Fixed crypto_system table entries; added raw DES cryptosystem

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3316 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 106 insertions, 33 deletions

diff --git a/src/lib/crypto/cryptoconf.c b/src/lib/crypto/cryptoconf.c
index 6ac6c320e..5b06c4125 100644
--- a/src/lib/crypto/cryptoconf.c
+++ b/src/lib/crypto/cryptoconf.c
@@ -34,7 +34,7 @@ static char rcsid_cryptoconf_c[] =
 #include <krb5/osconf.h>
 #include <krb5/krb5.h>
 
-#if defined(PROVIDE_DES_CBC_CRC) || defined(PROVIDE_LUCIFER_CRC) || defined(PROVIDE_CRC32)
+#if defined(PROVIDE_DES_CBC_CRC) || defined(PROVIDE_CRC32)
 #include <krb5/crc-32.h>
 #define CRC32_CKENTRY &crc32_cksumtable_entry
 #else
@@ -68,7 +68,7 @@ static char rcsid_cryptoconf_c[] =
 #ifdef PROVIDE_DES_CBC_CKSUM
 #include <krb5/mit-des.h>
 #define _DES_DONE__
-#define DES_CBC_CKENTRY &mit_des_cbc_cksumtable_entry
+#define DES_CBC_CKENTRY &krb5_des_cbc_cksumtable_entry
 #else
 #define DES_CBC_CKENTRY 0
 #endif
@@ -78,52 +78,54 @@ static char rcsid_cryptoconf_c[] =
 #include <krb5/mit-des.h>
 #define _DES_DONE__
 #endif
-static krb5_cs_table_entry mit_des_cbc_crc_csentry = {
-    &mit_des_cryptosystem_entry, 0 };
-#define DES_CBC_CRC_CSENTRY &mit_des_cbc_crc_csentry
+#define DES_CBC_CRC_CSENTRY &krb5_des_cst_entry
 #else
 #define DES_CBC_CRC_CSENTRY 0
 #endif
 
-#ifdef PROVIDE_LUCIFER_CRC
-static krb5_cs_table_entry lucifer_crc_csentry = {
-    &lucifer_cryptosystem_entry, 0 };
-#define LUCIFER_CRC_CSENTRY &lucifer_crc_csentry
+#ifdef PROVIDE_RAW_DES_CBC
+#ifndef _DES_DONE__
+#include <krb5/mit-des.h>
+#define _DES_DONE__
+#endif
+#define RAW_DES_CBC_CSENTRY &krb5_des_cst_entry
 #else
-#define LUCIFER_CRC_CSENTRY 0
+#define RAW_DES_CBC_CSENTRY 0
 #endif
 
+
 /* WARNING:
    make sure the order of entries in these tables matches the #defines in
    <krb5/encryption.h>
  */
 
 krb5_cs_table_entry *krb5_csarray[] = {
-    0,
-    DES_CBC_CRC_CSENTRY,
-    LUCIFER_CRC_CSENTRY,
+    0,				/* ETYPE_NULL */
+    DES_CBC_CRC_CSENTRY,	/* ETYPE_DES_CBC_CRC */
+    0,				/* ETYPE_DES_CBC_MD4 */
+    0,				/* ETYPE_DES_CBC_MD5 */
+    RAW_DES_CBC_CSENTRY,	/* ETYPE_RAW_DES_CBC */
 };
 
 int krb5_max_cryptosystem = sizeof(krb5_csarray)/sizeof(krb5_csarray[0]) - 1;
 
 krb5_cs_table_entry *krb5_keytype_array[] = {
-    0,
-    DES_CBC_CRC_CSENTRY,
-    LUCIFER_CRC_CSENTRY,
+    0,				/* KEYTYPE_NULL */
+    DES_CBC_CRC_CSENTRY		/* KEYTYPE_DES */
 };
 
 int krb5_max_keytype = sizeof(krb5_keytype_array)/sizeof(krb5_keytype_array[0]) - 1;
 
 krb5_checksum_entry *krb5_cksumarray[] = {
     0,
-    CRC32_CKENTRY,
-    MD4_CKENTRY,
-    MD4_DES_CKENTRY,
-    DES_CBC_CKENTRY,
-    0,
-    0,
-    MD5_CKENTRY,
-    MD5_DES_CKENTRY
+    CRC32_CKENTRY,		/* CKSUMTYPE_CRC32 */
+    MD4_CKENTRY,		/* CKSUMTYPE_RSA_MD4 */
+    MD4_DES_CKENTRY,		/* CKSUMTYPE_RSA_MD4_DES */
+    DES_CBC_CKENTRY,		/* CKSUMTYPE_DESCBC */
+    0,				/* des-mac */
+    0,				/* des-mac-k */
+    MD5_CKENTRY,		/* CKSUMTYPE_RSA_MD5 */
+    MD5_DES_CKENTRY		/* CKSUMTYPE_RSA_MD5_DES */
 };
 
 int krb5_max_cksum = sizeof(krb5_cksumarray)/sizeof(krb5_cksumarray[0]);
diff --git a/src/lib/crypto/des/cs_entry.c b/src/lib/crypto/des/cs_entry.c
index 5f96f176a..b2dc6e1f8 100644
--- a/src/lib/crypto/des/cs_entry.c
+++ b/src/lib/crypto/des/cs_entry.c
@@ -36,7 +36,23 @@ static char rcsid_cs_entry_c[] =
 
 #include "des_int.h"
 
-krb5_cryptosystem_entry mit_des_cryptosystem_entry = {
+static krb5_cryptosystem_entry mit_raw_des_cryptosystem_entry = {
+    mit_raw_des_encrypt_func,
+    mit_raw_des_decrypt_func,
+    mit_des_process_key,
+    mit_des_finish_key,
+    mit_des_string_to_key,
+    mit_des_init_random_key,
+    mit_des_finish_random_key,
+    mit_des_random_key,
+    sizeof(mit_des_cblock),
+    0,
+    sizeof(mit_des_cblock),
+    ETYPE_DES_CBC_CRC,
+    KEYTYPE_DES
+    };
+
+static krb5_cryptosystem_entry mit_des_cryptosystem_entry = {
     mit_des_encrypt_func,
     mit_des_decrypt_func, 
     mit_des_process_key,
@@ -52,10 +68,16 @@ krb5_cryptosystem_entry mit_des_cryptosystem_entry = {
     KEYTYPE_DES
     };
 
+krb5_cs_table_entry krb5_raw_des_cst_entry = {
+    &mit_raw_des_cryptosystem_entry,
+    0
+    };
+
 krb5_cs_table_entry krb5_des_cst_entry = {
     &mit_des_cryptosystem_entry,
     0
     };
+
 extern krb5_error_code mit_des_cbc_checksum PROTOTYPE ((krb5_pointer ,
 							size_t ,
 							krb5_pointer ,
@@ -63,7 +85,7 @@ extern krb5_error_code mit_des_cbc_checksum PROTOTYPE ((krb5_pointer ,
 							krb5_checksum * ));
 
 
-krb5_checksum_entry mit_des_cbc_cksumtable_entry = {
+krb5_checksum_entry krb5_des_cbc_cksumtable_entry = {
     mit_des_cbc_checksum,
     sizeof(mit_des_cblock),
     1,					/* is collision proof */
diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h
index 02beed14e..5ad058633 100644
--- a/src/lib/crypto/des/des_int.h
+++ b/src/lib/crypto/des/des_int.h
@@ -122,12 +122,6 @@ extern int mit_des_ecb_encrypt
     PROTOTYPE((unsigned long *, unsigned long *, mit_des_key_schedule , int ));
 
 /* enc_dec.c */
-extern krb5_error_code mit_des_encrypt_func
-    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
-	       krb5_encrypt_block *, krb5_pointer ));
-extern krb5_error_code mit_des_decrypt_func
-    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
-	       krb5_encrypt_block *, krb5_pointer ));
 extern krb5_error_code mit_des_cbc_encrypt
     PROTOTYPE((krb5_octet *, krb5_octet *, long, mit_des_key_schedule,
 	       krb5_octet *, int));
@@ -152,6 +146,20 @@ extern int mit_des_check_key_parity PROTOTYPE((mit_des_cblock ));
 extern int mit_des_key_sched
     PROTOTYPE((mit_des_cblock , mit_des_key_schedule ));
 
+/* krb_glue.c */
+extern krb5_error_code mit_raw_des_encrypt_func
+    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+               krb5_encrypt_block *, krb5_pointer ));
+extern krb5_error_code mit_des_encrypt_func
+    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+               krb5_encrypt_block *, krb5_pointer ));
+extern krb5_error_code mit_raw_des_decrypt_func
+    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+               krb5_encrypt_block *, krb5_pointer ));
+extern krb5_error_code mit_des_decrypt_func
+    PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t,
+               krb5_encrypt_block *, krb5_pointer ));
+
 /* new_rnd_key.c */
 extern int mit_des_new_random_key
     PROTOTYPE((mit_des_cblock , mit_des_random_key_seed *));
diff --git a/src/lib/crypto/des/krb_glue.c b/src/lib/crypto/des/krb_glue.c
index 670d302b9..542bab63f 100644
--- a/src/lib/crypto/des/krb_glue.c
+++ b/src/lib/crypto/des/krb_glue.c
@@ -140,6 +140,33 @@ OLDDECLARG(krb5_pointer, ivec)
 			     MIT_DES_DECRYPT));
 }    
 
+krb5_error_code mit_raw_des_encrypt_func(DECLARG(krb5_const_pointer, in),
+                                         DECLARG(krb5_pointer, out),
+                                         DECLARG(const size_t, size),
+                                         DECLARG(krb5_encrypt_block *, key),
+                                         DECLARG(krb5_pointer, ivec))
+OLDDECLARG(krb5_const_pointer, in)
+OLDDECLARG(krb5_pointer, out)
+OLDDECLARG(const size_t, size)
+OLDDECLARG(krb5_encrypt_block *, key)
+OLDDECLARG(krb5_pointer, ivec)
+{
+   int sumsize;
+
+   /* round up to des block size */
+
+   sumsize =  krb5_roundup(size, sizeof(mit_des_cblock));
+
+   /* assemble crypto input into the output area, then encrypt in place. */
+
+   memset((char *)out, 0, sumsize);
+   memcpy((char *)out, (char *)in, size);
+
+    /* We depend here on the ability of this DES implementation to
+       encrypt plaintext to ciphertext in-place. */
+    return (mit_des_encrypt_f(out, out, sumsize, key, ivec));
+}
+
 krb5_error_code mit_des_encrypt_func(DECLARG(krb5_const_pointer, in),
 				     DECLARG(krb5_pointer, out),
 				     DECLARG(const size_t, size),
@@ -202,6 +229,20 @@ OLDDECLARG(krb5_pointer, ivec)
     return (mit_des_encrypt_f(out, out, sumsize, key, ivec));
 }
 
+krb5_error_code mit_raw_des_decrypt_func(DECLARG(krb5_const_pointer, in),
+                                         DECLARG(krb5_pointer, out),
+                                         DECLARG(const size_t, size),
+                                         DECLARG(krb5_encrypt_block *, key),
+                                         DECLARG(krb5_pointer, ivec))
+OLDDECLARG(krb5_const_pointer, in)
+OLDDECLARG(krb5_pointer, out)
+OLDDECLARG(const size_t, size)
+OLDDECLARG(krb5_encrypt_block *, key)
+OLDDECLARG(krb5_pointer, ivec)
+{
+   return(mit_des_decrypt_f(in, out, size, key, ivec));
+}
+
 krb5_error_code mit_des_decrypt_func(DECLARG(krb5_const_pointer, in),
 				     DECLARG(krb5_pointer, out),
 				     DECLARG(const size_t, size),
@@ -238,7 +279,7 @@ OLDDECLARG(krb5_pointer, ivec)
 
     if (memcmp((char *)contents_get, (char *)contents_prd, CRC32_CKSUM_LENGTH) )
         return KRB5KRB_AP_ERR_BAD_INTEGRITY;
-    memcpy((char *)out, (char *)out +
+    memmove((char *)out, (char *)out +
 	   sizeof(mit_des_cblock) + CRC32_CKSUM_LENGTH,
 	   size - sizeof(mit_des_cblock) - CRC32_CKSUM_LENGTH);
     return 0;