diff options
Diffstat (limited to 'src/lib/crypto/krb/dk')
-rw-r--r-- | src/lib/crypto/krb/dk/checksum.c | 12 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/derive.c | 14 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/dk.h | 32 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/dk_aead.c | 8 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/dk_decrypt.c | 8 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/dk_encrypt.c | 18 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/stringtokey.c | 6 |
7 files changed, 54 insertions, 44 deletions
diff --git a/src/lib/crypto/krb/dk/checksum.c b/src/lib/crypto/krb/dk/checksum.c index 31e7de9..e5087e7 100644 --- a/src/lib/crypto/krb/dk/checksum.c +++ b/src/lib/crypto/krb/dk/checksum.c @@ -32,7 +32,7 @@ #define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */ krb5_error_code -krb5_dk_make_checksum(const struct krb5_hash_provider *hash, +krb5int_dk_make_checksum(const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, const krb5_data *input, krb5_data *output) { @@ -50,7 +50,7 @@ krb5_dk_make_checksum(const struct krb5_hash_provider *hash, /* * key->length will be tested in enc->encrypt. - * output->length will be tested in krb5_hmac. + * output->length will be tested in krb5int_hmac. */ /* Derive the key. */ @@ -62,7 +62,7 @@ krb5_dk_make_checksum(const struct krb5_hash_provider *hash, datain.data[4] = (char) 0x99; - ret = krb5_derive_key(enc, key, &kc, &datain); + ret = krb5int_derive_key(enc, key, &kc, &datain); if (ret) return ret; @@ -70,7 +70,7 @@ krb5_dk_make_checksum(const struct krb5_hash_provider *hash, datain = *input; - ret = krb5_hmac(hash, kc, 1, &datain, output); + ret = krb5int_hmac(hash, kc, 1, &datain, output); if (ret) memset(output->data, 0, output->length); @@ -98,7 +98,7 @@ krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, /* * key->length will be tested in enc->encrypt. - * output->length will be tested in krb5_hmac. + * output->length will be tested in krb5int_hmac. */ /* Derive the key. */ @@ -110,7 +110,7 @@ krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, datain.data[4] = (char) 0x99; - ret = krb5_derive_key(enc, key, &kc, &datain); + ret = krb5int_derive_key(enc, key, &kc, &datain); if (ret) return ret; diff --git a/src/lib/crypto/krb/dk/derive.c b/src/lib/crypto/krb/dk/derive.c index c2638e8..bcd1114 100644 --- a/src/lib/crypto/krb/dk/derive.c +++ b/src/lib/crypto/krb/dk/derive.c @@ -80,12 +80,12 @@ cleanup: /* * Compute a derived key into the keyblock outkey. This variation on - * krb5_derive_key does not cache the result, as it is only used + * krb5int_derive_key does not cache the result, as it is only used * directly in situations which are not expected to be repeated with * the same inkey and constant. */ krb5_error_code -krb5_derive_keyblock(const struct krb5_enc_provider *enc, +krb5int_derive_keyblock(const struct krb5_enc_provider *enc, krb5_key inkey, krb5_keyblock *outkey, const krb5_data *in_constant) { @@ -123,7 +123,7 @@ krb5_derive_keyblock(const struct krb5_enc_provider *enc, if (in_constant->length == inblock.length) { memcpy(inblock.data, in_constant->data, inblock.length); } else { - krb5_nfold(in_constant->length*8, (unsigned char *) in_constant->data, + krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data, inblock.length*8, (unsigned char *) inblock.data); } @@ -162,7 +162,7 @@ cleanup: } krb5_error_code -krb5_derive_key(const struct krb5_enc_provider *enc, +krb5int_derive_key(const struct krb5_enc_provider *enc, krb5_key inkey, krb5_key *outkey, const krb5_data *in_constant) { @@ -184,7 +184,7 @@ krb5_derive_key(const struct krb5_enc_provider *enc, keyblock.contents = malloc(keyblock.length); if (keyblock.contents == NULL) return ENOMEM; - ret = krb5_derive_keyblock(enc, inkey, &keyblock, in_constant); + ret = krb5int_derive_keyblock(enc, inkey, &keyblock, in_constant); if (ret) goto cleanup; @@ -201,7 +201,7 @@ cleanup: } krb5_error_code -krb5_derive_random(const struct krb5_enc_provider *enc, +krb5int_derive_random(const struct krb5_enc_provider *enc, krb5_key inkey, krb5_data *outrnd, const krb5_data *in_constant) { @@ -238,7 +238,7 @@ krb5_derive_random(const struct krb5_enc_provider *enc, if (in_constant->length == inblock.length) { memcpy(inblock.data, in_constant->data, inblock.length); } else { - krb5_nfold(in_constant->length*8, (unsigned char *) in_constant->data, + krb5int_nfold(in_constant->length*8, (unsigned char *) in_constant->data, inblock.length*8, (unsigned char *) inblock.data); } diff --git a/src/lib/crypto/krb/dk/dk.h b/src/lib/crypto/krb/dk/dk.h index 6566ce8..67cbf13 100644 --- a/src/lib/crypto/krb/dk/dk.h +++ b/src/lib/crypto/krb/dk/dk.h @@ -26,21 +26,25 @@ #include "k5-int.h" -void krb5_dk_encrypt_length(const struct krb5_enc_provider *enc, +void +krb5int_dk_encrypt_length(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, size_t input, size_t *length); -krb5_error_code krb5_dk_encrypt(const struct krb5_enc_provider *enc, +krb5_error_code +krb5int_dk_encrypt(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, const krb5_data *ivec, const krb5_data *input, krb5_data *output); -void krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc, +void +krb5int_aes_encrypt_length(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, size_t input, size_t *length); -krb5_error_code krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, +krb5_error_code +krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, @@ -48,13 +52,15 @@ krb5_error_code krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, const krb5_data *input, krb5_data *output); -krb5_error_code krb5_dk_decrypt(const struct krb5_enc_provider *enc, +krb5_error_code +krb5int_dk_decrypt(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, const krb5_data *ivec, const krb5_data *input, krb5_data *arg_output); -krb5_error_code krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc, +krb5_error_code +krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, @@ -62,23 +68,27 @@ krb5_error_code krb5int_aes_dk_decrypt(const struct krb5_enc_provider *enc, const krb5_data *input, krb5_data *arg_output); -krb5_error_code krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, +krb5_error_code +krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, const krb5_data *string, const krb5_data *salt, const krb5_data *params, krb5_keyblock *key); -krb5_error_code krb5_derive_keyblock(const struct krb5_enc_provider *enc, +krb5_error_code +krb5int_derive_keyblock(const struct krb5_enc_provider *enc, krb5_key inkey, krb5_keyblock *outkey, const krb5_data *in_constant); -krb5_error_code krb5_derive_key(const struct krb5_enc_provider *enc, +krb5_error_code +krb5_derive_key(const struct krb5_enc_provider *enc, krb5_key inkey, krb5_key *outkey, const krb5_data *in_constant); -krb5_error_code krb5_dk_make_checksum(const struct krb5_hash_provider *hash, +krb5_error_code +krb5int_dk_make_checksum(const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, const krb5_data *input, @@ -91,7 +101,7 @@ krb5int_dk_make_checksum_iov(const struct krb5_hash_provider *hash, krb5_data *output); krb5_error_code -krb5_derive_random(const struct krb5_enc_provider *enc, +krb5int_derive_random(const struct krb5_enc_provider *enc, krb5_key inkey, krb5_data *outrnd, const krb5_data *in_constant); diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c index 5c9c1ad..e35ca55 100644 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ b/src/lib/crypto/krb/dk/dk_aead.c @@ -136,13 +136,13 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, d1.data[4] = 0xAA; - ret = krb5_derive_key(enc, key, &ke, &d1); + ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) goto cleanup; d1.data[4] = 0x55; - ret = krb5_derive_key(enc, key, &ki, &d1); + ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) goto cleanup; @@ -261,13 +261,13 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, d1.data[4] = 0xAA; - ret = krb5_derive_key(enc, key, &ke, &d1); + ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) goto cleanup; d1.data[4] = 0x55; - ret = krb5_derive_key(enc, key, &ki, &d1); + ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) goto cleanup; diff --git a/src/lib/crypto/krb/dk/dk_decrypt.c b/src/lib/crypto/krb/dk/dk_decrypt.c index abb7a39..9535a75 100644 --- a/src/lib/crypto/krb/dk/dk_decrypt.c +++ b/src/lib/crypto/krb/dk/dk_decrypt.c @@ -41,7 +41,7 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, int ivec_mode); krb5_error_code -krb5_dk_decrypt(const struct krb5_enc_provider *enc, +krb5int_dk_decrypt(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, const krb5_data *ivec, const krb5_data *input, @@ -104,13 +104,13 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, d1.data[4] = (char) 0xAA; - ret = krb5_derive_key(enc, key, &ke, &d1); + ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) goto cleanup; d1.data[4] = 0x55; - ret = krb5_derive_key(enc, key, &ki, &d1); + ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) goto cleanup; @@ -142,7 +142,7 @@ krb5_dk_decrypt_maybe_trunc_hmac(const struct krb5_enc_provider *enc, d1.length = hashsize; d1.data = (char *) cksum; - ret = krb5_hmac(hash, ki, 1, &d2, &d1); + ret = krb5int_hmac(hash, ki, 1, &d2, &d1); if (ret != 0) goto cleanup; diff --git a/src/lib/crypto/krb/dk/dk_encrypt.c b/src/lib/crypto/krb/dk/dk_encrypt.c index bb045fa..b44671a 100644 --- a/src/lib/crypto/krb/dk/dk_encrypt.c +++ b/src/lib/crypto/krb/dk/dk_encrypt.c @@ -39,7 +39,7 @@ */ void -krb5_dk_encrypt_length(const struct krb5_enc_provider *enc, +krb5int_dk_encrypt_length(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, size_t inputlen, size_t *length) { @@ -51,7 +51,7 @@ krb5_dk_encrypt_length(const struct krb5_enc_provider *enc, } krb5_error_code -krb5_dk_encrypt(const struct krb5_enc_provider *enc, +krb5int_dk_encrypt(const struct krb5_enc_provider *enc, const struct krb5_hash_provider *hash, krb5_key key, krb5_keyusage usage, const krb5_data *ivec, const krb5_data *input, @@ -68,7 +68,7 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, blocksize = enc->block_size; plainlen = krb5_roundup(blocksize + input->length, blocksize); - krb5_dk_encrypt_length(enc, hash, input->length, &enclen); + krb5int_dk_encrypt_length(enc, hash, input->length, &enclen); /* key->length, ivec will be tested in enc->encrypt. */ @@ -90,13 +90,13 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, d1.data[4] = (char) 0xAA; - ret = krb5_derive_key(enc, key, &ke, &d1); + ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) goto cleanup; d1.data[4] = 0x55; - ret = krb5_derive_key(enc, key, &ki, &d1); + ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) goto cleanup; @@ -138,7 +138,7 @@ krb5_dk_encrypt(const struct krb5_enc_provider *enc, output->length = enclen; - ret = krb5_hmac(hash, ki, 1, &d1, &d2); + ret = krb5int_hmac(hash, ki, 1, &d1, &d2); if (ret != 0) { memset(d2.data, 0, d2.length); goto cleanup; @@ -188,7 +188,7 @@ trunc_hmac (const struct krb5_hash_provider *hash, tmp.data = malloc(hashsize); if (tmp.data == NULL) return ENOMEM; - ret = krb5_hmac(hash, ki, num, input, &tmp); + ret = krb5int_hmac(hash, ki, num, input, &tmp); if (ret == 0) memcpy(output->data, tmp.data, output->length); memset(tmp.data, 0, hashsize); @@ -237,13 +237,13 @@ krb5int_aes_dk_encrypt(const struct krb5_enc_provider *enc, d1.data[4] = (char) 0xAA; - ret = krb5_derive_key(enc, key, &ke, &d1); + ret = krb5int_derive_key(enc, key, &ke, &d1); if (ret != 0) goto cleanup; d1.data[4] = 0x55; - ret = krb5_derive_key(enc, key, &ki, &d1); + ret = krb5int_derive_key(enc, key, &ki, &d1); if (ret != 0) goto cleanup; diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c index 48b053a..7589b4b 100644 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ b/src/lib/crypto/krb/dk/stringtokey.c @@ -41,7 +41,7 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, krb5_keyblock foldkeyblock; krb5_key foldkey = NULL; - /* keyblock->length is checked by krb5_derive_key. */ + /* keyblock->length is checked by krb5int_derive_key. */ keybytes = enc->keybytes; keylength = enc->keylength; @@ -64,7 +64,7 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, if (salt) memcpy(concat + string->length, salt->data, salt->length); - krb5_nfold(concatlen*8, concat, keybytes*8, foldstring); + krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring); indata.length = keybytes; indata.data = (char *) foldstring; @@ -84,7 +84,7 @@ krb5int_dk_string_to_key(const struct krb5_enc_provider *enc, indata.length = kerberos_len; indata.data = (char *) kerberos; - ret = krb5_derive_keyblock(enc, foldkey, keyblock, &indata); + ret = krb5int_derive_keyblock(enc, foldkey, keyblock, &indata); if (ret != 0) memset(keyblock->contents, 0, keyblock->length); |