aboutsummaryrefslogtreecommitdiff
path: root/src/lib/crypto/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/crypto/openssl')
-rw-r--r--src/lib/crypto/openssl/hash_provider/Makefile.in2
-rw-r--r--src/lib/crypto/openssl/hash_provider/hash_crc32.c12
-rw-r--r--src/lib/crypto/openssl/hash_provider/hash_md4.c14
-rw-r--r--src/lib/crypto/openssl/hash_provider/hash_md5.c14
-rw-r--r--src/lib/crypto/openssl/hash_provider/hash_sha1.c14
-rw-r--r--src/lib/crypto/openssl/hmac.c73
6 files changed, 52 insertions, 77 deletions
diff --git a/src/lib/crypto/openssl/hash_provider/Makefile.in b/src/lib/crypto/openssl/hash_provider/Makefile.in
index 30737eb..b5a7dcf 100644
--- a/src/lib/crypto/openssl/hash_provider/Makefile.in
+++ b/src/lib/crypto/openssl/hash_provider/Makefile.in
@@ -1,7 +1,7 @@
mydir=lib/crypto/openssl/hash_provider
BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
LOCALINCLUDES = -I$(srcdir)/../../krb/crc32 -I$(srcdir)/../md4 \
- -I$(srcdir)/../md5 -I$(srcdir)/../sha1
+ -I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../../krb
DEFS=
##DOS##BUILDTOP = ..\..\..\..
diff --git a/src/lib/crypto/openssl/hash_provider/hash_crc32.c b/src/lib/crypto/openssl/hash_provider/hash_crc32.c
index 58efffe..68a01cb 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_crc32.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_crc32.c
@@ -28,10 +28,10 @@
#include "k5-int.h"
#include "crc-32.h"
#include "hash_provider.h"
+#include "aead.h"
static krb5_error_code
-k5_crc32_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
{
unsigned long c;
unsigned int i;
@@ -40,8 +40,12 @@ k5_crc32_hash(unsigned int icount, const krb5_data *input,
return(KRB5_CRYPTO_INTERNAL);
c = 0;
- for (i=0; i<icount; i++)
- mit_crc32(input[i].data, input[i].length, &c);
+ for (i = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (SIGN_IOV(iov))
+ mit_crc32(iov->data.data, iov->data.length, &c);
+ }
store_32_le(c, output->data);
return(0);
diff --git a/src/lib/crypto/openssl/hash_provider/hash_md4.c b/src/lib/crypto/openssl/hash_provider/hash_md4.c
index 3a7d0d4..85f18f6 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_md4.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_md4.c
@@ -28,10 +28,10 @@
#include "k5-int.h"
#include "rsa-md4.h"
#include "hash_provider.h"
+#include "aead.h"
static krb5_error_code
-k5_md4_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+k5_md4_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
{
krb5_MD4_CTX ctx;
unsigned int i;
@@ -40,8 +40,14 @@ k5_md4_hash(unsigned int icount, const krb5_data *input,
return(KRB5_CRYPTO_INTERNAL);
krb5int_MD4Init(&ctx);
- for (i=0; i<icount; i++)
- krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length);
+ for (i = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (SIGN_IOV(iov)) {
+ krb5int_MD4Update(&ctx, (unsigned char *) iov->data.data,
+ iov->data.length);
+ }
+ }
krb5int_MD4Final(&ctx);
memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH);
diff --git a/src/lib/crypto/openssl/hash_provider/hash_md5.c b/src/lib/crypto/openssl/hash_provider/hash_md5.c
index 610e414..182e6c0 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_md5.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_md5.c
@@ -28,10 +28,10 @@
#include "k5-int.h"
#include "rsa-md5.h"
#include "hash_provider.h"
+#include "aead.h"
static krb5_error_code
-k5_md5_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+k5_md5_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
{
krb5_MD5_CTX ctx;
unsigned int i;
@@ -40,8 +40,14 @@ k5_md5_hash(unsigned int icount, const krb5_data *input,
return(KRB5_CRYPTO_INTERNAL);
krb5int_MD5Init(&ctx);
- for (i=0; i<icount; i++)
- krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length);
+ for (i = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (SIGN_IOV(iov)) {
+ krb5int_MD5Update(&ctx, (unsigned char *) iov->data.data,
+ iov->data.length);
+ }
+ }
krb5int_MD5Final(&ctx);
memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH);
diff --git a/src/lib/crypto/openssl/hash_provider/hash_sha1.c b/src/lib/crypto/openssl/hash_provider/hash_sha1.c
index a914e34..f602411 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_sha1.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_sha1.c
@@ -29,10 +29,10 @@
#include "k5-int.h"
#include "shs.h"
#include "hash_provider.h"
+#include "aead.h"
static krb5_error_code
-k5_sha1_hash(unsigned int icount, const krb5_data *input,
- krb5_data *output)
+k5_sha1_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
{
SHS_INFO ctx;
unsigned int i;
@@ -41,8 +41,14 @@ k5_sha1_hash(unsigned int icount, const krb5_data *input,
return(KRB5_CRYPTO_INTERNAL);
shsInit(&ctx);
- for (i=0; i<icount; i++)
- shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length);
+ for (i = 0; i < num_data; i++) {
+ const krb5_crypto_iov *iov = &data[i];
+
+ if (SIGN_IOV(iov)) {
+ shsUpdate(&ctx, (unsigned char *) iov->data.data,
+ iov->data.length);
+ }
+ }
shsFinal(&ctx);
if (ctx.digestLen > 0 && ctx.digestLen <= output->length){
diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c
index 425223d..7ef3d3f 100644
--- a/src/lib/crypto/openssl/hmac.c
+++ b/src/lib/crypto/openssl/hmac.c
@@ -83,8 +83,9 @@ map_digest(const struct krb5_hash_provider *hash)
krb5_error_code
krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key, unsigned int icount,
- const krb5_data *input, krb5_data *output)
+ const krb5_keyblock *keyblock,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
unsigned int i = 0, md_len = 0;
unsigned char md[EVP_MAX_MD_SIZE];
@@ -94,22 +95,21 @@ krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
hashsize = hash->hashsize;
blocksize = hash->blocksize;
- if (key->length > blocksize)
+ if (keyblock->length > blocksize)
return(KRB5_CRYPTO_INTERNAL);
if (output->length < hashsize)
return(KRB5_BAD_MSIZE);
- /* if this isn't > 0, then there won't be enough space in this
- array to compute the outer hash */
- if (icount == 0)
- return(KRB5_CRYPTO_INTERNAL);
if (!map_digest(hash))
return(KRB5_CRYPTO_INTERNAL); // unsupported alg
HMAC_CTX_init(&c);
- HMAC_Init(&c, key->contents, key->length, map_digest(hash));
- for ( i = 0; i < icount; i++ ) {
- HMAC_Update(&c,(const unsigned char*)input[i].data, input[i].length);
+ HMAC_Init(&c, keyblock->contents, keyblock->length, map_digest(hash));
+ for (i = 0; i < num_data; i++) {
+ krb5_crypto_iov *iov = &data[i];
+
+ if (SIGN_IOV(iov))
+ HMAC_Update(&c, (unsigned char*) iov->data.data, iov->data.length);
}
HMAC_Final(&c,(unsigned char *)md, &md_len);
if ( md_len <= output->length) {
@@ -123,56 +123,9 @@ krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
}
krb5_error_code
-krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
-{
- krb5_data *sign_data;
- size_t num_sign_data;
- krb5_error_code ret;
- size_t i, j;
-
- /* Create a checksum over all the data to be signed */
- for (i = 0, num_sign_data = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
-
- if (SIGN_IOV(iov))
- num_sign_data++;
- }
-
- /* XXX cleanup to avoid alloc */
- sign_data = (krb5_data *)calloc(num_sign_data, sizeof(krb5_data));
- if (sign_data == NULL)
- return ENOMEM;
-
- for (i = 0, j = 0; i < num_data; i++) {
- const krb5_crypto_iov *iov = &data[i];
-
- if (SIGN_IOV(iov))
- sign_data[j++] = iov->data;
- }
-
- /* caller must store checksum in iov as it may be TYPE_TRAILER or TYPE_CHECKSUM */
- ret = krb5int_hmac_keyblock(hash, key, num_sign_data, sign_data, output);
-
- free(sign_data);
-
- return ret;
-}
-
-krb5_error_code
krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key,
- unsigned int icount, const krb5_data *input, krb5_data *output)
-{
- return krb5int_hmac_keyblock(hash, &key->keyblock, icount, input, output);
-}
-
-krb5_error_code
-krb5int_hmac_iov(const struct krb5_hash_provider *hash, krb5_key key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output)
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
{
- return krb5int_hmac_iov_keyblock(hash, &key->keyblock, data, num_data,
- output);
+ return krb5int_hmac_keyblock(hash, &key->keyblock, data, num_data, output);
}
generated by cgit v1.1 at 2024-08-02 08:45:47 +0000