1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

150 Commits

Author SHA1 Message Date
Andrew Bartlett
e9859ad356 lib/crypto: Remove unused RC4 code from Samba
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-08-21 09:57:31 +00:00
Andreas Schneider
1f6104f09a lib:crypto: Prepare not to build AES or AES-CMAC if we use GnuTLS support it
Samba will soon require GnuTLS >= 3.4.7.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Adjusted by Andrew Bartlett from an earlier more comprehensive patch by Andreas

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2019-08-21 09:57:31 +00:00
Andrew Bartlett
5ae119e7e9 crypto: Update REQUIREMENTS file with new minimum version
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-08-21 09:57:30 +00:00
Andreas Schneider
9ede63fbad lib:crypto: Don't build RC4 if we have GnuTLS >= 3.4.7
We have a GnuTLS DCEPRC backupkey implementation for the server and the
test. However this is only working with GnuTLS >= 3.4.7. So we need to
keep this around till we can require at least GnuTLS in a newer version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:26 +00:00
Andreas Schneider
14c4a07587 lib:crypto: Remove arcfour.h from crypto.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:26 +00:00
Andreas Schneider
fc4ae06001 lib:crypto: Use GnuTLS RC4 in py_crypto
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:26 +00:00
Andreas Schneider
baa96ef209 lib:crypto: Document samba_gnutls_arcfour_confounded_md5()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:22 +00:00
Andreas Schneider
e43678b84a lib:crypto: Document gnutls_error_to_werror()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:22 +00:00
Andreas Schneider
5e62358fbf lib:crypto: Document gnutls_error_to_ntstatus()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:22 +00:00
Andreas Schneider
31a943fa08 lib:crypto: Add GNUTLS_FIPS140_SET_(LAX|STRICT)_MODE to helpers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-07-09 12:16:11 +00:00
Andreas Schneider
a31a40b41a lib:crypto: Fix path to header file in gnutls_helpers.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-07-09 12:16:11 +00:00
Andrew Bartlett
ad4505624e lib/crypto: Use GnuTLS RC4 for samba_gnutls_arcfour_confounded_md5()
This allows Samba to use GnuTLS for drsuapi_{en,de}crypt_attribute_value()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-06-27 12:54:23 +00:00
Andrew Bartlett
31bac316da lib/crypto: Add GnuTLS helper function samba_gnutls_arcfour_confounded_md5()
This will avoid duplicated code as we convert arcfour_crypt_blob() into
direct GnuTLS calls

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-06-27 12:54:23 +00:00
Andreas Schneider
d1641f3e6a libcli:util: Add gnutls_error_to_werror()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-27 12:54:22 +00:00
Andrew Bartlett
8f4c30f785 lib/crypto: move gnutls error wrapper to own subsystem
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-06-27 12:54:22 +00:00
Gary Lockyer
412afb2aef Fix ubsan null pointer passed as argument 2
Fix ubsan warning null pointer passed as argument 2 when the source
pointer is NULL.  The calls to memcpy are now guarded by an
if (len > 0)

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May 27 01:29:48 UTC 2019 on sn-devel-184
2019-05-27 01:29:48 +00:00
Andreas Schneider
03cbef2bef lib:crypto: Remove obsolete MD5 and HMAC MD5
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 21 01:18:08 UTC 2019 on sn-devel-184
2019-05-21 01:18:08 +00:00
Noel Power
16cf1d1a53 lib/crypto: squash 'cast between incompatible function types' warning
To avoid warning above produced by using
-Wcast-function-type we;

      + ensure PyCFunctions of type METH_VARARGS do not declare
        unused and problematic kargs param.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-05-16 17:55:17 +00:00
Andreas Schneider
2009958808 lib:crypto: Remove unused SHA512
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-07 03:04:30 +00:00
Andreas Schneider
826e37218d lib:crypto: Remove unused SHA256 and HMAC SHA256
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andrew Bartlett
fdb6305c86 build: Remove bld.gen_python_environments()
This was part of --extra-python support.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-03-21 04:06:14 +00:00
Andreas Schneider
0ee398e8b2 lib:crypto: Include only the required header files
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2019-02-27 07:59:26 +00:00
Andreas Schneider
ee6497574a lib:crypto: Fix undefined behavior in md4
runtime error: left shift of 145 by 24 places cannot be represented in type 'int'

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-22 22:13:27 +01:00
Volker Lendecke
37f6e2a351 lib: Remove lib/crypto/crc32.[ch]
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 10 01:41:52 CEST 2018 on sn-devel-144
2018-10-10 01:41:52 +02:00
Alexander Bokovoy
b0a12c81b1 lib/crypto/wscript_configure: update to handle waf 2.0.4
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-09-05 06:37:22 +02:00
Alexander Bokovoy
b999fd3c25 lib/crypto/wscript: update to handle waf 2.0.4
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-09-05 06:37:22 +02:00
Stefan Metzmacher
7ae77db3b2 lib/crypto: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
2018-04-03 16:41:09 +02:00
Eric Vannier
77d88d75f6 Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13302

Signed-off-by: Eric Vannier <evannier@google.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 27 13:50:09 CEST 2018 on sn-devel-144
2018-03-27 13:50:09 +02:00
Andrew Bartlett
5a483bc0d1 lib/crypto/REQUIREMENTS: DRSUAPI replication replicated secrets was missing from the RC4 section
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-02-09 07:59:20 +01:00
Andrew Bartlett
b96b51fa95 lib/crypto: Update REQUIREMENTS for recent Samba changes
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-02-07 23:45:23 +01:00
Andreas Schneider
3089a5660d crypto: Update the REQUIREMENTS
Update after call with the GnuTLS maintainer to see what is supported in
GnuTLS, what is working in FIPS mode or not, and what features we require
to move to GnuTLS in future. The benefit will be FIPS certification and
more hardware accelerated crypto.

Bugs have been opened against GnuTLS to implment the missing features or
add functions to declare use of old crypto functions as non-crypto use.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-01-08 03:34:18 +01:00
Uri Simchoni
1d74e4f6f3 lib/crypto: remove unused code
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-11-22 10:20:20 +01:00
Jeremy Allison
5f87a05aa3 lib: crypto: Add the ability to select Intel AESNI instruction set at configure time.
Add --accel-aes=[none|intelaesni] to select.
Default is none.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2017-09-07 02:01:08 +02:00
Jeremy Allison
53ac0f7c59 lib: crypto: Plumb in the Intel AES instructions.
Causes:

AES_set_encrypt_key()
AES_set_decrypt_key()
AES_encrypt()
AES_decrypt()

to probe for the Intel AES instructions at runtime (only once)
and then call the hardware implementations if so, otherwise
fall back to the software implementations.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008

Based on original work by Justin Maggard <jmaggard@netgear.com>

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2017-09-07 02:01:08 +02:00
Jeremy Allison
3324b55bde lib: crypt: Prepare the existing code to switch to Intel AES hardware instructions.
Rename the old struct aes_key as an intermediate struct aes_key_rj
and wrap it in a union so we can chose an alternate aes_key struct
when using Intel AES hardware.

Rename the original software implementations of:

 AES_set_encrypt_key()
 AES_set_decrypt_key()
 AES_encrypt()
 AES_decrypt()

by adding an _rj on the end, and call them via a wrapper
function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008

Based on original work by Justin Maggard <jmaggard@netgear.com>

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2017-09-07 02:01:08 +02:00
Alexander Bokovoy
bbeef554f2 lib/crypto: implement samba.crypto Python module for RC4
Implement a small Python module that exposes arcfour_crypt_blob()
function widely used in Samba C code.

When Samba Python bindings are used to call LSA CreateTrustedDomainEx2,
there is a need to encrypt trusted credentials with RC4 cipher.

Current Samba Python code relies on Python runtime to provide RC4
cipher. However, in FIPS 140-2 mode system crypto libraries do not
provide access RC4 cipher at all. According to Microsoft dochelp team,
Windows is treating AuthenticationInformation blob encryption as 'plain
text' in terms of FIPS 140-2, thus doing application-level encryption.

Replace samba.arcfour_encrypt() implementation with a call to
samba.crypto.arcfour_crypt_blob().

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Mar 15 01:30:24 CET 2017 on sn-devel-144
2017-03-15 01:30:24 +01:00
Volker Lendecke
c4504bd7e3 lib: Fix some whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-16 19:52:22 +02:00
Volker Lendecke
8c332f46e4 lib: Fix a signed/unsigned mixup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-16 19:52:22 +02:00
Volker Lendecke
42d5b06d7a vfs: Remove smb_traffic_analyzer
Holger Hetterich told me in a personal email that he does not have
time to care about this project anymore and that he is fine to
remove it from Samba.

Why the removal? It contains homegrown crypto that would need to
be thoroughly audited and/or fixed. And if it's neither maintained
nor widely used I'd rather have it removed.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 11 00:23:35 CET 2015 on sn-devel-104
2015-11-11 00:23:35 +01:00
Stefan Metzmacher
d9166eb2d7 lib/crypto: make it possible to use only parts of aes.[ch]
This can be used in order to optimize some parts later.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 27 23:23:54 CEST 2015 on sn-devel-104
2015-08-27 23:23:54 +02:00
Stefan Metzmacher
aaad9e9618 lib/crypto: sync AES_cfb8_encrypt() from heimdal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
e9d3379d72 lib/crypto: make use of aes_test.h in aes_gcm_128_test.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
965f04d5e6 lib/crypto: optimize aes_gcm_128
- We avoid variables in order to do a lazy cleanup
  in aes_ccm_128_digest() via ZERO_STRUCTP(ctx)
- We use the optimized aes_block_{xor,rshift}() functions
- Align AES_BLOCK_SIZE arrays to 8 bytes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
7e8333dac3 lib/crypto: optimize aes_ccm_128
- We avoid variables in order to do a lazy cleanup
  in aes_ccm_128_digest() via ZERO_STRUCTP(ctx)
- We use the optimized aes_block_xor() function
- We reuse A_i instead of rebuilding it everything completely.
- Align AES_BLOCK_SIZE arrays to 8 bytes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
8795ad2030 lib/crypto: optimize aes_cmac_128
- We avoid variables in order to do a lazy cleanup
  in aes_cmac_128_final() via ZERO_STRUCTP(ctx)
- We avoid unused memcpy() calls
- We use the optimized aes_block_{xor,lshift}() functions
- Align AES_BLOCK_SIZE arrays to 8 bytes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
0824221b4a lib/crypto: add optimized helper functions aes_block_{xor,lshift,rshift}()
These are typical operations on an AES_BLOCK used by different modes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
77c3d504b2 lib/crypto: add aes_ccm_128 tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
80c8a1ca95 lib/crypto: verify 0 updates in aes_gcm_128 tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
683eda2f92 lib/crypto: run all aes_gcm_128 testcases
We should not skip the first one.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Stefan Metzmacher
7c4117f5da lib/crypto: add aes_cmac_128 chunked tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-27 20:23:20 +02:00
Douglas Bagnall
e3373e9d14 Revert "lib: Fix deps for LIBCRYPTO"
This reverts commit 30bfb8d638.

Talloc is still needed by LIBCRYPTO, because arcfour.h
includes lib/util/data_blob.h which includes talloc.h.

It seems arcfour only uses the DATA_BLOB struct (in e.g. arcfour_crypt
and arcfour_init).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Jun 28 11:47:16 CEST 2015 on sn-devel-104
2015-06-28 11:47:16 +02:00
Volker Lendecke
30bfb8d638 lib: Fix deps for LIBCRYPTO
LIBCRYPTO itself does not depend on talloc

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Volker Lendecke
a4d4cc2550 lib: Simplify arcfour_crypt
We don't need a dependency on data_blob in crypto

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Emmanuel Dreyfus
d5065ed2f4 Prevent clashes between system and Samba SHA functions
Samba provides its own set of SHA function, which would replace
libc-provided flavors. This is a problem because while the prototypes
are the same, the context structure are different. As a result,
when connecting to a LDAP/SSL directory, we go through
libldap/libssl/libcrypto and there libcrypto expects to call libc
SHA functions, not Samba's.

The fix is to check for SHA function presence and rename Samba's
version to avoid a clash.

Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo <simo@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun  3 01:54:24 CEST 2015 on sn-devel-104
2015-06-03 01:54:23 +02:00
Michael Adam
59cce7cbeb lib/crypto: fix header guard for crypto.h
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-03-23 16:04:19 +01:00
Michael Ledford
dab8eca590 lib/crypto: Document nettle supported crypto
Signed-off-by: Michael Ledford <michael@ledford.cc>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2015-02-25 01:08:12 +01:00
Andrew Bartlett
76c7918e01 lib/crypto: Document what crypto code is used for, and if GnuTLS supports it
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 17 11:45:15 CET 2015 on sn-devel-104
2015-02-17 11:45:15 +01:00
Stefan Metzmacher
03bf8fe4fc lib/crypto: add aes_gcm_128 support.
Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-10-16 19:30:04 +02:00
Günther Deschner
9ec531d30d lib/crypto: add and build a copied version of SHA512 functions.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-10-14 10:52:04 +02:00
Martin Schwenke
5c5f631710 lib/crypto: Protect crypto.h against multiple inclusion
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-09-19 18:11:11 +02:00
Andreas Schneider
615efa4ae8 lib: Fix strict-aliasing warning in md5 code.
If the compiler detects strict aliasing problems it isn't able to
optimize the code.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2014-01-09 20:42:54 +01:00
Björn Jacke
f8363dd22a crypto: fix build on OS X
we also need to use the CC_MD5_CTX from CommonCrypto here instead of the MD5_CTX

Signed-off-by: Bjoern Jacke <bj@sernet.de>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jan  8 08:12:29 CET 2014 on sn-devel-104
2014-01-08 08:12:29 +01:00
Andrew Bartlett
d544d178f0 build: Remove the struct MD5Context conf file check.
Fix the build.

Reviewed-by: Jeremy Allison <jra@samba.org>
Tested-by: Christian Ambach <ambi@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Mon Jun 24 14:11:09 CEST 2013 on sn-devel-104
2013-06-24 14:11:09 +02:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-19 21:32:36 +02:00
Andrew Bartlett
30a2243675 build: Update md5.h detection in waf and autoconf to use sys/md5.h and -lmd
This brings the two build systems in sync, without using md5.h (which is a problem name)

Tested on FreeBSD

Andrew Bartlett

Reviewed-by: Richard Sharpe <rsharpe@samba.org>

Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Wed May 22 10:06:40 CEST 2013 on sn-devel-104
2013-05-22 10:06:40 +02:00
Björn Jacke
b4252f8fa6 crypto/aes_ccm_128: fix compile warning on openindiana 2012-08-23 16:43:48 +02:00
Stefan Metzmacher
5adf63fe30 lib/crypto: add aes_ccm_128
metze
2012-07-23 18:19:36 +02:00
Matthieu Patou
b68f72c7f5 lib/crypto: Detect CommonCrypto and use it if available
CommonCrypto/CommonDigest is available on Mac and there is function in
the libc for MD5 calculation. MD5Final is a C define of CC_MD5_Final.
Under some circumstance we have the symbol defined twice in samba
binaries on Snow Leopard at least.

By detecting CommonCrypto/CommonDigest we end up always using the system
version if available.
2012-03-14 06:52:27 +01:00
Stefan Metzmacher
7102eafc26 lib/crypto: add aes_cmac_128_test.c as local.crypto.aes_cmac_128 test
metze
2012-02-29 03:16:22 +01:00
Stefan Metzmacher
062d1a09c2 lib/crypto: add aes_cmac_128* (rfc 4493)
Thanks to Jeremy, Michael and Volker for the debugging!

metze
2012-02-29 03:16:22 +01:00
Stefan Metzmacher
229128f7e1 lib/crypto: fix hmac_sha256_final() prototype
metze
2012-02-27 12:51:33 +01:00
Jelmer Vernooij
8443e15eee crypto: Use libbsd md5 header, if available. 2012-02-07 01:11:08 +01:00
Jelmer Vernooij
634f8276dd crypto/md5: Change prototypes to match BSD. 2012-02-07 01:11:08 +01:00
Jelmer Vernooij
9c000f1def crypto: Add prototype for main torture functions. 2012-02-07 01:11:07 +01:00
Andrew Bartlett
d40fe50a67 build: avoid util.h as a public header name due to conflict with MacOS 2011-09-23 09:24:03 +02:00
Andrew Tridgell
49ab2df28a lib/crypto: rename the SHA256_ functions to samba_SHA256_
this prevents a symbol duplication with the openssl library, which may
be linked in via a secondary library dependency

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-04-06 08:12:19 +02:00
Volker Lendecke
a431394ce3 s3: Fix Coverity ID 958: BAD_SIZEOF
This is supposed to wipe out the md5 context, not only the first bytes of it.

Others, please check!
2011-03-27 22:22:10 +02:00
Jelmer Vernooij
31d09b13d3 tdb: Use <tdb.h> to include tdb so system headers are found when building against system tdb. 2011-02-28 21:11:21 +01:00
Stefan Metzmacher
ea5940e7eb lib/crypto: add aes_cfb8_encrypt()
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jan  3 17:32:07 CET 2011 on sn-devel-104
2011-01-03 17:32:07 +01:00
Jelmer Vernooij
3deece5591 s4: Remove the old perl/m4/make/mk-based build system.
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-31 02:01:44 +00:00
Jelmer Vernooij
dc47e8dc52 libcli-auth: Remove unnecessary dependency on libsamba-hostconfig. 2010-10-11 01:06:35 +02:00
Günther Deschner
aa76e8263d lib/crypto: only include what is needed.
Guenther
2010-06-16 18:58:04 +02:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
845e0cbe6f build: commit all the waf build files in the tree 2010-04-06 20:26:48 +10:00
Matt Kraai
d4fc2e8201 Change uint_t to unsigned int in lib/crypto
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-02 07:18:16 +01:00
Stefan Metzmacher
8f482ae663 lib/crypto: include aes.h into crypto.h
metze
2009-09-16 12:29:05 +02:00
Günther Deschner
310051c79d lib/crypto: link in AES crypto for s4 as well.
Guenther
2009-09-16 02:09:59 +02:00
Günther Deschner
87acb96fc3 lib/crypto: add aes encryption routines to main cryto lib.
Guenther
2009-09-16 00:11:23 +02:00
Volker Lendecke
3984b76498 Fix a C++ warning 2009-05-31 12:16:34 +02:00
Jelmer Vernooij
c023828962 Fix missing symbols issues when building with shared libraries. 2008-12-22 21:03:09 +01:00
Jelmer Vernooij
87ec1d2532 Make sure prototypes are always included, make some functions static and
remove some unused functions.
2008-10-20 18:59:51 +02:00
Günther Deschner
98089dfccf crypto: fix remaining strhex_to_data_blob callers.
Jelmer, please check.

Guenther
2008-10-18 21:07:42 +02:00
Jelmer Vernooij
621cf3c9bf Use data_blob() for now, since it seems to be the only function available in both Samba 3 and Samba 4. 2008-10-11 21:02:13 +02:00
Jelmer Vernooij
a85f663485 Make sure to allocate copy for arc4 data, to avoid problems freeing
later.
2008-10-11 20:26:40 +02:00
Jelmer Vernooij
033bc4682b Prevent errors with data_blob() being a macro in s4 and function in s3. 2008-10-11 16:17:14 +02:00
Jelmer Vernooij
edeb20b921 Merge branch 'master' of ssh://git.samba.org/data/git/samba into arc4
Conflicts:
	source3/include/includes.h
2008-09-24 18:38:45 +02:00
Jelmer Vernooij
e3ef8803ee Fix include paths. 2008-09-24 16:10:53 +02:00
Jelmer Vernooij
da01822671 Use common arcfour implementation. 2008-09-24 16:04:43 +02:00
Jelmer Vernooij
2413a72006 Use shared copy of hmac5 implementation. 2008-09-24 15:44:34 +02:00
Jelmer Vernooij
6925202bde Move source4/lib/crypto to lib/crypto. 2008-09-24 15:30:23 +02:00