xref: /freebsd/crypto/heimdal/lib/krb5/crypto-des3.c (revision 3823d5e198425b4f5e5a80267d195769d1063773)
1 /*
2  * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "krb5_locl.h"
35 
36 /*
37  *
38  */
39 
40 static void
41 DES3_random_key(krb5_context context,
42 		krb5_keyblock *key)
43 {
44     DES_cblock *k = key->keyvalue.data;
45     do {
46 	krb5_generate_random_block(k, 3 * sizeof(DES_cblock));
47 	DES_set_odd_parity(&k[0]);
48 	DES_set_odd_parity(&k[1]);
49 	DES_set_odd_parity(&k[2]);
50     } while(DES_is_weak_key(&k[0]) ||
51 	    DES_is_weak_key(&k[1]) ||
52 	    DES_is_weak_key(&k[2]));
53 }
54 
55 
56 #ifdef DES3_OLD_ENCTYPE
57 static struct _krb5_key_type keytype_des3 = {
58     ETYPE_OLD_DES3_CBC_SHA1,
59     "des3",
60     168,
61     24,
62     sizeof(struct _krb5_evp_schedule),
63     DES3_random_key,
64     _krb5_evp_schedule,
65     _krb5_des3_salt,
66     _krb5_DES3_random_to_key,
67     _krb5_evp_cleanup,
68     EVP_des_ede3_cbc
69 };
70 #endif
71 
72 static struct _krb5_key_type keytype_des3_derived = {
73     ETYPE_OLD_DES3_CBC_SHA1,
74     "des3",
75     168,
76     24,
77     sizeof(struct _krb5_evp_schedule),
78     DES3_random_key,
79     _krb5_evp_schedule,
80     _krb5_des3_salt_derived,
81     _krb5_DES3_random_to_key,
82     _krb5_evp_cleanup,
83     EVP_des_ede3_cbc
84 };
85 
86 #ifdef DES3_OLD_ENCTYPE
87 static krb5_error_code
88 RSA_MD5_DES3_checksum(krb5_context context,
89 		      struct _krb5_key_data *key,
90 		      const void *data,
91 		      size_t len,
92 		      unsigned usage,
93 		      Checksum *C)
94 {
95     return _krb5_des_checksum(context, EVP_md5(), key, data, len, C);
96 }
97 
98 static krb5_error_code
99 RSA_MD5_DES3_verify(krb5_context context,
100 		    struct _krb5_key_data *key,
101 		    const void *data,
102 		    size_t len,
103 		    unsigned usage,
104 		    Checksum *C)
105 {
106     return _krb5_des_verify(context, EVP_md5(), key, data, len, C);
107 }
108 
109 struct _krb5_checksum_type _krb5_checksum_rsa_md5_des3 = {
110     CKSUMTYPE_RSA_MD5_DES3,
111     "rsa-md5-des3",
112     64,
113     24,
114     F_KEYED | F_CPROOF | F_VARIANT,
115     RSA_MD5_DES3_checksum,
116     RSA_MD5_DES3_verify
117 };
118 #endif
119 
120 struct _krb5_checksum_type _krb5_checksum_hmac_sha1_des3 = {
121     CKSUMTYPE_HMAC_SHA1_DES3,
122     "hmac-sha1-des3",
123     64,
124     20,
125     F_KEYED | F_CPROOF | F_DERIVED,
126     _krb5_SP_HMAC_SHA1_checksum,
127     NULL
128 };
129 
130 #ifdef DES3_OLD_ENCTYPE
131 struct _krb5_encryption_type _krb5_enctype_des3_cbc_md5 = {
132     ETYPE_DES3_CBC_MD5,
133     "des3-cbc-md5",
134     8,
135     8,
136     8,
137     &keytype_des3,
138     &_krb5_checksum_rsa_md5,
139     &_krb5_checksum_rsa_md5_des3,
140     0,
141     _krb5_evp_encrypt,
142     0,
143     NULL
144 };
145 #endif
146 
147 struct _krb5_encryption_type _krb5_enctype_des3_cbc_sha1 = {
148     ETYPE_DES3_CBC_SHA1,
149     "des3-cbc-sha1",
150     8,
151     8,
152     8,
153     &keytype_des3_derived,
154     &_krb5_checksum_sha1,
155     &_krb5_checksum_hmac_sha1_des3,
156     F_DERIVED,
157     _krb5_evp_encrypt,
158     0,
159     NULL
160 };
161 
162 #ifdef DES3_OLD_ENCTYPE
163 struct _krb5_encryption_type _krb5_enctype_old_des3_cbc_sha1 = {
164     ETYPE_OLD_DES3_CBC_SHA1,
165     "old-des3-cbc-sha1",
166     8,
167     8,
168     8,
169     &keytype_des3,
170     &_krb5_checksum_sha1,
171     &_krb5_checksum_hmac_sha1_des3,
172     0,
173     _krb5_evp_encrypt,
174     0,
175     NULL
176 };
177 #endif
178 
179 struct _krb5_encryption_type _krb5_enctype_des3_cbc_none = {
180     ETYPE_DES3_CBC_NONE,
181     "des3-cbc-none",
182     8,
183     8,
184     0,
185     &keytype_des3_derived,
186     &_krb5_checksum_none,
187     NULL,
188     F_PSEUDO,
189     _krb5_evp_encrypt,
190     0,
191     NULL
192 };
193 
194 void
195 _krb5_DES3_random_to_key(krb5_context context,
196 			 krb5_keyblock *key,
197 			 const void *data,
198 			 size_t size)
199 {
200     unsigned char *x = key->keyvalue.data;
201     const u_char *q = data;
202     DES_cblock *k;
203     int i, j;
204 
205     memset(key->keyvalue.data, 0, key->keyvalue.length);
206     for (i = 0; i < 3; ++i) {
207 	unsigned char foo;
208 	for (j = 0; j < 7; ++j) {
209 	    unsigned char b = q[7 * i + j];
210 
211 	    x[8 * i + j] = b;
212 	}
213 	foo = 0;
214 	for (j = 6; j >= 0; --j) {
215 	    foo |= q[7 * i + j] & 1;
216 	    foo <<= 1;
217 	}
218 	x[8 * i + 7] = foo;
219     }
220     k = key->keyvalue.data;
221     for (i = 0; i < 3; i++) {
222 	DES_set_odd_parity(&k[i]);
223 	if(DES_is_weak_key(&k[i]))
224 	    _krb5_xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
225     }
226 }
227