diff --git a/lib/gssapi/get_mic.c b/lib/gssapi/get_mic.c index da99794c0..d1c7352bd 100644 --- a/lib/gssapi/get_mic.c +++ b/lib/gssapi/get_mic.c @@ -48,9 +48,9 @@ mic_des u_char *p; MD5_CTX md5; u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; + DES_key_schedule schedule; + DES_cblock deskey; + DES_cblock zero; int32_t seq_number; size_t len, total_len; @@ -86,9 +86,9 @@ mic_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); memcpy (p - 8, hash, 8); /* SGN_CKSUM */ HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); @@ -106,9 +106,9 @@ mic_des (context_handle->more_flags & LOCAL) ? 0 : 0xFF, 4); - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)(p + 8), DES_ENCRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, context_handle->auth_context, @@ -116,7 +116,7 @@ mic_des HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); *minor_status = 0; return GSS_S_COMPLETE; diff --git a/lib/gssapi/krb5/get_mic.c b/lib/gssapi/krb5/get_mic.c index da99794c0..d1c7352bd 100644 --- a/lib/gssapi/krb5/get_mic.c +++ b/lib/gssapi/krb5/get_mic.c @@ -48,9 +48,9 @@ mic_des u_char *p; MD5_CTX md5; u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; + DES_key_schedule schedule; + DES_cblock deskey; + DES_cblock zero; int32_t seq_number; size_t len, total_len; @@ -86,9 +86,9 @@ mic_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); memcpy (p - 8, hash, 8); /* SGN_CKSUM */ HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); @@ -106,9 +106,9 @@ mic_des (context_handle->more_flags & LOCAL) ? 0 : 0xFF, 4); - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)(p + 8), DES_ENCRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, context_handle->auth_context, @@ -116,7 +116,7 @@ mic_des HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); *minor_status = 0; return GSS_S_COMPLETE; diff --git a/lib/gssapi/krb5/unwrap.c b/lib/gssapi/krb5/unwrap.c index 25a593623..48b108504 100644 --- a/lib/gssapi/krb5/unwrap.c +++ b/lib/gssapi/krb5/unwrap.c @@ -75,9 +75,9 @@ unwrap_des size_t len; MD5_CTX md5; u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; + DES_key_schedule schedule; + DES_cblock deskey; + DES_cblock zero; int i; int32_t seq_number; size_t padlength; @@ -118,17 +118,17 @@ unwrap_des for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; - des_set_key (&deskey, schedule); + DES_set_key (&deskey, &schedule); memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((void *)p, + DES_cbc_encrypt ((void *)p, (void *)p, input_message_buffer->length - len, - schedule, + &schedule, &zero, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); } /* check pad */ ret = _gssapi_verify_pad(input_message_buffer, @@ -144,9 +144,9 @@ unwrap_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) return GSS_S_BAD_MIC; @@ -155,12 +155,12 @@ unwrap_des HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)hash, DES_DECRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)hash, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); seq = p; gssapi_decode_om_uint32(seq, &seq_number); @@ -293,7 +293,7 @@ unwrap_des3 return GSS_S_FAILURE; } { - des_cblock ivec; + DES_cblock ivec; memcpy(&ivec, p + 8, 8); ret = krb5_decrypt_ivec (gssapi_krb5_context, diff --git a/lib/gssapi/krb5/verify_mic.c b/lib/gssapi/krb5/verify_mic.c index 71836970e..bd79a199e 100644 --- a/lib/gssapi/krb5/verify_mic.c +++ b/lib/gssapi/krb5/verify_mic.c @@ -49,9 +49,9 @@ verify_mic_des u_char *p; MD5_CTX md5; u_char hash[16], *seq; - des_key_schedule schedule; - des_cblock zero; - des_cblock deskey; + DES_key_schedule schedule; + DES_cblock zero; + DES_cblock deskey; int32_t seq_number; OM_uint32 ret; int cmp; @@ -82,12 +82,12 @@ verify_mic_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) { memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); return GSS_S_BAD_MIC; } @@ -96,12 +96,12 @@ verify_mic_des HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)hash, DES_DECRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)hash, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); seq = p; gssapi_decode_om_uint32(seq, &seq_number); diff --git a/lib/gssapi/krb5/wrap.c b/lib/gssapi/krb5/wrap.c index 57206d3cf..882d67376 100644 --- a/lib/gssapi/krb5/wrap.c +++ b/lib/gssapi/krb5/wrap.c @@ -144,9 +144,9 @@ wrap_des u_char *p; MD5_CTX md5; u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; + DES_key_schedule schedule; + DES_cblock deskey; + DES_cblock zero; int i; int32_t seq_number; size_t len, total_len, padlength, datalen; @@ -199,9 +199,9 @@ wrap_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); memcpy (p - 8, hash, 8); /* sequence number */ @@ -219,9 +219,9 @@ wrap_des (context_handle->more_flags & LOCAL) ? 0 : 0xFF, 4); - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)(p + 8), DES_ENCRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, context_handle->auth_context, @@ -236,18 +236,18 @@ wrap_des for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; - des_set_key (&deskey, schedule); + DES_set_key (&deskey, &schedule); memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((void *)p, + DES_cbc_encrypt ((void *)p, (void *)p, datalen, - schedule, + &schedule, &zero, DES_ENCRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); } + memset (deskey, 0, sizeof(deskey)); + memset (&schedule, 0, sizeof(schedule)); + if(conf_state != NULL) *conf_state = conf_req_flag; *minor_status = 0; @@ -366,7 +366,7 @@ wrap_des3 } { - des_cblock ivec; + DES_cblock ivec; memcpy (&ivec, p + 8, 8); ret = krb5_encrypt_ivec (gssapi_krb5_context, diff --git a/lib/gssapi/unwrap.c b/lib/gssapi/unwrap.c index 25a593623..48b108504 100644 --- a/lib/gssapi/unwrap.c +++ b/lib/gssapi/unwrap.c @@ -75,9 +75,9 @@ unwrap_des size_t len; MD5_CTX md5; u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; + DES_key_schedule schedule; + DES_cblock deskey; + DES_cblock zero; int i; int32_t seq_number; size_t padlength; @@ -118,17 +118,17 @@ unwrap_des for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; - des_set_key (&deskey, schedule); + DES_set_key (&deskey, &schedule); memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((void *)p, + DES_cbc_encrypt ((void *)p, (void *)p, input_message_buffer->length - len, - schedule, + &schedule, &zero, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); } /* check pad */ ret = _gssapi_verify_pad(input_message_buffer, @@ -144,9 +144,9 @@ unwrap_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) return GSS_S_BAD_MIC; @@ -155,12 +155,12 @@ unwrap_des HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)hash, DES_DECRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)hash, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); seq = p; gssapi_decode_om_uint32(seq, &seq_number); @@ -293,7 +293,7 @@ unwrap_des3 return GSS_S_FAILURE; } { - des_cblock ivec; + DES_cblock ivec; memcpy(&ivec, p + 8, 8); ret = krb5_decrypt_ivec (gssapi_krb5_context, diff --git a/lib/gssapi/verify_mic.c b/lib/gssapi/verify_mic.c index 71836970e..bd79a199e 100644 --- a/lib/gssapi/verify_mic.c +++ b/lib/gssapi/verify_mic.c @@ -49,9 +49,9 @@ verify_mic_des u_char *p; MD5_CTX md5; u_char hash[16], *seq; - des_key_schedule schedule; - des_cblock zero; - des_cblock deskey; + DES_key_schedule schedule; + DES_cblock zero; + DES_cblock deskey; int32_t seq_number; OM_uint32 ret; int cmp; @@ -82,12 +82,12 @@ verify_mic_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) { memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); return GSS_S_BAD_MIC; } @@ -96,12 +96,12 @@ verify_mic_des HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)hash, DES_DECRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)hash, DES_DECRYPT); memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); + memset (&schedule, 0, sizeof(schedule)); seq = p; gssapi_decode_om_uint32(seq, &seq_number); diff --git a/lib/gssapi/wrap.c b/lib/gssapi/wrap.c index 57206d3cf..882d67376 100644 --- a/lib/gssapi/wrap.c +++ b/lib/gssapi/wrap.c @@ -144,9 +144,9 @@ wrap_des u_char *p; MD5_CTX md5; u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; + DES_key_schedule schedule; + DES_cblock deskey; + DES_cblock zero; int i; int32_t seq_number; size_t len, total_len, padlength, datalen; @@ -199,9 +199,9 @@ wrap_des memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); + DES_set_key (&deskey, &schedule); + DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), + &schedule, &zero); memcpy (p - 8, hash, 8); /* sequence number */ @@ -219,9 +219,9 @@ wrap_des (context_handle->more_flags & LOCAL) ? 0 : 0xFF, 4); - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)(p + 8), DES_ENCRYPT); + DES_set_key (&deskey, &schedule); + DES_cbc_encrypt ((void *)p, (void *)p, 8, + &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, context_handle->auth_context, @@ -236,18 +236,18 @@ wrap_des for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; - des_set_key (&deskey, schedule); + DES_set_key (&deskey, &schedule); memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((void *)p, + DES_cbc_encrypt ((void *)p, (void *)p, datalen, - schedule, + &schedule, &zero, DES_ENCRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); } + memset (deskey, 0, sizeof(deskey)); + memset (&schedule, 0, sizeof(schedule)); + if(conf_state != NULL) *conf_state = conf_req_flag; *minor_status = 0; @@ -366,7 +366,7 @@ wrap_des3 } { - des_cblock ivec; + DES_cblock ivec; memcpy (&ivec, p + 8, 8); ret = krb5_encrypt_ivec (gssapi_krb5_context, diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index ed0123ae8..6d7dc6a7e 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -160,24 +160,24 @@ static void krb5_DES_random_key(krb5_context context, krb5_keyblock *key) { - des_cblock *k = key->keyvalue.data; + DES_cblock *k = key->keyvalue.data; do { - krb5_generate_random_block(k, sizeof(des_cblock)); - des_set_odd_parity(k); - } while(des_is_weak_key(k)); + krb5_generate_random_block(k, sizeof(DES_cblock)); + DES_set_odd_parity(k); + } while(DES_is_weak_key(k)); } static void krb5_DES_schedule(krb5_context context, struct key_data *key) { - des_set_key(key->key->keyvalue.data, key->schedule->data); + DES_set_key(key->key->keyvalue.data, key->schedule->data); } static void -DES_string_to_key_int(unsigned char *data, size_t length, des_cblock *key) +DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key) { - des_key_schedule schedule; + DES_key_schedule schedule; int i; int reverse = 0; unsigned char *p; @@ -196,13 +196,13 @@ DES_string_to_key_int(unsigned char *data, size_t length, des_cblock *key) if((i % 8) == 7) reverse = !reverse; } - des_set_odd_parity(key); - if(des_is_weak_key(key)) + DES_set_odd_parity(key); + if(DES_is_weak_key(key)) (*key)[7] ^= 0xF0; - des_set_key(key, schedule); - des_cbc_cksum((void*)data, key, length, schedule, key); - memset(schedule, 0, sizeof(schedule)); - des_set_odd_parity(key); + DES_set_key(key, &schedule); + DES_cbc_cksum((void*)data, key, length, &schedule, key); + memset(&schedule, 0, sizeof(schedule)); + DES_set_odd_parity(key); } static krb5_error_code @@ -215,7 +215,7 @@ krb5_DES_string_to_key(krb5_context context, { unsigned char *s; size_t len; - des_cblock tmp; + DES_cblock tmp; len = password.length + salt.saltvalue.length; s = malloc(len); @@ -246,7 +246,7 @@ krb5_DES_string_to_key(krb5_context context, static void krb5_DES_AFS3_CMU_string_to_key (krb5_data pw, krb5_data cell, - des_cblock *key) + DES_cblock *key) { char password[8+1]; /* crypt is limited to 8 chars anyway */ int i; @@ -259,14 +259,14 @@ krb5_DES_AFS3_CMU_string_to_key (krb5_data pw, } password[8] = '\0'; - memcpy(key, crypt(password, "p1") + 2, sizeof(des_cblock)); + memcpy(key, crypt(password, "p1") + 2, sizeof(DES_cblock)); /* parity is inserted into the LSB so left shift each byte up one bit. This allows ascii characters with a zero MSB to retain as much significance as possible. */ - for (i = 0; i < sizeof(des_cblock); i++) + for (i = 0; i < sizeof(DES_cblock); i++) ((unsigned char*)key)[i] <<= 1; - des_set_odd_parity (key); + DES_set_odd_parity (key); } /* @@ -275,11 +275,11 @@ krb5_DES_AFS3_CMU_string_to_key (krb5_data pw, static void krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw, krb5_data cell, - des_cblock *key) + DES_cblock *key) { - des_key_schedule schedule; - des_cblock temp_key; - des_cblock ivec; + DES_key_schedule schedule; + DES_cblock temp_key; + DES_cblock ivec; char password[512]; size_t passlen; @@ -295,20 +295,20 @@ krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw, passlen = min(sizeof(password), pw.length + cell.length); memcpy(&ivec, "kerberos", 8); memcpy(&temp_key, "kerberos", 8); - des_set_odd_parity (&temp_key); - des_set_key (&temp_key, schedule); - des_cbc_cksum (password, &ivec, passlen, schedule, &ivec); + DES_set_odd_parity (&temp_key); + DES_set_key (&temp_key, &schedule); + DES_cbc_cksum ((void*)password, &ivec, passlen, &schedule, &ivec); memcpy(&temp_key, &ivec, 8); - des_set_odd_parity (&temp_key); - des_set_key (&temp_key, schedule); - des_cbc_cksum (password, key, passlen, schedule, &ivec); + DES_set_odd_parity (&temp_key); + DES_set_key (&temp_key, &schedule); + DES_cbc_cksum (password, key, passlen, &schedule, &ivec); memset(&schedule, 0, sizeof(schedule)); memset(&temp_key, 0, sizeof(temp_key)); memset(&ivec, 0, sizeof(ivec)); memset(password, 0, sizeof(password)); - des_set_odd_parity (key); + DES_set_odd_parity (key); } static krb5_error_code @@ -319,7 +319,7 @@ DES_AFS3_string_to_key(krb5_context context, krb5_data opaque, krb5_keyblock *key) { - des_cblock tmp; + DES_cblock tmp; if(password.length > 8) krb5_DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp); else @@ -334,26 +334,26 @@ static void DES3_random_key(krb5_context context, krb5_keyblock *key) { - des_cblock *k = key->keyvalue.data; + DES_cblock *k = key->keyvalue.data; do { - krb5_generate_random_block(k, 3 * sizeof(des_cblock)); - des_set_odd_parity(&k[0]); - des_set_odd_parity(&k[1]); - des_set_odd_parity(&k[2]); - } while(des_is_weak_key(&k[0]) || - des_is_weak_key(&k[1]) || - des_is_weak_key(&k[2])); + krb5_generate_random_block(k, 3 * sizeof(DES_cblock)); + DES_set_odd_parity(&k[0]); + DES_set_odd_parity(&k[1]); + DES_set_odd_parity(&k[2]); + } while(DES_is_weak_key(&k[0]) || + DES_is_weak_key(&k[1]) || + DES_is_weak_key(&k[2])); } static void DES3_schedule(krb5_context context, struct key_data *key) { - des_cblock *k = key->key->keyvalue.data; - des_key_schedule *s = key->schedule->data; - des_set_key(&k[0], s[0]); - des_set_key(&k[1], s[1]); - des_set_key(&k[2], s[2]); + DES_cblock *k = key->key->keyvalue.data; + DES_key_schedule *s = key->schedule->data; + DES_set_key(&k[0], &s[0]); + DES_set_key(&k[1], &s[1]); + DES_set_key(&k[2], &s[2]); } /* @@ -361,7 +361,7 @@ DES3_schedule(krb5_context context, */ static void -xor (des_cblock *key, const unsigned char *b) +xor (DES_cblock *key, const unsigned char *b) { unsigned char *a = (unsigned char*)key; a[0] ^= b[0]; @@ -385,7 +385,7 @@ DES3_string_to_key(krb5_context context, char *str; size_t len; unsigned char tmp[24]; - des_cblock keys[3]; + DES_cblock keys[3]; len = password.length + salt.saltvalue.length; str = malloc(len); @@ -396,29 +396,29 @@ DES3_string_to_key(krb5_context context, memcpy(str, password.data, password.length); memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); { - des_cblock ivec; - des_key_schedule s[3]; + DES_cblock ivec; + DES_key_schedule s[3]; int i; _krb5_n_fold(str, len, tmp, 24); for(i = 0; i < 3; i++){ memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); - des_set_odd_parity(keys + i); - if(des_is_weak_key(keys + i)) + DES_set_odd_parity(keys + i); + if(DES_is_weak_key(keys + i)) xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - des_set_key(keys + i, s[i]); + DES_set_key(keys + i, &s[i]); } memset(&ivec, 0, sizeof(ivec)); - des_ede3_cbc_encrypt(tmp, + DES_ede3_cbc_encrypt(tmp, tmp, sizeof(tmp), - s[0], s[1], s[2], &ivec, DES_ENCRYPT); + &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); memset(s, 0, sizeof(s)); memset(&ivec, 0, sizeof(ivec)); for(i = 0; i < 3; i++){ memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); - des_set_odd_parity(keys + i); - if(des_is_weak_key(keys + i)) + DES_set_odd_parity(keys + i); + if(DES_is_weak_key(keys + i)) xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); } memset(tmp, 0, sizeof(tmp)); @@ -715,8 +715,8 @@ struct key_type keytype_des = { KEYTYPE_DES, "des", 56, - sizeof(des_cblock), - sizeof(des_key_schedule), + sizeof(DES_cblock), + sizeof(DES_key_schedule), krb5_DES_random_key, krb5_DES_schedule, des_salt @@ -726,8 +726,8 @@ struct key_type keytype_des3 = { KEYTYPE_DES3, "des3", 168, - 3 * sizeof(des_cblock), - 3 * sizeof(des_key_schedule), + 3 * sizeof(DES_cblock), + 3 * sizeof(DES_key_schedule), DES3_random_key, DES3_schedule, des3_salt @@ -737,8 +737,8 @@ struct key_type keytype_des3_derived = { KEYTYPE_DES3, "des3", 168, - 3 * sizeof(des_cblock), - 3 * sizeof(des_key_schedule), + 3 * sizeof(DES_cblock), + 3 * sizeof(DES_key_schedule), DES3_random_key, DES3_schedule, des3_salt_derived @@ -1210,7 +1210,7 @@ RSA_MD4_DES_checksum(krb5_context context, Checksum *cksum) { MD4_CTX md4; - des_cblock ivec; + DES_cblock ivec; unsigned char *p = cksum->checksum.data; krb5_generate_random_block(p, 8); @@ -1219,7 +1219,7 @@ RSA_MD4_DES_checksum(krb5_context context, MD4_Update (&md4, data, len); MD4_Final (p + 8, &md4); memset (&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(p, + DES_cbc_encrypt(p, p, 24, key->schedule->data, @@ -1238,11 +1238,11 @@ RSA_MD4_DES_verify(krb5_context context, MD4_CTX md4; unsigned char tmp[24]; unsigned char res[16]; - des_cblock ivec; + DES_cblock ivec; krb5_error_code ret = 0; memset(&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(C->checksum.data, + DES_cbc_encrypt(C->checksum.data, (void*)tmp, C->checksum.length, key->schedule->data, @@ -1285,7 +1285,7 @@ RSA_MD5_DES_checksum(krb5_context context, Checksum *C) { MD5_CTX md5; - des_cblock ivec; + DES_cblock ivec; unsigned char *p = C->checksum.data; krb5_generate_random_block(p, 8); @@ -1294,7 +1294,7 @@ RSA_MD5_DES_checksum(krb5_context context, MD5_Update (&md5, data, len); MD5_Final (p + 8, &md5); memset (&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(p, + DES_cbc_encrypt(p, p, 24, key->schedule->data, @@ -1313,15 +1313,15 @@ RSA_MD5_DES_verify(krb5_context context, MD5_CTX md5; unsigned char tmp[24]; unsigned char res[16]; - des_cblock ivec; - des_key_schedule *sched = key->schedule->data; + DES_cblock ivec; + DES_key_schedule *sched = key->schedule->data; krb5_error_code ret = 0; memset(&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(C->checksum.data, + DES_cbc_encrypt(C->checksum.data, (void*)tmp, C->checksum.length, - sched[0], + &sched[0], &ivec, DES_DECRYPT); MD5_Init (&md5); @@ -1346,9 +1346,9 @@ RSA_MD5_DES3_checksum(krb5_context context, Checksum *C) { MD5_CTX md5; - des_cblock ivec; + DES_cblock ivec; unsigned char *p = C->checksum.data; - des_key_schedule *sched = key->schedule->data; + DES_key_schedule *sched = key->schedule->data; krb5_generate_random_block(p, 8); MD5_Init (&md5); @@ -1356,10 +1356,10 @@ RSA_MD5_DES3_checksum(krb5_context context, MD5_Update (&md5, data, len); MD5_Final (p + 8, &md5); memset (&ivec, 0, sizeof(ivec)); - des_ede3_cbc_encrypt(p, + DES_ede3_cbc_encrypt(p, p, 24, - sched[0], sched[1], sched[2], + &sched[0], &sched[1], &sched[2], &ivec, DES_ENCRYPT); } @@ -1375,15 +1375,15 @@ RSA_MD5_DES3_verify(krb5_context context, MD5_CTX md5; unsigned char tmp[24]; unsigned char res[16]; - des_cblock ivec; - des_key_schedule *sched = key->schedule->data; + DES_cblock ivec; + DES_key_schedule *sched = key->schedule->data; krb5_error_code ret = 0; memset(&ivec, 0, sizeof(ivec)); - des_ede3_cbc_encrypt(C->checksum.data, + DES_ede3_cbc_encrypt(C->checksum.data, (void*)tmp, C->checksum.length, - sched[0], sched[1], sched[2], + &sched[0], &sched[1], &sched[2], &ivec, DES_DECRYPT); MD5_Init (&md5); @@ -2069,10 +2069,10 @@ DES_CBC_encrypt_null_ivec(krb5_context context, int usage, void *ignore_ivec) { - des_cblock ivec; - des_key_schedule *s = key->schedule->data; + DES_cblock ivec; + DES_key_schedule *s = key->schedule->data; memset(&ivec, 0, sizeof(ivec)); - des_cbc_encrypt(data, data, len, *s, &ivec, encrypt); + DES_cbc_encrypt(data, data, len, s, &ivec, encrypt); return 0; } @@ -2085,10 +2085,10 @@ DES_CBC_encrypt_key_ivec(krb5_context context, int usage, void *ignore_ivec) { - des_cblock ivec; - des_key_schedule *s = key->schedule->data; + DES_cblock ivec; + DES_key_schedule *s = key->schedule->data; memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); - des_cbc_encrypt(data, data, len, *s, &ivec, encrypt); + DES_cbc_encrypt(data, data, len, s, &ivec, encrypt); return 0; } @@ -2101,13 +2101,13 @@ DES3_CBC_encrypt(krb5_context context, int usage, void *ivec) { - des_cblock local_ivec; - des_key_schedule *s = key->schedule->data; + DES_cblock local_ivec; + DES_key_schedule *s = key->schedule->data; if(ivec == NULL) { ivec = &local_ivec; memset(local_ivec, 0, sizeof(local_ivec)); } - des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], ivec, encrypt); + DES_ede3_cbc_encrypt(data, data, len, &s[0], &s[1], &s[2], ivec, encrypt); return 0; } @@ -2120,12 +2120,12 @@ DES_CFB64_encrypt_null_ivec(krb5_context context, int usage, void *ignore_ivec) { - des_cblock ivec; + DES_cblock ivec; int num = 0; - des_key_schedule *s = key->schedule->data; + DES_key_schedule *s = key->schedule->data; memset(&ivec, 0, sizeof(ivec)); - des_cfb64_encrypt(data, data, len, *s, &ivec, &num, encrypt); + DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encrypt); return 0; } @@ -2138,11 +2138,11 @@ DES_PCBC_encrypt_key_ivec(krb5_context context, int usage, void *ignore_ivec) { - des_cblock ivec; - des_key_schedule *s = key->schedule->data; + DES_cblock ivec; + DES_key_schedule *s = key->schedule->data; memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); - des_pcbc_encrypt(data, data, len, *s, &ivec, encrypt); + DES_pcbc_encrypt(data, data, len, s, &ivec, encrypt); return 0; } @@ -3335,23 +3335,23 @@ krb5_generate_random_block(void *buf, size_t len) void krb5_generate_random_block(void *buf, size_t len) { - des_cblock key, out; - static des_cblock counter; - static des_key_schedule schedule; + DES_cblock key, out; + static DES_cblock counter; + static DES_key_schedule schedule; int i; static int initialized = 0; HEIMDAL_MUTEX_lock(&crypto_mutex); if(!initialized) { - des_new_random_key(&key); - des_set_key(&key, schedule); + DES_new_random_key(&key); + DES_set_key(&key, &schedule); memset(&key, 0, sizeof(key)); - des_new_random_key(&counter); + DES_new_random_key(&counter); initialized = 1; } HEIMDAL_MUTEX_unlock(&crypto_mutex); while(len > 0) { - des_ecb_encrypt(&counter, &out, schedule, DES_ENCRYPT); + DES_ecb_encrypt(&counter, &out, &schedule, DES_ENCRYPT); for(i = 7; i >=0; i--) if(counter[i]++) break; @@ -3392,9 +3392,9 @@ DES3_postproc(krb5_context context, krb5_free_data(context, key->schedule); key->schedule = NULL; } - des_set_odd_parity((des_cblock*)k); - des_set_odd_parity((des_cblock*)(k + 8)); - des_set_odd_parity((des_cblock*)(k + 16)); + DES_set_odd_parity((DES_cblock*)k); + DES_set_odd_parity((DES_cblock*)(k + 8)); + DES_set_odd_parity((DES_cblock*)(k + 16)); } static krb5_error_code