diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-10-02 02:43:46 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-10-02 02:43:46 +0000 |
commit | 41d98a62180d92188321cbd6cbb50125e9e2fec1 (patch) | |
tree | 5b2e507b1fb20829ff02ab4a5035366482f27a02 /src/lib | |
parent | 267657197005c84ec8af9a030b23d14f3be68f32 (diff) | |
download | krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.zip krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.tar.gz krb5-41d98a62180d92188321cbd6cbb50125e9e2fec1.tar.bz2 |
Make the NSS back end compile and work again in the presence of the
changes made for Camellia. The actual Camellia code will take a
bit more work and is stubbed out for now.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24408 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/crypto/nss/Makefile.in | 17 | ||||
-rw-r--r-- | src/lib/crypto/nss/camellia/Makefile.in | 40 | ||||
-rw-r--r-- | src/lib/crypto/nss/camellia/deps | 0 | ||||
-rw-r--r-- | src/lib/crypto/nss/enc_provider/Makefile.in | 5 | ||||
-rw-r--r-- | src/lib/crypto/nss/enc_provider/camellia.c | 126 | ||||
-rw-r--r-- | src/lib/crypto/nss/enc_provider/enc_gen.c | 27 |
6 files changed, 197 insertions, 18 deletions
diff --git a/src/lib/crypto/nss/Makefile.in b/src/lib/crypto/nss/Makefile.in index 9f8217f..f6b457b 100644 --- a/src/lib/crypto/nss/Makefile.in +++ b/src/lib/crypto/nss/Makefile.in @@ -1,6 +1,6 @@ mydir=lib/crypto/nss BUILDTOP=$(REL)..$(S)..$(S).. -SUBDIRS=des aes md4 md5 sha1 enc_provider hash_provider +SUBDIRS=des aes camellia md4 md5 sha1 enc_provider hash_provider LOCALINCLUDES = -I$(srcdir)/../krb \ -I$(srcdir)/../krb/hash_provider \ -I$(srcdir)/des \ @@ -38,14 +38,16 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - aes/OBJS.ST \ + aes/OBJS.ST \ + camellia/OBJS.ST \ OBJS.ST SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ md5/OBJS.ST sha1/OBJS.ST \ enc_provider/OBJS.ST \ hash_provider/OBJS.ST \ - aes/OBJS.ST + aes/OBJS.ST \ + camellia/OBJS.ST ##DOS##LIBOBJS = $(OBJS) @@ -78,6 +80,9 @@ all-windows:: cd ..\aes @echo Making in crypto\aes $(MAKE) -$(MFLAGS) + cd ..\camellia + @echo Making in crypto\aes + $(MAKE) -$(MFLAGS) cd .. clean-windows:: @@ -102,6 +107,9 @@ clean-windows:: cd ..\aes @echo Making clean in crypto\aes $(MAKE) -$(MFLAGS) clean + cd ..\camellia + @echo Making clean in crypto\aes + $(MAKE) -$(MFLAGS) clean cd .. check-windows:: @@ -126,6 +134,9 @@ check-windows:: cd ..\aes @echo Making check in crypto\aes $(MAKE) -$(MFLAGS) check + cd ..\camellia + @echo Making check in crypto\aes + $(MAKE) -$(MFLAGS) check cd .. diff --git a/src/lib/crypto/nss/camellia/Makefile.in b/src/lib/crypto/nss/camellia/Makefile.in new file mode 100644 index 0000000..c937f21 --- /dev/null +++ b/src/lib/crypto/nss/camellia/Makefile.in @@ -0,0 +1,40 @@ +# Nothing here! But we can't remove this directory as the build +# system currently assumes that all modules have the same directory +# structure. + +mydir=lib/crypto/nss/camellia +BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk -I$(srcdir)/../../../../include +DEFS= + +##DOS##BUILDTOP = ..\..\..\.. +##DOS##PREFIXDIR=camellia +##DOS##OBJFILE=..\$(OUTPRE)camellia.lst + +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + +STLIBOBJS= + +OBJS= + +SRCS= + + +##DOS##LIBOBJS = $(OBJS) + +all-unix:: all-libobjs + +includes:: depend + +depend:: $(SRCS) + +check:: + + +clean-unix:: clean-libobjs + +clean:: + +@libobj_frag@ + diff --git a/src/lib/crypto/nss/camellia/deps b/src/lib/crypto/nss/camellia/deps new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/src/lib/crypto/nss/camellia/deps diff --git a/src/lib/crypto/nss/enc_provider/Makefile.in b/src/lib/crypto/nss/enc_provider/Makefile.in index 1f8c881..c7950d6 100644 --- a/src/lib/crypto/nss/enc_provider/Makefile.in +++ b/src/lib/crypto/nss/enc_provider/Makefile.in @@ -21,13 +21,15 @@ STLIBOBJS= \ des.o \ des3.o \ rc4.o \ - aes.o + aes.o \ + camellia.o OBJS= \ $(OUTPRE)enc_gen.$(OBJEXT) \ $(OUTPRE)des.$(OBJEXT) \ $(OUTPRE)des3.$(OBJEXT) \ $(OUTPRE)aes.$(OBJEXT) \ + $(OUTPRE)camellia.$(OBJEXT) \ $(OUTPRE)rc4.$(OBJEXT) SRCS= \ @@ -35,6 +37,7 @@ SRCS= \ $(srcdir)/des.c \ $(srcdir)/des3.c \ $(srcdir)/aes.c \ + $(srcdir)/camellia.c \ $(srcdir)/rc4.c ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/nss/enc_provider/camellia.c b/src/lib/crypto/nss/enc_provider/camellia.c new file mode 100644 index 0000000..7903208 --- /dev/null +++ b/src/lib/crypto/nss/enc_provider/camellia.c @@ -0,0 +1,126 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/nss/enc_provider/camellia.c + * + * Copyright (c) 2010 Red Hat, Inc. + * All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * * Neither the name of Red Hat, Inc., nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "k5-int.h" +#include "enc_provider.h" +#include "rand2key.h" +#include "aead.h" +#include "nss_gen.h" + +#ifdef CAMELLIA_CCM + +/* XXX These won't work yet (they're just the AES functions, which aren't right + * for CTR mode). Will fix later. */ + +krb5_error_code +krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_ENCRYPT, + ivec, data, num_data); +} + +krb5_error_code +krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + + ret = k5_nss_gen_import(key, CKM_CAMELLIA_CBC, CKA_DECRYPT); + if (ret != 0) + return ret; + return k5_nss_gen_cts_iov(key, CKM_CAMELLIA_CBC, CKA_DECRYPT, + ivec, data, num_data); +} + +/* + * perhaps we should store the NSS context in the krb5_data state here? + */ +static krb5_error_code +camellia_init_state(const krb5_keyblock *key, krb5_keyusage usage, + krb5_data *state) +{ + state->length = 16; + state->data = (void *) malloc(16); + if (state->data == NULL) + return ENOMEM; + memset(state->data, 0, state->length); + return 0; +} + +const struct krb5_enc_provider krb5int_enc_camellia128 = { + 16, + 16, 16, + krb5int_camellia_encrypt, + krb5int_camellia_decrypt, + krb5int_camellia_cbc_mac, + krb5int_camellia_make_key, + camellia_init_state, + krb5int_default_free_state, +}; + +const struct krb5_enc_provider krb5int_enc_camellia256 = { + 16, + 32, 32, + krb5int_camellia_encrypt, + krb5int_camellia_decrypt, + krb5int_camellia_cbc_mac, + krb5int_camellia_make_key, + camellia_init_state, + krb5int_default_free_state, + k5_nss_gen_cleanup +}; + +#else /* CAMELLIA_CCM */ + +/* These won't be used, but are still in the export table. */ + +krb5_error_code +krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data, + size_t num_data, const krb5_data *iv, + krb5_data *output) +{ + return EINVAL; +} + +const struct krb5_enc_provider krb5int_enc_camellia128_ctr = { +}; + +#endif diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c index b24a682..3edf3fc 100644 --- a/src/lib/crypto/nss/enc_provider/enc_gen.c +++ b/src/lib/crypto/nss/enc_provider/enc_gen.c @@ -221,8 +221,8 @@ k5_nss_gen_block_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, } for (currentblock = 0;;currentblock++) { - ptr = iov_next_block(storage, blocksize, data, num_data, &input_pos); - if (ptr == NULL) + if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data, + &input_pos, &ptr)) break; lastptr = NULL; @@ -238,8 +238,8 @@ k5_nss_gen_block_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, } lastptr = ptr; - iov_store_block(data, num_data, ptr, storage, blocksize, - &output_pos); + krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize, + &output_pos, ptr); } if (lastptr && ivec && ivec->data && operation == CKA_ENCRYPT) { @@ -435,9 +435,8 @@ k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, } } for (length = 0; length < lastblock; length += blocksize) { - ptr = iov_next_block(storage, blocksize, data, num_data, - &input_pos); - if (ptr == NULL) + if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, num_data, + &input_pos, &ptr)) break; rv = PK11_CipherOp(ctx, ptr, &len, blocksize, ptr, blocksize); @@ -446,16 +445,16 @@ k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, break; } - iov_store_block(data, num_data, ptr, storage, blocksize, - &output_pos); + krb5int_c_iov_put_block_nocopy(data, num_data, storage, blocksize, + &output_pos, ptr); } if (remainder) { if (operation == CKA_DECRYPT) { if (bulk_length > blocksize) { /* we need to save cn-2 */ - ptr = iov_next_block(storage, blocksize, data, num_data, - &input_pos); - if (ptr == NULL) + if (!krb5int_c_iov_get_block_nocopy(storage, blocksize, data, + num_data, &input_pos, + &ptr)) goto done; /* shouldn't happen */ /* save cn-2 */ @@ -469,8 +468,8 @@ k5_nss_gen_cts_iov(krb5_key krb_key, CK_MECHANISM_TYPE mech, goto done; } - iov_store_block(data, num_data, ptr, storage, blocksize, - &output_pos); + krb5int_c_iov_put_block_nocopy(data, num_data, storage, + blocksize, &output_pos, ptr); } } /* fetch the last 2 blocks */ |