oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add des3-cbc-md5, and des3-cbc-sha1. Add many *_to_* functions.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3527 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1997-09-22 18:03:30 +00:00
parent 2db52e1b0e
commit 132bad619c
1 changed files with 166 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

189
lib/krb5/encrypt.c
View File

@@ -42,12 +42,13 @@
RCSID("$Id$"); RCSID("$Id$");
struct encryption_type { struct encryption_type {
int type; krb5_enctype type;
size_t blocksize; size_t blocksize;
size_t confoundersize; size_t confoundersize;
void (*encrypt)(void *, size_t, const krb5_keyblock *, int); void (*encrypt)(void *, size_t, const krb5_keyblock *, int);
krb5_keytype keytype; krb5_keytype keytype;
krb5_cksumtype cksumtype; krb5_cksumtype cksumtype;
const char *name;
}; };
static void static void
@@ -77,22 +78,39 @@ DES_encrypt_key_ivec(void *p, size_t len,
memcpy(&key, keyblock->keyvalue.data, sizeof(key)); memcpy(&key, keyblock->keyvalue.data, sizeof(key));
des_set_key(&key, schedule); des_set_key(&key, schedule);
des_cbc_encrypt(p, p, len, schedule, &key, encrypt); des_cbc_encrypt(p, p, len, schedule, &key, encrypt);
memset(&key, 0, sizeof(key));
memset(&schedule, 0, sizeof(schedule));
} }
static void static void
DES3_encrypt(void *p, size_t len, const krb5_keyblock *keyblock, int encrypt) DES3_encrypt_null_ivec(void *p, size_t len,
const krb5_keyblock *keyblock, int encrypt)
{ {
abort (); des_cblock key;
des_key_schedule schedule[3];
int i;
for(i = 0; i < 3; i++){
memcpy(&key, (char*)keyblock->keyvalue.data + 8*i, 8);
des_set_key(&key, schedule[i]);
}
memset(&key, 0, sizeof(key));
des_ede3_cbc_encrypt(p, p, len, schedule[0], schedule[1], schedule[2],
&key, encrypt);
memset(&schedule, 0, sizeof(schedule));
} }
static struct encryption_type em [] = { static struct encryption_type em [] = {
{ ETYPE_DES_CBC_CRC, 8, 8, DES_encrypt_key_ivec, { ETYPE_DES_CBC_CRC, 8, 8, DES_encrypt_key_ivec,
KEYTYPE_DES, CKSUMTYPE_CRC32 }, KEYTYPE_DES, CKSUMTYPE_CRC32, "des-cbc-crc" },
{ ETYPE_DES_CBC_MD4, 8, 8, DES_encrypt_null_ivec, { ETYPE_DES_CBC_MD4, 8, 8, DES_encrypt_null_ivec,
KEYTYPE_DES, CKSUMTYPE_RSA_MD4 }, KEYTYPE_DES, CKSUMTYPE_RSA_MD4, "des-cbc-md4" },
{ ETYPE_DES_CBC_MD5, 8, 8, DES_encrypt_null_ivec, { ETYPE_DES_CBC_MD5, 8, 8, DES_encrypt_null_ivec,
KEYTYPE_DES, CKSUMTYPE_RSA_MD5 }, KEYTYPE_DES, CKSUMTYPE_RSA_MD5, "des-cbc-md5" },
{ ETYPE_NULL, 1, 0, NULL_encrypt, KEYTYPE_NULL, CKSUMTYPE_NONE }, { ETYPE_DES3_CBC_MD5, 8, 8, DES3_encrypt_null_ivec,
KEYTYPE_DES3, CKSUMTYPE_RSA_MD5, "des3-cbc-md5" },
{ ETYPE_DES3_CBC_SHA1, 8, 8, DES3_encrypt_null_ivec,
KEYTYPE_DES3, CKSUMTYPE_HMAC_SHA1_DES3, "des3-cbc-sha1" },
{ ETYPE_NULL, 1, 0, NULL_encrypt, KEYTYPE_NULL, CKSUMTYPE_NONE, "null" },
}; };
static int num_etypes = sizeof(em) / sizeof(em[0]); static int num_etypes = sizeof(em) / sizeof(em[0]);
@@ -108,9 +126,22 @@ find_encryption_type(int etype)
} }
krb5_error_code krb5_error_code
krb5_etype2keytype(krb5_context context, krb5_etype_to_string(krb5_context context,
krb5_enctype etype, krb5_enctype etype,
krb5_keytype *keytype) char **string)
{
struct encryption_type *e;
e = find_encryption_type(etype);
if(e == NULL)
return KRB5_PROG_ETYPE_NOSUPP;
*string = strdup(e->name);
return 0;
}
krb5_error_code
krb5_etype_to_keytype(krb5_context context,
krb5_enctype etype,
krb5_keytype *keytype)
{ {
struct encryption_type *e; struct encryption_type *e;
e = find_encryption_type(etype); e = find_encryption_type(etype);
@@ -258,6 +289,82 @@ krb5_decrypt (krb5_context context,
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
krb5_error_code
krb5_decrypt_EncryptedData (krb5_context context,
EncryptedData *e,
const krb5_keyblock *keyblock,
krb5_data *result)
{
return krb5_decrypt(context, e->cipher.data, e->cipher.length, e->etype,
keyblock, result);
}
static krb5_error_code
DES_random_key(krb5_data *key)
{
unsigned char *p;
key->length = 8;
p = malloc(key->length);
if(p == NULL)
return ENOMEM;
des_new_random_key((void*)p);
key->data = p;
return 0;
}
static krb5_error_code
DES3_random_key(krb5_data *key)
{
unsigned char *p;
key->length = 24;
p = malloc(key->length);
if(p == NULL)
return ENOMEM;
des_new_random_key((void*)p);
des_new_random_key((void*)(p + 8));
des_new_random_key((void*)(p + 16));
key->data = p;
return 0;
}
static struct key_type {
krb5_keytype ktype;
krb5_error_code (*random_key)(krb5_data *);
krb5_enctype best_etype;
const char *name;
} km [] = {
{ KEYTYPE_NULL, NULL, ETYPE_NULL, "null" },
{ KEYTYPE_DES, DES_random_key, ETYPE_DES_CBC_MD5, "des" },
{ KEYTYPE_DES3, DES3_random_key,ETYPE_DES3_CBC_MD5, "des3" }
};
static struct key_type*
find_key_type(krb5_keytype ktype)
{
int i;
for(i = 0; i < sizeof(km) / sizeof(km[0]); i++)
if(km[i].ktype == ktype)
return &km[i];
return NULL;
}
krb5_error_code
krb5_generate_random_keyblock(krb5_context context,
krb5_keytype ktype,
krb5_keyblock *key)
{
krb5_error_code ret;
struct key_type *k = find_key_type(ktype);
if(k == NULL)
return KRB5_PROG_KEYTYPE_NOSUPP;
ret = (*k->random_key)(&key->keyvalue);
if(ret)
return ret;
key->keytype = ktype;
return 0;
}
krb5_error_code krb5_error_code
krb5_key_to_string(krb5_context context, krb5_key_to_string(krb5_context context,
krb5_keyblock key, krb5_keyblock key,
@@ -266,20 +373,18 @@ krb5_key_to_string(krb5_context context,
{ {
char *s; char *s;
char tmp[32]; /* enough to hold name of key type */ char tmp[32]; /* enough to hold name of key type */
switch(key.keytype){ int i;
case KEYTYPE_DES: if(include_keydata)
snprintf(tmp, sizeof(tmp), "DES"); snprintf(tmp, sizeof(tmp), "<keytype %u>", key.keytype);
break; else
default: snprintf(tmp, sizeof(tmp), "<keytype %u, length %u>",
if(include_keydata) key.keytype, key.keyvalue.length);
snprintf(tmp, sizeof(tmp), "<keytype %u>", key.keytype); for(i = 0; i < sizeof(km) / sizeof(km[0]); i++)
else if(km[i].ktype == key.keytype){
snprintf(tmp, sizeof(tmp), "<keytype %u, length %u>", snprintf(tmp, sizeof(tmp), "%s", km[i].name);
key.keytype, key.keyvalue.length); break;
break; }
}
if(include_keydata){ if(include_keydata){
int i;
char *k = malloc(2 * key.keyvalue.length + 1); char *k = malloc(2 * key.keyvalue.length + 1);
*k = 0; *k = 0;
for(i = 0; i < key.keyvalue.length; i++){ for(i = 0; i < key.keyvalue.length; i++){
@@ -292,3 +397,41 @@ krb5_key_to_string(krb5_context context,
*string = strdup(tmp); *string = strdup(tmp);
return 0; return 0;
} }
krb5_error_code
krb5_keytype_to_etype(krb5_context context, krb5_keytype ktype,
krb5_enctype *etype)
{
struct key_type *k = find_key_type(ktype);
if(k == NULL)
return KRB5_PROG_KEYTYPE_NOSUPP;
*etype = k->best_etype;
return 0;
}
krb5_error_code
krb5_string_to_keytype(krb5_context context, const char *string,
krb5_keytype *ktype)
{
int i;
for(i = 0; i < sizeof(km) / sizeof(km[0]); i++)
if(strcasecmp(km[i].name, string) == 0){
*ktype = km[i].ktype;
return 0;
}
return KRB5_PROG_KEYTYPE_NOSUPP;
}
krb5_error_code
krb5_keytype_to_string(krb5_context context, krb5_keytype ktype, char **string)
{
struct key_type *k = find_key_type(ktype);
if(k == NULL)
return KRB5_PROG_KEYTYPE_NOSUPP;
*string = strdup(k->name);
if(*string == NULL)
return ENOMEM;
return 0;
}