diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-10-03 21:02:44 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-10-03 21:02:44 +0000 |
| commit | 8258dbd7f56dc010ca08abd71263f1de99e2ad97 (patch) | |
| tree | 104572c64e1638d9ee4101bfee3b72ec8df53a2d | |
| parent | 53ec69c80a80151e67f657c79e2f7d6adbf1732b (diff) | |
| download | krb5-8258dbd7f56dc010ca08abd71263f1de99e2ad97.zip krb5-8258dbd7f56dc010ca08abd71263f1de99e2ad97.tar.gz krb5-8258dbd7f56dc010ca08abd71263f1de99e2ad97.tar.bz2 | |
Merge trunk changes from r22833 to r22841 to enc-perf branch
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/enc-perf@22842 dc483132-0cff-0310-8789-dd5450dbe970
47 files changed, 1091 insertions, 1457 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 71fcf64..62d33fc 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -781,6 +781,16 @@ static inline void krb5int_zap_data(void *ptr, size_t len) #endif /* WIN32 */ #define zap(p,l) krb5int_zap_data(p,l) +/* Convenience function: zap and free ptr if it is non-NULL. */ +static inline void +zapfree(void *ptr, size_t len) +{ + if (ptr != NULL) { + zap(ptr, len); + free(ptr); + } +} + /* A definition of init_state for DES based encryption systems. * sets up an 8-byte IV of all zeros */ @@ -2833,6 +2843,17 @@ static inline int authdata_eq (krb5_authdata a1, krb5_authdata a2) && !memcmp(a1.contents, a2.contents, a1.length)); } +/* Allocate zeroed memory; set *code to 0 on success or ENOMEM on failure. */ +static inline void * +k5alloc(size_t size, krb5_error_code *code) +{ + void *ptr; + + ptr = calloc(size, 1); + *code = (ptr == NULL) ? ENOMEM : 0; + return ptr; +} + krb5_error_code KRB5_CALLCONV krb5int_pac_sign(krb5_context context, krb5_pac pac, diff --git a/src/lib/crypto/krb/aead.c b/src/lib/crypto/krb/aead.c index 2d9a835..ac5e7e8 100644 --- a/src/lib/crypto/krb/aead.c +++ b/src/lib/crypto/krb/aead.c @@ -72,8 +72,8 @@ make_unkeyed_checksum_iov(const struct krb5_hash_provider *hash_provider, num_sign_data++; } - /* XXX cleanup to avoid alloc */ - sign_data = (krb5_data *)calloc(num_sign_data, sizeof(krb5_data)); + /* XXX cleanup to avoid alloc. */ + sign_data = calloc(num_sign_data, sizeof(krb5_data)); if (sign_data == NULL) return ENOMEM; @@ -84,7 +84,7 @@ make_unkeyed_checksum_iov(const struct krb5_hash_provider *hash_provider, sign_data[j++] = iov->data; } - ret = hash_provider->hash(num_sign_data, sign_data, output); + ret = (*hash_provider->hash)(num_sign_data, sign_data, output); free(sign_data); @@ -99,36 +99,26 @@ krb5int_c_make_checksum_iov(const struct krb5_cksumtypes *cksum_type, size_t num_data, krb5_data *cksum_data) { - int e1, e2; + const struct krb5_keytypes *e1, *e2; krb5_error_code ret; if (cksum_type->keyhash != NULL) { - /* check if key is compatible */ + /* Check if key is compatible. */ if (cksum_type->keyed_etype) { - for (e1=0; e1<krb5_enctypes_length; e1++) - if (krb5_enctypes_list[e1].etype == - cksum_type->keyed_etype) - break; - - for (e2=0; e2<krb5_enctypes_length; e2++) - if (krb5_enctypes_list[e2].etype == key->enctype) - break; - - if ((e1 == krb5_enctypes_length) || - (e2 == krb5_enctypes_length) || - (krb5_enctypes_list[e1].enc != krb5_enctypes_list[e2].enc)) { + e1 = find_enctype(cksum_type->keyed_etype); + e2 = find_enctype(key->enctype); + if (e1 == NULL || e2 == NULL || e1->enc != e2->enc) { ret = KRB5_BAD_ENCTYPE; goto cleanup; } } - if (cksum_type->keyhash->hash_iov == NULL) { + if (cksum_type->keyhash->hash_iov == NULL) return KRB5_BAD_ENCTYPE; - } - ret = (*(cksum_type->keyhash->hash_iov))(key, usage, 0, - data, num_data, cksum_data); + ret = (*cksum_type->keyhash->hash_iov)(key, usage, 0, data, num_data, + cksum_data); } else if (cksum_type->flags & KRB5_CKSUMFLAG_DERIVE) { ret = krb5int_dk_make_checksum_iov(cksum_type->hash, key, usage, data, num_data, @@ -364,22 +354,25 @@ krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead, stream = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_STREAM); assert(stream != NULL); - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, &header_len); + ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, + &header_len); if (ret != 0) return ret; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, &trailer_len); + ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, + &trailer_len); if (ret != 0) return ret; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &padding_len); + ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, + &padding_len); if (ret != 0) return ret; if (stream->data.length < header_len + trailer_len) return KRB5_BAD_MSIZE; - iov = (krb5_crypto_iov *)calloc(num_data + 2, sizeof(krb5_crypto_iov)); + iov = calloc(num_data + 2, sizeof(krb5_crypto_iov)); if (iov == NULL) return ENOMEM; @@ -400,14 +393,18 @@ krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead, got_data++; data[j].data.data = stream->data.data + header_len; - data[j].data.length = stream->data.length - header_len - trailer_len; + data[j].data.length = stream->data.length - header_len + - trailer_len; } if (data[j].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY || data[j].flags == KRB5_CRYPTO_TYPE_DATA) iov[i++] = data[j]; } - /* XXX not self-describing with respect to length, this is the best we can do */ + /* + * XXX not self-describing with respect to length, this is the best + * we can do. + */ iov[i].flags = KRB5_CRYPTO_TYPE_PADDING; iov[i].data.data = NULL; iov[i].data.length = 0; @@ -420,7 +417,7 @@ krb5int_c_iov_decrypt_stream(const struct krb5_aead_provider *aead, assert(i <= num_data + 2); - ret = aead->decrypt_iov(aead, enc, hash, key, keyusage, ivec, iov, i); + ret = (*aead->decrypt_iov)(aead, enc, hash, key, keyusage, ivec, iov, i); free(iov); @@ -437,7 +434,8 @@ krb5int_c_padding_length(const struct krb5_aead_provider *aead, unsigned int padding; krb5_error_code ret; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &padding); + ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, + &padding); if (ret != 0) return ret; @@ -463,21 +461,23 @@ krb5int_c_encrypt_aead_compat(const struct krb5_aead_provider *aead, unsigned int padding_len = 0; unsigned int trailer_len = 0; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, - &header_len); + ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, + &header_len); if (ret != 0) return ret; - ret = krb5int_c_padding_length(aead, enc, hash, input->length, &padding_len); + ret = krb5int_c_padding_length(aead, enc, hash, input->length, + &padding_len); if (ret != 0) return ret; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, - &trailer_len); + ret = (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, + &trailer_len); if (ret != 0) return ret; - if (output->length < header_len + input->length + padding_len + trailer_len) + if (output->length < + header_len + input->length + padding_len + trailer_len) return KRB5_BAD_MSIZE; iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; @@ -497,9 +497,8 @@ krb5int_c_encrypt_aead_compat(const struct krb5_aead_provider *aead, iov[3].data.data = iov[2].data.data + iov[2].data.length; iov[3].data.length = trailer_len; - ret = aead->encrypt_iov(aead, enc, hash, key, - usage, ivec, - iov, sizeof(iov)/sizeof(iov[0])); + ret = (*aead->encrypt_iov)(aead, enc, hash, key, usage, ivec, + iov, sizeof(iov) / sizeof(iov[0])); if (ret != 0) zap(iov[1].data.data, iov[1].data.length); @@ -548,8 +547,7 @@ krb5int_c_decrypt_aead_compat(const struct krb5_aead_provider *aead, output->length = iov[1].data.length; cleanup: - zap(iov[0].data.data, iov[0].data.length); - free(iov[0].data.data); + zapfree(iov[0].data.data, iov[0].data.length); return ret; } @@ -564,9 +562,11 @@ krb5int_c_encrypt_length_aead_compat(const struct krb5_aead_provider *aead, unsigned int padding_len = 0; unsigned int trailer_len = 0; - aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, &header_len); + (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_HEADER, + &header_len); krb5int_c_padding_length(aead, enc, hash, inputlen, &padding_len); - aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, &trailer_len); + (*aead->crypto_length)(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, + &trailer_len); *length = header_len + inputlen + padding_len + trailer_len; } diff --git a/src/lib/crypto/krb/block_size.c b/src/lib/crypto/krb/block_size.c index e4c11e8..336dbc2 100644 --- a/src/lib/crypto/krb/block_size.c +++ b/src/lib/crypto/krb/block_size.c @@ -31,17 +31,12 @@ krb5_error_code KRB5_CALLCONV krb5_c_block_size(krb5_context context, krb5_enctype enctype, size_t *blocksize) { - int i; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + *blocksize = ktp->enc->block_size; - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - *blocksize = krb5_enctypes_list[i].enc->block_size; - - return(0); + return 0; } diff --git a/src/lib/crypto/krb/cf2.c b/src/lib/crypto/krb/cf2.c index 4e25641..1c6896c 100644 --- a/src/lib/crypto/krb/cf2.c +++ b/src/lib/crypto/krb/cf2.c @@ -40,8 +40,8 @@ * a count byte to get enough bits of output. */ static krb5_error_code -prf_plus( krb5_context context, krb5_keyblock *k,const char *pepper, - size_t keybytes, char **out) +prf_plus(krb5_context context, krb5_keyblock *k, const char *pepper, + size_t keybytes, char **out) { krb5_error_code retval = 0; size_t prflen, iterations; @@ -49,46 +49,44 @@ prf_plus( krb5_context context, krb5_keyblock *k,const char *pepper, krb5_data in_data; char *buffer = NULL; struct k5buf prf_inbuf; + krb5int_buf_init_dynamic(&prf_inbuf); - krb5int_buf_add_len( &prf_inbuf, "\001", 1); - krb5int_buf_add( &prf_inbuf, pepper); + krb5int_buf_add_len(&prf_inbuf, "\001", 1); + krb5int_buf_add(&prf_inbuf, pepper); retval = krb5_c_prf_length( context, k->enctype, &prflen); - if (retval != 0) + if (retval) goto cleanup; - iterations = keybytes/prflen; - if ((keybytes%prflen) != 0) + iterations = keybytes / prflen; + if (keybytes % prflen != 0) iterations++; assert(iterations <= 254); - buffer = malloc(iterations*prflen); - if (buffer == NULL) { - retval = ENOMEM; + buffer = k5alloc(iterations * prflen, &retval); + if (retval) goto cleanup; - } - if (krb5int_buf_len( &prf_inbuf) == -1) { + if (krb5int_buf_len(&prf_inbuf) == -1) { retval = ENOMEM; goto cleanup; } - in_data.length = (krb5_int32) krb5int_buf_len( &prf_inbuf); - in_data.data = krb5int_buf_data( &prf_inbuf); + in_data.length = (krb5_int32) krb5int_buf_len(&prf_inbuf); + in_data.data = krb5int_buf_data(&prf_inbuf); out_data.length = prflen; out_data.data = buffer; while (iterations > 0) { - retval = krb5_c_prf( context, k, &in_data, &out_data); - if (retval != 0) - goto cleanup; - out_data.data += prflen; - in_data.data[0]++; - iterations--; - } - cleanup: - if (retval == 0 ) - *out = buffer; - else{ - if (buffer != NULL) - free(buffer); + retval = krb5_c_prf(context, k, &in_data, &out_data); + if (retval) + goto cleanup; + out_data.data += prflen; + in_data.data[0]++; + iterations--; } - krb5int_free_buf( &prf_inbuf); + + *out = buffer; + buffer = NULL; + +cleanup: + free(buffer); + krb5int_free_buf(&prf_inbuf); return retval; } @@ -107,48 +105,46 @@ krb5_c_fx_cf2_simple(krb5_context context, krb5_error_code retval = 0; krb5_keyblock *out_key = NULL; - - if (k1 == NULL ||!krb5_c_valid_enctype(k1->enctype)) + if (k1 == NULL || !krb5_c_valid_enctype(k1->enctype)) return KRB5_BAD_ENCTYPE; if (k2 == NULL || !krb5_c_valid_enctype(k2->enctype)) return KRB5_BAD_ENCTYPE; out_enctype_num = k1->enctype; assert(out != NULL); - assert ((out_enctype = find_enctype(out_enctype_num)) != NULL); + assert((out_enctype = find_enctype(out_enctype_num)) != NULL); if (out_enctype->prf == NULL) { if (context) - krb5int_set_error(&(context->err) , KRB5_CRYPTO_INTERNAL, - "Enctype %d has no PRF", out_enctype_num); + krb5int_set_error(&(context->err), KRB5_CRYPTO_INTERNAL, + "Enctype %d has no PRF", out_enctype_num); return KRB5_CRYPTO_INTERNAL; - } + } keybytes = out_enctype->enc->keybytes; keylength = out_enctype->enc->keylength; - retval = prf_plus( context, k1, pepper1, keybytes, &prf1); - if (retval != 0) - goto cleanup; - retval = prf_plus( context, k2, pepper2, keybytes, &prf2); - if (retval != 0) + retval = prf_plus(context, k1, pepper1, keybytes, &prf1); + if (retval) + goto cleanup; + retval = prf_plus(context, k2, pepper2, keybytes, &prf2); + if (retval) goto cleanup; for (i = 0; i < keybytes; i++) prf1[i] ^= prf2[i]; - zap(prf2, keybytes); - retval = krb5int_c_init_keyblock( context, out_enctype_num, keylength, &out_key); - if (retval != 0) + retval = krb5int_c_init_keyblock(context, out_enctype_num, keylength, + &out_key); + if (retval) goto cleanup; keydata.data = prf1; keydata.length = keybytes; - retval = out_enctype->enc->make_key( &keydata, out_key); + retval = (*out_enctype->enc->make_key)(&keydata, out_key); + if (retval) + goto cleanup; - cleanup: - if (retval == 0) - *out = out_key; - else krb5int_c_free_keyblock( context, out_key); - if (prf1 != NULL) { - zap(prf1, keybytes); - free(prf1); - } - if (prf2 != NULL) - free(prf2); + *out = out_key; + out_key = NULL; + +cleanup: + krb5int_c_free_keyblock( context, out_key); + zapfree(prf1, keybytes); + zapfree(prf2, keybytes); return retval; } diff --git a/src/lib/crypto/krb/checksum_length.c b/src/lib/crypto/krb/checksum_length.c index 28846a6..1af4d17 100644 --- a/src/lib/crypto/krb/checksum_length.c +++ b/src/lib/crypto/krb/checksum_length.c @@ -39,7 +39,7 @@ krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, } if (i == krb5_cksumtypes_length) - return(KRB5_BAD_ENCTYPE); + return KRB5_BAD_ENCTYPE; if (krb5_cksumtypes_list[i].keyhash) *length = krb5_cksumtypes_list[i].keyhash->hashsize; @@ -48,6 +48,6 @@ krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, else *length = krb5_cksumtypes_list[i].hash->hashsize; - return(0); + return 0; } diff --git a/src/lib/crypto/krb/cksumtype_to_string.c b/src/lib/crypto/krb/cksumtype_to_string.c index ee1d50b..82e0702 100644 --- a/src/lib/crypto/krb/cksumtype_to_string.c +++ b/src/lib/crypto/krb/cksumtype_to_string.c @@ -32,14 +32,14 @@ krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen) { unsigned int i; - for (i=0; i<krb5_cksumtypes_length; i++) { + for (i = 0; i < krb5_cksumtypes_length; i++) { if (krb5_cksumtypes_list[i].ctype == cksumtype) { if (strlcpy(buffer, krb5_cksumtypes_list[i].out_string, buflen) >= buflen) - return(ENOMEM); - return(0); + return ENOMEM; + return 0; } } - return(EINVAL); + return EINVAL; } diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c index 037e53f..2b5f33d 100644 --- a/src/lib/crypto/krb/cksumtypes.c +++ b/src/lib/crypto/krb/cksumtypes.c @@ -88,4 +88,4 @@ const struct krb5_cksumtypes krb5_cksumtypes_list[] = { }; const unsigned int krb5_cksumtypes_length = -sizeof(krb5_cksumtypes_list)/sizeof(struct krb5_cksumtypes); + sizeof(krb5_cksumtypes_list) / sizeof(struct krb5_cksumtypes); diff --git a/src/lib/crypto/krb/cksumtypes.h b/src/lib/crypto/krb/cksumtypes.h index c667e8a..05e7be6 100644 --- a/src/lib/crypto/krb/cksumtypes.h +++ b/src/lib/crypto/krb/cksumtypes.h @@ -34,23 +34,29 @@ struct krb5_cksumtypes { char *name; char *aliases[2]; char *out_string; - /* if the hash is keyed, this is the etype it is keyed with. - Actually, it can be keyed by any etype which has the same - enc_provider as the specified etype. DERIVE checksums can - be keyed with any valid etype. */ + /* + * If the hash is keyed, this is the etype it is keyed with. + * Actually, it can be keyed by any etype which has the same + * enc_provider as the specified etype. DERIVE checksums can + * be keyed with any valid etype. + */ krb5_enctype keyed_etype; - /* I can't statically initialize a union, so I'm just going to use - two pointers here. The keyhash is used if non-NULL. If NULL, - then HMAC/hash with derived keys is used if the relevant flag - is set. Otherwise, a non-keyed hash is computed. This is all - kind of messy, but so is the krb5 api. */ + /* + * I can't statically initialize a union, so I'm just going to use + * two pointers here. The keyhash is used if non-NULL. If NULL, + * then HMAC/hash with derived keys is used if the relevant flag + * is set. Otherwise, a non-keyed hash is computed. This is all + * kind of messy, but so is the krb5 api. + */ const struct krb5_keyhash_provider *keyhash; const struct krb5_hash_provider *hash; - /* This just gets uglier and uglier. In the key derivation case, - we produce an hmac. To make the hmac code work, we can't hack - the output size indicated by the hash provider, but we may want - a truncated hmac. If we want truncation, this is the number of - bytes we truncate to; it should be 0 otherwise. */ + /* + * This just gets uglier and uglier. In the key derivation case, + * we produce an hmac. To make the hmac code work, we can't hack + * the output size indicated by the hash provider, but we may want + * a truncated hmac. If we want truncation, this is the number of + * bytes we truncate to; it should be 0 otherwise. + */ unsigned int trunc_size; }; diff --git a/src/lib/crypto/krb/coll_proof_cksum.c b/src/lib/crypto/krb/coll_proof_cksum.c index 85fb57b..d66863e 100644 --- a/src/lib/crypto/krb/coll_proof_cksum.c +++ b/src/lib/crypto/krb/coll_proof_cksum.c @@ -32,19 +32,19 @@ krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype) { unsigned int i; - for (i=0; i<krb5_cksumtypes_length; i++) { + for (i = 0; i < krb5_cksumtypes_length; i++) { if (krb5_cksumtypes_list[i].ctype == ctype) return((krb5_cksumtypes_list[i].flags & - KRB5_CKSUMFLAG_NOT_COLL_PROOF)?0:1); + KRB5_CKSUMFLAG_NOT_COLL_PROOF) ? FALSE : TRUE); } /* ick, but it's better than coredumping, which is what the old code would have done */ - return(0); + return FALSE; } krb5_boolean KRB5_CALLCONV is_coll_proof_cksum(krb5_cksumtype ctype) { - return krb5_c_is_coll_proof_cksum (ctype); + return krb5_c_is_coll_proof_cksum(ctype); } diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c index 3d97651..8c3ea19 100644 --- a/src/lib/crypto/krb/combine_keys.c +++ b/src/lib/crypto/krb/combine_keys.c @@ -46,9 +46,9 @@ #include "etypes.h" #include "dk.h" -static krb5_error_code dr -(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, - unsigned char *outdata, const krb5_data *in_constant); +static krb5_error_code dr(const struct krb5_enc_provider *enc, + const krb5_keyblock *inkey, unsigned char *outdata, + const krb5_data *in_constant); /* * We only support this combine_keys algorithm for des and 3des keys. @@ -56,85 +56,65 @@ static krb5_error_code dr * We don't implement that yet. */ -static krb5_boolean enctype_ok (krb5_enctype e) +static krb5_boolean +enctype_ok(krb5_enctype e) { switch (e) { case ENCTYPE_DES_CBC_CRC: case ENCTYPE_DES_CBC_MD4: case ENCTYPE_DES_CBC_MD5: case ENCTYPE_DES3_CBC_SHA1: - return 1; + return TRUE; default: - return 0; + return FALSE; } } -krb5_error_code krb5int_c_combine_keys -(krb5_context context, krb5_keyblock *key1, krb5_keyblock *key2, krb5_keyblock *outkey) +krb5_error_code +krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1, + krb5_keyblock *key2, krb5_keyblock *outkey) { - unsigned char *r1, *r2, *combined, *rnd, *output; + unsigned char *r1 = NULL, *r2 = NULL, *combined = NULL, *rnd = NULL; + unsigned char *output = NULL; size_t keybytes, keylength; const struct krb5_enc_provider *enc; krb5_data input, randbits; krb5_keyblock tkey; krb5_error_code ret; - int i, myalloc = 0; - if (!(enctype_ok(key1->enctype)&&enctype_ok(key2->enctype))) - return (KRB5_CRYPTO_INTERNAL); - + const struct krb5_keytypes *ktp; + krb5_boolean myalloc = FALSE; - if (key1->length != key2->length || key1->enctype != key2->enctype) - return (KRB5_CRYPTO_INTERNAL); - - /* - * Find our encryption algorithm - */ - - for (i = 0; i < krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key1->enctype) - break; - } + if (!enctype_ok(key1->enctype) || !enctype_ok(key2->enctype)) + return KRB5_CRYPTO_INTERNAL; - if (i == krb5_enctypes_length) - return (KRB5_BAD_ENCTYPE); + if (key1->length != key2->length || key1->enctype != key2->enctype) + return KRB5_CRYPTO_INTERNAL; - enc = krb5_enctypes_list[i].enc; + /* Find our encryption algorithm. */ + ktp = find_enctype(key1->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + enc = ktp->enc; keybytes = enc->keybytes; keylength = enc->keylength; - /* - * Allocate and set up buffers - */ - - if ((r1 = (unsigned char *) malloc(keybytes)) == NULL) - return (ENOMEM); - - if ((r2 = (unsigned char *) malloc(keybytes)) == NULL) { - free(r1); - return (ENOMEM); - } - - if ((rnd = (unsigned char *) malloc(keybytes)) == NULL) { - free(r1); - free(r2); - return (ENOMEM); - } - - if ((combined = (unsigned char *) malloc(keybytes * 2)) == NULL) { - free(r1); - free(r2); - free(rnd); - return (ENOMEM); - } - - if ((output = (unsigned char *) malloc(keylength)) == NULL) { - free(r1); - free(r2); - free(rnd); - free(combined); - return (ENOMEM); - } + /* Allocate and set up buffers. */ + r1 = k5alloc(keybytes, &ret); + if (ret) + goto cleanup; + r2 = k5alloc(keybytes, &ret); + if (ret) + goto cleanup; + rnd = k5alloc(keybytes, &ret); + if (ret) + goto cleanup; + combined = k5alloc(keybytes * 2, &ret); + if (ret) + goto cleanup; + output = k5alloc(keylength, &ret); + if (ret) + goto cleanup; /* * Get R1 and R2 (by running the input keys through the DR algorithm. @@ -143,34 +123,16 @@ krb5_error_code krb5int_c_combine_keys input.length = key2->length; input.data = (char *) key2->contents; - if ((ret = dr(enc, key1, r1, &input))) + ret = dr(enc, key1, r1, &input); + if (ret) goto cleanup; -#if 0 - { - int i; - printf("R1 ="); - for (i = 0; i < keybytes; i++) - printf(" %02x", (unsigned char) r1[i]); - printf("\n"); - } -#endif - input.length = key1->length; input.data = (char *) key1->contents; - if ((ret = dr(enc, key2, r2, &input))) + ret = dr(enc, key2, r2, &input); + if (ret) goto cleanup; -#if 0 - { - int i; - printf("R2 ="); - for (i = 0; i < keybytes; i++) - printf(" %02x", (unsigned char) r2[i]); - printf("\n"); - } -#endif - /* * Concatenate the two keys together, and then run them through * n-fold to reduce them to a length appropriate for the random-to-key @@ -183,16 +145,6 @@ krb5_error_code krb5int_c_combine_keys krb5_nfold((keybytes * 2) * 8, combined, keybytes * 8, rnd); -#if 0 - { - int i; - printf("rnd ="); - for (i = 0; i < keybytes; i++) - printf(" %02x", (unsigned char) rnd[i]); - printf("\n"); - } -#endif - /* * Run the "random" bits through random-to-key to produce a encryption * key. @@ -203,25 +155,16 @@ krb5_error_code krb5int_c_combine_keys tkey.length = keylength; tkey.contents = output; - if ((ret = (*(enc->make_key))(&randbits, &tkey))) + ret = (*enc->make_key)(&randbits, &tkey); + if (ret) goto cleanup; -#if 0 - { - int i; - printf("tkey ="); - for (i = 0; i < tkey.length; i++) - printf(" %02x", (unsigned char) tkey.contents[i]); - printf("\n"); - } -#endif - /* * Run through derive-key one more time to produce the final key. * Note that the input to derive-key is the ASCII string "combine". */ - input.length = 7; /* Note; change this if string length changes */ + input.length = 7; input.data = "combine"; /* @@ -234,17 +177,16 @@ krb5_error_code krb5int_c_combine_keys */ if (outkey->length == 0 || outkey->contents == NULL) { - outkey->contents = (krb5_octet *) malloc(keylength); - if (!outkey->contents) { - ret = ENOMEM; + outkey->contents = k5alloc(keylength, &ret); + if (ret) goto cleanup; - } outkey->length = keylength; outkey->enctype = key1->enctype; - myalloc = 1; + myalloc = TRUE; } - if ((ret = krb5_derive_key(enc, &tkey, outkey, &input))) { + ret = krb5_derive_key(enc, &tkey, outkey, &input); + if (ret) { if (myalloc) { free(outkey->contents); outkey->contents = NULL; @@ -252,58 +194,38 @@ krb5_error_code krb5int_c_combine_keys goto cleanup; } -#if 0 - { - int i; - printf("output ="); - for (i = 0; i < outkey->length; i++) - printf(" %02x", (unsigned char) outkey->contents[i]); - printf("\n"); - } -#endif - - ret = 0; - cleanup: - memset(r1, 0, keybytes); - memset(r2, 0, keybytes); - memset(rnd, 0, keybytes); - memset(combined, 0, keybytes * 2); - memset(output, 0, keylength); - - free(r1); - free(r2); - free(rnd); - free(combined); - free(output); - - return (ret); + zapfree(r1, keybytes); + zapfree(r2, keybytes); + zapfree(rnd, keybytes); + zapfree(combined, keybytes * 2); + zapfree(output, keylength); + return ret; } /* * Our DR function; mostly taken from derive.c */ -static krb5_error_code dr -(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, unsigned char *out, const krb5_data *in_constant) +static krb5_error_code +dr(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, + unsigned char *out, const krb5_data *in_constant) { - size_t blocksize, keybytes, keylength, n; - unsigned char *inblockdata, *outblockdata; + size_t blocksize, keybytes, n; + unsigned char *inblockdata = NULL, *outblockdata = NULL; krb5_data inblock, outblock; + krb5_error_code ret; blocksize = enc->block_size; keybytes = enc->keybytes; - keylength = enc->keylength; - - /* allocate and set up buffers */ - if ((inblockdata = (unsigned char *) malloc(blocksize)) == NULL) - return(ENOMEM); - - if ((outblockdata = (unsigned char *) malloc(blocksize)) == NULL) { - free(inblockdata); - return(ENOMEM); - } + /* Allocate and set up buffers. */ + inblockdata = k5alloc(blocksize, &ret); + if (ret) + goto cleanup; + outblockdata = k5alloc(blocksize, &ret); + if (ret) + goto cleanup; inblock.data = (char *) inblockdata; inblock.length = blocksize; @@ -324,26 +246,23 @@ static krb5_error_code dr n = 0; while (n < keybytes) { - (*(enc->encrypt))(inkey, 0, &inblock, &outblock); + ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock); + if (ret) + goto cleanup; if ((keybytes - n) <= outblock.length) { - memcpy(out+n, outblock.data, (keybytes - n)); + memcpy(out + n, outblock.data, (keybytes - n)); break; } - memcpy(out+n, outblock.data, outblock.length); + memcpy(out + n, outblock.data, outblock.length); memcpy(inblock.data, outblock.data, outblock.length); n += outblock.length; } - /* clean memory, free resources and exit */ - - memset(inblockdata, 0, blocksize); - memset(outblockdata, 0, blocksize); - - free(outblockdata); - free(inblockdata); - - return(0); +cleanup: + zapfree(inblockdata, blocksize); + zapfree(outblockdata, blocksize); + return ret; } diff --git a/src/lib/crypto/krb/crypto_length.c b/src/lib/crypto/krb/crypto_length.c index d99d18b..23e8c1c 100644 --- a/src/lib/crypto/krb/crypto_length.c +++ b/src/lib/crypto/krb/crypto_length.c @@ -29,25 +29,15 @@ #include "aead.h" krb5_error_code KRB5_CALLCONV -krb5_c_crypto_length(krb5_context context, - krb5_enctype enctype, - krb5_cryptotype type, - unsigned int *size) +krb5_c_crypto_length(krb5_context context, krb5_enctype enctype, + krb5_cryptotype type, unsigned int *size) { - int i; - const struct krb5_keytypes *ktp = NULL; + const struct krb5_keytypes *ktp; krb5_error_code ret; - for (i = 0; i < krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) { - ktp = &krb5_enctypes_list[i]; - break; - } - } - - if (ktp == NULL || ktp->aead == NULL) { + ktp = find_enctype(enctype); + if (ktp == NULL || ktp->aead == NULL) return KRB5_BAD_ENCTYPE; - } switch (type) { case KRB5_CRYPTO_TYPE_EMPTY: @@ -63,7 +53,8 @@ krb5_c_crypto_length(krb5_context context, case KRB5_CRYPTO_TYPE_PADDING: case KRB5_CRYPTO_TYPE_TRAILER: case KRB5_CRYPTO_TYPE_CHECKSUM: - ret = ktp->aead->crypto_length(ktp->aead, ktp->enc, ktp->hash, type, size); + ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash, + type, size); break; default: ret = EINVAL; @@ -74,55 +65,37 @@ krb5_c_crypto_length(krb5_context context, } krb5_error_code KRB5_CALLCONV -krb5_c_padding_length(krb5_context context, - krb5_enctype enctype, - size_t data_length, - unsigned int *pad_length) +krb5_c_padding_length(krb5_context context, krb5_enctype enctype, + size_t data_length, unsigned int *pad_length) { - int i; - const struct krb5_keytypes *ktp = NULL; + const struct krb5_keytypes *ktp; - for (i = 0; i < krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) { - ktp = &krb5_enctypes_list[i]; - break; - } - } - - if (ktp == NULL || ktp->aead == NULL) { + ktp = find_enctype(enctype); + if (ktp == NULL || ktp->aead == NULL) return KRB5_BAD_ENCTYPE; - } - return krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash, data_length, pad_length); + return krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash, + data_length, pad_length); } krb5_error_code KRB5_CALLCONV -krb5_c_crypto_length_iov(krb5_context context, - krb5_enctype enctype, - krb5_crypto_iov *data, - size_t num_data) +krb5_c_crypto_length_iov(krb5_context context, krb5_enctype enctype, + krb5_crypto_iov *data, size_t num_data) { krb5_error_code ret = 0; size_t i; - const struct krb5_keytypes *ktp = NULL; + const struct krb5_keytypes *ktp; unsigned int data_length = 0, pad_length; krb5_crypto_iov *padding = NULL; /* * XXX need to rejig internal interface so we can accurately - * report variable header lengths + * report variable header lengths. */ - for (i = 0; i < (size_t)krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) { - ktp = &krb5_enctypes_list[i]; - break; - } - } - - if (ktp == NULL || ktp->aead == NULL) { + ktp = find_enctype(enctype); + if (ktp == NULL || ktp->aead == NULL) return KRB5_BAD_ENCTYPE; - } for (i = 0; i < num_data; i++) { krb5_crypto_iov *iov = &data[i]; @@ -140,7 +113,8 @@ krb5_c_crypto_length_iov(krb5_context context, case KRB5_CRYPTO_TYPE_HEADER: case KRB5_CRYPTO_TYPE_TRAILER: case KRB5_CRYPTO_TYPE_CHECKSUM: - ret = ktp->aead->crypto_length(ktp->aead, ktp->enc, ktp->hash, iov->flags, &iov->data.length); + ret = (*ktp->aead->crypto_length)(ktp->aead, ktp->enc, ktp->hash, + iov->flags, &iov->data.length); break; case KRB5_CRYPTO_TYPE_EMPTY: case KRB5_CRYPTO_TYPE_SIGN_ONLY: @@ -155,7 +129,8 @@ krb5_c_crypto_length_iov(krb5_context context, if (ret != 0) return ret; - ret = krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash, data_length, &pad_length); + ret = krb5int_c_padding_length(ktp->aead, ktp->enc, ktp->hash, + data_length, &pad_length); if (ret != 0) return ret; diff --git a/src/lib/crypto/krb/decrypt.c b/src/lib/crypto/krb/decrypt.c index 74c38f6..29b6ef7 100644 --- a/src/lib/crypto/krb/decrypt.c +++ b/src/lib/crypto/krb/decrypt.c @@ -33,35 +33,23 @@ krb5_c_decrypt(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *ivec, const krb5_enc_data *input, krb5_data *output) { - int i; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) { - krb5int_set_error(&context->err, KRB5_BAD_ENCTYPE, - "Bad encryption type (type %d unknown)", - key->enctype); - return(KRB5_BAD_ENCTYPE); - } + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; - if ((input->enctype != ENCTYPE_UNKNOWN) && - (krb5_enctypes_list[i].etype != input->enctype)) - return(KRB5_BAD_ENCTYPE); + if (input->enctype != ENCTYPE_UNKNOWN && ktp->etype != input->enctype) + return KRB5_BAD_ENCTYPE; - if (krb5_enctypes_list[i].decrypt == NULL) { - assert(krb5_enctypes_list[i].aead != NULL); + if (ktp->decrypt == NULL) { + assert(ktp->aead != NULL); - return krb5int_c_decrypt_aead_compat(krb5_enctypes_list[i].aead, - krb5_enctypes_list[i].enc, - krb5_enctypes_list[i].hash, + return krb5int_c_decrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash, key, usage, ivec, &input->ciphertext, output); } - return((*(krb5_enctypes_list[i].decrypt)) - (krb5_enctypes_list[i].enc, krb5_enctypes_list[i].hash, - key, usage, ivec, &input->ciphertext, output)); + return (*ktp->decrypt)(ktp->enc, ktp->hash, key, usage, ivec, + &input->ciphertext, output); } diff --git a/src/lib/crypto/krb/decrypt_iov.c b/src/lib/crypto/krb/decrypt_iov.c index 1a98b06..c2f2c0b 100644 --- a/src/lib/crypto/krb/decrypt_iov.c +++ b/src/lib/crypto/krb/decrypt_iov.c @@ -36,26 +36,20 @@ krb5_c_decrypt_iov(krb5_context context, krb5_crypto_iov *data, size_t num_data) { - int i; - const struct krb5_keytypes *ktp = NULL; + const struct krb5_keytypes *ktp; - for (i = 0; i < krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) { - ktp = &krb5_enctypes_list[i]; - break; - } - } - - if (ktp == NULL || ktp->aead == NULL) { + ktp = find_enctype(key->enctype); + if (ktp == NULL || ktp->aead == NULL) return KRB5_BAD_ENCTYPE; - } - if (krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_STREAM) != NULL) { + if (krb5int_c_locate_iov(data, num_data, + KRB5_CRYPTO_TYPE_STREAM) != NULL) { return krb5int_c_iov_decrypt_stream(ktp->aead, ktp->enc, ktp->hash, - key, usage, cipher_state, data, num_data); + key, usage, cipher_state, data, + num_data); } - return ktp->aead->decrypt_iov(ktp->aead, ktp->enc, ktp->hash, - key, usage, cipher_state, data, num_data); + return (*ktp->aead->decrypt_iov)(ktp->aead, ktp->enc, ktp->hash, key, + usage, cipher_state, data, num_data); } diff --git a/src/lib/crypto/krb/dk/checksum.c b/src/lib/crypto/krb/dk/checksum.c index f4b18bf..fb5622a 100644 --- a/src/lib/crypto/krb/dk/checksum.c +++ b/src/lib/crypto/krb/dk/checksum.c @@ -36,41 +36,35 @@ krb5_dk_make_checksum(const struct krb5_hash_provider *hash, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *input, krb5_data *output) { - int i; + const struct krb5_keytypes *ktp; const struct krb5_enc_provider *enc; - size_t blocksize, keybytes, keylength; + size_t keylength; krb5_error_code ret; unsigned char constantdata[K5CLENGTH]; krb5_data datain; unsigned char *kcdata; krb5_keyblock kc; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + enc = ktp->enc; - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + /* + * key->length will be tested in enc->encrypt. + * output->length will be tested in krb5_hmac. + */ - enc = krb5_enctypes_list[i].enc; - - /* allocate and set to-be-derived keys */ - - blocksize = enc->block_size; - keybytes = enc->keybytes; + /* Allocate and set to-be-derived keys. */ keylength = enc->keylength; - - /* key->length will be tested in enc->encrypt - output->length will be tested in krb5_hmac */ - - if ((kcdata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); + kcdata = malloc(keylength); + if (kcdata == NULL) + return ENOMEM; kc.contents = kcdata; kc.length = keylength; - /* derive the key */ + /* Derive the key. */ datain.data = (char *) constantdata; datain.length = K5CLENGTH; @@ -79,24 +73,21 @@ krb5_dk_make_checksum(const struct krb5_hash_provider *hash, datain.data[4] = (char) 0x99; - if ((ret = krb5_derive_key(enc, key, &kc, &datain)) != 0) + ret = krb5_derive_key(enc, key, &kc, &datain); + if (ret) goto cleanup; /* hash the data */ datain = *input; - if ((ret = krb5_hmac(hash, &kc, 1, &datain, output)) != 0) + ret = krb5_hmac(hash, &kc, 1, &datain, output); + if (ret) memset(output->data, 0, output->length); - /* ret is set correctly by the prior call */ - cleanup: - memset(kcdata, 0, keylength); - - free(kcdata); - - return(ret); + zapfree(kcdata, keylength); + return ret; } krb5_error_code @@ -105,41 +96,36 @@ krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, const krb5_crypto_iov *data, size_t num_data, krb5_data *output) { - int i; + const struct krb5_keytypes *ktp; const struct krb5_enc_provider *enc; - size_t blocksize, keybytes, keylength; + size_t keylength; krb5_error_code ret; unsigned char constantdata[K5CLENGTH]; krb5_data datain; unsigned char *kcdata; krb5_keyblock kc; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + enc = ktp->enc; - enc = krb5_enctypes_list[i].enc; + /* + * key->length will be tested in enc->encrypt. + * output->length will be tested in krb5_hmac. + */ - /* allocate and set to-be-derived keys */ + /* Allocate and set to-be-derived keys. */ - blocksize = enc->block_size; - keybytes = enc->keybytes; keylength = enc->keylength; - - /* key->length will be tested in enc->encrypt - output->length will be tested in krb5_hmac */ - - if ((kcdata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); + kcdata = malloc(keylength); + if (kcdata == NULL) + return ENOMEM; kc.contents = kcdata; kc.length = keylength; - /* derive the key */ + /* Derive the key. */ datain.data = (char *) constantdata; datain.length = K5CLENGTH; @@ -148,20 +134,18 @@ krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, datain.data[4] = (char) 0x99; - if ((ret = krb5_derive_key(enc, key, &kc, &datain)) != 0) + ret = krb5_derive_key(enc, key, &kc, &datain); + if (ret) goto cleanup; - /* hash the data */ + /* Hash the data. */ - if ((ret = krb5int_hmac_iov(hash, &kc, data, num_data, output)) != 0) + ret = krb5int_hmac_iov(hash, &kc, data, num_data, output); + if (ret) memset(output->data, 0, output->length); - /* ret is set correctly by the prior call */ - cleanup: - memset(kcdata, 0, keylength); - - free(kcdata); + zapfree(kcdata, keylength); return(ret); } diff --git a/src/lib/crypto/krb/dk/derive.c b/src/lib/crypto/krb/dk/derive.c index 77b05fa..8c8214c 100644 --- a/src/lib/crypto/krb/dk/derive.c +++ b/src/lib/crypto/krb/dk/derive.c @@ -32,33 +32,27 @@ krb5_derive_key(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, krb5_keyblock *outkey, const krb5_data *in_constant) { - size_t blocksize, keybytes, keylength, n; - unsigned char *inblockdata, *outblockdata, *rawkey; + size_t blocksize, keybytes, n; + unsigned char *inblockdata = NULL, *outblockdata = NULL, *rawkey = NULL; krb5_data inblock, outblock; + krb5_error_code ret; blocksize = enc->block_size; keybytes = enc->keybytes; - keylength = enc->keylength; - if ((inkey->length != keylength) || - (outkey->length != keylength)) - return(KRB5_CRYPTO_INTERNAL); + if (inkey->length != enc->keylength || outkey->length != enc->keylength) + return KRB5_CRYPTO_INTERNAL; - /* allocate and set up buffers */ - - if ((inblockdata = (unsigned char *) malloc(blocksize)) == NULL) - return(ENOMEM); - - if ((outblockdata = (unsigned char *) malloc(blocksize)) == NULL) { - free(inblockdata); - return(ENOMEM); - } - - if ((rawkey = (unsigned char *) malloc(keybytes)) == NULL) { - free(outblockdata); - free(inblockdata); - return(ENOMEM); - } + /* Allocate and set up buffers. */ + inblockdata = k5alloc(blocksize, &ret); + if (ret) + goto cleanup; + outblockdata = k5alloc(blocksize, &ret); + if (ret) + goto cleanup; + rawkey = k5alloc(keybytes, &ret); + if (ret) + goto cleanup; inblock.data = (char *) inblockdata; inblock.length = blocksize; @@ -66,7 +60,7 @@ krb5_derive_key(const struct krb5_enc_provider *enc, outblock.data = (char *) outblockdata; outblock.length = blocksize; - /* initialize the input block */ + /* Initialize the input block. */ if (in_constant->length == inblock.length) { memcpy(inblock.data, in_constant->data, inblock.length); @@ -75,14 +69,16 @@ krb5_derive_key(const struct krb5_enc_provider *enc, inblock.length*8, (unsigned char *) inblock.data); } - /* loop encrypting the blocks until enough key bytes are generated */ + /* Loop encrypting the blocks until enough key bytes are generated */ n = 0; while (n < keybytes) { - (*(enc->encrypt))(inkey, 0, &inblock, &outblock); + ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock); + if (ret) + goto cleanup; if ((keybytes - n) <= outblock.length) { - memcpy(rawkey+n, outblock.data, (keybytes - n)); + memcpy(rawkey + n, outblock.data, (keybytes - n)); break; } @@ -96,19 +92,15 @@ krb5_derive_key(const struct krb5_enc_provider *enc, inblock.data = (char *) rawkey; inblock.length = keybytes; - (*(enc->make_key))(&inblock, outkey); - - /* clean memory, free resources and exit */ - - memset(inblockdata, 0, blocksize); - memset(outblockdata, 0, blocksize); - memset(rawkey, 0, keybytes); + ret = (*enc->make_key)(&inblock, outkey); + if (ret) + goto cleanup; - free(rawkey); - free(outblockdata); - free(inblockdata); - - return(0); +cleanup: + zapfree(inblockdata, blocksize); + zapfree(outblockdata, blocksize); + zapfree(rawkey, keybytes); + return ret; } @@ -117,33 +109,28 @@ krb5_derive_random(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey, krb5_data *outrnd, const krb5_data *in_constant) { - size_t blocksize, keybytes, keylength, n; - unsigned char *inblockdata, *outblockdata, *rawkey; + size_t blocksize, keybytes, n; + unsigned char *inblockdata = NULL, *outblockdata = NULL, *rawkey = NULL; krb5_data inblock, outblock; + krb5_error_code ret; blocksize = enc->block_size; keybytes = enc->keybytes; - keylength = enc->keylength; - - if ((inkey->length != keylength) || - (outrnd->length != keybytes)) - return(KRB5_CRYPTO_INTERNAL); - /* allocate and set up buffers */ + if (inkey->length != enc->keylength || outrnd->length != keybytes) + return KRB5_CRYPTO_INTERNAL; - if ((inblockdata = (unsigned char *) malloc(blocksize)) == NULL) - return(ENOMEM); + /* Allocate and set up buffers. */ - if ((outblockdata = (unsigned char *) malloc(blocksize)) == NULL) { - free(inblockdata); - return(ENOMEM); - } - - if ((rawkey = (unsigned char *) malloc(keybytes)) == NULL) { - free(outblockdata); - free(inblockdata); - return(ENOMEM); - } + inblockdata = k5alloc(blocksize, &ret); + if (ret) + goto cleanup; + outblockdata = k5alloc(blocksize, &ret); + if (ret) + goto cleanup; + rawkey = k5alloc(keybytes, &ret); + if (ret) + goto cleanup; inblock.data = (char *) inblockdata; inblock.length = blocksize; @@ -151,8 +138,7 @@ krb5_derive_random(const struct krb5_enc_provider *enc, outblock.data = (char *) outblockdata; outblock.length = blocksize; - /* initialize the input block */ - + /* Initialize the input block. */ if (in_constant->length == inblock.length) { memcpy(inblock.data, in_constant->data, inblock.length); } else { @@ -160,14 +146,15 @@ krb5_derive_random(const struct krb5_enc_provider *enc, inblock.length*8, (unsigned char *) inblock.data); } - /* loop encrypting the blocks until enough key bytes are generated */ - + /* Loop encrypting the blocks until enough key bytes are generated. */ n = 0; while (n < keybytes) { - (*(enc->encrypt))(inkey, 0, &inblock, &outblock); + ret = (*enc->encrypt)(inkey, 0, &inblock, &outblock); + if (ret) + goto cleanup; if ((keybytes - n) <= outblock.length) { - memcpy(rawkey+n, outblock.data, (keybytes - n)); + memcpy(rawkey + n, outblock.data, (keybytes - n)); break; } @@ -176,42 +163,12 @@ krb5_derive_random(const struct krb5_enc_provider *enc, n += outblock.length; } - /* postprocess the key */ - - memcpy (outrnd->data, rawkey, keybytes); - - /* clean memory, free resources and exit */ - - memset(inblockdata, 0, blocksize); - memset(outblockdata, 0, blocksize); - memset(rawkey, 0, keybytes); - - free(rawkey); - free(outblockdata); - free(inblockdata); - - return(0); -} - -#if 0 -#include "etypes.h" -void -krb5_random2key (krb5_enctype enctype, krb5_data *inblock, - krb5_keyblock *outkey) -{ - int i; - const struct krb5_enc_provider *enc; - - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5_enctypes_length) - abort (); - - enc = krb5_enctypes_list[i].enc; + /* Postprocess the key. */ + memcpy(outrnd->data, rawkey, keybytes); - enc->make_key (inblock, outkey); +cleanup: + zapfree(inblockdata, blocksize); + zapfree(outblockdata, blocksize); + zapfree(rawkey, keybytes); + return ret; } -#endif diff --git a/src/lib/crypto/krb/dk/dk.h b/src/lib/crypto/krb/dk/dk.h index 54d1076..9ddeb40 100644 --- a/src/lib/crypto/krb/dk/dk.h +++ b/src/lib/crypto/krb/dk/dk.h @@ -26,64 +26,64 @@ #include "k5-int.h" -void krb5_dk_encrypt_length -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); - -krb5_error_code krb5_dk_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, krb5_data *output); - -void krb5int_aes_encrypt_length -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); - -krb5_error_code krb5int_aes_dk_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, krb5_data *output); - -krb5_error_code krb5_dk_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); - -krb5_error_code krb5int_aes_dk_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); - -krb5_error_code krb5int_dk_string_to_key -(const struct krb5_enc_provider *enc, - const krb5_data *string, const krb5_data *salt, - const krb5_data *params, krb5_keyblock *key); - -krb5_error_code krb5_derive_key -(const struct krb5_enc_provider *enc, - const krb5_keyblock *inkey, - krb5_keyblock *outkey, const krb5_data *in_constant); - -krb5_error_code krb5_dk_make_checksum -(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *input, krb5_data *output); +void krb5_dk_encrypt_length(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + size_t input, size_t *length); + +krb5_error_code krb5_dk_encrypt(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *key, krb5_keyusage usage, + const krb5_data *ivec, + const krb5_data *input, krb5_data *output); + +void krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + size_t input, size_t *length); + +krb5_error_code krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *key, + krb5_keyusage usage, + const krb5_data *ivec, + const krb5_data *input, + krb5_data *output); + +krb5_error_code krb5_dk_decrypt(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *key, krb5_keyusage usage, + const krb5_data *ivec, const krb5_data *input, + krb5_data *arg_output); + +krb5_error_code krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *key, + krb5_keyusage usage, + const krb5_data *ivec, + const krb5_data *input, + krb5_data *arg_output); + +krb5_error_code krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key); + +krb5_error_code krb5_derive_key(const struct krb5_enc_provider *enc, + const krb5_keyblock *inkey, + krb5_keyblock *outkey, + const krb5_data *in_constant); + +krb5_error_code krb5_dk_make_checksum(const struct krb5_hash_provider *hash, + const krb5_keyblock *key, + krb5_keyusage usage, + const krb5_data *input, + krb5_data *output); krb5_error_code krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output); + const krb5_keyblock *key, krb5_keyusage usage, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output); krb5_error_code krb5_derive_random(const struct krb5_enc_provider *enc, @@ -94,26 +94,3 @@ krb5_derive_random(const struct krb5_enc_provider *enc, extern const struct krb5_aead_provider krb5int_aead_dk; extern const struct krb5_aead_provider krb5int_aead_aes; - -/* CCM */ - -void -krb5int_ccm_encrypt_length(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length); - -extern const struct krb5_aead_provider krb5int_aead_ccm; - -krb5_error_code krb5int_ccm_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); - -krb5_error_code krb5int_ccm_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c index e995f9a..13eb007 100644 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ b/src/lib/crypto/krb/dk/dk_aead.c @@ -8,7 +8,7 @@ * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. - * + * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright @@ -84,11 +84,13 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, /* E(Confounder | Plaintext | Pad) | Checksum */ - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &blocksize); + ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, + &blocksize); if (ret != 0) return ret; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, &hmacsize); + ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, + &hmacsize); if (ret != 0) return ret; @@ -110,7 +112,7 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, return KRB5_BAD_MSIZE; if (blocksize != 0) { - /* Check that the input data is correctly padded */ + /* Check that the input data is correctly padded. */ if (plainlen % blocksize) padsize = blocksize - (plainlen % blocksize); } @@ -125,24 +127,18 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, } ke.length = enc->keylength; - ke.contents = malloc(ke.length); - if (ke.contents == NULL) { - ret = ENOMEM; + ke.contents = k5alloc(ke.length, &ret); + if (ret != 0) goto cleanup; - } ki.length = enc->keylength; - ki.contents = malloc(ki.length); - if (ki.contents == NULL) { - ret = ENOMEM; + ki.contents = k5alloc(ki.length, &ret); + if (ret != 0) goto cleanup; - } - cksum = (unsigned char *)malloc(hash->hashsize); - if (cksum == NULL) { - ret = ENOMEM; + cksum = k5alloc(hash->hashsize, &ret); + if (ret != 0) goto cleanup; - } - /* derive the keys */ + /* Derive the keys. */ d1.data = (char *)constantdata; d1.length = K5CLENGTH; @@ -161,7 +157,7 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) goto cleanup; - /* generate confounder */ + /* Generate confounder. */ header->data.length = enc->block_size; @@ -169,7 +165,7 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) goto cleanup; - /* hash the plaintext */ + /* Hash the plaintext. */ d2.length = hash->hashsize; d2.data = (char *)cksum; @@ -177,32 +173,23 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) goto cleanup; - /* encrypt the plaintext (header | data | padding) */ + /* Encrypt the plaintext (header | data | padding) */ assert(enc->encrypt_iov != NULL); - ret = enc->encrypt_iov(&ke, ivec, data, num_data); /* will update ivec */ + ret = (*enc->encrypt_iov)(&ke, ivec, data, num_data); /* updates ivec */ if (ret != 0) goto cleanup; - /* possibly truncate the hash */ + /* Possibly truncate the hash */ assert(hmacsize <= d2.length); memcpy(trailer->data.data, cksum, hmacsize); trailer->data.length = hmacsize; cleanup: - if (ke.contents != NULL) { - memset(ke.contents, 0, ke.length); - free(ke.contents); - } - if (ki.contents != NULL) { - memset(ki.contents, 0, ki.length); - free(ki.contents); - } - if (cksum != NULL) { - free(cksum); - } - + zapfree(ke.contents, ke.length); + zapfree(ki.contents, ki.length); + free(cksum); return ret; } @@ -222,12 +209,13 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, krb5_crypto_iov *header, *trailer; krb5_keyblock ke, ki; size_t i; - unsigned int blocksize = 0; /* careful, this is enc block size not confounder len */ + unsigned int blocksize = 0; /* enc block size, not confounder len */ unsigned int cipherlen = 0; unsigned int hmacsize = 0; unsigned char *cksum = NULL; - if (krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_STREAM) != NULL) { + if (krb5int_c_locate_iov(data, num_data, + KRB5_CRYPTO_TYPE_STREAM) != NULL) { return krb5int_c_iov_decrypt_stream(aead, enc, hash, key, usage, ivec, data, num_data); } @@ -237,11 +225,13 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, /* E(Confounder | Plaintext | Pad) | Checksum */ - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, &blocksize); + ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_PADDING, + &blocksize); if (ret != 0) return ret; - ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, &hmacsize); + ret = aead->crypto_length(aead, enc, hash, KRB5_CRYPTO_TYPE_TRAILER, + &hmacsize); if (ret != 0) return ret; @@ -273,24 +263,18 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, return KRB5_BAD_MSIZE; ke.length = enc->keylength; - ke.contents = malloc(ke.length); - if (ke.contents == NULL) { - ret = ENOMEM; + ke.contents = k5alloc(ke.length, &ret); + if (ret != 0) goto cleanup; - } ki.length = enc->keylength; - ki.contents = malloc(ki.length); - if (ki.contents == NULL) { - ret = ENOMEM; + ki.contents = k5alloc(ki.length, &ret); + if (ret != 0) goto cleanup; - } - cksum = (unsigned char *)malloc(hash->hashsize); - if (cksum == NULL) { - ret = ENOMEM; + cksum = k5alloc(hash->hashsize, &ret); + if (ret != 0) goto cleanup; - } - /* derive the keys */ + /* Derive the keys. */ d1.data = (char *)constantdata; d1.length = K5CLENGTH; @@ -309,14 +293,14 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) goto cleanup; - /* decrypt the plaintext (header | data | padding) */ + /* Decrypt the plaintext (header | data | padding). */ assert(enc->decrypt_iov != NULL); - ret = enc->decrypt_iov(&ke, ivec, data, num_data); /* will update ivec */ + ret = (*enc->decrypt_iov)(&ke, ivec, data, num_data); /* updates ivec */ if (ret != 0) goto cleanup; - /* verify the hash */ + /* Verify the hash. */ d1.length = hash->hashsize; /* non-truncated length */ d1.data = (char *)cksum; @@ -324,24 +308,16 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) goto cleanup; - /* compare only the possibly truncated length */ + /* Compare only the possibly truncated length. */ if (memcmp(cksum, trailer->data.data, hmacsize) != 0) { ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto cleanup; } cleanup: - if (ke.contents != NULL) { - memset(ke.contents, 0, ke.length); - free(ke.contents); - } - if (ki.contents != NULL) { - memset(ki.contents, 0, ki.length); - free(ki.contents); - } - if (cksum != NULL) { - free(cksum); - } + zapfree(ke.contents, ke.length); + zapfree(ki.contents, ki.length); + free(cksum); return ret; } @@ -383,4 +359,3 @@ const struct krb5_aead_provider krb5int_aead_aes = { krb5int_dk_encrypt_iov, krb5int_dk_decrypt_iov }; - diff --git a/src/lib/crypto/krb/dk/dk_decrypt.c b/src/lib/crypto/krb/dk/dk_decrypt.c index c38c4d5..1c0358a 100644 --- a/src/lib/crypto/krb/dk/dk_decrypt.c +++ b/src/lib/crypto/krb/dk/dk_decrypt.c @@ -71,17 +71,15 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, int ivec_mode) { krb5_error_code ret; - size_t hashsize, blocksize, keybytes, keylength, enclen, plainlen; - unsigned char *plaindata, *kedata, *kidata, *cksum, *cn; + size_t hashsize, blocksize, keylength, enclen, plainlen; + unsigned char *plaindata = NULL, *kedata = NULL, *kidata = NULL; + unsigned char *cksum = NULL, *cn; krb5_keyblock ke, ki; krb5_data d1, d2; unsigned char constantdata[K5CLENGTH]; - /* allocate and set up ciphertext and to-be-derived keys */ - hashsize = hash->hashsize; blocksize = enc->block_size; - keybytes = enc->keybytes; keylength = enc->keylength; if (hmacsize == 0) @@ -91,30 +89,26 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, enclen = input->length - hmacsize; - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaindata = (unsigned char *) malloc(enclen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } - if ((cksum = (unsigned char *) malloc(hashsize)) == NULL) { - free(plaindata); - free(kidata); - free(kedata); - return(ENOMEM); - } + /* Allocate and set up ciphertext and to-be-derived keys. */ + kedata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; + kidata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; + plaindata = k5alloc(enclen, &ret); + if (ret != 0) + goto cleanup; + cksum = k5alloc(hashsize, &ret); + if (ret != 0) + goto cleanup; ke.contents = kedata; ke.length = keylength; ki.contents = kidata; ki.length = keylength; - /* derive the keys */ + /* Derive the keys. */ d1.data = (char *) constantdata; d1.length = K5CLENGTH; @@ -123,12 +117,14 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, d1.data[4] = (char) 0xAA; - if ((ret = krb5_derive_key(enc, key, &ke, &d1)) != 0) + ret = krb5_derive_key(enc, key, &ke, &d1); + if (ret != 0) goto cleanup; d1.data[4] = 0x55; - if ((ret = krb5_derive_key(enc, key, &ki, &d1)) != 0) + ret = krb5_derive_key(enc, key, &ki, &d1); + if (ret != 0) goto cleanup; /* decrypt the ciphertext */ @@ -139,7 +135,8 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, d2.length = enclen; d2.data = (char *) plaindata; - if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0) + ret = (*enc->decrypt)(&ke, ivec, &d1, &d2); + if (ret != 0) goto cleanup; if (ivec != NULL && ivec->length == blocksize) { @@ -147,18 +144,19 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, cn = (unsigned char *) d1.data + d1.length - blocksize; else if (ivec_mode == 1) { int nblocks = (d1.length + blocksize - 1) / blocksize; - cn = d1.data + blocksize * (nblocks - 2); + cn = (unsigned char *) d1.data + blocksize * (nblocks - 2); } else abort(); } else cn = NULL; - /* verify the hash */ + /* Verify the hash. */ d1.length = hashsize; d1.data = (char *) cksum; - if ((ret = krb5_hmac(hash, &ki, 1, &d2, &d1)) != 0) + ret = krb5_hmac(hash, &ki, 1, &d2, &d1); + if (ret != 0) goto cleanup; if (memcmp(cksum, input->data+enclen, hmacsize) != 0) { @@ -166,14 +164,16 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, goto cleanup; } - /* because this encoding isn't self-describing wrt length, the - best we can do here is to compute the length minus the - confounder. */ + /* + * Because this encoding isn't self-describing wrt length, the + * best we can do here is to compute the length minus the + * confounder. + */ plainlen = enclen - blocksize; if (output->length < plainlen) - return(KRB5_BAD_MSIZE); + return KRB5_BAD_MSIZE; output->length = plainlen; @@ -182,19 +182,10 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, if (cn != NULL) memcpy(ivec->data, cn, blocksize); - ret = 0; - cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaindata, 0, enclen); - memset(cksum, 0, hashsize); - - free(cksum); - free(plaindata); - free(kidata); - free(kedata); - - return(ret); + zapfree(kedata, keylength); + zapfree(kidata, keylength); + zapfree(plaindata, enclen); + zapfree(cksum, hashsize); + return ret; } - diff --git a/src/lib/crypto/krb/dk/dk_encrypt.c b/src/lib/crypto/krb/dk/dk_encrypt.c index 6596e53..b06079c 100644 --- a/src/lib/crypto/krb/dk/dk_encrypt.c +++ b/src/lib/crypto/krb/dk/dk_encrypt.c @@ -29,12 +29,14 @@ #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ -/* the spec says that the confounder size and padding are specific to - the encryption algorithm. This code (dk_encrypt_length and - dk_encrypt) assume the confounder is always the blocksize, and the - padding is always zero bytes up to the blocksize. If these - assumptions ever fails, the keytype table should be extended to - include these bits of info. */ +/* + * The spec says that the confounder size and padding are specific to + * the encryption algorithm. This code (dk_encrypt_length and + * dk_encrypt) assume the confounder is always the blocksize, and the + * padding is always zero bytes up to the blocksize. If these + * assumptions ever fails, the keytype table should be extended to + * include these bits of info. + */ void krb5_dk_encrypt_length(const struct krb5_enc_provider *enc, @@ -45,7 +47,7 @@ krb5_dk_encrypt_length(const struct krb5_enc_provider *enc, blocksize = enc->block_size; hashsize = hash->hashsize; - *length = krb5_roundup(blocksize+inputlen, blocksize) + hashsize; + *length = krb5_roundup(blocksize + inputlen, blocksize) + hashsize; } krb5_error_code @@ -55,46 +57,43 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, const krb5_data *ivec, const krb5_data *input, krb5_data *output) { - size_t blocksize, keybytes, keylength, plainlen, enclen; + size_t blocksize, keylength, plainlen, enclen; krb5_error_code ret; unsigned char constantdata[K5CLENGTH]; krb5_data d1, d2; - unsigned char *plaintext, *kedata, *kidata; + unsigned char *plaintext = NULL, *kedata = NULL, *kidata = NULL; char *cn; krb5_keyblock ke, ki; - /* allocate and set up plaintext and to-be-derived keys */ - blocksize = enc->block_size; - keybytes = enc->keybytes; keylength = enc->keylength; - plainlen = krb5_roundup(blocksize+input->length, blocksize); + plainlen = krb5_roundup(blocksize + input->length, blocksize); krb5_dk_encrypt_length(enc, hash, input->length, &enclen); - /* key->length, ivec will be tested in enc->encrypt */ + /* key->length, ivec will be tested in enc->encrypt. */ if (output->length < enclen) return(KRB5_BAD_MSIZE); - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaintext = (unsigned char *) malloc(plainlen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } + /* Allocate and set up plaintext and to-be-derived keys. */ + + kedata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; + kidata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; + plaintext = k5alloc(plainlen, &ret); + if (ret != 0) + goto cleanup; ke.contents = kedata; ke.length = keylength; ki.contents = kidata; ki.length = keylength; - /* derive the keys */ + /* Derive the keys. */ d1.data = (char *) constantdata; d1.length = K5CLENGTH; @@ -103,28 +102,31 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, d1.data[4] = (char) 0xAA; - if ((ret = krb5_derive_key(enc, key, &ke, &d1))) + ret = krb5_derive_key(enc, key, &ke, &d1); + if (ret != 0) goto cleanup; d1.data[4] = 0x55; - if ((ret = krb5_derive_key(enc, key, &ki, &d1))) + ret = krb5_derive_key(enc, key, &ki, &d1); + if (ret != 0) goto cleanup; - /* put together the plaintext */ + /* Put together the plaintext. */ d1.length = blocksize; d1.data = (char *) plaintext; - if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &d1))) + ret = krb5_c_random_make_octets(/* XXX */ 0, &d1); + if (ret != 0) goto cleanup; - memcpy(plaintext+blocksize, input->data, input->length); + memcpy(plaintext + blocksize, input->data, input->length); - memset(plaintext+blocksize+input->length, 0, - plainlen - (blocksize+input->length)); + memset(plaintext + blocksize + input->length, 0, + plainlen - (blocksize + input->length)); - /* encrypt the plaintext */ + /* Encrypt the plaintext. */ d1.length = plainlen; d1.data = (char *) plaintext; @@ -132,7 +134,8 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, d2.length = plainlen; d2.data = output->data; - if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2)))) + ret = (*enc->encrypt)(&ke, ivec, &d1, &d2); + if (ret != 0) goto cleanup; if (ivec != NULL && ivec->length == blocksize) @@ -140,34 +143,28 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, else cn = NULL; - /* hash the plaintext */ + /* Hash the plaintext. */ d2.length = enclen - plainlen; d2.data = output->data+plainlen; output->length = enclen; - if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2))) { + ret = krb5_hmac(hash, &ki, 1, &d1, &d2); + if (ret != 0) { memset(d2.data, 0, d2.length); goto cleanup; } - /* update ivec */ + /* Update ivec. */ if (cn != NULL) memcpy(ivec->data, cn, blocksize); - /* ret is set correctly by the prior call */ - cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaintext, 0, plainlen); - - free(plaintext); - free(kidata); - free(kedata); - - return(ret); + zapfree(kedata, keylength); + zapfree(kidata, keylength); + zapfree(plaintext, plainlen); + return ret; } /* Not necessarily "AES", per se, but "a CBC+CTS mode block cipher @@ -222,7 +219,7 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, krb5_error_code ret; unsigned char constantdata[K5CLENGTH]; krb5_data d1, d2; - unsigned char *plaintext, *kedata, *kidata; + unsigned char *plaintext = NULL, *kedata = NULL, *kidata = NULL; char *cn; krb5_keyblock ke, ki; @@ -238,26 +235,24 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, /* key->length, ivec will be tested in enc->encrypt */ if (output->length < enclen) - return(KRB5_BAD_MSIZE); + return KRB5_BAD_MSIZE; - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaintext = (unsigned char *) malloc(plainlen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } + kedata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; + kidata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; + plaintext = k5alloc(plainlen, &ret); + if (ret != 0) + goto cleanup; ke.contents = kedata; ke.length = keylength; ki.contents = kidata; ki.length = keylength; - /* derive the keys */ + /* Derive the keys. */ d1.data = (char *) constantdata; d1.length = K5CLENGTH; @@ -266,12 +261,14 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, d1.data[4] = (char) 0xAA; - if ((ret = krb5_derive_key(enc, key, &ke, &d1))) + ret = krb5_derive_key(enc, key, &ke, &d1); + if (ret != 0) goto cleanup; d1.data[4] = 0x55; - if ((ret = krb5_derive_key(enc, key, &ki, &d1))) + ret = krb5_derive_key(enc, key, &ki, &d1); + if (ret != 0) goto cleanup; /* put together the plaintext */ @@ -279,16 +276,17 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, d1.length = blocksize; d1.data = (char *) plaintext; - if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &d1))) + ret = krb5_c_random_make_octets(NULL, &d1); + if (ret != 0) goto cleanup; - memcpy(plaintext+blocksize, input->data, input->length); + memcpy(plaintext + blocksize, input->data, input->length); /* Ciphertext stealing; there should be no more. */ if (plainlen != blocksize + input->length) abort(); - /* encrypt the plaintext */ + /* Encrypt the plaintext. */ d1.length = plainlen; d1.data = (char *) plaintext; @@ -296,7 +294,8 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, d2.length = plainlen; d2.data = output->data; - if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2)))) + ret = (*enc->encrypt)(&ke, ivec, &d1, &d2); + if (ret != 0) goto cleanup; if (ivec != NULL && ivec->length == blocksize) { @@ -305,54 +304,29 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, } else cn = NULL; - /* hash the plaintext */ + /* Hash the plaintext. */ d2.length = enclen - plainlen; d2.data = output->data+plainlen; if (d2.length != 96 / 8) abort(); - if ((ret = trunc_hmac(hash, &ki, 1, &d1, &d2))) { + ret = trunc_hmac(hash, &ki, 1, &d1, &d2); + if (ret != 0) { memset(d2.data, 0, d2.length); goto cleanup; } output->length = enclen; - /* update ivec */ - if (cn != NULL) { + /* Update ivec. */ + if (cn != NULL) memcpy(ivec->data, cn, blocksize); -#if 0 - { - int i; - printf("\n%s: output:", __func__); - for (i = 0; i < output->length; i++) { - if (i % 16 == 0) - printf("\n%s: ", __func__); - printf(" %02x", i[(unsigned char *)output->data]); - } - printf("\n%s: outputIV:", __func__); - for (i = 0; i < ivec->length; i++) { - if (i % 16 == 0) - printf("\n%s: ", __func__); - printf(" %02x", i[(unsigned char *)ivec->data]); - } - printf("\n"); fflush(stdout); - } -#endif - } - - /* ret is set correctly by the prior call */ cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaintext, 0, plainlen); - - free(plaintext); - free(kidata); - free(kedata); - - return(ret); + zapfree(kedata, keylength); + zapfree(kidata, keylength); + zapfree(plaintext, plainlen); + return ret; } diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c index 0e54b84..3265657 100644 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ b/src/lib/crypto/krb/dk/stringtokey.c @@ -36,34 +36,32 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, { krb5_error_code ret; size_t keybytes, keylength, concatlen; - unsigned char *concat, *foldstring, *foldkeydata; + unsigned char *concat = NULL, *foldstring = NULL, *foldkeydata = NULL; krb5_data indata; krb5_keyblock foldkey; - /* key->length is checked by krb5_derive_key */ + /* key->length is checked by krb5_derive_key. */ keybytes = enc->keybytes; keylength = enc->keylength; - concatlen = string->length+(salt?salt->length:0); + concatlen = string->length + (salt ? salt->length : 0); - if ((concat = (unsigned char *) malloc(concatlen)) == NULL) - return(ENOMEM); - if ((foldstring = (unsigned char *) malloc(keybytes)) == NULL) { - free(concat); - return(ENOMEM); - } - if ((foldkeydata = (unsigned char *) malloc(keylength)) == NULL) { - free(foldstring); - free(concat); - return(ENOMEM); - } + concat = k5alloc(concatlen, &ret); + if (ret != 0) + goto cleanup; + foldstring = k5alloc(keybytes, &ret); + if (ret != 0) + goto cleanup; + foldkeydata = k5alloc(keylength, &ret); + if (ret != 0) + goto cleanup; /* construct input string ( = string + salt), fold it, make_key it */ memcpy(concat, string->data, string->length); if (salt) - memcpy(concat+string->length, salt->data, salt->length); + memcpy(concat + string->length, salt->data, salt->length); krb5_nfold(concatlen*8, concat, keybytes*8, foldstring); @@ -72,25 +70,22 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, foldkey.length = keylength; foldkey.contents = foldkeydata; - (*(enc->make_key))(&indata, &foldkey); + ret = (*enc->make_key)(&indata, &foldkey); + if (ret != 0) + goto cleanup; /* now derive the key from this one */ indata.length = kerberos_len; indata.data = (char *) kerberos; - if ((ret = krb5_derive_key(enc, &foldkey, key, &indata))) + ret = krb5_derive_key(enc, &foldkey, key, &indata); + if (ret != 0) memset(key->contents, 0, key->length); - /* ret is set correctly by the prior call */ - - memset(concat, 0, concatlen); - memset(foldstring, 0, keybytes); - memset(foldkeydata, 0, keylength); - - free(foldkeydata); - free(foldstring); - free(concat); - - return(ret); +cleanup: + zapfree(concat, concatlen); + zapfree(foldstring, keybytes); + zapfree(foldkeydata, keylength); + return ret; } diff --git a/src/lib/crypto/krb/encrypt.c b/src/lib/crypto/krb/encrypt.c index a9a38aa..741485a 100644 --- a/src/lib/crypto/krb/encrypt.c +++ b/src/lib/crypto/krb/encrypt.c @@ -33,31 +33,24 @@ krb5_c_encrypt(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *ivec, const krb5_data *input, krb5_enc_data *output) { - int i; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; output->magic = KV5M_ENC_DATA; output->kvno = 0; output->enctype = key->enctype; - if (krb5_enctypes_list[i].encrypt == NULL) { - assert(krb5_enctypes_list[i].aead != NULL); + if (ktp->encrypt == NULL) { + assert(ktp->aead != NULL); - return krb5int_c_encrypt_aead_compat(krb5_enctypes_list[i].aead, - krb5_enctypes_list[i].enc, - krb5_enctypes_list[i].hash, - key, usage, ivec, - input, &output->ciphertext); + return krb5int_c_encrypt_aead_compat(ktp->aead, ktp->enc, ktp->hash, + key, usage, ivec, input, + &output->ciphertext); } - return((*(krb5_enctypes_list[i].encrypt)) - (krb5_enctypes_list[i].enc, krb5_enctypes_list[i].hash, - key, usage, ivec, input, &output->ciphertext)); + return (*ktp->encrypt)(ktp->enc, ktp->hash, key, usage, ivec, input, + &output->ciphertext); } diff --git a/src/lib/crypto/krb/encrypt_iov.c b/src/lib/crypto/krb/encrypt_iov.c index a35c5b5..21242bc 100644 --- a/src/lib/crypto/krb/encrypt_iov.c +++ b/src/lib/crypto/krb/encrypt_iov.c @@ -35,21 +35,13 @@ krb5_c_encrypt_iov(krb5_context context, krb5_crypto_iov *data, size_t num_data) { - int i; - const struct krb5_keytypes *ktp = NULL; + const struct krb5_keytypes *ktp; - for (i = 0; i < krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) { - ktp = &krb5_enctypes_list[i]; - break; - } - } - - if (ktp == NULL || ktp->aead == NULL) { + ktp = find_enctype(key->enctype); + if (ktp == NULL || ktp->aead == NULL) return KRB5_BAD_ENCTYPE; - } - return ktp->aead->encrypt_iov(ktp->aead, ktp->enc, ktp->hash, - key, usage, cipher_state, data, num_data); + return (*ktp->aead->encrypt_iov)(ktp->aead, ktp->enc, ktp->hash, + key, usage, cipher_state, data, num_data); } diff --git a/src/lib/crypto/krb/encrypt_length.c b/src/lib/crypto/krb/encrypt_length.c index a934b2a..bb9a102 100644 --- a/src/lib/crypto/krb/encrypt_length.c +++ b/src/lib/crypto/krb/encrypt_length.c @@ -32,28 +32,20 @@ krb5_error_code KRB5_CALLCONV krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype, size_t inputlen, size_t *length) { - int i; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; - if (krb5_enctypes_list[i].encrypt_len == NULL) { - assert(krb5_enctypes_list[i].aead != NULL); + if (ktp->encrypt_len == NULL) { + assert(ktp->aead != NULL); - krb5int_c_encrypt_length_aead_compat(krb5_enctypes_list[i].aead, - krb5_enctypes_list[i].enc, - krb5_enctypes_list[i].hash, + krb5int_c_encrypt_length_aead_compat(ktp->aead, ktp->enc, ktp->hash, inputlen, length); } else { - (*(krb5_enctypes_list[i].encrypt_len)) - (krb5_enctypes_list[i].enc, krb5_enctypes_list[i].hash, - inputlen, length); + (*ktp->encrypt_len)(ktp->enc, ktp->hash, inputlen, length); } - return(0); + return 0; } diff --git a/src/lib/crypto/krb/enctype_compare.c b/src/lib/crypto/krb/enctype_compare.c index 55e8277..b724c3d 100644 --- a/src/lib/crypto/krb/enctype_compare.c +++ b/src/lib/crypto/krb/enctype_compare.c @@ -31,25 +31,13 @@ krb5_error_code KRB5_CALLCONV krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean *similar) { - int i, j; + const struct krb5_keytypes *ktp1, *ktp2; - for (i=0; i<krb5_enctypes_length; i++) - if (krb5_enctypes_list[i].etype == e1) - break; + ktp1 = find_enctype(e1); + ktp2 = find_enctype(e2); + if (ktp1 == NULL || ktp2 == NULL) + return KRB5_BAD_ENCTYPE; - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - for (j=0; j<krb5_enctypes_length; j++) - if (krb5_enctypes_list[j].etype == e2) - break; - - if (j == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - *similar = - ((krb5_enctypes_list[i].enc == krb5_enctypes_list[j].enc) && - (krb5_enctypes_list[i].str2key == krb5_enctypes_list[j].str2key)); - - return(0); + *similar = (ktp1->enc == ktp2->enc && ktp1->str2key == ktp2->str2key); + return 0; } diff --git a/src/lib/crypto/krb/enctype_to_string.c b/src/lib/crypto/krb/enctype_to_string.c index 28fa63e..427a30d 100644 --- a/src/lib/crypto/krb/enctype_to_string.c +++ b/src/lib/crypto/krb/enctype_to_string.c @@ -30,16 +30,12 @@ krb5_error_code KRB5_CALLCONV krb5_enctype_to_string(krb5_enctype enctype, char *buffer, size_t buflen) { - int i; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) { - if (strlcpy(buffer, krb5_enctypes_list[i].out_string, - buflen) >= buflen) - return(ENOMEM); - return(0); - } - } - - return(EINVAL); + ktp = find_enctype(enctype); + if (ktp == NULL) + return EINVAL; + if (strlcpy(buffer, ktp->out_string, buflen) >= buflen) + return ENOMEM; + return 0; } diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c index bd5c6d8..b3abd18 100644 --- a/src/lib/crypto/krb/etypes.c +++ b/src/lib/crypto/krb/etypes.c @@ -167,4 +167,4 @@ const struct krb5_keytypes krb5_enctypes_list[] = { }; const int krb5_enctypes_length = -sizeof(krb5_enctypes_list)/sizeof(struct krb5_keytypes); + sizeof(krb5_enctypes_list) / sizeof(struct krb5_keytypes); diff --git a/src/lib/crypto/krb/etypes.h b/src/lib/crypto/krb/etypes.h index 8441fca..8d83b42 100644 --- a/src/lib/crypto/krb/etypes.h +++ b/src/lib/crypto/krb/etypes.h @@ -26,21 +26,27 @@ #include "k5-int.h" -typedef void (*krb5_encrypt_length_func) (const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t inputlen, size_t *length); +typedef void (*krb5_encrypt_length_func)(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + size_t inputlen, size_t *length); -typedef krb5_error_code (*krb5_crypt_func) (const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage keyusage, - const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +typedef krb5_error_code (*krb5_crypt_func)(const struct krb5_enc_provider *enc, + const struct + krb5_hash_provider *hash, + const krb5_keyblock *key, + krb5_keyusage keyusage, + const krb5_data *ivec, + const krb5_data *input, + krb5_data *output); -typedef krb5_error_code (*krb5_str2key_func) (const struct krb5_enc_provider *enc, const krb5_data *string, - const krb5_data *salt, const krb5_data *parm, krb5_keyblock *key); +typedef krb5_error_code (*krb5_str2key_func)(const struct + krb5_enc_provider *enc, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *parm, + krb5_keyblock *key); -typedef krb5_error_code (*krb5_prf_func)( - const struct krb5_enc_provider *enc, +typedef krb5_error_code (*krb5_prf_func)(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, const krb5_keyblock *key, const krb5_data *in, krb5_data *out); @@ -68,11 +74,12 @@ struct krb5_keytypes { extern const struct krb5_keytypes krb5_enctypes_list[]; extern const int krb5_enctypes_length; -static inline const struct krb5_keytypes* -find_enctype (krb5_enctype enctype) +static inline const struct krb5_keytypes * +find_enctype(krb5_enctype enctype) { int i; - for (i=0; i<krb5_enctypes_length; i++) { + + for (i = 0; i < krb5_enctypes_length; i++) { if (krb5_enctypes_list[i].etype == enctype) break; } diff --git a/src/lib/crypto/krb/keyblocks.c b/src/lib/crypto/krb/keyblocks.c index 22d2634..51e31d3 100644 --- a/src/lib/crypto/krb/keyblocks.c +++ b/src/lib/crypto/krb/keyblocks.c @@ -33,29 +33,31 @@ #include "k5-int.h" #include <assert.h> -krb5_error_code krb5int_c_init_keyblock - (krb5_context context, krb5_enctype enctype, - size_t length, krb5_keyblock **out) +krb5_error_code +krb5int_c_init_keyblock(krb5_context context, krb5_enctype enctype, + size_t length, krb5_keyblock **out) { krb5_keyblock *kb; - kb = malloc (sizeof(krb5_keyblock)); - assert (out); + + assert(out); *out = NULL; - if (!kb) { + + kb = malloc(sizeof(krb5_keyblock)); + if (kb == NULL) return ENOMEM; - } kb->magic = KV5M_KEYBLOCK; kb->enctype = enctype; kb->length = length; - if(length) { - kb->contents = malloc (length); - if(!kb->contents) { - free (kb); + if (length) { + kb->contents = malloc(length); + if (!kb->contents) { + free(kb); return ENOMEM; } } else { kb->contents = NULL; } + *out = kb; return 0; } @@ -71,9 +73,8 @@ void krb5int_c_free_keyblock_contents(krb5_context context, krb5_keyblock *key) { if (key && key->contents) { - krb5int_zap_data (key->contents, key->length); - free(key->contents); - key->contents = 0; + zapfree(key->contents, key->length); + key->contents = NULL; } } diff --git a/src/lib/crypto/krb/keyed_checksum_types.c b/src/lib/crypto/krb/keyed_checksum_types.c index 04aa447..2fd239c 100644 --- a/src/lib/crypto/krb/keyed_checksum_types.c +++ b/src/lib/crypto/krb/keyed_checksum_types.c @@ -28,62 +28,54 @@ #include "etypes.h" #include "cksumtypes.h" -static int etype_match(krb5_enctype e1, krb5_enctype e2) +static krb5_boolean +etype_match(krb5_enctype e1, krb5_enctype e2) { - int i1, i2; + const struct krb5_keytypes *ktp1, *ktp2; - for (i1=0; i1<krb5_enctypes_length; i1++) - if (krb5_enctypes_list[i1].etype == e1) - break; - - for (i2=0; i2<krb5_enctypes_length; i2++) - if (krb5_enctypes_list[i2].etype == e2) - break; - - return((i1 < krb5_enctypes_length) && - (i2 < krb5_enctypes_length) && - (krb5_enctypes_list[i1].enc == krb5_enctypes_list[i2].enc)); + ktp1 = find_enctype(e1); + ktp2 = find_enctype(e2); + return (ktp1 != NULL && ktp2 != NULL && ktp1->enc == ktp2->enc); } krb5_error_code KRB5_CALLCONV krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype, unsigned int *count, krb5_cksumtype **cksumtypes) { - unsigned int i, c; + unsigned int i, c, nctypes; + krb5_cksumtype *ctypes; + const struct krb5_cksumtypes *ct; - c = 0; - for (i=0; i<krb5_cksumtypes_length; i++) { - if ((krb5_cksumtypes_list[i].keyhash && - etype_match(krb5_cksumtypes_list[i].keyed_etype, enctype)) || - (krb5_cksumtypes_list[i].flags & KRB5_CKSUMFLAG_DERIVE)) { - c++; - } - } + *count = 0; + *cksumtypes = NULL; - *count = c; + nctypes = 0; + for (i = 0; i < krb5_cksumtypes_length; i++) { + ct = &krb5_cksumtypes_list[i]; + if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) || + (ct->flags & KRB5_CKSUMFLAG_DERIVE)) + nctypes++; + } - if ((*cksumtypes = (krb5_cksumtype *) malloc(c*sizeof(krb5_cksumtype))) - == NULL) - return(ENOMEM); + ctypes = malloc(nctypes * sizeof(krb5_cksumtype)); + if (ctypes == NULL) + return ENOMEM; c = 0; - for (i=0; i<krb5_cksumtypes_length; i++) { - if ((krb5_cksumtypes_list[i].keyhash && - etype_match(krb5_cksumtypes_list[i].keyed_etype, enctype)) || - (krb5_cksumtypes_list[i].flags & KRB5_CKSUMFLAG_DERIVE)) { - (*cksumtypes)[c] = krb5_cksumtypes_list[i].ctype; - c++; - } + for (i = 0; i < krb5_cksumtypes_length; i++) { + ct = &krb5_cksumtypes_list[i]; + if ((ct->keyhash && etype_match(ct->keyed_etype, enctype)) || + (ct->flags & KRB5_CKSUMFLAG_DERIVE)) + ctypes[c++] = krb5_cksumtypes_list[i].ctype; } - return(0); + *count = nctypes; + *cksumtypes = ctypes; + return 0; } void KRB5_CALLCONV krb5_free_cksumtypes(krb5_context context, krb5_cksumtype *val) { - if (val) - free(val); - return; + free(val); } - diff --git a/src/lib/crypto/krb/keyed_cksum.c b/src/lib/crypto/krb/keyed_cksum.c index 023d8c6..8cf5f10 100644 --- a/src/lib/crypto/krb/keyed_cksum.c +++ b/src/lib/crypto/krb/keyed_cksum.c @@ -31,25 +31,22 @@ krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum(krb5_cksumtype ctype) { unsigned int i; + const struct krb5_cksumtypes *ctp; - for (i=0; i<krb5_cksumtypes_length; i++) { - if (krb5_cksumtypes_list[i].ctype == ctype) { - if (krb5_cksumtypes_list[i].keyhash || - (krb5_cksumtypes_list[i].flags & - KRB5_CKSUMFLAG_DERIVE)) - return(1); - else - return(0); + for (i = 0; i < krb5_cksumtypes_length; i++) { + ctp = &krb5_cksumtypes_list[i]; + if (ctp->ctype == ctype) { + return (ctp->keyhash != NULL || + (ctp->flags & KRB5_CKSUMFLAG_DERIVE)); } } - /* ick, but it's better than coredumping, which is what the - old code would have done */ - return 0; /* error case */ + /* Invalid ctype. This is misleading, but better than dumping core. */ + return FALSE; } krb5_boolean KRB5_CALLCONV is_keyed_cksum(krb5_cksumtype ctype) { - return krb5_c_is_keyed_cksum (ctype); + return krb5_c_is_keyed_cksum(ctype); } diff --git a/src/lib/crypto/krb/keylengths.c b/src/lib/crypto/krb/keylengths.c index acd1da8..d28d595 100644 --- a/src/lib/crypto/krb/keylengths.c +++ b/src/lib/crypto/krb/keylengths.c @@ -39,23 +39,19 @@ krb5_error_code KRB5_CALLCONV krb5_c_keylengths(krb5_context context, krb5_enctype enctype, size_t *keybytes, size_t *keylength) { - int i; + const struct krb5_keytypes *ktp; if (keybytes == NULL && keylength == NULL) - return(EINVAL); + return EINVAL; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; if (keybytes) - *keybytes = krb5_enctypes_list[i].enc->keybytes; + *keybytes = ktp->enc->keybytes; if (keylength) - *keylength = krb5_enctypes_list[i].enc->keylength; + *keylength = ktp->enc->keylength; - return(0); + return 0; } diff --git a/src/lib/crypto/krb/make_checksum.c b/src/lib/crypto/krb/make_checksum.c index ad532b2..29f1ebb 100644 --- a/src/lib/crypto/krb/make_checksum.c +++ b/src/lib/crypto/krb/make_checksum.c @@ -35,56 +35,47 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, const krb5_data *input, krb5_checksum *cksum) { unsigned int i; - int e1, e2; + const struct krb5_cksumtypes *ctp; + const struct krb5_keytypes *ktp1, *ktp2; + const struct krb5_keyhash_provider *keyhash; krb5_data data; + krb5_octet *trunc; krb5_error_code ret; size_t cksumlen; - for (i=0; i<krb5_cksumtypes_length; i++) { + for (i = 0; i < krb5_cksumtypes_length; i++) { if (krb5_cksumtypes_list[i].ctype == cksumtype) break; } - if (i == krb5_cksumtypes_length) - return(KRB5_BAD_ENCTYPE); + return KRB5_BAD_ENCTYPE; + ctp = &krb5_cksumtypes_list[i]; - if (krb5_cksumtypes_list[i].keyhash) - cksumlen = krb5_cksumtypes_list[i].keyhash->hashsize; + if (ctp->keyhash != NULL) + cksumlen = ctp->keyhash->hashsize; else - cksumlen = krb5_cksumtypes_list[i].hash->hashsize; + cksumlen = ctp->hash->hashsize; cksum->length = cksumlen; - - if ((cksum->contents = (krb5_octet *) malloc(cksum->length)) == NULL) - return(ENOMEM); + cksum->contents = malloc(cksum->length); + if (cksum->contents == NULL) + return ENOMEM; data.length = cksum->length; data.data = (char *) cksum->contents; - if (krb5_cksumtypes_list[i].keyhash) { + if (ctp->keyhash) { /* check if key is compatible */ - const struct krb5_keyhash_provider *keyhash; - - keyhash = krb5_cksumtypes_list[i].keyhash; - - if (krb5_cksumtypes_list[i].keyed_etype) { - for (e1=0; e1<krb5_enctypes_length; e1++) - if (krb5_enctypes_list[e1].etype == - krb5_cksumtypes_list[i].keyed_etype) - break; - - for (e2=0; e2<krb5_enctypes_length; e2++) - if (krb5_enctypes_list[e2].etype == key->enctype) - break; - - if ((e1 == krb5_enctypes_length) || - (e2 == krb5_enctypes_length) || - (krb5_enctypes_list[e1].enc != krb5_enctypes_list[e2].enc)) { + if (ctp->keyed_etype) { + ktp1 = find_enctype(ctp->keyed_etype); + ktp2 = find_enctype(key->enctype); + if (ktp1 == NULL || ktp2 == NULL || ktp1->enc != ktp2->enc) { ret = KRB5_BAD_ENCTYPE; goto cleanup; } } + keyhash = ctp->keyhash; if (keyhash->hash == NULL) { krb5_crypto_iov iov[1]; @@ -97,22 +88,19 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, } else { ret = (*keyhash->hash)(key, usage, 0, input, &data); } - } else if (krb5_cksumtypes_list[i].flags & KRB5_CKSUMFLAG_DERIVE) { - ret = krb5_dk_make_checksum(krb5_cksumtypes_list[i].hash, - key, usage, input, &data); + } else if (ctp->flags & KRB5_CKSUMFLAG_DERIVE) { + ret = krb5_dk_make_checksum(ctp->hash, key, usage, input, &data); } else { - /* no key is used */ - - ret = (*(krb5_cksumtypes_list[i].hash->hash))(1, input, &data); + /* No key is used. */ + ret = (*ctp->hash->hash)(1, input, &data); } if (!ret) { cksum->magic = KV5M_CHECKSUM; cksum->checksum_type = cksumtype; - if (krb5_cksumtypes_list[i].trunc_size) { - krb5_octet *trunc; - cksum->length = krb5_cksumtypes_list[i].trunc_size; - trunc = (krb5_octet *) realloc(cksum->contents, cksum->length); + if (ctp->trunc_size) { + cksum->length = ctp->trunc_size; + trunc = realloc(cksum->contents, cksum->length); if (trunc) cksum->contents = trunc; } @@ -120,10 +108,9 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, cleanup: if (ret) { - memset(cksum->contents, 0, cksum->length); - free(cksum->contents); + zapfree(cksum->contents, cksum->length); cksum->contents = NULL; } - return(ret); + return ret; } diff --git a/src/lib/crypto/krb/make_checksum_iov.c b/src/lib/crypto/krb/make_checksum_iov.c index 3cf4af6..a16b849 100644 --- a/src/lib/crypto/krb/make_checksum_iov.c +++ b/src/lib/crypto/krb/make_checksum_iov.c @@ -41,22 +41,23 @@ krb5_c_make_checksum_iov(krb5_context context, krb5_error_code ret; krb5_data cksum_data; krb5_crypto_iov *checksum; + const struct krb5_cksumtypes *ctp; for (i = 0; i < krb5_cksumtypes_length; i++) { if (krb5_cksumtypes_list[i].ctype == cksumtype) break; } - if (i == krb5_cksumtypes_length) - return(KRB5_BAD_ENCTYPE); + return KRB5_BAD_ENCTYPE; + ctp = &krb5_cksumtypes_list[i]; - if (krb5_cksumtypes_list[i].keyhash != NULL) - cksum_data.length = krb5_cksumtypes_list[i].keyhash->hashsize; + if (ctp->keyhash != NULL) + cksum_data.length = ctp->keyhash->hashsize; else - cksum_data.length = krb5_cksumtypes_list[i].hash->hashsize; + cksum_data.length = ctp->hash->hashsize; - if (krb5_cksumtypes_list[i].trunc_size != 0) - cksumlen = krb5_cksumtypes_list[i].trunc_size; + if (ctp->trunc_size != 0) + cksumlen = ctp->trunc_size; else cksumlen = cksum_data.length; diff --git a/src/lib/crypto/krb/make_random_key.c b/src/lib/crypto/krb/make_random_key.c index 0ae321d..0c3a262 100644 --- a/src/lib/crypto/krb/make_random_key.c +++ b/src/lib/crypto/krb/make_random_key.c @@ -31,53 +31,46 @@ krb5_error_code KRB5_CALLCONV krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, krb5_keyblock *random_key) { - int i; krb5_error_code ret; + const struct krb5_keytypes *ktp; const struct krb5_enc_provider *enc; size_t keybytes, keylength; krb5_data random_data; - unsigned char *bytes; + unsigned char *bytes = NULL; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - enc = krb5_enctypes_list[i].enc; + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + enc = ktp->enc; keybytes = enc->keybytes; keylength = enc->keylength; - if ((bytes = (unsigned char *) malloc(keybytes)) == NULL) - return(ENOMEM); - if ((random_key->contents = (krb5_octet *) malloc(keylength)) == NULL) { - free(bytes); - return(ENOMEM); - } + bytes = k5alloc(keybytes, &ret); + if (ret) + return ret; + random_key->contents = k5alloc(keylength, &ret); + if (ret) + goto cleanup; random_data.data = (char *) bytes; random_data.length = keybytes; - if ((ret = krb5_c_random_make_octets(context, &random_data))) + ret = krb5_c_random_make_octets(context, &random_data); + if (ret) goto cleanup; random_key->magic = KV5M_KEYBLOCK; random_key->enctype = enctype; random_key->length = keylength; - ret = ((*(enc->make_key))(&random_data, random_key)); + ret = (*enc->make_key)(&random_data, random_key); cleanup: - memset(bytes, 0, keybytes); - free(bytes); - if (ret) { - memset(random_key->contents, 0, keylength); - free(random_key->contents); + zapfree(random_key->contents, keylength); + random_key->contents = NULL; } - - return(ret); + zapfree(bytes, keybytes); + return ret; } diff --git a/src/lib/crypto/krb/mandatory_sumtype.c b/src/lib/crypto/krb/mandatory_sumtype.c index f9322ff..45ea0b8 100644 --- a/src/lib/crypto/krb/mandatory_sumtype.c +++ b/src/lib/crypto/krb/mandatory_sumtype.c @@ -26,16 +26,14 @@ #include "etypes.h" krb5_error_code -krb5int_c_mandatory_cksumtype (krb5_context ctx, krb5_enctype etype, - krb5_cksumtype *cksumtype) +krb5int_c_mandatory_cksumtype(krb5_context ctx, krb5_enctype etype, + krb5_cksumtype *cksumtype) { - int i; + const struct krb5_keytypes *ktp; - for (i = 0; i < krb5_enctypes_length; i++) - if (krb5_enctypes_list[i].etype == etype) { - *cksumtype = krb5_enctypes_list[i].required_ctype; - return 0; - } - - return KRB5_BAD_ENCTYPE; + ktp = find_enctype(etype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + *cksumtype = ktp->required_ctype; + return 0; } diff --git a/src/lib/crypto/krb/old_api_glue.c b/src/lib/crypto/krb/old_api_glue.c index 4db0c33..c0cfdb1 100644 --- a/src/lib/crypto/krb/old_api_glue.c +++ b/src/lib/crypto/krb/old_api_glue.c @@ -37,28 +37,31 @@ krb5_encrypt(krb5_context context, krb5_const_pointer inptr, krb5_error_code ret; if (ivec) { - if ((ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize))) - return(ret); + ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize); + if (ret) + return ret; ivecd.length = blocksize; ivecd.data = ivec; } - /* size is the length of the input cleartext data */ + /* size is the length of the input cleartext data. */ inputd.length = size; inputd.data = inptr; - /* The size of the output buffer isn't part of the old api. Not too - safe. So, we assume here that it's big enough. */ - if ((ret = krb5_c_encrypt_length(context, eblock->key->enctype, size, - &outlen))) - return(ret); + /* + * The size of the output buffer isn't part of the old api. Not too + * safe. So, we assume here that it's big enough. + */ + ret = krb5_c_encrypt_length(context, eblock->key->enctype, size, &outlen); + if (ret) + return ret; outputd.ciphertext.length = outlen; outputd.ciphertext.data = outptr; - return(krb5_c_encrypt(context, eblock->key, 0, ivec?&ivecd:0, - &inputd, &outputd)); + return krb5_c_encrypt(context, eblock->key, 0, ivec ? &ivecd : 0, + &inputd, &outputd); } krb5_error_code KRB5_CALLCONV @@ -72,8 +75,9 @@ krb5_decrypt(krb5_context context, krb5_const_pointer inptr, krb5_error_code ret; if (ivec) { - if ((ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize))) - return(ret); + ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize); + if (ret) + return ret; ivecd.length = blocksize; ivecd.data = ivec; @@ -90,8 +94,8 @@ krb5_decrypt(krb5_context context, krb5_const_pointer inptr, outputd.length = size; outputd.data = outptr; - return(krb5_c_decrypt(context, eblock->key, 0, ivec?&ivecd:0, - &inputd, &outputd)); + return krb5_c_decrypt(context, eblock->key, 0, ivec ? &ivecd : 0, + &inputd, &outputd); } krb5_error_code KRB5_CALLCONV @@ -100,13 +104,13 @@ krb5_process_key(krb5_context context, krb5_encrypt_block *eblock, { eblock->key = (krb5_keyblock *) key; - return(0); + return 0; } krb5_error_code KRB5_CALLCONV krb5_finish_key(krb5_context context, krb5_encrypt_block *eblock) { - return(0); + return 0; } krb5_error_code KRB5_CALLCONV @@ -114,8 +118,8 @@ krb5_string_to_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_keyblock *keyblock, const krb5_data *data, const krb5_data *salt) { - return(krb5_c_string_to_key(context, eblock->crypto_entry, data, salt, - keyblock)); + return krb5_c_string_to_key(context, eblock->crypto_entry, data, salt, + keyblock); } krb5_error_code KRB5_CALLCONV @@ -127,14 +131,14 @@ krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock, data.length = keyblock->length; data.data = (char *) keyblock->contents; - return(krb5_c_random_seed(context, &data)); + return krb5_c_random_seed(context, &data); } krb5_error_code KRB5_CALLCONV krb5_finish_random_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_pointer *ptr) { - return(0); + return 0; } krb5_error_code KRB5_CALLCONV @@ -144,23 +148,26 @@ krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_keyblock *key; krb5_error_code ret; - if ((key = (krb5_keyblock *) malloc(sizeof(krb5_keyblock))) == NULL) - return(ENOMEM); + *keyblock = NULL; - if ((ret = krb5_c_make_random_key(context, eblock->crypto_entry, key))) { + key = malloc(sizeof(krb5_keyblock)); + if (key == NULL) + return ENOMEM; + + ret = krb5_c_make_random_key(context, eblock->crypto_entry, key); + if (ret) { free(key); - key = NULL; + return ret; } *keyblock = key; - return(ret); } krb5_enctype KRB5_CALLCONV krb5_eblock_enctype(krb5_context context, const krb5_encrypt_block *eblock) { - return(eblock->crypto_entry); + return eblock->crypto_entry; } krb5_error_code KRB5_CALLCONV @@ -169,7 +176,7 @@ krb5_use_enctype(krb5_context context, krb5_encrypt_block *eblock, { eblock->crypto_entry = enctype; - return(0); + return 0; } size_t KRB5_CALLCONV @@ -177,10 +184,10 @@ krb5_encrypt_size(size_t length, krb5_enctype crypto) { size_t ret; - if (krb5_c_encrypt_length(/* XXX */ 0, crypto, length, &ret)) - return(-1); /* XXX */ + if (krb5_c_encrypt_length(NULL, crypto, length, &ret)) + return (size_t) -1; /* XXX */ - return(ret); + return ret; } size_t KRB5_CALLCONV @@ -189,9 +196,9 @@ krb5_checksum_size(krb5_context context, krb5_cksumtype ctype) size_t ret; if (krb5_c_checksum_length(context, ctype, &ret)) - return(-1); /* XXX */ + return (size_t) -1; /* XXX */ - return(ret); + return ret; } krb5_error_code KRB5_CALLCONV @@ -211,13 +218,14 @@ krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype, key.length = seed_length; key.contents = seed; - if ((ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum))) - return(ret); + ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum); + if (ret) + return ret; if (outcksum->length < cksum.length) { memset(cksum.contents, 0, cksum.length); free(cksum.contents); - return(KRB5_BAD_MSIZE); + return KRB5_BAD_MSIZE; } outcksum->magic = cksum.magic; @@ -247,14 +255,14 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, key.length = seed_length; key.contents = seed; - if ((ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum, - &valid))) - return(ret); + ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum, &valid); + if (ret) + return ret; if (!valid) - return(KRB5KRB_AP_ERR_BAD_INTEGRITY); + return KRB5KRB_AP_ERR_BAD_INTEGRITY; - return(0); + return 0; } krb5_error_code KRB5_CALLCONV @@ -265,7 +273,7 @@ krb5_random_confounder(size_t size, krb5_pointer ptr) random_data.length = size; random_data.data = ptr; - return(krb5_c_random_make_octets(/* XXX */ 0, &random_data)); + return krb5_c_random_make_octets(NULL, &random_data); } krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, @@ -276,13 +284,14 @@ krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, size_t enclen, blocksize; krb5_data ivecd; - if ((ret = krb5_c_encrypt_length(context, key->enctype, data->length, - &enclen))) - return(ret); + ret = krb5_c_encrypt_length(context, key->enctype, data->length, &enclen); + if (ret) + return ret; if (ivec) { - if ((ret = krb5_c_block_size(context, key->enctype, &blocksize))) - return(ret); + ret = krb5_c_block_size(context, key->enctype, &blocksize); + if (ret) + return ret; ivecd.length = blocksize; ivecd.data = ivec; @@ -292,13 +301,15 @@ krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key, enc_data->kvno = 0; enc_data->enctype = key->enctype; enc_data->ciphertext.length = enclen; - if ((enc_data->ciphertext.data = malloc(enclen)) == NULL) - return(ENOMEM); + enc_data->ciphertext.data = malloc(enclen); + if (enc_data->ciphertext.data == NULL) + return ENOMEM; - if ((ret = krb5_c_encrypt(context, key, 0, ivec?&ivecd:0, data, enc_data))) + ret = krb5_c_encrypt(context, key, 0, ivec ? &ivecd : 0, data, enc_data); + if (ret) free(enc_data->ciphertext.data); - return(ret); + return ret; } krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key, @@ -310,19 +321,22 @@ krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key, size_t blocksize; if (ivec) { - if ((ret = krb5_c_block_size(context, key->enctype, &blocksize))) - return(ret); + ret = krb5_c_block_size(context, key->enctype, &blocksize); + if (ret) + return ret; ivecd.length = blocksize; ivecd.data = ivec; } data->length = enc_data->ciphertext.length; - if ((data->data = (char *) malloc(data->length)) == NULL) - return(ENOMEM); + data->data = malloc(data->length); + if (data->data == NULL) + return ENOMEM; - if ((ret = krb5_c_decrypt(context, key, 0, ivec?&ivecd:0, enc_data, data))) + ret = krb5_c_decrypt(context, key, 0, ivec ? &ivecd : 0, enc_data, data); + if (ret) free(data->data); - return(0); + return 0; } diff --git a/src/lib/crypto/krb/prf.c b/src/lib/crypto/krb/prf.c index 67e1bc8..d2c633e 100644 --- a/src/lib/crypto/krb/prf.c +++ b/src/lib/crypto/krb/prf.c @@ -37,51 +37,35 @@ #include <assert.h> krb5_error_code KRB5_CALLCONV -krb5_c_prf_length(krb5_context context, krb5_enctype enctype, - size_t *len) +krb5_c_prf_length(krb5_context context, krb5_enctype enctype, size_t *len) { - int i; - assert (len); + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - *len = krb5_enctypes_list[i].prf_length; + assert(len); + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + *len = ktp->prf_length; return 0; - } krb5_error_code KRB5_CALLCONV krb5_c_prf(krb5_context context, const krb5_keyblock *key, krb5_data *input, krb5_data *output) { - int i; - size_t len; - assert(input && output); - assert (output->data); + const struct krb5_keytypes *ktp; + assert(input && output); + assert(output->data); - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + if (ktp->prf == NULL) + return KRB5_CRYPTO_INTERNAL; output->magic = KV5M_DATA; - if (!krb5_enctypes_list[i].prf) - return (KRB5_CRYPTO_INTERNAL); - krb5_c_prf_length (context, key->enctype, &len); - if (len != output->length) - return (KRB5_CRYPTO_INTERNAL); - return((*(krb5_enctypes_list[i].prf)) - (krb5_enctypes_list[i].enc, krb5_enctypes_list[i].hash, - key, input, output)); + if (ktp->prf_length != output->length) + return KRB5_CRYPTO_INTERNAL; + return (*ktp->prf)(ktp->enc, ktp->hash, key, input, output); } - diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c index f9647ea..b52dabc 100644 --- a/src/lib/crypto/krb/prng.c +++ b/src/lib/crypto/krb/prng.c @@ -38,27 +38,28 @@ k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER; */ static size_t -entropy_estimate (unsigned int randsource, size_t length) +entropy_estimate(unsigned int randsource, size_t length) { - switch (randsource) { - case KRB5_C_RANDSOURCE_OLDAPI: - return (4*length); - case KRB5_C_RANDSOURCE_OSRAND: - return (8*length); - case KRB5_C_RANDSOURCE_TRUSTEDPARTY: - return (4*length); - case KRB5_C_RANDSOURCE_TIMING:return (2); - case KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL: - return (0); - default: - abort(); - } -return (0); + switch (randsource) { + case KRB5_C_RANDSOURCE_OLDAPI: + return 4 * length; + case KRB5_C_RANDSOURCE_OSRAND: + return 8 * length; + case KRB5_C_RANDSOURCE_TRUSTEDPARTY: + return 4 * length; + case KRB5_C_RANDSOURCE_TIMING: + return 2; + case KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL: + return 0; + default: + abort(); + } + return 0; } int krb5int_prng_init(void) { - unsigned i; + unsigned i, source_id; int yerr; yerr = k5_mutex_finish_init(&yarrow_lock); @@ -66,12 +67,11 @@ int krb5int_prng_init(void) return yerr; yerr = krb5int_yarrow_init (&y_ctx, NULL); - if ((yerr != YARROW_OK) && (yerr != YARROW_NOT_SEEDED)) + if (yerr != YARROW_OK && yerr != YARROW_NOT_SEEDED) return KRB5_CRYPTO_INTERNAL; for (i=0; i < KRB5_C_RANDSOURCE_MAX; i++ ) { - unsigned source_id; - if (krb5int_yarrow_new_source (&y_ctx, &source_id) != YARROW_OK ) + if (krb5int_yarrow_new_source(&y_ctx, &source_id) != YARROW_OK) return KRB5_CRYPTO_INTERNAL; assert (source_id == i); } @@ -80,46 +80,47 @@ int krb5int_prng_init(void) } krb5_error_code KRB5_CALLCONV -krb5_c_random_add_entropy (krb5_context context, unsigned int randsource, - const krb5_data *data) +krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, + const krb5_data *data) { - int yerr; - - /* Make sure the mutex got initialized. */ - yerr = krb5int_crypto_init(); - if (yerr) - return yerr; - /* Now, finally, feed in the data. */ - yerr = krb5int_yarrow_input (&y_ctx, randsource, - data->data, data->length, - entropy_estimate (randsource, data->length)); - if (yerr != YARROW_OK) - return (KRB5_CRYPTO_INTERNAL); - return (0); + int yerr; + + /* Make sure the mutex got initialized. */ + yerr = krb5int_crypto_init(); + if (yerr) + return yerr; + /* Now, finally, feed in the data. */ + yerr = krb5int_yarrow_input(&y_ctx, randsource, + data->data, data->length, + entropy_estimate(randsource, data->length)); + if (yerr != YARROW_OK) + return KRB5_CRYPTO_INTERNAL; + return 0; } krb5_error_code KRB5_CALLCONV -krb5_c_random_seed (krb5_context context, krb5_data *data) +krb5_c_random_seed(krb5_context context, krb5_data *data) { - return krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_OLDAPI, data); + return krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OLDAPI, data); } krb5_error_code KRB5_CALLCONV krb5_c_random_make_octets(krb5_context context, krb5_data *data) { int yerr; - yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length); + yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length); if (yerr == YARROW_NOT_SEEDED) { - yerr = krb5int_yarrow_reseed (&y_ctx, YARROW_SLOW_POOL); - if (yerr == YARROW_OK) - yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length); + yerr = krb5int_yarrow_reseed(&y_ctx, YARROW_SLOW_POOL); + if (yerr == YARROW_OK) + yerr = krb5int_yarrow_output(&y_ctx, data->data, data->length); } - if ( yerr != YARROW_OK) - return (KRB5_CRYPTO_INTERNAL); - return(0); + if (yerr != YARROW_OK) + return KRB5_CRYPTO_INTERNAL; + return 0; } -void krb5int_prng_cleanup (void) +void +krb5int_prng_cleanup (void) { krb5int_yarrow_final (&y_ctx); k5_mutex_destroy(&yarrow_lock); @@ -133,11 +134,11 @@ void krb5int_prng_cleanup (void) #if defined(_WIN32) krb5_error_code KRB5_CALLCONV -krb5_c_random_os_entropy (krb5_context context, int strong, int *success) +krb5_c_random_os_entropy(krb5_context context, int strong, int *success) { - if (success) - *success = 0; - return 0; + if (success) + *success = 0; + return 0; } #else /*Windows*/ @@ -156,60 +157,58 @@ krb5_c_random_os_entropy (krb5_context context, int strong, int *success) */ static int -read_entropy_from_device (krb5_context context, const char *device) +read_entropy_from_device(krb5_context context, const char *device) { - krb5_data data; - struct stat sb; - int fd; - unsigned char buf[YARROW_SLOW_THRESH/8], *bp; - int left; - fd = open (device, O_RDONLY); - if (fd == -1) - return 0; - set_cloexec_fd(fd); - if (fstat (fd, &sb) == -1 || S_ISREG(sb.st_mode)) { - close(fd); - return 0; - } - - for (bp = buf, left = sizeof (buf); left > 0;) { - ssize_t count; - count = read (fd, bp, (unsigned) left); - if (count <= 0) { - close(fd); - return 0; + krb5_data data; + struct stat sb; + int fd; + unsigned char buf[YARROW_SLOW_THRESH/8], *bp; + int left; + + fd = open (device, O_RDONLY); + if (fd == -1) + return 0; + set_cloexec_fd(fd); + if (fstat(fd, &sb) == -1 || S_ISREG(sb.st_mode)) { + close(fd); + return 0; } - left -= count; - bp += count; - } - close (fd); - data.length = sizeof (buf); - data.data = ( char * ) buf; - if ( krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_OSRAND, - &data) != 0) { - return 0; - } - return 1; + + for (bp = buf, left = sizeof(buf); left > 0;) { + ssize_t count; + count = read(fd, bp, (unsigned) left); + if (count <= 0) { + close(fd); + return 0; + } + left -= count; + bp += count; + } + close(fd); + data.length = sizeof (buf); + data.data = (char *) buf; + return (krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_OSRAND, + &data) == 0); } krb5_error_code KRB5_CALLCONV -krb5_c_random_os_entropy (krb5_context context, - int strong, int *success) +krb5_c_random_os_entropy(krb5_context context, int strong, int *success) { - int unused; - int *oursuccess = success?success:&unused; - *oursuccess = 0; - /* If we are getting strong data then try that first. We are - guaranteed to cause a reseed of some kind if strong is true and - we have both /dev/random and /dev/urandom. We want the strong - data included in the reseed so we get it first.*/ - if (strong) { - if (read_entropy_from_device (context, "/dev/random")) - *oursuccess = 1; - } - if (read_entropy_from_device (context, "/dev/urandom")) - *oursuccess = 1; - return 0; + int unused; + int *oursuccess = success ? success : &unused; + + *oursuccess = 0; + /* If we are getting strong data then try that first. We are + guaranteed to cause a reseed of some kind if strong is true and + we have both /dev/random and /dev/urandom. We want the strong + data included in the reseed so we get it first.*/ + if (strong) { + if (read_entropy_from_device(context, "/dev/random")) + *oursuccess = 1; + } + if (read_entropy_from_device(context, "/dev/urandom")) + *oursuccess = 1; + return 0; } #endif /*Windows or pre-OSX Mac*/ diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c index 20f0abc..18e4c69 100644 --- a/src/lib/crypto/krb/random_to_key.c +++ b/src/lib/crypto/krb/random_to_key.c @@ -40,34 +40,25 @@ krb5_error_code KRB5_CALLCONV krb5_c_random_to_key(krb5_context context, krb5_enctype enctype, krb5_data *random_data, krb5_keyblock *random_key) { - int i; krb5_error_code ret; + const struct krb5_keytypes *ktp; const struct krb5_enc_provider *enc; - if (random_data == NULL || random_key == NULL) - return(EINVAL); + if (random_data == NULL || random_key == NULL || + random_key->contents == NULL) + return EINVAL; - if (random_key->contents == NULL) - return(EINVAL); - - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - enc = krb5_enctypes_list[i].enc; + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + enc = ktp->enc; if (random_key->length != enc->keylength) - return(KRB5_BAD_KEYSIZE); - - ret = ((*(enc->make_key))(random_data, random_key)); + return KRB5_BAD_KEYSIZE; - if (ret) { + ret = (*enc->make_key)(random_data, random_key); + if (ret) memset(random_key->contents, 0, random_key->length); - } - return(ret); + return ret; } diff --git a/src/lib/crypto/krb/state.c b/src/lib/crypto/krb/state.c index f69746c..152ebec 100644 --- a/src/lib/crypto/krb/state.c +++ b/src/lib/crypto/krb/state.c @@ -39,34 +39,22 @@ krb5_error_code KRB5_CALLCONV krb5_c_init_state (krb5_context context, const krb5_keyblock *key, krb5_keyusage keyusage, krb5_data *new_state) { - int i; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - return (*(krb5_enctypes_list[i].enc->init_state)) - (key, keyusage, new_state); + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + return ktp->enc->init_state(key, keyusage, new_state); } krb5_error_code KRB5_CALLCONV -krb5_c_free_state (krb5_context context, const krb5_keyblock *key, - krb5_data *state) +krb5_c_free_state(krb5_context context, const krb5_keyblock *key, + krb5_data *state) { - int i; - - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == key->enctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); + const struct krb5_keytypes *ktp; - return (*(krb5_enctypes_list[i].enc->free_state)) - (state); + ktp = find_enctype(key->enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + return ktp->enc->free_state(state); } diff --git a/src/lib/crypto/krb/string_to_cksumtype.c b/src/lib/crypto/krb/string_to_cksumtype.c index 5a3c70d..92ecbfa 100644 --- a/src/lib/crypto/krb/string_to_cksumtype.c +++ b/src/lib/crypto/krb/string_to_cksumtype.c @@ -31,23 +31,26 @@ krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep) { unsigned int i, j; + const char *alias; + const struct krb5_cksumtypes *ctp; for (i=0; i<krb5_cksumtypes_length; i++) { - if (strcasecmp(krb5_cksumtypes_list[i].name, string) == 0) { - *cksumtypep = krb5_cksumtypes_list[i].ctype; - return(0); + ctp = &krb5_cksumtypes_list[i]; + if (strcasecmp(ctp->name, string) == 0) { + *cksumtypep = ctp->ctype; + return 0; } -#define MAX_ALIASES (sizeof(krb5_cksumtypes_list[i].aliases) / sizeof(krb5_cksumtypes_list[i].aliases[0])) +#define MAX_ALIASES (sizeof(ctp->aliases) / sizeof(ctp->aliases[0])) for (j = 0; j < MAX_ALIASES; j++) { - const char *alias = krb5_cksumtypes_list[i].aliases[j]; + alias = ctp->aliases[j]; if (alias == NULL) break; if (strcasecmp(alias, string) == 0) { - *cksumtypep = krb5_cksumtypes_list[i].ctype; + *cksumtypep = ctp->ctype; return 0; } } } - return(EINVAL); + return EINVAL; } diff --git a/src/lib/crypto/krb/string_to_enctype.c b/src/lib/crypto/krb/string_to_enctype.c index 5c6ae1c..141c36c 100644 --- a/src/lib/crypto/krb/string_to_enctype.c +++ b/src/lib/crypto/krb/string_to_enctype.c @@ -30,24 +30,28 @@ krb5_error_code KRB5_CALLCONV krb5_string_to_enctype(char *string, krb5_enctype *enctypep) { - unsigned int i, j; + int i; + unsigned int j; + const char *alias; + const struct krb5_keytypes *ktp; - for (i=0; i<krb5_enctypes_length; i++) { - if (strcasecmp(krb5_enctypes_list[i].name, string) == 0) { - *enctypep = krb5_enctypes_list[i].etype; + for (i = 0; i < krb5_enctypes_length; i++) { + ktp = &krb5_enctypes_list[i]; + if (strcasecmp(ktp->name, string) == 0) { + *enctypep = ktp->etype; return 0; } -#define MAX_ALIASES (sizeof(krb5_enctypes_list[i].aliases) / sizeof(krb5_enctypes_list[i].aliases[0])) +#define MAX_ALIASES (sizeof(ktp->aliases) / sizeof(ktp->aliases[0])) for (j = 0; j < MAX_ALIASES; j++) { - const char *alias = krb5_enctypes_list[i].aliases[j]; + alias = ktp->aliases[j]; if (alias == NULL) break; if (strcasecmp(alias, string) == 0) { - *enctypep = krb5_enctypes_list[i].etype; + *enctypep = ktp->etype; return 0; } } } - return(EINVAL); + return EINVAL; } diff --git a/src/lib/crypto/krb/string_to_key.c b/src/lib/crypto/krb/string_to_key.c index 71d9db6..bf8f8ce 100644 --- a/src/lib/crypto/krb/string_to_key.c +++ b/src/lib/crypto/krb/string_to_key.c @@ -51,23 +51,20 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, const krb5_data *salt, const krb5_data *params, krb5_keyblock *key) { - int i; krb5_error_code ret; - const struct krb5_enc_provider *enc; - size_t keybytes, keylength; + const struct krb5_keytypes *ktp; + size_t keylength; - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == enctype) - break; - } + ktp = find_enctype(enctype); + if (ktp == NULL) + return KRB5_BAD_ENCTYPE; + keylength = ktp->enc->keylength; - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - enc = krb5_enctypes_list[i].enc; -/* xxx AFS string2key function is indicated by a special length in - * the salt in much of the code. However only the DES enctypes can - * deal with this. Using s2kparams would be a much better solution.*/ + /* + * xxx AFS string2key function is indicated by a special length in + * the salt in much of the code. However only the DES enctypes can + * deal with this. Using s2kparams would be a much better solution. + */ if (salt && salt->length == SALT_TYPE_AFS_LENGTH) { switch (enctype) { case ENCTYPE_DES_CBC_CRC: @@ -75,27 +72,24 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, case ENCTYPE_DES_CBC_MD5: break; default: - return (KRB5_CRYPTO_INTERNAL); + return KRB5_CRYPTO_INTERNAL; } } - keybytes = enc->keybytes; - keylength = enc->keylength; - - if ((key->contents = (krb5_octet *) malloc(keylength)) == NULL) - return(ENOMEM); + key->contents = malloc(keylength); + if (key->contents == NULL) + return ENOMEM; key->magic = KV5M_KEYBLOCK; key->enctype = enctype; key->length = keylength; - ret = (*krb5_enctypes_list[i].str2key)(enc, string, salt, params, key); + ret = (*ktp->str2key)(ktp->enc, string, salt, params, key); if (ret) { - memset(key->contents, 0, keylength); - free(key->contents); + zapfree(key->contents, keylength); key->length = 0; key->contents = NULL; } - return(ret); + return ret; } diff --git a/src/lib/crypto/krb/valid_cksumtype.c b/src/lib/crypto/krb/valid_cksumtype.c index 8fd9eff..56a92df 100644 --- a/src/lib/crypto/krb/valid_cksumtype.c +++ b/src/lib/crypto/krb/valid_cksumtype.c @@ -32,16 +32,16 @@ krb5_c_valid_cksumtype(krb5_cksumtype ctype) { unsigned int i; - for (i=0; i<krb5_cksumtypes_length; i++) { + for (i = 0; i < krb5_cksumtypes_length; i++) { if (krb5_cksumtypes_list[i].ctype == ctype) - return(1); + return TRUE; } - return(0); + return FALSE; } krb5_boolean KRB5_CALLCONV valid_cksumtype(krb5_cksumtype ctype) { - return krb5_c_valid_cksumtype (ctype); + return krb5_c_valid_cksumtype(ctype); } diff --git a/src/lib/crypto/krb/valid_enctype.c b/src/lib/crypto/krb/valid_enctype.c index 7b9a92a..0240cbc 100644 --- a/src/lib/crypto/krb/valid_enctype.c +++ b/src/lib/crypto/krb/valid_enctype.c @@ -30,39 +30,20 @@ krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype(krb5_enctype etype) { - int i; - - for (i=0; i<krb5_enctypes_length; i++) { - if (krb5_enctypes_list[i].etype == etype) - return(1); - } - - return(0); + return (find_enctype(etype) != NULL); } krb5_boolean KRB5_CALLCONV valid_enctype(krb5_enctype etype) { - return krb5_c_valid_enctype (etype); + return krb5_c_valid_enctype(etype); } krb5_boolean KRB5_CALLCONV krb5_c_weak_enctype(krb5_enctype etype) { - int i; - const struct krb5_keytypes *k; - - for (i = 0; i < krb5_enctypes_length; i++) { -#if 0 - if (krb5_enctypes_list[i].etype == etype && - krb5_enctypes_list[i].flags | ETYPE_WEAK) - return(1); -#endif - k = &krb5_enctypes_list[i]; - if (k->etype == etype && (k->flags & ETYPE_WEAK)) { - return(1); - } - } + const struct krb5_keytypes *ktp; - return(0); + ktp = find_enctype(etype); + return ((ktp->flags & ETYPE_WEAK) != 0); } diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c index 72b5595..ae15cc8 100644 --- a/src/lib/crypto/krb/verify_checksum.c +++ b/src/lib/crypto/krb/verify_checksum.c @@ -33,6 +33,8 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, const krb5_checksum *cksum, krb5_boolean *valid) { unsigned int i; + const struct krb5_cksumtypes *ctp; + const struct krb5_keyhash_provider *keyhash; size_t hashsize; krb5_error_code ret; krb5_data indata; @@ -42,19 +44,16 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, if (krb5_cksumtypes_list[i].ctype == cksum->checksum_type) break; } - if (i == krb5_cksumtypes_length) - return(KRB5_BAD_ENCTYPE); - - /* if there's actually a verify function, call it */ + return KRB5_BAD_ENCTYPE; + ctp = &krb5_cksumtypes_list[i]; indata.length = cksum->length; indata.data = (char *) cksum->contents; - if (krb5_cksumtypes_list[i].keyhash) { - const struct krb5_keyhash_provider *keyhash; - - keyhash = krb5_cksumtypes_list[i].keyhash; + /* If there's actually a verify function, call it. */ + if (ctp->keyhash) { + keyhash = ctp->keyhash; if (keyhash->verify == NULL && keyhash->verify_iov != NULL) { krb5_crypto_iov iov[1]; @@ -62,31 +61,30 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, iov[0].flags = KRB5_CRYPTO_TYPE_DATA; iov[0].data = *data; - return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata, valid); + return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata, + valid); } else if (keyhash->verify != NULL) { return (*keyhash->verify)(key, usage, 0, data, &indata, valid); } } - /* otherwise, make the checksum again, and compare */ - - if ((ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize))) - return(ret); + /* Otherwise, make the checksum again, and compare. */ + ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize); + if (ret) + return ret; if (cksum->length != hashsize) - return(KRB5_BAD_MSIZE); + return KRB5_BAD_MSIZE; computed.length = hashsize; - if ((ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage, - data, &computed))) { - free(computed.contents); - return(ret); - } + ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage, + data, &computed); + if (ret) + return ret; *valid = (memcmp(computed.contents, cksum->contents, hashsize) == 0); free(computed.contents); - - return(0); + return 0; } diff --git a/src/lib/crypto/krb/verify_checksum_iov.c b/src/lib/crypto/krb/verify_checksum_iov.c index 08c0a5c..341c896 100644 --- a/src/lib/crypto/krb/verify_checksum_iov.c +++ b/src/lib/crypto/krb/verify_checksum_iov.c @@ -38,6 +38,7 @@ krb5_c_verify_checksum_iov(krb5_context context, krb5_boolean *valid) { unsigned int i; + const struct krb5_cksumtypes *ctp; size_t cksumlen; krb5_error_code ret; krb5_data computed; @@ -47,52 +48,49 @@ krb5_c_verify_checksum_iov(krb5_context context, if (krb5_cksumtypes_list[i].ctype == checksum_type) break; } - if (i == krb5_cksumtypes_length) - return(KRB5_BAD_ENCTYPE); + return KRB5_BAD_ENCTYPE; + ctp = &krb5_cksumtypes_list[i]; - checksum = krb5int_c_locate_iov((krb5_crypto_iov *)data, num_data, KRB5_CRYPTO_TYPE_CHECKSUM); + checksum = krb5int_c_locate_iov((krb5_crypto_iov *)data, num_data, + KRB5_CRYPTO_TYPE_CHECKSUM); if (checksum == NULL) return(KRB5_BAD_MSIZE); - /* if there's actually a verify function, call it */ - - if (krb5_cksumtypes_list[i].keyhash && - krb5_cksumtypes_list[i].keyhash->verify_iov) - return((*(krb5_cksumtypes_list[i].keyhash->verify_iov))(key, usage, 0, - data, num_data, - &checksum->data, - valid)); - - /* otherwise, make the checksum again, and compare */ + /* If there's actually a verify function, call it. */ + if (ctp->keyhash && ctp->keyhash->verify_iov) { + return (*ctp->keyhash->verify_iov)(key, usage, 0, data, num_data, + &checksum->data, valid); + } - if (krb5_cksumtypes_list[i].keyhash != NULL) - computed.length = krb5_cksumtypes_list[i].keyhash->hashsize; + /* Otherwise, make the checksum again, and compare. */ + if (ctp->keyhash != NULL) + computed.length = ctp->keyhash->hashsize; else - computed.length = krb5_cksumtypes_list[i].hash->hashsize; + computed.length = ctp->hash->hashsize; - if (krb5_cksumtypes_list[i].trunc_size != 0) - cksumlen = krb5_cksumtypes_list[i].trunc_size; + if (ctp->trunc_size != 0) + cksumlen = ctp->trunc_size; else cksumlen = computed.length; if (checksum->data.length != cksumlen) - return(KRB5_BAD_MSIZE); + return KRB5_BAD_MSIZE; computed.data = malloc(computed.length); if (computed.data == NULL) - return(ENOMEM); + return ENOMEM; - if ((ret = krb5int_c_make_checksum_iov(&krb5_cksumtypes_list[i], key, usage, - data, num_data, &computed))) { + ret = krb5int_c_make_checksum_iov(&krb5_cksumtypes_list[i], key, usage, + data, num_data, &computed); + if (ret) { free(computed.data); - return(ret); + return ret; } *valid = (computed.length == cksumlen) && (memcmp(computed.data, checksum->data.data, cksumlen) == 0); free(computed.data); - - return(0); + return 0; } |