HCoop / hcoop / debian / openafs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Import Upstream version 1.8.5
[hcoop/debian/openafs.git] / src / external / heimdal / krb5 / crypto-evp.c
1 /*
2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "krb5_locl.h"
35
36 void
37 _krb5_evp_schedule(krb5_context context,
38 struct _krb5_key_type *kt,
39 struct _krb5_key_data *kd)
40 {
41 struct _krb5_evp_schedule *key = kd->schedule->data;
42 const EVP_CIPHER *c = (*kt->evp)();
43
44 EVP_CIPHER_CTX_init(&key->ectx);
45 EVP_CIPHER_CTX_init(&key->dctx);
46
47 EVP_CipherInit_ex(&key->ectx, c, NULL, kd->key->keyvalue.data, NULL, 1);
48 EVP_CipherInit_ex(&key->dctx, c, NULL, kd->key->keyvalue.data, NULL, 0);
49 }
50
51 void
52 _krb5_evp_cleanup(krb5_context context, struct _krb5_key_data *kd)
53 {
54 struct _krb5_evp_schedule *key = kd->schedule->data;
55 EVP_CIPHER_CTX_cleanup(&key->ectx);
56 EVP_CIPHER_CTX_cleanup(&key->dctx);
57 }
58
59 krb5_error_code
60 _krb5_evp_encrypt(krb5_context context,
61 struct _krb5_key_data *key,
62 void *data,
63 size_t len,
64 krb5_boolean encryptp,
65 int usage,
66 void *ivec)
67 {
68 struct _krb5_evp_schedule *ctx = key->schedule->data;
69 EVP_CIPHER_CTX *c;
70 c = encryptp ? &ctx->ectx : &ctx->dctx;
71 if (ivec == NULL) {
72 /* alloca ? */
73 size_t len2 = EVP_CIPHER_CTX_iv_length(c);
74 void *loiv = malloc(len2);
75 if (loiv == NULL)
76 return krb5_enomem(context);
77 memset(loiv, 0, len2);
78 EVP_CipherInit_ex(c, NULL, NULL, NULL, loiv, -1);
79 free(loiv);
80 } else
81 EVP_CipherInit_ex(c, NULL, NULL, NULL, ivec, -1);
82 EVP_Cipher(c, data, data, len);
83 return 0;
84 }
85
86 static const unsigned char zero_ivec[EVP_MAX_BLOCK_LENGTH] = { 0 };
87
88 krb5_error_code
89 _krb5_evp_encrypt_cts(krb5_context context,
90 struct _krb5_key_data *key,
91 void *data,
92 size_t len,
93 krb5_boolean encryptp,
94 int usage,
95 void *ivec)
96 {
97 size_t i, blocksize;
98 struct _krb5_evp_schedule *ctx = key->schedule->data;
99 unsigned char tmp[EVP_MAX_BLOCK_LENGTH], ivec2[EVP_MAX_BLOCK_LENGTH];
100 EVP_CIPHER_CTX *c;
101 unsigned char *p;
102
103 c = encryptp ? &ctx->ectx : &ctx->dctx;
104
105 blocksize = EVP_CIPHER_CTX_block_size(c);
106
107 if (len < blocksize) {
108 krb5_set_error_message(context, EINVAL,
109 "message block too short");
110 return EINVAL;
111 } else if (len == blocksize) {
112 EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1);
113 EVP_Cipher(c, data, data, len);
114 return 0;
115 }
116
117 if (ivec)
118 EVP_CipherInit_ex(c, NULL, NULL, NULL, ivec, -1);
119 else
120 EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1);
121
122 if (encryptp) {
123
124 p = data;
125 i = ((len - 1) / blocksize) * blocksize;
126 EVP_Cipher(c, p, p, i);
127 p += i - blocksize;
128 len -= i;
129 memcpy(ivec2, p, blocksize);
130
131 for (i = 0; i < len; i++)
132 tmp[i] = p[i + blocksize] ^ ivec2[i];
133 for (; i < blocksize; i++)
134 tmp[i] = 0 ^ ivec2[i];
135
136 EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1);
137 EVP_Cipher(c, p, tmp, blocksize);
138
139 memcpy(p + blocksize, ivec2, len);
140 if (ivec)
141 memcpy(ivec, p, blocksize);
142 } else {
143 unsigned char tmp2[EVP_MAX_BLOCK_LENGTH], tmp3[EVP_MAX_BLOCK_LENGTH];
144
145 p = data;
146 if (len > blocksize * 2) {
147 /* remove last two blocks and round up, decrypt this with cbc, then do cts dance */
148 i = ((((len - blocksize * 2) + blocksize - 1) / blocksize) * blocksize);
149 memcpy(ivec2, p + i - blocksize, blocksize);
150 EVP_Cipher(c, p, p, i);
151 p += i;
152 len -= i + blocksize;
153 } else {
154 if (ivec)
155 memcpy(ivec2, ivec, blocksize);
156 else
157 memcpy(ivec2, zero_ivec, blocksize);
158 len -= blocksize;
159 }
160
161 memcpy(tmp, p, blocksize);
162 EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1);
163 EVP_Cipher(c, tmp2, p, blocksize);
164
165 memcpy(tmp3, p + blocksize, len);
166 memcpy(tmp3 + len, tmp2 + len, blocksize - len); /* xor 0 */
167
168 for (i = 0; i < len; i++)
169 p[i + blocksize] = tmp2[i] ^ tmp3[i];
170
171 EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1);
172 EVP_Cipher(c, p, tmp3, blocksize);
173
174 for (i = 0; i < blocksize; i++)
175 p[i] ^= ivec2[i];
176 if (ivec)
177 memcpy(ivec, tmp, blocksize);
178 }
179 return 0;
180 }
openafs packaging