svn rev #24656: trunk/src/lib/crypto/ krb/prng/fortuna/ nss/ nss/sha2/ openssl/ ...

ghudson@MIT.EDU ghudson at MIT.EDU
Thu Feb 24 13:18:11 EST 2011 

http://src.mit.edu/fisheye/changelog/krb5/?cs=24656
Commit By: ghudson
Log Message:
Unbreak the OpenSSL and NSS crypto builds in the wake of r24652
(Fortuna as default PRNG), and remove some unnecessary related files.



Changed Files:
U   trunk/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c
U   trunk/src/lib/crypto/nss/Makefile.in
U   trunk/src/lib/crypto/nss/sha2/Makefile.in
D   trunk/src/lib/crypto/nss/sha2/sha2.c
D   trunk/src/lib/crypto/nss/sha2/sha2.h
U   trunk/src/lib/crypto/openssl/Makefile.in
U   trunk/src/lib/crypto/openssl/aes/Makefile.in
A   trunk/src/lib/crypto/openssl/aes/aes.h
U   trunk/src/lib/crypto/openssl/sha2/Makefile.in
U   trunk/src/lib/crypto/openssl/sha2/sha2.h
D   trunk/src/lib/crypto/openssl/sha2/sha256.c
A   trunk/src/lib/crypto/openssl/stubs.c
Modified: trunk/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c
===================================================================
--- trunk/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/krb/prng/fortuna/prng_fortuna.c	2011-02-24 18:18:11 UTC (rev 24656)
@@ -76,9 +76,7 @@
 
 #include "k5-int.h"
 #include "prng.h"
-#ifndef OPENSSL
 #include "aes.h"
-#endif
 #include "enc_provider.h"
 #include "sha2.h"
 #include "enc_provider.h"
@@ -189,7 +187,7 @@
 static void
 encrypt_counter(struct fortuna_state *st, unsigned char *dst)
 {
-    aes_enc_blk(st->counter, dst, &st->ciph);
+    krb5int_aes_enc_blk(st->counter, dst, &st->ciph);
     inc_counter(st);
 }
 

Modified: trunk/src/lib/crypto/nss/Makefile.in
===================================================================
--- trunk/src/lib/crypto/nss/Makefile.in	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/nss/Makefile.in	2011-02-24 18:18:11 UTC (rev 24656)
@@ -20,15 +20,18 @@
 
 STLIBOBJS=\
 	hmac.o	\
-	pbkdf2.o		
+	pbkdf2.o \
+	stubs.o
 
 OBJS=\
 	$(OUTPRE)hmac.$(OBJEXT)	\
-	$(OUTPRE)pbkdf2.$(OBJEXT)		
+	$(OUTPRE)pbkdf2.$(OBJEXT) \
+	$(OUTPRE)stubs.$(OBJEXT)
 
 SRCS=\
 	$(srcdir)/hmac.c	\
-	$(srcdir)/pbkdf2.c	
+	$(srcdir)/pbkdf2.c	\
+	$(srcdir)/stubs.c
 
 STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
 	md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST	\

Modified: trunk/src/lib/crypto/nss/sha2/Makefile.in
===================================================================
--- trunk/src/lib/crypto/nss/sha2/Makefile.in	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/nss/sha2/Makefile.in	2011-02-24 18:18:11 UTC (rev 24656)
@@ -1,20 +1,24 @@
-mydir=lib$(S)crypto$(S)nss$(S)sha2
+# Nothing here!  But we can't remove this directory as the build
+# system currently assumes that all modules have the same directory
+# structure.
+
+mydir=lib$(S)crypto$(S)nss$(S)aes
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
 DEFS=
-CRYPTO_IMPL_CFLAGS=@CRYPTO_IMPL_CFLAGS@
-LOCALINCLUDES = -I$(srcdir)/.. $(CRYPTO_IMPL_CFLAGS)
 
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
 
-STLIBOBJS= sha2.o
+STLIBOBJS=
 
-OBJS= $(OUTPRE)sha2.$(OBJEXT) 
+OBJS=
 
-SRCS= $(srcdir)/sha2.c
+SRCS=
 
-all-unix:: all-libobjs
 
+all-unix:: all-libobjs 
+
 includes:: depend
 
 depend:: $(SRCS)
@@ -22,4 +26,3 @@
 clean-unix:: clean-libobjs
 
 @libobj_frag@
-

Modified: trunk/src/lib/crypto/openssl/Makefile.in
===================================================================
--- trunk/src/lib/crypto/openssl/Makefile.in	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/openssl/Makefile.in	2011-02-24 18:18:11 UTC (rev 24656)
@@ -18,17 +18,20 @@
 STLIBOBJS=\
 	hmac.o	\
 	init.o	\
-	pbkdf2.o
+	pbkdf2.o \
+	stubs.o
 
 OBJS=\
 	$(OUTPRE)hmac.$(OBJEXT)	\
 	$(OUTPRE)init.$(OBJEXT)	\
-	$(OUTPRE)pbkdf2.$(OBJEXT)
+	$(OUTPRE)pbkdf2.$(OBJEXT) \
+	$(OUTPRE)stubs.$(OBJEXT)
 
 SRCS=\
 	$(srcdir)/hmac.c	\
 	$(srcdir)/init.c	\
-	$(srcdir)/pbkdf2.c	
+	$(srcdir)/pbkdf2.c	\
+	$(srcdir)/stubs.c
 
 STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
 	md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST 	\

Modified: trunk/src/lib/crypto/openssl/aes/Makefile.in
===================================================================
--- trunk/src/lib/crypto/openssl/aes/Makefile.in	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/openssl/aes/Makefile.in	2011-02-24 18:18:11 UTC (rev 24656)
@@ -4,12 +4,9 @@
 
 mydir=lib$(S)crypto$(S)openssl$(S)aes
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb/dk  -I$(srcdir)/../../../../include
+LOCALINCLUDES=
 DEFS=
 
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
 STLIBOBJS=
 
 OBJS=
@@ -25,4 +22,3 @@
 clean-unix:: clean-libobjs
 
 @libobj_frag@
-

Added: trunk/src/lib/crypto/openssl/aes/aes.h
===================================================================
--- trunk/src/lib/crypto/openssl/aes/aes.h	                        (rev 0)
+++ trunk/src/lib/crypto/openssl/aes/aes.h	2011-02-24 18:18:11 UTC (rev 24656)
@@ -0,0 +1,38 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/openssl/aes/aes.h - AES translation macros */
+/*
+ * Copyright 2011 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#ifndef _AES_H
+#define _AES_H
+
+/* This header maps some of the names of the built-in AES types and functions
+ * (those used by the Fortuna PRNG) to the OpenSSL equivalents. */
+#include <openssl/aes.h>
+
+#define aes_ctx AES_KEY
+#define krb5int_aes_enc_key(k, len, ctx) AES_set_encrypt_key(k, 8*(len), ctx)
+#define krb5int_aes_enc_blk(in, out, ctx) AES_encrypt(in, out, ctx)
+
+#endif /* _AES_H */

Modified: trunk/src/lib/crypto/openssl/sha2/Makefile.in
===================================================================
--- trunk/src/lib/crypto/openssl/sha2/Makefile.in	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/openssl/sha2/Makefile.in	2011-02-24 18:18:11 UTC (rev 24656)
@@ -1,17 +1,22 @@
-mydir=lib$(S)crypto$(S)openssl$(S)sha2
+# Nothing here!  But we can't remove this directory as the build
+# system currently assumes that all modules have the same directory
+# structure.
+
+mydir=lib$(S)crypto$(S)openssl$(S)aes
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
+LOCALINCLUDES=
 DEFS=
 
 PROG_LIBPATH=-L$(TOPLIBD)
 PROG_RPATH=$(KRB5_LIBDIR)
 
-STLIBOBJS= sha256.o
+STLIBOBJS=
 
-OBJS= $(OUTPRE)sha256.$(OBJEXT) 
+OBJS=
 
-SRCS= $(srcdir)/sha256.c
+SRCS=
 
-all-unix:: all-libobjs
+all-unix:: all-libobjs 
 
 includes:: depend
 
@@ -20,4 +25,3 @@
 clean-unix:: clean-libobjs
 
 @libobj_frag@
-

Modified: trunk/src/lib/crypto/openssl/sha2/sha2.h
===================================================================
--- trunk/src/lib/crypto/openssl/sha2/sha2.h	2011-02-24 16:13:58 UTC (rev 24655)
+++ trunk/src/lib/crypto/openssl/sha2/sha2.h	2011-02-24 18:18:11 UTC (rev 24656)
@@ -27,14 +27,10 @@
 
 #ifndef _SHA2_DEFINED
 
-#include "k5-int.h"
-#include <openssl/evp.h>
 #include <openssl/sha.h>
 
 #define _SHA2_DEFINED
 
-#define SHA2_DIGESTSIZE  32
-
 #define sha2Init SHA256_Init
 #define sha2Update SHA256_Update 
 #define sha2Final SHA256_Final

Added: trunk/src/lib/crypto/openssl/stubs.c
===================================================================
--- trunk/src/lib/crypto/openssl/stubs.c	                        (rev 0)
+++ trunk/src/lib/crypto/openssl/stubs.c	2011-02-24 18:18:11 UTC (rev 24656)
@@ -0,0 +1,69 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/openssl/stubs.c - OpenSSL stub functions */
+/*
+ * Copyright (C) 2011 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/*
+ * This file defines symbols which must be exported by libk5crypto because they
+ * are in the export list (for the sake of test programs), but which are not
+ * used when OpenSSL is the back end.
+ */
+
+#include "k5-int.h"
+
+/*
+ * These functions are used by the Fortuna PRNG and test program.  They are
+ * defined to OpenSSL equivalents when the OpenSSL back end headers are
+ * used.
+ */
+void krb5int_aes_enc_blk(void);
+void krb5int_aes_enc_key(void);
+void sha2Final(void);
+void sha2Init(void);
+void sha2Update(void);
+
+void krb5int_aes_enc_blk(void)
+{
+    abort();
+}
+
+void krb5int_aes_enc_key(void)
+{
+    abort();
+}
+
+void sha2Final(void)
+{
+    abort();
+}
+
+void sha2Init(void)
+{
+    abort();
+}
+
+void sha2Update(void)
+{
+    abort();
+}

More information about the cvs-krb5 mailing list