diff options
author | Greg Hudson <ghudson@mit.edu> | 2009-12-10 17:10:10 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2009-12-10 17:10:10 +0000 |
commit | bad149c2a94f20df57f9d51810aff23aeb0921a4 (patch) | |
tree | 9a023564d65fe8c46bcc330f950b37b919599c03 /src/lib/crypto/builtin | |
parent | 009463e22f989a287835228459487c64dcb0b8b3 (diff) | |
download | krb5-bad149c2a94f20df57f9d51810aff23aeb0921a4.zip krb5-bad149c2a94f20df57f9d51810aff23aeb0921a4.tar.gz krb5-bad149c2a94f20df57f9d51810aff23aeb0921a4.tar.bz2 |
Restructure the crypto checksum implementation to minimize
dependencies on the internals of modules.
* Keyhash providers are gone.
* The cksumtypes table contains checksum and verify functions,
similar to the etypes encrypt and decrypt functions. New checksum
functions parallel the old keyhash providers, and there are also
functions for unkeyed and derived-key HMAC checksums.
* The flags field is now used to indicate whether a checksum is
unkeyed, but not whether it is a derived-key HMAC checksum.
* The descbc checksum is handled through a new enc_provider function
which calculates a CBC MAC.
The OpenSSL module does not implement the CBC MAC function (it didn't
implement descbc before). builtin/des could probably get rid of
f_cksum.c (the old DES CBC routine) with some alterations to
string2key.c.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23462 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/builtin')
-rw-r--r-- | src/lib/crypto/builtin/des/des_int.h | 5 | ||||
-rw-r--r-- | src/lib/crypto/builtin/des/f_aead.c | 48 | ||||
-rw-r--r-- | src/lib/crypto/builtin/enc_provider/aes.c | 2 | ||||
-rw-r--r-- | src/lib/crypto/builtin/enc_provider/des.c | 95 | ||||
-rw-r--r-- | src/lib/crypto/builtin/enc_provider/des3.c | 1 | ||||
-rw-r--r-- | src/lib/crypto/builtin/enc_provider/rc4.c | 1 |
6 files changed, 119 insertions, 33 deletions
diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h index 9dd5994..419459d 100644 --- a/src/lib/crypto/builtin/des/des_int.h +++ b/src/lib/crypto/builtin/des/des_int.h @@ -263,6 +263,11 @@ krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, const mit_des_key_schedule schedule, mit_des_cblock ivec); +void +krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, mit_des_cblock ivec, + mit_des_cblock out); + /* d3_procky.c */ krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock, const krb5_keyblock *keyblock); diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c index 3f4fbae..bb3982d 100644 --- a/src/lib/crypto/builtin/des/f_aead.c +++ b/src/lib/crypto/builtin/des/f_aead.c @@ -152,6 +152,54 @@ krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, } } +void +krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, + const mit_des_key_schedule schedule, mit_des_cblock ivec, + mit_des_cblock out) +{ + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + struct iov_block_state input_pos; + unsigned char storage[MIT_DES_BLOCK_LENGTH], *block = NULL, *ptr; + + IOV_BLOCK_STATE_INIT(&input_pos); + input_pos.include_sign_only = 1; + + /* Get key pointer here. This won't need to be reinitialized. */ + kp = (const unsigned DES_INT32 *)schedule; + + /* Initialize left and right with the contents of the initial vector. */ + ip = (ivec != NULL) ? ivec : mit_des_zeroblock; + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + + /* Work the length down 8 bytes at a time. */ + for (;;) { + unsigned DES_INT32 temp; + + ptr = iov_next_block(storage, MIT_DES_BLOCK_LENGTH, data, num_data, + &input_pos); + if (ptr == NULL) + break; + block = ptr; + + /* Decompose this block and xor it with the previous ciphertext. */ + GET_HALF_BLOCK(temp, ptr); + left ^= temp; + GET_HALF_BLOCK(temp, ptr); + right ^= temp; + + /* Encrypt what we have. */ + DES_DO_ENCRYPT(left, right, kp); + } + + /* Output the final ciphertext block. */ + ptr = out; + PUT_HALF_BLOCK(left, ptr); + PUT_HALF_BLOCK(right, ptr); +} + #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, unsigned DES_INT32 *right, diff --git a/src/lib/crypto/builtin/enc_provider/aes.c b/src/lib/crypto/builtin/enc_provider/aes.c index d482724..0440f7a 100644 --- a/src/lib/crypto/builtin/enc_provider/aes.c +++ b/src/lib/crypto/builtin/enc_provider/aes.c @@ -267,6 +267,7 @@ const struct krb5_enc_provider krb5int_enc_aes128 = { 16, 16, krb5int_aes_encrypt, krb5int_aes_decrypt, + NULL, krb5int_aes_make_key, aes_init_state, krb5int_default_free_state, @@ -277,6 +278,7 @@ const struct krb5_enc_provider krb5int_enc_aes256 = { 32, 32, krb5int_aes_encrypt, krb5int_aes_decrypt, + NULL, krb5int_aes_make_key, aes_init_state, krb5int_default_free_state diff --git a/src/lib/crypto/builtin/enc_provider/des.c b/src/lib/crypto/builtin/enc_provider/des.c index d631727..ed79b06 100644 --- a/src/lib/crypto/builtin/enc_provider/des.c +++ b/src/lib/crypto/builtin/enc_provider/des.c @@ -31,32 +31,24 @@ #include <aead.h> #include <rand2key.h> - static krb5_error_code -k5_des_docrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data, int enc) +validate_and_schedule(krb5_key key, const krb5_data *ivec, + const krb5_crypto_iov *data, size_t num_data, + mit_des_key_schedule schedule) { - mit_des_key_schedule schedule; - size_t input_length = 0; - unsigned int i; - unsigned char *ivecbytes; - - /* key->keyblock.enctype was checked by the caller */ - - if (key->keyblock.length != 8) - return(KRB5_BAD_KEYSIZE); + size_t i, input_length; - for (i = 0; i < num_data; i++) { + for (i = 0, input_length = 0; i < num_data; i++) { const krb5_crypto_iov *iov = &data[i]; if (ENCRYPT_IOV(iov)) input_length += iov->data.length; } - if ((input_length % 8) != 0) - return(KRB5_BAD_MSIZE); - if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); + if (key->keyblock.length != 8) + return KRB5_BAD_KEYSIZE; + if (input_length % 8 != 0 || (ivec != NULL && ivec->length != 8)) + return KRB5_BAD_MSIZE; switch (mit_des_key_sched(key->keyblock.contents, schedule)) { case -1: @@ -64,38 +56,75 @@ k5_des_docrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, case -2: return(KRB5DES_WEAK_KEY); } + return 0; +} + +static krb5_error_code +des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) +{ + mit_des_key_schedule schedule; + krb5_error_code err; - /* this has a return value, but the code always returns zero */ - ivecbytes = ivec ? (unsigned char *) ivec->data : NULL; - if (enc) - krb5int_des_cbc_encrypt(data, num_data, schedule, ivecbytes); - else - krb5int_des_cbc_decrypt(data, num_data, schedule, ivecbytes); + err = validate_and_schedule(key, ivec, data, num_data, schedule); + if (err) + return err; - memset(schedule, 0, sizeof(schedule)); + krb5int_des_cbc_encrypt(data, num_data, schedule, + ivec != NULL ? (unsigned char *) ivec->data : + NULL); - return(0); + zap(schedule, sizeof(schedule)); + return 0; } static krb5_error_code -k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data) +des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + size_t num_data) { - return k5_des_docrypt(key, ivec, data, num_data, 1); + mit_des_key_schedule schedule; + krb5_error_code err; + + err = validate_and_schedule(key, ivec, data, num_data, schedule); + if (err) + return err; + + krb5int_des_cbc_decrypt(data, num_data, schedule, + ivec != NULL ? (unsigned char *) ivec->data : + NULL); + + zap(schedule, sizeof(schedule)); + return 0; } static krb5_error_code -k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - size_t num_data) +des_cbc_mac(krb5_key key, const krb5_crypto_iov *data, size_t num_data, + const krb5_data *ivec, krb5_data *output) { - return k5_des_docrypt(key, ivec, data, num_data, 0); + mit_des_key_schedule schedule; + krb5_error_code err; + + err = validate_and_schedule(key, ivec, data, num_data, schedule); + if (err) + return err; + + if (output->length != 8) + return KRB5_CRYPTO_INTERNAL; + + krb5int_des_cbc_mac(data, num_data, schedule, + ivec != NULL ? (unsigned char *) ivec->data : NULL, + (unsigned char *) output->data); + + zap(schedule, sizeof(schedule)); + return 0; } const struct krb5_enc_provider krb5int_enc_des = { 8, 7, 8, - k5_des_encrypt, - k5_des_decrypt, + des_encrypt, + des_decrypt, + des_cbc_mac, krb5int_des_make_key, krb5int_des_init_state, krb5int_default_free_state diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c index 17c3433..e08cc62 100644 --- a/src/lib/crypto/builtin/enc_provider/des3.c +++ b/src/lib/crypto/builtin/enc_provider/des3.c @@ -110,6 +110,7 @@ const struct krb5_enc_provider krb5int_enc_des3 = { 21, 24, k5_des3_encrypt, k5_des3_decrypt, + NULL, krb5int_des3_make_key, krb5int_des_init_state, krb5int_default_free_state diff --git a/src/lib/crypto/builtin/enc_provider/rc4.c b/src/lib/crypto/builtin/enc_provider/rc4.c index d024e4a..a8e0721 100644 --- a/src/lib/crypto/builtin/enc_provider/rc4.c +++ b/src/lib/crypto/builtin/enc_provider/rc4.c @@ -206,6 +206,7 @@ const struct krb5_enc_provider krb5int_enc_arcfour = { 16, 16, k5_arcfour_docrypt, k5_arcfour_docrypt, + NULL, krb5int_arcfour_make_key, k5_arcfour_init_state, /*xxx not implemented yet*/ krb5int_default_free_state |