svn rev #22793: branches/enc-perf/src/ include/ include/krb5/ lib/crypto/ lib/crypto/krb/ ...
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon Sep 28 11:52:02 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22793
Commit By: ghudson
Log Message:
Move the implementation of krb5_copy_keyblock[_contents] into crypto
to allow internal use (similar to krb5_free_keyblock[_contents]).
Define krb5_key type and initial internal representation.
Define the constructor, destructor, and accessors.
Changed Files:
U branches/enc-perf/src/include/k5-int.h
U branches/enc-perf/src/include/krb5/krb5.hin
U branches/enc-perf/src/lib/crypto/krb/Makefile.in
U branches/enc-perf/src/lib/crypto/krb/keyblocks.c
U branches/enc-perf/src/lib/crypto/libk5crypto.exports
U branches/enc-perf/src/lib/krb5/krb/copy_key.c
U branches/enc-perf/src/lib/krb5/krb/cp_key_cnt.c
Modified: branches/enc-perf/src/include/k5-int.h
===================================================================
--- branches/enc-perf/src/include/k5-int.h 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/include/k5-int.h 2009-09-28 15:52:02 UTC (rev 22793)
@@ -635,6 +635,11 @@
struct addrlist *, enum locate_service_type svc,
int sockettype, int family);
+/* Internal structure of an opaque key identifier */
+struct krb5_key_st {
+ krb5_keyblock keyblock;
+};
+
/* new encryption provider api */
struct krb5_enc_provider {
@@ -798,13 +803,18 @@
(krb5_context context, krb5_keyblock *key1, krb5_keyblock *key2,
krb5_keyblock *outkey);
+
void krb5int_c_free_keyblock
(krb5_context, krb5_keyblock *key);
void krb5int_c_free_keyblock_contents
(krb5_context, krb5_keyblock *);
-krb5_error_code krb5int_c_init_keyblock
+krb5_error_code krb5int_c_init_keyblock
(krb5_context, krb5_enctype enctype,
size_t length, krb5_keyblock **out);
+krb5_error_code krb5int_c_copy_keyblock
+(krb5_context context, const krb5_keyblock *from, krb5_keyblock **to);
+krb5_error_code krb5int_c_copy_keyblock_contents
+(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to);
/*
* Internal - for cleanup.
Modified: branches/enc-perf/src/include/krb5/krb5.hin
===================================================================
--- branches/enc-perf/src/include/krb5/krb5.hin 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/include/krb5/krb5.hin 2009-09-28 15:52:02 UTC (rev 22793)
@@ -341,6 +341,7 @@
* begin "encryption.h"
*/
+/* Exposed contents of a key. */
typedef struct _krb5_keyblock {
krb5_magic magic;
krb5_enctype enctype;
@@ -348,6 +349,13 @@
krb5_octet *contents;
} krb5_keyblock;
+/*
+ * Opaque identifier for a key. Use with the krb5_k APIs for better
+ * performance for repeated operations with the same key usage.
+ */
+struct krb5_key_st;
+typedef struct krb5_key_st *krb5_key;
+
#ifdef KRB5_OLD_CRYPTO
typedef struct _krb5_encrypt_block {
krb5_magic magic;
@@ -705,6 +713,65 @@
(krb5_context context, krb5_enctype enctype,
size_t data_length, unsigned int *size);
+/*
+ * krb5_k_* functions use opaque key identifiers and should perform
+ * better for repeated operations with the same key usage.
+ */
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_create_key(krb5_context context, krb5_keyblock *key_data,
+ krb5_key *out);
+
+void KRB5_CALLCONV krb5_k_free_key(krb5_context context, krb5_key key);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_key_keyblock(krb5_context context, krb5_key key,
+ krb5_keyblock **key_data);
+
+krb5_enctype KRB5_CALLCONV
+krb5_k_key_enctype(krb5_context context, krb5_key key);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_encrypt(krb5_context context, krb5_key key, krb5_keyusage usage,
+ const krb5_data *cipher_state, const krb5_data *input,
+ krb5_enc_data *output);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage,
+ const krb5_data *cipher_state, krb5_crypto_iov *data,
+ size_t num_data);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_decrypt(krb5_context context, krb5_key key, krb5_keyusage usage,
+ const krb5_data *cipher_state, const krb5_enc_data *input,
+ krb5_data *output);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage,
+ const krb5_data *cipher_state, krb5_crypto_iov *data,
+ size_t num_data);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
+ krb5_key key, krb5_keyusage usage, const krb5_data *input,
+ krb5_checksum *cksum);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
+ krb5_key key, krb5_keyusage usage,
+ krb5_crypto_iov *data, size_t num_data);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_verify_checksum(krb5_context context, krb5_key key, krb5_keyusage usage,
+ const krb5_data *data, const krb5_checksum *cksum,
+ krb5_boolean *valid);
+
+krb5_error_code KRB5_CALLCONV
+krb5_k_verify_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
+ krb5_key key, krb5_keyusage usage,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_boolean *valid);
+
#ifdef KRB5_OLD_CRYPTO
/*
* old cryptosystem routine prototypes. These are now layered
Modified: branches/enc-perf/src/lib/crypto/krb/Makefile.in
===================================================================
--- branches/enc-perf/src/lib/crypto/krb/Makefile.in 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/lib/crypto/krb/Makefile.in 2009-09-28 15:52:02 UTC (rev 22793)
@@ -44,6 +44,7 @@
enctype_compare.o \
enctype_to_string.o \
etypes.o \
+ key.o \
keyblocks.o \
keyed_cksum.o \
keyed_checksum_types.o \
@@ -86,6 +87,7 @@
$(OUTPRE)enctype_compare.$(OBJEXT) \
$(OUTPRE)enctype_to_string.$(OBJEXT) \
$(OUTPRE)etypes.$(OBJEXT) \
+ $(OUTPRE)key.$(OBJECT) \
$(OUTPRE)keyblocks.$(OBJEXT) \
$(OUTPRE)keyed_cksum.$(OBJEXT) \
$(OUTPRE)keyed_checksum_types.$(OBJEXT) \
@@ -127,6 +129,7 @@
$(srcdir)/enctype_compare.c \
$(srcdir)/enctype_to_string.c \
$(srcdir)/etypes.c \
+ $(srcdir)/key.c \
$(srcdir)/keyblocks.c \
$(srcdir)/keyed_cksum.c \
$(srcdir)/keyed_checksum_types.c\
Modified: branches/enc-perf/src/lib/crypto/krb/keyblocks.c
===================================================================
--- branches/enc-perf/src/lib/crypto/krb/keyblocks.c 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/lib/crypto/krb/keyblocks.c 2009-09-28 15:52:02 UTC (rev 22793)
@@ -60,7 +60,6 @@
return 0;
}
-
void
krb5int_c_free_keyblock(krb5_context context, register krb5_keyblock *val)
{
@@ -77,3 +76,38 @@
key->contents = 0;
}
}
+
+krb5_error_code
+krb5int_c_copy_keyblock(krb5_context context, const krb5_keyblock *from,
+ krb5_keyblock **to)
+{
+ krb5_keyblock *new_key;
+ krb5_error_code code;
+
+ *to = NULL;
+ new_key = malloc(sizeof(*new_key));
+ if (!new_key)
+ return ENOMEM;
+ code = krb5int_c_copy_keyblock_contents(context, from, new_key);
+ if (code) {
+ free(new_key);
+ return code;
+ }
+ *to = new_key;
+ return 0;
+}
+
+krb5_error_code
+krb5int_c_copy_keyblock_contents(krb5_context context,
+ const krb5_keyblock *from, krb5_keyblock *to)
+{
+ *to = *from;
+ if (to->length) {
+ to->contents = malloc(to->length);
+ if (!to->contents)
+ return ENOMEM;
+ memcpy(to->contents, from->contents, to->length);
+ } else
+ to->contents = 0;
+ return 0;
+}
Modified: branches/enc-perf/src/lib/crypto/libk5crypto.exports
===================================================================
--- branches/enc-perf/src/lib/crypto/libk5crypto.exports 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/lib/crypto/libk5crypto.exports 2009-09-28 15:52:02 UTC (rev 22793)
@@ -72,6 +72,10 @@
krb5_free_cksumtypes
krb5_hmac
krb5_init_random_key
+krb5_k_create_key
+krb5_k_free_key
+krb5_k_key_enctype
+krb5_k_key_keyblock
krb5_nfold
krb5_old_decrypt
krb5_old_encrypt
@@ -100,6 +104,8 @@
krb5int_arcfour_string_to_key
krb5int_arcfour_translate_usage
krb5int_c_combine_keys
+krb5int_c_copy_keyblock
+krb5int_c_copy_keyblock_contents
krb5int_c_free_keyblock
krb5int_c_free_keyblock_contents
krb5int_c_init_keyblock
Modified: branches/enc-perf/src/lib/krb5/krb/copy_key.c
===================================================================
--- branches/enc-perf/src/lib/krb5/krb/copy_key.c 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/lib/krb5/krb/copy_key.c 2009-09-28 15:52:02 UTC (rev 22793)
@@ -35,16 +35,5 @@
krb5_error_code KRB5_CALLCONV
krb5_copy_keyblock(krb5_context context, const krb5_keyblock *from, krb5_keyblock **to)
{
- krb5_keyblock *new_key;
-
- if (!(new_key = (krb5_keyblock *) malloc(sizeof(krb5_keyblock))))
- return ENOMEM;
- *new_key = *from;
- if (!(new_key->contents = (krb5_octet *)malloc(new_key->length))) {
- free(new_key);
- return(ENOMEM);
- }
- memcpy(new_key->contents, from->contents, new_key->length);
- *to = new_key;
- return 0;
+ return krb5int_c_copy_keyblock(context, from, to);
}
Modified: branches/enc-perf/src/lib/krb5/krb/cp_key_cnt.c
===================================================================
--- branches/enc-perf/src/lib/krb5/krb/cp_key_cnt.c 2009-09-28 14:34:12 UTC (rev 22792)
+++ branches/enc-perf/src/lib/krb5/krb/cp_key_cnt.c 2009-09-28 15:52:02 UTC (rev 22793)
@@ -35,13 +35,5 @@
krb5_error_code KRB5_CALLCONV
krb5_copy_keyblock_contents(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to)
{
- *to = *from;
- if (to->length) {
- to->contents = (krb5_octet *)malloc(to->length);
- if (!to->contents)
- return ENOMEM;
- memcpy(to->contents, from->contents, to->length);
- } else
- to->contents = 0;
- return 0;
+ return krb5int_c_copy_keyblock_contents(context, from, to);
}
More information about the cvs-krb5
mailing list