diff options
Diffstat (limited to 'src/lib/crypto/openssl/des')
| -rw-r--r-- | src/lib/crypto/openssl/des/Makefile.in | 10 | ||||
| -rw-r--r-- | src/lib/crypto/openssl/des/deps | 26 | ||||
| -rw-r--r-- | src/lib/crypto/openssl/des/des_int.h | 194 | ||||
| -rw-r--r-- | src/lib/crypto/openssl/des/des_oldapis.c | 26 | ||||
| -rw-r--r-- | src/lib/crypto/openssl/des/f_parity.c | 17 | ||||
| -rw-r--r-- | src/lib/crypto/openssl/des/string2key.c | 9 | ||||
| -rw-r--r-- | src/lib/crypto/openssl/des/weak_key.c | 88 |
7 files changed, 21 insertions, 349 deletions
diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in index 335c7e53c..4907bc89d 100644 --- a/src/lib/crypto/openssl/des/Makefile.in +++ b/src/lib/crypto/openssl/des/Makefile.in @@ -1,6 +1,6 @@ mydir=lib$(S)crypto$(S)openssl$(S)des BUILDTOP=$(REL)..$(S)..$(S)..$(S).. -LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../.. -I$(srcdir)/../../krb +LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. DEFS= RUN_SETUP = @KRB5_RUN_ENV@ @@ -10,20 +10,16 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS= des_oldapis.o \ f_parity.o \ - string2key.o \ - weak_key.o + string2key.o OBJS= $(OUTPRE)f_parity.$(OBJEXT) \ $(OUTPRE)des_oldapis.$(OBJEXT) \ - $(OUTPRE)string2key.$(OBJEXT) \ - $(OUTPRE)weak_key.$(OBJEXT) + $(OUTPRE)string2key.$(OBJEXT) SRCS= $(srcdir)/f_parity.c \ $(srcdir)/des_oldapis.c \ - $(srcdir)/weak_key.c \ $(srcdir)/string2key.c - all-unix:: all-libobjs includes:: depend diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps index 0c269398d..50a5ca029 100644 --- a/src/lib/crypto/openssl/des/deps +++ b/src/lib/crypto/openssl/des/deps @@ -4,44 +4,36 @@ f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c + $(top_srcdir)/include/socket-utils.h f_parity.c des_oldapis.so des_oldapis.po $(OUTPRE)des_oldapis.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h des_oldapis.c -weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c + $(top_srcdir)/include/socket-utils.h des_oldapis.c string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ + $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ + $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h des_int.h string2key.c + $(top_srcdir)/include/socket-utils.h string2key.c diff --git a/src/lib/crypto/openssl/des/des_int.h b/src/lib/crypto/openssl/des/des_int.h deleted file mode 100644 index 9443c96ed..000000000 --- a/src/lib/crypto/openssl/des/des_int.h +++ /dev/null @@ -1,194 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/des/des_int.h - * - * Copyright 1987, 1988, 1990, 2002, 2009 by the Massachusetts Institute of - * Technology. All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Private include file for the Data Encryption Standard library. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -/* only do the whole thing once */ -#ifndef DES_INTERNAL_DEFS -#define DES_INTERNAL_DEFS - -#include "k5-int.h" -/* - * Begin "mit-des.h" - */ -#ifndef KRB5_MIT_DES__ -#define KRB5_MIT_DES__ - -#if defined(__MACH__) && defined(__APPLE__) -#include <TargetConditionals.h> -#include <AvailabilityMacros.h> -#if TARGET_RT_MAC_CFM -#error "Use KfM 4.0 SDK headers for CFM compilation." -#endif -#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) -#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 -#endif -#endif /* defined(__MACH__) && defined(__APPLE__) */ - -/* Macro to add deprecated attribute to DES types and functions */ -/* Currently only defined on Mac OS X 10.5 and later. */ -#ifndef KRB5INT_DES_DEPRECATED -#define KRB5INT_DES_DEPRECATED -#endif - -#include <limits.h> - -#if UINT_MAX >= 0xFFFFFFFFUL -#define DES_INT32 int -#define DES_UINT32 unsigned int -#else -#define DES_INT32 long -#define DES_UINT32 unsigned long -#endif - -typedef unsigned char des_cblock[8] /* crypto-block size */ -KRB5INT_DES_DEPRECATED; - -/* - * Key schedule. - * - * This used to be - * - * typedef struct des_ks_struct { - * union { DES_INT32 pad; des_cblock _;} __; - * } des_key_schedule[16]; - * - * but it would cause trouble if DES_INT32 were ever more than 4 - * bytes. The reason is that all the encryption functions cast it to - * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If - * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the - * caller-allocated des_key_schedule will be overflowed by the key - * scheduling functions. We can't assume that every platform will - * have an exact 32-bit int, and nothing should be looking inside a - * des_key_schedule anyway. - */ -typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] -KRB5INT_DES_DEPRECATED; - -typedef des_cblock mit_des_cblock; -typedef des_key_schedule mit_des_key_schedule; - -/* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; - -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 - -typedef struct mit_des_ran_key_seed { - krb5_encrypt_block eblock; - krb5_data sequence; -} mit_des_random_state; - -/* the first byte of the key is already in the keyblock */ - -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH -/* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 - -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) - -/* - * Check if k5-int.h has been included before us. If so, then check to see - * that our view of the DES key size is the same as k5-int.h's. - */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE -error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES__ */ -/* - * End "mit-des.h" - */ - -#define mit_des_zeroblock krb5int_c_mit_des_zeroblock -extern const mit_des_cblock mit_des_zeroblock; - -/* des_oldapis.c */ -extern krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, - const krb5_data *data, - const krb5_data *salt); - -/* key_parity.c */ -extern void mit_des_fixup_key_parity (mit_des_cblock ); -extern int mit_des_check_key_parity (mit_des_cblock ); - -/* string2key.c */ -extern krb5_error_code mit_des_string_to_key -( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); -extern krb5_error_code mit_des_string_to_key_int -(krb5_keyblock *, const krb5_data *, const krb5_data *); - -/* weak_key.c */ -extern int mit_des_is_weak_key (mit_des_cblock ); - -/* misc.c */ -extern void swap_bits (char *); -extern unsigned long long_swap_bits (unsigned long ); -extern unsigned long swap_six_bits_to_ansi (unsigned long ); -extern unsigned long swap_four_bits_to_ansi (unsigned long ); -extern unsigned long swap_bit_pos_1 (unsigned long ); -extern unsigned long swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); -extern unsigned long rev_swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_byte_bits (unsigned long ); -extern unsigned long swap_long_bytes_bit_number (unsigned long ); -#ifdef FILE -/* XXX depends on FILE being a #define! */ -extern void test_set (FILE *, const char *, int, const char *, int); -#endif -#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/openssl/des/des_oldapis.c b/src/lib/crypto/openssl/des/des_oldapis.c index eb1e58633..79163c40c 100644 --- a/src/lib/crypto/openssl/des/des_oldapis.c +++ b/src/lib/crypto/openssl/des/des_oldapis.c @@ -26,31 +26,11 @@ * */ -#include "k5-int.h" -#include "des_int.h" -#include <ctype.h> - -const mit_des_cblock mit_des_zeroblock /* = all zero */; - -unsigned long -mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) -{ - /* Unsupported operation */ - return KRB5_CRYPTO_INTERNAL; -} +#include "crypto_int.h" krb5_error_code -mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) -{ - return KRB5_CRYPTO_INTERNAL; -} - -int -mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) +mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { - /* Unsupported operation */ return KRB5_CRYPTO_INTERNAL; } diff --git a/src/lib/crypto/openssl/des/f_parity.c b/src/lib/crypto/openssl/des/f_parity.c index b8baac9d2..4956af266 100644 --- a/src/lib/crypto/openssl/des/f_parity.c +++ b/src/lib/crypto/openssl/des/f_parity.c @@ -25,24 +25,11 @@ * or implied warranty. */ -#include "des_int.h" +#include "crypto_int.h" #include <openssl/des.h> void -mit_des_fixup_key_parity(mit_des_cblock key) +mit_des_fixup_key_parity(unsigned char *key) { DES_set_odd_parity(key); } - -/* - * des_check_key_parity: returns true iff key has the correct des parity. - * See des_fix_key_parity for the definition of - * correct des parity. - */ -int -mit_des_check_key_parity(mit_des_cblock key) -{ - if (!DES_check_key_parity(key)) - return(0); - return (1); -} diff --git a/src/lib/crypto/openssl/des/string2key.c b/src/lib/crypto/openssl/des/string2key.c index c192734ce..bc37da63b 100644 --- a/src/lib/crypto/openssl/des/string2key.c +++ b/src/lib/crypto/openssl/des/string2key.c @@ -25,17 +25,16 @@ * or implied warranty. */ -#include "des_int.h" +#include "crypto_int.h" #include <openssl/des.h> - krb5_error_code -mit_des_string_to_key_int (krb5_keyblock *key, - const krb5_data *pw, const krb5_data *salt) +mit_des_string_to_key_int(krb5_keyblock *key, const krb5_data *pw, + const krb5_data *salt) { DES_cblock outkey; DES_string_to_key(pw->data, &outkey); - if ( key->length < sizeof(outkey)) + if (key->length < sizeof(outkey)) return KRB5_CRYPTO_INTERNAL; key->length = sizeof(outkey); memcpy(key->contents, outkey, key->length); diff --git a/src/lib/crypto/openssl/des/weak_key.c b/src/lib/crypto/openssl/des/weak_key.c deleted file mode 100644 index c739bc29f..000000000 --- a/src/lib/crypto/openssl/des/weak_key.c +++ /dev/null @@ -1,88 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/openssl/des/weak_key.c - * - * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - * Originally written 8/85 by Steve Miller, MIT Project Athena. - */ - -#include "des_int.h" -#include <openssl/des.h> - -/* - * The following are the weak DES keys: - */ -static const mit_des_cblock weak[16] = { - /* weak keys */ - {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, - {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, - {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, - {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, - - /* semi-weak */ - {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, - {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, - - {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, - {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, - - {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, - {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, - - {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, - {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, - - {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, - {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, - - {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, - {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} -}; - -/* - * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. - * - * Requires: key has correct odd parity. - */ -int -mit_des_is_weak_key(mit_des_cblock key) -{ - unsigned int i; - const mit_des_cblock *weak_p = weak; - - for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { - if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) - return 1; - } - if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */ - return 1; - - return 0; -} |