedule[1]);
+    mit_des_make_key_sched(k[2],schedule[2]);
 
     if (!mit_des_check_key_parity(k[0]))	/* bad parity --> return -1 */
 	return(-1);
diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h
index 1b2a35141..25612767e 100644
--- a/src/lib/crypto/des/des_int.h
+++ b/src/lib/crypto/des/des_int.h
@@ -1,8 +1,8 @@
 /*
  * lib/crypto/des/des_int.h
  *
- * Copyright 1987, 1988, 1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
+ * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
+ * Technology.  All Rights Reserved.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
@@ -64,40 +64,10 @@
 #ifndef KRB5_MIT_DES__
 #define KRB5_MIT_DES__
 
-#ifndef DES_INT32
-#ifdef SIZEOF_INT
-#if SIZEOF_INT >= 4
-#define DES_INT32 int
-#else
-#define DES_INT32 long
-#endif
-#else /* !defined(SIZEOF_INT) */
-#include <limits.h>
-#if (UINT_MAX >= 0xffffffff)
-#define DES_INT32 int
-#else
-#define DES_INT32 long
-#endif
-#endif /* !defined(SIZEOF_INT) */
-#endif /* !defined(DES_INT32) */
+#define KRB5INT_CRYPTO_DES_INT	/* skip krb4-specific DES stuff */
+#include "kerberosIV/des.h"	/* for des_key_schedule, etc. */
+#undef KRB5INT_CRYPTO_DES_INT	/* don't screw other inclusions of des.h */
 
-/*
- *
- * NOTE WELL:
- *
- * This section must be kept in sync with include/kerberosIV/des.h,
- * until we get around to actually combining them at the source level.
- * We can't right now, because both the Mac and Windows platforms are
- * using their own versions of krb4 des.h, and that's the one that
- * would have to have the definitions because we install it under UNIX.
- *
- */
-#ifndef KRB5INT_DES_TYPES_DEFINED
-#define KRB5INT_DES_TYPES_DEFINED
-typedef unsigned char des_cblock[8];	/* crypto-block size */
-typedef struct des_ks_struct {  DES_INT32 _[2]; } des_key_schedule[16];
-#endif
-/* end sync */
 typedef des_cblock mit_des_cblock;
 typedef des_key_schedule mit_des_key_schedule;
 
@@ -217,8 +187,7 @@ krb5_error_code mit_des_combine_subkeys
 int mit_des_pcbc_encrypt ();
 
 /* f_sched.c */
-#define make_key_sched mit_des_make_key_sched
-int make_key_sched (mit_des_cblock, mit_des_key_schedule);
+int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
 
 
 /* misc.c */
diff --git a/src/lib/crypto/des/f_cksum.c b/src/lib/crypto/des/f_cksum.c
index 87b9c7f4b..8c80751de 100644
--- a/src/lib/crypto/des/f_cksum.c
+++ b/src/lib/crypto/des/f_cksum.c
@@ -120,5 +120,5 @@ mit_des_cbc_cksum(in, out, length, schedule, ivec)
 	 * inconsistantly (with the low order byte of the checksum
 	 * not always in the low order byte of the DES_INT32).  We won't.
 	 */
-	return right;
+	return right & 0xFFFFFFFFUL;
 }
diff --git a/src/lib/crypto/des/f_sched.c b/src/lib/crypto/des/f_sched.c
index 6dbde1fcd..a3b1bf0e4 100644
--- a/src/lib/crypto/des/f_sched.c
+++ b/src/lib/crypto/des/f_sched.c
@@ -220,7 +220,7 @@ static const unsigned DES_INT32 PC2_D[4][64] = {
  * Permute the key to give us our key schedule.
  */
 int
-make_key_sched(key, schedule)
+mit_des_make_key_sched(key, schedule)
      mit_des_cblock key;
      mit_des_key_schedule schedule;
 {
diff --git a/src/lib/crypto/des/key_sched.c b/src/lib/crypto/des/key_sched.c
index c84451dbc..b28c16fae 100644
--- a/src/lib/crypto/des/key_sched.c
+++ b/src/lib/crypto/des/key_sched.c
@@ -50,7 +50,7 @@ mit_des_key_sched(k,schedule)
     mit_des_cblock k;
     mit_des_key_schedule schedule;
 {
-    make_key_sched(k,schedule);
+    mit_des_make_key_sched(k,schedule);
 
     if (!mit_des_check_key_parity(k))	/* bad parity --> return -1 */
 	return(-1);
diff --git a/src/lib/des425/ChangeLog b/src/lib/des425/ChangeLog
index 92f569f1f..70ee74139 100644
--- a/src/lib/des425/ChangeLog
+++ b/src/lib/des425/ChangeLog
@@ -1,3 +1,29 @@
+2002-09-26  Tom Yu  <tlyu@mit.edu>
+
+	* cksum.c (des_cbc_cksum): Update API for KfM merge.
+
+	* des.c (des_ecb_encrypt): Update API for KfM merge.
+	(des_3ecb_encrypt): New (emulated) function from KfM.
+
+	* enc_dec.c (des_cbc_encrypt): Update API for KfM merge.
+	(des_3cbc_encrypt): New (emulated) function from KfM.
+
+	* key_sched.c (make_key_sched): New (emulated) function for KfM.
+
+	* new_rnd_key.c (des_generate_random_block) 
+	(des_set_random_generator_seed, des_set_sequence_number):
+	New (emulated) functions from KfM.
+
+	* read_passwd.c (des_rd_pwstr_2prompt): Renamed from
+	des_read_pw_string; also now only returns -1, errno, or 0.
+	(des_read_pw_string): New (emulated) function from KfM.
+	(des_read_password): Update API for KfM merge.
+
+	* str_to_key.c (des_string_to_key): Update call to des_cbc_cksum.
+	(afs_string_to_key): New (emulated) function from KfM.
+	(des_crypt, des_fcrypt, des_set_key): New (emulated) functions
+	from KfM, presumed to be internal but exported by KfM anyway.
+
 2002-08-29  Ken Raeburn  <raeburn@mit.edu>
 
 	* Makefile.in: Revert $(S)=>/ change, for Windows support.
diff --git a/src/lib/des425/cksum.c b/src/lib/des425/cksum.c
index d2c3f058f..33b5322ac 100644
--- a/src/lib/des425/cksum.c
+++ b/src/lib/des425/cksum.c
@@ -55,13 +55,14 @@
  * multiple of eight bytes.
  */
 
-void KRB5_CALLCONV
+unsigned long KRB5_CALLCONV
 des_cbc_cksum(in,out,length,key,iv)
-    const krb5_octet  *in;		/* >= length bytes of inputtext */
-    krb5_octet  *out;			/* >= length bytes of outputtext */
+    const des_cblock  *in;		/* >= length bytes of inputtext */
+    des_cblock  *out;			/* >= length bytes of outputtext */
     register unsigned long length;	/* in bytes */
     const mit_des_key_schedule key;	/* precomputed key schedule */
-    const krb5_octet  *iv;		/* 8 bytes of ivec */
+    const des_cblock  *iv;		/* 8 bytes of ivec */
 {
-	mit_des_cbc_cksum(in, out, length, key, iv);
+    return mit_des_cbc_cksum((const krb5_octet *)in, (krb5_octet *)out,
+			     length, key, (krb5_octet *)iv);
 }
diff --git a/src/lib/des425/des.c b/src/lib/des425/des.c
index e8132a7a3..df636d238 100644
--- a/src/lib/des425/des.c
+++ b/src/lib/des425/des.c
@@ -31,14 +31,25 @@
 
 int KRB5_CALLCONV
 des_ecb_encrypt(clear, cipher, schedule, enc)
-    unsigned long *clear;
-    unsigned long *cipher;
+    des_cblock *clear;
+    des_cblock *cipher;
     const mit_des_key_schedule schedule;
     int enc;		/* 0 ==> decrypt, else encrypt */
 {
     static const des_cblock iv;
 
-    return (mit_des_cbc_encrypt((const des_cblock *) clear,
-				(des_cblock *) cipher,
+    return (mit_des_cbc_encrypt((const des_cblock *)clear, cipher,
 				8, schedule, iv, enc));
 }
+
+#if TARGET_OS_MAC
+void
+des_3ecb_encrypt(des_cblock *clear, des_cblock *cipher,
+		 des_key_schedule ks1, des_key_schedule ks2,
+		 des_key_schedule ks3, int enc)
+{
+    static const des_cblock iv;
+
+    mit_des3_cbc_encrypt((const des_cblock *)clear, cipher, 8, ks1, ks2, ks3, iv, enc);
+}
+#endif
diff --git a/src/lib/des425/enc_dec.c b/src/lib/des425/enc_dec.c
index f7e4ac80e..a25b744f6 100644
--- a/src/lib/des425/enc_dec.c
+++ b/src/lib/des425/enc_dec.c
@@ -32,15 +32,27 @@
 
 int
 des_cbc_encrypt(in,out,length,key,iv,enc)
-    krb5_octet   *in;	/* >= length bytes of input text */
-    krb5_octet  *out;		/* >= length bytes of output text */
+    des_cblock   *in;	/* >= length bytes of input text */
+    des_cblock  *out;		/* >= length bytes of output text */
     register unsigned long length;	/* in bytes */
     const mit_des_key_schedule key;		/* precomputed key schedule */
-    const krb5_octet *iv;		/* 8 bytes of ivec */
+    const des_cblock *iv;		/* 8 bytes of ivec */
     int enc;		/* 0 ==> decrypt, else encrypt */
 {
 	return (mit_des_cbc_encrypt((const des_cblock *) in,
-                                (des_cblock *) out,
-                                length, key, iv, enc));
+				    out, length, key,
+				    (const unsigned char *)iv, /* YUCK! */
+				    enc));
 }
 
+#if TARGET_OS_MAC
+void des_3cbc_encrypt(des_cblock *in, des_cblock *out, long length,
+		      des_key_schedule ks1, des_key_schedule ks2,
+		      des_key_schedule ks3, des_cblock *iv, int enc)
+{
+    mit_des3_cbc_encrypt((const des_cblock *)in, out, (unsigned long)length,
+			 ks1, ks2, ks3,
+			 (const unsigned char *)iv, /* YUCK! */
+			 enc);
+}
+#endif
diff --git a/src/lib/des425/key_sched.c b/src/lib/des425/key_sched.c
index 70f61ce5e..0034ff375 100644
--- a/src/lib/des425/key_sched.c
+++ b/src/lib/des425/key_sched.c
@@ -38,3 +38,10 @@ des_key_sched(k,schedule)
 {
     return (mit_des_key_sched(k, schedule));
 }
+
+#if TARGET_OS_MAC
+int make_key_sched(des_cblock *k, des_key_schedule schedule)
+{
+    return mit_des_key_sched((unsigned char *)k, schedule); /* YUCK! */
+}
+#endif
diff --git a/src/lib/des425/new_rnd_key.c b/src/lib/des425/new_rnd_key.c
index 73dd8a243..1f50f9e59 100644
--- a/src/lib/des425/new_rnd_key.c
+++ b/src/lib/des425/new_rnd_key.c
@@ -54,6 +54,7 @@
 
 #include "des_int.h"
 #include "des.h"
+#include "k5-int.h"
 
 void
 des_init_random_number_generator(key)
@@ -93,3 +94,27 @@ des_new_random_key(key)
 
     return 0;
 }
+
+#if TARGET_OS_MAC
+
+void des_generate_random_block(des_cblock block)
+{
+    krb5_data data;
+
+    data.length = sizeof(des_cblock);
+    data.data = (char *)block;
+    if (krb5_c_random_make_octets(/* XXX */ 0, &data))
+	abort();		/* XXX */
+}
+
+void des_set_random_generator_seed(des_cblock block)
+{
+    des_init_random_number_generator(block); /* XXX */
+}
+
+void des_set_sequence_number(des_cblock block)
+{
+    des_init_random_number_generator(block); /* XXX */
+}
+
+#endif
diff --git a/src/lib/des425/read_passwd.c b/src/lib/des425/read_passwd.c
index 2c77cfdb7..0a56f4822 100644
--- a/src/lib/des425/read_passwd.c
+++ b/src/lib/des425/read_passwd.c
@@ -45,7 +45,6 @@
 static jmp_buf pwd_jump;
 
 static krb5_sigtype intr_routine (int);
-krb5_error_code des_read_pw_string (char *, int, char *, char *);
 
 static krb5_sigtype
 intr_routine(signo)
@@ -55,10 +54,13 @@ intr_routine(signo)
     /*NOTREACHED*/
 }
 
+/* This is re-declared here because des.h might not declare it. */
+int KRB5_CALLCONV des_read_pw_string(char *, int, char *, int);
+static int des_rd_pwstr_2prompt(char *, int, char *, char *);
 
 /*** Routines ****************************************************** */
-krb5_error_code
-des_read_pw_string/*_v4_compat_crock*/(return_pwd, bufsize_in, prompt, prompt2)
+static int
+des_rd_pwstr_2prompt(return_pwd, bufsize_in, prompt, prompt2)
     char *return_pwd;
     int bufsize_in;
     char *prompt;
@@ -68,7 +70,7 @@ des_read_pw_string/*_v4_compat_crock*/(return_pwd, bufsize_in, prompt, prompt2)
     register char *ptr;
     int scratchchar;
     krb5_sigtype (*volatile ointrfunc)();
-    krb5_error_code errcode;
+    int errcode;
     size_t bufsize = bufsize_in;
 #ifndef ECHO_PASSWORD
     struct termios echo_control, save_control;
@@ -88,7 +90,7 @@ des_read_pw_string/*_v4_compat_crock*/(return_pwd, bufsize_in, prompt, prompt2)
 #endif /* ECHO_PASSWORD */
 
     if (setjmp(pwd_jump)) {
-	errcode = KRB5_LIBOS_PWDINTR; 	/* we were interrupted... */
+	errcode = -1;		/* we were interrupted... */
 	goto cleanup;
     }
     /* save intrfunc */
@@ -101,7 +103,7 @@ des_read_pw_string/*_v4_compat_crock*/(return_pwd, bufsize_in, prompt, prompt2)
 
     if (fgets(return_pwd, bufsize_in, stdin) == NULL) {
 	(void) putchar('\n');
-	errcode = KRB5_LIBOS_CANTREADPWD;
+	errcode = -1;
 	goto cleanup;
     }
     (void) putchar('\n');
@@ -127,7 +129,7 @@ des_read_pw_string/*_v4_compat_crock*/(return_pwd, bufsize_in, prompt, prompt2)
 	(void) memset((char *)readin_string, 0, bufsize);
 	if (fgets((char *)readin_string, bufsize_in, stdin) == NULL) {
 	    (void) putchar('\n');
-	    errcode = KRB5_LIBOS_CANTREADPWD;
+	    errcode = -1;
 	    goto cleanup;
 	}
 	(void) putchar('\n');
@@ -141,7 +143,7 @@ des_read_pw_string/*_v4_compat_crock*/(return_pwd, bufsize_in, prompt, prompt2)
 	    
 	/* compare */
 	if (strncmp(return_pwd, (char *)readin_string, bufsize)) {
-	    errcode = KRB5_LIBOS_BADPWDMATCH;
+	    errcode = -1;
 	    goto cleanup;
 	}
     }
@@ -164,27 +166,39 @@ cleanup:
     return errcode;
 }
 
-krb5_error_code
-des_read_password/*_v4_compat_crock*/(k,prompt,verify)
+int KRB5_CALLCONV
+des_read_password(k,prompt,verify)
     mit_des_cblock *k;
     char *prompt;
     int	verify;
 {
-    krb5_error_code ok;
+    int ok;
     char key_string[BUFSIZ];
+
+    ok = des_read_pw_string(key_string, sizeof(key_string), prompt, verify);
+    if (ok == 0)
+	des_string_to_key(key_string, *k);
+
+    memset(key_string, 0, sizeof (key_string));
+    return ok;
+}
+
+int KRB5_CALLCONV
+des_read_pw_string(s, max, prompt, verify)
+    char *s;
+    int max;
+    char *prompt;
+    int	verify;
+{
+    int ok;
     char prompt2[BUFSIZ];
 
     if (verify) {
 	strcpy(prompt2, "Verifying, please re-enter ");
 	strncat(prompt2, prompt, sizeof(prompt2)-(strlen(prompt2)+1));
+	prompt2[sizeof(prompt2)-1] = '\0';
     }
-    ok = des_read_pw_string(key_string, sizeof(key_string),
-			    prompt, verify ? prompt2 : 0);
-    
-    if (ok == 0)
-	des_string_to_key(key_string, *k);
-
-    memset(key_string, 0, sizeof (key_string));
+    ok = des_rd_pwstr_2prompt(s, max, prompt, verify ? prompt2 : 0);
     return ok;
 }
 
diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c
index 369b426ee..ccbf80621 100644
--- a/src/lib/des425/str_to_key.c
+++ b/src/lib/des425/str_to_key.c
@@ -129,8 +129,8 @@ des_string_to_key(str,key)
 
     /* Now one-way encrypt it with the folded key */
     (void) des_key_sched(key, key_sked);
-    (void) des_cbc_cksum((const unsigned char *) in_str, key, length,
-			 key_sked, key);
+    (void) des_cbc_cksum((const des_cblock *)in_str, (des_cblock *)key,
+			 length, key_sked, (const des_cblock *)key);
     /* erase key_sked */
     memset(key_sked, 0,sizeof(key_sked));
 
@@ -149,3 +149,43 @@ des_string_to_key(str,key)
 				/* return an int, and ANSI compilers */
 				/* can do dumb things sometimes */
 }
+
+#if TARGET_OS_MAC
+char *mit_afs_crypt (const char *, const char *, const char *);
+
+void afs_string_to_key(char *str, char *cell, des_cblock key)
+{
+    krb5_data str_data;
+    krb5_data cell_data;
+    krb5_keyblock keyblock;
+
+    str_data.data = str;
+    str_data.length = strlen(str);
+    cell_data.data = cell;
+    cell_data.length = strlen(cell);
+    keyblock.enctype = ENCTYPE_DES_CBC_CRC;
+    keyblock.length = sizeof(des_cblock);
+    keyblock.contents = key;
+
+    mit_afs_string_to_key(&keyblock, &str_data, &cell_data);
+}
+
+char *des_crypt(const char *str, const char *salt)
+{
+    char afs_buf[16];
+
+    return des_fcrypt(str, salt, afs_buf);
+}
+
+char *des_fcrypt(const char *str, const char *salt, char *buf)
+{
+    return mit_afs_crypt(str, salt, buf);
+}
+
+/* Is this correct? */
+int des_set_key(des_cblock *key, des_key_schedule schedule)
+{
+    return make_key_sched(key, schedule);
+}
+
+#endif /* TARGET_OS_MAC */
author	Tom Yu <tlyu@mit.edu>	2002-09-27 04:26:59 +0000
committer	Tom Yu <tlyu@mit.edu>	2002-09-27 04:26:59 +0000
commit	505c79ff465e719a5c22d80047a54aee7e3cf4f6 (patch)
tree	dc0c6a9b11327c98dd7b1795e8ddb6a37d76dd9b /src/lib
parent	16f8791b67032adfc3282675a4d40f60acd0e58d (diff)
download	krb5-505c79ff465e719a5c22d80047a54aee7e3cf4f6.tar.gz krb5-505c79ff465e719a5c22d80047a54aee7e3cf4f6.tar.xz krb5-505c79ff465e719a5c22d80047a54aee7e3cf4f6.zip