6454 lines
253 KiB
6454 lines
253 KiB
From fef4e551d3d2dcb55e58cc182304254c36aa8949 Mon Sep 17 00:00:00 2001
|
|
From: Robbie Harwood <rharwood@redhat.com>
|
|
Date: Tue, 26 Mar 2019 18:51:10 -0400
|
|
Subject: [PATCH] [downstream] Remove 3des support
|
|
|
|
Completely remove support for all DES3 enctypes (des3-cbc-raw,
|
|
des3-hmac-sha1, des3-cbc-sha1-kd). Update all tests and documentation
|
|
to user other enctypes. Mark the 3DES enctypes UNSUPPORTED and retain
|
|
their constants.
|
|
|
|
Last-updated: 1.19-beta1
|
|
---
|
|
doc/admin/advanced/retiring-des.rst | 11 +
|
|
doc/admin/conf_files/kdc_conf.rst | 7 +-
|
|
doc/admin/enctypes.rst | 10 +-
|
|
doc/admin/troubleshoot.rst | 9 +-
|
|
doc/appdev/refs/macros/index.rst | 1 -
|
|
doc/conf.py | 2 +-
|
|
doc/mitK5features.rst | 2 +-
|
|
src/Makefile.in | 4 +-
|
|
src/configure.ac | 1 -
|
|
src/include/krb5/krb5.hin | 10 +-
|
|
src/kadmin/testing/proto/kdc.conf.proto | 4 +-
|
|
src/kdc/kdc_util.c | 4 -
|
|
src/lib/crypto/Makefile.in | 8 +-
|
|
src/lib/crypto/builtin/Makefile.in | 6 +-
|
|
src/lib/crypto/builtin/des/ISSUES | 13 -
|
|
src/lib/crypto/builtin/des/Makefile.in | 80 ----
|
|
src/lib/crypto/builtin/des/d3_aead.c | 133 ------
|
|
src/lib/crypto/builtin/des/d3_kysched.c | 51 ---
|
|
src/lib/crypto/builtin/des/deps | 150 -------
|
|
src/lib/crypto/builtin/des/des_int.h | 285 -------------
|
|
src/lib/crypto/builtin/des/des_keys.c | 40 --
|
|
src/lib/crypto/builtin/des/destest.c | 240 -----------
|
|
src/lib/crypto/builtin/des/doc/libdes.doc | 208 ---------
|
|
src/lib/crypto/builtin/des/f_aead.c | 173 --------
|
|
src/lib/crypto/builtin/des/f_cbc.c | 256 ------------
|
|
src/lib/crypto/builtin/des/f_cksum.c | 136 ------
|
|
src/lib/crypto/builtin/des/f_parity.c | 56 ---
|
|
src/lib/crypto/builtin/des/f_sched.c | 359 ----------------
|
|
src/lib/crypto/builtin/des/f_tables.c | 370 ----------------
|
|
src/lib/crypto/builtin/des/f_tables.h | 285 -------------
|
|
src/lib/crypto/builtin/des/key_sched.c | 62 ---
|
|
src/lib/crypto/builtin/des/keytest.data | 171 --------
|
|
src/lib/crypto/builtin/des/t_verify.c | 395 ------------------
|
|
src/lib/crypto/builtin/des/weak_key.c | 86 ----
|
|
.../crypto/builtin/enc_provider/Makefile.in | 6 +-
|
|
src/lib/crypto/builtin/enc_provider/deps | 13 -
|
|
src/lib/crypto/builtin/enc_provider/des3.c | 105 -----
|
|
src/lib/crypto/crypto_tests/t_cf2.expected | 1 -
|
|
src/lib/crypto/crypto_tests/t_cf2.in | 5 -
|
|
src/lib/crypto/crypto_tests/t_cksums.c | 10 -
|
|
src/lib/crypto/crypto_tests/t_decrypt.c | 57 ---
|
|
src/lib/crypto/crypto_tests/t_derive.c | 36 --
|
|
src/lib/crypto/crypto_tests/t_encrypt.c | 1 -
|
|
src/lib/crypto/crypto_tests/t_short.c | 1 -
|
|
src/lib/crypto/crypto_tests/t_str2key.c | 52 ---
|
|
src/lib/crypto/krb/Makefile.in | 3 -
|
|
src/lib/crypto/krb/cksumtypes.c | 6 -
|
|
src/lib/crypto/krb/crypto_int.h | 16 -
|
|
src/lib/crypto/krb/default_state.c | 10 -
|
|
src/lib/crypto/krb/enctype_util.c | 3 +
|
|
src/lib/crypto/krb/etypes.c | 21 -
|
|
src/lib/crypto/krb/prf_des.c | 47 ---
|
|
src/lib/crypto/krb/random_to_key.c | 45 --
|
|
src/lib/crypto/libk5crypto.exports | 1 -
|
|
src/lib/crypto/openssl/Makefile.in | 8 +-
|
|
src/lib/crypto/openssl/des/Makefile.in | 20 -
|
|
src/lib/crypto/openssl/des/deps | 15 -
|
|
src/lib/crypto/openssl/des/des_keys.c | 40 --
|
|
.../crypto/openssl/enc_provider/Makefile.in | 3 -
|
|
src/lib/crypto/openssl/enc_provider/deps | 11 -
|
|
src/lib/crypto/openssl/enc_provider/des3.c | 184 --------
|
|
src/lib/gssapi/krb5/accept_sec_context.c | 1 -
|
|
src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +-
|
|
src/lib/gssapi/krb5/k5seal.c | 35 +-
|
|
src/lib/gssapi/krb5/k5sealiov.c | 27 +-
|
|
src/lib/gssapi/krb5/k5unseal.c | 102 ++---
|
|
src/lib/gssapi/krb5/k5unsealiov.c | 38 +-
|
|
src/lib/gssapi/krb5/util_crypt.c | 11 -
|
|
.../api.current/chpass-principal-v2.exp | 4 +-
|
|
.../api.current/get-principal-v2.exp | 4 +-
|
|
.../api.current/randkey-principal-v2.exp | 4 +-
|
|
src/lib/krb5/krb/init_ctx.c | 3 -
|
|
src/lib/krb5/krb/s4u_creds.c | 2 -
|
|
src/lib/krb5/krb/t_etypes.c | 48 +--
|
|
src/lib/krb5/os/t_trace.c | 4 +-
|
|
src/lib/krb5/os/t_trace.ref | 2 +-
|
|
src/plugins/preauth/pkinit/pkcs11.h | 6 +-
|
|
src/plugins/preauth/pkinit/pkinit_clnt.c | 8 -
|
|
src/plugins/preauth/pkinit/pkinit_crypto.h | 12 -
|
|
.../preauth/pkinit/pkinit_crypto_openssl.c | 38 --
|
|
src/plugins/preauth/pkinit/pkinit_kdf_test.c | 31 --
|
|
src/plugins/preauth/spake/t_vectors.c | 25 --
|
|
src/tests/dejagnu/config/default.exp | 78 ----
|
|
src/tests/dejagnu/krb-standalone/kprop.exp | 2 +-
|
|
src/tests/gssapi/t_enctypes.py | 33 +-
|
|
src/tests/gssapi/t_invalid.c | 12 -
|
|
src/tests/gssapi/t_pcontok.c | 16 +-
|
|
src/tests/gssapi/t_prf.c | 7 -
|
|
src/tests/t_authdata.py | 2 +-
|
|
src/tests/t_etype_info.py | 18 +-
|
|
src/tests/t_keyrollover.py | 8 +-
|
|
src/tests/t_mkey.py | 35 --
|
|
src/tests/t_salt.py | 5 +-
|
|
src/util/k5test.py | 7 -
|
|
.../leash/htmlhelp/html/Encryption_Types.htm | 13 -
|
|
95 files changed, 160 insertions(+), 4835 deletions(-)
|
|
delete mode 100644 src/lib/crypto/builtin/des/ISSUES
|
|
delete mode 100644 src/lib/crypto/builtin/des/Makefile.in
|
|
delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/deps
|
|
delete mode 100644 src/lib/crypto/builtin/des/des_int.h
|
|
delete mode 100644 src/lib/crypto/builtin/des/des_keys.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/destest.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_aead.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_parity.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_sched.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_tables.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/f_tables.h
|
|
delete mode 100644 src/lib/crypto/builtin/des/key_sched.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/keytest.data
|
|
delete mode 100644 src/lib/crypto/builtin/des/t_verify.c
|
|
delete mode 100644 src/lib/crypto/builtin/des/weak_key.c
|
|
delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c
|
|
delete mode 100644 src/lib/crypto/krb/prf_des.c
|
|
delete mode 100644 src/lib/crypto/openssl/des/Makefile.in
|
|
delete mode 100644 src/lib/crypto/openssl/des/deps
|
|
delete mode 100644 src/lib/crypto/openssl/des/des_keys.c
|
|
delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c
|
|
|
|
diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst
|
|
index 38f76d3f4..d5e3c30c0 100644
|
|
--- a/doc/admin/advanced/retiring-des.rst
|
|
+++ b/doc/admin/advanced/retiring-des.rst
|
|
@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit
|
|
keyspace. As such, it is now considered insecure and should not be
|
|
used (:rfc:`6649`).
|
|
|
|
+In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types.
|
|
+However, due to weakenings of DES and other security concerns, it is now also
|
|
+considered insecure and should not be used (:rfc:`8429`). AES encryption
|
|
+types were added to MIT in 2003, meaning that the number of deployments with
|
|
+3DES as the strongest encryption type is hopefully small. The rotation
|
|
+procedure described herein works for both DES and 3DES.
|
|
+
|
|
History
|
|
-------
|
|
|
|
@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18. As a
|
|
consequence, a release prior to 1.18 is required to perform these
|
|
migrations.
|
|
|
|
+3DES (a flagged deprecated encryption type) was also removed downstream by
|
|
+rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required
|
|
+to perform these migrations.
|
|
+
|
|
Types of keys
|
|
-------------
|
|
|
|
diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst
|
|
index 1dc958d62..3a72aabef 100644
|
|
--- a/doc/admin/conf_files/kdc_conf.rst
|
|
+++ b/doc/admin/conf_files/kdc_conf.rst
|
|
@@ -848,8 +848,6 @@ Encryption types marked as "weak" and "deprecated" are available for
|
|
compatibility but not recommended for use.
|
|
|
|
==================================================== =========================================================
|
|
-des3-cbc-raw Triple DES cbc mode raw (weak)
|
|
-des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 (deprecated)
|
|
aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC
|
|
aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC
|
|
aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC
|
|
@@ -858,7 +856,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 (deprecat
|
|
arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak)
|
|
camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC
|
|
camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC
|
|
-des3 The triple DES family: des3-cbc-sha1
|
|
aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128
|
|
rc4 The RC4 family: arcfour-hmac
|
|
camellia The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac
|
|
@@ -870,8 +867,8 @@ from the current list by prefixing them with a minus sign ("-").
|
|
Types or families can be prefixed with a plus sign ("+") for symmetry;
|
|
it has the same meaning as just listing the type or family. For
|
|
example, "``DEFAULT -rc4``" would be the default set of encryption
|
|
-types with RC4 types removed, and "``des3 DEFAULT``" would be the
|
|
-default set of encryption types with triple DES types moved to the
|
|
+types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be
|
|
+the default set of encryption types with aes128-sha2 moved to the
|
|
front.
|
|
|
|
While **aes128-cts** and **aes256-cts** are supported for all Kerberos
|
|
diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst
|
|
index 047185afb..b08d954d9 100644
|
|
--- a/doc/admin/enctypes.rst
|
|
+++ b/doc/admin/enctypes.rst
|
|
@@ -129,7 +129,7 @@ enctype weak? krb5 Windows
|
|
des-cbc-crc weak <1.18 >=2000
|
|
des-cbc-md4 weak <1.18 ?
|
|
des-cbc-md5 weak <1.18 >=2000
|
|
-des3-cbc-sha1 deprecated >=1.1 none
|
|
+des3-cbc-sha1 deprecated <1.18 none
|
|
arcfour-hmac deprecated >=1.3 >=2000
|
|
arcfour-hmac-exp weak >=1.3 >=2000
|
|
aes128-cts-hmac-sha1-96 >=1.3 >=Vista
|
|
@@ -148,9 +148,11 @@ default.
|
|
krb5 releases 1.17 and later flag deprecated encryption types
|
|
(including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and
|
|
kadmin output. krb5 release 1.19 issues a warning during initial
|
|
-authentication if ``des3-cbc-sha1`` is used. Future releases will
|
|
-disable ``des3-cbc-sha1`` by default and eventually remove support for
|
|
-it.
|
|
+authentication if ``des3-cbc-sha1`` is used.
|
|
+
|
|
+krb5 releases 1.18 and later remove single-DES and 3DES
|
|
+(downstream-only patch) enctype support. Microsoft Windows never
|
|
+supported 3DES.
|
|
|
|
|
|
Migrating away from older encryption types
|
|
diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst
|
|
index ade5e1f87..e4dc54f7e 100644
|
|
--- a/doc/admin/troubleshoot.rst
|
|
+++ b/doc/admin/troubleshoot.rst
|
|
@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type
|
|
......................................................................
|
|
|
|
This most commonly happens when trying to use a principal with only
|
|
-DES keys, in a release (MIT krb5 1.7 or later) which disables DES by
|
|
-default. DES encryption is considered weak due to its inadequate key
|
|
-size. If you cannot migrate away from its use, you can re-enable DES
|
|
-by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults`
|
|
-section of :ref:`krb5.conf(5)`.
|
|
+DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES
|
|
+by default. DES encryption is considered weak due to its inadequate
|
|
+key size and has been removed upstream; 3DES is not recommended, and
|
|
+has been removed downstream by rharwood@redhat.com.
|
|
|
|
|
|
.. _err_cert_chain_cert_expired:
|
|
diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
|
|
index cebb6644c..4d51e795c 100644
|
|
--- a/doc/appdev/refs/macros/index.rst
|
|
+++ b/doc/appdev/refs/macros/index.rst
|
|
@@ -36,7 +36,6 @@ Public
|
|
CKSUMTYPE_HMAC_SHA1_96_AES256.rst
|
|
CKSUMTYPE_HMAC_SHA256_128_AES128.rst
|
|
CKSUMTYPE_HMAC_SHA384_192_AES256.rst
|
|
- CKSUMTYPE_HMAC_SHA1_DES3.rst
|
|
CKSUMTYPE_MD5_HMAC_ARCFOUR.rst
|
|
CKSUMTYPE_NIST_SHA.rst
|
|
CKSUMTYPE_RSA_MD4.rst
|
|
diff --git a/doc/conf.py b/doc/conf.py
|
|
index 543202bf4..4fb6aae14 100644
|
|
--- a/doc/conf.py
|
|
+++ b/doc/conf.py
|
|
@@ -271,7 +271,7 @@ else:
|
|
rst_epilog += '''
|
|
.. |krb5conf| replace:: ``/etc/krb5.conf``
|
|
.. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
|
|
-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
|
|
+.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
|
|
.. |defmkey| replace:: ``aes256-cts-hmac-sha1-96``
|
|
.. |copy| unicode:: U+000A9
|
|
'''
|
|
diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst
|
|
index 4954bb3aa..92ce2a772 100644
|
|
--- a/doc/mitK5features.rst
|
|
+++ b/doc/mitK5features.rst
|
|
@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB
|
|
|
|
krb4 support: Kerberos 5 release < 1.8
|
|
|
|
-DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
|
|
+DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
|
|
|
|
Interoperability
|
|
----------------
|
|
diff --git a/src/Makefile.in b/src/Makefile.in
|
|
index 7d2507ef8..c16715ac7 100644
|
|
--- a/src/Makefile.in
|
|
+++ b/src/Makefile.in
|
|
@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \
|
|
lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \
|
|
lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \
|
|
lib\crypto\builtin\enc_provider\Makefile \
|
|
- lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \
|
|
+ lib\crypto\builtin\md5\Makefile \
|
|
lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \
|
|
lib\crypto\builtin\hash_provider\Makefile \
|
|
lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \
|
|
@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \
|
|
##DOS## $(WCONFIG) config < $@.in > $@
|
|
##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP)
|
|
##DOS## $(WCONFIG) config < $@.in > $@
|
|
-##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP)
|
|
-##DOS## $(WCONFIG) config < $@.in > $@
|
|
##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP)
|
|
##DOS## $(WCONFIG) config < $@.in > $@
|
|
##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP)
|
|
diff --git a/src/configure.ac b/src/configure.ac
|
|
index dd2cad3ee..3e1052db7 100644
|
|
--- a/src/configure.ac
|
|
+++ b/src/configure.ac
|
|
@@ -1480,7 +1480,6 @@ V5_AC_OUTPUT_MAKEFILE(.
|
|
lib/crypto lib/crypto/krb lib/crypto/$CRYPTO_IMPL
|
|
lib/crypto/$CRYPTO_IMPL/enc_provider
|
|
lib/crypto/$CRYPTO_IMPL/hash_provider
|
|
- lib/crypto/$CRYPTO_IMPL/des
|
|
lib/crypto/$CRYPTO_IMPL/md4 lib/crypto/$CRYPTO_IMPL/md5
|
|
lib/crypto/$CRYPTO_IMPL/sha1 lib/crypto/$CRYPTO_IMPL/sha2
|
|
lib/crypto/$CRYPTO_IMPL/aes lib/crypto/$CRYPTO_IMPL/camellia
|
|
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
|
|
index db80063eb..63e67a2ba 100644
|
|
--- a/src/include/krb5/krb5.hin
|
|
+++ b/src/include/krb5/krb5.hin
|
|
@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov {
|
|
#define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */
|
|
#define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */
|
|
#define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */
|
|
-#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */
|
|
-#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */
|
|
+#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */
|
|
+#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */
|
|
#define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */
|
|
/* PKINIT */
|
|
#define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */
|
|
@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov {
|
|
#define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */
|
|
#define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */
|
|
#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */
|
|
-#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */
|
|
+#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */
|
|
|
|
-#define ENCTYPE_DES3_CBC_SHA1 0x0010
|
|
+#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */
|
|
#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */
|
|
#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */
|
|
#define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */
|
|
@@ -458,7 +458,7 @@ typedef struct _krb5_crypto_iov {
|
|
#define CKSUMTYPE_RSA_MD5 0x0007
|
|
#define CKSUMTYPE_RSA_MD5_DES 0x0008
|
|
#define CKSUMTYPE_NIST_SHA 0x0009
|
|
-#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
|
|
+#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */
|
|
#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with
|
|
ENCTYPE_AES128_CTS_HMAC_SHA1_96 */
|
|
#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with
|
|
diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto
|
|
index 8a4b87de1..d7f1d076b 100644
|
|
--- a/src/kadmin/testing/proto/kdc.conf.proto
|
|
+++ b/src/kadmin/testing/proto/kdc.conf.proto
|
|
@@ -11,6 +11,6 @@
|
|
dict_file = __K5ROOT__/ovsec_adm.dict
|
|
kadmind_port = 1751
|
|
kpasswd_port = 1752
|
|
- master_key_type = des3-hmac-sha1
|
|
- supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
|
|
+ master_key_type = aes256-cts
|
|
+ supported_enctypes = aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
|
|
}
|
|
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
|
|
index 60f30c4f4..c65375aef 100644
|
|
--- a/src/kdc/kdc_util.c
|
|
+++ b/src/kdc/kdc_util.c
|
|
@@ -1017,8 +1017,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen)
|
|
name = "rsaEncryption-EnvOID";
|
|
else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV)
|
|
name = "id-RSAES-OAEP-EnvOID";
|
|
- else if (ktype == ENCTYPE_DES3_CBC_ENV)
|
|
- name = "des-ede3-cbc-EnvOID";
|
|
else
|
|
return krb5_enctype_to_name(ktype, FALSE, buf, buflen);
|
|
|
|
@@ -1605,8 +1603,6 @@ krb5_boolean
|
|
enctype_requires_etype_info_2(krb5_enctype enctype)
|
|
{
|
|
switch(enctype) {
|
|
- case ENCTYPE_DES3_CBC_SHA1:
|
|
- case ENCTYPE_DES3_CBC_RAW:
|
|
case ENCTYPE_ARCFOUR_HMAC:
|
|
case ENCTYPE_ARCFOUR_HMAC_EXP :
|
|
return 0;
|
|
diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
|
|
index c3fcfd7e8..890d54adf 100644
|
|
--- a/src/lib/crypto/Makefile.in
|
|
+++ b/src/lib/crypto/Makefile.in
|
|
@@ -13,7 +13,7 @@ STOBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \
|
|
$(CRYPTO_IMPL)/hash_provider/OBJS.ST \
|
|
$(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \
|
|
$(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \
|
|
- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \
|
|
+ $(CRYPTO_IMPL)/aes/OBJS.ST \
|
|
$(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \
|
|
$(CRYPTO_IMPL)/OBJS.ST
|
|
|
|
@@ -21,7 +21,7 @@ SUBDIROBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \
|
|
$(CRYPTO_IMPL)/hash_provider/OBJS.ST \
|
|
$(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \
|
|
$(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \
|
|
- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \
|
|
+ $(CRYPTO_IMPL)/aes/OBJS.ST \
|
|
$(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \
|
|
$(CRYPTO_IMPL)/OBJS.ST
|
|
|
|
@@ -34,8 +34,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB)
|
|
SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@
|
|
|
|
##DOS##LIBNAME=$(OUTPRE)crypto.lib
|
|
-##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
|
|
-##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
|
|
+##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
|
|
+##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
|
|
|
|
all-unix: all-liblinks
|
|
install-unix: install-libs
|
|
diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in
|
|
index baf5d974f..82adf1dec 100644
|
|
--- a/src/lib/crypto/builtin/Makefile.in
|
|
+++ b/src/lib/crypto/builtin/Makefile.in
|
|
@@ -1,6 +1,6 @@
|
|
mydir=lib$(S)crypto$(S)builtin
|
|
BUILDTOP=$(REL)..$(S)..$(S)..
|
|
-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
|
|
+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
|
|
LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
|
|
|
|
##DOS##BUILDTOP = ..\..\..
|
|
@@ -22,7 +22,7 @@ SRCS=\
|
|
$(srcdir)/init.c \
|
|
$(srcdir)/pbkdf2.c
|
|
|
|
-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
|
|
+STOBJLISTS= md4/OBJS.ST \
|
|
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
|
|
enc_provider/OBJS.ST \
|
|
hash_provider/OBJS.ST \
|
|
@@ -30,7 +30,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
|
|
camellia/OBJS.ST \
|
|
OBJS.ST
|
|
|
|
-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
|
|
+SUBDIROBJLISTS= md4/OBJS.ST \
|
|
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
|
|
enc_provider/OBJS.ST \
|
|
hash_provider/OBJS.ST \
|
|
diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES
|
|
deleted file mode 100644
|
|
index 157891103..000000000
|
|
--- a/src/lib/crypto/builtin/des/ISSUES
|
|
+++ /dev/null
|
|
@@ -1,13 +0,0 @@
|
|
-Issues to be addressed for src/lib/crypto/des: -*- text -*-
|
|
-
|
|
-
|
|
-"const" could be used in more places
|
|
-
|
|
-
|
|
-Array types are used in calling interfaces. Under ANSI C, a value of
|
|
-type "arraytype *" cannot be assigned to a variable of type "const
|
|
-arraytype *", so we get compilation warnings.
|
|
-
|
|
-Possible fix: Rewrite internal interfaces to not use arrays this way.
|
|
-Provide external routines compatible with old API, but not using
|
|
-const?
|
|
diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in
|
|
deleted file mode 100644
|
|
index 54b329d0f..000000000
|
|
--- a/src/lib/crypto/builtin/des/Makefile.in
|
|
+++ /dev/null
|
|
@@ -1,80 +0,0 @@
|
|
-mydir=lib$(S)crypto$(S)builtin$(S)des
|
|
-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
|
|
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb
|
|
-
|
|
-##DOS##BUILDTOP = ..\..\..\..
|
|
-##DOS##PREFIXDIR = builtin\des
|
|
-##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst
|
|
-
|
|
-STLIBOBJS=\
|
|
- d3_aead.o \
|
|
- d3_kysched.o \
|
|
- des_keys.o \
|
|
- f_aead.o \
|
|
- f_cksum.o \
|
|
- f_parity.o \
|
|
- f_sched.o \
|
|
- f_tables.o \
|
|
- key_sched.o \
|
|
- weak_key.o
|
|
-
|
|
-OBJS= $(OUTPRE)d3_aead.$(OBJEXT) \
|
|
- $(OUTPRE)d3_kysched.$(OBJEXT) \
|
|
- $(OUTPRE)des_keys.$(OBJEXT) \
|
|
- $(OUTPRE)f_aead.$(OBJEXT) \
|
|
- $(OUTPRE)f_cksum.$(OBJEXT) \
|
|
- $(OUTPRE)f_parity.$(OBJEXT) \
|
|
- $(OUTPRE)f_sched.$(OBJEXT) \
|
|
- $(OUTPRE)f_tables.$(OBJEXT) \
|
|
- $(OUTPRE)key_sched.$(OBJEXT) \
|
|
- $(OUTPRE)weak_key.$(OBJEXT)
|
|
-
|
|
-SRCS= $(srcdir)/d3_aead.c \
|
|
- $(srcdir)/d3_kysched.c \
|
|
- $(srcdir)/des_keys.c \
|
|
- $(srcdir)/f_aead.c \
|
|
- $(srcdir)/f_cksum.c \
|
|
- $(srcdir)/f_parity.c \
|
|
- $(srcdir)/f_sched.c \
|
|
- $(srcdir)/f_tables.c \
|
|
- $(srcdir)/key_sched.c \
|
|
- $(srcdir)/weak_key.c
|
|
-
|
|
-EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c
|
|
-
|
|
-##DOS##LIBOBJS = $(OBJS)
|
|
-
|
|
-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
|
|
- $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \
|
|
- $(OUTPRE)f_cksum.$(OBJEXT)
|
|
-
|
|
-verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
|
|
- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
|
|
- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
|
|
- $(COM_ERR_LIB) $(SUPPORT_LIB)
|
|
-
|
|
-destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
|
|
- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
|
|
-
|
|
-all-unix: all-libobjs
|
|
-
|
|
-check-unix: verify destest
|
|
- $(RUN_TEST) ./verify -z
|
|
- $(RUN_TEST) ./verify -m
|
|
- $(RUN_TEST) ./verify
|
|
- $(RUN_TEST) ./destest < $(srcdir)/keytest.data
|
|
-
|
|
-includes: depend
|
|
-
|
|
-depend: $(SRCS)
|
|
-
|
|
-check-windows:
|
|
-
|
|
-clean:
|
|
- $(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \
|
|
- t_verify.$(OBJEXT) $(TOBJS)
|
|
-
|
|
-clean-unix:: clean-libobjs
|
|
-
|
|
-@libobj_frag@
|
|
-
|
|
diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c
|
|
deleted file mode 100644
|
|
index bddf75a47..000000000
|
|
--- a/src/lib/crypto/builtin/des/d3_aead.c
|
|
+++ /dev/null
|
|
@@ -1,133 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/*
|
|
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
|
|
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
|
|
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
|
|
- * in advertising or publicity pertaining to distribution of the software
|
|
- * without specific, written prior permission. Richard P. Basch,
|
|
- * Lehman Brothers and M.I.T. make no representations about the suitability
|
|
- * of this software for any purpose. It is provided "as is" without
|
|
- * express or implied warranty.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-#include "des_int.h"
|
|
-#include "f_tables.h"
|
|
-
|
|
-void
|
|
-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule ks1,
|
|
- const mit_des_key_schedule ks2,
|
|
- const mit_des_key_schedule ks3,
|
|
- mit_des_cblock ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
|
|
- const unsigned char *ip;
|
|
- struct iov_cursor cursor;
|
|
- unsigned char block[MIT_DES_BLOCK_LENGTH];
|
|
-
|
|
- /* Get key pointers here. These won't need to be reinitialized. */
|
|
- kp1 = (const unsigned DES_INT32 *)ks1;
|
|
- kp2 = (const unsigned DES_INT32 *)ks2;
|
|
- kp3 = (const unsigned DES_INT32 *)ks3;
|
|
-
|
|
- /* Initialize left and right with the contents of the initial vector. */
|
|
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
|
|
- left = load_32_be(ip);
|
|
- right = load_32_be(ip + 4);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
|
|
- while (k5_iov_cursor_get(&cursor, block)) {
|
|
- /* xor this block with the previous ciphertext. */
|
|
- left ^= load_32_be(block);
|
|
- right ^= load_32_be(block + 4);
|
|
-
|
|
- /* Encrypt what we have and store it back into block. */
|
|
- DES_DO_ENCRYPT(left, right, kp1);
|
|
- DES_DO_DECRYPT(left, right, kp2);
|
|
- DES_DO_ENCRYPT(left, right, kp3);
|
|
- store_32_be(left, block);
|
|
- store_32_be(right, block + 4);
|
|
-
|
|
- k5_iov_cursor_put(&cursor, block);
|
|
- }
|
|
-
|
|
- if (ivec != NULL) {
|
|
- store_32_be(left, ivec);
|
|
- store_32_be(right, ivec + 4);
|
|
- }
|
|
-}
|
|
-
|
|
-void
|
|
-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule ks1,
|
|
- const mit_des_key_schedule ks2,
|
|
- const mit_des_key_schedule ks3,
|
|
- mit_des_cblock ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
|
|
- const unsigned char *ip;
|
|
- unsigned DES_INT32 ocipherl, ocipherr;
|
|
- unsigned DES_INT32 cipherl, cipherr;
|
|
- struct iov_cursor cursor;
|
|
- unsigned char block[MIT_DES_BLOCK_LENGTH];
|
|
-
|
|
- /* Get key pointers here. These won't need to be reinitialized. */
|
|
- kp1 = (const unsigned DES_INT32 *)ks1;
|
|
- kp2 = (const unsigned DES_INT32 *)ks2;
|
|
- kp3 = (const unsigned DES_INT32 *)ks3;
|
|
-
|
|
- /*
|
|
- * Decrypting is harder than encrypting because of
|
|
- * the necessity of remembering a lot more things.
|
|
- * Should think about this a little more...
|
|
- */
|
|
-
|
|
- /* Prime the old cipher with ivec.*/
|
|
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
|
|
- ocipherl = load_32_be(ip);
|
|
- ocipherr = load_32_be(ip + 4);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
|
|
- while (k5_iov_cursor_get(&cursor, block)) {
|
|
- /* Split this block into left and right. */
|
|
- cipherl = left = load_32_be(block);
|
|
- cipherr = right = load_32_be(block + 4);
|
|
-
|
|
- /* Decrypt and xor with the old cipher to get plain text. */
|
|
- DES_DO_DECRYPT(left, right, kp3);
|
|
- DES_DO_ENCRYPT(left, right, kp2);
|
|
- DES_DO_DECRYPT(left, right, kp1);
|
|
- left ^= ocipherl;
|
|
- right ^= ocipherr;
|
|
-
|
|
- /* Store the encrypted halves back into block. */
|
|
- store_32_be(left, block);
|
|
- store_32_be(right, block + 4);
|
|
-
|
|
- /* Save current cipher block halves. */
|
|
- ocipherl = cipherl;
|
|
- ocipherr = cipherr;
|
|
-
|
|
- k5_iov_cursor_put(&cursor, block);
|
|
- }
|
|
-
|
|
- if (ivec != NULL) {
|
|
- store_32_be(ocipherl, ivec);
|
|
- store_32_be(ocipherr, ivec + 4);
|
|
- }
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c
|
|
deleted file mode 100644
|
|
index ebd1050b1..000000000
|
|
--- a/src/lib/crypto/builtin/des/d3_kysched.c
|
|
+++ /dev/null
|
|
@@ -1,51 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/*
|
|
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
|
|
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
|
|
- * in advertising or publicity pertaining to distribution of the software
|
|
- * without specific, written prior permission. Richard P. Basch,
|
|
- * Lehman Brothers and M.I.T. make no representations about the suitability
|
|
- * of this software for any purpose. It is provided "as is" without
|
|
- * express or implied warranty.
|
|
- */
|
|
-
|
|
-#include "k5-int.h"
|
|
-#include "des_int.h"
|
|
-
|
|
-int
|
|
-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
|
|
-{
|
|
- mit_des_make_key_sched(k[0],schedule[0]);
|
|
- mit_des_make_key_sched(k[1],schedule[1]);
|
|
- mit_des_make_key_sched(k[2],schedule[2]);
|
|
-
|
|
- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
|
|
- return(-1);
|
|
- if (mit_des_is_weak_key(k[0]))
|
|
- return(-2);
|
|
-
|
|
- if (!mit_des_check_key_parity(k[1]))
|
|
- return(-1);
|
|
- if (mit_des_is_weak_key(k[1]))
|
|
- return(-2);
|
|
-
|
|
- if (!mit_des_check_key_parity(k[2]))
|
|
- return(-1);
|
|
- if (mit_des_is_weak_key(k[2]))
|
|
- return(-2);
|
|
-
|
|
- /* if key was good, return 0 */
|
|
- return 0;
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps
|
|
deleted file mode 100644
|
|
index a1db1f36e..000000000
|
|
--- a/src/lib/crypto/builtin/des/deps
|
|
+++ /dev/null
|
|
@@ -1,150 +0,0 @@
|
|
-#
|
|
-# Generated makefile dependencies follow.
|
|
-#
|
|
-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
|
|
- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
|
|
- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
|
|
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- d3_aead.c des_int.h f_tables.h
|
|
-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- d3_kysched.c des_int.h
|
|
-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
|
|
- $(srcdir)/../aes/brg_types.h $(srcdir)/../crypto_mod.h \
|
|
- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c
|
|
-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
|
|
- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
|
|
- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
|
|
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_int.h f_aead.c f_tables.h
|
|
-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des_int.h f_cksum.c \
|
|
- f_tables.h
|
|
-f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_int.h f_parity.c
|
|
-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des_int.h f_sched.c
|
|
-f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_int.h f_tables.c f_tables.h
|
|
-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_int.h key_sched.c
|
|
-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_int.h weak_key.c
|
|
-destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des_int.h destest.c
|
|
-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \
|
|
- f_tables.h
|
|
-t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_int.h t_verify.c
|
|
diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h
|
|
deleted file mode 100644
|
|
index f8dc6b296..000000000
|
|
--- a/src/lib/crypto/builtin/des/des_int.h
|
|
+++ /dev/null
|
|
@@ -1,285 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/des_int.h */
|
|
-/*
|
|
- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
|
|
- * Technology. All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-/*
|
|
- * Copyright (C) 1998 by the FundsXpress, INC.
|
|
- *
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may require
|
|
- * a specific license from the United States Government. It is the
|
|
- * responsibility of any person or organization contemplating export to
|
|
- * obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of FundsXpress. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. FundsXpress makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- *
|
|
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
- */
|
|
-
|
|
-/* Private include file for the Data Encryption Standard library. */
|
|
-
|
|
-/* only do the whole thing once */
|
|
-#ifndef DES_INTERNAL_DEFS
|
|
-#define DES_INTERNAL_DEFS
|
|
-
|
|
-#include "k5-int.h"
|
|
-/*
|
|
- * Begin "mit-des.h"
|
|
- */
|
|
-#ifndef KRB5_MIT_DES__
|
|
-#define KRB5_MIT_DES__
|
|
-
|
|
-#if defined(__MACH__) && defined(__APPLE__)
|
|
-#include <TargetConditionals.h>
|
|
-#include <AvailabilityMacros.h>
|
|
-#if TARGET_RT_MAC_CFM
|
|
-#error "Use KfM 4.0 SDK headers for CFM compilation."
|
|
-#endif
|
|
-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
|
|
-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
|
|
-#endif
|
|
-#endif /* defined(__MACH__) && defined(__APPLE__) */
|
|
-
|
|
-/* Macro to add deprecated attribute to DES types and functions */
|
|
-/* Currently only defined on macOS 10.5 and later. */
|
|
-#ifndef KRB5INT_DES_DEPRECATED
|
|
-#define KRB5INT_DES_DEPRECATED
|
|
-#endif
|
|
-
|
|
-#include <limits.h>
|
|
-
|
|
-#if UINT_MAX >= 0xFFFFFFFFUL
|
|
-#define DES_INT32 int
|
|
-#define DES_UINT32 unsigned int
|
|
-#else
|
|
-#define DES_INT32 long
|
|
-#define DES_UINT32 unsigned long
|
|
-#endif
|
|
-
|
|
-typedef unsigned char des_cblock[8] /* crypto-block size */
|
|
-KRB5INT_DES_DEPRECATED;
|
|
-
|
|
-/*
|
|
- * Key schedule.
|
|
- *
|
|
- * This used to be
|
|
- *
|
|
- * typedef struct des_ks_struct {
|
|
- * union { DES_INT32 pad; des_cblock _;} __;
|
|
- * } des_key_schedule[16];
|
|
- *
|
|
- * but it would cause trouble if DES_INT32 were ever more than 4
|
|
- * bytes. The reason is that all the encryption functions cast it to
|
|
- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If
|
|
- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
|
|
- * caller-allocated des_key_schedule will be overflowed by the key
|
|
- * scheduling functions. We can't assume that every platform will
|
|
- * have an exact 32-bit int, and nothing should be looking inside a
|
|
- * des_key_schedule anyway.
|
|
- */
|
|
-typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16]
|
|
-KRB5INT_DES_DEPRECATED;
|
|
-
|
|
-typedef des_cblock mit_des_cblock;
|
|
-typedef des_key_schedule mit_des_key_schedule;
|
|
-
|
|
-/* Triple-DES structures */
|
|
-typedef mit_des_cblock mit_des3_cblock[3];
|
|
-typedef mit_des_key_schedule mit_des3_key_schedule[3];
|
|
-
|
|
-#define MIT_DES_ENCRYPT 1
|
|
-#define MIT_DES_DECRYPT 0
|
|
-
|
|
-typedef struct mit_des_ran_key_seed {
|
|
- krb5_encrypt_block eblock;
|
|
- krb5_data sequence;
|
|
-} mit_des_random_state;
|
|
-
|
|
-/* the first byte of the key is already in the keyblock */
|
|
-
|
|
-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
|
|
-/* This used to be 8*sizeof(krb5_octet) */
|
|
-#define MIT_DES_KEYSIZE 8
|
|
-
|
|
-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
|
|
-
|
|
-#endif /* KRB5_MIT_DES__ */
|
|
-/*
|
|
- * End "mit-des.h"
|
|
- */
|
|
-
|
|
-/* afsstring2key.c */
|
|
-krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
|
|
- const krb5_data *data,
|
|
- const krb5_data *salt);
|
|
-char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf);
|
|
-
|
|
-/* f_cksum.c */
|
|
-unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *,
|
|
- unsigned long, const mit_des_key_schedule,
|
|
- const krb5_octet *);
|
|
-
|
|
-/* f_cbc.c (used by test programs) */
|
|
-int
|
|
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
|
|
- unsigned long length, const mit_des_key_schedule schedule,
|
|
- const mit_des_cblock ivec, int enc);
|
|
-
|
|
-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
|
|
-extern const mit_des_cblock mit_des_zeroblock;
|
|
-
|
|
-/* fin_rndkey.c */
|
|
-krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *,
|
|
- krb5_pointer *);
|
|
-
|
|
-/* finish_key.c */
|
|
-krb5_error_code mit_des_finish_key(krb5_encrypt_block *);
|
|
-
|
|
-/* init_rkey.c */
|
|
-krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
|
|
- const krb5_keyblock *,
|
|
- krb5_pointer *);
|
|
-
|
|
-/* key_parity.c */
|
|
-void mit_des_fixup_key_parity(mit_des_cblock);
|
|
-int mit_des_check_key_parity(mit_des_cblock);
|
|
-
|
|
-/* key_sched.c */
|
|
-int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule);
|
|
-
|
|
-/* process_ky.c */
|
|
-krb5_error_code mit_des_process_key(krb5_encrypt_block *,
|
|
- const krb5_keyblock *);
|
|
-
|
|
-/* random_key.c */
|
|
-krb5_error_code mit_des_random_key(const krb5_encrypt_block *,
|
|
- krb5_pointer, krb5_keyblock **);
|
|
-
|
|
-/* string2key.c */
|
|
-krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *,
|
|
- krb5_keyblock *, const krb5_data *,
|
|
- const krb5_data *);
|
|
-krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *,
|
|
- const krb5_data *);
|
|
-
|
|
-/* weak_key.c */
|
|
-int mit_des_is_weak_key(mit_des_cblock);
|
|
-
|
|
-/* cmb_keys.c */
|
|
-krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *,
|
|
- const krb5_keyblock *,
|
|
- krb5_keyblock **);
|
|
-
|
|
-/* f_pcbc.c */
|
|
-int mit_des_pcbc_encrypt();
|
|
-
|
|
-/* f_sched.c */
|
|
-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
|
|
-
|
|
-
|
|
-/* misc.c */
|
|
-extern void swap_bits(char *);
|
|
-extern unsigned long long_swap_bits(unsigned long);
|
|
-extern unsigned long swap_six_bits_to_ansi(unsigned long);
|
|
-extern unsigned long swap_four_bits_to_ansi(unsigned long);
|
|
-extern unsigned long swap_bit_pos_1(unsigned long);
|
|
-extern unsigned long swap_bit_pos_0(unsigned long);
|
|
-extern unsigned long swap_bit_pos_0_to_ansi(unsigned long);
|
|
-extern unsigned long rev_swap_bit_pos_0(unsigned long);
|
|
-extern unsigned long swap_byte_bits(unsigned long);
|
|
-extern unsigned long swap_long_bytes_bit_number(unsigned long);
|
|
-#ifdef FILE
|
|
-/* XXX depends on FILE being a #define! */
|
|
-extern void test_set(FILE *, const char *, int, const char *, int);
|
|
-#endif
|
|
-
|
|
-void
|
|
-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule ks1,
|
|
- const mit_des_key_schedule ks2,
|
|
- const mit_des_key_schedule ks3,
|
|
- mit_des_cblock ivec);
|
|
-
|
|
-void
|
|
-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule ks1,
|
|
- const mit_des_key_schedule ks2,
|
|
- const mit_des_key_schedule ks3,
|
|
- mit_des_cblock ivec);
|
|
-
|
|
-void
|
|
-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule schedule,
|
|
- mit_des_cblock ivec);
|
|
-
|
|
-void
|
|
-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule schedule,
|
|
- mit_des_cblock ivec);
|
|
-
|
|
-void
|
|
-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule schedule, mit_des_cblock ivec,
|
|
- mit_des_cblock out);
|
|
-
|
|
-/* d3_procky.c */
|
|
-krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock,
|
|
- const krb5_keyblock *keyblock);
|
|
-
|
|
-/* d3_kysched.c */
|
|
-int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule);
|
|
-
|
|
-/* d3_str2ky.c */
|
|
-krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock,
|
|
- krb5_keyblock *keyblock,
|
|
- const krb5_data *data,
|
|
- const krb5_data *salt);
|
|
-
|
|
-/* u_nfold.c */
|
|
-krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len,
|
|
- krb5_octet *output, const size_t out_len);
|
|
-
|
|
-/* u_rn_key.c */
|
|
-int mit_des_is_weak_keyblock(krb5_keyblock *keyblock);
|
|
-
|
|
-void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock);
|
|
-
|
|
-krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed,
|
|
- krb5_pointer random_state);
|
|
-
|
|
-krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence,
|
|
- krb5_pointer random_state);
|
|
-#endif /*DES_INTERNAL_DEFS*/
|
|
diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c
|
|
deleted file mode 100644
|
|
index 32b119aad..000000000
|
|
--- a/src/lib/crypto/builtin/des/des_keys.c
|
|
+++ /dev/null
|
|
@@ -1,40 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */
|
|
-/*
|
|
- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-#include "des_int.h"
|
|
-
|
|
-void
|
|
-k5_des_fixup_key_parity(unsigned char *keybits)
|
|
-{
|
|
- mit_des_fixup_key_parity(keybits);
|
|
-}
|
|
-
|
|
-krb5_boolean
|
|
-k5_des_is_weak_key(unsigned char *keybits)
|
|
-{
|
|
- return mit_des_is_weak_key(keybits);
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c
|
|
deleted file mode 100644
|
|
index 52114304e..000000000
|
|
--- a/src/lib/crypto/builtin/des/destest.c
|
|
+++ /dev/null
|
|
@@ -1,240 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/destest.c */
|
|
-/*
|
|
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
|
|
- * All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-/*
|
|
- * Copyright (C) 1998 by the FundsXpress, INC.
|
|
- *
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may require
|
|
- * a specific license from the United States Government. It is the
|
|
- * responsibility of any person or organization contemplating export to
|
|
- * obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of FundsXpress. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. FundsXpress makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- *
|
|
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
- */
|
|
-
|
|
-/* Test a DES implementation against known inputs & outputs. */
|
|
-
|
|
-#include "des_int.h"
|
|
-#include <ctype.h>
|
|
-#include <stdio.h>
|
|
-
|
|
-void convert (char *, unsigned char []);
|
|
-
|
|
-void des_cblock_print_file (mit_des_cblock, FILE *);
|
|
-
|
|
-krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0};
|
|
-
|
|
-int
|
|
-main(argc, argv)
|
|
- int argc;
|
|
- char *argv[];
|
|
-{
|
|
- char block1[17], block2[17], block3[17];
|
|
- /* Force tests of unaligned accesses. */
|
|
- union { unsigned char c[8*4+3]; long l; } u;
|
|
- unsigned char *ioblocks = u.c;
|
|
- unsigned char *input = ioblocks+1;
|
|
- unsigned char *output = ioblocks+10;
|
|
- unsigned char *output2 = ioblocks+19;
|
|
- unsigned char *key = ioblocks+27;
|
|
- mit_des_key_schedule sched;
|
|
- int num = 0;
|
|
- int retval;
|
|
-
|
|
- int error = 0;
|
|
-
|
|
- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
|
|
- convert(block1, key);
|
|
- convert(block2, input);
|
|
- convert(block3, output);
|
|
-
|
|
- retval = mit_des_key_sched(key, sched);
|
|
- if (retval) {
|
|
- fprintf(stderr, "des test: can't process key: %d\n", retval);
|
|
- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
|
|
- exit(1);
|
|
- }
|
|
- mit_des_cbc_encrypt((const mit_des_cblock *) input,
|
|
- (mit_des_cblock *) output2, 8,
|
|
- sched, zeroblock, 1);
|
|
-
|
|
- if (memcmp((char *)output2, (char *)output, 8)) {
|
|
- fprintf(stderr,
|
|
- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
|
|
- block1, block2, block3,
|
|
- output2[0],output2[1],output2[2],output2[3],
|
|
- output2[4],output2[5],output2[6],output2[7]);
|
|
- error++;
|
|
- }
|
|
-
|
|
- /*
|
|
- * Now try decrypting....
|
|
- */
|
|
- mit_des_cbc_encrypt((const mit_des_cblock *) output,
|
|
- (mit_des_cblock *) output2, 8,
|
|
- sched, zeroblock, 0);
|
|
-
|
|
- if (memcmp((char *)output2, (char *)input, 8)) {
|
|
- fprintf(stderr,
|
|
- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
|
|
- block1, block2, block3,
|
|
- output2[0],output2[1],output2[2],output2[3],
|
|
- output2[4],output2[5],output2[6],output2[7]);
|
|
- error++;
|
|
- }
|
|
-
|
|
- num++;
|
|
- }
|
|
-
|
|
- if (error)
|
|
- printf("destest: failed to pass the test\n");
|
|
- else
|
|
- printf("destest: %d tests passed successfully\n", num);
|
|
-
|
|
- exit( (error > 256 && error % 256) ? 1 : error);
|
|
-}
|
|
-
|
|
-int value[128] = {
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- 0, 1, 2, 3, 4, 5, 6, 7,
|
|
- 8, 9, -1, -1, -1, -1, -1, -1,
|
|
- -1, 10, 11, 12, 13, 14, 15, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
- -1, -1, -1, -1, -1, -1, -1, -1,
|
|
-};
|
|
-
|
|
-void
|
|
-convert(text, cblock)
|
|
- char *text;
|
|
- unsigned char cblock[];
|
|
-{
|
|
- int i;
|
|
- for (i = 0; i < 8; i++) {
|
|
- if (!isascii((unsigned char)text[i * 2]))
|
|
- abort ();
|
|
- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
|
|
- printf("Bad value byte %d in %s\n", i, text);
|
|
- exit(1);
|
|
- }
|
|
- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
|
|
- }
|
|
- return;
|
|
-}
|
|
-
|
|
-/*
|
|
- * Fake out the DES library, for the purposes of testing.
|
|
- */
|
|
-
|
|
-int
|
|
-mit_des_is_weak_key(key)
|
|
- mit_des_cblock key;
|
|
-{
|
|
- return 0; /* fake it out for testing */
|
|
-}
|
|
-
|
|
-void
|
|
-des_cblock_print_file(x, fp)
|
|
- mit_des_cblock x;
|
|
- FILE *fp;
|
|
-{
|
|
- unsigned char *y = (unsigned char *) x;
|
|
- int i = 0;
|
|
- fprintf(fp," 0x { ");
|
|
-
|
|
- while (i++ < 8) {
|
|
- fprintf(fp,"%x",*y++);
|
|
- if (i < 8)
|
|
- fprintf(fp,", ");
|
|
- }
|
|
- fprintf(fp," }");
|
|
-}
|
|
-
|
|
-
|
|
-#define smask(step) ((1<<step)-1)
|
|
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
|
|
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
|
|
-
|
|
-/*
|
|
- * des_check_key_parity: returns true iff key has the correct des parity.
|
|
- * See des_fix_key_parity for the definition of
|
|
- * correct des parity.
|
|
- */
|
|
-int
|
|
-mit_des_check_key_parity(key)
|
|
- mit_des_cblock key;
|
|
-{
|
|
- unsigned int i;
|
|
-
|
|
- for (i=0; i<sizeof(mit_des_cblock); i++) {
|
|
- if ((key[i] & 1) == parity_char(0xfe&key[i])) {
|
|
- printf("warning: bad parity key:");
|
|
- des_cblock_print_file(key, stdout);
|
|
- putchar('\n');
|
|
-
|
|
- return 1;
|
|
- }
|
|
- }
|
|
-
|
|
- return(1);
|
|
-}
|
|
-
|
|
-void
|
|
-mit_des_fixup_key_parity(key)
|
|
- mit_des_cblock key;
|
|
-{
|
|
- unsigned int i;
|
|
- for (i=0; i<sizeof(mit_des_cblock); i++)
|
|
- {
|
|
- key[i] &= 0xfe;
|
|
- key[i] |= 1^parity_char(key[i]);
|
|
- }
|
|
-
|
|
- return;
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/doc/libdes.doc b/src/lib/crypto/builtin/des/doc/libdes.doc
|
|
deleted file mode 100644
|
|
index 6e9431ed2..000000000
|
|
--- a/src/lib/crypto/builtin/des/doc/libdes.doc
|
|
+++ /dev/null
|
|
@@ -1,208 +0,0 @@
|
|
-
|
|
- How to use the Kerberos encryption library.
|
|
-
|
|
- Revised 10/15/85 spm
|
|
-
|
|
-1) The following include file is needed:
|
|
-
|
|
- /projects/auth/include/des.h (VAX)
|
|
- --------------- (PC8086)
|
|
-
|
|
-2) The encryption library that should be linked to is:
|
|
-
|
|
- /projects/auth/lib/libdes.a (VAX)
|
|
-| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment)
|
|
-
|
|
-3) For each key that may be simultaneously active,
|
|
- allocate (either compile or malloc) a "Key_schedule" struct,
|
|
- defined in "des.h"
|
|
-
|
|
-4) Create key schedules, as needed, prior to using the encryption
|
|
- routines, via "des_set_key()".
|
|
-
|
|
-5) Setup the input and output areas. Make sure to note the restrictions
|
|
- on lengths being multiples of eight bytes.
|
|
-
|
|
-6) Invoke the encryption/decryption routines, "ecb_encrypt()"
|
|
- or "cbc_encrypt()"
|
|
-
|
|
-7) To generate a cryptographic checksum, use "cbc_cksum()"
|
|
-/* ---------------------------------------------------------------- */
|
|
-
|
|
- Routine Interfaces--
|
|
-
|
|
-/* ----------------------------------------------------------------- */
|
|
-
|
|
-int
|
|
- des_set_key(k,schedule)
|
|
- C_Block *k;
|
|
- Key_schedule schedule;
|
|
-
|
|
- Calculates a key schedule from (all) eight bytes of the input key, and
|
|
- puts it into the indicated "Key_schedule" struct;
|
|
-
|
|
- Make sure to pass valid eight bytes, no padding or other processing
|
|
- it done.
|
|
-
|
|
- The key schedule is then used in subsequent encryption/decryption
|
|
- operations. Many key schedules may be created and cached for later
|
|
- use.
|
|
-
|
|
- The user is responsible to clear keys and schedules no longer needed
|
|
- to prevent their disclosure.
|
|
-
|
|
-| Checks the parity of the key provided, to make sure it is odd per
|
|
-| FIPS spec. Returns 0 value for key ok, 1 for key_parity error.
|
|
-
|
|
-/* ---------------------------------------------------------------- */
|
|
-
|
|
-int
|
|
- ecb_encrypt(input,output,schedule,encrypt)
|
|
- C_Block *input; /* ptr to eight byte input value */
|
|
- C_Block *output; /* ptr to eight byte output value */
|
|
- int encrypt; /* 0 ==> decrypt, else encrypt */
|
|
- Key_schedule schedule; /* addr of key schedule */
|
|
-
|
|
-This is the low level routine that encrypts or decrypts a single 8-byte
|
|
-block in electronic code book mode. Always transforms the input
|
|
-data into the output data.
|
|
-
|
|
-If encrypt is non-zero, the input (cleartext) is encrypted into the
|
|
-output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
|
|
-
|
|
-If encrypt is zero, the input (now ciphertext) is decrypted into
|
|
-the output (now cleartext).
|
|
-
|
|
-Input and output may be the same space.
|
|
-
|
|
-Does not return any meaningful value. Void is not used for compatibility
|
|
-with other compilers.
|
|
-
|
|
-/* -------------------------------------------------------------- */
|
|
-
|
|
-int
|
|
- cbc_encrypt(input,output,length,schedule,ivec,encrypt)
|
|
-
|
|
- C_Block *input; /* ptr to input data */
|
|
- C_Block *output; /* ptr to output data */
|
|
- int length; /* desired length, in bytes */
|
|
- Key_schedule schedule; /* addr of precomputed schedule */
|
|
- C_Block *ivec; /* pointer to 8 byte initialization
|
|
- * vector
|
|
- */
|
|
- int encrypt /* 0 ==> decrypt; else encrypt*/
|
|
-
|
|
-
|
|
- If encrypt is non-zero, the routine cipher-block-chain encrypts
|
|
- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
|
|
- key schedule and initialization vector. If the length is not an integral
|
|
- multiple of eight bytes, the last block is copied to a temp and zero
|
|
- filled (highest addresses). The output is ALWAYS an integral multiple
|
|
- of eight bytes.
|
|
-
|
|
- If encrypt is zero, the routine cipher-block chain decrypts the INPUT
|
|
- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule
|
|
- and initialization vector. Decryption ALWAYS operates on integral
|
|
- multiples of 8 bytes, so will round the length provided up to the
|
|
- appropriate multiple. Consequently, it will always produce the rounded-up
|
|
- number of bytes of output cleartext. The application must determine if
|
|
- the output cleartext was zero-padded due to cleartext lengths not integral
|
|
- multiples of 8.
|
|
-
|
|
- No errors or meaningful value are returned. Void is not used for
|
|
- compatibility with other compilers.
|
|
-
|
|
-
|
|
-/* cbc checksum (MAC) only routine ---------------------------------------- */
|
|
-int
|
|
- cbc_cksum(input,output,length,schedule,ivec)
|
|
-
|
|
- C_Block *input; /* >= length bytes of inputtext */
|
|
- C_Block *output; /* >= length bytes of outputtext */
|
|
- int length; /* in bytes */
|
|
- Key_schedule schedule; /* precomputed key schedule */
|
|
- C_Block *ivec; /* 8 bytes of ivec */
|
|
-
|
|
-
|
|
- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
|
|
- encrypting the input, discarding the ciphertext output, and only retaining
|
|
- the last ciphertext 8-byte block. Uses the provided key schedule and ivec.
|
|
- The input is effectively zero-padded to an integral multiple of
|
|
- eight bytes, though the original input is not modified.
|
|
-
|
|
- No meaningful value is returned. Void is not used for compatibility
|
|
- with other compilers.
|
|
-
|
|
-
|
|
-/* random_key ----------------------------------------*/
|
|
-int
|
|
- random_key(key)
|
|
-
|
|
- C_Block *key;
|
|
-
|
|
- The start for the random number generated is set from the current time
|
|
- in microseconds, then the random number generator is invoked
|
|
- to create an eight byte output key (not a schedule). The key
|
|
- generated is set to odd parity per FIPS spec.
|
|
-
|
|
- The caller must supply space for the output key, pointed to
|
|
- by "*key", then after getting a new key, call the des_set_key()
|
|
- routine when needed.
|
|
-
|
|
- No meaningful value is returned. Void is not used for compatibility
|
|
- with other compilers.
|
|
-
|
|
-
|
|
-/* string_to_key --------------------------------------------*/
|
|
-
|
|
-int
|
|
- string_to_key(str,key)
|
|
- char *str;
|
|
- C_Block *key;
|
|
-
|
|
- This routines converts an arbitrary length, null terminated string
|
|
- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
|
|
-
|
|
- The algorithm is as follows:
|
|
-
|
|
-| Take the first 8 bytes and remove the parity (leaving 56 bits).
|
|
-| Do the same for the second 8 bytes, and the third, etc. Do this for
|
|
-| as many sets of 8 bytes as necessary, filling in the remainder of the
|
|
-| last set with nulls. Fold the second set back on the first (i.e. bit
|
|
-| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second
|
|
-| (bit 0 of the third set is now over bit 0 of the first set). Repeat
|
|
-| until you have done this to all sets. Xor the folded sets. Break the
|
|
-| result into 8 7 bit bytes, and generate odd parity for each byte. You
|
|
-| now have 64 bits. Note that DES takes a 64 bit key, and uses only the
|
|
-| non parity bits.
|
|
-
|
|
-
|
|
-/* read_password -------------------------------------------*/
|
|
-
|
|
-read_password(k,prompt,verify)
|
|
- C_Block *k;
|
|
- char *prompt;
|
|
- int verify;
|
|
-
|
|
-This routine issues the supplied prompt, turns off echo, if possible, and
|
|
-reads an input string. If verify is non-zero, it does it again, for use
|
|
-in applications such as changing a password. If verify is non-zero, both
|
|
-versions are compared, and the input is requested repeatedly until they
|
|
-match. Then, the input string is mapped into a valid DES key, internally
|
|
-using the string_to_key routine. The newly created key is copied to the
|
|
-area pointed to by parameter "k".
|
|
-
|
|
-No meaningful value is returned. If an error occurs trying to manipulate
|
|
-the terminal echo, the routine forces the process to exit.
|
|
-
|
|
-/* get_line ------------------------*/
|
|
-long get_line(p,max)
|
|
- char *p;
|
|
- long max;
|
|
-
|
|
-Reads input characters from standard input until either a newline appears or
|
|
-else the max length is reached. The characters read are stuffed into
|
|
-the string pointed to, which will always be null terminated. The newline
|
|
-is not inserted in the string. The max parameter includes the byte needed
|
|
-for the null terminator, so allocate and pass one more than the maximum
|
|
-string length desired.
|
|
diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c
|
|
deleted file mode 100644
|
|
index 71b8dff4d..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_aead.c
|
|
+++ /dev/null
|
|
@@ -1,173 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/*
|
|
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
|
|
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
|
|
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
|
|
- * in advertising or publicity pertaining to distribution of the software
|
|
- * without specific, written prior permission. Richard P. Basch,
|
|
- * Lehman Brothers and M.I.T. make no representations about the suitability
|
|
- * of this software for any purpose. It is provided "as is" without
|
|
- * express or implied warranty.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-#include "des_int.h"
|
|
-#include "f_tables.h"
|
|
-
|
|
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
|
|
-
|
|
-void
|
|
-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule schedule,
|
|
- mit_des_cblock ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp;
|
|
- const unsigned char *ip;
|
|
- struct iov_cursor cursor;
|
|
- unsigned char block[MIT_DES_BLOCK_LENGTH];
|
|
-
|
|
- /* Get key pointer here. This won't need to be reinitialized. */
|
|
- kp = (const unsigned DES_INT32 *)schedule;
|
|
-
|
|
- /* Initialize left and right with the contents of the initial vector. */
|
|
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
|
|
- left = load_32_be(ip);
|
|
- right = load_32_be(ip + 4);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
|
|
- while (k5_iov_cursor_get(&cursor, block)) {
|
|
- /* Decompose this block and xor it with the previous ciphertext. */
|
|
- left ^= load_32_be(block);
|
|
- right ^= load_32_be(block + 4);
|
|
-
|
|
- /* Encrypt what we have and put back into block. */
|
|
- DES_DO_ENCRYPT(left, right, kp);
|
|
- store_32_be(left, block);
|
|
- store_32_be(right, block + 4);
|
|
-
|
|
- k5_iov_cursor_put(&cursor, block);
|
|
- }
|
|
-
|
|
- if (ivec != NULL) {
|
|
- store_32_be(left, ivec);
|
|
- store_32_be(right, ivec + 4);
|
|
- }
|
|
-}
|
|
-
|
|
-void
|
|
-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule schedule,
|
|
- mit_des_cblock ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp;
|
|
- const unsigned char *ip;
|
|
- unsigned DES_INT32 ocipherl, ocipherr;
|
|
- unsigned DES_INT32 cipherl, cipherr;
|
|
- struct iov_cursor cursor;
|
|
- unsigned char block[MIT_DES_BLOCK_LENGTH];
|
|
-
|
|
- /* Get key pointer here. This won't need to be reinitialized. */
|
|
- kp = (const unsigned DES_INT32 *)schedule;
|
|
-
|
|
- /*
|
|
- * Decrypting is harder than encrypting because of
|
|
- * the necessity of remembering a lot more things.
|
|
- * Should think about this a little more...
|
|
- */
|
|
-
|
|
- /* Prime the old cipher with ivec. */
|
|
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
|
|
- ocipherl = load_32_be(ip);
|
|
- ocipherr = load_32_be(ip + 4);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
|
|
- while (k5_iov_cursor_get(&cursor, block)) {
|
|
- /* Split this block into left and right. */
|
|
- cipherl = left = load_32_be(block);
|
|
- cipherr = right = load_32_be(block + 4);
|
|
-
|
|
- /* Decrypt and xor with the old cipher to get plain text. */
|
|
- DES_DO_DECRYPT(left, right, kp);
|
|
- left ^= ocipherl;
|
|
- right ^= ocipherr;
|
|
-
|
|
- /* Store the encrypted halves back into block. */
|
|
- store_32_be(left, block);
|
|
- store_32_be(right, block + 4);
|
|
-
|
|
- /* Save current cipher block halves. */
|
|
- ocipherl = cipherl;
|
|
- ocipherr = cipherr;
|
|
-
|
|
- k5_iov_cursor_put(&cursor, block);
|
|
- }
|
|
-
|
|
- if (ivec != NULL) {
|
|
- store_32_be(ocipherl, ivec);
|
|
- store_32_be(ocipherr, ivec + 4);
|
|
- }
|
|
-}
|
|
-
|
|
-void
|
|
-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
|
|
- const mit_des_key_schedule schedule, mit_des_cblock ivec,
|
|
- mit_des_cblock out)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp;
|
|
- const unsigned char *ip;
|
|
- struct iov_cursor cursor;
|
|
- unsigned char block[MIT_DES_BLOCK_LENGTH];
|
|
-
|
|
- /* Get key pointer here. This won't need to be reinitialized. */
|
|
- kp = (const unsigned DES_INT32 *)schedule;
|
|
-
|
|
- /* Initialize left and right with the contents of the initial vector. */
|
|
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
|
|
- left = load_32_be(ip);
|
|
- right = load_32_be(ip + 4);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE);
|
|
- while (k5_iov_cursor_get(&cursor, block)) {
|
|
- /* Decompose this block and xor it with the previous ciphertext. */
|
|
- left ^= load_32_be(block);
|
|
- right ^= load_32_be(block + 4);
|
|
-
|
|
- /* Encrypt what we have. */
|
|
- DES_DO_ENCRYPT(left, right, kp);
|
|
- }
|
|
-
|
|
- /* Output the final ciphertext block. */
|
|
- store_32_be(left, out);
|
|
- store_32_be(right, out + 4);
|
|
-}
|
|
-
|
|
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
|
|
-void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
|
|
- unsigned DES_INT32 *right,
|
|
- const unsigned DES_INT32 *kp)
|
|
-{
|
|
- DES_DO_ENCRYPT_1 (*left, *right, kp);
|
|
-}
|
|
-
|
|
-void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
|
|
- unsigned DES_INT32 *right,
|
|
- const unsigned DES_INT32 *kp)
|
|
-{
|
|
- DES_DO_DECRYPT_1 (*left, *right, kp);
|
|
-}
|
|
-#endif
|
|
diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c
|
|
deleted file mode 100644
|
|
index 84d5382f2..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_cbc.c
|
|
+++ /dev/null
|
|
@@ -1,256 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/f_cbc.c */
|
|
-/*
|
|
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/*
|
|
- * CBC functions; used only by the test programs at this time. (krb5 uses the
|
|
- * functions in f_aead.c instead.)
|
|
- */
|
|
-
|
|
-/*
|
|
- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
|
|
- */
|
|
-#include "des_int.h"
|
|
-#include "f_tables.h"
|
|
-
|
|
-/*
|
|
- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
|
|
- */
|
|
-
|
|
-/*
|
|
- * This routine performs DES cipher-block-chaining operation, either
|
|
- * encrypting from cleartext to ciphertext, if encrypt != 0 or
|
|
- * decrypting from ciphertext to cleartext, if encrypt == 0.
|
|
- *
|
|
- * The key schedule is passed as an arg, as well as the cleartext or
|
|
- * ciphertext. The cleartext and ciphertext should be in host order.
|
|
- *
|
|
- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
|
|
- * enough space was provided, your program will get trashed.
|
|
- *
|
|
- * For encryption, the cleartext string is null padded, at the end, to
|
|
- * an integral multiple of eight bytes.
|
|
- *
|
|
- * For decryption, the ciphertext will be used in integral multiples
|
|
- * of 8 bytes, but only the first "length" bytes returned into the
|
|
- * cleartext.
|
|
- */
|
|
-
|
|
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
|
|
-
|
|
-static void
|
|
-des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
|
|
- unsigned long length, const mit_des_key_schedule schedule,
|
|
- const mit_des_cblock ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp;
|
|
- const unsigned char *ip;
|
|
- unsigned char *op;
|
|
-
|
|
- /*
|
|
- * Get key pointer here. This won't need to be reinitialized
|
|
- */
|
|
- kp = (const unsigned DES_INT32 *)schedule;
|
|
-
|
|
- /*
|
|
- * Initialize left and right with the contents of the initial
|
|
- * vector.
|
|
- */
|
|
- ip = ivec;
|
|
- GET_HALF_BLOCK(left, ip);
|
|
- GET_HALF_BLOCK(right, ip);
|
|
-
|
|
- /*
|
|
- * Suitably initialized, now work the length down 8 bytes
|
|
- * at a time.
|
|
- */
|
|
- ip = *in;
|
|
- op = *out;
|
|
- while (length > 0) {
|
|
- /*
|
|
- * Get more input, xor it in. If the length is
|
|
- * greater than or equal to 8 this is straight
|
|
- * forward. Otherwise we have to fart around.
|
|
- */
|
|
- if (length >= 8) {
|
|
- unsigned DES_INT32 temp;
|
|
- GET_HALF_BLOCK(temp, ip);
|
|
- left ^= temp;
|
|
- GET_HALF_BLOCK(temp, ip);
|
|
- right ^= temp;
|
|
- length -= 8;
|
|
- } else {
|
|
- /*
|
|
- * Oh, shoot. We need to pad the
|
|
- * end with zeroes. Work backwards
|
|
- * to do this.
|
|
- */
|
|
- ip += (int) length;
|
|
- switch(length) {
|
|
- case 7:
|
|
- right ^= (*(--ip) & FF_UINT32) << 8;
|
|
- case 6:
|
|
- right ^= (*(--ip) & FF_UINT32) << 16;
|
|
- case 5:
|
|
- right ^= (*(--ip) & FF_UINT32) << 24;
|
|
- case 4:
|
|
- left ^= *(--ip) & FF_UINT32;
|
|
- case 3:
|
|
- left ^= (*(--ip) & FF_UINT32) << 8;
|
|
- case 2:
|
|
- left ^= (*(--ip) & FF_UINT32) << 16;
|
|
- case 1:
|
|
- left ^= (*(--ip) & FF_UINT32) << 24;
|
|
- break;
|
|
- }
|
|
- length = 0;
|
|
- }
|
|
-
|
|
- /*
|
|
- * Encrypt what we have
|
|
- */
|
|
- DES_DO_ENCRYPT(left, right, kp);
|
|
-
|
|
- /*
|
|
- * Copy the results out
|
|
- */
|
|
- PUT_HALF_BLOCK(left, op);
|
|
- PUT_HALF_BLOCK(right, op);
|
|
- }
|
|
-}
|
|
-
|
|
-static void
|
|
-des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out,
|
|
- unsigned long length, const mit_des_key_schedule schedule,
|
|
- const mit_des_cblock ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp;
|
|
- const unsigned char *ip;
|
|
- unsigned char *op;
|
|
- unsigned DES_INT32 ocipherl, ocipherr;
|
|
- unsigned DES_INT32 cipherl, cipherr;
|
|
-
|
|
- /*
|
|
- * Get key pointer here. This won't need to be reinitialized
|
|
- */
|
|
- kp = (const unsigned DES_INT32 *)schedule;
|
|
-
|
|
- /*
|
|
- * Decrypting is harder than encrypting because of
|
|
- * the necessity of remembering a lot more things.
|
|
- * Should think about this a little more...
|
|
- */
|
|
-
|
|
- if (length <= 0)
|
|
- return;
|
|
-
|
|
- /*
|
|
- * Prime the old cipher with ivec.
|
|
- */
|
|
- ip = ivec;
|
|
- GET_HALF_BLOCK(ocipherl, ip);
|
|
- GET_HALF_BLOCK(ocipherr, ip);
|
|
-
|
|
- /*
|
|
- * Now do this in earnest until we run out of length.
|
|
- */
|
|
- ip = *in;
|
|
- op = *out;
|
|
- for (;;) { /* check done inside loop */
|
|
- /*
|
|
- * Read a block from the input into left and
|
|
- * right. Save this cipher block for later.
|
|
- */
|
|
- GET_HALF_BLOCK(left, ip);
|
|
- GET_HALF_BLOCK(right, ip);
|
|
- cipherl = left;
|
|
- cipherr = right;
|
|
-
|
|
- /*
|
|
- * Decrypt this.
|
|
- */
|
|
- DES_DO_DECRYPT(left, right, kp);
|
|
-
|
|
- /*
|
|
- * Xor with the old cipher to get plain
|
|
- * text. Output 8 or less bytes of this.
|
|
- */
|
|
- left ^= ocipherl;
|
|
- right ^= ocipherr;
|
|
- if (length > 8) {
|
|
- length -= 8;
|
|
- PUT_HALF_BLOCK(left, op);
|
|
- PUT_HALF_BLOCK(right, op);
|
|
- /*
|
|
- * Save current cipher block here
|
|
- */
|
|
- ocipherl = cipherl;
|
|
- ocipherr = cipherr;
|
|
- } else {
|
|
- /*
|
|
- * Trouble here. Start at end of output,
|
|
- * work backwards.
|
|
- */
|
|
- op += (int) length;
|
|
- switch(length) {
|
|
- case 8:
|
|
- *(--op) = (unsigned char) (right & 0xff);
|
|
- case 7:
|
|
- *(--op) = (unsigned char) ((right >> 8) & 0xff);
|
|
- case 6:
|
|
- *(--op) = (unsigned char) ((right >> 16) & 0xff);
|
|
- case 5:
|
|
- *(--op) = (unsigned char) ((right >> 24) & 0xff);
|
|
- case 4:
|
|
- *(--op) = (unsigned char) (left & 0xff);
|
|
- case 3:
|
|
- *(--op) = (unsigned char) ((left >> 8) & 0xff);
|
|
- case 2:
|
|
- *(--op) = (unsigned char) ((left >> 16) & 0xff);
|
|
- case 1:
|
|
- *(--op) = (unsigned char) ((left >> 24) & 0xff);
|
|
- break;
|
|
- }
|
|
- break; /* we're done */
|
|
- }
|
|
- }
|
|
-}
|
|
-
|
|
-int
|
|
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
|
|
- unsigned long length, const mit_des_key_schedule schedule,
|
|
- const mit_des_cblock ivec, int enc)
|
|
-{
|
|
- /*
|
|
- * Deal with encryption and decryption separately.
|
|
- */
|
|
- if (enc)
|
|
- des_cbc_encrypt(in, out, length, schedule, ivec);
|
|
- else
|
|
- des_cbc_decrypt(in, out, length, schedule, ivec);
|
|
- return 0;
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c
|
|
deleted file mode 100644
|
|
index cb482b009..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_cksum.c
|
|
+++ /dev/null
|
|
@@ -1,136 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/f_cksum.c */
|
|
-/*
|
|
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/* DES implementation donated by Dennis Ferguson */
|
|
-
|
|
-/*
|
|
- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
|
|
- */
|
|
-#include "des_int.h"
|
|
-#include "f_tables.h"
|
|
-
|
|
-/*
|
|
- * This routine performs DES cipher-block-chaining checksum operation,
|
|
- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
|
|
- * to a single 64 bit output MAC checksum.
|
|
- *
|
|
- * The key schedule is passed as an arg, as well as the cleartext or
|
|
- * ciphertext. The cleartext and ciphertext should be in host order.
|
|
- *
|
|
- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
|
|
- * provided, your program will get trashed.
|
|
- *
|
|
- * The input is null padded, at the end (highest addr), to an integral
|
|
- * multiple of eight bytes.
|
|
- */
|
|
-
|
|
-unsigned long
|
|
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
|
|
- unsigned long length, const mit_des_key_schedule schedule,
|
|
- const krb5_octet *ivec)
|
|
-{
|
|
- unsigned DES_INT32 left, right;
|
|
- const unsigned DES_INT32 *kp;
|
|
- const unsigned char *ip;
|
|
- unsigned char *op;
|
|
- DES_INT32 len;
|
|
-
|
|
- /*
|
|
- * Initialize left and right with the contents of the initial
|
|
- * vector.
|
|
- */
|
|
- ip = ivec;
|
|
- GET_HALF_BLOCK(left, ip);
|
|
- GET_HALF_BLOCK(right, ip);
|
|
-
|
|
- /*
|
|
- * Suitably initialized, now work the length down 8 bytes
|
|
- * at a time.
|
|
- */
|
|
- ip = in;
|
|
- len = length;
|
|
- while (len > 0) {
|
|
- /*
|
|
- * Get more input, xor it in. If the length is
|
|
- * greater than or equal to 8 this is straight
|
|
- * forward. Otherwise we have to fart around.
|
|
- */
|
|
- if (len >= 8) {
|
|
- unsigned DES_INT32 temp;
|
|
- GET_HALF_BLOCK(temp, ip);
|
|
- left ^= temp;
|
|
- GET_HALF_BLOCK(temp, ip);
|
|
- right ^= temp;
|
|
- len -= 8;
|
|
- } else {
|
|
- /*
|
|
- * Oh, shoot. We need to pad the
|
|
- * end with zeroes. Work backwards
|
|
- * to do this.
|
|
- */
|
|
- ip += (int) len;
|
|
- switch(len) {
|
|
- case 7:
|
|
- right ^= (*(--ip) & FF_UINT32) << 8;
|
|
- case 6:
|
|
- right ^= (*(--ip) & FF_UINT32) << 16;
|
|
- case 5:
|
|
- right ^= (*(--ip) & FF_UINT32) << 24;
|
|
- case 4:
|
|
- left ^= *(--ip) & FF_UINT32;
|
|
- case 3:
|
|
- left ^= (*(--ip) & FF_UINT32) << 8;
|
|
- case 2:
|
|
- left ^= (*(--ip) & FF_UINT32) << 16;
|
|
- case 1:
|
|
- left ^= (*(--ip) & FF_UINT32) << 24;
|
|
- break;
|
|
- }
|
|
- len = 0;
|
|
- }
|
|
-
|
|
- /*
|
|
- * Encrypt what we have
|
|
- */
|
|
- kp = (const unsigned DES_INT32 *)schedule;
|
|
- DES_DO_ENCRYPT(left, right, kp);
|
|
- }
|
|
-
|
|
- /*
|
|
- * Done. Left and right have the checksum. Put it into
|
|
- * the output.
|
|
- */
|
|
- op = out;
|
|
- PUT_HALF_BLOCK(left, op);
|
|
- PUT_HALF_BLOCK(right, op);
|
|
-
|
|
- /*
|
|
- * Return right. I'll bet the MIT code returns this
|
|
- * inconsistantly (with the low order byte of the checksum
|
|
- * not always in the low order byte of the DES_INT32). We won't.
|
|
- */
|
|
- return right & 0xFFFFFFFFUL;
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c
|
|
deleted file mode 100644
|
|
index 460b5061b..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_parity.c
|
|
+++ /dev/null
|
|
@@ -1,56 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/*
|
|
- * These routines check and fix parity of encryption keys for the DES
|
|
- * algorithm.
|
|
- *
|
|
- * They are a replacement for routines in key_parity.c, that don't require
|
|
- * the table building that they do.
|
|
- *
|
|
- * Mark Eichin -- Cygnus Support
|
|
- */
|
|
-
|
|
-
|
|
-#include "des_int.h"
|
|
-
|
|
-/*
|
|
- * des_fixup_key_parity: Forces odd parity per byte; parity is bits
|
|
- * 8,16,...64 in des order, implies 0, 8, 16, ...
|
|
- * vax order.
|
|
- */
|
|
-#define smask(step) ((1<<step)-1)
|
|
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
|
|
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
|
|
-
|
|
-void
|
|
-mit_des_fixup_key_parity(mit_des_cblock key)
|
|
-{
|
|
- unsigned int i;
|
|
- for (i=0; i<sizeof(mit_des_cblock); i++)
|
|
- {
|
|
- key[i] &= 0xfe;
|
|
- key[i] |= 1^parity_char(key[i]);
|
|
- }
|
|
-
|
|
- return;
|
|
-}
|
|
-
|
|
-/*
|
|
- * des_check_key_parity: returns true iff key has the correct des parity.
|
|
- * See des_fix_key_parity for the definition of
|
|
- * correct des parity.
|
|
- */
|
|
-int
|
|
-mit_des_check_key_parity(mit_des_cblock key)
|
|
-{
|
|
- unsigned int i;
|
|
-
|
|
- for (i=0; i<sizeof(mit_des_cblock); i++)
|
|
- {
|
|
- if((key[i] & 1) == parity_char(0xfe&key[i]))
|
|
- {
|
|
- return 0;
|
|
- }
|
|
- }
|
|
-
|
|
- return(1);
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c
|
|
deleted file mode 100644
|
|
index 666a510fb..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_sched.c
|
|
+++ /dev/null
|
|
@@ -1,359 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/f_sched.c */
|
|
-/*
|
|
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/* DES implementation donated by Dennis Ferguson */
|
|
-
|
|
-/*
|
|
- * des_make_sched.c - permute a DES key, returning the resulting key schedule
|
|
- */
|
|
-#include "k5-int.h"
|
|
-#include "des_int.h"
|
|
-
|
|
-/*
|
|
- * Permuted choice 1 tables. These are used to extract bits
|
|
- * from the left and right parts of the key to form Ci and Di.
|
|
- * The code that uses these tables knows which bits from which
|
|
- * part of each key are used to form Ci and Di.
|
|
- */
|
|
-static const unsigned DES_INT32 PC1_CL[8] = {
|
|
- 0x00000000, 0x00000010, 0x00001000, 0x00001010,
|
|
- 0x00100000, 0x00100010, 0x00101000, 0x00101010
|
|
-};
|
|
-
|
|
-static const unsigned DES_INT32 PC1_DL[16] = {
|
|
- 0x00000000, 0x00100000, 0x00001000, 0x00101000,
|
|
- 0x00000010, 0x00100010, 0x00001010, 0x00101010,
|
|
- 0x00000001, 0x00100001, 0x00001001, 0x00101001,
|
|
- 0x00000011, 0x00100011, 0x00001011, 0x00101011
|
|
-};
|
|
-
|
|
-static const unsigned DES_INT32 PC1_CR[16] = {
|
|
- 0x00000000, 0x00000001, 0x00000100, 0x00000101,
|
|
- 0x00010000, 0x00010001, 0x00010100, 0x00010101,
|
|
- 0x01000000, 0x01000001, 0x01000100, 0x01000101,
|
|
- 0x01010000, 0x01010001, 0x01010100, 0x01010101
|
|
-};
|
|
-
|
|
-static const unsigned DES_INT32 PC1_DR[8] = {
|
|
- 0x00000000, 0x01000000, 0x00010000, 0x01010000,
|
|
- 0x00000100, 0x01000100, 0x00010100, 0x01010100
|
|
-};
|
|
-
|
|
-
|
|
-/*
|
|
- * At the start of some iterations of the key schedule we do
|
|
- * a circular left shift by one place, while for others we do a shift by
|
|
- * two places. This has bits set for the iterations where we do 2 bit
|
|
- * shifts, starting at the low order bit.
|
|
- */
|
|
-#define TWO_BIT_SHIFTS 0x7efc
|
|
-
|
|
-/*
|
|
- * Permuted choice 2 tables. The first actually produces the low order
|
|
- * 24 bits of the subkey Ki from the 28 bit value of Ci. The second produces
|
|
- * the high order 24 bits from Di. The tables are indexed by six bit
|
|
- * segments of Ci and Di respectively. The code is handcrafted to compute
|
|
- * the appropriate 6 bit chunks.
|
|
- *
|
|
- * Note that for ease of computation, the 24 bit values are produced with
|
|
- * six bits going into each byte. Note also that the table has been byte
|
|
- * rearranged to produce keys which match the order we will apply them
|
|
- * in in the des code.
|
|
- */
|
|
-static const unsigned DES_INT32 PC2_C[4][64] = {
|
|
- {
|
|
- 0x00000000, 0x00000004, 0x00010000, 0x00010004,
|
|
- 0x00000400, 0x00000404, 0x00010400, 0x00010404,
|
|
- 0x00000020, 0x00000024, 0x00010020, 0x00010024,
|
|
- 0x00000420, 0x00000424, 0x00010420, 0x00010424,
|
|
- 0x01000000, 0x01000004, 0x01010000, 0x01010004,
|
|
- 0x01000400, 0x01000404, 0x01010400, 0x01010404,
|
|
- 0x01000020, 0x01000024, 0x01010020, 0x01010024,
|
|
- 0x01000420, 0x01000424, 0x01010420, 0x01010424,
|
|
- 0x00020000, 0x00020004, 0x00030000, 0x00030004,
|
|
- 0x00020400, 0x00020404, 0x00030400, 0x00030404,
|
|
- 0x00020020, 0x00020024, 0x00030020, 0x00030024,
|
|
- 0x00020420, 0x00020424, 0x00030420, 0x00030424,
|
|
- 0x01020000, 0x01020004, 0x01030000, 0x01030004,
|
|
- 0x01020400, 0x01020404, 0x01030400, 0x01030404,
|
|
- 0x01020020, 0x01020024, 0x01030020, 0x01030024,
|
|
- 0x01020420, 0x01020424, 0x01030420, 0x01030424,
|
|
- },
|
|
- {
|
|
- 0x00000000, 0x02000000, 0x00000800, 0x02000800,
|
|
- 0x00080000, 0x02080000, 0x00080800, 0x02080800,
|
|
- 0x00000001, 0x02000001, 0x00000801, 0x02000801,
|
|
- 0x00080001, 0x02080001, 0x00080801, 0x02080801,
|
|
- 0x00000100, 0x02000100, 0x00000900, 0x02000900,
|
|
- 0x00080100, 0x02080100, 0x00080900, 0x02080900,
|
|
- 0x00000101, 0x02000101, 0x00000901, 0x02000901,
|
|
- 0x00080101, 0x02080101, 0x00080901, 0x02080901,
|
|
- 0x10000000, 0x12000000, 0x10000800, 0x12000800,
|
|
- 0x10080000, 0x12080000, 0x10080800, 0x12080800,
|
|
- 0x10000001, 0x12000001, 0x10000801, 0x12000801,
|
|
- 0x10080001, 0x12080001, 0x10080801, 0x12080801,
|
|
- 0x10000100, 0x12000100, 0x10000900, 0x12000900,
|
|
- 0x10080100, 0x12080100, 0x10080900, 0x12080900,
|
|
- 0x10000101, 0x12000101, 0x10000901, 0x12000901,
|
|
- 0x10080101, 0x12080101, 0x10080901, 0x12080901,
|
|
- },
|
|
- {
|
|
- 0x00000000, 0x00040000, 0x00002000, 0x00042000,
|
|
- 0x00100000, 0x00140000, 0x00102000, 0x00142000,
|
|
- 0x20000000, 0x20040000, 0x20002000, 0x20042000,
|
|
- 0x20100000, 0x20140000, 0x20102000, 0x20142000,
|
|
- 0x00000008, 0x00040008, 0x00002008, 0x00042008,
|
|
- 0x00100008, 0x00140008, 0x00102008, 0x00142008,
|
|
- 0x20000008, 0x20040008, 0x20002008, 0x20042008,
|
|
- 0x20100008, 0x20140008, 0x20102008, 0x20142008,
|
|
- 0x00200000, 0x00240000, 0x00202000, 0x00242000,
|
|
- 0x00300000, 0x00340000, 0x00302000, 0x00342000,
|
|
- 0x20200000, 0x20240000, 0x20202000, 0x20242000,
|
|
- 0x20300000, 0x20340000, 0x20302000, 0x20342000,
|
|
- 0x00200008, 0x00240008, 0x00202008, 0x00242008,
|
|
- 0x00300008, 0x00340008, 0x00302008, 0x00342008,
|
|
- 0x20200008, 0x20240008, 0x20202008, 0x20242008,
|
|
- 0x20300008, 0x20340008, 0x20302008, 0x20342008,
|
|
- },
|
|
- {
|
|
- 0x00000000, 0x00000010, 0x08000000, 0x08000010,
|
|
- 0x00000200, 0x00000210, 0x08000200, 0x08000210,
|
|
- 0x00000002, 0x00000012, 0x08000002, 0x08000012,
|
|
- 0x00000202, 0x00000212, 0x08000202, 0x08000212,
|
|
- 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
|
|
- 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
|
|
- 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
|
|
- 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
|
|
- 0x00001000, 0x00001010, 0x08001000, 0x08001010,
|
|
- 0x00001200, 0x00001210, 0x08001200, 0x08001210,
|
|
- 0x00001002, 0x00001012, 0x08001002, 0x08001012,
|
|
- 0x00001202, 0x00001212, 0x08001202, 0x08001212,
|
|
- 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
|
|
- 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
|
|
- 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
|
|
- 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
|
|
- },
|
|
-};
|
|
-
|
|
-static const unsigned DES_INT32 PC2_D[4][64] = {
|
|
- {
|
|
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
|
|
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
|
|
- 0x00000008, 0x02000008, 0x00020008, 0x02020008,
|
|
- 0x00000108, 0x02000108, 0x00020108, 0x02020108,
|
|
- 0x00200000, 0x02200000, 0x00220000, 0x02220000,
|
|
- 0x00200100, 0x02200100, 0x00220100, 0x02220100,
|
|
- 0x00200008, 0x02200008, 0x00220008, 0x02220008,
|
|
- 0x00200108, 0x02200108, 0x00220108, 0x02220108,
|
|
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
|
|
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
|
|
- 0x00000208, 0x02000208, 0x00020208, 0x02020208,
|
|
- 0x00000308, 0x02000308, 0x00020308, 0x02020308,
|
|
- 0x00200200, 0x02200200, 0x00220200, 0x02220200,
|
|
- 0x00200300, 0x02200300, 0x00220300, 0x02220300,
|
|
- 0x00200208, 0x02200208, 0x00220208, 0x02220208,
|
|
- 0x00200308, 0x02200308, 0x00220308, 0x02220308,
|
|
- },
|
|
- {
|
|
- 0x00000000, 0x00001000, 0x00000020, 0x00001020,
|
|
- 0x00100000, 0x00101000, 0x00100020, 0x00101020,
|
|
- 0x08000000, 0x08001000, 0x08000020, 0x08001020,
|
|
- 0x08100000, 0x08101000, 0x08100020, 0x08101020,
|
|
- 0x00000004, 0x00001004, 0x00000024, 0x00001024,
|
|
- 0x00100004, 0x00101004, 0x00100024, 0x00101024,
|
|
- 0x08000004, 0x08001004, 0x08000024, 0x08001024,
|
|
- 0x08100004, 0x08101004, 0x08100024, 0x08101024,
|
|
- 0x00000400, 0x00001400, 0x00000420, 0x00001420,
|
|
- 0x00100400, 0x00101400, 0x00100420, 0x00101420,
|
|
- 0x08000400, 0x08001400, 0x08000420, 0x08001420,
|
|
- 0x08100400, 0x08101400, 0x08100420, 0x08101420,
|
|
- 0x00000404, 0x00001404, 0x00000424, 0x00001424,
|
|
- 0x00100404, 0x00101404, 0x00100424, 0x00101424,
|
|
- 0x08000404, 0x08001404, 0x08000424, 0x08001424,
|
|
- 0x08100404, 0x08101404, 0x08100424, 0x08101424,
|
|
- },
|
|
- {
|
|
- 0x00000000, 0x10000000, 0x00010000, 0x10010000,
|
|
- 0x00000002, 0x10000002, 0x00010002, 0x10010002,
|
|
- 0x00002000, 0x10002000, 0x00012000, 0x10012000,
|
|
- 0x00002002, 0x10002002, 0x00012002, 0x10012002,
|
|
- 0x00040000, 0x10040000, 0x00050000, 0x10050000,
|
|
- 0x00040002, 0x10040002, 0x00050002, 0x10050002,
|
|
- 0x00042000, 0x10042000, 0x00052000, 0x10052000,
|
|
- 0x00042002, 0x10042002, 0x00052002, 0x10052002,
|
|
- 0x20000000, 0x30000000, 0x20010000, 0x30010000,
|
|
- 0x20000002, 0x30000002, 0x20010002, 0x30010002,
|
|
- 0x20002000, 0x30002000, 0x20012000, 0x30012000,
|
|
- 0x20002002, 0x30002002, 0x20012002, 0x30012002,
|
|
- 0x20040000, 0x30040000, 0x20050000, 0x30050000,
|
|
- 0x20040002, 0x30040002, 0x20050002, 0x30050002,
|
|
- 0x20042000, 0x30042000, 0x20052000, 0x30052000,
|
|
- 0x20042002, 0x30042002, 0x20052002, 0x30052002,
|
|
- },
|
|
- {
|
|
- 0x00000000, 0x04000000, 0x00000001, 0x04000001,
|
|
- 0x01000000, 0x05000000, 0x01000001, 0x05000001,
|
|
- 0x00000010, 0x04000010, 0x00000011, 0x04000011,
|
|
- 0x01000010, 0x05000010, 0x01000011, 0x05000011,
|
|
- 0x00080000, 0x04080000, 0x00080001, 0x04080001,
|
|
- 0x01080000, 0x05080000, 0x01080001, 0x05080001,
|
|
- 0x00080010, 0x04080010, 0x00080011, 0x04080011,
|
|
- 0x01080010, 0x05080010, 0x01080011, 0x05080011,
|
|
- 0x00000800, 0x04000800, 0x00000801, 0x04000801,
|
|
- 0x01000800, 0x05000800, 0x01000801, 0x05000801,
|
|
- 0x00000810, 0x04000810, 0x00000811, 0x04000811,
|
|
- 0x01000810, 0x05000810, 0x01000811, 0x05000811,
|
|
- 0x00080800, 0x04080800, 0x00080801, 0x04080801,
|
|
- 0x01080800, 0x05080800, 0x01080801, 0x05080801,
|
|
- 0x00080810, 0x04080810, 0x00080811, 0x04080811,
|
|
- 0x01080810, 0x05080810, 0x01080811, 0x05080811
|
|
- },
|
|
-};
|
|
-
|
|
-
|
|
-
|
|
-/*
|
|
- * Permute the key to give us our key schedule.
|
|
- */
|
|
-int
|
|
-mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
|
|
-{
|
|
- unsigned DES_INT32 c, d;
|
|
-
|
|
- {
|
|
- /*
|
|
- * Need a pointer for the keys and a temporary DES_INT32
|
|
- */
|
|
- const unsigned char *k;
|
|
- unsigned DES_INT32 tmp;
|
|
-
|
|
- /*
|
|
- * Fetch the key into something we can work with
|
|
- */
|
|
- k = key;
|
|
-
|
|
- /*
|
|
- * The first permutted choice gives us the 28 bits for C0 and
|
|
- * 28 for D0. C0 gets 12 bits from the left key and 16 from
|
|
- * the right, while D0 gets 16 from the left and 12 from the
|
|
- * right. The code knows which bits go where.
|
|
- */
|
|
- tmp = load_32_be(k), k += 4;
|
|
-
|
|
- c = PC1_CL[(tmp >> 29) & 0x7]
|
|
- | (PC1_CL[(tmp >> 21) & 0x7] << 1)
|
|
- | (PC1_CL[(tmp >> 13) & 0x7] << 2)
|
|
- | (PC1_CL[(tmp >> 5) & 0x7] << 3);
|
|
- d = PC1_DL[(tmp >> 25) & 0xf]
|
|
- | (PC1_DL[(tmp >> 17) & 0xf] << 1)
|
|
- | (PC1_DL[(tmp >> 9) & 0xf] << 2)
|
|
- | (PC1_DL[(tmp >> 1) & 0xf] << 3);
|
|
-
|
|
- tmp = load_32_be(k), k += 4;
|
|
-
|
|
- c |= PC1_CR[(tmp >> 28) & 0xf]
|
|
- | (PC1_CR[(tmp >> 20) & 0xf] << 1)
|
|
- | (PC1_CR[(tmp >> 12) & 0xf] << 2)
|
|
- | (PC1_CR[(tmp >> 4) & 0xf] << 3);
|
|
- d |= PC1_DR[(tmp >> 25) & 0x7]
|
|
- | (PC1_DR[(tmp >> 17) & 0x7] << 1)
|
|
- | (PC1_DR[(tmp >> 9) & 0x7] << 2)
|
|
- | (PC1_DR[(tmp >> 1) & 0x7] << 3);
|
|
- }
|
|
-
|
|
- {
|
|
- /*
|
|
- * Need several temporaries in here
|
|
- */
|
|
- unsigned DES_INT32 ltmp, rtmp;
|
|
- unsigned DES_INT32 *k;
|
|
- int two_bit_shifts;
|
|
- int i;
|
|
- /*
|
|
- * Now iterate to compute the key schedule. Note that we
|
|
- * record the entire set of subkeys in 6 bit chunks since
|
|
- * they are used that way. At 6 bits/char, we need
|
|
- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
|
|
- * The schedule must be this big.
|
|
- */
|
|
- k = (unsigned DES_INT32 *)schedule;
|
|
- two_bit_shifts = TWO_BIT_SHIFTS;
|
|
- for (i = 16; i > 0; i--) {
|
|
- /*
|
|
- * Do the rotation. One bit and two bit rotations
|
|
- * are done separately. Note C and D are 28 bits.
|
|
- */
|
|
- if (two_bit_shifts & 0x1) {
|
|
- c = ((c << 2) & 0xffffffc) | (c >> 26);
|
|
- d = ((d << 2) & 0xffffffc) | (d >> 26);
|
|
- } else {
|
|
- c = ((c << 1) & 0xffffffe) | (c >> 27);
|
|
- d = ((d << 1) & 0xffffffe) | (d >> 27);
|
|
- }
|
|
- two_bit_shifts >>= 1;
|
|
-
|
|
- /*
|
|
- * Apply permutted choice 2 to C to get the first
|
|
- * 24 bits worth of keys. Note that bits 9, 18, 22
|
|
- * and 25 (using DES numbering) in C are unused. The
|
|
- * shift-mask stuff is done to delete these bits from
|
|
- * the indices, since this cuts the table size in half.
|
|
- *
|
|
- * The table is torqued, by the way. If the standard
|
|
- * byte order for this (high to low order) is 1234,
|
|
- * the table actually gives us 4132.
|
|
- */
|
|
- ltmp = PC2_C[0][((c >> 22) & 0x3f)]
|
|
- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
|
|
- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
|
|
- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
|
|
- /*
|
|
- * Apply permutted choice 2 to D to get the other half.
|
|
- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
|
|
- * actually turns out to be cheaper here.
|
|
- *
|
|
- * This table is similarly torqued. If the standard
|
|
- * byte order is 5678, the table has the bytes permuted
|
|
- * to give us 7685.
|
|
- */
|
|
- rtmp = PC2_D[0][((d >> 22) & 0x3f)]
|
|
- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
|
|
- | PC2_D[2][((d >> 7) & 0x3f)]
|
|
- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
|
|
-
|
|
- /*
|
|
- * Make up two words of the key schedule, with a
|
|
- * byte order which is convenient for the DES
|
|
- * inner loop. The high order (first) word will
|
|
- * hold bytes 7135 (high to low order) while the
|
|
- * second holds bytes 4682.
|
|
- */
|
|
- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
|
|
- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
|
|
- }
|
|
- }
|
|
- return (0);
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c
|
|
deleted file mode 100644
|
|
index 6308cb0d5..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_tables.c
|
|
+++ /dev/null
|
|
@@ -1,370 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/f_tables.c */
|
|
-/*
|
|
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/* DES implementation donated by Dennis Ferguson */
|
|
-
|
|
-/*
|
|
- * des_tables.c - precomputed tables used for the DES cipher function
|
|
- */
|
|
-
|
|
-/*
|
|
- * Include the header file so something will complain if the
|
|
- * declarations get out of sync
|
|
- */
|
|
-#include "des_int.h"
|
|
-#include "f_tables.h"
|
|
-
|
|
-/*
|
|
- * These tables may be declared const if you want. Many compilers
|
|
- * don't support this, though.
|
|
- */
|
|
-
|
|
-/*
|
|
- * The DES algorithm which uses these is intended to be fairly speedy
|
|
- * at the expense of some memory. All the standard hacks are used.
|
|
- * The S boxes and the P permutation are precomputed into one table.
|
|
- * The E box never actually appears explicitly since it is easy to apply
|
|
- * this algorithmically as needed. The initial permutation and final
|
|
- * (inverse initial) permutation are computed from tables designed to
|
|
- * permute one byte at a time. This should run pretty fast on machines
|
|
- * with 32 bit words and bit field/multiple bit shift instructions which
|
|
- * are fast.
|
|
- */
|
|
-
|
|
-/*
|
|
- * The initial permutation array. This is used to compute both the
|
|
- * left and the right halves of the initial permutation using bytes
|
|
- * from words made from the following operations:
|
|
- *
|
|
- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half
|
|
- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half
|
|
- *
|
|
- * The scheme is that we index into the table using each byte. The
|
|
- * result from the high order byte is or'd with the result from the
|
|
- * next byte shifted left once is or'd with the result from the next
|
|
- * byte shifted left twice if or'd with the result from the low order
|
|
- * byte shifted left by three. Clear?
|
|
- */
|
|
-
|
|
-const unsigned DES_INT32 des_IP_table[256] = {
|
|
- 0x00000000, 0x00000010, 0x00000001, 0x00000011,
|
|
- 0x00001000, 0x00001010, 0x00001001, 0x00001011,
|
|
- 0x00000100, 0x00000110, 0x00000101, 0x00000111,
|
|
- 0x00001100, 0x00001110, 0x00001101, 0x00001111,
|
|
- 0x00100000, 0x00100010, 0x00100001, 0x00100011,
|
|
- 0x00101000, 0x00101010, 0x00101001, 0x00101011,
|
|
- 0x00100100, 0x00100110, 0x00100101, 0x00100111,
|
|
- 0x00101100, 0x00101110, 0x00101101, 0x00101111,
|
|
- 0x00010000, 0x00010010, 0x00010001, 0x00010011,
|
|
- 0x00011000, 0x00011010, 0x00011001, 0x00011011,
|
|
- 0x00010100, 0x00010110, 0x00010101, 0x00010111,
|
|
- 0x00011100, 0x00011110, 0x00011101, 0x00011111,
|
|
- 0x00110000, 0x00110010, 0x00110001, 0x00110011,
|
|
- 0x00111000, 0x00111010, 0x00111001, 0x00111011,
|
|
- 0x00110100, 0x00110110, 0x00110101, 0x00110111,
|
|
- 0x00111100, 0x00111110, 0x00111101, 0x00111111,
|
|
- 0x10000000, 0x10000010, 0x10000001, 0x10000011,
|
|
- 0x10001000, 0x10001010, 0x10001001, 0x10001011,
|
|
- 0x10000100, 0x10000110, 0x10000101, 0x10000111,
|
|
- 0x10001100, 0x10001110, 0x10001101, 0x10001111,
|
|
- 0x10100000, 0x10100010, 0x10100001, 0x10100011,
|
|
- 0x10101000, 0x10101010, 0x10101001, 0x10101011,
|
|
- 0x10100100, 0x10100110, 0x10100101, 0x10100111,
|
|
- 0x10101100, 0x10101110, 0x10101101, 0x10101111,
|
|
- 0x10010000, 0x10010010, 0x10010001, 0x10010011,
|
|
- 0x10011000, 0x10011010, 0x10011001, 0x10011011,
|
|
- 0x10010100, 0x10010110, 0x10010101, 0x10010111,
|
|
- 0x10011100, 0x10011110, 0x10011101, 0x10011111,
|
|
- 0x10110000, 0x10110010, 0x10110001, 0x10110011,
|
|
- 0x10111000, 0x10111010, 0x10111001, 0x10111011,
|
|
- 0x10110100, 0x10110110, 0x10110101, 0x10110111,
|
|
- 0x10111100, 0x10111110, 0x10111101, 0x10111111,
|
|
- 0x01000000, 0x01000010, 0x01000001, 0x01000011,
|
|
- 0x01001000, 0x01001010, 0x01001001, 0x01001011,
|
|
- 0x01000100, 0x01000110, 0x01000101, 0x01000111,
|
|
- 0x01001100, 0x01001110, 0x01001101, 0x01001111,
|
|
- 0x01100000, 0x01100010, 0x01100001, 0x01100011,
|
|
- 0x01101000, 0x01101010, 0x01101001, 0x01101011,
|
|
- 0x01100100, 0x01100110, 0x01100101, 0x01100111,
|
|
- 0x01101100, 0x01101110, 0x01101101, 0x01101111,
|
|
- 0x01010000, 0x01010010, 0x01010001, 0x01010011,
|
|
- 0x01011000, 0x01011010, 0x01011001, 0x01011011,
|
|
- 0x01010100, 0x01010110, 0x01010101, 0x01010111,
|
|
- 0x01011100, 0x01011110, 0x01011101, 0x01011111,
|
|
- 0x01110000, 0x01110010, 0x01110001, 0x01110011,
|
|
- 0x01111000, 0x01111010, 0x01111001, 0x01111011,
|
|
- 0x01110100, 0x01110110, 0x01110101, 0x01110111,
|
|
- 0x01111100, 0x01111110, 0x01111101, 0x01111111,
|
|
- 0x11000000, 0x11000010, 0x11000001, 0x11000011,
|
|
- 0x11001000, 0x11001010, 0x11001001, 0x11001011,
|
|
- 0x11000100, 0x11000110, 0x11000101, 0x11000111,
|
|
- 0x11001100, 0x11001110, 0x11001101, 0x11001111,
|
|
- 0x11100000, 0x11100010, 0x11100001, 0x11100011,
|
|
- 0x11101000, 0x11101010, 0x11101001, 0x11101011,
|
|
- 0x11100100, 0x11100110, 0x11100101, 0x11100111,
|
|
- 0x11101100, 0x11101110, 0x11101101, 0x11101111,
|
|
- 0x11010000, 0x11010010, 0x11010001, 0x11010011,
|
|
- 0x11011000, 0x11011010, 0x11011001, 0x11011011,
|
|
- 0x11010100, 0x11010110, 0x11010101, 0x11010111,
|
|
- 0x11011100, 0x11011110, 0x11011101, 0x11011111,
|
|
- 0x11110000, 0x11110010, 0x11110001, 0x11110011,
|
|
- 0x11111000, 0x11111010, 0x11111001, 0x11111011,
|
|
- 0x11110100, 0x11110110, 0x11110101, 0x11110111,
|
|
- 0x11111100, 0x11111110, 0x11111101, 0x11111111
|
|
-};
|
|
-
|
|
-/*
|
|
- * The final permutation array. Like the IP array, used
|
|
- * to compute both the left and right results from the bytes
|
|
- * of words computed from:
|
|
- *
|
|
- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result
|
|
- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result
|
|
- *
|
|
- * The result from the high order byte is shifted left 6 bits and
|
|
- * or'd with the result from the next byte shifted left 4 bits, which
|
|
- * is or'd with the result from the next byte shifted left 2 bits,
|
|
- * which is or'd with the result from the low byte.
|
|
- */
|
|
-const unsigned DES_INT32 des_FP_table[256] = {
|
|
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
|
|
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
|
|
- 0x00000002, 0x02000002, 0x00020002, 0x02020002,
|
|
- 0x00000202, 0x02000202, 0x00020202, 0x02020202,
|
|
- 0x01000000, 0x03000000, 0x01020000, 0x03020000,
|
|
- 0x01000200, 0x03000200, 0x01020200, 0x03020200,
|
|
- 0x01000002, 0x03000002, 0x01020002, 0x03020002,
|
|
- 0x01000202, 0x03000202, 0x01020202, 0x03020202,
|
|
- 0x00010000, 0x02010000, 0x00030000, 0x02030000,
|
|
- 0x00010200, 0x02010200, 0x00030200, 0x02030200,
|
|
- 0x00010002, 0x02010002, 0x00030002, 0x02030002,
|
|
- 0x00010202, 0x02010202, 0x00030202, 0x02030202,
|
|
- 0x01010000, 0x03010000, 0x01030000, 0x03030000,
|
|
- 0x01010200, 0x03010200, 0x01030200, 0x03030200,
|
|
- 0x01010002, 0x03010002, 0x01030002, 0x03030002,
|
|
- 0x01010202, 0x03010202, 0x01030202, 0x03030202,
|
|
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
|
|
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
|
|
- 0x00000102, 0x02000102, 0x00020102, 0x02020102,
|
|
- 0x00000302, 0x02000302, 0x00020302, 0x02020302,
|
|
- 0x01000100, 0x03000100, 0x01020100, 0x03020100,
|
|
- 0x01000300, 0x03000300, 0x01020300, 0x03020300,
|
|
- 0x01000102, 0x03000102, 0x01020102, 0x03020102,
|
|
- 0x01000302, 0x03000302, 0x01020302, 0x03020302,
|
|
- 0x00010100, 0x02010100, 0x00030100, 0x02030100,
|
|
- 0x00010300, 0x02010300, 0x00030300, 0x02030300,
|
|
- 0x00010102, 0x02010102, 0x00030102, 0x02030102,
|
|
- 0x00010302, 0x02010302, 0x00030302, 0x02030302,
|
|
- 0x01010100, 0x03010100, 0x01030100, 0x03030100,
|
|
- 0x01010300, 0x03010300, 0x01030300, 0x03030300,
|
|
- 0x01010102, 0x03010102, 0x01030102, 0x03030102,
|
|
- 0x01010302, 0x03010302, 0x01030302, 0x03030302,
|
|
- 0x00000001, 0x02000001, 0x00020001, 0x02020001,
|
|
- 0x00000201, 0x02000201, 0x00020201, 0x02020201,
|
|
- 0x00000003, 0x02000003, 0x00020003, 0x02020003,
|
|
- 0x00000203, 0x02000203, 0x00020203, 0x02020203,
|
|
- 0x01000001, 0x03000001, 0x01020001, 0x03020001,
|
|
- 0x01000201, 0x03000201, 0x01020201, 0x03020201,
|
|
- 0x01000003, 0x03000003, 0x01020003, 0x03020003,
|
|
- 0x01000203, 0x03000203, 0x01020203, 0x03020203,
|
|
- 0x00010001, 0x02010001, 0x00030001, 0x02030001,
|
|
- 0x00010201, 0x02010201, 0x00030201, 0x02030201,
|
|
- 0x00010003, 0x02010003, 0x00030003, 0x02030003,
|
|
- 0x00010203, 0x02010203, 0x00030203, 0x02030203,
|
|
- 0x01010001, 0x03010001, 0x01030001, 0x03030001,
|
|
- 0x01010201, 0x03010201, 0x01030201, 0x03030201,
|
|
- 0x01010003, 0x03010003, 0x01030003, 0x03030003,
|
|
- 0x01010203, 0x03010203, 0x01030203, 0x03030203,
|
|
- 0x00000101, 0x02000101, 0x00020101, 0x02020101,
|
|
- 0x00000301, 0x02000301, 0x00020301, 0x02020301,
|
|
- 0x00000103, 0x02000103, 0x00020103, 0x02020103,
|
|
- 0x00000303, 0x02000303, 0x00020303, 0x02020303,
|
|
- 0x01000101, 0x03000101, 0x01020101, 0x03020101,
|
|
- 0x01000301, 0x03000301, 0x01020301, 0x03020301,
|
|
- 0x01000103, 0x03000103, 0x01020103, 0x03020103,
|
|
- 0x01000303, 0x03000303, 0x01020303, 0x03020303,
|
|
- 0x00010101, 0x02010101, 0x00030101, 0x02030101,
|
|
- 0x00010301, 0x02010301, 0x00030301, 0x02030301,
|
|
- 0x00010103, 0x02010103, 0x00030103, 0x02030103,
|
|
- 0x00010303, 0x02010303, 0x00030303, 0x02030303,
|
|
- 0x01010101, 0x03010101, 0x01030101, 0x03030101,
|
|
- 0x01010301, 0x03010301, 0x01030301, 0x03030301,
|
|
- 0x01010103, 0x03010103, 0x01030103, 0x03030103,
|
|
- 0x01010303, 0x03010303, 0x01030303, 0x03030303
|
|
-};
|
|
-
|
|
-
|
|
-/*
|
|
- * The SP table is actually the S boxes and the P permutation
|
|
- * table combined. This table is actually reordered from the
|
|
- * spec, to match the order of key application we follow.
|
|
- */
|
|
-const unsigned DES_INT32 des_SP_table[8][64] = {
|
|
- {
|
|
- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
|
|
- 0x00000400, 0x02000401, 0x00100401, 0x02100400,
|
|
- 0x02100401, 0x00100000, 0x00000000, 0x02000001,
|
|
- 0x00000001, 0x02000000, 0x02100001, 0x00000401,
|
|
- 0x02000400, 0x00100401, 0x00100001, 0x02000400,
|
|
- 0x02000001, 0x02100000, 0x02100400, 0x00100001,
|
|
- 0x02100000, 0x00000400, 0x00000401, 0x02100401,
|
|
- 0x00100400, 0x00000001, 0x02000000, 0x00100400,
|
|
- 0x02000000, 0x00100400, 0x00100000, 0x02000401,
|
|
- 0x02000401, 0x02100001, 0x02100001, 0x00000001,
|
|
- 0x00100001, 0x02000000, 0x02000400, 0x00100000,
|
|
- 0x02100400, 0x00000401, 0x00100401, 0x02100400,
|
|
- 0x00000401, 0x02000001, 0x02100401, 0x02100000,
|
|
- 0x00100400, 0x00000000, 0x00000001, 0x02100401,
|
|
- 0x00000000, 0x00100401, 0x02100000, 0x00000400,
|
|
- 0x02000001, 0x02000400, 0x00000400, 0x00100001,
|
|
- },
|
|
- {
|
|
- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
|
|
- 0x00808002, 0x00008202, 0x00000002, 0x00008000,
|
|
- 0x00000200, 0x00808200, 0x00808202, 0x00000200,
|
|
- 0x00800202, 0x00808002, 0x00800000, 0x00000002,
|
|
- 0x00000202, 0x00800200, 0x00800200, 0x00008200,
|
|
- 0x00008200, 0x00808000, 0x00808000, 0x00800202,
|
|
- 0x00008002, 0x00800002, 0x00800002, 0x00008002,
|
|
- 0x00000000, 0x00000202, 0x00008202, 0x00800000,
|
|
- 0x00008000, 0x00808202, 0x00000002, 0x00808000,
|
|
- 0x00808200, 0x00800000, 0x00800000, 0x00000200,
|
|
- 0x00808002, 0x00008000, 0x00008200, 0x00800002,
|
|
- 0x00000200, 0x00000002, 0x00800202, 0x00008202,
|
|
- 0x00808202, 0x00008002, 0x00808000, 0x00800202,
|
|
- 0x00800002, 0x00000202, 0x00008202, 0x00808200,
|
|
- 0x00000202, 0x00800200, 0x00800200, 0x00000000,
|
|
- 0x00008002, 0x00008200, 0x00000000, 0x00808002,
|
|
- },
|
|
- {
|
|
- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
|
|
- 0x04000100, 0x00000000, 0x00010104, 0x04000100,
|
|
- 0x00010004, 0x04000004, 0x04000004, 0x00010000,
|
|
- 0x04010104, 0x00010004, 0x04010000, 0x00000104,
|
|
- 0x04000000, 0x00000004, 0x04010100, 0x00000100,
|
|
- 0x00010100, 0x04010000, 0x04010004, 0x00010104,
|
|
- 0x04000104, 0x00010100, 0x00010000, 0x04000104,
|
|
- 0x00000004, 0x04010104, 0x00000100, 0x04000000,
|
|
- 0x04010100, 0x04000000, 0x00010004, 0x00000104,
|
|
- 0x00010000, 0x04010100, 0x04000100, 0x00000000,
|
|
- 0x00000100, 0x00010004, 0x04010104, 0x04000100,
|
|
- 0x04000004, 0x00000100, 0x00000000, 0x04010004,
|
|
- 0x04000104, 0x00010000, 0x04000000, 0x04010104,
|
|
- 0x00000004, 0x00010104, 0x00010100, 0x04000004,
|
|
- 0x04010000, 0x04000104, 0x00000104, 0x04010000,
|
|
- 0x00010104, 0x00000004, 0x04010004, 0x00010100,
|
|
- },
|
|
- {
|
|
- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
|
|
- 0x00040000, 0x00000080, 0x20000000, 0x01040000,
|
|
- 0x20040080, 0x00040000, 0x01000080, 0x20040080,
|
|
- 0x21000080, 0x21040000, 0x00040080, 0x20000000,
|
|
- 0x01000000, 0x20040000, 0x20040000, 0x00000000,
|
|
- 0x20000080, 0x21040080, 0x21040080, 0x01000080,
|
|
- 0x21040000, 0x20000080, 0x00000000, 0x21000000,
|
|
- 0x01040080, 0x01000000, 0x21000000, 0x00040080,
|
|
- 0x00040000, 0x21000080, 0x00000080, 0x01000000,
|
|
- 0x20000000, 0x01040000, 0x21000080, 0x20040080,
|
|
- 0x01000080, 0x20000000, 0x21040000, 0x01040080,
|
|
- 0x20040080, 0x00000080, 0x01000000, 0x21040000,
|
|
- 0x21040080, 0x00040080, 0x21000000, 0x21040080,
|
|
- 0x01040000, 0x00000000, 0x20040000, 0x21000000,
|
|
- 0x00040080, 0x01000080, 0x20000080, 0x00040000,
|
|
- 0x00000000, 0x20040000, 0x01040080, 0x20000080,
|
|
- },
|
|
- {
|
|
- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
|
|
- 0x00401040, 0x80400040, 0x80400000, 0x80001000,
|
|
- 0x00000000, 0x00401000, 0x00401000, 0x80401040,
|
|
- 0x80000040, 0x00000000, 0x00400040, 0x80400000,
|
|
- 0x80000000, 0x00001000, 0x00400000, 0x80401000,
|
|
- 0x00000040, 0x00400000, 0x80001000, 0x00001040,
|
|
- 0x80400040, 0x80000000, 0x00001040, 0x00400040,
|
|
- 0x00001000, 0x00401040, 0x80401040, 0x80000040,
|
|
- 0x00400040, 0x80400000, 0x00401000, 0x80401040,
|
|
- 0x80000040, 0x00000000, 0x00000000, 0x00401000,
|
|
- 0x00001040, 0x00400040, 0x80400040, 0x80000000,
|
|
- 0x80401000, 0x80001040, 0x80001040, 0x00000040,
|
|
- 0x80401040, 0x80000040, 0x80000000, 0x00001000,
|
|
- 0x80400000, 0x80001000, 0x00401040, 0x80400040,
|
|
- 0x80001000, 0x00001040, 0x00400000, 0x80401000,
|
|
- 0x00000040, 0x00400000, 0x00001000, 0x00401040,
|
|
- },
|
|
- {
|
|
- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
|
|
- 0x10200000, 0x00000008, 0x10202008, 0x00200000,
|
|
- 0x10002000, 0x00202008, 0x00200000, 0x10000008,
|
|
- 0x00200008, 0x10002000, 0x10000000, 0x00002008,
|
|
- 0x00000000, 0x00200008, 0x10002008, 0x00002000,
|
|
- 0x00202000, 0x10002008, 0x00000008, 0x10200008,
|
|
- 0x10200008, 0x00000000, 0x00202008, 0x10202000,
|
|
- 0x00002008, 0x00202000, 0x10202000, 0x10000000,
|
|
- 0x10002000, 0x00000008, 0x10200008, 0x00202000,
|
|
- 0x10202008, 0x00200000, 0x00002008, 0x10000008,
|
|
- 0x00200000, 0x10002000, 0x10000000, 0x00002008,
|
|
- 0x10000008, 0x10202008, 0x00202000, 0x10200000,
|
|
- 0x00202008, 0x10202000, 0x00000000, 0x10200008,
|
|
- 0x00000008, 0x00002000, 0x10200000, 0x00202008,
|
|
- 0x00002000, 0x00200008, 0x10002008, 0x00000000,
|
|
- 0x10202000, 0x10000000, 0x00200008, 0x10002008,
|
|
- },
|
|
- {
|
|
- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
|
|
- 0x08000000, 0x08000820, 0x00000020, 0x08000000,
|
|
- 0x00020020, 0x08020000, 0x08020820, 0x00020800,
|
|
- 0x08020800, 0x00020820, 0x00000800, 0x00000020,
|
|
- 0x08020000, 0x08000020, 0x08000800, 0x00000820,
|
|
- 0x00020800, 0x00020020, 0x08020020, 0x08020800,
|
|
- 0x00000820, 0x00000000, 0x00000000, 0x08020020,
|
|
- 0x08000020, 0x08000800, 0x00020820, 0x00020000,
|
|
- 0x00020820, 0x00020000, 0x08020800, 0x00000800,
|
|
- 0x00000020, 0x08020020, 0x00000800, 0x00020820,
|
|
- 0x08000800, 0x00000020, 0x08000020, 0x08020000,
|
|
- 0x08020020, 0x08000000, 0x00020000, 0x08000820,
|
|
- 0x00000000, 0x08020820, 0x00020020, 0x08000020,
|
|
- 0x08020000, 0x08000800, 0x08000820, 0x00000000,
|
|
- 0x08020820, 0x00020800, 0x00020800, 0x00000820,
|
|
- 0x00000820, 0x00020020, 0x08000000, 0x08020800,
|
|
- },
|
|
- {
|
|
- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
|
|
- 0x00080000, 0x00000010, 0x40080010, 0x40004010,
|
|
- 0x40000010, 0x40084010, 0x40084000, 0x40000000,
|
|
- 0x40004000, 0x00080000, 0x00000010, 0x40080010,
|
|
- 0x00084000, 0x00080010, 0x40004010, 0x00000000,
|
|
- 0x40000000, 0x00004000, 0x00084010, 0x40080000,
|
|
- 0x00080010, 0x40000010, 0x00000000, 0x00084000,
|
|
- 0x00004010, 0x40084000, 0x40080000, 0x00004010,
|
|
- 0x00000000, 0x00084010, 0x40080010, 0x00080000,
|
|
- 0x40004010, 0x40080000, 0x40084000, 0x00004000,
|
|
- 0x40080000, 0x40004000, 0x00000010, 0x40084010,
|
|
- 0x00084010, 0x00000010, 0x00004000, 0x40000000,
|
|
- 0x00004010, 0x40084000, 0x00080000, 0x40000010,
|
|
- 0x00080010, 0x40004010, 0x40000010, 0x00080010,
|
|
- 0x00084000, 0x00000000, 0x40004000, 0x00004010,
|
|
- 0x40000000, 0x40080010, 0x40084010, 0x00084000
|
|
- },
|
|
-};
|
|
diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h
|
|
deleted file mode 100644
|
|
index fc91b566c..000000000
|
|
--- a/src/lib/crypto/builtin/des/f_tables.h
|
|
+++ /dev/null
|
|
@@ -1,285 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/f_tables.h */
|
|
-/*
|
|
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/*
|
|
- * DES implementation donated by Dennis Ferguson
|
|
- */
|
|
-
|
|
-/*
|
|
- * des_tables.h - declarations to import the DES tables, used internally
|
|
- * by some of the library routines.
|
|
- */
|
|
-#ifndef __DES_TABLES_H__
|
|
-#define __DES_TABLES_H__ /* nothing */
|
|
-
|
|
-#include "k5-platform.h"
|
|
-/*
|
|
- * These may be declared const if you wish. Be sure to change the
|
|
- * declarations in des_tables.c as well.
|
|
- */
|
|
-extern const unsigned DES_INT32 des_IP_table[256];
|
|
-extern const unsigned DES_INT32 des_FP_table[256];
|
|
-extern const unsigned DES_INT32 des_SP_table[8][64];
|
|
-
|
|
-/*
|
|
- * Use standard shortforms to reference these to save typing
|
|
- */
|
|
-#define IP des_IP_table
|
|
-#define FP des_FP_table
|
|
-#define SP des_SP_table
|
|
-
|
|
-#ifdef DEBUG
|
|
-#define DEB(foofraw) printf foofraw
|
|
-#else
|
|
-#define DEB(foofraw) /* nothing */
|
|
-#endif
|
|
-
|
|
-/*
|
|
- * Code to do a DES round using the tables. Note that the E expansion
|
|
- * is easy to compute algorithmically, especially if done out-of-order.
|
|
- * Take a look at its form and compare it to everything involving temp
|
|
- * below. Since SP[0-7] don't have any bits in common set it is okay
|
|
- * to do the successive xor's.
|
|
- *
|
|
- * Note too that the SP table has been reordered to match the order of
|
|
- * the keys (if the original order of SP was 12345678, the reordered
|
|
- * table is 71354682). This is unnecessary, but was done since some
|
|
- * compilers seem to like you going through the matrix from beginning
|
|
- * to end.
|
|
- *
|
|
- * There is a difference in the best way to do this depending on whether
|
|
- * one is encrypting or decrypting. If encrypting we move forward through
|
|
- * the keys and hence should move forward through the table. If decrypting
|
|
- * we go back. Part of the need for this comes from trying to emulate
|
|
- * existing software which generates a single key schedule and uses it
|
|
- * both for encrypting and decrypting. Generating separate encryption
|
|
- * and decryption key schedules would allow one to use the same code
|
|
- * for both.
|
|
- *
|
|
- * left, right and temp should be unsigned DES_INT32 values. left and right
|
|
- * should be the high and low order parts of the cipher block at the
|
|
- * current stage of processing (this makes sense if you read the spec).
|
|
- * kp should be an unsigned DES_INT32 pointer which points at the current
|
|
- * set of subkeys in the key schedule. It is advanced to the next set
|
|
- * (i.e. by 8 bytes) when this is done.
|
|
- *
|
|
- * This occurs in the innermost loop of the DES function. The four
|
|
- * variables should really be in registers.
|
|
- *
|
|
- * When using this, the inner loop of the DES function might look like:
|
|
- *
|
|
- * for (i = 0; i < 8; i++) {
|
|
- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
|
|
- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
|
|
- * }
|
|
- *
|
|
- * Note the trick above. You are supposed to do 16 rounds, swapping
|
|
- * left and right at the end of each round. By doing two rounds at
|
|
- * a time and swapping left and right in the code we can avoid the
|
|
- * swaps altogether.
|
|
- */
|
|
-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \
|
|
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
|
|
- (left) ^= SP[0][((temp) >> 24) & 0x3f] \
|
|
- | SP[1][((temp) >> 16) & 0x3f] \
|
|
- | SP[2][((temp) >> 8) & 0x3f] \
|
|
- | SP[3][((temp) ) & 0x3f]; \
|
|
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
|
|
- (left) ^= SP[4][((temp) >> 24) & 0x3f] \
|
|
- | SP[5][((temp) >> 16) & 0x3f] \
|
|
- | SP[6][((temp) >> 8) & 0x3f] \
|
|
- | SP[7][((temp) ) & 0x3f]; \
|
|
- } while(0);
|
|
-
|
|
-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \
|
|
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
|
|
- (left) ^= SP[7][((temp) ) & 0x3f] \
|
|
- | SP[6][((temp) >> 8) & 0x3f] \
|
|
- | SP[5][((temp) >> 16) & 0x3f] \
|
|
- | SP[4][((temp) >> 24) & 0x3f]; \
|
|
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
|
|
- (left) ^= SP[3][((temp) ) & 0x3f] \
|
|
- | SP[2][((temp) >> 8) & 0x3f] \
|
|
- | SP[1][((temp) >> 16) & 0x3f] \
|
|
- | SP[0][((temp) >> 24) & 0x3f]; \
|
|
- } while (0);
|
|
-
|
|
-/*
|
|
- * Macros to help deal with the initial permutation table. Note
|
|
- * the IP table only deals with 32 bits at a time, allowing us to
|
|
- * collect the bits we need to deal with each half into an unsigned
|
|
- * DES_INT32. By carefully selecting how the bits are ordered we also
|
|
- * take advantages of symmetries in the table so that we can use a
|
|
- * single table to compute the permutation of all bytes. This sounds
|
|
- * complicated, but if you go through the process of designing the
|
|
- * table you'll find the symmetries fall right out.
|
|
- *
|
|
- * The follow macros compute the set of bits used to index the
|
|
- * table for produce the left and right permuted result.
|
|
- *
|
|
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
|
|
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
|
|
- * propagates the high-order bit in the shift.
|
|
- */
|
|
-#define DES_IP_LEFT_BITS(left, right) \
|
|
- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
|
|
-#define DES_IP_RIGHT_BITS(left, right) \
|
|
- (((left) & 0xaaaaaaaa) | \
|
|
- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
|
|
-
|
|
-/*
|
|
- * The following macro does an in-place initial permutation given
|
|
- * the current left and right parts of the block and a single
|
|
- * temporary. Use this more as a guide for rolling your own, though.
|
|
- * The best way to do the IP depends on the form of the data you
|
|
- * are dealing with. If you use this, though, try to make left,
|
|
- * right and temp unsigned DES_INT32s.
|
|
- */
|
|
-#define DES_INITIAL_PERM(left, right, temp) do { \
|
|
- (temp) = DES_IP_RIGHT_BITS((left), (right)); \
|
|
- (right) = DES_IP_LEFT_BITS((left), (right)); \
|
|
- (left) = IP[((right) >> 24) & 0xff] \
|
|
- | (IP[((right) >> 16) & 0xff] << 1) \
|
|
- | (IP[((right) >> 8) & 0xff] << 2) \
|
|
- | (IP[(right) & 0xff] << 3); \
|
|
- (right) = IP[((temp) >> 24) & 0xff] \
|
|
- | (IP[((temp) >> 16) & 0xff] << 1) \
|
|
- | (IP[((temp) >> 8) & 0xff] << 2) \
|
|
- | (IP[(temp) & 0xff] << 3); \
|
|
- } while(0);
|
|
-
|
|
-/*
|
|
- * Now the final permutation stuff. The same comments apply to
|
|
- * this as to the initial permutation, except that we use different
|
|
- * bits and shifts.
|
|
- *
|
|
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
|
|
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
|
|
- * propagates the high-order bit in the shift.
|
|
- */
|
|
-#define DES_FP_LEFT_BITS(left, right) \
|
|
- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
|
|
-#define DES_FP_RIGHT_BITS(left, right) \
|
|
- (((left) & 0xf0f0f0f0) | \
|
|
- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
|
|
-
|
|
-
|
|
-/*
|
|
- * Here is a sample final permutation. Note that there is a trick
|
|
- * here. DES requires swapping the left and right parts after the
|
|
- * last cipher round but before the final permutation. We do this
|
|
- * swapping internally, which is why left and right are confused
|
|
- * at the beginning.
|
|
- */
|
|
-#define DES_FINAL_PERM(left, right, temp) do { \
|
|
- (temp) = DES_FP_RIGHT_BITS((right), (left)); \
|
|
- (right) = DES_FP_LEFT_BITS((right), (left)); \
|
|
- (left) = (FP[((right) >> 24) & 0xff] << 6) \
|
|
- | (FP[((right) >> 16) & 0xff] << 4) \
|
|
- | (FP[((right) >> 8) & 0xff] << 2) \
|
|
- | FP[(right) & 0xff]; \
|
|
- (right) = (FP[((temp) >> 24) & 0xff] << 6) \
|
|
- | (FP[((temp) >> 16) & 0xff] << 4) \
|
|
- | (FP[((temp) >> 8) & 0xff] << 2) \
|
|
- | FP[temp & 0xff]; \
|
|
- } while(0);
|
|
-
|
|
-
|
|
-/*
|
|
- * Finally, as a sample of how all this might be held together, the
|
|
- * following two macros do in-place encryptions and decryptions. left
|
|
- * and right are two unsigned DES_INT32 variables which at the beginning
|
|
- * are expected to hold the clear (encrypted) block in host byte order
|
|
- * (left the high order four bytes, right the low order). At the end
|
|
- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32
|
|
- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at
|
|
- * the start of the key schedule. All these should be in registers.
|
|
- *
|
|
- * You can probably do better than these by rewriting for particular
|
|
- * situations. These aren't bad, though.
|
|
- *
|
|
- * The DEB macros enable debugging when this code breaks (typically
|
|
- * when a buggy compiler breaks it), by printing the intermediate values
|
|
- * at each stage of the encryption, so that by comparing the output to
|
|
- * a known good machine, the location of the first error can be found.
|
|
- */
|
|
-#define DES_DO_ENCRYPT_1(left, right, kp) \
|
|
- do { \
|
|
- int i; \
|
|
- unsigned DES_INT32 temp1; \
|
|
- DEB (("do_encrypt %8lX %8lX \n", left, right)); \
|
|
- DES_INITIAL_PERM((left), (right), (temp1)); \
|
|
- DEB ((" after IP %8lX %8lX\n", left, right)); \
|
|
- for (i = 0; i < 8; i++) { \
|
|
- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
|
|
- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
|
|
- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
|
|
- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
|
|
- } \
|
|
- DES_FINAL_PERM((left), (right), (temp1)); \
|
|
- (kp) -= (2 * 16); \
|
|
- DEB ((" after FP %8lX %8lX \n", left, right)); \
|
|
- } while (0)
|
|
-
|
|
-#define DES_DO_DECRYPT_1(left, right, kp) \
|
|
- do { \
|
|
- int i; \
|
|
- unsigned DES_INT32 temp2; \
|
|
- DES_INITIAL_PERM((left), (right), (temp2)); \
|
|
- (kp) += (2 * 16); \
|
|
- for (i = 0; i < 8; i++) { \
|
|
- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
|
|
- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
|
|
- } \
|
|
- DES_FINAL_PERM((left), (right), (temp2)); \
|
|
- } while (0)
|
|
-
|
|
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
|
|
-extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
|
|
- unsigned DES_INT32 *r,
|
|
- const unsigned DES_INT32 *k);
|
|
-extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
|
|
- unsigned DES_INT32 *r,
|
|
- const unsigned DES_INT32 *k);
|
|
-#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
|
|
-#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
|
|
-#else
|
|
-#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1
|
|
-#define DES_DO_DECRYPT DES_DO_DECRYPT_1
|
|
-#endif
|
|
-
|
|
-/*
|
|
- * These are handy dandy utility thingies for straightening out bytes.
|
|
- * Included here because they're used a couple of places.
|
|
- */
|
|
-#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
|
|
-#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
|
|
-
|
|
-/* Shorthand that we'll need in several places, for creating values that
|
|
- really can hold 32 bits regardless of the prevailing int size. */
|
|
-#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
|
|
-
|
|
-#endif /* __DES_TABLES_H__ */
|
|
diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c
|
|
deleted file mode 100644
|
|
index 87f02b6a9..000000000
|
|
--- a/src/lib/crypto/builtin/des/key_sched.c
|
|
+++ /dev/null
|
|
@@ -1,62 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/key_sched.c */
|
|
-/*
|
|
- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
|
|
- * of Technology.
|
|
- * All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/*
|
|
- * This routine computes the DES key schedule given a key. The
|
|
- * permutations and shifts have been done at compile time, resulting
|
|
- * in a direct one-step mapping from the input key to the key
|
|
- * schedule.
|
|
- *
|
|
- * Also checks parity and weak keys.
|
|
- *
|
|
- * Watch out for the subscripts -- most effectively start at 1 instead
|
|
- * of at zero. Maybe some bugs in that area.
|
|
- *
|
|
- * In case the user wants to cache the computed key schedule, it is
|
|
- * passed as an arg. Also implies that caller has explicit control
|
|
- * over zeroing both the key schedule and the key.
|
|
- *
|
|
- * Originally written 6/85 by Steve Miller, MIT Project Athena.
|
|
- */
|
|
-
|
|
-#include "k5-int.h"
|
|
-#include "des_int.h"
|
|
-
|
|
-int
|
|
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
|
|
-{
|
|
- mit_des_make_key_sched(k,schedule);
|
|
-
|
|
- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
|
|
- return(-1);
|
|
-
|
|
- if (mit_des_is_weak_key(k))
|
|
- return(-2);
|
|
-
|
|
- /* if key was good, return 0 */
|
|
- return 0;
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data
|
|
deleted file mode 100644
|
|
index 7ff34eedc..000000000
|
|
--- a/src/lib/crypto/builtin/des/keytest.data
|
|
+++ /dev/null
|
|
@@ -1,171 +0,0 @@
|
|
-0101010101010101 95F8A5E5DD31D900 8000000000000000
|
|
-0101010101010101 DD7F121CA5015619 4000000000000000
|
|
-0101010101010101 2E8653104F3834EA 2000000000000000
|
|
-0101010101010101 4BD388FF6CD81D4F 1000000000000000
|
|
-0101010101010101 20B9E767B2FB1456 0800000000000000
|
|
-0101010101010101 55579380D77138EF 0400000000000000
|
|
-0101010101010101 6CC5DEFAAF04512F 0200000000000000
|
|
-0101010101010101 0D9F279BA5D87260 0100000000000000
|
|
-0101010101010101 D9031B0271BD5A0A 0080000000000000
|
|
-0101010101010101 424250B37C3DD951 0040000000000000
|
|
-0101010101010101 B8061B7ECD9A21E5 0020000000000000
|
|
-0101010101010101 F15D0F286B65BD28 0010000000000000
|
|
-0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000
|
|
-0101010101010101 E6D5F82752AD63D1 0004000000000000
|
|
-0101010101010101 ECBFE3BD3F591A5E 0002000000000000
|
|
-0101010101010101 F356834379D165CD 0001000000000000
|
|
-0101010101010101 2B9F982F20037FA9 0000800000000000
|
|
-0101010101010101 889DE068A16F0BE6 0000400000000000
|
|
-0101010101010101 E19E275D846A1298 0000200000000000
|
|
-0101010101010101 329A8ED523D71AEC 0000100000000000
|
|
-0101010101010101 E7FCE22557D23C97 0000080000000000
|
|
-0101010101010101 12A9F5817FF2D65D 0000040000000000
|
|
-0101010101010101 A484C3AD38DC9C19 0000020000000000
|
|
-0101010101010101 FBE00A8A1EF8AD72 0000010000000000
|
|
-0101010101010101 750D079407521363 0000008000000000
|
|
-0101010101010101 64FEED9C724C2FAF 0000004000000000
|
|
-0101010101010101 F02B263B328E2B60 0000002000000000
|
|
-0101010101010101 9D64555A9A10B852 0000001000000000
|
|
-0101010101010101 D106FF0BED5255D7 0000000800000000
|
|
-0101010101010101 E1652C6B138C64A5 0000000400000000
|
|
-0101010101010101 E428581186EC8F46 0000000200000000
|
|
-0101010101010101 AEB5F5EDE22D1A36 0000000100000000
|
|
-0101010101010101 E943D7568AEC0C5C 0000000080000000
|
|
-0101010101010101 DF98C8276F54B04B 0000000040000000
|
|
-0101010101010101 B160E4680F6C696F 0000000020000000
|
|
-0101010101010101 FA0752B07D9C4AB8 0000000010000000
|
|
-0101010101010101 CA3A2B036DBC8502 0000000008000000
|
|
-0101010101010101 5E0905517BB59BCF 0000000004000000
|
|
-0101010101010101 814EEB3B91D90726 0000000002000000
|
|
-0101010101010101 4D49DB1532919C9F 0000000001000000
|
|
-0101010101010101 25EB5FC3F8CF0621 0000000000800000
|
|
-0101010101010101 AB6A20C0620D1C6F 0000000000400000
|
|
-0101010101010101 79E90DBC98F92CCA 0000000000200000
|
|
-0101010101010101 866ECEDD8072BB0E 0000000000100000
|
|
-0101010101010101 8B54536F2F3E64A8 0000000000080000
|
|
-0101010101010101 EA51D3975595B86B 0000000000040000
|
|
-0101010101010101 CAFFC6AC4542DE31 0000000000020000
|
|
-0101010101010101 8DD45A2DDF90796C 0000000000010000
|
|
-0101010101010101 1029D55E880EC2D0 0000000000008000
|
|
-0101010101010101 5D86CB23639DBEA9 0000000000004000
|
|
-0101010101010101 1D1CA853AE7C0C5F 0000000000002000
|
|
-0101010101010101 CE332329248F3228 0000000000001000
|
|
-0101010101010101 8405D1ABE24FB942 0000000000000800
|
|
-0101010101010101 E643D78090CA4207 0000000000000400
|
|
-0101010101010101 48221B9937748A23 0000000000000200
|
|
-0101010101010101 DD7C0BBD61FAFD54 0000000000000100
|
|
-0101010101010101 2FBC291A570DB5C4 0000000000000080
|
|
-0101010101010101 E07C30D7E4E26E12 0000000000000040
|
|
-0101010101010101 0953E2258E8E90A1 0000000000000020
|
|
-0101010101010101 5B711BC4CEEBF2EE 0000000000000010
|
|
-0101010101010101 CC083F1E6D9E85F6 0000000000000008
|
|
-0101010101010101 D2FD8867D50D2DFE 0000000000000004
|
|
-0101010101010101 06E7EA22CE92708F 0000000000000002
|
|
-0101010101010101 166B40B44ABA4BD6 0000000000000001
|
|
-8001010101010101 0000000000000000 95A8D72813DAA94D
|
|
-4001010101010101 0000000000000000 0EEC1487DD8C26D5
|
|
-2001010101010101 0000000000000000 7AD16FFB79C45926
|
|
-1001010101010101 0000000000000000 D3746294CA6A6CF3
|
|
-0801010101010101 0000000000000000 809F5F873C1FD761
|
|
-0401010101010101 0000000000000000 C02FAFFEC989D1FC
|
|
-0201010101010101 0000000000000000 4615AA1D33E72F10
|
|
-0180010101010101 0000000000000000 2055123350C00858
|
|
-0140010101010101 0000000000000000 DF3B99D6577397C8
|
|
-0120010101010101 0000000000000000 31FE17369B5288C9
|
|
-0110010101010101 0000000000000000 DFDD3CC64DAE1642
|
|
-0108010101010101 0000000000000000 178C83CE2B399D94
|
|
-0104010101010101 0000000000000000 50F636324A9B7F80
|
|
-0102010101010101 0000000000000000 A8468EE3BC18F06D
|
|
-0101800101010101 0000000000000000 A2DC9E92FD3CDE92
|
|
-0101400101010101 0000000000000000 CAC09F797D031287
|
|
-0101200101010101 0000000000000000 90BA680B22AEB525
|
|
-0101100101010101 0000000000000000 CE7A24F350E280B6
|
|
-0101080101010101 0000000000000000 882BFF0AA01A0B87
|
|
-0101040101010101 0000000000000000 25610288924511C2
|
|
-0101020101010101 0000000000000000 C71516C29C75D170
|
|
-0101018001010101 0000000000000000 5199C29A52C9F059
|
|
-0101014001010101 0000000000000000 C22F0A294A71F29F
|
|
-0101012001010101 0000000000000000 EE371483714C02EA
|
|
-0101011001010101 0000000000000000 A81FBD448F9E522F
|
|
-0101010801010101 0000000000000000 4F644C92E192DFED
|
|
-0101010401010101 0000000000000000 1AFA9A66A6DF92AE
|
|
-0101010201010101 0000000000000000 B3C1CC715CB879D8
|
|
-0101010180010101 0000000000000000 19D032E64AB0BD8B
|
|
-0101010140010101 0000000000000000 3CFAA7A7DC8720DC
|
|
-0101010120010101 0000000000000000 B7265F7F447AC6F3
|
|
-0101010110010101 0000000000000000 9DB73B3C0D163F54
|
|
-0101010108010101 0000000000000000 8181B65BABF4A975
|
|
-0101010104010101 0000000000000000 93C9B64042EAA240
|
|
-0101010102010101 0000000000000000 5570530829705592
|
|
-0101010101800101 0000000000000000 8638809E878787A0
|
|
-0101010101400101 0000000000000000 41B9A79AF79AC208
|
|
-0101010101200101 0000000000000000 7A9BE42F2009A892
|
|
-0101010101100101 0000000000000000 29038D56BA6D2745
|
|
-0101010101080101 0000000000000000 5495C6ABF1E5DF51
|
|
-0101010101040101 0000000000000000 AE13DBD561488933
|
|
-0101010101020101 0000000000000000 024D1FFA8904E389
|
|
-0101010101018001 0000000000000000 D1399712F99BF02E
|
|
-0101010101014001 0000000000000000 14C1D7C1CFFEC79E
|
|
-0101010101012001 0000000000000000 1DE5279DAE3BED6F
|
|
-0101010101011001 0000000000000000 E941A33F85501303
|
|
-0101010101010801 0000000000000000 DA99DBBC9A03F379
|
|
-0101010101010401 0000000000000000 B7FC92F91D8E92E9
|
|
-0101010101010201 0000000000000000 AE8E5CAA3CA04E85
|
|
-0101010101010180 0000000000000000 9CC62DF43B6EED74
|
|
-0101010101010140 0000000000000000 D863DBB5C59A91A0
|
|
-0101010101010120 0000000000000000 A1AB2190545B91D7
|
|
-0101010101010110 0000000000000000 0875041E64C570F7
|
|
-0101010101010108 0000000000000000 5A594528BEBEF1CC
|
|
-0101010101010104 0000000000000000 FCDB3291DE21F0C0
|
|
-0101010101010102 0000000000000000 869EFD7F9F265A09
|
|
-1046913489980131 0000000000000000 88D55E54F54C97B4
|
|
-1007103489988020 0000000000000000 0C0CC00C83EA48FD
|
|
-10071034C8980120 0000000000000000 83BC8EF3A6570183
|
|
-1046103489988020 0000000000000000 DF725DCAD94EA2E9
|
|
-1086911519190101 0000000000000000 E652B53B550BE8B0
|
|
-1086911519580101 0000000000000000 AF527120C485CBB0
|
|
-5107B01519580101 0000000000000000 0F04CE393DB926D5
|
|
-1007B01519190101 0000000000000000 C9F00FFC74079067
|
|
-3107915498080101 0000000000000000 7CFD82A593252B4E
|
|
-3107919498080101 0000000000000000 CB49A2F9E91363E3
|
|
-10079115B9080140 0000000000000000 00B588BE70D23F56
|
|
-3107911598080140 0000000000000000 406A9A6AB43399AE
|
|
-1007D01589980101 0000000000000000 6CB773611DCA9ADA
|
|
-9107911589980101 0000000000000000 67FD21C17DBB5D70
|
|
-9107D01589190101 0000000000000000 9592CB4110430787
|
|
-1007D01598980120 0000000000000000 A6B7FF68A318DDD3
|
|
-1007940498190101 0000000000000000 4D102196C914CA16
|
|
-0107910491190401 0000000000000000 2DFA9F4573594965
|
|
-0107910491190101 0000000000000000 B46604816C0E0774
|
|
-0107940491190401 0000000000000000 6E7E6221A4F34E87
|
|
-19079210981A0101 0000000000000000 AA85E74643233199
|
|
-1007911998190801 0000000000000000 2E5A19DB4D1962D6
|
|
-10079119981A0801 0000000000000000 23A866A809D30894
|
|
-1007921098190101 0000000000000000 D812D961F017D320
|
|
-100791159819010B 0000000000000000 055605816E58608F
|
|
-1004801598190101 0000000000000000 ABD88E8B1B7716F1
|
|
-1004801598190102 0000000000000000 537AC95BE69DA1E1
|
|
-1004801598190108 0000000000000000 AED0F6AE3C25CDD8
|
|
-1002911598100104 0000000000000000 B3E35A5EE53E7B8D
|
|
-1002911598190104 0000000000000000 61C79C71921A2EF8
|
|
-1002911598100201 0000000000000000 E2F5728F0995013C
|
|
-1002911698100101 0000000000000000 1AEAC39A61F0A464
|
|
-7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B
|
|
-0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271
|
|
-07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A
|
|
-3849674C2602319E 51454B582DDF440A 7178876E01F19B2A
|
|
-04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095
|
|
-0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B
|
|
-0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09
|
|
-43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A
|
|
-07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F
|
|
-04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088
|
|
-37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77
|
|
-1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A
|
|
-584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56
|
|
-025816164629B007 480D39006EE762F2 A1F9915541020B56
|
|
-49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556
|
|
-4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC
|
|
-49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A
|
|
-018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41
|
|
-1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793
|
|
diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c
|
|
deleted file mode 100644
|
|
index 4a19933ca..000000000
|
|
--- a/src/lib/crypto/builtin/des/t_verify.c
|
|
+++ /dev/null
|
|
@@ -1,395 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/t_verify.c */
|
|
-/*
|
|
- * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
|
|
- * All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-/*
|
|
- * Copyright (C) 1998 by the FundsXpress, INC.
|
|
- *
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may require
|
|
- * a specific license from the United States Government. It is the
|
|
- * responsibility of any person or organization contemplating export to
|
|
- * obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of FundsXpress. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. FundsXpress makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- *
|
|
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
- */
|
|
-
|
|
-/*
|
|
- *
|
|
- * Program to test the correctness of the DES library
|
|
- * implementation.
|
|
- *
|
|
- * exit returns 0 ==> success
|
|
- * -1 ==> error
|
|
- */
|
|
-
|
|
-#include "k5-int.h"
|
|
-#include "des_int.h"
|
|
-#include <stdio.h>
|
|
-#include "com_err.h"
|
|
-
|
|
-static void do_encrypt(unsigned char *, unsigned char *);
|
|
-static void do_decrypt(unsigned char *, unsigned char *);
|
|
-
|
|
-char *progname;
|
|
-int nflag = 2;
|
|
-int vflag;
|
|
-int mflag;
|
|
-int zflag;
|
|
-int pid;
|
|
-int mit_des_debug;
|
|
-
|
|
-unsigned char cipher_text[64];
|
|
-unsigned char clear_text[64] = "Now is the time for all " ;
|
|
-unsigned char clear_text2[64] = "7654321 Now is the time for ";
|
|
-unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
|
|
-unsigned char output[64];
|
|
-unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
|
|
-unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
|
|
-unsigned char *input;
|
|
-
|
|
-/* 0x0123456789abcdef */
|
|
-unsigned char default_key[8] = {
|
|
- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
|
|
-};
|
|
-unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
|
|
-unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
|
|
-mit_des_cblock s_key;
|
|
-unsigned char default_ivec[8] = {
|
|
- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
|
|
-};
|
|
-unsigned char *ivec;
|
|
-unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
|
|
-
|
|
-unsigned char cipher1[8] = {
|
|
- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
|
|
-};
|
|
-unsigned char cipher2[8] = {
|
|
- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
|
|
-};
|
|
-unsigned char cipher3[64] = {
|
|
- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
|
|
- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
|
|
- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
|
|
-};
|
|
-unsigned char checksum[8] = {
|
|
- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
|
|
-};
|
|
-
|
|
-unsigned char zresult[8] = {
|
|
- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
|
|
-};
|
|
-
|
|
-unsigned char mresult[8] = {
|
|
- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
|
|
-};
|
|
-
|
|
-
|
|
-/*
|
|
- * Can also add :
|
|
- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
|
|
- */
|
|
-
|
|
-mit_des_key_schedule sched;
|
|
-
|
|
-int
|
|
-main(argc,argv)
|
|
- int argc;
|
|
- char *argv[];
|
|
-{
|
|
- /* Local Declarations */
|
|
- size_t in_length;
|
|
- int retval;
|
|
- int i, j;
|
|
-
|
|
-#ifdef WINDOWS
|
|
- /* Set screen window buffer to infinite size -- MS default is tiny. */
|
|
- _wsetscreenbuf (fileno (stdout), _WINBUFINF);
|
|
-#endif
|
|
- progname=argv[0]; /* salt away invoking program */
|
|
-
|
|
- while (--argc > 0 && (*++argv)[0] == '-')
|
|
- for (i=1; argv[0][i] != '\0'; i++) {
|
|
- switch (argv[0][i]) {
|
|
-
|
|
- /* debug flag */
|
|
- case 'd':
|
|
- mit_des_debug=3;
|
|
- continue;
|
|
-
|
|
- case 'z':
|
|
- zflag = 1;
|
|
- continue;
|
|
-
|
|
- case 'm':
|
|
- mflag = 1;
|
|
- continue;
|
|
-
|
|
- default:
|
|
- printf("%s: illegal flag \"%c\" ",
|
|
- progname,argv[0][i]);
|
|
- exit(1);
|
|
- }
|
|
- };
|
|
-
|
|
- if (argc) {
|
|
- fprintf(stderr, "Usage: %s [-dmz]\n", progname);
|
|
- exit(1);
|
|
- }
|
|
-
|
|
- /* do some initialisation */
|
|
-
|
|
- /* use known input and key */
|
|
-
|
|
- /* ECB zero text zero key */
|
|
- if (zflag) {
|
|
- input = zero_text;
|
|
- mit_des_key_sched(zero_key, sched);
|
|
- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
|
|
- do_encrypt(input,cipher_text);
|
|
- printf("\tcipher = (low to high bytes)\n\t\t");
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02x ",cipher_text[j]);
|
|
- printf("\n");
|
|
- do_decrypt(output,cipher_text);
|
|
- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
|
|
- printf("verify: error in zero key test\n");
|
|
- exit(-1);
|
|
- }
|
|
-
|
|
- exit(0);
|
|
- }
|
|
-
|
|
- if (mflag) {
|
|
- input = msb_text;
|
|
- mit_des_key_sched(key3, sched);
|
|
- printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
|
|
- printf("key = 0x80 01 01 01 01 01 01 01\n");
|
|
- printf(" cipher = 0xa380e02a6be54696\n");
|
|
- do_encrypt(input,cipher_text);
|
|
- printf("\tcipher = (low to high bytes)\n\t\t");
|
|
- for (j = 0; j<=7; j++) {
|
|
- printf("%02x ",cipher_text[j]);
|
|
- }
|
|
- printf("\n");
|
|
- do_decrypt(output,cipher_text);
|
|
- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
|
|
- printf("verify: error in msb test\n");
|
|
- exit(-1);
|
|
- }
|
|
- exit(0);
|
|
- }
|
|
-
|
|
- /* ECB mode Davies and Price */
|
|
- {
|
|
- input = zero_text;
|
|
- mit_des_key_sched(key2, sched);
|
|
- printf("Examples per FIPS publication 81, keys ivs and cipher\n");
|
|
- printf("in hex. These are the correct answers, see below for\n");
|
|
- printf("the actual answers.\n\n");
|
|
- printf("Examples per Davies and Price.\n\n");
|
|
- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
|
|
- printf("\tclear = 0\n");
|
|
- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
|
|
- printf("ACTUAL ECB\n");
|
|
- printf("\tclear \"%s\"\n", input);
|
|
- do_encrypt(input,cipher_text);
|
|
- printf("\tcipher = (low to high bytes)\n\t\t");
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02x ",cipher_text[j]);
|
|
- printf("\n\n");
|
|
- do_decrypt(output,cipher_text);
|
|
- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
|
|
- printf("verify: error in ECB encryption\n");
|
|
- exit(-1);
|
|
- }
|
|
- else
|
|
- printf("verify: ECB encryption is correct\n\n");
|
|
- }
|
|
-
|
|
- /* ECB mode */
|
|
- {
|
|
- mit_des_key_sched(default_key, sched);
|
|
- input = clear_text;
|
|
- ivec = default_ivec;
|
|
- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
|
|
- printf("\tclear = \"Now is the time for all \"\n");
|
|
- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
|
|
- printf("ACTUAL ECB\n\tclear \"%s\"",input);
|
|
- do_encrypt(input,cipher_text);
|
|
- printf("\n\tcipher = (low to high bytes)\n\t\t");
|
|
- for (j = 0; j<=7; j++) {
|
|
- printf("%02x ",cipher_text[j]);
|
|
- }
|
|
- printf("\n\n");
|
|
- do_decrypt(output,cipher_text);
|
|
- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
|
|
- printf("verify: error in ECB encryption\n");
|
|
- exit(-1);
|
|
- }
|
|
- else
|
|
- printf("verify: ECB encryption is correct\n\n");
|
|
- }
|
|
-
|
|
- /* CBC mode */
|
|
- printf("EXAMPLE CBC\tkey = 0123456789abcdef");
|
|
- printf("\tiv = 1234567890abcdef\n");
|
|
- printf("\tclear = \"Now is the time for all \"\n");
|
|
- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
|
|
- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
|
|
- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
|
|
-
|
|
- printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
|
|
- in_length = strlen((char *)input);
|
|
- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
|
|
- (mit_des_cblock *) cipher_text,
|
|
- (size_t) in_length,
|
|
- sched,
|
|
- ivec,
|
|
- MIT_DES_ENCRYPT))) {
|
|
- com_err("des verify", retval, "can't encrypt");
|
|
- exit(-1);
|
|
- }
|
|
- printf("\tciphertext = (low to high bytes)\n");
|
|
- for (i = 0; i <= 2; i++) {
|
|
- printf("\t\t");
|
|
- for (j = 0; j <= 7; j++) {
|
|
- printf("%02x ",cipher_text[i*8+j]);
|
|
- }
|
|
- printf("\n");
|
|
- }
|
|
- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
|
|
- (mit_des_cblock *) clear_text,
|
|
- (size_t) in_length,
|
|
- sched,
|
|
- ivec,
|
|
- MIT_DES_DECRYPT))) {
|
|
- com_err("des verify", retval, "can't decrypt");
|
|
- exit(-1);
|
|
- }
|
|
- printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
|
|
-
|
|
- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
|
|
- printf("verify: error in CBC encryption\n");
|
|
- exit(-1);
|
|
- }
|
|
- else
|
|
- printf("verify: CBC encryption is correct\n\n");
|
|
-
|
|
- printf("EXAMPLE CBC checksum");
|
|
- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
|
|
- printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
|
|
- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
|
|
- printf("or some part thereof\n");
|
|
- input = clear_text2;
|
|
- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
|
|
- sched,ivec);
|
|
- printf("ACTUAL CBC checksum\n");
|
|
- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02x ",cipher_text[j]);
|
|
- printf("\n\n");
|
|
- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
|
|
- printf("verify: error in CBC checksum\n");
|
|
- exit(-1);
|
|
- }
|
|
- else
|
|
- printf("verify: CBC checksum is correct\n\n");
|
|
-
|
|
- exit(0);
|
|
-}
|
|
-
|
|
-static void
|
|
-do_encrypt(in,out)
|
|
- unsigned char *in;
|
|
- unsigned char *out;
|
|
-{
|
|
- int i, j;
|
|
- for (i =1; i<=nflag; i++) {
|
|
- mit_des_cbc_encrypt((const mit_des_cblock *)in,
|
|
- (mit_des_cblock *)out,
|
|
- 8,
|
|
- sched,
|
|
- zero_text,
|
|
- MIT_DES_ENCRYPT);
|
|
- if (mit_des_debug) {
|
|
- printf("\nclear %s\n",in);
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02X ",in[j] & 0xff);
|
|
- printf("\tcipher ");
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02X ",out[j] & 0xff);
|
|
- }
|
|
- }
|
|
-}
|
|
-
|
|
-static void
|
|
-do_decrypt(in,out)
|
|
- unsigned char *out;
|
|
- unsigned char *in;
|
|
- /* try to invert it */
|
|
-{
|
|
- int i, j;
|
|
- for (i =1; i<=nflag; i++) {
|
|
- mit_des_cbc_encrypt((const mit_des_cblock *)out,
|
|
- (mit_des_cblock *)in,
|
|
- 8,
|
|
- sched,
|
|
- zero_text,
|
|
- MIT_DES_DECRYPT);
|
|
- if (mit_des_debug) {
|
|
- printf("clear %s\n",in);
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02X ",in[j] & 0xff);
|
|
- printf("\tcipher ");
|
|
- for (j = 0; j<=7; j++)
|
|
- printf("%02X ",out[j] & 0xff);
|
|
- }
|
|
- }
|
|
-}
|
|
-
|
|
-/*
|
|
- * Fake out the DES library, for the purposes of testing.
|
|
- */
|
|
-
|
|
-int
|
|
-mit_des_is_weak_key(key)
|
|
- mit_des_cblock key;
|
|
-{
|
|
- return 0; /* fake it out for testing */
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c
|
|
deleted file mode 100644
|
|
index eb41b267d..000000000
|
|
--- a/src/lib/crypto/builtin/des/weak_key.c
|
|
+++ /dev/null
|
|
@@ -1,86 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/builtin/des/weak_key.c */
|
|
-/*
|
|
- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
|
|
- * All Rights Reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-/*
|
|
- * Under U.S. law, this software may not be exported outside the US
|
|
- * without license from the U.S. Commerce department.
|
|
- *
|
|
- * These routines form the library interface to the DES facilities.
|
|
- *
|
|
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
|
|
- */
|
|
-
|
|
-#include "k5-int.h"
|
|
-#include "des_int.h"
|
|
-
|
|
-/*
|
|
- * The following are the weak DES keys:
|
|
- */
|
|
-static const mit_des_cblock weak[16] = {
|
|
- /* weak keys */
|
|
- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
|
|
- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
|
|
- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
|
|
- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
|
|
-
|
|
- /* semi-weak */
|
|
- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
|
|
- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
|
|
-
|
|
- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
|
|
- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
|
|
-
|
|
- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
|
|
- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
|
|
-
|
|
- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
|
|
- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
|
|
-
|
|
- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
|
|
- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
|
|
-
|
|
- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
|
|
- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
|
|
-};
|
|
-
|
|
-/*
|
|
- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
|
|
- *
|
|
- * Requires: key has correct odd parity.
|
|
- */
|
|
-int
|
|
-mit_des_is_weak_key(mit_des_cblock key)
|
|
-{
|
|
- unsigned int i;
|
|
- const mit_des_cblock *weak_p = weak;
|
|
-
|
|
- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
|
|
- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
|
|
- return 1;
|
|
- }
|
|
-
|
|
- return 0;
|
|
-}
|
|
diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in
|
|
index 3459e1d0e..af6276b96 100644
|
|
--- a/src/lib/crypto/builtin/enc_provider/Makefile.in
|
|
+++ b/src/lib/crypto/builtin/enc_provider/Makefile.in
|
|
@@ -1,7 +1,6 @@
|
|
mydir=lib$(S)crypto$(S)builtin$(S)enc_provider
|
|
BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
|
|
-LOCALINCLUDES = -I$(srcdir)/../des \
|
|
- -I$(srcdir)/../aes \
|
|
+LOCALINCLUDES = -I$(srcdir)/../aes \
|
|
-I$(srcdir)/../camellia \
|
|
-I$(srcdir)/../../krb \
|
|
-I$(srcdir)/..
|
|
@@ -11,19 +10,16 @@ LOCALINCLUDES = -I$(srcdir)/../des \
|
|
##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst
|
|
|
|
STLIBOBJS= \
|
|
- des3.o \
|
|
rc4.o \
|
|
aes.o \
|
|
camellia.o
|
|
|
|
OBJS= \
|
|
- $(OUTPRE)des3.$(OBJEXT) \
|
|
$(OUTPRE)aes.$(OBJEXT) \
|
|
$(OUTPRE)camellia.$(OBJEXT) \
|
|
$(OUTPRE)rc4.$(OBJEXT)
|
|
|
|
SRCS= \
|
|
- $(srcdir)/des3.c \
|
|
$(srcdir)/aes.c \
|
|
$(srcdir)/camellia.c \
|
|
$(srcdir)/rc4.c
|
|
diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps
|
|
index ea4ffecd8..061289a91 100644
|
|
--- a/src/lib/crypto/builtin/enc_provider/deps
|
|
+++ b/src/lib/crypto/builtin/enc_provider/deps
|
|
@@ -1,19 +1,6 @@
|
|
#
|
|
# Generated makefile dependencies follow.
|
|
#
|
|
-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
|
|
- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
|
|
- $(srcdir)/../crypto_mod.h $(srcdir)/../des/des_int.h \
|
|
- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des3.c
|
|
aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
|
|
diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c
|
|
deleted file mode 100644
|
|
index 9b8244223..000000000
|
|
--- a/src/lib/crypto/builtin/enc_provider/des3.c
|
|
+++ /dev/null
|
|
@@ -1,105 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/*
|
|
- * Copyright (C) 1998 by the FundsXpress, INC.
|
|
- *
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may require
|
|
- * a specific license from the United States Government. It is the
|
|
- * responsibility of any person or organization contemplating export to
|
|
- * obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of FundsXpress. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. FundsXpress makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- *
|
|
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-#include "des_int.h"
|
|
-
|
|
-static krb5_error_code
|
|
-validate_and_schedule(krb5_key key, const krb5_data *ivec,
|
|
- const krb5_crypto_iov *data, size_t num_data,
|
|
- mit_des3_key_schedule *schedule)
|
|
-{
|
|
- if (key->keyblock.length != 24)
|
|
- return(KRB5_BAD_KEYSIZE);
|
|
- if (iov_total_length(data, num_data, FALSE) % 8 != 0)
|
|
- return(KRB5_BAD_MSIZE);
|
|
- if (ivec && (ivec->length != 8))
|
|
- return(KRB5_BAD_MSIZE);
|
|
-
|
|
- switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
|
|
- *schedule)) {
|
|
- case -1:
|
|
- return(KRB5DES_BAD_KEYPAR);
|
|
- case -2:
|
|
- return(KRB5DES_WEAK_KEY);
|
|
- }
|
|
- return 0;
|
|
-}
|
|
-
|
|
-static krb5_error_code
|
|
-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
|
|
- size_t num_data)
|
|
-{
|
|
- mit_des3_key_schedule schedule;
|
|
- krb5_error_code err;
|
|
-
|
|
- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
|
|
- if (err)
|
|
- return err;
|
|
-
|
|
- /* this has a return value, but the code always returns zero */
|
|
- krb5int_des3_cbc_encrypt(data, num_data,
|
|
- schedule[0], schedule[1], schedule[2],
|
|
- ivec != NULL ? (unsigned char *) ivec->data :
|
|
- NULL);
|
|
-
|
|
- zap(schedule, sizeof(schedule));
|
|
-
|
|
- return(0);
|
|
-}
|
|
-
|
|
-static krb5_error_code
|
|
-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
|
|
- size_t num_data)
|
|
-{
|
|
- mit_des3_key_schedule schedule;
|
|
- krb5_error_code err;
|
|
-
|
|
- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
|
|
- if (err)
|
|
- return err;
|
|
-
|
|
- /* this has a return value, but the code always returns zero */
|
|
- krb5int_des3_cbc_decrypt(data, num_data,
|
|
- schedule[0], schedule[1], schedule[2],
|
|
- ivec != NULL ? (unsigned char *) ivec->data :
|
|
- NULL);
|
|
-
|
|
- zap(schedule, sizeof(schedule));
|
|
-
|
|
- return 0;
|
|
-}
|
|
-
|
|
-const struct krb5_enc_provider krb5int_enc_des3 = {
|
|
- 8,
|
|
- 21, 24,
|
|
- k5_des3_encrypt,
|
|
- k5_des3_decrypt,
|
|
- NULL,
|
|
- krb5int_des_init_state,
|
|
- krb5int_default_free_state
|
|
-};
|
|
diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected
|
|
index f8251a16c..bc6aa50c8 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_cf2.expected
|
|
+++ b/src/lib/crypto/crypto_tests/t_cf2.expected
|
|
@@ -1,6 +1,5 @@
|
|
97df97e4b798b29eb31ed7280287a92a
|
|
4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
|
|
-e58f9eb643862c13ad38e529313462a7f73e62834fe54a01
|
|
24d7f6b6bae4e5c00d2082c5ebab3672
|
|
edd02a39d2dbde31611c16e610be062c
|
|
67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584
|
|
diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in
|
|
index 73e2f8fbc..c4d23b506 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_cf2.in
|
|
+++ b/src/lib/crypto/crypto_tests/t_cf2.in
|
|
@@ -8,11 +8,6 @@ key1
|
|
key2
|
|
a
|
|
b
|
|
-16
|
|
-key1
|
|
-key2
|
|
-a
|
|
-b
|
|
23
|
|
key1
|
|
key2
|
|
diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
|
|
index 8297fcbf5..3063d12ec 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_cksums.c
|
|
+++ b/src/lib/crypto/crypto_tests/t_cksums.c
|
|
@@ -59,16 +59,6 @@ struct test {
|
|
"\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90"
|
|
"\xAF\xD8\x07\x09" }
|
|
},
|
|
- {
|
|
- { KV5M_DATA, 9, "six seven" },
|
|
- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
|
|
- { KV5M_DATA, 24,
|
|
- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
|
|
- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
|
|
- { KV5M_DATA, 20,
|
|
- "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6"
|
|
- "\x99\x08\x2B\xB4" }
|
|
- },
|
|
{
|
|
{ KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" },
|
|
CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
|
|
diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c
|
|
index a40a85500..716f2c337 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_decrypt.c
|
|
+++ b/src/lib/crypto/crypto_tests/t_decrypt.c
|
|
@@ -39,62 +39,6 @@ struct test {
|
|
krb5_data keybits;
|
|
krb5_data ciphertext;
|
|
} test_cases[] = {
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 0, "", }, 0,
|
|
- { KV5M_DATA, 24,
|
|
- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
|
|
- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
|
|
- { KV5M_DATA, 28,
|
|
- "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B"
|
|
- "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" }
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 1, "1", }, 1,
|
|
- { KV5M_DATA, 24,
|
|
- "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6"
|
|
- "\x40\x45\x23\x85\x32\x29\x62\xB6" },
|
|
- { KV5M_DATA, 36,
|
|
- "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3"
|
|
- "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56"
|
|
- "\x66\x09\x45\xC7" }
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 9, "9 bytesss", }, 2,
|
|
- { KV5M_DATA, 24,
|
|
- "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85"
|
|
- "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" },
|
|
- { KV5M_DATA, 44,
|
|
- "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7"
|
|
- "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44"
|
|
- "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" }
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 13, "13 bytes byte", }, 3,
|
|
- { KV5M_DATA, 24,
|
|
- "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51"
|
|
- "\x76\xE3\x98\x13\x32\xF1\xE5\x98" },
|
|
- { KV5M_DATA, 44,
|
|
- "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C"
|
|
- "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8"
|
|
- "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" }
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4,
|
|
- { KV5M_DATA, 24,
|
|
- "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20"
|
|
- "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" },
|
|
- { KV5M_DATA, 60,
|
|
- "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5"
|
|
- "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40"
|
|
- "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C"
|
|
- "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" }
|
|
- },
|
|
-
|
|
{
|
|
ENCTYPE_ARCFOUR_HMAC,
|
|
{ KV5M_DATA, 0, "", }, 0,
|
|
@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len)
|
|
|
|
static krb5_enctype
|
|
enctypes[] = {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
ENCTYPE_ARCFOUR_HMAC,
|
|
ENCTYPE_ARCFOUR_HMAC_EXP,
|
|
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c
|
|
index afbf7477f..93ce30da2 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_derive.c
|
|
+++ b/src/lib/crypto/crypto_tests/t_derive.c
|
|
@@ -38,41 +38,6 @@ struct test {
|
|
enum deriv_alg alg;
|
|
krb5_data expected_key;
|
|
} test_cases[] = {
|
|
- /* Kc, Ke, Kei for a DES3 key */
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 24,
|
|
- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
|
|
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
|
|
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
|
|
- DERIVE_RFC3961,
|
|
- { KV5M_DATA, 24,
|
|
- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
|
|
- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 24,
|
|
- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
|
|
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
|
|
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
|
|
- DERIVE_RFC3961,
|
|
- { KV5M_DATA, 24,
|
|
- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
|
|
- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- { KV5M_DATA, 24,
|
|
- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
|
|
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
|
|
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
|
|
- DERIVE_RFC3961,
|
|
- { KV5M_DATA, 24,
|
|
- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
|
|
- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
|
|
- },
|
|
-
|
|
/* Kc, Ke, Ki for an AES-128 key */
|
|
{
|
|
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
@@ -286,7 +251,6 @@ static const struct krb5_enc_provider *
|
|
get_enc_provider(krb5_enctype enctype)
|
|
{
|
|
switch (enctype) {
|
|
- case ENCTYPE_DES3_CBC_SHA1: return &krb5int_enc_des3;
|
|
case ENCTYPE_AES128_CTS_HMAC_SHA1_96: return &krb5int_enc_aes128;
|
|
case ENCTYPE_AES256_CTS_HMAC_SHA1_96: return &krb5int_enc_aes256;
|
|
case ENCTYPE_CAMELLIA128_CTS_CMAC: return &krb5int_enc_camellia128;
|
|
diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c
|
|
index bd9b94691..290a72e1e 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_encrypt.c
|
|
+++ b/src/lib/crypto/crypto_tests/t_encrypt.c
|
|
@@ -37,7 +37,6 @@
|
|
|
|
/* What enctypes should we test?*/
|
|
krb5_enctype interesting_enctypes[] = {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
ENCTYPE_ARCFOUR_HMAC,
|
|
ENCTYPE_ARCFOUR_HMAC_EXP,
|
|
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
|
diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c
|
|
index d4c2b97df..4466b7115 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_short.c
|
|
+++ b/src/lib/crypto/crypto_tests/t_short.c
|
|
@@ -34,7 +34,6 @@
|
|
#include "k5-int.h"
|
|
|
|
krb5_enctype interesting_enctypes[] = {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
ENCTYPE_ARCFOUR_HMAC,
|
|
ENCTYPE_ARCFOUR_HMAC_EXP,
|
|
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
|
diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
|
|
index cdb1acc6d..ef4c4a7d3 100644
|
|
--- a/src/lib/crypto/crypto_tests/t_str2key.c
|
|
+++ b/src/lib/crypto/crypto_tests/t_str2key.c
|
|
@@ -35,58 +35,6 @@ struct test {
|
|
krb5_error_code expected_err;
|
|
krb5_boolean allow_weak;
|
|
} test_cases[] = {
|
|
- /* Test vectors from RFC 3961 appendix A.4. */
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- "password",
|
|
- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" },
|
|
- { KV5M_DATA, 0, NULL },
|
|
- { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C"
|
|
- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
|
|
- 0,
|
|
- FALSE
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- "potatoe",
|
|
- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" },
|
|
- { KV5M_DATA, 0, NULL },
|
|
- { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37"
|
|
- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" },
|
|
- 0,
|
|
- FALSE
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- "penny",
|
|
- { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" },
|
|
- { KV5M_DATA, 0, NULL },
|
|
- { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA"
|
|
- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" },
|
|
- 0,
|
|
- FALSE
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- "\xC3\x9F",
|
|
- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" },
|
|
- { KV5M_DATA, 0, NULL },
|
|
- { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0"
|
|
- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" },
|
|
- 0,
|
|
- FALSE
|
|
- },
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
- "\xF0\x9D\x84\x9E",
|
|
- { KV5M_DATA, 18, "EXAMPLE.COMpianist" },
|
|
- { KV5M_DATA, 0, NULL },
|
|
- { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E"
|
|
- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" },
|
|
- 0,
|
|
- FALSE
|
|
- },
|
|
-
|
|
/* Test vectors from RFC 3962 appendix B. */
|
|
{
|
|
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
|
|
index b74e6f7cc..2b0c4163d 100644
|
|
--- a/src/lib/crypto/krb/Makefile.in
|
|
+++ b/src/lib/crypto/krb/Makefile.in
|
|
@@ -50,7 +50,6 @@ STLIBOBJS=\
|
|
prf.o \
|
|
prf_aes2.o \
|
|
prf_cmac.o \
|
|
- prf_des.o \
|
|
prf_dk.o \
|
|
prf_rc4.o \
|
|
prng.o \
|
|
@@ -109,7 +108,6 @@ OBJS=\
|
|
$(OUTPRE)prf.$(OBJEXT) \
|
|
$(OUTPRE)prf_aes2.$(OBJEXT) \
|
|
$(OUTPRE)prf_cmac.$(OBJEXT) \
|
|
- $(OUTPRE)prf_des.$(OBJEXT) \
|
|
$(OUTPRE)prf_dk.$(OBJEXT) \
|
|
$(OUTPRE)prf_rc4.$(OBJEXT) \
|
|
$(OUTPRE)prng.$(OBJEXT) \
|
|
@@ -168,7 +166,6 @@ SRCS=\
|
|
$(srcdir)/prf.c \
|
|
$(srcdir)/prf_aes2.c \
|
|
$(srcdir)/prf_cmac.c \
|
|
- $(srcdir)/prf_des.c \
|
|
$(srcdir)/prf_dk.c \
|
|
$(srcdir)/prf_rc4.c \
|
|
$(srcdir)/prng.c \
|
|
diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c
|
|
index ecc2e08c9..f5fbe8a2a 100644
|
|
--- a/src/lib/crypto/krb/cksumtypes.c
|
|
+++ b/src/lib/crypto/krb/cksumtypes.c
|
|
@@ -46,12 +46,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = {
|
|
krb5int_unkeyed_checksum, NULL,
|
|
20, 20, CKSUM_UNKEYED },
|
|
|
|
- { CKSUMTYPE_HMAC_SHA1_DES3,
|
|
- "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key",
|
|
- &krb5int_enc_des3, &krb5int_hash_sha1,
|
|
- krb5int_dk_checksum, NULL,
|
|
- 20, 20, 0 },
|
|
-
|
|
{ CKSUMTYPE_HMAC_MD5_ARCFOUR,
|
|
"hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" },
|
|
"Microsoft HMAC MD5",
|
|
diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
|
|
index 19f808749..4bc430c7a 100644
|
|
--- a/src/lib/crypto/krb/crypto_int.h
|
|
+++ b/src/lib/crypto/krb/crypto_int.h
|
|
@@ -276,10 +276,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc,
|
|
/* Random to key */
|
|
krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
|
|
krb5_keyblock *keyblock);
|
|
-krb5_error_code k5_rand2key_des(const krb5_data *randombits,
|
|
- krb5_keyblock *keyblock);
|
|
-krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
|
|
- krb5_keyblock *keyblock);
|
|
|
|
/* Pseudo-random function */
|
|
krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
|
|
@@ -368,11 +364,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage);
|
|
/* Ensure library initialization has occurred. */
|
|
int krb5int_crypto_init(void);
|
|
|
|
-/* DES default state initialization handler (used by module enc providers). */
|
|
-krb5_error_code krb5int_des_init_state(const krb5_keyblock *key,
|
|
- krb5_keyusage keyusage,
|
|
- krb5_data *state_out);
|
|
-
|
|
/* Default state cleanup handler (used by module enc providers). */
|
|
void krb5int_default_free_state(krb5_data *state);
|
|
|
|
@@ -425,7 +416,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block);
|
|
/* Modules must implement the k5_sha256() function prototyped in k5-int.h. */
|
|
|
|
/* Modules must implement the following enc_providers and hash_providers: */
|
|
-extern const struct krb5_enc_provider krb5int_enc_des3;
|
|
extern const struct krb5_enc_provider krb5int_enc_arcfour;
|
|
extern const struct krb5_enc_provider krb5int_enc_aes128;
|
|
extern const struct krb5_enc_provider krb5int_enc_aes256;
|
|
@@ -442,12 +432,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384;
|
|
|
|
/* Modules must implement the following functions. */
|
|
|
|
-/* Set the parity bits to the correct values in keybits. */
|
|
-void k5_des_fixup_key_parity(unsigned char *keybits);
|
|
-
|
|
-/* Return true if keybits is a weak or semi-weak DES key. */
|
|
-krb5_boolean k5_des_is_weak_key(unsigned char *keybits);
|
|
-
|
|
/* Compute an HMAC using the provided hash function, key, and data, storing the
|
|
* result into output (caller-allocated). */
|
|
krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
|
|
diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c
|
|
index 0757c8b02..f89dc7902 100644
|
|
--- a/src/lib/crypto/krb/default_state.c
|
|
+++ b/src/lib/crypto/krb/default_state.c
|
|
@@ -32,16 +32,6 @@
|
|
|
|
#include "crypto_int.h"
|
|
|
|
-krb5_error_code
|
|
-krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage,
|
|
- krb5_data *state_out)
|
|
-{
|
|
- if (alloc_data(state_out, 8))
|
|
- return ENOMEM;
|
|
-
|
|
- return 0;
|
|
-}
|
|
-
|
|
void
|
|
krb5int_default_free_state(krb5_data *state)
|
|
{
|
|
diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
|
|
index 1542d4062..a0037912a 100644
|
|
--- a/src/lib/crypto/krb/enctype_util.c
|
|
+++ b/src/lib/crypto/krb/enctype_util.c
|
|
@@ -45,6 +45,9 @@ struct {
|
|
{ ENCTYPE_DES_CBC_MD5, "des-cbc-md5" },
|
|
{ ENCTYPE_DES_CBC_RAW, "des-cbc-raw" },
|
|
{ ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" },
|
|
+ { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" },
|
|
+ { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" },
|
|
+ { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" },
|
|
{ ENCTYPE_NULL, NULL }
|
|
};
|
|
|
|
diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
|
|
index fc278783b..7635393a4 100644
|
|
--- a/src/lib/crypto/krb/etypes.c
|
|
+++ b/src/lib/crypto/krb/etypes.c
|
|
@@ -35,27 +35,6 @@
|
|
|
|
/* Deprecations come from RFC 6649 and RFC 8249. */
|
|
const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
- { ENCTYPE_DES3_CBC_RAW,
|
|
- "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
|
|
- &krb5int_enc_des3, NULL,
|
|
- 16,
|
|
- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt,
|
|
- krb5int_dk_string_to_key, k5_rand2key_des3,
|
|
- NULL, /*PRF*/
|
|
- 0,
|
|
- ETYPE_WEAK | ETYPE_DEPRECATED, 112 },
|
|
-
|
|
- { ENCTYPE_DES3_CBC_SHA1,
|
|
- "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
|
|
- "Triple DES cbc mode with HMAC/sha1",
|
|
- &krb5int_enc_des3, &krb5int_hash_sha1,
|
|
- 16,
|
|
- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt,
|
|
- krb5int_dk_string_to_key, k5_rand2key_des3,
|
|
- krb5int_dk_prf,
|
|
- CKSUMTYPE_HMAC_SHA1_DES3,
|
|
- ETYPE_DEPRECATED, 112 },
|
|
-
|
|
/* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we
|
|
* consider its strength degraded and assign it an SSF value of 64. */
|
|
{ ENCTYPE_ARCFOUR_HMAC,
|
|
diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c
|
|
deleted file mode 100644
|
|
index 7a2d719c5..000000000
|
|
--- a/src/lib/crypto/krb/prf_des.c
|
|
+++ /dev/null
|
|
@@ -1,47 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */
|
|
-/*
|
|
- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-
|
|
-krb5_error_code
|
|
-krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
|
|
- const krb5_data *in, krb5_data *out)
|
|
-{
|
|
- const struct krb5_hash_provider *hash = &krb5int_hash_md5;
|
|
- krb5_crypto_iov iov;
|
|
- krb5_error_code ret;
|
|
-
|
|
- /* Compute a hash of the input, storing into the output buffer. */
|
|
- iov.flags = KRB5_CRYPTO_TYPE_DATA;
|
|
- iov.data = *in;
|
|
- ret = hash->hash(&iov, 1, out);
|
|
- if (ret != 0)
|
|
- return ret;
|
|
-
|
|
- /* Encrypt the hash in place. */
|
|
- iov.data = *out;
|
|
- return ktp->enc->encrypt(key, NULL, &iov, 1);
|
|
-}
|
|
diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c
|
|
index 157462526..863090beb 100644
|
|
--- a/src/lib/crypto/krb/random_to_key.c
|
|
+++ b/src/lib/crypto/krb/random_to_key.c
|
|
@@ -71,48 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock)
|
|
memcpy(keyblock->contents, randombits->data, randombits->length);
|
|
return 0;
|
|
}
|
|
-
|
|
-static inline void
|
|
-eighth_byte(unsigned char *b)
|
|
-{
|
|
- b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) |
|
|
- ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) |
|
|
- ((b[6] & 1) << 7));
|
|
-}
|
|
-
|
|
-krb5_error_code
|
|
-k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock)
|
|
-{
|
|
- if (randombits->length != 7)
|
|
- return(KRB5_CRYPTO_INTERNAL);
|
|
-
|
|
- keyblock->magic = KV5M_KEYBLOCK;
|
|
-
|
|
- /* Take the seven bytes, move them around into the top 7 bits of the
|
|
- * 8 key bytes, then compute the parity bits. */
|
|
- memcpy(keyblock->contents, randombits->data, randombits->length);
|
|
- eighth_byte(keyblock->contents);
|
|
- k5_des_fixup_key_parity(keyblock->contents);
|
|
-
|
|
- return 0;
|
|
-}
|
|
-
|
|
-krb5_error_code
|
|
-k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock)
|
|
-{
|
|
- int i;
|
|
-
|
|
- if (randombits->length != 21)
|
|
- return KRB5_CRYPTO_INTERNAL;
|
|
-
|
|
- keyblock->magic = KV5M_KEYBLOCK;
|
|
-
|
|
- /* Take the seven bytes, move them around into the top 7 bits of the
|
|
- * 8 key bytes, then compute the parity bits. Do this three times. */
|
|
- for (i = 0; i < 3; i++) {
|
|
- memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7);
|
|
- eighth_byte(&keyblock->contents[i * 8]);
|
|
- k5_des_fixup_key_parity(&keyblock->contents[i * 8]);
|
|
- }
|
|
- return 0;
|
|
-}
|
|
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
|
|
index d6cc1b423..f44cb9170 100644
|
|
--- a/src/lib/crypto/libk5crypto.exports
|
|
+++ b/src/lib/crypto/libk5crypto.exports
|
|
@@ -86,7 +86,6 @@ krb5_k_verify_checksum
|
|
krb5_k_verify_checksum_iov
|
|
krb5int_aes_encrypt
|
|
krb5int_aes_decrypt
|
|
-krb5int_enc_des3
|
|
krb5int_arcfour_gsscrypt
|
|
krb5int_camellia_cbc_mac
|
|
krb5int_cmac_checksum
|
|
diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in
|
|
index aa434b168..234fc0e76 100644
|
|
--- a/src/lib/crypto/openssl/Makefile.in
|
|
+++ b/src/lib/crypto/openssl/Makefile.in
|
|
@@ -1,6 +1,6 @@
|
|
mydir=lib$(S)crypto$(S)openssl
|
|
BUILDTOP=$(REL)..$(S)..$(S)..
|
|
-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
|
|
+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
|
|
LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
|
|
|
|
STLIBOBJS=\
|
|
@@ -24,14 +24,14 @@ SRCS=\
|
|
$(srcdir)/sha256.c \
|
|
$(srcdir)/stubs.c
|
|
|
|
-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
|
|
+STOBJLISTS= md4/OBJS.ST \
|
|
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
|
|
enc_provider/OBJS.ST \
|
|
hash_provider/OBJS.ST \
|
|
aes/OBJS.ST \
|
|
OBJS.ST
|
|
|
|
-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
|
|
+SUBDIROBJLISTS= md4/OBJS.ST \
|
|
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
|
|
enc_provider/OBJS.ST \
|
|
hash_provider/OBJS.ST \
|
|
@@ -42,7 +42,7 @@ includes: depend
|
|
|
|
depend: $(SRCS)
|
|
|
|
-clean-unix:: clean-libobjs
|
|
+clean-unix:: clean-libobjsn
|
|
|
|
@lib_frag@
|
|
@libobj_frag@
|
|
diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in
|
|
deleted file mode 100644
|
|
index 4392fb8ea..000000000
|
|
--- a/src/lib/crypto/openssl/des/Makefile.in
|
|
+++ /dev/null
|
|
@@ -1,20 +0,0 @@
|
|
-mydir=lib$(S)crypto$(S)openssl$(S)des
|
|
-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
|
|
-LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
|
|
-
|
|
-STLIBOBJS= des_keys.o
|
|
-
|
|
-OBJS= $(OUTPRE)des_keys.$(OBJEXT)
|
|
-
|
|
-SRCS= $(srcdir)/des_keys.c
|
|
-
|
|
-all-unix: all-libobjs
|
|
-
|
|
-includes: depend
|
|
-
|
|
-depend: $(SRCS)
|
|
-
|
|
-clean-unix:: clean-libobjs
|
|
-
|
|
-@libobj_frag@
|
|
-
|
|
diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps
|
|
deleted file mode 100644
|
|
index 21b904f89..000000000
|
|
--- a/src/lib/crypto/openssl/des/deps
|
|
+++ /dev/null
|
|
@@ -1,15 +0,0 @@
|
|
-#
|
|
-# Generated makefile dependencies follow.
|
|
-#
|
|
-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
|
|
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
|
|
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
|
|
- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
|
|
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
|
|
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
|
|
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
|
|
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
|
|
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
|
|
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
|
|
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
|
|
- des_keys.c
|
|
diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c
|
|
deleted file mode 100644
|
|
index 51d9db216..000000000
|
|
--- a/src/lib/crypto/openssl/des/des_keys.c
|
|
+++ /dev/null
|
|
@@ -1,40 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */
|
|
-/*
|
|
- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-#include <openssl/des.h>
|
|
-
|
|
-void
|
|
-k5_des_fixup_key_parity(unsigned char *keybits)
|
|
-{
|
|
- DES_set_odd_parity((DES_cblock *)keybits);
|
|
-}
|
|
-
|
|
-krb5_boolean
|
|
-k5_des_is_weak_key(unsigned char *keybits)
|
|
-{
|
|
- return DES_is_weak_key((DES_cblock *)keybits);
|
|
-}
|
|
diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in
|
|
index a9069d22d..2b32c3ac4 100644
|
|
--- a/src/lib/crypto/openssl/enc_provider/Makefile.in
|
|
+++ b/src/lib/crypto/openssl/enc_provider/Makefile.in
|
|
@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
|
|
LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
|
|
|
|
STLIBOBJS= \
|
|
- des3.o \
|
|
rc4.o \
|
|
aes.o \
|
|
camellia.o
|
|
|
|
OBJS= \
|
|
- $(OUTPRE)des3.$(OBJEXT) \
|
|
$(OUTPRE)aes.$(OBJEXT) \
|
|
$(OUTPRE)camellia.$(OBJEXT) \
|
|
$(OUTPRE)rc4.$(OBJEXT)
|
|
|
|
SRCS= \
|
|
- $(srcdir)/des3.c \
|
|
$(srcdir)/aes.c \
|
|
$(srcdir)/camellia.c \
|
|
$(srcdir)/rc4.c
|
|
diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps
|
|
index 1c28cc842..91ba48234 100644
|
|
--- a/src/lib/crypto/openssl/enc_provider/deps
|
|
+++ b/src/lib/crypto/openssl/enc_provider/deps
|
|
@@ -1,17 +1,6 @@
|
|
#
|
|
# Generated makefile dependencies follow.
|
|
#
|
|
-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
|
|
- $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
|
|
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
|
|
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
|
|
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
|
|
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
|
|
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
|
|
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
|
|
- $(top_srcdir)/include/socket-utils.h des3.c
|
|
aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
|
|
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
|
|
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
|
|
diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c
|
|
deleted file mode 100644
|
|
index 1c439c2cd..000000000
|
|
--- a/src/lib/crypto/openssl/enc_provider/des3.c
|
|
+++ /dev/null
|
|
@@ -1,184 +0,0 @@
|
|
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
-/* lib/crypto/openssl/enc_provider/des3.c */
|
|
-/*
|
|
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may
|
|
- * require a specific license from the United States Government.
|
|
- * It is the responsibility of any person or organization contemplating
|
|
- * export to obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of M.I.T. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. Furthermore if you modify this software you must label
|
|
- * your software as modified software and not distribute it in such a
|
|
- * fashion that it might be confused with the original M.I.T. software.
|
|
- * M.I.T. makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- */
|
|
-/*
|
|
- * Copyright (C) 1998 by the FundsXpress, INC.
|
|
- *
|
|
- * All rights reserved.
|
|
- *
|
|
- * Export of this software from the United States of America may require
|
|
- * a specific license from the United States Government. It is the
|
|
- * responsibility of any person or organization contemplating export to
|
|
- * obtain such a license before exporting.
|
|
- *
|
|
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
- * distribute this software and its documentation for any purpose and
|
|
- * without fee is hereby granted, provided that the above copyright
|
|
- * notice appear in all copies and that both that copyright notice and
|
|
- * this permission notice appear in supporting documentation, and that
|
|
- * the name of FundsXpress. not be used in advertising or publicity pertaining
|
|
- * to distribution of the software without specific, written prior
|
|
- * permission. FundsXpress makes no representations about the suitability of
|
|
- * this software for any purpose. It is provided "as is" without express
|
|
- * or implied warranty.
|
|
- *
|
|
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
- */
|
|
-
|
|
-#include "crypto_int.h"
|
|
-#include <openssl/evp.h>
|
|
-
|
|
-
|
|
-#define DES3_BLOCK_SIZE 8
|
|
-#define DES3_KEY_SIZE 24
|
|
-#define DES3_KEY_BYTES 21
|
|
-
|
|
-static krb5_error_code
|
|
-validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
|
|
- size_t num_data, krb5_boolean *empty)
|
|
-{
|
|
- size_t input_length = iov_total_length(data, num_data, FALSE);
|
|
-
|
|
- if (key->keyblock.length != DES3_KEY_SIZE)
|
|
- return(KRB5_BAD_KEYSIZE);
|
|
- if ((input_length%DES3_BLOCK_SIZE) != 0)
|
|
- return(KRB5_BAD_MSIZE);
|
|
- if (ivec && (ivec->length != 8))
|
|
- return(KRB5_BAD_MSIZE);
|
|
-
|
|
- *empty = (input_length == 0);
|
|
- return 0;
|
|
-}
|
|
-
|
|
-static krb5_error_code
|
|
-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
|
|
- size_t num_data)
|
|
-{
|
|
- int ret, olen = DES3_BLOCK_SIZE;
|
|
- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
|
|
- struct iov_cursor cursor;
|
|
- EVP_CIPHER_CTX *ctx;
|
|
- krb5_boolean empty;
|
|
-
|
|
- ret = validate(key, ivec, data, num_data, &empty);
|
|
- if (ret != 0 || empty)
|
|
- return ret;
|
|
-
|
|
- ctx = EVP_CIPHER_CTX_new();
|
|
- if (ctx == NULL)
|
|
- return ENOMEM;
|
|
-
|
|
- ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
|
|
- key->keyblock.contents,
|
|
- (ivec) ? (unsigned char*)ivec->data : NULL);
|
|
- if (!ret) {
|
|
- EVP_CIPHER_CTX_free(ctx);
|
|
- return KRB5_CRYPTO_INTERNAL;
|
|
- }
|
|
-
|
|
- EVP_CIPHER_CTX_set_padding(ctx,0);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
|
|
- while (k5_iov_cursor_get(&cursor, iblock)) {
|
|
- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE);
|
|
- if (!ret)
|
|
- break;
|
|
- k5_iov_cursor_put(&cursor, oblock);
|
|
- }
|
|
-
|
|
- if (ivec != NULL)
|
|
- memcpy(ivec->data, oblock, DES3_BLOCK_SIZE);
|
|
-
|
|
- EVP_CIPHER_CTX_free(ctx);
|
|
-
|
|
- zap(iblock, sizeof(iblock));
|
|
- zap(oblock, sizeof(oblock));
|
|
-
|
|
- if (ret != 1)
|
|
- return KRB5_CRYPTO_INTERNAL;
|
|
- return 0;
|
|
-}
|
|
-
|
|
-static krb5_error_code
|
|
-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
|
|
- size_t num_data)
|
|
-{
|
|
- int ret, olen = DES3_BLOCK_SIZE;
|
|
- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
|
|
- struct iov_cursor cursor;
|
|
- EVP_CIPHER_CTX *ctx;
|
|
- krb5_boolean empty;
|
|
-
|
|
- ret = validate(key, ivec, data, num_data, &empty);
|
|
- if (ret != 0 || empty)
|
|
- return ret;
|
|
-
|
|
- ctx = EVP_CIPHER_CTX_new();
|
|
- if (ctx == NULL)
|
|
- return ENOMEM;
|
|
-
|
|
- ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
|
|
- key->keyblock.contents,
|
|
- (ivec) ? (unsigned char*)ivec->data : NULL);
|
|
- if (!ret) {
|
|
- EVP_CIPHER_CTX_free(ctx);
|
|
- return KRB5_CRYPTO_INTERNAL;
|
|
- }
|
|
-
|
|
- EVP_CIPHER_CTX_set_padding(ctx,0);
|
|
-
|
|
- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
|
|
- while (k5_iov_cursor_get(&cursor, iblock)) {
|
|
- ret = EVP_DecryptUpdate(ctx, oblock, &olen,
|
|
- (unsigned char *)iblock, DES3_BLOCK_SIZE);
|
|
- if (!ret)
|
|
- break;
|
|
- k5_iov_cursor_put(&cursor, oblock);
|
|
- }
|
|
-
|
|
- if (ivec != NULL)
|
|
- memcpy(ivec->data, iblock, DES3_BLOCK_SIZE);
|
|
-
|
|
- EVP_CIPHER_CTX_free(ctx);
|
|
-
|
|
- zap(iblock, sizeof(iblock));
|
|
- zap(oblock, sizeof(oblock));
|
|
-
|
|
- if (ret != 1)
|
|
- return KRB5_CRYPTO_INTERNAL;
|
|
- return 0;
|
|
-}
|
|
-
|
|
-const struct krb5_enc_provider krb5int_enc_des3 = {
|
|
- DES3_BLOCK_SIZE,
|
|
- DES3_KEY_BYTES, DES3_KEY_SIZE,
|
|
- k5_des3_encrypt,
|
|
- k5_des3_decrypt,
|
|
- NULL,
|
|
- krb5int_des_init_state,
|
|
- krb5int_default_free_state
|
|
-};
|
|
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
|
|
index 75f071c3e..fcf2c2152 100644
|
|
--- a/src/lib/gssapi/krb5/accept_sec_context.c
|
|
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
|
|
@@ -1039,7 +1039,6 @@ kg_accept_krb5(minor_status, context_handle,
|
|
}
|
|
|
|
switch (negotiated_etype) {
|
|
- case ENCTYPE_DES3_CBC_SHA1:
|
|
case ENCTYPE_ARCFOUR_HMAC:
|
|
case ENCTYPE_ARCFOUR_HMAC_EXP:
|
|
/* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer"
|
|
diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
|
|
index a7e0e63ec..3bacdcd35 100644
|
|
--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
|
|
+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
|
|
@@ -125,14 +125,14 @@ enum sgn_alg {
|
|
/* SGN_ALG_DES_MAC = 0x0002, */
|
|
/* SGN_ALG_3 = 0x0003, /\* not published *\/ */
|
|
SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */
|
|
- SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004
|
|
+ /* SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 */
|
|
};
|
|
enum seal_alg {
|
|
SEAL_ALG_NONE = 0xffff,
|
|
/* SEAL_ALG_DES = 0x0000, */
|
|
/* SEAL_ALG_1 = 0x0001, /\* not published *\/ */
|
|
SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */
|
|
- SEAL_ALG_DES3KD = 0x0002
|
|
+ /* SEAL_ALG_DES3KD = 0x0002 */
|
|
};
|
|
|
|
/* for 3DES */
|
|
@@ -153,7 +153,7 @@ enum qop {
|
|
GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004,
|
|
GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff,
|
|
/* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */
|
|
- GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200,
|
|
+ /* GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, */
|
|
GSS_KRB5_CONF_C_QOP_MASK = 0xff00
|
|
};
|
|
|
|
diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c
|
|
index d1cdce486..7f7146a0a 100644
|
|
--- a/src/lib/gssapi/krb5/k5seal.c
|
|
+++ b/src/lib/gssapi/krb5/k5seal.c
|
|
@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context,
|
|
|
|
/* pad the plaintext, encrypt if needed, and stick it in the token */
|
|
|
|
- /* initialize the the checksum */
|
|
- switch (signalg) {
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
|
|
- break;
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
- if (toktype != KG_TOK_SEAL_MSG)
|
|
- sign_usage = 15;
|
|
- break;
|
|
- default:
|
|
- abort ();
|
|
- }
|
|
+ if (signalg != SGN_ALG_HMAC_MD5)
|
|
+ abort();
|
|
+
|
|
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
+ if (toktype != KG_TOK_SEAL_MSG)
|
|
+ sign_usage = 15;
|
|
|
|
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
|
|
if (code) {
|
|
@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context,
|
|
gssalloc_free(t);
|
|
return(code);
|
|
}
|
|
- switch(signalg) {
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- /*
|
|
- * Using key derivation, the call to krb5_c_make_checksum
|
|
- * already dealt with encrypting.
|
|
- */
|
|
- if (md5cksum.length != cksum_size)
|
|
- abort ();
|
|
- memcpy (ptr+14, md5cksum.contents, md5cksum.length);
|
|
- break;
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- memcpy (ptr+14, md5cksum.contents, cksum_size);
|
|
- break;
|
|
- }
|
|
+
|
|
+ memcpy (ptr+14, md5cksum.contents, cksum_size);
|
|
|
|
krb5_free_checksum_contents(context, &md5cksum);
|
|
|
|
diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c
|
|
index 9bb2ee109..9147bb2c7 100644
|
|
--- a/src/lib/gssapi/krb5/k5sealiov.c
|
|
+++ b/src/lib/gssapi/krb5/k5sealiov.c
|
|
@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context,
|
|
/* pad the plaintext, encrypt if needed, and stick it in the token */
|
|
|
|
/* initialize the checksum */
|
|
- switch (ctx->signalg) {
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
|
|
- break;
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
- if (toktype != KG_TOK_WRAP_MSG)
|
|
- sign_usage = 15;
|
|
- break;
|
|
- default:
|
|
- abort ();
|
|
- }
|
|
+ if (ctx->signalg != SGN_ALG_HMAC_MD5)
|
|
+ abort();
|
|
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
+ if (toktype != KG_TOK_WRAP_MSG)
|
|
+ sign_usage = 15;
|
|
|
|
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen);
|
|
if (code != 0)
|
|
@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context,
|
|
if (code != 0)
|
|
goto cleanup;
|
|
|
|
- switch (ctx->signalg) {
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- assert(md5cksum.length == ctx->cksum_size);
|
|
- memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
|
|
- break;
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
|
|
- break;
|
|
- }
|
|
+ memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
|
|
|
|
/* create the seq_num */
|
|
code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF,
|
|
diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c
|
|
index 9b183bc33..f0cc4a680 100644
|
|
--- a/src/lib/gssapi/krb5/k5unseal.c
|
|
+++ b/src/lib/gssapi/krb5/k5unseal.c
|
|
@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
|
|
but few enough that we can try them all. */
|
|
|
|
if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
|
|
- (ctx->sealalg == SEAL_ALG_DES3KD &&
|
|
- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
|
|
(ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
|
|
signalg != SGN_ALG_HMAC_MD5)) {
|
|
*minor_status = 0;
|
|
return GSS_S_DEFECTIVE_TOKEN;
|
|
}
|
|
|
|
- switch (signalg) {
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- cksum_len = 8;
|
|
- if (toktype != KG_TOK_SEAL_MSG)
|
|
- sign_usage = 15;
|
|
- break;
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- cksum_len = 20;
|
|
- break;
|
|
- default:
|
|
+ if (signalg != SGN_ALG_HMAC_MD5) {
|
|
*minor_status = 0;
|
|
return GSS_S_DEFECTIVE_TOKEN;
|
|
}
|
|
|
|
+ cksum_len = 8;
|
|
+ if (toktype != KG_TOK_SEAL_MSG)
|
|
+ sign_usage = 15;
|
|
+
|
|
if ((size_t)bodysize < 14 + cksum_len) {
|
|
*minor_status = 0;
|
|
return GSS_S_DEFECTIVE_TOKEN;
|
|
@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
|
|
/* compute the checksum of the message */
|
|
|
|
/* initialize the the cksum */
|
|
- switch (signalg) {
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
- break;
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
|
|
- break;
|
|
- default:
|
|
- abort ();
|
|
- }
|
|
+ if (signalg != SGN_ALG_HMAC_MD5)
|
|
+ abort();
|
|
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
|
|
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
|
|
if (code)
|
|
return(code);
|
|
md5cksum.length = sumlen;
|
|
|
|
- switch (signalg) {
|
|
- default:
|
|
+ if (signalg != SGN_ALG_HMAC_MD5) {
|
|
*minor_status = 0;
|
|
return(GSS_S_DEFECTIVE_TOKEN);
|
|
-
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- /* compute the checksum of the message */
|
|
-
|
|
- /* 8 = bytes of token body to be checksummed according to spec */
|
|
-
|
|
- if (! (data_ptr = xmalloc(8 + plainlen))) {
|
|
- if (sealalg != 0xffff)
|
|
- xfree(plain);
|
|
- if (toktype == KG_TOK_SEAL_MSG)
|
|
- gssalloc_free(token.value);
|
|
- *minor_status = ENOMEM;
|
|
- return(GSS_S_FAILURE);
|
|
- }
|
|
-
|
|
- (void) memcpy(data_ptr, ptr-2, 8);
|
|
-
|
|
- (void) memcpy(data_ptr+8, plain, plainlen);
|
|
-
|
|
- plaind.length = 8 + plainlen;
|
|
- plaind.data = data_ptr;
|
|
- code = krb5_k_make_checksum(context, md5cksum.checksum_type,
|
|
- ctx->seq, sign_usage,
|
|
- &plaind, &md5cksum);
|
|
- xfree(data_ptr);
|
|
-
|
|
- if (code) {
|
|
- if (toktype == KG_TOK_SEAL_MSG)
|
|
- gssalloc_free(token.value);
|
|
- *minor_status = code;
|
|
- return(GSS_S_FAILURE);
|
|
- }
|
|
-
|
|
- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
|
|
- break;
|
|
}
|
|
|
|
+ /* compute the checksum of the message */
|
|
+
|
|
+ /* 8 = bytes of token body to be checksummed according to spec */
|
|
+
|
|
+ if (! (data_ptr = xmalloc(8 + plainlen))) {
|
|
+ if (sealalg != 0xffff)
|
|
+ xfree(plain);
|
|
+ if (toktype == KG_TOK_SEAL_MSG)
|
|
+ gssalloc_free(token.value);
|
|
+ *minor_status = ENOMEM;
|
|
+ return(GSS_S_FAILURE);
|
|
+ }
|
|
+
|
|
+ (void) memcpy(data_ptr, ptr-2, 8);
|
|
+
|
|
+ (void) memcpy(data_ptr+8, plain, plainlen);
|
|
+
|
|
+ plaind.length = 8 + plainlen;
|
|
+ plaind.data = data_ptr;
|
|
+ code = krb5_k_make_checksum(context, md5cksum.checksum_type,
|
|
+ ctx->seq, sign_usage,
|
|
+ &plaind, &md5cksum);
|
|
+ xfree(data_ptr);
|
|
+
|
|
+ if (code) {
|
|
+ if (toktype == KG_TOK_SEAL_MSG)
|
|
+ gssalloc_free(token.value);
|
|
+ *minor_status = code;
|
|
+ return(GSS_S_FAILURE);
|
|
+ }
|
|
+
|
|
+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
|
|
+
|
|
krb5_free_checksum_contents(context, &md5cksum);
|
|
if (sealalg != 0xffff)
|
|
xfree(plain);
|
|
diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c
|
|
index 85a9574f3..3ce2a90ce 100644
|
|
--- a/src/lib/gssapi/krb5/k5unsealiov.c
|
|
+++ b/src/lib/gssapi/krb5/k5unsealiov.c
|
|
@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context,
|
|
}
|
|
|
|
if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
|
|
- (ctx->sealalg == SEAL_ALG_DES3KD &&
|
|
- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
|
|
(ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
|
|
signalg != SGN_ALG_HMAC_MD5)) {
|
|
*minor_status = 0;
|
|
return GSS_S_DEFECTIVE_TOKEN;
|
|
}
|
|
|
|
- switch (signalg) {
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- cksum_len = 8;
|
|
- if (toktype != KG_TOK_WRAP_MSG)
|
|
- sign_usage = 15;
|
|
- break;
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- cksum_len = 20;
|
|
- break;
|
|
- default:
|
|
+ if (signalg != SGN_ALG_HMAC_MD5) {
|
|
*minor_status = 0;
|
|
return GSS_S_DEFECTIVE_TOKEN;
|
|
}
|
|
|
|
+ cksum_len = 8;
|
|
+ if (toktype != KG_TOK_WRAP_MSG)
|
|
+ sign_usage = 15;
|
|
+
|
|
/* get the token parameters */
|
|
code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction,
|
|
&seqnum);
|
|
@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context,
|
|
|
|
/* initialize the checksum */
|
|
|
|
- switch (signalg) {
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
- break;
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
|
|
- break;
|
|
- default:
|
|
+ if (signalg != SGN_ALG_HMAC_MD5)
|
|
abort();
|
|
- }
|
|
+
|
|
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
|
|
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
|
|
if (code != 0) {
|
|
@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context,
|
|
goto cleanup;
|
|
}
|
|
|
|
- switch (signalg) {
|
|
- case SGN_ALG_HMAC_SHA1_DES3_KD:
|
|
- case SGN_ALG_HMAC_MD5:
|
|
- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
|
|
- break;
|
|
- default:
|
|
+ if (signalg != SGN_ALG_HMAC_MD5) {
|
|
code = 0;
|
|
retval = GSS_S_DEFECTIVE_TOKEN;
|
|
goto cleanup;
|
|
- break;
|
|
}
|
|
|
|
+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
|
|
if (code != 0) {
|
|
code = 0;
|
|
retval = GSS_S_BAD_SIG;
|
|
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
|
|
index 84f194988..32150f5e3 100644
|
|
--- a/src/lib/gssapi/krb5/util_crypt.c
|
|
+++ b/src/lib/gssapi/krb5/util_crypt.c
|
|
@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey,
|
|
return code;
|
|
|
|
switch (subkey->keyblock.enctype) {
|
|
- case ENCTYPE_DES3_CBC_SHA1:
|
|
- code = kg_copy_keys(context, ctx, subkey);
|
|
- if (code != 0)
|
|
- return code;
|
|
-
|
|
- ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
|
|
- ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
|
|
- ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
|
|
- ctx->cksum_size = 20;
|
|
- ctx->sealalg = SEAL_ALG_DES3KD;
|
|
- break;
|
|
case ENCTYPE_ARCFOUR_HMAC:
|
|
case ENCTYPE_ARCFOUR_HMAC_EXP:
|
|
/* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype,
|
|
diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
|
|
index 740425c69..6b45f5f72 100644
|
|
--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
|
|
+++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
|
|
@@ -53,10 +53,10 @@ proc test200 {} {
|
|
}
|
|
|
|
# XXX Perhaps I should actually check the key type returned.
|
|
- if {$num_keys == 5} {
|
|
+ if {$num_keys == 4} {
|
|
pass "$test"
|
|
} else {
|
|
- fail "$test: $num_keys keys, should be 5"
|
|
+ fail "$test: $num_keys keys, should be 4"
|
|
}
|
|
if { ! [cmd {kadm5_destroy $server_handle}]} {
|
|
perror "$test: unexpected failure in destroy"
|
|
diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
|
|
index 3ea1ba29b..d2c6d1afa 100644
|
|
--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
|
|
+++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
|
|
@@ -143,8 +143,8 @@ proc test101_102 {rpc} {
|
|
}
|
|
|
|
set failed 0
|
|
- if {$num_keys != 5} {
|
|
- fail "$test: num_keys $num_keys should be 5"
|
|
+ if {$num_keys != 4} {
|
|
+ fail "$test: num_keys $num_keys should be 4"
|
|
set failed 1
|
|
}
|
|
for {set i 0} {$i < $num_keys} {incr i} {
|
|
diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
|
|
index 2925c1c43..2f76c8b43 100644
|
|
--- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
|
|
+++ b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
|
|
@@ -46,10 +46,10 @@ proc test100 {} {
|
|
}
|
|
|
|
# XXX Perhaps I should actually check the key type returned.
|
|
- if {$num_keys == 5} {
|
|
+ if {$num_keys == 4} {
|
|
pass "$test"
|
|
} else {
|
|
- fail "$test: $num_keys keys, should be 5"
|
|
+ fail "$test: $num_keys keys, should be 4"
|
|
}
|
|
if { ! [cmd {kadm5_destroy $server_handle}]} {
|
|
perror "$test: unexpected failure in destroy"
|
|
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
|
|
index aa35baa3c..bfa99d9eb 100644
|
|
--- a/src/lib/krb5/krb/init_ctx.c
|
|
+++ b/src/lib/krb5/krb/init_ctx.c
|
|
@@ -59,7 +59,6 @@
|
|
static krb5_enctype default_enctype_list[] = {
|
|
ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
|
|
- ENCTYPE_DES3_CBC_SHA1,
|
|
ENCTYPE_ARCFOUR_HMAC,
|
|
ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC,
|
|
0
|
|
@@ -467,8 +466,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey,
|
|
/* Set all enctypes in the default list. */
|
|
for (i = 0; default_list[i]; i++)
|
|
mod_list(default_list[i], sel, weak, &list);
|
|
- } else if (strcasecmp(token, "des3") == 0) {
|
|
- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list);
|
|
} else if (strcasecmp(token, "aes") == 0) {
|
|
mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list);
|
|
mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list);
|
|
diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c
|
|
index 44d113e7c..966278578 100644
|
|
--- a/src/lib/krb5/krb/s4u_creds.c
|
|
+++ b/src/lib/krb5/krb/s4u_creds.c
|
|
@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context,
|
|
assert(req_s4u_user != NULL);
|
|
|
|
switch (subkey->enctype) {
|
|
- case ENCTYPE_DES3_CBC_SHA1:
|
|
- case ENCTYPE_DES3_CBC_RAW:
|
|
case ENCTYPE_ARCFOUR_HMAC:
|
|
case ENCTYPE_ARCFOUR_HMAC_EXP :
|
|
not_newer = TRUE;
|
|
diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c
|
|
index 90c9f626c..935aca12f 100644
|
|
--- a/src/lib/krb5/krb/t_etypes.c
|
|
+++ b/src/lib/krb5/krb/t_etypes.c
|
|
@@ -50,17 +50,6 @@ static struct {
|
|
{ ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
|
|
0, 0
|
|
},
|
|
- /* Family followed by enctype */
|
|
- { "aes des3-cbc-sha1-kd",
|
|
- { 0 },
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
|
|
- ENCTYPE_DES3_CBC_SHA1, 0 },
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
|
|
- ENCTYPE_DES3_CBC_SHA1, 0 },
|
|
- 0, 0
|
|
- },
|
|
/* Family with enctype removed */
|
|
{ "camellia -camellia256-cts-cmac",
|
|
{ 0 },
|
|
@@ -69,46 +58,15 @@ static struct {
|
|
},
|
|
/* Default set with family added and enctype removed */
|
|
{ "DEFAULT +aes -arcfour-hmac-md5",
|
|
- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 },
|
|
- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
|
+ { ENCTYPE_ARCFOUR_HMAC, 0 },
|
|
+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
|
ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
|
|
ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 },
|
|
- { ENCTYPE_DES3_CBC_SHA1,
|
|
- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
|
|
0 },
|
|
0, 0
|
|
},
|
|
- /* Default set with families removed and enctypes added (one redundant) */
|
|
- { "DEFAULT -des3 rc4-hmac rc4-hmac-exp",
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 },
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_ARCFOUR_HMAC, 0 },
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 },
|
|
- 0, 0
|
|
- },
|
|
- /* Default set with family moved to front */
|
|
- { "des3 +DEFAULT",
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_DES3_CBC_SHA1, 0 },
|
|
- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
|
|
- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
|
- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
|
|
- 0, 0
|
|
- },
|
|
- /* Two families with default set removed (exotic case), enctype added */
|
|
- { "aes +rc4 -DEFaulT des3-hmac-sha1",
|
|
- { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1,
|
|
- ENCTYPE_ARCFOUR_HMAC, 0 },
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
|
|
- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
|
|
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
|
|
- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
|
|
- 0, 0
|
|
- },
|
|
/* Test krb5_set_default_in_tkt_ktypes */
|
|
{ NULL,
|
|
{ ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
|
|
diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c
|
|
index 10ba8d0ac..24064ffcf 100644
|
|
--- a/src/lib/krb5/os/t_trace.c
|
|
+++ b/src/lib/krb5/os/t_trace.c
|
|
@@ -65,8 +65,8 @@ main (int argc, char *argv[])
|
|
krb5_principal princ = &principal_data;
|
|
krb5_pa_data padata, padata2, **padatap;
|
|
krb5_enctype enctypes[4] = {
|
|
- ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN,
|
|
- ENCTYPE_NULL};
|
|
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP,
|
|
+ ENCTYPE_UNKNOWN, ENCTYPE_NULL};
|
|
krb5_ccache ccache;
|
|
krb5_keytab keytab;
|
|
krb5_creds creds;
|
|
diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref
|
|
index 044a66999..98fb14f3f 100644
|
|
--- a/src/lib/krb5/os/t_trace.ref
|
|
+++ b/src/lib/krb5/os/t_trace.ref
|
|
@@ -41,7 +41,7 @@ int, krb5_principal type: ?
|
|
krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0
|
|
krb5_pa_data **, display list of padata type numbers: (empty)
|
|
krb5_enctype, display shortest name of enctype: aes128-cts
|
|
-krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511
|
|
+krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511
|
|
krb5_enctype *, display list of enctypes: (empty)
|
|
krb5_ccache, display type:name: FILE:/path/to/ccache
|
|
krb5_keytab, display name: FILE:/etc/krb5.keytab
|
|
diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h
|
|
index e3d284631..586661bb7 100644
|
|
--- a/src/plugins/preauth/pkinit/pkcs11.h
|
|
+++ b/src/plugins/preauth/pkinit/pkcs11.h
|
|
@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t;
|
|
#define CKK_GENERIC_SECRET (0x10)
|
|
#define CKK_RC2 (0x11)
|
|
#define CKK_RC4 (0x12)
|
|
-#define CKK_DES (0x13)
|
|
-#define CKK_DES2 (0x14)
|
|
-#define CKK_DES3 (0x15)
|
|
+/* #define CKK_DES (0x13) */
|
|
+/* #define CKK_DES2 (0x14) */
|
|
+/* #define CKK_DES3 (0x15) */
|
|
#define CKK_CAST (0x16)
|
|
#define CKK_CAST3 (0x17)
|
|
#define CKK_CAST128 (0x18)
|
|
diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
|
|
index 2817cc213..a385da7c3 100644
|
|
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
|
|
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
|
|
@@ -212,14 +212,6 @@ pkinit_as_req_create(krb5_context context,
|
|
auth_pack.clientPublicValue = &info;
|
|
auth_pack.supportedKDFs = (krb5_data **)supported_kdf_alg_ids;
|
|
|
|
- /* add List of CMS algorithms */
|
|
- retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx,
|
|
- reqctx->cryptoctx,
|
|
- reqctx->idctx, &cmstypes);
|
|
- auth_pack.supportedCMSTypes = cmstypes;
|
|
- if (retval)
|
|
- goto cleanup;
|
|
-
|
|
switch(protocol) {
|
|
case DH_PROTOCOL:
|
|
TRACE_PKINIT_CLIENT_REQ_DH(context);
|
|
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
|
|
index 77d5c61fe..1f9868351 100644
|
|
--- a/src/plugins/preauth/pkinit/pkinit_crypto.h
|
|
+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
|
|
@@ -380,18 +380,6 @@ krb5_error_code server_process_dh
|
|
unsigned int *server_key_len_out); /* OUT
|
|
receives length of DH secret key */
|
|
|
|
-/*
|
|
- * this functions takes in crypto specific representation of
|
|
- * supportedCMSTypes and creates a list of
|
|
- * krb5_algorithm_identifier
|
|
- */
|
|
-krb5_error_code create_krb5_supportedCMSTypes
|
|
- (krb5_context context, /* IN */
|
|
- pkinit_plg_crypto_context plg_cryptoctx, /* IN */
|
|
- pkinit_req_crypto_context req_cryptoctx, /* IN */
|
|
- pkinit_identity_crypto_context id_cryptoctx, /* IN */
|
|
- krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
|
|
-
|
|
/*
|
|
* this functions takes in crypto specific representation of
|
|
* trustedCertifiers and creates a list of
|
|
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
|
|
index e5940a513..e1153344e 100644
|
|
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
|
|
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
|
|
@@ -5486,44 +5486,6 @@ cleanup:
|
|
return retval;
|
|
}
|
|
|
|
-krb5_error_code
|
|
-create_krb5_supportedCMSTypes(krb5_context context,
|
|
- pkinit_plg_crypto_context plg_cryptoctx,
|
|
- pkinit_req_crypto_context req_cryptoctx,
|
|
- pkinit_identity_crypto_context id_cryptoctx,
|
|
- krb5_algorithm_identifier ***oids)
|
|
-{
|
|
-
|
|
- krb5_error_code retval = ENOMEM;
|
|
- krb5_algorithm_identifier **loids = NULL;
|
|
- krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" };
|
|
-
|
|
- *oids = NULL;
|
|
- loids = malloc(2 * sizeof(krb5_algorithm_identifier *));
|
|
- if (loids == NULL)
|
|
- goto cleanup;
|
|
- loids[1] = NULL;
|
|
- loids[0] = malloc(sizeof(krb5_algorithm_identifier));
|
|
- if (loids[0] == NULL) {
|
|
- free(loids);
|
|
- goto cleanup;
|
|
- }
|
|
- retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid);
|
|
- if (retval) {
|
|
- free(loids[0]);
|
|
- free(loids);
|
|
- goto cleanup;
|
|
- }
|
|
- loids[0]->parameters.length = 0;
|
|
- loids[0]->parameters.data = NULL;
|
|
-
|
|
- *oids = loids;
|
|
- retval = 0;
|
|
-cleanup:
|
|
-
|
|
- return retval;
|
|
-}
|
|
-
|
|
krb5_error_code
|
|
create_krb5_trustedCertifiers(krb5_context context,
|
|
pkinit_plg_crypto_context plg_cryptoctx,
|
|
diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
|
|
index 7acbd0d28..cd998a29a 100644
|
|
--- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c
|
|
+++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
|
|
@@ -49,7 +49,6 @@ char eighteen_bs[9];
|
|
char party_u_name[] = "lha@SU.SE";
|
|
char party_v_name[] = "krbtgt/SU.SE@SU.SE";
|
|
int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96;
|
|
-int enctype_des3 = ENCTYPE_DES3_CBC_SHA1;
|
|
const krb5_data lha_data = DATA_FROM_STRING("lha");
|
|
|
|
krb5_octet key1_hex[] =
|
|
@@ -185,36 +184,6 @@ main(int argc, char **argv)
|
|
goto cleanup;
|
|
}
|
|
|
|
- /* TEST 3: SHA-512/DES3 */
|
|
- /* set up algorithm id */
|
|
- alg_id.algorithm.data = (char *)krb5_pkinit_sha512_oid;
|
|
- alg_id.algorithm.length = krb5_pkinit_sha512_oid_len;
|
|
-
|
|
- enctype = enctype_des3;
|
|
-
|
|
- /* call pkinit_alg_agility_kdf() with test vector values*/
|
|
- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
|
|
- &alg_id.algorithm,
|
|
- u_principal, v_principal,
|
|
- enctype, &as_req, &pk_as_rep,
|
|
- &key_block))) {
|
|
- printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d",
|
|
- retval);
|
|
- goto cleanup;
|
|
- }
|
|
-
|
|
- /* compare key to expected key value */
|
|
-
|
|
- if ((key_block.length == sizeof(key3_hex)) &&
|
|
- (0 == memcmp(key_block.contents, key3_hex, key_block.length))) {
|
|
- printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n");
|
|
- retval = 0;
|
|
- } else {
|
|
- printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n");
|
|
- retval = 1;
|
|
- goto cleanup;
|
|
- }
|
|
-
|
|
cleanup:
|
|
/* release all allocated resources, whether good or bad return */
|
|
free(secret.data);
|
|
diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c
|
|
index 2279202d3..96b0307d7 100644
|
|
--- a/src/plugins/preauth/spake/t_vectors.c
|
|
+++ b/src/plugins/preauth/spake/t_vectors.c
|
|
@@ -56,31 +56,6 @@ struct test {
|
|
const char *K2;
|
|
const char *K3;
|
|
} tests[] = {
|
|
- { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519,
|
|
- /* initial key, w, x, y, T, S, K */
|
|
- "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E",
|
|
- "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37",
|
|
- "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723",
|
|
- "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25",
|
|
- "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362",
|
|
- "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7",
|
|
- "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292",
|
|
- /* support, challenge, thash, body */
|
|
- "A0093007A0053003020101",
|
|
- "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389"
|
|
- "102E6BF610C1BFBED4616C8362A20930073005A003020101",
|
|
- "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B",
|
|
- "3075A00703050000000000A1143012A003020101A10B30091B07726165627572"
|
|
- "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018"
|
|
- "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730"
|
|
- "303130313030303030305AA703020100A8053003020110",
|
|
- /* K'[0], K'[1], K'[2], K'[3] */
|
|
- "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD",
|
|
- "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520",
|
|
- "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D",
|
|
- "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4",
|
|
- },
|
|
-
|
|
{ ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519,
|
|
/* initial key, w, x, y, T, S, K */
|
|
"8846F7EAEE8FB117AD06BDD830B7586C",
|
|
diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp
|
|
index 85bbf478a..302dee74c 100644
|
|
--- a/src/tests/dejagnu/config/default.exp
|
|
+++ b/src/tests/dejagnu/config/default.exp
|
|
@@ -15,8 +15,6 @@ set timeout 100
|
|
set stty_init {erase \^h kill \^u}
|
|
set env(TERM) dumb
|
|
|
|
-set des3_krbtgt 0
|
|
-
|
|
if { [string length $VALGRIND] } {
|
|
rename spawn valgrind_aux_spawn
|
|
proc spawn { args } {
|
|
@@ -105,17 +103,9 @@ if { $PRIOCNTL_HACK } {
|
|
# particularly with regards to encryption types.
|
|
|
|
set passes {
|
|
- {
|
|
- des3
|
|
- mode=udp
|
|
- des3_krbtgt=1
|
|
- {supported_enctypes=des3-cbc-sha1:normal}
|
|
- {dummy=[verbose -log "DES3 TGT, DES3 enctype"]}
|
|
- }
|
|
{
|
|
aes-only
|
|
mode=udp
|
|
- des3_krbtgt=0
|
|
{supported_enctypes=aes256-cts-hmac-sha1-96:normal}
|
|
{permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96}
|
|
{permitted_enctypes(client)=aes256-cts-hmac-sha1-96}
|
|
@@ -130,7 +120,6 @@ set passes {
|
|
{
|
|
aes-sha2-only
|
|
mode=udp
|
|
- des3_krbtgt=0
|
|
{supported_enctypes=aes256-sha2:normal}
|
|
{permitted_enctypes(kdc)=aes256-sha2}
|
|
{permitted_enctypes(replica)=aes256-sha2}
|
|
@@ -146,7 +135,6 @@ set passes {
|
|
{
|
|
camellia-only
|
|
mode=udp
|
|
- des3_krbtgt=0
|
|
{supported_enctypes=camellia256-cts:normal}
|
|
{permitted_enctypes(kdc)=camellia256-cts}
|
|
{permitted_enctypes(replica)=camellia256-cts}
|
|
@@ -159,32 +147,9 @@ set passes {
|
|
{master_key_type=camellia256-cts}
|
|
{dummy=[verbose -log "Camellia-256 enctype"]}
|
|
}
|
|
- {
|
|
- aes-des3
|
|
- mode=udp
|
|
- des3_krbtgt=0
|
|
- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
|
|
- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
|
|
- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
|
|
- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
|
|
- {master_key_type=aes256-cts-hmac-sha1-96}
|
|
- {dummy=[verbose -log "AES + DES3 + DES enctypes"]}
|
|
- }
|
|
- {
|
|
- aes-des3tgt
|
|
- mode=udp
|
|
- des3_krbtgt=1
|
|
- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
|
|
- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
|
|
- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
|
|
- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
|
|
- {master_key_type=aes256-cts-hmac-sha1-96}
|
|
- {dummy=[verbose -log "AES enctypes, DES3 TGT"]}
|
|
- }
|
|
{
|
|
all-enctypes
|
|
mode=udp
|
|
- des3_krbtgt=0
|
|
{allow_weak_crypto(kdc)=false}
|
|
{allow_weak_crypto(replica)=false}
|
|
{allow_weak_crypto(client)=false}
|
|
@@ -946,7 +911,6 @@ proc setup_kerberos_db { standalone } {
|
|
global REALMNAME KDB5_UTIL KADMIN_LOCAL KEY
|
|
global tmppwd hostname
|
|
global spawn_id
|
|
- global des3_krbtgt
|
|
global multipass_name last_passname_db
|
|
|
|
set failall 0
|
|
@@ -1143,48 +1107,6 @@ proc setup_kerberos_db { standalone } {
|
|
}
|
|
}
|
|
|
|
- if $des3_krbtgt {
|
|
- # Set the TGT key to DES3.
|
|
- set test "kadmin.local TGT to DES3"
|
|
- set body {
|
|
- if $failall {
|
|
- break
|
|
- }
|
|
- spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal
|
|
- verbose "starting $test"
|
|
- expect_after $def_exp_after
|
|
-
|
|
- expect "kadmin.local: "
|
|
- send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
|
|
- # It echos...
|
|
- expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
|
|
- expect {
|
|
- "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { }
|
|
- }
|
|
- expect "kadmin.local: "
|
|
- send "quit\r"
|
|
- expect eof
|
|
- catch expect_after
|
|
- if ![check_exit_status kadmin_local] {
|
|
- break
|
|
- }
|
|
- }
|
|
- set ret [catch $body]
|
|
- catch "expect eof"
|
|
- catch expect_after
|
|
- if $ret {
|
|
- set failall 1
|
|
- if $standalone {
|
|
- fail $test
|
|
- } else {
|
|
- delete_db
|
|
- }
|
|
- } else {
|
|
- if $standalone {
|
|
- pass $test
|
|
- }
|
|
- }
|
|
- }
|
|
envstack_pop
|
|
|
|
# create the admin database lock file
|
|
diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp
|
|
index 661e3fd9a..2b8f60045 100644
|
|
--- a/src/tests/dejagnu/krb-standalone/kprop.exp
|
|
+++ b/src/tests/dejagnu/krb-standalone/kprop.exp
|
|
@@ -54,7 +54,7 @@ proc doit { } {
|
|
global REALMNAME KEY
|
|
global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id
|
|
global hostname tmppwd spawn_id timeout
|
|
- global KRBIV supported_enctypes portbase mode ulog des3_krbtgt
|
|
+ global KRBIV supported_enctypes portbase mode ulog
|
|
|
|
# Delete any db, ulog files
|
|
delete_db
|
|
diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py
|
|
index 7494d7fcd..2f95d8996 100755
|
|
--- a/src/tests/gssapi/t_enctypes.py
|
|
+++ b/src/tests/gssapi/t_enctypes.py
|
|
@@ -1,24 +1,17 @@
|
|
from k5test import *
|
|
|
|
-# Define some convenience abbreviations for enctypes we will see in
|
|
-# test program output. For background, aes256 and aes128 are "CFX
|
|
-# enctypes", meaning that they imply support for RFC 4121, while des3
|
|
-# and rc4 are not. DES3 keys will appear as 'des3-cbc-raw' in
|
|
-# t_enctypes output because that's how GSSAPI does raw triple-DES
|
|
-# encryption without the RFC3961 framing.
|
|
+# Define some convenience abbreviations for enctypes we will see in test
|
|
+# program output. For background, aes256 and aes128 are "CFX enctypes",
|
|
+# meaning that they imply support for RFC 4121, while rc4 does not.
|
|
aes256 = 'aes256-cts-hmac-sha1-96'
|
|
aes128 = 'aes128-cts-hmac-sha1-96'
|
|
-des3 = 'des3-cbc-sha1'
|
|
-d_des3 = 'DEPRECATED:des3-cbc-sha1'
|
|
-des3raw = 'des3-cbc-raw'
|
|
-d_des3raw = 'DEPRECATED:des3-cbc-raw'
|
|
rc4 = 'arcfour-hmac'
|
|
d_rc4 = 'DEPRECATED:arcfour-hmac'
|
|
|
|
# These tests make assumptions about the default enctype lists, so set
|
|
# them explicitly rather than relying on the library defaults.
|
|
-supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal'
|
|
-conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'},
|
|
+supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal'
|
|
+conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'},
|
|
'realms': {'$realm': {'supported_enctypes': supp}}}
|
|
realm = K5Realm(krb5_conf=conf)
|
|
shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save'))
|
|
@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts',
|
|
test_err('acc aes128', None, 'aes128-cts',
|
|
'Encryption type aes256-cts-hmac-sha1-96 not permitted')
|
|
|
|
-# If the initiator constrains the permitted session enctypes to des3,
|
|
-# no acceptor subkey will be generated because we can't upgrade to a
|
|
-# CFX enctype.
|
|
-test('init des3', 'des3', None,
|
|
- tktenc=aes256, tktsession=d_des3,
|
|
- proto='rfc1964', isubkey=des3raw, asubkey=None)
|
|
-
|
|
# Force the ticket session key to be rc4, so we can test some subkey
|
|
# upgrade cases. The ticket encryption key remains aes256.
|
|
realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4'])
|
|
|
|
# With no arguments, the initiator should send an upgrade list of
|
|
-# [aes256 aes128 des3] and the acceptor should upgrade to an aes256
|
|
+# [aes256 aes128] and the acceptor should upgrade to an aes256
|
|
# subkey.
|
|
test('upgrade noargs', None, None,
|
|
tktenc=aes256, tktsession=d_rc4,
|
|
@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None,
|
|
tktenc=aes256, tktsession=d_rc4,
|
|
proto='cfx', isubkey=rc4, asubkey=aes128)
|
|
|
|
-# If the initiator permits rc4 but prefers des3, it will send an
|
|
-# upgrade list of [des3], but the acceptor won't generate a subkey
|
|
-# because des3 isn't a CFX enctype.
|
|
-test('upgrade init des3+rc4', 'des3 rc4', None,
|
|
- tktenc=aes256, tktsession=d_rc4,
|
|
- proto='rfc1964', isubkey=rc4, asubkey=None)
|
|
-
|
|
# If the acceptor permits only aes128, subkey negotiation will fail
|
|
# because the ticket session key and initiator subkey are
|
|
# non-permitted. (This is unfortunate if the acceptor's restriction
|
|
diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c
|
|
index 9876a11e6..fb8fe5511 100644
|
|
--- a/src/tests/gssapi/t_invalid.c
|
|
+++ b/src/tests/gssapi/t_invalid.c
|
|
@@ -84,18 +84,6 @@ struct test {
|
|
size_t toklen;
|
|
const char *token;
|
|
} tests[] = {
|
|
- {
|
|
- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW,
|
|
- SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20,
|
|
- 24,
|
|
- "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7"
|
|
- "\x92\x3D\x38\xF7\x26\x73\x0D\x6D",
|
|
- 65,
|
|
- "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04"
|
|
- "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8"
|
|
- "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10"
|
|
- "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4"
|
|
- },
|
|
{
|
|
ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC,
|
|
SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8,
|
|
diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c
|
|
index 7368f752f..bf22bd3da 100644
|
|
--- a/src/tests/gssapi/t_pcontok.c
|
|
+++ b/src/tests/gssapi/t_pcontok.c
|
|
@@ -43,7 +43,6 @@
|
|
#include "k5-int.h"
|
|
#include "common.h"
|
|
|
|
-#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04
|
|
#define SGN_ALG_HMAC_MD5 0x11
|
|
|
|
/*
|
|
@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out)
|
|
ret = krb5_k_create_key(context, &seqkb, &seq);
|
|
check_k5err(context, "krb5_k_create_key", ret);
|
|
|
|
- if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) {
|
|
- cktype = CKSUMTYPE_HMAC_SHA1_DES3;
|
|
- cksize = 20;
|
|
- ckusage = 23;
|
|
- } else if (signalg == SGN_ALG_HMAC_MD5) {
|
|
- cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
- cksize = 8;
|
|
- ckusage = 15;
|
|
- } else {
|
|
+ if (signalg != SGN_ALG_HMAC_MD5)
|
|
abort();
|
|
- }
|
|
+
|
|
+ cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
|
|
+ cksize = 8;
|
|
+ ckusage = 15;
|
|
|
|
tlen = 20 + mech_krb5.length + cksize;
|
|
token = malloc(tlen);
|
|
diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
|
|
index f71774cdc..d1857c433 100644
|
|
--- a/src/tests/gssapi/t_prf.c
|
|
+++ b/src/tests/gssapi/t_prf.c
|
|
@@ -41,13 +41,6 @@ static struct {
|
|
const char *key2;
|
|
const char *out2;
|
|
} tests[] = {
|
|
- { ENCTYPE_DES3_CBC_SHA1,
|
|
- "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2",
|
|
- "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9"
|
|
- "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB",
|
|
- "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E",
|
|
- "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190"
|
|
- "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" },
|
|
{ ENCTYPE_ARCFOUR_HMAC,
|
|
"3BB3AE288C12B3B9D06B208A4151B3B6",
|
|
"9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28"
|
|
diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
|
|
index 3fa957ad2..2e01f46bc 100644
|
|
--- a/src/tests/t_authdata.py
|
|
+++ b/src/tests/t_authdata.py
|
|
@@ -174,7 +174,7 @@ realm.run([kvno, 'restricted'])
|
|
# preferred krbtgt enctype changes.
|
|
mark('#8139 regression test')
|
|
realm.kinit(realm.user_princ, password('user'), ['-f'])
|
|
-realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1',
|
|
+realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2',
|
|
realm.krbtgt_princ])
|
|
realm.run(['./forward'])
|
|
realm.run([kvno, realm.host_princ])
|
|
diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py
|
|
index c982508d8..96e90a69d 100644
|
|
--- a/src/tests/t_etype_info.py
|
|
+++ b/src/tests/t_etype_info.py
|
|
@@ -1,6 +1,6 @@
|
|
from k5test import *
|
|
|
|
-supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac'
|
|
+supported_enctypes = 'aes128-cts rc4-hmac'
|
|
conf = {'libdefaults': {'allow_weak_crypto': 'true'},
|
|
'realms': {'$realm': {'supported_enctypes': supported_enctypes}}}
|
|
realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf)
|
|
@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines):
|
|
# With no newer enctypes in the request, PA-ETYPE-INFO2,
|
|
# PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one
|
|
# key for the most preferred matching enctype.
|
|
-test_etinfo('user', 'rc4-hmac-exp des3 rc4',
|
|
- ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser',
|
|
- 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser',
|
|
+test_etinfo('user', 'rc4-hmac-exp rc4',
|
|
+ ['asrep etype_info2 rc4-hmac KRBTEST.COMuser',
|
|
+ 'asrep etype_info rc4-hmac KRBTEST.COMuser',
|
|
'asrep pw_salt KRBTEST.COMuser'])
|
|
|
|
# With a newer enctype in the request (even if it is not the most
|
|
@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts',
|
|
|
|
# In preauth-required errors, PA-PW-SALT does not appear, but the same
|
|
# etype-info2 values are expected.
|
|
-test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4',
|
|
- ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser',
|
|
- 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser'])
|
|
+test_etinfo('preauthuser', 'rc4-hmac-exp rc4',
|
|
+ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser',
|
|
+ 'error etype_info rc4-hmac KRBTEST.COMpreauthuser'])
|
|
test_etinfo('preauthuser', 'rc4 aes256-cts',
|
|
['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser'])
|
|
|
|
@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts',
|
|
# (to allow for preauth mechs which don't depend on long-term keys).
|
|
# An AS-REP cannot be generated without preauth as there is no reply
|
|
# key.
|
|
-test_etinfo('rc4user', 'des3', [])
|
|
-test_etinfo('nokeyuser', 'des3', [])
|
|
+test_etinfo('rc4user', 'aes128-cts', [])
|
|
+test_etinfo('nokeyuser', 'aes128-cts', [])
|
|
|
|
# Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED
|
|
# error if the client does optimistic preauth.
|
|
diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py
|
|
index 2c825a692..f29e0d550 100755
|
|
--- a/src/tests/t_keyrollover.py
|
|
+++ b/src/tests/t_keyrollover.py
|
|
@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg)
|
|
|
|
# Test that the KDC only accepts the first enctype for a kvno, for a
|
|
# local-realm TGS request. To set this up, we abuse an edge-case
|
|
-# behavior of modprinc -kvno. First, set up a DES3 krbtgt entry at
|
|
+# behavior of modprinc -kvno. First, set up an aes128-sha2 krbtgt entry at
|
|
# kvno 1 and cache a krbtgt ticket.
|
|
-realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1',
|
|
+realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128',
|
|
realm.krbtgt_princ])
|
|
realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
|
|
realm.kinit(realm.user_princ, password('user'))
|
|
@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts',
|
|
realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
|
|
out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ])
|
|
if 'vno 1, aes256-cts' not in out or \
|
|
- 'vno 1, DEPRECATED:des3-cbc-sha1' not in out:
|
|
+ 'vno 1, aes128-cts-hmac-sha256-128' not in out:
|
|
fail('keyrollover: setup for TGS enctype test failed')
|
|
-# Now present the DES3 ticket to the KDC and make sure it's rejected.
|
|
+# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected.
|
|
realm.run([kvno, realm.host_princ], expected_code=1)
|
|
|
|
realm.stop()
|
|
diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py
|
|
index 32f4070bc..da0ed1831 100755
|
|
--- a/src/tests/t_mkey.py
|
|
+++ b/src/tests/t_mkey.py
|
|
@@ -7,7 +7,6 @@ import struct
|
|
# default enctype for master keys.
|
|
aes256 = 'aes256-cts-hmac-sha1-96'
|
|
aes128 = 'aes128-cts-hmac-sha1-96'
|
|
-des3 = 'des3-cbc-sha1'
|
|
defetype = aes256
|
|
|
|
realm = K5Realm(create_host=False, start_kadmind=True)
|
|
@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out:
|
|
|
|
realm.stop()
|
|
|
|
-# Load a dump file created with krb5 1.6, before the master key
|
|
-# rollover changes were introduced. Write out an old-format stash
|
|
-# file consistent with the dump's master password ("footes"). The K/M
|
|
-# entry in this database will not have actkvno tl-data because it was
|
|
-# created prior to master key rollover support. Verify that:
|
|
-# 1. We can access the database using the old-format stash file.
|
|
-# 2. list_mkeys displays the same list as for a post-1.7 KDB.
|
|
-mark('pre-1.7 stash file')
|
|
-dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16')
|
|
-os.remove(stash_file)
|
|
-f = open(stash_file, 'wb')
|
|
-f.write(struct.pack('=HL24s', 16, 24,
|
|
- b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0'
|
|
- b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86'))
|
|
-f.close()
|
|
-realm.run([kdb5_util, 'load', dumpfile])
|
|
-nprincs = len(realm.run([kadminl, 'listprincs']).splitlines())
|
|
-check_mkvno('K/M', 1)
|
|
-check_mkey_list((1, des3, True, True))
|
|
-
|
|
-# Create a new master key and verify that, without actkvkno tl-data:
|
|
-# 1. list_mkeys displays the same as for a post-1.7 KDB.
|
|
-# 2. update_princ_encryption still targets mkvno 1.
|
|
-# 3. libkadm5 still uses mkvno 1 for key changes.
|
|
-# 4. use_mkey creates the same list as for a post-1.7 KDB.
|
|
-mark('rollover from pre-1.7 KDB')
|
|
-add_mkey([])
|
|
-check_mkey_list((2, defetype, False, False), (1, des3, True, True))
|
|
-update_princ_encryption(False, 1, 0, nprincs - 1)
|
|
-realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ])
|
|
-check_mkvno(realm.user_princ, 1)
|
|
-realm.run([kdb5_util, 'use_mkey', '2', 'now-1day'])
|
|
-check_mkey_list((2, defetype, True, True), (1, des3, True, False))
|
|
-
|
|
# Regression test for #8395. Purge the master key and verify that a
|
|
# master key fetch does not segfault.
|
|
mark('#8395 regression test')
|
|
diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py
|
|
index 65084bbf3..55ca89745 100755
|
|
--- a/src/tests/t_salt.py
|
|
+++ b/src/tests/t_salt.py
|
|
@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2):
|
|
|
|
# Enctype/salt pairs chosen with non-default salt types.
|
|
# The enctypes are mostly arbitrary.
|
|
-salts = [('des3-cbc-sha1', 'norealm'),
|
|
+salts = [('aes128-cts-hmac-sha1-96', 'norealm'),
|
|
('arcfour-hmac', 'onlyrealm'),
|
|
('aes128-cts-hmac-sha1-96', 'special')]
|
|
# These enctypes are chosen to cover the different string-to-key routines.
|
|
# Omit ":normal" from aes256 to check that salttype defaulting works.
|
|
-second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal',
|
|
- 'des3-cbc-sha1:normal']
|
|
+second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal']
|
|
|
|
# Test using different salt types in a principal's key list.
|
|
# Parameters from one key in the list must not leak over to later ones.
|
|
diff --git a/src/util/k5test.py b/src/util/k5test.py
|
|
index 6afe4b92c..789b0f4b9 100644
|
|
--- a/src/util/k5test.py
|
|
+++ b/src/util/k5test.py
|
|
@@ -1278,13 +1278,6 @@ _passes = [
|
|
# No special settings; exercises AES256.
|
|
('default', None, None, None),
|
|
|
|
- # Exercise the DES3 enctype.
|
|
- ('des3', None,
|
|
- {'libdefaults': {'permitted_enctypes': 'des3'}},
|
|
- {'realms': {'$realm': {
|
|
- 'supported_enctypes': 'des3-cbc-sha1:normal',
|
|
- 'master_key_type': 'des3-cbc-sha1'}}}),
|
|
-
|
|
# Exercise the arcfour enctype.
|
|
('arcfour', None,
|
|
{'libdefaults': {'permitted_enctypes': 'rc4'}},
|
|
diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
|
|
index 1aebdd0b4..c38eefd2b 100644
|
|
--- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm
|
|
+++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
|
|
@@ -79,19 +79,6 @@ will have an entry in the Encryption type column. <br>
|
|
<th>Description</th>
|
|
</tr>
|
|
<tr>
|
|
-<th id="th2"> des3- </th>
|
|
- <td> The triple DES family improves on
|
|
-the original DES (Data Encryption Standard) by using 3 separate 56-bit
|
|
-keys. Some modes of 3DES are considered weak while others are strong
|
|
-(if slow). <ul id="helpul">
|
|
-<li> des3-cbc-sha1</li>
|
|
-<li> des3-cbc-raw (<b>weak</b>) </li>
|
|
-<li>des3-hmac-sha1 </li>
|
|
-<li>des3-cbc-sha1-kd </li>
|
|
-</ul>
|
|
-</td>
|
|
- </tr>
|
|
-<tr>
|
|
<th id="th2"> aes </th>
|
|
<td>The AES Advanced Encryption Standard
|
|
family, like 3DES, is a symmetric block cipher and was designed
|