diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
commit | 4f5791ebd03eaec1c7da0865a383175b05102712 (patch) | |
tree | 8ce7b00f7a76baa386372422adebbe64510812d4 /third_party/heimdal/lib/krb5/salt-des3.c | |
parent | Initial commit. (diff) | |
download | samba-upstream.tar.xz samba-upstream.zip |
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'third_party/heimdal/lib/krb5/salt-des3.c')
-rw-r--r-- | third_party/heimdal/lib/krb5/salt-des3.c | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/third_party/heimdal/lib/krb5/salt-des3.c b/third_party/heimdal/lib/krb5/salt-des3.c new file mode 100644 index 0000000..8cb73cf --- /dev/null +++ b/third_party/heimdal/lib/krb5/salt-des3.c @@ -0,0 +1,146 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifdef DES3_OLD_ENCTYPE +static krb5_error_code +DES3_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + char *str; + size_t len; + unsigned char tmp[24]; + DES_cblock keys[3]; + krb5_error_code ret; + + len = password.length + salt.saltvalue.length; + str = malloc(len); + if (len != 0 && str == NULL) + return krb5_enomem(context); + memcpy(str, password.data, password.length); + memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); + { + DES_cblock ivec; + DES_key_schedule s[3]; + int i; + + ret = _krb5_n_fold(str, len, tmp, 24); + if (ret) { + memset_s(str, len, 0, len); + free(str); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + return ret; + } + + for(i = 0; i < 3; i++){ + memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); + DES_set_odd_parity(keys + i); + if(DES_is_weak_key(keys + i)) + _krb5_xor8(*(keys + i), (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); + DES_set_key_unchecked(keys + i, &s[i]); + } + memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec)); + DES_ede3_cbc_encrypt(tmp, + tmp, sizeof(tmp), + &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); + memset_s(s, sizeof(s), 0, sizeof(s)); + memset_s(&ivec, sizeof(ivec), 0, sizeof(ivec)); + for(i = 0; i < 3; i++){ + memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); + DES_set_odd_parity(keys + i); + if(DES_is_weak_key(keys + i)) + _krb5_xor8(*(keys + i), (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); + } + memset_s(tmp, sizeof(tmp), 0, sizeof(tmp)); + } + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); + memset_s(keys, sizeof(keys), 0, sizeof(keys)); + memset_s(str, len, 0, len); + free(str); + return 0; +} +#endif + +static krb5_error_code +DES3_string_to_key_derived(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + krb5_error_code ret; + size_t len = password.length + salt.saltvalue.length; + char *s; + + s = malloc(len); + if (len != 0 && s == NULL) + return krb5_enomem(context); + memcpy(s, password.data, password.length); + memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); + ret = krb5_string_to_key_derived(context, + s, + len, + enctype, + key); + memset_s(s, len, 0, len); + free(s); + return ret; +} + + +#ifdef DES3_OLD_ENCTYPE +struct salt_type _krb5_des3_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES3_string_to_key + }, + { 0, NULL, NULL } +}; +#endif + +struct salt_type _krb5_des3_salt_derived[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES3_string_to_key_derived + }, + { 0, NULL, NULL } +}; |