LCOV - code coverage report
Current view: top level - third_party/heimdal/lib/krb5 - crypto-des-common.c (source / functions) Hit Total Coverage
Test: coverage report for master 2f515e9b Lines: 3 62 4.8 %
Date: 2024-04-21 15:09:00 Functions: 1 4 25.0 % 

          Line data    Source code
       1             : /*
       2             :  * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
       3             :  * (Royal Institute of Technology, Stockholm, Sweden).
       4             :  * All rights reserved.
       5             :  *
       6             :  * Redistribution and use in source and binary forms, with or without
       7             :  * modification, are permitted provided that the following conditions
       8             :  * are met:
       9             :  *
      10             :  * 1. Redistributions of source code must retain the above copyright
      11             :  *    notice, this list of conditions and the following disclaimer.
      12             :  *
      13             :  * 2. Redistributions in binary form must reproduce the above copyright
      14             :  *    notice, this list of conditions and the following disclaimer in the
      15             :  *    documentation and/or other materials provided with the distribution.
      16             :  *
      17             :  * 3. Neither the name of the Institute nor the names of its contributors
      18             :  *    may be used to endorse or promote products derived from this software
      19             :  *    without specific prior written permission.
      20             :  *
      21             :  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
      22             :  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
      23             :  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
      24             :  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
      25             :  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
      26             :  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
      27             :  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
      28             :  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
      29             :  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
      30             :  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
      31             :  * SUCH DAMAGE.
      32             :  */
      33             : 
      34             : /* Functions which are used by both single and triple DES enctypes */
      35             : 
      36             : #include "krb5_locl.h"
      37             : 
      38             : /*
      39             :  * A = A xor B. A & B are 8 bytes.
      40             :  */
      41             : 
      42             : KRB5_LIB_FUNCTION void KRB5_LIB_CALL
      43           0 : _krb5_xor8(unsigned char *a, const unsigned char *b)
      44             : {
      45           0 :     a[0] ^= b[0];
      46           0 :     a[1] ^= b[1];
      47           0 :     a[2] ^= b[2];
      48           0 :     a[3] ^= b[3];
      49           0 :     a[4] ^= b[4];
      50           0 :     a[5] ^= b[5];
      51           0 :     a[6] ^= b[6];
      52           0 :     a[7] ^= b[7];
      53           0 : }
      54             : 
      55             : #if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO)
      56             : KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
      57           0 : _krb5_des_checksum(krb5_context context,
      58             :                    const EVP_MD *evp_md,
      59             :                    struct _krb5_key_data *key,
      60             :                    const struct krb5_crypto_iov *iov,
      61             :                    int niov,
      62             :                    Checksum *cksum)
      63             : {
      64           0 :     struct _krb5_evp_schedule *ctx = key->schedule->data;
      65           0 :     EVP_MD_CTX *m;
      66           0 :     DES_cblock ivec;
      67           0 :     int i;
      68           0 :     unsigned char *p = cksum->checksum.data;
      69             : 
      70           0 :     krb5_generate_random_block(p, 8);
      71             : 
      72           0 :     m = EVP_MD_CTX_create();
      73           0 :     if (m == NULL)
      74           0 :         return krb5_enomem(context);
      75             : 
      76           0 :     EVP_DigestInit_ex(m, evp_md, NULL);
      77           0 :     EVP_DigestUpdate(m, p, 8);
      78           0 :     for (i = 0; i < niov; i++) {
      79           0 :         if (_krb5_crypto_iov_should_sign(&iov[i]))
      80           0 :             EVP_DigestUpdate(m, iov[i].data.data, iov[i].data.length);
      81             :     }
      82           0 :     EVP_DigestFinal_ex (m, p + 8, NULL);
      83           0 :     EVP_MD_CTX_destroy(m);
      84           0 :     memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec));
      85           0 :     EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1);
      86           0 :     EVP_Cipher(&ctx->ectx, p, p, 24);
      87             : 
      88           0 :     return 0;
      89             : }
      90             : 
      91             : KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
      92           0 : _krb5_des_verify(krb5_context context,
      93             :                  const EVP_MD *evp_md,
      94             :                  struct _krb5_key_data *key,
      95             :                  const struct krb5_crypto_iov *iov,
      96             :                  int niov,
      97             :                  Checksum *C)
      98             : {
      99           0 :     struct _krb5_evp_schedule *ctx = key->schedule->data;
     100           0 :     EVP_MD_CTX *m;
     101           0 :     unsigned char tmp[24];
     102           0 :     unsigned char res[16];
     103           0 :     DES_cblock ivec;
     104           0 :     krb5_error_code ret = 0;
     105           0 :     int i;
     106             : 
     107           0 :     m = EVP_MD_CTX_create();
     108           0 :     if (m == NULL)
     109           0 :         return krb5_enomem(context);
     110             : 
     111           0 :     memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec));
     112           0 :     EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1);
     113           0 :     EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24);
     114             : 
     115           0 :     EVP_DigestInit_ex(m, evp_md, NULL);
     116           0 :     EVP_DigestUpdate(m, tmp, 8); /* confounder */
     117           0 :     for (i = 0; i < niov; i++) {
     118           0 :         if (_krb5_crypto_iov_should_sign(&iov[i]))
     119           0 :             EVP_DigestUpdate(m, iov[i].data.data, iov[i].data.length);
     120             :     }
     121           0 :     EVP_DigestFinal_ex (m, res, NULL);
     122           0 :     EVP_MD_CTX_destroy(m);
     123           0 :     if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) {
     124           0 :         krb5_clear_error_message (context);
     125           0 :         ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
     126             :     }
     127           0 :     memset_s(tmp, sizeof(tmp), 0, sizeof(tmp));
     128           0 :     memset_s(res, sizeof(res), 0, sizeof(res));
     129           0 :     return ret;
     130             : }
     131             : 
     132             : #endif
     133             : 
     134             : static krb5_error_code
     135     2253125 : RSA_MD5_checksum(krb5_context context,
     136             :                  krb5_crypto crypto,
     137             :                  struct _krb5_key_data *key,
     138             :                  unsigned usage,
     139             :                  const struct krb5_crypto_iov *iov,
     140             :                  int niov,
     141             :                  Checksum *C)
     142             : {
     143     2253125 :     if (_krb5_evp_digest_iov(crypto, iov, niov, C->checksum.data,
     144             :                              NULL, EVP_md5(), NULL) != 1)
     145           0 :         krb5_abortx(context, "md5 checksum failed");
     146             : 
     147     2253125 :     return 0;
     148             : }
     149             : 
     150             : struct _krb5_checksum_type _krb5_checksum_rsa_md5 = {
     151             :     CKSUMTYPE_RSA_MD5,
     152             :     "rsa-md5",
     153             :     64,
     154             :     16,
     155             :     F_CPROOF,
     156             :     RSA_MD5_checksum,
     157             :     NULL
     158             : };

Generated by: LCOV version 1.14