1 /* $NetBSD: crypto-des-common.c,v 1.1.1.1 2011/04/13 18:15:32 elric Exp $ */
2
3 /*
4 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 /* Functions which are used by both single and triple DES enctypes */
37
38 #include "krb5_locl.h"
39
40 /*
41 * A = A xor B. A & B are 8 bytes.
42 */
43
44 void
_krb5_xor(DES_cblock * key,const unsigned char * b)45 _krb5_xor (DES_cblock *key, const unsigned char *b)
46 {
47 unsigned char *a = (unsigned char*)key;
48 a[0] ^= b[0];
49 a[1] ^= b[1];
50 a[2] ^= b[2];
51 a[3] ^= b[3];
52 a[4] ^= b[4];
53 a[5] ^= b[5];
54 a[6] ^= b[6];
55 a[7] ^= b[7];
56 }
57
58 #if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO)
59 krb5_error_code
_krb5_des_checksum(krb5_context context,const EVP_MD * evp_md,struct _krb5_key_data * key,const void * data,size_t len,Checksum * cksum)60 _krb5_des_checksum(krb5_context context,
61 const EVP_MD *evp_md,
62 struct _krb5_key_data *key,
63 const void *data,
64 size_t len,
65 Checksum *cksum)
66 {
67 struct _krb5_evp_schedule *ctx = key->schedule->data;
68 EVP_MD_CTX *m;
69 DES_cblock ivec;
70 unsigned char *p = cksum->checksum.data;
71
72 krb5_generate_random_block(p, 8);
73
74 m = EVP_MD_CTX_create();
75 if (m == NULL) {
76 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
77 return ENOMEM;
78 }
79
80 EVP_DigestInit_ex(m, evp_md, NULL);
81 EVP_DigestUpdate(m, p, 8);
82 EVP_DigestUpdate(m, data, len);
83 EVP_DigestFinal_ex (m, p + 8, NULL);
84 EVP_MD_CTX_destroy(m);
85 memset (&ivec, 0, sizeof(ivec));
86 EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
87 EVP_Cipher(&ctx->ectx, p, p, 24);
88
89 return 0;
90 }
91
92 krb5_error_code
_krb5_des_verify(krb5_context context,const EVP_MD * evp_md,struct _krb5_key_data * key,const void * data,size_t len,Checksum * C)93 _krb5_des_verify(krb5_context context,
94 const EVP_MD *evp_md,
95 struct _krb5_key_data *key,
96 const void *data,
97 size_t len,
98 Checksum *C)
99 {
100 struct _krb5_evp_schedule *ctx = key->schedule->data;
101 EVP_MD_CTX *m;
102 unsigned char tmp[24];
103 unsigned char res[16];
104 DES_cblock ivec;
105 krb5_error_code ret = 0;
106
107 m = EVP_MD_CTX_create();
108 if (m == NULL) {
109 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
110 return ENOMEM;
111 }
112
113 memset(&ivec, 0, sizeof(ivec));
114 EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1);
115 EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24);
116
117 EVP_DigestInit_ex(m, evp_md, NULL);
118 EVP_DigestUpdate(m, tmp, 8); /* confounder */
119 EVP_DigestUpdate(m, data, len);
120 EVP_DigestFinal_ex (m, res, NULL);
121 EVP_MD_CTX_destroy(m);
122 if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
123 krb5_clear_error_message (context);
124 ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
125 }
126 memset(tmp, 0, sizeof(tmp));
127 memset(res, 0, sizeof(res));
128 return ret;
129 }
130
131 #endif
132
133 static krb5_error_code
RSA_MD5_checksum(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * C)134 RSA_MD5_checksum(krb5_context context,
135 struct _krb5_key_data *key,
136 const void *data,
137 size_t len,
138 unsigned usage,
139 Checksum *C)
140 {
141 if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md5(), NULL) != 1)
142 krb5_abortx(context, "md5 checksum failed");
143 return 0;
144 }
145
146 struct _krb5_checksum_type _krb5_checksum_rsa_md5 = {
147 CKSUMTYPE_RSA_MD5,
148 "rsa-md5",
149 64,
150 16,
151 F_CPROOF,
152 RSA_MD5_checksum,
153 NULL
154 };
155