sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-05 21:57:51 +03:00
Code

r14198: Update Samba4 to current lorikeet-heimdal.

Browse Source 
Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2006-03-11 04:03:12 +00:00 committed by Gerald (Jerry) Carter
parent 1badf363ab
commit 97a0a0e2fa
66 changed files with 3033 additions and 863 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
source/heimdal/fix-export
View File

@ -1,79 +0,0 @@
#! /bin/sh
# $Id: fix-export,v 1.39 2005/08/11 08:57:52 lha Exp $
distdir="$1"
echo "fixing distribution in $distdir..."
test -d "$distdir" || { echo not a dir in \$distdir ; exit 1 ; }
cd $distdir
if test "$DATEDVERSION"; then
ed -s configure.in << END
/AC_INIT/s/AC_INIT(\([^,]*\), [^,]*, \(.*\))/AC_INIT(\1, $DATEDVERSION, \2)/
w
q
END
error=WARN
exitcmd=:
else
error=ERROR
exitcmd=exit
fi
ver=`sed -n 's/AC_INIT([^,]*,\([^,]*\),.*/\1/p' configure.in`
M="* This is version $ver. *"
echo "$M" | sed -e 's/./*/g'
echo "$M"
echo "$M" | sed -e 's/./*/g'
autoreconf --force --install
(cd doc && makeinfo heimdal.texi)
find . -name Makefile.am | while read f; do
for i in `sed -n -e '/^man_MANS/{
:loop
p
/[^\\]$/b quit
n
b loop
}
:quit' $f | sed 's/man_MANS//;s/=//;s/[ \\][ \\]*/ /g'`; do
x=`dirname $f`/$i
y=`dirname $f`/`echo $i | sed 's/[0-9]$/cat&/'`
echo `grog -Tascii $x` \> $y
`grog -Tascii $x` > $y
perl -p -e 'exit 1 if (/NetBSD|FreeBSD|OpenBSD|Linux|OSF|Solaris/); exit 0;' $y
if [ $? != 0 ] ; then
echo "$error: catfile $y contains operating system"
head -1 $y
$exitcmd
fi
done
done
make_proto () {
(top=`pwd`
cd $1
b=`basename $1`
if test X"$5" != X ; then
e="-E $5";
else
e=
fi
perl $top/cf/make-proto.pl $e -o $2 -p $3 `(perl -p -e 's/^(include|if|else|endif)\b/##$1/' Makefile.am;
echo 'print-sources:; @if test "$(proto_opts)"; then echo $(proto_opts); else echo -q -P comment; fi; echo '$4 | sort -u ) | make -f - print-sources `)
}
make_proto lib/krb5 krb5-protos.h krb5-private.h '$(libkrb5_la_SOURCES)' KRB5_LIB_FUNCTION
make_proto lib/kadm5 kadm5-protos.h kadm5-private.h '$(libkadm5srv_la_SOURCES) $(libkadm5clnt_la_SOURCES)'
make_proto lib/hdb hdb-protos.h hdb-private.h '$(libhdb_la_SOURCES)'
make_proto appl/login login_protos.h /dev/null '$(login_SOURCES)'
make_proto kcm kcm_protos.h /dev/null '$(kcm_SOURCES)'
make_proto kdc kdc-protos.h /dev/null '$(libkdc_la_SOURCES)'
rm -fr autom4te*.cache
echo "tar cf - ${distdir} \| gzip -9 > ${distdir}.tar.gz"
echo "gpg -ba -u 0x45D901D8 ${distdir}.tar.gz"

6
source/heimdal/kdc/kdc-private.h
View File

@ -29,7 +29,7 @@ _kdc_db_fetch (
krb5_context /*context*/,
krb5_kdc_configuration */*config*/,
krb5_principal /*principal*/,
enum hdb_ent_type,
enum hdb_ent_type /*ent_type*/,
hdb_entry_ex **/*h*/);
krb5_error_code
@ -104,7 +104,7 @@ _kdc_pk_check_client (
krb5_context /*context*/,
krb5_kdc_configuration */*config*/,
krb5_principal /*client_princ*/,
const hdb_entry */*client*/,
const hdb_entry_ex */*client*/,
pk_client_params */*client_params*/,
char **/*subject_name*/);
@ -125,7 +125,7 @@ _kdc_pk_mk_pa_reply (
krb5_context /*context*/,
krb5_kdc_configuration */*config*/,
pk_client_params */*client_params*/,
const hdb_entry */*client*/,
const hdb_entry_ex */*client*/,
const KDC_REQ */*req*/,
const krb5_data */*req_buffer*/,
krb5_keyblock **/*reply_key*/,

95
source/heimdal/kdc/kdc_locl.h
View File

@ -61,101 +61,10 @@ extern int detach_from_console;
extern struct timeval _kdc_now;
#define kdc_time (_kdc_now.tv_sec)
krb5_error_code
_kdc_as_rep(krb5_context context,
krb5_kdc_configuration *config,
KDC_REQ*, const krb5_data*, krb5_data*,
const char*, struct sockaddr*);
void
loop(krb5_context context, krb5_kdc_configuration *config);
krb5_kdc_configuration *
configure(krb5_context context, int argc, char **argv);
krb5_error_code
_kdc_db_fetch(krb5_context context,
krb5_kdc_configuration *config,
krb5_principal principal, enum hdb_ent_type ent_type,
hdb_entry_ex **h);
void
_kdc_free_ent(krb5_context context, hdb_entry_ex *ent);
void
loop(krb5_context context, krb5_kdc_configuration *config);
krb5_error_code
_kdc_tgs_rep (krb5_context context,
krb5_kdc_configuration *config,
KDC_REQ*, krb5_data*, const char*, struct sockaddr *);
krb5_error_code
_kdc_check_flags(krb5_context context,
krb5_kdc_configuration *config,
hdb_entry *client, const char *client_name,
hdb_entry *server, const char *server_name,
krb5_boolean is_as_req);
krb5_error_code
_kdc_get_des_key(krb5_context context, hdb_entry_ex*,
krb5_boolean, krb5_boolean, Key**);
krb5_error_code
_kdc_encode_v4_ticket(krb5_context context,
krb5_kdc_configuration *config,
void *buf, size_t len, const EncTicketPart *et,
const PrincipalName *service, size_t *size);
krb5_error_code
_kdc_do_524(krb5_context context,
krb5_kdc_configuration *config,
const Ticket *t, krb5_data *reply,
const char *from, struct sockaddr *addr);
#ifdef PKINIT
typedef struct pk_client_params pk_client_params;
krb5_error_code _kdc_pk_initialize(krb5_context,
krb5_kdc_configuration *,
const char *,
const char *);
krb5_error_code _kdc_pk_rd_padata(krb5_context, krb5_kdc_configuration *,
KDC_REQ *, PA_DATA *, pk_client_params **);
krb5_error_code _kdc_pk_mk_pa_reply(krb5_context,
krb5_kdc_configuration *,
pk_client_params *,
const hdb_entry *,
const KDC_REQ *,
const krb5_data *,
krb5_keyblock **,
METHOD_DATA *);
krb5_error_code _kdc_pk_check_client(krb5_context,
krb5_kdc_configuration *,
krb5_principal,
const hdb_entry *,
pk_client_params *, char **);
void _kdc_pk_free_client_param(krb5_context, pk_client_params *);
#endif
/*
* Kerberos 4
*/
krb5_error_code
_kdc_db_fetch4 (krb5_context context,
krb5_kdc_configuration *config,
const char*, const char*, const char*, enum hdb_ent_type, hdb_entry_ex**);
krb5_error_code
_kdc_do_version4 (krb5_context context,
krb5_kdc_configuration *config,
unsigned char*, size_t, krb5_data*, const char*,
struct sockaddr_in*);
int
_kdc_maybe_version4(unsigned char*, int);
krb5_error_code
_kdc_do_kaserver (krb5_context context,
krb5_kdc_configuration *config,
unsigned char*, size_t, krb5_data*,
const char*, struct sockaddr_in*);
#endif /* __KDC_LOCL_H__ */

3
source/heimdal/kdc/kerberos5.c
View File

@ -804,8 +804,7 @@ _kdc_as_rep(krb5_context context,
KDC_REQ_BODY *b = &req->req_body;
AS_REP rep;
KDCOptions f = b->kdc_options;
hdb_entry_ex *client = NULL;
hdb_entry_ex *server = NULL;
hdb_entry_ex *client = NULL, *server = NULL;
krb5_enctype cetype, setype;
EncTicketPart et;
EncKDCRepPart ek;

4
source/heimdal/kdc/misc.c
View File

@ -33,7 +33,7 @@
#include "kdc_locl.h"
RCSID("$Id: misc.c,v 1.26 2005/12/12 12:37:31 lha Exp $");
RCSID("$Id: misc.c,v 1.27 2006/01/01 23:17:16 lha Exp $");
struct timeval _kdc_now;
@ -47,7 +47,7 @@ _kdc_db_fetch(krb5_context context,
krb5_error_code ret = HDB_ERR_NOENTRY;
int i;
ent = malloc (sizeof (*ent));
ent = calloc (1, sizeof (*ent));
if (ent == NULL)
return ENOMEM;

18
source/heimdal/kdc/pkinit.c
View File

@ -33,7 +33,7 @@
#include "kdc_locl.h"
RCSID("$Id: pkinit.c,v 1.49 2005/10/21 17:14:19 lha Exp $");
RCSID("$Id: pkinit.c,v 1.50 2006/02/13 11:48:21 lha Exp $");
#ifdef PKINIT
@ -175,13 +175,17 @@ pk_check_pkauthenticator(krb5_context context,
return ret;
}
if (a->paChecksum.length != checksum.checksum.length ||
memcmp(a->paChecksum.data, checksum.checksum.data,
checksum.checksum.length) != 0)
{
if (a->paChecksum == NULL) {
krb5_clear_error_string(context);
ret = KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED;
goto out;
}
if (heim_octet_string_cmp(a->paChecksum, &checksum.checksum) != 0) {
krb5_clear_error_string(context);
ret = KRB5KRB_ERR_GENERIC;
}
out:
free_Checksum(&checksum);
return ret;
@ -1122,7 +1126,7 @@ krb5_error_code
_kdc_pk_mk_pa_reply(krb5_context context,
krb5_kdc_configuration *config,
pk_client_params *client_params,
const hdb_entry *client,
const hdb_entry_ex *client,
const KDC_REQ *req,
const krb5_data *req_buffer,
krb5_keyblock **reply_key,
@ -1379,7 +1383,7 @@ krb5_error_code
_kdc_pk_check_client(krb5_context context,
krb5_kdc_configuration *config,
krb5_principal client_princ,
const hdb_entry *client,
const hdb_entry_ex *client,
pk_client_params *client_params,
char **subject_name)
{

10
source/heimdal/lib/asn1/asn1_gen.c
View File

@ -40,7 +40,7 @@
#include <hex.h>
#include <err.h>
RCSID("$Id: asn1_gen.c,v 1.3 2005/08/11 10:44:43 lha Exp $");
RCSID("$Id: asn1_gen.c,v 1.4 2006/01/30 15:06:03 lha Exp $");
static int
doit(const char *fn)
@ -87,13 +87,13 @@ doit(const char *fn)
ptr++;
class = strtok_r(ptr, " \t\n", &foo);
if (class == NULL) errx(1, "class missing one line %lu", line);
if (class == NULL) errx(1, "class missing on line %lu", line);
type = strtok_r(NULL, " \t\n", &foo);
if (type == NULL) errx(1, "type missing one line %lu", line);
if (type == NULL) errx(1, "type missing on line %lu", line);
tag = strtok_r(NULL, " \t\n", &foo);
if (tag == NULL) errx(1, "tag missing one line %lu", line);
if (tag == NULL) errx(1, "tag missing on line %lu", line);
length = strtok_r(NULL, " \t\n", &foo);
if (length == NULL) errx(1, "length missing one line %lu", line);
if (length == NULL) errx(1, "length missing on line %lu", line);
data = strtok_r(NULL, " \t\n", &foo);
c = der_get_class_num(class);

8
source/heimdal/lib/asn1/der.h
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
/* $Id: der.h,v 1.30 2005/10/07 03:48:00 lha Exp $ */
/* $Id: der.h,v 1.32 2006/01/30 15:25:25 lha Exp $ */
#ifndef __DER_H__
#define __DER_H__
@ -65,8 +65,10 @@ enum {
UT_IA5String = 22,
UT_UTCTime = 23,
UT_GeneralizedTime = 24,
UT_UniversalString = 25,
UT_VisibleString = 26,
UT_GeneralString = 27,
UT_BMPString = 30,
/* unsupported types */
UT_ObjectDescriptor = 7,
UT_External = 8,
@ -76,9 +78,7 @@ enum {
UT_NumericString = 18,
UT_TeletexString = 20,
UT_VideotexString = 21,
UT_GraphicString = 25,
UT_UniversalString = 25,
UT_BMPString = 30,
UT_GraphicString = 25
};
#define ASN1_INDEFINITE 0xdce0deed

4
source/heimdal/lib/asn1/der_cmp.c
View File

@ -74,10 +74,10 @@ heim_bit_string_cmp(const heim_bit_string *p, const heim_bit_string *q)
int
heim_integer_cmp(const heim_integer *p, const heim_integer *q)
{
if (p->negative != q->negative)
return q->negative - p->negative;
if (p->length != q->length)
return p->length - q->length;
if (p->negative != q->negative)
return p->negative - q->negative;
return memcmp(p->data, q->data, p->length);
}

3
source/heimdal/lib/asn1/der_copy.c
View File

@ -33,7 +33,7 @@
#include "der_locl.h"
RCSID("$Id: der_copy.c,v 1.13 2005/07/12 06:27:20 lha Exp $");
RCSID("$Id: der_copy.c,v 1.14 2006/01/04 23:41:29 lha Exp $");
int
copy_general_string (const heim_general_string *from, heim_general_string *to)
@ -106,6 +106,7 @@ copy_heim_integer (const heim_integer *from, heim_integer *to)
if(to->length != 0 && to->data == NULL)
return ENOMEM;
memcpy(to->data, from->data, to->length);
to->negative = from->negative;
return 0;
}

105
source/heimdal/lib/asn1/der_format.c Normal file
View File

@ -0,0 +1,105 @@
/*
* Copyright (c) 2005 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "der_locl.h"
#include <hex.h>
RCSID("$Id: der_format.c,v 1.2 2006/01/16 23:01:11 lha Exp $");
int
der_parse_hex_heim_integer (const char *p, heim_integer *data)
{
ssize_t len;
data->length = 0;
data->negative = 0;
data->data = NULL;
if (*p == '-') {
p++;
data->negative = 1;
}
len = strlen(p);
if (len < 0) {
data->data = NULL;
data->length = 0;
return EINVAL;
}
data->length = (len / 2) + 1;
data->data = malloc(data->length);
if (data->data == NULL) {
data->length = 0;
return ENOMEM;
}
len = hex_decode(p, data->data, data->length);
if (len < 0) {
free(data->data);
data->data = NULL;
data->length = 0;
return EINVAL;
}
{
unsigned char *p = data->data;
while(*p == 0 && len > 0) {
p++;
len--;
}
data->length = len;
memmove(data->data, p, len);
}
return 0;
}
int
der_print_hex_heim_integer (const heim_integer *data, char **p)
{
ssize_t len;
char *q;
len = hex_encode(data->data, data->length, p);
if (len < 0)
return ENOMEM;
if (data->negative) {
len = asprintf(&q, "-%s", *p);
free(*p);
if (len < 0)
return ENOMEM;
*p = q;
}
return 0;
}

31
source/heimdal/lib/asn1/der_get.c
View File

@ -33,7 +33,7 @@
#include "der_locl.h"
RCSID("$Id: der_get.c,v 1.44 2005/07/19 18:04:00 lha Exp $");
RCSID("$Id: der_get.c,v 1.45 2006/01/20 10:03:50 lha Exp $");
#include <version.h>
@ -241,14 +241,13 @@ der_get_heim_integer (const unsigned char *p, size_t len,
return 0;
}
if (p[0] & 0x80) {
unsigned char *q;
int carry = 1;
data->negative = 1;
return ASN1_OVERRUN;
} else {
data->negative = 0;
data->length = len;
if (p[0] == 0 && data->length != 1) {
if (p[0] == 0xff) {
p++;
data->length--;
}
@ -257,6 +256,28 @@ der_get_heim_integer (const unsigned char *p, size_t len,
data->length = 0;
return ENOMEM;
}
q = &((unsigned char*)data->data)[data->length - 1];
p += data->length - 1;
while (q >= (unsigned char*)data->data) {
*q = *p ^ 0xff;
if (carry)
carry = !++*q;
p--;
q--;
}
} else {
data->negative = 0;
data->length = len;
if (p[0] == 0) {
p++;
data->length--;
}
data->data = malloc(data->length);
if (data->data == NULL && data->length != 0) {
data->length = 0;
return ENOMEM;
}
memcpy(data->data, p, data->length);
}
if (size)

4
source/heimdal/lib/asn1/der_length.c
View File

@ -33,7 +33,7 @@
#include "der_locl.h"
RCSID("$Id: der_length.c,v 1.17 2005/07/12 06:27:22 lha Exp $");
RCSID("$Id: der_length.c,v 1.18 2006/01/20 10:04:46 lha Exp $");
size_t
_heim_len_unsigned (unsigned val)
@ -178,7 +178,7 @@ length_heim_integer (const heim_integer *k)
if (k->length == 0)
return 1;
if (k->negative)
return k->length + ((((unsigned char *)k->data)[0] & 0x80) ? 0 : 1);
return k->length + (((~(((unsigned char *)k->data)[0])) & 0x80) ? 0 : 1);
else
return k->length + ((((unsigned char *)k->data)[0] & 0x80) ? 1 : 0);
}

26
source/heimdal/lib/asn1/extra.c
View File

@ -34,7 +34,7 @@
#include "der_locl.h"
#include "heim_asn1.h"
RCSID("$Id: extra.c,v 1.5 2005/07/19 18:05:16 lha Exp $");
RCSID("$Id: extra.c,v 1.6 2006/01/31 09:44:54 lha Exp $");
int
encode_heim_any(unsigned char *p, size_t len,
@ -59,10 +59,7 @@ decode_heim_any(const unsigned char *p, size_t len,
unsigned int thistag;
int e;
if (data == NULL && len == 0) { /* XXX tag less OPTIONAL */
*size = 0;
return 0;
}
memset(data, 0, sizeof(*data));
e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l);
if (e) return e;
@ -73,16 +70,15 @@ decode_heim_any(const unsigned char *p, size_t len,
if (length + len_len + l > len)
return ASN1_OVERFLOW;
if (data) { /* XXX hack to workaround tag less OPTIONAL data */
memset(data, 0, sizeof(*data));
data->data = malloc(length + len_len + l);
if (data->data == NULL)
return ENOMEM;
data->length = length + len_len + l;
memcpy(data->data, p, length + len_len + l);
}
if (size) *size = length + len_len + l;
data->data = malloc(length + len_len + l);
if (data->data == NULL)
return ENOMEM;
data->length = length + len_len + l;
memcpy(data->data, p, length + len_len + l);
if (size)
*size = length + len_len + l;
return 0;
}

79
source/heimdal/lib/asn1/parse.y
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
/* $Id: parse.y,v 1.25 2005/08/23 10:52:31 lha Exp $ */
/* $Id: parse.y,v 1.27 2005/12/14 09:44:36 lha Exp $ */
%{
#ifdef HAVE_CONFIG_H
@ -45,9 +45,10 @@
#include "gen_locl.h"
#include "der.h"
RCSID("$Id: parse.y,v 1.25 2005/08/23 10:52:31 lha Exp $");
RCSID("$Id: parse.y,v 1.27 2005/12/14 09:44:36 lha Exp $");
static Type *new_type (Typetype t);
static struct constraint_spec *new_constraint_spec(enum ctype);
static Type *new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype);
void yyerror (const char *);
static struct objid *new_objid(const char *label, int value);
@ -73,6 +74,7 @@ struct string_list {
struct string_list *sl;
struct tagtype tag;
struct memhead *members;
struct constraint_spec *constraint_spec;
}
%token kw_ABSENT
@ -183,6 +185,7 @@ struct string_list {
%type <type> BitStringType
%type <type> BooleanType
%type <type> ChoiceType
%type <type> ConstrainedType
%type <type> EnumeratedType
%type <type> IntegerType
%type <type> NullType
@ -215,6 +218,12 @@ struct string_list {
%type <sl> referencenames
%type <constraint_spec> Constraint
%type <constraint_spec> ConstraintSpec
%type <constraint_spec> GeneralConstraint
%type <constraint_spec> ContentsConstraint
%type <constraint_spec> UserDefinedConstraint
%start ModuleDefinition
%%
@ -300,6 +309,7 @@ TypeAssignment : IDENTIFIER EEQUAL Type
Type : BuiltinType
| ReferencedType
| ConstrainedType
;
BuiltinType : BitStringType
@ -507,6 +517,63 @@ UsefulType : kw_GeneralizedTime
}
;
ConstrainedType : Type Constraint
{
/* if (Constraint.type == contentConstrant) {
assert(Constraint.u.constraint.type == octetstring|bitstring-w/o-NamedBitList); // remember to check type reference too
if (Constraint.u.constraint.type) {
assert((Constraint.u.constraint.type.length % 8) == 0);
}
}
if (Constraint.u.constraint.encoding) {
type == der-oid|ber-oid
}
*/
}
;
Constraint : '(' ConstraintSpec ')'
{
$$ = $2;
}
ConstraintSpec : GeneralConstraint
GeneralConstraint: ContentsConstraint
| UserDefinedConstraint
;
ContentsConstraint: kw_CONTAINING Type
{
$$ = new_constraint_spec(CT_CONTENTS);
$$->u.content.type = $2;
$$->u.content.encoding = NULL;
}
| kw_ENCODED kw_BY Value
{
if ($3->type != objectidentifiervalue)
error_message("Non-OID used in ENCODED BY constraint");
$$ = new_constraint_spec(CT_CONTENTS);
$$->u.content.type = NULL;
$$->u.content.encoding = $3;
}
| kw_CONTAINING Type kw_ENCODED kw_BY Value
{
if ($5->type != objectidentifiervalue)
error_message("Non-OID used in ENCODED BY constraint");
$$ = new_constraint_spec(CT_CONTENTS);
$$->u.content.type = $2;
$$->u.content.encoding = $5;
}
;
UserDefinedConstraint: kw_CONSTRAINED kw_BY '{' '}'
{
$$ = new_constraint_spec(CT_USER);
}
;
TaggedType : Tag tagenv Type
{
$$ = new_type(TTag);
@ -861,6 +928,14 @@ new_type (Typetype tt)
return t;
}
static struct constraint_spec *
new_constraint_spec(enum ctype ct)
{
struct constraint_spec *c = ecalloc(1, sizeof(*c));
c->ctype = ct;
return c;
}
static void fix_labels2(Type *t, const char *prefix);
static void fix_labels1(struct memhead *members, const char *prefix)
{

19
source/heimdal/lib/com_err/lex.c
View File

@ -1,4 +1,4 @@
/* A lexical scanner generated by flex */
/* A lexical scanner generated by flex*/
/* Scanner skeleton version:
* $Header: /home/daffy/u0/vern/flex/RCS/flex.skl,v 2.91 96/09/10 16:58:48 vern Exp $
@ -134,6 +134,15 @@ extern FILE *yyin, *yyout;
#define unput(c) yyunput( c, yytext_ptr )
/* Some routines like yy_flex_realloc() are emitted as static but are
not called by all lexers. This generates warnings in some compilers,
notably GCC. Arrange to suppress these. */
#ifdef __GNUC__
#define YY_MAY_BE_UNUSED __attribute__((unused))
#else
#define YY_MAY_BE_UNUSED
#endif
/* The following is because we cannot portably get our hands on size_t
* (without autoconf's help, which isn't available because we want
* flex-generated scanners to compile on their own).
@ -240,7 +249,7 @@ YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str ));
YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len ));
static void *yy_flex_alloc YY_PROTO(( yy_size_t ));
static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t ));
static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t )) YY_MAY_BE_UNUSED;
static void yy_flex_free YY_PROTO(( void * ));
#define yy_new_buffer yy_create_buffer
@ -442,7 +451,7 @@ static int getstring(void);
#undef ECHO
#line 446 "lex.yy.c"
#line 455 "lex.yy.c"
/* Macros after this point can all be overridden by user definitions in
* section 1.
@ -595,7 +604,7 @@ YY_DECL
#line 59 "lex.l"
#line 599 "lex.yy.c"
#line 608 "lex.yy.c"
if ( yy_init )
{
@ -758,7 +767,7 @@ YY_RULE_SETUP
#line 75 "lex.l"
ECHO;
YY_BREAK
#line 762 "lex.yy.c"
#line 771 "lex.yy.c"
case YY_STATE_EOF(INITIAL):
yyterminate();

13
source/heimdal/lib/des/aes.h
View File

@ -31,11 +31,22 @@
* SUCH DAMAGE.
*/
/* $Id: aes.h,v 1.4 2005/04/10 19:09:47 lha Exp $ */
/* $Id: aes.h,v 1.5 2006/01/08 21:47:27 lha Exp $ */
#ifndef HEIM_AES_H
#define HEIM_AES_H 1
/* symbol renaming */
#define AES_set_encrypt_key hc_AES_set_encrypt_key
#define AES_set_decrypt_key hc_AES_decrypt_key
#define AES_encrypt hc_AES_encrypt
#define AES_decrypt hc_AES_decrypt
#define AES_cbc_encrypt hc_AES_cbc_encrypt
/*
*
*/
#define AES_BLOCK_SIZE 16
#define AES_MAXNR 14

121
source/heimdal/lib/des/bn.h Normal file
View File

@ -0,0 +1,121 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: bn.h,v 1.3 2006/01/13 08:27:50 lha Exp $
*/
#ifndef _HEIM_BN_H
#define _HEIM_BN_H 1
/* symbol renaming */
#define BN_GENCB_call hc_BN_GENCB_call
#define BN_GENCB_set hc_BN_GENCB_set
#define BN_bin2bn hc_BN_bin2bn
#define BN_bn2bin hc_BN_bn2bin
#define BN_bn2hex hc_BN_bn2hex
#define BN_clear hc_BN_clear
#define BN_clear_bit hc_BN_clear_bit
#define BN_clear_free hc_BN_clear_free
#define BN_cmp hc_BN_cmp
#define BN_dup hc_BN_dup
#define BN_free hc_BN_free
#define BN_is_negative hc_BN_is_negative
#define BN_get_word hc_BN_get_word
#define BN_hex2bn hc_BN_hex2bn
#define BN_is_bit_set hc_BN_is_bit_set
#define BN_new hc_BN_new
#define BN_num_bits hc_BN_num_bits
#define BN_num_bytes hc_BN_num_bytes
#define BN_rand hc_BN_rand
#define BN_set_bit hc_BN_set_bit
#define BN_set_negative hc_BN_set_negative
#define BN_set_word hc_BN_set_word
#define BN_uadd hc_BN_uadd
/*
*
*/
typedef void BIGNUM;
typedef struct BN_GENCB BN_GENCB;
typedef void BN_CTX;
typedef void BN_MONT_CTX;
typedef void BN_BLINDING;
struct BN_GENCB {
unsigned int ver;
void *arg;
union {
int (*cb_2)(int, int, BN_GENCB *);
} cb;
};
/*
*
*/
BIGNUM *BN_new(void);
void BN_free(BIGNUM *);
void BN_clear_free(BIGNUM *);
void BN_clear(BIGNUM *);
BIGNUM *BN_dup(const BIGNUM *);
int BN_num_bits(const BIGNUM *);
int BN_num_bytes(const BIGNUM *);
int BN_cmp(const BIGNUM *, const BIGNUM *);
void BN_set_negative(BIGNUM *, int);
int BN_is_negative(BIGNUM *);
int BN_is_bit_set(const BIGNUM *, int);
int BN_set_bit(BIGNUM *, int);
int BN_clear_bit(BIGNUM *, int);
int BN_set_word(BIGNUM *, unsigned long);
unsigned long BN_get_word(const BIGNUM *);
BIGNUM *BN_bin2bn(const void *,int len,BIGNUM *);
int BN_bn2bin(const BIGNUM *, void *);
int BN_hex2bn(BIGNUM **, const char *);
char * BN_bn2hex(const BIGNUM *);
int BN_uadd(BIGNUM *, const BIGNUM *, const BIGNUM *);
int BN_rand(BIGNUM *, int, int, int);
void BN_GENCB_set(BN_GENCB *, int (*)(int, int, BN_GENCB *), void *);
int BN_GENCB_call(BN_GENCB *, int, int);
#endif

3
source/heimdal/lib/des/des.c
View File

@ -45,7 +45,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id: des.c,v 1.15 2005/07/20 10:49:22 lha Exp $");
RCSID("$Id: des.c,v 1.16 2006/01/08 21:47:28 lha Exp $");
#endif
#include <stdio.h>
@ -54,6 +54,7 @@ RCSID("$Id: des.c,v 1.15 2005/07/20 10:49:22 lha Exp $");
#include <krb5-types.h>
#include "des.h"
#include "ui.h"
static void desx(uint32_t [2], DES_key_schedule *, int);
static void IP(uint32_t [2]);

38
source/heimdal/lib/des/des.h
View File

@ -31,11 +31,41 @@
* SUCH DAMAGE.
*/
/* $Id: des.h,v 1.24 2005/07/20 10:49:23 lha Exp $ */
/* $Id: des.h,v 1.25 2006/01/08 21:47:28 lha Exp $ */
#ifndef _DESperate_H
#define _DESperate_H 1
/* symbol renaming */
#define DES_set_odd_parity hc_DES_set_odd_parity
#define DES_is_weak_key hc_DES_is_weak_key
#define DES_key_sched hc_DES_key_sched
#define DES_set_key hc_DES_set_key
#define DES_set_key_checked hc_DES_set_key_checked
#define DES_set_key_sched hc_DES_set_key_sched
#define DES_new_random_key hc_DES_new_random_key
#define DES_string_to_key hc_DES_string_to_key
#define DES_read_password hc_DES_read_password
#define DES_rand_data hc_DES_rand_data
#define DES_set_random_generator_seed hc_DES_set_random_generator_seed
#define DES_generate_random_block hc_DES_generate_random_block
#define DES_set_sequence_number hc_DES_set_sequence_number
#define DES_init_random_number_generator hc_DES_init_random_number_generator
#define DES_random_key hc_DES_random_key
#define DES_encrypt hc_DES_encrypt
#define DES_ecb_encrypt hc_DES_ecb_encrypt
#define DES_ecb3_encrypt hc_DES_ecb3_encrypt
#define DES_pcbc_encrypt hc_DES_pcbc_encrypt
#define DES_cbc_encrypt hc_DES_cbc_encrypt
#define DES_cbc_cksum hc_DES_cbc_cksum
#define DES_ede3_cbc_encrypt hc_DES_ede3_cbc_encrypt
#define DES_cfb64_encrypt hc_DES_cfb64_encrypt
#define _DES_ipfp_test _hc_DES_ipfp_test
/*
*
*/
#define DES_CBLOCK_LEN 8
#define DES_KEY_SZ 8
@ -48,6 +78,10 @@ typedef struct DES_key_schedule
uint32_t ks[32];
} DES_key_schedule;
/*
*
*/
int DES_set_odd_parity(DES_cblock *);
int DES_is_weak_key(DES_cblock *);
int DES_set_key(DES_cblock *, DES_key_schedule *);
@ -57,8 +91,6 @@ int DES_new_random_key(DES_cblock *);
void DES_string_to_key(const char *, DES_cblock *);
int DES_read_password(DES_cblock *, char *, int);
int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */
void DES_rand_data(void *, int);
void DES_set_random_generator_seed(DES_cblock *);
void DES_generate_random_block(DES_cblock *);

139
source/heimdal/lib/des/dh.h Normal file
View File

@ -0,0 +1,139 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: dh.h,v 1.4 2006/01/18 13:48:30 lha Exp $
*/
#ifndef _HEIM_DH_H
#define _HEIM_DH_H 1
/* symbol renaming */
#define DH_null_method hc_DH_null_method
#define DH_new hc_DH_new
#define DH_new_method hc_DH_new_method
#define DH_free hc_DH_free
#define DH_up_ref hc_DH_up_ref
#define DH_size hc_DH_size
#define DH_set_default_method hc_DH_set_default_method
#define DH_get_default_method hc_DH_get_default_method
#define DH_set_method hc_DH_set_method
#define DH_get_method hc_DH_get_method
#define DH_set_ex_data hc_DH_set_ex_data
#define DH_get_ex_data hc_DH_get_ex_data
#define DH_generate_parameters_ex hc_DH_generate_parameters_ex
#define DH_check hc_DH_check
#define DH_generate_key hc_DH_generate_key
#define DH_compute_key hc_DH_compute_key
/*
*
*/
typedef struct DH DH;
typedef struct DH_METHOD DH_METHOD;
#include <hcrypto/bn.h>
#include <hcrypto/engine.h>
struct DH_METHOD {
const char *name;
int (*generate_key)(DH *);
int (*compute_key)(unsigned char *,const BIGNUM *,DH *);
int (*bn_mod_exp)(const DH *, BIGNUM *, const BIGNUM *,
const BIGNUM *, const BIGNUM *, BN_CTX *,
BN_MONT_CTX *);
int (*init)(DH *);
int (*finish)(DH *);
int flags;
void *app_data;
int (*generate_params)(DH *, int, int, BN_GENCB *);
};
struct DH {
int pad;
int version;
BIGNUM *p;
BIGNUM *g;
long length;
BIGNUM *pub_key;
BIGNUM *priv_key;
int flags;
void *method_mont_p;
BIGNUM *q;
BIGNUM *j;
void *seed;
int seedlen;
BIGNUM *counter;
int references;
struct CRYPTO_EX_DATA {
void *sk;
int dummy;
} ex_data;
const DH_METHOD *meth;
ENGINE *engine;
};
/* DH_check_pubkey return codes in `codes' argument. */
#define DH_CHECK_PUBKEY_TOO_SMALL 1
#define DH_CHECK_PUBKEY_TOO_LARGE 2
/*
*
*/
const DH_METHOD *DH_null_method(void);
DH * DH_new(void);
DH * DH_new_method(ENGINE *);
void DH_free(DH *);
int DH_up_ref(DH *);
int DH_size(const DH *);
void DH_set_default_method(const DH_METHOD *);
const DH_METHOD *
DH_get_default_method(void);
int DH_set_method(DH *, const DH_METHOD *);
int DH_set_ex_data(DH *, int, void *);
void * DH_get_ex_data(DH *, int);
int DH_generate_parameters_ex(DH *, int, int, BN_GENCB *);
int DH_check_pubkey(const DH *, const BIGNUM *, int *);
int DH_generate_key(DH *);
int DH_compute_key(unsigned char *,const BIGNUM *,DH *);
#endif /* _HEIM_DH_H */

140
source/heimdal/lib/des/dsa.h Normal file
View File

@ -0,0 +1,140 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: dsa.h,v 1.2 2006/01/13 15:26:52 lha Exp $
*/
#ifndef _HEIM_DSA_H
#define _HEIM_DSA_H 1
#include <hcrypto/bn.h>
/* symbol renaming */
#define DSA_null_method hc_DSA_null_method
#define DSA_new hc_DSA_new
#define DSA_free hc_DSA_free
#define DSA_up_ref hc_DSA_up_ref
#define DSA_set_default_method hc_DSA_set_default_method
#define DSA_get_default_method hc_DSA_get_default_method
#define DSA_set_method hc_DSA_set_method
#define DSA_get_method hc_DSA_get_method
#define DSA_set_app_data hc_DSA_set_app_data
#define DSA_get_app_data hc_DSA_get_app_data
#define DSA_size hc_DSA_size
#define DSA_verify hc_DSA_verify
/*
*
*/
typedef struct DSA DSA;
typedef struct DSA_METHOD DSA_METHOD;
typedef struct DSA_SIG DSA_SIG;
struct DSA_SIG {
BIGNUM *r;
BIGNUM *s;
};
struct DSA_METHOD {
const char *name;
DSA_SIG * (*dsa_do_sign)(const unsigned char *, int, DSA *);
int (*dsa_sign_setup)(DSA *, BN_CTX *, BIGNUM **, BIGNUM **);
int (*dsa_do_verify)(const unsigned char *, int, DSA_SIG *, DSA *);
int (*dsa_mod_exp)(DSA *, BIGNUM *, BIGNUM *, BIGNUM *,
BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *,
BN_MONT_CTX *);
int (*bn_mod_exp)(DSA *, BIGNUM *, BIGNUM *, const BIGNUM *,
const BIGNUM *, BN_CTX *,
BN_MONT_CTX *);
int (*init)(DSA *);
int (*finish)(DSA *);
int flags;
void *app_data;
};
struct DSA {
int pad;
long version;
int write_params;
BIGNUM *p;
BIGNUM *q;
BIGNUM *g;
BIGNUM *pub_key;
BIGNUM *priv_key;
BIGNUM *kinv;
BIGNUM *r;
int flags;
void *method_mont_p;
int references;
struct dsa_CRYPTO_EX_DATA {
void *sk;
int dummy;
} ex_data;
const DSA_METHOD *meth;
void *engine;
};
/*
*
*/
const DSA_METHOD *DSA_null_method(void);
/*
*
*/
DSA * DSA_new(void);
void DSA_free(DSA *);
int DSA_up_ref(DSA *);
void DSA_set_default_method(const DSA_METHOD *);
const DSA_METHOD * DSA_get_default_method(void);
const DSA_METHOD * DSA_get_method(const DSA *);
int DSA_set_method(DSA *, const DSA_METHOD *);
void DSA_set_app_data(DSA *, void *arg);
void * DSA_get_app_data(DSA *);
int DSA_size(const DSA *);
int DSA_verify(int, const unsigned char *, int,
const unsigned char *, int, DSA *);
#endif /* _HEIM_DSA_H */

96
source/heimdal/lib/des/engine.h Normal file
View File

@ -0,0 +1,96 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: engine.h,v 1.4 2006/01/13 15:26:52 lha Exp $
*/
#ifndef _HEIM_ENGINE_H
#define _HEIM_ENGINE_H 1
/* symbol renaming */
#define ENGINE_add_conf_module hc_ENGINE_add_conf_module
#define ENGINE_by_dso hc_ENGINE_by_dso
#define ENGINE_by_id hc_ENGINE_by_id
#define ENGINE_finish hc_ENGINE_finish
#define ENGINE_get_DH hc_ENGINE_get_DH
#define ENGINE_get_RSA hc_ENGINE_get_RSA
#define ENGINE_get_id hc_ENGINE_get_id
#define ENGINE_get_name hc_ENGINE_get_name
#define ENGINE_load_builtin_engines hc_ENGINE_load_builtin_engines
#define ENGINE_set_DH hc_ENGINE_set_DH
#define ENGINE_set_RSA hc_ENGINE_set_RSA
#define ENGINE_set_id hc_ENGINE_set_id
#define ENGINE_set_name hc_ENGINE_set_name
#define ENGINE_set_destroy_function hc_ENGINE_set_destroy_function
#define ENGINE_up_ref hc_ENGINE_up_ref
/*
*
*/
typedef struct hc_engine ENGINE;
#include <hcrypto/rsa.h>
#include <hcrypto/dsa.h>
#include <hcrypto/dh.h>
#define OPENSSL_DYNAMIC_VERSION (unsigned long)0x00020000
typedef int (*openssl_bind_engine)(ENGINE *, const char *, const void *);
typedef unsigned long (*openssl_v_check)(unsigned long);
void ENGINE_add_conf_module(void);
void ENGINE_load_builtin_engines(void);
ENGINE *ENGINE_by_id(const char *);
ENGINE *ENGINE_by_dso(const char *, const char *);
int ENGINE_finish(ENGINE *);
int ENGINE_up_ref(ENGINE *);
int ENGINE_set_id(ENGINE *, const char *);
int ENGINE_set_name(ENGINE *, const char *);
int ENGINE_set_RSA(ENGINE *, const RSA_METHOD *);
int ENGINE_set_DH(ENGINE *, const DH_METHOD *);
int ENGINE_set_destroy_function(ENGINE *, void (*)(ENGINE *));
const char * ENGINE_get_id(const ENGINE *);
const char * ENGINE_get_name(const ENGINE *);
const RSA_METHOD * ENGINE_get_RSA(const ENGINE *);
const DH_METHOD * ENGINE_get_DH(const ENGINE *);
int ENGINE_set_default_RSA(ENGINE *);
ENGINE * ENGINE_get_default_RSA(void);
int ENGINE_set_default_DH(ENGINE *);
ENGINE * ENGINE_get_default_DH(void);
#endif /* _HEIM_ENGINE_H */

728
source/heimdal/lib/des/evp.c Normal file
View File

@ -0,0 +1,728 @@
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <evp.h>
#include <krb5-types.h>
#include <aes.h>
#include <des.h>
#include <sha.h>
#include <rc2.h>
#include <rc4.h>
#include <md2.h>
#include <md4.h>
#include <md5.h>
struct hc_evp_md {
int hash_size;
int block_size;
int ctx_size;
int (*init)(EVP_MD_CTX *);
int (*update)(EVP_MD_CTX *,const void *, size_t );
int (*final)(void *, EVP_MD_CTX *);
int (*cleanup)(EVP_MD_CTX *);
};
/*
*
*/
size_t
EVP_MD_size(const EVP_MD *md)
{
return md->hash_size;
}
size_t
EVP_MD_block_size(const EVP_MD *md)
{
return md->block_size;
}
EVP_MD_CTX *
EVP_MD_CTX_create(void)
{
return calloc(1, sizeof(EVP_MD_CTX));
}
void
EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
memset(ctx, 0, sizeof(*ctx));
}
void
EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
{
EVP_MD_CTX_cleanup(ctx);
free(ctx);
}
int
EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
{
if (ctx->md && ctx->md->cleanup)
(ctx->md->cleanup)(ctx);
ctx->md = NULL;
ctx->engine = NULL;
free(ctx->ptr);
return 1;
}
const EVP_MD *
EVP_MD_CTX_md(EVP_MD_CTX *ctx)
{
return ctx->md;
}
size_t
EVP_MD_CTX_size(EVP_MD_CTX *ctx)
{
return EVP_MD_size(ctx->md);
}
size_t
EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
{
return EVP_MD_block_size(ctx->md);
}
int
EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
{
if (ctx->md != md || ctx->engine != engine) {
EVP_MD_CTX_cleanup(ctx);
ctx->md = md;
ctx->engine = engine;
ctx->ptr = calloc(1, md->ctx_size);
if (ctx->ptr == NULL)
return 0;
}
(ctx->md->init)(ctx->ptr);
return 1;
}
int
EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
{
(ctx->md->update)(ctx->ptr, data, size);
return 1;
}
int
EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
{
(ctx->md->final)(hash, ctx->ptr);
if (size)
*size = ctx->md->hash_size;
return 1;
}
int
EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
const EVP_MD *md, ENGINE *engine)
{
EVP_MD_CTX *ctx;
int ret;
ctx = EVP_MD_CTX_create();
if (ctx == NULL)
return 0;
ret = EVP_DigestInit_ex(ctx, md, engine);
if (ret != 1)
return ret;
ret = EVP_DigestUpdate(ctx, data, dsize);
if (ret != 1)
return ret;
ret = EVP_DigestFinal_ex(ctx, hash, hsize);
if (ret != 1)
return ret;
EVP_MD_CTX_destroy(ctx);
return 1;
}
/*
*
*/
static const struct hc_evp_md sha1 = {
20,
64,
sizeof(SHA_CTX),
(void *)SHA1_Init,
(void *)SHA1_Update,
(void *)SHA1_Final,
NULL
};
const EVP_MD *
EVP_sha1(void)
{
return &sha1;
}
const EVP_MD *
EVP_sha(void)
{
return &sha1;
}
const EVP_MD *
EVP_md5(void)
{
static const struct hc_evp_md md5 = {
16,
64,
sizeof(MD5_CTX),
(void *)MD5_Init,
(void *)MD5_Update,
(void *)MD5_Final,
NULL
};
return &md5;
}
const EVP_MD *
EVP_md4(void)
{
static const struct hc_evp_md md4 = {
16,
64,
sizeof(MD4_CTX),
(void *)MD4_Init,
(void *)MD4_Update,
(void *)MD4_Final,
NULL
};
return &md4;
}
const EVP_MD *
EVP_md2(void)
{
static const struct hc_evp_md md2 = {
16,
16,
sizeof(MD2_CTX),
(void *)MD2_Init,
(void *)MD2_Update,
(void *)MD2_Final,
NULL
};
return &md2;
}
/*
*
*/
static void
null_Init (void *m)
{
}
static void
null_Update (void *m, const void * data, size_t size)
{
}
static void
null_Final(void *res, struct md5 *m)
{
}
const EVP_MD *
EVP_md_null(void)
{
static const struct hc_evp_md null = {
0,
0,
0,
(void *)null_Init,
(void *)null_Update,
(void *)null_Final,
NULL
};
return &null;
}
#if 0
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
int EVP_SignFinal(EVP_MD_CTX *, void *, size_t *, EVP_PKEY *);
int EVP_VerifyFinal(EVP_MD_CTX *, const void *, size_t, EVP_PKEY *);
#endif
/*
*
*/
size_t
EVP_CIPHER_block_size(const EVP_CIPHER *c)
{
return c->block_size;
}
size_t
EVP_CIPHER_key_length(const EVP_CIPHER *c)
{
return c->key_len;
}
size_t
EVP_CIPHER_iv_length(const EVP_CIPHER *c)
{
return c->iv_len;
}
void
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
{
memset(c, 0, sizeof(*c));
}
int
EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
{
if (c->cipher && c->cipher->cleanup)
c->cipher->cleanup(c);
if (c->cipher_data) {
free(c->cipher_data);
c->cipher_data = NULL;
}
return 1;
}
#if 0
int
EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
{
return 0;
}
int
EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
{
return 0;
}
#endif
const EVP_CIPHER *
EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
{
return ctx->cipher;
}
size_t
EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
{
return EVP_CIPHER_block_size(ctx->cipher);
}
size_t
EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
{
return EVP_CIPHER_key_length(ctx->cipher);
}
size_t
EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
{
return EVP_CIPHER_iv_length(ctx->cipher);
}
unsigned long
EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->flags;
}
int
EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
{
return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
}
void *
EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
{
return ctx->app_data;
}
void
EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
{
ctx->app_data = data;
}
int
EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
const void *key, const void *iv, int encp)
{
if (encp == -1)
encp = ctx->encrypt;
else
ctx->encrypt = (encp ? 1 : 0);
if (c && (c != ctx->cipher)) {
EVP_CIPHER_CTX_cleanup(ctx);
ctx->cipher = c;
ctx->key_len = c->key_len;
ctx->cipher_data = malloc(c->ctx_size);
if (ctx->cipher_data == NULL && c->ctx_size != 0)
return 0;
} else if (ctx->cipher == NULL) {
/* reuse of cipher, but not any cipher ever set! */
return 0;
}
switch (EVP_CIPHER_CTX_flags(ctx)) {
case EVP_CIPH_CBC_MODE:
assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
if (iv)
memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
break;
default:
return 0;
}
if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
ctx->cipher->init(ctx, key, iv, encp);
return 1;
}
int
EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
{
return ctx->cipher->do_cipher(ctx, out, in, size);
}
/*
*
*/
static int
enc_null_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
return 1;
}
static int
enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
const unsigned char *in,
unsigned int size)
{
memmove(out, in, size);
return 1;
}
static int
enc_null_cleanup(EVP_CIPHER_CTX *ctx)
{
return 1;
}
const EVP_CIPHER *
EVP_enc_null(void)
{
static const EVP_CIPHER enc_null = {
0,
0,
0,
0,
EVP_CIPH_CBC_MODE,
enc_null_init,
enc_null_do_cipher,
enc_null_cleanup,
0,
NULL,
NULL,
NULL,
NULL
};
return &enc_null;
}
/*
*
*/
struct rc2_cbc {
unsigned int maximum_effective_key;
RC2_KEY key;
};
static int
rc2_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
struct rc2_cbc *k = ctx->cipher_data;
k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
RC2_set_key(&k->key,
EVP_CIPHER_CTX_key_length(ctx),
key,
k->maximum_effective_key);
return 1;
}
static int
rc2_do_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
const unsigned char *in,
unsigned int size)
{
struct rc2_cbc *k = ctx->cipher_data;
RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
return 1;
}
static int
rc2_cleanup(EVP_CIPHER_CTX *ctx)
{
memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
return 1;
}
const EVP_CIPHER *
EVP_rc2_cbc(void)
{
static const EVP_CIPHER rc2_cbc = {
0,
RC2_BLOCK_SIZE,
RC2_KEY_LENGTH,
RC2_BLOCK_SIZE,
EVP_CIPH_CBC_MODE,
rc2_init,
rc2_do_cipher,
rc2_cleanup,
sizeof(struct rc2_cbc),
NULL,
NULL,
NULL,
NULL
};
return &rc2_cbc;
}
const EVP_CIPHER *
EVP_rc2_40_cbc(void)
{
static const EVP_CIPHER rc2_40_cbc = {
0,
RC2_BLOCK_SIZE,
5,
RC2_BLOCK_SIZE,
EVP_CIPH_CBC_MODE,
rc2_init,
rc2_do_cipher,
rc2_cleanup,
sizeof(struct rc2_cbc),
NULL,
NULL,
NULL,
NULL
};
return &rc2_40_cbc;
}
/*
*
*/
const EVP_CIPHER *
EVP_rc4(void)
{
printf("evp rc4\n");
abort();
return NULL;
}
const EVP_CIPHER *
EVP_rc4_40(void)
{
printf("evp rc4_40\n");
abort();
return NULL;
}
/*
*
*/
struct des_ede3_cbc {
DES_key_schedule ks[3];
};
static int
des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
struct des_ede3_cbc *k = ctx->cipher_data;
DES_key_sched((DES_cblock *)(key), &k->ks[0]);
DES_key_sched((DES_cblock *)(key + 8), &k->ks[1]);
DES_key_sched((DES_cblock *)(key + 16), &k->ks[2]);
return 1;
}
static int
des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
const unsigned char *in,
unsigned int size)
{
struct des_ede3_cbc *k = ctx->cipher_data;
DES_ede3_cbc_encrypt(in, out, size,
&k->ks[0], &k->ks[1], &k->ks[2],
(DES_cblock *)ctx->iv, ctx->encrypt);
return 1;
}
static int
des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
{
memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
return 1;
}
const EVP_CIPHER *
EVP_des_ede3_cbc(void)
{
static const EVP_CIPHER des_ede3_cbc = {
0,
8,
24,
8,
EVP_CIPH_CBC_MODE,
des_ede3_cbc_init,
des_ede3_cbc_do_cipher,
des_ede3_cbc_cleanup,
sizeof(struct des_ede3_cbc),
NULL,
NULL,
NULL,
NULL
};
return &des_ede3_cbc;
}
/*
*
*/
static int
aes_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
AES_KEY *k = ctx->cipher_data;
if (ctx->encrypt)
AES_set_encrypt_key(key, ctx->cipher->key_len * 8, k);
else
AES_set_decrypt_key(key, ctx->cipher->key_len * 8, k);
return 1;
}
static int
aes_do_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
const unsigned char *in,
unsigned int size)
{
AES_KEY *k = ctx->cipher_data;
AES_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
return 1;
}
static int
aes_cleanup(EVP_CIPHER_CTX *ctx)
{
memset(ctx->cipher_data, 0, sizeof(AES_KEY));
return 1;
}
const EVP_CIPHER *
EVP_aes_128_cbc(void)
{
static const EVP_CIPHER aes_128_cbc = {
0,
16,
16,
16,
EVP_CIPH_CBC_MODE,
aes_init,
aes_do_cipher,
aes_cleanup,
sizeof(AES_KEY),
NULL,
NULL,
NULL,
NULL
};
return &aes_128_cbc;
}
const EVP_CIPHER *
EVP_aes_192_cbc(void)
{
static const EVP_CIPHER aes_192_cbc = {
0,
16,
24,
16,
EVP_CIPH_CBC_MODE,
aes_init,
aes_do_cipher,
aes_cleanup,
sizeof(AES_KEY),
NULL,
NULL,
NULL,
NULL
};
return &aes_192_cbc;
}
const EVP_CIPHER *
EVP_aes_256_cbc(void)
{
static const EVP_CIPHER aes_256_cbc = {
0,
16,
32,
16,
EVP_CIPH_CBC_MODE,
aes_init,
aes_do_cipher,
aes_cleanup,
sizeof(AES_KEY),
NULL,
NULL,
NULL,
NULL
};
return &aes_256_cbc;
}

231
source/heimdal/lib/des/evp.h Normal file
View File

@ -0,0 +1,231 @@
/*
* Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: evp.h,v 1.3 2006/02/28 14:17:25 lha Exp $ */
#ifndef HEIM_EVP_H
#define HEIM_EVP_H 1
#include <hcrypto/engine.h>
/* symbol renaming */
#define EVP_CIPHER_CTX_block_size hc_EVP_CIPHER_CTX_block_size
#define EVP_CIPHER_CTX_cipher hc_EVP_CIPHER_CTX_cipher
#define EVP_CIPHER_CTX_cleanup hc_EVP_CIPHER_CTX_cleanup
#define EVP_CIPHER_CTX_flags hc_EVP_CIPHER_CTX_flags
#define EVP_CIPHER_CTX_get_app_data hc_EVP_CIPHER_CTX_get_app_data
#define EVP_CIPHER_CTX_init hc_EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_iv_length hc_EVP_CIPHER_CTX_iv_length
#define EVP_CIPHER_CTX_key_length hc_EVP_CIPHER_CTX_key_length
#define EVP_CIPHER_CTX_mode hc_EVP_CIPHER_CTX_mode
#define EVP_CIPHER_CTX_set_app_data hc_EVP_CIPHER_CTX_set_app_data
#define EVP_CIPHER_CTX_set_key_length hc_EVP_CIPHER_CTX_set_key_length
#define EVP_CIPHER_CTX_set_padding hc_EVP_CIPHER_CTX_set_padding
#define EVP_CIPHER_block_size hc_EVP_CIPHER_block_size
#define EVP_CIPHER_iv_length hc_EVP_CIPHER_iv_length
#define EVP_CIPHER_key_length hc_EVP_CIPHER_key_length
#define EVP_Cipher hc_EVP_Cipher
#define EVP_CipherInit_ex hc_EVP_CipherInit_ex
#define EVP_Digest hc_EVP_Digest
#define EVP_DigestFinal_ex hc_EVP_DigestFinal_ex
#define EVP_DigestInit_ex hc_EVP_DigestInit_ex
#define EVP_DigestUpdate hc_EVP_DigestUpdate
#define EVP_MD_CTX_block_size hc_EVP_MD_CTX_block_size
#define EVP_MD_CTX_cleanup hc_EVP_MD_CTX_cleanup
#define EVP_MD_CTX_create hc_EVP_MD_CTX_create
#define EVP_MD_CTX_init hc_EVP_MD_CTX_init
#define EVP_MD_CTX_destroy hc_EVP_MD_CTX_destroy
#define EVP_MD_CTX_md hc_EVP_MD_CTX_md
#define EVP_MD_CTX_size hc_EVP_MD_CTX_size
#define EVP_MD_block_size hc_EVP_MD_block_size
#define EVP_MD_size hc_EVP_MD_size
#define EVP_aes_128_cbc hc_EVP_aes_128_cbc
#define EVP_aes_192_cbc hc_EVP_aes_192_cbc
#define EVP_aes_256_cbc hc_EVP_aes_256_cbc
#define EVP_des_ede3_cbc hc_EVP_des_ede3_cbc
#define EVP_enc_null hc_EVP_enc_null
#define EVP_md2 hc_EVP_md2
#define EVP_md4 hc_EVP_md4
#define EVP_md5 hc_EVP_md5
#define EVP_md_null hc_EVP_md_null
#define EVP_rc2_40_cbc hc_EVP_rc2_40_cbc
#define EVP_rc2_cbc hc_EVP_rc2_cbc
#define EVP_rc4 hc_EVP_rc4
#define EVP_rc4_40 hc_EVP_rc4_40
#define EVP_sha hc_EVP_sha
#define EVP_sha1 hc_EVP_sha1
#define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1
/*
*
*/
typedef struct hc_EVP_MD_CTX EVP_MD_CTX;
typedef struct hc_evp_pkey EVP_PKEY;
typedef struct hc_evp_md EVP_MD;
typedef struct hc_CIPHER EVP_CIPHER;
typedef struct hc_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_MAX_IV_LENGTH 16
#define EVP_MAX_BLOCK_LENGTH 32
#define EVP_MAX_MD_SIZE 64
struct hc_CIPHER {
int nid;
int block_size;
int key_len;
int iv_len;
unsigned long flags;
/* The lowest 3 bits is used as integer field for the mode the
* cipher is used in (use EVP_CIPHER.._mode() to extract the
* mode). The rest of the flag field is a bitfield.
*/
#define EVP_CIPH_CBC_MODE 2
#define EVP_CIPH_MODE 0x7
#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
int (*init)(EVP_CIPHER_CTX*,const unsigned char*,const unsigned char*,int);
int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *,
const unsigned char *, unsigned int);
int (*cleanup)(EVP_CIPHER_CTX *);
int ctx_size;
void *set_asn1_parameters;
void *get_asn1_parameters;
void *ctrl;
void *app_data;
};
struct hc_CIPHER_CTX {
const EVP_CIPHER *cipher;
ENGINE *engine;
int encrypt;
int buf_len;
unsigned char oiv[EVP_MAX_IV_LENGTH];
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char buf[EVP_MAX_BLOCK_LENGTH];
int num;
void *app_data;
int key_len;
unsigned long flags;
void *cipher_data;
int final_used;
int block_mask;
unsigned char final[EVP_MAX_BLOCK_LENGTH];
};
struct hc_EVP_MD_CTX {
const EVP_MD *md;
ENGINE *engine;
void *ptr;
};
/*
* Avaible crypto algs
*/
const EVP_MD *EVP_md_null(void);
const EVP_MD *EVP_md2(void);
const EVP_MD *EVP_md4(void);
const EVP_MD *EVP_md5(void);
const EVP_MD *EVP_sha(void);
const EVP_MD *EVP_sha1(void);
const EVP_CIPHER * EVP_aes_128_cbc(void);
const EVP_CIPHER * EVP_aes_192_cbc(void);
const EVP_CIPHER * EVP_aes_256_cbc(void);
const EVP_CIPHER * EVP_des_ede3_cbc(void);
const EVP_CIPHER * EVP_enc_null(void);
const EVP_CIPHER * EVP_rc2_40_cbc(void);
const EVP_CIPHER * EVP_rc2_cbc(void);
const EVP_CIPHER * EVP_rc4(void);
const EVP_CIPHER * EVP_rc4_40(void);
/*
*
*/
size_t EVP_MD_size(const EVP_MD *);
size_t EVP_MD_block_size(const EVP_MD *);
const EVP_MD *
EVP_MD_CTX_md(EVP_MD_CTX *);
size_t EVP_MD_CTX_size(EVP_MD_CTX *);
size_t EVP_MD_CTX_block_size(EVP_MD_CTX *);
EVP_MD_CTX *
EVP_MD_CTX_create(void);
void EVP_MD_CTX_init(EVP_MD_CTX *);
void EVP_MD_CTX_destroy(EVP_MD_CTX *);
int EVP_MD_CTX_cleanup(EVP_MD_CTX *);
int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *);
int EVP_DigestUpdate(EVP_MD_CTX *,const void *, size_t);
int EVP_DigestFinal_ex(EVP_MD_CTX *, void *, unsigned int *);
int EVP_Digest(const void *, size_t, void *, unsigned int *,
const EVP_MD *, ENGINE *);
/*
*
*/
size_t EVP_CIPHER_block_size(const EVP_CIPHER *);
size_t EVP_CIPHER_key_length(const EVP_CIPHER *);
size_t EVP_CIPHER_iv_length(const EVP_CIPHER *);
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *);
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int);
int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int);
unsigned long
EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *);
int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *);
const EVP_CIPHER *
EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *);
size_t EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *);
size_t EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *);
size_t EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *);
void * EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *);
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *, void *);
int EVP_CipherInit_ex(EVP_CIPHER_CTX *,const EVP_CIPHER *, ENGINE *,
const void *, const void *, int);
int EVP_Cipher(EVP_CIPHER_CTX *,void *,const void *,size_t);
int PKCS5_PBKDF2_HMAC_SHA1(const void *, size_t, const void *, size_t,
unsigned long, size_t, void *);
#endif /* HEIM_EVP_H */

1
source/heimdal/lib/des/hcrypto Symbolic link
View File

@ -0,0 +1 @@
./../des

119
source/heimdal/lib/des/hmac.c Normal file
View File

@ -0,0 +1,119 @@
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <hmac.h>
void
HMAC_CTX_init(HMAC_CTX *ctx)
{
memset(ctx, 0, sizeof(*ctx));
}
void
HMAC_CTX_cleanup(HMAC_CTX *ctx)
{
if (ctx->buf) {
memset(ctx->buf, 0, ctx->key_length);
free(ctx->buf);
ctx->buf = NULL;
}
if (ctx->opad) {
memset(ctx->ipad, 0, ctx->key_length);
free(ctx->opad);
ctx->opad = NULL;
}
if (ctx->ipad) {
memset(ctx->ipad, 0, ctx->key_length);
free(ctx->ipad);
ctx->ipad = NULL;
}
EVP_MD_CTX_cleanup(ctx->ctx);
}
size_t
HMAC_size(const HMAC_CTX *ctx)
{
return EVP_MD_size(ctx->md);
}
void
HMAC_Init_ex(HMAC_CTX *ctx,
const void *key,
size_t keylen,
const EVP_MD *md,
ENGINE *engine)
{
unsigned char *p;
size_t i;
if (ctx->md != md) {
ctx->md = md;
if (ctx->buf)
free (ctx->buf);
ctx->key_length = EVP_MD_size(ctx->md);
ctx->buf = malloc(ctx->key_length);
}
#if 0
ctx->engine = engine;
#endif
if (keylen > EVP_MD_block_size(ctx->md)) {
EVP_Digest(key, keylen, ctx->buf, NULL, ctx->md, engine);
key = ctx->buf;
keylen = EVP_MD_size(ctx->md);
}
if (ctx->opad)
free(ctx->opad);
if (ctx->ipad)
free(ctx->ipad);
ctx->opad = malloc(EVP_MD_block_size(ctx->md));
ctx->ipad = malloc(EVP_MD_block_size(ctx->md));
memset(ctx->ipad, 0x36, EVP_MD_block_size(ctx->md));
memset(ctx->opad, 0x5c, EVP_MD_block_size(ctx->md));
for (i = 0, p = ctx->ipad; i < keylen; i++)
p[i] ^= ((const unsigned char *)key)[i];
for (i = 0, p = ctx->opad; i < keylen; i++)
p[i] ^= ((const unsigned char *)key)[i];
ctx->ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);
EVP_DigestUpdate(ctx->ctx, ctx->ipad, EVP_MD_block_size(ctx->md));
}
void
HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len)
{
EVP_DigestUpdate(ctx->ctx, data, len);
}
void
HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len)
{
EVP_DigestFinal_ex(ctx->ctx, ctx->buf, NULL);
EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);
EVP_DigestUpdate(ctx->ctx, ctx->opad, EVP_MD_block_size(ctx->md));
EVP_DigestUpdate(ctx->ctx, ctx->buf, ctx->key_length);
EVP_DigestFinal_ex(ctx->ctx, md, len);
}
void *
HMAC(const EVP_MD *md,
const void *key, size_t key_size,
const void *data, size_t data_size,
void *hash, unsigned int *hash_len)
{
HMAC_CTX ctx;
HMAC_CTX_init(&ctx);
HMAC_Init_ex(&ctx, key, key_size, md, NULL);
HMAC_Update(&ctx, data, data_size);
HMAC_Final(&ctx, hash, hash_len);
HMAC_CTX_cleanup(&ctx);
return hash;
}

82
source/heimdal/lib/des/hmac.h Normal file
View File

@ -0,0 +1,82 @@
/*
* Copyright (c) 2005 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: hmac.h,v 1.3 2006/01/13 15:26:52 lha Exp $ */
#ifndef HEIM_HMAC_H
#define HEIM_HMAC_H 1
#include <hcrypto/evp.h>
/* symbol renaming */
#define HMAC_CTX_init hc_HMAC_CTX_init
#define HMAC_CTX_cleanup hc_HMAC_CTX_cleanup
#define HMAC_size hc_HMAC_size
#define HMAC_Init_ex hc_HMAC_Init_ex
#define HMAC_Update hc_HMAC_Update
#define HMAC_Final hc_HMAC_Final
#define HMAC hc_HMAC
/*
*
*/
#define HMAC_MAX_MD_CBLOCK 64
typedef struct hc_HMAC_CTX HMAC_CTX;
struct hc_HMAC_CTX {
const EVP_MD *md;
ENGINE *engine;
EVP_MD_CTX *ctx;
size_t key_length;
void *opad;
void *ipad;
void *buf;
};
void HMAC_CTX_init(HMAC_CTX *);
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
size_t HMAC_size(const HMAC_CTX *ctx);
void HMAC_Init_ex(HMAC_CTX *, const void *, size_t,
const EVP_MD *, ENGINE *);
void HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len);
void HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len);
void * HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
const void *data, size_t n, void *md, unsigned int *md_len);
#endif /* HEIM_HMAC_H */

138
source/heimdal/lib/des/md2.c Normal file
View File

@ -0,0 +1,138 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
RCSID("$Id: md2.c,v 1.1 2006/01/08 21:47:28 lha Exp $");
#endif
#include "hash.h"
#include "md2.h"
static const unsigned char subst[256] = {
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
31, 26, 219, 153, 141, 51, 159, 17, 131, 20
};
void
MD2_Init (struct md2 *m)
{
memset(m, 0, sizeof(*m));
}
static void
calc(struct md2 *m, const void *v)
{
unsigned char x[48], L;
const unsigned char *p = v;
int i, j, t;
L = m->checksum[15];
for (i = 0; i < 16; i++)
L = m->checksum[i] ^= subst[p[i] ^ L];
for (i = 0; i < 16; i++) {
x[i] = m->state[i];
x[i + 16] = p[i];
x[i + 32] = x[i] ^ p[i];
}
t = 0;
for (i = 0; i < 18; i++) {
for (j = 0; j < 48; j++)
t = x[j] ^= subst[t];
t = (t + i) & 0xff;
}
memcpy(m->state, x, 16);
memset(x, 0, sizeof(x));
}
void
MD2_Update (struct md2 *m, const void *v, size_t len)
{
size_t idx = m->len & 0xf;
const unsigned char *p = v;
m->len += len;
if (len + idx >= 16) {
if (idx) {
memcpy(m->data + idx, p, 16 - idx);
calc(m, m->data);
p += 16;
len -= 16 - idx;
}
while (len >= 16) {
calc(m, p);
p += 16;
len -= 16;
}
idx = 0;
}
memcpy(m->data + idx, p, len);
}
void
MD2_Final (void *res, struct md2 *m)
{
unsigned char pad[16];
size_t padlen;
padlen = 16 - (m->len % 16);
memset(pad, padlen, padlen);
MD2_Update(m, pad, padlen);
memcpy(pad, m->checksum, 16);
MD2_Update(m, pad, 16);
memcpy(res, m->state, MD2_DIGEST_LENGTH);
memset(m, 0, sizeof(m));
}

63
source/heimdal/lib/des/md2.h Normal file
View File

@ -0,0 +1,63 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: md2.h,v 1.1 2006/01/08 21:47:28 lha Exp $ */
#ifndef HEIM_MD2_H
#define HEIM_MD2_H 1
/* symbol renaming */
#define MD2_Init hc_MD2_Init
#define MD2_Update hc_MD2_Update
#define MD2_Final hc_MD2_Final
/*
*
*/
#define MD2_DIGEST_LENGTH 16
struct md2 {
size_t len;
unsigned char data[16]; /* stored unalligned data between Update's */
unsigned char checksum[16];
unsigned char state[16]; /* lower 16 bytes of X */
};
typedef struct md2 MD2_CTX;
void MD2_Init (struct md2 *m);
void MD2_Update (struct md2 *m, const void *p, size_t len);
void MD2_Final (void *res, struct md2 *m);
#endif /* HEIM_MD2_H */

13
source/heimdal/lib/des/md4.h
View File

@ -31,11 +31,22 @@
* SUCH DAMAGE.
*/
/* $Id: md4.h,v 1.9 2005/04/10 19:12:38 lha Exp $ */
/* $Id: md4.h,v 1.10 2006/01/08 21:47:28 lha Exp $ */
#ifndef HEIM_MD4_H
#define HEIM_MD4_H 1
/* symbol renaming */
#define MD4_Init hc_MD4_Init
#define MD4_Update hc_MD4_Update
#define MD4_Final hc_MD4_Final
/*
*
*/
#define MD4_DIGEST_LENGTH 16
struct md4 {
unsigned int sz[2];
u_int32_t counter[4];

13
source/heimdal/lib/des/md5.h
View File

@ -31,11 +31,22 @@
* SUCH DAMAGE.
*/
/* $Id: md5.h,v 1.9 2005/04/10 19:14:34 lha Exp $ */
/* $Id: md5.h,v 1.10 2006/01/08 21:47:28 lha Exp $ */
#ifndef HEIM_MD5_H
#define HEIM_MD5_H 1
/* symbol renaming */
#define MD5_Init hc_MD5_Init
#define MD5_Update hc_MD5_Update
#define MD5_Final hc_MD5_Final
/*
*
*/
#define MD5_DIGEST_LENGTH 16
struct md5 {
unsigned int sz[2];
u_int32_t counter[4];

57
source/heimdal/lib/des/pkcs12.h Normal file
View File

@ -0,0 +1,57 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: pkcs12.h,v 1.2 2006/01/13 15:26:52 lha Exp $
*/
#ifndef _HEIM_PKCS12_H
#define _HEIM_PKCS12_H 1
/* symbol renaming */
#define PKCS12_key_gen hc_PKCS12_key_gen
/*
*
*/
#include <hcrypto/evp.h>
#define PKCS12_KEY_ID 1
#define PKCS12_IV_ID 2
int PKCS12_key_gen(const void *, size_t, const void *,
size_t, int, int, size_t, void *, const EVP_MD *);
#endif /* _HEIM_PKCS12_H */

112
source/heimdal/lib/des/pkcs5.c Normal file
View File

@ -0,0 +1,112 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
RCSID("$Id: pkcs5.c,v 1.1 2006/02/28 14:16:57 lha Exp $");
#include <stdio.h>
#include <stdlib.h>
#include <evp.h>
#include <hmac.h>
#include <roken.h>
int
PKCS5_PBKDF2_HMAC_SHA1(const void * password, size_t password_len,
const void * salt, size_t salt_len,
unsigned long iter,
size_t keylen, void *key)
{
size_t datalen, leftofkey, checksumsize;
char *data, *tmpcksum;
u_int32_t keypart;
const EVP_MD *md;
unsigned long i;
int j;
char *p;
unsigned int hmacsize;
md = EVP_sha1();
checksumsize = EVP_MD_size(md);
datalen = salt_len + 4;
tmpcksum = malloc(checksumsize + datalen);
if (tmpcksum == NULL)
return 0;
data = &tmpcksum[checksumsize];
memcpy(data, salt, salt_len);
keypart = 1;
leftofkey = keylen;
p = key;
while (leftofkey) {
int len;
if (leftofkey > checksumsize)
len = checksumsize;
else
len = leftofkey;
data[datalen - 4] = (keypart >> 24) & 0xff;
data[datalen - 3] = (keypart >> 16) & 0xff;
data[datalen - 2] = (keypart >> 8) & 0xff;
data[datalen - 1] = (keypart) & 0xff;
HMAC(md, password, password_len, data, datalen,
tmpcksum, &hmacsize);
memcpy(p, tmpcksum, len);
for (i = 1; i < iter; i++) {
HMAC(md, password, password_len, tmpcksum, checksumsize,
tmpcksum, &hmacsize);
for (j = 0; j < len; j++)
p[j] ^= tmpcksum[j];
}
p += len;
leftofkey -= len;
keypart++;
}
free(tmpcksum);
return 1;
}

54
source/heimdal/lib/des/rand.h Normal file
View File

@ -0,0 +1,54 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: rand.h,v 1.2 2006/01/13 15:26:52 lha Exp $
*/
#ifndef _HEIM_RAND_H
#define _HEIM_RAND_H 1
#include <hcrypto/bn.h>
/* symbol renaming */
#define RAND_bytes hc_RAND_bytes
#define RAND_pseudo_bytes hc_RAND_pseudo_bytes
/*
*
*/
int RAND_bytes(void *, size_t num);
int RAND_pseudo_bytes(void *, size_t);
#endif /* _HEIM_RAND_H */

12
source/heimdal/lib/des/rc2.h
View File

@ -31,7 +31,17 @@
* SUCH DAMAGE.
*/
/* $Id: rc2.h,v 1.1 2004/04/23 19:23:00 lha Exp $ */
/* $Id: rc2.h,v 1.2 2006/01/08 21:47:29 lha Exp $ */
/* symbol renaming */
#define RC2_set_key hc_RC2_set_key
#define RC2_encryptc hc_RC2_encryptc
#define RC2_decryptc hc_RC2_decryptc
#define RC2_cbc_encrypt hc_RC2_cbc_encrypt
/*
*
*/
#define RC2_ENCRYPT 1
#define RC2_DECRYPT 0

6
source/heimdal/lib/des/rc4.h
View File

@ -31,7 +31,11 @@
* SUCH DAMAGE.
*/
/* $Id: rc4.h,v 1.3 2004/03/25 16:39:58 lha Exp $ */
/* $Id: rc4.h,v 1.4 2006/01/08 21:47:29 lha Exp $ */
/* symbol renaming */
#define RC4_set_key hc_RC4_set_key
#define RC4 hc_RC4
typedef struct rc4_key {
unsigned int x, y;

6
source/heimdal/lib/des/rijndael-alg-fst.h
View File

@ -28,6 +28,12 @@
#ifndef __RIJNDAEL_ALG_FST_H
#define __RIJNDAEL_ALG_FST_H
/* symbol renaming */
#define rijndaelKeySetupEnc _hc_rijndaelKeySetupEnc
#define rijndaelKeySetupDec _hc_rijndaelKeySetupDec
#define rijndaelEncrypt _hc_rijndaelEncrypt
#define rijndaelDecrypt _hc_rijndaelDecrypt
#define RIJNDAEL_MAXKC (256/32)
#define RIJNDAEL_MAXKB (256/8)
#define RIJNDAEL_MAXNR 14

7
source/heimdal/lib/des/rnd_keys.c
View File

@ -34,7 +34,7 @@
#ifdef HAVE_CONFIG_H
#include "config.h"
RCSID("$Id: rnd_keys.c,v 1.69 2005/07/20 10:49:24 lha Exp $");
RCSID("$Id: rnd_keys.c,v 1.70 2006/01/08 21:47:29 lha Exp $");
#endif
#ifdef KRB5
@ -324,6 +324,8 @@ DES_generate_random_block(DES_cblock *block)
DES_rand_data((unsigned char *)block, sizeof(*block));
}
#define DES_rand_data_key hc_DES_rand_data_key
void
DES_rand_data_key(DES_cblock *key);
@ -353,6 +355,9 @@ DES_rand_data_key(DES_cblock *key)
* It's neccessary to be root to run it. Returns -1 if there were any
* problems with permissions.
*/
#define DES_mem_rand8 hc_DES_mem_rand8
int
DES_mem_rand8(unsigned char *data);

164
source/heimdal/lib/des/rsa.h Normal file
View File

@ -0,0 +1,164 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id: rsa.h,v 1.2 2006/01/13 15:26:52 lha Exp $
*/
#ifndef _HEIM_RSA_H
#define _HEIM_RSA_H 1
/* symbol renaming */
#define RSA_null_method hc_RSA_null_method
#define RSA_new hc_RSA_new
#define RSA_new_method hc_RSA_new_method
#define RSA_free hc_RSA_free
#define RSA_up_ref hc_RSA_up_ref
#define RSA_set_default_method hc_RSA_set_default_method
#define RSA_get_default_method hc_RSA_get_default_method
#define RSA_set_method hc_RSA_set_method
#define RSA_get_method hc_RSA_get_method
#define RSA_set_app_data hc_RSA_set_app_data
#define RSA_get_app_data hc_RSA_get_app_data
#define RSA_check_key hc_RSA_check_key
#define RSA_size hc_RSA_size
#define RSA_public_encrypt hc_RSA_public_encrypt
#define RSA_public_decrypt hc_RSA_public_decrypt
#define RSA_private_encrypt hc_RSA_private_encrypt
#define RSA_private_decrypt hc_RSA_private_decrypt
#define RSA_sign hc_RSA_sign
#define RSA_verify hc_RSA_verify
#define d2i_RSAPrivateKey hc_d2i_RSAPrivateKey
/*
*
*/
typedef struct RSA RSA;
typedef struct RSA_METHOD RSA_METHOD;
#include <hcrypto/bn.h>
#include <hcrypto/engine.h>
struct RSA_METHOD {
const char *name;
int (*rsa_pub_enc)(int,const unsigned char *, unsigned char *, RSA *,int);
int (*rsa_pub_dec)(int,const unsigned char *, unsigned char *, RSA *,int);
int (*rsa_priv_enc)(int,const unsigned char *, unsigned char *, RSA *,int);
int (*rsa_priv_dec)(int,const unsigned char *, unsigned char *, RSA *,int);
void *rsa_mod_exp;
void *bn_mod_exp;
int (*init)(RSA *rsa);
int (*finish)(RSA *rsa);
int flags;
char *app_data;
int (*rsa_sign)(int, const unsigned char *, unsigned int,
unsigned char *, unsigned int *, const RSA *);
int (*rsa_verify)(int, const unsigned char *, unsigned int,
unsigned char *, unsigned int, const RSA *);
int (*rsa_keygen)(RSA *, int, BIGNUM *, BN_GENCB *);
};
struct RSA {
int pad;
long version;
const RSA_METHOD *meth;
void *engine;
BIGNUM *n;
BIGNUM *e;
BIGNUM *d;
BIGNUM *p;
BIGNUM *q;
BIGNUM *dmp1;
BIGNUM *dmq1;
BIGNUM *iqmp;
struct rsa_CRYPTO_EX_DATA {
void *sk;
int dummy;
} ex_data;
int references;
int flags;
void *_method_mod_n;
void *_method_mod_p;
void *_method_mod_q;
char *bignum_data;
void *blinding;
void *mt_blinding;
};
#define RSA_FLAG_SIGN_VER 0x40
#define RSA_PKCS1_PADDING 1
#define RSA_PKCS1_PADDING_SIZE 11
/*
*
*/
const RSA_METHOD *RSA_null_method(void);
/*
*
*/
RSA * RSA_new(void);
RSA * RSA_new_method(ENGINE *);
void RSA_free(RSA *);
int RSA_up_ref(RSA *);
void RSA_set_default_method(const RSA_METHOD *);
const RSA_METHOD * RSA_get_default_method(void);
const RSA_METHOD * RSA_get_method(const RSA *);
int RSA_set_method(RSA *, const RSA_METHOD *);
int RSA_set_app_data(RSA *, void *arg);
void * RSA_get_app_data(RSA *);
int RSA_check_key(const RSA *);
int RSA_size(const RSA *);
int RSA_public_encrypt(int,const unsigned char*,unsigned char*,RSA *,int);
int RSA_private_encrypt(int,const unsigned char*,unsigned char*,RSA *,int);
int RSA_public_decrypt(int,const unsigned char*,unsigned char*,RSA *,int);
int RSA_private_decrypt(int,const unsigned char*,unsigned char*,RSA *,int);
int RSA_sign(int, const unsigned char *, unsigned int,
unsigned char *, unsigned int *, RSA *);
int RSA_verify(int, const unsigned char *, unsigned int,
unsigned char *, unsigned int, RSA *);
RSA * d2i_RSAPrivateKey(RSA *, const unsigned char **, size_t);
#endif /* _HEIM_RSA_H */

13
source/heimdal/lib/des/sha.h
View File

@ -31,11 +31,22 @@
* SUCH DAMAGE.
*/
/* $Id: sha.h,v 1.8 2005/04/10 19:18:13 lha Exp $ */
/* $Id: sha.h,v 1.9 2006/01/08 21:47:29 lha Exp $ */
#ifndef HEIM_SHA_H
#define HEIM_SHA_H 1
/* symbol renaming */
#define SHA1_Init hc_SHA1_Init
#define SHA1_Update hc_SHA1_Update
#define SHA1_Final hc_SHA1_Final
/*
*
*/
#define SHA_DIGEST_LENGTH 20
struct sha {
unsigned int sz[2];
u_int32_t counter[5];

4
source/heimdal/lib/des/ui.c
View File

@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id: ui.c,v 1.4 2005/04/30 14:10:18 lha Exp $");
RCSID("$Id: ui.c,v 1.5 2006/01/08 21:47:29 lha Exp $");
#endif
#include <stdio.h>
@ -43,7 +43,7 @@ RCSID("$Id: ui.c,v 1.4 2005/04/30 14:10:18 lha Exp $");
#include <termios.h>
#include <roken.h>
#include <des.h>
#include <ui.h>
static sig_atomic_t intr_flag;

45
source/heimdal/lib/des/ui.h Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright (c) 2005 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: ui.h,v 1.1 2006/01/08 21:47:29 lha Exp $ */
#ifndef _HEIM_UI_H
#define _HEIM_UI_H 1
/* symbol renaming */
#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string
int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */
#endif /* _HEIM_UI_H */

8
source/heimdal/lib/gssapi/delete_sec_context.c
View File

@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: delete_sec_context.c,v 1.15 2005/04/27 17:48:17 lha Exp $");
RCSID("$Id: delete_sec_context.c,v 1.16 2006/01/16 13:12:29 lha Exp $");
OM_uint32 gss_delete_sec_context
(OM_uint32 * minor_status,
@ -43,11 +43,16 @@ OM_uint32 gss_delete_sec_context
{
GSSAPI_KRB5_INIT ();
*minor_status = 0;
if (output_token) {
output_token->length = 0;
output_token->value = NULL;
}
if (*context_handle == GSS_C_NO_CONTEXT)
return GSS_S_COMPLETE;
HEIMDAL_MUTEX_lock(&(*context_handle)->ctx_id_mutex);
krb5_auth_con_free (gssapi_krb5_context,
@ -74,6 +79,5 @@ OM_uint32 gss_delete_sec_context
memset(*context_handle, 0, sizeof(**context_handle));
free (*context_handle);
*context_handle = GSS_C_NO_CONTEXT;
*minor_status = 0;
return GSS_S_COMPLETE;
}

5
source/heimdal/lib/gssapi/import_name.c
View File

@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: import_name.c,v 1.13 2003/03/16 17:33:31 lha Exp $");
RCSID("$Id: import_name.c,v 1.14 2006/02/15 11:59:10 lha Exp $");
static OM_uint32
parse_krb5_name (OM_uint32 *minor_status,
@ -207,7 +207,8 @@ OM_uint32 gss_import_name
*minor_status = 0;
*output_name = GSS_C_NO_NAME;
if (gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE))
if (gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE) ||
gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE_X))
return import_hostbased_name (minor_status,
input_name_buffer,
output_name);

2
source/heimdal/lib/gssapi/wrap.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*

365
source/heimdal/lib/hdb/hdb-protos.h
View File

@ -8,317 +8,6 @@
extern "C" {
#endif
unsigned
HDBFlags2int (HDBFlags /*f*/);
int
copy_Event (
const Event */*from*/,
Event */*to*/);
int
copy_GENERATION (
const GENERATION */*from*/,
GENERATION */*to*/);
int
copy_HDBFlags (
const HDBFlags */*from*/,
HDBFlags */*to*/);
int
copy_HDB_Ext_Aliases (
const HDB_Ext_Aliases */*from*/,
HDB_Ext_Aliases */*to*/);
int
copy_HDB_Ext_Constrained_delegation_acl (
const HDB_Ext_Constrained_delegation_acl */*from*/,
HDB_Ext_Constrained_delegation_acl */*to*/);
int
copy_HDB_Ext_Lan_Manager_OWF (
const HDB_Ext_Lan_Manager_OWF */*from*/,
HDB_Ext_Lan_Manager_OWF */*to*/);
int
copy_HDB_Ext_PKINIT_acl (
const HDB_Ext_PKINIT_acl */*from*/,
HDB_Ext_PKINIT_acl */*to*/);
int
copy_HDB_Ext_PKINIT_certificate (
const HDB_Ext_PKINIT_certificate */*from*/,
HDB_Ext_PKINIT_certificate */*to*/);
int
copy_HDB_Ext_Password (
const HDB_Ext_Password */*from*/,
HDB_Ext_Password */*to*/);
int
copy_HDB_extension (
const HDB_extension */*from*/,
HDB_extension */*to*/);
int
copy_HDB_extensions (
const HDB_extensions */*from*/,
HDB_extensions */*to*/);
int
copy_Key (
const Key */*from*/,
Key */*to*/);
int
copy_Salt (
const Salt */*from*/,
Salt */*to*/);
int
copy_hdb_entry (
const hdb_entry */*from*/,
hdb_entry */*to*/);
int
decode_Event (
const unsigned char */*p*/,
size_t /*len*/,
Event */*data*/,
size_t */*size*/);
int
decode_GENERATION (
const unsigned char */*p*/,
size_t /*len*/,
GENERATION */*data*/,
size_t */*size*/);
int
decode_HDBFlags (
const unsigned char */*p*/,
size_t /*len*/,
HDBFlags */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Aliases (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Aliases */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Constrained_delegation_acl (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Constrained_delegation_acl */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Lan_Manager_OWF (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Lan_Manager_OWF */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_PKINIT_acl (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_PKINIT_acl */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_PKINIT_certificate (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_PKINIT_certificate */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Password (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Password */*data*/,
size_t */*size*/);
int
decode_HDB_extension (
const unsigned char */*p*/,
size_t /*len*/,
HDB_extension */*data*/,
size_t */*size*/);
int
decode_HDB_extensions (
const unsigned char */*p*/,
size_t /*len*/,
HDB_extensions */*data*/,
size_t */*size*/);
int
decode_Key (
const unsigned char */*p*/,
size_t /*len*/,
Key */*data*/,
size_t */*size*/);
int
decode_Salt (
const unsigned char */*p*/,
size_t /*len*/,
Salt */*data*/,
size_t */*size*/);
int
decode_hdb_entry (
const unsigned char */*p*/,
size_t /*len*/,
hdb_entry */*data*/,
size_t */*size*/);
int
encode_Event (
unsigned char */*p*/,
size_t /*len*/,
const Event */*data*/,
size_t */*size*/);
int
encode_GENERATION (
unsigned char */*p*/,
size_t /*len*/,
const GENERATION */*data*/,
size_t */*size*/);
int
encode_HDBFlags (
unsigned char */*p*/,
size_t /*len*/,
const HDBFlags */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Aliases (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Aliases */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Constrained_delegation_acl (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Constrained_delegation_acl */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Lan_Manager_OWF (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Lan_Manager_OWF */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_PKINIT_acl (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_PKINIT_acl */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_PKINIT_certificate (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_PKINIT_certificate */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Password (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Password */*data*/,
size_t */*size*/);
int
encode_HDB_extension (
unsigned char */*p*/,
size_t /*len*/,
const HDB_extension */*data*/,
size_t */*size*/);
int
encode_HDB_extensions (
unsigned char */*p*/,
size_t /*len*/,
const HDB_extensions */*data*/,
size_t */*size*/);
int
encode_Key (
unsigned char */*p*/,
size_t /*len*/,
const Key */*data*/,
size_t */*size*/);
int
encode_Salt (
unsigned char */*p*/,
size_t /*len*/,
const Salt */*data*/,
size_t */*size*/);
int
encode_hdb_entry (
unsigned char */*p*/,
size_t /*len*/,
const hdb_entry */*data*/,
size_t */*size*/);
void
free_Event (Event */*data*/);
void
free_GENERATION (GENERATION */*data*/);
void
free_HDBFlags (HDBFlags */*data*/);
void
free_HDB_Ext_Aliases (HDB_Ext_Aliases */*data*/);
void
free_HDB_Ext_Constrained_delegation_acl (HDB_Ext_Constrained_delegation_acl */*data*/);
void
free_HDB_Ext_Lan_Manager_OWF (HDB_Ext_Lan_Manager_OWF */*data*/);
void
free_HDB_Ext_PKINIT_acl (HDB_Ext_PKINIT_acl */*data*/);
void
free_HDB_Ext_PKINIT_certificate (HDB_Ext_PKINIT_certificate */*data*/);
void
free_HDB_Ext_Password (HDB_Ext_Password */*data*/);
void
free_HDB_extension (HDB_extension */*data*/);
void
free_HDB_extensions (HDB_extensions */*data*/);
void
free_Key (Key */*data*/);
void
free_Salt (Salt */*data*/);
void
free_hdb_entry (hdb_entry */*data*/);
krb5_error_code
hdb_add_master_key (
krb5_context /*context*/,
@ -490,12 +179,6 @@ hdb_ldapi_create (
HDB ** /*db*/,
const char */*arg*/);
krb5_error_code
hdb_ldb_create (
krb5_context /*context*/,
HDB ** /*db*/,
const char */*arg*/);
krb5_error_code
hdb_list_builtin (
krb5_context /*context*/,
@ -627,54 +310,6 @@ hdb_write_master_key (
const char */*filename*/,
hdb_master_key /*mkey*/);
void
initialize_hdb_error_table_r (struct et_list **/*list*/);
HDBFlags
int2HDBFlags (unsigned /*n*/);
size_t
length_Event (const Event */*data*/);
size_t
length_GENERATION (const GENERATION */*data*/);
size_t
length_HDBFlags (const HDBFlags */*data*/);
size_t
length_HDB_Ext_Aliases (const HDB_Ext_Aliases */*data*/);
size_t
length_HDB_Ext_Constrained_delegation_acl (const HDB_Ext_Constrained_delegation_acl */*data*/);
size_t
length_HDB_Ext_Lan_Manager_OWF (const HDB_Ext_Lan_Manager_OWF */*data*/);
size_t
length_HDB_Ext_PKINIT_acl (const HDB_Ext_PKINIT_acl */*data*/);
size_t
length_HDB_Ext_PKINIT_certificate (const HDB_Ext_PKINIT_certificate */*data*/);
size_t
length_HDB_Ext_Password (const HDB_Ext_Password */*data*/);
size_t
length_HDB_extension (const HDB_extension */*data*/);
size_t
length_HDB_extensions (const HDB_extensions */*data*/);
size_t
length_Key (const Key */*data*/);
size_t
length_Salt (const Salt */*data*/);
size_t
length_hdb_entry (const hdb_entry */*data*/);
#ifdef __cplusplus
}
#endif

2
source/heimdal/lib/hdb/hdb.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*

7
source/heimdal/lib/hdb/hdb_locl.h
View File

@ -64,4 +64,11 @@
#include <hdb.h>
#include <hdb-private.h>
krb5_error_code
hdb_ldb_create (
krb5_context /*context*/,
HDB ** /*db*/,
const char */*arg*/);
#endif /* __HDB_LOCL_H__ */

2
source/heimdal/lib/hdb/keytab.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan
* Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*

146
source/heimdal/lib/krb5/crypto.c
View File

@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
RCSID("$Id: crypto.c,v 1.130 2005/12/02 14:47:44 lha Exp $");
RCSID("$Id: crypto.c,v 1.132 2006/02/28 14:52:57 lha Exp $");
#undef CRYPTO_DEBUG
#ifdef CRYPTO_DEBUG
@ -591,114 +591,6 @@ ARCFOUR_string_to_key(krb5_context context,
* AES
*/
/* iter is really 1 based, so iter == 0 will be 1 iteration */
krb5_error_code KRB5_LIB_FUNCTION
_krb5_PKCS5_PBKDF2(krb5_context context, krb5_cksumtype cktype,
krb5_data password, krb5_salt salt, u_int32_t iter,
krb5_keytype type, krb5_keyblock *key)
{
struct checksum_type *c = _find_checksum(cktype);
struct key_type *kt;
size_t datalen, leftofkey;
krb5_error_code ret;
u_int32_t keypart;
struct key_data ksign;
krb5_keyblock kb;
Checksum result;
char *data, *tmpcksum;
int i, j;
char *p;
if (c == NULL) {
krb5_set_error_string(context, "checksum %d not supported", cktype);
return KRB5_PROG_KEYTYPE_NOSUPP;
}
kt = _find_keytype(type);
if (kt == NULL) {
krb5_set_error_string(context, "key type %d not supported", type);
return KRB5_PROG_KEYTYPE_NOSUPP;
}
key->keytype = type;
ret = krb5_data_alloc (&key->keyvalue, kt->bits / 8);
if (ret) {
krb5_set_error_string(context, "malloc: out of memory");
return ret;
}
ret = krb5_data_alloc (&result.checksum, c->checksumsize);
if (ret) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_data_free (&key->keyvalue);
return ret;
}
tmpcksum = malloc(c->checksumsize);
if (tmpcksum == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_data_free (&key->keyvalue);
krb5_data_free (&result.checksum);
return ENOMEM;
}
datalen = salt.saltvalue.length + 4;
data = malloc(datalen);
if (data == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
free(tmpcksum);
krb5_data_free (&key->keyvalue);
krb5_data_free (&result.checksum);
return ENOMEM;
}
kb.keyvalue = password;
ksign.key = &kb;
memcpy(data, salt.saltvalue.data, salt.saltvalue.length);
keypart = 1;
leftofkey = key->keyvalue.length;
p = key->keyvalue.data;
while (leftofkey) {
int len;
if (leftofkey > c->checksumsize)
len = c->checksumsize;
else
len = leftofkey;
_krb5_put_int(data + datalen - 4, keypart, 4);
ret = hmac(context, c, data, datalen, 0, &ksign, &result);
if (ret)
krb5_abortx(context, "hmac failed");
memcpy(p, result.checksum.data, len);
memcpy(tmpcksum, result.checksum.data, result.checksum.length);
for (i = 0; i < iter; i++) {
ret = hmac(context, c, tmpcksum, result.checksum.length,
0, &ksign, &result);
if (ret)
krb5_abortx(context, "hmac failed");
memcpy(tmpcksum, result.checksum.data, result.checksum.length);
for (j = 0; j < len; j++)
p[j] ^= tmpcksum[j];
}
p += len;
leftofkey -= len;
keypart++;
}
free(data);
free(tmpcksum);
krb5_data_free (&result.checksum);
return 0;
}
int _krb5_AES_string_to_default_iterator = 4096;
static krb5_error_code
@ -715,33 +607,44 @@ AES_string_to_key(krb5_context context,
struct key_data kd;
if (opaque.length == 0)
iter = _krb5_AES_string_to_default_iterator - 1;
iter = _krb5_AES_string_to_default_iterator;
else if (opaque.length == 4) {
unsigned long v;
_krb5_get_int(opaque.data, &v, 4);
iter = ((u_int32_t)v) - 1;
iter = ((u_int32_t)v);
} else
return KRB5_PROG_KEYTYPE_NOSUPP; /* XXX */
et = _find_enctype(enctype);
if (et == NULL)
return KRB5_PROG_KEYTYPE_NOSUPP;
ret = _krb5_PKCS5_PBKDF2(context, CKSUMTYPE_SHA1, password, salt,
iter, enctype, key);
if (ret)
key->keytype = enctype;
ret = krb5_data_alloc(&key->keyvalue, et->keytype->size);
if (ret) {
krb5_set_error_string(context, "Failed to allocate pkcs5 key");
return ret;
}
ret = krb5_copy_keyblock(context, key, &kd.key);
if (ret) {
krb5_free_keyblock(context, key);
return ret;
}
ret = PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length,
salt.saltvalue.data, salt.saltvalue.length,
iter,
et->keytype->size, kd.key->keyvalue.data);
kd.schedule = NULL;
if (ret != 1) {
krb5_set_error_string(context, "Error calculating s2k");
return KRB5_PROG_KEYTYPE_NOSUPP;
}
ret = derive_key(context, et, &kd, "kerberos", strlen("kerberos"));
krb5_free_keyblock_contents(context, key);
if (ret == 0) {
if (ret == 0)
ret = krb5_copy_keyblock_contents(context, kd.key, key);
free_key_data(context, &kd);
}
free_key_data(context, &kd);
return ret;
}
@ -3789,7 +3692,8 @@ krb5_generate_random_block(void *buf, size_t len)
rng_initialized = 1;
}
HEIMDAL_MUTEX_unlock(&crypto_mutex);
RAND_bytes(buf, len);
if (RAND_bytes(buf, len) != 1)
krb5_abortx(NULL, "Failed to generate random block");
}
#else

25
source/heimdal/lib/krb5/error_string.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2001 Kungliga Tekniska Högskolan
* Copyright (c) 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "krb5_locl.h"
RCSID("$Id: error_string.c,v 1.3 2004/05/25 21:23:55 lha Exp $");
RCSID("$Id: error_string.c,v 1.7 2006/02/16 07:49:23 lha Exp $");
#undef __attribute__
#define __attribute__(X)
@ -107,3 +107,24 @@ krb5_have_error_string(krb5_context context)
HEIMDAL_MUTEX_unlock(context->mutex);
return str != NULL;
}
char * KRB5_LIB_FUNCTION
krb5_get_error_message(krb5_context context, krb5_error_code code)
{
const char *cstr;
char *str;
str = krb5_get_error_string(context);
if (str)
return str;
cstr = krb5_get_err_text(context, code);
if (cstr)
return strdup(cstr);
if (asprintf(&str, "<unknown error: %d>", code) == -1)
return NULL;
return str;
}

5
source/heimdal/lib/krb5/get_cred.c
View File

@ -33,7 +33,7 @@
#include <krb5_locl.h>
RCSID("$Id: get_cred.c,v 1.108 2005/07/13 07:38:02 lha Exp $");
RCSID("$Id: get_cred.c,v 1.109 2006/02/03 11:41:02 lha Exp $");
/*
* Take the `body' and encode it into `padata' using the credentials
@ -772,7 +772,8 @@ get_cred_from_kdc_flags(krb5_context context,
krb5_boolean noaddr;
krb5_appdefault_boolean(context, NULL, tgt->server->realm,
"no-addresses", FALSE, &noaddr);
"no-addresses", KRB5_ADDRESSLESS_DEFAULT,
&noaddr);
if (noaddr)
ret = get_cred_kdc (context, ccache, flags, NULL,
in_creds, tgt, *out_creds);

23
source/heimdal/lib/krb5/get_for_creds.c
View File

@ -33,7 +33,7 @@
#include <krb5_locl.h>
RCSID("$Id: get_for_creds.c,v 1.46 2005/11/28 20:43:02 lha Exp $");
RCSID("$Id: get_for_creds.c,v 1.47 2006/02/03 11:37:29 lha Exp $");
static krb5_error_code
add_addrs(krb5_context context,
@ -284,21 +284,14 @@ krb5_get_forwarded_creds (krb5_context context,
enc_krb_cred_part.usec = NULL;
}
if (auth_context->local_address && auth_context->local_port) {
krb5_boolean noaddr;
krb5_const_realm srealm;
if (auth_context->local_address && auth_context->local_port && paddrs) {
srealm = krb5_principal_get_realm(context, out_creds->server);
krb5_appdefault_boolean(context, NULL, srealm, "no-addresses",
paddrs == NULL, &noaddr);
if (!noaddr) {
ret = krb5_make_addrport (context,
&enc_krb_cred_part.s_address,
auth_context->local_address,
auth_context->local_port);
if (ret)
goto out4;
}
ret = krb5_make_addrport (context,
&enc_krb_cred_part.s_address,
auth_context->local_address,
auth_context->local_port);
if (ret)
goto out4;
}
if (auth_context->remote_address) {

5
source/heimdal/lib/krb5/init_creds.c
View File

@ -33,7 +33,7 @@
#include "krb5_locl.h"
RCSID("$Id: init_creds.c,v 1.21 2005/10/12 12:45:27 lha Exp $");
RCSID("$Id: init_creds.c,v 1.22 2006/02/03 11:42:31 lha Exp $");
void KRB5_LIB_FUNCTION
krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt)
@ -191,7 +191,8 @@ krb5_get_init_creds_opt_set_default_flags(krb5_context context,
if(t != 0)
krb5_get_init_creds_opt_set_renew_life(opt, t);
krb5_appdefault_boolean(context, appname, realm, "no-addresses", FALSE, &b);
krb5_appdefault_boolean(context, appname, realm, "no-addresses",
KRB5_ADDRESSLESS_DEFAULT, &b);
if (b)
krb5_get_init_creds_opt_set_address_list (opt, &no_addrs);

16
source/heimdal/lib/krb5/krb5-private.h
View File

@ -12,19 +12,6 @@
#endif
#endif
struct krb5_dh_moduli;
struct _krb5_krb_auth_data;
krb5_error_code KRB5_LIB_FUNCTION
_krb5_PKCS5_PBKDF2 (
krb5_context /*context*/,
krb5_cksumtype /*cktype*/,
krb5_data /*password*/,
krb5_salt /*salt*/,
u_int32_t /*iter*/,
krb5_keytype /*type*/,
krb5_keyblock */*key*/);
void KRB5_LIB_FUNCTION
_krb5_aes_cts_encrypt (
const unsigned char */*in*/,
@ -92,6 +79,9 @@ _krb5_find_type_in_ad (
void
_krb5_free_krbhst_info (krb5_krbhst_info */*hi*/);
void
_krb5_free_moduli (struct krb5_dh_moduli **/*moduli*/);
krb5_error_code
_krb5_get_default_principal_local (
krb5_context /*context*/,

14
source/heimdal/lib/krb5/krb5-protos.h
View File

@ -20,15 +20,6 @@ extern "C" {
#endif
#endif
void
initialize_heim_error_table_r (struct et_list **/*list*/);
void
initialize_k524_error_table_r (struct et_list **/*list*/);
void
initialize_krb5_error_table_r (struct et_list **/*list*/);
krb5_error_code KRB5_LIB_FUNCTION
krb524_convert_creds_kdc (
krb5_context /*context*/,
@ -1688,6 +1679,11 @@ krb5_get_err_text (
krb5_context /*context*/,
krb5_error_code /*code*/);
char * KRB5_LIB_FUNCTION
krb5_get_error_message (
krb5_context /*context*/,
krb5_error_code /*code*/);
char * KRB5_LIB_FUNCTION
krb5_get_error_string (krb5_context /*context*/);

35
source/heimdal/lib/krb5/krb5_err.et
View File

@ -3,7 +3,7 @@
#
# This might look like a com_err file, but is not
#
id "$Id: krb5_err.et,v 1.12 2004/10/14 15:30:29 lha Exp $"
id "$Id: krb5_err.et,v 1.14 2006/02/13 11:28:22 lha Exp $"
error_table krb5
@ -74,35 +74,36 @@ prefix KRB5_KDC_ERR
error_code CLIENT_NOT_TRUSTED, "Client not trusted"
error_code KDC_NOT_TRUSTED, "KDC not trusted"
error_code INVALID_SIG, "Invalid signature"
error_code KEY_SIZE, "Key size too small/key too weak"
error_code CERTIFICATE_MISMATCH, "Certificate mismatch"
error_code DH_KEY_PARAMETERS_NOT_ACCEPTED, "DH parameters not accepted"
index 69
prefix KRB5_AP_ERR
error_code USER_TO_USER_REQUIRED, "User to user required"
index 70
prefix KRB5_KDC_ERROR
prefix KRB5_KDC_ERR
error_code CANT_VERIFY_CERTIFICATE, "Cannot verify certificate"
error_code INVALID_CERTIFICATE, "Invalid certificate"
error_code REVOKED_CERTIFICATE, "Revoked certificate"
error_code INVALID_CERTIFICATE, "Certificate invalid"
error_code REVOKED_CERTIFICATE, "Certificate revoked"
error_code REVOCATION_STATUS_UNKNOWN, "Revocation status unknown"
error_code REVOCATION_STATUS_UNAVAILABLE, "Revocation status unknown"
error_code CLIENT_NAME_MISMATCH, "Client name mismatch"
index 75
error_code KDC_NAME_MISMATCH, "KDC name mismatch"
error_code CLIENT_NAME_MISMATCH, "Revocation status unknown"
error_code INCONSISTENT_KEY_PURPOSE, "Inconsistent key purpose"
error_code DIGEST_IN_CERT_NOT_ACCEPTED, "Digest in certificate not accepted"
error_code PA_CHECKSUM_MUST_BE_INCLUDED, "paChecksum must be included"
error_code DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED, "Digest in signedData not accepted"
error_code PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED, "Public key encryption not supported"
# 76-79 are reserved
index 80
prefix KRB5_IAKERB
error_code ERR_KDC_NOT_FOUND, "IAKERB proxy could not find a KDC"
error_code ERR_KDC_NO_RESPONSE, "IAKERB proxy never reeived a response from a KDC"
## these are never used
#index 80
#prefix KRB5_IAKERB
#error_code ERR_KDC_NOT_FOUND, "IAKERB proxy could not find a KDC"
#error_code ERR_KDC_NO_RESPONSE, "IAKERB proxy never reeived a response from a KDC"
# 82-127 are reserved
index 128
prefix
error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.12 2004/10/14 15:30:29 lha Exp $"
error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.14 2006/02/13 11:28:22 lha Exp $"
error_code KRB5_LIBOS_BADLOCKFLAG, "Invalid flag for file lock mode"
error_code KRB5_LIBOS_CANTREADPWD, "Cannot read password"

28
source/heimdal/lib/krb5/krb5_locl.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
/* $Id: krb5_locl.h,v 1.84 2005/12/13 15:40:50 lha Exp $ */
/* $Id: krb5_locl.h,v 1.87 2006/02/09 11:36:27 lha Exp $ */
#ifndef __KRB5_LOCL_H__
#define __KRB5_LOCL_H__
@ -170,14 +170,6 @@ struct _krb5_krb_auth_data;
#define KRB5_BUFSIZ 1024
#ifndef KRB5_DEFAULT_CCNAME
#ifdef __APPLE__
#define KRB5_DEFAULT_CCNAME "API:"
#else
#define KRB5_DEFAULT_CCNAME "FILE:/tmp/krb5cc_%{uid}"
#endif
#endif
typedef enum {
KRB5_PA_PAC_DONT_CARE = 0,
KRB5_PA_PAC_REQ_TRUE,
@ -196,4 +188,20 @@ struct _krb5_get_init_creds_opt_private {
int canonicalize;
};
/*
* Configurable options
*/
#ifndef KRB5_DEFAULT_CCNAME
#ifdef __APPLE__
#define KRB5_DEFAULT_CCNAME "API:"
#else
#define KRB5_DEFAULT_CCNAME "FILE:/tmp/krb5cc_%{uid}"
#endif
#endif
#ifndef KRB5_ADDRESSLESS_DEFAULT
#define KRB5_ADDRESSLESS_DEFAULT FALSE
#endif
#endif /* __KRB5_LOCL_H__ */

8
source/heimdal/lib/krb5/mk_priv.c
View File

@ -33,7 +33,7 @@
#include <krb5_locl.h>
RCSID("$Id: mk_priv.c,v 1.34 2004/05/25 21:33:32 lha Exp $");
RCSID("$Id: mk_priv.c,v 1.35 2006/02/01 12:39:26 lha Exp $");
krb5_error_code KRB5_LIB_FUNCTION
@ -129,9 +129,11 @@ krb5_mk_priv(krb5_context context,
ASN1_MALLOC_ENCODE(KRB_PRIV, buf, buf_size, &s, &len, ret);
if(ret)
if (ret)
goto fail;
if (buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
krb5_data_free (&s.enc_part.cipher);
ret = krb5_data_copy(outbuf, buf + buf_size - len, len);

109
source/heimdal/lib/krb5/pkinit.c
View File

@ -33,7 +33,15 @@
#include "krb5_locl.h"
RCSID("$Id: pkinit.c,v 1.75 2005/10/21 17:18:38 lha Exp $");
RCSID("$Id: pkinit.c,v 1.77 2006/02/14 10:08:29 lha Exp $");
struct krb5_dh_moduli {
char *name;
unsigned long bits;
heim_integer p;
heim_integer g;
heim_integer q;
};
#ifdef PKINIT
@ -104,14 +112,6 @@ struct krb5_pk_cert {
X509 *cert;
};
struct krb5_dh_moduli {
char *name;
unsigned long bits;
heim_integer p;
heim_integer g;
heim_integer q;
};
struct krb5_pk_init_ctx_data {
struct krb5_pk_identity *id;
DH *dh;
@ -505,7 +505,13 @@ build_auth_pack(krb5_context context,
if (ret)
return ret;
ret = krb5_data_copy(&a->pkAuthenticator.paChecksum,
ALLOC(a->pkAuthenticator.paChecksum, 1);
if (a->pkAuthenticator.paChecksum == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
ret = krb5_data_copy(a->pkAuthenticator.paChecksum,
checksum.checksum.data, checksum.checksum.length);
free_Checksum(&checksum);
if (ret)
@ -984,11 +990,9 @@ pk_verify_chain_standard(krb5_context context,
* Since X509_verify_cert() doesn't do CRL checking at all, we have to
* perform own verification against CRLs
*/
#if 0
ret = pk_verify_crl(context, store_ctx, id->crls);
if (ret)
goto end;
#endif
/*
* XXX add crl checking
*/
if (client_cert && cert)
*client_cert = X509_dup(cert);
@ -2429,6 +2433,31 @@ _krb5_pk_load_openssl_id(krb5_context context,
return ret;
}
static krb5_error_code
select_dh_group(krb5_context context, DH *dh, unsigned long bits,
struct krb5_dh_moduli **moduli)
{
const struct krb5_dh_moduli *m;
m = moduli[1]; /* XXX */
if (m == NULL)
m = moduli[0]; /* XXX */
dh->p = integer_to_BN(context, "p", &m->p);
if (dh->p == NULL)
return ENOMEM;
dh->g = integer_to_BN(context, "g", &m->g);
if (dh->g == NULL)
return ENOMEM;
dh->q = integer_to_BN(context, "q", &m->q);
if (dh->q == NULL)
return ENOMEM;
return 0;
}
#endif /* PKINIT */
static int
parse_integer(krb5_context context, char **p, const char *file, int lineno,
const char *name, heim_integer *integer)
@ -2526,7 +2555,7 @@ out:
return ret;
}
static void
void
_krb5_free_moduli(struct krb5_dh_moduli **moduli)
{
int i;
@ -2541,8 +2570,9 @@ _krb5_free_moduli(struct krb5_dh_moduli **moduli)
}
static const char *default_moduli =
/* bits */
/* name */
"RFC2412-MODP-group2 "
/* bits */
"1024 "
/* p */
"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
@ -2566,7 +2596,7 @@ krb5_error_code
_krb5_parse_moduli(krb5_context context, const char *file,
struct krb5_dh_moduli ***moduli)
{
/* comment bits P G Q */
/* name bits P G Q */
krb5_error_code ret;
struct krb5_dh_moduli **m = NULL, **m2;
char buf[4096];
@ -2589,10 +2619,8 @@ _krb5_parse_moduli(krb5_context context, const char *file,
}
n = 1;
if (file == NULL) {
*moduli = m;
return 0;
}
if (file == NULL)
file = MODULI_FILE;
f = fopen(file, "r");
if (f == NULL) {
@ -2646,7 +2674,7 @@ _krb5_dh_group_ok(krb5_context context, unsigned long bits,
for (i = 0; moduli[i] != NULL; i++) {
if (heim_integer_cmp(&moduli[i]->g, g) == 0 &&
heim_integer_cmp(&moduli[i]->p, p) == 0 &&
heim_integer_cmp(&moduli[i]->q, q) == 0)
(q == NULL || heim_integer_cmp(&moduli[i]->q, q) == 0))
{
if (bits && bits > moduli[i]->bits) {
krb5_set_error_string(context, "PKINIT: DH group parameter %s "
@ -2663,32 +2691,6 @@ _krb5_dh_group_ok(krb5_context context, unsigned long bits,
return KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED;
}
static krb5_error_code
select_dh_group(krb5_context context, DH *dh, unsigned long bits,
struct krb5_dh_moduli **moduli)
{
const struct krb5_dh_moduli *m;
m = moduli[1]; /* XXX */
if (m == NULL)
m = moduli[0]; /* XXX */
dh->p = integer_to_BN(context, "p", &m->p);
if (dh->p == NULL)
return ENOMEM;
dh->g = integer_to_BN(context, "g", &m->g);
if (dh->g == NULL)
return ENOMEM;
dh->q = integer_to_BN(context, "q", &m->q);
if (dh->q == NULL)
return ENOMEM;
return 0;
}
#endif /* PKINIT */
void KRB5_LIB_FUNCTION
_krb5_get_init_creds_opt_free_pkinit(krb5_get_init_creds_opt *opt)
{
@ -2772,11 +2774,10 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
if ((flags & 2) == 0) {
const char *moduli_file;
moduli_file = krb5_config_get_string_default(context, NULL,
MODULI_FILE,
"libdefaults",
"moduli",
NULL);
moduli_file = krb5_config_get_string(context, NULL,
"libdefaults",
"moduli",
NULL);
ret = _krb5_parse_moduli(context, moduli_file,
&opt->opt_private->pk_init_ctx->m);

103
source/heimdal/lib/roken/hex.c Normal file
View File

@ -0,0 +1,103 @@
/*
* Copyright (c) 2004-2005 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id: hex.c,v 1.8 2006/01/09 17:09:29 lha Exp $");
#endif
#include "roken.h"
#include <ctype.h>
#include "hex.h"
const static char hexchar[] = "0123456789ABCDEF";
static int
pos(char c)
{
const char *p;
c = toupper((unsigned char)c);
for (p = hexchar; *p; p++)
if (*p == c)
return p - hexchar;
return -1;
}
ssize_t ROKEN_LIB_FUNCTION
hex_encode(const void *data, size_t size, char **str)
{
const unsigned char *q = data;
size_t i;
char *p;
/* check for overflow */
if (size * 2 < size)
return -1;
p = malloc(size * 2 + 1);
if (p == NULL)
return -1;
for (i = 0; i < size; i++) {
p[i * 2] = hexchar[(*q >> 4) & 0xf];
p[i * 2 + 1] = hexchar[*q & 0xf];
q++;
}
p[i * 2] = '\0';
*str = p;
return i * 2;
}
ssize_t ROKEN_LIB_FUNCTION
hex_decode(const char *str, void *data, size_t len)
{
size_t l;
unsigned char *p = data;
size_t i;
l = strlen(str);
/* check for overflow, same as (l+1)/2 but overflow safe */
if ((l/2) + (l&1) > len)
return -1;
i = 0;
if (l & 1) {
p[0] = pos(str[0]);
str++;
p++;
}
for (i = 0; i < l / 2; i++)
p[i] = pos(str[i * 2]) << 4 | pos(str[(i * 2) + 1]);
return i + (l & 1);
}

55
source/heimdal/lib/roken/hex.h Normal file
View File

@ -0,0 +1,55 @@
/*
* Copyright (c) 2005 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: hex.h,v 1.3 2005/04/12 11:28:50 lha Exp $ */
#ifndef _rk_HEX_H_
#define _rk_HEX_H_ 1
#ifndef ROKEN_LIB_FUNCTION
#ifdef _WIN32
#define ROKEN_LIB_FUNCTION _stdcall
#else
#define ROKEN_LIB_FUNCTION
#endif
#endif
#define hex_encode rk_hex_encode
#define hex_decode rk_hex_decode
ssize_t ROKEN_LIB_FUNCTION
hex_encode(const void *, size_t, char **);
ssize_t ROKEN_LIB_FUNCTION
hex_decode(const char *, void *, size_t);
#endif /* _rk_HEX_H_ */

4
source/heimdal/lib/roken/resolve.c
View File

@ -45,7 +45,7 @@
#include <assert.h>
RCSID("$Id: resolve.c,v 1.52 2005/08/22 19:16:21 lha Exp $");
RCSID("$Id: resolve.c,v 1.53 2006/02/06 19:30:16 lha Exp $");
#ifdef _AIX /* AIX have broken res_nsearch() in 5.1 (5.0 also ?) */
#undef HAVE_RES_NSEARCH
@ -275,7 +275,7 @@ parse_record(const unsigned char *data, const unsigned char *end_data,
}
/* the signer name is placed after the sig_data, to make it
easy to free this struture; the size calculation below
easy to free this structure; the size calculation below
includes the zero-termination if the structure itself.
don't you just love C?
*/

12
source/heimdal_build/config.mk
View File

@ -97,6 +97,10 @@ NOPROTO = YES
#######################
# Start SUBSYSTEM HEIMDAL_KRB5
[SUBSYSTEM::HEIMDAL_KRB5]
EXTRA_CFLAGS = \
-Iheimdal_build -Iheimdal/kdc \
-Iheimdal/lib/des -Iheimdal/lib/roken \
-DNO_PRINTF_ATTRIBUTE
OBJ_FILES = \
../heimdal/lib/krb5/acache.o \
../heimdal/lib/krb5/add_et_list.o \
@ -194,6 +198,7 @@ OBJ_FILES = \
../heimdal/lib/asn1/der_get.o \
../heimdal/lib/asn1/der_put.o \
../heimdal/lib/asn1/der_free.o \
../heimdal/lib/asn1/der_format.o \
../heimdal/lib/asn1/der_length.o \
../heimdal/lib/asn1/der_copy.o \
../heimdal/lib/asn1/der_cmp.o \
@ -272,6 +277,7 @@ EXTRA_CFLAGS = \
OBJ_FILES = \
../heimdal/lib/des/aes.o \
../heimdal/lib/des/des.o \
../heimdal/lib/des/md2.o \
../heimdal/lib/des/md4.o \
../heimdal/lib/des/md5.o \
../heimdal/lib/des/rc2.o \
@ -279,7 +285,10 @@ OBJ_FILES = \
../heimdal/lib/des/rijndael-alg-fst.o \
../heimdal/lib/des/rnd_keys.o \
../heimdal/lib/des/sha.o \
../heimdal/lib/des/ui.o
../heimdal/lib/des/ui.o \
../heimdal/lib/des/evp.o \
../heimdal/lib/des/pkcs5.o \
../heimdal/lib/des/hmac.o
NOPROTO = YES
# End SUBSYSTEM HEIMDAL_DES
#######################
@ -317,6 +326,7 @@ EXTRA_CFLAGS = \
-Iheimdal/lib/des -Iheimdal/lib/roken -DNO_PRINTF_ATTRIBUTE
OBJ_FILES = \
../heimdal/lib/roken/base64.o \
../heimdal/lib/roken/hex.o \
../heimdal/lib/roken/bswap.o \
../heimdal/lib/roken/get_window_size.o \
../heimdal/lib/roken/getprogname.o \

5
source/heimdal_build/crypto-headers.h
View File

@ -8,4 +8,9 @@
#include <rc4.h>
#include <rc2.h>
#include <aes.h>
#include <ui.h>
#include <evp.h>
#include <rand.h>
#include <engine.h>
#include <pkcs12.h>
#endif /* __crypto_headers_h__ */