Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

crypto-des.c@ 7

Last change on this file since 7 was 1, checked in by Paul Smedley, 10 years ago
Initial commit of Heimdal 1.5.3
File size: 8.8 KB

Line
1	/*
2	* Copyright (c) 1997 - 2008 Kungliga Tekniska HÃ¶gskolan
3	* (Royal Institute of Technology, Stockholm, Sweden).
4	* All rights reserved.
5	*
6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions
8	* are met:
9	*
10	* 1. Redistributions of source code must retain the above copyright
11	* notice, this list of conditions and the following disclaimer.
12	*
13	* 2. Redistributions in binary form must reproduce the above copyright
14	* notice, this list of conditions and the following disclaimer in the
15	* documentation and/or other materials provided with the distribution.
16	*
17	* 3. Neither the name of the Institute nor the names of its contributors
18	* may be used to endorse or promote products derived from this software
19	* without specific prior written permission.
20	*
21	* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24	* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31	* SUCH DAMAGE.
32	*/
33
34	#include "krb5_locl.h"
35
36	#ifdef HEIM_WEAK_CRYPTO
37
38
39	static void
40	krb5_DES_random_key(krb5_context context,
41	krb5_keyblock *key)
42	{
43	DES_cblock *k = key->keyvalue.data;
44	do {
45	krb5_generate_random_block(k, sizeof(DES_cblock));
46	DES_set_odd_parity(k);
47	} while(DES_is_weak_key(k));
48	}
49
50	static void
51	krb5_DES_schedule_old(krb5_context context,
52	struct _krb5_key_type *kt,
53	struct _krb5_key_data *key)
54	{
55	DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data);
56	}
57
58	static void
59	krb5_DES_random_to_key(krb5_context context,
60	krb5_keyblock *key,
61	const void *data,
62	size_t size)
63	{
64	DES_cblock *k = key->keyvalue.data;
65	memcpy(k, data, key->keyvalue.length);
66	DES_set_odd_parity(k);
67	if(DES_is_weak_key(k))
68	_krb5_xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
69	}
70
71	static struct _krb5_key_type keytype_des_old = {
72	ETYPE_DES_CBC_CRC,
73	"des-old",
74	56,
75	8,
76	sizeof(DES_key_schedule),
77	krb5_DES_random_key,
78	krb5_DES_schedule_old,
79	_krb5_des_salt,
80	krb5_DES_random_to_key,
81	NULL,
82	NULL
83	};
84
85	static struct _krb5_key_type keytype_des = {
86	ETYPE_DES_CBC_CRC,
87	"des",
88	56,
89	8,
90	sizeof(struct _krb5_evp_schedule),
91	krb5_DES_random_key,
92	_krb5_evp_schedule,
93	_krb5_des_salt,
94	krb5_DES_random_to_key,
95	_krb5_evp_cleanup,
96	EVP_des_cbc
97	};
98
99	static krb5_error_code
100	CRC32_checksum(krb5_context context,
101	struct _krb5_key_data *key,
102	const void *data,
103	size_t len,
104	unsigned usage,
105	Checksum *C)
106	{
107	uint32_t crc;
108	unsigned char *r = C->checksum.data;
109	_krb5_crc_init_table ();
110	crc = _krb5_crc_update (data, len, 0);
111	r[0] = crc & 0xff;
112	r[1] = (crc >> 8) & 0xff;
113	r[2] = (crc >> 16) & 0xff;
114	r[3] = (crc >> 24) & 0xff;
115	return 0;
116	}
117
118	static krb5_error_code
119	RSA_MD4_checksum(krb5_context context,
120	struct _krb5_key_data *key,
121	const void *data,
122	size_t len,
123	unsigned usage,
124	Checksum *C)
125	{
126	if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1)
127	krb5_abortx(context, "md4 checksum failed");
128	return 0;
129	}
130
131	static krb5_error_code
132	RSA_MD4_DES_checksum(krb5_context context,
133	struct _krb5_key_data *key,
134	const void *data,
135	size_t len,
136	unsigned usage,
137	Checksum *cksum)
138	{
139	return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum);
140	}
141
142	static krb5_error_code
143	RSA_MD4_DES_verify(krb5_context context,
144	struct _krb5_key_data *key,
145	const void *data,
146	size_t len,
147	unsigned usage,
148	Checksum *C)
149	{
150	return _krb5_des_verify(context, EVP_md4(), key, data, len, C);
151	}
152
153	static krb5_error_code
154	RSA_MD5_DES_checksum(krb5_context context,
155	struct _krb5_key_data *key,
156	const void *data,
157	size_t len,
158	unsigned usage,
159	Checksum *C)
160	{
161	return _krb5_des_checksum(context, EVP_md5(), key, data, len, C);
162	}
163
164	static krb5_error_code
165	RSA_MD5_DES_verify(krb5_context context,
166	struct _krb5_key_data *key,
167	const void *data,
168	size_t len,
169	unsigned usage,
170	Checksum *C)
171	{
172	return _krb5_des_verify(context, EVP_md5(), key, data, len, C);
173	}
174
175	struct _krb5_checksum_type _krb5_checksum_crc32 = {
176	CKSUMTYPE_CRC32,
177	"crc32",
178	1,
179	4,
180	0,
181	CRC32_checksum,
182	NULL
183	};
184
185	struct _krb5_checksum_type _krb5_checksum_rsa_md4 = {
186	CKSUMTYPE_RSA_MD4,
187	"rsa-md4",
188	64,
189	16,
190	F_CPROOF,
191	RSA_MD4_checksum,
192	NULL
193	};
194
195	struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = {
196	CKSUMTYPE_RSA_MD4_DES,
197	"rsa-md4-des",
198	64,
199	24,
200	F_KEYED \| F_CPROOF \| F_VARIANT,
201	RSA_MD4_DES_checksum,
202	RSA_MD4_DES_verify
203	};
204
205	struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = {
206	CKSUMTYPE_RSA_MD5_DES,
207	"rsa-md5-des",
208	64,
209	24,
210	F_KEYED \| F_CPROOF \| F_VARIANT,
211	RSA_MD5_DES_checksum,
212	RSA_MD5_DES_verify
213	};
214
215	static krb5_error_code
216	evp_des_encrypt_null_ivec(krb5_context context,
217	struct _krb5_key_data *key,
218	void *data,
219	size_t len,
220	krb5_boolean encryptp,
221	int usage,
222	void *ignore_ivec)
223	{
224	struct _krb5_evp_schedule *ctx = key->schedule->data;
225	EVP_CIPHER_CTX *c;
226	DES_cblock ivec;
227	memset(&ivec, 0, sizeof(ivec));
228	c = encryptp ? &ctx->ectx : &ctx->dctx;
229	EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
230	EVP_Cipher(c, data, data, len);
231	return 0;
232	}
233
234	static krb5_error_code
235	evp_des_encrypt_key_ivec(krb5_context context,
236	struct _krb5_key_data *key,
237	void *data,
238	size_t len,
239	krb5_boolean encryptp,
240	int usage,
241	void *ignore_ivec)
242	{
243	struct _krb5_evp_schedule *ctx = key->schedule->data;
244	EVP_CIPHER_CTX *c;
245	DES_cblock ivec;
246	memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
247	c = encryptp ? &ctx->ectx : &ctx->dctx;
248	EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
249	EVP_Cipher(c, data, data, len);
250	return 0;
251	}
252
253	static krb5_error_code
254	DES_CFB64_encrypt_null_ivec(krb5_context context,
255	struct _krb5_key_data *key,
256	void *data,
257	size_t len,
258	krb5_boolean encryptp,
259	int usage,
260	void *ignore_ivec)
261	{
262	DES_cblock ivec;
263	int num = 0;
264	DES_key_schedule *s = key->schedule->data;
265	memset(&ivec, 0, sizeof(ivec));
266
267	DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp);
268	return 0;
269	}
270
271	static krb5_error_code
272	DES_PCBC_encrypt_key_ivec(krb5_context context,
273	struct _krb5_key_data *key,
274	void *data,
275	size_t len,
276	krb5_boolean encryptp,
277	int usage,
278	void *ignore_ivec)
279	{
280	DES_cblock ivec;
281	DES_key_schedule *s = key->schedule->data;
282	memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
283
284	DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp);
285	return 0;
286	}
287
288	struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = {
289	ETYPE_DES_CBC_CRC,
290	"des-cbc-crc",
291	8,
292	8,
293	8,
294	&keytype_des,
295	&_krb5_checksum_crc32,
296	NULL,
297	F_DISABLED\|F_WEAK,
298	evp_des_encrypt_key_ivec,
299	0,
300	NULL
301	};
302
303	struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = {
304	ETYPE_DES_CBC_MD4,
305	"des-cbc-md4",
306	8,
307	8,
308	8,
309	&keytype_des,
310	&_krb5_checksum_rsa_md4,
311	&_krb5_checksum_rsa_md4_des,
312	F_DISABLED\|F_WEAK,
313	evp_des_encrypt_null_ivec,
314	0,
315	NULL
316	};
317
318	struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = {
319	ETYPE_DES_CBC_MD5,
320	"des-cbc-md5",
321	8,
322	8,
323	8,
324	&keytype_des,
325	&_krb5_checksum_rsa_md5,
326	&_krb5_checksum_rsa_md5_des,
327	F_DISABLED\|F_WEAK,
328	evp_des_encrypt_null_ivec,
329	0,
330	NULL
331	};
332
333	struct _krb5_encryption_type _krb5_enctype_des_cbc_none = {
334	ETYPE_DES_CBC_NONE,
335	"des-cbc-none",
336	8,
337	8,
338	0,
339	&keytype_des,
340	&_krb5_checksum_none,
341	NULL,
342	F_PSEUDO\|F_DISABLED\|F_WEAK,
343	evp_des_encrypt_null_ivec,
344	0,
345	NULL
346	};
347
348	struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = {
349	ETYPE_DES_CFB64_NONE,
350	"des-cfb64-none",
351	1,
352	1,
353	0,
354	&keytype_des_old,
355	&_krb5_checksum_none,
356	NULL,
357	F_PSEUDO\|F_DISABLED\|F_WEAK,
358	DES_CFB64_encrypt_null_ivec,
359	0,
360	NULL
361	};
362
363	struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = {
364	ETYPE_DES_PCBC_NONE,
365	"des-pcbc-none",
366	8,
367	8,
368	0,
369	&keytype_des_old,
370	&_krb5_checksum_none,
371	NULL,
372	F_PSEUDO\|F_DISABLED\|F_WEAK,
373	DES_PCBC_encrypt_key_ivec,
374	0,
375	NULL
376	};
377	#endif /* HEIM_WEAK_CRYPTO */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: heimdal/trunk/lib/krb5/crypto-des.c@ 7

Download in other formats: