| blob | 3bbc2ab4e6727933d58182a806c9783b1505dd8a |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22 /*
23 * crypto.c
24 *
25 * Copyright (c) 1997, by Sun Microsystems, Inc.
26 * All rights reserved.
27 *
28 */
30 #include <sys/note.h>
34 /* Release the storage for a signature */
35 void
37 {
41 }
43 /* Release the storage for a gss_buffer */
44 void
46 {
50 }
68 /*
69 * Return the length produced by using cipher entry c given the supplied len
70 */
71 static unsigned int
73 {
79 }
82 /*
83 * Des [en/de]crypt buffer, buf of length, len for each key provided using
84 * an CBC initialization vector ivec.
85 * If the mode is encrypt we will use the following pattern if the number
86 * of keys is odd
87 * encrypt(buf, k[0]), decrypt(buf, k[1]), encrypt(buf, k[2])
88 * decrypt(buf, k[4]) ... encrypt(buf, k[keynum - 1])
89 * If we have an even number of keys and additional encryption will be
90 * done with the first key, i.e., ecrypt(buf, k[0]);
91 * In each [en/de]cription above we will used the passed in CBC initialization
92 * vector. The new initialization vector will be the vector return from the
93 * last encryption.
94 *
95 * In the decryption case we reverse the proccess. Note in this case
96 * the return ivec will be from the first decryption.
97 */
99 static int
102 {
103 /* Get the direction of ciphering */
105 /* Get the remaining flags from mode */
110 /* Do we have at least one key */
114 /* Save the passed in ivec */
117 /* For each key do the appropriate cipher */
131 }
133 /*
134 * If we have an even number of keys then do an extra round of
135 * [en/de]cryption with the first key.
136 */
140 /* If were decrypting ivec is set from first decryption */
145 }
148 /*
149 * DesN crypt packaged for use as a cipher entry
150 */
151 static OM_uint32
153 {
157 des_block ivec;
162 /*
163 * We all ways start of with ivec set to zeros. There is no
164 * good way to maintain ivecs since packets could be out of sequence
165 * duplicated or worst of all lost. Under these conditions the
166 * higher level protocol would have to some how resync the ivecs
167 * on both sides and start again. Theres no mechanism for this in
168 * GSS.
169 */
172 /* Do the encryption/decryption */
180 }
182 /*
183 * Package up plain des cbc crypt for use as a cipher entry.
184 */
185 static OM_uint32
187 {
191 des_block ivec;
196 /* Set the ivec to zeros and then cbc crypt the result */
205 }
207 /*
208 * MD5_verifier: This is a verifier routine suitable for use in a
209 * verifier entry. It calculates the MD5 check sum over an optional
210 * msg and a token. It signs it using the supplied cipher_proc and stores
211 * the result in signature.
212 *
213 * Note signature should already be allocated and be large enough to
214 * hold the signature after its been encrypted. If keys is null, then
215 * we will just return the unencrypted check sum.
216 */
217 static OM_uint32
223 {
227 /* Initialize the MD5 context */
229 /* If we have a message to digest, digest it */
232 /* Digest the supplied token */
234 /* Finalize the sum. The MD5 context contains the digets */
237 /* Copy the digest to the signature */
243 /* If we have keys encrypt it */
248 }
250 /* Cipher table */
251 static
252 cipher_entry cipher_tab[] = {
256 };
259 #define __NO_CRYPT &cipher_tab[0]
260 #define __DES_N_CRYPT &cipher_tab[1]
261 #define __DES_CRYPT &cipher_tab[2]
263 /* Verifier table */
264 static
265 verifier_entry verifier_tab[] = {
268 };
270 /* QOP table */
271 static
272 QOP_entry QOP_table[] = {
275 };
277 #define QOP_ENTRIES (sizeof (QOP_table) / sizeof (QOP_entry))
279 /*
280 * __dh_is_valid_QOP: Return true if qop is valid entry into the QOP
281 * table, else return false.
282 */
283 bool_t
285 {
291 }
293 /*
294 * __alloc_sig: Allocate a signature for a given QOP. This takes into
295 * account the size of the signature after padding for the encryption
296 * routine.
297 */
298 OM_uint32
300 {
304 /* Check that the QOP is valid */
308 /* Get the verifier entry from the QOP entry */
311 /* Calulate the length needed for the signature */
314 /* Allocate the signature */
319 }
324 }
326 /*
327 * __get_sig_size: Return the total size needed for a signature given a QOP.
328 */
329 OM_uint32
331 {
332 /* Check for valid QOP */
334 /* Get the verifier entry */
337 /* Return the size include the padding needed for encryption */
341 }
345 }
347 /*
348 * __mk_sig: Generate a signature using a given qop over a token of a
349 * given length and an optional message. We use the supplied keys to
350 * encrypt the check sum if they are available. The output is place
351 * in a preallocate signature, that was allocated using __alloc_sig.
352 */
353 OM_uint32
360 {
367 /* Make sure the QOP is valid */
371 /* Grab the verifier entry for the qop */
374 /* Package the token for use in a verifier_proc */
378 /*
379 * Calculate the signature using the supplied keys. If keys
380 * is null, the the v->signer->cipher routine will not be called
381 * and sig will not be encrypted.
382 */
386 }
388 /*
389 * __verify_sig: Verify that the supplied signature, sig, is the same
390 * as the token verifier
391 */
392 OM_uint32
397 {
403 /* Check the QOP */
407 /* Package up the supplied signature */
411 /* Get the cipher proc to use from the verifier entry for qop */
414 /* Encrypt the check sum using the supplied set of keys */
418 /* Compare the signatures */
425 }
427 /*
428 * __cmpsig: Return true if two signatures are the same, else false.
429 */
430 bool_t
432 {
436 }
438 /*
439 * wrap_msg_body: Wrap the message pointed to be in into a
440 * message pointed to by out that has ben padded out by pad bytes.
441 *
442 * The output message looks like:
443 * out->length = total length of out->value including any padding
444 * out->value points to memory as follows:
445 * +------------+-------------------------+---------|
446 * | in->length | in->value | XDR PAD |
447 * +------------+-------------------------+---------|
448 * 4 bytes in->length bytes 0 - 3
449 */
450 static OM_uint32
452 {
460 /* Make sure the address of len points to a 32 bit word */
470 /* Allocate the output buffer and set the length */
476 /* Create xdr stream to wrap into */
479 /* Wrap the bytes in value */
483 }
486 }
488 /*
489 * __QOPSeal: Wrap the input message placing the output in output given
490 * a valid QOP. If confidentialiy is requested it is ignored. We can't
491 * support privacy. The return flag will always be zero.
492 */
493 OM_uint32
500 {
506 /* Check for valid QOP */
510 /* Wrap the message */
516 }
518 /*
519 * unwrap_msg_body: Unwrap the message, that was wrapped from above
520 */
521 static OM_uint32
523 {
524 XDR xdrs;
527 /* Create an xdr stream to on wrap in */
530 /* Unwrap the input into out->value */
534 /* set the length */
538 }
540 /*
541 * __QOPUnSeal: Unwrap the input message into output using the supplied QOP.
542 * Note it is the callers responsibility to release the allocated output
543 * buffer. If conf_req is true we return DH_CIPHER_FAILURE since we don't
544 * support privacy.
545 */
546 OM_uint32
552 {
556 /* Check that the qop is valid */
560 /* Set output to sane values */
564 /* Fail if this is privacy */
568 /* Unwrap the input into the output, return the status */
572 }