Context Navigation

crypto-des.c

Visit:

Last change on this file was 745, checked in by Silvan Scherrer, 13 years ago
Samba Server: updated trunk to 3.6.0
File size: 9.1 KB

Line
1	/*
2	* Copyright (c) 1997 - 2008 Kungliga Tekniska HÃ¶gskolan
3	* (Royal Institute of Technology, Stockholm, Sweden).
4	* All rights reserved.
5	*
6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions
8	* are met:
9	*
10	* 1. Redistributions of source code must retain the above copyright
11	* notice, this list of conditions and the following disclaimer.
12	*
13	* 2. Redistributions in binary form must reproduce the above copyright
14	* notice, this list of conditions and the following disclaimer in the
15	* documentation and/or other materials provided with the distribution.
16	*
17	* 3. Neither the name of the Institute nor the names of its contributors
18	* may be used to endorse or promote products derived from this software
19	* without specific prior written permission.
20	*
21	* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24	* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31	* SUCH DAMAGE.
32	*/
33
34	#include "krb5_locl.h"
35
36	#ifdef HEIM_WEAK_CRYPTO
37
38
39	static void
40	krb5_DES_random_key(krb5_context context,
41	krb5_keyblock *key)
42	{
43	DES_cblock *k = key->keyvalue.data;
44	do {
45	krb5_generate_random_block(k, sizeof(DES_cblock));
46	DES_set_odd_parity(k);
47	} while(DES_is_weak_key(k));
48	}
49
50	static void
51	krb5_DES_schedule_old(krb5_context context,
52	struct _krb5_key_type *kt,
53	struct _krb5_key_data *key)
54	{
55	DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data);
56	}
57
58	static void
59	krb5_DES_random_to_key(krb5_context context,
60	krb5_keyblock *key,
61	const void *data,
62	size_t size)
63	{
64	DES_cblock *k = key->keyvalue.data;
65	memcpy(k, data, key->keyvalue.length);
66	DES_set_odd_parity(k);
67	if(DES_is_weak_key(k))
68	_krb5_xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
69	}
70
71	static struct _krb5_key_type keytype_des_old = {
72	KEYTYPE_DES,
73	"des-old",
74	56,
75	8,
76	sizeof(DES_key_schedule),
77	krb5_DES_random_key,
78	krb5_DES_schedule_old,
79	_krb5_des_salt,
80	krb5_DES_random_to_key
81	};
82
83	static struct _krb5_key_type keytype_des = {
84	KEYTYPE_DES,
85	"des",
86	56,
87	8,
88	sizeof(struct _krb5_evp_schedule),
89	krb5_DES_random_key,
90	_krb5_evp_schedule,
91	_krb5_des_salt,
92	krb5_DES_random_to_key,
93	_krb5_evp_cleanup,
94	EVP_des_cbc
95	};
96
97	static krb5_error_code
98	CRC32_checksum(krb5_context context,
99	struct _krb5_key_data *key,
100	const void *data,
101	size_t len,
102	unsigned usage,
103	Checksum *C)
104	{
105	uint32_t crc;
106	unsigned char *r = C->checksum.data;
107	_krb5_crc_init_table ();
108	crc = _krb5_crc_update (data, len, 0);
109	r[0] = crc & 0xff;
110	r[1] = (crc >> 8) & 0xff;
111	r[2] = (crc >> 16) & 0xff;
112	r[3] = (crc >> 24) & 0xff;
113	return 0;
114	}
115
116	static krb5_error_code
117	RSA_MD4_checksum(krb5_context context,
118	struct _krb5_key_data *key,
119	const void *data,
120	size_t len,
121	unsigned usage,
122	Checksum *C)
123	{
124	if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1)
125	krb5_abortx(context, "md4 checksum failed");
126	return 0;
127	}
128
129	static krb5_error_code
130	RSA_MD4_DES_checksum(krb5_context context,
131	struct _krb5_key_data *key,
132	const void *data,
133	size_t len,
134	unsigned usage,
135	Checksum *cksum)
136	{
137	return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum);
138	}
139
140	static krb5_error_code
141	RSA_MD4_DES_verify(krb5_context context,
142	struct _krb5_key_data *key,
143	const void *data,
144	size_t len,
145	unsigned usage,
146	Checksum *C)
147	{
148	return _krb5_des_verify(context, EVP_md4(), key, data, len, C);
149	}
150
151	static krb5_error_code
152	RSA_MD5_DES_checksum(krb5_context context,
153	struct _krb5_key_data *key,
154	const void *data,
155	size_t len,
156	unsigned usage,
157	Checksum *C)
158	{
159	return _krb5_des_checksum(context, EVP_md5(), key, data, len, C);
160	}
161
162	static krb5_error_code
163	RSA_MD5_DES_verify(krb5_context context,
164	struct _krb5_key_data *key,
165	const void *data,
166	size_t len,
167	unsigned usage,
168	Checksum *C)
169	{
170	return _krb5_des_verify(context, EVP_md5(), key, data, len, C);
171	}
172
173	struct _krb5_checksum_type _krb5_checksum_crc32 = {
174	CKSUMTYPE_CRC32,
175	"crc32",
176	1,
177	4,
178	0,
179	CRC32_checksum,
180	NULL
181	};
182
183	struct _krb5_checksum_type _krb5_checksum_rsa_md4 = {
184	CKSUMTYPE_RSA_MD4,
185	"rsa-md4",
186	64,
187	16,
188	F_CPROOF,
189	RSA_MD4_checksum,
190	NULL
191	};
192
193	struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = {
194	CKSUMTYPE_RSA_MD4_DES,
195	"rsa-md4-des",
196	64,
197	24,
198	F_KEYED \| F_CPROOF \| F_VARIANT,
199	RSA_MD4_DES_checksum,
200	RSA_MD4_DES_verify
201	};
202
203	struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = {
204	CKSUMTYPE_RSA_MD5_DES,
205	"rsa-md5-des",
206	64,
207	24,
208	F_KEYED \| F_CPROOF \| F_VARIANT,
209	RSA_MD5_DES_checksum,
210	RSA_MD5_DES_verify
211	};
212
213	static krb5_error_code
214	evp_des_encrypt_null_ivec(krb5_context context,
215	struct _krb5_key_data *key,
216	void *data,
217	size_t len,
218	krb5_boolean encryptp,
219	int usage,
220	void *ignore_ivec)
221	{
222	struct _krb5_evp_schedule *ctx = key->schedule->data;
223	EVP_CIPHER_CTX *c;
224	DES_cblock ivec;
225	memset(&ivec, 0, sizeof(ivec));
226	c = encryptp ? &ctx->ectx : &ctx->dctx;
227	EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
228	EVP_Cipher(c, data, data, len);
229	return 0;
230	}
231
232	static krb5_error_code
233	evp_des_encrypt_key_ivec(krb5_context context,
234	struct _krb5_key_data *key,
235	void *data,
236	size_t len,
237	krb5_boolean encryptp,
238	int usage,
239	void *ignore_ivec)
240	{
241	struct _krb5_evp_schedule *ctx = key->schedule->data;
242	EVP_CIPHER_CTX *c;
243	DES_cblock ivec;
244	memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
245	c = encryptp ? &ctx->ectx : &ctx->dctx;
246	EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
247	EVP_Cipher(c, data, data, len);
248	return 0;
249	}
250
251	static krb5_error_code
252	DES_CFB64_encrypt_null_ivec(krb5_context context,
253	struct _krb5_key_data *key,
254	void *data,
255	size_t len,
256	krb5_boolean encryptp,
257	int usage,
258	void *ignore_ivec)
259	{
260	DES_cblock ivec;
261	int num = 0;
262	DES_key_schedule *s = key->schedule->data;
263	memset(&ivec, 0, sizeof(ivec));
264
265	DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp);
266	return 0;
267	}
268
269	static krb5_error_code
270	DES_PCBC_encrypt_key_ivec(krb5_context context,
271	struct _krb5_key_data *key,
272	void *data,
273	size_t len,
274	krb5_boolean encryptp,
275	int usage,
276	void *ignore_ivec)
277	{
278	DES_cblock ivec;
279	DES_key_schedule *s = key->schedule->data;
280	memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
281
282	DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp);
283	return 0;
284	}
285
286	struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = {
287	ETYPE_DES_CBC_CRC,
288	"des-cbc-crc",
289	8,
290	8,
291	8,
292	&keytype_des,
293	&_krb5_checksum_crc32,
294	NULL,
295	F_DISABLED\|F_WEAK,
296	evp_des_encrypt_key_ivec,
297	0,
298	NULL
299	};
300
301	struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = {
302	ETYPE_DES_CBC_MD4,
303	"des-cbc-md4",
304	8,
305	8,
306	8,
307	&keytype_des,
308	&_krb5_checksum_rsa_md4,
309	&_krb5_checksum_rsa_md4_des,
310	F_DISABLED\|F_WEAK,
311	evp_des_encrypt_null_ivec,
312	0,
313	NULL
314	};
315
316	struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = {
317	ETYPE_DES_CBC_MD5,
318	"des-cbc-md5",
319	8,
320	8,
321	8,
322	&keytype_des,
323	&_krb5_checksum_rsa_md5,
324	&_krb5_checksum_rsa_md5_des,
325	F_DISABLED\|F_WEAK,
326	evp_des_encrypt_null_ivec,
327	0,
328	NULL
329	};
330
331	struct _krb5_encryption_type _krb5_enctype_des_cbc_none = {
332	ETYPE_DES_CBC_NONE,
333	"des-cbc-none",
334	8,
335	8,
336	0,
337	&keytype_des,
338	&_krb5_checksum_none,
339	NULL,
340	F_PSEUDO\|F_DISABLED\|F_WEAK,
341	evp_des_encrypt_null_ivec,
342	0,
343	NULL
344	};
345
346	struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = {
347	ETYPE_DES_CFB64_NONE,
348	"des-cfb64-none",
349	1,
350	1,
351	0,
352	&keytype_des_old,
353	&_krb5_checksum_none,
354	NULL,
355	F_PSEUDO\|F_DISABLED\|F_WEAK,
356	DES_CFB64_encrypt_null_ivec,
357	0,
358	NULL
359	};
360
361	struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = {
362	ETYPE_DES_PCBC_NONE,
363	"des-pcbc-none",
364	8,
365	8,
366	0,
367	&keytype_des_old,
368	&_krb5_checksum_none,
369	NULL,
370	F_PSEUDO\|F_DISABLED\|F_WEAK,
371	DES_PCBC_encrypt_key_ivec,
372	0,
373	NULL
374	};
375	#endif /* HEIM_WEAK_CRYPTO */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/server/source4/heimdal/lib/krb5/crypto-des.c

Download in other formats: