From e458e0090fc5848cb9f04e829037108a8ced5c86 Mon Sep 17 00:00:00 2001 From: John Gilmore Date: Fri, 3 Feb 1995 10:46:39 +0000 Subject: Rename files so that they work in the DOS LIB command, which amazingly finds dashes in mid-name and treats them like option switches. * des-crc.c => des_crc.c * des-md5.c => des_md5.c * raw-des.c => raw_des.c * Makefile.in: changed to match. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4888 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/ChangeLog | 11 +++ src/lib/crypto/Makefile.in | 12 ++-- src/lib/crypto/des-crc.c | 169 -------------------------------------------- src/lib/crypto/des-md5.c | 170 --------------------------------------------- src/lib/crypto/des_crc.c | 169 ++++++++++++++++++++++++++++++++++++++++++++ src/lib/crypto/des_md5.c | 170 +++++++++++++++++++++++++++++++++++++++++++++ src/lib/crypto/raw-des.c | 101 --------------------------- src/lib/crypto/raw_des.c | 101 +++++++++++++++++++++++++++ 8 files changed, 457 insertions(+), 446 deletions(-) delete mode 100644 src/lib/crypto/des-crc.c delete mode 100644 src/lib/crypto/des-md5.c create mode 100644 src/lib/crypto/des_crc.c create mode 100644 src/lib/crypto/des_md5.c delete mode 100644 src/lib/crypto/raw-des.c create mode 100644 src/lib/crypto/raw_des.c (limited to 'src/lib') diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index 914d33d9f..be20248e0 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,14 @@ +Fri Feb 3 02:44:07 1995 John Gilmore + + Rename files so that they work in the DOS LIB command, + which amazingly finds dashes in mid-name and treats them + like option switches. + + * des-crc.c => des_crc.c + * des-md5.c => des_md5.c + * raw-des.c => raw_des.c + * Makefile.in: changed to match. + Thu Feb 2 02:59:58 1995 John Gilmore * Makefile.in (CFLAGS): Handle $(srcdir) properly in -I options. diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index 5a194bba1..e2275b6a9 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -5,14 +5,14 @@ LDFLAGS = -g TST=if test -n "`cat DONE`" ; then OBJS= cryptoconf.o \ - des-crc.o \ - des-md5.o \ - raw-des.o + des_crc.o \ + des_md5.o \ + raw_des.o SRCS= $(srcdir)/cryptoconf.c \ - $(srcdir)/des-crc.c \ - $(srcdir)/des-md5.c \ - $(srcdir)/raw-des.c + $(srcdir)/des_crc.c \ + $(srcdir)/des_md5.c \ + $(srcdir)/raw_des.c all:: diff --git a/src/lib/crypto/des-crc.c b/src/lib/crypto/des-crc.c deleted file mode 100644 index 51c6e24fc..000000000 --- a/src/lib/crypto/des-crc.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * lib/crypto/des-crc.32 - * - * Copyright 1994 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "crc-32.h" -#include "des_int.h" - -static krb5_error_code mit_des_crc_encrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - -static krb5_error_code mit_des_crc_decrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - - -static krb5_cryptosystem_entry mit_des_crc_cryptosystem_entry = { - 0, - mit_des_crc_encrypt_func, - mit_des_crc_decrypt_func, - mit_des_process_key, - mit_des_finish_key, - mit_des_string_to_key, - mit_des_init_random_key, - mit_des_finish_random_key, - mit_des_random_key, - sizeof(mit_des_cblock), - CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock), - sizeof(mit_des_cblock), - ETYPE_DES_CBC_CRC, - KEYTYPE_DES - }; - -krb5_cs_table_entry krb5_des_crc_cst_entry = { - 0, - &mit_des_crc_cryptosystem_entry, - 0 - }; - - -static krb5_error_code -mit_des_crc_encrypt_func(in, out, size, key, ivec) - krb5_const_pointer in; - krb5_pointer out; - const size_t size; - krb5_encrypt_block * key; - krb5_pointer ivec; -{ - krb5_checksum cksum; - krb5_octet contents[CRC32_CKSUM_LENGTH]; - int sumsize; - krb5_error_code retval; - -/* if ( size < sizeof(mit_des_cblock) ) - return KRB5_BAD_MSIZE; */ - - /* caller passes data size, and saves room for the padding. */ - /* format of ciphertext, per RFC is: - +-----------+----------+-------------+-----+ - |confounder | check | msg-seq | pad | - +-----------+----------+-------------+-----+ - - our confounder is 8 bytes (one cblock); - our checksum is CRC32_CKSUM_LENGTH - */ - sumsize = krb5_roundup(size+CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock), - sizeof(mit_des_cblock)); - - /* assemble crypto input into the output area, then encrypt in place. */ - - memset((char *)out, 0, sumsize); - - /* put in the confounder */ - if (retval = krb5_random_confounder(sizeof(mit_des_cblock), out)) - return retval; - - memcpy((char *)out+sizeof(mit_des_cblock)+CRC32_CKSUM_LENGTH, (char *)in, - size); - - cksum.contents = contents; - - /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_CRC32,...) - but avoids use of the cryptosystem config table which can not be - referenced here if this object is to be included in a shared library. */ - if (retval = crc32_cksumtable_entry.sum_func((krb5_pointer) out, - sumsize, - (krb5_pointer)key->key->contents, - sizeof(mit_des_cblock), - &cksum)) - return retval; - - memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents, - CRC32_CKSUM_LENGTH); - - /* We depend here on the ability of this DES implementation to - encrypt plaintext to ciphertext in-place. */ - return (mit_des_cbc_encrypt(out, - out, - sumsize, - (struct mit_des_ks_struct *) key->priv, - ivec ? ivec : (krb5_pointer)key->key->contents, - MIT_DES_ENCRYPT)); - -} - -static krb5_error_code -mit_des_crc_decrypt_func(in, out, size, key, ivec) - krb5_const_pointer in; - krb5_pointer out; - const size_t size; - krb5_encrypt_block * key; - krb5_pointer ivec; -{ - krb5_checksum cksum; - krb5_octet contents_prd[CRC32_CKSUM_LENGTH]; - krb5_octet contents_get[CRC32_CKSUM_LENGTH]; - char *p; - krb5_error_code retval; - - if ( size < 2*sizeof(mit_des_cblock) ) - return KRB5_BAD_MSIZE; - - retval = mit_des_cbc_encrypt(in, - out, - size, - (struct mit_des_ks_struct *) key->priv, - ivec ? ivec : (krb5_pointer)key->key->contents, - MIT_DES_DECRYPT); - if (retval) - return retval; - - cksum.contents = contents_prd; - p = (char *)out + sizeof(mit_des_cblock); - memcpy((char *)contents_get, p, CRC32_CKSUM_LENGTH); - memset(p, 0, CRC32_CKSUM_LENGTH); - - if (retval = crc32_cksumtable_entry.sum_func(out, size, - (krb5_pointer)key->key->contents, - sizeof(mit_des_cblock), - &cksum)) - return retval; - - if (memcmp((char *)contents_get, (char *)contents_prd, CRC32_CKSUM_LENGTH) ) - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - memmove((char *)out, (char *)out + - sizeof(mit_des_cblock) + CRC32_CKSUM_LENGTH, - size - sizeof(mit_des_cblock) - CRC32_CKSUM_LENGTH); - return 0; -} diff --git a/src/lib/crypto/des-md5.c b/src/lib/crypto/des-md5.c deleted file mode 100644 index cb811b73b..000000000 --- a/src/lib/crypto/des-md5.c +++ /dev/null @@ -1,170 +0,0 @@ -/* - * lib/crypto/des-md5.32 - * - * Copyright 1994 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include -#include "des_int.h" - -static krb5_error_code mit_des_md5_encrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - -static krb5_error_code mit_des_md5_decrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - -static mit_des_cblock zero_ivec = { 0 }; - -static krb5_cryptosystem_entry mit_des_md5_cryptosystem_entry = { - 0, - mit_des_md5_encrypt_func, - mit_des_md5_decrypt_func, - mit_des_process_key, - mit_des_finish_key, - mit_des_string_to_key, - mit_des_init_random_key, - mit_des_finish_random_key, - mit_des_random_key, - sizeof(mit_des_cblock), - RSA_MD5_CKSUM_LENGTH+sizeof(mit_des_cblock), - sizeof(mit_des_cblock), - ETYPE_DES_CBC_MD5, - KEYTYPE_DES - }; - -krb5_cs_table_entry krb5_des_md5_cst_entry = { - 0, - &mit_des_md5_cryptosystem_entry, - 0 - }; - - -static krb5_error_code -mit_des_md5_encrypt_func(in, out, size, key, ivec) - krb5_const_pointer in; - krb5_pointer out; - const size_t size; - krb5_encrypt_block * key; - krb5_pointer ivec; -{ - krb5_checksum cksum; - krb5_octet contents[RSA_MD5_CKSUM_LENGTH]; - int sumsize; - krb5_error_code retval; - -/* if ( size < sizeof(mit_des_cblock) ) - return KRB5_BAD_MSIZE; */ - - /* caller passes data size, and saves room for the padding. */ - /* format of ciphertext, per RFC is: - +-----------+----------+-------------+-----+ - |confounder | check | msg-seq | pad | - +-----------+----------+-------------+-----+ - - our confounder is 8 bytes (one cblock); - our checksum is RSA_MD5_CKSUM_LENGTH - */ - sumsize = krb5_roundup(size+RSA_MD5_CKSUM_LENGTH+sizeof(mit_des_cblock), - sizeof(mit_des_cblock)); - - /* assemble crypto input into the output area, then encrypt in place. */ - - memset((char *)out, 0, sumsize); - - /* put in the confounder */ - if (retval = krb5_random_confounder(sizeof(mit_des_cblock), out)) - return retval; - - memcpy((char *)out+sizeof(mit_des_cblock)+RSA_MD5_CKSUM_LENGTH, (char *)in, - size); - - cksum.contents = contents; - - /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_MD5,...) - but avoids use of the cryptosystem config table which can not be - referenced here if this object is to be included in a shared library. */ - if (retval = rsa_md5_cksumtable_entry.sum_func((krb5_pointer) out, - sumsize, - (krb5_pointer)key->key->contents, - sizeof(mit_des_cblock), - &cksum)) - return retval; - - memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents, - RSA_MD5_CKSUM_LENGTH); - - /* We depend here on the ability of this DES implementation to - encrypt plaintext to ciphertext in-place. */ - return (mit_des_cbc_encrypt(out, - out, - sumsize, - (struct mit_des_ks_struct *) key->priv, - ivec ? ivec : (krb5_pointer)zero_ivec, - MIT_DES_ENCRYPT)); - -} - -static krb5_error_code -mit_des_md5_decrypt_func(in, out, size, key, ivec) - krb5_const_pointer in; - krb5_pointer out; - const size_t size; - krb5_encrypt_block * key; - krb5_pointer ivec; -{ - krb5_checksum cksum; - krb5_octet contents_prd[RSA_MD5_CKSUM_LENGTH]; - krb5_octet contents_get[RSA_MD5_CKSUM_LENGTH]; - char *p; - krb5_error_code retval; - - if ( size < 2*sizeof(mit_des_cblock) ) - return KRB5_BAD_MSIZE; - - retval = mit_des_cbc_encrypt(in, - out, - size, - (struct mit_des_ks_struct *) key->priv, - ivec ? ivec : (krb5_pointer)zero_ivec, - MIT_DES_DECRYPT); - if (retval) - return retval; - - cksum.contents = contents_prd; - p = (char *)out + sizeof(mit_des_cblock); - memcpy((char *)contents_get, p, RSA_MD5_CKSUM_LENGTH); - memset(p, 0, RSA_MD5_CKSUM_LENGTH); - - if (retval = rsa_md5_cksumtable_entry.sum_func(out, size, - (krb5_pointer)key->key->contents, - sizeof(mit_des_cblock), - &cksum)) - return retval; - - if (memcmp((char *)contents_get, (char *)contents_prd, RSA_MD5_CKSUM_LENGTH) ) - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - memmove((char *)out, (char *)out + - sizeof(mit_des_cblock) + RSA_MD5_CKSUM_LENGTH, - size - sizeof(mit_des_cblock) - RSA_MD5_CKSUM_LENGTH); - return 0; -} diff --git a/src/lib/crypto/des_crc.c b/src/lib/crypto/des_crc.c new file mode 100644 index 000000000..51c6e24fc --- /dev/null +++ b/src/lib/crypto/des_crc.c @@ -0,0 +1,169 @@ +/* + * lib/crypto/des-crc.32 + * + * Copyright 1994 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include "k5-int.h" +#include "crc-32.h" +#include "des_int.h" + +static krb5_error_code mit_des_crc_encrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +static krb5_error_code mit_des_crc_decrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + + +static krb5_cryptosystem_entry mit_des_crc_cryptosystem_entry = { + 0, + mit_des_crc_encrypt_func, + mit_des_crc_decrypt_func, + mit_des_process_key, + mit_des_finish_key, + mit_des_string_to_key, + mit_des_init_random_key, + mit_des_finish_random_key, + mit_des_random_key, + sizeof(mit_des_cblock), + CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock), + sizeof(mit_des_cblock), + ETYPE_DES_CBC_CRC, + KEYTYPE_DES + }; + +krb5_cs_table_entry krb5_des_crc_cst_entry = { + 0, + &mit_des_crc_cryptosystem_entry, + 0 + }; + + +static krb5_error_code +mit_des_crc_encrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + krb5_checksum cksum; + krb5_octet contents[CRC32_CKSUM_LENGTH]; + int sumsize; + krb5_error_code retval; + +/* if ( size < sizeof(mit_des_cblock) ) + return KRB5_BAD_MSIZE; */ + + /* caller passes data size, and saves room for the padding. */ + /* format of ciphertext, per RFC is: + +-----------+----------+-------------+-----+ + |confounder | check | msg-seq | pad | + +-----------+----------+-------------+-----+ + + our confounder is 8 bytes (one cblock); + our checksum is CRC32_CKSUM_LENGTH + */ + sumsize = krb5_roundup(size+CRC32_CKSUM_LENGTH+sizeof(mit_des_cblock), + sizeof(mit_des_cblock)); + + /* assemble crypto input into the output area, then encrypt in place. */ + + memset((char *)out, 0, sumsize); + + /* put in the confounder */ + if (retval = krb5_random_confounder(sizeof(mit_des_cblock), out)) + return retval; + + memcpy((char *)out+sizeof(mit_des_cblock)+CRC32_CKSUM_LENGTH, (char *)in, + size); + + cksum.contents = contents; + + /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_CRC32,...) + but avoids use of the cryptosystem config table which can not be + referenced here if this object is to be included in a shared library. */ + if (retval = crc32_cksumtable_entry.sum_func((krb5_pointer) out, + sumsize, + (krb5_pointer)key->key->contents, + sizeof(mit_des_cblock), + &cksum)) + return retval; + + memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents, + CRC32_CKSUM_LENGTH); + + /* We depend here on the ability of this DES implementation to + encrypt plaintext to ciphertext in-place. */ + return (mit_des_cbc_encrypt(out, + out, + sumsize, + (struct mit_des_ks_struct *) key->priv, + ivec ? ivec : (krb5_pointer)key->key->contents, + MIT_DES_ENCRYPT)); + +} + +static krb5_error_code +mit_des_crc_decrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + krb5_checksum cksum; + krb5_octet contents_prd[CRC32_CKSUM_LENGTH]; + krb5_octet contents_get[CRC32_CKSUM_LENGTH]; + char *p; + krb5_error_code retval; + + if ( size < 2*sizeof(mit_des_cblock) ) + return KRB5_BAD_MSIZE; + + retval = mit_des_cbc_encrypt(in, + out, + size, + (struct mit_des_ks_struct *) key->priv, + ivec ? ivec : (krb5_pointer)key->key->contents, + MIT_DES_DECRYPT); + if (retval) + return retval; + + cksum.contents = contents_prd; + p = (char *)out + sizeof(mit_des_cblock); + memcpy((char *)contents_get, p, CRC32_CKSUM_LENGTH); + memset(p, 0, CRC32_CKSUM_LENGTH); + + if (retval = crc32_cksumtable_entry.sum_func(out, size, + (krb5_pointer)key->key->contents, + sizeof(mit_des_cblock), + &cksum)) + return retval; + + if (memcmp((char *)contents_get, (char *)contents_prd, CRC32_CKSUM_LENGTH) ) + return KRB5KRB_AP_ERR_BAD_INTEGRITY; + memmove((char *)out, (char *)out + + sizeof(mit_des_cblock) + CRC32_CKSUM_LENGTH, + size - sizeof(mit_des_cblock) - CRC32_CKSUM_LENGTH); + return 0; +} diff --git a/src/lib/crypto/des_md5.c b/src/lib/crypto/des_md5.c new file mode 100644 index 000000000..cb811b73b --- /dev/null +++ b/src/lib/crypto/des_md5.c @@ -0,0 +1,170 @@ +/* + * lib/crypto/des-md5.32 + * + * Copyright 1994 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include "k5-int.h" +#include +#include "des_int.h" + +static krb5_error_code mit_des_md5_encrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +static krb5_error_code mit_des_md5_decrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +static mit_des_cblock zero_ivec = { 0 }; + +static krb5_cryptosystem_entry mit_des_md5_cryptosystem_entry = { + 0, + mit_des_md5_encrypt_func, + mit_des_md5_decrypt_func, + mit_des_process_key, + mit_des_finish_key, + mit_des_string_to_key, + mit_des_init_random_key, + mit_des_finish_random_key, + mit_des_random_key, + sizeof(mit_des_cblock), + RSA_MD5_CKSUM_LENGTH+sizeof(mit_des_cblock), + sizeof(mit_des_cblock), + ETYPE_DES_CBC_MD5, + KEYTYPE_DES + }; + +krb5_cs_table_entry krb5_des_md5_cst_entry = { + 0, + &mit_des_md5_cryptosystem_entry, + 0 + }; + + +static krb5_error_code +mit_des_md5_encrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + krb5_checksum cksum; + krb5_octet contents[RSA_MD5_CKSUM_LENGTH]; + int sumsize; + krb5_error_code retval; + +/* if ( size < sizeof(mit_des_cblock) ) + return KRB5_BAD_MSIZE; */ + + /* caller passes data size, and saves room for the padding. */ + /* format of ciphertext, per RFC is: + +-----------+----------+-------------+-----+ + |confounder | check | msg-seq | pad | + +-----------+----------+-------------+-----+ + + our confounder is 8 bytes (one cblock); + our checksum is RSA_MD5_CKSUM_LENGTH + */ + sumsize = krb5_roundup(size+RSA_MD5_CKSUM_LENGTH+sizeof(mit_des_cblock), + sizeof(mit_des_cblock)); + + /* assemble crypto input into the output area, then encrypt in place. */ + + memset((char *)out, 0, sumsize); + + /* put in the confounder */ + if (retval = krb5_random_confounder(sizeof(mit_des_cblock), out)) + return retval; + + memcpy((char *)out+sizeof(mit_des_cblock)+RSA_MD5_CKSUM_LENGTH, (char *)in, + size); + + cksum.contents = contents; + + /* This is equivalent to krb5_calculate_checksum(CKSUMTYPE_MD5,...) + but avoids use of the cryptosystem config table which can not be + referenced here if this object is to be included in a shared library. */ + if (retval = rsa_md5_cksumtable_entry.sum_func((krb5_pointer) out, + sumsize, + (krb5_pointer)key->key->contents, + sizeof(mit_des_cblock), + &cksum)) + return retval; + + memcpy((char *)out+sizeof(mit_des_cblock), (char *)contents, + RSA_MD5_CKSUM_LENGTH); + + /* We depend here on the ability of this DES implementation to + encrypt plaintext to ciphertext in-place. */ + return (mit_des_cbc_encrypt(out, + out, + sumsize, + (struct mit_des_ks_struct *) key->priv, + ivec ? ivec : (krb5_pointer)zero_ivec, + MIT_DES_ENCRYPT)); + +} + +static krb5_error_code +mit_des_md5_decrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + krb5_checksum cksum; + krb5_octet contents_prd[RSA_MD5_CKSUM_LENGTH]; + krb5_octet contents_get[RSA_MD5_CKSUM_LENGTH]; + char *p; + krb5_error_code retval; + + if ( size < 2*sizeof(mit_des_cblock) ) + return KRB5_BAD_MSIZE; + + retval = mit_des_cbc_encrypt(in, + out, + size, + (struct mit_des_ks_struct *) key->priv, + ivec ? ivec : (krb5_pointer)zero_ivec, + MIT_DES_DECRYPT); + if (retval) + return retval; + + cksum.contents = contents_prd; + p = (char *)out + sizeof(mit_des_cblock); + memcpy((char *)contents_get, p, RSA_MD5_CKSUM_LENGTH); + memset(p, 0, RSA_MD5_CKSUM_LENGTH); + + if (retval = rsa_md5_cksumtable_entry.sum_func(out, size, + (krb5_pointer)key->key->contents, + sizeof(mit_des_cblock), + &cksum)) + return retval; + + if (memcmp((char *)contents_get, (char *)contents_prd, RSA_MD5_CKSUM_LENGTH) ) + return KRB5KRB_AP_ERR_BAD_INTEGRITY; + memmove((char *)out, (char *)out + + sizeof(mit_des_cblock) + RSA_MD5_CKSUM_LENGTH, + size - sizeof(mit_des_cblock) - RSA_MD5_CKSUM_LENGTH); + return 0; +} diff --git a/src/lib/crypto/raw-des.c b/src/lib/crypto/raw-des.c deleted file mode 100644 index 9f710df96..000000000 --- a/src/lib/crypto/raw-des.c +++ /dev/null @@ -1,101 +0,0 @@ -/* - * lib/crypto/raw-des.c - * - * Copyright 1994, 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include "k5-int.h" -#include "des_int.h" - -static krb5_error_code mit_raw_des_encrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - -static krb5_error_code mit_raw_des_decrypt_func - PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, - krb5_encrypt_block *, krb5_pointer )); - -static krb5_cryptosystem_entry mit_raw_des_cryptosystem_entry = { - 0, - mit_raw_des_encrypt_func, - mit_raw_des_decrypt_func, - mit_des_process_key, - mit_des_finish_key, - mit_des_string_to_key, - mit_des_init_random_key, - mit_des_finish_random_key, - mit_des_random_key, - sizeof(mit_des_cblock), - 0, - sizeof(mit_des_cblock), - ETYPE_RAW_DES_CBC, - KEYTYPE_DES - }; - -krb5_cs_table_entry krb5_raw_des_cst_entry = { - 0, - &mit_raw_des_cryptosystem_entry, - 0 - }; - -static krb5_error_code -mit_raw_des_decrypt_func(in, out, size, key, ivec) - krb5_const_pointer in; - krb5_pointer out; - const size_t size; - krb5_encrypt_block * key; - krb5_pointer ivec; -{ - return (mit_des_cbc_encrypt (in, - out, - size, - (struct mit_des_ks_struct *)key->priv, - ivec ? ivec : (krb5_pointer)key->key->contents, - MIT_DES_DECRYPT)); -} - -static krb5_error_code -mit_raw_des_encrypt_func(in, out, size, key, ivec) - krb5_const_pointer in; - krb5_pointer out; - const size_t size; - krb5_encrypt_block * key; - krb5_pointer ivec; -{ - int sumsize; - - /* round up to des block size */ - - sumsize = krb5_roundup(size, sizeof(mit_des_cblock)); - - /* assemble crypto input into the output area, then encrypt in place. */ - - memset((char *)out, 0, sumsize); - memcpy((char *)out, (char *)in, size); - - /* We depend here on the ability of this DES implementation to - encrypt plaintext to ciphertext in-place. */ - return (mit_des_cbc_encrypt (out, - out, - sumsize, - (struct mit_des_ks_struct *)key->priv, - ivec ? ivec : (krb5_pointer)key->key->contents, - MIT_DES_ENCRYPT)); -} diff --git a/src/lib/crypto/raw_des.c b/src/lib/crypto/raw_des.c new file mode 100644 index 000000000..9f710df96 --- /dev/null +++ b/src/lib/crypto/raw_des.c @@ -0,0 +1,101 @@ +/* + * lib/crypto/raw-des.c + * + * Copyright 1994, 1995 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include "k5-int.h" +#include "des_int.h" + +static krb5_error_code mit_raw_des_encrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +static krb5_error_code mit_raw_des_decrypt_func + PROTOTYPE(( krb5_const_pointer, krb5_pointer, const size_t, + krb5_encrypt_block *, krb5_pointer )); + +static krb5_cryptosystem_entry mit_raw_des_cryptosystem_entry = { + 0, + mit_raw_des_encrypt_func, + mit_raw_des_decrypt_func, + mit_des_process_key, + mit_des_finish_key, + mit_des_string_to_key, + mit_des_init_random_key, + mit_des_finish_random_key, + mit_des_random_key, + sizeof(mit_des_cblock), + 0, + sizeof(mit_des_cblock), + ETYPE_RAW_DES_CBC, + KEYTYPE_DES + }; + +krb5_cs_table_entry krb5_raw_des_cst_entry = { + 0, + &mit_raw_des_cryptosystem_entry, + 0 + }; + +static krb5_error_code +mit_raw_des_decrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + return (mit_des_cbc_encrypt (in, + out, + size, + (struct mit_des_ks_struct *)key->priv, + ivec ? ivec : (krb5_pointer)key->key->contents, + MIT_DES_DECRYPT)); +} + +static krb5_error_code +mit_raw_des_encrypt_func(in, out, size, key, ivec) + krb5_const_pointer in; + krb5_pointer out; + const size_t size; + krb5_encrypt_block * key; + krb5_pointer ivec; +{ + int sumsize; + + /* round up to des block size */ + + sumsize = krb5_roundup(size, sizeof(mit_des_cblock)); + + /* assemble crypto input into the output area, then encrypt in place. */ + + memset((char *)out, 0, sumsize); + memcpy((char *)out, (char *)in, size); + + /* We depend here on the ability of this DES implementation to + encrypt plaintext to ciphertext in-place. */ + return (mit_des_cbc_encrypt (out, + out, + sumsize, + (struct mit_des_ks_struct *)key->priv, + ivec ? ivec : (krb5_pointer)key->key->contents, + MIT_DES_ENCRYPT)); +} -- cgit