1 /* $NetBSD: crypto-des-common.c,v 1.2 2017/01/28 21:31:49 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 /* Functions which are used by both single and triple DES enctypes */ 37 38 #include "krb5_locl.h" 39 40 /* 41 * A = A xor B. A & B are 8 bytes. 42 */ 43 44 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 45 _krb5_xor8(unsigned char *a, const unsigned char *b) 46 { 47 a[0] ^= b[0]; 48 a[1] ^= b[1]; 49 a[2] ^= b[2]; 50 a[3] ^= b[3]; 51 a[4] ^= b[4]; 52 a[5] ^= b[5]; 53 a[6] ^= b[6]; 54 a[7] ^= b[7]; 55 } 56 57 #if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO) 58 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 59 _krb5_des_checksum(krb5_context context, 60 const EVP_MD *evp_md, 61 struct _krb5_key_data *key, 62 const void *data, 63 size_t len, 64 Checksum *cksum) 65 { 66 struct _krb5_evp_schedule *ctx = key->schedule->data; 67 EVP_MD_CTX *m; 68 DES_cblock ivec; 69 unsigned char *p = cksum->checksum.data; 70 71 krb5_generate_random_block(p, 8); 72 73 m = EVP_MD_CTX_create(); 74 if (m == NULL) 75 return krb5_enomem(context); 76 77 EVP_DigestInit_ex(m, evp_md, NULL); 78 EVP_DigestUpdate(m, p, 8); 79 EVP_DigestUpdate(m, data, len); 80 EVP_DigestFinal_ex (m, p + 8, NULL); 81 EVP_MD_CTX_destroy(m); 82 memset (&ivec, 0, sizeof(ivec)); 83 EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1); 84 EVP_Cipher(&ctx->ectx, p, p, 24); 85 86 return 0; 87 } 88 89 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 90 _krb5_des_verify(krb5_context context, 91 const EVP_MD *evp_md, 92 struct _krb5_key_data *key, 93 const void *data, 94 size_t len, 95 Checksum *C) 96 { 97 struct _krb5_evp_schedule *ctx = key->schedule->data; 98 EVP_MD_CTX *m; 99 unsigned char tmp[24]; 100 unsigned char res[16]; 101 DES_cblock ivec; 102 krb5_error_code ret = 0; 103 104 m = EVP_MD_CTX_create(); 105 if (m == NULL) 106 return krb5_enomem(context); 107 108 memset(&ivec, 0, sizeof(ivec)); 109 EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1); 110 EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24); 111 112 EVP_DigestInit_ex(m, evp_md, NULL); 113 EVP_DigestUpdate(m, tmp, 8); /* confounder */ 114 EVP_DigestUpdate(m, data, len); 115 EVP_DigestFinal_ex (m, res, NULL); 116 EVP_MD_CTX_destroy(m); 117 if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) { 118 krb5_clear_error_message (context); 119 ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; 120 } 121 memset(tmp, 0, sizeof(tmp)); 122 memset(res, 0, sizeof(res)); 123 return ret; 124 } 125 126 #endif 127 128 static krb5_error_code 129 RSA_MD5_checksum(krb5_context context, 130 struct _krb5_key_data *key, 131 const void *data, 132 size_t len, 133 unsigned usage, 134 Checksum *C) 135 { 136 if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md5(), NULL) != 1) 137 krb5_abortx(context, "md5 checksum failed"); 138 return 0; 139 } 140 141 struct _krb5_checksum_type _krb5_checksum_rsa_md5 = { 142 CKSUMTYPE_RSA_MD5, 143 "rsa-md5", 144 64, 145 16, 146 F_CPROOF, 147 RSA_MD5_checksum, 148 NULL 149 }; 150