summaryrefslogtreecommitdiffstats
path: root/src/lib/crypto/builtin
Commit message (Collapse)AuthorAgeFilesLines
* Get rid of builtin AES uitypes.hGreg Hudson2014-02-269-214/+118
| | | | | Remove uitypes.h and just include stdint.h; all we need from it is uint{8,16,32}_t.
* Clean up AES-NI codeTom Yu2014-01-102-98/+2
| | | | | Items in .data other than shuffle_mask are unused; delete them. Delete the unused macro load_and_inc4. Move shuffle_mask to .rodata.
* Avoid text relocations in iaesx86.sTom Yu2014-01-101-2/+8
| | | | | | | | | | Use PC-relative addressing to avoid runtime text relocations on i386. Adapted patch from Nalin Dahyabhai. ticket: 7815 target_version: 1.12.1 tags: pullup
* Mark AESNI files as not needing executable stacksGreg Hudson2014-01-032-0/+22
| | | | | | | | | | | | | | | Some Linux systems now come with facilities to mark the stack as non-executable, making it more difficult to exploit buffer overrun bugs. For this to work, object files built from assembly need a section added to note whether they require an executable stack. Patch from Dhiru Kholia with comments added. More information at: https://bugzilla.redhat.com/show_bug.cgi?id=1045699 https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart ticket: 7813 target_version: 1.12.1 tags: pullup
* Use k5calloc instead of k5alloc where appropriateGreg Hudson2013-07-111-1/+1
| | | | | Wherever we use k5alloc with a multiplication in the size parameter,, use the new k5calloc helper function instead.
* Fix various warningsGreg Hudson2013-06-071-13/+18
|
* Add AES-NI support on LinuxGreg Hudson2013-05-242-5/+138
| | | | | | | If yasm and cpuid.h are present on a Linux i686 or x64 system, compile the modified Intel AES-NI assembly sources. In the builtin AES enc provider, check at runtime whether the CPU supports AES-NI instructions and use the assembly functions if so.
* Adjust AESNI sources for krb5 treeGreg Hudson2013-05-242-2588/+17
| | | | | Remove functions we don't need. Add macros to redefine functions with an appropriate namespace prefix.
* Add Intel AESNI assembly filesGreg Hudson2013-05-242-0/+4280
| | | | | | Add assembly files from the Intel AESNI Sample Library, version 1.2, which implement AES encryption using AES-NI instructions. Trailing whitespace was removed.
* Refactor AES, Camellia builtin enc providersGreg Hudson2013-05-242-302/+309
| | | | | | | In preparation for AES-NI support, adjust the block encryption helpers in the AES enc provider so that the cache is only touched by helpers, and reframe the CTS operations in terms of CBC operations. Change the Camellia enc provider as well for consistency.
* Simplify crypto IOV helpersGreg Hudson2013-05-246-283/+127
| | | | | | | | Expand the concept of an IOV block state into a cursor which remembers the IOV set being iterated over, the block size, and both input and output positions. Eliminate the no-copy inline block getter for now, but provide helpers to grab contiguous chains of blocks from a cursor. Also provide an inline helper to sum the total length of an iov chain.
* Reduce boilerplate in makefilesGreg Hudson2013-05-1610-57/+7
| | | | | | | | | Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH, SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make sure to use DEFINES for local defines (not DEFS). Remove some other unnecessary makefile content.
* Rename internal Camellia symbolsGreg Hudson2013-05-131-0/+12
| | | | | | | | | | | Symbols from the NTT Camellia sources, used in the builtin crypto provider, could conflict with symbols from other libraries such as OpenSSL's libcrypto. Rename those like we rename the Gladman AES symbols. ticket: 7626 target_version: 1.11.3 tags: pullup
* make dependGreg Hudson2013-03-248-88/+76
|
* Move a bunch of stuff out of k5-int.hGreg Hudson2013-03-241-9/+0
| | | | | | | | | Move internal declarations from k5-int.h to more localized headers (like int-proto.h) where appropriate. Rename many symbols whose prototypes were moved to use the k5_ prefix instead of krb5int_. Remove some unused declarations or move them to the single source file they were needed in. Remove krb5_creds_compare since it isn't used any more.
* make dependGreg Hudson2013-01-1010-10/+10
| | | | | Mostly this gets rid of the trailing space on line 2 after bb76891f5386526bdf91bc790c614fc9296cb5fa.
* Separate clpreauth and kdcpreauth interfacesGreg Hudson2012-12-198-43/+43
| | | | | | | Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
* Add camellia_key_cleanupBen Kaduk2012-11-281-1/+9
| | | | | | | | Fix memory leak. ticket: 7457 tags: pullup target_version: 1.11
* make dependTom Yu2012-10-151-10/+1
|
* De-conditionalize Camellia codeGreg Hudson2012-10-094-37/+1
| | | | | | | | | | The Camellia enctypes and cksumtypes have received IANA assignments. Add #defines using those assignments to krb5.h, remove the CAMELLIA conditional, and enable testing code as appropriate. The Camellia draft has not received an RFC number yet, so there is no Doxygen markup for the enctype and cksumtype #defines. That can be added once the RFC number is known.
* Make reindentTom Yu2011-10-171-11/+11
| | | | | | | Also fix pkinit_crypto_nss.c struct initializers and add parens to a ternary operator in do_as_req.c for better indentation. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify some files mistakenly created with tabsGreg Hudson2011-09-041-8/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25140 dc483132-0cff-0310-8789-dd5450dbe970
* Fix signed/unsigned warnings in testsEzra Peisach2011-08-242-16/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25113 dc483132-0cff-0310-8789-dd5450dbe970
* Fixed typo in des OBJS: des_keys.c. -> des_keysSam Hartman2011-08-091-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25081 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up a number of variables set but not used warningsEzra Peisach2011-07-242-4/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25041 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-04-051-3/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24844 dc483132-0cff-0310-8789-dd5450dbe970
* destest.c no longer needs crypto_int.hGreg Hudson2011-04-031-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24825 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the weak key checks from the builtin rc4 enc provider. ThereGreg Hudson2011-03-281-17/+0
| | | | | | | | | | | | | | is no standards support for avoiding RC4 weak keys, so rejecting them causes periodic failures. Heimdal and Microsoft do not check for weak keys. Attacks based on these weak keys are probably thwarted by the use of a confounder, and even if not, the reduction in work factor is not terribly significant for 128-bit keys. ticket: 6886 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24750 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesEzra Peisach2011-03-191-39/+22
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24730 dc483132-0cff-0310-8789-dd5450dbe970
* Resolve a few miscellaneous warningsGreg Hudson2011-03-141-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24703 dc483132-0cff-0310-8789-dd5450dbe970
* Remove two headers accidentally left behind in r24677Greg Hudson2011-03-142-71/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24702 dc483132-0cff-0310-8789-dd5450dbe970
* Move the des and AFS string-to-key implementations into lib/crypto/krb,Greg Hudson2011-03-117-982/+52
| | | | | | | | since they aren't standard crypto primitives. Revise the module SPI accordingly. Add tests for AFS string-to-key to t_str2key.c to replace the ones in the (now defunct) t_afss2k.c. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24699 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-0933-463/+430
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesEzra Peisach2011-03-061-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24690 dc483132-0cff-0310-8789-dd5450dbe970
* On make clean remove test programs and object files. In lib/krb5/krbEzra Peisach2011-03-061-1/+1
| | | | | | make depend as a test program was missed from the source list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24687 dc483132-0cff-0310-8789-dd5450dbe970
* Include crypto_int.h for mit_des_fixup_key_parity prototypeEzra Peisach2011-03-051-6/+7
| | | | | | Cleanup signed/unsigned warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24684 dc483132-0cff-0310-8789-dd5450dbe970
* Move t_cf2 from lib/crypto/builtin to lib/crypto/crypto_tests, as itGreg Hudson2011-03-056-139/+0
| | | | | | is not specific to the builtin module. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24680 dc483132-0cff-0310-8789-dd5450dbe970
* Fix SHA-256 on big-endian platformsGreg Hudson2011-03-031-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24678 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate almost all lib/crypto/krb headers into a singleGreg Hudson2011-03-0227-193/+213
| | | | | | | | | | | | | crypto_int.h. In that header, define and document responsibilities for crypto modules, some of which are satisfied through a module-specific crypto_mod.h. In the OpenSSL and NSS modules, remove many of the headers and sources providing functionality which isn't needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and SHA-1 hashing, as well as DES weak key testing). Change most Makefile.ins to only include headers from lib/crypto/krb and lib/crypto/$(CRYPTO_IMPL), instead of from many different directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970
* Reference random-to-key handlers through the enctype instead of theGreg Hudson2011-02-277-49/+35
| | | | | | | | | | | | enc_provider, for consistency with string-to-key and the place of implementation (other enc_provider functions are implemented in the back end, but random-to-key handlers are in krb). Use a single handler for non-DES/DES3 enctypes since it's always just directly copying the bits. Collapse the three implementations (des, des3, and direct) into random_to_key.c, as they're very short, and eliminate the lib/crypto/krb/rand2key directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24669 dc483132-0cff-0310-8789-dd5450dbe970
* Namespace-protect SHA-256 symbols. Build SHA-256 code independently ofGreg Hudson2011-02-253-67/+43
| | | | | | whether Fortuna was selected. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24666 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-259-114/+106
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
* Remove Yarrow PRNG implementationGreg Hudson2011-02-251-29/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24660 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2010-12-052-3/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24561 dc483132-0cff-0310-8789-dd5450dbe970
* Use for loops for recursion in the Windows build, cutting down on theGreg Hudson2010-11-2810-107/+10
| | | | | | | | | verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
* Fix Windows buildGreg Hudson2010-11-2511-53/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Repair the Windows build. Tested with the prepare-on-Unix method. Some specific changes include: * Removed the IPC finalizer (no longer used after r20787) from ccapi/lib/ccapi_ipc.c, as it was creating a difficult dependency chain for the pingtest build in ccapi/test. Also updated pingtest to use the k5_ipc_stream interfaces since cci_stream is gone. * Reverted the apparently non-functional r20277. * klist -V prints just "Kerberos for Windows", since it has no access to PACKAGE_NAME and PACKAGE_VERSION from autoconf. This should be addressed correctly. * krb5, telnet, gssftp, and NIM are removed from the build. * Some files had CRLFs; these were replaced with LFs and the svn:eol-style property set on the files. Otherwise the CRLFs became CRCRLFs after the zip transfer. * Windows does not have opendir/readdir, so added Windows code to prof_parse.c for includedir. Probable fodder for a libkrb5support portability shim. ticket: 6826 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24533 dc483132-0cff-0310-8789-dd5450dbe970
* Suppress building camellia-gen in "make check" for now (it has a buildGreg Hudson2010-11-211-1/+2
| | | | | | | issue on Solaris which will go away when Camellia support becomes unconditional). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24525 dc483132-0cff-0310-8789-dd5450dbe970
* Implement Camellia-CTS-CMAC instead of Camellia-CCMGreg Hudson2010-11-206-236/+378
| | | | | | | | | | | Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC. Still not compiled in by default since we don't have enctype assignments yet. ticket: 6822 target_verion: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24524 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-int.h for function declarationsKen Raeburn2010-10-231-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24473 dc483132-0cff-0310-8789-dd5450dbe970
* Improves prng code modularity. Introduces fortuna-like prng that can be used ↵Zhanna Tsitkov2010-10-056-3/+517
| | | | | | | | | in lieu of yarrow. Yarrow stays the default prng while fortuna may be engaged during configuration by using "--with-prng-alg=fortuna" flag. Also, nss crypto backend continues to use its own prng. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24420 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-26 19:32:17 +0000