Consolidate the IOV and non-IOV encryption/decryption code paths, and

drop the _iov suffix from most encryption- and decryption-related functions. The enc_provider encrypt and decrypt functions take IOVs, as do the enctype entries in etypes.c, and there are no separate encrypt_iov or decrypt_iov functions. aead_provider is gone. Enctype functions now take pointers to the enctype entry instead of pointers to the enc/hash/aead providers; this allows dk_encrypt and dk_decrypt to be polymorphic in the length function they use now that AES and DES3 can't differentiate by aead provider. aes_string_to_key needed to be moved into the krb/ fold for this since it's an enctype function; it was duplicated between builtin/ and openssl/ before. This leaves openssl/aes empty; the build system currently demands that all modules have the same directory structure, so the directory and Makefile will stick around for now. Three separate copies of the derive_random logic are also now consolidated into one. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970
author: Greg Hudson <ghudson@mit.edu> 2009-12-04 05:12:35 +0000
committer: Greg Hudson <ghudson@mit.edu> 2009-12-04 05:12:35 +0000
commit: 5ffa313d9f6b7c509aa0d7579273150d71ea0f95 (patch)
tree: 48f8d5606c919dd09d950c5cbf1609f312f2937d /src/include/k5-int.h
parent: ea6f77d42700352fcb2a06444d1dc00acf7c20fc (diff)
download: krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.zip
krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.gz
krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.bz2
1 files changed, 8 insertions, 35 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 1938914..cbe0fd9 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -647,12 +647,11 @@ struct krb5_enc_provider {
        keylength is the output size */
     size_t block_size, keybytes, keylength;
 
-    /* cipher-state == 0 fresh state thrown away at end */
     krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state,
-                               const krb5_data *input, krb5_data *output);
+                               krb5_crypto_iov *data, size_t num_data);
 
-    krb5_error_code (*decrypt)(krb5_key key, const krb5_data *ivec,
-                               const krb5_data *input, krb5_data *output);
+    krb5_error_code (*decrypt)(krb5_key key, const krb5_data *cipher_state,
+                               krb5_crypto_iov *data, size_t num_data);
 
     krb5_error_code (*make_key)(const krb5_data *randombits,
                                 krb5_keyblock *key);
@@ -662,13 +661,6 @@ struct krb5_enc_provider {
                                   krb5_data *out_state);
     krb5_error_code (*free_state)(krb5_data *state);
 
-    /* In-place encryption/decryption of multiple buffers */
-    krb5_error_code (*encrypt_iov)(krb5_key key, const krb5_data *cipher_state,
-                                   krb5_crypto_iov *data, size_t num_data);
-
-    krb5_error_code (*decrypt_iov)(krb5_key key, const krb5_data *cipher_state,
-                                   krb5_crypto_iov *data, size_t num_data);
-
 };
 
 struct krb5_hash_provider {
@@ -703,26 +695,6 @@ struct krb5_keyhash_provider {
                                   krb5_boolean *valid);
 };
 
-struct krb5_aead_provider {
-    krb5_error_code (*crypto_length)(const struct krb5_aead_provider *aead,
-                                     const struct krb5_enc_provider *enc,
-                                     const struct krb5_hash_provider *hash,
-                                     krb5_cryptotype type,
-                                     unsigned int *length);
-    krb5_error_code (*encrypt_iov)(const struct krb5_aead_provider *aead,
-                                   const struct krb5_enc_provider *enc,
-                                   const struct krb5_hash_provider *hash,
-                                   krb5_key key, krb5_keyusage keyusage,
-                                   const krb5_data *ivec,
-                                   krb5_crypto_iov *data, size_t num_data);
-    krb5_error_code (*decrypt_iov)(const struct krb5_aead_provider *aead,
-                                   const struct krb5_enc_provider *enc,
-                                   const struct krb5_hash_provider *hash,
-                                   krb5_key key, krb5_keyusage keyusage,
-                                   const krb5_data *ivec,
-                                   krb5_crypto_iov *data, size_t num_data);
-};
-
 /*
  * in here to deal with stuff from lib/crypto
  */
@@ -2575,11 +2547,12 @@ krb5_error_code KRB5_CALLCONV
 krb5int_clean_hostname(krb5_context, const char *, char *, size_t);
 
 krb5_error_code
-krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
-                    const krb5_data *input, krb5_data *output);
+krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+                    size_t num_data);
+
 krb5_error_code
-krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec,
-                    const krb5_data *input, krb5_data *output);
+krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+                    size_t num_data);
 
 struct _krb5_kt {       /* should move into k5-int.h */
     krb5_magic magic;
author	Greg Hudson <ghudson@mit.edu>	2009-12-04 05:12:35 +0000
committer	Greg Hudson <ghudson@mit.edu>	2009-12-04 05:12:35 +0000
commit	5ffa313d9f6b7c509aa0d7579273150d71ea0f95 (patch)
tree	48f8d5606c919dd09d950c5cbf1609f312f2937d /src/include/k5-int.h
parent	ea6f77d42700352fcb2a06444d1dc00acf7c20fc (diff)
download	krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.zip krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.gz krb5-5ffa313d9f6b7c509aa0d7579273150d71ea0f95.tar.bz2