aboutsummaryrefslogtreecommitdiff
path: root/src/lib/crypto/krb/dk
AgeCommit message (Collapse)AuthorFilesLines
2010-09-30Merge r24242:24397 from trunk to branches/nss. This will break theGreg Hudson9-51/+944
nss branch build temporarily due to Camellia changes. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/nss@24398 dc483132-0cff-0310-8789-dd5450dbe970
2010-06-07make dependGreg Hudson1-16/+18
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24119 dc483132-0cff-0310-8789-dd5450dbe970
2010-01-08krb5int_dk_string_to_key fails to set enctypeEzra Peisach1-0/+1
Failure to set the enctype before invoking krb5_k_create_key results in potential memory leak. ticket: 6628 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23612 dc483132-0cff-0310-8789-dd5450dbe970
2010-01-08krb5int_derive_key results in cache with uninitialized valuesEzra Peisach1-0/+4
krb5int_derive_key creates a temporary keyblock to add to the derived cache. krb5_k_free_key will iterate over the derived keys and for ones with cache will lookup the enctype for the key_cleanup handler. Unfortunatly, there isn't a keyblock init function that does not allocate the keyblock - as I suspect this problem will appear in other places. The valgrind log of this problem is: ==7281== Conditional jump or move depends on uninitialised value(s) ==7281== at 0x40E9AE8: find_enctype (etypes.h:81) ==7281== by 0x40E9C96: krb5_k_free_key (key.c:91) ==7281== by 0x40E9C52: krb5_k_free_key (key.c:86) ==7281== by 0x40EBB00: krb5_c_prf (prf.c:87) ==7281== by 0x40E7B1B: prf_plus (cf2.c:77) ==7281== by 0x40E7CE6: krb5_c_fx_cf2_simple (cf2.c:125) ==7281== by 0x804899C: main (t_cf2.c:70) ==7281== with memory leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23608 dc483132-0cff-0310-8789-dd5450dbe970
2010-01-03Update dependenciesKen Raeburn1-13/+14
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-10Restructure the crypto checksum implementation to minimizeGreg Hudson3-32/+25
dependencies on the internals of modules. * Keyhash providers are gone. * The cksumtypes table contains checksum and verify functions, similar to the etypes encrypt and decrypt functions. New checksum functions parallel the old keyhash providers, and there are also functions for unkeyed and derived-key HMAC checksums. * The flags field is now used to indicate whether a checksum is unkeyed, but not whether it is a derived-key HMAC checksum. * The descbc checksum is handled through a new enc_provider function which calculates a CBC MAC. The OpenSSL module does not implement the CBC MAC function (it didn't implement descbc before). builtin/des could probably get rid of f_cksum.c (the old DES CBC routine) with some alterations to string2key.c. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23462 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-06Make the libk5crypto hash_provider interface take crypto_iov listsGreg Hudson3-61/+7
instead of lists of krb5_data. Make the base HMAC APIs take crypto_iov lists and drop the _iov variants. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23450 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-04Consolidate the IOV and non-IOV encryption/decryption code paths, andGreg Hudson8-785/+182
drop the _iov suffix from most encryption- and decryption-related functions. The enc_provider encrypt and decrypt functions take IOVs, as do the enctype entries in etypes.c, and there are no separate encrypt_iov or decrypt_iov functions. aead_provider is gone. Enctype functions now take pointers to the enctype entry instead of pointers to the enc/hash/aead providers; this allows dk_encrypt and dk_decrypt to be polymorphic in the length function they use now that AES and DES3 can't differentiate by aead provider. aes_string_to_key needed to be moved into the krb/ fold for this since it's an enctype function; it was duplicated between builtin/ and openssl/ before. This leaves openssl/aes empty; the build system currently demands that all modules have the same directory structure, so the directory and Makefile will stick around for now. Three separate copies of the derive_random logic are also now consolidated into one. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-01Fix AES IOV decryption of small messagesGreg Hudson1-13/+8
AES messages never need to be padded because the confounder ensures that the plaintext is at least one block long. Remove a check in krb5int_dk_decrypt_iov which was rejecting short AES messages because it didn't count the header length. ticket: 6589 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23397 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Stream decryption is handled in krb5_k_decrypt_iov; remove someGreg Hudson1-6/+0
lingering checks in the dk and raw aead providers from before that was introduced. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23385 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-28Mark and reindent lib/cryptoGreg Hudson7-290/+297
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23374 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-22Consolidate Makefile variables now that we have only a single globalGreg Hudson2-49/+47
configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
2009-10-31make mark-cstyleTom Yu6-27/+26
make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
2009-10-29Rename some lingering krb5_derive_key referencesGreg Hudson1-1/+1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23086 dc483132-0cff-0310-8789-dd5450dbe970
2009-10-28Replace krb5_ with krb5Int_ prefix for non-API functionsZhanna Tsitkov7-44/+54
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23079 dc483132-0cff-0310-8789-dd5450dbe970
2009-10-19Implement new APIs to allow improved crypto performanceGreg Hudson7-169/+189
Merge branches/enc-perf to trunk. Adds the krb5_key opaque type, the krb5_k_* APIs to use them, and caching of derived keys when krb5_k_* functions are used. Updates the krb5 auth context and GSS id-rec to use krb5_keys. ticket: 6576 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22944 dc483132-0cff-0310-8789-dd5450dbe970
2009-10-10Move destest to builtin/des, because it depends on overriding someTom Yu1-21/+24
internals. Make depend. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22877 dc483132-0cff-0310-8789-dd5450dbe970
2009-10-03Update the crypto derived key support code to conform to most of theGreg Hudson7-481/+334
current coding practices (except lack of tabs). Use the helper functions k5alloc, zapfree, and find_enctype to reduce code size. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22840 dc483132-0cff-0310-8789-dd5450dbe970
2009-09-16Re-run make depend without autoconf.h in the source treeGreg Hudson1-36/+33
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22775 dc483132-0cff-0310-8789-dd5450dbe970
2009-09-16Crypto modularity proj.: Move prf and random-to-key ops from backend to krbZhanna Tsitkov4-112/+33
bigredbutton: whitespace git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22769 dc483132-0cff-0310-8789-dd5450dbe970
2009-08-13Fix lib/crypto/krb/dk/Makefile.in mydir valueGreg Hudson1-1/+1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22520 dc483132-0cff-0310-8789-dd5450dbe970
2009-08-03Re-run make depend. (I am not certain why the dependencies fromGreg Hudson1-43/+40
r22477 didn't work for me.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22482 dc483132-0cff-0310-8789-dd5450dbe970
2009-08-03Crypto modularity proj: Separate files under crypto directory based on their ↵Zhanna Tsitkov10-0/+1745
functionality. Move Kerberos specific files into krb subdir and MIT specific - into builtin subdir. Place all tests into crypto_tests subfolder. bigredbutton: whitespace git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22477 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit v1.1 at 2024-08-01 19:37:59 +0000