64 */
65
66 #include "k5-int.h"
67 #include "des_int.h"
68 #include <ctype.h>
69
70 #define afs_crypt mit_afs_crypt
71 char *afs_crypt (const char *, const char *, char *);
72
73 #undef min
74 #define min(a,b) ((a)>(b)?(b):(a))
75
76 /*ARGSUSED*/
77 krb5_error_code
78 mit_afs_string_to_key (krb5_context context,
79 krb5_keyblock *keyblock, const krb5_data *data,
80 const krb5_data *salt)
81 {
82 /* Solaris Kerberos */
83 krb5_error_code retval = KRB5_PROG_ETYPE_NOSUPP;
84 /* EXPORT DELETE START */
85 /* totally different approach from MIT string2key. */
86 /* much of the work has already been done by the only caller
87 which is mit_des_string_to_key; in particular, *keyblock is already
88 set up. */
89
90 char *realm = salt->data;
91 unsigned int i, j;
92 krb5_octet *key = keyblock->contents;
93 /* Solaris Kerberos */
94 krb5_keyblock usekey;
95
96 if (data->length <= 8) {
97 /* One block only. Run afs_crypt and use the first eight
98 returned bytes after the copy of the (fixed) salt.
99
100 Since the returned bytes are alphanumeric, the output is
101 limited to 2**48 possibilities; for each byte, only 64
102 possible values can be used. */
103 unsigned char password[9]; /* trailing nul for crypt() */
104 char afs_crypt_buf[16];
168 retval = mit_des_cbc_cksum (context, (unsigned char *) password,
169 key, i, &usekey, ikey);
170
171 /* now fix up key parity again */
172 mit_des_fixup_key_parity(key);
173
174 /* Solaris Kerberos */
175 if (usekey.hKey != CK_INVALID_HANDLE) {
176 (void) C_DestroyObject(krb_ctx_hSession(context), usekey.hKey);
177 usekey.hKey = CK_INVALID_HANDLE;
178 }
179 /* clean & free the input string */
180 memset(password, 0, (size_t) pw_len);
181 krb5_xfree(password);
182 }
183 #if 0
184 /* must free here because it was copied for this special case */
185 krb5_xfree(salt->data);
186 #endif
187
188 /* EXPORT DELETE END */
189 return retval;
190 }
191
192
193 /* Portions of this code:
194 Copyright 1989 by the Massachusetts Institute of Technology
195 */
196
197 /*
198 * Copyright (c) 1990 Regents of The University of Michigan.
199 * All Rights Reserved.
200 *
201 * Permission to use, copy, modify, and distribute this software
202 * and its documentation for any purpose and without fee is hereby
203 * granted, provided that the above copyright notice appears in all
204 * copies and that both that copyright notice and this permission
205 * notice appear in supporting documentation, and that the name of
206 * The University of Michigan not be used in advertising or
207 * publicity pertaining to distribution of the software without
208 * specific, written prior permission. This software is supplied as
209 * is without expressed or implied warranties of any kind.
210 *
211 * ITD Research Systems
212 * University of Michigan
213 * 535 W. William Street
214 * Ann Arbor, Michigan
215 * +1-313-936-2652
216 * netatalk@terminator.cc.umich.edu
217 */
218
219 /* EXPORT DELETE START */
220
221 static void krb5_afs_crypt_setkey (char*, char*, char(*)[48]);
222 static void krb5_afs_encrypt (char*,char*,char (*)[48]);
223
224 /*
225 * Initial permutation,
226 */
227 static const char IP[] = {
228 58,50,42,34,26,18,10, 2,
229 60,52,44,36,28,20,12, 4,
230 62,54,46,38,30,22,14, 6,
231 64,56,48,40,32,24,16, 8,
232 57,49,41,33,25,17, 9, 1,
233 59,51,43,35,27,19,11, 3,
234 61,53,45,37,29,21,13, 5,
235 63,55,47,39,31,23,15, 7,
236 };
237
238 /*
239 * Final permutation, FP = IP^(-1)
240 */
585 L[j] = tempL[j];
586 #else
587 memcpy(L, tempL, 32);
588 #endif
589 }
590 /*
591 * The output L and R are reversed.
592 */
593 for (j=0; j<32; j++) {
594 t = L[j];
595 L[j] = R[j];
596 R[j] = t;
597 }
598 /*
599 * The final output
600 * gets the inverse permutation of the very original.
601 */
602 for (j=0; j<64; j++)
603 block[j] = L[FP[j]-1];
604 }
605 /* EXPORT DELETE END */
|
64 */
65
66 #include "k5-int.h"
67 #include "des_int.h"
68 #include <ctype.h>
69
70 #define afs_crypt mit_afs_crypt
71 char *afs_crypt (const char *, const char *, char *);
72
73 #undef min
74 #define min(a,b) ((a)>(b)?(b):(a))
75
76 /*ARGSUSED*/
77 krb5_error_code
78 mit_afs_string_to_key (krb5_context context,
79 krb5_keyblock *keyblock, const krb5_data *data,
80 const krb5_data *salt)
81 {
82 /* Solaris Kerberos */
83 krb5_error_code retval = KRB5_PROG_ETYPE_NOSUPP;
84 /* totally different approach from MIT string2key. */
85 /* much of the work has already been done by the only caller
86 which is mit_des_string_to_key; in particular, *keyblock is already
87 set up. */
88
89 char *realm = salt->data;
90 unsigned int i, j;
91 krb5_octet *key = keyblock->contents;
92 /* Solaris Kerberos */
93 krb5_keyblock usekey;
94
95 if (data->length <= 8) {
96 /* One block only. Run afs_crypt and use the first eight
97 returned bytes after the copy of the (fixed) salt.
98
99 Since the returned bytes are alphanumeric, the output is
100 limited to 2**48 possibilities; for each byte, only 64
101 possible values can be used. */
102 unsigned char password[9]; /* trailing nul for crypt() */
103 char afs_crypt_buf[16];
167 retval = mit_des_cbc_cksum (context, (unsigned char *) password,
168 key, i, &usekey, ikey);
169
170 /* now fix up key parity again */
171 mit_des_fixup_key_parity(key);
172
173 /* Solaris Kerberos */
174 if (usekey.hKey != CK_INVALID_HANDLE) {
175 (void) C_DestroyObject(krb_ctx_hSession(context), usekey.hKey);
176 usekey.hKey = CK_INVALID_HANDLE;
177 }
178 /* clean & free the input string */
179 memset(password, 0, (size_t) pw_len);
180 krb5_xfree(password);
181 }
182 #if 0
183 /* must free here because it was copied for this special case */
184 krb5_xfree(salt->data);
185 #endif
186
187 return retval;
188 }
189
190
191 /* Portions of this code:
192 Copyright 1989 by the Massachusetts Institute of Technology
193 */
194
195 /*
196 * Copyright (c) 1990 Regents of The University of Michigan.
197 * All Rights Reserved.
198 *
199 * Permission to use, copy, modify, and distribute this software
200 * and its documentation for any purpose and without fee is hereby
201 * granted, provided that the above copyright notice appears in all
202 * copies and that both that copyright notice and this permission
203 * notice appear in supporting documentation, and that the name of
204 * The University of Michigan not be used in advertising or
205 * publicity pertaining to distribution of the software without
206 * specific, written prior permission. This software is supplied as
207 * is without expressed or implied warranties of any kind.
208 *
209 * ITD Research Systems
210 * University of Michigan
211 * 535 W. William Street
212 * Ann Arbor, Michigan
213 * +1-313-936-2652
214 * netatalk@terminator.cc.umich.edu
215 */
216
217 static void krb5_afs_crypt_setkey (char*, char*, char(*)[48]);
218 static void krb5_afs_encrypt (char*,char*,char (*)[48]);
219
220 /*
221 * Initial permutation,
222 */
223 static const char IP[] = {
224 58,50,42,34,26,18,10, 2,
225 60,52,44,36,28,20,12, 4,
226 62,54,46,38,30,22,14, 6,
227 64,56,48,40,32,24,16, 8,
228 57,49,41,33,25,17, 9, 1,
229 59,51,43,35,27,19,11, 3,
230 61,53,45,37,29,21,13, 5,
231 63,55,47,39,31,23,15, 7,
232 };
233
234 /*
235 * Final permutation, FP = IP^(-1)
236 */
581 L[j] = tempL[j];
582 #else
583 memcpy(L, tempL, 32);
584 #endif
585 }
586 /*
587 * The output L and R are reversed.
588 */
589 for (j=0; j<32; j++) {
590 t = L[j];
591 L[j] = R[j];
592 R[j] = t;
593 }
594 /*
595 * The final output
596 * gets the inverse permutation of the very original.
597 */
598 for (j=0; j<64; j++)
599 block[j] = L[FP[j]-1];
600 }
|