1 /* $NetBSD: crypto-des.c,v 1.1.1.2 2014/04/24 12:45:49 pettai Exp $ */ 2 3 /* 4 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include "krb5_locl.h" 37 38 #ifdef HEIM_WEAK_CRYPTO 39 40 41 static void 42 krb5_DES_random_key(krb5_context context, 43 krb5_keyblock *key) 44 { 45 DES_cblock *k = key->keyvalue.data; 46 do { 47 krb5_generate_random_block(k, sizeof(DES_cblock)); 48 DES_set_odd_parity(k); 49 } while(DES_is_weak_key(k)); 50 } 51 52 static void 53 krb5_DES_schedule_old(krb5_context context, 54 struct _krb5_key_type *kt, 55 struct _krb5_key_data *key) 56 { 57 DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data); 58 } 59 60 static void 61 krb5_DES_random_to_key(krb5_context context, 62 krb5_keyblock *key, 63 const void *data, 64 size_t size) 65 { 66 DES_cblock *k = key->keyvalue.data; 67 memcpy(k, data, key->keyvalue.length); 68 DES_set_odd_parity(k); 69 if(DES_is_weak_key(k)) 70 _krb5_xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); 71 } 72 73 static struct _krb5_key_type keytype_des_old = { 74 ETYPE_DES_CBC_CRC, 75 "des-old", 76 56, 77 8, 78 sizeof(DES_key_schedule), 79 krb5_DES_random_key, 80 krb5_DES_schedule_old, 81 _krb5_des_salt, 82 krb5_DES_random_to_key, 83 NULL, 84 NULL 85 }; 86 87 static struct _krb5_key_type keytype_des = { 88 ETYPE_DES_CBC_CRC, 89 "des", 90 56, 91 8, 92 sizeof(struct _krb5_evp_schedule), 93 krb5_DES_random_key, 94 _krb5_evp_schedule, 95 _krb5_des_salt, 96 krb5_DES_random_to_key, 97 _krb5_evp_cleanup, 98 EVP_des_cbc 99 }; 100 101 static krb5_error_code 102 CRC32_checksum(krb5_context context, 103 struct _krb5_key_data *key, 104 const void *data, 105 size_t len, 106 unsigned usage, 107 Checksum *C) 108 { 109 uint32_t crc; 110 unsigned char *r = C->checksum.data; 111 _krb5_crc_init_table (); 112 crc = _krb5_crc_update (data, len, 0); 113 r[0] = crc & 0xff; 114 r[1] = (crc >> 8) & 0xff; 115 r[2] = (crc >> 16) & 0xff; 116 r[3] = (crc >> 24) & 0xff; 117 return 0; 118 } 119 120 static krb5_error_code 121 RSA_MD4_checksum(krb5_context context, 122 struct _krb5_key_data *key, 123 const void *data, 124 size_t len, 125 unsigned usage, 126 Checksum *C) 127 { 128 if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1) 129 krb5_abortx(context, "md4 checksum failed"); 130 return 0; 131 } 132 133 static krb5_error_code 134 RSA_MD4_DES_checksum(krb5_context context, 135 struct _krb5_key_data *key, 136 const void *data, 137 size_t len, 138 unsigned usage, 139 Checksum *cksum) 140 { 141 return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum); 142 } 143 144 static krb5_error_code 145 RSA_MD4_DES_verify(krb5_context context, 146 struct _krb5_key_data *key, 147 const void *data, 148 size_t len, 149 unsigned usage, 150 Checksum *C) 151 { 152 return _krb5_des_verify(context, EVP_md4(), key, data, len, C); 153 } 154 155 static krb5_error_code 156 RSA_MD5_DES_checksum(krb5_context context, 157 struct _krb5_key_data *key, 158 const void *data, 159 size_t len, 160 unsigned usage, 161 Checksum *C) 162 { 163 return _krb5_des_checksum(context, EVP_md5(), key, data, len, C); 164 } 165 166 static krb5_error_code 167 RSA_MD5_DES_verify(krb5_context context, 168 struct _krb5_key_data *key, 169 const void *data, 170 size_t len, 171 unsigned usage, 172 Checksum *C) 173 { 174 return _krb5_des_verify(context, EVP_md5(), key, data, len, C); 175 } 176 177 struct _krb5_checksum_type _krb5_checksum_crc32 = { 178 CKSUMTYPE_CRC32, 179 "crc32", 180 1, 181 4, 182 0, 183 CRC32_checksum, 184 NULL 185 }; 186 187 struct _krb5_checksum_type _krb5_checksum_rsa_md4 = { 188 CKSUMTYPE_RSA_MD4, 189 "rsa-md4", 190 64, 191 16, 192 F_CPROOF, 193 RSA_MD4_checksum, 194 NULL 195 }; 196 197 struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = { 198 CKSUMTYPE_RSA_MD4_DES, 199 "rsa-md4-des", 200 64, 201 24, 202 F_KEYED | F_CPROOF | F_VARIANT, 203 RSA_MD4_DES_checksum, 204 RSA_MD4_DES_verify 205 }; 206 207 struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = { 208 CKSUMTYPE_RSA_MD5_DES, 209 "rsa-md5-des", 210 64, 211 24, 212 F_KEYED | F_CPROOF | F_VARIANT, 213 RSA_MD5_DES_checksum, 214 RSA_MD5_DES_verify 215 }; 216 217 static krb5_error_code 218 evp_des_encrypt_null_ivec(krb5_context context, 219 struct _krb5_key_data *key, 220 void *data, 221 size_t len, 222 krb5_boolean encryptp, 223 int usage, 224 void *ignore_ivec) 225 { 226 struct _krb5_evp_schedule *ctx = key->schedule->data; 227 EVP_CIPHER_CTX *c; 228 DES_cblock ivec; 229 memset(&ivec, 0, sizeof(ivec)); 230 c = encryptp ? &ctx->ectx : &ctx->dctx; 231 EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1); 232 EVP_Cipher(c, data, data, len); 233 return 0; 234 } 235 236 static krb5_error_code 237 evp_des_encrypt_key_ivec(krb5_context context, 238 struct _krb5_key_data *key, 239 void *data, 240 size_t len, 241 krb5_boolean encryptp, 242 int usage, 243 void *ignore_ivec) 244 { 245 struct _krb5_evp_schedule *ctx = key->schedule->data; 246 EVP_CIPHER_CTX *c; 247 DES_cblock ivec; 248 memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); 249 c = encryptp ? &ctx->ectx : &ctx->dctx; 250 EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1); 251 EVP_Cipher(c, data, data, len); 252 return 0; 253 } 254 255 static krb5_error_code 256 DES_CFB64_encrypt_null_ivec(krb5_context context, 257 struct _krb5_key_data *key, 258 void *data, 259 size_t len, 260 krb5_boolean encryptp, 261 int usage, 262 void *ignore_ivec) 263 { 264 DES_cblock ivec; 265 int num = 0; 266 DES_key_schedule *s = key->schedule->data; 267 memset(&ivec, 0, sizeof(ivec)); 268 269 DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp); 270 return 0; 271 } 272 273 static krb5_error_code 274 DES_PCBC_encrypt_key_ivec(krb5_context context, 275 struct _krb5_key_data *key, 276 void *data, 277 size_t len, 278 krb5_boolean encryptp, 279 int usage, 280 void *ignore_ivec) 281 { 282 DES_cblock ivec; 283 DES_key_schedule *s = key->schedule->data; 284 memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); 285 286 DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp); 287 return 0; 288 } 289 290 struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = { 291 ETYPE_DES_CBC_CRC, 292 "des-cbc-crc", 293 8, 294 8, 295 8, 296 &keytype_des, 297 &_krb5_checksum_crc32, 298 NULL, 299 F_DISABLED|F_WEAK, 300 evp_des_encrypt_key_ivec, 301 0, 302 NULL 303 }; 304 305 struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = { 306 ETYPE_DES_CBC_MD4, 307 "des-cbc-md4", 308 8, 309 8, 310 8, 311 &keytype_des, 312 &_krb5_checksum_rsa_md4, 313 &_krb5_checksum_rsa_md4_des, 314 F_DISABLED|F_WEAK, 315 evp_des_encrypt_null_ivec, 316 0, 317 NULL 318 }; 319 320 struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = { 321 ETYPE_DES_CBC_MD5, 322 "des-cbc-md5", 323 8, 324 8, 325 8, 326 &keytype_des, 327 &_krb5_checksum_rsa_md5, 328 &_krb5_checksum_rsa_md5_des, 329 F_DISABLED|F_WEAK, 330 evp_des_encrypt_null_ivec, 331 0, 332 NULL 333 }; 334 335 struct _krb5_encryption_type _krb5_enctype_des_cbc_none = { 336 ETYPE_DES_CBC_NONE, 337 "des-cbc-none", 338 8, 339 8, 340 0, 341 &keytype_des, 342 &_krb5_checksum_none, 343 NULL, 344 F_PSEUDO|F_DISABLED|F_WEAK, 345 evp_des_encrypt_null_ivec, 346 0, 347 NULL 348 }; 349 350 struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = { 351 ETYPE_DES_CFB64_NONE, 352 "des-cfb64-none", 353 1, 354 1, 355 0, 356 &keytype_des_old, 357 &_krb5_checksum_none, 358 NULL, 359 F_PSEUDO|F_DISABLED|F_WEAK, 360 DES_CFB64_encrypt_null_ivec, 361 0, 362 NULL 363 }; 364 365 struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = { 366 ETYPE_DES_PCBC_NONE, 367 "des-pcbc-none", 368 8, 369 8, 370 0, 371 &keytype_des_old, 372 &_krb5_checksum_none, 373 NULL, 374 F_PSEUDO|F_DISABLED|F_WEAK, 375 DES_PCBC_encrypt_key_ivec, 376 0, 377 NULL 378 }; 379 #endif /* HEIM_WEAK_CRYPTO */ 380