search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix -O3 -Werror=unused-result build in dcache.c (#420)
[heimdal.git] / lib / krb5 / crypto-des3.c
blobc4eba30121e87961f6841fe1dca5f556038808fc
1 /*
2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35
36 /*
37 *
38 */
39
40 static void
41 DES3_random_key(krb5_context context,
42 krb5_keyblock *key)
43 {
44 DES_cblock *k = key->keyvalue.data;
45 do {
46 krb5_generate_random_block(k, 3 * sizeof(DES_cblock));
47 DES_set_odd_parity(&k[0]);
48 DES_set_odd_parity(&k[1]);
49 DES_set_odd_parity(&k[2]);
50 } while(DES_is_weak_key(&k[0]) ||
51 DES_is_weak_key(&k[1]) ||
52 DES_is_weak_key(&k[2]));
53 }
54
55 static krb5_error_code
56 DES3_prf(krb5_context context,
57 krb5_crypto crypto,
58 const krb5_data *in,
59 krb5_data *out)
60 {
61 struct _krb5_checksum_type *ct = crypto->et->checksum;
62 struct krb5_crypto_iov iov[1];
63 krb5_error_code ret;
64 Checksum result;
65 krb5_keyblock *derived;
66
67 result.cksumtype = ct->type;
68 ret = krb5_data_alloc(&result.checksum, ct->checksumsize);
69 if (ret) {
70 krb5_set_error_message(context, ret, N_("malloc: out memory", ""));
71 return ret;
72 }
73
74 iov[0].data = *in;
75 iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
76 ret = (*ct->checksum)(context, crypto, NULL, 0, iov, 1, &result);
77 if (ret) {
78 krb5_data_free(&result.checksum);
79 return ret;
80 }
81
82 if (result.checksum.length < crypto->et->blocksize)
83 krb5_abortx(context, "internal prf error");
84
85 derived = NULL;
86 ret = krb5_derive_key(context, crypto->key.key,
87 crypto->et->type, "prf", 3, &derived);
88 if (ret)
89 krb5_abortx(context, "krb5_derive_key");
90
91 ret = krb5_data_alloc(out, crypto->et->prf_length);
92 if (ret)
93 krb5_abortx(context, "malloc failed");
94
95 {
96 const EVP_CIPHER *c = (*crypto->et->keytype->evp)();
97 EVP_CIPHER_CTX ctx;
98
99 EVP_CIPHER_CTX_init(&ctx); /* ivec all zero */
100 EVP_CipherInit_ex(&ctx, c, NULL, derived->keyvalue.data, NULL, 1);
101 EVP_Cipher(&ctx, out->data, result.checksum.data,
102 crypto->et->prf_length);
103 EVP_CIPHER_CTX_cleanup(&ctx);
104 }
105
106 krb5_data_free(&result.checksum);
107 krb5_free_keyblock(context, derived);
108
109 return ret;
110 }
111
112 #ifdef DES3_OLD_ENCTYPE
113 static struct _krb5_key_type keytype_des3 = {
114 ETYPE_OLD_DES3_CBC_SHA1,
115 "des3",
116 168,
117 24,
118 sizeof(struct _krb5_evp_schedule),
119 DES3_random_key,
120 _krb5_evp_schedule,
121 _krb5_des3_salt,
122 _krb5_DES3_random_to_key,
123 _krb5_evp_cleanup,
124 EVP_des_ede3_cbc
125 };
126 #endif
127
128 static struct _krb5_key_type keytype_des3_derived = {
129 ETYPE_OLD_DES3_CBC_SHA1,
130 "des3",
131 168,
132 24,
133 sizeof(struct _krb5_evp_schedule),
134 DES3_random_key,
135 _krb5_evp_schedule,
136 _krb5_des3_salt_derived,
137 _krb5_DES3_random_to_key,
138 _krb5_evp_cleanup,
139 EVP_des_ede3_cbc
140 };
141
142 #ifdef DES3_OLD_ENCTYPE
143 static krb5_error_code
144 RSA_MD5_DES3_checksum(krb5_context context,
145 krb5_crypto crypto,
146 struct _krb5_key_data *key,
147 unsigned usage,
148 const struct krb5_crypto_iov *iov,
149 int niov,
150 Checksum *C)
151 {
152 return _krb5_des_checksum(context, EVP_md5(), key, iov, niov, C);
153 }
154
155 static krb5_error_code
156 RSA_MD5_DES3_verify(krb5_context context,
157 krb5_crypto crypto,
158 struct _krb5_key_data *key,
159 unsigned usage,
160 const struct krb5_crypto_iov *iov,
161 int niov,
162 Checksum *C)
163 {
164 return _krb5_des_verify(context, EVP_md5(), key, iov, niov, C);
165 }
166
167 struct _krb5_checksum_type _krb5_checksum_rsa_md5_des3 = {
168 CKSUMTYPE_RSA_MD5_DES3,
169 "rsa-md5-des3",
170 64,
171 24,
172 F_KEYED | F_CPROOF | F_VARIANT,
173 RSA_MD5_DES3_checksum,
174 RSA_MD5_DES3_verify
175 };
176 #endif
177
178 struct _krb5_checksum_type _krb5_checksum_hmac_sha1_des3 = {
179 CKSUMTYPE_HMAC_SHA1_DES3,
180 "hmac-sha1-des3",
181 64,
182 20,
183 F_KEYED | F_CPROOF | F_DERIVED,
184 _krb5_SP_HMAC_SHA1_checksum,
185 NULL
186 };
187
188 #ifdef DES3_OLD_ENCTYPE
189 struct _krb5_encryption_type _krb5_enctype_des3_cbc_md5 = {
190 ETYPE_DES3_CBC_MD5,
191 "des3-cbc-md5",
192 NULL,
193 8,
194 8,
195 8,
196 &keytype_des3,
197 &_krb5_checksum_rsa_md5,
198 &_krb5_checksum_rsa_md5_des3,
199 0,
200 _krb5_evp_encrypt,
201 _krb5_evp_encrypt_iov,
202 0,
203 NULL
204 };
205 #endif
206
207 struct _krb5_encryption_type _krb5_enctype_des3_cbc_sha1 = {
208 ETYPE_DES3_CBC_SHA1,
209 "des3-cbc-sha1",
210 NULL,
211 8,
212 8,
213 8,
214 &keytype_des3_derived,
215 &_krb5_checksum_sha1,
216 &_krb5_checksum_hmac_sha1_des3,
217 F_DERIVED | F_RFC3961_ENC | F_RFC3961_KDF,
218 _krb5_evp_encrypt,
219 _krb5_evp_encrypt_iov,
220 16,
221 DES3_prf
222 };
223
224 #ifdef DES3_OLD_ENCTYPE
225 struct _krb5_encryption_type _krb5_enctype_old_des3_cbc_sha1 = {
226 ETYPE_OLD_DES3_CBC_SHA1,
227 "old-des3-cbc-sha1",
228 NULL,
229 8,
230 8,
231 8,
232 &keytype_des3,
233 &_krb5_checksum_sha1,
234 &_krb5_checksum_hmac_sha1_des3,
235 0,
236 _krb5_evp_encrypt,
237 _krb5_evp_encrypt_iov,
238 0,
239 NULL
240 };
241 #endif
242
243 struct _krb5_encryption_type _krb5_enctype_des3_cbc_none = {
244 ETYPE_DES3_CBC_NONE,
245 "des3-cbc-none",
246 NULL,
247 8,
248 8,
249 0,
250 &keytype_des3_derived,
251 &_krb5_checksum_none,
252 NULL,
253 F_PSEUDO,
254 _krb5_evp_encrypt,
255 _krb5_evp_encrypt_iov,
256 0,
257 NULL
258 };
259
260 void
261 _krb5_DES3_random_to_key(krb5_context context,
262 krb5_keyblock *key,
263 const void *data,
264 size_t size)
265 {
266 unsigned char *x = key->keyvalue.data;
267 const u_char *q = data;
268 DES_cblock *k;
269 int i, j;
270
271 memset(key->keyvalue.data, 0, key->keyvalue.length);
272 for (i = 0; i < 3; ++i) {
273 unsigned char foo;
274 for (j = 0; j < 7; ++j) {
275 unsigned char b = q[7 * i + j];
276
277 x[8 * i + j] = b;
278 }
279 foo = 0;
280 for (j = 6; j >= 0; --j) {
281 foo |= q[7 * i + j] & 1;
282 foo <<= 1;
283 }
284 x[8 * i + 7] = foo;
285 }
286 k = key->keyvalue.data;
287 for (i = 0; i < 3; i++) {
288 DES_set_odd_parity(&k[i]);
289 if(DES_is_weak_key(&k[i]))
290 _krb5_xor8(k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
291 }
292 }
Heimdal