Make the NSS back end compile and work again in the presence of the

changes made for Camellia. The actual Camellia code will take a bit more work and is stubbed out for now. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24408 dc483132-0cff-0310-8789-dd5450dbe970
author: Greg Hudson <ghudson@mit.edu> 2010-10-02 02:43:46 +0000
committer: Greg Hudson <ghudson@mit.edu> 2010-10-02 02:43:46 +0000
commit: 41d98a62180d92188321cbd6cbb50125e9e2fec1 (patch)
tree: 5b2e507b1fb20829ff02ab4a5035366482f27a02 /src/lib/crypto
parent: 267657197005c84ec8af9a030b23d14f3be68f32 (diff)
download: krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.zip
krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.tar.gz
krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.tar.bz2
6 files changed, 197 insertions, 18 deletions
diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in
index 9f8217f..f6b457b 100644
--- a/src/lib/crypto/nss/Makefile.in
+++ b/src/lib/crypto/nss/Makefile.in
@@ -1,6 +1,6 @@
 mydir=lib/crypto/nss
 BUILDTOP=$(REL)..$(S)..$(S)..
-SUBDIRS=des aes	 md4 md5  sha1 enc_provider hash_provider
+SUBDIRS=des aes	camellia md4 md5  sha1 enc_provider hash_provider
 LOCALINCLUDES = -I$(srcdir)/../krb 			\
 		-I$(srcdir)/../krb/hash_provider 	\
 		-I$(srcdir)/des 	\
@@ -38,14 +38,16 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
 	md5/OBJS.ST sha1/OBJS.ST 	\
 	enc_provider/OBJS.ST 		\
 	hash_provider/OBJS.ST 		\
-	aes/OBJS.ST 			\
+	aes/OBJS.ST			\
+	camellia/OBJS.ST		\
 	OBJS.ST
 
 SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
 		md5/OBJS.ST sha1/OBJS.ST 	\
 		enc_provider/OBJS.ST 		\
 		hash_provider/OBJS.ST 		\
-		aes/OBJS.ST 
+		aes/OBJS.ST			\
+		camellia/OBJS.ST
 
 ##DOS##LIBOBJS = $(OBJS)
 
@@ -78,6 +80,9 @@ all-windows::
 	cd ..\aes
 	@echo Making in crypto\aes
 	$(MAKE) -$(MFLAGS)
+	cd ..\camellia
+	@echo Making in crypto\aes
+	$(MAKE) -$(MFLAGS)
 	cd ..
 
 clean-windows::
@@ -102,6 +107,9 @@ clean-windows::
 	cd ..\aes
 	@echo Making clean in crypto\aes
 	$(MAKE) -$(MFLAGS) clean
+	cd ..\camellia
+	@echo Making clean in crypto\aes
+	$(MAKE) -$(MFLAGS) clean
 	cd ..
 
 check-windows::
@@ -126,6 +134,9 @@ check-windows::
 	cd ..\aes
 	@echo Making check in crypto\aes
 	$(MAKE) -$(MFLAGS) check
+	cd ..\camellia
+	@echo Making check in crypto\aes
+	$(MAKE) -$(MFLAGS) check
 	cd ..
 
 
diff --git a/src/lib/crypto/nss/camellia/Makefile.in b/src/lib/crypto/nss/camellia/Makefile.in
new file mode 100644
index 0000000..c937f21
--- /dev/null
+++ b/src/lib/crypto/nss/camellia/Makefile.in
@@ -0,0 +1,40 @@
+# Nothing here!  But we can't remove this directory as the build
+# system currently assumes that all modules have the same directory
+# structure.
+
+mydir=lib/crypto/nss/camellia
+BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+DEFS=
+
+##DOS##BUILDTOP = ..\..\..\..
+##DOS##PREFIXDIR=camellia
+##DOS##OBJFILE=..\$(OUTPRE)camellia.lst
+
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
+STLIBOBJS=
+
+OBJS=
+
+SRCS=
+
+
+##DOS##LIBOBJS = $(OBJS)
+
+all-unix:: all-libobjs 
+
+includes:: depend
+
+depend:: $(SRCS)
+
+check:: 
+
+
+clean-unix:: clean-libobjs
+
+clean::
+
+@libobj_frag@
+
diff --git a/src/lib/crypto/nss/camellia/deps b/src/lib/crypto/nss/camellia/deps
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/src/lib/crypto/nss/camellia/deps
diff --git a/src/lib/crypto/nss/enc_provider/Makefile.in b/src/lib/crypto/nss/enc_provider/Makefile.in
index 1f8c881..c7950d6 100644
--- a/src/lib/crypto/nss/enc_provider/Makefile.in
+++ b/src/lib/crypto/nss/enc_provider/Makefile.in
@@ -21,13 +21,15 @@ STLIBOBJS= \
 	des.o 	\
 	des3.o 	\
 	rc4.o 	\
-	aes.o 
+	aes.o 	\
+	camellia.o
 
 OBJS= \
 	$(OUTPRE)enc_gen.$(OBJEXT) 	\
 	$(OUTPRE)des.$(OBJEXT) 	\
 	$(OUTPRE)des3.$(OBJEXT) 	\
 	$(OUTPRE)aes.$(OBJEXT) 	\
+	$(OUTPRE)camellia.$(OBJEXT) 	\
 	$(OUTPRE)rc4.$(OBJEXT)
 
 SRCS= \
@@ -35,6 +37,7 @@ SRCS= \
 	$(srcdir)/des.c 	\
 	$(srcdir)/des3.c 	\
 	$(srcdir)/aes.c 	\
+	$(srcdir)/camellia.c 	\
 	$(srcdir)/rc4.c
 
 ##DOS##LIBOBJS = $(OBJS)
diff --git a/src/lib/crypto/nss/enc_provider/camellia.c b/src/lib/crypto/nss/enc_provider/camellia.c
new file mode 100644
index 0000000..7903208
--- /dev/null
+++ b/src/lib/crypto/nss/enc_provider/camellia.c
@@ -0,0 +1,126 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/nss/enc_provider/camellia.c
+ *
+ * Copyright (c) 2010 Red Hat, Inc.
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ *
+ *  * Neither the name of Red Hat, Inc., nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "enc_provider.h"
+#include "rand2key.h"
+#include "aead.h"
+#include "nss_gen.h"
+
+#ifdef CAMELLIA_CCM
+
+/* XXX These won't work yet (they're just the AES functions, which aren't right
+ * for CTR mode).  Will fix later. */
+
+krb5_error_code
+krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec,
+			 krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT,
+                              ivec, data, num_data);
+}
+
+krb5_error_code
+krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec,
+			 krb5_crypto_iov *data, size_t num_data)
+{
+    krb5_error_code ret;
+
+    ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_DECRYPT);
+    if (ret != 0)
+        return ret;
+    return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_DECRYPT,
+                              ivec, data, num_data);
+}
+
+/*
+ * perhaps we should store the NSS context in the krb5_data state here?
+ */
+static krb5_error_code
+camellia_init_state(const krb5_keyblock *key, krb5_keyusage usage,
+               krb5_data *state)
+{
+    state->length = 16;
+    state->data = (void *) malloc(16);
+    if (state->data == NULL)
+        return ENOMEM;
+    memset(state->data, 0, state->length);
+    return 0;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128 = {
+    16,
+    16, 16,
+    krb5int_camellia_encrypt,
+    krb5int_camellia_decrypt,
+    krb5int_camellia_cbc_mac,
+    krb5int_camellia_make_key,
+    camellia_init_state,
+    krb5int_default_free_state,
+};
+
+const struct krb5_enc_provider krb5int_enc_camellia256 = {
+    16,
+    32, 32,
+    krb5int_camellia_encrypt,
+    krb5int_camellia_decrypt,
+    krb5int_camellia_cbc_mac,
+    krb5int_camellia_make_key,
+    camellia_init_state,
+    krb5int_default_free_state,
+    k5_nss_gen_cleanup
+};
+
+#else /* CAMELLIA_CCM */
+
+/* These won't be used, but are still in the export table. */
+
+krb5_error_code
+krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+                         size_t num_data, const krb5_data *iv,
+			 krb5_data *output)
+{
+    return EINVAL;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
+};
+
+#endif
diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c
index b24a682..3edf3fc 100644
--- a/src/lib/crypto/nss/enc_provider/enc_gen.c
+++ b/src/lib/crypto/nss/enc_provider/enc_gen.c
@@ -221,8 +221,8 @@ k5_nss_gen_block_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
     }
 
     for (currentblock = 0;;currentblock++) {
-        ptr = iov_next_block(storage, blocksize, data, num_data, &input_pos);
-        if (ptr == NULL)
+        if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data,
+                                            &input_pos, &ptr))
             break;
 
         lastptr = NULL;
@@ -238,8 +238,8 @@ k5_nss_gen_block_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
         }
 
         lastptr = ptr;
-        iov_store_block(data, num_data, ptr, storage, blocksize,
-                        &output_pos);
+        krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize,
+                                       &output_pos, ptr);
     }
 
     if (lastptr && ivec && ivec->data && operation == CKA_ENCRYPT) {
@@ -435,9 +435,8 @@ k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
         }
     }
     for (length = 0; length < lastblock; length += blocksize) {
-        ptr = iov_next_block(storage, blocksize, data, num_data,
-                             &input_pos);
-        if (ptr == NULL)
+        if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data,
+                                            &input_pos, &ptr))
             break;
 
         rv = PK11_CipherOp(ctx, ptr, &len, blocksize, ptr, blocksize);
@@ -446,16 +445,16 @@ k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
             break;
         }
 
-        iov_store_block(data, num_data, ptr, storage, blocksize,
-                        &output_pos);
+        krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize,
+                                       &output_pos, ptr);
     }
     if (remainder) {
         if (operation == CKA_DECRYPT) {
             if (bulk_length > blocksize) {
                 /* we need to save cn-2 */
-                ptr = iov_next_block(storage, blocksize, data, num_data,
-                                     &input_pos);
-                if (ptr == NULL)
+                if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data,
+                                                    num_data, &input_pos,
+                                                    &ptr))
                     goto done; /* shouldn't happen */
 
                 /* save cn-2 */
@@ -469,8 +468,8 @@ k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech,
                     goto done;
                 }
 
-                iov_store_block(data, num_data, ptr, storage, blocksize,
-                                &output_pos);
+                krb5int_c_iov_put_block_nocopy(data, num_data, storage,
+                                               blocksize, &output_pos, ptr);
             }
         }
         /* fetch the last 2 blocks */
author	Greg Hudson <ghudson@mit.edu>	2010-10-02 02:43:46 +0000
committer	Greg Hudson <ghudson@mit.edu>	2010-10-02 02:43:46 +0000
commit	41d98a62180d92188321cbd6cbb50125e9e2fec1 (patch)
tree	5b2e507b1fb20829ff02ab4a5035366482f27a02 /src/lib/crypto
parent	267657197005c84ec8af9a030b23d14f3be68f32 (diff)
download	krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.zip krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.tar.gz krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.tar.bz2