xref: /netbsd-src/crypto/external/bsd/heimdal/dist/lib/krb5/crypto-des-common.c (revision ca1c9b0c534faa5fd4c7d36fd3c199a2a3d7b0e4) 
1 /*	$NetBSD: crypto-des-common.c,v 1.1.1.1 2011/04/13 18:15:32 elric Exp $	*/
2 
3 /*
4  * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 /* Functions which are used by both single and triple DES enctypes */
37 
38 #include "krb5_locl.h"
39 
40 /*
41  * A = A xor B. A & B are 8 bytes.
42  */
43 
44 void
45 _krb5_xor (DES_cblock *key, const unsigned char *b)
46 {
47     unsigned char *a = (unsigned char*)key;
48     a[0] ^= b[0];
49     a[1] ^= b[1];
50     a[2] ^= b[2];
51     a[3] ^= b[3];
52     a[4] ^= b[4];
53     a[5] ^= b[5];
54     a[6] ^= b[6];
55     a[7] ^= b[7];
56 }
57 
58 #if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO)
59 krb5_error_code
60 _krb5_des_checksum(krb5_context context,
61 		   const EVP_MD *evp_md,
62 		   struct _krb5_key_data *key,
63 		   const void *data,
64 		   size_t len,
65 		   Checksum *cksum)
66 {
67     struct _krb5_evp_schedule *ctx = key->schedule->data;
68     EVP_MD_CTX *m;
69     DES_cblock ivec;
70     unsigned char *p = cksum->checksum.data;
71 
72     krb5_generate_random_block(p, 8);
73 
74     m = EVP_MD_CTX_create();
75     if (m == NULL) {
76 	krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
77 	return ENOMEM;
78     }
79 
80     EVP_DigestInit_ex(m, evp_md, NULL);
81     EVP_DigestUpdate(m, p, 8);
82     EVP_DigestUpdate(m, data, len);
83     EVP_DigestFinal_ex (m, p + 8, NULL);
84     EVP_MD_CTX_destroy(m);
85     memset (&ivec, 0, sizeof(ivec));
86     EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
87     EVP_Cipher(&ctx->ectx, p, p, 24);
88 
89     return 0;
90 }
91 
92 krb5_error_code
93 _krb5_des_verify(krb5_context context,
94 		 const EVP_MD *evp_md,
95 		 struct _krb5_key_data *key,
96 		 const void *data,
97 		 size_t len,
98 		 Checksum *C)
99 {
100     struct _krb5_evp_schedule *ctx = key->schedule->data;
101     EVP_MD_CTX *m;
102     unsigned char tmp[24];
103     unsigned char res[16];
104     DES_cblock ivec;
105     krb5_error_code ret = 0;
106 
107     m = EVP_MD_CTX_create();
108     if (m == NULL) {
109 	krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
110 	return ENOMEM;
111     }
112 
113     memset(&ivec, 0, sizeof(ivec));
114     EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1);
115     EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24);
116 
117     EVP_DigestInit_ex(m, evp_md, NULL);
118     EVP_DigestUpdate(m, tmp, 8); /* confounder */
119     EVP_DigestUpdate(m, data, len);
120     EVP_DigestFinal_ex (m, res, NULL);
121     EVP_MD_CTX_destroy(m);
122     if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
123 	krb5_clear_error_message (context);
124 	ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
125     }
126     memset(tmp, 0, sizeof(tmp));
127     memset(res, 0, sizeof(res));
128     return ret;
129 }
130 
131 #endif
132 
133 static krb5_error_code
134 RSA_MD5_checksum(krb5_context context,
135 		 struct _krb5_key_data *key,
136 		 const void *data,
137 		 size_t len,
138 		 unsigned usage,
139 		 Checksum *C)
140 {
141     if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md5(), NULL) != 1)
142 	krb5_abortx(context, "md5 checksum failed");
143     return 0;
144 }
145 
146 struct _krb5_checksum_type _krb5_checksum_rsa_md5 = {
147     CKSUMTYPE_RSA_MD5,
148     "rsa-md5",
149     64,
150     16,
151     F_CPROOF,
152     RSA_MD5_checksum,
153     NULL
154 };
155