2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 /* Functions which are used by both single and triple DES enctypes */
36 #include "krb5_locl.h"
39 * A = A xor B. A & B are 8 bytes.
43 _krb5_xor (DES_cblock
*key
, const unsigned char *b
)
45 unsigned char *a
= (unsigned char*)key
;
56 #if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO)
58 _krb5_des_checksum(krb5_context context
,
60 struct _krb5_key_data
*key
,
65 struct _krb5_evp_schedule
*ctx
= key
->schedule
->data
;
68 unsigned char *p
= cksum
->checksum
.data
;
70 krb5_generate_random_block(p
, 8);
72 m
= EVP_MD_CTX_create();
74 krb5_set_error_message(context
, ENOMEM
, N_("malloc: out of memory", ""));
78 EVP_DigestInit_ex(m
, evp_md
, NULL
);
79 EVP_DigestUpdate(m
, p
, 8);
80 EVP_DigestUpdate(m
, data
, len
);
81 EVP_DigestFinal_ex (m
, p
+ 8, NULL
);
82 EVP_MD_CTX_destroy(m
);
83 memset (&ivec
, 0, sizeof(ivec
));
84 EVP_CipherInit_ex(&ctx
->ectx
, NULL
, NULL
, NULL
, (void *)&ivec
, -1);
85 EVP_Cipher(&ctx
->ectx
, p
, p
, 24);
91 _krb5_des_verify(krb5_context context
,
93 struct _krb5_key_data
*key
,
98 struct _krb5_evp_schedule
*ctx
= key
->schedule
->data
;
100 unsigned char tmp
[24];
101 unsigned char res
[16];
103 krb5_error_code ret
= 0;
105 m
= EVP_MD_CTX_create();
107 krb5_set_error_message(context
, ENOMEM
, N_("malloc: out of memory", ""));
111 memset(&ivec
, 0, sizeof(ivec
));
112 EVP_CipherInit_ex(&ctx
->dctx
, NULL
, NULL
, NULL
, (void *)&ivec
, -1);
113 EVP_Cipher(&ctx
->dctx
, tmp
, C
->checksum
.data
, 24);
115 EVP_DigestInit_ex(m
, evp_md
, NULL
);
116 EVP_DigestUpdate(m
, tmp
, 8); /* confounder */
117 EVP_DigestUpdate(m
, data
, len
);
118 EVP_DigestFinal_ex (m
, res
, NULL
);
119 EVP_MD_CTX_destroy(m
);
120 if(ct_memcmp(res
, tmp
+ 8, sizeof(res
)) != 0) {
121 krb5_clear_error_message (context
);
122 ret
= KRB5KRB_AP_ERR_BAD_INTEGRITY
;
124 memset(tmp
, 0, sizeof(tmp
));
125 memset(res
, 0, sizeof(res
));
131 static krb5_error_code
132 RSA_MD5_checksum(krb5_context context
,
133 struct _krb5_key_data
*key
,
139 if (EVP_Digest(data
, len
, C
->checksum
.data
, NULL
, EVP_md5(), NULL
) != 1)
140 krb5_abortx(context
, "md5 checksum failed");
144 struct _krb5_checksum_type _krb5_checksum_rsa_md5
= {