1 /* $NetBSD: crypto-des.c,v 1.1.1.2 2014/04/24 12:45:49 pettai Exp $ */
2
3 /*
4 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #include "krb5_locl.h"
37
38 #ifdef HEIM_WEAK_CRYPTO
39
40
41 static void
krb5_DES_random_key(krb5_context context,krb5_keyblock * key)42 krb5_DES_random_key(krb5_context context,
43 krb5_keyblock *key)
44 {
45 DES_cblock *k = key->keyvalue.data;
46 do {
47 krb5_generate_random_block(k, sizeof(DES_cblock));
48 DES_set_odd_parity(k);
49 } while(DES_is_weak_key(k));
50 }
51
52 static void
krb5_DES_schedule_old(krb5_context context,struct _krb5_key_type * kt,struct _krb5_key_data * key)53 krb5_DES_schedule_old(krb5_context context,
54 struct _krb5_key_type *kt,
55 struct _krb5_key_data *key)
56 {
57 DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data);
58 }
59
60 static void
krb5_DES_random_to_key(krb5_context context,krb5_keyblock * key,const void * data,size_t size)61 krb5_DES_random_to_key(krb5_context context,
62 krb5_keyblock *key,
63 const void *data,
64 size_t size)
65 {
66 DES_cblock *k = key->keyvalue.data;
67 memcpy(k, data, key->keyvalue.length);
68 DES_set_odd_parity(k);
69 if(DES_is_weak_key(k))
70 _krb5_xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
71 }
72
73 static struct _krb5_key_type keytype_des_old = {
74 ETYPE_DES_CBC_CRC,
75 "des-old",
76 56,
77 8,
78 sizeof(DES_key_schedule),
79 krb5_DES_random_key,
80 krb5_DES_schedule_old,
81 _krb5_des_salt,
82 krb5_DES_random_to_key,
83 NULL,
84 NULL
85 };
86
87 static struct _krb5_key_type keytype_des = {
88 ETYPE_DES_CBC_CRC,
89 "des",
90 56,
91 8,
92 sizeof(struct _krb5_evp_schedule),
93 krb5_DES_random_key,
94 _krb5_evp_schedule,
95 _krb5_des_salt,
96 krb5_DES_random_to_key,
97 _krb5_evp_cleanup,
98 EVP_des_cbc
99 };
100
101 static krb5_error_code
CRC32_checksum(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * C)102 CRC32_checksum(krb5_context context,
103 struct _krb5_key_data *key,
104 const void *data,
105 size_t len,
106 unsigned usage,
107 Checksum *C)
108 {
109 uint32_t crc;
110 unsigned char *r = C->checksum.data;
111 _krb5_crc_init_table ();
112 crc = _krb5_crc_update (data, len, 0);
113 r[0] = crc & 0xff;
114 r[1] = (crc >> 8) & 0xff;
115 r[2] = (crc >> 16) & 0xff;
116 r[3] = (crc >> 24) & 0xff;
117 return 0;
118 }
119
120 static krb5_error_code
RSA_MD4_checksum(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * C)121 RSA_MD4_checksum(krb5_context context,
122 struct _krb5_key_data *key,
123 const void *data,
124 size_t len,
125 unsigned usage,
126 Checksum *C)
127 {
128 if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1)
129 krb5_abortx(context, "md4 checksum failed");
130 return 0;
131 }
132
133 static krb5_error_code
RSA_MD4_DES_checksum(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * cksum)134 RSA_MD4_DES_checksum(krb5_context context,
135 struct _krb5_key_data *key,
136 const void *data,
137 size_t len,
138 unsigned usage,
139 Checksum *cksum)
140 {
141 return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum);
142 }
143
144 static krb5_error_code
RSA_MD4_DES_verify(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * C)145 RSA_MD4_DES_verify(krb5_context context,
146 struct _krb5_key_data *key,
147 const void *data,
148 size_t len,
149 unsigned usage,
150 Checksum *C)
151 {
152 return _krb5_des_verify(context, EVP_md4(), key, data, len, C);
153 }
154
155 static krb5_error_code
RSA_MD5_DES_checksum(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * C)156 RSA_MD5_DES_checksum(krb5_context context,
157 struct _krb5_key_data *key,
158 const void *data,
159 size_t len,
160 unsigned usage,
161 Checksum *C)
162 {
163 return _krb5_des_checksum(context, EVP_md5(), key, data, len, C);
164 }
165
166 static krb5_error_code
RSA_MD5_DES_verify(krb5_context context,struct _krb5_key_data * key,const void * data,size_t len,unsigned usage,Checksum * C)167 RSA_MD5_DES_verify(krb5_context context,
168 struct _krb5_key_data *key,
169 const void *data,
170 size_t len,
171 unsigned usage,
172 Checksum *C)
173 {
174 return _krb5_des_verify(context, EVP_md5(), key, data, len, C);
175 }
176
177 struct _krb5_checksum_type _krb5_checksum_crc32 = {
178 CKSUMTYPE_CRC32,
179 "crc32",
180 1,
181 4,
182 0,
183 CRC32_checksum,
184 NULL
185 };
186
187 struct _krb5_checksum_type _krb5_checksum_rsa_md4 = {
188 CKSUMTYPE_RSA_MD4,
189 "rsa-md4",
190 64,
191 16,
192 F_CPROOF,
193 RSA_MD4_checksum,
194 NULL
195 };
196
197 struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = {
198 CKSUMTYPE_RSA_MD4_DES,
199 "rsa-md4-des",
200 64,
201 24,
202 F_KEYED | F_CPROOF | F_VARIANT,
203 RSA_MD4_DES_checksum,
204 RSA_MD4_DES_verify
205 };
206
207 struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = {
208 CKSUMTYPE_RSA_MD5_DES,
209 "rsa-md5-des",
210 64,
211 24,
212 F_KEYED | F_CPROOF | F_VARIANT,
213 RSA_MD5_DES_checksum,
214 RSA_MD5_DES_verify
215 };
216
217 static krb5_error_code
evp_des_encrypt_null_ivec(krb5_context context,struct _krb5_key_data * key,void * data,size_t len,krb5_boolean encryptp,int usage,void * ignore_ivec)218 evp_des_encrypt_null_ivec(krb5_context context,
219 struct _krb5_key_data *key,
220 void *data,
221 size_t len,
222 krb5_boolean encryptp,
223 int usage,
224 void *ignore_ivec)
225 {
226 struct _krb5_evp_schedule *ctx = key->schedule->data;
227 EVP_CIPHER_CTX *c;
228 DES_cblock ivec;
229 memset(&ivec, 0, sizeof(ivec));
230 c = encryptp ? &ctx->ectx : &ctx->dctx;
231 EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
232 EVP_Cipher(c, data, data, len);
233 return 0;
234 }
235
236 static krb5_error_code
evp_des_encrypt_key_ivec(krb5_context context,struct _krb5_key_data * key,void * data,size_t len,krb5_boolean encryptp,int usage,void * ignore_ivec)237 evp_des_encrypt_key_ivec(krb5_context context,
238 struct _krb5_key_data *key,
239 void *data,
240 size_t len,
241 krb5_boolean encryptp,
242 int usage,
243 void *ignore_ivec)
244 {
245 struct _krb5_evp_schedule *ctx = key->schedule->data;
246 EVP_CIPHER_CTX *c;
247 DES_cblock ivec;
248 memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
249 c = encryptp ? &ctx->ectx : &ctx->dctx;
250 EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1);
251 EVP_Cipher(c, data, data, len);
252 return 0;
253 }
254
255 static krb5_error_code
DES_CFB64_encrypt_null_ivec(krb5_context context,struct _krb5_key_data * key,void * data,size_t len,krb5_boolean encryptp,int usage,void * ignore_ivec)256 DES_CFB64_encrypt_null_ivec(krb5_context context,
257 struct _krb5_key_data *key,
258 void *data,
259 size_t len,
260 krb5_boolean encryptp,
261 int usage,
262 void *ignore_ivec)
263 {
264 DES_cblock ivec;
265 int num = 0;
266 DES_key_schedule *s = key->schedule->data;
267 memset(&ivec, 0, sizeof(ivec));
268
269 DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp);
270 return 0;
271 }
272
273 static krb5_error_code
DES_PCBC_encrypt_key_ivec(krb5_context context,struct _krb5_key_data * key,void * data,size_t len,krb5_boolean encryptp,int usage,void * ignore_ivec)274 DES_PCBC_encrypt_key_ivec(krb5_context context,
275 struct _krb5_key_data *key,
276 void *data,
277 size_t len,
278 krb5_boolean encryptp,
279 int usage,
280 void *ignore_ivec)
281 {
282 DES_cblock ivec;
283 DES_key_schedule *s = key->schedule->data;
284 memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
285
286 DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp);
287 return 0;
288 }
289
290 struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = {
291 ETYPE_DES_CBC_CRC,
292 "des-cbc-crc",
293 8,
294 8,
295 8,
296 &keytype_des,
297 &_krb5_checksum_crc32,
298 NULL,
299 F_DISABLED|F_WEAK,
300 evp_des_encrypt_key_ivec,
301 0,
302 NULL
303 };
304
305 struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = {
306 ETYPE_DES_CBC_MD4,
307 "des-cbc-md4",
308 8,
309 8,
310 8,
311 &keytype_des,
312 &_krb5_checksum_rsa_md4,
313 &_krb5_checksum_rsa_md4_des,
314 F_DISABLED|F_WEAK,
315 evp_des_encrypt_null_ivec,
316 0,
317 NULL
318 };
319
320 struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = {
321 ETYPE_DES_CBC_MD5,
322 "des-cbc-md5",
323 8,
324 8,
325 8,
326 &keytype_des,
327 &_krb5_checksum_rsa_md5,
328 &_krb5_checksum_rsa_md5_des,
329 F_DISABLED|F_WEAK,
330 evp_des_encrypt_null_ivec,
331 0,
332 NULL
333 };
334
335 struct _krb5_encryption_type _krb5_enctype_des_cbc_none = {
336 ETYPE_DES_CBC_NONE,
337 "des-cbc-none",
338 8,
339 8,
340 0,
341 &keytype_des,
342 &_krb5_checksum_none,
343 NULL,
344 F_PSEUDO|F_DISABLED|F_WEAK,
345 evp_des_encrypt_null_ivec,
346 0,
347 NULL
348 };
349
350 struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = {
351 ETYPE_DES_CFB64_NONE,
352 "des-cfb64-none",
353 1,
354 1,
355 0,
356 &keytype_des_old,
357 &_krb5_checksum_none,
358 NULL,
359 F_PSEUDO|F_DISABLED|F_WEAK,
360 DES_CFB64_encrypt_null_ivec,
361 0,
362 NULL
363 };
364
365 struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = {
366 ETYPE_DES_PCBC_NONE,
367 "des-pcbc-none",
368 8,
369 8,
370 0,
371 &keytype_des_old,
372 &_krb5_checksum_none,
373 NULL,
374 F_PSEUDO|F_DISABLED|F_WEAK,
375 DES_PCBC_encrypt_key_ivec,
376 0,
377 NULL
378 };
379 #endif /* HEIM_WEAK_CRYPTO */
380