* etypes.c (krb5_enctypes_list): Fill in required_ctype field.

author Ken Raeburn <raeburn@mit.edu>

Sat, 11 Oct 2003 00:02:56 +0000 (00:02 +0000)

committer Ken Raeburn <raeburn@mit.edu>

Sat, 11 Oct 2003 00:02:56 +0000 (00:02 +0000)
author Ken Raeburn <raeburn@mit.edu>
Sat, 11 Oct 2003 00:02:56 +0000 (00:02 +0000)
committer Ken Raeburn <raeburn@mit.edu>
Sat, 11 Oct 2003 00:02:56 +0000 (00:02 +0000)
diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog

index e02d9790e26854045853d42a85e3ab0b02fa4657..5345344ec1648c85be226012c558fe5db3cd54f0 100644 (file)
--- a/src/lib/crypto/ChangeLog
+++ b/src/lib/crypto/ChangeLog
@@ -1,3 +1,9 @@
+2003-10-10  Ken Raeburn  <raeburn@mit.edu>
+
+       * etypes.c (krb5_enctypes_list): Fill in required_ctype field.
+       * mandatory_sumtype.c: New file.
+       * Makefile.in (SRCS, OBJS, STLIBOBJS): Build it.
+
  2003-07-22  Ken Raeburn  <raeburn@mit.edu>
  
         * block_size.c (krb5_c_block_size): Read new numeric fields for
diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in

index 87e6c51c3dd921eeb3dace8583ad7e3f74b070fb..d01c921adb4d4d88f899f49d7b6f5a129dda12ce 100644 (file)
--- a/src/lib/crypto/Makefile.in
+++ b/src/lib/crypto/Makefile.in
@@ -54,6 +54,7 @@ STLIBOBJS=\
         keyed_checksum_types.o  \
         make_checksum.o         \
         make_random_key.o       \
+       mandatory_sumtype.o     \
         nfold.o                 \
         old_api_glue.o          \
         pbkdf2.o                \
@@ -86,6 +87,7 @@ OBJS=\
         $(OUTPRE)keyed_checksum_types.$(OBJEXT) \
         $(OUTPRE)make_checksum.$(OBJEXT)        \
         $(OUTPRE)make_random_key.$(OBJEXT)      \
+       $(OUTPRE)mandatory_sumtype.$(OBJEXT)    \
         $(OUTPRE)nfold.$(OBJEXT)                \
         $(OUTPRE)old_api_glue.$(OBJEXT)         \
         $(OUTPRE)pbkdf2.$(OBJEXT)               \
@@ -118,6 +120,7 @@ SRCS=\
         $(srcdir)/keyed_checksum_types.c\
         $(srcdir)/make_checksum.c       \
         $(srcdir)/make_random_key.c     \
+       $(srcdir)/mandatory_sumtype.c   \
         $(srcdir)/nfold.c               \
         $(srcdir)/old_api_glue.c        \
         $(srcdir)/pbkdf2.c      \
diff --git a/src/lib/crypto/etypes.c b/src/lib/crypto/etypes.c

index 6c195e4b22855645e6e83ed92b69d3331034db48..6dcf02643a32ea3bf573c605118573686c82d331 100644 (file)
--- a/src/lib/crypto/etypes.c
+++ b/src/lib/crypto/etypes.c
@@ -45,103 +45,109 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
        "des-cbc-crc", "DES cbc mode with CRC-32",
        &krb5int_enc_des, &krb5int_hash_crc32,
        krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
-      krb5int_des_string_to_key },
+      krb5int_des_string_to_key, CKSUMTYPE_RSA_MD5 },
      { ENCTYPE_DES_CBC_MD4,
        "des-cbc-md4", "DES cbc mode with RSA-MD4",
        &krb5int_enc_des, &krb5int_hash_md4,
        krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
-      krb5int_des_string_to_key },
+      krb5int_des_string_to_key, CKSUMTYPE_RSA_MD4 },
      { ENCTYPE_DES_CBC_MD5,
        "des-cbc-md5", "DES cbc mode with RSA-MD5",
        &krb5int_enc_des, &krb5int_hash_md5,
        krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
-      krb5int_des_string_to_key },
+      krb5int_des_string_to_key, CKSUMTYPE_RSA_MD5 },
      { ENCTYPE_DES_CBC_MD5,
        "des", "DES cbc mode with RSA-MD5", /* alias */
        &krb5int_enc_des, &krb5int_hash_md5,
        krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
-      krb5int_des_string_to_key },
+      krb5int_des_string_to_key, CKSUMTYPE_RSA_MD5 },
  
      { ENCTYPE_DES_CBC_RAW,
        "des-cbc-raw", "DES cbc mode raw",
        &krb5int_enc_des, NULL,
        krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt,
-      krb5int_des_string_to_key },
+      krb5int_des_string_to_key, 0 },
      { ENCTYPE_DES3_CBC_RAW,
        "des3-cbc-raw", "Triple DES cbc mode raw",
        &krb5int_enc_des3, NULL,
        krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt,
-      krb5int_dk_string_to_key },
+      krb5int_dk_string_to_key, 0 },
  
      { ENCTYPE_DES3_CBC_SHA1,
        "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1",
        &krb5int_enc_des3, &krb5int_hash_sha1,
        krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
-      krb5int_dk_string_to_key },
+      krb5int_dk_string_to_key, CKSUMTYPE_HMAC_SHA1_DES3 },
      { ENCTYPE_DES3_CBC_SHA1,   /* alias */
        "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1",
        &krb5int_enc_des3, &krb5int_hash_sha1,
        krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
-      krb5int_dk_string_to_key },
+      krb5int_dk_string_to_key, CKSUMTYPE_HMAC_SHA1_DES3 },
      { ENCTYPE_DES3_CBC_SHA1,   /* alias */
        "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1",
        &krb5int_enc_des3, &krb5int_hash_sha1,
        krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
-      krb5int_dk_string_to_key },
+      krb5int_dk_string_to_key, CKSUMTYPE_HMAC_SHA1_DES3 },
  
      { ENCTYPE_DES_HMAC_SHA1,
        "des-hmac-sha1", "DES with HMAC/sha1",
        &krb5int_enc_des, &krb5int_hash_sha1,
        krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
-      krb5int_dk_string_to_key },
+      krb5int_dk_string_to_key, 0 },
      { ENCTYPE_ARCFOUR_HMAC, 
        "arcfour-hmac","ArcFour with HMAC/md5", &krb5int_enc_arcfour,
        &krb5int_hash_md5, krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key },
+      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
+      CKSUMTYPE_HMAC_MD5_ARCFOUR },
      { ENCTYPE_ARCFOUR_HMAC,  /* alias */
        "rc4-hmac", "ArcFour with HMAC/md5", &krb5int_enc_arcfour,
        &krb5int_hash_md5, krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key },
+      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
+      CKSUMTYPE_HMAC_MD5_ARCFOUR },
      { ENCTYPE_ARCFOUR_HMAC,  /* alias */
        "arcfour-hmac-md5", "ArcFour with HMAC/md5", &krb5int_enc_arcfour,
        &krb5int_hash_md5, krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key },
+      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
+      CKSUMTYPE_HMAC_MD5_ARCFOUR },
      { ENCTYPE_ARCFOUR_HMAC_EXP, 
        "arcfour-hmac-exp", "Exportable ArcFour with HMAC/md5",
        &krb5int_enc_arcfour,
        &krb5int_hash_md5, krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key },
+      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
+      CKSUMTYPE_HMAC_MD5_ARCFOUR },
      { ENCTYPE_ARCFOUR_HMAC_EXP, /* alias */
        "rc4-hmac-exp", "Exportable ArcFour with HMAC/md5",
        &krb5int_enc_arcfour,
        &krb5int_hash_md5, krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key },
+      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
+      CKSUMTYPE_HMAC_MD5_ARCFOUR },
      { ENCTYPE_ARCFOUR_HMAC_EXP, /* alias */
        "arcfour-hmac-md5-exp", "Exportable ArcFour with HMAC/md5",
        &krb5int_enc_arcfour,
        &krb5int_hash_md5, krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key },
+      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
+      CKSUMTYPE_HMAC_MD5_ARCFOUR },
  
      { ENCTYPE_AES128_CTS_HMAC_SHA1_96,
        "aes128-cts-hmac-sha1-96", "AES-128 CTS mode with 96-bit SHA-1 HMAC",
        &krb5int_enc_aes128, &krb5int_hash_sha1,
        krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
-      krb5int_aes_string_to_key },
+      krb5int_aes_string_to_key, CKSUMTYPE_HMAC_SHA1_96_AES128 },
      { ENCTYPE_AES128_CTS_HMAC_SHA1_96, /* alias */
        "aes128-cts", "AES-128 CTS mode with 96-bit SHA-1 HMAC",
        &krb5int_enc_aes128, &krb5int_hash_sha1,
        krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
-      krb5int_aes_string_to_key },
+      krb5int_aes_string_to_key, CKSUMTYPE_HMAC_SHA1_96_AES128 },
      { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
        "aes256-cts-hmac-sha1-96", "AES-256 CTS mode with 96-bit SHA-1 HMAC",
        &krb5int_enc_aes256, &krb5int_hash_sha1,
        krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
-      krb5int_aes_string_to_key },
+      krb5int_aes_string_to_key, CKSUMTYPE_HMAC_SHA1_96_AES256 },
      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, /* alias */
        "aes256-cts", "AES-256 CTS mode with 96-bit SHA-1 HMAC",
        &krb5int_enc_aes256, &krb5int_hash_sha1,
        krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
-      krb5int_aes_string_to_key },
+      krb5int_aes_string_to_key, CKSUMTYPE_HMAC_SHA1_96_AES256 },
  
  #ifdef ATHENA_DES3_KLUDGE
      /*
@@ -153,7 +159,7 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
        "Triple DES with HMAC/sha1 and 32-bit length code",
        &krb5int_enc_des3, &krb5int_hash_sha1,
        krb5_marc_dk_encrypt_length, krb5_marc_dk_encrypt, krb5_marc_dk_decrypt,
-      krb5int_dk_string_to_key },
+      krb5int_dk_string_to_key, CKSUMTYPE_HMAC_SHA1_DES3 },
  #endif
  };
  
diff --git a/src/lib/crypto/mandatory_sumtype.c b/src/lib/crypto/mandatory_sumtype.c

new file mode 100644 (file)

index 0000000..f9322ff
--- /dev/null
+++ b/src/lib/crypto/mandatory_sumtype.c
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2003 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#include "k5-int.h"
+#include "etypes.h"
+
+krb5_error_code
+krb5int_c_mandatory_cksumtype (krb5_context ctx, krb5_enctype etype,
+                              krb5_cksumtype *cksumtype)
+{
+    int i;
+
+    for (i = 0; i < krb5_enctypes_length; i++)
+       if (krb5_enctypes_list[i].etype == etype) {
+           *cksumtype = krb5_enctypes_list[i].required_ctype;
+           return 0;
+       }
+
+    return KRB5_BAD_ENCTYPE;
+}
author	Ken Raeburn <raeburn@mit.edu>
	Sat, 11 Oct 2003 00:02:56 +0000 (00:02 +0000)
committer	Ken Raeburn <raeburn@mit.edu>
	Sat, 11 Oct 2003 00:02:56 +0000 (00:02 +0000)
src/lib/crypto/ChangeLog		patch \| blob \| blame \| history
src/lib/crypto/Makefile.in		patch \| blob \| blame \| history
src/lib/crypto/etypes.c		patch \| blob \| blame \| history
src/lib/crypto/mandatory_sumtype.c	[new file with mode: 0644]	patch \| blob