diff --git a/0004-downstream-Remove-3des-support.patch b/0004-downstream-Remove-3des-support.patch deleted file mode 100644 index 4ec3a0ff32138222d89205acab1a5ba332d44d1c..0000000000000000000000000000000000000000 --- a/0004-downstream-Remove-3des-support.patch +++ /dev/null @@ -1,6228 +0,0 @@ -From 7b40250066bbcc529b5348b68199c58fbad82376 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Tue, 26 Mar 2019 18:51:10 -0400 -Subject: [PATCH] [downstream] Remove 3des support - -Completely remove support for all DES3 enctypes (des3-cbc-raw, -des3-hmac-sha1, des3-cbc-sha1-kd). Update all tests and documentation -to user other enctypes. Mark the 3DES enctypes UNSUPPORTED and retain -their constants. - -Last-updated: 1.20-final -[antorres@redhat.com: remove diffs for: - - src/kdamin/testing/proto/kdc.conf.proto - - src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp - - src/lib/kadm5/unit-test/api.current/get-principal-v2.exp - - src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp - since they were removed by Remove-TCL-based-libkadm5-API-tests.patch] -[jrische@redhat.com: restore supportedCMSTypes (not using 3DES any more): - - src/plugins/preauth/pkinit/pkinit_crypto.h - - src/plugins/preauth/pkinit/pkinit_crypto_openssl.c - - src/plugins/preauth/pkinit/pkinit_clnt.c] ---- - doc/admin/advanced/retiring-des.rst | 11 + - doc/admin/conf_files/kdc_conf.rst | 7 +- - doc/admin/enctypes.rst | 10 +- - doc/admin/troubleshoot.rst | 9 +- - doc/appdev/refs/macros/index.rst | 1 - - doc/conf.py | 2 +- - doc/mitK5features.rst | 2 +- - src/Makefile.in | 4 +- - src/configure.ac | 4 +- - src/include/krb5/krb5.hin | 10 +- - src/kdc/kdc_util.c | 4 - - src/lib/crypto/Makefile.in | 8 +- - src/lib/crypto/builtin/Makefile.in | 6 +- - src/lib/crypto/builtin/des/ISSUES | 13 - - src/lib/crypto/builtin/des/Makefile.in | 82 ---- - src/lib/crypto/builtin/des/d3_aead.c | 137 ------ - src/lib/crypto/builtin/des/d3_kysched.c | 55 --- - src/lib/crypto/builtin/des/deps | 146 ------- - src/lib/crypto/builtin/des/des_int.h | 285 ------------- - src/lib/crypto/builtin/des/des_keys.c | 38 -- - src/lib/crypto/builtin/des/destest.c | 240 ----------- - src/lib/crypto/builtin/des/doc/libdes.doc | 208 --------- - src/lib/crypto/builtin/des/f_aead.c | 177 -------- - src/lib/crypto/builtin/des/f_cbc.c | 256 ------------ - src/lib/crypto/builtin/des/f_cksum.c | 141 ------- - src/lib/crypto/builtin/des/f_parity.c | 64 --- - src/lib/crypto/builtin/des/f_sched.c | 363 ---------------- - src/lib/crypto/builtin/des/f_tables.c | 375 ----------------- - src/lib/crypto/builtin/des/f_tables.h | 285 ------------- - src/lib/crypto/builtin/des/key_sched.c | 66 --- - src/lib/crypto/builtin/des/keytest.data | 171 -------- - src/lib/crypto/builtin/des/t_verify.c | 395 ------------------ - src/lib/crypto/builtin/des/weak_key.c | 90 ---- - .../crypto/builtin/enc_provider/Makefile.in | 5 +- - src/lib/crypto/builtin/enc_provider/deps | 11 - - src/lib/crypto/builtin/enc_provider/des3.c | 109 ----- - src/lib/crypto/crypto_tests/t_cf2.expected | 1 - - src/lib/crypto/crypto_tests/t_cf2.in | 5 - - src/lib/crypto/crypto_tests/t_cksums.c | 10 - - src/lib/crypto/crypto_tests/t_decrypt.c | 57 --- - src/lib/crypto/crypto_tests/t_derive.c | 36 -- - src/lib/crypto/crypto_tests/t_encrypt.c | 1 - - src/lib/crypto/crypto_tests/t_short.c | 1 - - src/lib/crypto/crypto_tests/t_str2key.c | 52 --- - src/lib/crypto/crypto_tests/vectors.c | 4 - - src/lib/crypto/krb/Makefile.in | 3 - - src/lib/crypto/krb/cksumtypes.c | 6 - - src/lib/crypto/krb/crypto_int.h | 11 - - src/lib/crypto/krb/default_state.c | 10 - - src/lib/crypto/krb/enctype_util.c | 3 + - src/lib/crypto/krb/etypes.c | 21 - - src/lib/crypto/krb/prf_des.c | 47 --- - src/lib/crypto/krb/random_to_key.c | 28 -- - src/lib/crypto/libk5crypto.exports | 1 - - src/lib/crypto/openssl/Makefile.in | 8 +- - src/lib/crypto/openssl/des/Makefile.in | 20 - - src/lib/crypto/openssl/des/deps | 14 - - src/lib/crypto/openssl/des/des_keys.c | 39 -- - .../crypto/openssl/enc_provider/Makefile.in | 3 - - src/lib/crypto/openssl/enc_provider/deps | 11 - - src/lib/crypto/openssl/enc_provider/des3.c | 188 --------- - src/lib/crypto/openssl/kdf.c | 2 - - src/lib/gssapi/krb5/accept_sec_context.c | 1 - - src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +- - src/lib/gssapi/krb5/k5seal.c | 35 +- - src/lib/gssapi/krb5/k5sealiov.c | 27 +- - src/lib/gssapi/krb5/k5unseal.c | 88 ++-- - src/lib/gssapi/krb5/k5unsealiov.c | 38 +- - src/lib/gssapi/krb5/util_crypt.c | 11 - - src/lib/krb5/krb/init_ctx.c | 3 - - src/lib/krb5/krb/s4u_creds.c | 2 - - src/lib/krb5/krb/t_etypes.c | 48 +-- - src/lib/krb5/os/t_trace.c | 4 +- - src/lib/krb5/os/t_trace.ref | 2 +- - src/plugins/preauth/pkinit/pkcs11.h | 6 +- - src/plugins/preauth/pkinit/pkinit_crypto.h | 10 +- - src/plugins/preauth/pkinit/pkinit_kdf_test.c | 30 -- - src/plugins/preauth/spake/t_vectors.c | 25 -- - src/tests/gssapi/t_enctypes.py | 33 +- - src/tests/gssapi/t_invalid.c | 12 - - src/tests/gssapi/t_pcontok.c | 16 +- - src/tests/gssapi/t_prf.c | 7 - - src/tests/t_authdata.py | 2 +- - src/tests/t_etype_info.py | 18 +- - src/tests/t_keyrollover.py | 8 +- - src/tests/t_mkey.py | 35 -- - src/tests/t_salt.py | 5 +- - src/util/k5test.py | 7 - - .../leash/htmlhelp/html/Encryption_Types.htm | 13 - - 89 files changed, 151 insertions(+), 4713 deletions(-) - delete mode 100644 src/lib/crypto/builtin/des/ISSUES - delete mode 100644 src/lib/crypto/builtin/des/Makefile.in - delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c - delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c - delete mode 100644 src/lib/crypto/builtin/des/deps - delete mode 100644 src/lib/crypto/builtin/des/des_int.h - delete mode 100644 src/lib/crypto/builtin/des/des_keys.c - delete mode 100644 src/lib/crypto/builtin/des/destest.c - delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc - delete mode 100644 src/lib/crypto/builtin/des/f_aead.c - delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c - delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c - delete mode 100644 src/lib/crypto/builtin/des/f_parity.c - delete mode 100644 src/lib/crypto/builtin/des/f_sched.c - delete mode 100644 src/lib/crypto/builtin/des/f_tables.c - delete mode 100644 src/lib/crypto/builtin/des/f_tables.h - delete mode 100644 src/lib/crypto/builtin/des/key_sched.c - delete mode 100644 src/lib/crypto/builtin/des/keytest.data - delete mode 100644 src/lib/crypto/builtin/des/t_verify.c - delete mode 100644 src/lib/crypto/builtin/des/weak_key.c - delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c - delete mode 100644 src/lib/crypto/krb/prf_des.c - delete mode 100644 src/lib/crypto/openssl/des/Makefile.in - delete mode 100644 src/lib/crypto/openssl/des/deps - delete mode 100644 src/lib/crypto/openssl/des/des_keys.c - delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c - -diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst -index 38f76d3f45..d5e3c30c04 100644 ---- a/doc/admin/advanced/retiring-des.rst -+++ b/doc/admin/advanced/retiring-des.rst -@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit - keyspace. As such, it is now considered insecure and should not be - used (:rfc:`6649`). - -+In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types. -+However, due to weakenings of DES and other security concerns, it is now also -+considered insecure and should not be used (:rfc:`8429`). AES encryption -+types were added to MIT in 2003, meaning that the number of deployments with -+3DES as the strongest encryption type is hopefully small. The rotation -+procedure described herein works for both DES and 3DES. -+ - History - ------- - -@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18. As a - consequence, a release prior to 1.18 is required to perform these - migrations. - -+3DES (a flagged deprecated encryption type) was also removed downstream by -+rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required -+to perform these migrations. -+ - Types of keys - ------------- - -diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst -index 74a0a2acef..846c58ed82 100644 ---- a/doc/admin/conf_files/kdc_conf.rst -+++ b/doc/admin/conf_files/kdc_conf.rst -@@ -854,8 +854,6 @@ Encryption types marked as "weak" and "deprecated" are available for - compatibility but not recommended for use. - - ==================================================== ========================================================= --des3-cbc-raw Triple DES cbc mode raw (weak) --des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 (deprecated) - aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC - aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC - aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC -@@ -864,7 +862,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 (deprecat - arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak) - camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC - camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC --des3 The triple DES family: des3-cbc-sha1 - aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128 - rc4 The RC4 family: arcfour-hmac - camellia The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac -@@ -876,8 +873,8 @@ from the current list by prefixing them with a minus sign ("-"). - Types or families can be prefixed with a plus sign ("+") for symmetry; - it has the same meaning as just listing the type or family. For - example, "``DEFAULT -rc4``" would be the default set of encryption --types with RC4 types removed, and "``des3 DEFAULT``" would be the --default set of encryption types with triple DES types moved to the -+types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be -+the default set of encryption types with aes128-sha2 moved to the - front. - - While **aes128-cts** and **aes256-cts** are supported for all Kerberos -diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst -index 694922c0d9..c4d5499d3b 100644 ---- a/doc/admin/enctypes.rst -+++ b/doc/admin/enctypes.rst -@@ -129,7 +129,7 @@ enctype weak? krb5 Windows - des-cbc-crc weak <1.18 >=2000 - des-cbc-md4 weak <1.18 ? - des-cbc-md5 weak <1.18 >=2000 --des3-cbc-sha1 deprecated >=1.1 none -+des3-cbc-sha1 deprecated <1.18 none - arcfour-hmac deprecated >=1.3 >=2000 - arcfour-hmac-exp weak >=1.3 >=2000 - aes128-cts-hmac-sha1-96 >=1.3 >=Vista -@@ -148,9 +148,11 @@ default. - krb5 releases 1.17 and later flag deprecated encryption types - (including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and - kadmin output. krb5 release 1.19 issues a warning during initial --authentication if ``des3-cbc-sha1`` is used. Future releases will --disable ``des3-cbc-sha1`` by default and eventually remove support for --it. -+authentication if ``des3-cbc-sha1`` is used. -+ -+krb5 releases 1.18 and later remove single-DES and 3DES -+(downstream-only patch) enctype support. Microsoft Windows never -+supported 3DES. - - - Migrating away from older encryption types -diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst -index ade5e1f87a..e4dc54f7e5 100644 ---- a/doc/admin/troubleshoot.rst -+++ b/doc/admin/troubleshoot.rst -@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type - ...................................................................... - - This most commonly happens when trying to use a principal with only --DES keys, in a release (MIT krb5 1.7 or later) which disables DES by --default. DES encryption is considered weak due to its inadequate key --size. If you cannot migrate away from its use, you can re-enable DES --by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults` --section of :ref:`krb5.conf(5)`. -+DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES -+by default. DES encryption is considered weak due to its inadequate -+key size and has been removed upstream; 3DES is not recommended, and -+has been removed downstream by rharwood@redhat.com. - - - .. _err_cert_chain_cert_expired: -diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst -index a0d4f26701..5f34dea5e8 100644 ---- a/doc/appdev/refs/macros/index.rst -+++ b/doc/appdev/refs/macros/index.rst -@@ -36,7 +36,6 @@ Public - CKSUMTYPE_HMAC_SHA1_96_AES256.rst - CKSUMTYPE_HMAC_SHA256_128_AES128.rst - CKSUMTYPE_HMAC_SHA384_192_AES256.rst -- CKSUMTYPE_HMAC_SHA1_DES3.rst - CKSUMTYPE_MD5_HMAC_ARCFOUR.rst - CKSUMTYPE_NIST_SHA.rst - CKSUMTYPE_RSA_MD4.rst -diff --git a/doc/conf.py b/doc/conf.py -index fa0eb80f1f..12168fa695 100644 ---- a/doc/conf.py -+++ b/doc/conf.py -@@ -278,7 +278,7 @@ else: - rst_epilog += ''' - .. |krb5conf| replace:: ``/etc/krb5.conf`` - .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal`` --.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac`` -+.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac`` - .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96`` - .. |copy| unicode:: U+000A9 - ''' -diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst -index ca2d6ef117..100c64a1c1 100644 ---- a/doc/mitK5features.rst -+++ b/doc/mitK5features.rst -@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB - - krb4 support: Kerberos 5 release < 1.8 - --DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`) -+DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`) - - Interoperability - ---------------- -diff --git a/src/Makefile.in b/src/Makefile.in -index 8f14e9bf2c..ba3bb18eec 100644 ---- a/src/Makefile.in -+++ b/src/Makefile.in -@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \ - lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \ - lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \ - lib\crypto\builtin\enc_provider\Makefile \ -- lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \ -+ lib\crypto\builtin\md5\Makefile \ - lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \ - lib\crypto\builtin\hash_provider\Makefile \ - lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \ -@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \ - ##DOS## $(WCONFIG) config < $@.in > $@ - ##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP) - ##DOS## $(WCONFIG) config < $@.in > $@ --##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP) --##DOS## $(WCONFIG) config < $@.in > $@ - ##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP) - ##DOS## $(WCONFIG) config < $@.in > $@ - ##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP) -diff --git a/src/configure.ac b/src/configure.ac -index 40545f2bfc..8dc864718d 100644 ---- a/src/configure.ac -+++ b/src/configure.ac -@@ -1489,12 +1489,12 @@ V5_AC_OUTPUT_MAKEFILE(. - lib lib/kdb - - lib/crypto lib/crypto/krb lib/crypto/crypto_tests -- lib/crypto/builtin lib/crypto/builtin/des -+ lib/crypto/builtin - lib/crypto/builtin/aes lib/crypto/builtin/camellia - lib/crypto/builtin/md4 lib/crypto/builtin/md5 - lib/crypto/builtin/sha1 lib/crypto/builtin/sha2 - lib/crypto/builtin/enc_provider lib/crypto/builtin/hash_provider -- lib/crypto/openssl lib/crypto/openssl/des -+ lib/crypto/openssl - lib/crypto/openssl/enc_provider lib/crypto/openssl/hash_provider - - lib/krb5 lib/krb5/error_tables lib/krb5/asn.1 lib/krb5/ccache -diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin -index 7e1dea2cbf..fb9f2a366c 100644 ---- a/src/include/krb5/krb5.hin -+++ b/src/include/krb5/krb5.hin -@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov { - #define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */ - #define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */ - #define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */ --#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */ --#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */ -+#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */ -+#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */ - #define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */ - /* PKINIT */ - #define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */ -@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov { - #define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */ - #define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */ - #define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */ --#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */ -+#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */ - --#define ENCTYPE_DES3_CBC_SHA1 0x0010 -+#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */ - #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */ - #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */ - #define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */ -@@ -463,7 +463,7 @@ typedef struct _krb5_crypto_iov { - #define CKSUMTYPE_RSA_MD5 0x0007 - #define CKSUMTYPE_RSA_MD5_DES 0x0008 - #define CKSUMTYPE_NIST_SHA 0x0009 --#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c -+#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */ - #define CKSUMTYPE_SHA1 0x000e /**< RFC 3961 */ - #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with - ENCTYPE_AES128_CTS_HMAC_SHA1_96 */ -diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c -index 9f2a67d189..b7a9aa4992 100644 ---- a/src/kdc/kdc_util.c -+++ b/src/kdc/kdc_util.c -@@ -1111,8 +1111,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen) - name = "rsaEncryption-EnvOID"; - else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV) - name = "id-RSAES-OAEP-EnvOID"; -- else if (ktype == ENCTYPE_DES3_CBC_ENV) -- name = "des-ede3-cbc-EnvOID"; - else - return krb5_enctype_to_name(ktype, FALSE, buf, buflen); - -@@ -1704,8 +1702,6 @@ krb5_boolean - enctype_requires_etype_info_2(krb5_enctype enctype) - { - switch(enctype) { -- case ENCTYPE_DES3_CBC_SHA1: -- case ENCTYPE_DES3_CBC_RAW: - case ENCTYPE_ARCFOUR_HMAC: - case ENCTYPE_ARCFOUR_HMAC_EXP : - return 0; -diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in -index 10e8c74cf8..25c4f40cc3 100644 ---- a/src/lib/crypto/Makefile.in -+++ b/src/lib/crypto/Makefile.in -@@ -10,12 +10,12 @@ LIBMINOR=1 - RELDIR=crypto - - STOBJLISTS=krb/OBJS.ST \ -- builtin/OBJS.ST builtin/des/OBJS.ST \ -+ builtin/OBJS.ST \ - builtin/aes/OBJS.ST builtin/camellia/OBJS.ST \ - builtin/md4/OBJS.ST builtin/md5/OBJS.ST \ - builtin/sha1/OBJS.ST builtin/sha2/OBJS.ST \ - builtin/enc_provider/OBJS.ST builtin/hash_provider/OBJS.ST \ -- openssl/OBJS.ST openssl/des/OBJS.ST \ -+ openssl/OBJS.ST \ - openssl/enc_provider/OBJS.ST openssl/hash_provider/OBJS.ST - - SUBDIROBJLISTS=$(STOBJLISTS) -@@ -28,8 +28,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB) - SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@ - - ##DOS##LIBNAME=$(OUTPRE)crypto.lib --##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst --##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst -+##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst -+##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst - - all-unix: all-liblinks - install-unix: install-libs -diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in -index daf19da195..c9e967c807 100644 ---- a/src/lib/crypto/builtin/Makefile.in -+++ b/src/lib/crypto/builtin/Makefile.in -@@ -1,6 +1,6 @@ - mydir=lib$(S)crypto$(S)builtin - BUILDTOP=$(REL)..$(S)..$(S).. --SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider -+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider - LOCALINCLUDES=-I$(srcdir)/../krb $(CRYPTO_IMPL_CFLAGS) - - ##DOS##BUILDTOP = ..\..\.. -@@ -25,7 +25,7 @@ SRCS=\ - $(srcdir)/kdf.c \ - $(srcdir)/pbkdf2.c - --STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ -+STOBJLISTS= md4/OBJS.ST \ - md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ - enc_provider/OBJS.ST \ - hash_provider/OBJS.ST \ -@@ -33,7 +33,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ - camellia/OBJS.ST \ - OBJS.ST - --SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ -+SUBDIROBJLISTS= md4/OBJS.ST \ - md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ - enc_provider/OBJS.ST \ - hash_provider/OBJS.ST \ -diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES -deleted file mode 100644 -index 1578911033..0000000000 ---- a/src/lib/crypto/builtin/des/ISSUES -+++ /dev/null -@@ -1,13 +0,0 @@ --Issues to be addressed for src/lib/crypto/des: -*- text -*- -- -- --"const" could be used in more places -- -- --Array types are used in calling interfaces. Under ANSI C, a value of --type "arraytype *" cannot be assigned to a variable of type "const --arraytype *", so we get compilation warnings. -- --Possible fix: Rewrite internal interfaces to not use arrays this way. --Provide external routines compatible with old API, but not using --const? -diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in -deleted file mode 100644 -index 397ac87ed4..0000000000 ---- a/src/lib/crypto/builtin/des/Makefile.in -+++ /dev/null -@@ -1,82 +0,0 @@ --mydir=lib$(S)crypto$(S)builtin$(S)des --BUILDTOP=$(REL)..$(S)..$(S)..$(S).. --LOCALINCLUDES=-I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS) -- --##DOS##BUILDTOP = ..\..\..\.. --##DOS##PREFIXDIR = builtin\des --##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst -- --STLIBOBJS=\ -- d3_aead.o \ -- d3_kysched.o \ -- des_keys.o \ -- f_aead.o \ -- f_cksum.o \ -- f_parity.o \ -- f_sched.o \ -- f_tables.o \ -- key_sched.o \ -- weak_key.o -- --OBJS= $(OUTPRE)d3_aead.$(OBJEXT) \ -- $(OUTPRE)d3_kysched.$(OBJEXT) \ -- $(OUTPRE)des_keys.$(OBJEXT) \ -- $(OUTPRE)f_aead.$(OBJEXT) \ -- $(OUTPRE)f_cksum.$(OBJEXT) \ -- $(OUTPRE)f_parity.$(OBJEXT) \ -- $(OUTPRE)f_sched.$(OBJEXT) \ -- $(OUTPRE)f_tables.$(OBJEXT) \ -- $(OUTPRE)key_sched.$(OBJEXT) \ -- $(OUTPRE)weak_key.$(OBJEXT) -- --SRCS= $(srcdir)/d3_aead.c \ -- $(srcdir)/d3_kysched.c \ -- $(srcdir)/des_keys.c \ -- $(srcdir)/f_aead.c \ -- $(srcdir)/f_cksum.c \ -- $(srcdir)/f_parity.c \ -- $(srcdir)/f_sched.c \ -- $(srcdir)/f_tables.c \ -- $(srcdir)/key_sched.c \ -- $(srcdir)/weak_key.c -- --EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c -- --##DOS##LIBOBJS = $(OBJS) -- --TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \ -- $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \ -- $(OUTPRE)f_cksum.$(OBJEXT) -- --verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \ -- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB) -- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \ -- $(COM_ERR_LIB) $(SUPPORT_LIB) -- --destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB) -- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB) -- --all-unix: all-libobjs -- --check-unix: check-unix-@CRYPTO_BUILTIN_TESTS@ --check-unix-no: --check-unix-yes: verify destest -- $(RUN_TEST) ./verify -z -- $(RUN_TEST) ./verify -m -- $(RUN_TEST) ./verify -- $(RUN_TEST) ./destest < $(srcdir)/keytest.data -- --includes: depend -- --depend: $(SRCS) -- --check-windows: -- --clean: -- $(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \ -- t_verify.$(OBJEXT) $(TOBJS) -- --clean-unix:: clean-libobjs -- --@libobj_frag@ -- -diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c -deleted file mode 100644 -index fb83f73b43..0000000000 ---- a/src/lib/crypto/builtin/des/d3_aead.c -+++ /dev/null -@@ -1,137 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* -- * Copyright (C) 2008 by the Massachusetts Institute of Technology. -- * Copyright 1995 by Richard P. Basch. All Rights Reserved. -- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used -- * in advertising or publicity pertaining to distribution of the software -- * without specific, written prior permission. Richard P. Basch, -- * Lehman Brothers and M.I.T. make no representations about the suitability -- * of this software for any purpose. It is provided "as is" without -- * express or implied warranty. -- */ -- --#include "crypto_int.h" --#include "des_int.h" --#include "f_tables.h" -- --#ifdef K5_BUILTIN_DES -- --void --krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule ks1, -- const mit_des_key_schedule ks2, -- const mit_des_key_schedule ks3, -- mit_des_cblock ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp1, *kp2, *kp3; -- const unsigned char *ip; -- struct iov_cursor cursor; -- unsigned char block[MIT_DES_BLOCK_LENGTH]; -- -- /* Get key pointers here. These won't need to be reinitialized. */ -- kp1 = (const unsigned DES_INT32 *)ks1; -- kp2 = (const unsigned DES_INT32 *)ks2; -- kp3 = (const unsigned DES_INT32 *)ks3; -- -- /* Initialize left and right with the contents of the initial vector. */ -- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; -- left = load_32_be(ip); -- right = load_32_be(ip + 4); -- -- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); -- while (k5_iov_cursor_get(&cursor, block)) { -- /* xor this block with the previous ciphertext. */ -- left ^= load_32_be(block); -- right ^= load_32_be(block + 4); -- -- /* Encrypt what we have and store it back into block. */ -- DES_DO_ENCRYPT(left, right, kp1); -- DES_DO_DECRYPT(left, right, kp2); -- DES_DO_ENCRYPT(left, right, kp3); -- store_32_be(left, block); -- store_32_be(right, block + 4); -- -- k5_iov_cursor_put(&cursor, block); -- } -- -- if (ivec != NULL) { -- store_32_be(left, ivec); -- store_32_be(right, ivec + 4); -- } --} -- --void --krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule ks1, -- const mit_des_key_schedule ks2, -- const mit_des_key_schedule ks3, -- mit_des_cblock ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp1, *kp2, *kp3; -- const unsigned char *ip; -- unsigned DES_INT32 ocipherl, ocipherr; -- unsigned DES_INT32 cipherl, cipherr; -- struct iov_cursor cursor; -- unsigned char block[MIT_DES_BLOCK_LENGTH]; -- -- /* Get key pointers here. These won't need to be reinitialized. */ -- kp1 = (const unsigned DES_INT32 *)ks1; -- kp2 = (const unsigned DES_INT32 *)ks2; -- kp3 = (const unsigned DES_INT32 *)ks3; -- -- /* -- * Decrypting is harder than encrypting because of -- * the necessity of remembering a lot more things. -- * Should think about this a little more... -- */ -- -- /* Prime the old cipher with ivec.*/ -- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; -- ocipherl = load_32_be(ip); -- ocipherr = load_32_be(ip + 4); -- -- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); -- while (k5_iov_cursor_get(&cursor, block)) { -- /* Split this block into left and right. */ -- cipherl = left = load_32_be(block); -- cipherr = right = load_32_be(block + 4); -- -- /* Decrypt and xor with the old cipher to get plain text. */ -- DES_DO_DECRYPT(left, right, kp3); -- DES_DO_ENCRYPT(left, right, kp2); -- DES_DO_DECRYPT(left, right, kp1); -- left ^= ocipherl; -- right ^= ocipherr; -- -- /* Store the encrypted halves back into block. */ -- store_32_be(left, block); -- store_32_be(right, block + 4); -- -- /* Save current cipher block halves. */ -- ocipherl = cipherl; -- ocipherr = cipherr; -- -- k5_iov_cursor_put(&cursor, block); -- } -- -- if (ivec != NULL) { -- store_32_be(ocipherl, ivec); -- store_32_be(ocipherr, ivec + 4); -- } --} -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c -deleted file mode 100644 -index 55fb9449b5..0000000000 ---- a/src/lib/crypto/builtin/des/d3_kysched.c -+++ /dev/null -@@ -1,55 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* -- * Copyright 1995 by Richard P. Basch. All Rights Reserved. -- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used -- * in advertising or publicity pertaining to distribution of the software -- * without specific, written prior permission. Richard P. Basch, -- * Lehman Brothers and M.I.T. make no representations about the suitability -- * of this software for any purpose. It is provided "as is" without -- * express or implied warranty. -- */ -- --#include "crypto_int.h" --#include "des_int.h" -- --#ifdef K5_BUILTIN_DES -- --int --mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule) --{ -- mit_des_make_key_sched(k[0],schedule[0]); -- mit_des_make_key_sched(k[1],schedule[1]); -- mit_des_make_key_sched(k[2],schedule[2]); -- -- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */ -- return(-1); -- if (mit_des_is_weak_key(k[0])) -- return(-2); -- -- if (!mit_des_check_key_parity(k[1])) -- return(-1); -- if (mit_des_is_weak_key(k[1])) -- return(-2); -- -- if (!mit_des_check_key_parity(k[2])) -- return(-1); -- if (mit_des_is_weak_key(k[2])) -- return(-2); -- -- /* if key was good, return 0 */ -- return 0; --} -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps -deleted file mode 100644 -index 1c1239d696..0000000000 ---- a/src/lib/crypto/builtin/des/deps -+++ /dev/null -@@ -1,146 +0,0 @@ --# --# Generated makefile dependencies follow. --# --d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ -- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ -- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ -- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ -- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ -- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ -- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ -- d3_aead.c des_int.h f_tables.h --d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h d3_kysched.c des_int.h --des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c --f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ -- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ -- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ -- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ -- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ -- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ -- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ -- des_int.h f_aead.c f_tables.h --f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ -- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ -- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ -- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ -- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ -- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ -- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ -- des_int.h f_cksum.c f_tables.h --f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h f_parity.c --f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ -- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ -- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ -- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ -- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ -- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ -- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ -- des_int.h f_sched.c --f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h f_tables.c \ -- f_tables.h --key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h key_sched.c --weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h weak_key.c --destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h destest.c --f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \ -- f_tables.h --t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ -- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ -- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ -- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ -- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ -- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ -- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ -- des_int.h t_verify.c -diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h -deleted file mode 100644 -index f8dc6b296a..0000000000 ---- a/src/lib/crypto/builtin/des/des_int.h -+++ /dev/null -@@ -1,285 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/des_int.h */ --/* -- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of -- * Technology. All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ --/* -- * Copyright (C) 1998 by the FundsXpress, INC. -- * -- * All rights reserved. -- * -- * Export of this software from the United States of America may require -- * a specific license from the United States Government. It is the -- * responsibility of any person or organization contemplating export to -- * obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of FundsXpress. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. FundsXpress makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- * -- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -- */ -- --/* Private include file for the Data Encryption Standard library. */ -- --/* only do the whole thing once */ --#ifndef DES_INTERNAL_DEFS --#define DES_INTERNAL_DEFS -- --#include "k5-int.h" --/* -- * Begin "mit-des.h" -- */ --#ifndef KRB5_MIT_DES__ --#define KRB5_MIT_DES__ -- --#if defined(__MACH__) && defined(__APPLE__) --#include --#include --#if TARGET_RT_MAC_CFM --#error "Use KfM 4.0 SDK headers for CFM compilation." --#endif --#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) --#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 --#endif --#endif /* defined(__MACH__) && defined(__APPLE__) */ -- --/* Macro to add deprecated attribute to DES types and functions */ --/* Currently only defined on macOS 10.5 and later. */ --#ifndef KRB5INT_DES_DEPRECATED --#define KRB5INT_DES_DEPRECATED --#endif -- --#include -- --#if UINT_MAX >= 0xFFFFFFFFUL --#define DES_INT32 int --#define DES_UINT32 unsigned int --#else --#define DES_INT32 long --#define DES_UINT32 unsigned long --#endif -- --typedef unsigned char des_cblock[8] /* crypto-block size */ --KRB5INT_DES_DEPRECATED; -- --/* -- * Key schedule. -- * -- * This used to be -- * -- * typedef struct des_ks_struct { -- * union { DES_INT32 pad; des_cblock _;} __; -- * } des_key_schedule[16]; -- * -- * but it would cause trouble if DES_INT32 were ever more than 4 -- * bytes. The reason is that all the encryption functions cast it to -- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If -- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the -- * caller-allocated des_key_schedule will be overflowed by the key -- * scheduling functions. We can't assume that every platform will -- * have an exact 32-bit int, and nothing should be looking inside a -- * des_key_schedule anyway. -- */ --typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] --KRB5INT_DES_DEPRECATED; -- --typedef des_cblock mit_des_cblock; --typedef des_key_schedule mit_des_key_schedule; -- --/* Triple-DES structures */ --typedef mit_des_cblock mit_des3_cblock[3]; --typedef mit_des_key_schedule mit_des3_key_schedule[3]; -- --#define MIT_DES_ENCRYPT 1 --#define MIT_DES_DECRYPT 0 -- --typedef struct mit_des_ran_key_seed { -- krb5_encrypt_block eblock; -- krb5_data sequence; --} mit_des_random_state; -- --/* the first byte of the key is already in the keyblock */ -- --#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) --/* This used to be 8*sizeof(krb5_octet) */ --#define MIT_DES_KEYSIZE 8 -- --#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) -- --#endif /* KRB5_MIT_DES__ */ --/* -- * End "mit-des.h" -- */ -- --/* afsstring2key.c */ --krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, -- const krb5_data *data, -- const krb5_data *salt); --char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf); -- --/* f_cksum.c */ --unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *, -- unsigned long, const mit_des_key_schedule, -- const krb5_octet *); -- --/* f_cbc.c (used by test programs) */ --int --mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, -- unsigned long length, const mit_des_key_schedule schedule, -- const mit_des_cblock ivec, int enc); -- --#define mit_des_zeroblock krb5int_c_mit_des_zeroblock --extern const mit_des_cblock mit_des_zeroblock; -- --/* fin_rndkey.c */ --krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *, -- krb5_pointer *); -- --/* finish_key.c */ --krb5_error_code mit_des_finish_key(krb5_encrypt_block *); -- --/* init_rkey.c */ --krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *, -- const krb5_keyblock *, -- krb5_pointer *); -- --/* key_parity.c */ --void mit_des_fixup_key_parity(mit_des_cblock); --int mit_des_check_key_parity(mit_des_cblock); -- --/* key_sched.c */ --int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule); -- --/* process_ky.c */ --krb5_error_code mit_des_process_key(krb5_encrypt_block *, -- const krb5_keyblock *); -- --/* random_key.c */ --krb5_error_code mit_des_random_key(const krb5_encrypt_block *, -- krb5_pointer, krb5_keyblock **); -- --/* string2key.c */ --krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *, -- krb5_keyblock *, const krb5_data *, -- const krb5_data *); --krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *, -- const krb5_data *); -- --/* weak_key.c */ --int mit_des_is_weak_key(mit_des_cblock); -- --/* cmb_keys.c */ --krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *, -- const krb5_keyblock *, -- krb5_keyblock **); -- --/* f_pcbc.c */ --int mit_des_pcbc_encrypt(); -- --/* f_sched.c */ --int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule); -- -- --/* misc.c */ --extern void swap_bits(char *); --extern unsigned long long_swap_bits(unsigned long); --extern unsigned long swap_six_bits_to_ansi(unsigned long); --extern unsigned long swap_four_bits_to_ansi(unsigned long); --extern unsigned long swap_bit_pos_1(unsigned long); --extern unsigned long swap_bit_pos_0(unsigned long); --extern unsigned long swap_bit_pos_0_to_ansi(unsigned long); --extern unsigned long rev_swap_bit_pos_0(unsigned long); --extern unsigned long swap_byte_bits(unsigned long); --extern unsigned long swap_long_bytes_bit_number(unsigned long); --#ifdef FILE --/* XXX depends on FILE being a #define! */ --extern void test_set(FILE *, const char *, int, const char *, int); --#endif -- --void --krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule ks1, -- const mit_des_key_schedule ks2, -- const mit_des_key_schedule ks3, -- mit_des_cblock ivec); -- --void --krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule ks1, -- const mit_des_key_schedule ks2, -- const mit_des_key_schedule ks3, -- mit_des_cblock ivec); -- --void --krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule schedule, -- mit_des_cblock ivec); -- --void --krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule schedule, -- mit_des_cblock ivec); -- --void --krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule schedule, mit_des_cblock ivec, -- mit_des_cblock out); -- --/* d3_procky.c */ --krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock, -- const krb5_keyblock *keyblock); -- --/* d3_kysched.c */ --int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule); -- --/* d3_str2ky.c */ --krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock, -- krb5_keyblock *keyblock, -- const krb5_data *data, -- const krb5_data *salt); -- --/* u_nfold.c */ --krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len, -- krb5_octet *output, const size_t out_len); -- --/* u_rn_key.c */ --int mit_des_is_weak_keyblock(krb5_keyblock *keyblock); -- --void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock); -- --krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed, -- krb5_pointer random_state); -- --krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence, -- krb5_pointer random_state); --#endif /*DES_INTERNAL_DEFS*/ -diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c -deleted file mode 100644 -index 027b09d728..0000000000 ---- a/src/lib/crypto/builtin/des/des_keys.c -+++ /dev/null -@@ -1,38 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */ --/* -- * Copyright (C) 2011 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --#include "crypto_int.h" --#include "des_int.h" -- --#ifdef K5_BUILTIN_DES_KEY_PARITY -- --void --k5_des_fixup_key_parity(unsigned char *keybits) --{ -- mit_des_fixup_key_parity(keybits); --} -- --#endif /* K5_BUILTIN_DES_KEY_PARITY */ -diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c -deleted file mode 100644 -index 52114304e3..0000000000 ---- a/src/lib/crypto/builtin/des/destest.c -+++ /dev/null -@@ -1,240 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/destest.c */ --/* -- * Copyright 1990,1991 by the Massachusetts Institute of Technology. -- * All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ --/* -- * Copyright (C) 1998 by the FundsXpress, INC. -- * -- * All rights reserved. -- * -- * Export of this software from the United States of America may require -- * a specific license from the United States Government. It is the -- * responsibility of any person or organization contemplating export to -- * obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of FundsXpress. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. FundsXpress makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- * -- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -- */ -- --/* Test a DES implementation against known inputs & outputs. */ -- --#include "des_int.h" --#include --#include -- --void convert (char *, unsigned char []); -- --void des_cblock_print_file (mit_des_cblock, FILE *); -- --krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0}; -- --int --main(argc, argv) -- int argc; -- char *argv[]; --{ -- char block1[17], block2[17], block3[17]; -- /* Force tests of unaligned accesses. */ -- union { unsigned char c[8*4+3]; long l; } u; -- unsigned char *ioblocks = u.c; -- unsigned char *input = ioblocks+1; -- unsigned char *output = ioblocks+10; -- unsigned char *output2 = ioblocks+19; -- unsigned char *key = ioblocks+27; -- mit_des_key_schedule sched; -- int num = 0; -- int retval; -- -- int error = 0; -- -- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) { -- convert(block1, key); -- convert(block2, input); -- convert(block3, output); -- -- retval = mit_des_key_sched(key, sched); -- if (retval) { -- fprintf(stderr, "des test: can't process key: %d\n", retval); -- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3); -- exit(1); -- } -- mit_des_cbc_encrypt((const mit_des_cblock *) input, -- (mit_des_cblock *) output2, 8, -- sched, zeroblock, 1); -- -- if (memcmp((char *)output2, (char *)output, 8)) { -- fprintf(stderr, -- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", -- block1, block2, block3, -- output2[0],output2[1],output2[2],output2[3], -- output2[4],output2[5],output2[6],output2[7]); -- error++; -- } -- -- /* -- * Now try decrypting.... -- */ -- mit_des_cbc_encrypt((const mit_des_cblock *) output, -- (mit_des_cblock *) output2, 8, -- sched, zeroblock, 0); -- -- if (memcmp((char *)output2, (char *)input, 8)) { -- fprintf(stderr, -- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", -- block1, block2, block3, -- output2[0],output2[1],output2[2],output2[3], -- output2[4],output2[5],output2[6],output2[7]); -- error++; -- } -- -- num++; -- } -- -- if (error) -- printf("destest: failed to pass the test\n"); -- else -- printf("destest: %d tests passed successfully\n", num); -- -- exit( (error > 256 && error % 256) ? 1 : error); --} -- --int value[128] = { -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- 0, 1, 2, 3, 4, 5, 6, 7, -- 8, 9, -1, -1, -1, -1, -1, -1, -- -1, 10, 11, 12, 13, 14, 15, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, -- -1, -1, -1, -1, -1, -1, -1, -1, --}; -- --void --convert(text, cblock) -- char *text; -- unsigned char cblock[]; --{ -- int i; -- for (i = 0; i < 8; i++) { -- if (!isascii((unsigned char)text[i * 2])) -- abort (); -- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) { -- printf("Bad value byte %d in %s\n", i, text); -- exit(1); -- } -- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]]; -- } -- return; --} -- --/* -- * Fake out the DES library, for the purposes of testing. -- */ -- --int --mit_des_is_weak_key(key) -- mit_des_cblock key; --{ -- return 0; /* fake it out for testing */ --} -- --void --des_cblock_print_file(x, fp) -- mit_des_cblock x; -- FILE *fp; --{ -- unsigned char *y = (unsigned char *) x; -- int i = 0; -- fprintf(fp," 0x { "); -- -- while (i++ < 8) { -- fprintf(fp,"%x",*y++); -- if (i < 8) -- fprintf(fp,", "); -- } -- fprintf(fp," }"); --} -- -- --#define smask(step) ((1<>step)&smask(step))) --#define parity_char(x) pstep(pstep(pstep((x),4),2),1) -- --/* -- * des_check_key_parity: returns true iff key has the correct des parity. -- * See des_fix_key_parity for the definition of -- * correct des parity. -- */ --int --mit_des_check_key_parity(key) -- mit_des_cblock key; --{ -- unsigned int i; -- -- for (i=0; i decrypt, else encrypt */ -- Key_schedule schedule; /* addr of key schedule */ -- --This is the low level routine that encrypts or decrypts a single 8-byte --block in electronic code book mode. Always transforms the input --data into the output data. -- --If encrypt is non-zero, the input (cleartext) is encrypted into the --output (ciphertext) using the specified key_schedule, pre-set via "des_set_key". -- --If encrypt is zero, the input (now ciphertext) is decrypted into --the output (now cleartext). -- --Input and output may be the same space. -- --Does not return any meaningful value. Void is not used for compatibility --with other compilers. -- --/* -------------------------------------------------------------- */ -- --int -- cbc_encrypt(input,output,length,schedule,ivec,encrypt) -- -- C_Block *input; /* ptr to input data */ -- C_Block *output; /* ptr to output data */ -- int length; /* desired length, in bytes */ -- Key_schedule schedule; /* addr of precomputed schedule */ -- C_Block *ivec; /* pointer to 8 byte initialization -- * vector -- */ -- int encrypt /* 0 ==> decrypt; else encrypt*/ -- -- -- If encrypt is non-zero, the routine cipher-block-chain encrypts -- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided -- key schedule and initialization vector. If the length is not an integral -- multiple of eight bytes, the last block is copied to a temp and zero -- filled (highest addresses). The output is ALWAYS an integral multiple -- of eight bytes. -- -- If encrypt is zero, the routine cipher-block chain decrypts the INPUT -- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule -- and initialization vector. Decryption ALWAYS operates on integral -- multiples of 8 bytes, so will round the length provided up to the -- appropriate multiple. Consequently, it will always produce the rounded-up -- number of bytes of output cleartext. The application must determine if -- the output cleartext was zero-padded due to cleartext lengths not integral -- multiples of 8. -- -- No errors or meaningful value are returned. Void is not used for -- compatibility with other compilers. -- -- --/* cbc checksum (MAC) only routine ---------------------------------------- */ --int -- cbc_cksum(input,output,length,schedule,ivec) -- -- C_Block *input; /* >= length bytes of inputtext */ -- C_Block *output; /* >= length bytes of outputtext */ -- int length; /* in bytes */ -- Key_schedule schedule; /* precomputed key schedule */ -- C_Block *ivec; /* 8 bytes of ivec */ -- -- -- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain -- encrypting the input, discarding the ciphertext output, and only retaining -- the last ciphertext 8-byte block. Uses the provided key schedule and ivec. -- The input is effectively zero-padded to an integral multiple of -- eight bytes, though the original input is not modified. -- -- No meaningful value is returned. Void is not used for compatibility -- with other compilers. -- -- --/* random_key ----------------------------------------*/ --int -- random_key(key) -- -- C_Block *key; -- -- The start for the random number generated is set from the current time -- in microseconds, then the random number generator is invoked -- to create an eight byte output key (not a schedule). The key -- generated is set to odd parity per FIPS spec. -- -- The caller must supply space for the output key, pointed to -- by "*key", then after getting a new key, call the des_set_key() -- routine when needed. -- -- No meaningful value is returned. Void is not used for compatibility -- with other compilers. -- -- --/* string_to_key --------------------------------------------*/ -- --int -- string_to_key(str,key) -- char *str; -- C_Block *key; -- -- This routines converts an arbitrary length, null terminated string -- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec. -- -- The algorithm is as follows: -- --| Take the first 8 bytes and remove the parity (leaving 56 bits). --| Do the same for the second 8 bytes, and the third, etc. Do this for --| as many sets of 8 bytes as necessary, filling in the remainder of the --| last set with nulls. Fold the second set back on the first (i.e. bit --| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second --| (bit 0 of the third set is now over bit 0 of the first set). Repeat --| until you have done this to all sets. Xor the folded sets. Break the --| result into 8 7 bit bytes, and generate odd parity for each byte. You --| now have 64 bits. Note that DES takes a 64 bit key, and uses only the --| non parity bits. -- -- --/* read_password -------------------------------------------*/ -- --read_password(k,prompt,verify) -- C_Block *k; -- char *prompt; -- int verify; -- --This routine issues the supplied prompt, turns off echo, if possible, and --reads an input string. If verify is non-zero, it does it again, for use --in applications such as changing a password. If verify is non-zero, both --versions are compared, and the input is requested repeatedly until they --match. Then, the input string is mapped into a valid DES key, internally --using the string_to_key routine. The newly created key is copied to the --area pointed to by parameter "k". -- --No meaningful value is returned. If an error occurs trying to manipulate --the terminal echo, the routine forces the process to exit. -- --/* get_line ------------------------*/ --long get_line(p,max) -- char *p; -- long max; -- --Reads input characters from standard input until either a newline appears or --else the max length is reached. The characters read are stuffed into --the string pointed to, which will always be null terminated. The newline --is not inserted in the string. The max parameter includes the byte needed --for the null terminator, so allocate and pass one more than the maximum --string length desired. -diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c -deleted file mode 100644 -index f887735820..0000000000 ---- a/src/lib/crypto/builtin/des/f_aead.c -+++ /dev/null -@@ -1,177 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* -- * Copyright (C) 2008 by the Massachusetts Institute of Technology. -- * Copyright 1995 by Richard P. Basch. All Rights Reserved. -- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used -- * in advertising or publicity pertaining to distribution of the software -- * without specific, written prior permission. Richard P. Basch, -- * Lehman Brothers and M.I.T. make no representations about the suitability -- * of this software for any purpose. It is provided "as is" without -- * express or implied warranty. -- */ -- --#include "crypto_int.h" --#include "des_int.h" --#include "f_tables.h" -- --#ifdef K5_BUILTIN_DES -- --const mit_des_cblock mit_des_zeroblock /* = all zero */; -- --void --krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule schedule, -- mit_des_cblock ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp; -- const unsigned char *ip; -- struct iov_cursor cursor; -- unsigned char block[MIT_DES_BLOCK_LENGTH]; -- -- /* Get key pointer here. This won't need to be reinitialized. */ -- kp = (const unsigned DES_INT32 *)schedule; -- -- /* Initialize left and right with the contents of the initial vector. */ -- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; -- left = load_32_be(ip); -- right = load_32_be(ip + 4); -- -- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); -- while (k5_iov_cursor_get(&cursor, block)) { -- /* Decompose this block and xor it with the previous ciphertext. */ -- left ^= load_32_be(block); -- right ^= load_32_be(block + 4); -- -- /* Encrypt what we have and put back into block. */ -- DES_DO_ENCRYPT(left, right, kp); -- store_32_be(left, block); -- store_32_be(right, block + 4); -- -- k5_iov_cursor_put(&cursor, block); -- } -- -- if (ivec != NULL) { -- store_32_be(left, ivec); -- store_32_be(right, ivec + 4); -- } --} -- --void --krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule schedule, -- mit_des_cblock ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp; -- const unsigned char *ip; -- unsigned DES_INT32 ocipherl, ocipherr; -- unsigned DES_INT32 cipherl, cipherr; -- struct iov_cursor cursor; -- unsigned char block[MIT_DES_BLOCK_LENGTH]; -- -- /* Get key pointer here. This won't need to be reinitialized. */ -- kp = (const unsigned DES_INT32 *)schedule; -- -- /* -- * Decrypting is harder than encrypting because of -- * the necessity of remembering a lot more things. -- * Should think about this a little more... -- */ -- -- /* Prime the old cipher with ivec. */ -- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; -- ocipherl = load_32_be(ip); -- ocipherr = load_32_be(ip + 4); -- -- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); -- while (k5_iov_cursor_get(&cursor, block)) { -- /* Split this block into left and right. */ -- cipherl = left = load_32_be(block); -- cipherr = right = load_32_be(block + 4); -- -- /* Decrypt and xor with the old cipher to get plain text. */ -- DES_DO_DECRYPT(left, right, kp); -- left ^= ocipherl; -- right ^= ocipherr; -- -- /* Store the encrypted halves back into block. */ -- store_32_be(left, block); -- store_32_be(right, block + 4); -- -- /* Save current cipher block halves. */ -- ocipherl = cipherl; -- ocipherr = cipherr; -- -- k5_iov_cursor_put(&cursor, block); -- } -- -- if (ivec != NULL) { -- store_32_be(ocipherl, ivec); -- store_32_be(ocipherr, ivec + 4); -- } --} -- --void --krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, -- const mit_des_key_schedule schedule, mit_des_cblock ivec, -- mit_des_cblock out) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp; -- const unsigned char *ip; -- struct iov_cursor cursor; -- unsigned char block[MIT_DES_BLOCK_LENGTH]; -- -- /* Get key pointer here. This won't need to be reinitialized. */ -- kp = (const unsigned DES_INT32 *)schedule; -- -- /* Initialize left and right with the contents of the initial vector. */ -- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; -- left = load_32_be(ip); -- right = load_32_be(ip + 4); -- -- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE); -- while (k5_iov_cursor_get(&cursor, block)) { -- /* Decompose this block and xor it with the previous ciphertext. */ -- left ^= load_32_be(block); -- right ^= load_32_be(block + 4); -- -- /* Encrypt what we have. */ -- DES_DO_ENCRYPT(left, right, kp); -- } -- -- /* Output the final ciphertext block. */ -- store_32_be(left, out); -- store_32_be(right, out + 4); --} -- --#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) --void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, -- unsigned DES_INT32 *right, -- const unsigned DES_INT32 *kp) --{ -- DES_DO_ENCRYPT_1 (*left, *right, kp); --} -- --void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, -- unsigned DES_INT32 *right, -- const unsigned DES_INT32 *kp) --{ -- DES_DO_DECRYPT_1 (*left, *right, kp); --} --#endif -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c -deleted file mode 100644 -index 84d5382f22..0000000000 ---- a/src/lib/crypto/builtin/des/f_cbc.c -+++ /dev/null -@@ -1,256 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/f_cbc.c */ --/* -- * Copyright (C) 1990 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --/* -- * CBC functions; used only by the test programs at this time. (krb5 uses the -- * functions in f_aead.c instead.) -- */ -- --/* -- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode -- */ --#include "des_int.h" --#include "f_tables.h" -- --/* -- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode -- */ -- --/* -- * This routine performs DES cipher-block-chaining operation, either -- * encrypting from cleartext to ciphertext, if encrypt != 0 or -- * decrypting from ciphertext to cleartext, if encrypt == 0. -- * -- * The key schedule is passed as an arg, as well as the cleartext or -- * ciphertext. The cleartext and ciphertext should be in host order. -- * -- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not -- * enough space was provided, your program will get trashed. -- * -- * For encryption, the cleartext string is null padded, at the end, to -- * an integral multiple of eight bytes. -- * -- * For decryption, the ciphertext will be used in integral multiples -- * of 8 bytes, but only the first "length" bytes returned into the -- * cleartext. -- */ -- --const mit_des_cblock mit_des_zeroblock /* = all zero */; -- --static void --des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, -- unsigned long length, const mit_des_key_schedule schedule, -- const mit_des_cblock ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp; -- const unsigned char *ip; -- unsigned char *op; -- -- /* -- * Get key pointer here. This won't need to be reinitialized -- */ -- kp = (const unsigned DES_INT32 *)schedule; -- -- /* -- * Initialize left and right with the contents of the initial -- * vector. -- */ -- ip = ivec; -- GET_HALF_BLOCK(left, ip); -- GET_HALF_BLOCK(right, ip); -- -- /* -- * Suitably initialized, now work the length down 8 bytes -- * at a time. -- */ -- ip = *in; -- op = *out; -- while (length > 0) { -- /* -- * Get more input, xor it in. If the length is -- * greater than or equal to 8 this is straight -- * forward. Otherwise we have to fart around. -- */ -- if (length >= 8) { -- unsigned DES_INT32 temp; -- GET_HALF_BLOCK(temp, ip); -- left ^= temp; -- GET_HALF_BLOCK(temp, ip); -- right ^= temp; -- length -= 8; -- } else { -- /* -- * Oh, shoot. We need to pad the -- * end with zeroes. Work backwards -- * to do this. -- */ -- ip += (int) length; -- switch(length) { -- case 7: -- right ^= (*(--ip) & FF_UINT32) << 8; -- case 6: -- right ^= (*(--ip) & FF_UINT32) << 16; -- case 5: -- right ^= (*(--ip) & FF_UINT32) << 24; -- case 4: -- left ^= *(--ip) & FF_UINT32; -- case 3: -- left ^= (*(--ip) & FF_UINT32) << 8; -- case 2: -- left ^= (*(--ip) & FF_UINT32) << 16; -- case 1: -- left ^= (*(--ip) & FF_UINT32) << 24; -- break; -- } -- length = 0; -- } -- -- /* -- * Encrypt what we have -- */ -- DES_DO_ENCRYPT(left, right, kp); -- -- /* -- * Copy the results out -- */ -- PUT_HALF_BLOCK(left, op); -- PUT_HALF_BLOCK(right, op); -- } --} -- --static void --des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out, -- unsigned long length, const mit_des_key_schedule schedule, -- const mit_des_cblock ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp; -- const unsigned char *ip; -- unsigned char *op; -- unsigned DES_INT32 ocipherl, ocipherr; -- unsigned DES_INT32 cipherl, cipherr; -- -- /* -- * Get key pointer here. This won't need to be reinitialized -- */ -- kp = (const unsigned DES_INT32 *)schedule; -- -- /* -- * Decrypting is harder than encrypting because of -- * the necessity of remembering a lot more things. -- * Should think about this a little more... -- */ -- -- if (length <= 0) -- return; -- -- /* -- * Prime the old cipher with ivec. -- */ -- ip = ivec; -- GET_HALF_BLOCK(ocipherl, ip); -- GET_HALF_BLOCK(ocipherr, ip); -- -- /* -- * Now do this in earnest until we run out of length. -- */ -- ip = *in; -- op = *out; -- for (;;) { /* check done inside loop */ -- /* -- * Read a block from the input into left and -- * right. Save this cipher block for later. -- */ -- GET_HALF_BLOCK(left, ip); -- GET_HALF_BLOCK(right, ip); -- cipherl = left; -- cipherr = right; -- -- /* -- * Decrypt this. -- */ -- DES_DO_DECRYPT(left, right, kp); -- -- /* -- * Xor with the old cipher to get plain -- * text. Output 8 or less bytes of this. -- */ -- left ^= ocipherl; -- right ^= ocipherr; -- if (length > 8) { -- length -= 8; -- PUT_HALF_BLOCK(left, op); -- PUT_HALF_BLOCK(right, op); -- /* -- * Save current cipher block here -- */ -- ocipherl = cipherl; -- ocipherr = cipherr; -- } else { -- /* -- * Trouble here. Start at end of output, -- * work backwards. -- */ -- op += (int) length; -- switch(length) { -- case 8: -- *(--op) = (unsigned char) (right & 0xff); -- case 7: -- *(--op) = (unsigned char) ((right >> 8) & 0xff); -- case 6: -- *(--op) = (unsigned char) ((right >> 16) & 0xff); -- case 5: -- *(--op) = (unsigned char) ((right >> 24) & 0xff); -- case 4: -- *(--op) = (unsigned char) (left & 0xff); -- case 3: -- *(--op) = (unsigned char) ((left >> 8) & 0xff); -- case 2: -- *(--op) = (unsigned char) ((left >> 16) & 0xff); -- case 1: -- *(--op) = (unsigned char) ((left >> 24) & 0xff); -- break; -- } -- break; /* we're done */ -- } -- } --} -- --int --mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, -- unsigned long length, const mit_des_key_schedule schedule, -- const mit_des_cblock ivec, int enc) --{ -- /* -- * Deal with encryption and decryption separately. -- */ -- if (enc) -- des_cbc_encrypt(in, out, length, schedule, ivec); -- else -- des_cbc_decrypt(in, out, length, schedule, ivec); -- return 0; --} -diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c -deleted file mode 100644 -index 615a947f4a..0000000000 ---- a/src/lib/crypto/builtin/des/f_cksum.c -+++ /dev/null -@@ -1,141 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/f_cksum.c */ --/* -- * Copyright (C) 1990 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --/* DES implementation donated by Dennis Ferguson */ -- --/* -- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode -- */ --#include "crypto_int.h" --#include "des_int.h" --#include "f_tables.h" -- --#ifdef K5_BUILTIN_DES -- --/* -- * This routine performs DES cipher-block-chaining checksum operation, -- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input -- * to a single 64 bit output MAC checksum. -- * -- * The key schedule is passed as an arg, as well as the cleartext or -- * ciphertext. The cleartext and ciphertext should be in host order. -- * -- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was -- * provided, your program will get trashed. -- * -- * The input is null padded, at the end (highest addr), to an integral -- * multiple of eight bytes. -- */ -- --unsigned long --mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, -- unsigned long length, const mit_des_key_schedule schedule, -- const krb5_octet *ivec) --{ -- unsigned DES_INT32 left, right; -- const unsigned DES_INT32 *kp; -- const unsigned char *ip; -- unsigned char *op; -- DES_INT32 len; -- -- /* -- * Initialize left and right with the contents of the initial -- * vector. -- */ -- ip = ivec; -- GET_HALF_BLOCK(left, ip); -- GET_HALF_BLOCK(right, ip); -- -- /* -- * Suitably initialized, now work the length down 8 bytes -- * at a time. -- */ -- ip = in; -- len = length; -- while (len > 0) { -- /* -- * Get more input, xor it in. If the length is -- * greater than or equal to 8 this is straight -- * forward. Otherwise we have to fart around. -- */ -- if (len >= 8) { -- unsigned DES_INT32 temp; -- GET_HALF_BLOCK(temp, ip); -- left ^= temp; -- GET_HALF_BLOCK(temp, ip); -- right ^= temp; -- len -= 8; -- } else { -- /* -- * Oh, shoot. We need to pad the -- * end with zeroes. Work backwards -- * to do this. -- */ -- ip += (int) len; -- switch(len) { -- case 7: -- right ^= (*(--ip) & FF_UINT32) << 8; -- case 6: -- right ^= (*(--ip) & FF_UINT32) << 16; -- case 5: -- right ^= (*(--ip) & FF_UINT32) << 24; -- case 4: -- left ^= *(--ip) & FF_UINT32; -- case 3: -- left ^= (*(--ip) & FF_UINT32) << 8; -- case 2: -- left ^= (*(--ip) & FF_UINT32) << 16; -- case 1: -- left ^= (*(--ip) & FF_UINT32) << 24; -- break; -- } -- len = 0; -- } -- -- /* -- * Encrypt what we have -- */ -- kp = (const unsigned DES_INT32 *)schedule; -- DES_DO_ENCRYPT(left, right, kp); -- } -- -- /* -- * Done. Left and right have the checksum. Put it into -- * the output. -- */ -- op = out; -- PUT_HALF_BLOCK(left, op); -- PUT_HALF_BLOCK(right, op); -- -- /* -- * Return right. I'll bet the MIT code returns this -- * inconsistantly (with the low order byte of the checksum -- * not always in the low order byte of the DES_INT32). We won't. -- */ -- return right & 0xFFFFFFFFUL; --} -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c -deleted file mode 100644 -index a658878f6f..0000000000 ---- a/src/lib/crypto/builtin/des/f_parity.c -+++ /dev/null -@@ -1,64 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* -- * These routines check and fix parity of encryption keys for the DES -- * algorithm. -- * -- * They are a replacement for routines in key_parity.c, that don't require -- * the table building that they do. -- * -- * Mark Eichin -- Cygnus Support -- */ -- --#include "crypto_int.h" --#include "des_int.h" -- --#ifdef K5_BUILTIN_DES_KEY_PARITY -- --/* -- * des_fixup_key_parity: Forces odd parity per byte; parity is bits -- * 8,16,...64 in des order, implies 0, 8, 16, ... -- * vax order. -- */ --#define smask(step) ((1<>step)&smask(step))) --#define parity_char(x) pstep(pstep(pstep((x),4),2),1) -- --void --mit_des_fixup_key_parity(mit_des_cblock key) --{ -- unsigned int i; -- for (i=0; i> 29) & 0x7] -- | (PC1_CL[(tmp >> 21) & 0x7] << 1) -- | (PC1_CL[(tmp >> 13) & 0x7] << 2) -- | (PC1_CL[(tmp >> 5) & 0x7] << 3); -- d = PC1_DL[(tmp >> 25) & 0xf] -- | (PC1_DL[(tmp >> 17) & 0xf] << 1) -- | (PC1_DL[(tmp >> 9) & 0xf] << 2) -- | (PC1_DL[(tmp >> 1) & 0xf] << 3); -- -- tmp = load_32_be(k), k += 4; -- -- c |= PC1_CR[(tmp >> 28) & 0xf] -- | (PC1_CR[(tmp >> 20) & 0xf] << 1) -- | (PC1_CR[(tmp >> 12) & 0xf] << 2) -- | (PC1_CR[(tmp >> 4) & 0xf] << 3); -- d |= PC1_DR[(tmp >> 25) & 0x7] -- | (PC1_DR[(tmp >> 17) & 0x7] << 1) -- | (PC1_DR[(tmp >> 9) & 0x7] << 2) -- | (PC1_DR[(tmp >> 1) & 0x7] << 3); -- } -- -- { -- /* -- * Need several temporaries in here -- */ -- unsigned DES_INT32 ltmp, rtmp; -- unsigned DES_INT32 *k; -- int two_bit_shifts; -- int i; -- /* -- * Now iterate to compute the key schedule. Note that we -- * record the entire set of subkeys in 6 bit chunks since -- * they are used that way. At 6 bits/char, we need -- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. -- * The schedule must be this big. -- */ -- k = (unsigned DES_INT32 *)schedule; -- two_bit_shifts = TWO_BIT_SHIFTS; -- for (i = 16; i > 0; i--) { -- /* -- * Do the rotation. One bit and two bit rotations -- * are done separately. Note C and D are 28 bits. -- */ -- if (two_bit_shifts & 0x1) { -- c = ((c << 2) & 0xffffffc) | (c >> 26); -- d = ((d << 2) & 0xffffffc) | (d >> 26); -- } else { -- c = ((c << 1) & 0xffffffe) | (c >> 27); -- d = ((d << 1) & 0xffffffe) | (d >> 27); -- } -- two_bit_shifts >>= 1; -- -- /* -- * Apply permutted choice 2 to C to get the first -- * 24 bits worth of keys. Note that bits 9, 18, 22 -- * and 25 (using DES numbering) in C are unused. The -- * shift-mask stuff is done to delete these bits from -- * the indices, since this cuts the table size in half. -- * -- * The table is torqued, by the way. If the standard -- * byte order for this (high to low order) is 1234, -- * the table actually gives us 4132. -- */ -- ltmp = PC2_C[0][((c >> 22) & 0x3f)] -- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] -- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] -- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; -- /* -- * Apply permutted choice 2 to D to get the other half. -- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing -- * actually turns out to be cheaper here. -- * -- * This table is similarly torqued. If the standard -- * byte order is 5678, the table has the bytes permuted -- * to give us 7685. -- */ -- rtmp = PC2_D[0][((d >> 22) & 0x3f)] -- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] -- | PC2_D[2][((d >> 7) & 0x3f)] -- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; -- -- /* -- * Make up two words of the key schedule, with a -- * byte order which is convenient for the DES -- * inner loop. The high order (first) word will -- * hold bytes 7135 (high to low order) while the -- * second holds bytes 4682. -- */ -- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); -- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); -- } -- } -- return (0); --} -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c -deleted file mode 100644 -index e50ab1fc60..0000000000 ---- a/src/lib/crypto/builtin/des/f_tables.c -+++ /dev/null -@@ -1,375 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/f_tables.c */ --/* -- * Copyright (C) 1990 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --/* DES implementation donated by Dennis Ferguson */ -- --/* -- * des_tables.c - precomputed tables used for the DES cipher function -- */ -- --/* -- * Include the header file so something will complain if the -- * declarations get out of sync -- */ --#include "crypto_int.h" --#include "des_int.h" --#include "f_tables.h" -- --#ifdef K5_BUILTIN_DES -- --/* -- * These tables may be declared const if you want. Many compilers -- * don't support this, though. -- */ -- --/* -- * The DES algorithm which uses these is intended to be fairly speedy -- * at the expense of some memory. All the standard hacks are used. -- * The S boxes and the P permutation are precomputed into one table. -- * The E box never actually appears explicitly since it is easy to apply -- * this algorithmically as needed. The initial permutation and final -- * (inverse initial) permutation are computed from tables designed to -- * permute one byte at a time. This should run pretty fast on machines -- * with 32 bit words and bit field/multiple bit shift instructions which -- * are fast. -- */ -- --/* -- * The initial permutation array. This is used to compute both the -- * left and the right halves of the initial permutation using bytes -- * from words made from the following operations: -- * -- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half -- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half -- * -- * The scheme is that we index into the table using each byte. The -- * result from the high order byte is or'd with the result from the -- * next byte shifted left once is or'd with the result from the next -- * byte shifted left twice if or'd with the result from the low order -- * byte shifted left by three. Clear? -- */ -- --const unsigned DES_INT32 des_IP_table[256] = { -- 0x00000000, 0x00000010, 0x00000001, 0x00000011, -- 0x00001000, 0x00001010, 0x00001001, 0x00001011, -- 0x00000100, 0x00000110, 0x00000101, 0x00000111, -- 0x00001100, 0x00001110, 0x00001101, 0x00001111, -- 0x00100000, 0x00100010, 0x00100001, 0x00100011, -- 0x00101000, 0x00101010, 0x00101001, 0x00101011, -- 0x00100100, 0x00100110, 0x00100101, 0x00100111, -- 0x00101100, 0x00101110, 0x00101101, 0x00101111, -- 0x00010000, 0x00010010, 0x00010001, 0x00010011, -- 0x00011000, 0x00011010, 0x00011001, 0x00011011, -- 0x00010100, 0x00010110, 0x00010101, 0x00010111, -- 0x00011100, 0x00011110, 0x00011101, 0x00011111, -- 0x00110000, 0x00110010, 0x00110001, 0x00110011, -- 0x00111000, 0x00111010, 0x00111001, 0x00111011, -- 0x00110100, 0x00110110, 0x00110101, 0x00110111, -- 0x00111100, 0x00111110, 0x00111101, 0x00111111, -- 0x10000000, 0x10000010, 0x10000001, 0x10000011, -- 0x10001000, 0x10001010, 0x10001001, 0x10001011, -- 0x10000100, 0x10000110, 0x10000101, 0x10000111, -- 0x10001100, 0x10001110, 0x10001101, 0x10001111, -- 0x10100000, 0x10100010, 0x10100001, 0x10100011, -- 0x10101000, 0x10101010, 0x10101001, 0x10101011, -- 0x10100100, 0x10100110, 0x10100101, 0x10100111, -- 0x10101100, 0x10101110, 0x10101101, 0x10101111, -- 0x10010000, 0x10010010, 0x10010001, 0x10010011, -- 0x10011000, 0x10011010, 0x10011001, 0x10011011, -- 0x10010100, 0x10010110, 0x10010101, 0x10010111, -- 0x10011100, 0x10011110, 0x10011101, 0x10011111, -- 0x10110000, 0x10110010, 0x10110001, 0x10110011, -- 0x10111000, 0x10111010, 0x10111001, 0x10111011, -- 0x10110100, 0x10110110, 0x10110101, 0x10110111, -- 0x10111100, 0x10111110, 0x10111101, 0x10111111, -- 0x01000000, 0x01000010, 0x01000001, 0x01000011, -- 0x01001000, 0x01001010, 0x01001001, 0x01001011, -- 0x01000100, 0x01000110, 0x01000101, 0x01000111, -- 0x01001100, 0x01001110, 0x01001101, 0x01001111, -- 0x01100000, 0x01100010, 0x01100001, 0x01100011, -- 0x01101000, 0x01101010, 0x01101001, 0x01101011, -- 0x01100100, 0x01100110, 0x01100101, 0x01100111, -- 0x01101100, 0x01101110, 0x01101101, 0x01101111, -- 0x01010000, 0x01010010, 0x01010001, 0x01010011, -- 0x01011000, 0x01011010, 0x01011001, 0x01011011, -- 0x01010100, 0x01010110, 0x01010101, 0x01010111, -- 0x01011100, 0x01011110, 0x01011101, 0x01011111, -- 0x01110000, 0x01110010, 0x01110001, 0x01110011, -- 0x01111000, 0x01111010, 0x01111001, 0x01111011, -- 0x01110100, 0x01110110, 0x01110101, 0x01110111, -- 0x01111100, 0x01111110, 0x01111101, 0x01111111, -- 0x11000000, 0x11000010, 0x11000001, 0x11000011, -- 0x11001000, 0x11001010, 0x11001001, 0x11001011, -- 0x11000100, 0x11000110, 0x11000101, 0x11000111, -- 0x11001100, 0x11001110, 0x11001101, 0x11001111, -- 0x11100000, 0x11100010, 0x11100001, 0x11100011, -- 0x11101000, 0x11101010, 0x11101001, 0x11101011, -- 0x11100100, 0x11100110, 0x11100101, 0x11100111, -- 0x11101100, 0x11101110, 0x11101101, 0x11101111, -- 0x11010000, 0x11010010, 0x11010001, 0x11010011, -- 0x11011000, 0x11011010, 0x11011001, 0x11011011, -- 0x11010100, 0x11010110, 0x11010101, 0x11010111, -- 0x11011100, 0x11011110, 0x11011101, 0x11011111, -- 0x11110000, 0x11110010, 0x11110001, 0x11110011, -- 0x11111000, 0x11111010, 0x11111001, 0x11111011, -- 0x11110100, 0x11110110, 0x11110101, 0x11110111, -- 0x11111100, 0x11111110, 0x11111101, 0x11111111 --}; -- --/* -- * The final permutation array. Like the IP array, used -- * to compute both the left and right results from the bytes -- * of words computed from: -- * -- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result -- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result -- * -- * The result from the high order byte is shifted left 6 bits and -- * or'd with the result from the next byte shifted left 4 bits, which -- * is or'd with the result from the next byte shifted left 2 bits, -- * which is or'd with the result from the low byte. -- */ --const unsigned DES_INT32 des_FP_table[256] = { -- 0x00000000, 0x02000000, 0x00020000, 0x02020000, -- 0x00000200, 0x02000200, 0x00020200, 0x02020200, -- 0x00000002, 0x02000002, 0x00020002, 0x02020002, -- 0x00000202, 0x02000202, 0x00020202, 0x02020202, -- 0x01000000, 0x03000000, 0x01020000, 0x03020000, -- 0x01000200, 0x03000200, 0x01020200, 0x03020200, -- 0x01000002, 0x03000002, 0x01020002, 0x03020002, -- 0x01000202, 0x03000202, 0x01020202, 0x03020202, -- 0x00010000, 0x02010000, 0x00030000, 0x02030000, -- 0x00010200, 0x02010200, 0x00030200, 0x02030200, -- 0x00010002, 0x02010002, 0x00030002, 0x02030002, -- 0x00010202, 0x02010202, 0x00030202, 0x02030202, -- 0x01010000, 0x03010000, 0x01030000, 0x03030000, -- 0x01010200, 0x03010200, 0x01030200, 0x03030200, -- 0x01010002, 0x03010002, 0x01030002, 0x03030002, -- 0x01010202, 0x03010202, 0x01030202, 0x03030202, -- 0x00000100, 0x02000100, 0x00020100, 0x02020100, -- 0x00000300, 0x02000300, 0x00020300, 0x02020300, -- 0x00000102, 0x02000102, 0x00020102, 0x02020102, -- 0x00000302, 0x02000302, 0x00020302, 0x02020302, -- 0x01000100, 0x03000100, 0x01020100, 0x03020100, -- 0x01000300, 0x03000300, 0x01020300, 0x03020300, -- 0x01000102, 0x03000102, 0x01020102, 0x03020102, -- 0x01000302, 0x03000302, 0x01020302, 0x03020302, -- 0x00010100, 0x02010100, 0x00030100, 0x02030100, -- 0x00010300, 0x02010300, 0x00030300, 0x02030300, -- 0x00010102, 0x02010102, 0x00030102, 0x02030102, -- 0x00010302, 0x02010302, 0x00030302, 0x02030302, -- 0x01010100, 0x03010100, 0x01030100, 0x03030100, -- 0x01010300, 0x03010300, 0x01030300, 0x03030300, -- 0x01010102, 0x03010102, 0x01030102, 0x03030102, -- 0x01010302, 0x03010302, 0x01030302, 0x03030302, -- 0x00000001, 0x02000001, 0x00020001, 0x02020001, -- 0x00000201, 0x02000201, 0x00020201, 0x02020201, -- 0x00000003, 0x02000003, 0x00020003, 0x02020003, -- 0x00000203, 0x02000203, 0x00020203, 0x02020203, -- 0x01000001, 0x03000001, 0x01020001, 0x03020001, -- 0x01000201, 0x03000201, 0x01020201, 0x03020201, -- 0x01000003, 0x03000003, 0x01020003, 0x03020003, -- 0x01000203, 0x03000203, 0x01020203, 0x03020203, -- 0x00010001, 0x02010001, 0x00030001, 0x02030001, -- 0x00010201, 0x02010201, 0x00030201, 0x02030201, -- 0x00010003, 0x02010003, 0x00030003, 0x02030003, -- 0x00010203, 0x02010203, 0x00030203, 0x02030203, -- 0x01010001, 0x03010001, 0x01030001, 0x03030001, -- 0x01010201, 0x03010201, 0x01030201, 0x03030201, -- 0x01010003, 0x03010003, 0x01030003, 0x03030003, -- 0x01010203, 0x03010203, 0x01030203, 0x03030203, -- 0x00000101, 0x02000101, 0x00020101, 0x02020101, -- 0x00000301, 0x02000301, 0x00020301, 0x02020301, -- 0x00000103, 0x02000103, 0x00020103, 0x02020103, -- 0x00000303, 0x02000303, 0x00020303, 0x02020303, -- 0x01000101, 0x03000101, 0x01020101, 0x03020101, -- 0x01000301, 0x03000301, 0x01020301, 0x03020301, -- 0x01000103, 0x03000103, 0x01020103, 0x03020103, -- 0x01000303, 0x03000303, 0x01020303, 0x03020303, -- 0x00010101, 0x02010101, 0x00030101, 0x02030101, -- 0x00010301, 0x02010301, 0x00030301, 0x02030301, -- 0x00010103, 0x02010103, 0x00030103, 0x02030103, -- 0x00010303, 0x02010303, 0x00030303, 0x02030303, -- 0x01010101, 0x03010101, 0x01030101, 0x03030101, -- 0x01010301, 0x03010301, 0x01030301, 0x03030301, -- 0x01010103, 0x03010103, 0x01030103, 0x03030103, -- 0x01010303, 0x03010303, 0x01030303, 0x03030303 --}; -- -- --/* -- * The SP table is actually the S boxes and the P permutation -- * table combined. This table is actually reordered from the -- * spec, to match the order of key application we follow. -- */ --const unsigned DES_INT32 des_SP_table[8][64] = { -- { -- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ -- 0x00000400, 0x02000401, 0x00100401, 0x02100400, -- 0x02100401, 0x00100000, 0x00000000, 0x02000001, -- 0x00000001, 0x02000000, 0x02100001, 0x00000401, -- 0x02000400, 0x00100401, 0x00100001, 0x02000400, -- 0x02000001, 0x02100000, 0x02100400, 0x00100001, -- 0x02100000, 0x00000400, 0x00000401, 0x02100401, -- 0x00100400, 0x00000001, 0x02000000, 0x00100400, -- 0x02000000, 0x00100400, 0x00100000, 0x02000401, -- 0x02000401, 0x02100001, 0x02100001, 0x00000001, -- 0x00100001, 0x02000000, 0x02000400, 0x00100000, -- 0x02100400, 0x00000401, 0x00100401, 0x02100400, -- 0x00000401, 0x02000001, 0x02100401, 0x02100000, -- 0x00100400, 0x00000000, 0x00000001, 0x02100401, -- 0x00000000, 0x00100401, 0x02100000, 0x00000400, -- 0x02000001, 0x02000400, 0x00000400, 0x00100001, -- }, -- { -- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ -- 0x00808002, 0x00008202, 0x00000002, 0x00008000, -- 0x00000200, 0x00808200, 0x00808202, 0x00000200, -- 0x00800202, 0x00808002, 0x00800000, 0x00000002, -- 0x00000202, 0x00800200, 0x00800200, 0x00008200, -- 0x00008200, 0x00808000, 0x00808000, 0x00800202, -- 0x00008002, 0x00800002, 0x00800002, 0x00008002, -- 0x00000000, 0x00000202, 0x00008202, 0x00800000, -- 0x00008000, 0x00808202, 0x00000002, 0x00808000, -- 0x00808200, 0x00800000, 0x00800000, 0x00000200, -- 0x00808002, 0x00008000, 0x00008200, 0x00800002, -- 0x00000200, 0x00000002, 0x00800202, 0x00008202, -- 0x00808202, 0x00008002, 0x00808000, 0x00800202, -- 0x00800002, 0x00000202, 0x00008202, 0x00808200, -- 0x00000202, 0x00800200, 0x00800200, 0x00000000, -- 0x00008002, 0x00008200, 0x00000000, 0x00808002, -- }, -- { -- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ -- 0x04000100, 0x00000000, 0x00010104, 0x04000100, -- 0x00010004, 0x04000004, 0x04000004, 0x00010000, -- 0x04010104, 0x00010004, 0x04010000, 0x00000104, -- 0x04000000, 0x00000004, 0x04010100, 0x00000100, -- 0x00010100, 0x04010000, 0x04010004, 0x00010104, -- 0x04000104, 0x00010100, 0x00010000, 0x04000104, -- 0x00000004, 0x04010104, 0x00000100, 0x04000000, -- 0x04010100, 0x04000000, 0x00010004, 0x00000104, -- 0x00010000, 0x04010100, 0x04000100, 0x00000000, -- 0x00000100, 0x00010004, 0x04010104, 0x04000100, -- 0x04000004, 0x00000100, 0x00000000, 0x04010004, -- 0x04000104, 0x00010000, 0x04000000, 0x04010104, -- 0x00000004, 0x00010104, 0x00010100, 0x04000004, -- 0x04010000, 0x04000104, 0x00000104, 0x04010000, -- 0x00010104, 0x00000004, 0x04010004, 0x00010100, -- }, -- { -- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ -- 0x00040000, 0x00000080, 0x20000000, 0x01040000, -- 0x20040080, 0x00040000, 0x01000080, 0x20040080, -- 0x21000080, 0x21040000, 0x00040080, 0x20000000, -- 0x01000000, 0x20040000, 0x20040000, 0x00000000, -- 0x20000080, 0x21040080, 0x21040080, 0x01000080, -- 0x21040000, 0x20000080, 0x00000000, 0x21000000, -- 0x01040080, 0x01000000, 0x21000000, 0x00040080, -- 0x00040000, 0x21000080, 0x00000080, 0x01000000, -- 0x20000000, 0x01040000, 0x21000080, 0x20040080, -- 0x01000080, 0x20000000, 0x21040000, 0x01040080, -- 0x20040080, 0x00000080, 0x01000000, 0x21040000, -- 0x21040080, 0x00040080, 0x21000000, 0x21040080, -- 0x01040000, 0x00000000, 0x20040000, 0x21000000, -- 0x00040080, 0x01000080, 0x20000080, 0x00040000, -- 0x00000000, 0x20040000, 0x01040080, 0x20000080, -- }, -- { -- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ -- 0x00401040, 0x80400040, 0x80400000, 0x80001000, -- 0x00000000, 0x00401000, 0x00401000, 0x80401040, -- 0x80000040, 0x00000000, 0x00400040, 0x80400000, -- 0x80000000, 0x00001000, 0x00400000, 0x80401000, -- 0x00000040, 0x00400000, 0x80001000, 0x00001040, -- 0x80400040, 0x80000000, 0x00001040, 0x00400040, -- 0x00001000, 0x00401040, 0x80401040, 0x80000040, -- 0x00400040, 0x80400000, 0x00401000, 0x80401040, -- 0x80000040, 0x00000000, 0x00000000, 0x00401000, -- 0x00001040, 0x00400040, 0x80400040, 0x80000000, -- 0x80401000, 0x80001040, 0x80001040, 0x00000040, -- 0x80401040, 0x80000040, 0x80000000, 0x00001000, -- 0x80400000, 0x80001000, 0x00401040, 0x80400040, -- 0x80001000, 0x00001040, 0x00400000, 0x80401000, -- 0x00000040, 0x00400000, 0x00001000, 0x00401040, -- }, -- { -- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ -- 0x10200000, 0x00000008, 0x10202008, 0x00200000, -- 0x10002000, 0x00202008, 0x00200000, 0x10000008, -- 0x00200008, 0x10002000, 0x10000000, 0x00002008, -- 0x00000000, 0x00200008, 0x10002008, 0x00002000, -- 0x00202000, 0x10002008, 0x00000008, 0x10200008, -- 0x10200008, 0x00000000, 0x00202008, 0x10202000, -- 0x00002008, 0x00202000, 0x10202000, 0x10000000, -- 0x10002000, 0x00000008, 0x10200008, 0x00202000, -- 0x10202008, 0x00200000, 0x00002008, 0x10000008, -- 0x00200000, 0x10002000, 0x10000000, 0x00002008, -- 0x10000008, 0x10202008, 0x00202000, 0x10200000, -- 0x00202008, 0x10202000, 0x00000000, 0x10200008, -- 0x00000008, 0x00002000, 0x10200000, 0x00202008, -- 0x00002000, 0x00200008, 0x10002008, 0x00000000, -- 0x10202000, 0x10000000, 0x00200008, 0x10002008, -- }, -- { -- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ -- 0x08000000, 0x08000820, 0x00000020, 0x08000000, -- 0x00020020, 0x08020000, 0x08020820, 0x00020800, -- 0x08020800, 0x00020820, 0x00000800, 0x00000020, -- 0x08020000, 0x08000020, 0x08000800, 0x00000820, -- 0x00020800, 0x00020020, 0x08020020, 0x08020800, -- 0x00000820, 0x00000000, 0x00000000, 0x08020020, -- 0x08000020, 0x08000800, 0x00020820, 0x00020000, -- 0x00020820, 0x00020000, 0x08020800, 0x00000800, -- 0x00000020, 0x08020020, 0x00000800, 0x00020820, -- 0x08000800, 0x00000020, 0x08000020, 0x08020000, -- 0x08020020, 0x08000000, 0x00020000, 0x08000820, -- 0x00000000, 0x08020820, 0x00020020, 0x08000020, -- 0x08020000, 0x08000800, 0x08000820, 0x00000000, -- 0x08020820, 0x00020800, 0x00020800, 0x00000820, -- 0x00000820, 0x00020020, 0x08000000, 0x08020800, -- }, -- { -- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ -- 0x00080000, 0x00000010, 0x40080010, 0x40004010, -- 0x40000010, 0x40084010, 0x40084000, 0x40000000, -- 0x40004000, 0x00080000, 0x00000010, 0x40080010, -- 0x00084000, 0x00080010, 0x40004010, 0x00000000, -- 0x40000000, 0x00004000, 0x00084010, 0x40080000, -- 0x00080010, 0x40000010, 0x00000000, 0x00084000, -- 0x00004010, 0x40084000, 0x40080000, 0x00004010, -- 0x00000000, 0x00084010, 0x40080010, 0x00080000, -- 0x40004010, 0x40080000, 0x40084000, 0x00004000, -- 0x40080000, 0x40004000, 0x00000010, 0x40084010, -- 0x00084010, 0x00000010, 0x00004000, 0x40000000, -- 0x00004010, 0x40084000, 0x00080000, 0x40000010, -- 0x00080010, 0x40004010, 0x40000010, 0x00080010, -- 0x00084000, 0x00000000, 0x40004000, 0x00004010, -- 0x40000000, 0x40080010, 0x40084010, 0x00084000 -- }, --}; -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h -deleted file mode 100644 -index fc91b566cf..0000000000 ---- a/src/lib/crypto/builtin/des/f_tables.h -+++ /dev/null -@@ -1,285 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/f_tables.h */ --/* -- * Copyright (C) 1990 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --/* -- * DES implementation donated by Dennis Ferguson -- */ -- --/* -- * des_tables.h - declarations to import the DES tables, used internally -- * by some of the library routines. -- */ --#ifndef __DES_TABLES_H__ --#define __DES_TABLES_H__ /* nothing */ -- --#include "k5-platform.h" --/* -- * These may be declared const if you wish. Be sure to change the -- * declarations in des_tables.c as well. -- */ --extern const unsigned DES_INT32 des_IP_table[256]; --extern const unsigned DES_INT32 des_FP_table[256]; --extern const unsigned DES_INT32 des_SP_table[8][64]; -- --/* -- * Use standard shortforms to reference these to save typing -- */ --#define IP des_IP_table --#define FP des_FP_table --#define SP des_SP_table -- --#ifdef DEBUG --#define DEB(foofraw) printf foofraw --#else --#define DEB(foofraw) /* nothing */ --#endif -- --/* -- * Code to do a DES round using the tables. Note that the E expansion -- * is easy to compute algorithmically, especially if done out-of-order. -- * Take a look at its form and compare it to everything involving temp -- * below. Since SP[0-7] don't have any bits in common set it is okay -- * to do the successive xor's. -- * -- * Note too that the SP table has been reordered to match the order of -- * the keys (if the original order of SP was 12345678, the reordered -- * table is 71354682). This is unnecessary, but was done since some -- * compilers seem to like you going through the matrix from beginning -- * to end. -- * -- * There is a difference in the best way to do this depending on whether -- * one is encrypting or decrypting. If encrypting we move forward through -- * the keys and hence should move forward through the table. If decrypting -- * we go back. Part of the need for this comes from trying to emulate -- * existing software which generates a single key schedule and uses it -- * both for encrypting and decrypting. Generating separate encryption -- * and decryption key schedules would allow one to use the same code -- * for both. -- * -- * left, right and temp should be unsigned DES_INT32 values. left and right -- * should be the high and low order parts of the cipher block at the -- * current stage of processing (this makes sense if you read the spec). -- * kp should be an unsigned DES_INT32 pointer which points at the current -- * set of subkeys in the key schedule. It is advanced to the next set -- * (i.e. by 8 bytes) when this is done. -- * -- * This occurs in the innermost loop of the DES function. The four -- * variables should really be in registers. -- * -- * When using this, the inner loop of the DES function might look like: -- * -- * for (i = 0; i < 8; i++) { -- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); -- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); -- * } -- * -- * Note the trick above. You are supposed to do 16 rounds, swapping -- * left and right at the end of each round. By doing two rounds at -- * a time and swapping left and right in the code we can avoid the -- * swaps altogether. -- */ --#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \ -- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ -- (left) ^= SP[0][((temp) >> 24) & 0x3f] \ -- | SP[1][((temp) >> 16) & 0x3f] \ -- | SP[2][((temp) >> 8) & 0x3f] \ -- | SP[3][((temp) ) & 0x3f]; \ -- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ -- (left) ^= SP[4][((temp) >> 24) & 0x3f] \ -- | SP[5][((temp) >> 16) & 0x3f] \ -- | SP[6][((temp) >> 8) & 0x3f] \ -- | SP[7][((temp) ) & 0x3f]; \ -- } while(0); -- --#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \ -- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ -- (left) ^= SP[7][((temp) ) & 0x3f] \ -- | SP[6][((temp) >> 8) & 0x3f] \ -- | SP[5][((temp) >> 16) & 0x3f] \ -- | SP[4][((temp) >> 24) & 0x3f]; \ -- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ -- (left) ^= SP[3][((temp) ) & 0x3f] \ -- | SP[2][((temp) >> 8) & 0x3f] \ -- | SP[1][((temp) >> 16) & 0x3f] \ -- | SP[0][((temp) >> 24) & 0x3f]; \ -- } while (0); -- --/* -- * Macros to help deal with the initial permutation table. Note -- * the IP table only deals with 32 bits at a time, allowing us to -- * collect the bits we need to deal with each half into an unsigned -- * DES_INT32. By carefully selecting how the bits are ordered we also -- * take advantages of symmetries in the table so that we can use a -- * single table to compute the permutation of all bytes. This sounds -- * complicated, but if you go through the process of designing the -- * table you'll find the symmetries fall right out. -- * -- * The follow macros compute the set of bits used to index the -- * table for produce the left and right permuted result. -- * -- * The inserted cast to unsigned DES_INT32 circumvents a bug in -- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and -- * propagates the high-order bit in the shift. -- */ --#define DES_IP_LEFT_BITS(left, right) \ -- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) --#define DES_IP_RIGHT_BITS(left, right) \ -- (((left) & 0xaaaaaaaa) | \ -- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1)) -- --/* -- * The following macro does an in-place initial permutation given -- * the current left and right parts of the block and a single -- * temporary. Use this more as a guide for rolling your own, though. -- * The best way to do the IP depends on the form of the data you -- * are dealing with. If you use this, though, try to make left, -- * right and temp unsigned DES_INT32s. -- */ --#define DES_INITIAL_PERM(left, right, temp) do { \ -- (temp) = DES_IP_RIGHT_BITS((left), (right)); \ -- (right) = DES_IP_LEFT_BITS((left), (right)); \ -- (left) = IP[((right) >> 24) & 0xff] \ -- | (IP[((right) >> 16) & 0xff] << 1) \ -- | (IP[((right) >> 8) & 0xff] << 2) \ -- | (IP[(right) & 0xff] << 3); \ -- (right) = IP[((temp) >> 24) & 0xff] \ -- | (IP[((temp) >> 16) & 0xff] << 1) \ -- | (IP[((temp) >> 8) & 0xff] << 2) \ -- | (IP[(temp) & 0xff] << 3); \ -- } while(0); -- --/* -- * Now the final permutation stuff. The same comments apply to -- * this as to the initial permutation, except that we use different -- * bits and shifts. -- * -- * The inserted cast to unsigned DES_INT32 circumvents a bug in -- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and -- * propagates the high-order bit in the shift. -- */ --#define DES_FP_LEFT_BITS(left, right) \ -- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) --#define DES_FP_RIGHT_BITS(left, right) \ -- (((left) & 0xf0f0f0f0) | \ -- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4)) -- -- --/* -- * Here is a sample final permutation. Note that there is a trick -- * here. DES requires swapping the left and right parts after the -- * last cipher round but before the final permutation. We do this -- * swapping internally, which is why left and right are confused -- * at the beginning. -- */ --#define DES_FINAL_PERM(left, right, temp) do { \ -- (temp) = DES_FP_RIGHT_BITS((right), (left)); \ -- (right) = DES_FP_LEFT_BITS((right), (left)); \ -- (left) = (FP[((right) >> 24) & 0xff] << 6) \ -- | (FP[((right) >> 16) & 0xff] << 4) \ -- | (FP[((right) >> 8) & 0xff] << 2) \ -- | FP[(right) & 0xff]; \ -- (right) = (FP[((temp) >> 24) & 0xff] << 6) \ -- | (FP[((temp) >> 16) & 0xff] << 4) \ -- | (FP[((temp) >> 8) & 0xff] << 2) \ -- | FP[temp & 0xff]; \ -- } while(0); -- -- --/* -- * Finally, as a sample of how all this might be held together, the -- * following two macros do in-place encryptions and decryptions. left -- * and right are two unsigned DES_INT32 variables which at the beginning -- * are expected to hold the clear (encrypted) block in host byte order -- * (left the high order four bytes, right the low order). At the end -- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32 -- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at -- * the start of the key schedule. All these should be in registers. -- * -- * You can probably do better than these by rewriting for particular -- * situations. These aren't bad, though. -- * -- * The DEB macros enable debugging when this code breaks (typically -- * when a buggy compiler breaks it), by printing the intermediate values -- * at each stage of the encryption, so that by comparing the output to -- * a known good machine, the location of the first error can be found. -- */ --#define DES_DO_ENCRYPT_1(left, right, kp) \ -- do { \ -- int i; \ -- unsigned DES_INT32 temp1; \ -- DEB (("do_encrypt %8lX %8lX \n", left, right)); \ -- DES_INITIAL_PERM((left), (right), (temp1)); \ -- DEB ((" after IP %8lX %8lX\n", left, right)); \ -- for (i = 0; i < 8; i++) { \ -- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \ -- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \ -- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \ -- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \ -- } \ -- DES_FINAL_PERM((left), (right), (temp1)); \ -- (kp) -= (2 * 16); \ -- DEB ((" after FP %8lX %8lX \n", left, right)); \ -- } while (0) -- --#define DES_DO_DECRYPT_1(left, right, kp) \ -- do { \ -- int i; \ -- unsigned DES_INT32 temp2; \ -- DES_INITIAL_PERM((left), (right), (temp2)); \ -- (kp) += (2 * 16); \ -- for (i = 0; i < 8; i++) { \ -- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \ -- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \ -- } \ -- DES_FINAL_PERM((left), (right), (temp2)); \ -- } while (0) -- --#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) --extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l, -- unsigned DES_INT32 *r, -- const unsigned DES_INT32 *k); --extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l, -- unsigned DES_INT32 *r, -- const unsigned DES_INT32 *k); --#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K)) --#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K)) --#else --#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1 --#define DES_DO_DECRYPT DES_DO_DECRYPT_1 --#endif -- --/* -- * These are handy dandy utility thingies for straightening out bytes. -- * Included here because they're used a couple of places. -- */ --#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4) --#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4) -- --/* Shorthand that we'll need in several places, for creating values that -- really can hold 32 bits regardless of the prevailing int size. */ --#define FF_UINT32 ((unsigned DES_INT32) 0xFF) -- --#endif /* __DES_TABLES_H__ */ -diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c -deleted file mode 100644 -index d6dedd93c6..0000000000 ---- a/src/lib/crypto/builtin/des/key_sched.c -+++ /dev/null -@@ -1,66 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/key_sched.c */ --/* -- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute -- * of Technology. -- * All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --/* -- * This routine computes the DES key schedule given a key. The -- * permutations and shifts have been done at compile time, resulting -- * in a direct one-step mapping from the input key to the key -- * schedule. -- * -- * Also checks parity and weak keys. -- * -- * Watch out for the subscripts -- most effectively start at 1 instead -- * of at zero. Maybe some bugs in that area. -- * -- * In case the user wants to cache the computed key schedule, it is -- * passed as an arg. Also implies that caller has explicit control -- * over zeroing both the key schedule and the key. -- * -- * Originally written 6/85 by Steve Miller, MIT Project Athena. -- */ -- --#include "crypto_int.h" --#include "des_int.h" -- --#ifdef K5_BUILTIN_DES -- --int --mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) --{ -- mit_des_make_key_sched(k,schedule); -- -- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */ -- return(-1); -- -- if (mit_des_is_weak_key(k)) -- return(-2); -- -- /* if key was good, return 0 */ -- return 0; --} -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data -deleted file mode 100644 -index 7ff34eedcf..0000000000 ---- a/src/lib/crypto/builtin/des/keytest.data -+++ /dev/null -@@ -1,171 +0,0 @@ --0101010101010101 95F8A5E5DD31D900 8000000000000000 --0101010101010101 DD7F121CA5015619 4000000000000000 --0101010101010101 2E8653104F3834EA 2000000000000000 --0101010101010101 4BD388FF6CD81D4F 1000000000000000 --0101010101010101 20B9E767B2FB1456 0800000000000000 --0101010101010101 55579380D77138EF 0400000000000000 --0101010101010101 6CC5DEFAAF04512F 0200000000000000 --0101010101010101 0D9F279BA5D87260 0100000000000000 --0101010101010101 D9031B0271BD5A0A 0080000000000000 --0101010101010101 424250B37C3DD951 0040000000000000 --0101010101010101 B8061B7ECD9A21E5 0020000000000000 --0101010101010101 F15D0F286B65BD28 0010000000000000 --0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000 --0101010101010101 E6D5F82752AD63D1 0004000000000000 --0101010101010101 ECBFE3BD3F591A5E 0002000000000000 --0101010101010101 F356834379D165CD 0001000000000000 --0101010101010101 2B9F982F20037FA9 0000800000000000 --0101010101010101 889DE068A16F0BE6 0000400000000000 --0101010101010101 E19E275D846A1298 0000200000000000 --0101010101010101 329A8ED523D71AEC 0000100000000000 --0101010101010101 E7FCE22557D23C97 0000080000000000 --0101010101010101 12A9F5817FF2D65D 0000040000000000 --0101010101010101 A484C3AD38DC9C19 0000020000000000 --0101010101010101 FBE00A8A1EF8AD72 0000010000000000 --0101010101010101 750D079407521363 0000008000000000 --0101010101010101 64FEED9C724C2FAF 0000004000000000 --0101010101010101 F02B263B328E2B60 0000002000000000 --0101010101010101 9D64555A9A10B852 0000001000000000 --0101010101010101 D106FF0BED5255D7 0000000800000000 --0101010101010101 E1652C6B138C64A5 0000000400000000 --0101010101010101 E428581186EC8F46 0000000200000000 --0101010101010101 AEB5F5EDE22D1A36 0000000100000000 --0101010101010101 E943D7568AEC0C5C 0000000080000000 --0101010101010101 DF98C8276F54B04B 0000000040000000 --0101010101010101 B160E4680F6C696F 0000000020000000 --0101010101010101 FA0752B07D9C4AB8 0000000010000000 --0101010101010101 CA3A2B036DBC8502 0000000008000000 --0101010101010101 5E0905517BB59BCF 0000000004000000 --0101010101010101 814EEB3B91D90726 0000000002000000 --0101010101010101 4D49DB1532919C9F 0000000001000000 --0101010101010101 25EB5FC3F8CF0621 0000000000800000 --0101010101010101 AB6A20C0620D1C6F 0000000000400000 --0101010101010101 79E90DBC98F92CCA 0000000000200000 --0101010101010101 866ECEDD8072BB0E 0000000000100000 --0101010101010101 8B54536F2F3E64A8 0000000000080000 --0101010101010101 EA51D3975595B86B 0000000000040000 --0101010101010101 CAFFC6AC4542DE31 0000000000020000 --0101010101010101 8DD45A2DDF90796C 0000000000010000 --0101010101010101 1029D55E880EC2D0 0000000000008000 --0101010101010101 5D86CB23639DBEA9 0000000000004000 --0101010101010101 1D1CA853AE7C0C5F 0000000000002000 --0101010101010101 CE332329248F3228 0000000000001000 --0101010101010101 8405D1ABE24FB942 0000000000000800 --0101010101010101 E643D78090CA4207 0000000000000400 --0101010101010101 48221B9937748A23 0000000000000200 --0101010101010101 DD7C0BBD61FAFD54 0000000000000100 --0101010101010101 2FBC291A570DB5C4 0000000000000080 --0101010101010101 E07C30D7E4E26E12 0000000000000040 --0101010101010101 0953E2258E8E90A1 0000000000000020 --0101010101010101 5B711BC4CEEBF2EE 0000000000000010 --0101010101010101 CC083F1E6D9E85F6 0000000000000008 --0101010101010101 D2FD8867D50D2DFE 0000000000000004 --0101010101010101 06E7EA22CE92708F 0000000000000002 --0101010101010101 166B40B44ABA4BD6 0000000000000001 --8001010101010101 0000000000000000 95A8D72813DAA94D --4001010101010101 0000000000000000 0EEC1487DD8C26D5 --2001010101010101 0000000000000000 7AD16FFB79C45926 --1001010101010101 0000000000000000 D3746294CA6A6CF3 --0801010101010101 0000000000000000 809F5F873C1FD761 --0401010101010101 0000000000000000 C02FAFFEC989D1FC --0201010101010101 0000000000000000 4615AA1D33E72F10 --0180010101010101 0000000000000000 2055123350C00858 --0140010101010101 0000000000000000 DF3B99D6577397C8 --0120010101010101 0000000000000000 31FE17369B5288C9 --0110010101010101 0000000000000000 DFDD3CC64DAE1642 --0108010101010101 0000000000000000 178C83CE2B399D94 --0104010101010101 0000000000000000 50F636324A9B7F80 --0102010101010101 0000000000000000 A8468EE3BC18F06D --0101800101010101 0000000000000000 A2DC9E92FD3CDE92 --0101400101010101 0000000000000000 CAC09F797D031287 --0101200101010101 0000000000000000 90BA680B22AEB525 --0101100101010101 0000000000000000 CE7A24F350E280B6 --0101080101010101 0000000000000000 882BFF0AA01A0B87 --0101040101010101 0000000000000000 25610288924511C2 --0101020101010101 0000000000000000 C71516C29C75D170 --0101018001010101 0000000000000000 5199C29A52C9F059 --0101014001010101 0000000000000000 C22F0A294A71F29F --0101012001010101 0000000000000000 EE371483714C02EA --0101011001010101 0000000000000000 A81FBD448F9E522F --0101010801010101 0000000000000000 4F644C92E192DFED --0101010401010101 0000000000000000 1AFA9A66A6DF92AE --0101010201010101 0000000000000000 B3C1CC715CB879D8 --0101010180010101 0000000000000000 19D032E64AB0BD8B --0101010140010101 0000000000000000 3CFAA7A7DC8720DC --0101010120010101 0000000000000000 B7265F7F447AC6F3 --0101010110010101 0000000000000000 9DB73B3C0D163F54 --0101010108010101 0000000000000000 8181B65BABF4A975 --0101010104010101 0000000000000000 93C9B64042EAA240 --0101010102010101 0000000000000000 5570530829705592 --0101010101800101 0000000000000000 8638809E878787A0 --0101010101400101 0000000000000000 41B9A79AF79AC208 --0101010101200101 0000000000000000 7A9BE42F2009A892 --0101010101100101 0000000000000000 29038D56BA6D2745 --0101010101080101 0000000000000000 5495C6ABF1E5DF51 --0101010101040101 0000000000000000 AE13DBD561488933 --0101010101020101 0000000000000000 024D1FFA8904E389 --0101010101018001 0000000000000000 D1399712F99BF02E --0101010101014001 0000000000000000 14C1D7C1CFFEC79E --0101010101012001 0000000000000000 1DE5279DAE3BED6F --0101010101011001 0000000000000000 E941A33F85501303 --0101010101010801 0000000000000000 DA99DBBC9A03F379 --0101010101010401 0000000000000000 B7FC92F91D8E92E9 --0101010101010201 0000000000000000 AE8E5CAA3CA04E85 --0101010101010180 0000000000000000 9CC62DF43B6EED74 --0101010101010140 0000000000000000 D863DBB5C59A91A0 --0101010101010120 0000000000000000 A1AB2190545B91D7 --0101010101010110 0000000000000000 0875041E64C570F7 --0101010101010108 0000000000000000 5A594528BEBEF1CC --0101010101010104 0000000000000000 FCDB3291DE21F0C0 --0101010101010102 0000000000000000 869EFD7F9F265A09 --1046913489980131 0000000000000000 88D55E54F54C97B4 --1007103489988020 0000000000000000 0C0CC00C83EA48FD --10071034C8980120 0000000000000000 83BC8EF3A6570183 --1046103489988020 0000000000000000 DF725DCAD94EA2E9 --1086911519190101 0000000000000000 E652B53B550BE8B0 --1086911519580101 0000000000000000 AF527120C485CBB0 --5107B01519580101 0000000000000000 0F04CE393DB926D5 --1007B01519190101 0000000000000000 C9F00FFC74079067 --3107915498080101 0000000000000000 7CFD82A593252B4E --3107919498080101 0000000000000000 CB49A2F9E91363E3 --10079115B9080140 0000000000000000 00B588BE70D23F56 --3107911598080140 0000000000000000 406A9A6AB43399AE --1007D01589980101 0000000000000000 6CB773611DCA9ADA --9107911589980101 0000000000000000 67FD21C17DBB5D70 --9107D01589190101 0000000000000000 9592CB4110430787 --1007D01598980120 0000000000000000 A6B7FF68A318DDD3 --1007940498190101 0000000000000000 4D102196C914CA16 --0107910491190401 0000000000000000 2DFA9F4573594965 --0107910491190101 0000000000000000 B46604816C0E0774 --0107940491190401 0000000000000000 6E7E6221A4F34E87 --19079210981A0101 0000000000000000 AA85E74643233199 --1007911998190801 0000000000000000 2E5A19DB4D1962D6 --10079119981A0801 0000000000000000 23A866A809D30894 --1007921098190101 0000000000000000 D812D961F017D320 --100791159819010B 0000000000000000 055605816E58608F --1004801598190101 0000000000000000 ABD88E8B1B7716F1 --1004801598190102 0000000000000000 537AC95BE69DA1E1 --1004801598190108 0000000000000000 AED0F6AE3C25CDD8 --1002911598100104 0000000000000000 B3E35A5EE53E7B8D --1002911598190104 0000000000000000 61C79C71921A2EF8 --1002911598100201 0000000000000000 E2F5728F0995013C --1002911698100101 0000000000000000 1AEAC39A61F0A464 --7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B --0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271 --07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A --3849674C2602319E 51454B582DDF440A 7178876E01F19B2A --04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095 --0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B --0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09 --43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A --07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F --04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088 --37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77 --1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A --584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56 --025816164629B007 480D39006EE762F2 A1F9915541020B56 --49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556 --4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC --49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A --018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41 --1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793 -diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c -deleted file mode 100644 -index 4a19933cad..0000000000 ---- a/src/lib/crypto/builtin/des/t_verify.c -+++ /dev/null -@@ -1,395 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/t_verify.c */ --/* -- * Copyright 1988, 1990 by the Massachusetts Institute of Technology. -- * All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ --/* -- * Copyright (C) 1998 by the FundsXpress, INC. -- * -- * All rights reserved. -- * -- * Export of this software from the United States of America may require -- * a specific license from the United States Government. It is the -- * responsibility of any person or organization contemplating export to -- * obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of FundsXpress. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. FundsXpress makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- * -- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -- */ -- --/* -- * -- * Program to test the correctness of the DES library -- * implementation. -- * -- * exit returns 0 ==> success -- * -1 ==> error -- */ -- --#include "k5-int.h" --#include "des_int.h" --#include --#include "com_err.h" -- --static void do_encrypt(unsigned char *, unsigned char *); --static void do_decrypt(unsigned char *, unsigned char *); -- --char *progname; --int nflag = 2; --int vflag; --int mflag; --int zflag; --int pid; --int mit_des_debug; -- --unsigned char cipher_text[64]; --unsigned char clear_text[64] = "Now is the time for all " ; --unsigned char clear_text2[64] = "7654321 Now is the time for "; --unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0}; --unsigned char output[64]; --unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0}; --unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */ --unsigned char *input; -- --/* 0x0123456789abcdef */ --unsigned char default_key[8] = { -- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef --}; --unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f }; --unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 }; --mit_des_cblock s_key; --unsigned char default_ivec[8] = { -- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef --}; --unsigned char *ivec; --unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */ -- --unsigned char cipher1[8] = { -- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67 --}; --unsigned char cipher2[8] = { -- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15 --}; --unsigned char cipher3[64] = { -- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c, -- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f, -- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6 --}; --unsigned char checksum[8] = { -- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33 --}; -- --unsigned char zresult[8] = { -- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7 --}; -- --unsigned char mresult[8] = { -- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96 --}; -- -- --/* -- * Can also add : -- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) -- */ -- --mit_des_key_schedule sched; -- --int --main(argc,argv) -- int argc; -- char *argv[]; --{ -- /* Local Declarations */ -- size_t in_length; -- int retval; -- int i, j; -- --#ifdef WINDOWS -- /* Set screen window buffer to infinite size -- MS default is tiny. */ -- _wsetscreenbuf (fileno (stdout), _WINBUFINF); --#endif -- progname=argv[0]; /* salt away invoking program */ -- -- while (--argc > 0 && (*++argv)[0] == '-') -- for (i=1; argv[0][i] != '\0'; i++) { -- switch (argv[0][i]) { -- -- /* debug flag */ -- case 'd': -- mit_des_debug=3; -- continue; -- -- case 'z': -- zflag = 1; -- continue; -- -- case 'm': -- mflag = 1; -- continue; -- -- default: -- printf("%s: illegal flag \"%c\" ", -- progname,argv[0][i]); -- exit(1); -- } -- }; -- -- if (argc) { -- fprintf(stderr, "Usage: %s [-dmz]\n", progname); -- exit(1); -- } -- -- /* do some initialisation */ -- -- /* use known input and key */ -- -- /* ECB zero text zero key */ -- if (zflag) { -- input = zero_text; -- mit_des_key_sched(zero_key, sched); -- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); -- do_encrypt(input,cipher_text); -- printf("\tcipher = (low to high bytes)\n\t\t"); -- for (j = 0; j<=7; j++) -- printf("%02x ",cipher_text[j]); -- printf("\n"); -- do_decrypt(output,cipher_text); -- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { -- printf("verify: error in zero key test\n"); -- exit(-1); -- } -- -- exit(0); -- } -- -- if (mflag) { -- input = msb_text; -- mit_des_key_sched(key3, sched); -- printf("plaintext = 0x00 00 00 00 00 00 00 40, "); -- printf("key = 0x80 01 01 01 01 01 01 01\n"); -- printf(" cipher = 0xa380e02a6be54696\n"); -- do_encrypt(input,cipher_text); -- printf("\tcipher = (low to high bytes)\n\t\t"); -- for (j = 0; j<=7; j++) { -- printf("%02x ",cipher_text[j]); -- } -- printf("\n"); -- do_decrypt(output,cipher_text); -- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { -- printf("verify: error in msb test\n"); -- exit(-1); -- } -- exit(0); -- } -- -- /* ECB mode Davies and Price */ -- { -- input = zero_text; -- mit_des_key_sched(key2, sched); -- printf("Examples per FIPS publication 81, keys ivs and cipher\n"); -- printf("in hex. These are the correct answers, see below for\n"); -- printf("the actual answers.\n\n"); -- printf("Examples per Davies and Price.\n\n"); -- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); -- printf("\tclear = 0\n"); -- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); -- printf("ACTUAL ECB\n"); -- printf("\tclear \"%s\"\n", input); -- do_encrypt(input,cipher_text); -- printf("\tcipher = (low to high bytes)\n\t\t"); -- for (j = 0; j<=7; j++) -- printf("%02x ",cipher_text[j]); -- printf("\n\n"); -- do_decrypt(output,cipher_text); -- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { -- printf("verify: error in ECB encryption\n"); -- exit(-1); -- } -- else -- printf("verify: ECB encryption is correct\n\n"); -- } -- -- /* ECB mode */ -- { -- mit_des_key_sched(default_key, sched); -- input = clear_text; -- ivec = default_ivec; -- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); -- printf("\tclear = \"Now is the time for all \"\n"); -- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); -- printf("ACTUAL ECB\n\tclear \"%s\"",input); -- do_encrypt(input,cipher_text); -- printf("\n\tcipher = (low to high bytes)\n\t\t"); -- for (j = 0; j<=7; j++) { -- printf("%02x ",cipher_text[j]); -- } -- printf("\n\n"); -- do_decrypt(output,cipher_text); -- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { -- printf("verify: error in ECB encryption\n"); -- exit(-1); -- } -- else -- printf("verify: ECB encryption is correct\n\n"); -- } -- -- /* CBC mode */ -- printf("EXAMPLE CBC\tkey = 0123456789abcdef"); -- printf("\tiv = 1234567890abcdef\n"); -- printf("\tclear = \"Now is the time for all \"\n"); -- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n"); -- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n"); -- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n"); -- -- printf("ACTUAL CBC\n\tclear \"%s\"\n",input); -- in_length = strlen((char *)input); -- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input, -- (mit_des_cblock *) cipher_text, -- (size_t) in_length, -- sched, -- ivec, -- MIT_DES_ENCRYPT))) { -- com_err("des verify", retval, "can't encrypt"); -- exit(-1); -- } -- printf("\tciphertext = (low to high bytes)\n"); -- for (i = 0; i <= 2; i++) { -- printf("\t\t"); -- for (j = 0; j <= 7; j++) { -- printf("%02x ",cipher_text[i*8+j]); -- } -- printf("\n"); -- } -- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text, -- (mit_des_cblock *) clear_text, -- (size_t) in_length, -- sched, -- ivec, -- MIT_DES_DECRYPT))) { -- com_err("des verify", retval, "can't decrypt"); -- exit(-1); -- } -- printf("\tdecrypted clear_text = \"%s\"\n",clear_text); -- -- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) { -- printf("verify: error in CBC encryption\n"); -- exit(-1); -- } -- else -- printf("verify: CBC encryption is correct\n\n"); -- -- printf("EXAMPLE CBC checksum"); -- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n"); -- printf("\tclear =\t\t\"7654321 Now is the time for \"\n"); -- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, "); -- printf("or some part thereof\n"); -- input = clear_text2; -- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input), -- sched,ivec); -- printf("ACTUAL CBC checksum\n"); -- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); -- for (j = 0; j<=7; j++) -- printf("%02x ",cipher_text[j]); -- printf("\n\n"); -- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) { -- printf("verify: error in CBC checksum\n"); -- exit(-1); -- } -- else -- printf("verify: CBC checksum is correct\n\n"); -- -- exit(0); --} -- --static void --do_encrypt(in,out) -- unsigned char *in; -- unsigned char *out; --{ -- int i, j; -- for (i =1; i<=nflag; i++) { -- mit_des_cbc_encrypt((const mit_des_cblock *)in, -- (mit_des_cblock *)out, -- 8, -- sched, -- zero_text, -- MIT_DES_ENCRYPT); -- if (mit_des_debug) { -- printf("\nclear %s\n",in); -- for (j = 0; j<=7; j++) -- printf("%02X ",in[j] & 0xff); -- printf("\tcipher "); -- for (j = 0; j<=7; j++) -- printf("%02X ",out[j] & 0xff); -- } -- } --} -- --static void --do_decrypt(in,out) -- unsigned char *out; -- unsigned char *in; -- /* try to invert it */ --{ -- int i, j; -- for (i =1; i<=nflag; i++) { -- mit_des_cbc_encrypt((const mit_des_cblock *)out, -- (mit_des_cblock *)in, -- 8, -- sched, -- zero_text, -- MIT_DES_DECRYPT); -- if (mit_des_debug) { -- printf("clear %s\n",in); -- for (j = 0; j<=7; j++) -- printf("%02X ",in[j] & 0xff); -- printf("\tcipher "); -- for (j = 0; j<=7; j++) -- printf("%02X ",out[j] & 0xff); -- } -- } --} -- --/* -- * Fake out the DES library, for the purposes of testing. -- */ -- --int --mit_des_is_weak_key(key) -- mit_des_cblock key; --{ -- return 0; /* fake it out for testing */ --} -diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c -deleted file mode 100644 -index f8304a3638..0000000000 ---- a/src/lib/crypto/builtin/des/weak_key.c -+++ /dev/null -@@ -1,90 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/builtin/des/weak_key.c */ --/* -- * Copyright 1989,1990 by the Massachusetts Institute of Technology. -- * All Rights Reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --/* -- * Under U.S. law, this software may not be exported outside the US -- * without license from the U.S. Commerce department. -- * -- * These routines form the library interface to the DES facilities. -- * -- * Originally written 8/85 by Steve Miller, MIT Project Athena. -- */ -- --#include "crypto_int.h" --#include "des_int.h" -- --#ifdef K5_BUILTIN_DES -- --/* -- * The following are the weak DES keys: -- */ --static const mit_des_cblock weak[16] = { -- /* weak keys */ -- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, -- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, -- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, -- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, -- -- /* semi-weak */ -- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, -- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, -- -- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, -- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, -- -- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, -- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, -- -- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, -- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, -- -- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, -- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, -- -- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, -- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} --}; -- --/* -- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. -- * -- * Requires: key has correct odd parity. -- */ --int --mit_des_is_weak_key(mit_des_cblock key) --{ -- unsigned int i; -- const mit_des_cblock *weak_p = weak; -- -- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { -- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) -- return 1; -- } -- -- return 0; --} -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in -index 6ad7cbd4e0..655966b255 100644 ---- a/src/lib/crypto/builtin/enc_provider/Makefile.in -+++ b/src/lib/crypto/builtin/enc_provider/Makefile.in -@@ -1,6 +1,6 @@ - mydir=lib$(S)crypto$(S)builtin$(S)enc_provider - BUILDTOP=$(REL)..$(S)..$(S)..$(S).. --LOCALINCLUDES = -I$(srcdir)/../des -I$(srcdir)/../aes -I$(srcdir)/../camellia \ -+LOCALINCLUDES = -I$(srcdir)/../aes -I$(srcdir)/../camellia \ - -I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS) - - ##DOS##BUILDTOP = ..\..\..\.. -@@ -8,19 +8,16 @@ LOCALINCLUDES = -I$(srcdir)/../des -I$(srcdir)/../aes -I$(srcdir)/../camellia \ - ##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst - - STLIBOBJS= \ -- des3.o \ - rc4.o \ - aes.o \ - camellia.o - - OBJS= \ -- $(OUTPRE)des3.$(OBJEXT) \ - $(OUTPRE)aes.$(OBJEXT) \ - $(OUTPRE)camellia.$(OBJEXT) \ - $(OUTPRE)rc4.$(OBJEXT) - - SRCS= \ -- $(srcdir)/des3.c \ - $(srcdir)/aes.c \ - $(srcdir)/camellia.c \ - $(srcdir)/rc4.c -diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps -index a3414a38ec..dc29d9fce8 100644 ---- a/src/lib/crypto/builtin/enc_provider/deps -+++ b/src/lib/crypto/builtin/enc_provider/deps -@@ -1,17 +1,6 @@ - # - # Generated makefile dependencies follow. - # --des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -- $(srcdir)/../des/des_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des3.c - aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c -deleted file mode 100644 -index c2634d5e10..0000000000 ---- a/src/lib/crypto/builtin/enc_provider/des3.c -+++ /dev/null -@@ -1,109 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* -- * Copyright (C) 1998 by the FundsXpress, INC. -- * -- * All rights reserved. -- * -- * Export of this software from the United States of America may require -- * a specific license from the United States Government. It is the -- * responsibility of any person or organization contemplating export to -- * obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of FundsXpress. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. FundsXpress makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- * -- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -- */ -- --#include "crypto_int.h" --#include "des_int.h" -- --#ifdef K5_BUILTIN_DES -- --static krb5_error_code --validate_and_schedule(krb5_key key, const krb5_data *ivec, -- const krb5_crypto_iov *data, size_t num_data, -- mit_des3_key_schedule *schedule) --{ -- if (key->keyblock.length != 24) -- return(KRB5_BAD_KEYSIZE); -- if (iov_total_length(data, num_data, FALSE) % 8 != 0) -- return(KRB5_BAD_MSIZE); -- if (ivec && (ivec->length != 8)) -- return(KRB5_BAD_MSIZE); -- -- switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents, -- *schedule)) { -- case -1: -- return(KRB5DES_BAD_KEYPAR); -- case -2: -- return(KRB5DES_WEAK_KEY); -- } -- return 0; --} -- --static krb5_error_code --k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, -- size_t num_data) --{ -- mit_des3_key_schedule schedule; -- krb5_error_code err; -- -- err = validate_and_schedule(key, ivec, data, num_data, &schedule); -- if (err) -- return err; -- -- /* this has a return value, but the code always returns zero */ -- krb5int_des3_cbc_encrypt(data, num_data, -- schedule[0], schedule[1], schedule[2], -- ivec != NULL ? (unsigned char *) ivec->data : -- NULL); -- -- zap(schedule, sizeof(schedule)); -- -- return(0); --} -- --static krb5_error_code --k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, -- size_t num_data) --{ -- mit_des3_key_schedule schedule; -- krb5_error_code err; -- -- err = validate_and_schedule(key, ivec, data, num_data, &schedule); -- if (err) -- return err; -- -- /* this has a return value, but the code always returns zero */ -- krb5int_des3_cbc_decrypt(data, num_data, -- schedule[0], schedule[1], schedule[2], -- ivec != NULL ? (unsigned char *) ivec->data : -- NULL); -- -- zap(schedule, sizeof(schedule)); -- -- return 0; --} -- --const struct krb5_enc_provider krb5int_enc_des3 = { -- 8, -- 21, 24, -- k5_des3_encrypt, -- k5_des3_decrypt, -- NULL, -- krb5int_des_init_state, -- krb5int_default_free_state --}; -- --#endif /* K5_BUILTIN_DES */ -diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected -index f8251a16cb..bc6aa50c84 100644 ---- a/src/lib/crypto/crypto_tests/t_cf2.expected -+++ b/src/lib/crypto/crypto_tests/t_cf2.expected -@@ -1,6 +1,5 @@ - 97df97e4b798b29eb31ed7280287a92a - 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b --e58f9eb643862c13ad38e529313462a7f73e62834fe54a01 - 24d7f6b6bae4e5c00d2082c5ebab3672 - edd02a39d2dbde31611c16e610be062c - 67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584 -diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in -index 73e2f8fbc9..c4d23b506b 100644 ---- a/src/lib/crypto/crypto_tests/t_cf2.in -+++ b/src/lib/crypto/crypto_tests/t_cf2.in -@@ -8,11 +8,6 @@ key1 - key2 - a - b --16 --key1 --key2 --a --b - 23 - key1 - key2 -diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c -index 557340ec5e..9f9a177ef0 100644 ---- a/src/lib/crypto/crypto_tests/t_cksums.c -+++ b/src/lib/crypto/crypto_tests/t_cksums.c -@@ -59,16 +59,6 @@ struct test { - "\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90" - "\xAF\xD8\x07\x09" } - }, -- { -- { KV5M_DATA, 9, "six seven" }, -- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2, -- { KV5M_DATA, 24, -- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23" -- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" }, -- { KV5M_DATA, 20, -- "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6" -- "\x99\x08\x2B\xB4" } -- }, - { - { KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" }, - CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3, -diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c -index a40a855007..716f2c337a 100644 ---- a/src/lib/crypto/crypto_tests/t_decrypt.c -+++ b/src/lib/crypto/crypto_tests/t_decrypt.c -@@ -39,62 +39,6 @@ struct test { - krb5_data keybits; - krb5_data ciphertext; - } test_cases[] = { -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 0, "", }, 0, -- { KV5M_DATA, 24, -- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23" -- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" }, -- { KV5M_DATA, 28, -- "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B" -- "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" } -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 1, "1", }, 1, -- { KV5M_DATA, 24, -- "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6" -- "\x40\x45\x23\x85\x32\x29\x62\xB6" }, -- { KV5M_DATA, 36, -- "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3" -- "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56" -- "\x66\x09\x45\xC7" } -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 9, "9 bytesss", }, 2, -- { KV5M_DATA, 24, -- "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85" -- "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" }, -- { KV5M_DATA, 44, -- "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7" -- "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44" -- "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" } -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 13, "13 bytes byte", }, 3, -- { KV5M_DATA, 24, -- "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51" -- "\x76\xE3\x98\x13\x32\xF1\xE5\x98" }, -- { KV5M_DATA, 44, -- "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C" -- "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8" -- "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" } -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4, -- { KV5M_DATA, 24, -- "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20" -- "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" }, -- { KV5M_DATA, 60, -- "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5" -- "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40" -- "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C" -- "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" } -- }, -- - { - ENCTYPE_ARCFOUR_HMAC, - { KV5M_DATA, 0, "", }, 0, -@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len) - - static krb5_enctype - enctypes[] = { -- ENCTYPE_DES3_CBC_SHA1, - ENCTYPE_ARCFOUR_HMAC, - ENCTYPE_ARCFOUR_HMAC_EXP, - ENCTYPE_AES128_CTS_HMAC_SHA1_96, -diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c -index afbf7477f6..93ce30da20 100644 ---- a/src/lib/crypto/crypto_tests/t_derive.c -+++ b/src/lib/crypto/crypto_tests/t_derive.c -@@ -38,41 +38,6 @@ struct test { - enum deriv_alg alg; - krb5_data expected_key; - } test_cases[] = { -- /* Kc, Ke, Kei for a DES3 key */ -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 24, -- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE" -- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, -- { KV5M_DATA, 5, "\0\0\0\2\x99" }, -- DERIVE_RFC3961, -- { KV5M_DATA, 24, -- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C" -- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" } -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 24, -- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE" -- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, -- { KV5M_DATA, 5, "\0\0\0\2\xAA" }, -- DERIVE_RFC3961, -- { KV5M_DATA, 24, -- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D" -- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" } -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- { KV5M_DATA, 24, -- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE" -- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, -- { KV5M_DATA, 5, "\0\0\0\2\x55" }, -- DERIVE_RFC3961, -- { KV5M_DATA, 24, -- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE" -- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" } -- }, -- - /* Kc, Ke, Ki for an AES-128 key */ - { - ENCTYPE_AES128_CTS_HMAC_SHA1_96, -@@ -286,7 +251,6 @@ static const struct krb5_enc_provider * - get_enc_provider(krb5_enctype enctype) - { - switch (enctype) { -- case ENCTYPE_DES3_CBC_SHA1: return &krb5int_enc_des3; - case ENCTYPE_AES128_CTS_HMAC_SHA1_96: return &krb5int_enc_aes128; - case ENCTYPE_AES256_CTS_HMAC_SHA1_96: return &krb5int_enc_aes256; - case ENCTYPE_CAMELLIA128_CTS_CMAC: return &krb5int_enc_camellia128; -diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c -index bd9b94691c..290a72e1e0 100644 ---- a/src/lib/crypto/crypto_tests/t_encrypt.c -+++ b/src/lib/crypto/crypto_tests/t_encrypt.c -@@ -37,7 +37,6 @@ - - /* What enctypes should we test?*/ - krb5_enctype interesting_enctypes[] = { -- ENCTYPE_DES3_CBC_SHA1, - ENCTYPE_ARCFOUR_HMAC, - ENCTYPE_ARCFOUR_HMAC_EXP, - ENCTYPE_AES256_CTS_HMAC_SHA1_96, -diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c -index d4c2b97dfd..4466b71158 100644 ---- a/src/lib/crypto/crypto_tests/t_short.c -+++ b/src/lib/crypto/crypto_tests/t_short.c -@@ -34,7 +34,6 @@ - #include "k5-int.h" - - krb5_enctype interesting_enctypes[] = { -- ENCTYPE_DES3_CBC_SHA1, - ENCTYPE_ARCFOUR_HMAC, - ENCTYPE_ARCFOUR_HMAC_EXP, - ENCTYPE_AES256_CTS_HMAC_SHA1_96, -diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c -index cdb1acc6d0..ef4c4a7d3b 100644 ---- a/src/lib/crypto/crypto_tests/t_str2key.c -+++ b/src/lib/crypto/crypto_tests/t_str2key.c -@@ -35,58 +35,6 @@ struct test { - krb5_error_code expected_err; - krb5_boolean allow_weak; - } test_cases[] = { -- /* Test vectors from RFC 3961 appendix A.4. */ -- { -- ENCTYPE_DES3_CBC_SHA1, -- "password", -- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" }, -- { KV5M_DATA, 0, NULL }, -- { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C" -- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, -- 0, -- FALSE -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- "potatoe", -- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" }, -- { KV5M_DATA, 0, NULL }, -- { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37" -- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" }, -- 0, -- FALSE -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- "penny", -- { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" }, -- { KV5M_DATA, 0, NULL }, -- { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA" -- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" }, -- 0, -- FALSE -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- "\xC3\x9F", -- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" }, -- { KV5M_DATA, 0, NULL }, -- { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0" -- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" }, -- 0, -- FALSE -- }, -- { -- ENCTYPE_DES3_CBC_SHA1, -- "\xF0\x9D\x84\x9E", -- { KV5M_DATA, 18, "EXAMPLE.COMpianist" }, -- { KV5M_DATA, 0, NULL }, -- { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E" -- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" }, -- 0, -- FALSE -- }, -- - /* Test vectors from RFC 3962 appendix B. */ - { - ENCTYPE_AES128_CTS_HMAC_SHA1_96, -diff --git a/src/lib/crypto/crypto_tests/vectors.c b/src/lib/crypto/crypto_tests/vectors.c -index bcf5c9106f..eb107dbcd2 100644 ---- a/src/lib/crypto/crypto_tests/vectors.c -+++ b/src/lib/crypto/crypto_tests/vectors.c -@@ -190,8 +190,6 @@ test_s2k (krb5_enctype enctype) - } - } - --static void test_des3_s2k () { test_s2k (ENCTYPE_DES3_CBC_SHA1); } -- - static void - keyToData (krb5_keyblock *k, krb5_data *d) - { -@@ -208,8 +206,6 @@ void check_error (int r, int line) { - } - #define CHECK check_error(r, __LINE__) - --extern struct krb5_enc_provider krb5int_enc_des3; --struct krb5_enc_provider *enc = &krb5int_enc_des3; - extern struct krb5_enc_provider krb5int_enc_aes128, krb5int_enc_aes256; - - void DK (krb5_keyblock *out, krb5_keyblock *in, const krb5_data *usage) { -diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in -index cb2e40a3a5..f66698bd53 100644 ---- a/src/lib/crypto/krb/Makefile.in -+++ b/src/lib/crypto/krb/Makefile.in -@@ -47,7 +47,6 @@ STLIBOBJS=\ - prf.o \ - prf_aes2.o \ - prf_cmac.o \ -- prf_des.o \ - prf_dk.o \ - prf_rc4.o \ - prng.o \ -@@ -103,7 +102,6 @@ OBJS=\ - $(OUTPRE)prf.$(OBJEXT) \ - $(OUTPRE)prf_aes2.$(OBJEXT) \ - $(OUTPRE)prf_cmac.$(OBJEXT) \ -- $(OUTPRE)prf_des.$(OBJEXT) \ - $(OUTPRE)prf_dk.$(OBJEXT) \ - $(OUTPRE)prf_rc4.$(OBJEXT) \ - $(OUTPRE)prng.$(OBJEXT) \ -@@ -159,7 +157,6 @@ SRCS=\ - $(srcdir)/prf.c \ - $(srcdir)/prf_aes2.c \ - $(srcdir)/prf_cmac.c \ -- $(srcdir)/prf_des.c \ - $(srcdir)/prf_dk.c \ - $(srcdir)/prf_rc4.c \ - $(srcdir)/prng.c \ -diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c -index f7ba322f24..25a3ffd2d2 100644 ---- a/src/lib/crypto/krb/cksumtypes.c -+++ b/src/lib/crypto/krb/cksumtypes.c -@@ -52,12 +52,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = { - krb5int_unkeyed_checksum, NULL, - 20, 20, CKSUM_UNKEYED }, - -- { CKSUMTYPE_HMAC_SHA1_DES3, -- "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key", -- &krb5int_enc_des3, &krb5int_hash_sha1, -- krb5int_dk_checksum, NULL, -- 20, 20, 0 }, -- - { CKSUMTYPE_HMAC_MD5_ARCFOUR, - "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" }, - "Microsoft HMAC MD5", -diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h -index 3629616d96..1ee4b30e02 100644 ---- a/src/lib/crypto/krb/crypto_int.h -+++ b/src/lib/crypto/krb/crypto_int.h -@@ -332,8 +332,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc, - /* Random to key */ - krb5_error_code k5_rand2key_direct(const krb5_data *randombits, - krb5_keyblock *keyblock); --krb5_error_code k5_rand2key_des3(const krb5_data *randombits, -- krb5_keyblock *keyblock); - - /* Pseudo-random function */ - krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp, -@@ -411,11 +409,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); - /* Ensure library initialization has occurred. */ - int krb5int_crypto_init(void); - --/* DES default state initialization handler (used by module enc providers). */ --krb5_error_code krb5int_des_init_state(const krb5_keyblock *key, -- krb5_keyusage keyusage, -- krb5_data *state_out); -- - /* Default state cleanup handler (used by module enc providers). */ - void krb5int_default_free_state(krb5_data *state); - -@@ -468,7 +461,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block); - /* Modules must implement the k5_sha256() function prototyped in k5-int.h. */ - - /* Modules must implement the following enc_providers and hash_providers: */ --extern const struct krb5_enc_provider krb5int_enc_des3; - extern const struct krb5_enc_provider krb5int_enc_arcfour; - extern const struct krb5_enc_provider krb5int_enc_aes128; - extern const struct krb5_enc_provider krb5int_enc_aes256; -@@ -485,9 +477,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384; - - /* Modules must implement the following functions. */ - --/* Set the parity bits to the correct values in keybits. */ --void k5_des_fixup_key_parity(unsigned char *keybits); -- - /* Compute an HMAC using the provided hash function, key, and data, storing the - * result into output (caller-allocated). */ - krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, -diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c -index 0757c8b02c..f89dc79023 100644 ---- a/src/lib/crypto/krb/default_state.c -+++ b/src/lib/crypto/krb/default_state.c -@@ -32,16 +32,6 @@ - - #include "crypto_int.h" - --krb5_error_code --krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage, -- krb5_data *state_out) --{ -- if (alloc_data(state_out, 8)) -- return ENOMEM; -- -- return 0; --} -- - void - krb5int_default_free_state(krb5_data *state) - { -diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c -index 1542d40629..a0037912a7 100644 ---- a/src/lib/crypto/krb/enctype_util.c -+++ b/src/lib/crypto/krb/enctype_util.c -@@ -45,6 +45,9 @@ struct { - { ENCTYPE_DES_CBC_MD5, "des-cbc-md5" }, - { ENCTYPE_DES_CBC_RAW, "des-cbc-raw" }, - { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" }, -+ { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" }, -+ { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" }, -+ { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" }, - { ENCTYPE_NULL, NULL } - }; - -diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c -index fc278783b9..7635393a41 100644 ---- a/src/lib/crypto/krb/etypes.c -+++ b/src/lib/crypto/krb/etypes.c -@@ -35,27 +35,6 @@ - - /* Deprecations come from RFC 6649 and RFC 8249. */ - const struct krb5_keytypes krb5int_enctypes_list[] = { -- { ENCTYPE_DES3_CBC_RAW, -- "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw", -- &krb5int_enc_des3, NULL, -- 16, -- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt, -- krb5int_dk_string_to_key, k5_rand2key_des3, -- NULL, /*PRF*/ -- 0, -- ETYPE_WEAK | ETYPE_DEPRECATED, 112 }, -- -- { ENCTYPE_DES3_CBC_SHA1, -- "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" }, -- "Triple DES cbc mode with HMAC/sha1", -- &krb5int_enc_des3, &krb5int_hash_sha1, -- 16, -- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, -- krb5int_dk_string_to_key, k5_rand2key_des3, -- krb5int_dk_prf, -- CKSUMTYPE_HMAC_SHA1_DES3, -- ETYPE_DEPRECATED, 112 }, -- - /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we - * consider its strength degraded and assign it an SSF value of 64. */ - { ENCTYPE_ARCFOUR_HMAC, -diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c -deleted file mode 100644 -index 7a2d719c5f..0000000000 ---- a/src/lib/crypto/krb/prf_des.c -+++ /dev/null -@@ -1,47 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */ --/* -- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --#include "crypto_int.h" -- --krb5_error_code --krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, -- const krb5_data *in, krb5_data *out) --{ -- const struct krb5_hash_provider *hash = &krb5int_hash_md5; -- krb5_crypto_iov iov; -- krb5_error_code ret; -- -- /* Compute a hash of the input, storing into the output buffer. */ -- iov.flags = KRB5_CRYPTO_TYPE_DATA; -- iov.data = *in; -- ret = hash->hash(&iov, 1, out); -- if (ret != 0) -- return ret; -- -- /* Encrypt the hash in place. */ -- iov.data = *out; -- return ktp->enc->encrypt(key, NULL, &iov, 1); --} -diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c -index 9394385aa0..863090beb2 100644 ---- a/src/lib/crypto/krb/random_to_key.c -+++ b/src/lib/crypto/krb/random_to_key.c -@@ -71,31 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock) - memcpy(keyblock->contents, randombits->data, randombits->length); - return 0; - } -- --static inline void --eighth_byte(unsigned char *b) --{ -- b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) | -- ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) | -- ((b[6] & 1) << 7)); --} -- --krb5_error_code --k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock) --{ -- int i; -- -- if (randombits->length != 21) -- return KRB5_CRYPTO_INTERNAL; -- -- keyblock->magic = KV5M_KEYBLOCK; -- -- /* Take the seven bytes, move them around into the top 7 bits of the -- * 8 key bytes, then compute the parity bits. Do this three times. */ -- for (i = 0; i < 3; i++) { -- memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7); -- eighth_byte(&keyblock->contents[i * 8]); -- k5_des_fixup_key_parity(&keyblock->contents[i * 8]); -- } -- return 0; --} -diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports -index 052f4d4b51..d8ffa63304 100644 ---- a/src/lib/crypto/libk5crypto.exports -+++ b/src/lib/crypto/libk5crypto.exports -@@ -86,7 +86,6 @@ krb5_k_verify_checksum - krb5_k_verify_checksum_iov - krb5int_aes_encrypt - krb5int_aes_decrypt --krb5int_enc_des3 - krb5int_arcfour_gsscrypt - krb5int_camellia_encrypt - krb5int_cmac_checksum -diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in -index 08de047d0a..88f7fd0a09 100644 ---- a/src/lib/crypto/openssl/Makefile.in -+++ b/src/lib/crypto/openssl/Makefile.in -@@ -1,6 +1,6 @@ - mydir=lib$(S)crypto$(S)openssl - BUILDTOP=$(REL)..$(S)..$(S).. --SUBDIRS=des enc_provider hash_provider -+SUBDIRS=enc_provider hash_provider - LOCALINCLUDES=-I$(srcdir)/../krb $(CRYPTO_IMPL_CFLAGS) - - STLIBOBJS=\ -@@ -24,14 +24,14 @@ SRCS=\ - $(srcdir)/pbkdf2.c \ - $(srcdir)/sha256.c - --STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ -+STOBJLISTS= md4/OBJS.ST \ - md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ - enc_provider/OBJS.ST \ - hash_provider/OBJS.ST \ - aes/OBJS.ST \ - OBJS.ST - --SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ -+SUBDIROBJLISTS= md4/OBJS.ST \ - md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ - enc_provider/OBJS.ST \ - hash_provider/OBJS.ST \ -@@ -42,7 +42,7 @@ includes: depend - - depend: $(SRCS) - --clean-unix:: clean-libobjs -+clean-unix:: clean-libobjsn - - @lib_frag@ - @libobj_frag@ -diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in -deleted file mode 100644 -index a6cece1dd1..0000000000 ---- a/src/lib/crypto/openssl/des/Makefile.in -+++ /dev/null -@@ -1,20 +0,0 @@ --mydir=lib$(S)crypto$(S)openssl$(S)des --BUILDTOP=$(REL)..$(S)..$(S)..$(S).. --LOCALINCLUDES = -I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS) -- --STLIBOBJS= des_keys.o -- --OBJS= $(OUTPRE)des_keys.$(OBJEXT) -- --SRCS= $(srcdir)/des_keys.c -- --all-unix: all-libobjs -- --includes: depend -- --depend: $(SRCS) -- --clean-unix:: clean-libobjs -- --@libobj_frag@ -- -diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps -deleted file mode 100644 -index 723c268082..0000000000 ---- a/src/lib/crypto/openssl/des/deps -+++ /dev/null -@@ -1,14 +0,0 @@ --# --# Generated makefile dependencies follow. --# --des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \ -- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ -- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ -- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ -- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ -- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ -- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ -- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ -- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ -- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ -- $(top_srcdir)/include/socket-utils.h des_keys.c -diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c -deleted file mode 100644 -index 83f1cbf22a..0000000000 ---- a/src/lib/crypto/openssl/des/des_keys.c -+++ /dev/null -@@ -1,39 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */ --/* -- * Copyright (C) 2011 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ -- --#include "crypto_int.h" -- --#ifdef K5_OPENSSL_DES_KEY_PARITY -- --#include -- --void --k5_des_fixup_key_parity(unsigned char *keybits) --{ -- DES_set_odd_parity((DES_cblock *)keybits); --} -- --#endif -diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in -index 26827cfed5..f0d37c1213 100644 ---- a/src/lib/crypto/openssl/enc_provider/Makefile.in -+++ b/src/lib/crypto/openssl/enc_provider/Makefile.in -@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S).. - LOCALINCLUDES = -I$(srcdir)/../../krb $(CRYPTO_IMPL_CFLAGS) - - STLIBOBJS= \ -- des3.o \ - rc4.o \ - aes.o \ - camellia.o - - OBJS= \ -- $(OUTPRE)des3.$(OBJEXT) \ - $(OUTPRE)aes.$(OBJEXT) \ - $(OUTPRE)camellia.$(OBJEXT) \ - $(OUTPRE)rc4.$(OBJEXT) - - SRCS= \ -- $(srcdir)/des3.c \ - $(srcdir)/aes.c \ - $(srcdir)/camellia.c \ - $(srcdir)/rc4.c -diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps -index 1c87a526d0..a502990a0c 100644 ---- a/src/lib/crypto/openssl/enc_provider/deps -+++ b/src/lib/crypto/openssl/enc_provider/deps -@@ -1,17 +1,6 @@ - # - # Generated makefile dependencies follow. - # --des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ -- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ -- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ -- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ -- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ -- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ -- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ -- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ -- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ -- des3.c - aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ -diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c -deleted file mode 100644 -index 90fcf9acb5..0000000000 ---- a/src/lib/crypto/openssl/enc_provider/des3.c -+++ /dev/null -@@ -1,188 +0,0 @@ --/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ --/* lib/crypto/openssl/enc_provider/des3.c */ --/* -- * Copyright (C) 2009 by the Massachusetts Institute of Technology. -- * All rights reserved. -- * -- * Export of this software from the United States of America may -- * require a specific license from the United States Government. -- * It is the responsibility of any person or organization contemplating -- * export to obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of M.I.T. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. Furthermore if you modify this software you must label -- * your software as modified software and not distribute it in such a -- * fashion that it might be confused with the original M.I.T. software. -- * M.I.T. makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- */ --/* -- * Copyright (C) 1998 by the FundsXpress, INC. -- * -- * All rights reserved. -- * -- * Export of this software from the United States of America may require -- * a specific license from the United States Government. It is the -- * responsibility of any person or organization contemplating export to -- * obtain such a license before exporting. -- * -- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -- * distribute this software and its documentation for any purpose and -- * without fee is hereby granted, provided that the above copyright -- * notice appear in all copies and that both that copyright notice and -- * this permission notice appear in supporting documentation, and that -- * the name of FundsXpress. not be used in advertising or publicity pertaining -- * to distribution of the software without specific, written prior -- * permission. FundsXpress makes no representations about the suitability of -- * this software for any purpose. It is provided "as is" without express -- * or implied warranty. -- * -- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -- */ -- --#include "crypto_int.h" -- --#ifdef K5_OPENSSL_DES -- --#include -- --#define DES3_BLOCK_SIZE 8 --#define DES3_KEY_SIZE 24 --#define DES3_KEY_BYTES 21 -- --static krb5_error_code --validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, -- size_t num_data, krb5_boolean *empty) --{ -- size_t input_length = iov_total_length(data, num_data, FALSE); -- -- if (key->keyblock.length != DES3_KEY_SIZE) -- return(KRB5_BAD_KEYSIZE); -- if ((input_length%DES3_BLOCK_SIZE) != 0) -- return(KRB5_BAD_MSIZE); -- if (ivec && (ivec->length != 8)) -- return(KRB5_BAD_MSIZE); -- -- *empty = (input_length == 0); -- return 0; --} -- --static krb5_error_code --k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, -- size_t num_data) --{ -- int ret, olen = DES3_BLOCK_SIZE; -- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE]; -- struct iov_cursor cursor; -- EVP_CIPHER_CTX *ctx; -- krb5_boolean empty; -- -- ret = validate(key, ivec, data, num_data, &empty); -- if (ret != 0 || empty) -- return ret; -- -- ctx = EVP_CIPHER_CTX_new(); -- if (ctx == NULL) -- return ENOMEM; -- -- ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, -- key->keyblock.contents, -- (ivec) ? (unsigned char*)ivec->data : NULL); -- if (!ret) { -- EVP_CIPHER_CTX_free(ctx); -- return KRB5_CRYPTO_INTERNAL; -- } -- -- EVP_CIPHER_CTX_set_padding(ctx,0); -- -- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE); -- while (k5_iov_cursor_get(&cursor, iblock)) { -- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE); -- if (!ret) -- break; -- k5_iov_cursor_put(&cursor, oblock); -- } -- -- if (ivec != NULL) -- memcpy(ivec->data, oblock, DES3_BLOCK_SIZE); -- -- EVP_CIPHER_CTX_free(ctx); -- -- zap(iblock, sizeof(iblock)); -- zap(oblock, sizeof(oblock)); -- -- if (ret != 1) -- return KRB5_CRYPTO_INTERNAL; -- return 0; --} -- --static krb5_error_code --k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, -- size_t num_data) --{ -- int ret, olen = DES3_BLOCK_SIZE; -- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE]; -- struct iov_cursor cursor; -- EVP_CIPHER_CTX *ctx; -- krb5_boolean empty; -- -- ret = validate(key, ivec, data, num_data, &empty); -- if (ret != 0 || empty) -- return ret; -- -- ctx = EVP_CIPHER_CTX_new(); -- if (ctx == NULL) -- return ENOMEM; -- -- ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, -- key->keyblock.contents, -- (ivec) ? (unsigned char*)ivec->data : NULL); -- if (!ret) { -- EVP_CIPHER_CTX_free(ctx); -- return KRB5_CRYPTO_INTERNAL; -- } -- -- EVP_CIPHER_CTX_set_padding(ctx,0); -- -- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE); -- while (k5_iov_cursor_get(&cursor, iblock)) { -- ret = EVP_DecryptUpdate(ctx, oblock, &olen, -- (unsigned char *)iblock, DES3_BLOCK_SIZE); -- if (!ret) -- break; -- k5_iov_cursor_put(&cursor, oblock); -- } -- -- if (ivec != NULL) -- memcpy(ivec->data, iblock, DES3_BLOCK_SIZE); -- -- EVP_CIPHER_CTX_free(ctx); -- -- zap(iblock, sizeof(iblock)); -- zap(oblock, sizeof(oblock)); -- -- if (ret != 1) -- return KRB5_CRYPTO_INTERNAL; -- return 0; --} -- --const struct krb5_enc_provider krb5int_enc_des3 = { -- DES3_BLOCK_SIZE, -- DES3_KEY_BYTES, DES3_KEY_SIZE, -- k5_des3_encrypt, -- k5_des3_decrypt, -- NULL, -- krb5int_des_init_state, -- krb5int_default_free_state --}; -- --#endif /* K5_OPENSSL_DES */ -diff --git a/src/lib/crypto/openssl/kdf.c b/src/lib/crypto/openssl/kdf.c -index 41e845eae0..5a43c3d9eb 100644 ---- a/src/lib/crypto/openssl/kdf.c -+++ b/src/lib/crypto/openssl/kdf.c -@@ -60,8 +60,6 @@ enc_name(const struct krb5_enc_provider *enc) - return "AES-128-CBC"; - if (enc == &krb5int_enc_aes256) - return "AES-256-CBC"; -- if (enc == &krb5int_enc_des3) -- return "DES-EDE3-CBC"; - return NULL; - } - -diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c -index d4e90793f9..1bc807172b 100644 ---- a/src/lib/gssapi/krb5/accept_sec_context.c -+++ b/src/lib/gssapi/krb5/accept_sec_context.c -@@ -1030,7 +1030,6 @@ kg_accept_krb5(minor_status, context_handle, - } - - switch (negotiated_etype) { -- case ENCTYPE_DES3_CBC_SHA1: - case ENCTYPE_ARCFOUR_HMAC: - case ENCTYPE_ARCFOUR_HMAC_EXP: - /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" -diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h -index a4446530fc..88d41130a7 100644 ---- a/src/lib/gssapi/krb5/gssapiP_krb5.h -+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h -@@ -125,14 +125,14 @@ enum sgn_alg { - /* SGN_ALG_DES_MAC = 0x0002, */ - /* SGN_ALG_3 = 0x0003, /\* not published *\/ */ - SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */ -- SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 -+ /* SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 */ - }; - enum seal_alg { - SEAL_ALG_NONE = 0xffff, - /* SEAL_ALG_DES = 0x0000, */ - /* SEAL_ALG_1 = 0x0001, /\* not published *\/ */ - SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */ -- SEAL_ALG_DES3KD = 0x0002 -+ /* SEAL_ALG_DES3KD = 0x0002 */ - }; - - /* for 3DES */ -@@ -153,7 +153,7 @@ enum qop { - GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004, - GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff, - /* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */ -- GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, -+ /* GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, */ - GSS_KRB5_CONF_C_QOP_MASK = 0xff00 - }; - -diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c -index d1cdce486f..7f7146a0a2 100644 ---- a/src/lib/gssapi/krb5/k5seal.c -+++ b/src/lib/gssapi/krb5/k5seal.c -@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context, - - /* pad the plaintext, encrypt if needed, and stick it in the token */ - -- /* initialize the the checksum */ -- switch (signalg) { -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; -- break; -- case SGN_ALG_HMAC_MD5: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; -- if (toktype != KG_TOK_SEAL_MSG) -- sign_usage = 15; -- break; -- default: -- abort (); -- } -+ if (signalg != SGN_ALG_HMAC_MD5) -+ abort(); -+ -+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; -+ if (toktype != KG_TOK_SEAL_MSG) -+ sign_usage = 15; - - code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); - if (code) { -@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context, - gssalloc_free(t); - return(code); - } -- switch(signalg) { -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- /* -- * Using key derivation, the call to krb5_c_make_checksum -- * already dealt with encrypting. -- */ -- if (md5cksum.length != cksum_size) -- abort (); -- memcpy (ptr+14, md5cksum.contents, md5cksum.length); -- break; -- case SGN_ALG_HMAC_MD5: -- memcpy (ptr+14, md5cksum.contents, cksum_size); -- break; -- } -+ -+ memcpy (ptr+14, md5cksum.contents, cksum_size); - - krb5_free_checksum_contents(context, &md5cksum); - -diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c -index 9bb2ee1099..9147bb2c78 100644 ---- a/src/lib/gssapi/krb5/k5sealiov.c -+++ b/src/lib/gssapi/krb5/k5sealiov.c -@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context, - /* pad the plaintext, encrypt if needed, and stick it in the token */ - - /* initialize the checksum */ -- switch (ctx->signalg) { -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; -- break; -- case SGN_ALG_HMAC_MD5: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; -- if (toktype != KG_TOK_WRAP_MSG) -- sign_usage = 15; -- break; -- default: -- abort (); -- } -+ if (ctx->signalg != SGN_ALG_HMAC_MD5) -+ abort(); -+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; -+ if (toktype != KG_TOK_WRAP_MSG) -+ sign_usage = 15; - - code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen); - if (code != 0) -@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context, - if (code != 0) - goto cleanup; - -- switch (ctx->signalg) { -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- assert(md5cksum.length == ctx->cksum_size); -- memcpy(ptr + 14, md5cksum.contents, md5cksum.length); -- break; -- case SGN_ALG_HMAC_MD5: -- memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size); -- break; -- } -+ memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size); - - /* create the seq_num */ - code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF, -diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c -index 9b183bc337..f0cc4a6809 100644 ---- a/src/lib/gssapi/krb5/k5unseal.c -+++ b/src/lib/gssapi/krb5/k5unseal.c -@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, - but few enough that we can try them all. */ - - if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || -- (ctx->sealalg == SEAL_ALG_DES3KD && -- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| - (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && - signalg != SGN_ALG_HMAC_MD5)) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - -- switch (signalg) { -- case SGN_ALG_HMAC_MD5: -- cksum_len = 8; -- if (toktype != KG_TOK_SEAL_MSG) -- sign_usage = 15; -- break; -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- cksum_len = 20; -- break; -- default: -+ if (signalg != SGN_ALG_HMAC_MD5) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - -+ cksum_len = 8; -+ if (toktype != KG_TOK_SEAL_MSG) -+ sign_usage = 15; -+ - if ((size_t)bodysize < 14 + cksum_len) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; -@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, - /* compute the checksum of the message */ - - /* initialize the the cksum */ -- switch (signalg) { -- case SGN_ALG_HMAC_MD5: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; -- break; -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; -- break; -- default: -- abort (); -- } -+ if (signalg != SGN_ALG_HMAC_MD5) -+ abort(); -+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; - - code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); - if (code) - return(code); - md5cksum.length = sumlen; - -- switch (signalg) { -- default: -+ if (signalg != SGN_ALG_HMAC_MD5) { - *minor_status = 0; - return(GSS_S_DEFECTIVE_TOKEN); -+ } - -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- case SGN_ALG_HMAC_MD5: -- /* compute the checksum of the message */ -- -- /* 8 = bytes of token body to be checksummed according to spec */ -+ /* compute the checksum of the message */ - -- if (! (data_ptr = xmalloc(8 + plainlen))) { -- if (sealalg != 0xffff) -- xfree(plain); -- if (toktype == KG_TOK_SEAL_MSG) -- gssalloc_free(token.value); -- *minor_status = ENOMEM; -- return(GSS_S_FAILURE); -- } -+ /* 8 = bytes of token body to be checksummed according to spec */ - -- (void) memcpy(data_ptr, ptr-2, 8); -+ if (! (data_ptr = xmalloc(8 + plainlen))) { -+ if (sealalg != 0xffff) -+ xfree(plain); -+ if (toktype == KG_TOK_SEAL_MSG) -+ gssalloc_free(token.value); -+ *minor_status = ENOMEM; -+ return(GSS_S_FAILURE); -+ } - -- (void) memcpy(data_ptr+8, plain, plainlen); -+ (void) memcpy(data_ptr, ptr-2, 8); - -- plaind.length = 8 + plainlen; -- plaind.data = data_ptr; -- code = krb5_k_make_checksum(context, md5cksum.checksum_type, -- ctx->seq, sign_usage, -- &plaind, &md5cksum); -- xfree(data_ptr); -+ (void) memcpy(data_ptr+8, plain, plainlen); - -- if (code) { -- if (toktype == KG_TOK_SEAL_MSG) -- gssalloc_free(token.value); -- *minor_status = code; -- return(GSS_S_FAILURE); -- } -+ plaind.length = 8 + plainlen; -+ plaind.data = data_ptr; -+ code = krb5_k_make_checksum(context, md5cksum.checksum_type, -+ ctx->seq, sign_usage, -+ &plaind, &md5cksum); -+ xfree(data_ptr); - -- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); -- break; -+ if (code) { -+ if (toktype == KG_TOK_SEAL_MSG) -+ gssalloc_free(token.value); -+ *minor_status = code; -+ return(GSS_S_FAILURE); - } - -+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); -+ - krb5_free_checksum_contents(context, &md5cksum); - if (sealalg != 0xffff) - xfree(plain); -diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c -index 85a9574f36..3ce2a90ce9 100644 ---- a/src/lib/gssapi/krb5/k5unsealiov.c -+++ b/src/lib/gssapi/krb5/k5unsealiov.c -@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context, - } - - if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || -- (ctx->sealalg == SEAL_ALG_DES3KD && -- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| - (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && - signalg != SGN_ALG_HMAC_MD5)) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - -- switch (signalg) { -- case SGN_ALG_HMAC_MD5: -- cksum_len = 8; -- if (toktype != KG_TOK_WRAP_MSG) -- sign_usage = 15; -- break; -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- cksum_len = 20; -- break; -- default: -+ if (signalg != SGN_ALG_HMAC_MD5) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - -+ cksum_len = 8; -+ if (toktype != KG_TOK_WRAP_MSG) -+ sign_usage = 15; -+ - /* get the token parameters */ - code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction, - &seqnum); -@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context, - - /* initialize the checksum */ - -- switch (signalg) { -- case SGN_ALG_HMAC_MD5: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; -- break; -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; -- break; -- default: -+ if (signalg != SGN_ALG_HMAC_MD5) - abort(); -- } -+ -+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; - - code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); - if (code != 0) { -@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context, - goto cleanup; - } - -- switch (signalg) { -- case SGN_ALG_HMAC_SHA1_DES3_KD: -- case SGN_ALG_HMAC_MD5: -- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); -- break; -- default: -+ if (signalg != SGN_ALG_HMAC_MD5) { - code = 0; - retval = GSS_S_DEFECTIVE_TOKEN; - goto cleanup; -- break; - } - -+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); - if (code != 0) { - code = 0; - retval = GSS_S_BAD_SIG; -diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c -index 84f1949887..32150f5e34 100644 ---- a/src/lib/gssapi/krb5/util_crypt.c -+++ b/src/lib/gssapi/krb5/util_crypt.c -@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey, - return code; - - switch (subkey->keyblock.enctype) { -- case ENCTYPE_DES3_CBC_SHA1: -- code = kg_copy_keys(context, ctx, subkey); -- if (code != 0) -- return code; -- -- ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW; -- ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW; -- ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD; -- ctx->cksum_size = 20; -- ctx->sealalg = SEAL_ALG_DES3KD; -- break; - case ENCTYPE_ARCFOUR_HMAC: - case ENCTYPE_ARCFOUR_HMAC_EXP: - /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype, -diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c -index 87b486c53f..2b5abcd817 100644 ---- a/src/lib/krb5/krb/init_ctx.c -+++ b/src/lib/krb5/krb/init_ctx.c -@@ -59,7 +59,6 @@ - static krb5_enctype default_enctype_list[] = { - ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, - ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, -- ENCTYPE_DES3_CBC_SHA1, - ENCTYPE_ARCFOUR_HMAC, - ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC, - 0 -@@ -450,8 +449,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey, - /* Set all enctypes in the default list. */ - for (i = 0; default_list[i]; i++) - mod_list(default_list[i], sel, weak, &list); -- } else if (strcasecmp(token, "des3") == 0) { -- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list); - } else if (strcasecmp(token, "aes") == 0) { - mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list); - mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list); -diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c -index 44d113e7c5..9662785783 100644 ---- a/src/lib/krb5/krb/s4u_creds.c -+++ b/src/lib/krb5/krb/s4u_creds.c -@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context, - assert(req_s4u_user != NULL); - - switch (subkey->enctype) { -- case ENCTYPE_DES3_CBC_SHA1: -- case ENCTYPE_DES3_CBC_RAW: - case ENCTYPE_ARCFOUR_HMAC: - case ENCTYPE_ARCFOUR_HMAC_EXP : - not_newer = TRUE; -diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c -index 90c9f626c6..935aca12f5 100644 ---- a/src/lib/krb5/krb/t_etypes.c -+++ b/src/lib/krb5/krb/t_etypes.c -@@ -50,17 +50,6 @@ static struct { - { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, - 0, 0 - }, -- /* Family followed by enctype */ -- { "aes des3-cbc-sha1-kd", -- { 0 }, -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, -- ENCTYPE_DES3_CBC_SHA1, 0 }, -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, -- ENCTYPE_DES3_CBC_SHA1, 0 }, -- 0, 0 -- }, - /* Family with enctype removed */ - { "camellia -camellia256-cts-cmac", - { 0 }, -@@ -69,46 +58,15 @@ static struct { - }, - /* Default set with family added and enctype removed */ - { "DEFAULT +aes -arcfour-hmac-md5", -- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 }, -- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, -+ { ENCTYPE_ARCFOUR_HMAC, 0 }, -+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, - ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, - ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 }, -- { ENCTYPE_DES3_CBC_SHA1, -- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, - ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, - 0 }, - 0, 0 - }, -- /* Default set with families removed and enctypes added (one redundant) */ -- { "DEFAULT -des3 rc4-hmac rc4-hmac-exp", -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 }, -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -- ENCTYPE_ARCFOUR_HMAC, 0 }, -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 }, -- 0, 0 -- }, -- /* Default set with family moved to front */ -- { "des3 +DEFAULT", -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, -- ENCTYPE_DES3_CBC_SHA1, 0 }, -- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, -- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 }, -- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, -- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 }, -- 0, 0 -- }, -- /* Two families with default set removed (exotic case), enctype added */ -- { "aes +rc4 -DEFaulT des3-hmac-sha1", -- { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1, -- ENCTYPE_ARCFOUR_HMAC, 0 }, -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, -- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 }, -- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, -- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 }, -- 0, 0 -- }, - /* Test krb5_set_default_in_tkt_ktypes */ - { NULL, - { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, -diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c -index 10ba8d0ac7..24064ffcfd 100644 ---- a/src/lib/krb5/os/t_trace.c -+++ b/src/lib/krb5/os/t_trace.c -@@ -65,8 +65,8 @@ main (int argc, char *argv[]) - krb5_principal princ = &principal_data; - krb5_pa_data padata, padata2, **padatap; - krb5_enctype enctypes[4] = { -- ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN, -- ENCTYPE_NULL}; -+ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP, -+ ENCTYPE_UNKNOWN, ENCTYPE_NULL}; - krb5_ccache ccache; - krb5_keytab keytab; - krb5_creds creds; -diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref -index 044a66999e..98fb14f3f7 100644 ---- a/src/lib/krb5/os/t_trace.ref -+++ b/src/lib/krb5/os/t_trace.ref -@@ -41,7 +41,7 @@ int, krb5_principal type: ? - krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0 - krb5_pa_data **, display list of padata type numbers: (empty) - krb5_enctype, display shortest name of enctype: aes128-cts --krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511 -+krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511 - krb5_enctype *, display list of enctypes: (empty) - krb5_ccache, display type:name: FILE:/path/to/ccache - krb5_keytab, display name: FILE:/etc/krb5.keytab -diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h -index e3d2846315..586661bb7e 100644 ---- a/src/plugins/preauth/pkinit/pkcs11.h -+++ b/src/plugins/preauth/pkinit/pkcs11.h -@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t; - #define CKK_GENERIC_SECRET (0x10) - #define CKK_RC2 (0x11) - #define CKK_RC4 (0x12) --#define CKK_DES (0x13) --#define CKK_DES2 (0x14) --#define CKK_DES3 (0x15) -+/* #define CKK_DES (0x13) */ -+/* #define CKK_DES2 (0x14) */ -+/* #define CKK_DES3 (0x15) */ - #define CKK_CAST (0x16) - #define CKK_CAST3 (0x17) - #define CKK_CAST128 (0x18) -diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h -index 94a1b22fb1..65f6210727 100644 ---- a/src/plugins/preauth/pkinit/pkinit_crypto.h -+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h -@@ -376,11 +376,11 @@ krb5_error_code server_process_dh - * krb5_algorithm_identifier - */ - krb5_error_code create_krb5_supportedCMSTypes -- (krb5_context context, /* IN */ -- pkinit_plg_crypto_context plg_cryptoctx, /* IN */ -- pkinit_req_crypto_context req_cryptoctx, /* IN */ -- pkinit_identity_crypto_context id_cryptoctx, /* IN */ -- krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */ -+ (krb5_context context, /* IN */ -+ pkinit_plg_crypto_context plg_cryptoctx, /* IN */ -+ pkinit_req_crypto_context req_cryptoctx, /* IN */ -+ pkinit_identity_crypto_context id_cryptoctx, /* IN */ -+ krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */ - - /* - * this functions takes in crypto specific representation of -diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c -index 7f38e84910..99c93ac128 100644 ---- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c -+++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c -@@ -49,7 +49,6 @@ char eighteen_bs[9]; - char party_u_name[] = "lha@SU.SE"; - char party_v_name[] = "krbtgt/SU.SE@SU.SE"; - int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96; --int enctype_des3 = ENCTYPE_DES3_CBC_SHA1; - const krb5_data lha_data = DATA_FROM_STRING("lha"); - - krb5_octet key1_hex[] = -@@ -187,35 +186,6 @@ main(int argc, char **argv) - goto cleanup; - } - -- /* TEST 3: SHA-512/DES3 */ -- /* set up algorithm id */ -- alg_id.algorithm = sha512_id; -- -- enctype = enctype_des3; -- -- /* call pkinit_alg_agility_kdf() with test vector values*/ -- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret, -- &alg_id.algorithm, -- u_principal, v_principal, -- enctype, &as_req, &pk_as_rep, -- &key_block))) { -- printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d\n", -- retval); -- goto cleanup; -- } -- -- /* compare key to expected key value */ -- -- if ((key_block.length == sizeof(key3_hex)) && -- (0 == memcmp(key_block.contents, key3_hex, key_block.length))) { -- printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n"); -- retval = 0; -- } else { -- printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n"); -- retval = 1; -- goto cleanup; -- } -- - cleanup: - /* release all allocated resources, whether good or bad return */ - free(secret.data); -diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c -index 2279202d3a..96b0307d78 100644 ---- a/src/plugins/preauth/spake/t_vectors.c -+++ b/src/plugins/preauth/spake/t_vectors.c -@@ -56,31 +56,6 @@ struct test { - const char *K2; - const char *K3; - } tests[] = { -- { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519, -- /* initial key, w, x, y, T, S, K */ -- "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E", -- "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37", -- "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723", -- "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25", -- "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362", -- "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7", -- "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292", -- /* support, challenge, thash, body */ -- "A0093007A0053003020101", -- "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389" -- "102E6BF610C1BFBED4616C8362A20930073005A003020101", -- "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B", -- "3075A00703050000000000A1143012A003020101A10B30091B07726165627572" -- "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018" -- "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730" -- "303130313030303030305AA703020100A8053003020110", -- /* K'[0], K'[1], K'[2], K'[3] */ -- "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD", -- "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520", -- "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D", -- "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4", -- }, -- - { ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519, - /* initial key, w, x, y, T, S, K */ - "8846F7EAEE8FB117AD06BDD830B7586C", -diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py -index 7494d7fcdb..2f95d89967 100755 ---- a/src/tests/gssapi/t_enctypes.py -+++ b/src/tests/gssapi/t_enctypes.py -@@ -1,24 +1,17 @@ - from k5test import * - --# Define some convenience abbreviations for enctypes we will see in --# test program output. For background, aes256 and aes128 are "CFX --# enctypes", meaning that they imply support for RFC 4121, while des3 --# and rc4 are not. DES3 keys will appear as 'des3-cbc-raw' in --# t_enctypes output because that's how GSSAPI does raw triple-DES --# encryption without the RFC3961 framing. -+# Define some convenience abbreviations for enctypes we will see in test -+# program output. For background, aes256 and aes128 are "CFX enctypes", -+# meaning that they imply support for RFC 4121, while rc4 does not. - aes256 = 'aes256-cts-hmac-sha1-96' - aes128 = 'aes128-cts-hmac-sha1-96' --des3 = 'des3-cbc-sha1' --d_des3 = 'DEPRECATED:des3-cbc-sha1' --des3raw = 'des3-cbc-raw' --d_des3raw = 'DEPRECATED:des3-cbc-raw' - rc4 = 'arcfour-hmac' - d_rc4 = 'DEPRECATED:arcfour-hmac' - - # These tests make assumptions about the default enctype lists, so set - # them explicitly rather than relying on the library defaults. --supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal' --conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'}, -+supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal' -+conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'}, - 'realms': {'$realm': {'supported_enctypes': supp}}} - realm = K5Realm(krb5_conf=conf) - shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save')) -@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts', - test_err('acc aes128', None, 'aes128-cts', - 'Encryption type aes256-cts-hmac-sha1-96 not permitted') - --# If the initiator constrains the permitted session enctypes to des3, --# no acceptor subkey will be generated because we can't upgrade to a --# CFX enctype. --test('init des3', 'des3', None, -- tktenc=aes256, tktsession=d_des3, -- proto='rfc1964', isubkey=des3raw, asubkey=None) -- - # Force the ticket session key to be rc4, so we can test some subkey - # upgrade cases. The ticket encryption key remains aes256. - realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4']) - - # With no arguments, the initiator should send an upgrade list of --# [aes256 aes128 des3] and the acceptor should upgrade to an aes256 -+# [aes256 aes128] and the acceptor should upgrade to an aes256 - # subkey. - test('upgrade noargs', None, None, - tktenc=aes256, tktsession=d_rc4, -@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None, - tktenc=aes256, tktsession=d_rc4, - proto='cfx', isubkey=rc4, asubkey=aes128) - --# If the initiator permits rc4 but prefers des3, it will send an --# upgrade list of [des3], but the acceptor won't generate a subkey --# because des3 isn't a CFX enctype. --test('upgrade init des3+rc4', 'des3 rc4', None, -- tktenc=aes256, tktsession=d_rc4, -- proto='rfc1964', isubkey=rc4, asubkey=None) -- - # If the acceptor permits only aes128, subkey negotiation will fail - # because the ticket session key and initiator subkey are - # non-permitted. (This is unfortunate if the acceptor's restriction -diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c -index 9876a11e67..fb8fe55111 100644 ---- a/src/tests/gssapi/t_invalid.c -+++ b/src/tests/gssapi/t_invalid.c -@@ -84,18 +84,6 @@ struct test { - size_t toklen; - const char *token; - } tests[] = { -- { -- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW, -- SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20, -- 24, -- "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7" -- "\x92\x3D\x38\xF7\x26\x73\x0D\x6D", -- 65, -- "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04" -- "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8" -- "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10" -- "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4" -- }, - { - ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC, - SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8, -diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c -index 7368f752f0..bf22bd3da1 100644 ---- a/src/tests/gssapi/t_pcontok.c -+++ b/src/tests/gssapi/t_pcontok.c -@@ -43,7 +43,6 @@ - #include "k5-int.h" - #include "common.h" - --#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04 - #define SGN_ALG_HMAC_MD5 0x11 - - /* -@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out) - ret = krb5_k_create_key(context, &seqkb, &seq); - check_k5err(context, "krb5_k_create_key", ret); - -- if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) { -- cktype = CKSUMTYPE_HMAC_SHA1_DES3; -- cksize = 20; -- ckusage = 23; -- } else if (signalg == SGN_ALG_HMAC_MD5) { -- cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR; -- cksize = 8; -- ckusage = 15; -- } else { -+ if (signalg != SGN_ALG_HMAC_MD5) - abort(); -- } -+ -+ cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR; -+ cksize = 8; -+ ckusage = 15; - - tlen = 20 + mech_krb5.length + cksize; - token = malloc(tlen); -diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c -index f71774cdc9..d1857c433f 100644 ---- a/src/tests/gssapi/t_prf.c -+++ b/src/tests/gssapi/t_prf.c -@@ -41,13 +41,6 @@ static struct { - const char *key2; - const char *out2; - } tests[] = { -- { ENCTYPE_DES3_CBC_SHA1, -- "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2", -- "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9" -- "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB", -- "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E", -- "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190" -- "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" }, - { ENCTYPE_ARCFOUR_HMAC, - "3BB3AE288C12B3B9D06B208A4151B3B6", - "9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28" -diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py -index 97e2474bf8..47ea9e4b47 100644 ---- a/src/tests/t_authdata.py -+++ b/src/tests/t_authdata.py -@@ -164,7 +164,7 @@ realm.run([kvno, 'restricted']) - # preferred krbtgt enctype changes. - mark('#8139 regression test') - realm.kinit(realm.user_princ, password('user'), ['-f']) --realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1', -+realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2', - realm.krbtgt_princ]) - realm.run(['./forward']) - realm.run([kvno, realm.host_princ]) -diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py -index c982508d8b..96e90a69d2 100644 ---- a/src/tests/t_etype_info.py -+++ b/src/tests/t_etype_info.py -@@ -1,6 +1,6 @@ - from k5test import * - --supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac' -+supported_enctypes = 'aes128-cts rc4-hmac' - conf = {'libdefaults': {'allow_weak_crypto': 'true'}, - 'realms': {'$realm': {'supported_enctypes': supported_enctypes}}} - realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf) -@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines): - # With no newer enctypes in the request, PA-ETYPE-INFO2, - # PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one - # key for the most preferred matching enctype. --test_etinfo('user', 'rc4-hmac-exp des3 rc4', -- ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser', -- 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser', -+test_etinfo('user', 'rc4-hmac-exp rc4', -+ ['asrep etype_info2 rc4-hmac KRBTEST.COMuser', -+ 'asrep etype_info rc4-hmac KRBTEST.COMuser', - 'asrep pw_salt KRBTEST.COMuser']) - - # With a newer enctype in the request (even if it is not the most -@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts', - - # In preauth-required errors, PA-PW-SALT does not appear, but the same - # etype-info2 values are expected. --test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4', -- ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser', -- 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser']) -+test_etinfo('preauthuser', 'rc4-hmac-exp rc4', -+ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser', -+ 'error etype_info rc4-hmac KRBTEST.COMpreauthuser']) - test_etinfo('preauthuser', 'rc4 aes256-cts', - ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser']) - -@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts', - # (to allow for preauth mechs which don't depend on long-term keys). - # An AS-REP cannot be generated without preauth as there is no reply - # key. --test_etinfo('rc4user', 'des3', []) --test_etinfo('nokeyuser', 'des3', []) -+test_etinfo('rc4user', 'aes128-cts', []) -+test_etinfo('nokeyuser', 'aes128-cts', []) - - # Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED - # error if the client does optimistic preauth. -diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py -index 2c825a6922..f29e0d5500 100755 ---- a/src/tests/t_keyrollover.py -+++ b/src/tests/t_keyrollover.py -@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg) - - # Test that the KDC only accepts the first enctype for a kvno, for a - # local-realm TGS request. To set this up, we abuse an edge-case --# behavior of modprinc -kvno. First, set up a DES3 krbtgt entry at -+# behavior of modprinc -kvno. First, set up an aes128-sha2 krbtgt entry at - # kvno 1 and cache a krbtgt ticket. --realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1', -+realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128', - realm.krbtgt_princ]) - realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ]) - realm.kinit(realm.user_princ, password('user')) -@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts', - realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ]) - out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ]) - if 'vno 1, aes256-cts' not in out or \ -- 'vno 1, DEPRECATED:des3-cbc-sha1' not in out: -+ 'vno 1, aes128-cts-hmac-sha256-128' not in out: - fail('keyrollover: setup for TGS enctype test failed') --# Now present the DES3 ticket to the KDC and make sure it's rejected. -+# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected. - realm.run([kvno, realm.host_princ], expected_code=1) - - realm.stop() -diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py -index 32f4070bcb..da0ed1831e 100755 ---- a/src/tests/t_mkey.py -+++ b/src/tests/t_mkey.py -@@ -7,7 +7,6 @@ import struct - # default enctype for master keys. - aes256 = 'aes256-cts-hmac-sha1-96' - aes128 = 'aes128-cts-hmac-sha1-96' --des3 = 'des3-cbc-sha1' - defetype = aes256 - - realm = K5Realm(create_host=False, start_kadmind=True) -@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out: - - realm.stop() - --# Load a dump file created with krb5 1.6, before the master key --# rollover changes were introduced. Write out an old-format stash --# file consistent with the dump's master password ("footes"). The K/M --# entry in this database will not have actkvno tl-data because it was --# created prior to master key rollover support. Verify that: --# 1. We can access the database using the old-format stash file. --# 2. list_mkeys displays the same list as for a post-1.7 KDB. --mark('pre-1.7 stash file') --dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16') --os.remove(stash_file) --f = open(stash_file, 'wb') --f.write(struct.pack('=HL24s', 16, 24, -- b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0' -- b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86')) --f.close() --realm.run([kdb5_util, 'load', dumpfile]) --nprincs = len(realm.run([kadminl, 'listprincs']).splitlines()) --check_mkvno('K/M', 1) --check_mkey_list((1, des3, True, True)) -- --# Create a new master key and verify that, without actkvkno tl-data: --# 1. list_mkeys displays the same as for a post-1.7 KDB. --# 2. update_princ_encryption still targets mkvno 1. --# 3. libkadm5 still uses mkvno 1 for key changes. --# 4. use_mkey creates the same list as for a post-1.7 KDB. --mark('rollover from pre-1.7 KDB') --add_mkey([]) --check_mkey_list((2, defetype, False, False), (1, des3, True, True)) --update_princ_encryption(False, 1, 0, nprincs - 1) --realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ]) --check_mkvno(realm.user_princ, 1) --realm.run([kdb5_util, 'use_mkey', '2', 'now-1day']) --check_mkey_list((2, defetype, True, True), (1, des3, True, False)) -- - # Regression test for #8395. Purge the master key and verify that a - # master key fetch does not segfault. - mark('#8395 regression test') -diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py -index 65084bbf35..55ca897459 100755 ---- a/src/tests/t_salt.py -+++ b/src/tests/t_salt.py -@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2): - - # Enctype/salt pairs chosen with non-default salt types. - # The enctypes are mostly arbitrary. --salts = [('des3-cbc-sha1', 'norealm'), -+salts = [('aes128-cts-hmac-sha1-96', 'norealm'), - ('arcfour-hmac', 'onlyrealm'), - ('aes128-cts-hmac-sha1-96', 'special')] - # These enctypes are chosen to cover the different string-to-key routines. - # Omit ":normal" from aes256 to check that salttype defaulting works. --second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal', -- 'des3-cbc-sha1:normal'] -+second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal'] - - # Test using different salt types in a principal's key list. - # Parameters from one key in the list must not leak over to later ones. -diff --git a/src/util/k5test.py b/src/util/k5test.py -index 619f1995f8..771f82e3cc 100644 ---- a/src/util/k5test.py -+++ b/src/util/k5test.py -@@ -1344,13 +1344,6 @@ _passes = [ - # No special settings; exercises AES256. - ('default', None, None, None), - -- # Exercise the DES3 enctype. -- ('des3', None, -- {'libdefaults': {'permitted_enctypes': 'des3'}}, -- {'realms': {'$realm': { -- 'supported_enctypes': 'des3-cbc-sha1:normal', -- 'master_key_type': 'des3-cbc-sha1'}}}), -- - # Exercise the arcfour enctype. - ('arcfour', None, - {'libdefaults': {'permitted_enctypes': 'rc4'}}, -diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm -index 1aebdd0b4a..c38eefd2bd 100644 ---- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm -+++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm -@@ -79,19 +79,6 @@ will have an entry in the Encryption type column.
- Description - - -- des3- -- The triple DES family improves on --the original DES (Data Encryption Standard) by using 3 separate 56-bit --keys. Some modes of 3DES are considered weak while others are strong --(if slow).
    --
  • des3-cbc-sha1
    • --
  • des3-cbc-raw (weak)
    • --
  • des3-hmac-sha1
    • --
  • des3-cbc-sha1-kd
    • --
-- -- -- - aes - The AES Advanced Encryption Standard - family, like 3DES, is a symmetric block cipher and was designed --- -2.38.1 - diff --git a/0007-Add-configure-variable-for-default-PKCS-11-module.patch b/0007-Add-configure-variable-for-default-PKCS-11-module.patch deleted file mode 100644 index 144513381954f7ffd220e1f89fd2b39a96aa9312..0000000000000000000000000000000000000000 --- a/0007-Add-configure-variable-for-default-PKCS-11-module.patch +++ /dev/null @@ -1,201 +0,0 @@ -From 842b4c3b5695e2518e6f1a1545db78865c04b59c Mon Sep 17 00:00:00 2001 -From: Julien Rische -Date: Fri, 22 Apr 2022 14:12:37 +0200 -Subject: [PATCH] Add configure variable for default PKCS#11 module - -[ghudson@mit.edu: added documentation of configure variable and doc -substitution; shortened commit message] - -ticket: 9058 (new) ---- - doc/admin/conf_files/krb5_conf.rst | 2 +- - doc/build/options2configure.rst | 3 +++ - doc/conf.py | 3 +++ - doc/mitK5defaults.rst | 25 +++++++++++++------------ - src/configure.ac | 8 ++++++++ - src/doc/Makefile.in | 2 ++ - src/man/Makefile.in | 4 +++- - src/man/krb5.conf.man | 2 +- - src/plugins/preauth/pkinit/pkinit.h | 1 - - 9 files changed, 34 insertions(+), 16 deletions(-) - -diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst -index 2a4962069f..a33711d918 100644 ---- a/doc/admin/conf_files/krb5_conf.rst -+++ b/doc/admin/conf_files/krb5_conf.rst -@@ -1017,7 +1017,7 @@ information for PKINIT is as follows: - All keyword/values are optional. *modname* specifies the location - of a library implementing PKCS #11. If a value is encountered - with no keyword, it is assumed to be the *modname*. If no -- module-name is specified, the default is ``opensc-pkcs11.so``. -+ module-name is specified, the default is |pkcs11_modname|. - ``slotid=`` and/or ``token=`` may be specified to force the use of - a particular smard card reader or token if there is more than one - available. ``certid=`` and/or ``certlabel=`` may be specified to -diff --git a/doc/build/options2configure.rst b/doc/build/options2configure.rst -index 9e355dc2c5..e879b18bd2 100644 ---- a/doc/build/options2configure.rst -+++ b/doc/build/options2configure.rst -@@ -137,6 +137,9 @@ Environment variables - This option allows one to specify libraries to be passed to the - linker (e.g., ``-l``) - -+**PKCS11_MODNAME=**\ *library* -+ Override the built-in default PKCS11 library name. -+ - **SS_LIB=**\ *libs*... - If ``-lss`` is not the correct way to link in your installed ss - library, for example if additional support libraries are needed, -diff --git a/doc/conf.py b/doc/conf.py -index 12168fa695..0ab5ff9606 100644 ---- a/doc/conf.py -+++ b/doc/conf.py -@@ -242,6 +242,7 @@ if 'mansubs' in tags: - ccache = '``@CCNAME@``' - keytab = '``@KTNAME@``' - ckeytab = '``@CKTNAME@``' -+ pkcs11_modname = '``@PKCS11MOD@``' - elif 'pathsubs' in tags: - # Read configured paths from a file produced by the build system. - exec(open("paths.py").read()) -@@ -255,6 +256,7 @@ else: - ccache = ':ref:`DEFCCNAME `' - keytab = ':ref:`DEFKTNAME `' - ckeytab = ':ref:`DEFCKTNAME `' -+ pkcs11_modname = ':ref:`PKCS11_MODNAME `' - - rst_epilog = '\n' - -@@ -275,6 +277,7 @@ else: - rst_epilog += '.. |ccache| replace:: %s\n' % ccache - rst_epilog += '.. |keytab| replace:: %s\n' % keytab - rst_epilog += '.. |ckeytab| replace:: %s\n' % ckeytab -+ rst_epilog += '.. |pkcs11_modname| replace:: %s\n' % pkcs11_modname - rst_epilog += ''' - .. |krb5conf| replace:: ``/etc/krb5.conf`` - .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal`` -diff --git a/doc/mitK5defaults.rst b/doc/mitK5defaults.rst -index 74e69f4ad0..aea7af3dbb 100644 ---- a/doc/mitK5defaults.rst -+++ b/doc/mitK5defaults.rst -@@ -59,18 +59,19 @@ subdirectories of ``/usr/local``. When MIT krb5 is integrated into an - operating system, the paths are generally chosen to match the - operating system's filesystem layout. - --========================== ============= =========================== =========================== --Description Symbolic name Custom build path Typical OS path --========================== ============= =========================== =========================== --User programs BINDIR ``/usr/local/bin`` ``/usr/bin`` --Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib`` --Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var`` --Parent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run`` --Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin`` --Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc`` --Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}`` --Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab`` --========================== ============= =========================== =========================== -+========================== ============== =========================== =========================== -+Description Symbolic name Custom build path Typical OS path -+========================== ============== =========================== =========================== -+User programs BINDIR ``/usr/local/bin`` ``/usr/bin`` -+Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib`` -+Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var`` -+Parent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run`` -+Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin`` -+Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc`` -+Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}`` -+Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab`` -+Default PKCS11 module PKCS11_MODNAME ``opensc-pkcs11.so`` ``opensc-pkcs11.so`` -+========================== ============== =========================== =========================== - - The default client keytab name (DEFCKTNAME) typically defaults to - ``FILE:/usr/local/var/krb5/user/%{euid}/client.keytab`` for a custom -diff --git a/src/configure.ac b/src/configure.ac -index 8dc864718d..9774cb71ae 100644 ---- a/src/configure.ac -+++ b/src/configure.ac -@@ -1471,6 +1471,14 @@ AC_DEFINE_UNQUOTED(DEFKTNAME, ["$DEFKTNAME"], [Define to default keytab name]) - AC_DEFINE_UNQUOTED(DEFCKTNAME, ["$DEFCKTNAME"], - [Define to default client keytab name]) - -+AC_ARG_VAR(PKCS11_MODNAME, [Default PKCS11 module name]) -+if test "${PKCS11_MODNAME+set}" != set; then -+ PKCS11_MODNAME=opensc-pkcs11.so -+fi -+AC_MSG_NOTICE([Default PKCS11 module name: $PKCS11_MODNAME]) -+AC_DEFINE_UNQUOTED(PKCS11_MODNAME, ["$PKCS11_MODNAME"], -+ [Default PKCS11 module name]) -+ - AC_CONFIG_FILES([build-tools/krb5-config], [chmod +x build-tools/krb5-config]) - AC_CONFIG_FILES([build-tools/kadm-server.pc - build-tools/kadm-client.pc -diff --git a/src/doc/Makefile.in b/src/doc/Makefile.in -index 379bc36511..a1b0cff0a4 100644 ---- a/src/doc/Makefile.in -+++ b/src/doc/Makefile.in -@@ -10,6 +10,7 @@ sysconfdir=@sysconfdir@ - DEFCCNAME=@DEFCCNAME@ - DEFKTNAME=@DEFKTNAME@ - DEFCKTNAME=@DEFCKTNAME@ -+PKCS11_MODNAME=@PKCS11_MODNAME@ - - RST_SOURCES= _static \ - _templates \ -@@ -118,6 +119,7 @@ paths.py: - echo 'ccache = "``$(DEFCCNAME)``"' >> $@ - echo 'keytab = "``$(DEFKTNAME)``"' >> $@ - echo 'ckeytab = "``$(DEFCKTNAME)``"' >> $@ -+ echo 'pkcs11_modname = "``$(PKCS11_MODNAME)``"' >> $@ - - # Dummy rule that man/Makefile can invoke - version.py: $(docsrc)/version.py -diff --git a/src/man/Makefile.in b/src/man/Makefile.in -index 00b1b2de06..85cae0914e 100644 ---- a/src/man/Makefile.in -+++ b/src/man/Makefile.in -@@ -8,6 +8,7 @@ sysconfdir=@sysconfdir@ - DEFCCNAME=@DEFCCNAME@ - DEFKTNAME=@DEFKTNAME@ - DEFCKTNAME=@DEFCKTNAME@ -+PKCS11_MODNAME=@PKCS11_MODNAME@ - - MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadm5.acl.sub kadmin.sub \ - kadmind.sub kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub \ -@@ -47,7 +48,8 @@ $(docsrc)/version.py: $(top_srcdir)/patchlevel.h - -e 's|@SYSCONFDIR@|$(sysconfdir)|g' \ - -e 's|@CCNAME@|$(DEFCCNAME)|g' \ - -e 's|@KTNAME@|$(DEFKTNAME)|g' \ -- -e 's|@CKTNAME@|$(DEFCKTNAME)|g' $? > $@ -+ -e 's|@CKTNAME@|$(DEFCKTNAME)|g' \ -+ -e 's|@PKCS11MOD@|$(PKCS11_MODNAME)|g' $? > $@ - - all: $(MANSUBS) - -diff --git a/src/man/krb5.conf.man b/src/man/krb5.conf.man -index 51acb38815..fd2c6f2bc4 100644 ---- a/src/man/krb5.conf.man -+++ b/src/man/krb5.conf.man -@@ -1148,7 +1148,7 @@ user\(aqs certificate and private key. - All keyword/values are optional. \fImodname\fP specifies the location - of a library implementing PKCS #11. If a value is encountered - with no keyword, it is assumed to be the \fImodname\fP\&. If no --module\-name is specified, the default is \fBopensc\-pkcs11.so\fP\&. -+module\-name is specified, the default is \fB@PKCS11MOD@\fP\&. - \fBslotid=\fP and/or \fBtoken=\fP may be specified to force the use of - a particular smard card reader or token if there is more than one - available. \fBcertid=\fP and/or \fBcertlabel=\fP may be specified to -diff --git a/src/plugins/preauth/pkinit/pkinit.h b/src/plugins/preauth/pkinit/pkinit.h -index 8135535e2c..66f92d8f03 100644 ---- a/src/plugins/preauth/pkinit/pkinit.h -+++ b/src/plugins/preauth/pkinit/pkinit.h -@@ -42,7 +42,6 @@ - #ifndef WITHOUT_PKCS11 - #include "pkcs11.h" - --#define PKCS11_MODNAME "opensc-pkcs11.so" - #define PK_SIGLEN_GUESS 1000 - #define PK_NOSLOT 999999 - #endif --- -2.38.1 - diff --git a/0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch b/0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch deleted file mode 100644 index 3755c15c3699b289cf273c9cc305f76e6fabaffc..0000000000000000000000000000000000000000 --- a/0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch +++ /dev/null @@ -1,159 +0,0 @@ -From 3fb8c4c68274d2ff4addb44b7b95b4698c2c4f34 Mon Sep 17 00:00:00 2001 -From: Julien Rische -Date: Wed, 1 Jun 2022 18:02:04 +0200 -Subject: [PATCH] Set reasonable supportedCMSTypes in PKINIT - -The PKINIT client uses AuthPack.supportedCMSTypes to let the KDC know -the algorithms it supports for verification of the CMS data signature. -(The MIT krb5 KDC currently ignores this list, but other -implementations use it.) - -Replace 3DES with sha512WithRSAEncryption and sha256WithRSAEncryption. - -[ghudson@mit.edu: simplified code and used appropriate helpers; edited -commit message] - -ticket: 9066 (new) ---- - src/plugins/preauth/pkinit/pkinit_constants.c | 33 ++++++++++++- - src/plugins/preauth/pkinit/pkinit_crypto.h | 4 ++ - .../preauth/pkinit/pkinit_crypto_openssl.c | 49 ++++++++++--------- - 3 files changed, 60 insertions(+), 26 deletions(-) - -diff --git a/src/plugins/preauth/pkinit/pkinit_constants.c b/src/plugins/preauth/pkinit/pkinit_constants.c -index 652897fa14..1da482e0b4 100644 ---- a/src/plugins/preauth/pkinit/pkinit_constants.c -+++ b/src/plugins/preauth/pkinit/pkinit_constants.c -@@ -32,9 +32,14 @@ - - #include "pkinit.h" - --/* statically declare OID constants for all three algorithms */ --static char sha1_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x01}; -+/* RFC 8636 id-pkinit-kdf-ah-sha1: iso(1) identified-organization(3) dod(6) -+ * internet(1) security(5) kerberosv5(2) pkinit(3) kdf(6) sha1(1) */ -+static char sha1_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x01 }; -+/* RFC 8636 id-pkinit-kdf-ah-sha256: iso(1) identified-organization(3) dod(6) -+ * internet(1) security(5) kerberosv5(2) pkinit(3) kdf(6) sha256(2) */ - static char sha256_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x02 }; -+/* RFC 8636 id-pkinit-kdf-ah-sha512: iso(1) identified-organization(3) dod(6) -+ * internet(1) security(5) kerberosv5(2) pkinit(3) kdf(6) sha512(3) */ - static char sha512_oid[8] = { 0x2B, 0x06, 0x01, 0x05, 0x02, 0x03, 0x06, 0x03 }; - - const krb5_data sha1_id = { KV5M_DATA, sizeof(sha1_oid), sha1_oid }; -@@ -48,6 +53,30 @@ krb5_data const * const supported_kdf_alg_ids[] = { - NULL - }; - -+/* RFC 4055 sha256WithRSAEncryption: iso(1) member-body(2) us(840) -+ * rsadsi(113549) pkcs(1) 1 11 */ -+static char sha256WithRSAEncr_oid[9] = { -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b -+}; -+/* RFC 4055 sha256WithRSAEncryption: iso(1) member-body(2) us(840) -+ * rsadsi(113549) pkcs(1) 1 13 */ -+static char sha512WithRSAEncr_oid[9] = { -+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d -+}; -+ -+const krb5_data sha256WithRSAEncr_id = { -+ KV5M_DATA, sizeof(sha256WithRSAEncr_oid), sha256WithRSAEncr_oid -+}; -+const krb5_data sha512WithRSAEncr_id = { -+ KV5M_DATA, sizeof(sha512WithRSAEncr_oid), sha512WithRSAEncr_oid -+}; -+ -+krb5_data const * const supported_cms_algs[] = { -+ &sha512WithRSAEncr_id, -+ &sha256WithRSAEncr_id, -+ NULL -+}; -+ - /* RFC 2412 section E.2 (well-known group 2) parameters, DER-encoded as - * DomainParameters (RFC 3279 section 2.3.3). */ - static const uint8_t o1024[] = { -diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h -index 65f6210727..64300da856 100644 ---- a/src/plugins/preauth/pkinit/pkinit_crypto.h -+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h -@@ -620,6 +620,10 @@ extern const krb5_data oakley_4096; - */ - extern krb5_data const * const supported_kdf_alg_ids[]; - -+/* CMS signature algorithms supported by this implementation, in order of -+ * decreasing preference. */ -+extern krb5_data const * const supported_cms_algs[]; -+ - krb5_error_code - crypto_encode_der_cert(krb5_context context, pkinit_req_crypto_context reqctx, - uint8_t **der_out, size_t *der_len); -diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c -index d500455dec..1c2aa02827 100644 ---- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c -+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c -@@ -5475,37 +5475,38 @@ create_krb5_supportedCMSTypes(krb5_context context, - pkinit_plg_crypto_context plg_cryptoctx, - pkinit_req_crypto_context req_cryptoctx, - pkinit_identity_crypto_context id_cryptoctx, -- krb5_algorithm_identifier ***oids) -+ krb5_algorithm_identifier ***algs_out) - { -+ krb5_error_code ret; -+ krb5_algorithm_identifier **algs = NULL; -+ size_t i, count; - -- krb5_error_code retval = ENOMEM; -- krb5_algorithm_identifier **loids = NULL; -- krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" }; -+ *algs_out = NULL; - -- *oids = NULL; -- loids = malloc(2 * sizeof(krb5_algorithm_identifier *)); -- if (loids == NULL) -- goto cleanup; -- loids[1] = NULL; -- loids[0] = malloc(sizeof(krb5_algorithm_identifier)); -- if (loids[0] == NULL) { -- free(loids); -- goto cleanup; -- } -- retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid); -- if (retval) { -- free(loids[0]); -- free(loids); -+ /* Count supported OIDs and allocate list (including null terminator). */ -+ for (count = 0; supported_cms_algs[count] != NULL; count++); -+ algs = k5calloc(count + 1, sizeof(*algs), &ret); -+ if (algs == NULL) - goto cleanup; -+ -+ /* Add an algorithm identifier for each OID, with no parameters. */ -+ for (i = 0; i < count; i++) { -+ algs[i] = k5alloc(sizeof(*algs[i]), &ret); -+ if (algs[i] == NULL) -+ goto cleanup; -+ ret = krb5int_copy_data_contents(context, supported_cms_algs[i], -+ &algs[i]->algorithm); -+ if (ret) -+ goto cleanup; -+ algs[i]->parameters = empty_data(); - } -- loids[0]->parameters.length = 0; -- loids[0]->parameters.data = NULL; - -- *oids = loids; -- retval = 0; --cleanup: -+ *algs_out = algs; -+ algs = NULL; - -- return retval; -+cleanup: -+ free_krb5_algorithm_identifiers(&algs); -+ return ret; - } - - krb5_error_code --- -2.38.1 - diff --git a/0009-Simplify-plugin-loading-code.patch b/0009-Simplify-plugin-loading-code.patch deleted file mode 100644 index 42802e56c82c61d51a84a9ea6b4cf1eb6d050509..0000000000000000000000000000000000000000 --- a/0009-Simplify-plugin-loading-code.patch +++ /dev/null @@ -1,622 +0,0 @@ -From ffb47e4120d68aef015453350a3a50a9bab1ec58 Mon Sep 17 00:00:00 2001 -From: Greg Hudson -Date: Thu, 23 Jun 2022 16:41:40 -0400 -Subject: [PATCH] Simplify plugin loading code - -Remove the USE_CFBUNDLE code, which was only used by KfM. Handle -platform conditionals according to current practice. Use -k5_dir_filenames() instead of opendir() and remove the Windows -implementation of opendir(). ---- - src/util/support/plugins.c | 507 +++++++++++-------------------------- - 1 file changed, 150 insertions(+), 357 deletions(-) - -diff --git a/src/util/support/plugins.c b/src/util/support/plugins.c -index c6a9a21d57..0850565687 100644 ---- a/src/util/support/plugins.c -+++ b/src/util/support/plugins.c -@@ -29,16 +29,6 @@ - #if USE_DLOPEN - #include - #endif --#include --#ifdef HAVE_SYS_STAT_H --#include --#endif --#ifdef HAVE_SYS_PARAM_H --#include --#endif --#ifdef HAVE_UNISTD_H --#include --#endif - - #if USE_DLOPEN - #ifdef RTLD_GROUP -@@ -68,16 +58,6 @@ - #endif - #endif - --#if USE_DLOPEN && USE_CFBUNDLE --#include -- --/* Currently CoreFoundation only exists on the Mac so we just use -- * pthreads directly to avoid creating empty function calls on other -- * platforms. If a thread initializer ever gets created in the common -- * plugin code, move this there */ --static pthread_mutex_t krb5int_bundle_mutex = PTHREAD_MUTEX_INITIALIZER; --#endif -- - #include - static void Tprintf (const char *fmt, ...) - { -@@ -90,374 +70,193 @@ static void Tprintf (const char *fmt, ...) - } - - struct plugin_file_handle { --#if USE_DLOPEN -+#if defined(USE_DLOPEN) - void *dlhandle; --#endif --#ifdef _WIN32 -- HMODULE hinstPlugin; --#endif --#if !defined (USE_DLOPEN) && !defined (_WIN32) -+#elif defined(_WIN32) -+ HMODULE module; -+#else - char dummy; - #endif - }; - --#ifdef _WIN32 --struct dirent { -- long d_ino; /* inode (always 1 in WIN32) */ -- off_t d_off; /* offset to this dirent */ -- unsigned short d_reclen; /* length of d_name */ -- char d_name[_MAX_FNAME+1]; /* filename (null terminated) */ --}; -- --typedef struct { -- intptr_t handle; /* _findfirst/_findnext handle */ -- short offset; /* offset into directory */ -- short finished; /* 1 if there are not more files */ -- struct _finddata_t fileinfo;/* from _findfirst/_findnext */ -- char *dir; /* the dir we are reading */ -- struct dirent dent; /* the dirent to return */ --} DIR; -+#if defined(USE_DLOPEN) - --DIR * opendir(const char *dir) -+static long -+open_plugin_dlfcn(struct plugin_file_handle *h, const char *filename, -+ struct errinfo *ep) - { -- DIR *dp; -- char *filespec; -- intptr_t handle; -- int index; -- -- filespec = malloc(strlen(dir) + 2 + 1); -- strcpy(filespec, dir); -- index = strlen(filespec) - 1; -- if (index >= 0 && (filespec[index] == '/' || filespec[index] == '\\')) -- filespec[index] = '\0'; -- strcat(filespec, "/*"); -- -- dp = (DIR *)malloc(sizeof(DIR)); -- dp->offset = 0; -- dp->finished = 0; -- dp->dir = strdup(dir); -- -- if ((handle = _findfirst(filespec, &(dp->fileinfo))) < 0) { -- if (errno == ENOENT) -- dp->finished = 1; -- else { -- free(filespec); -- free(dp->dir); -- free(dp); -- return NULL; -- } -+ const char *e; -+ -+ h->dlhandle = dlopen(filename, PLUGIN_DLOPEN_FLAGS); -+ if (h->dlhandle == NULL) { -+ e = dlerror(); -+ if (e == NULL) -+ e = _("unknown failure"); -+ Tprintf("dlopen(%s): %s\n", filename, e); -+ k5_set_error(ep, ENOENT, _("unable to load plugin [%s]: %s"), -+ filename, e); -+ return ENOENT; - } -- -- dp->handle = handle; -- free(filespec); -- -- return dp; -+ return 0; - } -+#define open_plugin open_plugin_dlfcn - --struct dirent * readdir(DIR *dp) -+static long -+get_sym_dlfcn(struct plugin_file_handle *h, const char *csymname, -+ void **sym_out, struct errinfo *ep) - { -- if (!dp || dp->finished) return NULL; -- -- if (dp->offset != 0) { -- if (_findnext(dp->handle, &(dp->fileinfo)) < 0) { -- dp->finished = 1; -- return NULL; -- } -+ const char *e; -+ -+ if (h->dlhandle == NULL) -+ return ENOENT; -+ *sym_out = dlsym(h->dlhandle, csymname); -+ if (*sym_out == NULL) { -+ e = dlerror(); -+ if (e == NULL) -+ e = _("unknown failure"); -+ Tprintf("dlsym(%s): %s\n", csymname, e); -+ k5_set_error(ep, ENOENT, "%s", e); -+ return ENOENT; - } -- dp->offset++; -- -- strncpy(dp->dent.d_name, dp->fileinfo.name, _MAX_FNAME); -- dp->dent.d_ino = 1; -- dp->dent.d_reclen = (unsigned short)strlen(dp->dent.d_name); -- dp->dent.d_off = dp->offset; -- -- return &(dp->dent); --} -- --int closedir(DIR *dp) --{ -- if (!dp) return 0; -- _findclose(dp->handle); -- free(dp->dir); -- free(dp); -- - return 0; - } --#endif -+#define get_sym get_sym_dlfcn - --long KRB5_CALLCONV --krb5int_open_plugin (const char *filepath, struct plugin_file_handle **h, struct errinfo *ep) -+static void -+close_plugin_dlfcn(struct plugin_file_handle *h) - { -- long err = 0; -- struct plugin_file_handle *htmp = NULL; -- int got_plugin = 0; --#if defined(USE_CFBUNDLE) || defined(_WIN32) -- struct stat statbuf; -- -- if (!err) { -- if (stat (filepath, &statbuf) < 0) { -- err = errno; -- Tprintf ("stat(%s): %s\n", filepath, strerror (err)); -- k5_set_error(ep, err, _("unable to find plugin [%s]: %s"), -- filepath, strerror(err)); -- } -- } --#endif -- -- if (!err) { -- htmp = calloc (1, sizeof (*htmp)); /* calloc initializes ptrs to NULL */ -- if (htmp == NULL) { err = ENOMEM; } -- } -- --#if USE_DLOPEN -- if (!err --#if USE_CFBUNDLE -- && ((statbuf.st_mode & S_IFMT) == S_IFREG -- || (statbuf.st_mode & S_IFMT) == S_IFDIR) --#endif /* USE_CFBUNDLE */ -- ) { -- void *handle = NULL; -- --#if USE_CFBUNDLE -- char executablepath[MAXPATHLEN]; -- -- if ((statbuf.st_mode & S_IFMT) == S_IFDIR) { -- int lock_err = 0; -- CFStringRef pluginString = NULL; -- CFURLRef pluginURL = NULL; -- CFBundleRef pluginBundle = NULL; -- CFURLRef executableURL = NULL; -- -- /* Lock around CoreFoundation calls since objects are refcounted -- * and the refcounts are not thread-safe. Using pthreads directly -- * because this code is Mac-specific */ -- lock_err = pthread_mutex_lock(&krb5int_bundle_mutex); -- if (lock_err) { err = lock_err; } -- -- if (!err) { -- pluginString = CFStringCreateWithCString (kCFAllocatorDefault, -- filepath, -- kCFStringEncodingASCII); -- if (pluginString == NULL) { err = ENOMEM; } -- } -- -- if (!err) { -- pluginURL = CFURLCreateWithFileSystemPath (kCFAllocatorDefault, -- pluginString, -- kCFURLPOSIXPathStyle, -- true); -- if (pluginURL == NULL) { err = ENOMEM; } -- } -- -- if (!err) { -- pluginBundle = CFBundleCreate (kCFAllocatorDefault, pluginURL); -- if (pluginBundle == NULL) { err = ENOENT; } /* XXX need better error */ -- } -- -- if (!err) { -- executableURL = CFBundleCopyExecutableURL (pluginBundle); -- if (executableURL == NULL) { err = ENOMEM; } -- } -- -- if (!err) { -- if (!CFURLGetFileSystemRepresentation (executableURL, -- true, /* absolute */ -- (UInt8 *)executablepath, -- sizeof (executablepath))) { -- err = ENOMEM; -- } -- } -- -- if (!err) { -- /* override the path the caller passed in */ -- filepath = executablepath; -- } -- -- if (executableURL != NULL) { CFRelease (executableURL); } -- if (pluginBundle != NULL) { CFRelease (pluginBundle); } -- if (pluginURL != NULL) { CFRelease (pluginURL); } -- if (pluginString != NULL) { CFRelease (pluginString); } -- -- /* unlock after CFRelease calls since they modify refcounts */ -- if (!lock_err) { pthread_mutex_unlock (&krb5int_bundle_mutex); } -- } --#endif /* USE_CFBUNDLE */ -- -- if (!err) { -- handle = dlopen(filepath, PLUGIN_DLOPEN_FLAGS); -- if (handle == NULL) { -- const char *e = dlerror(); -- if (e == NULL) -- e = _("unknown failure"); -- Tprintf ("dlopen(%s): %s\n", filepath, e); -- err = ENOENT; /* XXX */ -- k5_set_error(ep, err, _("unable to load plugin [%s]: %s"), -- filepath, e); -- } -- } -+ if (h->dlhandle != NULL) -+ dlclose(h->dlhandle); -+} -+#define close_plugin close_plugin_dlfcn - -- if (!err) { -- got_plugin = 1; -- htmp->dlhandle = handle; -- handle = NULL; -- } -+#elif defined(_WIN32) - -- if (handle != NULL) { dlclose (handle); } -+static long -+open_plugin_win32(struct plugin_file_handle *h, const char *filename, -+ struct errinfo *ep) -+{ -+ h->module = LoadLibrary(filename); -+ if (h == NULL) { -+ Tprintf("Unable to load dll: %s\n", filename); -+ k5_set_error(ep, ENOENT, _("unable to load DLL [%s]"), filename); -+ return ENOENT; - } --#endif /* USE_DLOPEN */ -- --#ifdef _WIN32 -- if (!err && (statbuf.st_mode & S_IFMT) == S_IFREG) { -- HMODULE handle = NULL; -+ return 0; -+} -+#define open_plugin open_plugin_win32 - -- handle = LoadLibrary(filepath); -- if (handle == NULL) { -- Tprintf ("Unable to load dll: %s\n", filepath); -- err = ENOENT; /* XXX */ -- k5_set_error(ep, err, _("unable to load DLL [%s]"), filepath); -- } -+static long -+get_sym_win32(struct plugin_file_handle *h, const char *csymname, -+ void **sym_out, struct errinfo *ep) -+{ -+ LPVOID lpMsgBuf; -+ DWORD dw; - -- if (!err) { -- got_plugin = 1; -- htmp->hinstPlugin = handle; -- handle = NULL; -+ if (h->module == NULL) -+ return ENOENT; -+ *sym_out = GetProcAddress(h->module, csymname); -+ if (*sym_out == NULL) { -+ Tprintf("GetProcAddress(%s): %i\n", csymname, GetLastError()); -+ dw = GetLastError(); -+ if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | -+ FORMAT_MESSAGE_FROM_SYSTEM, -+ NULL, dw, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), -+ (LPTSTR)&lpMsgBuf, 0, NULL)) { -+ k5_set_error(ep, ENOENT, _("unable to get DLL Symbol: %s"), -+ (char *)lpMsgBuf); -+ LocalFree(lpMsgBuf); - } -- -- if (handle != NULL) -- FreeLibrary(handle); -- } --#endif -- -- if (!err && !got_plugin) { -- err = ENOENT; /* no plugin or no way to load plugins */ -- k5_set_error(ep, err, _("plugin unavailable: %s"), strerror(err)); -+ return ENOENT; - } -+ return 0; -+} -+#define get_sym get_sym_win32 - -- if (!err) { -- *h = htmp; -- htmp = NULL; /* h takes ownership */ -- } -+static void -+close_plugin_win32(struct plugin_file_handle *h) -+{ -+ if (h->module != NULL) -+ FreeLibrary(h->module); -+} -+#define close_plugin close_plugin_win32 - -- free(htmp); -+#else - -- return err; -+static long -+open_plugin_dummy(struct plugin_file_handle *h, const char *filename, -+ struct errinfo *ep) -+{ -+ k5_set_error(ep, ENOENT, _("plugin loading unavailable")); -+ return ENOENT; - } -+#define open_plugin open_plugin_dummy - - static long --krb5int_get_plugin_sym (struct plugin_file_handle *h, -- const char *csymname, int isfunc, void **ptr, -- struct errinfo *ep) -+get_sym_dummy(struct plugin_file_handle *h, const char *csymname, -+ void **sym_out, struct errinfo *ep) - { -- long err = 0; -- void *sym = NULL; -+ return ENOENT; -+} -+#define get_sym get_sym_dummy -+ -+static void -+close_plugin_dummy(struct plugin_file_handle *h) -+{ -+} -+#define close_plugin close_plugin_dummy - --#if USE_DLOPEN -- if (!err && !sym && (h->dlhandle != NULL)) { -- /* XXX Do we need to add a leading "_" to the symbol name on any -- modern platforms? */ -- sym = dlsym (h->dlhandle, csymname); -- if (sym == NULL) { -- const char *e = dlerror (); /* XXX copy and save away */ -- if (e == NULL) -- e = "unknown failure"; -- Tprintf ("dlsym(%s): %s\n", csymname, e); -- err = ENOENT; /* XXX */ -- k5_set_error(ep, err, "%s", e); -- } -- } - #endif - --#ifdef _WIN32 -- LPVOID lpMsgBuf; -- DWORD dw; -+long KRB5_CALLCONV -+krb5int_open_plugin(const char *filename, -+ struct plugin_file_handle **handle_out, struct errinfo *ep) -+{ -+ long ret; -+ struct plugin_file_handle *h; - -- if (!err && !sym && (h->hinstPlugin != NULL)) { -- sym = GetProcAddress(h->hinstPlugin, csymname); -- if (sym == NULL) { -- const char *e = "unable to get dll symbol"; /* XXX copy and save away */ -- Tprintf ("GetProcAddress(%s): %i\n", csymname, GetLastError()); -- err = ENOENT; /* XXX */ -- k5_set_error(ep, err, "%s", e); -- -- dw = GetLastError(); -- if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | -- FORMAT_MESSAGE_FROM_SYSTEM, -- NULL, -- dw, -- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), -- (LPTSTR) &lpMsgBuf, -- 0, NULL )) { -- -- fprintf (stderr, "unable to get dll symbol, %s\n", (LPCTSTR)lpMsgBuf); -- LocalFree(lpMsgBuf); -- } -- } -- } --#endif -+ *handle_out = NULL; - -- if (!err && (sym == NULL)) { -- err = ENOENT; /* unimplemented */ -- } -+ h = calloc(1, sizeof(*h)); -+ if (h == NULL) -+ return ENOMEM; - -- if (!err) { -- *ptr = sym; -+ ret = open_plugin(h, filename, ep); -+ if (ret) { -+ free(h); -+ return ret; - } - -- return err; -+ *handle_out = h; -+ return 0; - } - - long KRB5_CALLCONV --krb5int_get_plugin_data (struct plugin_file_handle *h, const char *csymname, -- void **ptr, struct errinfo *ep) -+krb5int_get_plugin_data(struct plugin_file_handle *h, const char *csymname, -+ void **sym_out, struct errinfo *ep) - { -- return krb5int_get_plugin_sym (h, csymname, 0, ptr, ep); -+ return get_sym(h, csymname, sym_out, ep); - } - - long KRB5_CALLCONV --krb5int_get_plugin_func (struct plugin_file_handle *h, const char *csymname, -- void (**ptr)(), struct errinfo *ep) -+krb5int_get_plugin_func(struct plugin_file_handle *h, const char *csymname, -+ void (**sym_out)(), struct errinfo *ep) - { - void *dptr = NULL; -- long err = krb5int_get_plugin_sym (h, csymname, 1, &dptr, ep); -- if (!err) { -- /* Cast function pointers to avoid code duplication */ -- *ptr = (void (*)()) dptr; -- } -- return err; -+ long ret = get_sym(h, csymname, &dptr, ep); -+ -+ if (!ret) -+ *sym_out = (void (*)())dptr; -+ return ret; - } - - void KRB5_CALLCONV - krb5int_close_plugin (struct plugin_file_handle *h) - { --#if USE_DLOPEN -- if (h->dlhandle != NULL) { dlclose(h->dlhandle); } --#endif --#ifdef _WIN32 -- if (h->hinstPlugin != NULL) { FreeLibrary(h->hinstPlugin); } --#endif -- free (h); -+ close_plugin(h); -+ free(h); - } - --/* autoconf docs suggest using this preference order */ --#if HAVE_DIRENT_H || USE_DIRENT_H --#include --#define NAMELEN(D) strlen((D)->d_name) --#else --#ifndef _WIN32 --#define dirent direct --#define NAMELEN(D) ((D)->d->namlen) --#else --#define NAMELEN(D) strlen((D)->d_name) --#endif --#if HAVE_SYS_NDIR_H --# include --#elif HAVE_SYS_DIR_H --# include --#elif HAVE_NDIR_H --# include --#endif --#endif -- - static long - krb5int_plugin_file_handle_array_init (struct plugin_file_handle ***harray) - { -@@ -619,42 +418,36 @@ krb5int_open_plugin_dirs (const char * const *dirnames, - if (handle != NULL) { krb5int_close_plugin (handle); } - } - } else { -- /* load all plugins in each directory */ -- DIR *dir = opendir (dirnames[i]); -+ char **fnames = NULL; -+ int j; - -- while (dir != NULL && !err) { -- struct dirent *d = NULL; -+ err = k5_dir_filenames(dirnames[i], &fnames); -+ for (j = 0; !err && fnames[j] != NULL; j++) { - char *filepath = NULL; - struct plugin_file_handle *handle = NULL; - -- d = readdir (dir); -- if (d == NULL) { break; } -- -- if ((strcmp (d->d_name, ".") == 0) || -- (strcmp (d->d_name, "..") == 0)) { -+ if (strcmp(fnames[j], ".") == 0 || -+ strcmp(fnames[j], "..") == 0) - continue; -- } - -- if (!err) { -- int len = NAMELEN (d); -- if (asprintf(&filepath, "%s/%*s", dirnames[i], len, d->d_name) < 0) { -- filepath = NULL; -- err = ENOMEM; -- } -+ if (asprintf(&filepath, "%s/%s", dirnames[i], fnames[j]) < 0) { -+ filepath = NULL; -+ err = ENOMEM; - } - -- if (!err) { -- if (krb5int_open_plugin (filepath, &handle, ep) == 0) { -- err = krb5int_plugin_file_handle_array_add (&h, &count, handle); -- if (!err) { handle = NULL; } /* h takes ownership */ -- } -+ if (!err && krb5int_open_plugin(filepath, &handle, ep) == 0) { -+ err = krb5int_plugin_file_handle_array_add(&h, &count, -+ handle); -+ if (!err) -+ handle = NULL; /* h takes ownership */ - } - - free(filepath); -- if (handle != NULL) { krb5int_close_plugin (handle); } -+ if (handle != NULL) -+ krb5int_close_plugin(handle); - } - -- if (dir != NULL) { closedir (dir); } -+ k5_free_filenames(fnames); - } - } - --- -2.38.1 - diff --git a/0012-Add-and-use-ts_interval-helper.patch b/0012-Add-and-use-ts_interval-helper.patch deleted file mode 100644 index 5f9647e966bd2a4a1b63c229e068791e8755a4f3..0000000000000000000000000000000000000000 --- a/0012-Add-and-use-ts_interval-helper.patch +++ /dev/null @@ -1,239 +0,0 @@ -From 07ec260c65ec036d44362868df0f796a53495f27 Mon Sep 17 00:00:00 2001 -From: Greg Hudson -Date: Mon, 19 Sep 2022 15:18:50 -0400 -Subject: [PATCH] Add and use ts_interval() helper - -ts_delta() returns a signed result, which cannot hold an interval -larger than 2^31-1 seconds. Intervals like this have been seen when -admins set password expiration dates more than 68 years in the future. - -Add a second helper ts_interval() which returns a signed result, and -has the arguments reversed so that the start time is first. Use it in -warn_pw_expiry() to handle the password expiration case, in the GSS -krb5 mech where we return an unsigned context or credential lifetime -to the caller, and in the KEYRING ccache type where we compute an -unsigned keyring timeout. - -ticket: 9071 (new) ---- - src/include/k5-int.h | 9 +++++++++ - src/lib/gssapi/krb5/accept_sec_context.c | 10 ++++++---- - src/lib/gssapi/krb5/acquire_cred.c | 3 +-- - src/lib/gssapi/krb5/context_time.c | 2 +- - src/lib/gssapi/krb5/init_sec_context.c | 4 ++-- - src/lib/gssapi/krb5/inq_context.c | 2 +- - src/lib/gssapi/krb5/inq_cred.c | 2 +- - src/lib/gssapi/krb5/s4u_gss_glue.c | 2 +- - src/lib/krb5/ccache/cc_keyring.c | 4 ++-- - src/lib/krb5/krb/get_in_tkt.c | 15 +++++++-------- - 10 files changed, 31 insertions(+), 22 deletions(-) - -diff --git a/src/include/k5-int.h b/src/include/k5-int.h -index c3aecba7d4..768110e5ef 100644 ---- a/src/include/k5-int.h -+++ b/src/include/k5-int.h -@@ -2325,6 +2325,15 @@ ts_delta(krb5_timestamp a, krb5_timestamp b) - return (krb5_deltat)((uint32_t)a - (uint32_t)b); - } - -+/* Return (end - start) as an unsigned 32-bit value, or 0 if start > end. */ -+static inline uint32_t -+ts_interval(krb5_timestamp start, krb5_timestamp end) -+{ -+ if ((uint32_t)start > (uint32_t)end) -+ return 0; -+ return (uint32_t)end - (uint32_t)start; -+} -+ - /* Increment a timestamp by a signed 32-bit interval, without relying on - * undefined behavior. */ - static inline krb5_timestamp -diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c -index 1bc807172b..7de2c9fd77 100644 ---- a/src/lib/gssapi/krb5/accept_sec_context.c -+++ b/src/lib/gssapi/krb5/accept_sec_context.c -@@ -353,8 +353,8 @@ kg_accept_dce(minor_status, context_handle, verifier_cred_handle, - *mech_type = ctx->mech_used; - - if (time_rec) { -- *time_rec = ts_delta(ctx->krb_times.endtime, now) + -- ctx->k5_context->clockskew; -+ *time_rec = ts_interval(now - ctx->k5_context->clockskew, -+ ctx->krb_times.endtime); - } - - /* Never return GSS_C_DELEG_FLAG since we don't support DCE credential -@@ -1151,8 +1151,10 @@ kg_accept_krb5(minor_status, context_handle, - - /* Add the maximum allowable clock skew as a grace period for context - * expiration, just as we do for the ticket. */ -- if (time_rec) -- *time_rec = ts_delta(ctx->krb_times.endtime, now) + context->clockskew; -+ if (time_rec) { -+ *time_rec = ts_interval(now - context->clockskew, -+ ctx->krb_times.endtime); -+ } - - if (ret_flags) - *ret_flags = ctx->gss_flags; -diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c -index e226a02692..006eba114d 100644 ---- a/src/lib/gssapi/krb5/acquire_cred.c -+++ b/src/lib/gssapi/krb5/acquire_cred.c -@@ -879,8 +879,7 @@ acquire_cred_context(krb5_context context, OM_uint32 *minor_status, - GSS_C_NO_NAME); - if (GSS_ERROR(ret)) - goto error_out; -- *time_rec = ts_after(cred->expire, now) ? -- ts_delta(cred->expire, now) : 0; -+ *time_rec = ts_interval(now, cred->expire); - k5_mutex_unlock(&cred->lock); - } - } -diff --git a/src/lib/gssapi/krb5/context_time.c b/src/lib/gssapi/krb5/context_time.c -index 1fdb5a16f2..5469d8154c 100644 ---- a/src/lib/gssapi/krb5/context_time.c -+++ b/src/lib/gssapi/krb5/context_time.c -@@ -51,7 +51,7 @@ krb5_gss_context_time(minor_status, context_handle, time_rec) - return(GSS_S_FAILURE); - } - -- lifetime = ts_delta(ctx->krb_times.endtime, now); -+ lifetime = ts_interval(now, ctx->krb_times.endtime); - if (!ctx->initiate) - lifetime += ctx->k5_context->clockskew; - if (lifetime <= 0) { -diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c -index ea87cf6432..f0f094ccb7 100644 ---- a/src/lib/gssapi/krb5/init_sec_context.c -+++ b/src/lib/gssapi/krb5/init_sec_context.c -@@ -664,7 +664,7 @@ kg_new_connection( - if (time_rec) { - if ((code = krb5_timeofday(context, &now))) - goto cleanup; -- *time_rec = ts_delta(ctx->krb_times.endtime, now); -+ *time_rec = ts_interval(now, ctx->krb_times.endtime); - } - - /* set the other returns */ -@@ -878,7 +878,7 @@ mutual_auth( - if (time_rec) { - if ((code = krb5_timeofday(context, &now))) - goto fail; -- *time_rec = ts_delta(ctx->krb_times.endtime, now); -+ *time_rec = ts_interval(now, ctx->krb_times.endtime); - } - - if (ret_flags) -diff --git a/src/lib/gssapi/krb5/inq_context.c b/src/lib/gssapi/krb5/inq_context.c -index cac024da1f..51c484fdfe 100644 ---- a/src/lib/gssapi/krb5/inq_context.c -+++ b/src/lib/gssapi/krb5/inq_context.c -@@ -120,7 +120,7 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, - - /* Add the maximum allowable clock skew as a grace period for context - * expiration, just as we do for the ticket during authentication. */ -- lifetime = ts_delta(ctx->krb_times.endtime, now); -+ lifetime = ts_interval(now, ctx->krb_times.endtime); - if (!ctx->initiate) - lifetime += context->clockskew; - if (lifetime < 0) -diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c -index bb63b726c8..0e675959a3 100644 ---- a/src/lib/gssapi/krb5/inq_cred.c -+++ b/src/lib/gssapi/krb5/inq_cred.c -@@ -131,7 +131,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret, - } - - if (cred->expire != 0) { -- lifetime = ts_delta(cred->expire, now); -+ lifetime = ts_interval(now, cred->expire); - if (lifetime < 0) - lifetime = 0; - } -diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c -index 7dcfe4e1eb..fa7f980af7 100644 ---- a/src/lib/gssapi/krb5/s4u_gss_glue.c -+++ b/src/lib/gssapi/krb5/s4u_gss_glue.c -@@ -279,7 +279,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status, - if (code != 0) - goto cleanup; - -- *time_rec = ts_delta(cred->expire, now); -+ *time_rec = ts_interval(now, cred->expire); - } - - major_status = GSS_S_COMPLETE; -diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c -index ebef37d607..1dadeef64f 100644 ---- a/src/lib/krb5/ccache/cc_keyring.c -+++ b/src/lib/krb5/ccache/cc_keyring.c -@@ -762,7 +762,7 @@ update_keyring_expiration(krb5_context context, krb5_ccache id) - - /* Setting the timeout to zero would reset the timeout, so we set it to one - * second instead if creds are already expired. */ -- timeout = ts_after(endtime, now) ? ts_delta(endtime, now) : 1; -+ timeout = ts_after(endtime, now) ? ts_interval(now, endtime) : 1; - (void)keyctl_set_timeout(data->cache_id, timeout); - } - -@@ -1343,7 +1343,7 @@ krcc_store(krb5_context context, krb5_ccache id, krb5_creds *creds) - - if (ts_after(creds->times.endtime, now)) { - (void)keyctl_set_timeout(cred_key, -- ts_delta(creds->times.endtime, now)); -+ ts_interval(now, creds->times.endtime)); - } - - update_keyring_expiration(context, id); -diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c -index 8b5ab595e9..1b420a3ac2 100644 ---- a/src/lib/krb5/krb/get_in_tkt.c -+++ b/src/lib/krb5/krb/get_in_tkt.c -@@ -1522,7 +1522,7 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options, - void *expire_data; - krb5_timestamp pw_exp, acct_exp, now; - krb5_boolean is_last_req; -- krb5_deltat delta; -+ uint32_t interval; - char ts[256], banner[1024]; - - if (as_reply == NULL || as_reply->enc_part2 == NULL) -@@ -1553,8 +1553,8 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options, - ret = krb5_timeofday(context, &now); - if (ret != 0) - return; -- if (!is_last_req && -- (ts_after(now, pw_exp) || ts_delta(pw_exp, now) > 7 * 24 * 60 * 60)) -+ interval = ts_interval(now, pw_exp); -+ if (!is_last_req && (!interval || interval > 7 * 24 * 60 * 60)) - return; - - if (!prompter) -@@ -1564,19 +1564,18 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options, - if (ret != 0) - return; - -- delta = ts_delta(pw_exp, now); -- if (delta < 3600) { -+ if (interval < 3600) { - snprintf(banner, sizeof(banner), - _("Warning: Your password will expire in less than one hour " - "on %s"), ts); -- } else if (delta < 86400 * 2) { -+ } else if (interval < 86400 * 2) { - snprintf(banner, sizeof(banner), - _("Warning: Your password will expire in %d hour%s on %s"), -- delta / 3600, delta < 7200 ? "" : "s", ts); -+ interval / 3600, interval < 7200 ? "" : "s", ts); - } else { - snprintf(banner, sizeof(banner), - _("Warning: Your password will expire in %d days on %s"), -- delta / 86400, ts); -+ interval / 86400, ts); - } - - /* PROMPTER_INVOCATION */ --- -2.38.1 - diff --git a/0017-Add-PAC-full-checksums.patch b/0017-Add-PAC-full-checksums.patch deleted file mode 100644 index f0a20f6429e00e51a61a7a6db0b52cbce9b1f967..0000000000000000000000000000000000000000 --- a/0017-Add-PAC-full-checksums.patch +++ /dev/null @@ -1,672 +0,0 @@ -From 5801da1ddc3b0984ad6997bb7a692eac85ff7dd3 Mon Sep 17 00:00:00 2001 -From: Greg Hudson -Date: Thu, 22 Dec 2022 03:05:23 -0500 -Subject: [PATCH] Add PAC full checksums - -A paper by Tom Tervoort noted that computing the PAC privsvr checksum -over only the server checksum is vulnerable to collision attacks -(CVE-2022-37967). In response, Microsoft has added a second KDC -checksum over the full contents of the PAC. Generate and verify full -KDC checksums in PACs for service tickets. Update the t_pac.c ticket -test case to use a ticket issued by a recent version of Active -Directory (provided by Stefan Metzmacher). - -ticket: 9084 (new) ---- - doc/appdev/refs/macros/index.rst | 1 + - src/include/krb5/krb5.hin | 1 + - src/lib/krb5/krb/pac.c | 92 +++++++++-------- - src/lib/krb5/krb/pac_sign.c | 146 +++++++++++++++----------- - src/lib/krb5/krb/t_pac.c | 171 ++++++++++++++++++------------- - src/tests/t_authdata.py | 4 +- - 6 files changed, 240 insertions(+), 175 deletions(-) - -diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst -index 5f34dea5e8..3eeee25593 100644 ---- a/doc/appdev/refs/macros/index.rst -+++ b/doc/appdev/refs/macros/index.rst -@@ -247,6 +247,7 @@ Public - KRB5_PAC_SERVER_CHECKSUM.rst - KRB5_PAC_TICKET_CHECKSUM.rst - KRB5_PAC_UPN_DNS_INFO.rst -+ KRB5_PAC_FULL_CHECKSUM.rst - KRB5_PADATA_AFS3_SALT.rst - KRB5_PADATA_AP_REQ.rst - KRB5_PADATA_AS_CHECKSUM.rst -diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin -index fb9f2a366c..2ba4010514 100644 ---- a/src/include/krb5/krb5.hin -+++ b/src/include/krb5/krb5.hin -@@ -8164,6 +8164,7 @@ krb5_verify_authdata_kdc_issued(krb5_context context, - #define KRB5_PAC_TICKET_CHECKSUM 16 /**< Ticket checksum */ - #define KRB5_PAC_ATTRIBUTES_INFO 17 /**< PAC attributes */ - #define KRB5_PAC_REQUESTOR 18 /**< PAC requestor SID */ -+#define KRB5_PAC_FULL_CHECKSUM 19 /**< KDC full checksum */ - - struct krb5_pac_data; - /** PAC data structure to convey authorization information */ -diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c -index f6c4373de0..954482e0c7 100644 ---- a/src/lib/krb5/krb/pac.c -+++ b/src/lib/krb5/krb/pac.c -@@ -490,7 +490,8 @@ zero_signature(krb5_context context, const krb5_pac pac, krb5_ui_4 type, - size_t i; - - assert(type == KRB5_PAC_SERVER_CHECKSUM || -- type == KRB5_PAC_PRIVSVR_CHECKSUM); -+ type == KRB5_PAC_PRIVSVR_CHECKSUM || -+ type == KRB5_PAC_FULL_CHECKSUM); - assert(data->length >= pac->data.length); - - for (i = 0; i < pac->pac->cBuffers; i++) { -@@ -557,17 +558,17 @@ verify_checksum(krb5_context context, const krb5_pac pac, uint32_t buffer_type, - } - - static krb5_error_code --verify_server_checksum(krb5_context context, const krb5_pac pac, -- const krb5_keyblock *server) -+verify_pac_checksums(krb5_context context, const krb5_pac pac, -+ krb5_boolean expect_full_checksum, -+ const krb5_keyblock *server, const krb5_keyblock *privsvr) - { - krb5_error_code ret; -- krb5_data copy; /* PAC with zeroed checksums */ -+ krb5_data copy, server_checksum; - -+ /* Make a copy of the PAC with zeroed out server and privsvr checksums. */ - ret = krb5int_copy_data_contents(context, &pac->data, ©); - if (ret) - return ret; -- -- /* Zero out both checksum buffers */ - ret = zero_signature(context, pac, KRB5_PAC_SERVER_CHECKSUM, ©); - if (ret) - goto cleanup; -@@ -575,32 +576,46 @@ verify_server_checksum(krb5_context context, const krb5_pac pac, - if (ret) - goto cleanup; - -- ret = verify_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM, server, -- KRB5_KEYUSAGE_APP_DATA_CKSUM, ©); -+ if (server != NULL) { -+ /* Verify the server checksum over the PAC copy. */ -+ ret = verify_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM, server, -+ KRB5_KEYUSAGE_APP_DATA_CKSUM, ©); -+ } - --cleanup: -- free(copy.data); -- return ret; --} -+ if (privsvr != NULL && expect_full_checksum) { -+ /* Zero the full checksum buffer in the copy and verify the full -+ * checksum over the copy with all three checksums zeroed. */ -+ ret = zero_signature(context, pac, KRB5_PAC_FULL_CHECKSUM, ©); -+ if (ret) -+ goto cleanup; -+ ret = verify_checksum(context, pac, KRB5_PAC_FULL_CHECKSUM, privsvr, -+ KRB5_KEYUSAGE_APP_DATA_CKSUM, ©); -+ if (ret) -+ goto cleanup; -+ } - --static krb5_error_code --verify_kdc_checksum(krb5_context context, const krb5_pac pac, -- const krb5_keyblock *privsvr) --{ -- krb5_error_code ret; -- krb5_data server_checksum; -+ if (privsvr != NULL) { -+ /* Verify the privsvr checksum over the server checksum. */ -+ ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM, -+ &server_checksum); -+ if (ret) -+ return ret; -+ if (server_checksum.length < PAC_SIGNATURE_DATA_LENGTH) -+ return KRB5_BAD_MSIZE; -+ server_checksum.data += PAC_SIGNATURE_DATA_LENGTH; -+ server_checksum.length -= PAC_SIGNATURE_DATA_LENGTH; - -- ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM, -- &server_checksum); -- if (ret) -- return ret; -- if (server_checksum.length < PAC_SIGNATURE_DATA_LENGTH) -- return KRB5_BAD_MSIZE; -- server_checksum.data += PAC_SIGNATURE_DATA_LENGTH; -- server_checksum.length -= PAC_SIGNATURE_DATA_LENGTH; -+ ret = verify_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, privsvr, -+ KRB5_KEYUSAGE_APP_DATA_CKSUM, &server_checksum); -+ if (ret) -+ goto cleanup; -+ } -+ -+ pac->verified = TRUE; - -- return verify_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, privsvr, -- KRB5_KEYUSAGE_APP_DATA_CKSUM, &server_checksum); -+cleanup: -+ free(copy.data); -+ return ret; - } - - /* Per MS-PAC 2.8.3, tickets encrypted to TGS and password change principals -@@ -628,6 +643,7 @@ krb5_kdc_verify_ticket(krb5_context context, const krb5_enc_tkt_part *enc_tkt, - krb5_authdata **authdata, *orig, **ifrel = NULL, **recoded_ifrel = NULL; - uint8_t z = 0; - krb5_authdata zpac = { KV5M_AUTHDATA, KRB5_AUTHDATA_WIN2K_PAC, 1, &z }; -+ krb5_boolean is_service_tkt; - size_t i, j; - - *pac_out = NULL; -@@ -669,7 +685,8 @@ krb5_kdc_verify_ticket(krb5_context context, const krb5_enc_tkt_part *enc_tkt, - if (ret) - goto cleanup; - -- if (privsvr != NULL && k5_pac_should_have_ticket_signature(server_princ)) { -+ is_service_tkt = k5_pac_should_have_ticket_signature(server_princ); -+ if (privsvr != NULL && is_service_tkt) { - /* To check the PAC ticket signatures, re-encode the ticket with the - * PAC contents replaced by a single zero. */ - orig = ifrel[j]; -@@ -693,8 +710,9 @@ krb5_kdc_verify_ticket(krb5_context context, const krb5_enc_tkt_part *enc_tkt, - goto cleanup; - } - -- ret = krb5_pac_verify_ext(context, pac, enc_tkt->times.authtime, NULL, -- server, privsvr, FALSE); -+ ret = verify_pac_checksums(context, pac, is_service_tkt, server, privsvr); -+ if (ret) -+ goto cleanup; - - *pac_out = pac; - pac = NULL; -@@ -730,14 +748,8 @@ krb5_pac_verify_ext(krb5_context context, - { - krb5_error_code ret; - -- if (server != NULL) { -- ret = verify_server_checksum(context, pac, server); -- if (ret != 0) -- return ret; -- } -- -- if (privsvr != NULL) { -- ret = verify_kdc_checksum(context, pac, privsvr); -+ if (server != NULL || privsvr != NULL) { -+ ret = verify_pac_checksums(context, pac, FALSE, server, privsvr); - if (ret != 0) - return ret; - } -@@ -749,8 +761,6 @@ krb5_pac_verify_ext(krb5_context context, - return ret; - } - -- pac->verified = TRUE; -- - return 0; - } - -diff --git a/src/lib/krb5/krb/pac_sign.c b/src/lib/krb5/krb/pac_sign.c -index 0f9581abbb..8ea61ac17b 100644 ---- a/src/lib/krb5/krb/pac_sign.c -+++ b/src/lib/krb5/krb/pac_sign.c -@@ -187,26 +187,41 @@ k5_pac_encode_header(krb5_context context, krb5_pac pac) - return 0; - } - --krb5_error_code KRB5_CALLCONV --krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime, -- krb5_const_principal principal, const krb5_keyblock *server_key, -- const krb5_keyblock *privsvr_key, krb5_data *data) -+/* Find the buffer of type buftype in pac and write within it a checksum of -+ * type cksumtype over data. Set *cksum_out to the checksum. */ -+static krb5_error_code -+compute_pac_checksum(krb5_context context, krb5_pac pac, uint32_t buftype, -+ const krb5_keyblock *key, krb5_cksumtype cksumtype, -+ const krb5_data *data, krb5_data *cksum_out) - { -- return krb5_pac_sign_ext(context, pac, authtime, principal, server_key, -- privsvr_key, FALSE, data); -+ krb5_error_code ret; -+ krb5_data buf; -+ krb5_crypto_iov iov[2]; -+ -+ ret = k5_pac_locate_buffer(context, pac, buftype, &buf); -+ if (ret) -+ return ret; -+ -+ assert(buf.length > PAC_SIGNATURE_DATA_LENGTH); -+ *cksum_out = make_data(buf.data + PAC_SIGNATURE_DATA_LENGTH, -+ buf.length - PAC_SIGNATURE_DATA_LENGTH); -+ iov[0].flags = KRB5_CRYPTO_TYPE_DATA; -+ iov[0].data = *data; -+ iov[1].flags = KRB5_CRYPTO_TYPE_CHECKSUM; -+ iov[1].data = *cksum_out; -+ return krb5_c_make_checksum_iov(context, cksumtype, key, -+ KRB5_KEYUSAGE_APP_DATA_CKSUM, iov, 2); - } - --krb5_error_code KRB5_CALLCONV --krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime, -- krb5_const_principal principal, -- const krb5_keyblock *server_key, -- const krb5_keyblock *privsvr_key, krb5_boolean with_realm, -- krb5_data *data) -+static krb5_error_code -+sign_pac(krb5_context context, krb5_pac pac, krb5_timestamp authtime, -+ krb5_const_principal principal, const krb5_keyblock *server_key, -+ const krb5_keyblock *privsvr_key, krb5_boolean with_realm, -+ krb5_boolean is_service_tkt, krb5_data *data) - { - krb5_error_code ret; -- krb5_data server_cksum, privsvr_cksum; -+ krb5_data full_cksum, server_cksum, privsvr_cksum; - krb5_cksumtype server_cksumtype, privsvr_cksumtype; -- krb5_crypto_iov iov[2]; - - data->length = 0; - data->data = NULL; -@@ -214,67 +229,53 @@ krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime, - if (principal != NULL) { - ret = k5_insert_client_info(context, pac, authtime, principal, - with_realm); -- if (ret != 0) -+ if (ret) - return ret; - } - -- /* Create zeroed buffers for both checksums */ -+ /* Create zeroed buffers for all checksums. */ - ret = k5_insert_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM, - server_key, &server_cksumtype); -- if (ret != 0) -+ if (ret) - return ret; -- - ret = k5_insert_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, - privsvr_key, &privsvr_cksumtype); -- if (ret != 0) -+ if (ret) - return ret; -+ if (is_service_tkt) { -+ ret = k5_insert_checksum(context, pac, KRB5_PAC_FULL_CHECKSUM, -+ privsvr_key, &privsvr_cksumtype); -+ if (ret) -+ return ret; -+ } - -- /* Now, encode the PAC header so that the checksums will include it */ -+ /* Encode the PAC header so that the checksums will include it. */ - ret = k5_pac_encode_header(context, pac); -- if (ret != 0) -- return ret; -- -- /* Generate the server checksum over the entire PAC */ -- ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_SERVER_CHECKSUM, -- &server_cksum); -- if (ret != 0) -+ if (ret) - return ret; - -- assert(server_cksum.length > PAC_SIGNATURE_DATA_LENGTH); -- -- iov[0].flags = KRB5_CRYPTO_TYPE_DATA; -- iov[0].data = pac->data; -- -- iov[1].flags = KRB5_CRYPTO_TYPE_CHECKSUM; -- iov[1].data.data = server_cksum.data + PAC_SIGNATURE_DATA_LENGTH; -- iov[1].data.length = server_cksum.length - PAC_SIGNATURE_DATA_LENGTH; -+ if (is_service_tkt) { -+ /* Generate a full KDC checksum over the whole PAC. */ -+ ret = compute_pac_checksum(context, pac, KRB5_PAC_FULL_CHECKSUM, -+ privsvr_key, privsvr_cksumtype, -+ &pac->data, &full_cksum); -+ if (ret) -+ return ret; -+ } - -- ret = krb5_c_make_checksum_iov(context, server_cksumtype, -- server_key, KRB5_KEYUSAGE_APP_DATA_CKSUM, -- iov, sizeof(iov)/sizeof(iov[0])); -- if (ret != 0) -+ /* Generate the server checksum over the whole PAC, including the full KDC -+ * checksum if we added one. */ -+ ret = compute_pac_checksum(context, pac, KRB5_PAC_SERVER_CHECKSUM, -+ server_key, server_cksumtype, &pac->data, -+ &server_cksum); -+ if (ret) - return ret; - -- /* Generate the privsvr checksum over the server checksum buffer */ -- ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, -+ /* Generate the privsvr checksum over the server checksum buffer. */ -+ ret = compute_pac_checksum(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM, -+ privsvr_key, privsvr_cksumtype, &server_cksum, - &privsvr_cksum); -- if (ret != 0) -- return ret; -- -- assert(privsvr_cksum.length > PAC_SIGNATURE_DATA_LENGTH); -- -- iov[0].flags = KRB5_CRYPTO_TYPE_DATA; -- iov[0].data.data = server_cksum.data + PAC_SIGNATURE_DATA_LENGTH; -- iov[0].data.length = server_cksum.length - PAC_SIGNATURE_DATA_LENGTH; -- -- iov[1].flags = KRB5_CRYPTO_TYPE_CHECKSUM; -- iov[1].data.data = privsvr_cksum.data + PAC_SIGNATURE_DATA_LENGTH; -- iov[1].data.length = privsvr_cksum.length - PAC_SIGNATURE_DATA_LENGTH; -- -- ret = krb5_c_make_checksum_iov(context, privsvr_cksumtype, -- privsvr_key, KRB5_KEYUSAGE_APP_DATA_CKSUM, -- iov, sizeof(iov)/sizeof(iov[0])); -- if (ret != 0) -+ if (ret) - return ret; - - data->data = k5memdup(pac->data.data, pac->data.length, &ret); -@@ -288,6 +289,26 @@ krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime, - return 0; - } - -+krb5_error_code KRB5_CALLCONV -+krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime, -+ krb5_const_principal principal, const krb5_keyblock *server_key, -+ const krb5_keyblock *privsvr_key, krb5_data *data) -+{ -+ return sign_pac(context, pac, authtime, principal, server_key, -+ privsvr_key, FALSE, FALSE, data); -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_pac_sign_ext(krb5_context context, krb5_pac pac, krb5_timestamp authtime, -+ krb5_const_principal principal, -+ const krb5_keyblock *server_key, -+ const krb5_keyblock *privsvr_key, krb5_boolean with_realm, -+ krb5_data *data) -+{ -+ return sign_pac(context, pac, authtime, principal, server_key, privsvr_key, -+ with_realm, FALSE, data); -+} -+ - /* Add a signature over der_enc_tkt in privsvr to pac. der_enc_tkt should be - * encoded with a dummy PAC authdata element containing a single zero byte. */ - static krb5_error_code -@@ -359,6 +380,7 @@ krb5_kdc_sign_ticket(krb5_context context, krb5_enc_tkt_part *enc_tkt, - krb5_error_code ret; - krb5_data *der_enc_tkt = NULL, pac_data = empty_data(); - krb5_authdata **list, *pac_ad; -+ krb5_boolean is_service_tkt; - size_t count; - - /* Reallocate space for another authdata element in enc_tkt. */ -@@ -377,7 +399,8 @@ krb5_kdc_sign_ticket(krb5_context context, krb5_enc_tkt_part *enc_tkt, - memmove(list + 1, list, (count + 1) * sizeof(*list)); - list[0] = pac_ad; - -- if (k5_pac_should_have_ticket_signature(server_princ)) { -+ is_service_tkt = k5_pac_should_have_ticket_signature(server_princ); -+ if (is_service_tkt) { - ret = encode_krb5_enc_tkt_part(enc_tkt, &der_enc_tkt); - if (ret) - goto cleanup; -@@ -388,9 +411,8 @@ krb5_kdc_sign_ticket(krb5_context context, krb5_enc_tkt_part *enc_tkt, - goto cleanup; - } - -- ret = krb5_pac_sign_ext(context, pac, enc_tkt->times.authtime, -- client_princ, server, privsvr, with_realm, -- &pac_data); -+ ret = sign_pac(context, pac, enc_tkt->times.authtime, client_princ, server, -+ privsvr, with_realm, is_service_tkt, &pac_data); - if (ret) - goto cleanup; - -diff --git a/src/lib/krb5/krb/t_pac.c b/src/lib/krb5/krb/t_pac.c -index 173bde7bab..81f1642ab0 100644 ---- a/src/lib/krb5/krb/t_pac.c -+++ b/src/lib/krb5/krb/t_pac.c -@@ -607,78 +607,102 @@ check_pac(krb5_context context, int index, const unsigned char *pdata, - - static const krb5_keyblock ticket_sig_krbtgt_key = { - 0, ENCTYPE_AES256_CTS_HMAC_SHA1_96, -- 32, U("\x7a\x58\x98\xd2\xaf\xa6\xaf\xc0\x6a\xce\x06\x04\x4b\xc2\x70\x84" -- "\x9b\x8e\x0a\x6c\x4c\x07\xdc\x6f\xbb\x48\x43\xe1\xd2\xaa\x97\xf7") -+ 32, U("\x03\x73\x81\xEC\x43\x96\x7B\xC2\xAC\x3D\xF5\x2A\xAE\x95\xA6\x8E" -+ "\xBE\x24\x58\xDB\xCE\x52\x28\x20\xAF\x5E\xB7\x04\xA2\x22\x71\x4F") - }; - - static const krb5_keyblock ticket_sig_server_key = { -- 0, ENCTYPE_ARCFOUR_HMAC, -- 16, U("\xed\x23\x11\x20\x7a\x21\x44\x20\xbf\xc0\x8d\x36\xf7\xf6\xb2\x3e") -+ 0, ENCTYPE_AES256_CTS_HMAC_SHA1_96, -+ 32, U("\x11\x4A\x84\xE3\x14\x8F\xAA\xB1\xFA\x7B\x53\x51\xB2\x8A\xC2\xF1" -+ "\xFD\x19\x6D\x61\xE0\xF3\xF2\x3E\x1F\xDB\xD3\xC1\x79\x7D\xC1\xEE") - }; - -+/* A ticket issued by an Active Directory KDC (Windows Server 2022), containing -+ * a PAC with a full checksum. */ - static const krb5_data ticket_data = { -- .length = 972, .data = -- "\x61\x82\x03\xC8\x30\x82\x03\xC4\xA0\x03\x02\x01\x05\xA1\x0A\x1B" -- "\x08\x43\x44\x4F\x4D\x2E\x43\x4F\x4D\xA2\x0F\x30\x0D\xA0\x03\x02" -- "\x01\x01\xA1\x06\x30\x04\x1B\x02\x73\x31\xA3\x82\x03\x9E\x30\x82" -- "\x03\x9A\xA0\x03\x02\x01\x17\xA1\x03\x02\x01\x03\xA2\x82\x03\x8C" -- "\x04\x82\x03\x88\x44\x31\x61\x20\x17\xC9\xFE\xBC\xAC\x46\xB5\x77" -- "\xE9\x68\x04\x4C\x9B\x31\x91\x0C\xC1\xD4\xDD\xEF\xC7\x34\x20\x08" -- "\x90\x91\xE8\x79\xE0\xB5\x03\x26\xA4\x65\xDE\xEC\x47\x03\x2A\x8F" -- "\x61\xE7\x4D\x38\x5A\x42\x95\x5A\xF9\x2F\x41\x2C\x2A\x6E\x60\xA1" -- "\xEB\x51\xB3\xBD\x4C\x00\x41\x2A\x44\x76\x08\x37\x1A\x51\xFD\x65" -- "\x67\x7E\xBF\x3D\x90\x86\xE3\x9A\x54\x6B\x67\xA8\x08\x7A\x73\xCC" -- "\xC3\xB7\x4B\xD5\x5C\x3A\x14\x6C\xC1\x5F\x54\x4B\x92\x55\xB4\xB7" -- "\x92\x23\x3F\x53\x89\x47\x8E\x1F\x8B\xB9\xDB\x3B\x93\xE8\x70\xE4" -- "\x24\xB8\x9D\xF0\x0E\x35\x28\xF8\x7A\x27\x5D\xF7\x25\x97\x9C\xF5" -- "\x9F\x9F\x64\x04\xF2\xA3\xAB\x11\x15\xB6\xDA\x18\xD6\x46\xD5\xE6" -- "\xB8\x08\xDE\x0A\x62\xFD\xF8\xAA\x52\x90\xD9\x67\x29\xB2\xCD\x06" -- "\xB6\xB0\x50\x2B\x3F\x0F\xA3\xA5\xBF\xAA\x6E\x40\x03\xD6\x5F\x02" -- "\xBC\xD8\x18\x47\x97\x09\xD7\xE4\x96\x3B\xCB\xEB\x92\x2C\x3C\x49" -- "\xFF\x1F\x71\xE0\x52\x94\x0F\x8B\x9F\xB8\x2A\xBB\x9C\xE2\xA3\xDD" -- "\x38\x89\xE2\xB1\x0B\x9E\x1F\x7A\xB3\xE3\xD2\xB0\x94\xDC\x87\xBE" -- "\x37\xA6\xD3\xB3\x29\x35\x9A\x72\xC3\x7A\xF1\xA9\xE6\xC5\xD1\x26" -- "\x83\x65\x44\x17\xBA\x55\xA8\x5E\x94\x26\xED\xE9\x8A\x93\x11\x5D" -- "\x7E\x20\x1B\x9C\x15\x9E\x13\x37\x03\x4D\xDD\x99\x51\xD8\x66\x29" -- "\x6A\xB9\xFB\x49\xFE\x52\x78\xDA\x86\x85\xA9\xA3\xB9\xEF\xEC\xAD" -- "\x35\xA6\x8D\xAC\x0F\x75\x22\xBB\x0B\x49\x1C\x13\x52\x40\xC9\x52" -- "\x69\x09\x54\xD1\x0F\x94\x3F\x22\x48\x67\xB0\x96\x28\xAA\xE6\x28" -- "\xD9\x0C\x08\xEF\x51\xED\x15\x5E\xA2\x53\x59\xA5\x03\xB4\x06\x20" -- "\x3D\xCC\xB4\xC5\xF8\x8C\x73\x67\xA3\x21\x3D\x19\xCD\xD4\x12\x28" -- "\xD2\x93\xDE\x0D\xF0\x71\x10\x50\xD6\x33\x35\x04\x11\x64\x43\x39" -- "\xC3\xDF\x96\xE3\x66\xE3\x85\xCA\xE7\x67\x14\x3A\xF0\x43\xAA\xBB" -- "\xD4\x1D\xB5\x24\xB5\x74\x90\x25\xA7\x87\x7E\xDB\xD3\x83\x8A\x3A" -- "\x69\xA8\x2D\xAF\xB7\xB8\xF3\xDC\x13\xAF\x45\x61\x3F\x59\x39\x7E" -- "\x69\xDE\x0C\x04\xF1\x10\x6B\xB4\x56\xFA\x21\x9F\x72\x2B\x60\x86" -- "\xE3\x23\x0E\xC4\x51\xF6\xBE\xD8\xE1\x5F\xEE\x73\x4C\x17\x4C\x2C" -- "\x1B\xFB\x9F\x1F\x7A\x3B\x07\x5B\x8E\xF1\x01\xAC\xD6\x30\x94\x8A" -- "\x5D\x22\x6F\x08\xCE\xED\x5E\xB6\xDB\x86\x8C\x87\xEB\x8D\x91\xFF" -- "\x0A\x86\x30\xBD\xC0\xF8\x25\xE7\xAE\x24\x35\xF2\xFC\xE5\xFD\x1B" -- "\xB0\x05\x4A\xA3\xE5\xEB\x2E\x05\xAD\x99\x67\x49\x87\xE6\xB3\x87" -- "\x82\xA4\x59\xA7\x6E\xDD\xF2\xB6\x66\xE8\xF7\x70\xF5\xBD\xC9\x0E" -- "\xFA\x9C\x79\x84\xD4\x9B\x05\x0E\xBB\xF5\xDB\xEF\xFC\xCC\x26\xF2" -- "\x93\xCF\xD2\x04\x3C\xA9\x2C\x65\x42\x97\x86\xD8\x38\x0A\x1E\xF6" -- "\xD6\xCA\x30\xB5\x1A\xEC\xFB\xBA\x3B\x84\x57\xB0\xFD\xFB\xE6\xBC" -- "\xF2\x76\xF6\x4C\xBB\xAB\xB1\x31\xA1\x27\x7C\xE6\xE6\x81\xB6\xCE" -- "\x84\x86\x40\xB6\x40\x33\xC4\xF8\xB4\x15\xCF\xAA\xA5\x51\x78\xB9" -- "\x8B\x50\x25\xB2\x88\x86\x96\x72\x8C\x71\x4D\xB5\x3A\x94\x86\x77" -- "\x0E\x95\x9B\x16\x93\xEF\x3A\x11\x79\xBA\x83\xF7\x74\xD3\x8D\xBA" -- "\x15\xE1\x2C\x04\x57\xA8\x92\x1E\x9D\x00\x8E\x20\xFD\x30\x70\xE7" -- "\xF5\x65\x2F\x19\x0C\x94\xBA\x03\x71\x12\x96\xCD\xC8\xB4\x96\xDB" -- "\xCE\x19\xC2\xDF\x3C\xC2\xF6\x3D\x53\xED\x98\xA5\x41\x72\x2A\x22" -- "\x7B\xF3\x2B\x17\x6C\xE1\x39\x7D\xAE\x9B\x11\xF9\xC1\xA6\x9E\x9F" -- "\x89\x3C\x12\xAA\x94\x74\xA7\x4F\x70\xE8\xB9\xDE\x04\xF0\x9D\x39" -- "\x24\x2D\x92\xE8\x46\x2D\x2E\xF0\x40\x66\x1A\xD9\x27\xF9\x98\xF1" -- "\x81\x1D\x70\x62\x63\x30\x6D\xCD\x84\x04\x5F\xFA\x83\xD3\xEC\x8D" -- "\x86\xFB\x40\x61\xC1\x8A\x45\xFF\x7B\xD9\xD4\x18\x61\x7F\x51\xE3" -- "\xFC\x1E\x18\xF0\xAF\xC6\x18\x2C\xE1\x6D\x5D\xF9\x62\xFC\x20\xA3" -- "\xB2\x8A\x5F\xE5\xBB\x29\x0F\x99\x63\x07\x88\x38\x3A\x3B\x73\x2A" -- "\x6D\xDA\x3D\xA8\x0D\x8F\x56\x41\x89\x82\xE5\xB8\x61\x00\x64\x7D" -- "\x17\x0C\xCE\x03\x55\x8F\xF4\x5B\x0D\x50\xF2\xEB\x05\x67\xBE\xDB" -- "\x7B\x75\xC5\xEA\xA1\xAB\x1D\xB0\x3C\x6D\x42\x08\x0B\x9A\x45\x20" -- "\xA8\x8F\xE5\x67\x47\x30\xDE\x93\x5F\x43\x05\xEB\xA8\x2D\x80\xF5" -- "\x1A\xB8\x4A\x4E\x42\x2D\x0B\x7A\xDC\x46\x20\x2D\x13\x17\xDD\x4B" -- "\x94\x96\xAA\x1F\x06\x0C\x1F\x62\x07\x9C\x40\xA1" -+ .length = 1307, .data = -+ "\x61\x82\x05\x17\x30\x82\x05\x13\xA0\x03\x02\x01\x05\xA1\x0F\x1B" -+ "\x0D\x57\x32\x30\x32\x32\x2D\x4C\x37\x2E\x42\x41\x53\x45\xA2\x2A" -+ "\x30\x28\xA0\x03\x02\x01\x01\xA1\x21\x30\x1F\x1B\x04\x63\x69\x66" -+ "\x73\x1B\x17\x77\x32\x30\x32\x32\x2D\x31\x31\x38\x2E\x77\x32\x30" -+ "\x32\x32\x2D\x6C\x37\x2E\x62\x61\x73\x65\xA3\x82\x04\xCD\x30\x82" -+ "\x04\xC9\xA0\x03\x02\x01\x12\xA1\x03\x02\x01\x05\xA2\x82\x04\xBB" -+ "\x04\x82\x04\xB7\x44\x5C\x7B\x5A\x3F\x2E\xA3\x50\x34\xDE\xB0\x69" -+ "\x23\x2D\x47\x89\x2C\xC0\xA3\xF9\xDD\x70\xAA\xA5\x1E\xFE\x74\xE5" -+ "\x19\xA2\x4F\x65\x6C\x9E\x00\xB4\x60\x00\x7C\x0C\x29\x43\x31\x99" -+ "\x77\x02\x73\xED\xB9\x40\xF5\xD2\xD1\xC9\x20\x0F\xE3\x38\xF9\xCC" -+ "\x5E\x2A\xBD\x1F\x91\x66\x1A\xD8\x2A\x80\x3C\x2C\x00\x3C\x1E\xC9" -+ "\x2A\x29\x19\x19\x96\x18\x54\x03\x97\x8F\x1D\x5F\xDB\xE9\x66\x68" -+ "\xCD\xB1\xD5\x00\x35\x69\x49\x45\xF1\x6A\x78\x7B\x37\x71\x87\x14" -+ "\x1C\x98\x4D\x69\xCB\x1B\xD8\xF5\xA3\xD8\x53\x4A\x75\x76\x62\xBA" -+ "\x6C\x3F\xEA\x8B\x97\x21\xCA\x8A\x46\x4B\x38\xDA\x09\x9F\x5A\xC8" -+ "\x38\xFF\x34\x97\x5B\xA2\xE5\xBA\xC9\x87\x17\xD8\x08\x05\x7A\x83" -+ "\x04\xD6\x02\x8E\x9B\x18\xB6\x40\x1A\xF7\x47\x25\x24\x3E\x37\x1E" -+ "\xF6\xC1\x3A\x1F\xCA\xB3\x43\x5A\xAE\x94\x83\x31\xAF\xFB\xEE\xED" -+ "\x46\x71\xEF\xE2\x37\x37\x15\xFE\x1B\x0B\x9E\xF8\x3E\x0C\x43\x96" -+ "\xB6\x0A\x04\x78\xF8\x5E\xAA\x33\x1F\xE2\x07\x5A\x8D\xC4\x4E\x32" -+ "\x6D\xD6\xA0\xC5\xEA\x3D\x12\x59\xD4\x41\x40\x4E\xA1\xD8\xBE\xED" -+ "\x17\xCB\x68\xCC\x59\xCB\x53\xB2\x0E\x58\x8A\xA9\x33\x7F\x6F\x2B" -+ "\x37\x89\x08\x44\xBA\xC7\x67\x17\xBB\x91\xF7\xC3\x0F\x00\xF8\xAA" -+ "\xA1\x33\xA6\x08\x47\xCA\xFA\xE8\x49\x27\x45\x46\xF1\xC1\xC3\x5F" -+ "\xE2\x45\x0A\x7D\x64\x52\x8C\x2E\xE1\xDE\xFF\xB2\x64\xEC\x69\x98" -+ "\x15\xDF\x9E\xB1\xEB\xD6\x9D\x08\x06\x4E\x73\xC1\x0B\x71\x21\x05" -+ "\x9E\xBC\xA2\x17\xCF\xB3\x70\xF4\xEF\xB8\x69\xA9\x94\x27\xFD\x5E" -+ "\x72\xB1\x2D\xD2\x20\x1B\x57\x80\xAB\x38\x97\xCF\x22\x68\x4F\xB8" -+ "\xB7\x17\x53\x25\x67\x0B\xED\xD1\x58\x20\x0D\x45\xF9\x09\xFA\xE7" -+ "\x61\x3E\xDB\xC2\x59\x7B\x3A\x3B\x59\x81\x51\xAA\xA4\x81\xF4\x96" -+ "\x3B\xE1\x6F\x6F\xF4\x8E\x68\x9E\xBA\x1E\x0F\xF2\x44\x68\x11\xFC" -+ "\x2B\x5F\xBE\xF2\xEA\x07\x80\xB9\xCA\x9E\x41\xBD\x2F\x81\xF5\x11" -+ "\x2A\x12\xF3\x4F\xD6\x12\x16\x0F\x21\x90\xF1\xD3\x1E\xF1\xA4\x94" -+ "\x46\xEA\x30\xF3\x84\x06\xC1\xA4\x51\xFC\x43\x35\xBD\xEF\x4D\x89" -+ "\x1D\xA5\x44\xB2\x69\xC4\x0F\xBF\x86\x01\x08\x44\x77\xD5\xB4\xB7" -+ "\x5C\x3F\xA7\xD4\x2F\x39\x73\x85\x88\xEE\xB1\x64\x1D\x80\x6C\xEE" -+ "\x6E\x31\x90\x92\x0D\xA1\xB7\xC4\x5C\xCC\xEE\x91\xC8\xCB\x11\x2D" -+ "\x4A\x1A\x7D\x43\x8F\xEB\x60\x09\xED\x1B\x07\x58\xBE\xBC\xBD\x29" -+ "\xF3\xB3\xA3\x4F\xC5\x8A\x30\x33\xB9\xA9\x9F\x43\x08\x27\x15\xC4" -+ "\x9C\x5D\x8E\xBD\x5C\x05\xC6\x05\x9C\x87\x60\x08\x1E\xE2\x52\xB8" -+ "\x45\x8D\x28\xB6\x2C\x15\x46\x74\x9F\x0E\xAA\x6B\x70\x3A\x2A\x55" -+ "\x45\x26\xB2\x58\x4D\x35\xA6\xF1\x96\xBE\x60\xB2\x71\x7B\xF8\x54" -+ "\xB9\x90\x21\x8E\xB9\x0F\x35\x98\x5E\x88\xEB\x1A\x53\xB4\x59\x7F" -+ "\xAF\x69\x1C\x61\x67\xF4\xF6\xBD\xAC\x24\xCD\xB7\xA9\x67\xE8\xA1" -+ "\x83\x85\x5F\x11\x74\x1F\xF7\x4C\x78\x36\xEF\x50\x74\x88\x58\x4B" -+ "\x1A\x9F\x84\x9A\x9A\x05\x92\xEC\x1D\xD5\xF3\xC4\x95\x51\x28\xE2" -+ "\x3F\x32\x87\xB2\xFD\x21\x27\x66\xE4\x6B\x85\x2F\xDC\x7B\xC0\x22" -+ "\xEB\x7A\x94\x20\x5A\x7B\xD3\x7A\xB9\x5B\xF8\x1A\x5A\x84\x4E\xA1" -+ "\x73\x41\x53\xD2\x60\xF7\x7C\xEE\x68\x59\x85\x80\xFC\x3D\x70\x4B" -+ "\x04\x32\xE7\xF2\xFD\xBD\xB3\xD9\x21\xE2\x37\x56\xA2\x16\xCC\xDE" -+ "\x8A\xD3\xBC\x71\xEF\x58\x19\x0E\x45\x8A\x5B\x53\xD6\x77\x30\x6A" -+ "\xA7\xF8\x68\x06\x4E\x07\xCA\xCE\x30\xD7\x35\xAB\x1A\xC7\x18\xD4" -+ "\xC6\x2F\x1A\xFF\xE9\x7A\x94\x0B\x76\x5E\x7E\x29\x0C\xE6\xD3\x3B" -+ "\x5B\x44\x96\xA8\xF1\x29\x23\x95\xD9\x79\xB3\x39\xFC\x76\xED\xE1" -+ "\x1E\x67\x4E\xF7\xE8\x7B\x7A\x12\x9E\xD8\x4B\x35\x09\x0A\xF2\xC1" -+ "\x63\x5B\xEE\xFD\x2A\xC2\xA6\x66\x30\x3C\x1F\x95\xAF\x65\x22\x95" -+ "\x14\x1D\xF5\xD5\xDC\x38\x79\x35\x1C\xCD\x24\x47\xE0\xFD\x08\xC8" -+ "\xF4\x15\x55\x9F\xD9\xC7\xAC\x3F\x67\xB3\x4F\xEB\x26\x7C\x8E\xD6" -+ "\x74\xB3\x0A\xCD\xE7\xFA\xBE\x7E\xA3\x3E\xEC\x61\x50\x77\x52\x56" -+ "\xCF\x90\x5D\x48\xFB\xD4\x2C\x6C\x61\x8B\xDD\x2B\xF5\x92\x1F\x30" -+ "\xBF\x3F\x80\x0D\x31\xDB\xB2\x0B\x7D\x84\xE3\xA6\x42\x7F\x00\x38" -+ "\x44\x02\xC5\xB8\xD9\x58\x29\x9D\x68\x5C\x32\x8B\x76\xAE\xED\x15" -+ "\xF9\x7C\xAE\x7B\xB6\x8E\xD6\x54\x24\xFF\xFA\x87\x05\xEF\x15\x08" -+ "\x5E\x4B\x21\xA2\x2F\x49\xE7\x0F\xC3\xD0\xB9\x49\x22\xEF\xD5\xCA" -+ "\xB2\x11\xF2\x17\xB6\x77\x24\x68\x76\xB2\x07\xF8\x0A\x73\xDD\x65" -+ "\x9C\x75\x64\xF7\xA1\xC6\x23\x08\x84\x72\x3E\x54\x2E\xEB\x9B\x40" -+ "\xA6\x83\x87\xEB\xB5\x00\x40\x4F\xE1\x72\x2A\x59\x3A\x06\x60\x29" -+ "\x7E\x25\x2F\xD8\x80\x40\x8C\x59\xCA\xCF\x8E\x44\xE4\x2D\x84\x7E" -+ "\xCB\xFD\x1E\x3B\xD5\xFF\x9A\xB9\x66\x93\x6D\x5E\xC8\xB7\x13\x26" -+ "\xD6\x38\x1B\x2B\xE1\x87\x96\x05\xD5\xF3\xAB\x68\xF7\x12\x62\x2C" -+ "\x58\xC1\xC9\x85\x3C\x72\xF1\x26\xEE\xC0\x09\x5F\x1D\x4B\xAC\x01" -+ "\x41\xC8\x12\xF8\xF3\x93\x43\x41\xFF\xEC\x0B\x80\xE2\xEE\x20\x85" -+ "\x25\xCD\x6C\x30\x8C\x0D\x24\x2E\xBA\x19\xEA\x28\x7F\xCF\xD5\x10" -+ "\x5C\xE9\xB2\x9D\x5F\x16\xE4\xC0\xF3\xCC\xD9\x68\x4A\x05\x08\x70" -+ "\x17\x26\xC8\x5C\x4A\xBF\x94\x6A\x0E\xD5\xDA\x67\x47\x4B\xAF\x44" -+ "\xE3\x94\xAA\x05\xDB\xA2\x49\x74\xFA\x5C\x69\xAB\x44\xB7\xF7\xBA" -+ "\xAE\x7A\x23\x87\xEB\x54\x7E\x80\xF1\x5B\x60\xA5\x93\xE5\xD4\x24" -+ "\x84\xF7\x0A\x16\x10\xBE\xE9\x4D\xD8\x6B\x15\x40\x5D\x74\xDA\x1B" -+ "\xFF\x2E\x4D\x17\x9D\x35\xF7\x0D\xCF\x66\x38\x0D\x8A\xE4\xDD\x6B" -+ "\xE1\x0F\x1F\xBD\xFD\x4F\x30\x37\x3F\x96\xB4\x92\x54\xD3\x9A\x7A" -+ "\xD1\x5B\x5B\xA9\x54\x16\xE6\x24\xAB\xD4\x23\x39\x7D\xD2\xC7\x09" -+ "\xFA\xD4\x86\x55\x4D\x60\xC2\x87\x67\x6B\xE6" - }; - - static void -@@ -686,7 +710,7 @@ test_pac_ticket_signature(krb5_context context) - { - krb5_error_code ret; - krb5_ticket *ticket; -- krb5_principal sprinc; -+ krb5_principal cprinc, sprinc; - krb5_authdata **authdata1, **authdata2; - krb5_pac pac, pac2, pac3; - uint32_t *list; -@@ -701,7 +725,13 @@ test_pac_ticket_signature(krb5_context context) - if (ret) - err(context, ret, "while decrypting ticket"); - -- ret = krb5_parse_name(context, "s1@CDOM.COM", &sprinc); -+ ret = krb5_parse_name(context, "administrator@W2022-L7.BASE", &cprinc); -+ if (ret) -+ err(context, ret, "krb5_parse_name"); -+ -+ ret = krb5_parse_name(context, -+ "cifs/w2022-118.w2022-l7.base@W2022-L7.BASE", -+ &sprinc); - if (ret) - err(context, ret, "krb5_parse_name"); - -@@ -713,7 +743,7 @@ test_pac_ticket_signature(krb5_context context) - - /* In this test, the server is also the client. */ - ret = krb5_pac_verify(context, pac, ticket->enc_part2->times.authtime, -- ticket->server, NULL, NULL); -+ cprinc, NULL, NULL); - if (ret) - err(context, ret, "while verifying PAC client info"); - -@@ -722,7 +752,7 @@ test_pac_ticket_signature(krb5_context context) - ticket->enc_part2->authorization_data = NULL; - - ret = krb5_kdc_sign_ticket(context, ticket->enc_part2, pac, sprinc, -- sprinc, &ticket_sig_server_key, -+ cprinc, &ticket_sig_server_key, - &ticket_sig_krbtgt_key, FALSE); - if (ret) - err(context, ret, "while signing ticket"); -@@ -781,6 +811,7 @@ test_pac_ticket_signature(krb5_context context) - krb5_pac_free(context, pac); - krb5_pac_free(context, pac2); - krb5_pac_free(context, pac3); -+ krb5_free_principal(context, cprinc); - krb5_free_principal(context, sprinc); - krb5_free_ticket(context, ticket); - } -diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py -index 47ea9e4b47..e934799268 100644 ---- a/src/tests/t_authdata.py -+++ b/src/tests/t_authdata.py -@@ -11,7 +11,7 @@ realm = K5Realm(krb5_conf=conf) - # container. - mark('baseline authdata') - out = realm.run(['./adata', realm.host_princ]) --if '?128: [6, 7, 10, 16]' not in out or '^-42: Hello' not in out: -+if '?128: [6, 7, 10, 16, 19]' not in out or '^-42: Hello' not in out: - fail('expected authdata not seen for basic request') - - # Requested authdata is copied into the ticket, with KDC-only types -@@ -243,7 +243,7 @@ out = realm.run(['./adata', '-p', realm.user_princ, 'service/2']) - if '+97: [indcl]' not in out or '[inds1]' in out: - fail('correct auth-indicator not seen for S4U2Proxy req') - # Make sure a PAC with an S4U_DELEGATION_INFO(11) buffer is included. --if '?128: [1, 6, 7, 10, 11, 16]' not in out: -+if '?128: [1, 6, 7, 10, 11, 16, 19]' not in out: - fail('PAC with delegation info not seen for S4U2Proxy req') - - # Get another S4U2Proxy ticket including request-authdata. --- -2.39.1 - diff --git a/krb5-1.20.2.tar.gz b/krb5-1.20.2.tar.gz deleted file mode 100644 index 10cac7806cf91f735e92e9f50ed4a9b2b5505b63..0000000000000000000000000000000000000000 Binary files a/krb5-1.20.2.tar.gz and /dev/null differ diff --git a/krb5-1.21.2.tar.gz b/krb5-1.21.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..02bd0cc4ea05691a5a5e38a42ccd4c2c93178fed Binary files /dev/null and b/krb5-1.21.2.tar.gz differ diff --git a/krb5.spec b/krb5.spec index 03fefa4f8153e4f3cf0579e570967ca64a86777d..de33fdfa11db6a57095d186489da5a896eaedee8 100644 --- a/krb5.spec +++ b/krb5.spec @@ -13,11 +13,11 @@ Summary: The Kerberos network authentication system Name: krb5 -Version: 1.20.2 +Version: 1.21.2 Release: %{anolis_release}%{?dist} # rharwood has trust path to signing key and verifies on check-in -Source0: https://web.mit.edu/kerberos/dist/krb5/1.20/krb5-%{version}.tar.gz +Source0: https://web.mit.edu/kerberos/dist/krb5/1.21/krb5-%{version}.tar.gz Source2: kprop.service Source3: kadmin.service @@ -38,18 +38,12 @@ Patch0: 0000-add-ldflags-to-shared-libs.patch Patch1: 0001-downstream-ksu-pam-integration.patch Patch2: 0002-downstream-SELinux-integration.patch Patch3: 0003-downstream-fix-debuginfo-with-y.tab.c.patch -Patch4: 0004-downstream-Remove-3des-support.patch Patch5: 0005-downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch Patch6: 0006-downstream-Allow-krad-UDP-TCP-localhost-connection-w.patch -Patch7: 0007-Add-configure-variable-for-default-PKCS-11-module.patch -Patch8: 0008-Set-reasonable-supportedCMSTypes-in-PKINIT.patch -Patch9: 0009-Simplify-plugin-loading-code.patch -Patch12: 0012-Add-and-use-ts_interval-helper.patch Patch13: 0013-downstream-Make-tests-compatible-with-sssd_krb5_loca.patch Patch14: 0014-downstream-Include-missing-OpenSSL-FIPS-header.patch Patch15: 0015-downstream-Do-not-set-root-as-ksu-file-owner.patch Patch16: 0016-downstream-Allow-KRB5KDF-MD5-and-MD4-in-FIPS-mode.patch -Patch17: 0017-Add-PAC-full-checksums.patch License: MIT URL: https://web.mit.edu/kerberos/www/ @@ -685,6 +679,9 @@ exit 0 %{_datarootdir}/%{name}-tests/ %changelog +* Wed Mar 13 2024 dash - 1.21.2-1 +- New version 1.21.2 + * Thu Aug 10 2023 Funda Wang - 1.20.2-1 - New version 1.20.2