/src/samba/third_party/heimdal/lib/krb5/crypto-des-common.c

Source
/*
 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
 * (Royal Institute of Technology, Stockholm, Sweden).
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * 3. Neither the name of the Institute nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

/* Functions which are used by both single and triple DES enctypes */

#include "krb5_locl.h"

/*
 * A = A xor B. A & B are 8 bytes.
 */

KRB5_LIB_FUNCTION void KRB5_LIB_CALL
_krb5_xor8(unsigned char *a, const unsigned char *b)
{
    a[0] ^= b[0];
    a[1] ^= b[1];
    a[2] ^= b[2];
    a[3] ^= b[3];
    a[4] ^= b[4];
    a[5] ^= b[5];
    a[6] ^= b[6];
    a[7] ^= b[7];
}

#if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO)
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
_krb5_des_checksum(krb5_context context,
       const EVP_MD *evp_md,
       struct _krb5_key_data *key,
       const struct krb5_crypto_iov *iov,
       int niov,
       Checksum *cksum)
{
    struct _krb5_evp_schedule *ctx = key->schedule->data;
    EVP_MD_CTX *m;
    DES_cblock ivec;
    int i;
    unsigned char *p = cksum->checksum.data;

    krb5_generate_random_block(p, 8);

    m = EVP_MD_CTX_create();
    if (m == NULL)
  return krb5_enomem(context);

    EVP_DigestInit_ex(m, evp_md, NULL);
    EVP_DigestUpdate(m, p, 8);
    for (i = 0; i < niov; i++) {
  if (_krb5_crypto_iov_should_sign(&iov[i]))
      EVP_DigestUpdate(m, iov[i].data.data, iov[i].data.length);
    }
    EVP_DigestFinal_ex (m, p + 8, NULL);
    EVP_MD_CTX_destroy(m);
    memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec));
    EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
    EVP_Cipher(&ctx->ectx, p, p, 24);

    return 0;
}

KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
_krb5_des_verify(krb5_context context,
     const EVP_MD *evp_md,
     struct _krb5_key_data *key,
     const struct krb5_crypto_iov *iov,
     int niov,
     Checksum *C)
{
    struct _krb5_evp_schedule *ctx = key->schedule->data;
    EVP_MD_CTX *m;
    unsigned char tmp[24];
    unsigned char res[16];
    DES_cblock ivec;
    krb5_error_code ret = 0;
    int i;

    m = EVP_MD_CTX_create();
    if (m == NULL)
  return krb5_enomem(context);

    memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec));
    EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1);
    EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24);

    EVP_DigestInit_ex(m, evp_md, NULL);
    EVP_DigestUpdate(m, tmp, 8); /* confounder */
    for (i = 0; i < niov; i++) {
  if (_krb5_crypto_iov_should_sign(&iov[i]))
      EVP_DigestUpdate(m, iov[i].data.data, iov[i].data.length);
    }
    EVP_DigestFinal_ex (m, res, NULL);
    EVP_MD_CTX_destroy(m);
    if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
  krb5_clear_error_message (context);
  ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
    }
    memset_s(tmp, sizeof(tmp), 0, sizeof(tmp));
    memset_s(res, sizeof(res), 0, sizeof(res));
    return ret;
}

#endif

static krb5_error_code
RSA_MD5_checksum(krb5_context context,
     krb5_crypto crypto,
     struct _krb5_key_data *key,
     unsigned usage,
     const struct krb5_crypto_iov *iov,
     int niov,
     Checksum *C)
{
    if (_krb5_evp_digest_iov(crypto, iov, niov, C->checksum.data,
           NULL, EVP_md5(), NULL) != 1)
  krb5_abortx(context, "md5 checksum failed");

    return 0;
}

struct _krb5_checksum_type _krb5_checksum_rsa_md5 = {
    CKSUMTYPE_RSA_MD5,
    "rsa-md5",
    64,
    16,
    F_CPROOF,
    RSA_MD5_checksum,
    NULL
};

Line	Count	Source
1		/*
2		* Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3		* (Royal Institute of Technology, Stockholm, Sweden).
4		* All rights reserved.
5		*
6		* Redistribution and use in source and binary forms, with or without
7		* modification, are permitted provided that the following conditions
8		* are met:
9		*
10		* 1. Redistributions of source code must retain the above copyright
11		* notice, this list of conditions and the following disclaimer.
12		*
13		* 2. Redistributions in binary form must reproduce the above copyright
14		* notice, this list of conditions and the following disclaimer in the
15		* documentation and/or other materials provided with the distribution.
16		*
17		* 3. Neither the name of the Institute nor the names of its contributors
18		* may be used to endorse or promote products derived from this software
19		* without specific prior written permission.
20		*
21		* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22		* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24		* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25		* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26		* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27		* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29		* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30		* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31		* SUCH DAMAGE.
32		*/
33
34		/* Functions which are used by both single and triple DES enctypes */
35
36		#include "krb5_locl.h"
37
38		/*
39		* A = A xor B. A & B are 8 bytes.
40		*/
41
42		KRB5_LIB_FUNCTION void KRB5_LIB_CALL
43		_krb5_xor8(unsigned char a, const unsigned char b)
44	0	{
45	0	a[0] ^= b[0];
46	0	a[1] ^= b[1];
47	0	a[2] ^= b[2];
48	0	a[3] ^= b[3];
49	0	a[4] ^= b[4];
50	0	a[5] ^= b[5];
51	0	a[6] ^= b[6];
52	0	a[7] ^= b[7];
53	0	}
54
55		#if defined(DES3_OLD_ENCTYPE) \|\| defined(HEIM_WEAK_CRYPTO)
56		KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
57		_krb5_des_checksum(krb5_context context,
58		const EVP_MD *evp_md,
59		struct _krb5_key_data *key,
60		const struct krb5_crypto_iov *iov,
61		int niov,
62		Checksum *cksum)
63	0	{
64	0	struct _krb5_evp_schedule *ctx = key->schedule->data;
65	0	EVP_MD_CTX *m;
66	0	DES_cblock ivec;
67	0	int i;
68	0	unsigned char *p = cksum->checksum.data;
69
70	0	krb5_generate_random_block(p, 8);
71
72	0	m = EVP_MD_CTX_create();
73	0	if (m == NULL)
74	0	return krb5_enomem(context);
75
76	0	EVP_DigestInit_ex(m, evp_md, NULL);
77	0	EVP_DigestUpdate(m, p, 8);
78	0	for (i = 0; i < niov; i++) {
79	0	if (_krb5_crypto_iov_should_sign(&iov[i]))
80	0	EVP_DigestUpdate(m, iov[i].data.data, iov[i].data.length);
81	0	}
82	0	EVP_DigestFinal_ex (m, p + 8, NULL);
83	0	EVP_MD_CTX_destroy(m);
84	0	memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec));
85	0	EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
86	0	EVP_Cipher(&ctx->ectx, p, p, 24);
87
88	0	return 0;
89	0	}
90
91		KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
92		_krb5_des_verify(krb5_context context,
93		const EVP_MD *evp_md,
94		struct _krb5_key_data *key,
95		const struct krb5_crypto_iov *iov,
96		int niov,
97		Checksum *C)
98	0	{
99	0	struct _krb5_evp_schedule *ctx = key->schedule->data;
100	0	EVP_MD_CTX *m;
101	0	unsigned char tmp[24];
102	0	unsigned char res[16];
103	0	DES_cblock ivec;
104	0	krb5_error_code ret = 0;
105	0	int i;
106
107	0	m = EVP_MD_CTX_create();
108	0	if (m == NULL)
109	0	return krb5_enomem(context);
110
111	0	memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec));
112	0	EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1);
113	0	EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24);
114
115	0	EVP_DigestInit_ex(m, evp_md, NULL);
116	0	EVP_DigestUpdate(m, tmp, 8); /* confounder */
117	0	for (i = 0; i < niov; i++) {
118	0	if (_krb5_crypto_iov_should_sign(&iov[i]))
119	0	EVP_DigestUpdate(m, iov[i].data.data, iov[i].data.length);
120	0	}
121	0	EVP_DigestFinal_ex (m, res, NULL);
122	0	EVP_MD_CTX_destroy(m);
123	0	if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
124	0	krb5_clear_error_message (context);
125	0	ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
126	0	}
127	0	memset_s(tmp, sizeof(tmp), 0, sizeof(tmp));
128	0	memset_s(res, sizeof(res), 0, sizeof(res));
129	0	return ret;
130	0	}
131
132		#endif
133
134		static krb5_error_code
135		RSA_MD5_checksum(krb5_context context,
136		krb5_crypto crypto,
137		struct _krb5_key_data *key,
138		unsigned usage,
139		const struct krb5_crypto_iov *iov,
140		int niov,
141		Checksum *C)
142	0	{
143	0	if (_krb5_evp_digest_iov(crypto, iov, niov, C->checksum.data,
144	0	NULL, EVP_md5(), NULL) != 1)
145	0	krb5_abortx(context, "md5 checksum failed");
146
147	0	return 0;
148	0	}
149
150		struct _krb5_checksum_type _krb5_checksum_rsa_md5 = {
151		CKSUMTYPE_RSA_MD5,
152		"rsa-md5",
153		64,
154		16,
155		F_CPROOF,
156		RSA_MD5_checksum,
157		NULL
158		};

Coverage Report

Created: 2026-01-16 06:47