etc/services - sync with NetBSD-8
[minix.git] / crypto / external / bsd / heimdal / dist / lib / krb5 / crypto-des.c
blob52b0b6233cf0cc3d9540b573176017cab14b9de7
1 /* $NetBSD: crypto-des.c,v 1.1.1.2 2014/04/24 12:45:49 pettai Exp $ */
3 /*
4 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
36 #include "krb5_locl.h"
38 #ifdef HEIM_WEAK_CRYPTO
41 static void
42 krb5_DES_random_key(krb5_context context,
43 krb5_keyblock *key)
45 DES_cblock *k = key->keyvalue.data;
46 do {
47 krb5_generate_random_block(k, sizeof(DES_cblock));
48 DES_set_odd_parity(k);
49 } while(DES_is_weak_key(k));
52 static void
53 krb5_DES_schedule_old(krb5_context context,
54 struct _krb5_key_type *kt,
55 struct _krb5_key_data *key)
57 DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data);
60 static void
61 krb5_DES_random_to_key(krb5_context context,
62 krb5_keyblock *key,
63 const void *data,
64 size_t size)
66 DES_cblock *k = key->keyvalue.data;
67 memcpy(k, data, key->keyvalue.length);
68 DES_set_odd_parity(k);
69 if(DES_is_weak_key(k))
70 _krb5_xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
73 static struct _krb5_key_type keytype_des_old = {
74 ETYPE_DES_CBC_CRC,
75 "des-old",
76 56,
78 sizeof(DES_key_schedule),
79 krb5_DES_random_key,
80 krb5_DES_schedule_old,
81 _krb5_des_salt,
82 krb5_DES_random_to_key,
83 NULL,
84 NULL
87 static struct _krb5_key_type keytype_des = {
88 ETYPE_DES_CBC_CRC,
89 "des",
90 56,
92 sizeof(struct _krb5_evp_schedule),
93 krb5_DES_random_key,
94 _krb5_evp_schedule,
95 _krb5_des_salt,
96 krb5_DES_random_to_key,
97 _krb5_evp_cleanup,
98 EVP_des_cbc
101 static krb5_error_code
102 CRC32_checksum(krb5_context context,
103 struct _krb5_key_data *key,
104 const void *data,
105 size_t len,
106 unsigned usage,
107 Checksum *C)
109 uint32_t crc;
110 unsigned char *r = C->checksum.data;
111 _krb5_crc_init_table ();
112 crc = _krb5_crc_update (data, len, 0);
113 r[0] = crc & 0xff;
114 r[1] = (crc >> 8) & 0xff;
115 r[2] = (crc >> 16) & 0xff;
116 r[3] = (crc >> 24) & 0xff;
117 return 0;
120 static krb5_error_code
121 RSA_MD4_checksum(krb5_context context,
122 struct _krb5_key_data *key,
123 const void *data,
124 size_t len,
125 unsigned usage,
126 Checksum *C)
128 if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1)
129 krb5_abortx(context, "md4 checksum failed");
130 return 0;
133 static krb5_error_code
134 RSA_MD4_DES_checksum(krb5_context context,
135 struct _krb5_key_data *key,
136 const void *data,
137 size_t len,
138 unsigned usage,
139 Checksum *cksum)
141 return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum);
144 static krb5_error_code
145 RSA_MD4_DES_verify(krb5_context context,
146 struct _krb5_key_data *key,
147 const void *data,
148 size_t len,
149 unsigned usage,
150 Checksum *C)
152 return _krb5_des_verify(context, EVP_md4(), key, data, len, C);
155 static krb5_error_code
156 RSA_MD5_DES_checksum(krb5_context context,
157 struct _krb5_key_data *key,
158 const void *data,
159 size_t len,
160 unsigned usage,
161 Checksum *C)
163 return _krb5_des_checksum(context, EVP_md5(), key, data, len, C);
166 static krb5_error_code
167 RSA_MD5_DES_verify(krb5_context context,
168 struct _krb5_key_data *key,
169 const void *data,
170 size_t len,
171 unsigned usage,
172 Checksum *C)
174 return _krb5_des_verify(context, EVP_md5(), key, data, len, C);
177 struct _krb5_checksum_type _krb5_checksum_crc32 = {
178 CKSUMTYPE_CRC32,
179 "crc32",
183 CRC32_checksum,
184 NULL
187 struct _krb5_checksum_type _krb5_checksum_rsa_md4 = {
188 CKSUMTYPE_RSA_MD4,
189 "rsa-md4",
192 F_CPROOF,
193 RSA_MD4_checksum,
194 NULL
197 struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = {
198 CKSUMTYPE_RSA_MD4_DES,
199 "rsa-md4-des",
202 F_KEYED | F_CPROOF | F_VARIANT,
203 RSA_MD4_DES_checksum,
204 RSA_MD4_DES_verify
207 struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = {
208 CKSUMTYPE_RSA_MD5_DES,
209 "rsa-md5-des",
212 F_KEYED | F_CPROOF | F_VARIANT,
213 RSA_MD5_DES_checksum,
214 RSA_MD5_DES_verify
217 static krb5_error_code
218 evp_des_encrypt_null_ivec(krb5_context context,
219 struct _krb5_key_data *key,
220 void *data,
221 size_t len,
222 krb5_boolean encryptp,
223 int usage,
224 void *ignore_ivec)
226 struct _krb5_evp_schedule *ctx = key->schedule->data;
227 EVP_CIPHER_CTX *c;
228 DES_cblock ivec;
229 memset(&ivec, 0, sizeof(ivec));
230 c = encryptp ? &ctx->ectx : &ctx->dctx;
231 EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
232 EVP_Cipher(c, data, data, len);
233 return 0;
236 static krb5_error_code
237 evp_des_encrypt_key_ivec(krb5_context context,
238 struct _krb5_key_data *key,
239 void *data,
240 size_t len,
241 krb5_boolean encryptp,
242 int usage,
243 void *ignore_ivec)
245 struct _krb5_evp_schedule *ctx = key->schedule->data;
246 EVP_CIPHER_CTX *c;
247 DES_cblock ivec;
248 memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
249 c = encryptp ? &ctx->ectx : &ctx->dctx;
250 EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
251 EVP_Cipher(c, data, data, len);
252 return 0;
255 static krb5_error_code
256 DES_CFB64_encrypt_null_ivec(krb5_context context,
257 struct _krb5_key_data *key,
258 void *data,
259 size_t len,
260 krb5_boolean encryptp,
261 int usage,
262 void *ignore_ivec)
264 DES_cblock ivec;
265 int num = 0;
266 DES_key_schedule *s = key->schedule->data;
267 memset(&ivec, 0, sizeof(ivec));
269 DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp);
270 return 0;
273 static krb5_error_code
274 DES_PCBC_encrypt_key_ivec(krb5_context context,
275 struct _krb5_key_data *key,
276 void *data,
277 size_t len,
278 krb5_boolean encryptp,
279 int usage,
280 void *ignore_ivec)
282 DES_cblock ivec;
283 DES_key_schedule *s = key->schedule->data;
284 memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
286 DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp);
287 return 0;
290 struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = {
291 ETYPE_DES_CBC_CRC,
292 "des-cbc-crc",
296 &keytype_des,
297 &_krb5_checksum_crc32,
298 NULL,
299 F_DISABLED|F_WEAK,
300 evp_des_encrypt_key_ivec,
302 NULL
305 struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = {
306 ETYPE_DES_CBC_MD4,
307 "des-cbc-md4",
311 &keytype_des,
312 &_krb5_checksum_rsa_md4,
313 &_krb5_checksum_rsa_md4_des,
314 F_DISABLED|F_WEAK,
315 evp_des_encrypt_null_ivec,
317 NULL
320 struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = {
321 ETYPE_DES_CBC_MD5,
322 "des-cbc-md5",
326 &keytype_des,
327 &_krb5_checksum_rsa_md5,
328 &_krb5_checksum_rsa_md5_des,
329 F_DISABLED|F_WEAK,
330 evp_des_encrypt_null_ivec,
332 NULL
335 struct _krb5_encryption_type _krb5_enctype_des_cbc_none = {
336 ETYPE_DES_CBC_NONE,
337 "des-cbc-none",
341 &keytype_des,
342 &_krb5_checksum_none,
343 NULL,
344 F_PSEUDO|F_DISABLED|F_WEAK,
345 evp_des_encrypt_null_ivec,
347 NULL
350 struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = {
351 ETYPE_DES_CFB64_NONE,
352 "des-cfb64-none",
356 &keytype_des_old,
357 &_krb5_checksum_none,
358 NULL,
359 F_PSEUDO|F_DISABLED|F_WEAK,
360 DES_CFB64_encrypt_null_ivec,
362 NULL
365 struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = {
366 ETYPE_DES_PCBC_NONE,
367 "des-pcbc-none",
371 &keytype_des_old,
372 &_krb5_checksum_none,
373 NULL,
374 F_PSEUDO|F_DISABLED|F_WEAK,
375 DES_PCBC_encrypt_key_ivec,
377 NULL
379 #endif /* HEIM_WEAK_CRYPTO */