summaryrefslogtreecommitdiffstats
path: root/src/lib/crypto
Commit message (Collapse)AuthorAgeFilesLines
...
* Add test program for decryption of overly short buffersGreg Hudson2010-01-122-2/+135
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23652 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_pbkdf2_hmac_sha1 fails to set enctype on keyblockEzra Peisach2010-01-091-0/+1
| | | | | | | | | | | krb5int_pbkdf2_hmac_sha1 fails to set enctype on a termporary keyblock - resulting in valgrind picking up on a conditional branch w/ unset value. Initialize value. ticket: 6630 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23622 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_dk_string_to_key fails to set enctypeEzra Peisach2010-01-081-0/+1
| | | | | | | | | | Failure to set the enctype before invoking krb5_k_create_key results in potential memory leak. ticket: 6628 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23612 dc483132-0cff-0310-8789-dd5450dbe970
* Set enctype in crypto_tests to prevent memory leaksEzra Peisach2010-01-082-17/+13
| | | | | | | | | | The key caching is causing memory leaks if enctype is not set as the enctype specific cleanup handlers are not called. ticket: 6627 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23611 dc483132-0cff-0310-8789-dd5450dbe970
* yarrow code does not initialize keyblock enctype and uses unitialized valueEzra Peisach2010-01-082-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The yarrow code uses a keyblock that is partially initialized. This results in krb5_k_free_key trying to look up the enctype to call the free handler. One of the valgrind reports: (there are several paths) ==26701== Conditional jump or move depends on uninitialised value(s) ==26701== at 0x40E9AF0: find_enctype (etypes.h:81) ==26701== by 0x40E9C9E: krb5_k_free_key (key.c:91) ==26701== by 0x40D641A: krb5int_yarrow_cipher_init (ycipher.c:49) ==26701== by 0x40D593A: yarrow_gate_locked (yarrow.c:578) ==26701== by 0x40D5349: krb5int_yarrow_output_Block (yarrow.c:423) ==26701== by 0x40D581B: yarrow_output_locked (yarrow.c:553) ==26701== by 0x40D5667: krb5int_yarrow_output (yarrow.c:513) ==26701== by 0x40EBD2D: krb5_c_random_make_octets (prng.c:112) ==26701== by 0x40D4119: krb5int_old_encrypt (old_aead.c:97) ==26701== by 0x40E9696: krb5_k_encrypt_iov (encrypt_iov.c:42) ==26701== by 0x8049554: main (t_encrypt.c:206) ==26701== ticket: 6625 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23609 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_derive_key results in cache with uninitialized valuesEzra Peisach2010-01-081-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | krb5int_derive_key creates a temporary keyblock to add to the derived cache. krb5_k_free_key will iterate over the derived keys and for ones with cache will lookup the enctype for the key_cleanup handler. Unfortunatly, there isn't a keyblock init function that does not allocate the keyblock - as I suspect this problem will appear in other places. The valgrind log of this problem is: ==7281== Conditional jump or move depends on uninitialised value(s) ==7281== at 0x40E9AE8: find_enctype (etypes.h:81) ==7281== by 0x40E9C96: krb5_k_free_key (key.c:91) ==7281== by 0x40E9C52: krb5_k_free_key (key.c:86) ==7281== by 0x40EBB00: krb5_c_prf (prf.c:87) ==7281== by 0x40E7B1B: prf_plus (cf2.c:77) ==7281== by 0x40E7CE6: krb5_c_fx_cf2_simple (cf2.c:125) ==7281== by 0x804899C: main (t_cf2.c:70) ==7281== with memory leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23608 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-01-034-54/+24
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970
* Enable caching of key-derived context info such as key schedules fromKen Raeburn2010-01-032-18/+60
| | | | | | | | | | | | | one encryption operation to another. Use a new function in the enc_provider structure for cleanup. Implement caching of aes_ctx values. Using Greg's performance tests from the derived-key caching work, on a 2.8GHz Xeon, I see 1 million AES-128 encryptions of 16 bytes improved by 5-6%; encryptions of 1024 bytes and checksums are not significantly affected. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23574 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a case where krb5int_aes_decrypt was trying to encrypt a blockGreg Hudson2010-01-031-1/+1
| | | | | | instead of decrypting it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23573 dc483132-0cff-0310-8789-dd5450dbe970
* Declare function as static to avoid compiler warning on missing prototypesEzra Peisach2009-12-311-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23557 dc483132-0cff-0310-8789-dd5450dbe970
* Remove $(TOBJS) for make cleanEzra Peisach2009-12-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23556 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize hash_iov, in case of premature error exitKen Raeburn2009-12-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23551 dc483132-0cff-0310-8789-dd5450dbe970
* Combine the related code into one fileZhanna Tsitkov2009-12-295-143/+55
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23537 dc483132-0cff-0310-8789-dd5450dbe970
* fast negotiation projecSam Hartman2009-12-141-0/+8
| | | | | | | | | | | | | | | | Merge branches/fast-negotiate into trunk. This implements http://k5wiki.kerberos.org/wiki/Projects/Fast_negotiation Additional changes: * krb5_c_make_checksum with checksum type 0 uses mandatory checksum for given key enctype Conflicts: src/lib/crypto/krb/make_checksum.c ticket: 6595 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23465 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use sizeof(pointertype) to get the length of an allocated arrayTom Yu2009-12-101-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23464 dc483132-0cff-0310-8789-dd5450dbe970
* Add comments to make it slightly clearer howGreg Hudson2009-12-101-1/+2
| | | | | | krb5int_confounder_checksum works. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23463 dc483132-0cff-0310-8789-dd5450dbe970
* Restructure the crypto checksum implementation to minimizeGreg Hudson2009-12-1044-1278/+858
| | | | | | | | | | | | | | | | | | | | | dependencies on the internals of modules. * Keyhash providers are gone. * The cksumtypes table contains checksum and verify functions, similar to the etypes encrypt and decrypt functions. New checksum functions parallel the old keyhash providers, and there are also functions for unkeyed and derived-key HMAC checksums. * The flags field is now used to indicate whether a checksum is unkeyed, but not whether it is a derived-key HMAC checksum. * The descbc checksum is handled through a new enc_provider function which calculates a CBC MAC. The OpenSSL module does not implement the CBC MAC function (it didn't implement descbc before). builtin/des could probably get rid of f_cksum.c (the old DES CBC routine) with some alterations to string2key.c. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23462 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize ihash_iov in case fall through to cleanup handler and tryEzra Peisach2009-12-061-1/+1
| | | | | | to free garbarge. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23453 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the ivec parameters from the keyhash provider functions, asGreg Hudson2009-12-0610-29/+23
| | | | | | they are never used by callers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23452 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2009-12-062-52/+64
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23451 dc483132-0cff-0310-8789-dd5450dbe970
* Make the libk5crypto hash_provider interface take crypto_iov listsGreg Hudson2009-12-0628-474/+291
| | | | | | | instead of lists of krb5_data. Make the base HMAC APIs take crypto_iov lists and drop the _iov variants. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23450 dc483132-0cff-0310-8789-dd5450dbe970
* In the built-in des3 provider, remove the unused version ofGreg Hudson2009-12-061-29/+3
| | | | | | | validate_and_schedule, and drop the _iov suffix from the one we do use. (Cleanup from r23444.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23449 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some code paths in crypto-length which are dead now that theGreg Hudson2009-12-041-11/+2
| | | | | | internal interface can't return an error. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23446 dc483132-0cff-0310-8789-dd5450dbe970
* Remove CRC32_SHIFT4 code as we are unlikely to ever need itGreg Hudson2009-12-043-47/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23445 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate the IOV and non-IOV encryption/decryption code paths, andGreg Hudson2009-12-0481-4002/+1084
| | | | | | | | | | | | | | | | | | | | | | | | drop the _iov suffix from most encryption- and decryption-related functions. The enc_provider encrypt and decrypt functions take IOVs, as do the enctype entries in etypes.c, and there are no separate encrypt_iov or decrypt_iov functions. aead_provider is gone. Enctype functions now take pointers to the enctype entry instead of pointers to the enc/hash/aead providers; this allows dk_encrypt and dk_decrypt to be polymorphic in the length function they use now that AES and DES3 can't differentiate by aead provider. aes_string_to_key needed to be moved into the krb/ fold for this since it's an enctype function; it was duplicated between builtin/ and openssl/ before. This leaves openssl/aes empty; the build system currently demands that all modules have the same directory structure, so the directory and Makefile will stick around for now. Three separate copies of the derive_random logic are also now consolidated into one. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970
* Revert r23442. Revert r23436 changes unrelated to comment reformattingTom Yu2009-12-032-12/+141
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23443 dc483132-0cff-0310-8789-dd5450dbe970
* Update export list to reflect changes in r23436Tom Yu2009-12-031-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23442 dc483132-0cff-0310-8789-dd5450dbe970
* Reformat new block comment per coding styleGreg Hudson2009-12-021-152/+26
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23436 dc483132-0cff-0310-8789-dd5450dbe970
* Actually record dependencies of crypto testsKen Raeburn2009-12-021-1/+152
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23435 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2009-12-023-17/+31
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23433 dc483132-0cff-0310-8789-dd5450dbe970
* Perform the AES-CBC XOR operations 4 bytes at a time, using the helperKen Raeburn2009-12-021-2/+18
| | | | | | | | functions for loading and storing potentially-unaligned values. Improves bulk AES encryption performance by 2% or so on 32-bit x86 with gcc 4. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23432 dc483132-0cff-0310-8789-dd5450dbe970
* Speed up the per-block loops of AES, DES3, and DES IOV encryption byGreg Hudson2009-12-025-197/+160
| | | | | | | | | avoiding function calls and copies in the case where the next block is wholly contained within the current buffer. To do this, introduce two new inline functions in aead.h called iov_next_block and iov_store_block. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23430 dc483132-0cff-0310-8789-dd5450dbe970
* Remove t_kperf on make cleanGreg Hudson2009-12-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23429 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up the AES enc_provider code a bit. Chiefly, work with unsignedGreg Hudson2009-12-021-80/+64
| | | | | | | | char blocks, casting input->data and output->data once each upon entry to the non-IOV encrypt and decrypt functions, rather than casting our working buffers each time we need to work with an outside function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23428 dc483132-0cff-0310-8789-dd5450dbe970
* In t_kperf, generate a valid ciphertext when testing decryptionGreg Hudson2009-12-021-0/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23427 dc483132-0cff-0310-8789-dd5450dbe970
* Fix an incorrect length in the new krb5int_c_decrypt_aead_compatGreg Hudson2009-12-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23426 dc483132-0cff-0310-8789-dd5450dbe970
* Fix AES IOV decryption of small messagesGreg Hudson2009-12-011-13/+8
| | | | | | | | | | | | | AES messages never need to be padded because the confounder ensures that the plaintext is at least one block long. Remove a check in krb5int_dk_decrypt_iov which was rejecting short AES messages because it didn't count the header length. ticket: 6589 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23397 dc483132-0cff-0310-8789-dd5450dbe970
* Make krb5int_c_decrypt_aead_compat more efficient by building theGreg Hudson2009-12-011-23/+41
| | | | | | | buffers explicitly rather than using stream decryption. Sidesteps some machinery and avoids copying the output. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23396 dc483132-0cff-0310-8789-dd5450dbe970
* Fix the usage fallback in krb5int_arcfour_decrypt_iov. Factor out IOVGreg Hudson2009-12-011-25/+29
| | | | | | | encryption with a keyblock since this makes four uses of it in one file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23395 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some stray tabsGreg Hudson2009-11-301-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23391 dc483132-0cff-0310-8789-dd5450dbe970
* Use aead_dk instead of aead_old for des-hmac-sha1, since it usesGreg Hudson2009-11-301-1/+1
| | | | | | dk_encrypt. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23390 dc483132-0cff-0310-8789-dd5450dbe970
* Fix ivec chaining for DES iov encryptionGreg Hudson2009-11-301-2/+5
| | | | | | | | | | | | | krb5int_des_cbc_decrypt_iov was using a plaintext block to update the ivec. Fix it to use the last cipher block, borrowing from the corresponding des3 function. The impact of this bug is not serious since ivec chaining is not typically used with IOV encryption in 1.7. ticket: 6588 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23389 dc483132-0cff-0310-8789-dd5450dbe970
* Add an AEAD provider for enctypes which use krb5_old_encrypt andGreg Hudson2009-11-306-17/+245
| | | | | | | | | krb5_old_decrypt; this makes every enctype have an AEAD provider. To make this work, expose make_unkeyed_checksum_iov to other files (under the name krb5int_hash_iov) and make krb5int_c_padding_length take into account the header length. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23388 dc483132-0cff-0310-8789-dd5450dbe970
* In the des enc_provider decrypt_iov function, count header blocks asGreg Hudson2009-11-301-1/+1
| | | | | | | well as data and padding blocks when checking for correctly padded input. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23387 dc483132-0cff-0310-8789-dd5450dbe970
* Make the crc32 hash provider correctly chain multiple input buffers,Greg Hudson2009-11-305-12/+13
| | | | | | | | so that it returns the same result if you pass it one big buffer or many small buffers containing the same data. To do this, change the contract of mit_crc32 so that the cksum parameter is in-out. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23386 dc483132-0cff-0310-8789-dd5450dbe970
* Stream decryption is handled in krb5_k_decrypt_iov; remove someGreg Hudson2009-11-302-12/+0
| | | | | | | lingering checks in the dk and raw aead providers from before that was introduced. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23385 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the non-iov entry point introduced in r23378, since it's easyGreg Hudson2009-11-293-50/+3
| | | | | | | | to use the iov entry point at both call sites. Rename the iov entry point to remove the "_iov" suffix since it's no longer needed to disambiguate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23381 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid using strncpy in the production of the arcfour salt because itGreg Hudson2009-11-291-4/+3
| | | | | | | produces a (spurious) Coverity defect. Fix a memory leak in krb5int_arcfour_encrypt. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23380 dc483132-0cff-0310-8789-dd5450dbe970
* Add do-while(0) around multi-statement macros in f_tables.h for moreGreg Hudson2009-11-291-44/+48
| | | | | | consistent and elegant emacs auto-formatting. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23379 dc483132-0cff-0310-8789-dd5450dbe970
* Create functional internal interfaces to allow GSSAPI to performGreg Hudson2009-11-284-3/+96
| | | | | | | | arcfour encryption of GSS tokens. This factors out derivation of the usage and encryption keys, and removes the need for the provider structures to be visible to all of krb5 via k5-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23378 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-26 01:07:02 +0000