diff options
author | Greg Hudson <ghudson@mit.edu> | 2009-12-04 05:12:35 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2009-12-04 05:12:35 +0000 |
commit | 5ffa313d9f6b7c509aa0d7579273150d71ea0f95 (patch) | |
tree | 48f8d5606c919dd09d950c5cbf1609f312f2937d /src/include/k5-int.h | |
parent | ea6f77d42700352fcb2a06444d1dc00acf7c20fc (diff) | |
download | krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.zip krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.gz krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.bz2 |
Consolidate the IOV and non-IOV encryption/decryption code paths, and
drop the _iov suffix from most encryption- and decryption-related
functions. The enc_provider encrypt and decrypt functions take IOVs,
as do the enctype entries in etypes.c, and there are no separate
encrypt_iov or decrypt_iov functions.
aead_provider is gone. Enctype functions now take pointers to the
enctype entry instead of pointers to the enc/hash/aead providers; this
allows dk_encrypt and dk_decrypt to be polymorphic in the length
function they use now that AES and DES3 can't differentiate by aead
provider.
aes_string_to_key needed to be moved into the krb/ fold for this since
it's an enctype function; it was duplicated between builtin/ and
openssl/ before. This leaves openssl/aes empty; the build system
currently demands that all modules have the same directory structure,
so the directory and Makefile will stick around for now.
Three separate copies of the derive_random logic are also now
consolidated into one.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include/k5-int.h')
-rw-r--r-- | src/include/k5-int.h | 43 |
1 files changed, 8 insertions, 35 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 1938914..cbe0fd9 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -647,12 +647,11 @@ struct krb5_enc_provider { keylength is the output size */ size_t block_size, keybytes, keylength; - /* cipher-state == 0 fresh state thrown away at end */ krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state, - const krb5_data *input, krb5_data *output); + krb5_crypto_iov *data, size_t num_data); - krb5_error_code (*decrypt)(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); + krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state, + krb5_crypto_iov *data, size_t num_data); krb5_error_code (*make_key)(const krb5_data *randombits, krb5_keyblock *key); @@ -662,13 +661,6 @@ struct krb5_enc_provider { krb5_data *out_state); krb5_error_code (*free_state)(krb5_data *state); - /* In-place encryption/decryption of multiple buffers */ - krb5_error_code (*encrypt_iov)(krb5_key key, const krb5_data *cipher_state, - krb5_crypto_iov *data, size_t num_data); - - krb5_error_code (*decrypt_iov)(krb5_key key, const krb5_data *cipher_state, - krb5_crypto_iov *data, size_t num_data); - }; struct krb5_hash_provider { @@ -703,26 +695,6 @@ struct krb5_keyhash_provider { krb5_boolean *valid); }; -struct krb5_aead_provider { - krb5_error_code (*crypto_length)(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_cryptotype type, - unsigned int *length); - krb5_error_code (*encrypt_iov)(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); - krb5_error_code (*decrypt_iov)(const struct krb5_aead_provider *aead, - const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - krb5_key key, krb5_keyusage keyusage, - const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data); -}; - /* * in here to deal with stuff from lib/crypto */ @@ -2575,11 +2547,12 @@ krb5_error_code KRB5_CALLCONV krb5int_clean_hostname(krb5_context, const char *, char *, size_t); krb5_error_code -krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data); + krb5_error_code -krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output); +krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data); struct _krb5_kt { /* should move into k5-int.h */ krb5_magic magic; |