xref: /netbsd-src/crypto/external/bsd/heimdal/dist/lib/krb5/crypto-des.c (revision 82d56013d7b633d116a93943de88e08335357a7c)
1 /*	$NetBSD: crypto-des.c,v 1.3 2018/02/05 16:00:53 christos Exp $	*/
2 
3 /*
4  * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include "krb5_locl.h"
37 
38 #ifdef HEIM_WEAK_CRYPTO
39 
40 
41 static void
42 krb5_DES_random_key(krb5_context context,
43 		    krb5_keyblock *key)
44 {
45     DES_cblock *k = key->keyvalue.data;
46     do {
47 	krb5_generate_random_block(k, sizeof(DES_cblock));
48 	DES_set_odd_parity(k);
49     } while(DES_is_weak_key(k));
50 }
51 
52 static void
53 krb5_DES_schedule_old(krb5_context context,
54 		      struct _krb5_key_type *kt,
55 		      struct _krb5_key_data *key)
56 {
57     DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data);
58 }
59 
60 static void
61 krb5_DES_random_to_key(krb5_context context,
62 		       krb5_keyblock *key,
63 		       const void *data,
64 		       size_t size)
65 {
66     DES_cblock *k = key->keyvalue.data;
67     memcpy(k, data, key->keyvalue.length);
68     DES_set_odd_parity(k);
69     if(DES_is_weak_key(k))
70 	_krb5_xor8(*k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
71 }
72 
73 static struct _krb5_key_type keytype_des_old = {
74     ETYPE_DES_CBC_CRC,
75     "des-old",
76     56,
77     8,
78     sizeof(DES_key_schedule),
79     krb5_DES_random_key,
80     krb5_DES_schedule_old,
81     _krb5_des_salt,
82     krb5_DES_random_to_key,
83     NULL,
84     NULL
85 };
86 
87 static struct _krb5_key_type keytype_des = {
88     ETYPE_DES_CBC_CRC,
89     "des",
90     56,
91     8,
92     sizeof(struct _krb5_evp_schedule),
93     krb5_DES_random_key,
94     _krb5_evp_schedule,
95     _krb5_des_salt,
96     krb5_DES_random_to_key,
97     _krb5_evp_cleanup,
98     EVP_des_cbc
99 };
100 
101 static krb5_error_code
102 CRC32_checksum(krb5_context context,
103 	       struct _krb5_key_data *key,
104 	       const void *data,
105 	       size_t len,
106 	       unsigned usage,
107 	       Checksum *C)
108 {
109     uint32_t crc;
110     unsigned char *r = C->checksum.data;
111     _krb5_crc_init_table ();
112     crc = _krb5_crc_update (data, len, 0);
113     r[0] = crc & 0xff;
114     r[1] = (crc >> 8)  & 0xff;
115     r[2] = (crc >> 16) & 0xff;
116     r[3] = (crc >> 24) & 0xff;
117     return 0;
118 }
119 
120 static krb5_error_code
121 RSA_MD4_checksum(krb5_context context,
122 		 struct _krb5_key_data *key,
123 		 const void *data,
124 		 size_t len,
125 		 unsigned usage,
126 		 Checksum *C)
127 {
128     if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1)
129 	krb5_abortx(context, "md4 checksum failed");
130     return 0;
131 }
132 
133 static krb5_error_code
134 RSA_MD4_DES_checksum(krb5_context context,
135 		     struct _krb5_key_data *key,
136 		     const void *data,
137 		     size_t len,
138 		     unsigned usage,
139 		     Checksum *cksum)
140 {
141     return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum);
142 }
143 
144 static krb5_error_code
145 RSA_MD4_DES_verify(krb5_context context,
146 		   struct _krb5_key_data *key,
147 		   const void *data,
148 		   size_t len,
149 		   unsigned usage,
150 		   Checksum *C)
151 {
152     return _krb5_des_verify(context, EVP_md4(), key, data, len, C);
153 }
154 
155 static krb5_error_code
156 RSA_MD5_DES_checksum(krb5_context context,
157 		     struct _krb5_key_data *key,
158 		     const void *data,
159 		     size_t len,
160 		     unsigned usage,
161 		     Checksum *C)
162 {
163     return _krb5_des_checksum(context, EVP_md5(), key, data, len, C);
164 }
165 
166 static krb5_error_code
167 RSA_MD5_DES_verify(krb5_context context,
168 		   struct _krb5_key_data *key,
169 		   const void *data,
170 		   size_t len,
171 		   unsigned usage,
172 		   Checksum *C)
173 {
174     return _krb5_des_verify(context, EVP_md5(), key, data, len, C);
175 }
176 
177 struct _krb5_checksum_type _krb5_checksum_crc32 = {
178     CKSUMTYPE_CRC32,
179     "crc32",
180     1,
181     4,
182     0,
183     CRC32_checksum,
184     NULL
185 };
186 
187 struct _krb5_checksum_type _krb5_checksum_rsa_md4 = {
188     CKSUMTYPE_RSA_MD4,
189     "rsa-md4",
190     64,
191     16,
192     F_CPROOF,
193     RSA_MD4_checksum,
194     NULL
195 };
196 
197 struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = {
198     CKSUMTYPE_RSA_MD4_DES,
199     "rsa-md4-des",
200     64,
201     24,
202     F_KEYED | F_CPROOF | F_VARIANT,
203     RSA_MD4_DES_checksum,
204     RSA_MD4_DES_verify
205 };
206 
207 struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = {
208     CKSUMTYPE_RSA_MD5_DES,
209     "rsa-md5-des",
210     64,
211     24,
212     F_KEYED | F_CPROOF | F_VARIANT,
213     RSA_MD5_DES_checksum,
214     RSA_MD5_DES_verify
215 };
216 
217 static krb5_error_code
218 evp_des_encrypt_null_ivec(krb5_context context,
219 			  struct _krb5_key_data *key,
220 			  void *data,
221 			  size_t len,
222 			  krb5_boolean encryptp,
223 			  int usage,
224 			  void *ignore_ivec)
225 {
226     struct _krb5_evp_schedule *ctx = key->schedule->data;
227     EVP_CIPHER_CTX *c;
228     DES_cblock ivec;
229     memset(&ivec, 0, sizeof(ivec));
230     c = encryptp ? ctx->ectx : ctx->dctx;
231     EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
232     EVP_Cipher(c, data, data, len);
233     return 0;
234 }
235 
236 static krb5_error_code
237 evp_des_encrypt_key_ivec(krb5_context context,
238 			 struct _krb5_key_data *key,
239 			 void *data,
240 			 size_t len,
241 			 krb5_boolean encryptp,
242 			 int usage,
243 			 void *ignore_ivec)
244 {
245     struct _krb5_evp_schedule *ctx = key->schedule->data;
246     EVP_CIPHER_CTX *c;
247     DES_cblock ivec;
248     memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
249     c = encryptp ? ctx->ectx : ctx->dctx;
250     EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
251     EVP_Cipher(c, data, data, len);
252     return 0;
253 }
254 
255 static krb5_error_code
256 DES_CFB64_encrypt_null_ivec(krb5_context context,
257 			    struct _krb5_key_data *key,
258 			    void *data,
259 			    size_t len,
260 			    krb5_boolean encryptp,
261 			    int usage,
262 			    void *ignore_ivec)
263 {
264     DES_cblock ivec;
265     int num = 0;
266     DES_key_schedule *s = key->schedule->data;
267     memset(&ivec, 0, sizeof(ivec));
268 
269     DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp);
270     return 0;
271 }
272 
273 static krb5_error_code
274 DES_PCBC_encrypt_key_ivec(krb5_context context,
275 			  struct _krb5_key_data *key,
276 			  void *data,
277 			  size_t len,
278 			  krb5_boolean encryptp,
279 			  int usage,
280 			  void *ignore_ivec)
281 {
282     DES_cblock ivec;
283     DES_key_schedule *s = key->schedule->data;
284     memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
285 
286     DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp);
287     return 0;
288 }
289 
290 struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = {
291     ETYPE_DES_CBC_CRC,
292     "des-cbc-crc",
293     NULL,
294     8,
295     8,
296     8,
297     &keytype_des,
298     &_krb5_checksum_crc32,
299     NULL,
300     F_DISABLED|F_WEAK,
301     evp_des_encrypt_key_ivec,
302     0,
303     NULL
304 };
305 
306 struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = {
307     ETYPE_DES_CBC_MD4,
308     "des-cbc-md4",
309     NULL,
310     8,
311     8,
312     8,
313     &keytype_des,
314     &_krb5_checksum_rsa_md4,
315     &_krb5_checksum_rsa_md4_des,
316     F_DISABLED|F_WEAK,
317     evp_des_encrypt_null_ivec,
318     0,
319     NULL
320 };
321 
322 struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = {
323     ETYPE_DES_CBC_MD5,
324     "des-cbc-md5",
325     NULL,
326     8,
327     8,
328     8,
329     &keytype_des,
330     &_krb5_checksum_rsa_md5,
331     &_krb5_checksum_rsa_md5_des,
332     F_DISABLED|F_WEAK,
333     evp_des_encrypt_null_ivec,
334     0,
335     NULL
336 };
337 
338 struct _krb5_encryption_type _krb5_enctype_des_cbc_none = {
339     ETYPE_DES_CBC_NONE,
340     "des-cbc-none",
341     NULL,
342     8,
343     8,
344     0,
345     &keytype_des,
346     &_krb5_checksum_none,
347     NULL,
348     F_PSEUDO|F_DISABLED|F_WEAK,
349     evp_des_encrypt_null_ivec,
350     0,
351     NULL
352 };
353 
354 struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = {
355     ETYPE_DES_CFB64_NONE,
356     "des-cfb64-none",
357     NULL,
358     1,
359     1,
360     0,
361     &keytype_des_old,
362     &_krb5_checksum_none,
363     NULL,
364     F_PSEUDO|F_DISABLED|F_WEAK,
365     DES_CFB64_encrypt_null_ivec,
366     0,
367     NULL
368 };
369 
370 struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = {
371     ETYPE_DES_PCBC_NONE,
372     "des-pcbc-none",
373     NULL,
374     8,
375     8,
376     0,
377     &keytype_des_old,
378     &_krb5_checksum_none,
379     NULL,
380     F_PSEUDO|F_DISABLED|F_WEAK,
381     DES_PCBC_encrypt_key_ivec,
382     0,
383     NULL
384 };
385 #endif /* HEIM_WEAK_CRYPTO */
386