Blob Blame History Raw
From fef4e551d3d2dcb55e58cc182304254c36aa8949 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 26 Mar 2019 18:51:10 -0400
Subject: [PATCH] [downstream] Remove 3des support

Completely remove support for all DES3 enctypes (des3-cbc-raw,
des3-hmac-sha1, des3-cbc-sha1-kd).  Update all tests and documentation
to user other enctypes.  Mark the 3DES enctypes UNSUPPORTED and retain
their constants.

Last-updated: 1.19-beta1
---
 doc/admin/advanced/retiring-des.rst           |  11 +
 doc/admin/conf_files/kdc_conf.rst             |   7 +-
 doc/admin/enctypes.rst                        |  10 +-
 doc/admin/troubleshoot.rst                    |   9 +-
 doc/appdev/refs/macros/index.rst              |   1 -
 doc/conf.py                                   |   2 +-
 doc/mitK5features.rst                         |   2 +-
 src/Makefile.in                               |   4 +-
 src/configure.ac                              |   1 -
 src/include/krb5/krb5.hin                     |  10 +-
 src/kadmin/testing/proto/kdc.conf.proto       |   4 +-
 src/kdc/kdc_util.c                            |   4 -
 src/lib/crypto/Makefile.in                    |   8 +-
 src/lib/crypto/builtin/Makefile.in            |   6 +-
 src/lib/crypto/builtin/des/ISSUES             |  13 -
 src/lib/crypto/builtin/des/Makefile.in        |  80 ----
 src/lib/crypto/builtin/des/d3_aead.c          | 133 ------
 src/lib/crypto/builtin/des/d3_kysched.c       |  51 ---
 src/lib/crypto/builtin/des/deps               | 150 -------
 src/lib/crypto/builtin/des/des_int.h          | 285 -------------
 src/lib/crypto/builtin/des/des_keys.c         |  40 --
 src/lib/crypto/builtin/des/destest.c          | 240 -----------
 src/lib/crypto/builtin/des/doc/libdes.doc     | 208 ---------
 src/lib/crypto/builtin/des/f_aead.c           | 173 --------
 src/lib/crypto/builtin/des/f_cbc.c            | 256 ------------
 src/lib/crypto/builtin/des/f_cksum.c          | 136 ------
 src/lib/crypto/builtin/des/f_parity.c         |  56 ---
 src/lib/crypto/builtin/des/f_sched.c          | 359 ----------------
 src/lib/crypto/builtin/des/f_tables.c         | 370 ----------------
 src/lib/crypto/builtin/des/f_tables.h         | 285 -------------
 src/lib/crypto/builtin/des/key_sched.c        |  62 ---
 src/lib/crypto/builtin/des/keytest.data       | 171 --------
 src/lib/crypto/builtin/des/t_verify.c         | 395 ------------------
 src/lib/crypto/builtin/des/weak_key.c         |  86 ----
 .../crypto/builtin/enc_provider/Makefile.in   |   6 +-
 src/lib/crypto/builtin/enc_provider/deps      |  13 -
 src/lib/crypto/builtin/enc_provider/des3.c    | 105 -----
 src/lib/crypto/crypto_tests/t_cf2.expected    |   1 -
 src/lib/crypto/crypto_tests/t_cf2.in          |   5 -
 src/lib/crypto/crypto_tests/t_cksums.c        |  10 -
 src/lib/crypto/crypto_tests/t_decrypt.c       |  57 ---
 src/lib/crypto/crypto_tests/t_derive.c        |  36 --
 src/lib/crypto/crypto_tests/t_encrypt.c       |   1 -
 src/lib/crypto/crypto_tests/t_short.c         |   1 -
 src/lib/crypto/crypto_tests/t_str2key.c       |  52 ---
 src/lib/crypto/krb/Makefile.in                |   3 -
 src/lib/crypto/krb/cksumtypes.c               |   6 -
 src/lib/crypto/krb/crypto_int.h               |  16 -
 src/lib/crypto/krb/default_state.c            |  10 -
 src/lib/crypto/krb/enctype_util.c             |   3 +
 src/lib/crypto/krb/etypes.c                   |  21 -
 src/lib/crypto/krb/prf_des.c                  |  47 ---
 src/lib/crypto/krb/random_to_key.c            |  45 --
 src/lib/crypto/libk5crypto.exports            |   1 -
 src/lib/crypto/openssl/Makefile.in            |   8 +-
 src/lib/crypto/openssl/des/Makefile.in        |  20 -
 src/lib/crypto/openssl/des/deps               |  15 -
 src/lib/crypto/openssl/des/des_keys.c         |  40 --
 .../crypto/openssl/enc_provider/Makefile.in   |   3 -
 src/lib/crypto/openssl/enc_provider/deps      |  11 -
 src/lib/crypto/openssl/enc_provider/des3.c    | 184 --------
 src/lib/gssapi/krb5/accept_sec_context.c      |   1 -
 src/lib/gssapi/krb5/gssapiP_krb5.h            |   6 +-
 src/lib/gssapi/krb5/k5seal.c                  |  35 +-
 src/lib/gssapi/krb5/k5sealiov.c               |  27 +-
 src/lib/gssapi/krb5/k5unseal.c                | 102 ++---
 src/lib/gssapi/krb5/k5unsealiov.c             |  38 +-
 src/lib/gssapi/krb5/util_crypt.c              |  11 -
 .../api.current/chpass-principal-v2.exp       |   4 +-
 .../api.current/get-principal-v2.exp          |   4 +-
 .../api.current/randkey-principal-v2.exp      |   4 +-
 src/lib/krb5/krb/init_ctx.c                   |   3 -
 src/lib/krb5/krb/s4u_creds.c                  |   2 -
 src/lib/krb5/krb/t_etypes.c                   |  48 +--
 src/lib/krb5/os/t_trace.c                     |   4 +-
 src/lib/krb5/os/t_trace.ref                   |   2 +-
 src/plugins/preauth/pkinit/pkcs11.h           |   6 +-
 src/plugins/preauth/pkinit/pkinit_clnt.c      |   8 -
 src/plugins/preauth/pkinit/pkinit_crypto.h    |  12 -
 .../preauth/pkinit/pkinit_crypto_openssl.c    |  38 --
 src/plugins/preauth/pkinit/pkinit_kdf_test.c  |  31 --
 src/plugins/preauth/spake/t_vectors.c         |  25 --
 src/tests/dejagnu/config/default.exp          |  78 ----
 src/tests/dejagnu/krb-standalone/kprop.exp    |   2 +-
 src/tests/gssapi/t_enctypes.py                |  33 +-
 src/tests/gssapi/t_invalid.c                  |  12 -
 src/tests/gssapi/t_pcontok.c                  |  16 +-
 src/tests/gssapi/t_prf.c                      |   7 -
 src/tests/t_authdata.py                       |   2 +-
 src/tests/t_etype_info.py                     |  18 +-
 src/tests/t_keyrollover.py                    |   8 +-
 src/tests/t_mkey.py                           |  35 --
 src/tests/t_salt.py                           |   5 +-
 src/util/k5test.py                            |   7 -
 .../leash/htmlhelp/html/Encryption_Types.htm  |  13 -
 95 files changed, 160 insertions(+), 4835 deletions(-)
 delete mode 100644 src/lib/crypto/builtin/des/ISSUES
 delete mode 100644 src/lib/crypto/builtin/des/Makefile.in
 delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c
 delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c
 delete mode 100644 src/lib/crypto/builtin/des/deps
 delete mode 100644 src/lib/crypto/builtin/des/des_int.h
 delete mode 100644 src/lib/crypto/builtin/des/des_keys.c
 delete mode 100644 src/lib/crypto/builtin/des/destest.c
 delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc
 delete mode 100644 src/lib/crypto/builtin/des/f_aead.c
 delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c
 delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c
 delete mode 100644 src/lib/crypto/builtin/des/f_parity.c
 delete mode 100644 src/lib/crypto/builtin/des/f_sched.c
 delete mode 100644 src/lib/crypto/builtin/des/f_tables.c
 delete mode 100644 src/lib/crypto/builtin/des/f_tables.h
 delete mode 100644 src/lib/crypto/builtin/des/key_sched.c
 delete mode 100644 src/lib/crypto/builtin/des/keytest.data
 delete mode 100644 src/lib/crypto/builtin/des/t_verify.c
 delete mode 100644 src/lib/crypto/builtin/des/weak_key.c
 delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c
 delete mode 100644 src/lib/crypto/krb/prf_des.c
 delete mode 100644 src/lib/crypto/openssl/des/Makefile.in
 delete mode 100644 src/lib/crypto/openssl/des/deps
 delete mode 100644 src/lib/crypto/openssl/des/des_keys.c
 delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c

diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst
index 38f76d3f4..d5e3c30c0 100644
--- a/doc/admin/advanced/retiring-des.rst
+++ b/doc/admin/advanced/retiring-des.rst
@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit
 keyspace.  As such, it is now considered insecure and should not be
 used (:rfc:`6649`).
 
+In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types.
+However, due to weakenings of DES and other security concerns, it is now also
+considered insecure and should not be used (:rfc:`8429`).  AES encryption
+types were added to MIT in 2003, meaning that the number of deployments with
+3DES as the strongest encryption type is hopefully small.  The rotation
+procedure described herein works for both DES and 3DES.
+
 History
 -------
 
@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18.  As a
 consequence, a release prior to 1.18 is required to perform these
 migrations.
 
+3DES (a flagged deprecated encryption type) was also removed downstream by
+rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required
+to perform these migrations.
+
 Types of keys
 -------------
 
diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst
index 1dc958d62..3a72aabef 100644
--- a/doc/admin/conf_files/kdc_conf.rst
+++ b/doc/admin/conf_files/kdc_conf.rst
@@ -848,8 +848,6 @@ Encryption types marked as "weak" and "deprecated" are available for
 compatibility but not recommended for use.
 
 ==================================================== =========================================================
-des3-cbc-raw                                         Triple DES cbc mode raw (weak)
-des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd        Triple DES cbc mode with HMAC/sha1 (deprecated)
 aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1       AES-256 CTS mode with 96-bit SHA-1 HMAC
 aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1       AES-128 CTS mode with 96-bit SHA-1 HMAC
 aes256-cts-hmac-sha384-192 aes256-sha2               AES-256 CTS mode with 192-bit SHA-384 HMAC
@@ -858,7 +856,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5               RC4 with HMAC/MD5 (deprecat
 arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp   Exportable RC4 with HMAC/MD5 (weak)
 camellia256-cts-cmac camellia256-cts                 Camellia-256 CTS mode with CMAC
 camellia128-cts-cmac camellia128-cts                 Camellia-128 CTS mode with CMAC
-des3                                                 The triple DES family: des3-cbc-sha1
 aes                                                  The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128
 rc4                                                  The RC4 family: arcfour-hmac
 camellia                                             The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac
@@ -870,8 +867,8 @@ from the current list by prefixing them with a minus sign ("-").
 Types or families can be prefixed with a plus sign ("+") for symmetry;
 it has the same meaning as just listing the type or family.  For
 example, "``DEFAULT -rc4``" would be the default set of encryption
-types with RC4 types removed, and "``des3 DEFAULT``" would be the
-default set of encryption types with triple DES types moved to the
+types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be
+the default set of encryption types with aes128-sha2 moved to the
 front.
 
 While **aes128-cts** and **aes256-cts** are supported for all Kerberos
diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst
index 047185afb..b08d954d9 100644
--- a/doc/admin/enctypes.rst
+++ b/doc/admin/enctypes.rst
@@ -129,7 +129,7 @@ enctype                    weak?      krb5     Windows
 des-cbc-crc                weak       <1.18    >=2000
 des-cbc-md4                weak       <1.18    ?
 des-cbc-md5                weak       <1.18    >=2000
-des3-cbc-sha1              deprecated >=1.1    none
+des3-cbc-sha1              deprecated <1.18    none
 arcfour-hmac               deprecated >=1.3    >=2000
 arcfour-hmac-exp           weak       >=1.3    >=2000
 aes128-cts-hmac-sha1-96               >=1.3    >=Vista
@@ -148,9 +148,11 @@ default.
 krb5 releases 1.17 and later flag deprecated encryption types
 (including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and
 kadmin output.  krb5 release 1.19 issues a warning during initial
-authentication if ``des3-cbc-sha1`` is used.  Future releases will
-disable ``des3-cbc-sha1`` by default and eventually remove support for
-it.
+authentication if ``des3-cbc-sha1`` is used.
+
+krb5 releases 1.18 and later remove single-DES and 3DES
+(downstream-only patch) enctype support.  Microsoft Windows never
+supported 3DES.
 
 
 Migrating away from older encryption types
diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst
index ade5e1f87..e4dc54f7e 100644
--- a/doc/admin/troubleshoot.rst
+++ b/doc/admin/troubleshoot.rst
@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type
 ......................................................................
 
 This most commonly happens when trying to use a principal with only
-DES keys, in a release (MIT krb5 1.7 or later) which disables DES by
-default.  DES encryption is considered weak due to its inadequate key
-size.  If you cannot migrate away from its use, you can re-enable DES
-by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults`
-section of :ref:`krb5.conf(5)`.
+DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES
+by default.  DES encryption is considered weak due to its inadequate
+key size and has been removed upstream; 3DES is not recommended, and
+has been removed downstream by rharwood@redhat.com.
 
 
 .. _err_cert_chain_cert_expired:
diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
index cebb6644c..4d51e795c 100644
--- a/doc/appdev/refs/macros/index.rst
+++ b/doc/appdev/refs/macros/index.rst
@@ -36,7 +36,6 @@ Public
    CKSUMTYPE_HMAC_SHA1_96_AES256.rst
    CKSUMTYPE_HMAC_SHA256_128_AES128.rst
    CKSUMTYPE_HMAC_SHA384_192_AES256.rst
-   CKSUMTYPE_HMAC_SHA1_DES3.rst
    CKSUMTYPE_MD5_HMAC_ARCFOUR.rst
    CKSUMTYPE_NIST_SHA.rst
    CKSUMTYPE_RSA_MD4.rst
diff --git a/doc/conf.py b/doc/conf.py
index 543202bf4..4fb6aae14 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -271,7 +271,7 @@ else:
     rst_epilog += '''
 .. |krb5conf| replace:: ``/etc/krb5.conf``
 .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
+.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
 .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96``
 .. |copy| unicode:: U+000A9
 '''
diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst
index 4954bb3aa..92ce2a772 100644
--- a/doc/mitK5features.rst
+++ b/doc/mitK5features.rst
@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB
 
 krb4 support: Kerberos 5 release < 1.8
 
-DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
+DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
 
 Interoperability
 ----------------
diff --git a/src/Makefile.in b/src/Makefile.in
index 7d2507ef8..c16715ac7 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \
 	lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \
 	lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \
 	lib\crypto\builtin\enc_provider\Makefile \
-	lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \
+	lib\crypto\builtin\md5\Makefile \
 	lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \
 	lib\crypto\builtin\hash_provider\Makefile \
 	lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \
@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \
 ##DOS##	$(WCONFIG) config < $@.in > $@
 ##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP)
 ##DOS##	$(WCONFIG) config < $@.in > $@
-##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP)
-##DOS##	$(WCONFIG) config < $@.in > $@
 ##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP)
 ##DOS##	$(WCONFIG) config < $@.in > $@
 ##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP)
diff --git a/src/configure.ac b/src/configure.ac
index dd2cad3ee..3e1052db7 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -1480,7 +1480,6 @@ V5_AC_OUTPUT_MAKEFILE(.
 	lib/crypto lib/crypto/krb lib/crypto/$CRYPTO_IMPL
 	lib/crypto/$CRYPTO_IMPL/enc_provider
 	lib/crypto/$CRYPTO_IMPL/hash_provider
-	lib/crypto/$CRYPTO_IMPL/des
 	lib/crypto/$CRYPTO_IMPL/md4 lib/crypto/$CRYPTO_IMPL/md5
         lib/crypto/$CRYPTO_IMPL/sha1 lib/crypto/$CRYPTO_IMPL/sha2
 	lib/crypto/$CRYPTO_IMPL/aes lib/crypto/$CRYPTO_IMPL/camellia
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index db80063eb..63e67a2ba 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov {
 #define ENCTYPE_DES_CBC_MD4     0x0002  /**< @deprecated no longer supported */
 #define ENCTYPE_DES_CBC_MD5     0x0003  /**< @deprecated no longer supported */
 #define ENCTYPE_DES_CBC_RAW     0x0004  /**< @deprecated no longer supported */
-#define ENCTYPE_DES3_CBC_SHA    0x0005  /**< @deprecated DES-3 cbc with SHA1 */
-#define ENCTYPE_DES3_CBC_RAW    0x0006  /**< @deprecated DES-3 cbc mode raw */
+#define ENCTYPE_DES3_CBC_SHA    0x0005  /**< @deprecated no longer supported */
+#define ENCTYPE_DES3_CBC_RAW    0x0006  /**< @deprecated no longer supported */
 #define ENCTYPE_DES_HMAC_SHA1   0x0008  /**< @deprecated no longer supported */
 /* PKINIT */
 #define ENCTYPE_DSA_SHA1_CMS    0x0009  /**< DSA with SHA1, CMS signature */
@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov {
 #define ENCTYPE_RC2_CBC_ENV     0x000c  /**< RC2 cbc mode, CMS enveloped data */
 #define ENCTYPE_RSA_ENV         0x000d  /**< RSA encryption, CMS enveloped data */
 #define ENCTYPE_RSA_ES_OAEP_ENV 0x000e  /**< RSA w/OEAP encryption, CMS enveloped data */
-#define ENCTYPE_DES3_CBC_ENV    0x000f  /**< DES-3 cbc mode, CMS enveloped data */
+#define ENCTYPE_DES3_CBC_ENV    0x000f  /**< @deprecated no longer supported */
 
-#define ENCTYPE_DES3_CBC_SHA1               0x0010
+#define ENCTYPE_DES3_CBC_SHA1               0x0010 /**< @deprecated removed */
 #define ENCTYPE_AES128_CTS_HMAC_SHA1_96     0x0011 /**< RFC 3962 */
 #define ENCTYPE_AES256_CTS_HMAC_SHA1_96     0x0012 /**< RFC 3962 */
 #define ENCTYPE_AES128_CTS_HMAC_SHA256_128  0x0013 /**< RFC 8009 */
@@ -458,7 +458,7 @@ typedef struct _krb5_crypto_iov {
 #define CKSUMTYPE_RSA_MD5       0x0007
 #define CKSUMTYPE_RSA_MD5_DES   0x0008
 #define CKSUMTYPE_NIST_SHA      0x0009
-#define CKSUMTYPE_HMAC_SHA1_DES3      0x000c
+#define CKSUMTYPE_HMAC_SHA1_DES3      0x000c /* @deprecated removed */
 #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with
                                                 ENCTYPE_AES128_CTS_HMAC_SHA1_96 */
 #define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with
diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto
index 8a4b87de1..d7f1d076b 100644
--- a/src/kadmin/testing/proto/kdc.conf.proto
+++ b/src/kadmin/testing/proto/kdc.conf.proto
@@ -11,6 +11,6 @@
 		dict_file = __K5ROOT__/ovsec_adm.dict
 		kadmind_port = 1751
 		kpasswd_port = 1752
-		master_key_type = des3-hmac-sha1
-		supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
+		master_key_type = aes256-cts
+		supported_enctypes = aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
 	}
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 60f30c4f4..c65375aef 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -1017,8 +1017,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen)
         name = "rsaEncryption-EnvOID";
     else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV)
         name = "id-RSAES-OAEP-EnvOID";
-    else if (ktype == ENCTYPE_DES3_CBC_ENV)
-        name = "des-ede3-cbc-EnvOID";
     else
         return krb5_enctype_to_name(ktype, FALSE, buf, buflen);
 
@@ -1605,8 +1603,6 @@ krb5_boolean
 enctype_requires_etype_info_2(krb5_enctype enctype)
 {
     switch(enctype) {
-    case ENCTYPE_DES3_CBC_SHA1:
-    case ENCTYPE_DES3_CBC_RAW:
     case ENCTYPE_ARCFOUR_HMAC:
     case ENCTYPE_ARCFOUR_HMAC_EXP :
         return 0;
diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
index c3fcfd7e8..890d54adf 100644
--- a/src/lib/crypto/Makefile.in
+++ b/src/lib/crypto/Makefile.in
@@ -13,7 +13,7 @@ STOBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST				\
 	$(CRYPTO_IMPL)/hash_provider/OBJS.ST				\
 	$(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST		\
 	$(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST		\
-	$(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST		\
+	$(CRYPTO_IMPL)/aes/OBJS.ST					\
 	$(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST			\
 	$(CRYPTO_IMPL)/OBJS.ST
 
@@ -21,7 +21,7 @@ SUBDIROBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST			\
 	$(CRYPTO_IMPL)/hash_provider/OBJS.ST				\
 	$(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST		\
 	$(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST		\
-	$(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST		\
+	$(CRYPTO_IMPL)/aes/OBJS.ST					\
 	$(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST			\
 	$(CRYPTO_IMPL)/OBJS.ST
 
@@ -34,8 +34,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB)
 SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@
 
 ##DOS##LIBNAME=$(OUTPRE)crypto.lib
-##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
-##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
+##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
+##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
 
 all-unix: all-liblinks
 install-unix: install-libs
diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in
index baf5d974f..82adf1dec 100644
--- a/src/lib/crypto/builtin/Makefile.in
+++ b/src/lib/crypto/builtin/Makefile.in
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)builtin
 BUILDTOP=$(REL)..$(S)..$(S)..
-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
 LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
 
 ##DOS##BUILDTOP = ..\..\..
@@ -22,7 +22,7 @@ SRCS=\
 	$(srcdir)/init.c	\
 	$(srcdir)/pbkdf2.c	
 
-STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
+STOBJLISTS= md4/OBJS.ST 		\
 	md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST	\
 	enc_provider/OBJS.ST 		\
 	hash_provider/OBJS.ST 		\
@@ -30,7 +30,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
 	camellia/OBJS.ST 		\
 	OBJS.ST
 
-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
+SUBDIROBJLISTS= md4/OBJS.ST	 	\
 		md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST 	\
 		enc_provider/OBJS.ST 		\
 		hash_provider/OBJS.ST 		\
diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES
deleted file mode 100644
index 157891103..000000000
--- a/src/lib/crypto/builtin/des/ISSUES
+++ /dev/null
@@ -1,13 +0,0 @@
-Issues to be addressed for src/lib/crypto/des: -*- text -*-
-
-
-"const" could be used in more places
-
-
-Array types are used in calling interfaces.  Under ANSI C, a value of
-type "arraytype *" cannot be assigned to a variable of type "const
-arraytype *", so we get compilation warnings.
-
-Possible fix: Rewrite internal interfaces to not use arrays this way.
-Provide external routines compatible with old API, but not using
-const?
diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in
deleted file mode 100644
index 54b329d0f..000000000
--- a/src/lib/crypto/builtin/des/Makefile.in
+++ /dev/null
@@ -1,80 +0,0 @@
-mydir=lib$(S)crypto$(S)builtin$(S)des
-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb
-
-##DOS##BUILDTOP = ..\..\..\..
-##DOS##PREFIXDIR = builtin\des
-##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst
-
-STLIBOBJS=\
-	d3_aead.o	\
-	d3_kysched.o	\
-	des_keys.o	\
-	f_aead.o 	\
-	f_cksum.o	\
-	f_parity.o 	\
-	f_sched.o 	\
-	f_tables.o	\
-	key_sched.o	\
-	weak_key.o
-
-OBJS=	$(OUTPRE)d3_aead.$(OBJEXT)	\
-	$(OUTPRE)d3_kysched.$(OBJEXT)	\
-	$(OUTPRE)des_keys.$(OBJEXT)	\
-	$(OUTPRE)f_aead.$(OBJEXT) 	\
-	$(OUTPRE)f_cksum.$(OBJEXT)	\
-	$(OUTPRE)f_parity.$(OBJEXT) 	\
-	$(OUTPRE)f_sched.$(OBJEXT) 	\
-	$(OUTPRE)f_tables.$(OBJEXT)	\
-	$(OUTPRE)key_sched.$(OBJEXT)	\
-	$(OUTPRE)weak_key.$(OBJEXT)
-
-SRCS=	$(srcdir)/d3_aead.c	\
-	$(srcdir)/d3_kysched.c	\
-	$(srcdir)/des_keys.c	\
-	$(srcdir)/f_aead.c	\
-	$(srcdir)/f_cksum.c	\
-	$(srcdir)/f_parity.c	\
-	$(srcdir)/f_sched.c	\
-	$(srcdir)/f_tables.c	\
-	$(srcdir)/key_sched.c	\
-	$(srcdir)/weak_key.c
-
-EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c
-
-##DOS##LIBOBJS = $(OBJS)
-
-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
-	$(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \
-	$(OUTPRE)f_cksum.$(OBJEXT)
-
-verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
-	$(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
-	$(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
-		$(COM_ERR_LIB) $(SUPPORT_LIB)
-
-destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
-	$(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
-
-all-unix: all-libobjs
-
-check-unix: verify destest
-	$(RUN_TEST) ./verify -z
-	$(RUN_TEST) ./verify -m
-	$(RUN_TEST) ./verify
-	$(RUN_TEST) ./destest < $(srcdir)/keytest.data
-
-includes: depend
-
-depend: $(SRCS)
-
-check-windows:
-
-clean:
-	$(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \
-	t_verify.$(OBJEXT) $(TOBJS)
-
-clean-unix:: clean-libobjs
-
-@libobj_frag@
-
diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c
deleted file mode 100644
index bddf75a47..000000000
--- a/src/lib/crypto/builtin/des/d3_aead.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
- * Copyright 1995 by Richard P. Basch.  All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission.  Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose.  It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-#include "f_tables.h"
-
-void
-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-                         const mit_des_key_schedule ks1,
-                         const mit_des_key_schedule ks2,
-                         const mit_des_key_schedule ks3,
-                         mit_des_cblock ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp1, *kp2, *kp3;
-    const unsigned char *ip;
-    struct iov_cursor cursor;
-    unsigned char block[MIT_DES_BLOCK_LENGTH];
-
-    /* Get key pointers here.  These won't need to be reinitialized. */
-    kp1 = (const unsigned DES_INT32 *)ks1;
-    kp2 = (const unsigned DES_INT32 *)ks2;
-    kp3 = (const unsigned DES_INT32 *)ks3;
-
-    /* Initialize left and right with the contents of the initial vector. */
-    ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-    left = load_32_be(ip);
-    right = load_32_be(ip + 4);
-
-    k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-    while (k5_iov_cursor_get(&cursor, block)) {
-        /* xor this block with the previous ciphertext. */
-        left ^= load_32_be(block);
-        right ^= load_32_be(block + 4);
-
-        /* Encrypt what we have and store it back into block. */
-        DES_DO_ENCRYPT(left, right, kp1);
-        DES_DO_DECRYPT(left, right, kp2);
-        DES_DO_ENCRYPT(left, right, kp3);
-        store_32_be(left, block);
-        store_32_be(right, block + 4);
-
-        k5_iov_cursor_put(&cursor, block);
-    }
-
-    if (ivec != NULL) {
-        store_32_be(left, ivec);
-        store_32_be(right, ivec + 4);
-    }
-}
-
-void
-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-                         const mit_des_key_schedule ks1,
-                         const mit_des_key_schedule ks2,
-                         const mit_des_key_schedule ks3,
-                         mit_des_cblock ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp1, *kp2, *kp3;
-    const unsigned char *ip;
-    unsigned DES_INT32 ocipherl, ocipherr;
-    unsigned DES_INT32 cipherl, cipherr;
-    struct iov_cursor cursor;
-    unsigned char block[MIT_DES_BLOCK_LENGTH];
-
-    /* Get key pointers here.  These won't need to be reinitialized. */
-    kp1 = (const unsigned DES_INT32 *)ks1;
-    kp2 = (const unsigned DES_INT32 *)ks2;
-    kp3 = (const unsigned DES_INT32 *)ks3;
-
-    /*
-     * Decrypting is harder than encrypting because of
-     * the necessity of remembering a lot more things.
-     * Should think about this a little more...
-     */
-
-    /* Prime the old cipher with ivec.*/
-    ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-    ocipherl = load_32_be(ip);
-    ocipherr = load_32_be(ip + 4);
-
-    k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-    while (k5_iov_cursor_get(&cursor, block)) {
-        /* Split this block into left and right. */
-        cipherl = left = load_32_be(block);
-        cipherr = right = load_32_be(block + 4);
-
-        /* Decrypt and xor with the old cipher to get plain text. */
-        DES_DO_DECRYPT(left, right, kp3);
-        DES_DO_ENCRYPT(left, right, kp2);
-        DES_DO_DECRYPT(left, right, kp1);
-        left ^= ocipherl;
-        right ^= ocipherr;
-
-        /* Store the encrypted halves back into block. */
-        store_32_be(left, block);
-        store_32_be(right, block + 4);
-
-        /* Save current cipher block halves. */
-        ocipherl = cipherl;
-        ocipherr = cipherr;
-
-        k5_iov_cursor_put(&cursor, block);
-    }
-
-    if (ivec != NULL) {
-        store_32_be(ocipherl, ivec);
-        store_32_be(ocipherr, ivec + 4);
-    }
-}
diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c
deleted file mode 100644
index ebd1050b1..000000000
--- a/src/lib/crypto/builtin/des/d3_kysched.c
+++ /dev/null
@@ -1,51 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright 1995 by Richard P. Basch.  All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission.  Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose.  It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-int
-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
-{
-    mit_des_make_key_sched(k[0],schedule[0]);
-    mit_des_make_key_sched(k[1],schedule[1]);
-    mit_des_make_key_sched(k[2],schedule[2]);
-
-    if (!mit_des_check_key_parity(k[0]))        /* bad parity --> return -1 */
-        return(-1);
-    if (mit_des_is_weak_key(k[0]))
-        return(-2);
-
-    if (!mit_des_check_key_parity(k[1]))
-        return(-1);
-    if (mit_des_is_weak_key(k[1]))
-        return(-2);
-
-    if (!mit_des_check_key_parity(k[2]))
-        return(-1);
-    if (mit_des_is_weak_key(k[2]))
-        return(-2);
-
-    /* if key was good, return 0 */
-    return 0;
-}
diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps
deleted file mode 100644
index a1db1f36e..000000000
--- a/src/lib/crypto/builtin/des/deps
+++ /dev/null
@@ -1,150 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-  $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
-  $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  d3_aead.c des_int.h f_tables.h
-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  d3_kysched.c des_int.h
-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
-  $(srcdir)/../aes/brg_types.h $(srcdir)/../crypto_mod.h \
-  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c
-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-  $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
-  $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h f_aead.c f_tables.h
-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_cksum.c \
-  f_tables.h
-f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h f_parity.c
-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_sched.c
-f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h f_tables.c f_tables.h
-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h key_sched.c
-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h weak_key.c
-destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h destest.c
-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \
-  f_tables.h
-t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_int.h t_verify.c
diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h
deleted file mode 100644
index f8dc6b296..000000000
--- a/src/lib/crypto/builtin/des/des_int.h
+++ /dev/null
@@ -1,285 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/des_int.h */
-/*
- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
- * Technology.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* Private include file for the Data Encryption Standard library. */
-
-/* only do the whole thing once  */
-#ifndef DES_INTERNAL_DEFS
-#define DES_INTERNAL_DEFS
-
-#include "k5-int.h"
-/*
- * Begin "mit-des.h"
- */
-#ifndef KRB5_MIT_DES__
-#define KRB5_MIT_DES__
-
-#if defined(__MACH__) && defined(__APPLE__)
-#include <TargetConditionals.h>
-#include <AvailabilityMacros.h>
-#if TARGET_RT_MAC_CFM
-#error "Use KfM 4.0 SDK headers for CFM compilation."
-#endif
-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
-#endif
-#endif /* defined(__MACH__) && defined(__APPLE__) */
-
-/* Macro to add deprecated attribute to DES types and functions */
-/* Currently only defined on macOS 10.5 and later.              */
-#ifndef KRB5INT_DES_DEPRECATED
-#define KRB5INT_DES_DEPRECATED
-#endif
-
-#include <limits.h>
-
-#if UINT_MAX >= 0xFFFFFFFFUL
-#define DES_INT32 int
-#define DES_UINT32 unsigned int
-#else
-#define DES_INT32 long
-#define DES_UINT32 unsigned long
-#endif
-
-typedef unsigned char des_cblock[8]     /* crypto-block size */
-KRB5INT_DES_DEPRECATED;
-
-/*
- * Key schedule.
- *
- * This used to be
- *
- * typedef struct des_ks_struct {
- *     union { DES_INT32 pad; des_cblock _;} __;
- * } des_key_schedule[16];
- *
- * but it would cause trouble if DES_INT32 were ever more than 4
- * bytes.  The reason is that all the encryption functions cast it to
- * (DES_INT32 *), and treat it as if it were DES_INT32[32].  If
- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
- * caller-allocated des_key_schedule will be overflowed by the key
- * scheduling functions.  We can't assume that every platform will
- * have an exact 32-bit int, and nothing should be looking inside a
- * des_key_schedule anyway.
- */
-typedef struct des_ks_struct {  DES_INT32 _[2]; } des_key_schedule[16]
-KRB5INT_DES_DEPRECATED;
-
-typedef des_cblock mit_des_cblock;
-typedef des_key_schedule mit_des_key_schedule;
-
-/* Triple-DES structures */
-typedef mit_des_cblock          mit_des3_cblock[3];
-typedef mit_des_key_schedule    mit_des3_key_schedule[3];
-
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
-
-typedef struct mit_des_ran_key_seed {
-    krb5_encrypt_block eblock;
-    krb5_data sequence;
-} mit_des_random_state;
-
-/* the first byte of the key is already in the keyblock */
-
-#define MIT_DES_BLOCK_LENGTH            (8*sizeof(krb5_octet))
-/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE                 8
-
-#define MIT_DES_CBC_CKSUM_LENGTH        (4*sizeof(krb5_octet))
-
-#endif /* KRB5_MIT_DES__ */
-/*
- * End "mit-des.h"
- */
-
-/* afsstring2key.c */
-krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
-                                      const krb5_data *data,
-                                      const krb5_data *salt);
-char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf);
-
-/* f_cksum.c */
-unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *,
-                                unsigned long, const mit_des_key_schedule,
-                                const krb5_octet *);
-
-/* f_cbc.c (used by test programs) */
-int
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
-                    unsigned long length, const mit_des_key_schedule schedule,
-                    const mit_des_cblock ivec, int enc);
-
-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
-extern const mit_des_cblock mit_des_zeroblock;
-
-/* fin_rndkey.c */
-krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *,
-                                          krb5_pointer *);
-
-/* finish_key.c */
-krb5_error_code mit_des_finish_key(krb5_encrypt_block *);
-
-/* init_rkey.c */
-krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
-                                        const krb5_keyblock *,
-                                        krb5_pointer *);
-
-/* key_parity.c */
-void mit_des_fixup_key_parity(mit_des_cblock);
-int mit_des_check_key_parity(mit_des_cblock);
-
-/* key_sched.c */
-int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule);
-
-/* process_ky.c */
-krb5_error_code mit_des_process_key(krb5_encrypt_block *,
-                                    const krb5_keyblock *);
-
-/* random_key.c */
-krb5_error_code mit_des_random_key(const krb5_encrypt_block *,
-                                   krb5_pointer, krb5_keyblock **);
-
-/* string2key.c */
-krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *,
-                                      krb5_keyblock *, const krb5_data *,
-                                      const krb5_data *);
-krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *,
-                                          const krb5_data *);
-
-/* weak_key.c */
-int mit_des_is_weak_key(mit_des_cblock);
-
-/* cmb_keys.c */
-krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *,
-                                        const krb5_keyblock *,
-                                        krb5_keyblock **);
-
-/* f_pcbc.c */
-int mit_des_pcbc_encrypt();
-
-/* f_sched.c */
-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
-
-
-/* misc.c */
-extern void swap_bits(char *);
-extern unsigned long long_swap_bits(unsigned long);
-extern unsigned long swap_six_bits_to_ansi(unsigned long);
-extern unsigned long swap_four_bits_to_ansi(unsigned long);
-extern unsigned long swap_bit_pos_1(unsigned long);
-extern unsigned long swap_bit_pos_0(unsigned long);
-extern unsigned long swap_bit_pos_0_to_ansi(unsigned long);
-extern unsigned long rev_swap_bit_pos_0(unsigned long);
-extern unsigned long swap_byte_bits(unsigned long);
-extern unsigned long swap_long_bytes_bit_number(unsigned long);
-#ifdef FILE
-/* XXX depends on FILE being a #define! */
-extern void test_set(FILE *, const char *, int, const char *, int);
-#endif
-
-void
-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-                         const mit_des_key_schedule ks1,
-                         const mit_des_key_schedule ks2,
-                         const mit_des_key_schedule ks3,
-                         mit_des_cblock ivec);
-
-void
-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-                         const mit_des_key_schedule ks1,
-                         const mit_des_key_schedule ks2,
-                         const mit_des_key_schedule ks3,
-                         mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-                        const mit_des_key_schedule schedule,
-                        mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-                        const mit_des_key_schedule schedule,
-                        mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
-                    const mit_des_key_schedule schedule, mit_des_cblock ivec,
-                    mit_des_cblock out);
-
-/* d3_procky.c */
-krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock,
-                                     const krb5_keyblock *keyblock);
-
-/* d3_kysched.c */
-int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule);
-
-/* d3_str2ky.c */
-krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock,
-                                       krb5_keyblock *keyblock,
-                                       const krb5_data *data,
-                                       const krb5_data *salt);
-
-/* u_nfold.c */
-krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len,
-                               krb5_octet *output, const size_t out_len);
-
-/* u_rn_key.c */
-int mit_des_is_weak_keyblock(krb5_keyblock *keyblock);
-
-void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock);
-
-krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed,
-                                                  krb5_pointer random_state);
-
-krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence,
-                                                   krb5_pointer random_state);
-#endif  /*DES_INTERNAL_DEFS*/
diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c
deleted file mode 100644
index 32b119aad..000000000
--- a/src/lib/crypto/builtin/des/des_keys.c
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */
-/*
- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-
-void
-k5_des_fixup_key_parity(unsigned char *keybits)
-{
-    mit_des_fixup_key_parity(keybits);
-}
-
-krb5_boolean
-k5_des_is_weak_key(unsigned char *keybits)
-{
-    return mit_des_is_weak_key(keybits);
-}
diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c
deleted file mode 100644
index 52114304e..000000000
--- a/src/lib/crypto/builtin/des/destest.c
+++ /dev/null
@@ -1,240 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/destest.c */
-/*
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* Test a DES implementation against known inputs & outputs. */
-
-#include "des_int.h"
-#include <ctype.h>
-#include <stdio.h>
-
-void convert (char *, unsigned char []);
-
-void des_cblock_print_file (mit_des_cblock, FILE *);
-
-krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0};
-
-int
-main(argc, argv)
-    int argc;
-    char *argv[];
-{
-    char block1[17], block2[17], block3[17];
-    /* Force tests of unaligned accesses.  */
-    union { unsigned char c[8*4+3]; long l; } u;
-    unsigned char *ioblocks = u.c;
-    unsigned char *input = ioblocks+1;
-    unsigned char *output = ioblocks+10;
-    unsigned char *output2 = ioblocks+19;
-    unsigned char *key = ioblocks+27;
-    mit_des_key_schedule sched;
-    int num = 0;
-    int retval;
-
-    int error = 0;
-
-    while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
-        convert(block1, key);
-        convert(block2, input);
-        convert(block3, output);
-
-        retval = mit_des_key_sched(key, sched);
-        if (retval) {
-            fprintf(stderr, "des test: can't process key: %d\n", retval);
-            fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
-            exit(1);
-        }
-        mit_des_cbc_encrypt((const mit_des_cblock *) input,
-                            (mit_des_cblock *) output2, 8,
-                            sched, zeroblock, 1);
-
-        if (memcmp((char *)output2, (char *)output, 8)) {
-            fprintf(stderr,
-                    "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
-                    block1, block2, block3,
-                    output2[0],output2[1],output2[2],output2[3],
-                    output2[4],output2[5],output2[6],output2[7]);
-            error++;
-        }
-
-        /*
-         * Now try decrypting....
-         */
-        mit_des_cbc_encrypt((const mit_des_cblock *) output,
-                            (mit_des_cblock *) output2, 8,
-                            sched, zeroblock, 0);
-
-        if (memcmp((char *)output2, (char *)input, 8)) {
-            fprintf(stderr,
-                    "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
-                    block1, block2, block3,
-                    output2[0],output2[1],output2[2],output2[3],
-                    output2[4],output2[5],output2[6],output2[7]);
-            error++;
-        }
-
-        num++;
-    }
-
-    if (error)
-        printf("destest: failed to pass the test\n");
-    else
-        printf("destest: %d tests passed successfully\n", num);
-
-    exit( (error > 256 && error % 256) ? 1 : error);
-}
-
-int value[128] = {
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    0, 1, 2, 3, 4, 5, 6, 7,
-    8, 9, -1, -1, -1, -1, -1, -1,
-    -1, 10, 11, 12, 13, 14, 15, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-    -1, -1, -1, -1, -1, -1, -1, -1,
-};
-
-void
-convert(text, cblock)
-    char *text;
-    unsigned char cblock[];
-{
-    int i;
-    for (i = 0; i < 8; i++) {
-        if (!isascii((unsigned char)text[i * 2]))
-            abort ();
-        if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
-            printf("Bad value byte %d in %s\n", i, text);
-            exit(1);
-        }
-        cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
-    }
-    return;
-}
-
-/*
- * Fake out the DES library, for the purposes of testing.
- */
-
-int
-mit_des_is_weak_key(key)
-    mit_des_cblock key;
-{
-    return 0;                           /* fake it out for testing */
-}
-
-void
-des_cblock_print_file(x, fp)
-    mit_des_cblock x;
-    FILE *fp;
-{
-    unsigned char *y = (unsigned char *) x;
-    int i = 0;
-    fprintf(fp," 0x { ");
-
-    while (i++ < 8) {
-        fprintf(fp,"%x",*y++);
-        if (i < 8)
-            fprintf(fp,", ");
-    }
-    fprintf(fp," }");
-}
-
-
-#define smask(step) ((1<<step)-1)
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- *                       See des_fix_key_parity for the definition of
- *                       correct des parity.
- */
-int
-mit_des_check_key_parity(key)
-    mit_des_cblock key;
-{
-    unsigned int i;
-
-    for (i=0; i<sizeof(mit_des_cblock); i++) {
-        if ((key[i] & 1) == parity_char(0xfe&key[i])) {
-            printf("warning: bad parity key:");
-            des_cblock_print_file(key, stdout);
-            putchar('\n');
-
-            return 1;
-        }
-    }
-
-    return(1);
-}
-
-void
-mit_des_fixup_key_parity(key)
-    mit_des_cblock key;
-{
-    unsigned int i;
-    for (i=0; i<sizeof(mit_des_cblock); i++)
-    {
-        key[i] &= 0xfe;
-        key[i] |= 1^parity_char(key[i]);
-    }
-
-    return;
-}
diff --git a/src/lib/crypto/builtin/des/doc/libdes.doc b/src/lib/crypto/builtin/des/doc/libdes.doc
deleted file mode 100644
index 6e9431ed2..000000000
--- a/src/lib/crypto/builtin/des/doc/libdes.doc
+++ /dev/null
@@ -1,208 +0,0 @@
-
-	How to use the Kerberos encryption library.
-
-			Revised		10/15/85	spm
-
-1)	The following include file is needed:
-	
-	/projects/auth/include/des.h	(VAX)
-	---------------					(PC8086)
-
-2)	The encryption library that should be linked to is:
-	
-	/projects/auth/lib/libdes.a		(VAX)
-|	/projects/auth/ibm/lib/libdes.a	(PC8086 cross-compilation environment)
-
-3)	For each key that may be simultaneously active,
-	allocate (either compile or malloc) a "Key_schedule" struct, 
-	defined in "des.h"
-
-4)	Create key schedules, as needed, prior to using the encryption
-	routines, via "des_set_key()".
-
-5)  Setup the input and output areas.  Make sure to note the restrictions
-	on lengths being multiples of eight bytes.
-
-6)	Invoke the encryption/decryption routines, "ecb_encrypt()"
-	 or "cbc_encrypt()"
-
-7)	To generate a cryptographic checksum, use "cbc_cksum()"
-/*	----------------------------------------------------------------	*/
-	
-	Routine Interfaces--
-
-/*	-----------------------------------------------------------------	*/
-
-int
-	des_set_key(k,schedule)
-		C_Block			*k;
-		Key_schedule	schedule;
-
-	Calculates a key schedule from (all) eight bytes of the input key, and
-	puts it into the indicated "Key_schedule" struct;
-
-	Make sure to pass valid eight bytes, no padding or other processing
-	it done.
-
-	The key schedule is then used in subsequent encryption/decryption
-	operations.  Many key schedules may be created and cached for later
-	use.
-
-	The user is responsible to clear keys and schedules no longer needed
-	to prevent their disclosure.
-
-|	Checks the parity of the key provided, to make sure it is odd per
-|	FIPS spec.  Returns 0 value for key ok, 1 for key_parity error.
-
-/*	----------------------------------------------------------------	*/
-	
-int
-	ecb_encrypt(input,output,schedule,encrypt)
-		C_Block			*input;		/* ptr to eight byte input value */
-		C_Block			*output;	/* ptr to eight byte output value */
-		int				encrypt;	/* 0 ==> decrypt, else encrypt */
-		Key_schedule	schedule;	/* addr of key schedule */
-
-This is the low level routine that encrypts or decrypts a single 8-byte
-block in electronic code book mode.  Always transforms the input
-data into the output data.
-
-If encrypt is non-zero, the input (cleartext) is encrypted into the
-output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
-
-If encrypt is zero, the input (now ciphertext) is decrypted into
-the output (now cleartext).
-
-Input and output may be the same space.
-
-Does not return any meaningful value.  Void is not used for compatibility
-with other compilers.
-
-/*	--------------------------------------------------------------	*/
-
-int	
-	cbc_encrypt(input,output,length,schedule,ivec,encrypt)
-
-		C_Block			*input;		/* ptr to input data */
-		C_Block			*output;	/* ptr to output data */
-		int				length;		/* desired length, in bytes */
-		Key_schedule	schedule;		/* addr of precomputed schedule */
-		C_Block			*ivec;		/* pointer to 8 byte initialization
-									 * vector
-									 */
-		int				encrypt		/* 0 ==> decrypt; else encrypt*/
-
-
-	If encrypt is non-zero, the routine cipher-block-chain encrypts
-	the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
-	key schedule and initialization vector.  If the length is not an integral
-	multiple of eight bytes, the last block is copied to a temp and zero 
-	filled (highest addresses).  The output is ALWAYS an integral multiple
-	of eight bytes.
-
-	If encrypt is zero, the routine cipher-block chain decrypts the INPUT
-	(ciphertext) into the OUTPUT (cleartext) using the provided key schedule
-	and	initialization vector.	Decryption ALWAYS operates on integral
-	multiples of 8 bytes, so will round the length provided up to the
-	appropriate	multiple. Consequently,	it will always produce the rounded-up
-	number of bytes of output cleartext. The application must determine if
-	the output cleartext was zero-padded due to cleartext lengths not integral
-	multiples of 8.
-
-	No errors or meaningful value are returned.  Void is not used for
-	compatibility with other compilers.
-
-
-/* cbc checksum (MAC) only routine  ---------------------------------------- */
-int	
-	cbc_cksum(input,output,length,schedule,ivec)
-
-	C_Block		 	*input;		/* >= length bytes of inputtext	 */
-	C_Block		 	*output;	/* >= length bytes of outputtext */
-	int				length;		/* in bytes						*/
-	Key_schedule	schedule;	/* precomputed key schedule	   */
-	C_Block			*ivec;		/* 8 bytes of ivec			   */
-
-
-	Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
-	encrypting the input, discarding the ciphertext output, and only retaining
-	the last ciphertext 8-byte block.  Uses the provided key schedule and ivec.
-	The input is effectively zero-padded to an integral multiple of
-	eight bytes, though the original input is not modified.
-
-	No meaningful value is returned.  Void is not used for compatibility
-	with other compilers.
-
-
-/*	random_key ----------------------------------------*/
-int
-	random_key(key)
-
-	C_Block	*key;
-
-	The start for the random number generated is set from the current time
-	in microseconds, then the random number generator is invoked
-	to create an eight byte output key (not a schedule).  The key
-	generated is set to odd parity per FIPS spec.
-
-	The caller must	supply space for the output key, pointed to 
-	by "*key", then after getting a new key, call the des_set_key() 
-	routine when needed.
-
-	No meaningful value is returned.  Void is not used for compatibility
-	with other compilers.
-
-
-/* string_to_key --------------------------------------------*/
-
-int
-	string_to_key(str,key)
-	char		*str;
-	C_Block	*key;
-
-	This routines converts an arbitrary length, null terminated string
-	to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
-
-	The algorithm is as follows:
-
-|	Take the first 8 bytes and remove the parity (leaving 56 bits).
-|	Do the same for the second 8 bytes, and the third, etc.  Do this for
-|	as many sets of 8 bytes as necessary, filling in the remainder of the
-|	last set with nulls.  Fold the second set back on the first (i.e. bit
-|	0 over bit 55, and bit 55 over bit 0).  Fold the third over the second
-|	(bit 0 of the third set is now over bit 0 of the first set).  Repeat
-|	until you have done this to all sets.  Xor the folded sets.  Break the
-|	result into 8 7 bit bytes, and generate odd parity for each byte.  You
-|	now have 64 bits.  Note that DES takes a 64 bit key, and uses only the
-|	non parity bits.
-
-
-/* read_password -------------------------------------------*/
-
-read_password(k,prompt,verify)
-	C_Block	*k;
-	char *prompt;
-	int	verify;
-
-This routine issues the supplied prompt, turns off echo, if possible, and
-reads an input string.  If verify is non-zero, it does it again, for use
-in applications such as changing a password. If verify is non-zero, both
-versions are compared, and the input is requested repeatedly until they
-match.  Then, the input string is mapped into a valid DES key, internally
-using the string_to_key routine.  The newly created key is copied to the
-area pointed to by parameter "k".  
-
-No meaningful value is returned.  If an error occurs trying to manipulate
-the terminal echo, the routine forces the process to exit.
-
-/* get_line ------------------------*/
-long get_line(p,max)
-	char	*p;
-	long	max;
-
-Reads input characters from standard input until either a newline appears or
-else the max length is reached.  The characters read are stuffed into
-the string pointed to, which will always be null terminated.  The newline
-is not inserted in the string.  The max parameter includes the byte needed
-for the null terminator, so allocate and pass one more than the maximum
-string length desired.
diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c
deleted file mode 100644
index 71b8dff4d..000000000
--- a/src/lib/crypto/builtin/des/f_aead.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
- * Copyright 1995 by Richard P. Basch.  All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc.  All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission.  Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose.  It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-#include "f_tables.h"
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-void
-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
-                        const mit_des_key_schedule schedule,
-                        mit_des_cblock ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp;
-    const unsigned char *ip;
-    struct iov_cursor cursor;
-    unsigned char block[MIT_DES_BLOCK_LENGTH];
-
-    /* Get key pointer here.  This won't need to be reinitialized. */
-    kp = (const unsigned DES_INT32 *)schedule;
-
-    /* Initialize left and right with the contents of the initial vector. */
-    ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-    left = load_32_be(ip);
-    right = load_32_be(ip + 4);
-
-    k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-    while (k5_iov_cursor_get(&cursor, block)) {
-        /* Decompose this block and xor it with the previous ciphertext. */
-        left ^= load_32_be(block);
-        right ^= load_32_be(block + 4);
-
-        /* Encrypt what we have and put back into block. */
-        DES_DO_ENCRYPT(left, right, kp);
-        store_32_be(left, block);
-        store_32_be(right, block + 4);
-
-        k5_iov_cursor_put(&cursor, block);
-    }
-
-    if (ivec != NULL) {
-        store_32_be(left, ivec);
-        store_32_be(right, ivec + 4);
-    }
-}
-
-void
-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
-                        const mit_des_key_schedule schedule,
-                        mit_des_cblock ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp;
-    const unsigned char *ip;
-    unsigned DES_INT32 ocipherl, ocipherr;
-    unsigned DES_INT32 cipherl, cipherr;
-    struct iov_cursor cursor;
-    unsigned char block[MIT_DES_BLOCK_LENGTH];
-
-    /* Get key pointer here.  This won't need to be reinitialized. */
-    kp = (const unsigned DES_INT32 *)schedule;
-
-    /*
-     * Decrypting is harder than encrypting because of
-     * the necessity of remembering a lot more things.
-     * Should think about this a little more...
-     */
-
-    /* Prime the old cipher with ivec. */
-    ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-    ocipherl = load_32_be(ip);
-    ocipherr = load_32_be(ip + 4);
-
-    k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
-    while (k5_iov_cursor_get(&cursor, block)) {
-        /* Split this block into left and right. */
-        cipherl = left = load_32_be(block);
-        cipherr = right = load_32_be(block + 4);
-
-        /* Decrypt and xor with the old cipher to get plain text. */
-        DES_DO_DECRYPT(left, right, kp);
-        left ^= ocipherl;
-        right ^= ocipherr;
-
-        /* Store the encrypted halves back into block. */
-        store_32_be(left, block);
-        store_32_be(right, block + 4);
-
-        /* Save current cipher block halves. */
-        ocipherl = cipherl;
-        ocipherr = cipherr;
-
-        k5_iov_cursor_put(&cursor, block);
-    }
-
-    if (ivec != NULL) {
-        store_32_be(ocipherl, ivec);
-        store_32_be(ocipherr, ivec + 4);
-    }
-}
-
-void
-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
-                    const mit_des_key_schedule schedule, mit_des_cblock ivec,
-                    mit_des_cblock out)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp;
-    const unsigned char *ip;
-    struct iov_cursor cursor;
-    unsigned char block[MIT_DES_BLOCK_LENGTH];
-
-    /* Get key pointer here.  This won't need to be reinitialized. */
-    kp = (const unsigned DES_INT32 *)schedule;
-
-    /* Initialize left and right with the contents of the initial vector. */
-    ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
-    left = load_32_be(ip);
-    right = load_32_be(ip + 4);
-
-    k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE);
-    while (k5_iov_cursor_get(&cursor, block)) {
-        /* Decompose this block and xor it with the previous ciphertext. */
-        left ^= load_32_be(block);
-        right ^= load_32_be(block + 4);
-
-        /* Encrypt what we have. */
-        DES_DO_ENCRYPT(left, right, kp);
-    }
-
-    /* Output the final ciphertext block. */
-    store_32_be(left, out);
-    store_32_be(right, out + 4);
-}
-
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
-void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
-                               unsigned DES_INT32 *right,
-                               const unsigned DES_INT32 *kp)
-{
-    DES_DO_ENCRYPT_1 (*left, *right, kp);
-}
-
-void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
-                               unsigned DES_INT32 *right,
-                               const unsigned DES_INT32 *kp)
-{
-    DES_DO_DECRYPT_1 (*left, *right, kp);
-}
-#endif
diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c
deleted file mode 100644
index 84d5382f2..000000000
--- a/src/lib/crypto/builtin/des/f_cbc.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_cbc.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * CBC functions; used only by the test programs at this time.  (krb5 uses the
- * functions in f_aead.c instead.)
- */
-
-/*
- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
- */
-
-/*
- * This routine performs DES cipher-block-chaining operation, either
- * encrypting from cleartext to ciphertext, if encrypt != 0 or
- * decrypting from ciphertext to cleartext, if encrypt == 0.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext.  The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS an multiple of 8 bytes long.  If not
- * enough space was provided, your program will get trashed.
- *
- * For encryption, the cleartext string is null padded, at the end, to
- * an integral multiple of eight bytes.
- *
- * For decryption, the ciphertext will be used in integral multiples
- * of 8 bytes, but only the first "length" bytes returned into the
- * cleartext.
- */
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-static void
-des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
-                unsigned long length, const mit_des_key_schedule schedule,
-                const mit_des_cblock ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp;
-    const unsigned char *ip;
-    unsigned char *op;
-
-    /*
-     * Get key pointer here.  This won't need to be reinitialized
-     */
-    kp = (const unsigned DES_INT32 *)schedule;
-
-    /*
-     * Initialize left and right with the contents of the initial
-     * vector.
-     */
-    ip = ivec;
-    GET_HALF_BLOCK(left, ip);
-    GET_HALF_BLOCK(right, ip);
-
-    /*
-     * Suitably initialized, now work the length down 8 bytes
-     * at a time.
-     */
-    ip = *in;
-    op = *out;
-    while (length > 0) {
-        /*
-         * Get more input, xor it in.  If the length is
-         * greater than or equal to 8 this is straight
-         * forward.  Otherwise we have to fart around.
-         */
-        if (length >= 8) {
-            unsigned DES_INT32 temp;
-            GET_HALF_BLOCK(temp, ip);
-            left  ^= temp;
-            GET_HALF_BLOCK(temp, ip);
-            right ^= temp;
-            length -= 8;
-        } else {
-            /*
-             * Oh, shoot.  We need to pad the
-             * end with zeroes.  Work backwards
-             * to do this.
-             */
-            ip += (int) length;
-            switch(length) {
-            case 7:
-                right ^= (*(--ip) & FF_UINT32) <<  8;
-            case 6:
-                right ^= (*(--ip) & FF_UINT32) << 16;
-            case 5:
-                right ^= (*(--ip) & FF_UINT32) << 24;
-            case 4:
-                left  ^=  *(--ip) & FF_UINT32;
-            case 3:
-                left  ^= (*(--ip) & FF_UINT32) <<  8;
-            case 2:
-                left  ^= (*(--ip) & FF_UINT32) << 16;
-            case 1:
-                left  ^= (*(--ip) & FF_UINT32) << 24;
-                break;
-            }
-            length = 0;
-        }
-
-        /*
-         * Encrypt what we have
-         */
-        DES_DO_ENCRYPT(left, right, kp);
-
-        /*
-         * Copy the results out
-         */
-        PUT_HALF_BLOCK(left, op);
-        PUT_HALF_BLOCK(right, op);
-    }
-}
-
-static void
-des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out,
-                unsigned long length, const mit_des_key_schedule schedule,
-                const mit_des_cblock ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp;
-    const unsigned char *ip;
-    unsigned char *op;
-    unsigned DES_INT32 ocipherl, ocipherr;
-    unsigned DES_INT32 cipherl, cipherr;
-
-    /*
-     * Get key pointer here.  This won't need to be reinitialized
-     */
-    kp = (const unsigned DES_INT32 *)schedule;
-
-    /*
-     * Decrypting is harder than encrypting because of
-     * the necessity of remembering a lot more things.
-     * Should think about this a little more...
-     */
-
-    if (length <= 0)
-        return;
-
-    /*
-     * Prime the old cipher with ivec.
-     */
-    ip = ivec;
-    GET_HALF_BLOCK(ocipherl, ip);
-    GET_HALF_BLOCK(ocipherr, ip);
-
-    /*
-     * Now do this in earnest until we run out of length.
-     */
-    ip = *in;
-    op = *out;
-    for (;;) {              /* check done inside loop */
-        /*
-         * Read a block from the input into left and
-         * right.  Save this cipher block for later.
-         */
-        GET_HALF_BLOCK(left, ip);
-        GET_HALF_BLOCK(right, ip);
-        cipherl = left;
-        cipherr = right;
-
-        /*
-         * Decrypt this.
-         */
-        DES_DO_DECRYPT(left, right, kp);
-
-        /*
-         * Xor with the old cipher to get plain
-         * text.  Output 8 or less bytes of this.
-         */
-        left ^= ocipherl;
-        right ^= ocipherr;
-        if (length > 8) {
-            length -= 8;
-            PUT_HALF_BLOCK(left, op);
-            PUT_HALF_BLOCK(right, op);
-            /*
-             * Save current cipher block here
-             */
-            ocipherl = cipherl;
-            ocipherr = cipherr;
-        } else {
-            /*
-             * Trouble here.  Start at end of output,
-             * work backwards.
-             */
-            op += (int) length;
-            switch(length) {
-            case 8:
-                *(--op) = (unsigned char) (right & 0xff);
-            case 7:
-                *(--op) = (unsigned char) ((right >> 8) & 0xff);
-            case 6:
-                *(--op) = (unsigned char) ((right >> 16) & 0xff);
-            case 5:
-                *(--op) = (unsigned char) ((right >> 24) & 0xff);
-            case 4:
-                *(--op) = (unsigned char) (left & 0xff);
-            case 3:
-                *(--op) = (unsigned char) ((left >> 8) & 0xff);
-            case 2:
-                *(--op) = (unsigned char) ((left >> 16) & 0xff);
-            case 1:
-                *(--op) = (unsigned char) ((left >> 24) & 0xff);
-                break;
-            }
-            break;          /* we're done */
-        }
-    }
-}
-
-int
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
-                    unsigned long length, const mit_des_key_schedule schedule,
-                    const mit_des_cblock ivec, int enc)
-{
-    /*
-     * Deal with encryption and decryption separately.
-     */
-    if (enc)
-        des_cbc_encrypt(in, out, length, schedule, ivec);
-    else
-        des_cbc_decrypt(in, out, length, schedule, ivec);
-    return 0;
-}
diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c
deleted file mode 100644
index cb482b009..000000000
--- a/src/lib/crypto/builtin/des/f_cksum.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_cksum.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/* DES implementation donated by Dennis Ferguson */
-
-/*
- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * This routine performs DES cipher-block-chaining checksum operation,
- * a.k.a.  Message Authentication Code.  It ALWAYS encrypts from input
- * to a single 64 bit output MAC checksum.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS 8 bytes long.  If not enough space was
- * provided, your program will get trashed.
- *
- * The input is null padded, at the end (highest addr), to an integral
- * multiple of eight bytes.
- */
-
-unsigned long
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
-                  unsigned long length, const mit_des_key_schedule schedule,
-                  const krb5_octet *ivec)
-{
-    unsigned DES_INT32 left, right;
-    const unsigned DES_INT32 *kp;
-    const unsigned char *ip;
-    unsigned char *op;
-    DES_INT32 len;
-
-    /*
-     * Initialize left and right with the contents of the initial
-     * vector.
-     */
-    ip = ivec;
-    GET_HALF_BLOCK(left, ip);
-    GET_HALF_BLOCK(right, ip);
-
-    /*
-     * Suitably initialized, now work the length down 8 bytes
-     * at a time.
-     */
-    ip = in;
-    len = length;
-    while (len > 0) {
-        /*
-         * Get more input, xor it in.  If the length is
-         * greater than or equal to 8 this is straight
-         * forward.  Otherwise we have to fart around.
-         */
-        if (len >= 8) {
-            unsigned DES_INT32 temp;
-            GET_HALF_BLOCK(temp, ip);
-            left  ^= temp;
-            GET_HALF_BLOCK(temp, ip);
-            right ^= temp;
-            len -= 8;
-        } else {
-            /*
-             * Oh, shoot.  We need to pad the
-             * end with zeroes.  Work backwards
-             * to do this.
-             */
-            ip += (int) len;
-            switch(len) {
-            case 7:
-                right ^= (*(--ip) & FF_UINT32) <<  8;
-            case 6:
-                right ^= (*(--ip) & FF_UINT32) << 16;
-            case 5:
-                right ^= (*(--ip) & FF_UINT32) << 24;
-            case 4:
-                left  ^=  *(--ip) & FF_UINT32;
-            case 3:
-                left  ^= (*(--ip) & FF_UINT32) <<  8;
-            case 2:
-                left  ^= (*(--ip) & FF_UINT32) << 16;
-            case 1:
-                left  ^= (*(--ip) & FF_UINT32) << 24;
-                break;
-            }
-            len = 0;
-        }
-
-        /*
-         * Encrypt what we have
-         */
-        kp = (const unsigned DES_INT32 *)schedule;
-        DES_DO_ENCRYPT(left, right, kp);
-    }
-
-    /*
-     * Done.  Left and right have the checksum.  Put it into
-     * the output.
-     */
-    op = out;
-    PUT_HALF_BLOCK(left, op);
-    PUT_HALF_BLOCK(right, op);
-
-    /*
-     * Return right.  I'll bet the MIT code returns this
-     * inconsistantly (with the low order byte of the checksum
-     * not always in the low order byte of the DES_INT32).  We won't.
-     */
-    return right & 0xFFFFFFFFUL;
-}
diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c
deleted file mode 100644
index 460b5061b..000000000
--- a/src/lib/crypto/builtin/des/f_parity.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * These routines check and fix parity of encryption keys for the DES
- * algorithm.
- *
- * They are a replacement for routines in key_parity.c, that don't require
- * the table building that they do.
- *
- * Mark Eichin -- Cygnus Support
- */
-
-
-#include "des_int.h"
-
-/*
- * des_fixup_key_parity: Forces odd parity per byte; parity is bits
- *                       8,16,...64 in des order, implies 0, 8, 16, ...
- *                       vax order.
- */
-#define smask(step) ((1<<step)-1)
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
-
-void
-mit_des_fixup_key_parity(mit_des_cblock key)
-{
-    unsigned int i;
-    for (i=0; i<sizeof(mit_des_cblock); i++)
-    {
-        key[i] &= 0xfe;
-        key[i] |= 1^parity_char(key[i]);
-    }
-
-    return;
-}
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- *                       See des_fix_key_parity for the definition of
- *                       correct des parity.
- */
-int
-mit_des_check_key_parity(mit_des_cblock key)
-{
-    unsigned int i;
-
-    for (i=0; i<sizeof(mit_des_cblock); i++)
-    {
-        if((key[i] & 1) == parity_char(0xfe&key[i]))
-        {
-            return 0;
-        }
-    }
-
-    return(1);
-}
diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c
deleted file mode 100644
index 666a510fb..000000000
--- a/src/lib/crypto/builtin/des/f_sched.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_sched.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/* DES implementation donated by Dennis Ferguson */
-
-/*
- * des_make_sched.c - permute a DES key, returning the resulting key schedule
- */
-#include "k5-int.h"
-#include "des_int.h"
-
-/*
- * Permuted choice 1 tables.  These are used to extract bits
- * from the left and right parts of the key to form Ci and Di.
- * The code that uses these tables knows which bits from which
- * part of each key are used to form Ci and Di.
- */
-static const unsigned DES_INT32 PC1_CL[8] = {
-    0x00000000, 0x00000010, 0x00001000, 0x00001010,
-    0x00100000, 0x00100010, 0x00101000, 0x00101010
-};
-
-static const unsigned DES_INT32 PC1_DL[16] = {
-    0x00000000, 0x00100000, 0x00001000, 0x00101000,
-    0x00000010, 0x00100010, 0x00001010, 0x00101010,
-    0x00000001, 0x00100001, 0x00001001, 0x00101001,
-    0x00000011, 0x00100011, 0x00001011, 0x00101011
-};
-
-static const unsigned DES_INT32 PC1_CR[16] = {
-    0x00000000, 0x00000001, 0x00000100, 0x00000101,
-    0x00010000, 0x00010001, 0x00010100, 0x00010101,
-    0x01000000, 0x01000001, 0x01000100, 0x01000101,
-    0x01010000, 0x01010001, 0x01010100, 0x01010101
-};
-
-static const unsigned DES_INT32 PC1_DR[8] = {
-    0x00000000, 0x01000000, 0x00010000, 0x01010000,
-    0x00000100, 0x01000100, 0x00010100, 0x01010100
-};
-
-
-/*
- * At the start of some iterations of the key schedule we do
- * a circular left shift by one place, while for others we do a shift by
- * two places.  This has bits set for the iterations where we do 2 bit
- * shifts, starting at the low order bit.
- */
-#define TWO_BIT_SHIFTS  0x7efc
-
-/*
- * Permuted choice 2 tables.  The first actually produces the low order
- * 24 bits of the subkey Ki from the 28 bit value of Ci.  The second produces
- * the high order 24 bits from Di.  The tables are indexed by six bit
- * segments of Ci and Di respectively.  The code is handcrafted to compute
- * the appropriate 6 bit chunks.
- *
- * Note that for ease of computation, the 24 bit values are produced with
- * six bits going into each byte.  Note also that the table has been byte
- * rearranged to produce keys which match the order we will apply them
- * in in the des code.
- */
-static const unsigned DES_INT32 PC2_C[4][64] = {
-    {
-        0x00000000, 0x00000004, 0x00010000, 0x00010004,
-        0x00000400, 0x00000404, 0x00010400, 0x00010404,
-        0x00000020, 0x00000024, 0x00010020, 0x00010024,
-        0x00000420, 0x00000424, 0x00010420, 0x00010424,
-        0x01000000, 0x01000004, 0x01010000, 0x01010004,
-        0x01000400, 0x01000404, 0x01010400, 0x01010404,
-        0x01000020, 0x01000024, 0x01010020, 0x01010024,
-        0x01000420, 0x01000424, 0x01010420, 0x01010424,
-        0x00020000, 0x00020004, 0x00030000, 0x00030004,
-        0x00020400, 0x00020404, 0x00030400, 0x00030404,
-        0x00020020, 0x00020024, 0x00030020, 0x00030024,
-        0x00020420, 0x00020424, 0x00030420, 0x00030424,
-        0x01020000, 0x01020004, 0x01030000, 0x01030004,
-        0x01020400, 0x01020404, 0x01030400, 0x01030404,
-        0x01020020, 0x01020024, 0x01030020, 0x01030024,
-        0x01020420, 0x01020424, 0x01030420, 0x01030424,
-    },
-    {
-        0x00000000, 0x02000000, 0x00000800, 0x02000800,
-        0x00080000, 0x02080000, 0x00080800, 0x02080800,
-        0x00000001, 0x02000001, 0x00000801, 0x02000801,
-        0x00080001, 0x02080001, 0x00080801, 0x02080801,
-        0x00000100, 0x02000100, 0x00000900, 0x02000900,
-        0x00080100, 0x02080100, 0x00080900, 0x02080900,
-        0x00000101, 0x02000101, 0x00000901, 0x02000901,
-        0x00080101, 0x02080101, 0x00080901, 0x02080901,
-        0x10000000, 0x12000000, 0x10000800, 0x12000800,
-        0x10080000, 0x12080000, 0x10080800, 0x12080800,
-        0x10000001, 0x12000001, 0x10000801, 0x12000801,
-        0x10080001, 0x12080001, 0x10080801, 0x12080801,
-        0x10000100, 0x12000100, 0x10000900, 0x12000900,
-        0x10080100, 0x12080100, 0x10080900, 0x12080900,
-        0x10000101, 0x12000101, 0x10000901, 0x12000901,
-        0x10080101, 0x12080101, 0x10080901, 0x12080901,
-    },
-    {
-        0x00000000, 0x00040000, 0x00002000, 0x00042000,
-        0x00100000, 0x00140000, 0x00102000, 0x00142000,
-        0x20000000, 0x20040000, 0x20002000, 0x20042000,
-        0x20100000, 0x20140000, 0x20102000, 0x20142000,
-        0x00000008, 0x00040008, 0x00002008, 0x00042008,
-        0x00100008, 0x00140008, 0x00102008, 0x00142008,
-        0x20000008, 0x20040008, 0x20002008, 0x20042008,
-        0x20100008, 0x20140008, 0x20102008, 0x20142008,
-        0x00200000, 0x00240000, 0x00202000, 0x00242000,
-        0x00300000, 0x00340000, 0x00302000, 0x00342000,
-        0x20200000, 0x20240000, 0x20202000, 0x20242000,
-        0x20300000, 0x20340000, 0x20302000, 0x20342000,
-        0x00200008, 0x00240008, 0x00202008, 0x00242008,
-        0x00300008, 0x00340008, 0x00302008, 0x00342008,
-        0x20200008, 0x20240008, 0x20202008, 0x20242008,
-        0x20300008, 0x20340008, 0x20302008, 0x20342008,
-    },
-    {
-        0x00000000, 0x00000010, 0x08000000, 0x08000010,
-        0x00000200, 0x00000210, 0x08000200, 0x08000210,
-        0x00000002, 0x00000012, 0x08000002, 0x08000012,
-        0x00000202, 0x00000212, 0x08000202, 0x08000212,
-        0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
-        0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
-        0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
-        0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
-        0x00001000, 0x00001010, 0x08001000, 0x08001010,
-        0x00001200, 0x00001210, 0x08001200, 0x08001210,
-        0x00001002, 0x00001012, 0x08001002, 0x08001012,
-        0x00001202, 0x00001212, 0x08001202, 0x08001212,
-        0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
-        0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
-        0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
-        0x04001202, 0x04001212, 0x0c001202, 0x0c001212
-    },
-};
-
-static const unsigned DES_INT32 PC2_D[4][64] = {
-    {
-        0x00000000, 0x02000000, 0x00020000, 0x02020000,
-        0x00000100, 0x02000100, 0x00020100, 0x02020100,
-        0x00000008, 0x02000008, 0x00020008, 0x02020008,
-        0x00000108, 0x02000108, 0x00020108, 0x02020108,
-        0x00200000, 0x02200000, 0x00220000, 0x02220000,
-        0x00200100, 0x02200100, 0x00220100, 0x02220100,
-        0x00200008, 0x02200008, 0x00220008, 0x02220008,
-        0x00200108, 0x02200108, 0x00220108, 0x02220108,
-        0x00000200, 0x02000200, 0x00020200, 0x02020200,
-        0x00000300, 0x02000300, 0x00020300, 0x02020300,
-        0x00000208, 0x02000208, 0x00020208, 0x02020208,
-        0x00000308, 0x02000308, 0x00020308, 0x02020308,
-        0x00200200, 0x02200200, 0x00220200, 0x02220200,
-        0x00200300, 0x02200300, 0x00220300, 0x02220300,
-        0x00200208, 0x02200208, 0x00220208, 0x02220208,
-        0x00200308, 0x02200308, 0x00220308, 0x02220308,
-    },
-    {
-        0x00000000, 0x00001000, 0x00000020, 0x00001020,
-        0x00100000, 0x00101000, 0x00100020, 0x00101020,
-        0x08000000, 0x08001000, 0x08000020, 0x08001020,
-        0x08100000, 0x08101000, 0x08100020, 0x08101020,
-        0x00000004, 0x00001004, 0x00000024, 0x00001024,
-        0x00100004, 0x00101004, 0x00100024, 0x00101024,
-        0x08000004, 0x08001004, 0x08000024, 0x08001024,
-        0x08100004, 0x08101004, 0x08100024, 0x08101024,
-        0x00000400, 0x00001400, 0x00000420, 0x00001420,
-        0x00100400, 0x00101400, 0x00100420, 0x00101420,
-        0x08000400, 0x08001400, 0x08000420, 0x08001420,
-        0x08100400, 0x08101400, 0x08100420, 0x08101420,
-        0x00000404, 0x00001404, 0x00000424, 0x00001424,
-        0x00100404, 0x00101404, 0x00100424, 0x00101424,
-        0x08000404, 0x08001404, 0x08000424, 0x08001424,
-        0x08100404, 0x08101404, 0x08100424, 0x08101424,
-    },
-    {
-        0x00000000, 0x10000000, 0x00010000, 0x10010000,
-        0x00000002, 0x10000002, 0x00010002, 0x10010002,
-        0x00002000, 0x10002000, 0x00012000, 0x10012000,
-        0x00002002, 0x10002002, 0x00012002, 0x10012002,
-        0x00040000, 0x10040000, 0x00050000, 0x10050000,
-        0x00040002, 0x10040002, 0x00050002, 0x10050002,
-        0x00042000, 0x10042000, 0x00052000, 0x10052000,
-        0x00042002, 0x10042002, 0x00052002, 0x10052002,
-        0x20000000, 0x30000000, 0x20010000, 0x30010000,
-        0x20000002, 0x30000002, 0x20010002, 0x30010002,
-        0x20002000, 0x30002000, 0x20012000, 0x30012000,
-        0x20002002, 0x30002002, 0x20012002, 0x30012002,
-        0x20040000, 0x30040000, 0x20050000, 0x30050000,
-        0x20040002, 0x30040002, 0x20050002, 0x30050002,
-        0x20042000, 0x30042000, 0x20052000, 0x30052000,
-        0x20042002, 0x30042002, 0x20052002, 0x30052002,
-    },
-    {
-        0x00000000, 0x04000000, 0x00000001, 0x04000001,
-        0x01000000, 0x05000000, 0x01000001, 0x05000001,
-        0x00000010, 0x04000010, 0x00000011, 0x04000011,
-        0x01000010, 0x05000010, 0x01000011, 0x05000011,
-        0x00080000, 0x04080000, 0x00080001, 0x04080001,
-        0x01080000, 0x05080000, 0x01080001, 0x05080001,
-        0x00080010, 0x04080010, 0x00080011, 0x04080011,
-        0x01080010, 0x05080010, 0x01080011, 0x05080011,
-        0x00000800, 0x04000800, 0x00000801, 0x04000801,
-        0x01000800, 0x05000800, 0x01000801, 0x05000801,
-        0x00000810, 0x04000810, 0x00000811, 0x04000811,
-        0x01000810, 0x05000810, 0x01000811, 0x05000811,
-        0x00080800, 0x04080800, 0x00080801, 0x04080801,
-        0x01080800, 0x05080800, 0x01080801, 0x05080801,
-        0x00080810, 0x04080810, 0x00080811, 0x04080811,
-        0x01080810, 0x05080810, 0x01080811, 0x05080811
-    },
-};
-
-
-
-/*
- * Permute the key to give us our key schedule.
- */
-int
-mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
-{
-    unsigned DES_INT32 c, d;
-
-    {
-        /*
-         * Need a pointer for the keys and a temporary DES_INT32
-         */
-        const unsigned char *k;
-        unsigned DES_INT32 tmp;
-
-        /*
-         * Fetch the key into something we can work with
-         */
-        k = key;
-
-        /*
-         * The first permutted choice gives us the 28 bits for C0 and
-         * 28 for D0.  C0 gets 12 bits from the left key and 16 from
-         * the right, while D0 gets 16 from the left and 12 from the
-         * right.  The code knows which bits go where.
-         */
-        tmp = load_32_be(k), k += 4;
-
-        c =  PC1_CL[(tmp >> 29) & 0x7]
-            | (PC1_CL[(tmp >> 21) & 0x7] << 1)
-            | (PC1_CL[(tmp >> 13) & 0x7] << 2)
-            | (PC1_CL[(tmp >>  5) & 0x7] << 3);
-        d =  PC1_DL[(tmp >> 25) & 0xf]
-            | (PC1_DL[(tmp >> 17) & 0xf] << 1)
-            | (PC1_DL[(tmp >>  9) & 0xf] << 2)
-            | (PC1_DL[(tmp >>  1) & 0xf] << 3);
-
-        tmp = load_32_be(k), k += 4;
-
-        c |= PC1_CR[(tmp >> 28) & 0xf]
-            | (PC1_CR[(tmp >> 20) & 0xf] << 1)
-            | (PC1_CR[(tmp >> 12) & 0xf] << 2)
-            | (PC1_CR[(tmp >>  4) & 0xf] << 3);
-        d |= PC1_DR[(tmp >> 25) & 0x7]
-            | (PC1_DR[(tmp >> 17) & 0x7] << 1)
-            | (PC1_DR[(tmp >>  9) & 0x7] << 2)
-            | (PC1_DR[(tmp >>  1) & 0x7] << 3);
-    }
-
-    {
-        /*
-         * Need several temporaries in here
-         */
-        unsigned DES_INT32 ltmp, rtmp;
-        unsigned DES_INT32 *k;
-        int two_bit_shifts;
-        int i;
-        /*
-         * Now iterate to compute the key schedule.  Note that we
-         * record the entire set of subkeys in 6 bit chunks since
-         * they are used that way.  At 6 bits/char, we need
-         * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
-         * The schedule must be this big.
-         */
-        k = (unsigned DES_INT32 *)schedule;
-        two_bit_shifts = TWO_BIT_SHIFTS;
-        for (i = 16; i > 0; i--) {
-            /*
-             * Do the rotation.  One bit and two bit rotations
-             * are done separately.  Note C and D are 28 bits.
-             */
-            if (two_bit_shifts & 0x1) {
-                c = ((c << 2) & 0xffffffc) | (c >> 26);
-                d = ((d << 2) & 0xffffffc) | (d >> 26);
-            } else {
-                c = ((c << 1) & 0xffffffe) | (c >> 27);
-                d = ((d << 1) & 0xffffffe) | (d >> 27);
-            }
-            two_bit_shifts >>= 1;
-
-            /*
-             * Apply permutted choice 2 to C to get the first
-             * 24 bits worth of keys.  Note that bits 9, 18, 22
-             * and 25 (using DES numbering) in C are unused.  The
-             * shift-mask stuff is done to delete these bits from
-             * the indices, since this cuts the table size in half.
-             *
-             * The table is torqued, by the way.  If the standard
-             * byte order for this (high to low order) is 1234,
-             * the table actually gives us 4132.
-             */
-            ltmp = PC2_C[0][((c >> 22) & 0x3f)]
-                | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
-                | PC2_C[2][((c >>  4) & 0x3) | ((c >>  9) & 0x3c)]
-                | PC2_C[3][((c      ) & 0x7) | ((c >>  4) & 0x38)];
-            /*
-             * Apply permutted choice 2 to D to get the other half.
-             * Here, bits 7, 10, 15 and 26 go unused.  The sqeezing
-             * actually turns out to be cheaper here.
-             *
-             * This table is similarly torqued.  If the standard
-             * byte order is 5678, the table has the bytes permuted
-             * to give us 7685.
-             */
-            rtmp = PC2_D[0][((d >> 22) & 0x3f)]
-                | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
-                | PC2_D[2][((d >>  7) & 0x3f)]
-                | PC2_D[3][((d      ) & 0x3) | ((d >>  1) & 0x3c)];
-
-            /*
-             * Make up two words of the key schedule, with a
-             * byte order which is convenient for the DES
-             * inner loop.  The high order (first) word will
-             * hold bytes 7135 (high to low order) while the
-             * second holds bytes 4682.
-             */
-            *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
-            *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
-        }
-    }
-    return (0);
-}
diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c
deleted file mode 100644
index 6308cb0d5..000000000
--- a/src/lib/crypto/builtin/des/f_tables.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_tables.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/* DES implementation donated by Dennis Ferguson */
-
-/*
- * des_tables.c - precomputed tables used for the DES cipher function
- */
-
-/*
- * Include the header file so something will complain if the
- * declarations get out of sync
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * These tables may be declared const if you want.  Many compilers
- * don't support this, though.
- */
-
-/*
- * The DES algorithm which uses these is intended to be fairly speedy
- * at the expense of some memory.  All the standard hacks are used.
- * The S boxes and the P permutation are precomputed into one table.
- * The E box never actually appears explicitly since it is easy to apply
- * this algorithmically as needed.  The initial permutation and final
- * (inverse initial) permutation are computed from tables designed to
- * permute one byte at a time.  This should run pretty fast on machines
- * with 32 bit words and bit field/multiple bit shift instructions which
- * are fast.
- */
-
-/*
- * The initial permutation array.  This is used to compute both the
- * left and the right halves of the initial permutation using bytes
- * from words made from the following operations:
- *
- * ((left & 0x55555555) << 1) | (right & 0x55555555)  for left half
- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1)  for right half
- *
- * The scheme is that we index into the table using each byte.  The
- * result from the high order byte is or'd with the result from the
- * next byte shifted left once is or'd with the result from the next
- * byte shifted left twice if or'd with the result from the low order
- * byte shifted left by three.  Clear?
- */
-
-const unsigned DES_INT32 des_IP_table[256] = {
-    0x00000000, 0x00000010, 0x00000001, 0x00000011,
-    0x00001000, 0x00001010, 0x00001001, 0x00001011,
-    0x00000100, 0x00000110, 0x00000101, 0x00000111,
-    0x00001100, 0x00001110, 0x00001101, 0x00001111,
-    0x00100000, 0x00100010, 0x00100001, 0x00100011,
-    0x00101000, 0x00101010, 0x00101001, 0x00101011,
-    0x00100100, 0x00100110, 0x00100101, 0x00100111,
-    0x00101100, 0x00101110, 0x00101101, 0x00101111,
-    0x00010000, 0x00010010, 0x00010001, 0x00010011,
-    0x00011000, 0x00011010, 0x00011001, 0x00011011,
-    0x00010100, 0x00010110, 0x00010101, 0x00010111,
-    0x00011100, 0x00011110, 0x00011101, 0x00011111,
-    0x00110000, 0x00110010, 0x00110001, 0x00110011,
-    0x00111000, 0x00111010, 0x00111001, 0x00111011,
-    0x00110100, 0x00110110, 0x00110101, 0x00110111,
-    0x00111100, 0x00111110, 0x00111101, 0x00111111,
-    0x10000000, 0x10000010, 0x10000001, 0x10000011,
-    0x10001000, 0x10001010, 0x10001001, 0x10001011,
-    0x10000100, 0x10000110, 0x10000101, 0x10000111,
-    0x10001100, 0x10001110, 0x10001101, 0x10001111,
-    0x10100000, 0x10100010, 0x10100001, 0x10100011,
-    0x10101000, 0x10101010, 0x10101001, 0x10101011,
-    0x10100100, 0x10100110, 0x10100101, 0x10100111,
-    0x10101100, 0x10101110, 0x10101101, 0x10101111,
-    0x10010000, 0x10010010, 0x10010001, 0x10010011,
-    0x10011000, 0x10011010, 0x10011001, 0x10011011,
-    0x10010100, 0x10010110, 0x10010101, 0x10010111,
-    0x10011100, 0x10011110, 0x10011101, 0x10011111,
-    0x10110000, 0x10110010, 0x10110001, 0x10110011,
-    0x10111000, 0x10111010, 0x10111001, 0x10111011,
-    0x10110100, 0x10110110, 0x10110101, 0x10110111,
-    0x10111100, 0x10111110, 0x10111101, 0x10111111,
-    0x01000000, 0x01000010, 0x01000001, 0x01000011,
-    0x01001000, 0x01001010, 0x01001001, 0x01001011,
-    0x01000100, 0x01000110, 0x01000101, 0x01000111,
-    0x01001100, 0x01001110, 0x01001101, 0x01001111,
-    0x01100000, 0x01100010, 0x01100001, 0x01100011,
-    0x01101000, 0x01101010, 0x01101001, 0x01101011,
-    0x01100100, 0x01100110, 0x01100101, 0x01100111,
-    0x01101100, 0x01101110, 0x01101101, 0x01101111,
-    0x01010000, 0x01010010, 0x01010001, 0x01010011,
-    0x01011000, 0x01011010, 0x01011001, 0x01011011,
-    0x01010100, 0x01010110, 0x01010101, 0x01010111,
-    0x01011100, 0x01011110, 0x01011101, 0x01011111,
-    0x01110000, 0x01110010, 0x01110001, 0x01110011,
-    0x01111000, 0x01111010, 0x01111001, 0x01111011,
-    0x01110100, 0x01110110, 0x01110101, 0x01110111,
-    0x01111100, 0x01111110, 0x01111101, 0x01111111,
-    0x11000000, 0x11000010, 0x11000001, 0x11000011,
-    0x11001000, 0x11001010, 0x11001001, 0x11001011,
-    0x11000100, 0x11000110, 0x11000101, 0x11000111,
-    0x11001100, 0x11001110, 0x11001101, 0x11001111,
-    0x11100000, 0x11100010, 0x11100001, 0x11100011,
-    0x11101000, 0x11101010, 0x11101001, 0x11101011,
-    0x11100100, 0x11100110, 0x11100101, 0x11100111,
-    0x11101100, 0x11101110, 0x11101101, 0x11101111,
-    0x11010000, 0x11010010, 0x11010001, 0x11010011,
-    0x11011000, 0x11011010, 0x11011001, 0x11011011,
-    0x11010100, 0x11010110, 0x11010101, 0x11010111,
-    0x11011100, 0x11011110, 0x11011101, 0x11011111,
-    0x11110000, 0x11110010, 0x11110001, 0x11110011,
-    0x11111000, 0x11111010, 0x11111001, 0x11111011,
-    0x11110100, 0x11110110, 0x11110101, 0x11110111,
-    0x11111100, 0x11111110, 0x11111101, 0x11111111
-};
-
-/*
- * The final permutation array.  Like the IP array, used
- * to compute both the left and right results from the bytes
- * of words computed from:
- *
- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f)  for left result
- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4)  for right result
- *
- * The result from the high order byte is shifted left 6 bits and
- * or'd with the result from the next byte shifted left 4 bits, which
- * is or'd with the result from the next byte shifted left 2 bits,
- * which is or'd with the result from the low byte.
- */
-const unsigned DES_INT32 des_FP_table[256] = {
-    0x00000000, 0x02000000, 0x00020000, 0x02020000,
-    0x00000200, 0x02000200, 0x00020200, 0x02020200,
-    0x00000002, 0x02000002, 0x00020002, 0x02020002,
-    0x00000202, 0x02000202, 0x00020202, 0x02020202,
-    0x01000000, 0x03000000, 0x01020000, 0x03020000,
-    0x01000200, 0x03000200, 0x01020200, 0x03020200,
-    0x01000002, 0x03000002, 0x01020002, 0x03020002,
-    0x01000202, 0x03000202, 0x01020202, 0x03020202,
-    0x00010000, 0x02010000, 0x00030000, 0x02030000,
-    0x00010200, 0x02010200, 0x00030200, 0x02030200,
-    0x00010002, 0x02010002, 0x00030002, 0x02030002,
-    0x00010202, 0x02010202, 0x00030202, 0x02030202,
-    0x01010000, 0x03010000, 0x01030000, 0x03030000,
-    0x01010200, 0x03010200, 0x01030200, 0x03030200,
-    0x01010002, 0x03010002, 0x01030002, 0x03030002,
-    0x01010202, 0x03010202, 0x01030202, 0x03030202,
-    0x00000100, 0x02000100, 0x00020100, 0x02020100,
-    0x00000300, 0x02000300, 0x00020300, 0x02020300,
-    0x00000102, 0x02000102, 0x00020102, 0x02020102,
-    0x00000302, 0x02000302, 0x00020302, 0x02020302,
-    0x01000100, 0x03000100, 0x01020100, 0x03020100,
-    0x01000300, 0x03000300, 0x01020300, 0x03020300,
-    0x01000102, 0x03000102, 0x01020102, 0x03020102,
-    0x01000302, 0x03000302, 0x01020302, 0x03020302,
-    0x00010100, 0x02010100, 0x00030100, 0x02030100,
-    0x00010300, 0x02010300, 0x00030300, 0x02030300,
-    0x00010102, 0x02010102, 0x00030102, 0x02030102,
-    0x00010302, 0x02010302, 0x00030302, 0x02030302,
-    0x01010100, 0x03010100, 0x01030100, 0x03030100,
-    0x01010300, 0x03010300, 0x01030300, 0x03030300,
-    0x01010102, 0x03010102, 0x01030102, 0x03030102,
-    0x01010302, 0x03010302, 0x01030302, 0x03030302,
-    0x00000001, 0x02000001, 0x00020001, 0x02020001,
-    0x00000201, 0x02000201, 0x00020201, 0x02020201,
-    0x00000003, 0x02000003, 0x00020003, 0x02020003,
-    0x00000203, 0x02000203, 0x00020203, 0x02020203,
-    0x01000001, 0x03000001, 0x01020001, 0x03020001,
-    0x01000201, 0x03000201, 0x01020201, 0x03020201,
-    0x01000003, 0x03000003, 0x01020003, 0x03020003,
-    0x01000203, 0x03000203, 0x01020203, 0x03020203,
-    0x00010001, 0x02010001, 0x00030001, 0x02030001,
-    0x00010201, 0x02010201, 0x00030201, 0x02030201,
-    0x00010003, 0x02010003, 0x00030003, 0x02030003,
-    0x00010203, 0x02010203, 0x00030203, 0x02030203,
-    0x01010001, 0x03010001, 0x01030001, 0x03030001,
-    0x01010201, 0x03010201, 0x01030201, 0x03030201,
-    0x01010003, 0x03010003, 0x01030003, 0x03030003,
-    0x01010203, 0x03010203, 0x01030203, 0x03030203,
-    0x00000101, 0x02000101, 0x00020101, 0x02020101,
-    0x00000301, 0x02000301, 0x00020301, 0x02020301,
-    0x00000103, 0x02000103, 0x00020103, 0x02020103,
-    0x00000303, 0x02000303, 0x00020303, 0x02020303,
-    0x01000101, 0x03000101, 0x01020101, 0x03020101,
-    0x01000301, 0x03000301, 0x01020301, 0x03020301,
-    0x01000103, 0x03000103, 0x01020103, 0x03020103,
-    0x01000303, 0x03000303, 0x01020303, 0x03020303,
-    0x00010101, 0x02010101, 0x00030101, 0x02030101,
-    0x00010301, 0x02010301, 0x00030301, 0x02030301,
-    0x00010103, 0x02010103, 0x00030103, 0x02030103,
-    0x00010303, 0x02010303, 0x00030303, 0x02030303,
-    0x01010101, 0x03010101, 0x01030101, 0x03030101,
-    0x01010301, 0x03010301, 0x01030301, 0x03030301,
-    0x01010103, 0x03010103, 0x01030103, 0x03030103,
-    0x01010303, 0x03010303, 0x01030303, 0x03030303
-};
-
-
-/*
- * The SP table is actually the S boxes and the P permutation
- * table combined.  This table is actually reordered from the
- * spec, to match the order of key application we follow.
- */
-const unsigned DES_INT32 des_SP_table[8][64] = {
-    {
-        0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
-        0x00000400, 0x02000401, 0x00100401, 0x02100400,
-        0x02100401, 0x00100000, 0x00000000, 0x02000001,
-        0x00000001, 0x02000000, 0x02100001, 0x00000401,
-        0x02000400, 0x00100401, 0x00100001, 0x02000400,
-        0x02000001, 0x02100000, 0x02100400, 0x00100001,
-        0x02100000, 0x00000400, 0x00000401, 0x02100401,
-        0x00100400, 0x00000001, 0x02000000, 0x00100400,
-        0x02000000, 0x00100400, 0x00100000, 0x02000401,
-        0x02000401, 0x02100001, 0x02100001, 0x00000001,
-        0x00100001, 0x02000000, 0x02000400, 0x00100000,
-        0x02100400, 0x00000401, 0x00100401, 0x02100400,
-        0x00000401, 0x02000001, 0x02100401, 0x02100000,
-        0x00100400, 0x00000000, 0x00000001, 0x02100401,
-        0x00000000, 0x00100401, 0x02100000, 0x00000400,
-        0x02000001, 0x02000400, 0x00000400, 0x00100001,
-    },
-    {
-        0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
-        0x00808002, 0x00008202, 0x00000002, 0x00008000,
-        0x00000200, 0x00808200, 0x00808202, 0x00000200,
-        0x00800202, 0x00808002, 0x00800000, 0x00000002,
-        0x00000202, 0x00800200, 0x00800200, 0x00008200,
-        0x00008200, 0x00808000, 0x00808000, 0x00800202,
-        0x00008002, 0x00800002, 0x00800002, 0x00008002,
-        0x00000000, 0x00000202, 0x00008202, 0x00800000,
-        0x00008000, 0x00808202, 0x00000002, 0x00808000,
-        0x00808200, 0x00800000, 0x00800000, 0x00000200,
-        0x00808002, 0x00008000, 0x00008200, 0x00800002,
-        0x00000200, 0x00000002, 0x00800202, 0x00008202,
-        0x00808202, 0x00008002, 0x00808000, 0x00800202,
-        0x00800002, 0x00000202, 0x00008202, 0x00808200,
-        0x00000202, 0x00800200, 0x00800200, 0x00000000,
-        0x00008002, 0x00008200, 0x00000000, 0x00808002,
-    },
-    {
-        0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
-        0x04000100, 0x00000000, 0x00010104, 0x04000100,
-        0x00010004, 0x04000004, 0x04000004, 0x00010000,
-        0x04010104, 0x00010004, 0x04010000, 0x00000104,
-        0x04000000, 0x00000004, 0x04010100, 0x00000100,
-        0x00010100, 0x04010000, 0x04010004, 0x00010104,
-        0x04000104, 0x00010100, 0x00010000, 0x04000104,
-        0x00000004, 0x04010104, 0x00000100, 0x04000000,
-        0x04010100, 0x04000000, 0x00010004, 0x00000104,
-        0x00010000, 0x04010100, 0x04000100, 0x00000000,
-        0x00000100, 0x00010004, 0x04010104, 0x04000100,
-        0x04000004, 0x00000100, 0x00000000, 0x04010004,
-        0x04000104, 0x00010000, 0x04000000, 0x04010104,
-        0x00000004, 0x00010104, 0x00010100, 0x04000004,
-        0x04010000, 0x04000104, 0x00000104, 0x04010000,
-        0x00010104, 0x00000004, 0x04010004, 0x00010100,
-    },
-    {
-        0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
-        0x00040000, 0x00000080, 0x20000000, 0x01040000,
-        0x20040080, 0x00040000, 0x01000080, 0x20040080,
-        0x21000080, 0x21040000, 0x00040080, 0x20000000,
-        0x01000000, 0x20040000, 0x20040000, 0x00000000,
-        0x20000080, 0x21040080, 0x21040080, 0x01000080,
-        0x21040000, 0x20000080, 0x00000000, 0x21000000,
-        0x01040080, 0x01000000, 0x21000000, 0x00040080,
-        0x00040000, 0x21000080, 0x00000080, 0x01000000,
-        0x20000000, 0x01040000, 0x21000080, 0x20040080,
-        0x01000080, 0x20000000, 0x21040000, 0x01040080,
-        0x20040080, 0x00000080, 0x01000000, 0x21040000,
-        0x21040080, 0x00040080, 0x21000000, 0x21040080,
-        0x01040000, 0x00000000, 0x20040000, 0x21000000,
-        0x00040080, 0x01000080, 0x20000080, 0x00040000,
-        0x00000000, 0x20040000, 0x01040080, 0x20000080,
-    },
-    {
-        0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
-        0x00401040, 0x80400040, 0x80400000, 0x80001000,
-        0x00000000, 0x00401000, 0x00401000, 0x80401040,
-        0x80000040, 0x00000000, 0x00400040, 0x80400000,
-        0x80000000, 0x00001000, 0x00400000, 0x80401000,
-        0x00000040, 0x00400000, 0x80001000, 0x00001040,
-        0x80400040, 0x80000000, 0x00001040, 0x00400040,
-        0x00001000, 0x00401040, 0x80401040, 0x80000040,
-        0x00400040, 0x80400000, 0x00401000, 0x80401040,
-        0x80000040, 0x00000000, 0x00000000, 0x00401000,
-        0x00001040, 0x00400040, 0x80400040, 0x80000000,
-        0x80401000, 0x80001040, 0x80001040, 0x00000040,
-        0x80401040, 0x80000040, 0x80000000, 0x00001000,
-        0x80400000, 0x80001000, 0x00401040, 0x80400040,
-        0x80001000, 0x00001040, 0x00400000, 0x80401000,
-        0x00000040, 0x00400000, 0x00001000, 0x00401040,
-    },
-    {
-        0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
-        0x10200000, 0x00000008, 0x10202008, 0x00200000,
-        0x10002000, 0x00202008, 0x00200000, 0x10000008,
-        0x00200008, 0x10002000, 0x10000000, 0x00002008,
-        0x00000000, 0x00200008, 0x10002008, 0x00002000,
-        0x00202000, 0x10002008, 0x00000008, 0x10200008,
-        0x10200008, 0x00000000, 0x00202008, 0x10202000,
-        0x00002008, 0x00202000, 0x10202000, 0x10000000,
-        0x10002000, 0x00000008, 0x10200008, 0x00202000,
-        0x10202008, 0x00200000, 0x00002008, 0x10000008,
-        0x00200000, 0x10002000, 0x10000000, 0x00002008,
-        0x10000008, 0x10202008, 0x00202000, 0x10200000,
-        0x00202008, 0x10202000, 0x00000000, 0x10200008,
-        0x00000008, 0x00002000, 0x10200000, 0x00202008,
-        0x00002000, 0x00200008, 0x10002008, 0x00000000,
-        0x10202000, 0x10000000, 0x00200008, 0x10002008,
-    },
-    {
-        0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
-        0x08000000, 0x08000820, 0x00000020, 0x08000000,
-        0x00020020, 0x08020000, 0x08020820, 0x00020800,
-        0x08020800, 0x00020820, 0x00000800, 0x00000020,
-        0x08020000, 0x08000020, 0x08000800, 0x00000820,
-        0x00020800, 0x00020020, 0x08020020, 0x08020800,
-        0x00000820, 0x00000000, 0x00000000, 0x08020020,
-        0x08000020, 0x08000800, 0x00020820, 0x00020000,
-        0x00020820, 0x00020000, 0x08020800, 0x00000800,
-        0x00000020, 0x08020020, 0x00000800, 0x00020820,
-        0x08000800, 0x00000020, 0x08000020, 0x08020000,
-        0x08020020, 0x08000000, 0x00020000, 0x08000820,
-        0x00000000, 0x08020820, 0x00020020, 0x08000020,
-        0x08020000, 0x08000800, 0x08000820, 0x00000000,
-        0x08020820, 0x00020800, 0x00020800, 0x00000820,
-        0x00000820, 0x00020020, 0x08000000, 0x08020800,
-    },
-    {
-        0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
-        0x00080000, 0x00000010, 0x40080010, 0x40004010,
-        0x40000010, 0x40084010, 0x40084000, 0x40000000,
-        0x40004000, 0x00080000, 0x00000010, 0x40080010,
-        0x00084000, 0x00080010, 0x40004010, 0x00000000,
-        0x40000000, 0x00004000, 0x00084010, 0x40080000,
-        0x00080010, 0x40000010, 0x00000000, 0x00084000,
-        0x00004010, 0x40084000, 0x40080000, 0x00004010,
-        0x00000000, 0x00084010, 0x40080010, 0x00080000,
-        0x40004010, 0x40080000, 0x40084000, 0x00004000,
-        0x40080000, 0x40004000, 0x00000010, 0x40084010,
-        0x00084010, 0x00000010, 0x00004000, 0x40000000,
-        0x00004010, 0x40084000, 0x00080000, 0x40000010,
-        0x00080010, 0x40004010, 0x40000010, 0x00080010,
-        0x00084000, 0x00000000, 0x40004000, 0x00004010,
-        0x40000000, 0x40080010, 0x40084010, 0x00084000
-    },
-};
diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h
deleted file mode 100644
index fc91b566c..000000000
--- a/src/lib/crypto/builtin/des/f_tables.h
+++ /dev/null
@@ -1,285 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_tables.h */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_tables.h - declarations to import the DES tables, used internally
- *                by some of the library routines.
- */
-#ifndef __DES_TABLES_H__
-#define __DES_TABLES_H__        /* nothing */
-
-#include "k5-platform.h"
-/*
- * These may be declared const if you wish.  Be sure to change the
- * declarations in des_tables.c as well.
- */
-extern const unsigned DES_INT32 des_IP_table[256];
-extern const unsigned DES_INT32 des_FP_table[256];
-extern const unsigned DES_INT32 des_SP_table[8][64];
-
-/*
- * Use standard shortforms to reference these to save typing
- */
-#define IP      des_IP_table
-#define FP      des_FP_table
-#define SP      des_SP_table
-
-#ifdef DEBUG
-#define DEB(foofraw)    printf foofraw
-#else
-#define DEB(foofraw)    /* nothing */
-#endif
-
-/*
- * Code to do a DES round using the tables.  Note that the E expansion
- * is easy to compute algorithmically, especially if done out-of-order.
- * Take a look at its form and compare it to everything involving temp
- * below.  Since SP[0-7] don't have any bits in common set it is okay
- * to do the successive xor's.
- *
- * Note too that the SP table has been reordered to match the order of
- * the keys (if the original order of SP was 12345678, the reordered
- * table is 71354682).  This is unnecessary, but was done since some
- * compilers seem to like you going through the matrix from beginning
- * to end.
- *
- * There is a difference in the best way to do this depending on whether
- * one is encrypting or decrypting.  If encrypting we move forward through
- * the keys and hence should move forward through the table.  If decrypting
- * we go back.  Part of the need for this comes from trying to emulate
- * existing software which generates a single key schedule and uses it
- * both for encrypting and decrypting.  Generating separate encryption
- * and decryption key schedules would allow one to use the same code
- * for both.
- *
- * left, right and temp should be unsigned DES_INT32 values.  left and right
- * should be the high and low order parts of the cipher block at the
- * current stage of processing (this makes sense if you read the spec).
- * kp should be an unsigned DES_INT32 pointer which points at the current
- * set of subkeys in the key schedule.  It is advanced to the next set
- * (i.e. by 8 bytes) when this is done.
- *
- * This occurs in the innermost loop of the DES function.  The four
- * variables should really be in registers.
- *
- * When using this, the inner loop of the DES function might look like:
- *
- *      for (i = 0; i < 8; i++) {
- *              DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
- *              DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
- *      }
- *
- * Note the trick above.  You are supposed to do 16 rounds, swapping
- * left and right at the end of each round.  By doing two rounds at
- * a time and swapping left and right in the code we can avoid the
- * swaps altogether.
- */
-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do {        \
-        (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
-        (left) ^= SP[0][((temp) >> 24) & 0x3f]                  \
-            | SP[1][((temp) >> 16) & 0x3f]                      \
-            | SP[2][((temp) >>  8) & 0x3f]                      \
-            | SP[3][((temp)      ) & 0x3f];                     \
-        (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++;  \
-        (left) ^= SP[4][((temp) >> 24) & 0x3f]                  \
-            | SP[5][((temp) >> 16) & 0x3f]                      \
-            | SP[6][((temp) >>  8) & 0x3f]                      \
-            | SP[7][((temp)      ) & 0x3f];                     \
-    } while(0);
-
-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do {                \
-        (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp));        \
-        (left) ^= SP[7][((temp)      ) & 0x3f]                          \
-            | SP[6][((temp) >>  8) & 0x3f]                              \
-            | SP[5][((temp) >> 16) & 0x3f]                              \
-            | SP[4][((temp) >> 24) & 0x3f];                             \
-        (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp));       \
-        (left) ^= SP[3][((temp)      ) & 0x3f]                          \
-            | SP[2][((temp) >>  8) & 0x3f]                              \
-            | SP[1][((temp) >> 16) & 0x3f]                              \
-            | SP[0][((temp) >> 24) & 0x3f];                             \
-    } while (0);
-
-/*
- * Macros to help deal with the initial permutation table.  Note
- * the IP table only deals with 32 bits at a time, allowing us to
- * collect the bits we need to deal with each half into an unsigned
- * DES_INT32.  By carefully selecting how the bits are ordered we also
- * take advantages of symmetries in the table so that we can use a
- * single table to compute the permutation of all bytes.  This sounds
- * complicated, but if you go through the process of designing the
- * table you'll find the symmetries fall right out.
- *
- * The follow macros compute the set of bits used to index the
- * table for produce the left and right permuted result.
- *
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
- * propagates the high-order bit in the shift.
- */
-#define DES_IP_LEFT_BITS(left, right)                           \
-    ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
-#define DES_IP_RIGHT_BITS(left, right)                          \
-    (((left) & 0xaaaaaaaa) |                                    \
-     ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
-
-/*
- * The following macro does an in-place initial permutation given
- * the current left and right parts of the block and a single
- * temporary.  Use this more as a guide for rolling your own, though.
- * The best way to do the IP depends on the form of the data you
- * are dealing with.  If you use this, though, try to make left,
- * right and temp unsigned DES_INT32s.
- */
-#define DES_INITIAL_PERM(left, right, temp) do {        \
-        (temp) = DES_IP_RIGHT_BITS((left), (right));    \
-        (right) = DES_IP_LEFT_BITS((left), (right));    \
-        (left) = IP[((right) >> 24) & 0xff]             \
-            | (IP[((right) >> 16) & 0xff] << 1)         \
-            | (IP[((right) >>  8) & 0xff] << 2)         \
-            | (IP[(right) & 0xff] << 3);                \
-        (right) = IP[((temp) >> 24) & 0xff]             \
-            | (IP[((temp) >> 16) & 0xff] << 1)          \
-            | (IP[((temp) >>  8) & 0xff] << 2)          \
-            | (IP[(temp) & 0xff] << 3);                 \
-    } while(0);
-
-/*
- * Now the final permutation stuff.  The same comments apply to
- * this as to the initial permutation, except that we use different
- * bits and shifts.
- *
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
- * propagates the high-order bit in the shift.
- */
-#define DES_FP_LEFT_BITS(left, right)                           \
-    ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
-#define DES_FP_RIGHT_BITS(left, right)                          \
-    (((left) & 0xf0f0f0f0) |                                    \
-     ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
-
-
-/*
- * Here is a sample final permutation.  Note that there is a trick
- * here.  DES requires swapping the left and right parts after the
- * last cipher round but before the final permutation.  We do this
- * swapping internally, which is why left and right are confused
- * at the beginning.
- */
-#define DES_FINAL_PERM(left, right, temp) do {          \
-        (temp) = DES_FP_RIGHT_BITS((right), (left));    \
-        (right) = DES_FP_LEFT_BITS((right), (left));    \
-        (left) = (FP[((right) >> 24) & 0xff] << 6)      \
-            | (FP[((right) >> 16) & 0xff] << 4)         \
-            | (FP[((right) >>  8) & 0xff] << 2)         \
-            |  FP[(right) & 0xff];                      \
-        (right) = (FP[((temp) >> 24) & 0xff] << 6)      \
-            | (FP[((temp) >> 16) & 0xff] << 4)          \
-            | (FP[((temp) >>  8) & 0xff] << 2)          \
-            |  FP[temp & 0xff];                         \
-    } while(0);
-
-
-/*
- * Finally, as a sample of how all this might be held together, the
- * following two macros do in-place encryptions and decryptions.  left
- * and right are two unsigned DES_INT32 variables which at the beginning
- * are expected to hold the clear (encrypted) block in host byte order
- * (left the high order four bytes, right the low order).  At the end
- * they will contain the encrypted (clear) block.  temp is an unsigned DES_INT32
- * used as a temporary.  kp is an unsigned DES_INT32 pointer pointing at
- * the start of the key schedule.  All these should be in registers.
- *
- * You can probably do better than these by rewriting for particular
- * situations.  These aren't bad, though.
- *
- * The DEB macros enable debugging when this code breaks (typically
- * when a buggy compiler breaks it), by printing the intermediate values
- * at each stage of the encryption, so that by comparing the output to
- * a known good machine, the location of the first error can be found.
- */
-#define DES_DO_ENCRYPT_1(left, right, kp)                               \
-    do {                                                                \
-        int i;                                                          \
-        unsigned DES_INT32 temp1;                                       \
-        DEB (("do_encrypt %8lX %8lX \n", left, right));                 \
-        DES_INITIAL_PERM((left), (right), (temp1));                     \
-        DEB (("  after IP %8lX %8lX\n", left, right));                  \
-        for (i = 0; i < 8; i++) {                                       \
-            DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp));       \
-            DEB (("  round %2d %8lX %8lX \n", i*2, left, right));       \
-            DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp));       \
-            DEB (("  round %2d %8lX %8lX \n", 1+i*2, left, right));     \
-        }                                                               \
-        DES_FINAL_PERM((left), (right), (temp1));                       \
-        (kp) -= (2 * 16);                                               \
-        DEB (("  after FP %8lX %8lX \n", left, right));                 \
-    } while (0)
-
-#define DES_DO_DECRYPT_1(left, right, kp)                               \
-    do {                                                                \
-        int i;                                                          \
-        unsigned DES_INT32 temp2;                                       \
-        DES_INITIAL_PERM((left), (right), (temp2));                     \
-        (kp) += (2 * 16);                                               \
-        for (i = 0; i < 8; i++) {                                       \
-            DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp));       \
-            DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp));       \
-        }                                                               \
-        DES_FINAL_PERM((left), (right), (temp2));                       \
-    } while (0)
-
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
-extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
-                                     unsigned DES_INT32 *r,
-                                     const unsigned DES_INT32 *k);
-extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
-                                     unsigned DES_INT32 *r,
-                                     const unsigned DES_INT32 *k);
-#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
-#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
-#else
-#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1
-#define DES_DO_DECRYPT DES_DO_DECRYPT_1
-#endif
-
-/*
- * These are handy dandy utility thingies for straightening out bytes.
- * Included here because they're used a couple of places.
- */
-#define GET_HALF_BLOCK(lr, ip)  ((lr) = load_32_be(ip), (ip) += 4)
-#define PUT_HALF_BLOCK(lr, op)  (store_32_be(lr, op), (op) += 4)
-
-/* Shorthand that we'll need in several places, for creating values that
-   really can hold 32 bits regardless of the prevailing int size.  */
-#define FF_UINT32       ((unsigned DES_INT32) 0xFF)
-
-#endif  /* __DES_TABLES_H__ */
diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c
deleted file mode 100644
index 87f02b6a9..000000000
--- a/src/lib/crypto/builtin/des/key_sched.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/key_sched.c */
-/*
- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * This routine computes the DES key schedule given a key.  The
- * permutations and shifts have been done at compile time, resulting
- * in a direct one-step mapping from the input key to the key
- * schedule.
- *
- * Also checks parity and weak keys.
- *
- * Watch out for the subscripts -- most effectively start at 1 instead
- * of at zero.  Maybe some bugs in that area.
- *
- * In case the user wants to cache the computed key schedule, it is
- * passed as an arg.  Also implies that caller has explicit control
- * over zeroing both the key schedule and the key.
- *
- * Originally written 6/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-int
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
-{
-    mit_des_make_key_sched(k,schedule);
-
-    if (!mit_des_check_key_parity(k))   /* bad parity --> return -1 */
-        return(-1);
-
-    if (mit_des_is_weak_key(k))
-        return(-2);
-
-    /* if key was good, return 0 */
-    return 0;
-}
diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data
deleted file mode 100644
index 7ff34eedc..000000000
--- a/src/lib/crypto/builtin/des/keytest.data
+++ /dev/null
@@ -1,171 +0,0 @@
-0101010101010101 95F8A5E5DD31D900 8000000000000000
-0101010101010101 DD7F121CA5015619 4000000000000000
-0101010101010101 2E8653104F3834EA 2000000000000000
-0101010101010101 4BD388FF6CD81D4F 1000000000000000
-0101010101010101 20B9E767B2FB1456 0800000000000000
-0101010101010101 55579380D77138EF 0400000000000000
-0101010101010101 6CC5DEFAAF04512F 0200000000000000
-0101010101010101 0D9F279BA5D87260 0100000000000000
-0101010101010101 D9031B0271BD5A0A 0080000000000000
-0101010101010101 424250B37C3DD951 0040000000000000
-0101010101010101 B8061B7ECD9A21E5 0020000000000000
-0101010101010101 F15D0F286B65BD28 0010000000000000
-0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000
-0101010101010101 E6D5F82752AD63D1 0004000000000000
-0101010101010101 ECBFE3BD3F591A5E 0002000000000000
-0101010101010101 F356834379D165CD 0001000000000000
-0101010101010101 2B9F982F20037FA9 0000800000000000
-0101010101010101 889DE068A16F0BE6 0000400000000000
-0101010101010101 E19E275D846A1298 0000200000000000
-0101010101010101 329A8ED523D71AEC 0000100000000000
-0101010101010101 E7FCE22557D23C97 0000080000000000
-0101010101010101 12A9F5817FF2D65D 0000040000000000
-0101010101010101 A484C3AD38DC9C19 0000020000000000
-0101010101010101 FBE00A8A1EF8AD72 0000010000000000
-0101010101010101 750D079407521363 0000008000000000
-0101010101010101 64FEED9C724C2FAF 0000004000000000
-0101010101010101 F02B263B328E2B60 0000002000000000
-0101010101010101 9D64555A9A10B852 0000001000000000
-0101010101010101 D106FF0BED5255D7 0000000800000000
-0101010101010101 E1652C6B138C64A5 0000000400000000
-0101010101010101 E428581186EC8F46 0000000200000000
-0101010101010101 AEB5F5EDE22D1A36 0000000100000000
-0101010101010101 E943D7568AEC0C5C 0000000080000000
-0101010101010101 DF98C8276F54B04B 0000000040000000
-0101010101010101 B160E4680F6C696F 0000000020000000
-0101010101010101 FA0752B07D9C4AB8 0000000010000000
-0101010101010101 CA3A2B036DBC8502 0000000008000000
-0101010101010101 5E0905517BB59BCF 0000000004000000
-0101010101010101 814EEB3B91D90726 0000000002000000
-0101010101010101 4D49DB1532919C9F 0000000001000000
-0101010101010101 25EB5FC3F8CF0621 0000000000800000
-0101010101010101 AB6A20C0620D1C6F 0000000000400000
-0101010101010101 79E90DBC98F92CCA 0000000000200000
-0101010101010101 866ECEDD8072BB0E 0000000000100000
-0101010101010101 8B54536F2F3E64A8 0000000000080000
-0101010101010101 EA51D3975595B86B 0000000000040000
-0101010101010101 CAFFC6AC4542DE31 0000000000020000
-0101010101010101 8DD45A2DDF90796C 0000000000010000
-0101010101010101 1029D55E880EC2D0 0000000000008000
-0101010101010101 5D86CB23639DBEA9 0000000000004000
-0101010101010101 1D1CA853AE7C0C5F 0000000000002000
-0101010101010101 CE332329248F3228 0000000000001000
-0101010101010101 8405D1ABE24FB942 0000000000000800
-0101010101010101 E643D78090CA4207 0000000000000400
-0101010101010101 48221B9937748A23 0000000000000200
-0101010101010101 DD7C0BBD61FAFD54 0000000000000100
-0101010101010101 2FBC291A570DB5C4 0000000000000080
-0101010101010101 E07C30D7E4E26E12 0000000000000040
-0101010101010101 0953E2258E8E90A1 0000000000000020
-0101010101010101 5B711BC4CEEBF2EE 0000000000000010
-0101010101010101 CC083F1E6D9E85F6 0000000000000008
-0101010101010101 D2FD8867D50D2DFE 0000000000000004
-0101010101010101 06E7EA22CE92708F 0000000000000002
-0101010101010101 166B40B44ABA4BD6 0000000000000001
-8001010101010101 0000000000000000 95A8D72813DAA94D
-4001010101010101 0000000000000000 0EEC1487DD8C26D5
-2001010101010101 0000000000000000 7AD16FFB79C45926
-1001010101010101 0000000000000000 D3746294CA6A6CF3
-0801010101010101 0000000000000000 809F5F873C1FD761
-0401010101010101 0000000000000000 C02FAFFEC989D1FC
-0201010101010101 0000000000000000 4615AA1D33E72F10
-0180010101010101 0000000000000000 2055123350C00858
-0140010101010101 0000000000000000 DF3B99D6577397C8
-0120010101010101 0000000000000000 31FE17369B5288C9
-0110010101010101 0000000000000000 DFDD3CC64DAE1642
-0108010101010101 0000000000000000 178C83CE2B399D94
-0104010101010101 0000000000000000 50F636324A9B7F80
-0102010101010101 0000000000000000 A8468EE3BC18F06D
-0101800101010101 0000000000000000 A2DC9E92FD3CDE92
-0101400101010101 0000000000000000 CAC09F797D031287
-0101200101010101 0000000000000000 90BA680B22AEB525
-0101100101010101 0000000000000000 CE7A24F350E280B6
-0101080101010101 0000000000000000 882BFF0AA01A0B87
-0101040101010101 0000000000000000 25610288924511C2
-0101020101010101 0000000000000000 C71516C29C75D170
-0101018001010101 0000000000000000 5199C29A52C9F059
-0101014001010101 0000000000000000 C22F0A294A71F29F
-0101012001010101 0000000000000000 EE371483714C02EA
-0101011001010101 0000000000000000 A81FBD448F9E522F
-0101010801010101 0000000000000000 4F644C92E192DFED
-0101010401010101 0000000000000000 1AFA9A66A6DF92AE
-0101010201010101 0000000000000000 B3C1CC715CB879D8
-0101010180010101 0000000000000000 19D032E64AB0BD8B
-0101010140010101 0000000000000000 3CFAA7A7DC8720DC
-0101010120010101 0000000000000000 B7265F7F447AC6F3
-0101010110010101 0000000000000000 9DB73B3C0D163F54
-0101010108010101 0000000000000000 8181B65BABF4A975
-0101010104010101 0000000000000000 93C9B64042EAA240
-0101010102010101 0000000000000000 5570530829705592
-0101010101800101 0000000000000000 8638809E878787A0
-0101010101400101 0000000000000000 41B9A79AF79AC208
-0101010101200101 0000000000000000 7A9BE42F2009A892
-0101010101100101 0000000000000000 29038D56BA6D2745
-0101010101080101 0000000000000000 5495C6ABF1E5DF51
-0101010101040101 0000000000000000 AE13DBD561488933
-0101010101020101 0000000000000000 024D1FFA8904E389
-0101010101018001 0000000000000000 D1399712F99BF02E
-0101010101014001 0000000000000000 14C1D7C1CFFEC79E
-0101010101012001 0000000000000000 1DE5279DAE3BED6F
-0101010101011001 0000000000000000 E941A33F85501303
-0101010101010801 0000000000000000 DA99DBBC9A03F379
-0101010101010401 0000000000000000 B7FC92F91D8E92E9
-0101010101010201 0000000000000000 AE8E5CAA3CA04E85
-0101010101010180 0000000000000000 9CC62DF43B6EED74
-0101010101010140 0000000000000000 D863DBB5C59A91A0
-0101010101010120 0000000000000000 A1AB2190545B91D7
-0101010101010110 0000000000000000 0875041E64C570F7
-0101010101010108 0000000000000000 5A594528BEBEF1CC
-0101010101010104 0000000000000000 FCDB3291DE21F0C0
-0101010101010102 0000000000000000 869EFD7F9F265A09
-1046913489980131 0000000000000000 88D55E54F54C97B4
-1007103489988020 0000000000000000 0C0CC00C83EA48FD
-10071034C8980120 0000000000000000 83BC8EF3A6570183
-1046103489988020 0000000000000000 DF725DCAD94EA2E9
-1086911519190101 0000000000000000 E652B53B550BE8B0
-1086911519580101 0000000000000000 AF527120C485CBB0
-5107B01519580101 0000000000000000 0F04CE393DB926D5
-1007B01519190101 0000000000000000 C9F00FFC74079067
-3107915498080101 0000000000000000 7CFD82A593252B4E
-3107919498080101 0000000000000000 CB49A2F9E91363E3
-10079115B9080140 0000000000000000 00B588BE70D23F56
-3107911598080140 0000000000000000 406A9A6AB43399AE
-1007D01589980101 0000000000000000 6CB773611DCA9ADA
-9107911589980101 0000000000000000 67FD21C17DBB5D70
-9107D01589190101 0000000000000000 9592CB4110430787
-1007D01598980120 0000000000000000 A6B7FF68A318DDD3
-1007940498190101 0000000000000000 4D102196C914CA16
-0107910491190401 0000000000000000 2DFA9F4573594965
-0107910491190101 0000000000000000 B46604816C0E0774
-0107940491190401 0000000000000000 6E7E6221A4F34E87
-19079210981A0101 0000000000000000 AA85E74643233199
-1007911998190801 0000000000000000 2E5A19DB4D1962D6
-10079119981A0801 0000000000000000 23A866A809D30894
-1007921098190101 0000000000000000 D812D961F017D320
-100791159819010B 0000000000000000 055605816E58608F
-1004801598190101 0000000000000000 ABD88E8B1B7716F1
-1004801598190102 0000000000000000 537AC95BE69DA1E1
-1004801598190108 0000000000000000 AED0F6AE3C25CDD8
-1002911598100104 0000000000000000 B3E35A5EE53E7B8D
-1002911598190104 0000000000000000 61C79C71921A2EF8
-1002911598100201 0000000000000000 E2F5728F0995013C
-1002911698100101 0000000000000000 1AEAC39A61F0A464
-7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B
-0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271
-07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A
-3849674C2602319E 51454B582DDF440A 7178876E01F19B2A
-04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095
-0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B
-0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09
-43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A
-07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F
-04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088
-37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77
-1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A
-584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56
-025816164629B007 480D39006EE762F2 A1F9915541020B56
-49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556
-4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC
-49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A
-018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41
-1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793
diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c
deleted file mode 100644
index 4a19933ca..000000000
--- a/src/lib/crypto/builtin/des/t_verify.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/t_verify.c */
-/*
- * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/*
- *
- * Program to test the correctness of the DES library
- * implementation.
- *
- * exit returns  0 ==> success
- *              -1 ==> error
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-#include <stdio.h>
-#include "com_err.h"
-
-static void do_encrypt(unsigned char *, unsigned char *);
-static void do_decrypt(unsigned char *, unsigned char *);
-
-char *progname;
-int nflag = 2;
-int vflag;
-int mflag;
-int zflag;
-int pid;
-int mit_des_debug;
-
-unsigned char cipher_text[64];
-unsigned char clear_text[64] = "Now is the time for all " ;
-unsigned char clear_text2[64] = "7654321 Now is the time for ";
-unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
-unsigned char output[64];
-unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
-unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
-unsigned char *input;
-
-/* 0x0123456789abcdef */
-unsigned char default_key[8] = {
-    0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
-};
-unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
-unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
-mit_des_cblock s_key;
-unsigned char default_ivec[8] = {
-    0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
-};
-unsigned char *ivec;
-unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
-
-unsigned char cipher1[8] = {
-    0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
-};
-unsigned char cipher2[8] = {
-    0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
-};
-unsigned char cipher3[64] = {
-    0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
-    0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
-    0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
-};
-unsigned char checksum[8] = {
-    0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
-};
-
-unsigned char zresult[8] = {
-    0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
-};
-
-unsigned char mresult[8] = {
-    0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
-};
-
-
-/*
- * Can also add :
- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
- */
-
-mit_des_key_schedule sched;
-
-int
-main(argc,argv)
-    int argc;
-    char *argv[];
-{
-    /* Local Declarations */
-    size_t  in_length;
-    int  retval;
-    int i, j;
-
-#ifdef WINDOWS
-    /* Set screen window buffer to infinite size -- MS default is tiny.  */
-    _wsetscreenbuf (fileno (stdout), _WINBUFINF);
-#endif
-    progname=argv[0];           /* salt away invoking program */
-
-    while (--argc > 0 && (*++argv)[0] == '-')
-        for (i=1; argv[0][i] != '\0'; i++) {
-            switch (argv[0][i]) {
-
-                /* debug flag */
-            case 'd':
-                mit_des_debug=3;
-                continue;
-
-            case 'z':
-                zflag = 1;
-                continue;
-
-            case 'm':
-                mflag = 1;
-                continue;
-
-            default:
-                printf("%s: illegal flag \"%c\" ",
-                       progname,argv[0][i]);
-                exit(1);
-            }
-        };
-
-    if (argc) {
-        fprintf(stderr, "Usage: %s [-dmz]\n", progname);
-        exit(1);
-    }
-
-    /* do some initialisation */
-
-    /* use known input and key */
-
-    /* ECB zero text zero key */
-    if (zflag) {
-        input = zero_text;
-        mit_des_key_sched(zero_key, sched);
-        printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
-        do_encrypt(input,cipher_text);
-        printf("\tcipher  = (low to high bytes)\n\t\t");
-        for (j = 0; j<=7; j++)
-            printf("%02x ",cipher_text[j]);
-        printf("\n");
-        do_decrypt(output,cipher_text);
-        if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
-            printf("verify: error in zero key test\n");
-            exit(-1);
-        }
-
-        exit(0);
-    }
-
-    if (mflag) {
-        input = msb_text;
-        mit_des_key_sched(key3, sched);
-        printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
-        printf("key = 0x80 01 01 01 01 01 01 01\n");
-        printf("        cipher = 0xa380e02a6be54696\n");
-        do_encrypt(input,cipher_text);
-        printf("\tcipher  = (low to high bytes)\n\t\t");
-        for (j = 0; j<=7; j++) {
-            printf("%02x ",cipher_text[j]);
-        }
-        printf("\n");
-        do_decrypt(output,cipher_text);
-        if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
-            printf("verify: error in msb test\n");
-            exit(-1);
-        }
-        exit(0);
-    }
-
-    /* ECB mode Davies and Price */
-    {
-        input = zero_text;
-        mit_des_key_sched(key2, sched);
-        printf("Examples per FIPS publication 81, keys ivs and cipher\n");
-        printf("in hex.  These are the correct answers, see below for\n");
-        printf("the actual answers.\n\n");
-        printf("Examples per Davies and Price.\n\n");
-        printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
-        printf("\tclear = 0\n");
-        printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
-        printf("ACTUAL ECB\n");
-        printf("\tclear \"%s\"\n", input);
-        do_encrypt(input,cipher_text);
-        printf("\tcipher  = (low to high bytes)\n\t\t");
-        for (j = 0; j<=7; j++)
-            printf("%02x ",cipher_text[j]);
-        printf("\n\n");
-        do_decrypt(output,cipher_text);
-        if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
-            printf("verify: error in ECB encryption\n");
-            exit(-1);
-        }
-        else
-            printf("verify: ECB encryption is correct\n\n");
-    }
-
-    /* ECB mode */
-    {
-        mit_des_key_sched(default_key, sched);
-        input = clear_text;
-        ivec = default_ivec;
-        printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
-        printf("\tclear = \"Now is the time for all \"\n");
-        printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
-        printf("ACTUAL ECB\n\tclear \"%s\"",input);
-        do_encrypt(input,cipher_text);
-        printf("\n\tcipher      = (low to high bytes)\n\t\t");
-        for (j = 0; j<=7; j++) {
-            printf("%02x ",cipher_text[j]);
-        }
-        printf("\n\n");
-        do_decrypt(output,cipher_text);
-        if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
-            printf("verify: error in ECB encryption\n");
-            exit(-1);
-        }
-        else
-            printf("verify: ECB encryption is correct\n\n");
-    }
-
-    /* CBC mode */
-    printf("EXAMPLE CBC\tkey = 0123456789abcdef");
-    printf("\tiv = 1234567890abcdef\n");
-    printf("\tclear = \"Now is the time for all \"\n");
-    printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
-    printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
-    printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
-
-    printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
-    in_length =  strlen((char *)input);
-    if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
-                                      (mit_des_cblock *) cipher_text,
-                                      (size_t) in_length,
-                                      sched,
-                                      ivec,
-                                      MIT_DES_ENCRYPT))) {
-        com_err("des verify", retval, "can't encrypt");
-        exit(-1);
-    }
-    printf("\tciphertext = (low to high bytes)\n");
-    for (i = 0; i <= 2; i++) {
-        printf("\t\t");
-        for (j = 0; j <= 7; j++) {
-            printf("%02x ",cipher_text[i*8+j]);
-        }
-        printf("\n");
-    }
-    if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
-                                      (mit_des_cblock *) clear_text,
-                                      (size_t) in_length,
-                                      sched,
-                                      ivec,
-                                      MIT_DES_DECRYPT))) {
-        com_err("des verify", retval, "can't decrypt");
-        exit(-1);
-    }
-    printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
-
-    if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
-        printf("verify: error in CBC encryption\n");
-        exit(-1);
-    }
-    else
-        printf("verify: CBC encryption is correct\n\n");
-
-    printf("EXAMPLE CBC checksum");
-    printf("\tkey =  0123456789abcdef\tiv =  1234567890abcdef\n");
-    printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
-    printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
-    printf("or some part thereof\n");
-    input = clear_text2;
-    mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
-                      sched,ivec);
-    printf("ACTUAL CBC checksum\n");
-    printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
-    for (j = 0; j<=7; j++)
-        printf("%02x ",cipher_text[j]);
-    printf("\n\n");
-    if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
-        printf("verify: error in CBC checksum\n");
-        exit(-1);
-    }
-    else
-        printf("verify: CBC checksum is correct\n\n");
-
-    exit(0);
-}
-
-static void
-do_encrypt(in,out)
-    unsigned char *in;
-    unsigned char *out;
-{
-    int i, j;
-    for (i =1; i<=nflag; i++) {
-        mit_des_cbc_encrypt((const mit_des_cblock *)in,
-                            (mit_des_cblock *)out,
-                            8,
-                            sched,
-                            zero_text,
-                            MIT_DES_ENCRYPT);
-        if (mit_des_debug) {
-            printf("\nclear %s\n",in);
-            for (j = 0; j<=7; j++)
-                printf("%02X ",in[j] & 0xff);
-            printf("\tcipher ");
-            for (j = 0; j<=7; j++)
-                printf("%02X ",out[j] & 0xff);
-        }
-    }
-}
-
-static void
-do_decrypt(in,out)
-    unsigned char *out;
-    unsigned char *in;
-    /* try to invert it */
-{
-    int i, j;
-    for (i =1; i<=nflag; i++) {
-        mit_des_cbc_encrypt((const mit_des_cblock *)out,
-                            (mit_des_cblock *)in,
-                            8,
-                            sched,
-                            zero_text,
-                            MIT_DES_DECRYPT);
-        if (mit_des_debug) {
-            printf("clear %s\n",in);
-            for (j = 0; j<=7; j++)
-                printf("%02X ",in[j] & 0xff);
-            printf("\tcipher ");
-            for (j = 0; j<=7; j++)
-                printf("%02X ",out[j] & 0xff);
-        }
-    }
-}
-
-/*
- * Fake out the DES library, for the purposes of testing.
- */
-
-int
-mit_des_is_weak_key(key)
-    mit_des_cblock key;
-{
-    return 0;                           /* fake it out for testing */
-}
diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c
deleted file mode 100644
index eb41b267d..000000000
--- a/src/lib/crypto/builtin/des/weak_key.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/weak_key.c */
-/*
- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-/*
- * The following are the weak DES keys:
- */
-static const mit_des_cblock weak[16] = {
-    /* weak keys */
-    {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-    {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
-    {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
-    {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
-
-    /* semi-weak */
-    {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
-    {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
-
-    {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
-    {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
-
-    {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
-    {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
-
-    {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
-    {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
-
-    {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
-    {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
-
-    {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
-    {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
-};
-
-/*
- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
- *
- * Requires: key has correct odd parity.
- */
-int
-mit_des_is_weak_key(mit_des_cblock key)
-{
-    unsigned int i;
-    const mit_des_cblock *weak_p = weak;
-
-    for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
-        if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
-            return 1;
-    }
-
-    return 0;
-}
diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in
index 3459e1d0e..af6276b96 100644
--- a/src/lib/crypto/builtin/enc_provider/Makefile.in
+++ b/src/lib/crypto/builtin/enc_provider/Makefile.in
@@ -1,7 +1,6 @@
 mydir=lib$(S)crypto$(S)builtin$(S)enc_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../des 	\
-		-I$(srcdir)/../aes 	\
+LOCALINCLUDES = -I$(srcdir)/../aes 	\
 		-I$(srcdir)/../camellia \
 		-I$(srcdir)/../../krb 	\
 		-I$(srcdir)/..
@@ -11,19 +10,16 @@ LOCALINCLUDES = -I$(srcdir)/../des 	\
 ##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst
 
 STLIBOBJS= \
-	des3.o 	\
 	rc4.o 	\
 	aes.o   \
 	camellia.o
 
 OBJS= \
-	$(OUTPRE)des3.$(OBJEXT) 	\
 	$(OUTPRE)aes.$(OBJEXT) 	\
 	$(OUTPRE)camellia.$(OBJEXT)	\
 	$(OUTPRE)rc4.$(OBJEXT)
 
 SRCS= \
-	$(srcdir)/des3.c 	\
 	$(srcdir)/aes.c 	\
 	$(srcdir)/camellia.c	\
 	$(srcdir)/rc4.c
diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps
index ea4ffecd8..061289a91 100644
--- a/src/lib/crypto/builtin/enc_provider/deps
+++ b/src/lib/crypto/builtin/enc_provider/deps
@@ -1,19 +1,6 @@
 #
 # Generated makefile dependencies follow.
 #
-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-  $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
-  $(srcdir)/../crypto_mod.h $(srcdir)/../des/des_int.h \
-  $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des3.c
 aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c
deleted file mode 100644
index 9b8244223..000000000
--- a/src/lib/crypto/builtin/enc_provider/des3.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-
-static krb5_error_code
-validate_and_schedule(krb5_key key, const krb5_data *ivec,
-                      const krb5_crypto_iov *data, size_t num_data,
-                      mit_des3_key_schedule *schedule)
-{
-    if (key->keyblock.length != 24)
-        return(KRB5_BAD_KEYSIZE);
-    if (iov_total_length(data, num_data, FALSE) % 8 != 0)
-        return(KRB5_BAD_MSIZE);
-    if (ivec && (ivec->length != 8))
-        return(KRB5_BAD_MSIZE);
-
-    switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
-                               *schedule)) {
-    case -1:
-        return(KRB5DES_BAD_KEYPAR);
-    case -2:
-        return(KRB5DES_WEAK_KEY);
-    }
-    return 0;
-}
-
-static krb5_error_code
-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-                size_t num_data)
-{
-    mit_des3_key_schedule schedule;
-    krb5_error_code err;
-
-    err = validate_and_schedule(key, ivec, data, num_data, &schedule);
-    if (err)
-        return err;
-
-    /* this has a return value, but the code always returns zero */
-    krb5int_des3_cbc_encrypt(data, num_data,
-                             schedule[0], schedule[1], schedule[2],
-                             ivec != NULL ? (unsigned char *) ivec->data :
-                             NULL);
-
-    zap(schedule, sizeof(schedule));
-
-    return(0);
-}
-
-static krb5_error_code
-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-                size_t num_data)
-{
-    mit_des3_key_schedule schedule;
-    krb5_error_code err;
-
-    err = validate_and_schedule(key, ivec, data, num_data, &schedule);
-    if (err)
-        return err;
-
-    /* this has a return value, but the code always returns zero */
-    krb5int_des3_cbc_decrypt(data, num_data,
-                             schedule[0], schedule[1], schedule[2],
-                             ivec != NULL ? (unsigned char *) ivec->data :
-                             NULL);
-
-    zap(schedule, sizeof(schedule));
-
-    return 0;
-}
-
-const struct krb5_enc_provider krb5int_enc_des3 = {
-    8,
-    21, 24,
-    k5_des3_encrypt,
-    k5_des3_decrypt,
-    NULL,
-    krb5int_des_init_state,
-    krb5int_default_free_state
-};
diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected
index f8251a16c..bc6aa50c8 100644
--- a/src/lib/crypto/crypto_tests/t_cf2.expected
+++ b/src/lib/crypto/crypto_tests/t_cf2.expected
@@ -1,6 +1,5 @@
 97df97e4b798b29eb31ed7280287a92a
 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
-e58f9eb643862c13ad38e529313462a7f73e62834fe54a01
 24d7f6b6bae4e5c00d2082c5ebab3672
 edd02a39d2dbde31611c16e610be062c
 67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584
diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in
index 73e2f8fbc..c4d23b506 100644
--- a/src/lib/crypto/crypto_tests/t_cf2.in
+++ b/src/lib/crypto/crypto_tests/t_cf2.in
@@ -8,11 +8,6 @@ key1
 key2
 a
 b
-16
-key1
-key2
-a
-b
 23
 key1
 key2
diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
index 8297fcbf5..3063d12ec 100644
--- a/src/lib/crypto/crypto_tests/t_cksums.c
+++ b/src/lib/crypto/crypto_tests/t_cksums.c
@@ -59,16 +59,6 @@ struct test {
           "\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90"
           "\xAF\xD8\x07\x09" }
     },
-    {
-        { KV5M_DATA, 9, "six seven" },
-        CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
-        { KV5M_DATA, 24,
-          "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
-          "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
-        { KV5M_DATA, 20,
-          "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6"
-          "\x99\x08\x2B\xB4" }
-    },
     {
         { KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" },
         CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c
index a40a85500..716f2c337 100644
--- a/src/lib/crypto/crypto_tests/t_decrypt.c
+++ b/src/lib/crypto/crypto_tests/t_decrypt.c
@@ -39,62 +39,6 @@ struct test {
     krb5_data keybits;
     krb5_data ciphertext;
 } test_cases[] = {
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 0, "", }, 0,
-        { KV5M_DATA, 24,
-          "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
-          "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
-        { KV5M_DATA, 28,
-          "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B"
-          "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" }
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 1, "1", }, 1,
-        { KV5M_DATA, 24,
-          "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6"
-          "\x40\x45\x23\x85\x32\x29\x62\xB6" },
-        { KV5M_DATA, 36,
-          "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3"
-          "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56"
-          "\x66\x09\x45\xC7" }
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 9, "9 bytesss", }, 2,
-        { KV5M_DATA, 24,
-          "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85"
-          "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" },
-        { KV5M_DATA, 44,
-          "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7"
-          "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44"
-          "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" }
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 13, "13 bytes byte", }, 3,
-        { KV5M_DATA, 24,
-          "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51"
-          "\x76\xE3\x98\x13\x32\xF1\xE5\x98" },
-        { KV5M_DATA, 44,
-          "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C"
-          "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8"
-          "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" }
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4,
-        { KV5M_DATA, 24,
-          "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20"
-          "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" },
-        { KV5M_DATA, 60,
-          "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5"
-          "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40"
-          "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C"
-          "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" }
-    },
-
     {
         ENCTYPE_ARCFOUR_HMAC,
         { KV5M_DATA, 0, "", }, 0,
@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len)
 
 static krb5_enctype
 enctypes[] = {
-    ENCTYPE_DES3_CBC_SHA1,
     ENCTYPE_ARCFOUR_HMAC,
     ENCTYPE_ARCFOUR_HMAC_EXP,
     ENCTYPE_AES128_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c
index afbf7477f..93ce30da2 100644
--- a/src/lib/crypto/crypto_tests/t_derive.c
+++ b/src/lib/crypto/crypto_tests/t_derive.c
@@ -38,41 +38,6 @@ struct test {
     enum deriv_alg alg;
     krb5_data expected_key;
 } test_cases[] = {
-    /* Kc, Ke, Kei for a DES3 key */
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 24,
-          "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
-          "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-        { KV5M_DATA, 5, "\0\0\0\2\x99" },
-        DERIVE_RFC3961,
-        { KV5M_DATA, 24,
-          "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
-          "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 24,
-          "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
-          "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-        { KV5M_DATA, 5, "\0\0\0\2\xAA" },
-        DERIVE_RFC3961,
-        { KV5M_DATA, 24,
-          "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
-          "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        { KV5M_DATA, 24,
-          "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
-          "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-        { KV5M_DATA, 5, "\0\0\0\2\x55" },
-        DERIVE_RFC3961,
-        { KV5M_DATA, 24,
-          "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
-          "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
-    },
-
     /* Kc, Ke, Ki for an AES-128 key */
     {
         ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -286,7 +251,6 @@ static const struct krb5_enc_provider *
 get_enc_provider(krb5_enctype enctype)
 {
     switch (enctype) {
-    case ENCTYPE_DES3_CBC_SHA1:              return &krb5int_enc_des3;
     case ENCTYPE_AES128_CTS_HMAC_SHA1_96:    return &krb5int_enc_aes128;
     case ENCTYPE_AES256_CTS_HMAC_SHA1_96:    return &krb5int_enc_aes256;
     case ENCTYPE_CAMELLIA128_CTS_CMAC:       return &krb5int_enc_camellia128;
diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c
index bd9b94691..290a72e1e 100644
--- a/src/lib/crypto/crypto_tests/t_encrypt.c
+++ b/src/lib/crypto/crypto_tests/t_encrypt.c
@@ -37,7 +37,6 @@
 
 /* What enctypes should we test?*/
 krb5_enctype interesting_enctypes[] = {
-    ENCTYPE_DES3_CBC_SHA1,
     ENCTYPE_ARCFOUR_HMAC,
     ENCTYPE_ARCFOUR_HMAC_EXP,
     ENCTYPE_AES256_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c
index d4c2b97df..4466b7115 100644
--- a/src/lib/crypto/crypto_tests/t_short.c
+++ b/src/lib/crypto/crypto_tests/t_short.c
@@ -34,7 +34,6 @@
 #include "k5-int.h"
 
 krb5_enctype interesting_enctypes[] = {
-    ENCTYPE_DES3_CBC_SHA1,
     ENCTYPE_ARCFOUR_HMAC,
     ENCTYPE_ARCFOUR_HMAC_EXP,
     ENCTYPE_AES256_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
index cdb1acc6d..ef4c4a7d3 100644
--- a/src/lib/crypto/crypto_tests/t_str2key.c
+++ b/src/lib/crypto/crypto_tests/t_str2key.c
@@ -35,58 +35,6 @@ struct test {
     krb5_error_code expected_err;
     krb5_boolean allow_weak;
 } test_cases[] = {
-    /* Test vectors from RFC 3961 appendix A.4. */
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        "password",
-        { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" },
-        { KV5M_DATA, 0, NULL },
-        { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C"
-          "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
-        0,
-        FALSE
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        "potatoe",
-        { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" },
-        { KV5M_DATA, 0, NULL },
-        { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37"
-          "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" },
-        0,
-        FALSE
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        "penny",
-        { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" },
-        { KV5M_DATA, 0, NULL },
-        { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA"
-          "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" },
-        0,
-        FALSE
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        "\xC3\x9F",
-        { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" },
-        { KV5M_DATA, 0, NULL },
-        { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0"
-          "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" },
-        0,
-        FALSE
-    },
-    {
-        ENCTYPE_DES3_CBC_SHA1,
-        "\xF0\x9D\x84\x9E",
-        { KV5M_DATA, 18, "EXAMPLE.COMpianist" },
-        { KV5M_DATA, 0, NULL },
-        { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E"
-          "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" },
-        0,
-        FALSE
-    },
-
     /* Test vectors from RFC 3962 appendix B. */
     {
         ENCTYPE_AES128_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
index b74e6f7cc..2b0c4163d 100644
--- a/src/lib/crypto/krb/Makefile.in
+++ b/src/lib/crypto/krb/Makefile.in
@@ -50,7 +50,6 @@ STLIBOBJS=\
 	prf.o			\
 	prf_aes2.o		\
 	prf_cmac.o		\
-	prf_des.o		\
 	prf_dk.o		\
 	prf_rc4.o		\
 	prng.o			\
@@ -109,7 +108,6 @@ OBJS=\
 	$(OUTPRE)prf.$(OBJEXT)			\
 	$(OUTPRE)prf_aes2.$(OBJEXT)		\
 	$(OUTPRE)prf_cmac.$(OBJEXT)		\
-	$(OUTPRE)prf_des.$(OBJEXT)		\
 	$(OUTPRE)prf_dk.$(OBJEXT)		\
 	$(OUTPRE)prf_rc4.$(OBJEXT)		\
 	$(OUTPRE)prng.$(OBJEXT)			\
@@ -168,7 +166,6 @@ SRCS=\
 	$(srcdir)/prf.c			\
 	$(srcdir)/prf_aes2.c		\
 	$(srcdir)/prf_cmac.c		\
-	$(srcdir)/prf_des.c		\
 	$(srcdir)/prf_dk.c		\
 	$(srcdir)/prf_rc4.c		\
 	$(srcdir)/prng.c 		\
diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c
index ecc2e08c9..f5fbe8a2a 100644
--- a/src/lib/crypto/krb/cksumtypes.c
+++ b/src/lib/crypto/krb/cksumtypes.c
@@ -46,12 +46,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = {
       krb5int_unkeyed_checksum, NULL,
       20, 20, CKSUM_UNKEYED },
 
-    { CKSUMTYPE_HMAC_SHA1_DES3,
-      "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key",
-      &krb5int_enc_des3, &krb5int_hash_sha1,
-      krb5int_dk_checksum, NULL,
-      20, 20, 0 },
-
     { CKSUMTYPE_HMAC_MD5_ARCFOUR,
       "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" },
       "Microsoft HMAC MD5",
diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
index 19f808749..4bc430c7a 100644
--- a/src/lib/crypto/krb/crypto_int.h
+++ b/src/lib/crypto/krb/crypto_int.h
@@ -276,10 +276,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc,
 /* Random to key */
 krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
                                    krb5_keyblock *keyblock);
-krb5_error_code k5_rand2key_des(const krb5_data *randombits,
-                                krb5_keyblock *keyblock);
-krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
-                                 krb5_keyblock *keyblock);
 
 /* Pseudo-random function */
 krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
@@ -368,11 +364,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage);
 /* Ensure library initialization has occurred. */
 int krb5int_crypto_init(void);
 
-/* DES default state initialization handler (used by module enc providers). */
-krb5_error_code krb5int_des_init_state(const krb5_keyblock *key,
-                                       krb5_keyusage keyusage,
-                                       krb5_data *state_out);
-
 /* Default state cleanup handler (used by module enc providers). */
 void krb5int_default_free_state(krb5_data *state);
 
@@ -425,7 +416,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block);
 /* Modules must implement the k5_sha256() function prototyped in k5-int.h. */
 
 /* Modules must implement the following enc_providers and hash_providers: */
-extern const struct krb5_enc_provider krb5int_enc_des3;
 extern const struct krb5_enc_provider krb5int_enc_arcfour;
 extern const struct krb5_enc_provider krb5int_enc_aes128;
 extern const struct krb5_enc_provider krb5int_enc_aes256;
@@ -442,12 +432,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384;
 
 /* Modules must implement the following functions. */
 
-/* Set the parity bits to the correct values in keybits. */
-void k5_des_fixup_key_parity(unsigned char *keybits);
-
-/* Return true if keybits is a weak or semi-weak DES key. */
-krb5_boolean k5_des_is_weak_key(unsigned char *keybits);
-
 /* Compute an HMAC using the provided hash function, key, and data, storing the
  * result into output (caller-allocated). */
 krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c
index 0757c8b02..f89dc7902 100644
--- a/src/lib/crypto/krb/default_state.c
+++ b/src/lib/crypto/krb/default_state.c
@@ -32,16 +32,6 @@
 
 #include "crypto_int.h"
 
-krb5_error_code
-krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage,
-                       krb5_data *state_out)
-{
-    if (alloc_data(state_out, 8))
-        return ENOMEM;
-
-    return 0;
-}
-
 void
 krb5int_default_free_state(krb5_data *state)
 {
diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
index 1542d4062..a0037912a 100644
--- a/src/lib/crypto/krb/enctype_util.c
+++ b/src/lib/crypto/krb/enctype_util.c
@@ -45,6 +45,9 @@ struct {
     { ENCTYPE_DES_CBC_MD5, "des-cbc-md5" },
     { ENCTYPE_DES_CBC_RAW, "des-cbc-raw" },
     { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" },
+    { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" },
+    { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" },
+    { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" },
     { ENCTYPE_NULL, NULL }
 };
 
diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
index fc278783b..7635393a4 100644
--- a/src/lib/crypto/krb/etypes.c
+++ b/src/lib/crypto/krb/etypes.c
@@ -35,27 +35,6 @@
 
 /* Deprecations come from RFC 6649 and RFC 8249. */
 const struct krb5_keytypes krb5int_enctypes_list[] = {
-    { ENCTYPE_DES3_CBC_RAW,
-      "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
-      &krb5int_enc_des3, NULL,
-      16,
-      krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt,
-      krb5int_dk_string_to_key, k5_rand2key_des3,
-      NULL, /*PRF*/
-      0,
-      ETYPE_WEAK | ETYPE_DEPRECATED, 112 },
-
-    { ENCTYPE_DES3_CBC_SHA1,
-      "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
-      "Triple DES cbc mode with HMAC/sha1",
-      &krb5int_enc_des3, &krb5int_hash_sha1,
-      16,
-      krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt,
-      krb5int_dk_string_to_key, k5_rand2key_des3,
-      krb5int_dk_prf,
-      CKSUMTYPE_HMAC_SHA1_DES3,
-      ETYPE_DEPRECATED, 112 },
-
     /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we
      * consider its strength degraded and assign it an SSF value of 64. */
     { ENCTYPE_ARCFOUR_HMAC,
diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c
deleted file mode 100644
index 7a2d719c5..000000000
--- a/src/lib/crypto/krb/prf_des.c
+++ /dev/null
@@ -1,47 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */
-/*
- * Copyright (C) 2004, 2009  by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "crypto_int.h"
-
-krb5_error_code
-krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
-                const krb5_data *in, krb5_data *out)
-{
-    const struct krb5_hash_provider *hash = &krb5int_hash_md5;
-    krb5_crypto_iov iov;
-    krb5_error_code ret;
-
-    /* Compute a hash of the input, storing into the output buffer. */
-    iov.flags = KRB5_CRYPTO_TYPE_DATA;
-    iov.data = *in;
-    ret = hash->hash(&iov, 1, out);
-    if (ret != 0)
-        return ret;
-
-    /* Encrypt the hash in place. */
-    iov.data = *out;
-    return ktp->enc->encrypt(key, NULL, &iov, 1);
-}
diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c
index 157462526..863090beb 100644
--- a/src/lib/crypto/krb/random_to_key.c
+++ b/src/lib/crypto/krb/random_to_key.c
@@ -71,48 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock)
     memcpy(keyblock->contents, randombits->data, randombits->length);
     return 0;
 }
-
-static inline void
-eighth_byte(unsigned char *b)
-{
-    b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) |
-            ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) |
-            ((b[6] & 1) << 7));
-}
-
-krb5_error_code
-k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock)
-{
-    if (randombits->length != 7)
-        return(KRB5_CRYPTO_INTERNAL);
-
-    keyblock->magic = KV5M_KEYBLOCK;
-
-    /* Take the seven bytes, move them around into the top 7 bits of the
-     * 8 key bytes, then compute the parity bits. */
-    memcpy(keyblock->contents, randombits->data, randombits->length);
-    eighth_byte(keyblock->contents);
-    k5_des_fixup_key_parity(keyblock->contents);
-
-    return 0;
-}
-
-krb5_error_code
-k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock)
-{
-    int i;
-
-    if (randombits->length != 21)
-        return KRB5_CRYPTO_INTERNAL;
-
-    keyblock->magic = KV5M_KEYBLOCK;
-
-    /* Take the seven bytes, move them around into the top 7 bits of the
-     * 8 key bytes, then compute the parity bits.  Do this three times. */
-    for (i = 0; i < 3; i++) {
-        memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7);
-        eighth_byte(&keyblock->contents[i * 8]);
-        k5_des_fixup_key_parity(&keyblock->contents[i * 8]);
-    }
-    return 0;
-}
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index d6cc1b423..f44cb9170 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports
@@ -86,7 +86,6 @@ krb5_k_verify_checksum
 krb5_k_verify_checksum_iov
 krb5int_aes_encrypt
 krb5int_aes_decrypt
-krb5int_enc_des3
 krb5int_arcfour_gsscrypt
 krb5int_camellia_cbc_mac
 krb5int_cmac_checksum
diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in
index aa434b168..234fc0e76 100644
--- a/src/lib/crypto/openssl/Makefile.in
+++ b/src/lib/crypto/openssl/Makefile.in
@@ -1,6 +1,6 @@
 mydir=lib$(S)crypto$(S)openssl
 BUILDTOP=$(REL)..$(S)..$(S)..
-SUBDIRS=camellia des aes md4 md5  sha1 sha2 enc_provider hash_provider
+SUBDIRS=camellia aes md4 md5  sha1 sha2 enc_provider hash_provider
 LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
 
 STLIBOBJS=\
@@ -24,14 +24,14 @@ SRCS=\
 	$(srcdir)/sha256.c	\
 	$(srcdir)/stubs.c
 
-STOBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
+STOBJLISTS= md4/OBJS.ST 		\
 	md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST 	\
 	enc_provider/OBJS.ST 		\
 	hash_provider/OBJS.ST 		\
 	aes/OBJS.ST 			\
 	OBJS.ST
 
-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST 	\
+SUBDIROBJLISTS= md4/OBJS.ST 		\
 		md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST 	\
 		enc_provider/OBJS.ST 		\
 		hash_provider/OBJS.ST 		\
@@ -42,7 +42,7 @@ includes: depend
 
 depend: $(SRCS)
 
-clean-unix:: clean-libobjs
+clean-unix:: clean-libobjsn
 
 @lib_frag@
 @libobj_frag@
diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in
deleted file mode 100644
index 4392fb8ea..000000000
--- a/src/lib/crypto/openssl/des/Makefile.in
+++ /dev/null
@@ -1,20 +0,0 @@
-mydir=lib$(S)crypto$(S)openssl$(S)des
-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
-
-STLIBOBJS= des_keys.o
-
-OBJS= $(OUTPRE)des_keys.$(OBJEXT)
-
-SRCS= $(srcdir)/des_keys.c
-
-all-unix: all-libobjs
-
-includes: depend
-
-depend: $(SRCS)
-
-clean-unix:: clean-libobjs
-
-@libobj_frag@
-
diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps
deleted file mode 100644
index 21b904f89..000000000
--- a/src/lib/crypto/openssl/des/deps
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
-  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
-  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
-  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
-  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
-  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
-  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
-  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  des_keys.c
diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c
deleted file mode 100644
index 51d9db216..000000000
--- a/src/lib/crypto/openssl/des/des_keys.c
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */
-/*
- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "crypto_int.h"
-#include <openssl/des.h>
-
-void
-k5_des_fixup_key_parity(unsigned char *keybits)
-{
-    DES_set_odd_parity((DES_cblock *)keybits);
-}
-
-krb5_boolean
-k5_des_is_weak_key(unsigned char *keybits)
-{
-    return DES_is_weak_key((DES_cblock *)keybits);
-}
diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in
index a9069d22d..2b32c3ac4 100644
--- a/src/lib/crypto/openssl/enc_provider/Makefile.in
+++ b/src/lib/crypto/openssl/enc_provider/Makefile.in
@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
 
 STLIBOBJS= \
-	des3.o 	\
 	rc4.o 	\
 	aes.o   \
 	camellia.o
 
 OBJS= \
-	$(OUTPRE)des3.$(OBJEXT) 	\
 	$(OUTPRE)aes.$(OBJEXT) 	\
 	$(OUTPRE)camellia.$(OBJEXT) 	\
 	$(OUTPRE)rc4.$(OBJEXT)
 
 SRCS= \
-	$(srcdir)/des3.c 	\
 	$(srcdir)/aes.c 	\
 	$(srcdir)/camellia.c 	\
 	$(srcdir)/rc4.c
diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps
index 1c28cc842..91ba48234 100644
--- a/src/lib/crypto/openssl/enc_provider/deps
+++ b/src/lib/crypto/openssl/enc_provider/deps
@@ -1,17 +1,6 @@
 #
 # Generated makefile dependencies follow.
 #
-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
-  $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h des3.c
 aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c
deleted file mode 100644
index 1c439c2cd..000000000
--- a/src/lib/crypto/openssl/enc_provider/des3.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/enc_provider/des3.c */
-/*
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  FundsXpress makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "crypto_int.h"
-#include <openssl/evp.h>
-
-
-#define DES3_BLOCK_SIZE 8
-#define DES3_KEY_SIZE 24
-#define DES3_KEY_BYTES 21
-
-static krb5_error_code
-validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
-         size_t num_data, krb5_boolean *empty)
-{
-    size_t input_length = iov_total_length(data, num_data, FALSE);
-
-    if (key->keyblock.length != DES3_KEY_SIZE)
-        return(KRB5_BAD_KEYSIZE);
-    if ((input_length%DES3_BLOCK_SIZE) != 0)
-        return(KRB5_BAD_MSIZE);
-    if (ivec && (ivec->length != 8))
-        return(KRB5_BAD_MSIZE);
-
-    *empty = (input_length == 0);
-    return 0;
-}
-
-static krb5_error_code
-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-                size_t num_data)
-{
-    int ret, olen = DES3_BLOCK_SIZE;
-    unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
-    struct iov_cursor cursor;
-    EVP_CIPHER_CTX *ctx;
-    krb5_boolean empty;
-
-    ret = validate(key, ivec, data, num_data, &empty);
-    if (ret != 0 || empty)
-        return ret;
-
-    ctx = EVP_CIPHER_CTX_new();
-    if (ctx == NULL)
-        return ENOMEM;
-
-    ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
-                             key->keyblock.contents,
-                             (ivec) ? (unsigned char*)ivec->data : NULL);
-    if (!ret) {
-        EVP_CIPHER_CTX_free(ctx);
-        return KRB5_CRYPTO_INTERNAL;
-    }
-
-    EVP_CIPHER_CTX_set_padding(ctx,0);
-
-    k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
-    while (k5_iov_cursor_get(&cursor, iblock)) {
-        ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE);
-        if (!ret)
-            break;
-        k5_iov_cursor_put(&cursor, oblock);
-    }
-
-    if (ivec != NULL)
-        memcpy(ivec->data, oblock, DES3_BLOCK_SIZE);
-
-    EVP_CIPHER_CTX_free(ctx);
-
-    zap(iblock, sizeof(iblock));
-    zap(oblock, sizeof(oblock));
-
-    if (ret != 1)
-        return KRB5_CRYPTO_INTERNAL;
-    return 0;
-}
-
-static krb5_error_code
-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
-                size_t num_data)
-{
-    int ret, olen = DES3_BLOCK_SIZE;
-    unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
-    struct iov_cursor cursor;
-    EVP_CIPHER_CTX *ctx;
-    krb5_boolean empty;
-
-    ret = validate(key, ivec, data, num_data, &empty);
-    if (ret != 0 || empty)
-        return ret;
-
-    ctx = EVP_CIPHER_CTX_new();
-    if (ctx == NULL)
-        return ENOMEM;
-
-    ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
-                             key->keyblock.contents,
-                             (ivec) ? (unsigned char*)ivec->data : NULL);
-    if (!ret) {
-        EVP_CIPHER_CTX_free(ctx);
-        return KRB5_CRYPTO_INTERNAL;
-    }
-
-    EVP_CIPHER_CTX_set_padding(ctx,0);
-
-    k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
-    while (k5_iov_cursor_get(&cursor, iblock)) {
-        ret = EVP_DecryptUpdate(ctx, oblock, &olen,
-                                (unsigned char *)iblock, DES3_BLOCK_SIZE);
-        if (!ret)
-            break;
-        k5_iov_cursor_put(&cursor, oblock);
-    }
-
-    if (ivec != NULL)
-        memcpy(ivec->data, iblock, DES3_BLOCK_SIZE);
-
-    EVP_CIPHER_CTX_free(ctx);
-
-    zap(iblock, sizeof(iblock));
-    zap(oblock, sizeof(oblock));
-
-    if (ret != 1)
-        return KRB5_CRYPTO_INTERNAL;
-    return 0;
-}
-
-const struct krb5_enc_provider krb5int_enc_des3 = {
-    DES3_BLOCK_SIZE,
-    DES3_KEY_BYTES, DES3_KEY_SIZE,
-    k5_des3_encrypt,
-    k5_des3_decrypt,
-    NULL,
-    krb5int_des_init_state,
-    krb5int_default_free_state
-};
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index 75f071c3e..fcf2c2152 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -1039,7 +1039,6 @@ kg_accept_krb5(minor_status, context_handle,
             }
 
             switch (negotiated_etype) {
-            case ENCTYPE_DES3_CBC_SHA1:
             case ENCTYPE_ARCFOUR_HMAC:
             case ENCTYPE_ARCFOUR_HMAC_EXP:
                 /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer"
diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
index a7e0e63ec..3bacdcd35 100644
--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
@@ -125,14 +125,14 @@ enum sgn_alg {
     /* SGN_ALG_DES_MAC               = 0x0002, */
     /* SGN_ALG_3                     = 0x0003, /\* not published *\/ */
     SGN_ALG_HMAC_MD5              = 0x0011, /* microsoft w2k;  */
-    SGN_ALG_HMAC_SHA1_DES3_KD     = 0x0004
+    /* SGN_ALG_HMAC_SHA1_DES3_KD     = 0x0004 */
 };
 enum seal_alg {
     SEAL_ALG_NONE            = 0xffff,
     /* SEAL_ALG_DES             = 0x0000, */
     /* SEAL_ALG_1               = 0x0001, /\* not published *\/ */
     SEAL_ALG_MICROSOFT_RC4   = 0x0010, /* microsoft w2k;  */
-    SEAL_ALG_DES3KD          = 0x0002
+    /* SEAL_ALG_DES3KD          = 0x0002 */
 };
 
 /* for 3DES */
@@ -153,7 +153,7 @@ enum qop {
     GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004,
     GSS_KRB5_INTEG_C_QOP_MASK      = 0x00ff,
     /* GSS_KRB5_CONF_C_QOP_DES        = 0x0100, */
-    GSS_KRB5_CONF_C_QOP_DES3_KD    = 0x0200,
+    /* GSS_KRB5_CONF_C_QOP_DES3_KD    = 0x0200, */
     GSS_KRB5_CONF_C_QOP_MASK       = 0xff00
 };
 
diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c
index d1cdce486..7f7146a0a 100644
--- a/src/lib/gssapi/krb5/k5seal.c
+++ b/src/lib/gssapi/krb5/k5seal.c
@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context,
 
     /* pad the plaintext, encrypt if needed, and stick it in the token */
 
-    /* initialize the the checksum */
-    switch (signalg) {
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-        break;
-    case SGN_ALG_HMAC_MD5:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-        if (toktype != KG_TOK_SEAL_MSG)
-            sign_usage = 15;
-        break;
-    default:
-        abort ();
-    }
+    if (signalg != SGN_ALG_HMAC_MD5)
+        abort();
+
+    md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+    if (toktype != KG_TOK_SEAL_MSG)
+        sign_usage = 15;
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
     if (code) {
@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context,
         gssalloc_free(t);
         return(code);
     }
-    switch(signalg) {
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        /*
-         * Using key derivation, the call to krb5_c_make_checksum
-         * already dealt with encrypting.
-         */
-        if (md5cksum.length != cksum_size)
-            abort ();
-        memcpy (ptr+14, md5cksum.contents, md5cksum.length);
-        break;
-    case SGN_ALG_HMAC_MD5:
-        memcpy (ptr+14, md5cksum.contents, cksum_size);
-        break;
-    }
+
+    memcpy (ptr+14, md5cksum.contents, cksum_size);
 
     krb5_free_checksum_contents(context, &md5cksum);
 
diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c
index 9bb2ee109..9147bb2c7 100644
--- a/src/lib/gssapi/krb5/k5sealiov.c
+++ b/src/lib/gssapi/krb5/k5sealiov.c
@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context,
     /* pad the plaintext, encrypt if needed, and stick it in the token */
 
     /* initialize the checksum */
-    switch (ctx->signalg) {
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-        break;
-    case SGN_ALG_HMAC_MD5:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-        if (toktype != KG_TOK_WRAP_MSG)
-            sign_usage = 15;
-        break;
-    default:
-        abort ();
-    }
+    if (ctx->signalg != SGN_ALG_HMAC_MD5)
+        abort();
+    md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+    if (toktype != KG_TOK_WRAP_MSG)
+        sign_usage = 15;
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen);
     if (code != 0)
@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context,
     if (code != 0)
         goto cleanup;
 
-    switch (ctx->signalg) {
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        assert(md5cksum.length == ctx->cksum_size);
-        memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
-        break;
-    case SGN_ALG_HMAC_MD5:
-        memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
-        break;
-    }
+    memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
 
     /* create the seq_num */
     code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF,
diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c
index 9b183bc33..f0cc4a680 100644
--- a/src/lib/gssapi/krb5/k5unseal.c
+++ b/src/lib/gssapi/krb5/k5unseal.c
@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
        but few enough that we can try them all. */
 
     if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
-        (ctx->sealalg == SEAL_ALG_DES3KD &&
-         signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
         (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
          signalg != SGN_ALG_HMAC_MD5)) {
         *minor_status = 0;
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
-    switch (signalg) {
-    case SGN_ALG_HMAC_MD5:
-        cksum_len = 8;
-        if (toktype != KG_TOK_SEAL_MSG)
-            sign_usage = 15;
-        break;
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        cksum_len = 20;
-        break;
-    default:
+    if (signalg != SGN_ALG_HMAC_MD5) {
         *minor_status = 0;
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
+    cksum_len = 8;
+    if (toktype != KG_TOK_SEAL_MSG)
+        sign_usage = 15;
+
     if ((size_t)bodysize < 14 + cksum_len) {
         *minor_status = 0;
         return GSS_S_DEFECTIVE_TOKEN;
@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
     /* compute the checksum of the message */
 
     /* initialize the the cksum */
-    switch (signalg) {
-    case SGN_ALG_HMAC_MD5:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-        break;
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-        break;
-    default:
-        abort ();
-    }
+    if (signalg != SGN_ALG_HMAC_MD5)
+        abort();
+    md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
     if (code)
         return(code);
     md5cksum.length = sumlen;
 
-    switch (signalg) {
-    default:
+    if (signalg != SGN_ALG_HMAC_MD5) {
         *minor_status = 0;
         return(GSS_S_DEFECTIVE_TOKEN);
-
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-    case SGN_ALG_HMAC_MD5:
-        /* compute the checksum of the message */
-
-        /* 8 = bytes of token body to be checksummed according to spec */
-
-        if (! (data_ptr = xmalloc(8 + plainlen))) {
-            if (sealalg != 0xffff)
-                xfree(plain);
-            if (toktype == KG_TOK_SEAL_MSG)
-                gssalloc_free(token.value);
-            *minor_status = ENOMEM;
-            return(GSS_S_FAILURE);
-        }
-
-        (void) memcpy(data_ptr, ptr-2, 8);
-
-        (void) memcpy(data_ptr+8, plain, plainlen);
-
-        plaind.length = 8 + plainlen;
-        plaind.data = data_ptr;
-        code = krb5_k_make_checksum(context, md5cksum.checksum_type,
-                                    ctx->seq, sign_usage,
-                                    &plaind, &md5cksum);
-        xfree(data_ptr);
-
-        if (code) {
-            if (toktype == KG_TOK_SEAL_MSG)
-                gssalloc_free(token.value);
-            *minor_status = code;
-            return(GSS_S_FAILURE);
-        }
-
-        code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
-        break;
     }
 
+    /* compute the checksum of the message */
+
+    /* 8 = bytes of token body to be checksummed according to spec */
+
+    if (! (data_ptr = xmalloc(8 + plainlen))) {
+        if (sealalg != 0xffff)
+            xfree(plain);
+        if (toktype == KG_TOK_SEAL_MSG)
+            gssalloc_free(token.value);
+        *minor_status = ENOMEM;
+        return(GSS_S_FAILURE);
+    }
+
+    (void) memcpy(data_ptr, ptr-2, 8);
+
+    (void) memcpy(data_ptr+8, plain, plainlen);
+
+    plaind.length = 8 + plainlen;
+    plaind.data = data_ptr;
+    code = krb5_k_make_checksum(context, md5cksum.checksum_type,
+                                ctx->seq, sign_usage,
+                                &plaind, &md5cksum);
+    xfree(data_ptr);
+
+    if (code) {
+        if (toktype == KG_TOK_SEAL_MSG)
+            gssalloc_free(token.value);
+        *minor_status = code;
+        return(GSS_S_FAILURE);
+    }
+
+    code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
+
     krb5_free_checksum_contents(context, &md5cksum);
     if (sealalg != 0xffff)
         xfree(plain);
diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c
index 85a9574f3..3ce2a90ce 100644
--- a/src/lib/gssapi/krb5/k5unsealiov.c
+++ b/src/lib/gssapi/krb5/k5unsealiov.c
@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context,
     }
 
     if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
-        (ctx->sealalg == SEAL_ALG_DES3KD &&
-         signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
         (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
          signalg != SGN_ALG_HMAC_MD5)) {
         *minor_status = 0;
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
-    switch (signalg) {
-    case SGN_ALG_HMAC_MD5:
-        cksum_len = 8;
-        if (toktype != KG_TOK_WRAP_MSG)
-            sign_usage = 15;
-        break;
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        cksum_len = 20;
-        break;
-    default:
+    if (signalg != SGN_ALG_HMAC_MD5) {
         *minor_status = 0;
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
+    cksum_len = 8;
+    if (toktype != KG_TOK_WRAP_MSG)
+        sign_usage = 15;
+
     /* get the token parameters */
     code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction,
                           &seqnum);
@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context,
 
     /* initialize the checksum */
 
-    switch (signalg) {
-    case SGN_ALG_HMAC_MD5:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-        break;
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-        md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-        break;
-    default:
+    if (signalg != SGN_ALG_HMAC_MD5)
         abort();
-    }
+
+    md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
     if (code != 0) {
@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context,
         goto cleanup;
     }
 
-    switch (signalg) {
-    case SGN_ALG_HMAC_SHA1_DES3_KD:
-    case SGN_ALG_HMAC_MD5:
-        code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
-        break;
-    default:
+    if (signalg != SGN_ALG_HMAC_MD5) {
         code = 0;
         retval = GSS_S_DEFECTIVE_TOKEN;
         goto cleanup;
-        break;
     }
 
+    code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
     if (code != 0) {
         code = 0;
         retval = GSS_S_BAD_SIG;
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
index 84f194988..32150f5e3 100644
--- a/src/lib/gssapi/krb5/util_crypt.c
+++ b/src/lib/gssapi/krb5/util_crypt.c
@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey,
         return code;
 
     switch (subkey->keyblock.enctype) {
-    case ENCTYPE_DES3_CBC_SHA1:
-        code = kg_copy_keys(context, ctx, subkey);
-        if (code != 0)
-            return code;
-
-        ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
-        ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
-        ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
-        ctx->cksum_size = 20;
-        ctx->sealalg = SEAL_ALG_DES3KD;
-        break;
     case ENCTYPE_ARCFOUR_HMAC:
     case ENCTYPE_ARCFOUR_HMAC_EXP:
         /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype,
diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
index 740425c69..6b45f5f72 100644
--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
+++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
@@ -53,10 +53,10 @@ proc test200 {} {
     }
 
     # XXX Perhaps I should actually check the key type returned.
-    if {$num_keys == 5} {
+    if {$num_keys == 4} {
 	pass "$test"
     } else {
-	fail "$test: $num_keys keys, should be 5"
+	fail "$test: $num_keys keys, should be 4"
     }
     if { ! [cmd {kadm5_destroy $server_handle}]} {
 	perror "$test: unexpected failure in destroy"
diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
index 3ea1ba29b..d2c6d1afa 100644
--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
+++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
@@ -143,8 +143,8 @@ proc test101_102 {rpc} {
     }
 
     set failed 0
-    if {$num_keys != 5} {
-	fail "$test: num_keys $num_keys should be 5"
+    if {$num_keys != 4} {
+	fail "$test: num_keys $num_keys should be 4"
 	set failed 1
     }
     for {set i 0} {$i < $num_keys} {incr i} {
diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
index 2925c1c43..2f76c8b43 100644
--- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
+++ b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
@@ -46,10 +46,10 @@ proc test100 {} {
     }
 
     # XXX Perhaps I should actually check the key type returned.
-    if {$num_keys == 5} {
+    if {$num_keys == 4} {
 	pass "$test"
     } else {
-	fail "$test: $num_keys keys, should be 5"
+	fail "$test: $num_keys keys, should be 4"
     }
     if { ! [cmd {kadm5_destroy $server_handle}]} {
 	perror "$test: unexpected failure in destroy"
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
index aa35baa3c..bfa99d9eb 100644
--- a/src/lib/krb5/krb/init_ctx.c
+++ b/src/lib/krb5/krb/init_ctx.c
@@ -59,7 +59,6 @@
 static krb5_enctype default_enctype_list[] = {
     ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
     ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
-    ENCTYPE_DES3_CBC_SHA1,
     ENCTYPE_ARCFOUR_HMAC,
     ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC,
     0
@@ -467,8 +466,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey,
             /* Set all enctypes in the default list. */
             for (i = 0; default_list[i]; i++)
                 mod_list(default_list[i], sel, weak, &list);
-        } else if (strcasecmp(token, "des3") == 0) {
-            mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list);
         } else if (strcasecmp(token, "aes") == 0) {
             mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list);
             mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list);
diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c
index 44d113e7c..966278578 100644
--- a/src/lib/krb5/krb/s4u_creds.c
+++ b/src/lib/krb5/krb/s4u_creds.c
@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context,
     assert(req_s4u_user != NULL);
 
     switch (subkey->enctype) {
-    case ENCTYPE_DES3_CBC_SHA1:
-    case ENCTYPE_DES3_CBC_RAW:
     case ENCTYPE_ARCFOUR_HMAC:
     case ENCTYPE_ARCFOUR_HMAC_EXP :
         not_newer = TRUE;
diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c
index 90c9f626c..935aca12f 100644
--- a/src/lib/krb5/krb/t_etypes.c
+++ b/src/lib/krb5/krb/t_etypes.c
@@ -50,17 +50,6 @@ static struct {
       { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
       0, 0
     },
-    /* Family followed by enctype */
-    { "aes des3-cbc-sha1-kd",
-      { 0 },
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-        ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
-        ENCTYPE_DES3_CBC_SHA1, 0 },
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-        ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
-        ENCTYPE_DES3_CBC_SHA1, 0 },
-      0, 0
-    },
     /* Family with enctype removed */
     { "camellia -camellia256-cts-cmac",
       { 0 },
@@ -69,46 +58,15 @@ static struct {
     },
     /* Default set with family added and enctype removed */
     { "DEFAULT +aes -arcfour-hmac-md5",
-      { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 },
-      { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+      { ENCTYPE_ARCFOUR_HMAC, 0 },
+      { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
         ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
         ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 },
-      { ENCTYPE_DES3_CBC_SHA1,
-        ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
         ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
         0 },
       0, 0
     },
-    /* Default set with families removed and enctypes added (one redundant) */
-    { "DEFAULT -des3 rc4-hmac rc4-hmac-exp",
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-        ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 },
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-        ENCTYPE_ARCFOUR_HMAC, 0 },
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-        ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 },
-      0, 0
-    },
-    /* Default set with family moved to front */
-    { "des3 +DEFAULT",
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-        ENCTYPE_DES3_CBC_SHA1, 0 },
-      { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-        ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
-      { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-        ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
-      0, 0
-    },
-    /* Two families with default set removed (exotic case), enctype added */
-    { "aes +rc4 -DEFaulT des3-hmac-sha1",
-      { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1,
-        ENCTYPE_ARCFOUR_HMAC, 0 },
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
-        ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
-      { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
-        ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
-      0, 0
-    },
     /* Test krb5_set_default_in_tkt_ktypes */
     { NULL,
       { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c
index 10ba8d0ac..24064ffcf 100644
--- a/src/lib/krb5/os/t_trace.c
+++ b/src/lib/krb5/os/t_trace.c
@@ -65,8 +65,8 @@ main (int argc, char *argv[])
     krb5_principal princ = &principal_data;
     krb5_pa_data padata, padata2, **padatap;
     krb5_enctype enctypes[4] = {
-        ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN,
-        ENCTYPE_NULL};
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP,
+        ENCTYPE_UNKNOWN, ENCTYPE_NULL};
     krb5_ccache ccache;
     krb5_keytab keytab;
     krb5_creds creds;
diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref
index 044a66999..98fb14f3f 100644
--- a/src/lib/krb5/os/t_trace.ref
+++ b/src/lib/krb5/os/t_trace.ref
@@ -41,7 +41,7 @@ int, krb5_principal type: ?
 krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0
 krb5_pa_data **, display list of padata type numbers: (empty)
 krb5_enctype, display shortest name of enctype: aes128-cts
-krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511
+krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511
 krb5_enctype *, display list of enctypes: (empty)
 krb5_ccache, display type:name: FILE:/path/to/ccache
 krb5_keytab, display name: FILE:/etc/krb5.keytab
diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h
index e3d284631..586661bb7 100644
--- a/src/plugins/preauth/pkinit/pkcs11.h
+++ b/src/plugins/preauth/pkinit/pkcs11.h
@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t;
 #define CKK_GENERIC_SECRET	(0x10)
 #define CKK_RC2			(0x11)
 #define CKK_RC4			(0x12)
-#define CKK_DES			(0x13)
-#define CKK_DES2		(0x14)
-#define CKK_DES3		(0x15)
+/* #define CKK_DES			(0x13) */
+/* #define CKK_DES2		(0x14) */
+/* #define CKK_DES3		(0x15) */
 #define CKK_CAST		(0x16)
 #define CKK_CAST3		(0x17)
 #define CKK_CAST128		(0x18)
diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index 2817cc213..a385da7c3 100644
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -212,14 +212,6 @@ pkinit_as_req_create(krb5_context context,
     auth_pack.clientPublicValue = &info;
     auth_pack.supportedKDFs = (krb5_data **)supported_kdf_alg_ids;
 
-    /* add List of CMS algorithms */
-    retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx,
-                                           reqctx->cryptoctx,
-                                           reqctx->idctx, &cmstypes);
-    auth_pack.supportedCMSTypes = cmstypes;
-    if (retval)
-        goto cleanup;
-
     switch(protocol) {
     case DH_PROTOCOL:
         TRACE_PKINIT_CLIENT_REQ_DH(context);
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
index 77d5c61fe..1f9868351 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto.h
+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
@@ -380,18 +380,6 @@ krb5_error_code server_process_dh
 	unsigned int *server_key_len_out);		/* OUT
 		    receives length of DH secret key */
 
-/*
- * this functions takes in crypto specific representation of
- * supportedCMSTypes and creates a list of
- * krb5_algorithm_identifier
- */
-krb5_error_code create_krb5_supportedCMSTypes
-	(krb5_context context,				/* IN */
-	pkinit_plg_crypto_context plg_cryptoctx,	/* IN */
-	pkinit_req_crypto_context req_cryptoctx,	/* IN */
-	pkinit_identity_crypto_context id_cryptoctx,	/* IN */
-	krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
-
 /*
  * this functions takes in crypto specific representation of
  * trustedCertifiers and creates a list of
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index e5940a513..e1153344e 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -5486,44 +5486,6 @@ cleanup:
     return retval;
 }
 
-krb5_error_code
-create_krb5_supportedCMSTypes(krb5_context context,
-                              pkinit_plg_crypto_context plg_cryptoctx,
-                              pkinit_req_crypto_context req_cryptoctx,
-                              pkinit_identity_crypto_context id_cryptoctx,
-                              krb5_algorithm_identifier ***oids)
-{
-
-    krb5_error_code retval = ENOMEM;
-    krb5_algorithm_identifier **loids = NULL;
-    krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" };
-
-    *oids = NULL;
-    loids = malloc(2 * sizeof(krb5_algorithm_identifier *));
-    if (loids == NULL)
-        goto cleanup;
-    loids[1] = NULL;
-    loids[0] = malloc(sizeof(krb5_algorithm_identifier));
-    if (loids[0] == NULL) {
-        free(loids);
-        goto cleanup;
-    }
-    retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid);
-    if (retval) {
-        free(loids[0]);
-        free(loids);
-        goto cleanup;
-    }
-    loids[0]->parameters.length = 0;
-    loids[0]->parameters.data = NULL;
-
-    *oids = loids;
-    retval = 0;
-cleanup:
-
-    return retval;
-}
-
 krb5_error_code
 create_krb5_trustedCertifiers(krb5_context context,
                               pkinit_plg_crypto_context plg_cryptoctx,
diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
index 7acbd0d28..cd998a29a 100644
--- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c
+++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
@@ -49,7 +49,6 @@ char eighteen_bs[9];
 char party_u_name[] = "lha@SU.SE";
 char party_v_name[] = "krbtgt/SU.SE@SU.SE";
 int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96;
-int enctype_des3 = ENCTYPE_DES3_CBC_SHA1;
 const krb5_data lha_data = DATA_FROM_STRING("lha");
 
 krb5_octet key1_hex[] =
@@ -185,36 +184,6 @@ main(int argc, char **argv)
         goto cleanup;
     }
 
-    /* TEST 3: SHA-512/DES3 */
-    /* set up algorithm id */
-    alg_id.algorithm.data = (char *)krb5_pkinit_sha512_oid;
-    alg_id.algorithm.length = krb5_pkinit_sha512_oid_len;
-
-    enctype = enctype_des3;
-
-    /* call pkinit_alg_agility_kdf() with test vector values*/
-    if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
-                                              &alg_id.algorithm,
-                                              u_principal, v_principal,
-                                              enctype, &as_req, &pk_as_rep,
-                                              &key_block))) {
-        printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d",
-               retval);
-        goto cleanup;
-    }
-
-    /* compare key to expected key value */
-
-    if ((key_block.length == sizeof(key3_hex)) &&
-        (0 == memcmp(key_block.contents, key3_hex, key_block.length))) {
-        printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n");
-        retval = 0;
-    } else {
-        printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n");
-        retval = 1;
-        goto cleanup;
-    }
-
 cleanup:
     /* release all allocated resources, whether good or bad return */
     free(secret.data);
diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c
index 2279202d3..96b0307d7 100644
--- a/src/plugins/preauth/spake/t_vectors.c
+++ b/src/plugins/preauth/spake/t_vectors.c
@@ -56,31 +56,6 @@ struct test {
     const char *K2;
     const char *K3;
 } tests[] = {
-    { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519,
-      /* initial key, w, x, y, T, S, K */
-      "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E",
-      "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37",
-      "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723",
-      "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25",
-      "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362",
-      "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7",
-      "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292",
-      /* support, challenge, thash, body */
-      "A0093007A0053003020101",
-      "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389"
-      "102E6BF610C1BFBED4616C8362A20930073005A003020101",
-      "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B",
-      "3075A00703050000000000A1143012A003020101A10B30091B07726165627572"
-      "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018"
-      "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730"
-      "303130313030303030305AA703020100A8053003020110",
-      /* K'[0], K'[1], K'[2], K'[3] */
-      "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD",
-      "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520",
-      "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D",
-      "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4",
-    },
-
     { ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519,
       /* initial key, w, x, y, T, S, K */
       "8846F7EAEE8FB117AD06BDD830B7586C",
diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp
index 85bbf478a..302dee74c 100644
--- a/src/tests/dejagnu/config/default.exp
+++ b/src/tests/dejagnu/config/default.exp
@@ -15,8 +15,6 @@ set timeout 100
 set stty_init {erase \^h kill \^u}
 set env(TERM) dumb
 
-set des3_krbtgt 0
-
 if { [string length $VALGRIND] } {
     rename spawn valgrind_aux_spawn
     proc spawn { args } {
@@ -105,17 +103,9 @@ if { $PRIOCNTL_HACK } {
 # particularly with regards to encryption types.
 
 set passes {
-    {
-	des3
-	mode=udp
-	des3_krbtgt=1
-	{supported_enctypes=des3-cbc-sha1:normal}
-	{dummy=[verbose -log "DES3 TGT, DES3 enctype"]}
-    }
     {
 	aes-only
 	mode=udp
-	des3_krbtgt=0
 	{supported_enctypes=aes256-cts-hmac-sha1-96:normal}
 	{permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96}
 	{permitted_enctypes(client)=aes256-cts-hmac-sha1-96}
@@ -130,7 +120,6 @@ set passes {
     {
 	aes-sha2-only
 	mode=udp
-	des3_krbtgt=0
 	{supported_enctypes=aes256-sha2:normal}
 	{permitted_enctypes(kdc)=aes256-sha2}
 	{permitted_enctypes(replica)=aes256-sha2}
@@ -146,7 +135,6 @@ set passes {
     {
 	camellia-only
 	mode=udp
-	des3_krbtgt=0
 	{supported_enctypes=camellia256-cts:normal}
 	{permitted_enctypes(kdc)=camellia256-cts}
 	{permitted_enctypes(replica)=camellia256-cts}
@@ -159,32 +147,9 @@ set passes {
 	{master_key_type=camellia256-cts}
 	{dummy=[verbose -log "Camellia-256 enctype"]}
     }
-    {
-	aes-des3
-	mode=udp
-	des3_krbtgt=0
-	{supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
-	{permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-	{permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-	{permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-	{master_key_type=aes256-cts-hmac-sha1-96}
-	{dummy=[verbose -log "AES + DES3 + DES enctypes"]}
-    }
-    {
-	aes-des3tgt
-	mode=udp
-	des3_krbtgt=1
-	{supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
-	{permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-	{permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-	{permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
-	{master_key_type=aes256-cts-hmac-sha1-96}
-	{dummy=[verbose -log "AES enctypes, DES3 TGT"]}
-    }
     {
 	all-enctypes
 	mode=udp
-	des3_krbtgt=0
 	{allow_weak_crypto(kdc)=false}
 	{allow_weak_crypto(replica)=false}
 	{allow_weak_crypto(client)=false}
@@ -946,7 +911,6 @@ proc setup_kerberos_db { standalone } {
     global REALMNAME KDB5_UTIL KADMIN_LOCAL KEY
     global tmppwd hostname
     global spawn_id
-    global des3_krbtgt
     global multipass_name last_passname_db
 
     set failall 0
@@ -1143,48 +1107,6 @@ proc setup_kerberos_db { standalone } {
 	}
     }
 
-    if $des3_krbtgt {
-	# Set the TGT key to DES3.
-	set test "kadmin.local TGT to DES3"
-	set body {
-	    if $failall {
-		break
-	    }
-	    spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal
-	    verbose "starting $test"
-	    expect_after $def_exp_after
-
-	    expect "kadmin.local: "
-	    send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
-	    # It echos...
-	    expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
-	    expect {
-		"Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { }
-	    }
-	    expect "kadmin.local: "
-	    send "quit\r"
-	    expect eof
-	    catch expect_after
-	    if ![check_exit_status kadmin_local] {
-		break
-	    }
-	}
-	set ret [catch $body]
-	catch "expect eof"
-	catch expect_after
-	if $ret {
-	    set failall 1
-	    if $standalone {
-		fail $test
-	    } else {
-		delete_db
-	    }
-	} else {
-	    if $standalone {
-		pass $test
-	    }
-	}
-    }
     envstack_pop
 
     # create the admin database lock file
diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp
index 661e3fd9a..2b8f60045 100644
--- a/src/tests/dejagnu/krb-standalone/kprop.exp
+++ b/src/tests/dejagnu/krb-standalone/kprop.exp
@@ -54,7 +54,7 @@ proc doit { } {
     global REALMNAME KEY
     global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id
     global hostname tmppwd spawn_id timeout
-    global KRBIV supported_enctypes portbase mode ulog des3_krbtgt
+    global KRBIV supported_enctypes portbase mode ulog
 
     # Delete any db, ulog files
     delete_db
diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py
index 7494d7fcd..2f95d8996 100755
--- a/src/tests/gssapi/t_enctypes.py
+++ b/src/tests/gssapi/t_enctypes.py
@@ -1,24 +1,17 @@
 from k5test import *
 
-# Define some convenience abbreviations for enctypes we will see in
-# test program output.  For background, aes256 and aes128 are "CFX
-# enctypes", meaning that they imply support for RFC 4121, while des3
-# and rc4 are not.  DES3 keys will appear as 'des3-cbc-raw' in
-# t_enctypes output because that's how GSSAPI does raw triple-DES
-# encryption without the RFC3961 framing.
+# Define some convenience abbreviations for enctypes we will see in test
+# program output.  For background, aes256 and aes128 are "CFX enctypes",
+# meaning that they imply support for RFC 4121, while rc4 does not.
 aes256 = 'aes256-cts-hmac-sha1-96'
 aes128 = 'aes128-cts-hmac-sha1-96'
-des3 = 'des3-cbc-sha1'
-d_des3 = 'DEPRECATED:des3-cbc-sha1'
-des3raw = 'des3-cbc-raw'
-d_des3raw = 'DEPRECATED:des3-cbc-raw'
 rc4 = 'arcfour-hmac'
 d_rc4 = 'DEPRECATED:arcfour-hmac'
 
 # These tests make assumptions about the default enctype lists, so set
 # them explicitly rather than relying on the library defaults.
-supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal'
-conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'},
+supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal'
+conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'},
         'realms': {'$realm': {'supported_enctypes': supp}}}
 realm = K5Realm(krb5_conf=conf)
 shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save'))
@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts',
 test_err('acc aes128', None, 'aes128-cts',
          'Encryption type aes256-cts-hmac-sha1-96 not permitted')
 
-# If the initiator constrains the permitted session enctypes to des3,
-# no acceptor subkey will be generated because we can't upgrade to a
-# CFX enctype.
-test('init des3', 'des3', None,
-     tktenc=aes256, tktsession=d_des3,
-     proto='rfc1964', isubkey=des3raw, asubkey=None)
-
 # Force the ticket session key to be rc4, so we can test some subkey
 # upgrade cases.  The ticket encryption key remains aes256.
 realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4'])
 
 # With no arguments, the initiator should send an upgrade list of
-# [aes256 aes128 des3] and the acceptor should upgrade to an aes256
+# [aes256 aes128] and the acceptor should upgrade to an aes256
 # subkey.
 test('upgrade noargs', None, None,
      tktenc=aes256, tktsession=d_rc4,
@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None,
      tktenc=aes256, tktsession=d_rc4,
      proto='cfx', isubkey=rc4, asubkey=aes128)
 
-# If the initiator permits rc4 but prefers des3, it will send an
-# upgrade list of [des3], but the acceptor won't generate a subkey
-# because des3 isn't a CFX enctype.
-test('upgrade init des3+rc4', 'des3 rc4', None,
-     tktenc=aes256, tktsession=d_rc4,
-     proto='rfc1964', isubkey=rc4, asubkey=None)
-
 # If the acceptor permits only aes128, subkey negotiation will fail
 # because the ticket session key and initiator subkey are
 # non-permitted.  (This is unfortunate if the acceptor's restriction
diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c
index 9876a11e6..fb8fe5511 100644
--- a/src/tests/gssapi/t_invalid.c
+++ b/src/tests/gssapi/t_invalid.c
@@ -84,18 +84,6 @@ struct test {
     size_t toklen;
     const char *token;
 } tests[] = {
-    {
-        ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW,
-        SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20,
-        24,
-        "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7"
-        "\x92\x3D\x38\xF7\x26\x73\x0D\x6D",
-        65,
-        "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04"
-        "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8"
-        "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10"
-        "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4"
-    },
     {
         ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC,
         SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8,
diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c
index 7368f752f..bf22bd3da 100644
--- a/src/tests/gssapi/t_pcontok.c
+++ b/src/tests/gssapi/t_pcontok.c
@@ -43,7 +43,6 @@
 #include "k5-int.h"
 #include "common.h"
 
-#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04
 #define SGN_ALG_HMAC_MD5          0x11
 
 /*
@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out)
     ret = krb5_k_create_key(context, &seqkb, &seq);
     check_k5err(context, "krb5_k_create_key", ret);
 
-    if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) {
-        cktype = CKSUMTYPE_HMAC_SHA1_DES3;
-        cksize = 20;
-        ckusage = 23;
-    } else if (signalg == SGN_ALG_HMAC_MD5) {
-        cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-        cksize = 8;
-        ckusage = 15;
-    } else {
+    if (signalg != SGN_ALG_HMAC_MD5)
         abort();
-    }
+
+    cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+    cksize = 8;
+    ckusage = 15;
 
     tlen = 20 + mech_krb5.length + cksize;
     token = malloc(tlen);
diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
index f71774cdc..d1857c433 100644
--- a/src/tests/gssapi/t_prf.c
+++ b/src/tests/gssapi/t_prf.c
@@ -41,13 +41,6 @@ static struct {
     const char *key2;
     const char *out2;
 } tests[] = {
-    { ENCTYPE_DES3_CBC_SHA1,
-      "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2",
-      "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9"
-      "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB",
-      "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E",
-      "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190"
-      "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" },
     { ENCTYPE_ARCFOUR_HMAC,
       "3BB3AE288C12B3B9D06B208A4151B3B6",
       "9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28"
diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
index 3fa957ad2..2e01f46bc 100644
--- a/src/tests/t_authdata.py
+++ b/src/tests/t_authdata.py
@@ -174,7 +174,7 @@ realm.run([kvno, 'restricted'])
 # preferred krbtgt enctype changes.
 mark('#8139 regression test')
 realm.kinit(realm.user_princ, password('user'), ['-f'])
-realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1',
+realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2',
            realm.krbtgt_princ])
 realm.run(['./forward'])
 realm.run([kvno, realm.host_princ])
diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py
index c982508d8..96e90a69d 100644
--- a/src/tests/t_etype_info.py
+++ b/src/tests/t_etype_info.py
@@ -1,6 +1,6 @@
 from k5test import *
 
-supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac'
+supported_enctypes = 'aes128-cts rc4-hmac'
 conf = {'libdefaults': {'allow_weak_crypto': 'true'},
         'realms': {'$realm': {'supported_enctypes': supported_enctypes}}}
 realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf)
@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines):
 # With no newer enctypes in the request, PA-ETYPE-INFO2,
 # PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one
 # key for the most preferred matching enctype.
-test_etinfo('user', 'rc4-hmac-exp des3 rc4',
-            ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser',
-             'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser',
+test_etinfo('user', 'rc4-hmac-exp rc4',
+            ['asrep etype_info2 rc4-hmac KRBTEST.COMuser',
+             'asrep etype_info rc4-hmac KRBTEST.COMuser',
              'asrep pw_salt KRBTEST.COMuser'])
 
 # With a newer enctype in the request (even if it is not the most
@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts',
 
 # In preauth-required errors, PA-PW-SALT does not appear, but the same
 # etype-info2 values are expected.
-test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4',
-            ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser',
-             'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser'])
+test_etinfo('preauthuser', 'rc4-hmac-exp rc4',
+            ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser',
+             'error etype_info rc4-hmac KRBTEST.COMpreauthuser'])
 test_etinfo('preauthuser', 'rc4 aes256-cts',
             ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser'])
 
@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts',
 # (to allow for preauth mechs which don't depend on long-term keys).
 # An AS-REP cannot be generated without preauth as there is no reply
 # key.
-test_etinfo('rc4user', 'des3', [])
-test_etinfo('nokeyuser', 'des3', [])
+test_etinfo('rc4user', 'aes128-cts', [])
+test_etinfo('nokeyuser', 'aes128-cts', [])
 
 # Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED
 # error if the client does optimistic preauth.
diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py
index 2c825a692..f29e0d550 100755
--- a/src/tests/t_keyrollover.py
+++ b/src/tests/t_keyrollover.py
@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg)
 
 # Test that the KDC only accepts the first enctype for a kvno, for a
 # local-realm TGS request.  To set this up, we abuse an edge-case
-# behavior of modprinc -kvno.  First, set up a DES3 krbtgt entry at
+# behavior of modprinc -kvno.  First, set up an aes128-sha2 krbtgt entry at
 # kvno 1 and cache a krbtgt ticket.
-realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1',
+realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128',
            realm.krbtgt_princ])
 realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
 realm.kinit(realm.user_princ, password('user'))
@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts',
 realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
 out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ])
 if 'vno 1, aes256-cts' not in out or \
-   'vno 1, DEPRECATED:des3-cbc-sha1' not in out:
+   'vno 1, aes128-cts-hmac-sha256-128' not in out:
     fail('keyrollover: setup for TGS enctype test failed')
-# Now present the DES3 ticket to the KDC and make sure it's rejected.
+# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected.
 realm.run([kvno, realm.host_princ], expected_code=1)
 
 realm.stop()
diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py
index 32f4070bc..da0ed1831 100755
--- a/src/tests/t_mkey.py
+++ b/src/tests/t_mkey.py
@@ -7,7 +7,6 @@ import struct
 # default enctype for master keys.
 aes256 = 'aes256-cts-hmac-sha1-96'
 aes128 = 'aes128-cts-hmac-sha1-96'
-des3 = 'des3-cbc-sha1'
 defetype = aes256
 
 realm = K5Realm(create_host=False, start_kadmind=True)
@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out:
 
 realm.stop()
 
-# Load a dump file created with krb5 1.6, before the master key
-# rollover changes were introduced.  Write out an old-format stash
-# file consistent with the dump's master password ("footes").  The K/M
-# entry in this database will not have actkvno tl-data because it was
-# created prior to master key rollover support.  Verify that:
-# 1. We can access the database using the old-format stash file.
-# 2. list_mkeys displays the same list as for a post-1.7 KDB.
-mark('pre-1.7 stash file')
-dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16')
-os.remove(stash_file)
-f = open(stash_file, 'wb')
-f.write(struct.pack('=HL24s', 16, 24,
-                    b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0'
-                    b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86'))
-f.close()
-realm.run([kdb5_util, 'load', dumpfile])
-nprincs = len(realm.run([kadminl, 'listprincs']).splitlines())
-check_mkvno('K/M', 1)
-check_mkey_list((1, des3, True, True))
-
-# Create a new master key and verify that, without actkvkno tl-data:
-# 1. list_mkeys displays the same as for a post-1.7 KDB.
-# 2. update_princ_encryption still targets mkvno 1.
-# 3. libkadm5 still uses mkvno 1 for key changes.
-# 4. use_mkey creates the same list as for a post-1.7 KDB.
-mark('rollover from pre-1.7 KDB')
-add_mkey([])
-check_mkey_list((2, defetype, False, False), (1, des3, True, True))
-update_princ_encryption(False, 1, 0, nprincs - 1)
-realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ])
-check_mkvno(realm.user_princ, 1)
-realm.run([kdb5_util, 'use_mkey', '2', 'now-1day'])
-check_mkey_list((2, defetype, True, True), (1, des3, True, False))
-
 # Regression test for #8395.  Purge the master key and verify that a
 # master key fetch does not segfault.
 mark('#8395 regression test')
diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py
index 65084bbf3..55ca89745 100755
--- a/src/tests/t_salt.py
+++ b/src/tests/t_salt.py
@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2):
 
 # Enctype/salt pairs chosen with non-default salt types.
 # The enctypes are mostly arbitrary.
-salts = [('des3-cbc-sha1', 'norealm'),
+salts = [('aes128-cts-hmac-sha1-96', 'norealm'),
          ('arcfour-hmac', 'onlyrealm'),
          ('aes128-cts-hmac-sha1-96', 'special')]
 # These enctypes are chosen to cover the different string-to-key routines.
 # Omit ":normal" from aes256 to check that salttype defaulting works.
-second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal',
-                  'des3-cbc-sha1:normal']
+second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal']
 
 # Test using different salt types in a principal's key list.
 # Parameters from one key in the list must not leak over to later ones.
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 6afe4b92c..789b0f4b9 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -1278,13 +1278,6 @@ _passes = [
     # No special settings; exercises AES256.
     ('default', None, None, None),
 
-    # Exercise the DES3 enctype.
-    ('des3', None,
-     {'libdefaults': {'permitted_enctypes': 'des3'}},
-     {'realms': {'$realm': {
-                    'supported_enctypes': 'des3-cbc-sha1:normal',
-                    'master_key_type': 'des3-cbc-sha1'}}}),
-
     # Exercise the arcfour enctype.
     ('arcfour', None,
      {'libdefaults': {'permitted_enctypes': 'rc4'}},
diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
index 1aebdd0b4..c38eefd2b 100644
--- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm
+++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
@@ -79,19 +79,6 @@ will have an entry in the Encryption type column. <br>
 <th>Description</th>
 </tr>
 <tr>
-<th id="th2"> des3- </th>
-   <td> The triple DES family improves on
-the original DES (Data Encryption Standard) by using 3 separate 56-bit
-keys. Some modes of 3DES are considered weak while others are strong
-(if slow). <ul id="helpul">
-<li> des3-cbc-sha1</li>
-<li> des3-cbc-raw  (<b>weak</b>) </li>
-<li>des3-hmac-sha1 </li>
-<li>des3-cbc-sha1-kd </li>
-</ul>
-</td>
- </tr>
-<tr>
 <th id="th2"> aes </th>
      <td>The AES Advanced Encryption Standard
 family, like 3DES, is a symmetric block cipher and was designed