oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

support padding as its done in CMS

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14283 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2004-10-03 17:19:53 +00:00
parent 31b9ad59ba
commit d6cb6af31e
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/krb5/crypto.c
View File

@@ -70,6 +70,7 @@ struct krb5_crypto_data {
#define F_PSEUDO 16 /* not a real protocol type */ #define F_PSEUDO 16 /* not a real protocol type */
#define F_SPECIAL 32 /* backwards */ #define F_SPECIAL 32 /* backwards */
#define F_DISABLED 64 /* enctype/checksum disabled */ #define F_DISABLED 64 /* enctype/checksum disabled */
#define F_PADCMS 128 /* padding done like in CMS */
struct salt_type { struct salt_type {
krb5_salttype type; krb5_salttype type;
@@ -2885,7 +2886,7 @@ static struct encryption_type enctype_aes128_cbc_none = {
&keytype_aes128, &keytype_aes128,
&checksum_none, &checksum_none,
NULL, NULL,
F_PSEUDO, F_PSEUDO|F_PADCMS,
AES_CBC_encrypt, AES_CBC_encrypt,
}; };
static unsigned aes_192_cbc_num[] = { 2, 16, 840, 1, 101, 3, 4, 1, 22 }; static unsigned aes_192_cbc_num[] = { 2, 16, 840, 1, 101, 3, 4, 1, 22 };
@@ -2900,7 +2901,7 @@ static struct encryption_type enctype_aes192_cbc_none = {
&keytype_aes192, &keytype_aes192,
&checksum_none, &checksum_none,
NULL, NULL,
F_PSEUDO, F_PSEUDO|F_PADCMS,
AES_CBC_encrypt, AES_CBC_encrypt,
}; };
static unsigned aes_256_cbc_num[] = { 2, 16, 840, 1, 101, 3, 4, 1, 42 }; static unsigned aes_256_cbc_num[] = { 2, 16, 840, 1, 101, 3, 4, 1, 42 };
@@ -2915,7 +2916,7 @@ static struct encryption_type enctype_aes256_cbc_none = {
&keytype_aes256, &keytype_aes256,
&checksum_none, &checksum_none,
NULL, NULL,
F_PSEUDO, F_PSEUDO|F_PADCMS,
AES_CBC_encrypt, AES_CBC_encrypt,
}; };
#endif /* ENABLE_AES */ #endif /* ENABLE_AES */
@@ -3332,7 +3333,7 @@ encrypt_internal(krb5_context context,
krb5_data *result, krb5_data *result,
void *ivec) void *ivec)
{ {
size_t sz, block_sz, checksum_sz; size_t sz, block_sz, checksum_sz, padsize = 0;
Checksum cksum; Checksum cksum;
unsigned char *p, *q; unsigned char *p, *q;
krb5_error_code ret; krb5_error_code ret;
@@ -3342,6 +3343,11 @@ encrypt_internal(krb5_context context,
sz = et->confoundersize + checksum_sz + len; sz = et->confoundersize + checksum_sz + len;
block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */
if (et->flags & F_PADCMS) {
padsize = et->padsize - (sz % et->padsize);
if (padsize == et->padsize)
block_sz += et->padsize;
}
p = calloc(1, block_sz); p = calloc(1, block_sz);
if(p == NULL) { if(p == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_string(context, "malloc: out of memory");
@@ -3374,6 +3380,12 @@ encrypt_internal(krb5_context context,
ret = _key_schedule(context, &crypto->key, crypto->params); ret = _key_schedule(context, &crypto->key, crypto->params);
if(ret) if(ret)
goto fail; goto fail;
if (et->flags & F_PADCMS) {
int i;
q = p + len;
for (i = 0; i < padsize; i++)
q[i] = padsize;
}
#ifdef CRYPTO_DEBUG #ifdef CRYPTO_DEBUG
krb5_crypto_debug(context, 1, block_sz, crypto->key.key); krb5_crypto_debug(context, 1, block_sz, crypto->key.key);
#endif #endif