From 2bdfe3735e50438213359e3c7a070ea873cf30be Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 15 Aug 2019 14:23:35 +1200
Subject: [PATCH 107/187] lib/crypto: Remove unused RC4 code from Samba

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e9859ad356b42f39585dcef1a38def97a50a3744)
---
 lib/crypto/arcfour.c     | 93 ----------------------------------------
 lib/crypto/arcfour.h     | 17 --------
 lib/crypto/wscript_build |  9 ----
 3 files changed, 119 deletions(-)
 delete mode 100644 lib/crypto/arcfour.c
 delete mode 100644 lib/crypto/arcfour.h

diff --git a/lib/crypto/arcfour.c b/lib/crypto/arcfour.c
deleted file mode 100644
index af9b20cc01e..00000000000
--- a/lib/crypto/arcfour.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
-   Unix SMB/CIFS implementation.
-
-   An implementation of the arcfour algorithm
-
-   Copyright (C) Andrew Tridgell 1998
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "replace.h"
-#include "../lib/crypto/arcfour.h"
-
-/* initialise the arcfour sbox with key */
-_PUBLIC_ void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key)
-{
-	size_t ind;
-	uint8_t j = 0;
-	for (ind = 0; ind < sizeof(state->sbox); ind++) {
-		state->sbox[ind] = (uint8_t)ind;
-	}
-
-	for (ind = 0; ind < sizeof(state->sbox); ind++) {
-		uint8_t tc;
-
-		j += (state->sbox[ind] + key->data[ind%key->length]);
-
-		tc = state->sbox[ind];
-		state->sbox[ind] = state->sbox[j];
-		state->sbox[j] = tc;
-	}
-	state->index_i = 0;
-	state->index_j = 0;
-}
-
-/* crypt the data with arcfour */
-_PUBLIC_ void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data,
-				 int len)
-{
-	int ind;
-
-	for (ind = 0; ind < len; ind++) {
-		uint8_t tc;
-		uint8_t t;
-
-		state->index_i++;
-		state->index_j += state->sbox[state->index_i];
-
-		tc = state->sbox[state->index_i];
-		state->sbox[state->index_i] = state->sbox[state->index_j];
-		state->sbox[state->index_j] = tc;
-
-		t = state->sbox[state->index_i] + state->sbox[state->index_j];
-		data[ind] = data[ind] ^ state->sbox[t];
-	}
-}
-
-/*
-  arcfour encryption with a blob key
-*/
-_PUBLIC_ void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key)
-{
-	struct arcfour_state state;
-	arcfour_init(&state, key);
-	arcfour_crypt_sbox(&state, data, len);
-}
-
-/*
-  a variant that assumes a 16 byte key. This should be removed
-  when the last user is gone
-*/
-_PUBLIC_ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)
-{
-	uint8_t keycopy[16];
-	DATA_BLOB key = { .data = keycopy, .length = sizeof(keycopy) };
-
-	memcpy(keycopy, keystr, sizeof(keycopy));
-
-	arcfour_crypt_blob(data, len, &key);
-}
-
-
diff --git a/lib/crypto/arcfour.h b/lib/crypto/arcfour.h
deleted file mode 100644
index a9f80c474d5..00000000000
--- a/lib/crypto/arcfour.h
+++ /dev/null
@@ -1,17 +0,0 @@
-#ifndef ARCFOUR_HEADER_H
-#define ARCFOUR_HEADER_H
-
-#include "../lib/util/data_blob.h"
-
-struct arcfour_state {
-	uint8_t sbox[256];
-	uint8_t index_i;
-	uint8_t index_j;
-};
-
-void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key);
-void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len);
-void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key);
-void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len);
-
-#endif /* ARCFOUR_HEADER_H */
diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build
index 9a7c715754d..dcac8fcd30c 100644
--- a/lib/crypto/wscript_build
+++ b/lib/crypto/wscript_build
@@ -12,14 +12,6 @@ bld.SAMBA_SUBSYSTEM('GNUTLS_HELPERS',
                     ''',
                     deps='gnutls samba-errors');
 
-# We have a GnuTLS DCEPRC backupkey implementation for the server and the test.
-# However this is only working with GnuTLS >= 3.4.7. So we need to keep this
-# around till we can require at least GnuTLS in a newer version.
-bld.SAMBA_SUBSYSTEM('LIBCRYPTO_RC4',
-                    source='arcfour.c',
-                    deps='talloc',
-                    enabled=not bld.CONFIG_SET('HAVE_GNUTLS_3_4_7'))
-
 bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES_CCM',
                     source='aes_ccm_128.c',
                     deps='talloc')
@@ -42,7 +34,6 @@ bld.SAMBA_SUBSYSTEM('LIBCRYPTO',
                ''',
         deps='''
              talloc
-             LIBCRYPTO_RC4
              LIBCRYPTO_AES
              LIBCRYPTO_AES_CCM
              LIBCRYPTO_AES_GCM
-- 
2.23.0