diff options
author | Andrew Tridgell <tridge@samba.org> | 2008-06-04 09:25:16 -0700 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2008-06-04 09:25:16 -0700 |
commit | bc8c2a50e8a2467721e1739b28a6f4ce96162f4f (patch) | |
tree | cb6cff5e427212b15ace82903f6590c1f5544c93 | |
parent | 70219bee139445ab6116def04e25c245871f8391 (diff) | |
parent | 71ce9975fa06948d95b2bf9184dbef113813337a (diff) | |
download | samba-bc8c2a50e8a2467721e1739b28a6f4ce96162f4f.tar.gz samba-bc8c2a50e8a2467721e1739b28a6f4ce96162f4f.tar.bz2 samba-bc8c2a50e8a2467721e1739b28a6f4ce96162f4f.zip |
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
(This used to be commit d206517f90ac02e829193c5a17e5df25059cf18d)
-rw-r--r-- | source4/kdc/hdb-ldb.c | 4 | ||||
-rw-r--r-- | source4/kdc/kdc.c | 5 | ||||
-rw-r--r-- | source4/kdc/kdc.h | 1 | ||||
-rw-r--r-- | source4/kdc/kpasswdd.c | 2 | ||||
-rw-r--r-- | source4/kdc/pac-glue.c | 2 | ||||
-rw-r--r-- | source4/lib/crypto/config.mk | 5 | ||||
-rw-r--r-- | source4/lib/crypto/crypto.h | 2 | ||||
-rw-r--r-- | source4/lib/crypto/hmacsha1.c | 86 | ||||
-rw-r--r-- | source4/lib/crypto/hmacsha1.h | 33 | ||||
-rw-r--r-- | source4/lib/crypto/hmacsha1test.c | 97 | ||||
-rw-r--r-- | source4/lib/crypto/sha1.c | 390 | ||||
-rw-r--r-- | source4/lib/crypto/sha1.h | 62 | ||||
-rw-r--r-- | source4/lib/crypto/sha1test.c | 110 | ||||
-rw-r--r-- | source4/torture/local/local.c | 5 |
14 files changed, 8 insertions, 796 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c index 9c7b1f6457..70e578ee0d 100644 --- a/source4/kdc/hdb-ldb.c +++ b/source4/kdc/hdb-ldb.c @@ -34,10 +34,7 @@ #include "includes.h" #include "system/time.h" -#include "kdc.h" #include "dsdb/common/flags.h" -#include "hdb.h" -#include "krb5_locl.h" #include "lib/ldb/include/ldb.h" #include "lib/ldb/include/ldb_errors.h" #include "librpc/gen_ndr/netlogon.h" @@ -51,6 +48,7 @@ #include "libcli/auth/libcli_auth.h" #include "param/param.h" #include "events/events.h" +#include "kdc/kdc.h" enum hdb_ldb_ent_type { HDB_LDB_ENT_TYPE_CLIENT, HDB_LDB_ENT_TYPE_SERVER, diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c index 84d9d45f57..dfd62c55a4 100644 --- a/source4/kdc/kdc.c +++ b/source4/kdc/kdc.c @@ -28,17 +28,14 @@ #include "smbd/process_model.h" #include "lib/events/events.h" #include "lib/socket/socket.h" -#include "kdc/kdc.h" #include "system/network.h" #include "lib/util/dlinklist.h" #include "lib/messaging/irpc.h" #include "lib/stream/packet.h" #include "librpc/gen_ndr/samr.h" #include "lib/socket/netif.h" -#include "heimdal/kdc/windc_plugin.h" -#include "heimdal/lib/krb5/krb5_locl.h" -#include "heimdal/kdc/kdc_locl.h" #include "param/param.h" +#include "kdc/kdc.h" /* Disgusting hack to get a mem_ctx and lp_ctx into the hdb plugin, when diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h index 9be15115d1..0943de4b00 100644 --- a/source4/kdc/kdc.h +++ b/source4/kdc/kdc.h @@ -24,6 +24,7 @@ #include "auth/kerberos/kerberos.h" #include "heimdal/kdc/kdc.h" #include "heimdal/lib/hdb/hdb.h" +#include "heimdal/kdc/windc_plugin.h" #include "kdc/pac_glue.h" struct kdc_server; diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c index 1d49a8a4bd..b42769c6dc 100644 --- a/source4/kdc/kpasswdd.c +++ b/source4/kdc/kpasswdd.c @@ -24,7 +24,6 @@ #include "smbd/service_task.h" #include "lib/events/events.h" #include "lib/socket/socket.h" -#include "kdc/kdc.h" #include "system/network.h" #include "lib/util/dlinklist.h" #include "lib/ldb/include/ldb.h" @@ -39,6 +38,7 @@ #include "rpc_server/samr/proto.h" #include "libcli/security/security.h" #include "param/param.h" +#include "kdc/kdc.h" /* hold information about one kdc socket */ struct kpasswd_socket { diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 1c68d4c37d..cab1446ff3 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -21,7 +21,6 @@ */ #include "includes.h" -#include "kdc/kdc.h" #include "dsdb/common/flags.h" #include "lib/ldb/include/ldb.h" #include "librpc/gen_ndr/ndr_krb5pac.h" @@ -30,6 +29,7 @@ #include "auth/auth_sam.h" #include "auth/auth_sam_reply.h" #include "param/param.h" +#include "kdc/kdc.h" struct krb5_dh_moduli; struct _krb5_krb_auth_data; diff --git a/source4/lib/crypto/config.mk b/source4/lib/crypto/config.mk index fb1c1bf6ce..c35280abda 100644 --- a/source4/lib/crypto/config.mk +++ b/source4/lib/crypto/config.mk @@ -6,14 +6,13 @@ LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \ crc32.o md5.o hmacmd5.o md4.o \ - arcfour.o sha1.o hmacsha1.o hmacsha256.o) - + arcfour.o hmacsha256.o) [MODULE::TORTURE_LIBCRYPTO] SUBSYSTEM = smbtorture PRIVATE_DEPENDENCIES = LIBCRYPTO TORTURE_LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \ - md4test.o md5test.o hmacmd5test.o sha1test.o hmacsha1test.o) + md4test.o md5test.o hmacmd5test.o) $(eval $(call proto_header_template,$(libcryptosrcdir)/test_proto.h,$(TORTURE_LIBCRYPTO_OBJ_FILES:.o=.c))) diff --git a/source4/lib/crypto/crypto.h b/source4/lib/crypto/crypto.h index 03a233ec98..54a4482325 100644 --- a/source4/lib/crypto/crypto.h +++ b/source4/lib/crypto/crypto.h @@ -21,8 +21,6 @@ #include "lib/crypto/md4.h" #include "lib/crypto/md5.h" #include "lib/crypto/hmacmd5.h" -#include "lib/crypto/sha1.h" -#include "lib/crypto/hmacsha1.h" #include "heimdal/lib/hcrypto/sha.h" #include "lib/crypto/hmacsha256.h" diff --git a/source4/lib/crypto/hmacsha1.c b/source4/lib/crypto/hmacsha1.c deleted file mode 100644 index 21ce966f60..0000000000 --- a/source4/lib/crypto/hmacsha1.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Interface header: HMAC SHA-1 code - Copyright (C) Stefan Metzmacher - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* - taken direct from rfc2202 implementation and modified for suitable use - */ - -#include "includes.h" -#include "lib/crypto/crypto.h" - -/*********************************************************************** - the rfc 2104/2202 version of hmac_sha1 initialisation. -***********************************************************************/ -_PUBLIC_ void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx) -{ - int i; - uint8_t tk[SHA1HashSize]; - - /* if key is longer than 64 bytes reset it to key=MD5(key) */ - if (key_len > 64) - { - struct SHA1Context tctx; - - SHA1Init(&tctx); - SHA1Update(&tctx, key, key_len); - SHA1Final(tk, &tctx); - - key = tk; - key_len = SHA1HashSize; - } - - /* start out by storing key in pads */ - ZERO_STRUCT(ctx->k_ipad); - ZERO_STRUCT(ctx->k_opad); - memcpy( ctx->k_ipad, key, key_len); - memcpy( ctx->k_opad, key, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) - { - ctx->k_ipad[i] ^= 0x36; - ctx->k_opad[i] ^= 0x5c; - } - - SHA1Init(&ctx->ctx); - SHA1Update(&ctx->ctx, ctx->k_ipad, 64); -} - -/*********************************************************************** - update hmac_sha1 "inner" buffer -***********************************************************************/ -_PUBLIC_ void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx) -{ - SHA1Update(&ctx->ctx, data, data_len); /* then text of datagram */ -} - -/*********************************************************************** - finish off hmac_sha1 "inner" buffer and generate outer one. -***********************************************************************/ -_PUBLIC_ void hmac_sha1_final(uint8_t digest[SHA1HashSize], struct HMACSHA1Context *ctx) -{ - struct SHA1Context ctx_o; - - SHA1Final(digest, &ctx->ctx); - - SHA1Init(&ctx_o); - SHA1Update(&ctx_o, ctx->k_opad, 64); - SHA1Update(&ctx_o, digest, SHA1HashSize); - SHA1Final(digest, &ctx_o); -} diff --git a/source4/lib/crypto/hmacsha1.h b/source4/lib/crypto/hmacsha1.h deleted file mode 100644 index 0638c66d53..0000000000 --- a/source4/lib/crypto/hmacsha1.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Interface header: HMAC SHA1 code - Copyright (C) Stefan Metzmacher 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _HMAC_SHA1_H - -struct HMACSHA1Context { - struct SHA1Context ctx; - uint8_t k_ipad[65]; - uint8_t k_opad[65]; - -}; - -void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx); -void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx); -void hmac_sha1_final(uint8_t digest[20], struct HMACSHA1Context *ctx); - -#endif /* _HMAC_SHA1_H */ diff --git a/source4/lib/crypto/hmacsha1test.c b/source4/lib/crypto/hmacsha1test.c deleted file mode 100644 index 6e53124d21..0000000000 --- a/source4/lib/crypto/hmacsha1test.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - Unix SMB/CIFS implementation. - HMAC SHA-1 tests - Copyright (C) Stefan Metzmacher - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ -#include "includes.h" -#include "lib/crypto/crypto.h" - -struct torture_context; - -static DATA_BLOB data_blob_repeat_byte(uint8_t byte, size_t length) -{ - DATA_BLOB b = data_blob(NULL, length); - memset(b.data, byte, length); - return b; -} - -/* - This uses the test values from rfc2202 -*/ -bool torture_local_crypto_hmacsha1(struct torture_context *torture) -{ - bool ret = true; - uint32_t i; - struct { - DATA_BLOB key; - DATA_BLOB data; - DATA_BLOB sha1; - } testarray[7]; - - testarray[0].key = data_blob_repeat_byte(0x0b, 20); - testarray[0].data = data_blob_string_const("Hi There"); - testarray[0].sha1 = strhex_to_data_blob("b617318655057264e28bc0b6fb378c8ef146be00"); - - testarray[1].key = data_blob_string_const("Jefe"); - testarray[1].data = data_blob_string_const("what do ya want for nothing?"); - testarray[1].sha1 = strhex_to_data_blob("effcdf6ae5eb2fa2d27416d5f184df9c259a7c79"); - - testarray[2].key = data_blob_repeat_byte(0xaa, 20); - testarray[2].data = data_blob_repeat_byte(0xdd, 50); - testarray[2].sha1 = strhex_to_data_blob("125d7342b9ac11cd91a39af48aa17b4f63f175d3"); - - testarray[3].key = strhex_to_data_blob("0102030405060708090a0b0c0d0e0f10111213141516171819"); - testarray[3].data = data_blob_repeat_byte(0xcd, 50); - testarray[3].sha1 = strhex_to_data_blob("4c9007f4026250c6bc8414f9bf50c86c2d7235da"); - - testarray[4].key = data_blob_repeat_byte(0x0c, 20); - testarray[4].data = data_blob_string_const("Test With Truncation"); - testarray[4].sha1 = strhex_to_data_blob("4c1a03424b55e07fe7f27be1d58bb9324a9a5a04"); - /* sha1-96 = 0x4c1a03424b55e07fe7f27be1 */ - - testarray[5].key = data_blob_repeat_byte(0xaa, 80); - testarray[5].data = data_blob_string_const("Test Using Larger Than Block-Size Key - Hash Key First"); - testarray[5].sha1 = strhex_to_data_blob("aa4ae5e15272d00e95705637ce8a3b55ed402112"); - - testarray[6].key = data_blob_repeat_byte(0xaa, 80); - testarray[6].data = data_blob_string_const("Test Using Larger Than Block-Size Key " - "and Larger Than One Block-Size Data"); - testarray[6].sha1 = strhex_to_data_blob("e8e99d0f45237d786d6bbaa7965c7808bbff1a91"); - - for (i=0; i < ARRAY_SIZE(testarray); i++) { - struct HMACSHA1Context ctx; - uint8_t sha1[SHA1HashSize]; - int e; - - hmac_sha1_init(testarray[i].key.data, testarray[i].key.length, &ctx); - hmac_sha1_update(testarray[i].data.data, testarray[i].data.length, &ctx); - hmac_sha1_final(sha1, &ctx); - - e = memcmp(testarray[i].sha1.data, - sha1, - MIN(testarray[i].sha1.length, sizeof(sha1))); - if (e != 0) { - printf("hmacsha1 test[%u]: failed\n", i); - dump_data(0, testarray[i].key.data, testarray[i].key.length); - dump_data(0, testarray[i].data.data, testarray[i].data.length); - dump_data(0, testarray[i].sha1.data, testarray[i].sha1.length); - dump_data(0, sha1, sizeof(sha1)); - ret = false; - } - } - - return ret; -} diff --git a/source4/lib/crypto/sha1.c b/source4/lib/crypto/sha1.c deleted file mode 100644 index 1b91f8a949..0000000000 --- a/source4/lib/crypto/sha1.c +++ /dev/null @@ -1,390 +0,0 @@ -/* - This file contains the reference implementation of SHA-1 - from http://www.ietf.org/rfc/rfc3174.txt -*/ -/* - * sha1.c - * - * Description: - * This file implements the Secure Hashing Algorithm 1 as - * defined in FIPS PUB 180-1 published April 17, 1995. - * - * The SHA-1, produces a 160-bit message digest for a given - * data stream. It should take about 2**n steps to find a - * message with the same digest as a given message and - * 2**(n/2) to find any two messages with the same digest, - * when n is the digest size in bits. Therefore, this - * algorithm can serve as a means of providing a - * "fingerprint" for a message. - * - * Portability Issues: - * SHA-1 is defined in terms of 32-bit "words". This code - * uses <stdint.h> (included via "sha1.h" to define 32 and 8 - * bit unsigned integer types. If your C compiler does not - * support 32 bit unsigned integers, this code is not - * appropriate. - * - * Caveats: - * SHA-1 is designed to work with messages less than 2^64 bits - * long. Although SHA-1 allows a message digest to be generated - * for messages of any number of bits less than 2^64, this - * implementation only works with messages with a length that is - * a multiple of the size of an 8-bit character. - * - */ - -#include "includes.h" - -#include "sha1.h" - -/* - * Define the SHA1 circular left shift macro - */ -#define SHA1CircularShift(bits,word) \ - (((word) << (bits)) | ((word) >> (32-(bits)))) - -/* Local Function Prototyptes */ -static void SHA1PadMessage(struct SHA1Context *); -static void SHA1ProcessMessageBlock(struct SHA1Context *); - -/* - * SHA1Init (SHA1Reset in the rfc) - * - * Description: - * This function will initialize the SHA1Context in preparation - * for computing a new SHA1 message digest. - * - * Parameters: - * context: [in/out] - * The context to reset. - * - * Returns: - * sha Error Code. - * - */ -int SHA1Init(struct SHA1Context *context) -{ - if (!context) - { - return shaNull; - } - - context->Length_Low = 0; - context->Length_High = 0; - context->Message_Block_Index = 0; - - context->Intermediate_Hash[0] = 0x67452301; - context->Intermediate_Hash[1] = 0xEFCDAB89; - context->Intermediate_Hash[2] = 0x98BADCFE; - context->Intermediate_Hash[3] = 0x10325476; - context->Intermediate_Hash[4] = 0xC3D2E1F0; - - context->Computed = 0; - context->Corrupted = 0; - - return shaSuccess; -} - -/* - * SHA1Final (SHA1Result in the rfc) - * - * Description: - * This function will return the 160-bit message digest into the - * Message_Digest array provided by the caller. - * NOTE: The first octet of hash is stored in the 0th element, - * the last octet of hash in the 19th element. - * - * Parameters: - * context: [in/out] - * The context to use to calculate the SHA-1 hash. - * Message_Digest: [out] - * Where the digest is returned. - * - * Returns: - * sha Error Code. - * - */ -int SHA1Final(uint8_t Message_Digest[SHA1HashSize], - struct SHA1Context *context) -{ - int i; - - if (!context || !Message_Digest) - { - return shaNull; - } - - if (context->Corrupted) - { - return context->Corrupted; - } - - if (!context->Computed) - { - SHA1PadMessage(context); - for(i=0; i<64; ++i) - { - /* message may be sensitive, clear it out */ - context->Message_Block[i] = 0; - } - context->Length_Low = 0; /* and clear length */ - context->Length_High = 0; - context->Computed = 1; - } - - for(i = 0; i < SHA1HashSize; ++i) - { - Message_Digest[i] = context->Intermediate_Hash[i>>2] - >> 8 * ( 3 - ( i & 0x03 ) ); - } - - return shaSuccess; -} - -/* - * SHA1Update (SHA1Input in the rfc) - * - * Description: - * This function accepts an array of octets as the next portion - * of the message. - * - * Parameters: - * context: [in/out] - * The SHA context to update - * message_array: [in] - * An array of characters representing the next portion of - * the message. - * length: [in] - * The length of the message in message_array - * - * Returns: - * sha Error Code. - * - */ -int SHA1Update(struct SHA1Context *context, - const uint8_t *message_array, - size_t length) -{ - if (!length) - { - return shaSuccess; - } - - if (!context || !message_array) - { - return shaNull; - } - - if (context->Computed) - { - context->Corrupted = shaStateError; - return shaStateError; - } - - if (context->Corrupted) - { - return context->Corrupted; - } - while(length-- && !context->Corrupted) - { - context->Message_Block[context->Message_Block_Index++] = - (*message_array & 0xFF); - - context->Length_Low += 8; - if (context->Length_Low == 0) - { - context->Length_High++; - if (context->Length_High == 0) - { - /* Message is too long */ - context->Corrupted = 1; - } - } - - if (context->Message_Block_Index == 64) - { - SHA1ProcessMessageBlock(context); - } - - message_array++; - } - - return shaSuccess; -} - -/* - * SHA1ProcessMessageBlock - * - * Description: - * This function will process the next 512 bits of the message - * stored in the Message_Block array. - * - * Parameters: - * None. - * - * Returns: - * Nothing. - * - * Comments: - * Many of the variable names in this code, especially the - * single character names, were used because those were the - * names used in the publication. - * - * - */ -static void SHA1ProcessMessageBlock(struct SHA1Context *context) -{ - const uint32_t K[] = { /* Constants defined in SHA-1 */ - 0x5A827999, - 0x6ED9EBA1, - 0x8F1BBCDC, - 0xCA62C1D6 - }; - int t; /* Loop counter */ - uint32_t temp; /* Temporary word value */ - uint32_t W[80]; /* Word sequence */ - uint32_t A, B, C, D, E; /* Word buffers */ - - /* - * Initialize the first 16 words in the array W - */ - for(t = 0; t < 16; t++) - { - W[t] = context->Message_Block[t * 4] << 24; - W[t] |= context->Message_Block[t * 4 + 1] << 16; - W[t] |= context->Message_Block[t * 4 + 2] << 8; - W[t] |= context->Message_Block[t * 4 + 3]; - } - - for(t = 16; t < 80; t++) - { - W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]); - } - - A = context->Intermediate_Hash[0]; - B = context->Intermediate_Hash[1]; - C = context->Intermediate_Hash[2]; - D = context->Intermediate_Hash[3]; - E = context->Intermediate_Hash[4]; - - for(t = 0; t < 20; t++) - { - temp = SHA1CircularShift(5,A) + - ((B & C) | ((~B) & D)) + E + W[t] + K[0]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - for(t = 20; t < 40; t++) - { - temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - for(t = 40; t < 60; t++) - { - temp = SHA1CircularShift(5,A) + - ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - for(t = 60; t < 80; t++) - { - temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3]; - E = D; - D = C; - C = SHA1CircularShift(30,B); - B = A; - A = temp; - } - - context->Intermediate_Hash[0] += A; - context->Intermediate_Hash[1] += B; - context->Intermediate_Hash[2] += C; - context->Intermediate_Hash[3] += D; - context->Intermediate_Hash[4] += E; - - context->Message_Block_Index = 0; -} - - -/* - * SHA1PadMessage - * - * Description: - * According to the standard, the message must be padded to an even - * 512 bits. The first padding bit must be a '1'. The last 64 - * bits represent the length of the original message. All bits in - * between should be 0. This function will pad the message - * according to those rules by filling the Message_Block array - * accordingly. It will also call the ProcessMessageBlock function - * provided appropriately. When it returns, it can be assumed that - * the message digest has been computed. - * - * Parameters: - * context: [in/out] - * The context to pad - * ProcessMessageBlock: [in] - * The appropriate SHA*ProcessMessageBlock function - * Returns: - * Nothing. - * - */ - -static void SHA1PadMessage(struct SHA1Context *context) -{ - /* - * Check to see if the current message block is too small to hold - * the initial padding bits and length. If so, we will pad the - * block, process it, and then continue padding into a second - * block. - */ - if (context->Message_Block_Index > 55) - { - context->Message_Block[context->Message_Block_Index++] = 0x80; - while(context->Message_Block_Index < 64) - { - context->Message_Block[context->Message_Block_Index++] = 0; - } - - SHA1ProcessMessageBlock(context); - - while(context->Message_Block_Index < 56) - { - context->Message_Block[context->Message_Block_Index++] = 0; - } - } - else - { - context->Message_Block[context->Message_Block_Index++] = 0x80; - while(context->Message_Block_Index < 56) - { - context->Message_Block[context->Message_Block_Index++] = 0; - } - } - - /* - * Store the message length as the last 8 octets - */ - context->Message_Block[56] = context->Length_High >> 24; - context->Message_Block[57] = context->Length_High >> 16; - context->Message_Block[58] = context->Length_High >> 8; - context->Message_Block[59] = context->Length_High; - context->Message_Block[60] = context->Length_Low >> 24; - context->Message_Block[61] = context->Length_Low >> 16; - context->Message_Block[62] = context->Length_Low >> 8; - context->Message_Block[63] = context->Length_Low; - - SHA1ProcessMessageBlock(context); -} diff --git a/source4/lib/crypto/sha1.h b/source4/lib/crypto/sha1.h deleted file mode 100644 index 4a2d448bfc..0000000000 --- a/source4/lib/crypto/sha1.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - This file contains the reference implementation of SHA-1 - from http://www.ietf.org/rfc/rfc3174.txt -*/ -/* - * sha1.h - * - * Description: - * This is the header file for code which implements the Secure - * Hashing Algorithm 1 as defined in FIPS PUB 180-1 published - * April 17, 1995. - * - * Many of the variable names in this code, especially the - * single character names, were used because those were the names - * used in the publication. - * - * Please read the file sha1.c for more information. - * - */ -#ifndef _SHA1_H_ -#define _SHA1_H_ - -#ifndef _SHA_enum_ -#define _SHA_enum_ -enum -{ - shaSuccess = 0, - shaNull, /* Null pointer parameter */ - shaInputTooLong, /* input data too long */ - shaStateError /* called Input after Result */ -}; -#endif -#define SHA1HashSize 20 - -/* - * This structure will hold context information for the SHA-1 - * hashing operation - */ -struct SHA1Context -{ - uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */ - - uint32_t Length_Low; /* Message length in bits */ - uint32_t Length_High; /* Message length in bits */ - - /* Index into message block array */ - int16_t Message_Block_Index; - uint8_t Message_Block[64]; /* 512-bit message blocks */ - - int Computed; /* Is the digest computed? */ - int Corrupted; /* Is the message digest corrupted? */ -}; - -/* - * Function Prototypes - */ - -int SHA1Init(struct SHA1Context *); -int SHA1Update(struct SHA1Context *, const uint8_t *data, size_t data_len); -int SHA1Final(uint8_t Message_Digest[SHA1HashSize], struct SHA1Context *); - -#endif diff --git a/source4/lib/crypto/sha1test.c b/source4/lib/crypto/sha1test.c deleted file mode 100644 index 7777764277..0000000000 --- a/source4/lib/crypto/sha1test.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - This file contains the reference implementation of SHA-1 - from http://www.ietf.org/rfc/rfc3174.txt -*/ -/* - * sha1test.c - * - * Description: - * This file will exercise the SHA-1 code performing the three - * tests documented in FIPS PUB 180-1 plus one which calls - * SHA1Input with an exact multiple of 512 bits, plus a few - * error test checks. - * - * Portability Issues: - * None. - * - */ - -#include "includes.h" -#include "torture/torture.h" - -#include "lib/crypto/crypto.h" - -struct torture_context; - -/* - * Define patterns for testing - */ -#define TEST1 "abc" -#define TEST2a "abcdbcdecdefdefgefghfghighijhi" -#define TEST2b "jkijkljklmklmnlmnomnopnopq" -#define TEST2 TEST2a TEST2b -#define TEST3 "a" -#define TEST4a "01234567012345670123456701234567" -#define TEST4b "01234567012345670123456701234567" - /* an exact multiple of 512 bits */ -#define TEST4 TEST4a TEST4b -static const char *testarray[4] = -{ - TEST1, - TEST2, - TEST3, - TEST4 -}; -static int repeatcount[4] = { 1, 1, 1000000, 10 }; -static const char *resultarray[4] = -{ - "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D ", - "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1 ", - "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F ", - "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52 " -}; - - -bool torture_local_crypto_sha1(struct torture_context *tctx) -{ - struct SHA1Context sha; - int i, j, err; - uint8_t Message_Digest[20]; - bool ret = true; - char tmp[60 + 10]; - - /* - * Perform SHA-1 tests - */ - for(j = 0; j < 4; ++j) - { - ZERO_STRUCT(tmp); - torture_comment(tctx, "Test %d: %d, '%s'\n", - j+1, - repeatcount[j], - testarray[j]); - - err = SHA1Init(&sha); - torture_assert_int_equal(tctx, err, 0, "SHA1Init Error"); - - for(i = 0; i < repeatcount[j]; ++i) - { - err = SHA1Update(&sha, - (const unsigned char *) testarray[j], - strlen(testarray[j])); - torture_assert_int_equal(tctx, err, 0, "SHA1Update Error"); - } - - err = SHA1Final(Message_Digest, &sha); - torture_assert_int_equal(tctx, err, 0, - "SHA1Result Error, could not compute message digest."); - torture_comment(tctx, "\t"); - for(i = 0; i < 20 ; ++i) - { - snprintf(tmp+(i*3), sizeof(tmp) - (i*3),"%02X ", Message_Digest[i]); - torture_comment(tctx, "%02X ", Message_Digest[i]); - } - torture_comment(tctx, "\n"); - torture_comment(tctx, "Should match:\n\t%s\n", resultarray[j]); - if (strcmp(resultarray[j], tmp) != 0) { - ret = false; - } - } - - /* Test some error returns */ - err = SHA1Update(&sha,(const unsigned char *) testarray[1], 1); - torture_assert_int_equal(tctx, err, shaStateError, "SHA1Update failed"); - err = SHA1Init(0); - torture_assert_int_equal(tctx, err, shaNull, "SHA1Init failed"); - - return true; -} - - diff --git a/source4/torture/local/local.c b/source4/torture/local/local.c index 1c3274adcd..bf53df4a11 100644 --- a/source4/torture/local/local.c +++ b/source4/torture/local/local.c @@ -68,16 +68,13 @@ NTSTATUS torture_local_init(void) torture_suite_add_simple_test(suite, "TALLOC", torture_local_talloc); torture_suite_add_simple_test(suite, "REPLACE", torture_local_replace); - torture_suite_add_simple_test(suite, "CRYPTO-SHA1", - torture_local_crypto_sha1); torture_suite_add_simple_test(suite, "CRYPTO-MD4", torture_local_crypto_md4); torture_suite_add_simple_test(suite, "CRYPTO-MD5", torture_local_crypto_md5); torture_suite_add_simple_test(suite, "CRYPTO-HMACMD5", torture_local_crypto_hmacmd5); - torture_suite_add_simple_test(suite, "CRYPTO-HMACSHA1", - torture_local_crypto_hmacsha1); + for (i = 0; suite_generators[i]; i++) torture_suite_add_suite(suite, suite_generators[i](talloc_autofree_context())); |