From 2bdfe3735e50438213359e3c7a070ea873cf30be Mon Sep 17 00:00:00 2001

From: Andrew Bartlett <abartlet@samba.org>

Date: Thu, 15 Aug 2019 14:23:35 +1200

Subject: [PATCH 107/187] lib/crypto: Remove unused RC4 code from Samba

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Reviewed-by: Andreas Schneider <asn@samba.org>

(cherry picked from commit e9859ad356b42f39585dcef1a38def97a50a3744)

---

 lib/crypto/arcfour.c     | 93 ----------------------------------------

 lib/crypto/arcfour.h     | 17 --------

 lib/crypto/wscript_build |  9 ----

 3 files changed, 119 deletions(-)

 delete mode 100644 lib/crypto/arcfour.c

 delete mode 100644 lib/crypto/arcfour.h

diff --git a/lib/crypto/arcfour.c b/lib/crypto/arcfour.c

deleted file mode 100644

index af9b20cc01e..00000000000

--- a/lib/crypto/arcfour.c

+++ /dev/null

@@ -1,93 +0,0 @@

-/*

-   Unix SMB/CIFS implementation.

-

-   An implementation of the arcfour algorithm

-

-   Copyright (C) Andrew Tridgell 1998

-

-   This program is free software; you can redistribute it and/or modify

-   it under the terms of the GNU General Public License as published by

-   the Free Software Foundation; either version 3 of the License, or

-   (at your option) any later version.

-

-   This program is distributed in the hope that it will be useful,

-   but WITHOUT ANY WARRANTY; without even the implied warranty of

-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

-   GNU General Public License for more details.

-

-   You should have received a copy of the GNU General Public License

-   along with this program.  If not, see <http://www.gnu.org/licenses/>.

-*/

-

-#include "replace.h"

-#include "../lib/crypto/arcfour.h"

-

-/* initialise the arcfour sbox with key */

-_PUBLIC_ void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key)

-{

-	size_t ind;

-	uint8_t j = 0;

-	for (ind = 0; ind < sizeof(state->sbox); ind++) {

-		state->sbox[ind] = (uint8_t)ind;

-	}

-

-	for (ind = 0; ind < sizeof(state->sbox); ind++) {

-		uint8_t tc;

-

-		j += (state->sbox[ind] + key->data[ind%key->length]);

-

-		tc = state->sbox[ind];

-		state->sbox[ind] = state->sbox[j];

-		state->sbox[j] = tc;

-	}

-	state->index_i = 0;

-	state->index_j = 0;

-}

-

-/* crypt the data with arcfour */

-_PUBLIC_ void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data,

-				 int len)

-{

-	int ind;

-

-	for (ind = 0; ind < len; ind++) {

-		uint8_t tc;

-		uint8_t t;

-

-		state->index_i++;

-		state->index_j += state->sbox[state->index_i];

-

-		tc = state->sbox[state->index_i];

-		state->sbox[state->index_i] = state->sbox[state->index_j];

-		state->sbox[state->index_j] = tc;

-

-		t = state->sbox[state->index_i] + state->sbox[state->index_j];

-		data[ind] = data[ind] ^ state->sbox[t];

-	}

-}

-

-/*

-  arcfour encryption with a blob key

-*/

-_PUBLIC_ void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key)

-{

-	struct arcfour_state state;

-	arcfour_init(&state, key);

-	arcfour_crypt_sbox(&state, data, len);

-}

-

-/*

-  a variant that assumes a 16 byte key. This should be removed

-  when the last user is gone

-*/

-_PUBLIC_ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)

-{

-	uint8_t keycopy[16];

-	DATA_BLOB key = { .data = keycopy, .length = sizeof(keycopy) };

-

-	memcpy(keycopy, keystr, sizeof(keycopy));

-

-	arcfour_crypt_blob(data, len, &key);

-}

-

-

diff --git a/lib/crypto/arcfour.h b/lib/crypto/arcfour.h

deleted file mode 100644

index a9f80c474d5..00000000000

--- a/lib/crypto/arcfour.h

+++ /dev/null

@@ -1,17 +0,0 @@

-#ifndef ARCFOUR_HEADER_H

-#define ARCFOUR_HEADER_H

-

-#include "../lib/util/data_blob.h"

-

-struct arcfour_state {

-	uint8_t sbox[256];

-	uint8_t index_i;

-	uint8_t index_j;

-};

-

-void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key);

-void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len);

-void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key);

-void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len);

-

-#endif /* ARCFOUR_HEADER_H */

diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build

index 9a7c715754d..dcac8fcd30c 100644

--- a/lib/crypto/wscript_build

+++ b/lib/crypto/wscript_build

@@ -12,14 +12,6 @@ bld.SAMBA_SUBSYSTEM('GNUTLS_HELPERS',

                     ''',

                     deps='gnutls samba-errors');

-# We have a GnuTLS DCEPRC backupkey implementation for the server and the test.

-# However this is only working with GnuTLS >= 3.4.7. So we need to keep this

-# around till we can require at least GnuTLS in a newer version.

-bld.SAMBA_SUBSYSTEM('LIBCRYPTO_RC4',

-                    source='arcfour.c',

-                    deps='talloc',

-                    enabled=not bld.CONFIG_SET('HAVE_GNUTLS_3_4_7'))

-

 bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES_CCM',

                     source='aes_ccm_128.c',

                     deps='talloc')

@@ -42,7 +34,6 @@ bld.SAMBA_SUBSYSTEM('LIBCRYPTO',

                ''',

         deps='''

              talloc

-             LIBCRYPTO_RC4

              LIBCRYPTO_AES

              LIBCRYPTO_AES_CCM

              LIBCRYPTO_AES_GCM

-- 

2.23.0