oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use functions from checksum.c.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2072 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1997-07-09 00:31:09 +00:00
parent 0a52d57985
commit 6ef14f388b
1 changed files with 77 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
lib/krb5/encrypt.c
View File

@@ -7,56 +7,11 @@ struct encryption_type {
int type;
size_t blocksize;
size_t confoundersize;
size_t checksumsize;
void (*encrypt)(void *, size_t, const krb5_keyblock *, int);
void (*checksum)(void *, size_t, void *);
krb5_keytype keytype;
krb5_cksumtype cksumtype;
};
void
krb5_NULL_checksum(void *p, size_t len, void *result)
{
}
void
krb5_MD4_checksum(void *p, size_t len, void *result)
{
struct md4 m;
md4_init(&m);
md4_update(&m, p, len);
md4_finito(&m, result);
}
void
krb5_MD5_checksum(void *p, size_t len, void *result)
{
struct md5 m;
md5_init(&m);
md5_update(&m, p, len);
md5_finito(&m, result);
}
void
krb5_SHA1_checksum(void *p, size_t len, void *result)
{
struct sha m;
sha_init(&m);
sha_update(&m, p, len);
sha_finito(&m, result);
}
void
krb5_CRC_checksum(void *p, size_t len, void *result)
{
u_int32_t crc;
unsigned char *r = result;
crc_init_table ();
crc = crc_update (p, len, 0);
r[0] = crc & 0xff;
r[1] = (crc >> 8) & 0xff;
r[2] = (crc >> 16) & 0xff;
r[3] = (crc >> 24) & 0xff;
}
static void
NULL_encrypt(void *p, size_t len, const krb5_keyblock *keyblock, int encrypt)
{
@@ -80,14 +35,37 @@ DES3_encrypt(void *p, size_t len, const krb5_keyblock *keyblock, int encrypt)
}
static struct encryption_type em [] = {
{ ETYPE_DES_CBC_CRC, 8, 8, 4, DES_encrypt, krb5_CRC_checksum },
{ ETYPE_DES_CBC_MD4, 8, 8, 16, DES_encrypt, krb5_MD4_checksum },
{ ETYPE_DES_CBC_MD5, 8, 8, 16, DES_encrypt, krb5_MD5_checksum },
{ ETYPE_NULL, 1, 0, 0, NULL_encrypt, krb5_NULL_checksum },
{ ETYPE_DES_CBC_CRC, 8, 8, DES_encrypt, KEYTYPE_DES, CKSUMTYPE_CRC32 },
{ ETYPE_DES_CBC_MD4, 8, 8, DES_encrypt, KEYTYPE_DES, CKSUMTYPE_RSA_MD4 },
{ ETYPE_DES_CBC_MD5, 8, 8, DES_encrypt, KEYTYPE_DES, CKSUMTYPE_RSA_MD5 },
{ ETYPE_NULL, 1, 0, NULL_encrypt, KEYTYPE_NONE, CKSUMTYPE_NONE },
};
static int num_etypes = sizeof(em) / sizeof(em[0]);
static struct encryption_type *
find_encryption_type(int etype)
{
struct encryption_type *e;
for(e = em; e < em + num_etypes; e++)
if(etype == e->type)
return e;
return NULL;
}
krb5_error_code
krb5_etype2keytype(krb5_context context,
krb5_enctype etype,
krb5_keytype *keytype)
{
struct encryption_type *e;
e = find_encryption_type(etype);
if(e == NULL)
return KRB5_PROG_ETYPE_NOSUPP;
*keytype = e->keytype;
return 0;
}
static krb5_error_code
krb5_do_encrypt(krb5_context context,
void *ptr,
@@ -97,15 +75,25 @@ krb5_do_encrypt(krb5_context context,
krb5_data *result)
{
size_t sz;
size_t checksumsize;
unsigned char *p;
sz = len + et->confoundersize + et->checksumsize;
krb5_error_code ret;
Checksum cksum;
ret = krb5_cksumsize(context, et->cksumtype, &checksumsize);
if(ret)
return ret;
sz = len + et->confoundersize + checksumsize;
sz = (sz + et->blocksize - 1) & ~ (et->blocksize - 1);
p = calloc(1, sz);
if (p == NULL)
return ENOMEM;
des_rand_data(p, et->confoundersize); /* XXX */
memcpy(p + et->confoundersize + et->checksumsize, ptr, len);
(*et->checksum)(p, sz, p + et->confoundersize);
memcpy(p + et->confoundersize + checksumsize, ptr, len);
krb5_create_checksum(context, et->cksumtype, p, sz, &cksum);
memcpy(p + et->confoundersize, cksum.checksum.data, checksumsize);
free_Checksum(&cksum);
(*et->encrypt)(p, sz, keyblock, 1);
result->data = p;
result->length = sz;
@@ -120,38 +108,40 @@ krb5_do_decrypt(krb5_context context,
const krb5_keyblock *keyblock,
krb5_data *result)
{
unsigned char *his_checksum;
unsigned char *p = ptr;
size_t outlen;
Checksum cksum;
krb5_error_code ret;
cksum.cksumtype = et->cksumtype;
ret = krb5_cksumsize(context, cksum.cksumtype, &cksum.checksum.length);
if(ret)
return ret;
outlen = len - et->confoundersize - cksum.checksum.length;
cksum.checksum.data = malloc(cksum.checksum.length);
if(cksum.checksum.data == NULL)
return ENOMEM;
(*et->encrypt)(ptr, len, keyblock, 0);
his_checksum = malloc(et->checksumsize);
memcpy(his_checksum, p + et->confoundersize, et->checksumsize);
memset(p + et->confoundersize, 0, et->checksumsize);
(*et->checksum)(p, len, p + et->confoundersize);
if (memcmp(p + et->confoundersize, his_checksum, et->checksumsize))
return KRB5KRB_AP_ERR_BAD_INTEGRITY;
outlen = len - et->confoundersize - et->checksumsize;
memcpy(cksum.checksum.data, p + et->confoundersize, cksum.checksum.length);
memset(p + et->confoundersize, 0, cksum.checksum.length);
ret = krb5_verify_checksum (context,
ptr,
len,
&cksum);
free_Checksum(&cksum);
if(ret)
return ret;
result->data = malloc(outlen);
if(result->data == NULL)
return ENOMEM;
result->length = outlen;
memcpy(result->data, p + et->confoundersize + et->checksumsize, outlen);
memcpy(result->data, p + (len - outlen), outlen);
return 0;
}
static struct encryption_type *
find_encryption_type(int etype)
{
struct encryption_type *e;
for(e = em; e < em + num_etypes; e++)
if(etype == e->type)
return e;
return NULL;
}
krb5_error_code
krb5_encrypt (krb5_context context,
void *ptr,
@@ -166,6 +156,19 @@ krb5_encrypt (krb5_context context,
return KRB5_PROG_ETYPE_NOSUPP;
}
krb5_error_code
krb5_encrypt_EncryptedData(krb5_context context,
void *ptr,
size_t len,
int etype,
const krb5_keyblock *keyblock,
EncryptedData *result)
{
result->etype = etype;
result->kvno = NULL;
return krb5_encrypt(context, ptr, len, etype, keyblock, &result->cipher);
}
krb5_error_code
krb5_decrypt (krb5_context context,
void *ptr,