svn rev #22821: trunk/src/lib/crypto/openssl/des/
tsitkova@MIT.EDU
tsitkova at MIT.EDU
Thu Oct 1 17:46:57 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22821
Commit By: tsitkova
Log Message:
Crypto modularity proj: Populate openssl/des dir.
To avoid breaking the export list some functions (mostly mit_xxx) are left in place with the disabled functionality.
Changed Files:
A trunk/src/lib/crypto/openssl/des/afsstring2key.c
A trunk/src/lib/crypto/openssl/des/d3_aead.c
A trunk/src/lib/crypto/openssl/des/d3_cbc.c
A trunk/src/lib/crypto/openssl/des/d3_kysched.c
A trunk/src/lib/crypto/openssl/des/des_int.h
A trunk/src/lib/crypto/openssl/des/f_aead.c
A trunk/src/lib/crypto/openssl/des/f_cbc.c
A trunk/src/lib/crypto/openssl/des/f_cksum.c
A trunk/src/lib/crypto/openssl/des/f_parity.c
A trunk/src/lib/crypto/openssl/des/f_sched.c
A trunk/src/lib/crypto/openssl/des/f_tables.c
A trunk/src/lib/crypto/openssl/des/f_tables.h
A trunk/src/lib/crypto/openssl/des/key_sched.c
A trunk/src/lib/crypto/openssl/des/string2key.c
A trunk/src/lib/crypto/openssl/des/weak_key.c
Added: trunk/src/lib/crypto/openssl/des/afsstring2key.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/afsstring2key.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/afsstring2key.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,27 @@
+/* lib/crypto/openss/des/afsstring2key.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "k5-int.h"
+#include "des_int.h"
+#include <ctype.h>
+
+krb5_error_code
+mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
+ const krb5_data *salt)
+{
+ return KRB5_CRYPTO_INTERNAL;
+}
+char *
+mit_afs_crypt(const char *pw, const char *salt,
+ char *iobuf)
+{
+ /* Unsupported operation */
+ return NULL;
+}
+
+
Added: trunk/src/lib/crypto/openssl/des/d3_aead.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/d3_aead.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/d3_aead.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,34 @@
+/* lib/crypto/openssl/des/d3_aead.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+#include "des_int.h"
+#include "aead.h"
+
+void
+krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
+void
+krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
Added: trunk/src/lib/crypto/openssl/des/d3_cbc.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/d3_cbc.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/d3_cbc.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,51 @@
+/* lib/crypto/openssl/des/d3_cbc.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+#include "des_int.h"
+
+/*
+ * Triple-DES CBC encryption mode.
+ */
+
+#undef mit_des3_cbc_encrypt
+int
+mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+ unsigned long length, const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec, int enc)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+
+void
+krb5int_des3_cbc_encrypt(const mit_des_cblock *input,
+ mit_des_cblock *output,
+ unsigned long length,
+ const mit_des_key_schedule key,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
+void
+krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
Added: trunk/src/lib/crypto/openssl/des/d3_kysched.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/d3_kysched.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/d3_kysched.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,18 @@
+/* lib/crypto/openssl/des/d3_kysched.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+
+int
+mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+
+
Added: trunk/src/lib/crypto/openssl/des/des_int.h
===================================================================
--- trunk/src/lib/crypto/openssl/des/des_int.h 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/des_int.h 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,377 @@
+/*
+ * lib/crypto/des/des_int.h
+ *
+ * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
+ * Technology. All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Private include file for the Data Encryption Standard library.
+ */
+
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government. It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. FundsXpress makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* only do the whole thing once */
+#ifndef DES_INTERNAL_DEFS
+#define DES_INTERNAL_DEFS
+
+#include "k5-int.h"
+/*
+ * Begin "mit-des.h"
+ */
+#ifndef KRB5_MIT_DES__
+#define KRB5_MIT_DES__
+
+#if defined(__MACH__) && defined(__APPLE__)
+#include <TargetConditionals.h>
+#include <AvailabilityMacros.h>
+#if TARGET_RT_MAC_CFM
+#error "Use KfM 4.0 SDK headers for CFM compilation."
+#endif
+#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
+#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
+#endif
+#endif /* defined(__MACH__) && defined(__APPLE__) */
+
+/* Macro to add deprecated attribute to DES types and functions */
+/* Currently only defined on Mac OS X 10.5 and later. */
+#ifndef KRB5INT_DES_DEPRECATED
+#define KRB5INT_DES_DEPRECATED
+#endif
+
+#include <limits.h>
+
+#if UINT_MAX >= 0xFFFFFFFFUL
+#define DES_INT32 int
+#define DES_UINT32 unsigned int
+#else
+#define DES_INT32 long
+#define DES_UINT32 unsigned long
+#endif
+
+typedef unsigned char des_cblock[8] /* crypto-block size */
+KRB5INT_DES_DEPRECATED;
+
+/*
+ * Key schedule.
+ *
+ * This used to be
+ *
+ * typedef struct des_ks_struct {
+ * union { DES_INT32 pad; des_cblock _;} __;
+ * } des_key_schedule[16];
+ *
+ * but it would cause trouble if DES_INT32 were ever more than 4
+ * bytes. The reason is that all the encryption functions cast it to
+ * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If
+ * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
+ * caller-allocated des_key_schedule will be overflowed by the key
+ * scheduling functions. We can't assume that every platform will
+ * have an exact 32-bit int, and nothing should be looking inside a
+ * des_key_schedule anyway.
+ */
+typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16]
+KRB5INT_DES_DEPRECATED;
+
+typedef des_cblock mit_des_cblock;
+typedef des_key_schedule mit_des_key_schedule;
+
+/* Triple-DES structures */
+typedef mit_des_cblock mit_des3_cblock[3];
+typedef mit_des_key_schedule mit_des3_key_schedule[3];
+
+#define MIT_DES_ENCRYPT 1
+#define MIT_DES_DECRYPT 0
+
+typedef struct mit_des_ran_key_seed {
+ krb5_encrypt_block eblock;
+ krb5_data sequence;
+} mit_des_random_state;
+
+/* the first byte of the key is already in the keyblock */
+
+#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
+#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH
+/* This used to be 8*sizeof(krb5_octet) */
+#define MIT_DES_KEYSIZE 8
+
+#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
+
+/*
+ * Check if k5-int.h has been included before us. If so, then check to see
+ * that our view of the DES key size is the same as k5-int.h's.
+ */
+#ifdef KRB5_MIT_DES_KEYSIZE
+#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
+error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
+#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES_KEYSIZE */
+#endif /* KRB5_MIT_DES__ */
+/*
+ * End "mit-des.h"
+ */
+
+/* afsstring2key.c */
+extern krb5_error_code mit_afs_string_to_key
+ (krb5_keyblock *keyblock,
+ const krb5_data *data,
+ const krb5_data *salt);
+extern char *mit_afs_crypt
+ (const char *pw, const char *salt, char *iobuf);
+
+/* f_cksum.c */
+extern unsigned long mit_des_cbc_cksum
+ (const krb5_octet *, krb5_octet *, unsigned long ,
+ const mit_des_key_schedule, const krb5_octet *);
+
+/* f_ecb.c */
+extern int mit_des_ecb_encrypt
+ (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int );
+
+/* f_cbc.c */
+extern int mit_des_cbc_encrypt (const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec, int enc);
+
+#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
+extern const mit_des_cblock mit_des_zeroblock;
+
+/* fin_rndkey.c */
+extern krb5_error_code mit_des_finish_random_key
+ ( const krb5_encrypt_block *,
+ krb5_pointer *);
+
+/* finish_key.c */
+extern krb5_error_code mit_des_finish_key
+ ( krb5_encrypt_block *);
+
+/* init_rkey.c */
+extern krb5_error_code mit_des_init_random_key
+ ( const krb5_encrypt_block *,
+ const krb5_keyblock *,
+ krb5_pointer *);
+
+/* key_parity.c */
+extern void mit_des_fixup_key_parity (mit_des_cblock );
+extern int mit_des_check_key_parity (mit_des_cblock );
+
+/* key_sched.c */
+extern int mit_des_key_sched
+ (mit_des_cblock , mit_des_key_schedule );
+
+/* process_ky.c */
+extern krb5_error_code mit_des_process_key
+ ( krb5_encrypt_block *, const krb5_keyblock *);
+
+/* random_key.c */
+extern krb5_error_code mit_des_random_key
+ ( const krb5_encrypt_block *, krb5_pointer ,
+ krb5_keyblock **);
+
+/* string2key.c */
+extern krb5_error_code mit_des_string_to_key
+ ( const krb5_encrypt_block *,
+ krb5_keyblock *, const krb5_data *, const krb5_data *);
+extern krb5_error_code mit_des_string_to_key_int
+ (krb5_keyblock *, const krb5_data *, const krb5_data *);
+
+/* weak_key.c */
+extern int mit_des_is_weak_key (mit_des_cblock );
+
+/* cmb_keys.c */
+krb5_error_code mit_des_combine_subkeys
+ (const krb5_keyblock *, const krb5_keyblock *,
+ krb5_keyblock **);
+
+/* f_pcbc.c */
+int mit_des_pcbc_encrypt ();
+
+/* f_sched.c */
+int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
+
+
+/* misc.c */
+extern void swap_bits (char *);
+extern unsigned long long_swap_bits (unsigned long );
+extern unsigned long swap_six_bits_to_ansi (unsigned long );
+extern unsigned long swap_four_bits_to_ansi (unsigned long );
+extern unsigned long swap_bit_pos_1 (unsigned long );
+extern unsigned long swap_bit_pos_0 (unsigned long );
+extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
+extern unsigned long rev_swap_bit_pos_0 (unsigned long );
+extern unsigned long swap_byte_bits (unsigned long );
+extern unsigned long swap_long_bytes_bit_number (unsigned long );
+#ifdef FILE
+/* XXX depends on FILE being a #define! */
+extern void test_set (FILE *, const char *, int, const char *, int);
+#endif
+
+/* d3_ecb.c */
+extern int mit_des3_ecb_encrypt
+ (const mit_des_cblock *in,
+ mit_des_cblock *out,
+ mit_des_key_schedule sched1,
+ mit_des_key_schedule sched2,
+ mit_des_key_schedule sched3,
+ int enc);
+
+/* d3_cbc.c */
+extern int mit_des3_cbc_encrypt
+ (const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec,
+ int enc);
+
+void
+krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec);
+void
+krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ const mit_des_cblock ivec);
+
+void
+krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec);
+
+void
+krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule ks1,
+ const mit_des_key_schedule ks2,
+ const mit_des_key_schedule ks3,
+ mit_des_cblock ivec);
+
+#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \
+ ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \
+ (in, out, length, ks1, ks2, ks3, ivec), 0)
+
+void
+krb5int_des_cbc_encrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec);
+void
+krb5int_des_cbc_decrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec);
+
+#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \
+ ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \
+ (in, out, length, schedule, ivec), 0)
+
+void
+krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec);
+
+void
+krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec);
+
+/* d3_procky.c */
+extern krb5_error_code mit_des3_process_key
+ (krb5_encrypt_block * eblock,
+ const krb5_keyblock * keyblock);
+
+/* d3_kysched.c */
+extern int mit_des3_key_sched
+ (mit_des3_cblock key,
+ mit_des3_key_schedule schedule);
+
+/* d3_str2ky.c */
+extern krb5_error_code mit_des3_string_to_key
+ (const krb5_encrypt_block * eblock,
+ krb5_keyblock * keyblock,
+ const krb5_data * data,
+ const krb5_data * salt);
+
+/* u_nfold.c */
+extern krb5_error_code mit_des_n_fold
+ (const krb5_octet * input,
+ const size_t in_len,
+ krb5_octet * output,
+ const size_t out_len);
+
+/* u_rn_key.c */
+extern int mit_des_is_weak_keyblock
+ (krb5_keyblock *keyblock);
+
+extern void mit_des_fixup_keyblock_parity
+ (krb5_keyblock *keyblock);
+
+extern krb5_error_code mit_des_set_random_generator_seed
+ (const krb5_data * seed,
+ krb5_pointer random_state);
+
+extern krb5_error_code mit_des_set_random_sequence_number
+ (const krb5_data * sequence,
+ krb5_pointer random_state);
+#endif /*DES_INTERNAL_DEFS*/
Added: trunk/src/lib/crypto/openssl/des/f_aead.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_aead.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_aead.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,33 @@
+/* lib/crypto/openssl/des/f_aead.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+#include "aead.h"
+
+
+void
+krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
+void
+krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
+ unsigned long num_data,
+ const mit_des_key_schedule schedule,
+ mit_des_cblock iv)
+{
+ /* Unsupported operation */
+ abort();
+}
+
+
Added: trunk/src/lib/crypto/openssl/des/f_cbc.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_cbc.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_cbc.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,89 @@
+/*
+ * lib/crypto/openssldes/f_cbc.c
+ *
+ * Copyright (C) 1990 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * DES implementation donated by Dennis Ferguson
+ */
+
+/*
+ * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
+ */
+#include "des_int.h"
+
+/*
+ * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
+ */
+
+/*
+ * This routine performs DES cipher-block-chaining operation, either
+ * encrypting from cleartext to ciphertext, if encrypt != 0 or
+ * decrypting from ciphertext to cleartext, if encrypt == 0.
+ *
+ * The key schedule is passed as an arg, as well as the cleartext or
+ * ciphertext. The cleartext and ciphertext should be in host order.
+ *
+ * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
+ * enough space was provided, your program will get trashed.
+ *
+ * For encryption, the cleartext string is null padded, at the end, to
+ * an integral multiple of eight bytes.
+ *
+ * For decryption, the ciphertext will be used in integral multiples
+ * of 8 bytes, but only the first "length" bytes returned into the
+ * cleartext.
+ */
+
+const mit_des_cblock mit_des_zeroblock /* = all zero */;
+
+#undef mit_des_cbc_encrypt
+int
+mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
+ unsigned long length, const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec, int enc)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+void
+krb5int_des_cbc_encrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
+void
+krb5int_des_cbc_decrypt(const mit_des_cblock *in,
+ mit_des_cblock *out,
+ unsigned long length,
+ const mit_des_key_schedule schedule,
+ const mit_des_cblock ivec)
+{
+ /* Unsupported operation */
+ abort();
+}
+
Added: trunk/src/lib/crypto/openssl/des/f_cksum.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_cksum.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_cksum.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,18 @@
+/*
+ * lib/crypto/openssl/des/f_cksum.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ */
+
+#include "des_int.h"
+
+unsigned long
+mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
+ unsigned long length, const mit_des_key_schedule schedule,
+ const krb5_octet *ivec)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+
Added: trunk/src/lib/crypto/openssl/des/f_parity.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_parity.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_parity.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,29 @@
+/*
+ * lib/crypto/openssl/des/f_parity.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ */
+
+#include "des_int.h"
+#include <openssl/des.h>
+
+void
+mit_des_fixup_key_parity(mit_des_cblock key)
+{
+ DES_set_odd_parity(key);
+}
+
+/*
+ * des_check_key_parity: returns true iff key has the correct des parity.
+ * See des_fix_key_parity for the definition of
+ * correct des parity.
+ */
+int
+mit_des_check_key_parity(mit_des_cblock key)
+{
+ if (!DES_check_key_parity(key))
+ return(0);
+ return (1);
+}
+
Added: trunk/src/lib/crypto/openssl/des/f_sched.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_sched.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_sched.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,15 @@
+/*
+ * lib/crypto/openssl/des/f_sched.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ */
+
+#include "des_int.h"
+
+int
+mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
+{
+ return KRB5_CRYPTO_INTERNAL; // CRYPTO_UNSOPPERTED_OP
+}
+
Added: trunk/src/lib/crypto/openssl/des/f_tables.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_tables.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_tables.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,17 @@
+/*
+ * lib/crypto/openssl/des/f_tables.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+#include "f_tables.h"
+
+const unsigned DES_INT32 des_IP_table[] = {};
+const unsigned DES_INT32 des_FP_table[] = {};
+const unsigned DES_INT32 des_SP_table[] = {};
+
+
Added: trunk/src/lib/crypto/openssl/des/f_tables.h
===================================================================
--- trunk/src/lib/crypto/openssl/des/f_tables.h 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/f_tables.h 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,9 @@
+/*
+ * lib/crypto/des/f_tables.h
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
Added: trunk/src/lib/crypto/openssl/des/key_sched.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/key_sched.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/key_sched.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,18 @@
+/*
+ * lib/crypto/openssl/des/key_sched.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+
+int
+mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
+{
+ /* Unsupported operation */
+ return KRB5_CRYPTO_INTERNAL;
+}
+
Added: trunk/src/lib/crypto/openssl/des/string2key.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/string2key.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/string2key.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,26 @@
+/*
+ * lib/crypto/openssl/des/string2key.c
+ *
+ * Copyright 2009 by the Massachusetts Institute
+ * of Technology.
+ * All Rights Reserved.
+ *
+ */
+
+#include "des_int.h"
+#include <openssl/des.h>
+
+
+krb5_error_code
+mit_des_string_to_key_int (krb5_keyblock *key,
+ const krb5_data *pw, const krb5_data *salt)
+{
+ DES_cblock outkey;
+ DES_string_to_key(pw->data, &outkey);
+ if ( key->length < sizeof(outkey))
+ return KRB5_CRYPTO_INTERNAL;
+ key->length = sizeof(outkey);
+ memcpy(key->contents, outkey, key->length);
+ return 0;
+}
+
Added: trunk/src/lib/crypto/openssl/des/weak_key.c
===================================================================
--- trunk/src/lib/crypto/openssl/des/weak_key.c 2009-10-01 21:18:05 UTC (rev 22820)
+++ trunk/src/lib/crypto/openssl/des/weak_key.c 2009-10-01 21:46:57 UTC (rev 22821)
@@ -0,0 +1,87 @@
+/*
+ * lib/crypto/openssl/des/weak_key.c
+ *
+ * Copyright 1989,1990,2009 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Under U.S. law, this software may not be exported outside the US
+ * without license from the U.S. Commerce department.
+ *
+ * These routines form the library interface to the DES facilities.
+ *
+ * Originally written 8/85 by Steve Miller, MIT Project Athena.
+ */
+
+#include "des_int.h"
+
+/*
+ * The following are the weak DES keys:
+ */
+static const mit_des_cblock weak[16] = {
+ /* weak keys */
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
+ {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
+ {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
+
+ /* semi-weak */
+ {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
+ {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
+
+ {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
+ {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
+
+ {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
+ {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
+
+ {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
+ {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
+
+ {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
+ {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
+
+ {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
+ {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
+};
+
+/*
+ * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
+ *
+ * Requires: key has correct odd parity.
+ */
+int
+mit_des_is_weak_key(mit_des_cblock key)
+{
+ unsigned int i;
+ const mit_des_cblock *weak_p = weak;
+
+ for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
+ if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
+ return 1;
+ }
+ if ( DES_is_weak_key(key) == 1) /* Also OpenSSL's check */
+ return 1;
+
+ return 0;
+}
+
More information about the cvs-krb5
mailing list