etc/services - sync with NetBSD-8
[minix.git] / crypto / external / bsd / heimdal / dist / lib / krb5 / crypto-des-common.c
blobd120c5d7fe2b300fa8633c3957c0fadaa6039cf2
1 /* $NetBSD: crypto-des-common.c,v 1.1.1.1 2011/04/13 18:15:32 elric Exp $ */
3 /*
4 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
36 /* Functions which are used by both single and triple DES enctypes */
38 #include "krb5_locl.h"
41 * A = A xor B. A & B are 8 bytes.
44 void
45 _krb5_xor (DES_cblock *key, const unsigned char *b)
47 unsigned char *a = (unsigned char*)key;
48 a[0] ^= b[0];
49 a[1] ^= b[1];
50 a[2] ^= b[2];
51 a[3] ^= b[3];
52 a[4] ^= b[4];
53 a[5] ^= b[5];
54 a[6] ^= b[6];
55 a[7] ^= b[7];
58 #if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO)
59 krb5_error_code
60 _krb5_des_checksum(krb5_context context,
61 const EVP_MD *evp_md,
62 struct _krb5_key_data *key,
63 const void *data,
64 size_t len,
65 Checksum *cksum)
67 struct _krb5_evp_schedule *ctx = key->schedule->data;
68 EVP_MD_CTX *m;
69 DES_cblock ivec;
70 unsigned char *p = cksum->checksum.data;
72 krb5_generate_random_block(p, 8);
74 m = EVP_MD_CTX_create();
75 if (m == NULL) {
76 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
77 return ENOMEM;
80 EVP_DigestInit_ex(m, evp_md, NULL);
81 EVP_DigestUpdate(m, p, 8);
82 EVP_DigestUpdate(m, data, len);
83 EVP_DigestFinal_ex (m, p + 8, NULL);
84 EVP_MD_CTX_destroy(m);
85 memset (&ivec, 0, sizeof(ivec));
86 EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
87 EVP_Cipher(&ctx->ectx, p, p, 24);
89 return 0;
92 krb5_error_code
93 _krb5_des_verify(krb5_context context,
94 const EVP_MD *evp_md,
95 struct _krb5_key_data *key,
96 const void *data,
97 size_t len,
98 Checksum *C)
100 struct _krb5_evp_schedule *ctx = key->schedule->data;
101 EVP_MD_CTX *m;
102 unsigned char tmp[24];
103 unsigned char res[16];
104 DES_cblock ivec;
105 krb5_error_code ret = 0;
107 m = EVP_MD_CTX_create();
108 if (m == NULL) {
109 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
110 return ENOMEM;
113 memset(&ivec, 0, sizeof(ivec));
114 EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1);
115 EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24);
117 EVP_DigestInit_ex(m, evp_md, NULL);
118 EVP_DigestUpdate(m, tmp, 8); /* confounder */
119 EVP_DigestUpdate(m, data, len);
120 EVP_DigestFinal_ex (m, res, NULL);
121 EVP_MD_CTX_destroy(m);
122 if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
123 krb5_clear_error_message (context);
124 ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
126 memset(tmp, 0, sizeof(tmp));
127 memset(res, 0, sizeof(res));
128 return ret;
131 #endif
133 static krb5_error_code
134 RSA_MD5_checksum(krb5_context context,
135 struct _krb5_key_data *key,
136 const void *data,
137 size_t len,
138 unsigned usage,
139 Checksum *C)
141 if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md5(), NULL) != 1)
142 krb5_abortx(context, "md5 checksum failed");
143 return 0;
146 struct _krb5_checksum_type _krb5_checksum_rsa_md5 = {
147 CKSUMTYPE_RSA_MD5,
148 "rsa-md5",
151 F_CPROOF,
152 RSA_MD5_checksum,
153 NULL