From fef4e551d3d2dcb55e58cc182304254c36aa8949 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 26 Mar 2019 18:51:10 -0400
Subject: [PATCH] [downstream] Remove 3des support
Completely remove support for all DES3 enctypes (des3-cbc-raw,
des3-hmac-sha1, des3-cbc-sha1-kd). Update all tests and documentation
to user other enctypes. Mark the 3DES enctypes UNSUPPORTED and retain
their constants.
Last-updated: 1.19-beta1
---
doc/admin/advanced/retiring-des.rst | 11 +
doc/admin/conf_files/kdc_conf.rst | 7 +-
doc/admin/enctypes.rst | 10 +-
doc/admin/troubleshoot.rst | 9 +-
doc/appdev/refs/macros/index.rst | 1 -
doc/conf.py | 2 +-
doc/mitK5features.rst | 2 +-
src/Makefile.in | 4 +-
src/configure.ac | 1 -
src/include/krb5/krb5.hin | 10 +-
src/kadmin/testing/proto/kdc.conf.proto | 4 +-
src/kdc/kdc_util.c | 4 -
src/lib/crypto/Makefile.in | 8 +-
src/lib/crypto/builtin/Makefile.in | 6 +-
src/lib/crypto/builtin/des/ISSUES | 13 -
src/lib/crypto/builtin/des/Makefile.in | 80 ----
src/lib/crypto/builtin/des/d3_aead.c | 133 ------
src/lib/crypto/builtin/des/d3_kysched.c | 51 ---
src/lib/crypto/builtin/des/deps | 150 -------
src/lib/crypto/builtin/des/des_int.h | 285 -------------
src/lib/crypto/builtin/des/des_keys.c | 40 --
src/lib/crypto/builtin/des/destest.c | 240 -----------
src/lib/crypto/builtin/des/doc/libdes.doc | 208 ---------
src/lib/crypto/builtin/des/f_aead.c | 173 --------
src/lib/crypto/builtin/des/f_cbc.c | 256 ------------
src/lib/crypto/builtin/des/f_cksum.c | 136 ------
src/lib/crypto/builtin/des/f_parity.c | 56 ---
src/lib/crypto/builtin/des/f_sched.c | 359 ----------------
src/lib/crypto/builtin/des/f_tables.c | 370 ----------------
src/lib/crypto/builtin/des/f_tables.h | 285 -------------
src/lib/crypto/builtin/des/key_sched.c | 62 ---
src/lib/crypto/builtin/des/keytest.data | 171 --------
src/lib/crypto/builtin/des/t_verify.c | 395 ------------------
src/lib/crypto/builtin/des/weak_key.c | 86 ----
.../crypto/builtin/enc_provider/Makefile.in | 6 +-
src/lib/crypto/builtin/enc_provider/deps | 13 -
src/lib/crypto/builtin/enc_provider/des3.c | 105 -----
src/lib/crypto/crypto_tests/t_cf2.expected | 1 -
src/lib/crypto/crypto_tests/t_cf2.in | 5 -
src/lib/crypto/crypto_tests/t_cksums.c | 10 -
src/lib/crypto/crypto_tests/t_decrypt.c | 57 ---
src/lib/crypto/crypto_tests/t_derive.c | 36 --
src/lib/crypto/crypto_tests/t_encrypt.c | 1 -
src/lib/crypto/crypto_tests/t_short.c | 1 -
src/lib/crypto/crypto_tests/t_str2key.c | 52 ---
src/lib/crypto/krb/Makefile.in | 3 -
src/lib/crypto/krb/cksumtypes.c | 6 -
src/lib/crypto/krb/crypto_int.h | 16 -
src/lib/crypto/krb/default_state.c | 10 -
src/lib/crypto/krb/enctype_util.c | 3 +
src/lib/crypto/krb/etypes.c | 21 -
src/lib/crypto/krb/prf_des.c | 47 ---
src/lib/crypto/krb/random_to_key.c | 45 --
src/lib/crypto/libk5crypto.exports | 1 -
src/lib/crypto/openssl/Makefile.in | 8 +-
src/lib/crypto/openssl/des/Makefile.in | 20 -
src/lib/crypto/openssl/des/deps | 15 -
src/lib/crypto/openssl/des/des_keys.c | 40 --
.../crypto/openssl/enc_provider/Makefile.in | 3 -
src/lib/crypto/openssl/enc_provider/deps | 11 -
src/lib/crypto/openssl/enc_provider/des3.c | 184 --------
src/lib/gssapi/krb5/accept_sec_context.c | 1 -
src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +-
src/lib/gssapi/krb5/k5seal.c | 35 +-
src/lib/gssapi/krb5/k5sealiov.c | 27 +-
src/lib/gssapi/krb5/k5unseal.c | 102 ++---
src/lib/gssapi/krb5/k5unsealiov.c | 38 +-
src/lib/gssapi/krb5/util_crypt.c | 11 -
.../api.current/chpass-principal-v2.exp | 4 +-
.../api.current/get-principal-v2.exp | 4 +-
.../api.current/randkey-principal-v2.exp | 4 +-
src/lib/krb5/krb/init_ctx.c | 3 -
src/lib/krb5/krb/s4u_creds.c | 2 -
src/lib/krb5/krb/t_etypes.c | 48 +--
src/lib/krb5/os/t_trace.c | 4 +-
src/lib/krb5/os/t_trace.ref | 2 +-
src/plugins/preauth/pkinit/pkcs11.h | 6 +-
src/plugins/preauth/pkinit/pkinit_clnt.c | 8 -
src/plugins/preauth/pkinit/pkinit_crypto.h | 12 -
.../preauth/pkinit/pkinit_crypto_openssl.c | 38 --
src/plugins/preauth/pkinit/pkinit_kdf_test.c | 31 --
src/plugins/preauth/spake/t_vectors.c | 25 --
src/tests/dejagnu/config/default.exp | 78 ----
src/tests/dejagnu/krb-standalone/kprop.exp | 2 +-
src/tests/gssapi/t_enctypes.py | 33 +-
src/tests/gssapi/t_invalid.c | 12 -
src/tests/gssapi/t_pcontok.c | 16 +-
src/tests/gssapi/t_prf.c | 7 -
src/tests/t_authdata.py | 2 +-
src/tests/t_etype_info.py | 18 +-
src/tests/t_keyrollover.py | 8 +-
src/tests/t_mkey.py | 35 --
src/tests/t_salt.py | 5 +-
src/util/k5test.py | 7 -
.../leash/htmlhelp/html/Encryption_Types.htm | 13 -
95 files changed, 160 insertions(+), 4835 deletions(-)
delete mode 100644 src/lib/crypto/builtin/des/ISSUES
delete mode 100644 src/lib/crypto/builtin/des/Makefile.in
delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c
delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c
delete mode 100644 src/lib/crypto/builtin/des/deps
delete mode 100644 src/lib/crypto/builtin/des/des_int.h
delete mode 100644 src/lib/crypto/builtin/des/des_keys.c
delete mode 100644 src/lib/crypto/builtin/des/destest.c
delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc
delete mode 100644 src/lib/crypto/builtin/des/f_aead.c
delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c
delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c
delete mode 100644 src/lib/crypto/builtin/des/f_parity.c
delete mode 100644 src/lib/crypto/builtin/des/f_sched.c
delete mode 100644 src/lib/crypto/builtin/des/f_tables.c
delete mode 100644 src/lib/crypto/builtin/des/f_tables.h
delete mode 100644 src/lib/crypto/builtin/des/key_sched.c
delete mode 100644 src/lib/crypto/builtin/des/keytest.data
delete mode 100644 src/lib/crypto/builtin/des/t_verify.c
delete mode 100644 src/lib/crypto/builtin/des/weak_key.c
delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c
delete mode 100644 src/lib/crypto/krb/prf_des.c
delete mode 100644 src/lib/crypto/openssl/des/Makefile.in
delete mode 100644 src/lib/crypto/openssl/des/deps
delete mode 100644 src/lib/crypto/openssl/des/des_keys.c
delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c
diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst
index 38f76d3f4..d5e3c30c0 100644
--- a/doc/admin/advanced/retiring-des.rst
+++ b/doc/admin/advanced/retiring-des.rst
@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit
keyspace. As such, it is now considered insecure and should not be
used (:rfc:`6649`).
+In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types.
+However, due to weakenings of DES and other security concerns, it is now also
+considered insecure and should not be used (:rfc:`8429`). AES encryption
+types were added to MIT in 2003, meaning that the number of deployments with
+3DES as the strongest encryption type is hopefully small. The rotation
+procedure described herein works for both DES and 3DES.
+
History
-------
@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18. As a
consequence, a release prior to 1.18 is required to perform these
migrations.
+3DES (a flagged deprecated encryption type) was also removed downstream by
+rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required
+to perform these migrations.
+
Types of keys
-------------
diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst
index 1dc958d62..3a72aabef 100644
--- a/doc/admin/conf_files/kdc_conf.rst
+++ b/doc/admin/conf_files/kdc_conf.rst
@@ -848,8 +848,6 @@ Encryption types marked as "weak" and "deprecated" are available for
compatibility but not recommended for use.
==================================================== =========================================================
-des3-cbc-raw Triple DES cbc mode raw (weak)
-des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 (deprecated)
aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC
aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC
aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC
@@ -858,7 +856,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 (deprecat
arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak)
camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC
camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC
-des3 The triple DES family: des3-cbc-sha1
aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128
rc4 The RC4 family: arcfour-hmac
camellia The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac
@@ -870,8 +867,8 @@ from the current list by prefixing them with a minus sign ("-").
Types or families can be prefixed with a plus sign ("+") for symmetry;
it has the same meaning as just listing the type or family. For
example, "``DEFAULT -rc4``" would be the default set of encryption
-types with RC4 types removed, and "``des3 DEFAULT``" would be the
-default set of encryption types with triple DES types moved to the
+types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be
+the default set of encryption types with aes128-sha2 moved to the
front.
While **aes128-cts** and **aes256-cts** are supported for all Kerberos
diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst
index 047185afb..b08d954d9 100644
--- a/doc/admin/enctypes.rst
+++ b/doc/admin/enctypes.rst
@@ -129,7 +129,7 @@ enctype weak? krb5 Windows
des-cbc-crc weak <1.18 >=2000
des-cbc-md4 weak <1.18 ?
des-cbc-md5 weak <1.18 >=2000
-des3-cbc-sha1 deprecated >=1.1 none
+des3-cbc-sha1 deprecated <1.18 none
arcfour-hmac deprecated >=1.3 >=2000
arcfour-hmac-exp weak >=1.3 >=2000
aes128-cts-hmac-sha1-96 >=1.3 >=Vista
@@ -148,9 +148,11 @@ default.
krb5 releases 1.17 and later flag deprecated encryption types
(including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and
kadmin output. krb5 release 1.19 issues a warning during initial
-authentication if ``des3-cbc-sha1`` is used. Future releases will
-disable ``des3-cbc-sha1`` by default and eventually remove support for
-it.
+authentication if ``des3-cbc-sha1`` is used.
+
+krb5 releases 1.18 and later remove single-DES and 3DES
+(downstream-only patch) enctype support. Microsoft Windows never
+supported 3DES.
Migrating away from older encryption types
diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst
index ade5e1f87..e4dc54f7e 100644
--- a/doc/admin/troubleshoot.rst
+++ b/doc/admin/troubleshoot.rst
@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type
......................................................................
This most commonly happens when trying to use a principal with only
-DES keys, in a release (MIT krb5 1.7 or later) which disables DES by
-default. DES encryption is considered weak due to its inadequate key
-size. If you cannot migrate away from its use, you can re-enable DES
-by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults`
-section of :ref:`krb5.conf(5)`.
+DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES
+by default. DES encryption is considered weak due to its inadequate
+key size and has been removed upstream; 3DES is not recommended, and
+has been removed downstream by rharwood@redhat.com.
.. _err_cert_chain_cert_expired:
diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
index cebb6644c..4d51e795c 100644
--- a/doc/appdev/refs/macros/index.rst
+++ b/doc/appdev/refs/macros/index.rst
@@ -36,7 +36,6 @@ Public
CKSUMTYPE_HMAC_SHA1_96_AES256.rst
CKSUMTYPE_HMAC_SHA256_128_AES128.rst
CKSUMTYPE_HMAC_SHA384_192_AES256.rst
- CKSUMTYPE_HMAC_SHA1_DES3.rst
CKSUMTYPE_MD5_HMAC_ARCFOUR.rst
CKSUMTYPE_NIST_SHA.rst
CKSUMTYPE_RSA_MD4.rst
diff --git a/doc/conf.py b/doc/conf.py
index 543202bf4..4fb6aae14 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -271,7 +271,7 @@ else:
rst_epilog += '''
.. |krb5conf| replace:: ``/etc/krb5.conf``
.. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal``
-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
+.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac``
.. |defmkey| replace:: ``aes256-cts-hmac-sha1-96``
.. |copy| unicode:: U+000A9
'''
diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst
index 4954bb3aa..92ce2a772 100644
--- a/doc/mitK5features.rst
+++ b/doc/mitK5features.rst
@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB
krb4 support: Kerberos 5 release < 1.8
-DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
+DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`)
Interoperability
----------------
diff --git a/src/Makefile.in b/src/Makefile.in
index 7d2507ef8..c16715ac7 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \
lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \
lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \
lib\crypto\builtin\enc_provider\Makefile \
- lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \
+ lib\crypto\builtin\md5\Makefile \
lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \
lib\crypto\builtin\hash_provider\Makefile \
lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \
@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \
##DOS## $(WCONFIG) config < $@.in > $@
##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP)
##DOS## $(WCONFIG) config < $@.in > $@
-##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP)
-##DOS## $(WCONFIG) config < $@.in > $@
##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP)
##DOS## $(WCONFIG) config < $@.in > $@
##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP)
diff --git a/src/configure.ac b/src/configure.ac
index dd2cad3ee..3e1052db7 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -1480,7 +1480,6 @@ V5_AC_OUTPUT_MAKEFILE(.
lib/crypto lib/crypto/krb lib/crypto/$CRYPTO_IMPL
lib/crypto/$CRYPTO_IMPL/enc_provider
lib/crypto/$CRYPTO_IMPL/hash_provider
- lib/crypto/$CRYPTO_IMPL/des
lib/crypto/$CRYPTO_IMPL/md4 lib/crypto/$CRYPTO_IMPL/md5
lib/crypto/$CRYPTO_IMPL/sha1 lib/crypto/$CRYPTO_IMPL/sha2
lib/crypto/$CRYPTO_IMPL/aes lib/crypto/$CRYPTO_IMPL/camellia
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index db80063eb..63e67a2ba 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov {
#define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */
#define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */
#define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */
-#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */
-#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */
+#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */
+#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */
#define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */
/* PKINIT */
#define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */
@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov {
#define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */
#define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */
#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */
-#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */
+#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */
-#define ENCTYPE_DES3_CBC_SHA1 0x0010
+#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */
#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */
#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */
#define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */
@@ -458,7 +458,7 @@ typedef struct _krb5_crypto_iov {
#define CKSUMTYPE_RSA_MD5 0x0007
#define CKSUMTYPE_RSA_MD5_DES 0x0008
#define CKSUMTYPE_NIST_SHA 0x0009
-#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
+#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */
#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with
ENCTYPE_AES128_CTS_HMAC_SHA1_96 */
#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with
diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto
index 8a4b87de1..d7f1d076b 100644
--- a/src/kadmin/testing/proto/kdc.conf.proto
+++ b/src/kadmin/testing/proto/kdc.conf.proto
@@ -11,6 +11,6 @@
dict_file = __K5ROOT__/ovsec_adm.dict
kadmind_port = 1751
kpasswd_port = 1752
- master_key_type = des3-hmac-sha1
- supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
+ master_key_type = aes256-cts
+ supported_enctypes = aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal
}
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 60f30c4f4..c65375aef 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -1017,8 +1017,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen)
name = "rsaEncryption-EnvOID";
else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV)
name = "id-RSAES-OAEP-EnvOID";
- else if (ktype == ENCTYPE_DES3_CBC_ENV)
- name = "des-ede3-cbc-EnvOID";
else
return krb5_enctype_to_name(ktype, FALSE, buf, buflen);
@@ -1605,8 +1603,6 @@ krb5_boolean
enctype_requires_etype_info_2(krb5_enctype enctype)
{
switch(enctype) {
- case ENCTYPE_DES3_CBC_SHA1:
- case ENCTYPE_DES3_CBC_RAW:
case ENCTYPE_ARCFOUR_HMAC:
case ENCTYPE_ARCFOUR_HMAC_EXP :
return 0;
diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in
index c3fcfd7e8..890d54adf 100644
--- a/src/lib/crypto/Makefile.in
+++ b/src/lib/crypto/Makefile.in
@@ -13,7 +13,7 @@ STOBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \
$(CRYPTO_IMPL)/hash_provider/OBJS.ST \
$(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \
$(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \
- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \
+ $(CRYPTO_IMPL)/aes/OBJS.ST \
$(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \
$(CRYPTO_IMPL)/OBJS.ST
@@ -21,7 +21,7 @@ SUBDIROBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \
$(CRYPTO_IMPL)/hash_provider/OBJS.ST \
$(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \
$(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \
- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \
+ $(CRYPTO_IMPL)/aes/OBJS.ST \
$(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \
$(CRYPTO_IMPL)/OBJS.ST
@@ -34,8 +34,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB)
SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@
##DOS##LIBNAME=$(OUTPRE)crypto.lib
-##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
-##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
+##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst
+##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst
all-unix: all-liblinks
install-unix: install-libs
diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in
index baf5d974f..82adf1dec 100644
--- a/src/lib/crypto/builtin/Makefile.in
+++ b/src/lib/crypto/builtin/Makefile.in
@@ -1,6 +1,6 @@
mydir=lib$(S)crypto$(S)builtin
BUILDTOP=$(REL)..$(S)..$(S)..
-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
##DOS##BUILDTOP = ..\..\..
@@ -22,7 +22,7 @@ SRCS=\
$(srcdir)/init.c \
$(srcdir)/pbkdf2.c
-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
+STOBJLISTS= md4/OBJS.ST \
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
enc_provider/OBJS.ST \
hash_provider/OBJS.ST \
@@ -30,7 +30,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
camellia/OBJS.ST \
OBJS.ST
-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
+SUBDIROBJLISTS= md4/OBJS.ST \
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
enc_provider/OBJS.ST \
hash_provider/OBJS.ST \
diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES
deleted file mode 100644
index 157891103..000000000
--- a/src/lib/crypto/builtin/des/ISSUES
+++ /dev/null
@@ -1,13 +0,0 @@
-Issues to be addressed for src/lib/crypto/des: -*- text -*-
-
-
-"const" could be used in more places
-
-
-Array types are used in calling interfaces. Under ANSI C, a value of
-type "arraytype *" cannot be assigned to a variable of type "const
-arraytype *", so we get compilation warnings.
-
-Possible fix: Rewrite internal interfaces to not use arrays this way.
-Provide external routines compatible with old API, but not using
-const?
diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in
deleted file mode 100644
index 54b329d0f..000000000
--- a/src/lib/crypto/builtin/des/Makefile.in
+++ /dev/null
@@ -1,80 +0,0 @@
-mydir=lib$(S)crypto$(S)builtin$(S)des
-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb
-
-##DOS##BUILDTOP = ..\..\..\..
-##DOS##PREFIXDIR = builtin\des
-##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst
-
-STLIBOBJS=\
- d3_aead.o \
- d3_kysched.o \
- des_keys.o \
- f_aead.o \
- f_cksum.o \
- f_parity.o \
- f_sched.o \
- f_tables.o \
- key_sched.o \
- weak_key.o
-
-OBJS= $(OUTPRE)d3_aead.$(OBJEXT) \
- $(OUTPRE)d3_kysched.$(OBJEXT) \
- $(OUTPRE)des_keys.$(OBJEXT) \
- $(OUTPRE)f_aead.$(OBJEXT) \
- $(OUTPRE)f_cksum.$(OBJEXT) \
- $(OUTPRE)f_parity.$(OBJEXT) \
- $(OUTPRE)f_sched.$(OBJEXT) \
- $(OUTPRE)f_tables.$(OBJEXT) \
- $(OUTPRE)key_sched.$(OBJEXT) \
- $(OUTPRE)weak_key.$(OBJEXT)
-
-SRCS= $(srcdir)/d3_aead.c \
- $(srcdir)/d3_kysched.c \
- $(srcdir)/des_keys.c \
- $(srcdir)/f_aead.c \
- $(srcdir)/f_cksum.c \
- $(srcdir)/f_parity.c \
- $(srcdir)/f_sched.c \
- $(srcdir)/f_tables.c \
- $(srcdir)/key_sched.c \
- $(srcdir)/weak_key.c
-
-EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c
-
-##DOS##LIBOBJS = $(OBJS)
-
-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \
- $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \
- $(OUTPRE)f_cksum.$(OBJEXT)
-
-verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
- $(COM_ERR_LIB) $(SUPPORT_LIB)
-
-destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
-
-all-unix: all-libobjs
-
-check-unix: verify destest
- $(RUN_TEST) ./verify -z
- $(RUN_TEST) ./verify -m
- $(RUN_TEST) ./verify
- $(RUN_TEST) ./destest < $(srcdir)/keytest.data
-
-includes: depend
-
-depend: $(SRCS)
-
-check-windows:
-
-clean:
- $(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \
- t_verify.$(OBJEXT) $(TOBJS)
-
-clean-unix:: clean-libobjs
-
-@libobj_frag@
-
diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c
deleted file mode 100644
index bddf75a47..000000000
--- a/src/lib/crypto/builtin/des/d3_aead.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-#include "f_tables.h"
-
-void
-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
- const unsigned char *ip;
- struct iov_cursor cursor;
- unsigned char block[MIT_DES_BLOCK_LENGTH];
-
- /* Get key pointers here. These won't need to be reinitialized. */
- kp1 = (const unsigned DES_INT32 *)ks1;
- kp2 = (const unsigned DES_INT32 *)ks2;
- kp3 = (const unsigned DES_INT32 *)ks3;
-
- /* Initialize left and right with the contents of the initial vector. */
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
- left = load_32_be(ip);
- right = load_32_be(ip + 4);
-
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
- while (k5_iov_cursor_get(&cursor, block)) {
- /* xor this block with the previous ciphertext. */
- left ^= load_32_be(block);
- right ^= load_32_be(block + 4);
-
- /* Encrypt what we have and store it back into block. */
- DES_DO_ENCRYPT(left, right, kp1);
- DES_DO_DECRYPT(left, right, kp2);
- DES_DO_ENCRYPT(left, right, kp3);
- store_32_be(left, block);
- store_32_be(right, block + 4);
-
- k5_iov_cursor_put(&cursor, block);
- }
-
- if (ivec != NULL) {
- store_32_be(left, ivec);
- store_32_be(right, ivec + 4);
- }
-}
-
-void
-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
- const unsigned char *ip;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
- struct iov_cursor cursor;
- unsigned char block[MIT_DES_BLOCK_LENGTH];
-
- /* Get key pointers here. These won't need to be reinitialized. */
- kp1 = (const unsigned DES_INT32 *)ks1;
- kp2 = (const unsigned DES_INT32 *)ks2;
- kp3 = (const unsigned DES_INT32 *)ks3;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- /* Prime the old cipher with ivec.*/
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
- ocipherl = load_32_be(ip);
- ocipherr = load_32_be(ip + 4);
-
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
- while (k5_iov_cursor_get(&cursor, block)) {
- /* Split this block into left and right. */
- cipherl = left = load_32_be(block);
- cipherr = right = load_32_be(block + 4);
-
- /* Decrypt and xor with the old cipher to get plain text. */
- DES_DO_DECRYPT(left, right, kp3);
- DES_DO_ENCRYPT(left, right, kp2);
- DES_DO_DECRYPT(left, right, kp1);
- left ^= ocipherl;
- right ^= ocipherr;
-
- /* Store the encrypted halves back into block. */
- store_32_be(left, block);
- store_32_be(right, block + 4);
-
- /* Save current cipher block halves. */
- ocipherl = cipherl;
- ocipherr = cipherr;
-
- k5_iov_cursor_put(&cursor, block);
- }
-
- if (ivec != NULL) {
- store_32_be(ocipherl, ivec);
- store_32_be(ocipherr, ivec + 4);
- }
-}
diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c
deleted file mode 100644
index ebd1050b1..000000000
--- a/src/lib/crypto/builtin/des/d3_kysched.c
+++ /dev/null
@@ -1,51 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-int
-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
-{
- mit_des_make_key_sched(k[0],schedule[0]);
- mit_des_make_key_sched(k[1],schedule[1]);
- mit_des_make_key_sched(k[2],schedule[2]);
-
- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
- return(-1);
- if (mit_des_is_weak_key(k[0]))
- return(-2);
-
- if (!mit_des_check_key_parity(k[1]))
- return(-1);
- if (mit_des_is_weak_key(k[1]))
- return(-2);
-
- if (!mit_des_check_key_parity(k[2]))
- return(-1);
- if (mit_des_is_weak_key(k[2]))
- return(-2);
-
- /* if key was good, return 0 */
- return 0;
-}
diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps
deleted file mode 100644
index a1db1f36e..000000000
--- a/src/lib/crypto/builtin/des/deps
+++ /dev/null
@@ -1,150 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- d3_aead.c des_int.h f_tables.h
-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- d3_kysched.c des_int.h
-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
- $(srcdir)/../aes/brg_types.h $(srcdir)/../crypto_mod.h \
- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c
-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_int.h f_aead.c f_tables.h
-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des_int.h f_cksum.c \
- f_tables.h
-f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_int.h f_parity.c
-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des_int.h f_sched.c
-f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_int.h f_tables.c f_tables.h
-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_int.h key_sched.c
-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_int.h weak_key.c
-destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des_int.h destest.c
-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \
- f_tables.h
-t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_int.h t_verify.c
diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h
deleted file mode 100644
index f8dc6b296..000000000
--- a/src/lib/crypto/builtin/des/des_int.h
+++ /dev/null
@@ -1,285 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/des_int.h */
-/*
- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
- * Technology. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* Private include file for the Data Encryption Standard library. */
-
-/* only do the whole thing once */
-#ifndef DES_INTERNAL_DEFS
-#define DES_INTERNAL_DEFS
-
-#include "k5-int.h"
-/*
- * Begin "mit-des.h"
- */
-#ifndef KRB5_MIT_DES__
-#define KRB5_MIT_DES__
-
-#if defined(__MACH__) && defined(__APPLE__)
-#include <TargetConditionals.h>
-#include <AvailabilityMacros.h>
-#if TARGET_RT_MAC_CFM
-#error "Use KfM 4.0 SDK headers for CFM compilation."
-#endif
-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
-#endif
-#endif /* defined(__MACH__) && defined(__APPLE__) */
-
-/* Macro to add deprecated attribute to DES types and functions */
-/* Currently only defined on macOS 10.5 and later. */
-#ifndef KRB5INT_DES_DEPRECATED
-#define KRB5INT_DES_DEPRECATED
-#endif
-
-#include <limits.h>
-
-#if UINT_MAX >= 0xFFFFFFFFUL
-#define DES_INT32 int
-#define DES_UINT32 unsigned int
-#else
-#define DES_INT32 long
-#define DES_UINT32 unsigned long
-#endif
-
-typedef unsigned char des_cblock[8] /* crypto-block size */
-KRB5INT_DES_DEPRECATED;
-
-/*
- * Key schedule.
- *
- * This used to be
- *
- * typedef struct des_ks_struct {
- * union { DES_INT32 pad; des_cblock _;} __;
- * } des_key_schedule[16];
- *
- * but it would cause trouble if DES_INT32 were ever more than 4
- * bytes. The reason is that all the encryption functions cast it to
- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If
- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
- * caller-allocated des_key_schedule will be overflowed by the key
- * scheduling functions. We can't assume that every platform will
- * have an exact 32-bit int, and nothing should be looking inside a
- * des_key_schedule anyway.
- */
-typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16]
-KRB5INT_DES_DEPRECATED;
-
-typedef des_cblock mit_des_cblock;
-typedef des_key_schedule mit_des_key_schedule;
-
-/* Triple-DES structures */
-typedef mit_des_cblock mit_des3_cblock[3];
-typedef mit_des_key_schedule mit_des3_key_schedule[3];
-
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
-
-typedef struct mit_des_ran_key_seed {
- krb5_encrypt_block eblock;
- krb5_data sequence;
-} mit_des_random_state;
-
-/* the first byte of the key is already in the keyblock */
-
-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
-/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE 8
-
-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
-
-#endif /* KRB5_MIT_DES__ */
-/*
- * End "mit-des.h"
- */
-
-/* afsstring2key.c */
-krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock,
- const krb5_data *data,
- const krb5_data *salt);
-char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf);
-
-/* f_cksum.c */
-unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *,
- unsigned long, const mit_des_key_schedule,
- const krb5_octet *);
-
-/* f_cbc.c (used by test programs) */
-int
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc);
-
-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
-extern const mit_des_cblock mit_des_zeroblock;
-
-/* fin_rndkey.c */
-krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *,
- krb5_pointer *);
-
-/* finish_key.c */
-krb5_error_code mit_des_finish_key(krb5_encrypt_block *);
-
-/* init_rkey.c */
-krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *,
- const krb5_keyblock *,
- krb5_pointer *);
-
-/* key_parity.c */
-void mit_des_fixup_key_parity(mit_des_cblock);
-int mit_des_check_key_parity(mit_des_cblock);
-
-/* key_sched.c */
-int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule);
-
-/* process_ky.c */
-krb5_error_code mit_des_process_key(krb5_encrypt_block *,
- const krb5_keyblock *);
-
-/* random_key.c */
-krb5_error_code mit_des_random_key(const krb5_encrypt_block *,
- krb5_pointer, krb5_keyblock **);
-
-/* string2key.c */
-krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *,
- krb5_keyblock *, const krb5_data *,
- const krb5_data *);
-krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *,
- const krb5_data *);
-
-/* weak_key.c */
-int mit_des_is_weak_key(mit_des_cblock);
-
-/* cmb_keys.c */
-krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *,
- const krb5_keyblock *,
- krb5_keyblock **);
-
-/* f_pcbc.c */
-int mit_des_pcbc_encrypt();
-
-/* f_sched.c */
-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
-
-
-/* misc.c */
-extern void swap_bits(char *);
-extern unsigned long long_swap_bits(unsigned long);
-extern unsigned long swap_six_bits_to_ansi(unsigned long);
-extern unsigned long swap_four_bits_to_ansi(unsigned long);
-extern unsigned long swap_bit_pos_1(unsigned long);
-extern unsigned long swap_bit_pos_0(unsigned long);
-extern unsigned long swap_bit_pos_0_to_ansi(unsigned long);
-extern unsigned long rev_swap_bit_pos_0(unsigned long);
-extern unsigned long swap_byte_bits(unsigned long);
-extern unsigned long swap_long_bytes_bit_number(unsigned long);
-#ifdef FILE
-/* XXX depends on FILE being a #define! */
-extern void test_set(FILE *, const char *, int, const char *, int);
-#endif
-
-void
-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-void
-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule schedule, mit_des_cblock ivec,
- mit_des_cblock out);
-
-/* d3_procky.c */
-krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock,
- const krb5_keyblock *keyblock);
-
-/* d3_kysched.c */
-int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule);
-
-/* d3_str2ky.c */
-krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock,
- krb5_keyblock *keyblock,
- const krb5_data *data,
- const krb5_data *salt);
-
-/* u_nfold.c */
-krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len,
- krb5_octet *output, const size_t out_len);
-
-/* u_rn_key.c */
-int mit_des_is_weak_keyblock(krb5_keyblock *keyblock);
-
-void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock);
-
-krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed,
- krb5_pointer random_state);
-
-krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence,
- krb5_pointer random_state);
-#endif /*DES_INTERNAL_DEFS*/
diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c
deleted file mode 100644
index 32b119aad..000000000
--- a/src/lib/crypto/builtin/des/des_keys.c
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */
-/*
- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-
-void
-k5_des_fixup_key_parity(unsigned char *keybits)
-{
- mit_des_fixup_key_parity(keybits);
-}
-
-krb5_boolean
-k5_des_is_weak_key(unsigned char *keybits)
-{
- return mit_des_is_weak_key(keybits);
-}
diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c
deleted file mode 100644
index 52114304e..000000000
--- a/src/lib/crypto/builtin/des/destest.c
+++ /dev/null
@@ -1,240 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/destest.c */
-/*
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* Test a DES implementation against known inputs & outputs. */
-
-#include "des_int.h"
-#include <ctype.h>
-#include <stdio.h>
-
-void convert (char *, unsigned char []);
-
-void des_cblock_print_file (mit_des_cblock, FILE *);
-
-krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0};
-
-int
-main(argc, argv)
- int argc;
- char *argv[];
-{
- char block1[17], block2[17], block3[17];
- /* Force tests of unaligned accesses. */
- union { unsigned char c[8*4+3]; long l; } u;
- unsigned char *ioblocks = u.c;
- unsigned char *input = ioblocks+1;
- unsigned char *output = ioblocks+10;
- unsigned char *output2 = ioblocks+19;
- unsigned char *key = ioblocks+27;
- mit_des_key_schedule sched;
- int num = 0;
- int retval;
-
- int error = 0;
-
- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
- convert(block1, key);
- convert(block2, input);
- convert(block3, output);
-
- retval = mit_des_key_sched(key, sched);
- if (retval) {
- fprintf(stderr, "des test: can't process key: %d\n", retval);
- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3);
- exit(1);
- }
- mit_des_cbc_encrypt((const mit_des_cblock *) input,
- (mit_des_cblock *) output2, 8,
- sched, zeroblock, 1);
-
- if (memcmp((char *)output2, (char *)output, 8)) {
- fprintf(stderr,
- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
- block1, block2, block3,
- output2[0],output2[1],output2[2],output2[3],
- output2[4],output2[5],output2[6],output2[7]);
- error++;
- }
-
- /*
- * Now try decrypting....
- */
- mit_des_cbc_encrypt((const mit_des_cblock *) output,
- (mit_des_cblock *) output2, 8,
- sched, zeroblock, 0);
-
- if (memcmp((char *)output2, (char *)input, 8)) {
- fprintf(stderr,
- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
- block1, block2, block3,
- output2[0],output2[1],output2[2],output2[3],
- output2[4],output2[5],output2[6],output2[7]);
- error++;
- }
-
- num++;
- }
-
- if (error)
- printf("destest: failed to pass the test\n");
- else
- printf("destest: %d tests passed successfully\n", num);
-
- exit( (error > 256 && error % 256) ? 1 : error);
-}
-
-int value[128] = {
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- 0, 1, 2, 3, 4, 5, 6, 7,
- 8, 9, -1, -1, -1, -1, -1, -1,
- -1, 10, 11, 12, 13, 14, 15, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1,
-};
-
-void
-convert(text, cblock)
- char *text;
- unsigned char cblock[];
-{
- int i;
- for (i = 0; i < 8; i++) {
- if (!isascii((unsigned char)text[i * 2]))
- abort ();
- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
- printf("Bad value byte %d in %s\n", i, text);
- exit(1);
- }
- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
- }
- return;
-}
-
-/*
- * Fake out the DES library, for the purposes of testing.
- */
-
-int
-mit_des_is_weak_key(key)
- mit_des_cblock key;
-{
- return 0; /* fake it out for testing */
-}
-
-void
-des_cblock_print_file(x, fp)
- mit_des_cblock x;
- FILE *fp;
-{
- unsigned char *y = (unsigned char *) x;
- int i = 0;
- fprintf(fp," 0x { ");
-
- while (i++ < 8) {
- fprintf(fp,"%x",*y++);
- if (i < 8)
- fprintf(fp,", ");
- }
- fprintf(fp," }");
-}
-
-
-#define smask(step) ((1<<step)-1)
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- * See des_fix_key_parity for the definition of
- * correct des parity.
- */
-int
-mit_des_check_key_parity(key)
- mit_des_cblock key;
-{
- unsigned int i;
-
- for (i=0; i<sizeof(mit_des_cblock); i++) {
- if ((key[i] & 1) == parity_char(0xfe&key[i])) {
- printf("warning: bad parity key:");
- des_cblock_print_file(key, stdout);
- putchar('\n');
-
- return 1;
- }
- }
-
- return(1);
-}
-
-void
-mit_des_fixup_key_parity(key)
- mit_des_cblock key;
-{
- unsigned int i;
- for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- key[i] &= 0xfe;
- key[i] |= 1^parity_char(key[i]);
- }
-
- return;
-}
diff --git a/src/lib/crypto/builtin/des/doc/libdes.doc b/src/lib/crypto/builtin/des/doc/libdes.doc
deleted file mode 100644
index 6e9431ed2..000000000
--- a/src/lib/crypto/builtin/des/doc/libdes.doc
+++ /dev/null
@@ -1,208 +0,0 @@
-
- How to use the Kerberos encryption library.
-
- Revised 10/15/85 spm
-
-1) The following include file is needed:
-
- /projects/auth/include/des.h (VAX)
- --------------- (PC8086)
-
-2) The encryption library that should be linked to is:
-
- /projects/auth/lib/libdes.a (VAX)
-| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment)
-
-3) For each key that may be simultaneously active,
- allocate (either compile or malloc) a "Key_schedule" struct,
- defined in "des.h"
-
-4) Create key schedules, as needed, prior to using the encryption
- routines, via "des_set_key()".
-
-5) Setup the input and output areas. Make sure to note the restrictions
- on lengths being multiples of eight bytes.
-
-6) Invoke the encryption/decryption routines, "ecb_encrypt()"
- or "cbc_encrypt()"
-
-7) To generate a cryptographic checksum, use "cbc_cksum()"
-/* ---------------------------------------------------------------- */
-
- Routine Interfaces--
-
-/* ----------------------------------------------------------------- */
-
-int
- des_set_key(k,schedule)
- C_Block *k;
- Key_schedule schedule;
-
- Calculates a key schedule from (all) eight bytes of the input key, and
- puts it into the indicated "Key_schedule" struct;
-
- Make sure to pass valid eight bytes, no padding or other processing
- it done.
-
- The key schedule is then used in subsequent encryption/decryption
- operations. Many key schedules may be created and cached for later
- use.
-
- The user is responsible to clear keys and schedules no longer needed
- to prevent their disclosure.
-
-| Checks the parity of the key provided, to make sure it is odd per
-| FIPS spec. Returns 0 value for key ok, 1 for key_parity error.
-
-/* ---------------------------------------------------------------- */
-
-int
- ecb_encrypt(input,output,schedule,encrypt)
- C_Block *input; /* ptr to eight byte input value */
- C_Block *output; /* ptr to eight byte output value */
- int encrypt; /* 0 ==> decrypt, else encrypt */
- Key_schedule schedule; /* addr of key schedule */
-
-This is the low level routine that encrypts or decrypts a single 8-byte
-block in electronic code book mode. Always transforms the input
-data into the output data.
-
-If encrypt is non-zero, the input (cleartext) is encrypted into the
-output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
-
-If encrypt is zero, the input (now ciphertext) is decrypted into
-the output (now cleartext).
-
-Input and output may be the same space.
-
-Does not return any meaningful value. Void is not used for compatibility
-with other compilers.
-
-/* -------------------------------------------------------------- */
-
-int
- cbc_encrypt(input,output,length,schedule,ivec,encrypt)
-
- C_Block *input; /* ptr to input data */
- C_Block *output; /* ptr to output data */
- int length; /* desired length, in bytes */
- Key_schedule schedule; /* addr of precomputed schedule */
- C_Block *ivec; /* pointer to 8 byte initialization
- * vector
- */
- int encrypt /* 0 ==> decrypt; else encrypt*/
-
-
- If encrypt is non-zero, the routine cipher-block-chain encrypts
- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
- key schedule and initialization vector. If the length is not an integral
- multiple of eight bytes, the last block is copied to a temp and zero
- filled (highest addresses). The output is ALWAYS an integral multiple
- of eight bytes.
-
- If encrypt is zero, the routine cipher-block chain decrypts the INPUT
- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule
- and initialization vector. Decryption ALWAYS operates on integral
- multiples of 8 bytes, so will round the length provided up to the
- appropriate multiple. Consequently, it will always produce the rounded-up
- number of bytes of output cleartext. The application must determine if
- the output cleartext was zero-padded due to cleartext lengths not integral
- multiples of 8.
-
- No errors or meaningful value are returned. Void is not used for
- compatibility with other compilers.
-
-
-/* cbc checksum (MAC) only routine ---------------------------------------- */
-int
- cbc_cksum(input,output,length,schedule,ivec)
-
- C_Block *input; /* >= length bytes of inputtext */
- C_Block *output; /* >= length bytes of outputtext */
- int length; /* in bytes */
- Key_schedule schedule; /* precomputed key schedule */
- C_Block *ivec; /* 8 bytes of ivec */
-
-
- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
- encrypting the input, discarding the ciphertext output, and only retaining
- the last ciphertext 8-byte block. Uses the provided key schedule and ivec.
- The input is effectively zero-padded to an integral multiple of
- eight bytes, though the original input is not modified.
-
- No meaningful value is returned. Void is not used for compatibility
- with other compilers.
-
-
-/* random_key ----------------------------------------*/
-int
- random_key(key)
-
- C_Block *key;
-
- The start for the random number generated is set from the current time
- in microseconds, then the random number generator is invoked
- to create an eight byte output key (not a schedule). The key
- generated is set to odd parity per FIPS spec.
-
- The caller must supply space for the output key, pointed to
- by "*key", then after getting a new key, call the des_set_key()
- routine when needed.
-
- No meaningful value is returned. Void is not used for compatibility
- with other compilers.
-
-
-/* string_to_key --------------------------------------------*/
-
-int
- string_to_key(str,key)
- char *str;
- C_Block *key;
-
- This routines converts an arbitrary length, null terminated string
- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
-
- The algorithm is as follows:
-
-| Take the first 8 bytes and remove the parity (leaving 56 bits).
-| Do the same for the second 8 bytes, and the third, etc. Do this for
-| as many sets of 8 bytes as necessary, filling in the remainder of the
-| last set with nulls. Fold the second set back on the first (i.e. bit
-| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second
-| (bit 0 of the third set is now over bit 0 of the first set). Repeat
-| until you have done this to all sets. Xor the folded sets. Break the
-| result into 8 7 bit bytes, and generate odd parity for each byte. You
-| now have 64 bits. Note that DES takes a 64 bit key, and uses only the
-| non parity bits.
-
-
-/* read_password -------------------------------------------*/
-
-read_password(k,prompt,verify)
- C_Block *k;
- char *prompt;
- int verify;
-
-This routine issues the supplied prompt, turns off echo, if possible, and
-reads an input string. If verify is non-zero, it does it again, for use
-in applications such as changing a password. If verify is non-zero, both
-versions are compared, and the input is requested repeatedly until they
-match. Then, the input string is mapped into a valid DES key, internally
-using the string_to_key routine. The newly created key is copied to the
-area pointed to by parameter "k".
-
-No meaningful value is returned. If an error occurs trying to manipulate
-the terminal echo, the routine forces the process to exit.
-
-/* get_line ------------------------*/
-long get_line(p,max)
- char *p;
- long max;
-
-Reads input characters from standard input until either a newline appears or
-else the max length is reached. The characters read are stuffed into
-the string pointed to, which will always be null terminated. The newline
-is not inserted in the string. The max parameter includes the byte needed
-for the null terminator, so allocate and pass one more than the maximum
-string length desired.
diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c
deleted file mode 100644
index 71b8dff4d..000000000
--- a/src/lib/crypto/builtin/des/f_aead.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-#include "f_tables.h"
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-void
-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- struct iov_cursor cursor;
- unsigned char block[MIT_DES_BLOCK_LENGTH];
-
- /* Get key pointer here. This won't need to be reinitialized. */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /* Initialize left and right with the contents of the initial vector. */
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
- left = load_32_be(ip);
- right = load_32_be(ip + 4);
-
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
- while (k5_iov_cursor_get(&cursor, block)) {
- /* Decompose this block and xor it with the previous ciphertext. */
- left ^= load_32_be(block);
- right ^= load_32_be(block + 4);
-
- /* Encrypt what we have and put back into block. */
- DES_DO_ENCRYPT(left, right, kp);
- store_32_be(left, block);
- store_32_be(right, block + 4);
-
- k5_iov_cursor_put(&cursor, block);
- }
-
- if (ivec != NULL) {
- store_32_be(left, ivec);
- store_32_be(right, ivec + 4);
- }
-}
-
-void
-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
- struct iov_cursor cursor;
- unsigned char block[MIT_DES_BLOCK_LENGTH];
-
- /* Get key pointer here. This won't need to be reinitialized. */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- /* Prime the old cipher with ivec. */
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
- ocipherl = load_32_be(ip);
- ocipherr = load_32_be(ip + 4);
-
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE);
- while (k5_iov_cursor_get(&cursor, block)) {
- /* Split this block into left and right. */
- cipherl = left = load_32_be(block);
- cipherr = right = load_32_be(block + 4);
-
- /* Decrypt and xor with the old cipher to get plain text. */
- DES_DO_DECRYPT(left, right, kp);
- left ^= ocipherl;
- right ^= ocipherr;
-
- /* Store the encrypted halves back into block. */
- store_32_be(left, block);
- store_32_be(right, block + 4);
-
- /* Save current cipher block halves. */
- ocipherl = cipherl;
- ocipherr = cipherr;
-
- k5_iov_cursor_put(&cursor, block);
- }
-
- if (ivec != NULL) {
- store_32_be(ocipherl, ivec);
- store_32_be(ocipherr, ivec + 4);
- }
-}
-
-void
-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data,
- const mit_des_key_schedule schedule, mit_des_cblock ivec,
- mit_des_cblock out)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- struct iov_cursor cursor;
- unsigned char block[MIT_DES_BLOCK_LENGTH];
-
- /* Get key pointer here. This won't need to be reinitialized. */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /* Initialize left and right with the contents of the initial vector. */
- ip = (ivec != NULL) ? ivec : mit_des_zeroblock;
- left = load_32_be(ip);
- right = load_32_be(ip + 4);
-
- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE);
- while (k5_iov_cursor_get(&cursor, block)) {
- /* Decompose this block and xor it with the previous ciphertext. */
- left ^= load_32_be(block);
- right ^= load_32_be(block + 4);
-
- /* Encrypt what we have. */
- DES_DO_ENCRYPT(left, right, kp);
- }
-
- /* Output the final ciphertext block. */
- store_32_be(left, out);
- store_32_be(right, out + 4);
-}
-
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
-void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
- unsigned DES_INT32 *right,
- const unsigned DES_INT32 *kp)
-{
- DES_DO_ENCRYPT_1 (*left, *right, kp);
-}
-
-void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
- unsigned DES_INT32 *right,
- const unsigned DES_INT32 *kp)
-{
- DES_DO_DECRYPT_1 (*left, *right, kp);
-}
-#endif
diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c
deleted file mode 100644
index 84d5382f2..000000000
--- a/src/lib/crypto/builtin/des/f_cbc.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_cbc.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * CBC functions; used only by the test programs at this time. (krb5 uses the
- * functions in f_aead.c instead.)
- */
-
-/*
- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
- */
-
-/*
- * This routine performs DES cipher-block-chaining operation, either
- * encrypting from cleartext to ciphertext, if encrypt != 0 or
- * decrypting from ciphertext to cleartext, if encrypt == 0.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
- * enough space was provided, your program will get trashed.
- *
- * For encryption, the cleartext string is null padded, at the end, to
- * an integral multiple of eight bytes.
- *
- * For decryption, the ciphertext will be used in integral multiples
- * of 8 bytes, but only the first "length" bytes returned into the
- * cleartext.
- */
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-static void
-des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = *in;
- op = *out;
- while (length > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (length >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- length -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) length;
- switch(length) {
- case 7:
- right ^= (*(--ip) & FF_UINT32) << 8;
- case 6:
- right ^= (*(--ip) & FF_UINT32) << 16;
- case 5:
- right ^= (*(--ip) & FF_UINT32) << 24;
- case 4:
- left ^= *(--ip) & FF_UINT32;
- case 3:
- left ^= (*(--ip) & FF_UINT32) << 8;
- case 2:
- left ^= (*(--ip) & FF_UINT32) << 16;
- case 1:
- left ^= (*(--ip) & FF_UINT32) << 24;
- break;
- }
- length = 0;
- }
-
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp);
-
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- }
-}
-
-static void
-des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- if (length <= 0)
- return;
-
- /*
- * Prime the old cipher with ivec.
- */
- ip = ivec;
- GET_HALF_BLOCK(ocipherl, ip);
- GET_HALF_BLOCK(ocipherr, ip);
-
- /*
- * Now do this in earnest until we run out of length.
- */
- ip = *in;
- op = *out;
- for (;;) { /* check done inside loop */
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
- if (length > 8) {
- length -= 8;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
- } else {
- /*
- * Trouble here. Start at end of output,
- * work backwards.
- */
- op += (int) length;
- switch(length) {
- case 8:
- *(--op) = (unsigned char) (right & 0xff);
- case 7:
- *(--op) = (unsigned char) ((right >> 8) & 0xff);
- case 6:
- *(--op) = (unsigned char) ((right >> 16) & 0xff);
- case 5:
- *(--op) = (unsigned char) ((right >> 24) & 0xff);
- case 4:
- *(--op) = (unsigned char) (left & 0xff);
- case 3:
- *(--op) = (unsigned char) ((left >> 8) & 0xff);
- case 2:
- *(--op) = (unsigned char) ((left >> 16) & 0xff);
- case 1:
- *(--op) = (unsigned char) ((left >> 24) & 0xff);
- break;
- }
- break; /* we're done */
- }
- }
-}
-
-int
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc)
-{
- /*
- * Deal with encryption and decryption separately.
- */
- if (enc)
- des_cbc_encrypt(in, out, length, schedule, ivec);
- else
- des_cbc_decrypt(in, out, length, schedule, ivec);
- return 0;
-}
diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c
deleted file mode 100644
index cb482b009..000000000
--- a/src/lib/crypto/builtin/des/f_cksum.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_cksum.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/* DES implementation donated by Dennis Ferguson */
-
-/*
- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * This routine performs DES cipher-block-chaining checksum operation,
- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
- * to a single 64 bit output MAC checksum.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
- * provided, your program will get trashed.
- *
- * The input is null padded, at the end (highest addr), to an integral
- * multiple of eight bytes.
- */
-
-unsigned long
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const krb5_octet *ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- DES_INT32 len;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = in;
- len = length;
- while (len > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (len >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- len -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) len;
- switch(len) {
- case 7:
- right ^= (*(--ip) & FF_UINT32) << 8;
- case 6:
- right ^= (*(--ip) & FF_UINT32) << 16;
- case 5:
- right ^= (*(--ip) & FF_UINT32) << 24;
- case 4:
- left ^= *(--ip) & FF_UINT32;
- case 3:
- left ^= (*(--ip) & FF_UINT32) << 8;
- case 2:
- left ^= (*(--ip) & FF_UINT32) << 16;
- case 1:
- left ^= (*(--ip) & FF_UINT32) << 24;
- break;
- }
- len = 0;
- }
-
- /*
- * Encrypt what we have
- */
- kp = (const unsigned DES_INT32 *)schedule;
- DES_DO_ENCRYPT(left, right, kp);
- }
-
- /*
- * Done. Left and right have the checksum. Put it into
- * the output.
- */
- op = out;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- /*
- * Return right. I'll bet the MIT code returns this
- * inconsistantly (with the low order byte of the checksum
- * not always in the low order byte of the DES_INT32). We won't.
- */
- return right & 0xFFFFFFFFUL;
-}
diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c
deleted file mode 100644
index 460b5061b..000000000
--- a/src/lib/crypto/builtin/des/f_parity.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * These routines check and fix parity of encryption keys for the DES
- * algorithm.
- *
- * They are a replacement for routines in key_parity.c, that don't require
- * the table building that they do.
- *
- * Mark Eichin -- Cygnus Support
- */
-
-
-#include "des_int.h"
-
-/*
- * des_fixup_key_parity: Forces odd parity per byte; parity is bits
- * 8,16,...64 in des order, implies 0, 8, 16, ...
- * vax order.
- */
-#define smask(step) ((1<<step)-1)
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
-
-void
-mit_des_fixup_key_parity(mit_des_cblock key)
-{
- unsigned int i;
- for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- key[i] &= 0xfe;
- key[i] |= 1^parity_char(key[i]);
- }
-
- return;
-}
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- * See des_fix_key_parity for the definition of
- * correct des parity.
- */
-int
-mit_des_check_key_parity(mit_des_cblock key)
-{
- unsigned int i;
-
- for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- if((key[i] & 1) == parity_char(0xfe&key[i]))
- {
- return 0;
- }
- }
-
- return(1);
-}
diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c
deleted file mode 100644
index 666a510fb..000000000
--- a/src/lib/crypto/builtin/des/f_sched.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_sched.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/* DES implementation donated by Dennis Ferguson */
-
-/*
- * des_make_sched.c - permute a DES key, returning the resulting key schedule
- */
-#include "k5-int.h"
-#include "des_int.h"
-
-/*
- * Permuted choice 1 tables. These are used to extract bits
- * from the left and right parts of the key to form Ci and Di.
- * The code that uses these tables knows which bits from which
- * part of each key are used to form Ci and Di.
- */
-static const unsigned DES_INT32 PC1_CL[8] = {
- 0x00000000, 0x00000010, 0x00001000, 0x00001010,
- 0x00100000, 0x00100010, 0x00101000, 0x00101010
-};
-
-static const unsigned DES_INT32 PC1_DL[16] = {
- 0x00000000, 0x00100000, 0x00001000, 0x00101000,
- 0x00000010, 0x00100010, 0x00001010, 0x00101010,
- 0x00000001, 0x00100001, 0x00001001, 0x00101001,
- 0x00000011, 0x00100011, 0x00001011, 0x00101011
-};
-
-static const unsigned DES_INT32 PC1_CR[16] = {
- 0x00000000, 0x00000001, 0x00000100, 0x00000101,
- 0x00010000, 0x00010001, 0x00010100, 0x00010101,
- 0x01000000, 0x01000001, 0x01000100, 0x01000101,
- 0x01010000, 0x01010001, 0x01010100, 0x01010101
-};
-
-static const unsigned DES_INT32 PC1_DR[8] = {
- 0x00000000, 0x01000000, 0x00010000, 0x01010000,
- 0x00000100, 0x01000100, 0x00010100, 0x01010100
-};
-
-
-/*
- * At the start of some iterations of the key schedule we do
- * a circular left shift by one place, while for others we do a shift by
- * two places. This has bits set for the iterations where we do 2 bit
- * shifts, starting at the low order bit.
- */
-#define TWO_BIT_SHIFTS 0x7efc
-
-/*
- * Permuted choice 2 tables. The first actually produces the low order
- * 24 bits of the subkey Ki from the 28 bit value of Ci. The second produces
- * the high order 24 bits from Di. The tables are indexed by six bit
- * segments of Ci and Di respectively. The code is handcrafted to compute
- * the appropriate 6 bit chunks.
- *
- * Note that for ease of computation, the 24 bit values are produced with
- * six bits going into each byte. Note also that the table has been byte
- * rearranged to produce keys which match the order we will apply them
- * in in the des code.
- */
-static const unsigned DES_INT32 PC2_C[4][64] = {
- {
- 0x00000000, 0x00000004, 0x00010000, 0x00010004,
- 0x00000400, 0x00000404, 0x00010400, 0x00010404,
- 0x00000020, 0x00000024, 0x00010020, 0x00010024,
- 0x00000420, 0x00000424, 0x00010420, 0x00010424,
- 0x01000000, 0x01000004, 0x01010000, 0x01010004,
- 0x01000400, 0x01000404, 0x01010400, 0x01010404,
- 0x01000020, 0x01000024, 0x01010020, 0x01010024,
- 0x01000420, 0x01000424, 0x01010420, 0x01010424,
- 0x00020000, 0x00020004, 0x00030000, 0x00030004,
- 0x00020400, 0x00020404, 0x00030400, 0x00030404,
- 0x00020020, 0x00020024, 0x00030020, 0x00030024,
- 0x00020420, 0x00020424, 0x00030420, 0x00030424,
- 0x01020000, 0x01020004, 0x01030000, 0x01030004,
- 0x01020400, 0x01020404, 0x01030400, 0x01030404,
- 0x01020020, 0x01020024, 0x01030020, 0x01030024,
- 0x01020420, 0x01020424, 0x01030420, 0x01030424,
- },
- {
- 0x00000000, 0x02000000, 0x00000800, 0x02000800,
- 0x00080000, 0x02080000, 0x00080800, 0x02080800,
- 0x00000001, 0x02000001, 0x00000801, 0x02000801,
- 0x00080001, 0x02080001, 0x00080801, 0x02080801,
- 0x00000100, 0x02000100, 0x00000900, 0x02000900,
- 0x00080100, 0x02080100, 0x00080900, 0x02080900,
- 0x00000101, 0x02000101, 0x00000901, 0x02000901,
- 0x00080101, 0x02080101, 0x00080901, 0x02080901,
- 0x10000000, 0x12000000, 0x10000800, 0x12000800,
- 0x10080000, 0x12080000, 0x10080800, 0x12080800,
- 0x10000001, 0x12000001, 0x10000801, 0x12000801,
- 0x10080001, 0x12080001, 0x10080801, 0x12080801,
- 0x10000100, 0x12000100, 0x10000900, 0x12000900,
- 0x10080100, 0x12080100, 0x10080900, 0x12080900,
- 0x10000101, 0x12000101, 0x10000901, 0x12000901,
- 0x10080101, 0x12080101, 0x10080901, 0x12080901,
- },
- {
- 0x00000000, 0x00040000, 0x00002000, 0x00042000,
- 0x00100000, 0x00140000, 0x00102000, 0x00142000,
- 0x20000000, 0x20040000, 0x20002000, 0x20042000,
- 0x20100000, 0x20140000, 0x20102000, 0x20142000,
- 0x00000008, 0x00040008, 0x00002008, 0x00042008,
- 0x00100008, 0x00140008, 0x00102008, 0x00142008,
- 0x20000008, 0x20040008, 0x20002008, 0x20042008,
- 0x20100008, 0x20140008, 0x20102008, 0x20142008,
- 0x00200000, 0x00240000, 0x00202000, 0x00242000,
- 0x00300000, 0x00340000, 0x00302000, 0x00342000,
- 0x20200000, 0x20240000, 0x20202000, 0x20242000,
- 0x20300000, 0x20340000, 0x20302000, 0x20342000,
- 0x00200008, 0x00240008, 0x00202008, 0x00242008,
- 0x00300008, 0x00340008, 0x00302008, 0x00342008,
- 0x20200008, 0x20240008, 0x20202008, 0x20242008,
- 0x20300008, 0x20340008, 0x20302008, 0x20342008,
- },
- {
- 0x00000000, 0x00000010, 0x08000000, 0x08000010,
- 0x00000200, 0x00000210, 0x08000200, 0x08000210,
- 0x00000002, 0x00000012, 0x08000002, 0x08000012,
- 0x00000202, 0x00000212, 0x08000202, 0x08000212,
- 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
- 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
- 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
- 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
- 0x00001000, 0x00001010, 0x08001000, 0x08001010,
- 0x00001200, 0x00001210, 0x08001200, 0x08001210,
- 0x00001002, 0x00001012, 0x08001002, 0x08001012,
- 0x00001202, 0x00001212, 0x08001202, 0x08001212,
- 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
- 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
- 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
- 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
- },
-};
-
-static const unsigned DES_INT32 PC2_D[4][64] = {
- {
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
- 0x00000008, 0x02000008, 0x00020008, 0x02020008,
- 0x00000108, 0x02000108, 0x00020108, 0x02020108,
- 0x00200000, 0x02200000, 0x00220000, 0x02220000,
- 0x00200100, 0x02200100, 0x00220100, 0x02220100,
- 0x00200008, 0x02200008, 0x00220008, 0x02220008,
- 0x00200108, 0x02200108, 0x00220108, 0x02220108,
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
- 0x00000208, 0x02000208, 0x00020208, 0x02020208,
- 0x00000308, 0x02000308, 0x00020308, 0x02020308,
- 0x00200200, 0x02200200, 0x00220200, 0x02220200,
- 0x00200300, 0x02200300, 0x00220300, 0x02220300,
- 0x00200208, 0x02200208, 0x00220208, 0x02220208,
- 0x00200308, 0x02200308, 0x00220308, 0x02220308,
- },
- {
- 0x00000000, 0x00001000, 0x00000020, 0x00001020,
- 0x00100000, 0x00101000, 0x00100020, 0x00101020,
- 0x08000000, 0x08001000, 0x08000020, 0x08001020,
- 0x08100000, 0x08101000, 0x08100020, 0x08101020,
- 0x00000004, 0x00001004, 0x00000024, 0x00001024,
- 0x00100004, 0x00101004, 0x00100024, 0x00101024,
- 0x08000004, 0x08001004, 0x08000024, 0x08001024,
- 0x08100004, 0x08101004, 0x08100024, 0x08101024,
- 0x00000400, 0x00001400, 0x00000420, 0x00001420,
- 0x00100400, 0x00101400, 0x00100420, 0x00101420,
- 0x08000400, 0x08001400, 0x08000420, 0x08001420,
- 0x08100400, 0x08101400, 0x08100420, 0x08101420,
- 0x00000404, 0x00001404, 0x00000424, 0x00001424,
- 0x00100404, 0x00101404, 0x00100424, 0x00101424,
- 0x08000404, 0x08001404, 0x08000424, 0x08001424,
- 0x08100404, 0x08101404, 0x08100424, 0x08101424,
- },
- {
- 0x00000000, 0x10000000, 0x00010000, 0x10010000,
- 0x00000002, 0x10000002, 0x00010002, 0x10010002,
- 0x00002000, 0x10002000, 0x00012000, 0x10012000,
- 0x00002002, 0x10002002, 0x00012002, 0x10012002,
- 0x00040000, 0x10040000, 0x00050000, 0x10050000,
- 0x00040002, 0x10040002, 0x00050002, 0x10050002,
- 0x00042000, 0x10042000, 0x00052000, 0x10052000,
- 0x00042002, 0x10042002, 0x00052002, 0x10052002,
- 0x20000000, 0x30000000, 0x20010000, 0x30010000,
- 0x20000002, 0x30000002, 0x20010002, 0x30010002,
- 0x20002000, 0x30002000, 0x20012000, 0x30012000,
- 0x20002002, 0x30002002, 0x20012002, 0x30012002,
- 0x20040000, 0x30040000, 0x20050000, 0x30050000,
- 0x20040002, 0x30040002, 0x20050002, 0x30050002,
- 0x20042000, 0x30042000, 0x20052000, 0x30052000,
- 0x20042002, 0x30042002, 0x20052002, 0x30052002,
- },
- {
- 0x00000000, 0x04000000, 0x00000001, 0x04000001,
- 0x01000000, 0x05000000, 0x01000001, 0x05000001,
- 0x00000010, 0x04000010, 0x00000011, 0x04000011,
- 0x01000010, 0x05000010, 0x01000011, 0x05000011,
- 0x00080000, 0x04080000, 0x00080001, 0x04080001,
- 0x01080000, 0x05080000, 0x01080001, 0x05080001,
- 0x00080010, 0x04080010, 0x00080011, 0x04080011,
- 0x01080010, 0x05080010, 0x01080011, 0x05080011,
- 0x00000800, 0x04000800, 0x00000801, 0x04000801,
- 0x01000800, 0x05000800, 0x01000801, 0x05000801,
- 0x00000810, 0x04000810, 0x00000811, 0x04000811,
- 0x01000810, 0x05000810, 0x01000811, 0x05000811,
- 0x00080800, 0x04080800, 0x00080801, 0x04080801,
- 0x01080800, 0x05080800, 0x01080801, 0x05080801,
- 0x00080810, 0x04080810, 0x00080811, 0x04080811,
- 0x01080810, 0x05080810, 0x01080811, 0x05080811
- },
-};
-
-
-
-/*
- * Permute the key to give us our key schedule.
- */
-int
-mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
-{
- unsigned DES_INT32 c, d;
-
- {
- /*
- * Need a pointer for the keys and a temporary DES_INT32
- */
- const unsigned char *k;
- unsigned DES_INT32 tmp;
-
- /*
- * Fetch the key into something we can work with
- */
- k = key;
-
- /*
- * The first permutted choice gives us the 28 bits for C0 and
- * 28 for D0. C0 gets 12 bits from the left key and 16 from
- * the right, while D0 gets 16 from the left and 12 from the
- * right. The code knows which bits go where.
- */
- tmp = load_32_be(k), k += 4;
-
- c = PC1_CL[(tmp >> 29) & 0x7]
- | (PC1_CL[(tmp >> 21) & 0x7] << 1)
- | (PC1_CL[(tmp >> 13) & 0x7] << 2)
- | (PC1_CL[(tmp >> 5) & 0x7] << 3);
- d = PC1_DL[(tmp >> 25) & 0xf]
- | (PC1_DL[(tmp >> 17) & 0xf] << 1)
- | (PC1_DL[(tmp >> 9) & 0xf] << 2)
- | (PC1_DL[(tmp >> 1) & 0xf] << 3);
-
- tmp = load_32_be(k), k += 4;
-
- c |= PC1_CR[(tmp >> 28) & 0xf]
- | (PC1_CR[(tmp >> 20) & 0xf] << 1)
- | (PC1_CR[(tmp >> 12) & 0xf] << 2)
- | (PC1_CR[(tmp >> 4) & 0xf] << 3);
- d |= PC1_DR[(tmp >> 25) & 0x7]
- | (PC1_DR[(tmp >> 17) & 0x7] << 1)
- | (PC1_DR[(tmp >> 9) & 0x7] << 2)
- | (PC1_DR[(tmp >> 1) & 0x7] << 3);
- }
-
- {
- /*
- * Need several temporaries in here
- */
- unsigned DES_INT32 ltmp, rtmp;
- unsigned DES_INT32 *k;
- int two_bit_shifts;
- int i;
- /*
- * Now iterate to compute the key schedule. Note that we
- * record the entire set of subkeys in 6 bit chunks since
- * they are used that way. At 6 bits/char, we need
- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
- * The schedule must be this big.
- */
- k = (unsigned DES_INT32 *)schedule;
- two_bit_shifts = TWO_BIT_SHIFTS;
- for (i = 16; i > 0; i--) {
- /*
- * Do the rotation. One bit and two bit rotations
- * are done separately. Note C and D are 28 bits.
- */
- if (two_bit_shifts & 0x1) {
- c = ((c << 2) & 0xffffffc) | (c >> 26);
- d = ((d << 2) & 0xffffffc) | (d >> 26);
- } else {
- c = ((c << 1) & 0xffffffe) | (c >> 27);
- d = ((d << 1) & 0xffffffe) | (d >> 27);
- }
- two_bit_shifts >>= 1;
-
- /*
- * Apply permutted choice 2 to C to get the first
- * 24 bits worth of keys. Note that bits 9, 18, 22
- * and 25 (using DES numbering) in C are unused. The
- * shift-mask stuff is done to delete these bits from
- * the indices, since this cuts the table size in half.
- *
- * The table is torqued, by the way. If the standard
- * byte order for this (high to low order) is 1234,
- * the table actually gives us 4132.
- */
- ltmp = PC2_C[0][((c >> 22) & 0x3f)]
- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
- /*
- * Apply permutted choice 2 to D to get the other half.
- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
- * actually turns out to be cheaper here.
- *
- * This table is similarly torqued. If the standard
- * byte order is 5678, the table has the bytes permuted
- * to give us 7685.
- */
- rtmp = PC2_D[0][((d >> 22) & 0x3f)]
- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
- | PC2_D[2][((d >> 7) & 0x3f)]
- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
-
- /*
- * Make up two words of the key schedule, with a
- * byte order which is convenient for the DES
- * inner loop. The high order (first) word will
- * hold bytes 7135 (high to low order) while the
- * second holds bytes 4682.
- */
- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
- }
- }
- return (0);
-}
diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c
deleted file mode 100644
index 6308cb0d5..000000000
--- a/src/lib/crypto/builtin/des/f_tables.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_tables.c */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/* DES implementation donated by Dennis Ferguson */
-
-/*
- * des_tables.c - precomputed tables used for the DES cipher function
- */
-
-/*
- * Include the header file so something will complain if the
- * declarations get out of sync
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * These tables may be declared const if you want. Many compilers
- * don't support this, though.
- */
-
-/*
- * The DES algorithm which uses these is intended to be fairly speedy
- * at the expense of some memory. All the standard hacks are used.
- * The S boxes and the P permutation are precomputed into one table.
- * The E box never actually appears explicitly since it is easy to apply
- * this algorithmically as needed. The initial permutation and final
- * (inverse initial) permutation are computed from tables designed to
- * permute one byte at a time. This should run pretty fast on machines
- * with 32 bit words and bit field/multiple bit shift instructions which
- * are fast.
- */
-
-/*
- * The initial permutation array. This is used to compute both the
- * left and the right halves of the initial permutation using bytes
- * from words made from the following operations:
- *
- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half
- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half
- *
- * The scheme is that we index into the table using each byte. The
- * result from the high order byte is or'd with the result from the
- * next byte shifted left once is or'd with the result from the next
- * byte shifted left twice if or'd with the result from the low order
- * byte shifted left by three. Clear?
- */
-
-const unsigned DES_INT32 des_IP_table[256] = {
- 0x00000000, 0x00000010, 0x00000001, 0x00000011,
- 0x00001000, 0x00001010, 0x00001001, 0x00001011,
- 0x00000100, 0x00000110, 0x00000101, 0x00000111,
- 0x00001100, 0x00001110, 0x00001101, 0x00001111,
- 0x00100000, 0x00100010, 0x00100001, 0x00100011,
- 0x00101000, 0x00101010, 0x00101001, 0x00101011,
- 0x00100100, 0x00100110, 0x00100101, 0x00100111,
- 0x00101100, 0x00101110, 0x00101101, 0x00101111,
- 0x00010000, 0x00010010, 0x00010001, 0x00010011,
- 0x00011000, 0x00011010, 0x00011001, 0x00011011,
- 0x00010100, 0x00010110, 0x00010101, 0x00010111,
- 0x00011100, 0x00011110, 0x00011101, 0x00011111,
- 0x00110000, 0x00110010, 0x00110001, 0x00110011,
- 0x00111000, 0x00111010, 0x00111001, 0x00111011,
- 0x00110100, 0x00110110, 0x00110101, 0x00110111,
- 0x00111100, 0x00111110, 0x00111101, 0x00111111,
- 0x10000000, 0x10000010, 0x10000001, 0x10000011,
- 0x10001000, 0x10001010, 0x10001001, 0x10001011,
- 0x10000100, 0x10000110, 0x10000101, 0x10000111,
- 0x10001100, 0x10001110, 0x10001101, 0x10001111,
- 0x10100000, 0x10100010, 0x10100001, 0x10100011,
- 0x10101000, 0x10101010, 0x10101001, 0x10101011,
- 0x10100100, 0x10100110, 0x10100101, 0x10100111,
- 0x10101100, 0x10101110, 0x10101101, 0x10101111,
- 0x10010000, 0x10010010, 0x10010001, 0x10010011,
- 0x10011000, 0x10011010, 0x10011001, 0x10011011,
- 0x10010100, 0x10010110, 0x10010101, 0x10010111,
- 0x10011100, 0x10011110, 0x10011101, 0x10011111,
- 0x10110000, 0x10110010, 0x10110001, 0x10110011,
- 0x10111000, 0x10111010, 0x10111001, 0x10111011,
- 0x10110100, 0x10110110, 0x10110101, 0x10110111,
- 0x10111100, 0x10111110, 0x10111101, 0x10111111,
- 0x01000000, 0x01000010, 0x01000001, 0x01000011,
- 0x01001000, 0x01001010, 0x01001001, 0x01001011,
- 0x01000100, 0x01000110, 0x01000101, 0x01000111,
- 0x01001100, 0x01001110, 0x01001101, 0x01001111,
- 0x01100000, 0x01100010, 0x01100001, 0x01100011,
- 0x01101000, 0x01101010, 0x01101001, 0x01101011,
- 0x01100100, 0x01100110, 0x01100101, 0x01100111,
- 0x01101100, 0x01101110, 0x01101101, 0x01101111,
- 0x01010000, 0x01010010, 0x01010001, 0x01010011,
- 0x01011000, 0x01011010, 0x01011001, 0x01011011,
- 0x01010100, 0x01010110, 0x01010101, 0x01010111,
- 0x01011100, 0x01011110, 0x01011101, 0x01011111,
- 0x01110000, 0x01110010, 0x01110001, 0x01110011,
- 0x01111000, 0x01111010, 0x01111001, 0x01111011,
- 0x01110100, 0x01110110, 0x01110101, 0x01110111,
- 0x01111100, 0x01111110, 0x01111101, 0x01111111,
- 0x11000000, 0x11000010, 0x11000001, 0x11000011,
- 0x11001000, 0x11001010, 0x11001001, 0x11001011,
- 0x11000100, 0x11000110, 0x11000101, 0x11000111,
- 0x11001100, 0x11001110, 0x11001101, 0x11001111,
- 0x11100000, 0x11100010, 0x11100001, 0x11100011,
- 0x11101000, 0x11101010, 0x11101001, 0x11101011,
- 0x11100100, 0x11100110, 0x11100101, 0x11100111,
- 0x11101100, 0x11101110, 0x11101101, 0x11101111,
- 0x11010000, 0x11010010, 0x11010001, 0x11010011,
- 0x11011000, 0x11011010, 0x11011001, 0x11011011,
- 0x11010100, 0x11010110, 0x11010101, 0x11010111,
- 0x11011100, 0x11011110, 0x11011101, 0x11011111,
- 0x11110000, 0x11110010, 0x11110001, 0x11110011,
- 0x11111000, 0x11111010, 0x11111001, 0x11111011,
- 0x11110100, 0x11110110, 0x11110101, 0x11110111,
- 0x11111100, 0x11111110, 0x11111101, 0x11111111
-};
-
-/*
- * The final permutation array. Like the IP array, used
- * to compute both the left and right results from the bytes
- * of words computed from:
- *
- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result
- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result
- *
- * The result from the high order byte is shifted left 6 bits and
- * or'd with the result from the next byte shifted left 4 bits, which
- * is or'd with the result from the next byte shifted left 2 bits,
- * which is or'd with the result from the low byte.
- */
-const unsigned DES_INT32 des_FP_table[256] = {
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
- 0x00000002, 0x02000002, 0x00020002, 0x02020002,
- 0x00000202, 0x02000202, 0x00020202, 0x02020202,
- 0x01000000, 0x03000000, 0x01020000, 0x03020000,
- 0x01000200, 0x03000200, 0x01020200, 0x03020200,
- 0x01000002, 0x03000002, 0x01020002, 0x03020002,
- 0x01000202, 0x03000202, 0x01020202, 0x03020202,
- 0x00010000, 0x02010000, 0x00030000, 0x02030000,
- 0x00010200, 0x02010200, 0x00030200, 0x02030200,
- 0x00010002, 0x02010002, 0x00030002, 0x02030002,
- 0x00010202, 0x02010202, 0x00030202, 0x02030202,
- 0x01010000, 0x03010000, 0x01030000, 0x03030000,
- 0x01010200, 0x03010200, 0x01030200, 0x03030200,
- 0x01010002, 0x03010002, 0x01030002, 0x03030002,
- 0x01010202, 0x03010202, 0x01030202, 0x03030202,
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
- 0x00000102, 0x02000102, 0x00020102, 0x02020102,
- 0x00000302, 0x02000302, 0x00020302, 0x02020302,
- 0x01000100, 0x03000100, 0x01020100, 0x03020100,
- 0x01000300, 0x03000300, 0x01020300, 0x03020300,
- 0x01000102, 0x03000102, 0x01020102, 0x03020102,
- 0x01000302, 0x03000302, 0x01020302, 0x03020302,
- 0x00010100, 0x02010100, 0x00030100, 0x02030100,
- 0x00010300, 0x02010300, 0x00030300, 0x02030300,
- 0x00010102, 0x02010102, 0x00030102, 0x02030102,
- 0x00010302, 0x02010302, 0x00030302, 0x02030302,
- 0x01010100, 0x03010100, 0x01030100, 0x03030100,
- 0x01010300, 0x03010300, 0x01030300, 0x03030300,
- 0x01010102, 0x03010102, 0x01030102, 0x03030102,
- 0x01010302, 0x03010302, 0x01030302, 0x03030302,
- 0x00000001, 0x02000001, 0x00020001, 0x02020001,
- 0x00000201, 0x02000201, 0x00020201, 0x02020201,
- 0x00000003, 0x02000003, 0x00020003, 0x02020003,
- 0x00000203, 0x02000203, 0x00020203, 0x02020203,
- 0x01000001, 0x03000001, 0x01020001, 0x03020001,
- 0x01000201, 0x03000201, 0x01020201, 0x03020201,
- 0x01000003, 0x03000003, 0x01020003, 0x03020003,
- 0x01000203, 0x03000203, 0x01020203, 0x03020203,
- 0x00010001, 0x02010001, 0x00030001, 0x02030001,
- 0x00010201, 0x02010201, 0x00030201, 0x02030201,
- 0x00010003, 0x02010003, 0x00030003, 0x02030003,
- 0x00010203, 0x02010203, 0x00030203, 0x02030203,
- 0x01010001, 0x03010001, 0x01030001, 0x03030001,
- 0x01010201, 0x03010201, 0x01030201, 0x03030201,
- 0x01010003, 0x03010003, 0x01030003, 0x03030003,
- 0x01010203, 0x03010203, 0x01030203, 0x03030203,
- 0x00000101, 0x02000101, 0x00020101, 0x02020101,
- 0x00000301, 0x02000301, 0x00020301, 0x02020301,
- 0x00000103, 0x02000103, 0x00020103, 0x02020103,
- 0x00000303, 0x02000303, 0x00020303, 0x02020303,
- 0x01000101, 0x03000101, 0x01020101, 0x03020101,
- 0x01000301, 0x03000301, 0x01020301, 0x03020301,
- 0x01000103, 0x03000103, 0x01020103, 0x03020103,
- 0x01000303, 0x03000303, 0x01020303, 0x03020303,
- 0x00010101, 0x02010101, 0x00030101, 0x02030101,
- 0x00010301, 0x02010301, 0x00030301, 0x02030301,
- 0x00010103, 0x02010103, 0x00030103, 0x02030103,
- 0x00010303, 0x02010303, 0x00030303, 0x02030303,
- 0x01010101, 0x03010101, 0x01030101, 0x03030101,
- 0x01010301, 0x03010301, 0x01030301, 0x03030301,
- 0x01010103, 0x03010103, 0x01030103, 0x03030103,
- 0x01010303, 0x03010303, 0x01030303, 0x03030303
-};
-
-
-/*
- * The SP table is actually the S boxes and the P permutation
- * table combined. This table is actually reordered from the
- * spec, to match the order of key application we follow.
- */
-const unsigned DES_INT32 des_SP_table[8][64] = {
- {
- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
- 0x00000400, 0x02000401, 0x00100401, 0x02100400,
- 0x02100401, 0x00100000, 0x00000000, 0x02000001,
- 0x00000001, 0x02000000, 0x02100001, 0x00000401,
- 0x02000400, 0x00100401, 0x00100001, 0x02000400,
- 0x02000001, 0x02100000, 0x02100400, 0x00100001,
- 0x02100000, 0x00000400, 0x00000401, 0x02100401,
- 0x00100400, 0x00000001, 0x02000000, 0x00100400,
- 0x02000000, 0x00100400, 0x00100000, 0x02000401,
- 0x02000401, 0x02100001, 0x02100001, 0x00000001,
- 0x00100001, 0x02000000, 0x02000400, 0x00100000,
- 0x02100400, 0x00000401, 0x00100401, 0x02100400,
- 0x00000401, 0x02000001, 0x02100401, 0x02100000,
- 0x00100400, 0x00000000, 0x00000001, 0x02100401,
- 0x00000000, 0x00100401, 0x02100000, 0x00000400,
- 0x02000001, 0x02000400, 0x00000400, 0x00100001,
- },
- {
- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
- 0x00808002, 0x00008202, 0x00000002, 0x00008000,
- 0x00000200, 0x00808200, 0x00808202, 0x00000200,
- 0x00800202, 0x00808002, 0x00800000, 0x00000002,
- 0x00000202, 0x00800200, 0x00800200, 0x00008200,
- 0x00008200, 0x00808000, 0x00808000, 0x00800202,
- 0x00008002, 0x00800002, 0x00800002, 0x00008002,
- 0x00000000, 0x00000202, 0x00008202, 0x00800000,
- 0x00008000, 0x00808202, 0x00000002, 0x00808000,
- 0x00808200, 0x00800000, 0x00800000, 0x00000200,
- 0x00808002, 0x00008000, 0x00008200, 0x00800002,
- 0x00000200, 0x00000002, 0x00800202, 0x00008202,
- 0x00808202, 0x00008002, 0x00808000, 0x00800202,
- 0x00800002, 0x00000202, 0x00008202, 0x00808200,
- 0x00000202, 0x00800200, 0x00800200, 0x00000000,
- 0x00008002, 0x00008200, 0x00000000, 0x00808002,
- },
- {
- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
- 0x04000100, 0x00000000, 0x00010104, 0x04000100,
- 0x00010004, 0x04000004, 0x04000004, 0x00010000,
- 0x04010104, 0x00010004, 0x04010000, 0x00000104,
- 0x04000000, 0x00000004, 0x04010100, 0x00000100,
- 0x00010100, 0x04010000, 0x04010004, 0x00010104,
- 0x04000104, 0x00010100, 0x00010000, 0x04000104,
- 0x00000004, 0x04010104, 0x00000100, 0x04000000,
- 0x04010100, 0x04000000, 0x00010004, 0x00000104,
- 0x00010000, 0x04010100, 0x04000100, 0x00000000,
- 0x00000100, 0x00010004, 0x04010104, 0x04000100,
- 0x04000004, 0x00000100, 0x00000000, 0x04010004,
- 0x04000104, 0x00010000, 0x04000000, 0x04010104,
- 0x00000004, 0x00010104, 0x00010100, 0x04000004,
- 0x04010000, 0x04000104, 0x00000104, 0x04010000,
- 0x00010104, 0x00000004, 0x04010004, 0x00010100,
- },
- {
- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
- 0x00040000, 0x00000080, 0x20000000, 0x01040000,
- 0x20040080, 0x00040000, 0x01000080, 0x20040080,
- 0x21000080, 0x21040000, 0x00040080, 0x20000000,
- 0x01000000, 0x20040000, 0x20040000, 0x00000000,
- 0x20000080, 0x21040080, 0x21040080, 0x01000080,
- 0x21040000, 0x20000080, 0x00000000, 0x21000000,
- 0x01040080, 0x01000000, 0x21000000, 0x00040080,
- 0x00040000, 0x21000080, 0x00000080, 0x01000000,
- 0x20000000, 0x01040000, 0x21000080, 0x20040080,
- 0x01000080, 0x20000000, 0x21040000, 0x01040080,
- 0x20040080, 0x00000080, 0x01000000, 0x21040000,
- 0x21040080, 0x00040080, 0x21000000, 0x21040080,
- 0x01040000, 0x00000000, 0x20040000, 0x21000000,
- 0x00040080, 0x01000080, 0x20000080, 0x00040000,
- 0x00000000, 0x20040000, 0x01040080, 0x20000080,
- },
- {
- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
- 0x00401040, 0x80400040, 0x80400000, 0x80001000,
- 0x00000000, 0x00401000, 0x00401000, 0x80401040,
- 0x80000040, 0x00000000, 0x00400040, 0x80400000,
- 0x80000000, 0x00001000, 0x00400000, 0x80401000,
- 0x00000040, 0x00400000, 0x80001000, 0x00001040,
- 0x80400040, 0x80000000, 0x00001040, 0x00400040,
- 0x00001000, 0x00401040, 0x80401040, 0x80000040,
- 0x00400040, 0x80400000, 0x00401000, 0x80401040,
- 0x80000040, 0x00000000, 0x00000000, 0x00401000,
- 0x00001040, 0x00400040, 0x80400040, 0x80000000,
- 0x80401000, 0x80001040, 0x80001040, 0x00000040,
- 0x80401040, 0x80000040, 0x80000000, 0x00001000,
- 0x80400000, 0x80001000, 0x00401040, 0x80400040,
- 0x80001000, 0x00001040, 0x00400000, 0x80401000,
- 0x00000040, 0x00400000, 0x00001000, 0x00401040,
- },
- {
- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
- 0x10200000, 0x00000008, 0x10202008, 0x00200000,
- 0x10002000, 0x00202008, 0x00200000, 0x10000008,
- 0x00200008, 0x10002000, 0x10000000, 0x00002008,
- 0x00000000, 0x00200008, 0x10002008, 0x00002000,
- 0x00202000, 0x10002008, 0x00000008, 0x10200008,
- 0x10200008, 0x00000000, 0x00202008, 0x10202000,
- 0x00002008, 0x00202000, 0x10202000, 0x10000000,
- 0x10002000, 0x00000008, 0x10200008, 0x00202000,
- 0x10202008, 0x00200000, 0x00002008, 0x10000008,
- 0x00200000, 0x10002000, 0x10000000, 0x00002008,
- 0x10000008, 0x10202008, 0x00202000, 0x10200000,
- 0x00202008, 0x10202000, 0x00000000, 0x10200008,
- 0x00000008, 0x00002000, 0x10200000, 0x00202008,
- 0x00002000, 0x00200008, 0x10002008, 0x00000000,
- 0x10202000, 0x10000000, 0x00200008, 0x10002008,
- },
- {
- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
- 0x08000000, 0x08000820, 0x00000020, 0x08000000,
- 0x00020020, 0x08020000, 0x08020820, 0x00020800,
- 0x08020800, 0x00020820, 0x00000800, 0x00000020,
- 0x08020000, 0x08000020, 0x08000800, 0x00000820,
- 0x00020800, 0x00020020, 0x08020020, 0x08020800,
- 0x00000820, 0x00000000, 0x00000000, 0x08020020,
- 0x08000020, 0x08000800, 0x00020820, 0x00020000,
- 0x00020820, 0x00020000, 0x08020800, 0x00000800,
- 0x00000020, 0x08020020, 0x00000800, 0x00020820,
- 0x08000800, 0x00000020, 0x08000020, 0x08020000,
- 0x08020020, 0x08000000, 0x00020000, 0x08000820,
- 0x00000000, 0x08020820, 0x00020020, 0x08000020,
- 0x08020000, 0x08000800, 0x08000820, 0x00000000,
- 0x08020820, 0x00020800, 0x00020800, 0x00000820,
- 0x00000820, 0x00020020, 0x08000000, 0x08020800,
- },
- {
- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
- 0x00080000, 0x00000010, 0x40080010, 0x40004010,
- 0x40000010, 0x40084010, 0x40084000, 0x40000000,
- 0x40004000, 0x00080000, 0x00000010, 0x40080010,
- 0x00084000, 0x00080010, 0x40004010, 0x00000000,
- 0x40000000, 0x00004000, 0x00084010, 0x40080000,
- 0x00080010, 0x40000010, 0x00000000, 0x00084000,
- 0x00004010, 0x40084000, 0x40080000, 0x00004010,
- 0x00000000, 0x00084010, 0x40080010, 0x00080000,
- 0x40004010, 0x40080000, 0x40084000, 0x00004000,
- 0x40080000, 0x40004000, 0x00000010, 0x40084010,
- 0x00084010, 0x00000010, 0x00004000, 0x40000000,
- 0x00004010, 0x40084000, 0x00080000, 0x40000010,
- 0x00080010, 0x40004010, 0x40000010, 0x00080010,
- 0x00084000, 0x00000000, 0x40004000, 0x00004010,
- 0x40000000, 0x40080010, 0x40084010, 0x00084000
- },
-};
diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h
deleted file mode 100644
index fc91b566c..000000000
--- a/src/lib/crypto/builtin/des/f_tables.h
+++ /dev/null
@@ -1,285 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/f_tables.h */
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_tables.h - declarations to import the DES tables, used internally
- * by some of the library routines.
- */
-#ifndef __DES_TABLES_H__
-#define __DES_TABLES_H__ /* nothing */
-
-#include "k5-platform.h"
-/*
- * These may be declared const if you wish. Be sure to change the
- * declarations in des_tables.c as well.
- */
-extern const unsigned DES_INT32 des_IP_table[256];
-extern const unsigned DES_INT32 des_FP_table[256];
-extern const unsigned DES_INT32 des_SP_table[8][64];
-
-/*
- * Use standard shortforms to reference these to save typing
- */
-#define IP des_IP_table
-#define FP des_FP_table
-#define SP des_SP_table
-
-#ifdef DEBUG
-#define DEB(foofraw) printf foofraw
-#else
-#define DEB(foofraw) /* nothing */
-#endif
-
-/*
- * Code to do a DES round using the tables. Note that the E expansion
- * is easy to compute algorithmically, especially if done out-of-order.
- * Take a look at its form and compare it to everything involving temp
- * below. Since SP[0-7] don't have any bits in common set it is okay
- * to do the successive xor's.
- *
- * Note too that the SP table has been reordered to match the order of
- * the keys (if the original order of SP was 12345678, the reordered
- * table is 71354682). This is unnecessary, but was done since some
- * compilers seem to like you going through the matrix from beginning
- * to end.
- *
- * There is a difference in the best way to do this depending on whether
- * one is encrypting or decrypting. If encrypting we move forward through
- * the keys and hence should move forward through the table. If decrypting
- * we go back. Part of the need for this comes from trying to emulate
- * existing software which generates a single key schedule and uses it
- * both for encrypting and decrypting. Generating separate encryption
- * and decryption key schedules would allow one to use the same code
- * for both.
- *
- * left, right and temp should be unsigned DES_INT32 values. left and right
- * should be the high and low order parts of the cipher block at the
- * current stage of processing (this makes sense if you read the spec).
- * kp should be an unsigned DES_INT32 pointer which points at the current
- * set of subkeys in the key schedule. It is advanced to the next set
- * (i.e. by 8 bytes) when this is done.
- *
- * This occurs in the innermost loop of the DES function. The four
- * variables should really be in registers.
- *
- * When using this, the inner loop of the DES function might look like:
- *
- * for (i = 0; i < 8; i++) {
- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
- * }
- *
- * Note the trick above. You are supposed to do 16 rounds, swapping
- * left and right at the end of each round. By doing two rounds at
- * a time and swapping left and right in the code we can avoid the
- * swaps altogether.
- */
-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
- (left) ^= SP[0][((temp) >> 24) & 0x3f] \
- | SP[1][((temp) >> 16) & 0x3f] \
- | SP[2][((temp) >> 8) & 0x3f] \
- | SP[3][((temp) ) & 0x3f]; \
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
- (left) ^= SP[4][((temp) >> 24) & 0x3f] \
- | SP[5][((temp) >> 16) & 0x3f] \
- | SP[6][((temp) >> 8) & 0x3f] \
- | SP[7][((temp) ) & 0x3f]; \
- } while(0);
-
-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
- (left) ^= SP[7][((temp) ) & 0x3f] \
- | SP[6][((temp) >> 8) & 0x3f] \
- | SP[5][((temp) >> 16) & 0x3f] \
- | SP[4][((temp) >> 24) & 0x3f]; \
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
- (left) ^= SP[3][((temp) ) & 0x3f] \
- | SP[2][((temp) >> 8) & 0x3f] \
- | SP[1][((temp) >> 16) & 0x3f] \
- | SP[0][((temp) >> 24) & 0x3f]; \
- } while (0);
-
-/*
- * Macros to help deal with the initial permutation table. Note
- * the IP table only deals with 32 bits at a time, allowing us to
- * collect the bits we need to deal with each half into an unsigned
- * DES_INT32. By carefully selecting how the bits are ordered we also
- * take advantages of symmetries in the table so that we can use a
- * single table to compute the permutation of all bytes. This sounds
- * complicated, but if you go through the process of designing the
- * table you'll find the symmetries fall right out.
- *
- * The follow macros compute the set of bits used to index the
- * table for produce the left and right permuted result.
- *
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
- * propagates the high-order bit in the shift.
- */
-#define DES_IP_LEFT_BITS(left, right) \
- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
-#define DES_IP_RIGHT_BITS(left, right) \
- (((left) & 0xaaaaaaaa) | \
- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
-
-/*
- * The following macro does an in-place initial permutation given
- * the current left and right parts of the block and a single
- * temporary. Use this more as a guide for rolling your own, though.
- * The best way to do the IP depends on the form of the data you
- * are dealing with. If you use this, though, try to make left,
- * right and temp unsigned DES_INT32s.
- */
-#define DES_INITIAL_PERM(left, right, temp) do { \
- (temp) = DES_IP_RIGHT_BITS((left), (right)); \
- (right) = DES_IP_LEFT_BITS((left), (right)); \
- (left) = IP[((right) >> 24) & 0xff] \
- | (IP[((right) >> 16) & 0xff] << 1) \
- | (IP[((right) >> 8) & 0xff] << 2) \
- | (IP[(right) & 0xff] << 3); \
- (right) = IP[((temp) >> 24) & 0xff] \
- | (IP[((temp) >> 16) & 0xff] << 1) \
- | (IP[((temp) >> 8) & 0xff] << 2) \
- | (IP[(temp) & 0xff] << 3); \
- } while(0);
-
-/*
- * Now the final permutation stuff. The same comments apply to
- * this as to the initial permutation, except that we use different
- * bits and shifts.
- *
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
- * propagates the high-order bit in the shift.
- */
-#define DES_FP_LEFT_BITS(left, right) \
- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
-#define DES_FP_RIGHT_BITS(left, right) \
- (((left) & 0xf0f0f0f0) | \
- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
-
-
-/*
- * Here is a sample final permutation. Note that there is a trick
- * here. DES requires swapping the left and right parts after the
- * last cipher round but before the final permutation. We do this
- * swapping internally, which is why left and right are confused
- * at the beginning.
- */
-#define DES_FINAL_PERM(left, right, temp) do { \
- (temp) = DES_FP_RIGHT_BITS((right), (left)); \
- (right) = DES_FP_LEFT_BITS((right), (left)); \
- (left) = (FP[((right) >> 24) & 0xff] << 6) \
- | (FP[((right) >> 16) & 0xff] << 4) \
- | (FP[((right) >> 8) & 0xff] << 2) \
- | FP[(right) & 0xff]; \
- (right) = (FP[((temp) >> 24) & 0xff] << 6) \
- | (FP[((temp) >> 16) & 0xff] << 4) \
- | (FP[((temp) >> 8) & 0xff] << 2) \
- | FP[temp & 0xff]; \
- } while(0);
-
-
-/*
- * Finally, as a sample of how all this might be held together, the
- * following two macros do in-place encryptions and decryptions. left
- * and right are two unsigned DES_INT32 variables which at the beginning
- * are expected to hold the clear (encrypted) block in host byte order
- * (left the high order four bytes, right the low order). At the end
- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32
- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at
- * the start of the key schedule. All these should be in registers.
- *
- * You can probably do better than these by rewriting for particular
- * situations. These aren't bad, though.
- *
- * The DEB macros enable debugging when this code breaks (typically
- * when a buggy compiler breaks it), by printing the intermediate values
- * at each stage of the encryption, so that by comparing the output to
- * a known good machine, the location of the first error can be found.
- */
-#define DES_DO_ENCRYPT_1(left, right, kp) \
- do { \
- int i; \
- unsigned DES_INT32 temp1; \
- DEB (("do_encrypt %8lX %8lX \n", left, right)); \
- DES_INITIAL_PERM((left), (right), (temp1)); \
- DEB ((" after IP %8lX %8lX\n", left, right)); \
- for (i = 0; i < 8; i++) { \
- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
- } \
- DES_FINAL_PERM((left), (right), (temp1)); \
- (kp) -= (2 * 16); \
- DEB ((" after FP %8lX %8lX \n", left, right)); \
- } while (0)
-
-#define DES_DO_DECRYPT_1(left, right, kp) \
- do { \
- int i; \
- unsigned DES_INT32 temp2; \
- DES_INITIAL_PERM((left), (right), (temp2)); \
- (kp) += (2 * 16); \
- for (i = 0; i < 8; i++) { \
- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
- } \
- DES_FINAL_PERM((left), (right), (temp2)); \
- } while (0)
-
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
-extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
- unsigned DES_INT32 *r,
- const unsigned DES_INT32 *k);
-extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
- unsigned DES_INT32 *r,
- const unsigned DES_INT32 *k);
-#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
-#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
-#else
-#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1
-#define DES_DO_DECRYPT DES_DO_DECRYPT_1
-#endif
-
-/*
- * These are handy dandy utility thingies for straightening out bytes.
- * Included here because they're used a couple of places.
- */
-#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
-#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
-
-/* Shorthand that we'll need in several places, for creating values that
- really can hold 32 bits regardless of the prevailing int size. */
-#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
-
-#endif /* __DES_TABLES_H__ */
diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c
deleted file mode 100644
index 87f02b6a9..000000000
--- a/src/lib/crypto/builtin/des/key_sched.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/key_sched.c */
-/*
- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * This routine computes the DES key schedule given a key. The
- * permutations and shifts have been done at compile time, resulting
- * in a direct one-step mapping from the input key to the key
- * schedule.
- *
- * Also checks parity and weak keys.
- *
- * Watch out for the subscripts -- most effectively start at 1 instead
- * of at zero. Maybe some bugs in that area.
- *
- * In case the user wants to cache the computed key schedule, it is
- * passed as an arg. Also implies that caller has explicit control
- * over zeroing both the key schedule and the key.
- *
- * Originally written 6/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-int
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
-{
- mit_des_make_key_sched(k,schedule);
-
- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
- return(-1);
-
- if (mit_des_is_weak_key(k))
- return(-2);
-
- /* if key was good, return 0 */
- return 0;
-}
diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data
deleted file mode 100644
index 7ff34eedc..000000000
--- a/src/lib/crypto/builtin/des/keytest.data
+++ /dev/null
@@ -1,171 +0,0 @@
-0101010101010101 95F8A5E5DD31D900 8000000000000000
-0101010101010101 DD7F121CA5015619 4000000000000000
-0101010101010101 2E8653104F3834EA 2000000000000000
-0101010101010101 4BD388FF6CD81D4F 1000000000000000
-0101010101010101 20B9E767B2FB1456 0800000000000000
-0101010101010101 55579380D77138EF 0400000000000000
-0101010101010101 6CC5DEFAAF04512F 0200000000000000
-0101010101010101 0D9F279BA5D87260 0100000000000000
-0101010101010101 D9031B0271BD5A0A 0080000000000000
-0101010101010101 424250B37C3DD951 0040000000000000
-0101010101010101 B8061B7ECD9A21E5 0020000000000000
-0101010101010101 F15D0F286B65BD28 0010000000000000
-0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000
-0101010101010101 E6D5F82752AD63D1 0004000000000000
-0101010101010101 ECBFE3BD3F591A5E 0002000000000000
-0101010101010101 F356834379D165CD 0001000000000000
-0101010101010101 2B9F982F20037FA9 0000800000000000
-0101010101010101 889DE068A16F0BE6 0000400000000000
-0101010101010101 E19E275D846A1298 0000200000000000
-0101010101010101 329A8ED523D71AEC 0000100000000000
-0101010101010101 E7FCE22557D23C97 0000080000000000
-0101010101010101 12A9F5817FF2D65D 0000040000000000
-0101010101010101 A484C3AD38DC9C19 0000020000000000
-0101010101010101 FBE00A8A1EF8AD72 0000010000000000
-0101010101010101 750D079407521363 0000008000000000
-0101010101010101 64FEED9C724C2FAF 0000004000000000
-0101010101010101 F02B263B328E2B60 0000002000000000
-0101010101010101 9D64555A9A10B852 0000001000000000
-0101010101010101 D106FF0BED5255D7 0000000800000000
-0101010101010101 E1652C6B138C64A5 0000000400000000
-0101010101010101 E428581186EC8F46 0000000200000000
-0101010101010101 AEB5F5EDE22D1A36 0000000100000000
-0101010101010101 E943D7568AEC0C5C 0000000080000000
-0101010101010101 DF98C8276F54B04B 0000000040000000
-0101010101010101 B160E4680F6C696F 0000000020000000
-0101010101010101 FA0752B07D9C4AB8 0000000010000000
-0101010101010101 CA3A2B036DBC8502 0000000008000000
-0101010101010101 5E0905517BB59BCF 0000000004000000
-0101010101010101 814EEB3B91D90726 0000000002000000
-0101010101010101 4D49DB1532919C9F 0000000001000000
-0101010101010101 25EB5FC3F8CF0621 0000000000800000
-0101010101010101 AB6A20C0620D1C6F 0000000000400000
-0101010101010101 79E90DBC98F92CCA 0000000000200000
-0101010101010101 866ECEDD8072BB0E 0000000000100000
-0101010101010101 8B54536F2F3E64A8 0000000000080000
-0101010101010101 EA51D3975595B86B 0000000000040000
-0101010101010101 CAFFC6AC4542DE31 0000000000020000
-0101010101010101 8DD45A2DDF90796C 0000000000010000
-0101010101010101 1029D55E880EC2D0 0000000000008000
-0101010101010101 5D86CB23639DBEA9 0000000000004000
-0101010101010101 1D1CA853AE7C0C5F 0000000000002000
-0101010101010101 CE332329248F3228 0000000000001000
-0101010101010101 8405D1ABE24FB942 0000000000000800
-0101010101010101 E643D78090CA4207 0000000000000400
-0101010101010101 48221B9937748A23 0000000000000200
-0101010101010101 DD7C0BBD61FAFD54 0000000000000100
-0101010101010101 2FBC291A570DB5C4 0000000000000080
-0101010101010101 E07C30D7E4E26E12 0000000000000040
-0101010101010101 0953E2258E8E90A1 0000000000000020
-0101010101010101 5B711BC4CEEBF2EE 0000000000000010
-0101010101010101 CC083F1E6D9E85F6 0000000000000008
-0101010101010101 D2FD8867D50D2DFE 0000000000000004
-0101010101010101 06E7EA22CE92708F 0000000000000002
-0101010101010101 166B40B44ABA4BD6 0000000000000001
-8001010101010101 0000000000000000 95A8D72813DAA94D
-4001010101010101 0000000000000000 0EEC1487DD8C26D5
-2001010101010101 0000000000000000 7AD16FFB79C45926
-1001010101010101 0000000000000000 D3746294CA6A6CF3
-0801010101010101 0000000000000000 809F5F873C1FD761
-0401010101010101 0000000000000000 C02FAFFEC989D1FC
-0201010101010101 0000000000000000 4615AA1D33E72F10
-0180010101010101 0000000000000000 2055123350C00858
-0140010101010101 0000000000000000 DF3B99D6577397C8
-0120010101010101 0000000000000000 31FE17369B5288C9
-0110010101010101 0000000000000000 DFDD3CC64DAE1642
-0108010101010101 0000000000000000 178C83CE2B399D94
-0104010101010101 0000000000000000 50F636324A9B7F80
-0102010101010101 0000000000000000 A8468EE3BC18F06D
-0101800101010101 0000000000000000 A2DC9E92FD3CDE92
-0101400101010101 0000000000000000 CAC09F797D031287
-0101200101010101 0000000000000000 90BA680B22AEB525
-0101100101010101 0000000000000000 CE7A24F350E280B6
-0101080101010101 0000000000000000 882BFF0AA01A0B87
-0101040101010101 0000000000000000 25610288924511C2
-0101020101010101 0000000000000000 C71516C29C75D170
-0101018001010101 0000000000000000 5199C29A52C9F059
-0101014001010101 0000000000000000 C22F0A294A71F29F
-0101012001010101 0000000000000000 EE371483714C02EA
-0101011001010101 0000000000000000 A81FBD448F9E522F
-0101010801010101 0000000000000000 4F644C92E192DFED
-0101010401010101 0000000000000000 1AFA9A66A6DF92AE
-0101010201010101 0000000000000000 B3C1CC715CB879D8
-0101010180010101 0000000000000000 19D032E64AB0BD8B
-0101010140010101 0000000000000000 3CFAA7A7DC8720DC
-0101010120010101 0000000000000000 B7265F7F447AC6F3
-0101010110010101 0000000000000000 9DB73B3C0D163F54
-0101010108010101 0000000000000000 8181B65BABF4A975
-0101010104010101 0000000000000000 93C9B64042EAA240
-0101010102010101 0000000000000000 5570530829705592
-0101010101800101 0000000000000000 8638809E878787A0
-0101010101400101 0000000000000000 41B9A79AF79AC208
-0101010101200101 0000000000000000 7A9BE42F2009A892
-0101010101100101 0000000000000000 29038D56BA6D2745
-0101010101080101 0000000000000000 5495C6ABF1E5DF51
-0101010101040101 0000000000000000 AE13DBD561488933
-0101010101020101 0000000000000000 024D1FFA8904E389
-0101010101018001 0000000000000000 D1399712F99BF02E
-0101010101014001 0000000000000000 14C1D7C1CFFEC79E
-0101010101012001 0000000000000000 1DE5279DAE3BED6F
-0101010101011001 0000000000000000 E941A33F85501303
-0101010101010801 0000000000000000 DA99DBBC9A03F379
-0101010101010401 0000000000000000 B7FC92F91D8E92E9
-0101010101010201 0000000000000000 AE8E5CAA3CA04E85
-0101010101010180 0000000000000000 9CC62DF43B6EED74
-0101010101010140 0000000000000000 D863DBB5C59A91A0
-0101010101010120 0000000000000000 A1AB2190545B91D7
-0101010101010110 0000000000000000 0875041E64C570F7
-0101010101010108 0000000000000000 5A594528BEBEF1CC
-0101010101010104 0000000000000000 FCDB3291DE21F0C0
-0101010101010102 0000000000000000 869EFD7F9F265A09
-1046913489980131 0000000000000000 88D55E54F54C97B4
-1007103489988020 0000000000000000 0C0CC00C83EA48FD
-10071034C8980120 0000000000000000 83BC8EF3A6570183
-1046103489988020 0000000000000000 DF725DCAD94EA2E9
-1086911519190101 0000000000000000 E652B53B550BE8B0
-1086911519580101 0000000000000000 AF527120C485CBB0
-5107B01519580101 0000000000000000 0F04CE393DB926D5
-1007B01519190101 0000000000000000 C9F00FFC74079067
-3107915498080101 0000000000000000 7CFD82A593252B4E
-3107919498080101 0000000000000000 CB49A2F9E91363E3
-10079115B9080140 0000000000000000 00B588BE70D23F56
-3107911598080140 0000000000000000 406A9A6AB43399AE
-1007D01589980101 0000000000000000 6CB773611DCA9ADA
-9107911589980101 0000000000000000 67FD21C17DBB5D70
-9107D01589190101 0000000000000000 9592CB4110430787
-1007D01598980120 0000000000000000 A6B7FF68A318DDD3
-1007940498190101 0000000000000000 4D102196C914CA16
-0107910491190401 0000000000000000 2DFA9F4573594965
-0107910491190101 0000000000000000 B46604816C0E0774
-0107940491190401 0000000000000000 6E7E6221A4F34E87
-19079210981A0101 0000000000000000 AA85E74643233199
-1007911998190801 0000000000000000 2E5A19DB4D1962D6
-10079119981A0801 0000000000000000 23A866A809D30894
-1007921098190101 0000000000000000 D812D961F017D320
-100791159819010B 0000000000000000 055605816E58608F
-1004801598190101 0000000000000000 ABD88E8B1B7716F1
-1004801598190102 0000000000000000 537AC95BE69DA1E1
-1004801598190108 0000000000000000 AED0F6AE3C25CDD8
-1002911598100104 0000000000000000 B3E35A5EE53E7B8D
-1002911598190104 0000000000000000 61C79C71921A2EF8
-1002911598100201 0000000000000000 E2F5728F0995013C
-1002911698100101 0000000000000000 1AEAC39A61F0A464
-7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B
-0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271
-07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A
-3849674C2602319E 51454B582DDF440A 7178876E01F19B2A
-04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095
-0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B
-0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09
-43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A
-07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F
-04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088
-37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77
-1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A
-584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56
-025816164629B007 480D39006EE762F2 A1F9915541020B56
-49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556
-4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC
-49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A
-018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41
-1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793
diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c
deleted file mode 100644
index 4a19933ca..000000000
--- a/src/lib/crypto/builtin/des/t_verify.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/t_verify.c */
-/*
- * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/*
- *
- * Program to test the correctness of the DES library
- * implementation.
- *
- * exit returns 0 ==> success
- * -1 ==> error
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-#include <stdio.h>
-#include "com_err.h"
-
-static void do_encrypt(unsigned char *, unsigned char *);
-static void do_decrypt(unsigned char *, unsigned char *);
-
-char *progname;
-int nflag = 2;
-int vflag;
-int mflag;
-int zflag;
-int pid;
-int mit_des_debug;
-
-unsigned char cipher_text[64];
-unsigned char clear_text[64] = "Now is the time for all " ;
-unsigned char clear_text2[64] = "7654321 Now is the time for ";
-unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
-unsigned char output[64];
-unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
-unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
-unsigned char *input;
-
-/* 0x0123456789abcdef */
-unsigned char default_key[8] = {
- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
-};
-unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
-unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
-mit_des_cblock s_key;
-unsigned char default_ivec[8] = {
- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
-};
-unsigned char *ivec;
-unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
-
-unsigned char cipher1[8] = {
- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
-};
-unsigned char cipher2[8] = {
- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
-};
-unsigned char cipher3[64] = {
- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
-};
-unsigned char checksum[8] = {
- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
-};
-
-unsigned char zresult[8] = {
- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
-};
-
-unsigned char mresult[8] = {
- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
-};
-
-
-/*
- * Can also add :
- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
- */
-
-mit_des_key_schedule sched;
-
-int
-main(argc,argv)
- int argc;
- char *argv[];
-{
- /* Local Declarations */
- size_t in_length;
- int retval;
- int i, j;
-
-#ifdef WINDOWS
- /* Set screen window buffer to infinite size -- MS default is tiny. */
- _wsetscreenbuf (fileno (stdout), _WINBUFINF);
-#endif
- progname=argv[0]; /* salt away invoking program */
-
- while (--argc > 0 && (*++argv)[0] == '-')
- for (i=1; argv[0][i] != '\0'; i++) {
- switch (argv[0][i]) {
-
- /* debug flag */
- case 'd':
- mit_des_debug=3;
- continue;
-
- case 'z':
- zflag = 1;
- continue;
-
- case 'm':
- mflag = 1;
- continue;
-
- default:
- printf("%s: illegal flag \"%c\" ",
- progname,argv[0][i]);
- exit(1);
- }
- };
-
- if (argc) {
- fprintf(stderr, "Usage: %s [-dmz]\n", progname);
- exit(1);
- }
-
- /* do some initialisation */
-
- /* use known input and key */
-
- /* ECB zero text zero key */
- if (zflag) {
- input = zero_text;
- mit_des_key_sched(zero_key, sched);
- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
- printf("verify: error in zero key test\n");
- exit(-1);
- }
-
- exit(0);
- }
-
- if (mflag) {
- input = msb_text;
- mit_des_key_sched(key3, sched);
- printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
- printf("key = 0x80 01 01 01 01 01 01 01\n");
- printf(" cipher = 0xa380e02a6be54696\n");
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++) {
- printf("%02x ",cipher_text[j]);
- }
- printf("\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
- printf("verify: error in msb test\n");
- exit(-1);
- }
- exit(0);
- }
-
- /* ECB mode Davies and Price */
- {
- input = zero_text;
- mit_des_key_sched(key2, sched);
- printf("Examples per FIPS publication 81, keys ivs and cipher\n");
- printf("in hex. These are the correct answers, see below for\n");
- printf("the actual answers.\n\n");
- printf("Examples per Davies and Price.\n\n");
- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
- printf("\tclear = 0\n");
- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
- printf("ACTUAL ECB\n");
- printf("\tclear \"%s\"\n", input);
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
- printf("verify: error in ECB encryption\n");
- exit(-1);
- }
- else
- printf("verify: ECB encryption is correct\n\n");
- }
-
- /* ECB mode */
- {
- mit_des_key_sched(default_key, sched);
- input = clear_text;
- ivec = default_ivec;
- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
- printf("\tclear = \"Now is the time for all \"\n");
- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
- printf("ACTUAL ECB\n\tclear \"%s\"",input);
- do_encrypt(input,cipher_text);
- printf("\n\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++) {
- printf("%02x ",cipher_text[j]);
- }
- printf("\n\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
- printf("verify: error in ECB encryption\n");
- exit(-1);
- }
- else
- printf("verify: ECB encryption is correct\n\n");
- }
-
- /* CBC mode */
- printf("EXAMPLE CBC\tkey = 0123456789abcdef");
- printf("\tiv = 1234567890abcdef\n");
- printf("\tclear = \"Now is the time for all \"\n");
- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
-
- printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
- in_length = strlen((char *)input);
- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
- (mit_des_cblock *) cipher_text,
- (size_t) in_length,
- sched,
- ivec,
- MIT_DES_ENCRYPT))) {
- com_err("des verify", retval, "can't encrypt");
- exit(-1);
- }
- printf("\tciphertext = (low to high bytes)\n");
- for (i = 0; i <= 2; i++) {
- printf("\t\t");
- for (j = 0; j <= 7; j++) {
- printf("%02x ",cipher_text[i*8+j]);
- }
- printf("\n");
- }
- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
- (mit_des_cblock *) clear_text,
- (size_t) in_length,
- sched,
- ivec,
- MIT_DES_DECRYPT))) {
- com_err("des verify", retval, "can't decrypt");
- exit(-1);
- }
- printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
-
- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
- printf("verify: error in CBC encryption\n");
- exit(-1);
- }
- else
- printf("verify: CBC encryption is correct\n\n");
-
- printf("EXAMPLE CBC checksum");
- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
- printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
- printf("or some part thereof\n");
- input = clear_text2;
- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
- sched,ivec);
- printf("ACTUAL CBC checksum\n");
- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n\n");
- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
- printf("verify: error in CBC checksum\n");
- exit(-1);
- }
- else
- printf("verify: CBC checksum is correct\n\n");
-
- exit(0);
-}
-
-static void
-do_encrypt(in,out)
- unsigned char *in;
- unsigned char *out;
-{
- int i, j;
- for (i =1; i<=nflag; i++) {
- mit_des_cbc_encrypt((const mit_des_cblock *)in,
- (mit_des_cblock *)out,
- 8,
- sched,
- zero_text,
- MIT_DES_ENCRYPT);
- if (mit_des_debug) {
- printf("\nclear %s\n",in);
- for (j = 0; j<=7; j++)
- printf("%02X ",in[j] & 0xff);
- printf("\tcipher ");
- for (j = 0; j<=7; j++)
- printf("%02X ",out[j] & 0xff);
- }
- }
-}
-
-static void
-do_decrypt(in,out)
- unsigned char *out;
- unsigned char *in;
- /* try to invert it */
-{
- int i, j;
- for (i =1; i<=nflag; i++) {
- mit_des_cbc_encrypt((const mit_des_cblock *)out,
- (mit_des_cblock *)in,
- 8,
- sched,
- zero_text,
- MIT_DES_DECRYPT);
- if (mit_des_debug) {
- printf("clear %s\n",in);
- for (j = 0; j<=7; j++)
- printf("%02X ",in[j] & 0xff);
- printf("\tcipher ");
- for (j = 0; j<=7; j++)
- printf("%02X ",out[j] & 0xff);
- }
- }
-}
-
-/*
- * Fake out the DES library, for the purposes of testing.
- */
-
-int
-mit_des_is_weak_key(key)
- mit_des_cblock key;
-{
- return 0; /* fake it out for testing */
-}
diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c
deleted file mode 100644
index eb41b267d..000000000
--- a/src/lib/crypto/builtin/des/weak_key.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/des/weak_key.c */
-/*
- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-/*
- * The following are the weak DES keys:
- */
-static const mit_des_cblock weak[16] = {
- /* weak keys */
- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
-
- /* semi-weak */
- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
-
- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
-
- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
-
- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
-
- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
-
- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
-};
-
-/*
- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
- *
- * Requires: key has correct odd parity.
- */
-int
-mit_des_is_weak_key(mit_des_cblock key)
-{
- unsigned int i;
- const mit_des_cblock *weak_p = weak;
-
- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
- return 1;
- }
-
- return 0;
-}
diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in
index 3459e1d0e..af6276b96 100644
--- a/src/lib/crypto/builtin/enc_provider/Makefile.in
+++ b/src/lib/crypto/builtin/enc_provider/Makefile.in
@@ -1,7 +1,6 @@
mydir=lib$(S)crypto$(S)builtin$(S)enc_provider
BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../des \
- -I$(srcdir)/../aes \
+LOCALINCLUDES = -I$(srcdir)/../aes \
-I$(srcdir)/../camellia \
-I$(srcdir)/../../krb \
-I$(srcdir)/..
@@ -11,19 +10,16 @@ LOCALINCLUDES = -I$(srcdir)/../des \
##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst
STLIBOBJS= \
- des3.o \
rc4.o \
aes.o \
camellia.o
OBJS= \
- $(OUTPRE)des3.$(OBJEXT) \
$(OUTPRE)aes.$(OBJEXT) \
$(OUTPRE)camellia.$(OBJEXT) \
$(OUTPRE)rc4.$(OBJEXT)
SRCS= \
- $(srcdir)/des3.c \
$(srcdir)/aes.c \
$(srcdir)/camellia.c \
$(srcdir)/rc4.c
diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps
index ea4ffecd8..061289a91 100644
--- a/src/lib/crypto/builtin/enc_provider/deps
+++ b/src/lib/crypto/builtin/enc_provider/deps
@@ -1,19 +1,6 @@
#
# Generated makefile dependencies follow.
#
-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \
- $(srcdir)/../crypto_mod.h $(srcdir)/../des/des_int.h \
- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des3.c
aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c
deleted file mode 100644
index 9b8244223..000000000
--- a/src/lib/crypto/builtin/enc_provider/des3.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "crypto_int.h"
-#include "des_int.h"
-
-static krb5_error_code
-validate_and_schedule(krb5_key key, const krb5_data *ivec,
- const krb5_crypto_iov *data, size_t num_data,
- mit_des3_key_schedule *schedule)
-{
- if (key->keyblock.length != 24)
- return(KRB5_BAD_KEYSIZE);
- if (iov_total_length(data, num_data, FALSE) % 8 != 0)
- return(KRB5_BAD_MSIZE);
- if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
-
- switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents,
- *schedule)) {
- case -1:
- return(KRB5DES_BAD_KEYPAR);
- case -2:
- return(KRB5DES_WEAK_KEY);
- }
- return 0;
-}
-
-static krb5_error_code
-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- size_t num_data)
-{
- mit_des3_key_schedule schedule;
- krb5_error_code err;
-
- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
- if (err)
- return err;
-
- /* this has a return value, but the code always returns zero */
- krb5int_des3_cbc_encrypt(data, num_data,
- schedule[0], schedule[1], schedule[2],
- ivec != NULL ? (unsigned char *) ivec->data :
- NULL);
-
- zap(schedule, sizeof(schedule));
-
- return(0);
-}
-
-static krb5_error_code
-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- size_t num_data)
-{
- mit_des3_key_schedule schedule;
- krb5_error_code err;
-
- err = validate_and_schedule(key, ivec, data, num_data, &schedule);
- if (err)
- return err;
-
- /* this has a return value, but the code always returns zero */
- krb5int_des3_cbc_decrypt(data, num_data,
- schedule[0], schedule[1], schedule[2],
- ivec != NULL ? (unsigned char *) ivec->data :
- NULL);
-
- zap(schedule, sizeof(schedule));
-
- return 0;
-}
-
-const struct krb5_enc_provider krb5int_enc_des3 = {
- 8,
- 21, 24,
- k5_des3_encrypt,
- k5_des3_decrypt,
- NULL,
- krb5int_des_init_state,
- krb5int_default_free_state
-};
diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected
index f8251a16c..bc6aa50c8 100644
--- a/src/lib/crypto/crypto_tests/t_cf2.expected
+++ b/src/lib/crypto/crypto_tests/t_cf2.expected
@@ -1,6 +1,5 @@
97df97e4b798b29eb31ed7280287a92a
4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
-e58f9eb643862c13ad38e529313462a7f73e62834fe54a01
24d7f6b6bae4e5c00d2082c5ebab3672
edd02a39d2dbde31611c16e610be062c
67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584
diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in
index 73e2f8fbc..c4d23b506 100644
--- a/src/lib/crypto/crypto_tests/t_cf2.in
+++ b/src/lib/crypto/crypto_tests/t_cf2.in
@@ -8,11 +8,6 @@ key1
key2
a
b
-16
-key1
-key2
-a
-b
23
key1
key2
diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
index 8297fcbf5..3063d12ec 100644
--- a/src/lib/crypto/crypto_tests/t_cksums.c
+++ b/src/lib/crypto/crypto_tests/t_cksums.c
@@ -59,16 +59,6 @@ struct test {
"\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90"
"\xAF\xD8\x07\x09" }
},
- {
- { KV5M_DATA, 9, "six seven" },
- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2,
- { KV5M_DATA, 24,
- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
- { KV5M_DATA, 20,
- "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6"
- "\x99\x08\x2B\xB4" }
- },
{
{ KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" },
CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3,
diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c
index a40a85500..716f2c337 100644
--- a/src/lib/crypto/crypto_tests/t_decrypt.c
+++ b/src/lib/crypto/crypto_tests/t_decrypt.c
@@ -39,62 +39,6 @@ struct test {
krb5_data keybits;
krb5_data ciphertext;
} test_cases[] = {
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 0, "", }, 0,
- { KV5M_DATA, 24,
- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23"
- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" },
- { KV5M_DATA, 28,
- "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B"
- "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" }
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 1, "1", }, 1,
- { KV5M_DATA, 24,
- "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6"
- "\x40\x45\x23\x85\x32\x29\x62\xB6" },
- { KV5M_DATA, 36,
- "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3"
- "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56"
- "\x66\x09\x45\xC7" }
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 9, "9 bytesss", }, 2,
- { KV5M_DATA, 24,
- "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85"
- "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" },
- { KV5M_DATA, 44,
- "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7"
- "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44"
- "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" }
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 13, "13 bytes byte", }, 3,
- { KV5M_DATA, 24,
- "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51"
- "\x76\xE3\x98\x13\x32\xF1\xE5\x98" },
- { KV5M_DATA, 44,
- "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C"
- "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8"
- "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" }
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4,
- { KV5M_DATA, 24,
- "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20"
- "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" },
- { KV5M_DATA, 60,
- "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5"
- "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40"
- "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C"
- "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" }
- },
-
{
ENCTYPE_ARCFOUR_HMAC,
{ KV5M_DATA, 0, "", }, 0,
@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len)
static krb5_enctype
enctypes[] = {
- ENCTYPE_DES3_CBC_SHA1,
ENCTYPE_ARCFOUR_HMAC,
ENCTYPE_ARCFOUR_HMAC_EXP,
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c
index afbf7477f..93ce30da2 100644
--- a/src/lib/crypto/crypto_tests/t_derive.c
+++ b/src/lib/crypto/crypto_tests/t_derive.c
@@ -38,41 +38,6 @@ struct test {
enum deriv_alg alg;
krb5_data expected_key;
} test_cases[] = {
- /* Kc, Ke, Kei for a DES3 key */
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 24,
- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- { KV5M_DATA, 5, "\0\0\0\2\x99" },
- DERIVE_RFC3961,
- { KV5M_DATA, 24,
- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C"
- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" }
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 24,
- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- { KV5M_DATA, 5, "\0\0\0\2\xAA" },
- DERIVE_RFC3961,
- { KV5M_DATA, 24,
- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D"
- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" }
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- { KV5M_DATA, 24,
- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE"
- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- { KV5M_DATA, 5, "\0\0\0\2\x55" },
- DERIVE_RFC3961,
- { KV5M_DATA, 24,
- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE"
- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" }
- },
-
/* Kc, Ke, Ki for an AES-128 key */
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -286,7 +251,6 @@ static const struct krb5_enc_provider *
get_enc_provider(krb5_enctype enctype)
{
switch (enctype) {
- case ENCTYPE_DES3_CBC_SHA1: return &krb5int_enc_des3;
case ENCTYPE_AES128_CTS_HMAC_SHA1_96: return &krb5int_enc_aes128;
case ENCTYPE_AES256_CTS_HMAC_SHA1_96: return &krb5int_enc_aes256;
case ENCTYPE_CAMELLIA128_CTS_CMAC: return &krb5int_enc_camellia128;
diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c
index bd9b94691..290a72e1e 100644
--- a/src/lib/crypto/crypto_tests/t_encrypt.c
+++ b/src/lib/crypto/crypto_tests/t_encrypt.c
@@ -37,7 +37,6 @@
/* What enctypes should we test?*/
krb5_enctype interesting_enctypes[] = {
- ENCTYPE_DES3_CBC_SHA1,
ENCTYPE_ARCFOUR_HMAC,
ENCTYPE_ARCFOUR_HMAC_EXP,
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c
index d4c2b97df..4466b7115 100644
--- a/src/lib/crypto/crypto_tests/t_short.c
+++ b/src/lib/crypto/crypto_tests/t_short.c
@@ -34,7 +34,6 @@
#include "k5-int.h"
krb5_enctype interesting_enctypes[] = {
- ENCTYPE_DES3_CBC_SHA1,
ENCTYPE_ARCFOUR_HMAC,
ENCTYPE_ARCFOUR_HMAC_EXP,
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
index cdb1acc6d..ef4c4a7d3 100644
--- a/src/lib/crypto/crypto_tests/t_str2key.c
+++ b/src/lib/crypto/crypto_tests/t_str2key.c
@@ -35,58 +35,6 @@ struct test {
krb5_error_code expected_err;
krb5_boolean allow_weak;
} test_cases[] = {
- /* Test vectors from RFC 3961 appendix A.4. */
- {
- ENCTYPE_DES3_CBC_SHA1,
- "password",
- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" },
- { KV5M_DATA, 0, NULL },
- { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C"
- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
- 0,
- FALSE
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- "potatoe",
- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" },
- { KV5M_DATA, 0, NULL },
- { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37"
- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" },
- 0,
- FALSE
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- "penny",
- { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" },
- { KV5M_DATA, 0, NULL },
- { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA"
- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" },
- 0,
- FALSE
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- "\xC3\x9F",
- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" },
- { KV5M_DATA, 0, NULL },
- { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0"
- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" },
- 0,
- FALSE
- },
- {
- ENCTYPE_DES3_CBC_SHA1,
- "\xF0\x9D\x84\x9E",
- { KV5M_DATA, 18, "EXAMPLE.COMpianist" },
- { KV5M_DATA, 0, NULL },
- { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E"
- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" },
- 0,
- FALSE
- },
-
/* Test vectors from RFC 3962 appendix B. */
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
index b74e6f7cc..2b0c4163d 100644
--- a/src/lib/crypto/krb/Makefile.in
+++ b/src/lib/crypto/krb/Makefile.in
@@ -50,7 +50,6 @@ STLIBOBJS=\
prf.o \
prf_aes2.o \
prf_cmac.o \
- prf_des.o \
prf_dk.o \
prf_rc4.o \
prng.o \
@@ -109,7 +108,6 @@ OBJS=\
$(OUTPRE)prf.$(OBJEXT) \
$(OUTPRE)prf_aes2.$(OBJEXT) \
$(OUTPRE)prf_cmac.$(OBJEXT) \
- $(OUTPRE)prf_des.$(OBJEXT) \
$(OUTPRE)prf_dk.$(OBJEXT) \
$(OUTPRE)prf_rc4.$(OBJEXT) \
$(OUTPRE)prng.$(OBJEXT) \
@@ -168,7 +166,6 @@ SRCS=\
$(srcdir)/prf.c \
$(srcdir)/prf_aes2.c \
$(srcdir)/prf_cmac.c \
- $(srcdir)/prf_des.c \
$(srcdir)/prf_dk.c \
$(srcdir)/prf_rc4.c \
$(srcdir)/prng.c \
diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c
index ecc2e08c9..f5fbe8a2a 100644
--- a/src/lib/crypto/krb/cksumtypes.c
+++ b/src/lib/crypto/krb/cksumtypes.c
@@ -46,12 +46,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = {
krb5int_unkeyed_checksum, NULL,
20, 20, CKSUM_UNKEYED },
- { CKSUMTYPE_HMAC_SHA1_DES3,
- "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key",
- &krb5int_enc_des3, &krb5int_hash_sha1,
- krb5int_dk_checksum, NULL,
- 20, 20, 0 },
-
{ CKSUMTYPE_HMAC_MD5_ARCFOUR,
"hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" },
"Microsoft HMAC MD5",
diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
index 19f808749..4bc430c7a 100644
--- a/src/lib/crypto/krb/crypto_int.h
+++ b/src/lib/crypto/krb/crypto_int.h
@@ -276,10 +276,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc,
/* Random to key */
krb5_error_code k5_rand2key_direct(const krb5_data *randombits,
krb5_keyblock *keyblock);
-krb5_error_code k5_rand2key_des(const krb5_data *randombits,
- krb5_keyblock *keyblock);
-krb5_error_code k5_rand2key_des3(const krb5_data *randombits,
- krb5_keyblock *keyblock);
/* Pseudo-random function */
krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp,
@@ -368,11 +364,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage);
/* Ensure library initialization has occurred. */
int krb5int_crypto_init(void);
-/* DES default state initialization handler (used by module enc providers). */
-krb5_error_code krb5int_des_init_state(const krb5_keyblock *key,
- krb5_keyusage keyusage,
- krb5_data *state_out);
-
/* Default state cleanup handler (used by module enc providers). */
void krb5int_default_free_state(krb5_data *state);
@@ -425,7 +416,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block);
/* Modules must implement the k5_sha256() function prototyped in k5-int.h. */
/* Modules must implement the following enc_providers and hash_providers: */
-extern const struct krb5_enc_provider krb5int_enc_des3;
extern const struct krb5_enc_provider krb5int_enc_arcfour;
extern const struct krb5_enc_provider krb5int_enc_aes128;
extern const struct krb5_enc_provider krb5int_enc_aes256;
@@ -442,12 +432,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384;
/* Modules must implement the following functions. */
-/* Set the parity bits to the correct values in keybits. */
-void k5_des_fixup_key_parity(unsigned char *keybits);
-
-/* Return true if keybits is a weak or semi-weak DES key. */
-krb5_boolean k5_des_is_weak_key(unsigned char *keybits);
-
/* Compute an HMAC using the provided hash function, key, and data, storing the
* result into output (caller-allocated). */
krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c
index 0757c8b02..f89dc7902 100644
--- a/src/lib/crypto/krb/default_state.c
+++ b/src/lib/crypto/krb/default_state.c
@@ -32,16 +32,6 @@
#include "crypto_int.h"
-krb5_error_code
-krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage,
- krb5_data *state_out)
-{
- if (alloc_data(state_out, 8))
- return ENOMEM;
-
- return 0;
-}
-
void
krb5int_default_free_state(krb5_data *state)
{
diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
index 1542d4062..a0037912a 100644
--- a/src/lib/crypto/krb/enctype_util.c
+++ b/src/lib/crypto/krb/enctype_util.c
@@ -45,6 +45,9 @@ struct {
{ ENCTYPE_DES_CBC_MD5, "des-cbc-md5" },
{ ENCTYPE_DES_CBC_RAW, "des-cbc-raw" },
{ ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" },
+ { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" },
+ { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" },
+ { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" },
{ ENCTYPE_NULL, NULL }
};
diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
index fc278783b..7635393a4 100644
--- a/src/lib/crypto/krb/etypes.c
+++ b/src/lib/crypto/krb/etypes.c
@@ -35,27 +35,6 @@
/* Deprecations come from RFC 6649 and RFC 8249. */
const struct krb5_keytypes krb5int_enctypes_list[] = {
- { ENCTYPE_DES3_CBC_RAW,
- "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
- &krb5int_enc_des3, NULL,
- 16,
- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt,
- krb5int_dk_string_to_key, k5_rand2key_des3,
- NULL, /*PRF*/
- 0,
- ETYPE_WEAK | ETYPE_DEPRECATED, 112 },
-
- { ENCTYPE_DES3_CBC_SHA1,
- "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
- "Triple DES cbc mode with HMAC/sha1",
- &krb5int_enc_des3, &krb5int_hash_sha1,
- 16,
- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt,
- krb5int_dk_string_to_key, k5_rand2key_des3,
- krb5int_dk_prf,
- CKSUMTYPE_HMAC_SHA1_DES3,
- ETYPE_DEPRECATED, 112 },
-
/* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we
* consider its strength degraded and assign it an SSF value of 64. */
{ ENCTYPE_ARCFOUR_HMAC,
diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c
deleted file mode 100644
index 7a2d719c5..000000000
--- a/src/lib/crypto/krb/prf_des.c
+++ /dev/null
@@ -1,47 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */
-/*
- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "crypto_int.h"
-
-krb5_error_code
-krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key,
- const krb5_data *in, krb5_data *out)
-{
- const struct krb5_hash_provider *hash = &krb5int_hash_md5;
- krb5_crypto_iov iov;
- krb5_error_code ret;
-
- /* Compute a hash of the input, storing into the output buffer. */
- iov.flags = KRB5_CRYPTO_TYPE_DATA;
- iov.data = *in;
- ret = hash->hash(&iov, 1, out);
- if (ret != 0)
- return ret;
-
- /* Encrypt the hash in place. */
- iov.data = *out;
- return ktp->enc->encrypt(key, NULL, &iov, 1);
-}
diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c
index 157462526..863090beb 100644
--- a/src/lib/crypto/krb/random_to_key.c
+++ b/src/lib/crypto/krb/random_to_key.c
@@ -71,48 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock)
memcpy(keyblock->contents, randombits->data, randombits->length);
return 0;
}
-
-static inline void
-eighth_byte(unsigned char *b)
-{
- b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) |
- ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) |
- ((b[6] & 1) << 7));
-}
-
-krb5_error_code
-k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock)
-{
- if (randombits->length != 7)
- return(KRB5_CRYPTO_INTERNAL);
-
- keyblock->magic = KV5M_KEYBLOCK;
-
- /* Take the seven bytes, move them around into the top 7 bits of the
- * 8 key bytes, then compute the parity bits. */
- memcpy(keyblock->contents, randombits->data, randombits->length);
- eighth_byte(keyblock->contents);
- k5_des_fixup_key_parity(keyblock->contents);
-
- return 0;
-}
-
-krb5_error_code
-k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock)
-{
- int i;
-
- if (randombits->length != 21)
- return KRB5_CRYPTO_INTERNAL;
-
- keyblock->magic = KV5M_KEYBLOCK;
-
- /* Take the seven bytes, move them around into the top 7 bits of the
- * 8 key bytes, then compute the parity bits. Do this three times. */
- for (i = 0; i < 3; i++) {
- memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7);
- eighth_byte(&keyblock->contents[i * 8]);
- k5_des_fixup_key_parity(&keyblock->contents[i * 8]);
- }
- return 0;
-}
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index d6cc1b423..f44cb9170 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports
@@ -86,7 +86,6 @@ krb5_k_verify_checksum
krb5_k_verify_checksum_iov
krb5int_aes_encrypt
krb5int_aes_decrypt
-krb5int_enc_des3
krb5int_arcfour_gsscrypt
krb5int_camellia_cbc_mac
krb5int_cmac_checksum
diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in
index aa434b168..234fc0e76 100644
--- a/src/lib/crypto/openssl/Makefile.in
+++ b/src/lib/crypto/openssl/Makefile.in
@@ -1,6 +1,6 @@
mydir=lib$(S)crypto$(S)openssl
BUILDTOP=$(REL)..$(S)..$(S)..
-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider
+SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider
LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir)
STLIBOBJS=\
@@ -24,14 +24,14 @@ SRCS=\
$(srcdir)/sha256.c \
$(srcdir)/stubs.c
-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \
+STOBJLISTS= md4/OBJS.ST \
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
enc_provider/OBJS.ST \
hash_provider/OBJS.ST \
aes/OBJS.ST \
OBJS.ST
-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \
+SUBDIROBJLISTS= md4/OBJS.ST \
md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \
enc_provider/OBJS.ST \
hash_provider/OBJS.ST \
@@ -42,7 +42,7 @@ includes: depend
depend: $(SRCS)
-clean-unix:: clean-libobjs
+clean-unix:: clean-libobjsn
@lib_frag@
@libobj_frag@
diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in
deleted file mode 100644
index 4392fb8ea..000000000
--- a/src/lib/crypto/openssl/des/Makefile.in
+++ /dev/null
@@ -1,20 +0,0 @@
-mydir=lib$(S)crypto$(S)openssl$(S)des
-BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
-LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
-
-STLIBOBJS= des_keys.o
-
-OBJS= $(OUTPRE)des_keys.$(OBJEXT)
-
-SRCS= $(srcdir)/des_keys.c
-
-all-unix: all-libobjs
-
-includes: depend
-
-depend: $(SRCS)
-
-clean-unix:: clean-libobjs
-
-@libobj_frag@
-
diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps
deleted file mode 100644
index 21b904f89..000000000
--- a/src/lib/crypto/openssl/des/deps
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- des_keys.c
diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c
deleted file mode 100644
index 51d9db216..000000000
--- a/src/lib/crypto/openssl/des/des_keys.c
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */
-/*
- * Copyright (C) 2011 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "crypto_int.h"
-#include <openssl/des.h>
-
-void
-k5_des_fixup_key_parity(unsigned char *keybits)
-{
- DES_set_odd_parity((DES_cblock *)keybits);
-}
-
-krb5_boolean
-k5_des_is_weak_key(unsigned char *keybits)
-{
- return DES_is_weak_key((DES_cblock *)keybits);
-}
diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in
index a9069d22d..2b32c3ac4 100644
--- a/src/lib/crypto/openssl/enc_provider/Makefile.in
+++ b/src/lib/crypto/openssl/enc_provider/Makefile.in
@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/..
STLIBOBJS= \
- des3.o \
rc4.o \
aes.o \
camellia.o
OBJS= \
- $(OUTPRE)des3.$(OBJEXT) \
$(OUTPRE)aes.$(OBJEXT) \
$(OUTPRE)camellia.$(OBJEXT) \
$(OUTPRE)rc4.$(OBJEXT)
SRCS= \
- $(srcdir)/des3.c \
$(srcdir)/aes.c \
$(srcdir)/camellia.c \
$(srcdir)/rc4.c
diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps
index 1c28cc842..91ba48234 100644
--- a/src/lib/crypto/openssl/enc_provider/deps
+++ b/src/lib/crypto/openssl/enc_provider/deps
@@ -1,17 +1,6 @@
#
# Generated makefile dependencies follow.
#
-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
- $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h des3.c
aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \
diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c
deleted file mode 100644
index 1c439c2cd..000000000
--- a/src/lib/crypto/openssl/enc_provider/des3.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/openssl/enc_provider/des3.c */
-/*
- * Copyright (C) 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "crypto_int.h"
-#include <openssl/evp.h>
-
-
-#define DES3_BLOCK_SIZE 8
-#define DES3_KEY_SIZE 24
-#define DES3_KEY_BYTES 21
-
-static krb5_error_code
-validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data,
- size_t num_data, krb5_boolean *empty)
-{
- size_t input_length = iov_total_length(data, num_data, FALSE);
-
- if (key->keyblock.length != DES3_KEY_SIZE)
- return(KRB5_BAD_KEYSIZE);
- if ((input_length%DES3_BLOCK_SIZE) != 0)
- return(KRB5_BAD_MSIZE);
- if (ivec && (ivec->length != 8))
- return(KRB5_BAD_MSIZE);
-
- *empty = (input_length == 0);
- return 0;
-}
-
-static krb5_error_code
-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- size_t num_data)
-{
- int ret, olen = DES3_BLOCK_SIZE;
- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
- struct iov_cursor cursor;
- EVP_CIPHER_CTX *ctx;
- krb5_boolean empty;
-
- ret = validate(key, ivec, data, num_data, &empty);
- if (ret != 0 || empty)
- return ret;
-
- ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-
- ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
- key->keyblock.contents,
- (ivec) ? (unsigned char*)ivec->data : NULL);
- if (!ret) {
- EVP_CIPHER_CTX_free(ctx);
- return KRB5_CRYPTO_INTERNAL;
- }
-
- EVP_CIPHER_CTX_set_padding(ctx,0);
-
- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
- while (k5_iov_cursor_get(&cursor, iblock)) {
- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE);
- if (!ret)
- break;
- k5_iov_cursor_put(&cursor, oblock);
- }
-
- if (ivec != NULL)
- memcpy(ivec->data, oblock, DES3_BLOCK_SIZE);
-
- EVP_CIPHER_CTX_free(ctx);
-
- zap(iblock, sizeof(iblock));
- zap(oblock, sizeof(oblock));
-
- if (ret != 1)
- return KRB5_CRYPTO_INTERNAL;
- return 0;
-}
-
-static krb5_error_code
-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
- size_t num_data)
-{
- int ret, olen = DES3_BLOCK_SIZE;
- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE];
- struct iov_cursor cursor;
- EVP_CIPHER_CTX *ctx;
- krb5_boolean empty;
-
- ret = validate(key, ivec, data, num_data, &empty);
- if (ret != 0 || empty)
- return ret;
-
- ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL)
- return ENOMEM;
-
- ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL,
- key->keyblock.contents,
- (ivec) ? (unsigned char*)ivec->data : NULL);
- if (!ret) {
- EVP_CIPHER_CTX_free(ctx);
- return KRB5_CRYPTO_INTERNAL;
- }
-
- EVP_CIPHER_CTX_set_padding(ctx,0);
-
- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE);
- while (k5_iov_cursor_get(&cursor, iblock)) {
- ret = EVP_DecryptUpdate(ctx, oblock, &olen,
- (unsigned char *)iblock, DES3_BLOCK_SIZE);
- if (!ret)
- break;
- k5_iov_cursor_put(&cursor, oblock);
- }
-
- if (ivec != NULL)
- memcpy(ivec->data, iblock, DES3_BLOCK_SIZE);
-
- EVP_CIPHER_CTX_free(ctx);
-
- zap(iblock, sizeof(iblock));
- zap(oblock, sizeof(oblock));
-
- if (ret != 1)
- return KRB5_CRYPTO_INTERNAL;
- return 0;
-}
-
-const struct krb5_enc_provider krb5int_enc_des3 = {
- DES3_BLOCK_SIZE,
- DES3_KEY_BYTES, DES3_KEY_SIZE,
- k5_des3_encrypt,
- k5_des3_decrypt,
- NULL,
- krb5int_des_init_state,
- krb5int_default_free_state
-};
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index 75f071c3e..fcf2c2152 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -1039,7 +1039,6 @@ kg_accept_krb5(minor_status, context_handle,
}
switch (negotiated_etype) {
- case ENCTYPE_DES3_CBC_SHA1:
case ENCTYPE_ARCFOUR_HMAC:
case ENCTYPE_ARCFOUR_HMAC_EXP:
/* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer"
diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
index a7e0e63ec..3bacdcd35 100644
--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
@@ -125,14 +125,14 @@ enum sgn_alg {
/* SGN_ALG_DES_MAC = 0x0002, */
/* SGN_ALG_3 = 0x0003, /\* not published *\/ */
SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */
- SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004
+ /* SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 */
};
enum seal_alg {
SEAL_ALG_NONE = 0xffff,
/* SEAL_ALG_DES = 0x0000, */
/* SEAL_ALG_1 = 0x0001, /\* not published *\/ */
SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */
- SEAL_ALG_DES3KD = 0x0002
+ /* SEAL_ALG_DES3KD = 0x0002 */
};
/* for 3DES */
@@ -153,7 +153,7 @@ enum qop {
GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004,
GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff,
/* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */
- GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200,
+ /* GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, */
GSS_KRB5_CONF_C_QOP_MASK = 0xff00
};
diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c
index d1cdce486..7f7146a0a 100644
--- a/src/lib/gssapi/krb5/k5seal.c
+++ b/src/lib/gssapi/krb5/k5seal.c
@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context,
/* pad the plaintext, encrypt if needed, and stick it in the token */
- /* initialize the the checksum */
- switch (signalg) {
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
- break;
- case SGN_ALG_HMAC_MD5:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
- if (toktype != KG_TOK_SEAL_MSG)
- sign_usage = 15;
- break;
- default:
- abort ();
- }
+ if (signalg != SGN_ALG_HMAC_MD5)
+ abort();
+
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+ if (toktype != KG_TOK_SEAL_MSG)
+ sign_usage = 15;
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
if (code) {
@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context,
gssalloc_free(t);
return(code);
}
- switch(signalg) {
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- /*
- * Using key derivation, the call to krb5_c_make_checksum
- * already dealt with encrypting.
- */
- if (md5cksum.length != cksum_size)
- abort ();
- memcpy (ptr+14, md5cksum.contents, md5cksum.length);
- break;
- case SGN_ALG_HMAC_MD5:
- memcpy (ptr+14, md5cksum.contents, cksum_size);
- break;
- }
+
+ memcpy (ptr+14, md5cksum.contents, cksum_size);
krb5_free_checksum_contents(context, &md5cksum);
diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c
index 9bb2ee109..9147bb2c7 100644
--- a/src/lib/gssapi/krb5/k5sealiov.c
+++ b/src/lib/gssapi/krb5/k5sealiov.c
@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context,
/* pad the plaintext, encrypt if needed, and stick it in the token */
/* initialize the checksum */
- switch (ctx->signalg) {
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
- break;
- case SGN_ALG_HMAC_MD5:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
- if (toktype != KG_TOK_WRAP_MSG)
- sign_usage = 15;
- break;
- default:
- abort ();
- }
+ if (ctx->signalg != SGN_ALG_HMAC_MD5)
+ abort();
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+ if (toktype != KG_TOK_WRAP_MSG)
+ sign_usage = 15;
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen);
if (code != 0)
@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context,
if (code != 0)
goto cleanup;
- switch (ctx->signalg) {
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- assert(md5cksum.length == ctx->cksum_size);
- memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
- break;
- case SGN_ALG_HMAC_MD5:
- memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
- break;
- }
+ memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
/* create the seq_num */
code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF,
diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c
index 9b183bc33..f0cc4a680 100644
--- a/src/lib/gssapi/krb5/k5unseal.c
+++ b/src/lib/gssapi/krb5/k5unseal.c
@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
but few enough that we can try them all. */
if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
- (ctx->sealalg == SEAL_ALG_DES3KD &&
- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
(ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
signalg != SGN_ALG_HMAC_MD5)) {
*minor_status = 0;
return GSS_S_DEFECTIVE_TOKEN;
}
- switch (signalg) {
- case SGN_ALG_HMAC_MD5:
- cksum_len = 8;
- if (toktype != KG_TOK_SEAL_MSG)
- sign_usage = 15;
- break;
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- cksum_len = 20;
- break;
- default:
+ if (signalg != SGN_ALG_HMAC_MD5) {
*minor_status = 0;
return GSS_S_DEFECTIVE_TOKEN;
}
+ cksum_len = 8;
+ if (toktype != KG_TOK_SEAL_MSG)
+ sign_usage = 15;
+
if ((size_t)bodysize < 14 + cksum_len) {
*minor_status = 0;
return GSS_S_DEFECTIVE_TOKEN;
@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
/* compute the checksum of the message */
/* initialize the the cksum */
- switch (signalg) {
- case SGN_ALG_HMAC_MD5:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
- break;
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
- break;
- default:
- abort ();
- }
+ if (signalg != SGN_ALG_HMAC_MD5)
+ abort();
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
if (code)
return(code);
md5cksum.length = sumlen;
- switch (signalg) {
- default:
+ if (signalg != SGN_ALG_HMAC_MD5) {
*minor_status = 0;
return(GSS_S_DEFECTIVE_TOKEN);
-
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- case SGN_ALG_HMAC_MD5:
- /* compute the checksum of the message */
-
- /* 8 = bytes of token body to be checksummed according to spec */
-
- if (! (data_ptr = xmalloc(8 + plainlen))) {
- if (sealalg != 0xffff)
- xfree(plain);
- if (toktype == KG_TOK_SEAL_MSG)
- gssalloc_free(token.value);
- *minor_status = ENOMEM;
- return(GSS_S_FAILURE);
- }
-
- (void) memcpy(data_ptr, ptr-2, 8);
-
- (void) memcpy(data_ptr+8, plain, plainlen);
-
- plaind.length = 8 + plainlen;
- plaind.data = data_ptr;
- code = krb5_k_make_checksum(context, md5cksum.checksum_type,
- ctx->seq, sign_usage,
- &plaind, &md5cksum);
- xfree(data_ptr);
-
- if (code) {
- if (toktype == KG_TOK_SEAL_MSG)
- gssalloc_free(token.value);
- *minor_status = code;
- return(GSS_S_FAILURE);
- }
-
- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
- break;
}
+ /* compute the checksum of the message */
+
+ /* 8 = bytes of token body to be checksummed according to spec */
+
+ if (! (data_ptr = xmalloc(8 + plainlen))) {
+ if (sealalg != 0xffff)
+ xfree(plain);
+ if (toktype == KG_TOK_SEAL_MSG)
+ gssalloc_free(token.value);
+ *minor_status = ENOMEM;
+ return(GSS_S_FAILURE);
+ }
+
+ (void) memcpy(data_ptr, ptr-2, 8);
+
+ (void) memcpy(data_ptr+8, plain, plainlen);
+
+ plaind.length = 8 + plainlen;
+ plaind.data = data_ptr;
+ code = krb5_k_make_checksum(context, md5cksum.checksum_type,
+ ctx->seq, sign_usage,
+ &plaind, &md5cksum);
+ xfree(data_ptr);
+
+ if (code) {
+ if (toktype == KG_TOK_SEAL_MSG)
+ gssalloc_free(token.value);
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
+
+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
+
krb5_free_checksum_contents(context, &md5cksum);
if (sealalg != 0xffff)
xfree(plain);
diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c
index 85a9574f3..3ce2a90ce 100644
--- a/src/lib/gssapi/krb5/k5unsealiov.c
+++ b/src/lib/gssapi/krb5/k5unsealiov.c
@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context,
}
if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
- (ctx->sealalg == SEAL_ALG_DES3KD &&
- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
(ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
signalg != SGN_ALG_HMAC_MD5)) {
*minor_status = 0;
return GSS_S_DEFECTIVE_TOKEN;
}
- switch (signalg) {
- case SGN_ALG_HMAC_MD5:
- cksum_len = 8;
- if (toktype != KG_TOK_WRAP_MSG)
- sign_usage = 15;
- break;
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- cksum_len = 20;
- break;
- default:
+ if (signalg != SGN_ALG_HMAC_MD5) {
*minor_status = 0;
return GSS_S_DEFECTIVE_TOKEN;
}
+ cksum_len = 8;
+ if (toktype != KG_TOK_WRAP_MSG)
+ sign_usage = 15;
+
/* get the token parameters */
code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction,
&seqnum);
@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context,
/* initialize the checksum */
- switch (signalg) {
- case SGN_ALG_HMAC_MD5:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
- break;
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
- break;
- default:
+ if (signalg != SGN_ALG_HMAC_MD5)
abort();
- }
+
+ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
if (code != 0) {
@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context,
goto cleanup;
}
- switch (signalg) {
- case SGN_ALG_HMAC_SHA1_DES3_KD:
- case SGN_ALG_HMAC_MD5:
- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
- break;
- default:
+ if (signalg != SGN_ALG_HMAC_MD5) {
code = 0;
retval = GSS_S_DEFECTIVE_TOKEN;
goto cleanup;
- break;
}
+ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len);
if (code != 0) {
code = 0;
retval = GSS_S_BAD_SIG;
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
index 84f194988..32150f5e3 100644
--- a/src/lib/gssapi/krb5/util_crypt.c
+++ b/src/lib/gssapi/krb5/util_crypt.c
@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey,
return code;
switch (subkey->keyblock.enctype) {
- case ENCTYPE_DES3_CBC_SHA1:
- code = kg_copy_keys(context, ctx, subkey);
- if (code != 0)
- return code;
-
- ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
- ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW;
- ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
- ctx->cksum_size = 20;
- ctx->sealalg = SEAL_ALG_DES3KD;
- break;
case ENCTYPE_ARCFOUR_HMAC:
case ENCTYPE_ARCFOUR_HMAC_EXP:
/* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype,
diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
index 740425c69..6b45f5f72 100644
--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
+++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp
@@ -53,10 +53,10 @@ proc test200 {} {
}
# XXX Perhaps I should actually check the key type returned.
- if {$num_keys == 5} {
+ if {$num_keys == 4} {
pass "$test"
} else {
- fail "$test: $num_keys keys, should be 5"
+ fail "$test: $num_keys keys, should be 4"
}
if { ! [cmd {kadm5_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
index 3ea1ba29b..d2c6d1afa 100644
--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
+++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp
@@ -143,8 +143,8 @@ proc test101_102 {rpc} {
}
set failed 0
- if {$num_keys != 5} {
- fail "$test: num_keys $num_keys should be 5"
+ if {$num_keys != 4} {
+ fail "$test: num_keys $num_keys should be 4"
set failed 1
}
for {set i 0} {$i < $num_keys} {incr i} {
diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
index 2925c1c43..2f76c8b43 100644
--- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
+++ b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp
@@ -46,10 +46,10 @@ proc test100 {} {
}
# XXX Perhaps I should actually check the key type returned.
- if {$num_keys == 5} {
+ if {$num_keys == 4} {
pass "$test"
} else {
- fail "$test: $num_keys keys, should be 5"
+ fail "$test: $num_keys keys, should be 4"
}
if { ! [cmd {kadm5_destroy $server_handle}]} {
perror "$test: unexpected failure in destroy"
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
index aa35baa3c..bfa99d9eb 100644
--- a/src/lib/krb5/krb/init_ctx.c
+++ b/src/lib/krb5/krb/init_ctx.c
@@ -59,7 +59,6 @@
static krb5_enctype default_enctype_list[] = {
ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
- ENCTYPE_DES3_CBC_SHA1,
ENCTYPE_ARCFOUR_HMAC,
ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC,
0
@@ -467,8 +466,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey,
/* Set all enctypes in the default list. */
for (i = 0; default_list[i]; i++)
mod_list(default_list[i], sel, weak, &list);
- } else if (strcasecmp(token, "des3") == 0) {
- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list);
} else if (strcasecmp(token, "aes") == 0) {
mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list);
mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list);
diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c
index 44d113e7c..966278578 100644
--- a/src/lib/krb5/krb/s4u_creds.c
+++ b/src/lib/krb5/krb/s4u_creds.c
@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context,
assert(req_s4u_user != NULL);
switch (subkey->enctype) {
- case ENCTYPE_DES3_CBC_SHA1:
- case ENCTYPE_DES3_CBC_RAW:
case ENCTYPE_ARCFOUR_HMAC:
case ENCTYPE_ARCFOUR_HMAC_EXP :
not_newer = TRUE;
diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c
index 90c9f626c..935aca12f 100644
--- a/src/lib/krb5/krb/t_etypes.c
+++ b/src/lib/krb5/krb/t_etypes.c
@@ -50,17 +50,6 @@ static struct {
{ ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
0, 0
},
- /* Family followed by enctype */
- { "aes des3-cbc-sha1-kd",
- { 0 },
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
- ENCTYPE_DES3_CBC_SHA1, 0 },
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
- ENCTYPE_DES3_CBC_SHA1, 0 },
- 0, 0
- },
/* Family with enctype removed */
{ "camellia -camellia256-cts-cmac",
{ 0 },
@@ -69,46 +58,15 @@ static struct {
},
/* Default set with family added and enctype removed */
{ "DEFAULT +aes -arcfour-hmac-md5",
- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 },
- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ { ENCTYPE_ARCFOUR_HMAC, 0 },
+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 },
- { ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128,
0 },
0, 0
},
- /* Default set with families removed and enctypes added (one redundant) */
- { "DEFAULT -des3 rc4-hmac rc4-hmac-exp",
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 },
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_ARCFOUR_HMAC, 0 },
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 },
- 0, 0
- },
- /* Default set with family moved to front */
- { "des3 +DEFAULT",
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
- ENCTYPE_DES3_CBC_SHA1, 0 },
- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96,
- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 },
- 0, 0
- },
- /* Two families with default set removed (exotic case), enctype added */
- { "aes +rc4 -DEFaulT des3-hmac-sha1",
- { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1,
- ENCTYPE_ARCFOUR_HMAC, 0 },
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192,
- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 },
- 0, 0
- },
/* Test krb5_set_default_in_tkt_ktypes */
{ NULL,
{ ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 },
diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c
index 10ba8d0ac..24064ffcf 100644
--- a/src/lib/krb5/os/t_trace.c
+++ b/src/lib/krb5/os/t_trace.c
@@ -65,8 +65,8 @@ main (int argc, char *argv[])
krb5_principal princ = &principal_data;
krb5_pa_data padata, padata2, **padatap;
krb5_enctype enctypes[4] = {
- ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN,
- ENCTYPE_NULL};
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP,
+ ENCTYPE_UNKNOWN, ENCTYPE_NULL};
krb5_ccache ccache;
krb5_keytab keytab;
krb5_creds creds;
diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref
index 044a66999..98fb14f3f 100644
--- a/src/lib/krb5/os/t_trace.ref
+++ b/src/lib/krb5/os/t_trace.ref
@@ -41,7 +41,7 @@ int, krb5_principal type: ?
krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0
krb5_pa_data **, display list of padata type numbers: (empty)
krb5_enctype, display shortest name of enctype: aes128-cts
-krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511
+krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511
krb5_enctype *, display list of enctypes: (empty)
krb5_ccache, display type:name: FILE:/path/to/ccache
krb5_keytab, display name: FILE:/etc/krb5.keytab
diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h
index e3d284631..586661bb7 100644
--- a/src/plugins/preauth/pkinit/pkcs11.h
+++ b/src/plugins/preauth/pkinit/pkcs11.h
@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t;
#define CKK_GENERIC_SECRET (0x10)
#define CKK_RC2 (0x11)
#define CKK_RC4 (0x12)
-#define CKK_DES (0x13)
-#define CKK_DES2 (0x14)
-#define CKK_DES3 (0x15)
+/* #define CKK_DES (0x13) */
+/* #define CKK_DES2 (0x14) */
+/* #define CKK_DES3 (0x15) */
#define CKK_CAST (0x16)
#define CKK_CAST3 (0x17)
#define CKK_CAST128 (0x18)
diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index 2817cc213..a385da7c3 100644
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -212,14 +212,6 @@ pkinit_as_req_create(krb5_context context,
auth_pack.clientPublicValue = &info;
auth_pack.supportedKDFs = (krb5_data **)supported_kdf_alg_ids;
- /* add List of CMS algorithms */
- retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx,
- reqctx->cryptoctx,
- reqctx->idctx, &cmstypes);
- auth_pack.supportedCMSTypes = cmstypes;
- if (retval)
- goto cleanup;
-
switch(protocol) {
case DH_PROTOCOL:
TRACE_PKINIT_CLIENT_REQ_DH(context);
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
index 77d5c61fe..1f9868351 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto.h
+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
@@ -380,18 +380,6 @@ krb5_error_code server_process_dh
unsigned int *server_key_len_out); /* OUT
receives length of DH secret key */
-/*
- * this functions takes in crypto specific representation of
- * supportedCMSTypes and creates a list of
- * krb5_algorithm_identifier
- */
-krb5_error_code create_krb5_supportedCMSTypes
- (krb5_context context, /* IN */
- pkinit_plg_crypto_context plg_cryptoctx, /* IN */
- pkinit_req_crypto_context req_cryptoctx, /* IN */
- pkinit_identity_crypto_context id_cryptoctx, /* IN */
- krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */
-
/*
* this functions takes in crypto specific representation of
* trustedCertifiers and creates a list of
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index e5940a513..e1153344e 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -5486,44 +5486,6 @@ cleanup:
return retval;
}
-krb5_error_code
-create_krb5_supportedCMSTypes(krb5_context context,
- pkinit_plg_crypto_context plg_cryptoctx,
- pkinit_req_crypto_context req_cryptoctx,
- pkinit_identity_crypto_context id_cryptoctx,
- krb5_algorithm_identifier ***oids)
-{
-
- krb5_error_code retval = ENOMEM;
- krb5_algorithm_identifier **loids = NULL;
- krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" };
-
- *oids = NULL;
- loids = malloc(2 * sizeof(krb5_algorithm_identifier *));
- if (loids == NULL)
- goto cleanup;
- loids[1] = NULL;
- loids[0] = malloc(sizeof(krb5_algorithm_identifier));
- if (loids[0] == NULL) {
- free(loids);
- goto cleanup;
- }
- retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid);
- if (retval) {
- free(loids[0]);
- free(loids);
- goto cleanup;
- }
- loids[0]->parameters.length = 0;
- loids[0]->parameters.data = NULL;
-
- *oids = loids;
- retval = 0;
-cleanup:
-
- return retval;
-}
-
krb5_error_code
create_krb5_trustedCertifiers(krb5_context context,
pkinit_plg_crypto_context plg_cryptoctx,
diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
index 7acbd0d28..cd998a29a 100644
--- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c
+++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c
@@ -49,7 +49,6 @@ char eighteen_bs[9];
char party_u_name[] = "lha@SU.SE";
char party_v_name[] = "krbtgt/SU.SE@SU.SE";
int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96;
-int enctype_des3 = ENCTYPE_DES3_CBC_SHA1;
const krb5_data lha_data = DATA_FROM_STRING("lha");
krb5_octet key1_hex[] =
@@ -185,36 +184,6 @@ main(int argc, char **argv)
goto cleanup;
}
- /* TEST 3: SHA-512/DES3 */
- /* set up algorithm id */
- alg_id.algorithm.data = (char *)krb5_pkinit_sha512_oid;
- alg_id.algorithm.length = krb5_pkinit_sha512_oid_len;
-
- enctype = enctype_des3;
-
- /* call pkinit_alg_agility_kdf() with test vector values*/
- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
- &alg_id.algorithm,
- u_principal, v_principal,
- enctype, &as_req, &pk_as_rep,
- &key_block))) {
- printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d",
- retval);
- goto cleanup;
- }
-
- /* compare key to expected key value */
-
- if ((key_block.length == sizeof(key3_hex)) &&
- (0 == memcmp(key_block.contents, key3_hex, key_block.length))) {
- printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n");
- retval = 0;
- } else {
- printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n");
- retval = 1;
- goto cleanup;
- }
-
cleanup:
/* release all allocated resources, whether good or bad return */
free(secret.data);
diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c
index 2279202d3..96b0307d7 100644
--- a/src/plugins/preauth/spake/t_vectors.c
+++ b/src/plugins/preauth/spake/t_vectors.c
@@ -56,31 +56,6 @@ struct test {
const char *K2;
const char *K3;
} tests[] = {
- { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519,
- /* initial key, w, x, y, T, S, K */
- "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E",
- "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37",
- "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723",
- "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25",
- "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362",
- "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7",
- "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292",
- /* support, challenge, thash, body */
- "A0093007A0053003020101",
- "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389"
- "102E6BF610C1BFBED4616C8362A20930073005A003020101",
- "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B",
- "3075A00703050000000000A1143012A003020101A10B30091B07726165627572"
- "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018"
- "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730"
- "303130313030303030305AA703020100A8053003020110",
- /* K'[0], K'[1], K'[2], K'[3] */
- "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD",
- "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520",
- "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D",
- "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4",
- },
-
{ ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519,
/* initial key, w, x, y, T, S, K */
"8846F7EAEE8FB117AD06BDD830B7586C",
diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp
index 85bbf478a..302dee74c 100644
--- a/src/tests/dejagnu/config/default.exp
+++ b/src/tests/dejagnu/config/default.exp
@@ -15,8 +15,6 @@ set timeout 100
set stty_init {erase \^h kill \^u}
set env(TERM) dumb
-set des3_krbtgt 0
-
if { [string length $VALGRIND] } {
rename spawn valgrind_aux_spawn
proc spawn { args } {
@@ -105,17 +103,9 @@ if { $PRIOCNTL_HACK } {
# particularly with regards to encryption types.
set passes {
- {
- des3
- mode=udp
- des3_krbtgt=1
- {supported_enctypes=des3-cbc-sha1:normal}
- {dummy=[verbose -log "DES3 TGT, DES3 enctype"]}
- }
{
aes-only
mode=udp
- des3_krbtgt=0
{supported_enctypes=aes256-cts-hmac-sha1-96:normal}
{permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96}
{permitted_enctypes(client)=aes256-cts-hmac-sha1-96}
@@ -130,7 +120,6 @@ set passes {
{
aes-sha2-only
mode=udp
- des3_krbtgt=0
{supported_enctypes=aes256-sha2:normal}
{permitted_enctypes(kdc)=aes256-sha2}
{permitted_enctypes(replica)=aes256-sha2}
@@ -146,7 +135,6 @@ set passes {
{
camellia-only
mode=udp
- des3_krbtgt=0
{supported_enctypes=camellia256-cts:normal}
{permitted_enctypes(kdc)=camellia256-cts}
{permitted_enctypes(replica)=camellia256-cts}
@@ -159,32 +147,9 @@ set passes {
{master_key_type=camellia256-cts}
{dummy=[verbose -log "Camellia-256 enctype"]}
}
- {
- aes-des3
- mode=udp
- des3_krbtgt=0
- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
- {master_key_type=aes256-cts-hmac-sha1-96}
- {dummy=[verbose -log "AES + DES3 + DES enctypes"]}
- }
- {
- aes-des3tgt
- mode=udp
- des3_krbtgt=1
- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal}
- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1}
- {master_key_type=aes256-cts-hmac-sha1-96}
- {dummy=[verbose -log "AES enctypes, DES3 TGT"]}
- }
{
all-enctypes
mode=udp
- des3_krbtgt=0
{allow_weak_crypto(kdc)=false}
{allow_weak_crypto(replica)=false}
{allow_weak_crypto(client)=false}
@@ -946,7 +911,6 @@ proc setup_kerberos_db { standalone } {
global REALMNAME KDB5_UTIL KADMIN_LOCAL KEY
global tmppwd hostname
global spawn_id
- global des3_krbtgt
global multipass_name last_passname_db
set failall 0
@@ -1143,48 +1107,6 @@ proc setup_kerberos_db { standalone } {
}
}
- if $des3_krbtgt {
- # Set the TGT key to DES3.
- set test "kadmin.local TGT to DES3"
- set body {
- if $failall {
- break
- }
- spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal
- verbose "starting $test"
- expect_after $def_exp_after
-
- expect "kadmin.local: "
- send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
- # It echos...
- expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r"
- expect {
- "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { }
- }
- expect "kadmin.local: "
- send "quit\r"
- expect eof
- catch expect_after
- if ![check_exit_status kadmin_local] {
- break
- }
- }
- set ret [catch $body]
- catch "expect eof"
- catch expect_after
- if $ret {
- set failall 1
- if $standalone {
- fail $test
- } else {
- delete_db
- }
- } else {
- if $standalone {
- pass $test
- }
- }
- }
envstack_pop
# create the admin database lock file
diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp
index 661e3fd9a..2b8f60045 100644
--- a/src/tests/dejagnu/krb-standalone/kprop.exp
+++ b/src/tests/dejagnu/krb-standalone/kprop.exp
@@ -54,7 +54,7 @@ proc doit { } {
global REALMNAME KEY
global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id
global hostname tmppwd spawn_id timeout
- global KRBIV supported_enctypes portbase mode ulog des3_krbtgt
+ global KRBIV supported_enctypes portbase mode ulog
# Delete any db, ulog files
delete_db
diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py
index 7494d7fcd..2f95d8996 100755
--- a/src/tests/gssapi/t_enctypes.py
+++ b/src/tests/gssapi/t_enctypes.py
@@ -1,24 +1,17 @@
from k5test import *
-# Define some convenience abbreviations for enctypes we will see in
-# test program output. For background, aes256 and aes128 are "CFX
-# enctypes", meaning that they imply support for RFC 4121, while des3
-# and rc4 are not. DES3 keys will appear as 'des3-cbc-raw' in
-# t_enctypes output because that's how GSSAPI does raw triple-DES
-# encryption without the RFC3961 framing.
+# Define some convenience abbreviations for enctypes we will see in test
+# program output. For background, aes256 and aes128 are "CFX enctypes",
+# meaning that they imply support for RFC 4121, while rc4 does not.
aes256 = 'aes256-cts-hmac-sha1-96'
aes128 = 'aes128-cts-hmac-sha1-96'
-des3 = 'des3-cbc-sha1'
-d_des3 = 'DEPRECATED:des3-cbc-sha1'
-des3raw = 'des3-cbc-raw'
-d_des3raw = 'DEPRECATED:des3-cbc-raw'
rc4 = 'arcfour-hmac'
d_rc4 = 'DEPRECATED:arcfour-hmac'
# These tests make assumptions about the default enctype lists, so set
# them explicitly rather than relying on the library defaults.
-supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal'
-conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'},
+supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal'
+conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'},
'realms': {'$realm': {'supported_enctypes': supp}}}
realm = K5Realm(krb5_conf=conf)
shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save'))
@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts',
test_err('acc aes128', None, 'aes128-cts',
'Encryption type aes256-cts-hmac-sha1-96 not permitted')
-# If the initiator constrains the permitted session enctypes to des3,
-# no acceptor subkey will be generated because we can't upgrade to a
-# CFX enctype.
-test('init des3', 'des3', None,
- tktenc=aes256, tktsession=d_des3,
- proto='rfc1964', isubkey=des3raw, asubkey=None)
-
# Force the ticket session key to be rc4, so we can test some subkey
# upgrade cases. The ticket encryption key remains aes256.
realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4'])
# With no arguments, the initiator should send an upgrade list of
-# [aes256 aes128 des3] and the acceptor should upgrade to an aes256
+# [aes256 aes128] and the acceptor should upgrade to an aes256
# subkey.
test('upgrade noargs', None, None,
tktenc=aes256, tktsession=d_rc4,
@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None,
tktenc=aes256, tktsession=d_rc4,
proto='cfx', isubkey=rc4, asubkey=aes128)
-# If the initiator permits rc4 but prefers des3, it will send an
-# upgrade list of [des3], but the acceptor won't generate a subkey
-# because des3 isn't a CFX enctype.
-test('upgrade init des3+rc4', 'des3 rc4', None,
- tktenc=aes256, tktsession=d_rc4,
- proto='rfc1964', isubkey=rc4, asubkey=None)
-
# If the acceptor permits only aes128, subkey negotiation will fail
# because the ticket session key and initiator subkey are
# non-permitted. (This is unfortunate if the acceptor's restriction
diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c
index 9876a11e6..fb8fe5511 100644
--- a/src/tests/gssapi/t_invalid.c
+++ b/src/tests/gssapi/t_invalid.c
@@ -84,18 +84,6 @@ struct test {
size_t toklen;
const char *token;
} tests[] = {
- {
- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW,
- SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20,
- 24,
- "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7"
- "\x92\x3D\x38\xF7\x26\x73\x0D\x6D",
- 65,
- "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04"
- "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8"
- "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10"
- "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4"
- },
{
ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC,
SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8,
diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c
index 7368f752f..bf22bd3da 100644
--- a/src/tests/gssapi/t_pcontok.c
+++ b/src/tests/gssapi/t_pcontok.c
@@ -43,7 +43,6 @@
#include "k5-int.h"
#include "common.h"
-#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04
#define SGN_ALG_HMAC_MD5 0x11
/*
@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out)
ret = krb5_k_create_key(context, &seqkb, &seq);
check_k5err(context, "krb5_k_create_key", ret);
- if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) {
- cktype = CKSUMTYPE_HMAC_SHA1_DES3;
- cksize = 20;
- ckusage = 23;
- } else if (signalg == SGN_ALG_HMAC_MD5) {
- cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
- cksize = 8;
- ckusage = 15;
- } else {
+ if (signalg != SGN_ALG_HMAC_MD5)
abort();
- }
+
+ cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+ cksize = 8;
+ ckusage = 15;
tlen = 20 + mech_krb5.length + cksize;
token = malloc(tlen);
diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
index f71774cdc..d1857c433 100644
--- a/src/tests/gssapi/t_prf.c
+++ b/src/tests/gssapi/t_prf.c
@@ -41,13 +41,6 @@ static struct {
const char *key2;
const char *out2;
} tests[] = {
- { ENCTYPE_DES3_CBC_SHA1,
- "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2",
- "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9"
- "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB",
- "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E",
- "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190"
- "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" },
{ ENCTYPE_ARCFOUR_HMAC,
"3BB3AE288C12B3B9D06B208A4151B3B6",
"9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28"
diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py
index 3fa957ad2..2e01f46bc 100644
--- a/src/tests/t_authdata.py
+++ b/src/tests/t_authdata.py
@@ -174,7 +174,7 @@ realm.run([kvno, 'restricted'])
# preferred krbtgt enctype changes.
mark('#8139 regression test')
realm.kinit(realm.user_princ, password('user'), ['-f'])
-realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1',
+realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2',
realm.krbtgt_princ])
realm.run(['./forward'])
realm.run([kvno, realm.host_princ])
diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py
index c982508d8..96e90a69d 100644
--- a/src/tests/t_etype_info.py
+++ b/src/tests/t_etype_info.py
@@ -1,6 +1,6 @@
from k5test import *
-supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac'
+supported_enctypes = 'aes128-cts rc4-hmac'
conf = {'libdefaults': {'allow_weak_crypto': 'true'},
'realms': {'$realm': {'supported_enctypes': supported_enctypes}}}
realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf)
@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines):
# With no newer enctypes in the request, PA-ETYPE-INFO2,
# PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one
# key for the most preferred matching enctype.
-test_etinfo('user', 'rc4-hmac-exp des3 rc4',
- ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser',
- 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser',
+test_etinfo('user', 'rc4-hmac-exp rc4',
+ ['asrep etype_info2 rc4-hmac KRBTEST.COMuser',
+ 'asrep etype_info rc4-hmac KRBTEST.COMuser',
'asrep pw_salt KRBTEST.COMuser'])
# With a newer enctype in the request (even if it is not the most
@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts',
# In preauth-required errors, PA-PW-SALT does not appear, but the same
# etype-info2 values are expected.
-test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4',
- ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser',
- 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser'])
+test_etinfo('preauthuser', 'rc4-hmac-exp rc4',
+ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser',
+ 'error etype_info rc4-hmac KRBTEST.COMpreauthuser'])
test_etinfo('preauthuser', 'rc4 aes256-cts',
['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser'])
@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts',
# (to allow for preauth mechs which don't depend on long-term keys).
# An AS-REP cannot be generated without preauth as there is no reply
# key.
-test_etinfo('rc4user', 'des3', [])
-test_etinfo('nokeyuser', 'des3', [])
+test_etinfo('rc4user', 'aes128-cts', [])
+test_etinfo('nokeyuser', 'aes128-cts', [])
# Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED
# error if the client does optimistic preauth.
diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py
index 2c825a692..f29e0d550 100755
--- a/src/tests/t_keyrollover.py
+++ b/src/tests/t_keyrollover.py
@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg)
# Test that the KDC only accepts the first enctype for a kvno, for a
# local-realm TGS request. To set this up, we abuse an edge-case
-# behavior of modprinc -kvno. First, set up a DES3 krbtgt entry at
+# behavior of modprinc -kvno. First, set up an aes128-sha2 krbtgt entry at
# kvno 1 and cache a krbtgt ticket.
-realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1',
+realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128',
realm.krbtgt_princ])
realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
realm.kinit(realm.user_princ, password('user'))
@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts',
realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ])
if 'vno 1, aes256-cts' not in out or \
- 'vno 1, DEPRECATED:des3-cbc-sha1' not in out:
+ 'vno 1, aes128-cts-hmac-sha256-128' not in out:
fail('keyrollover: setup for TGS enctype test failed')
-# Now present the DES3 ticket to the KDC and make sure it's rejected.
+# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected.
realm.run([kvno, realm.host_princ], expected_code=1)
realm.stop()
diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py
index 32f4070bc..da0ed1831 100755
--- a/src/tests/t_mkey.py
+++ b/src/tests/t_mkey.py
@@ -7,7 +7,6 @@ import struct
# default enctype for master keys.
aes256 = 'aes256-cts-hmac-sha1-96'
aes128 = 'aes128-cts-hmac-sha1-96'
-des3 = 'des3-cbc-sha1'
defetype = aes256
realm = K5Realm(create_host=False, start_kadmind=True)
@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out:
realm.stop()
-# Load a dump file created with krb5 1.6, before the master key
-# rollover changes were introduced. Write out an old-format stash
-# file consistent with the dump's master password ("footes"). The K/M
-# entry in this database will not have actkvno tl-data because it was
-# created prior to master key rollover support. Verify that:
-# 1. We can access the database using the old-format stash file.
-# 2. list_mkeys displays the same list as for a post-1.7 KDB.
-mark('pre-1.7 stash file')
-dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16')
-os.remove(stash_file)
-f = open(stash_file, 'wb')
-f.write(struct.pack('=HL24s', 16, 24,
- b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0'
- b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86'))
-f.close()
-realm.run([kdb5_util, 'load', dumpfile])
-nprincs = len(realm.run([kadminl, 'listprincs']).splitlines())
-check_mkvno('K/M', 1)
-check_mkey_list((1, des3, True, True))
-
-# Create a new master key and verify that, without actkvkno tl-data:
-# 1. list_mkeys displays the same as for a post-1.7 KDB.
-# 2. update_princ_encryption still targets mkvno 1.
-# 3. libkadm5 still uses mkvno 1 for key changes.
-# 4. use_mkey creates the same list as for a post-1.7 KDB.
-mark('rollover from pre-1.7 KDB')
-add_mkey([])
-check_mkey_list((2, defetype, False, False), (1, des3, True, True))
-update_princ_encryption(False, 1, 0, nprincs - 1)
-realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ])
-check_mkvno(realm.user_princ, 1)
-realm.run([kdb5_util, 'use_mkey', '2', 'now-1day'])
-check_mkey_list((2, defetype, True, True), (1, des3, True, False))
-
# Regression test for #8395. Purge the master key and verify that a
# master key fetch does not segfault.
mark('#8395 regression test')
diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py
index 65084bbf3..55ca89745 100755
--- a/src/tests/t_salt.py
+++ b/src/tests/t_salt.py
@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2):
# Enctype/salt pairs chosen with non-default salt types.
# The enctypes are mostly arbitrary.
-salts = [('des3-cbc-sha1', 'norealm'),
+salts = [('aes128-cts-hmac-sha1-96', 'norealm'),
('arcfour-hmac', 'onlyrealm'),
('aes128-cts-hmac-sha1-96', 'special')]
# These enctypes are chosen to cover the different string-to-key routines.
# Omit ":normal" from aes256 to check that salttype defaulting works.
-second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal',
- 'des3-cbc-sha1:normal']
+second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal']
# Test using different salt types in a principal's key list.
# Parameters from one key in the list must not leak over to later ones.
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 6afe4b92c..789b0f4b9 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -1278,13 +1278,6 @@ _passes = [
# No special settings; exercises AES256.
('default', None, None, None),
- # Exercise the DES3 enctype.
- ('des3', None,
- {'libdefaults': {'permitted_enctypes': 'des3'}},
- {'realms': {'$realm': {
- 'supported_enctypes': 'des3-cbc-sha1:normal',
- 'master_key_type': 'des3-cbc-sha1'}}}),
-
# Exercise the arcfour enctype.
('arcfour', None,
{'libdefaults': {'permitted_enctypes': 'rc4'}},
diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
index 1aebdd0b4..c38eefd2b 100644
--- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm
+++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm
@@ -79,19 +79,6 @@ will have an entry in the Encryption type column. <br>
<th>Description</th>
</tr>
<tr>
-<th id="th2"> des3- </th>
- <td> The triple DES family improves on
-the original DES (Data Encryption Standard) by using 3 separate 56-bit
-keys. Some modes of 3DES are considered weak while others are strong
-(if slow). <ul id="helpul">
-<li> des3-cbc-sha1</li>
-<li> des3-cbc-raw (<b>weak</b>) </li>
-<li>des3-hmac-sha1 </li>
-<li>des3-cbc-sha1-kd </li>
-</ul>
-</td>
- </tr>
-<tr>
<th id="th2"> aes </th>
<td>The AES Advanced Encryption Standard
family, like 3DES, is a symmetric block cipher and was designed