svn rev #24293: branches/camellia-ccm/src/ include/ include/krb5/ lib/crypto/builtin/enc_provider/ ...
ghudson@MIT.EDU
ghudson at MIT.EDU
Tue Sep 7 13:37:51 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24293
Commit By: ghudson
Log Message:
Conditionalize the Camellia-CCM code, requiring the builder to define
local-use enctype and cksumtype numbers at build time in order to
enable it. Disable tests which aren't easily conditionalized on C
preprocessor defines.
Changed Files:
U branches/camellia-ccm/src/include/k5-int.h
U branches/camellia-ccm/src/include/krb5/krb5.hin
U branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/camellia_ctr.c
U branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/enc_provider.h
U branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in
U branches/camellia-ccm/src/lib/crypto/crypto_tests/camellia-test.c
U branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c
U branches/camellia-ccm/src/lib/crypto/crypto_tests/t_cmac.c
U branches/camellia-ccm/src/lib/crypto/crypto_tests/t_encrypt.c
U branches/camellia-ccm/src/lib/crypto/crypto_tests/t_short.c
U branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c
U branches/camellia-ccm/src/lib/crypto/krb/checksum/cmac.c
U branches/camellia-ccm/src/lib/crypto/krb/cksumtypes.c
U branches/camellia-ccm/src/lib/crypto/krb/dk/checksum_cmac.c
U branches/camellia-ccm/src/lib/crypto/krb/dk/derive.c
U branches/camellia-ccm/src/lib/crypto/krb/dk/dk.h
U branches/camellia-ccm/src/lib/crypto/krb/dk/dk_ccm.c
U branches/camellia-ccm/src/lib/crypto/krb/dk/stringtokey.c
U branches/camellia-ccm/src/lib/crypto/krb/etypes.c
U branches/camellia-ccm/src/lib/crypto/krb/prf/cmac_prf.c
U branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
U branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/enc_provider.h
U branches/camellia-ccm/src/lib/krb5/krb/init_ctx.c
U branches/camellia-ccm/src/lib/krb5/krb/t_etypes.c
U branches/camellia-ccm/src/tests/dejagnu/config/default.exp
U branches/camellia-ccm/src/util/k5test.py
Modified: branches/camellia-ccm/src/include/k5-int.h
===================================================================
--- branches/camellia-ccm/src/include/k5-int.h 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/include/k5-int.h 2010-09-07 17:37:50 UTC (rev 24293)
@@ -2559,6 +2559,25 @@
size_t num_data, const krb5_data *iv,
krb5_data *output);
+#if 0
+/*
+ * There are no IANA assignments for these enctypes or cksumtypes yet. They
+ * must be defined to local-use negative numbers at build time for Camellia-CCM
+ * support to function at the moment. If one is defined, they should all be
+ * defined. When IANA assignments exist, these definitions should move to the
+ * appropriate places in krb5.hin and all CAMELLIA_CCM conditional code should
+ * be made unconditional.
+ */
+#define ENCTYPE_CAMELLIA128_CCM_128 -XXX /* Camellia CCM mode, 128-bit key */
+#define ENCTYPE_CAMELLIA256_CCM_128 -YYY /* Camellia CCM mode, 256-bit key */
+#define CKSUMTYPE_CMAC_128_CAMELLIA128 -XXX /* CMAC, 128-bit Camellia key */
+#define CKSUMTYPE_CMAC_128_CAMELLIA256 -YYY /* CMAC, 256-bit Camellia key */
+#endif
+
+#ifdef ENCTYPE_CAMELLIA128_CCM_128
+#define CAMELLIA_CCM
+#endif
+
struct _krb5_kt { /* should move into k5-int.h */
krb5_magic magic;
const struct _krb5_kt_ops *ops;
Modified: branches/camellia-ccm/src/include/krb5/krb5.hin
===================================================================
--- branches/camellia-ccm/src/include/krb5/krb5.hin 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/include/krb5/krb5.hin 2010-09-07 17:37:50 UTC (rev 24293)
@@ -421,8 +421,6 @@
#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012
#define ENCTYPE_ARCFOUR_HMAC 0x0017
#define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018
-#define ENCTYPE_CAMELLIA128_CCM_128 -66 /* Camellia CCM mode, 128-bit key */
-#define ENCTYPE_CAMELLIA256_CCM_128 -67 /* Camellia CCM mode, 256-bit key */
#define ENCTYPE_UNKNOWN 0x01ff
#define CKSUMTYPE_CRC32 0x0001
@@ -437,8 +435,6 @@
#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f
#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010
-#define CKSUMTYPE_CMAC_128_CAMELLIA128 -66 /* CMAC, 128-bit Camellia key */
-#define CKSUMTYPE_CMAC_128_CAMELLIA256 -67 /* CMAC, 256-bit Camellia key */
#define CKSUMTYPE_MD5_HMAC_ARCFOUR -137 /*Microsoft netlogon cksumtype*/
#define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/
Modified: branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/camellia_ctr.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/camellia_ctr.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/camellia_ctr.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -30,6 +30,8 @@
#include <aead.h>
#include <rand2key.h>
+#ifdef CAMELLIA_CCM
+
static void
xorblock(unsigned char *out, const unsigned char *in)
{
@@ -204,3 +206,20 @@
krb5int_default_free_state,
NULL
};
+
+#else /* CAMELLIA_CCM */
+
+/* These won't be used, but is still in the export table. */
+
+krb5_error_code
+krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+ size_t num_data, const krb5_data *iv,
+ krb5_data *output)
+{
+ return EINVAL;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
+};
+
+#endif /* CAMELLIA_CCM */
Modified: branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/enc_provider.h
===================================================================
--- branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/enc_provider.h 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/builtin/enc_provider/enc_provider.h 2010-09-07 17:37:50 UTC (rev 24293)
@@ -32,5 +32,7 @@
extern const struct krb5_enc_provider krb5int_enc_arcfour;
extern const struct krb5_enc_provider krb5int_enc_aes128;
extern const struct krb5_enc_provider krb5int_enc_aes256;
+#ifdef CAMELLIA_CCM
extern const struct krb5_enc_provider krb5int_enc_camellia128_ctr;
extern const struct krb5_enc_provider krb5int_enc_camellia256_ctr;
+#endif
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in 2010-09-07 17:37:50 UTC (rev 24293)
@@ -31,6 +31,7 @@
$(srcdir)/t_mddriver.c \
$(srcdir)/t_kperf.c \
$(srcdir)/t_short.c \
+ $(srcdir)/t_str2key.c \
$(srcdir)/ytest.c
##DOSBUILDTOP = ..\..\..
@@ -67,7 +68,8 @@
$(RUN_SETUP) $(VALGRIND) ./aes-test > vt.txt
cmp vt.txt $(srcdir)/expect-vt.txt
$(RUN_SETUP) $(VALGRIND) ./camellia-test > camellia-vt.txt
- cmp camellia-vt.txt $(srcdir)/camellia-expect-vt.txt
+# Enable this when Camellia-CCM becomes unconditional.
+# cmp camellia-vt.txt $(srcdir)/camellia-expect-vt.txt
$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver4 -x
$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x
$(RUN_SETUP) $(VALGRIND) ./t_short
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/camellia-test.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/camellia-test.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/camellia-test.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -31,6 +31,8 @@
#include <stdio.h>
#include "k5-int.h"
+#ifdef CAMELLIA_CCM
+
static char key[32];
static char plain[16], cipher[16], zero[16];
@@ -123,9 +125,11 @@
vt_test_1(32);
}
+#endif /* CAMELLIA_CCM */
int main (int argc, char *argv[])
{
+#ifdef CAMELLIA_CCM
if (argc > 2 || (argc == 2 && strcmp(argv[1], "-k"))) {
fprintf(stderr,
"usage:\t%s -k\tfor variable-key tests\n"
@@ -138,5 +142,6 @@
vk_test();
else
vt_test();
+#endif /* CAMELLIA_CCM */
return 0;
}
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -39,6 +39,8 @@
#include "k5-int.h"
+#ifdef CAMELLIA_CCM
+
static krb5_keyblock key_128 = {
KV5M_KEYBLOCK,
ENCTYPE_CAMELLIA128_CCM_128,
@@ -248,9 +250,12 @@
}
}
+#endif /* CAMELLIA_CCM */
+
int
main(int argc, char **argv)
{
+#ifdef CAMELLIA_CCM
krb5_context context = NULL;
krb5_data seed = string2data("seed");
@@ -263,5 +268,6 @@
verify_enc(context);
verify_cksum(context);
}
+#endif /* CAMELLIA_CCM */
return 0;
}
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_cmac.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_cmac.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_cmac.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -42,6 +42,8 @@
#include "enc_provider.h"
#include "cksumtypes.h"
+#ifdef CAMELLIA_CCM
+
/* All examples use the following Camellia-128 key. */
static unsigned char keybytes[] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
@@ -98,9 +100,12 @@
}
}
+#endif /* CAMELLIA_CCM */
+
int
main(int argc, char **argv)
{
+#ifdef CAMELLIA_CCM
krb5_context context = NULL;
krb5_keyblock keyblock;
krb5_key key;
@@ -139,5 +144,6 @@
printf("All CMAC tests passed.\n");
krb5_k_free_key(context, key);
+#endif /* CAMELLIA_CCM */
return 0;
}
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_encrypt.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_encrypt.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_encrypt.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -45,8 +45,10 @@
ENCTYPE_ARCFOUR_HMAC_EXP,
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+#ifdef CAMELLIA_CCM
ENCTYPE_CAMELLIA128_CCM_128,
ENCTYPE_CAMELLIA256_CCM_128,
+#endif
0
};
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_short.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_short.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_short.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -41,8 +41,10 @@
ENCTYPE_ARCFOUR_HMAC_EXP,
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+#ifdef CAMELLIA_CCM
ENCTYPE_CAMELLIA128_CCM_128,
ENCTYPE_CAMELLIA256_CCM_128,
+#endif
0
};
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -158,6 +158,7 @@
"\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" }
},
+#ifdef CAMELLIA_CCM
/* The same inputs applied to camellia-ccm enctypes. */
{
ENCTYPE_CAMELLIA128_CCM_128,
@@ -278,6 +279,7 @@
"\x6A\x1F\x10\xE5\x74\x4E\x32\xDD\x33\x49\x03\xA8\xEB\xD1\x42\x7E"
"\x4C\x8D\x3D\x6D\xA5\x76\x77\x50\x4C\x38\x4C\x24\x33\x0B\x60\x3D" }
}
+#endif /* CAMELLIA_CCM */
};
static void
Modified: branches/camellia-ccm/src/lib/crypto/krb/checksum/cmac.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/checksum/cmac.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/checksum/cmac.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -45,6 +45,8 @@
#include "etypes.h"
#include "cksumtypes.h"
+#ifdef CAMELLIA_CCM
+
#define BLOCK_SIZE 16
static unsigned char const_Rb[BLOCK_SIZE] = {
@@ -223,3 +225,17 @@
return 0;
}
+
+#else /* CAMELLIA_CCM */
+
+/* This won't be used, but is still in the export table. */
+
+krb5_error_code
+krb5int_cmac_checksum(const struct krb5_enc_provider *enc, krb5_key key,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output)
+{
+ return EINVAL;
+}
+
+#endif /* CAMELLIA_CCM */
Modified: branches/camellia-ccm/src/lib/crypto/krb/cksumtypes.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/cksumtypes.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/cksumtypes.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -105,6 +105,7 @@
krb5int_hmacmd5_checksum, NULL,
16, 16, 0 },
+#ifdef CAMELLIA_CCM
{ CKSUMTYPE_CMAC_128_CAMELLIA128,
"cmac-128-camellia128", { 0 }, "CMAC Camellia128 key",
&krb5int_enc_camellia128_ctr, NULL,
@@ -116,6 +117,7 @@
&krb5int_enc_camellia256_ctr, NULL,
krb5int_dk_cmac_checksum, NULL,
16, 16, 0 },
+#endif /* CAMELLIA_CCM */
};
const size_t krb5int_cksumtypes_length =
Modified: branches/camellia-ccm/src/lib/crypto/krb/dk/checksum_cmac.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/dk/checksum_cmac.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/dk/checksum_cmac.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -32,6 +32,8 @@
#define K5CLENGTH 5 /* 32 bit net byte order integer + one byte seed */
+#ifdef CAMELLIA_CCM
+
krb5_error_code
krb5int_dk_cmac_checksum(const struct krb5_cksumtypes *ctp,
krb5_key key, krb5_keyusage usage,
@@ -61,3 +63,4 @@
return ret;
}
+#endif /* CAMELLIA_CCM */
Modified: branches/camellia-ccm/src/lib/crypto/krb/dk/derive.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/dk/derive.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/dk/derive.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -129,6 +129,8 @@
return ret;
}
+#ifdef CAMELLIA_CCM
+
/*
* NIST SP800-108 KDF in feedback mode (section 5.2).
* Parameters:
@@ -204,6 +206,8 @@
return ret;
}
+#endif /* CAMELLIA_CCM */
+
krb5_error_code
krb5int_derive_random(const struct krb5_enc_provider *enc,
krb5_key inkey, krb5_data *outrnd,
@@ -212,8 +216,10 @@
switch (alg) {
case DERIVE_RFC3961:
return derive_random_rfc3961(enc, inkey, outrnd, in_constant);
+#ifdef CAMELLIA_CCM
case DERIVE_SP800_108_CMAC:
return derive_random_sp800_108_cmac(enc, inkey, outrnd, in_constant);
+#endif
default:
return EINVAL;
}
Modified: branches/camellia-ccm/src/lib/crypto/krb/dk/dk.h
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/dk/dk.h 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/dk/dk.h 2010-09-07 17:37:50 UTC (rev 24293)
@@ -66,7 +66,9 @@
enum deriv_alg {
DERIVE_RFC3961, /* RFC 3961 section 5.1 */
+#ifdef CAMELLIA_CCM
DERIVE_SP800_108_CMAC /* NIST SP 800-108 with CMAC as PRF */
+#endif
};
krb5_error_code
Modified: branches/camellia-ccm/src/lib/crypto/krb/dk/dk_ccm.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/dk/dk_ccm.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/dk/dk_ccm.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -28,6 +28,8 @@
#include "dk.h"
#include "aead.h"
+#ifdef CAMELLIA_CCM
+
/*
* Implement CCM-mode AEAD as described in section 5.3 and 5.4 of RFC 5116.
* This is the CCM mode as described in NIST SP800-38C, with a 12 byte nonce
@@ -608,3 +610,5 @@
state->data = NULL;
state->length = 0;
}
+
+#endif /* CAMELLIA_CCM */
Modified: branches/camellia-ccm/src/lib/crypto/krb/dk/stringtokey.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/dk/stringtokey.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/dk/stringtokey.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -185,6 +185,7 @@
DERIVE_RFC3961);
}
+#ifdef CAMELLIA_CCM
krb5_error_code
krb5int_camellia_ccm_string_to_key(const struct krb5_keytypes *ktp,
const krb5_data *string,
@@ -197,4 +198,4 @@
return pbkdf2_string_to_key(ktp, string, salt, &pepper, params, key,
DERIVE_SP800_108_CMAC);
}
-
+#endif
Modified: branches/camellia-ccm/src/lib/crypto/krb/etypes.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/etypes.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/etypes.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -164,6 +164,7 @@
krb5int_init_state_enc, krb5int_free_state_enc,
CKSUMTYPE_HMAC_SHA1_96_AES256,
0 /*flags*/ },
+#ifdef CAMELLIA_CCM
{ ENCTYPE_CAMELLIA128_CCM_128,
"camellia128-ccm-128", { "camellia128-ccm" },
"Camellia-128 CCM mode with 128-bit MAC",
@@ -186,6 +187,7 @@
krb5int_dk_ccm_init_state, krb5int_dk_ccm_free_state,
CKSUMTYPE_CMAC_128_CAMELLIA256,
0 /*flags */ },
+#endif /* CAMELLIA_CCM */
};
const int krb5int_enctypes_length =
Modified: branches/camellia-ccm/src/lib/crypto/krb/prf/cmac_prf.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/krb/prf/cmac_prf.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/krb/prf/cmac_prf.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -33,6 +33,8 @@
#include "prf_int.h"
#include <dk.h>
+#ifdef CAMELLIA_CCM
+
krb5_error_code
krb5int_dk_cmac_prf(const struct krb5_keytypes *ktp, krb5_key key,
const krb5_data *in, krb5_data *out)
@@ -64,3 +66,4 @@
return ret;
}
+#endif /* CAMELLIA_CCM */
Modified: branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/camellia_ctr.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/camellia_ctr.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -33,6 +33,7 @@
#include <openssl/camellia.h>
#include <openssl/modes.h>
+#ifdef CAMELLIA_CCM
#define NUM_BITS 8
static void
@@ -193,3 +194,20 @@
krb5int_default_free_state,
NULL
};
+
+#else /* CAMELLIA_CCM */
+
+/* These won't be used, but is still in the export table. */
+
+krb5_error_code
+krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+ size_t num_data, const krb5_data *iv,
+ krb5_data *output)
+{
+ return EINVAL;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
+};
+
+#endif /* CAMELLIA_CCM */
Modified: branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/enc_provider.h
===================================================================
--- branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/enc_provider.h 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/crypto/openssl/enc_provider/enc_provider.h 2010-09-07 17:37:50 UTC (rev 24293)
@@ -34,5 +34,8 @@
extern const struct krb5_enc_provider krb5int_enc_aes256;
extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
+#ifdef CAMELLIA_CCM
extern const struct krb5_enc_provider krb5int_enc_camellia128_ctr;
extern const struct krb5_enc_provider krb5int_enc_camellia256_ctr;
+#endif
+
Modified: branches/camellia-ccm/src/lib/krb5/krb/init_ctx.c
===================================================================
--- branches/camellia-ccm/src/lib/krb5/krb/init_ctx.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/krb5/krb/init_ctx.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -430,9 +430,11 @@
mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list);
} else if (strcasecmp(token, "rc4") == 0) {
mod_list(ENCTYPE_ARCFOUR_HMAC, sel, weak, &list);
+#ifdef CAMELLIA_CCM
} else if (strcasecmp(token, "camellia") == 0) {
mod_list(ENCTYPE_CAMELLIA256_CCM_128, sel, weak, &list);
mod_list(ENCTYPE_CAMELLIA128_CCM_128, sel, weak, &list);
+#endif
} else if (krb5_string_to_enctype(token, &etype) == 0) {
/* Set a specific enctype. */
mod_list(etype, sel, weak, &list);
Modified: branches/camellia-ccm/src/lib/krb5/krb/t_etypes.c
===================================================================
--- branches/camellia-ccm/src/lib/krb5/krb/t_etypes.c 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/lib/krb5/krb/t_etypes.c 2010-09-07 17:37:50 UTC (rev 24293)
@@ -98,12 +98,14 @@
ENCTYPE_DES3_CBC_SHA1, 0 },
0, 0
},
+#ifdef CAMELLIA_CCM
/* Family with enctype removed */
{ "camellia -camellia256-ccm-128",
{ 0 },
{ ENCTYPE_CAMELLIA128_CCM_128, 0 },
{ ENCTYPE_CAMELLIA128_CCM_128, 0 }
},
+#endif
/* Enctype followed by two families */
{ "+rc4-hmAC des3 +des",
{ 0 },
Modified: branches/camellia-ccm/src/tests/dejagnu/config/default.exp
===================================================================
--- branches/camellia-ccm/src/tests/dejagnu/config/default.exp 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/tests/dejagnu/config/default.exp 2010-09-07 17:37:50 UTC (rev 24293)
@@ -261,32 +261,34 @@
{dummy=[verbose -log \
"DES3 TGT, KDC permitting only des-cbc-crc"]}
}
- {
- camellia-only
- mode=udp
- des3_krbtgt=0
- {supported_enctypes=camellia256-ccm:normal}
- {permitted_enctypes(kdc)=camellia256-ccm}
- {permitted_enctypes(slave)=camellia256-ccm}
- {permitted_enctypes(client)=camellia256-ccm}
- {permitted_enctypes(server)=camellia256-ccm}
- {default_tgs_enctypes(kdc)=camellia256-ccm}
- {default_tgs_enctypes(slave)=camellia256-ccm}
- {default_tgs_enctypes(client)=camellia256-ccm}
- {default_tgs_enctypes(server)=camellia256-ccm}
- {default_tkt_enctypes(kdc)=camellia256-ccm}
- {default_tkt_enctypes(slave)=camellia256-ccm}
- {default_tkt_enctypes(client)=camellia256-ccm}
- {default_tkt_enctypes(server)=camellia256-ccm}
- {allow_weak_crypto(kdc)=false}
- {allow_weak_crypto(slave)=false}
- {allow_weak_crypto(client)=false}
- {allow_weak_crypto(server)=false}
- {master_key_type=camellia256-ccm}
- {dummy=[verbose -log "Camellia-256 enctype"]}
- }
}
+# Add to above when Camellia-CCM support becomes unconditional.
+# {
+# camellia-only
+# mode=udp
+# des3_krbtgt=0
+# {supported_enctypes=camellia256-ccm:normal}
+# {permitted_enctypes(kdc)=camellia256-ccm}
+# {permitted_enctypes(slave)=camellia256-ccm}
+# {permitted_enctypes(client)=camellia256-ccm}
+# {permitted_enctypes(server)=camellia256-ccm}
+# {default_tgs_enctypes(kdc)=camellia256-ccm}
+# {default_tgs_enctypes(slave)=camellia256-ccm}
+# {default_tgs_enctypes(client)=camellia256-ccm}
+# {default_tgs_enctypes(server)=camellia256-ccm}
+# {default_tkt_enctypes(kdc)=camellia256-ccm}
+# {default_tkt_enctypes(slave)=camellia256-ccm}
+# {default_tkt_enctypes(client)=camellia256-ccm}
+# {default_tkt_enctypes(server)=camellia256-ccm}
+# {allow_weak_crypto(kdc)=false}
+# {allow_weak_crypto(slave)=false}
+# {allow_weak_crypto(client)=false}
+# {allow_weak_crypto(server)=false}
+# {master_key_type=camellia256-ccm}
+# {dummy=[verbose -log "Camellia-256 enctype"]}
+# }
+
# des.md5-tgt is set as unused, since it won't trigger the error case
# if SUPPORT_DESMD5 isn't honored.
Modified: branches/camellia-ccm/src/util/k5test.py
===================================================================
--- branches/camellia-ccm/src/util/k5test.py 2010-09-04 21:46:53 UTC (rev 24292)
+++ branches/camellia-ccm/src/util/k5test.py 2010-09-07 17:37:50 UTC (rev 24293)
@@ -1014,14 +1014,15 @@
'master_key_type' : 'aes128-cts'}}}}),
# Exercise the camellia256-ccm enctype.
- ('camellia256', None,
- {'all' : {'libdefaults' : {
- 'default_tgs_enctypes' : 'camellia256-ccm',
- 'default_tkt_enctypes' : 'camellia256-ccm',
- 'permitted_enctypes' : 'camellia256-ccm'}}},
- {'master' : {'realms' : {'$realm' : {
- 'supported_enctypes' : 'camellia256-ccm:normal',
- 'master_key_type' : 'camellia256-ccm'}}}}),
+# Enable when Camellia-CCM support becomes unconditional.
+# ('camellia256', None,
+# {'all' : {'libdefaults' : {
+# 'default_tgs_enctypes' : 'camellia256-ccm',
+# 'default_tkt_enctypes' : 'camellia256-ccm',
+# 'permitted_enctypes' : 'camellia256-ccm'}}},
+# {'master' : {'realms' : {'$realm' : {
+# 'supported_enctypes' : 'camellia256-ccm:normal',
+# 'master_key_type' : 'camellia256-ccm'}}}}),
# Test a setup with modern principal keys but an old TGT key.
('aes256.destgt', 'des-cbc-crc:normal',
More information about the cvs-krb5
mailing list