summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2008-06-04 09:25:16 -0700
committerAndrew Tridgell <tridge@samba.org>2008-06-04 09:25:16 -0700
commitbc8c2a50e8a2467721e1739b28a6f4ce96162f4f (patch)
treecb6cff5e427212b15ace82903f6590c1f5544c93
parent70219bee139445ab6116def04e25c245871f8391 (diff)
parent71ce9975fa06948d95b2bf9184dbef113813337a (diff)
downloadsamba-bc8c2a50e8a2467721e1739b28a6f4ce96162f4f.tar.gz
samba-bc8c2a50e8a2467721e1739b28a6f4ce96162f4f.tar.bz2
samba-bc8c2a50e8a2467721e1739b28a6f4ce96162f4f.zip
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
(This used to be commit d206517f90ac02e829193c5a17e5df25059cf18d)
-rw-r--r--source4/kdc/hdb-ldb.c4
-rw-r--r--source4/kdc/kdc.c5
-rw-r--r--source4/kdc/kdc.h1
-rw-r--r--source4/kdc/kpasswdd.c2
-rw-r--r--source4/kdc/pac-glue.c2
-rw-r--r--source4/lib/crypto/config.mk5
-rw-r--r--source4/lib/crypto/crypto.h2
-rw-r--r--source4/lib/crypto/hmacsha1.c86
-rw-r--r--source4/lib/crypto/hmacsha1.h33
-rw-r--r--source4/lib/crypto/hmacsha1test.c97
-rw-r--r--source4/lib/crypto/sha1.c390
-rw-r--r--source4/lib/crypto/sha1.h62
-rw-r--r--source4/lib/crypto/sha1test.c110
-rw-r--r--source4/torture/local/local.c5
14 files changed, 8 insertions, 796 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c
index 9c7b1f6457..70e578ee0d 100644
--- a/source4/kdc/hdb-ldb.c
+++ b/source4/kdc/hdb-ldb.c
@@ -34,10 +34,7 @@
#include "includes.h"
#include "system/time.h"
-#include "kdc.h"
#include "dsdb/common/flags.h"
-#include "hdb.h"
-#include "krb5_locl.h"
#include "lib/ldb/include/ldb.h"
#include "lib/ldb/include/ldb_errors.h"
#include "librpc/gen_ndr/netlogon.h"
@@ -51,6 +48,7 @@
#include "libcli/auth/libcli_auth.h"
#include "param/param.h"
#include "events/events.h"
+#include "kdc/kdc.h"
enum hdb_ldb_ent_type
{ HDB_LDB_ENT_TYPE_CLIENT, HDB_LDB_ENT_TYPE_SERVER,
diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c
index 84d9d45f57..dfd62c55a4 100644
--- a/source4/kdc/kdc.c
+++ b/source4/kdc/kdc.c
@@ -28,17 +28,14 @@
#include "smbd/process_model.h"
#include "lib/events/events.h"
#include "lib/socket/socket.h"
-#include "kdc/kdc.h"
#include "system/network.h"
#include "lib/util/dlinklist.h"
#include "lib/messaging/irpc.h"
#include "lib/stream/packet.h"
#include "librpc/gen_ndr/samr.h"
#include "lib/socket/netif.h"
-#include "heimdal/kdc/windc_plugin.h"
-#include "heimdal/lib/krb5/krb5_locl.h"
-#include "heimdal/kdc/kdc_locl.h"
#include "param/param.h"
+#include "kdc/kdc.h"
/* Disgusting hack to get a mem_ctx and lp_ctx into the hdb plugin, when
diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h
index 9be15115d1..0943de4b00 100644
--- a/source4/kdc/kdc.h
+++ b/source4/kdc/kdc.h
@@ -24,6 +24,7 @@
#include "auth/kerberos/kerberos.h"
#include "heimdal/kdc/kdc.h"
#include "heimdal/lib/hdb/hdb.h"
+#include "heimdal/kdc/windc_plugin.h"
#include "kdc/pac_glue.h"
struct kdc_server;
diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c
index 1d49a8a4bd..b42769c6dc 100644
--- a/source4/kdc/kpasswdd.c
+++ b/source4/kdc/kpasswdd.c
@@ -24,7 +24,6 @@
#include "smbd/service_task.h"
#include "lib/events/events.h"
#include "lib/socket/socket.h"
-#include "kdc/kdc.h"
#include "system/network.h"
#include "lib/util/dlinklist.h"
#include "lib/ldb/include/ldb.h"
@@ -39,6 +38,7 @@
#include "rpc_server/samr/proto.h"
#include "libcli/security/security.h"
#include "param/param.h"
+#include "kdc/kdc.h"
/* hold information about one kdc socket */
struct kpasswd_socket {
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 1c68d4c37d..cab1446ff3 100644
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -21,7 +21,6 @@
*/
#include "includes.h"
-#include "kdc/kdc.h"
#include "dsdb/common/flags.h"
#include "lib/ldb/include/ldb.h"
#include "librpc/gen_ndr/ndr_krb5pac.h"
@@ -30,6 +29,7 @@
#include "auth/auth_sam.h"
#include "auth/auth_sam_reply.h"
#include "param/param.h"
+#include "kdc/kdc.h"
struct krb5_dh_moduli;
struct _krb5_krb_auth_data;
diff --git a/source4/lib/crypto/config.mk b/source4/lib/crypto/config.mk
index fb1c1bf6ce..c35280abda 100644
--- a/source4/lib/crypto/config.mk
+++ b/source4/lib/crypto/config.mk
@@ -6,14 +6,13 @@
LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
crc32.o md5.o hmacmd5.o md4.o \
- arcfour.o sha1.o hmacsha1.o hmacsha256.o)
-
+ arcfour.o hmacsha256.o)
[MODULE::TORTURE_LIBCRYPTO]
SUBSYSTEM = smbtorture
PRIVATE_DEPENDENCIES = LIBCRYPTO
TORTURE_LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
- md4test.o md5test.o hmacmd5test.o sha1test.o hmacsha1test.o)
+ md4test.o md5test.o hmacmd5test.o)
$(eval $(call proto_header_template,$(libcryptosrcdir)/test_proto.h,$(TORTURE_LIBCRYPTO_OBJ_FILES:.o=.c)))
diff --git a/source4/lib/crypto/crypto.h b/source4/lib/crypto/crypto.h
index 03a233ec98..54a4482325 100644
--- a/source4/lib/crypto/crypto.h
+++ b/source4/lib/crypto/crypto.h
@@ -21,8 +21,6 @@
#include "lib/crypto/md4.h"
#include "lib/crypto/md5.h"
#include "lib/crypto/hmacmd5.h"
-#include "lib/crypto/sha1.h"
-#include "lib/crypto/hmacsha1.h"
#include "heimdal/lib/hcrypto/sha.h"
#include "lib/crypto/hmacsha256.h"
diff --git a/source4/lib/crypto/hmacsha1.c b/source4/lib/crypto/hmacsha1.c
deleted file mode 100644
index 21ce966f60..0000000000
--- a/source4/lib/crypto/hmacsha1.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Interface header: HMAC SHA-1 code
- Copyright (C) Stefan Metzmacher
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/*
- taken direct from rfc2202 implementation and modified for suitable use
- */
-
-#include "includes.h"
-#include "lib/crypto/crypto.h"
-
-/***********************************************************************
- the rfc 2104/2202 version of hmac_sha1 initialisation.
-***********************************************************************/
-_PUBLIC_ void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx)
-{
- int i;
- uint8_t tk[SHA1HashSize];
-
- /* if key is longer than 64 bytes reset it to key=MD5(key) */
- if (key_len > 64)
- {
- struct SHA1Context tctx;
-
- SHA1Init(&tctx);
- SHA1Update(&tctx, key, key_len);
- SHA1Final(tk, &tctx);
-
- key = tk;
- key_len = SHA1HashSize;
- }
-
- /* start out by storing key in pads */
- ZERO_STRUCT(ctx->k_ipad);
- ZERO_STRUCT(ctx->k_opad);
- memcpy( ctx->k_ipad, key, key_len);
- memcpy( ctx->k_opad, key, key_len);
-
- /* XOR key with ipad and opad values */
- for (i=0; i<64; i++)
- {
- ctx->k_ipad[i] ^= 0x36;
- ctx->k_opad[i] ^= 0x5c;
- }
-
- SHA1Init(&ctx->ctx);
- SHA1Update(&ctx->ctx, ctx->k_ipad, 64);
-}
-
-/***********************************************************************
- update hmac_sha1 "inner" buffer
-***********************************************************************/
-_PUBLIC_ void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx)
-{
- SHA1Update(&ctx->ctx, data, data_len); /* then text of datagram */
-}
-
-/***********************************************************************
- finish off hmac_sha1 "inner" buffer and generate outer one.
-***********************************************************************/
-_PUBLIC_ void hmac_sha1_final(uint8_t digest[SHA1HashSize], struct HMACSHA1Context *ctx)
-{
- struct SHA1Context ctx_o;
-
- SHA1Final(digest, &ctx->ctx);
-
- SHA1Init(&ctx_o);
- SHA1Update(&ctx_o, ctx->k_opad, 64);
- SHA1Update(&ctx_o, digest, SHA1HashSize);
- SHA1Final(digest, &ctx_o);
-}
diff --git a/source4/lib/crypto/hmacsha1.h b/source4/lib/crypto/hmacsha1.h
deleted file mode 100644
index 0638c66d53..0000000000
--- a/source4/lib/crypto/hmacsha1.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Interface header: HMAC SHA1 code
- Copyright (C) Stefan Metzmacher 2006
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _HMAC_SHA1_H
-
-struct HMACSHA1Context {
- struct SHA1Context ctx;
- uint8_t k_ipad[65];
- uint8_t k_opad[65];
-
-};
-
-void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx);
-void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx);
-void hmac_sha1_final(uint8_t digest[20], struct HMACSHA1Context *ctx);
-
-#endif /* _HMAC_SHA1_H */
diff --git a/source4/lib/crypto/hmacsha1test.c b/source4/lib/crypto/hmacsha1test.c
deleted file mode 100644
index 6e53124d21..0000000000
--- a/source4/lib/crypto/hmacsha1test.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- HMAC SHA-1 tests
- Copyright (C) Stefan Metzmacher
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-#include "includes.h"
-#include "lib/crypto/crypto.h"
-
-struct torture_context;
-
-static DATA_BLOB data_blob_repeat_byte(uint8_t byte, size_t length)
-{
- DATA_BLOB b = data_blob(NULL, length);
- memset(b.data, byte, length);
- return b;
-}
-
-/*
- This uses the test values from rfc2202
-*/
-bool torture_local_crypto_hmacsha1(struct torture_context *torture)
-{
- bool ret = true;
- uint32_t i;
- struct {
- DATA_BLOB key;
- DATA_BLOB data;
- DATA_BLOB sha1;
- } testarray[7];
-
- testarray[0].key = data_blob_repeat_byte(0x0b, 20);
- testarray[0].data = data_blob_string_const("Hi There");
- testarray[0].sha1 = strhex_to_data_blob("b617318655057264e28bc0b6fb378c8ef146be00");
-
- testarray[1].key = data_blob_string_const("Jefe");
- testarray[1].data = data_blob_string_const("what do ya want for nothing?");
- testarray[1].sha1 = strhex_to_data_blob("effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
-
- testarray[2].key = data_blob_repeat_byte(0xaa, 20);
- testarray[2].data = data_blob_repeat_byte(0xdd, 50);
- testarray[2].sha1 = strhex_to_data_blob("125d7342b9ac11cd91a39af48aa17b4f63f175d3");
-
- testarray[3].key = strhex_to_data_blob("0102030405060708090a0b0c0d0e0f10111213141516171819");
- testarray[3].data = data_blob_repeat_byte(0xcd, 50);
- testarray[3].sha1 = strhex_to_data_blob("4c9007f4026250c6bc8414f9bf50c86c2d7235da");
-
- testarray[4].key = data_blob_repeat_byte(0x0c, 20);
- testarray[4].data = data_blob_string_const("Test With Truncation");
- testarray[4].sha1 = strhex_to_data_blob("4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
- /* sha1-96 = 0x4c1a03424b55e07fe7f27be1 */
-
- testarray[5].key = data_blob_repeat_byte(0xaa, 80);
- testarray[5].data = data_blob_string_const("Test Using Larger Than Block-Size Key - Hash Key First");
- testarray[5].sha1 = strhex_to_data_blob("aa4ae5e15272d00e95705637ce8a3b55ed402112");
-
- testarray[6].key = data_blob_repeat_byte(0xaa, 80);
- testarray[6].data = data_blob_string_const("Test Using Larger Than Block-Size Key "
- "and Larger Than One Block-Size Data");
- testarray[6].sha1 = strhex_to_data_blob("e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
-
- for (i=0; i < ARRAY_SIZE(testarray); i++) {
- struct HMACSHA1Context ctx;
- uint8_t sha1[SHA1HashSize];
- int e;
-
- hmac_sha1_init(testarray[i].key.data, testarray[i].key.length, &ctx);
- hmac_sha1_update(testarray[i].data.data, testarray[i].data.length, &ctx);
- hmac_sha1_final(sha1, &ctx);
-
- e = memcmp(testarray[i].sha1.data,
- sha1,
- MIN(testarray[i].sha1.length, sizeof(sha1)));
- if (e != 0) {
- printf("hmacsha1 test[%u]: failed\n", i);
- dump_data(0, testarray[i].key.data, testarray[i].key.length);
- dump_data(0, testarray[i].data.data, testarray[i].data.length);
- dump_data(0, testarray[i].sha1.data, testarray[i].sha1.length);
- dump_data(0, sha1, sizeof(sha1));
- ret = false;
- }
- }
-
- return ret;
-}
diff --git a/source4/lib/crypto/sha1.c b/source4/lib/crypto/sha1.c
deleted file mode 100644
index 1b91f8a949..0000000000
--- a/source4/lib/crypto/sha1.c
+++ /dev/null
@@ -1,390 +0,0 @@
-/*
- This file contains the reference implementation of SHA-1
- from http://www.ietf.org/rfc/rfc3174.txt
-*/
-/*
- * sha1.c
- *
- * Description:
- * This file implements the Secure Hashing Algorithm 1 as
- * defined in FIPS PUB 180-1 published April 17, 1995.
- *
- * The SHA-1, produces a 160-bit message digest for a given
- * data stream. It should take about 2**n steps to find a
- * message with the same digest as a given message and
- * 2**(n/2) to find any two messages with the same digest,
- * when n is the digest size in bits. Therefore, this
- * algorithm can serve as a means of providing a
- * "fingerprint" for a message.
- *
- * Portability Issues:
- * SHA-1 is defined in terms of 32-bit "words". This code
- * uses <stdint.h> (included via "sha1.h" to define 32 and 8
- * bit unsigned integer types. If your C compiler does not
- * support 32 bit unsigned integers, this code is not
- * appropriate.
- *
- * Caveats:
- * SHA-1 is designed to work with messages less than 2^64 bits
- * long. Although SHA-1 allows a message digest to be generated
- * for messages of any number of bits less than 2^64, this
- * implementation only works with messages with a length that is
- * a multiple of the size of an 8-bit character.
- *
- */
-
-#include "includes.h"
-
-#include "sha1.h"
-
-/*
- * Define the SHA1 circular left shift macro
- */
-#define SHA1CircularShift(bits,word) \
- (((word) << (bits)) | ((word) >> (32-(bits))))
-
-/* Local Function Prototyptes */
-static void SHA1PadMessage(struct SHA1Context *);
-static void SHA1ProcessMessageBlock(struct SHA1Context *);
-
-/*
- * SHA1Init (SHA1Reset in the rfc)
- *
- * Description:
- * This function will initialize the SHA1Context in preparation
- * for computing a new SHA1 message digest.
- *
- * Parameters:
- * context: [in/out]
- * The context to reset.
- *
- * Returns:
- * sha Error Code.
- *
- */
-int SHA1Init(struct SHA1Context *context)
-{
- if (!context)
- {
- return shaNull;
- }
-
- context->Length_Low = 0;
- context->Length_High = 0;
- context->Message_Block_Index = 0;
-
- context->Intermediate_Hash[0] = 0x67452301;
- context->Intermediate_Hash[1] = 0xEFCDAB89;
- context->Intermediate_Hash[2] = 0x98BADCFE;
- context->Intermediate_Hash[3] = 0x10325476;
- context->Intermediate_Hash[4] = 0xC3D2E1F0;
-
- context->Computed = 0;
- context->Corrupted = 0;
-
- return shaSuccess;
-}
-
-/*
- * SHA1Final (SHA1Result in the rfc)
- *
- * Description:
- * This function will return the 160-bit message digest into the
- * Message_Digest array provided by the caller.
- * NOTE: The first octet of hash is stored in the 0th element,
- * the last octet of hash in the 19th element.
- *
- * Parameters:
- * context: [in/out]
- * The context to use to calculate the SHA-1 hash.
- * Message_Digest: [out]
- * Where the digest is returned.
- *
- * Returns:
- * sha Error Code.
- *
- */
-int SHA1Final(uint8_t Message_Digest[SHA1HashSize],
- struct SHA1Context *context)
-{
- int i;
-
- if (!context || !Message_Digest)
- {
- return shaNull;
- }
-
- if (context->Corrupted)
- {
- return context->Corrupted;
- }
-
- if (!context->Computed)
- {
- SHA1PadMessage(context);
- for(i=0; i<64; ++i)
- {
- /* message may be sensitive, clear it out */
- context->Message_Block[i] = 0;
- }
- context->Length_Low = 0; /* and clear length */
- context->Length_High = 0;
- context->Computed = 1;
- }
-
- for(i = 0; i < SHA1HashSize; ++i)
- {
- Message_Digest[i] = context->Intermediate_Hash[i>>2]
- >> 8 * ( 3 - ( i & 0x03 ) );
- }
-
- return shaSuccess;
-}
-
-/*
- * SHA1Update (SHA1Input in the rfc)
- *
- * Description:
- * This function accepts an array of octets as the next portion
- * of the message.
- *
- * Parameters:
- * context: [in/out]
- * The SHA context to update
- * message_array: [in]
- * An array of characters representing the next portion of
- * the message.
- * length: [in]
- * The length of the message in message_array
- *
- * Returns:
- * sha Error Code.
- *
- */
-int SHA1Update(struct SHA1Context *context,
- const uint8_t *message_array,
- size_t length)
-{
- if (!length)
- {
- return shaSuccess;
- }
-
- if (!context || !message_array)
- {
- return shaNull;
- }
-
- if (context->Computed)
- {
- context->Corrupted = shaStateError;
- return shaStateError;
- }
-
- if (context->Corrupted)
- {
- return context->Corrupted;
- }
- while(length-- && !context->Corrupted)
- {
- context->Message_Block[context->Message_Block_Index++] =
- (*message_array & 0xFF);
-
- context->Length_Low += 8;
- if (context->Length_Low == 0)
- {
- context->Length_High++;
- if (context->Length_High == 0)
- {
- /* Message is too long */
- context->Corrupted = 1;
- }
- }
-
- if (context->Message_Block_Index == 64)
- {
- SHA1ProcessMessageBlock(context);
- }
-
- message_array++;
- }
-
- return shaSuccess;
-}
-
-/*
- * SHA1ProcessMessageBlock
- *
- * Description:
- * This function will process the next 512 bits of the message
- * stored in the Message_Block array.
- *
- * Parameters:
- * None.
- *
- * Returns:
- * Nothing.
- *
- * Comments:
- * Many of the variable names in this code, especially the
- * single character names, were used because those were the
- * names used in the publication.
- *
- *
- */
-static void SHA1ProcessMessageBlock(struct SHA1Context *context)
-{
- const uint32_t K[] = { /* Constants defined in SHA-1 */
- 0x5A827999,
- 0x6ED9EBA1,
- 0x8F1BBCDC,
- 0xCA62C1D6
- };
- int t; /* Loop counter */
- uint32_t temp; /* Temporary word value */
- uint32_t W[80]; /* Word sequence */
- uint32_t A, B, C, D, E; /* Word buffers */
-
- /*
- * Initialize the first 16 words in the array W
- */
- for(t = 0; t < 16; t++)
- {
- W[t] = context->Message_Block[t * 4] << 24;
- W[t] |= context->Message_Block[t * 4 + 1] << 16;
- W[t] |= context->Message_Block[t * 4 + 2] << 8;
- W[t] |= context->Message_Block[t * 4 + 3];
- }
-
- for(t = 16; t < 80; t++)
- {
- W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
- }
-
- A = context->Intermediate_Hash[0];
- B = context->Intermediate_Hash[1];
- C = context->Intermediate_Hash[2];
- D = context->Intermediate_Hash[3];
- E = context->Intermediate_Hash[4];
-
- for(t = 0; t < 20; t++)
- {
- temp = SHA1CircularShift(5,A) +
- ((B & C) | ((~B) & D)) + E + W[t] + K[0];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- for(t = 20; t < 40; t++)
- {
- temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- for(t = 40; t < 60; t++)
- {
- temp = SHA1CircularShift(5,A) +
- ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- for(t = 60; t < 80; t++)
- {
- temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- context->Intermediate_Hash[0] += A;
- context->Intermediate_Hash[1] += B;
- context->Intermediate_Hash[2] += C;
- context->Intermediate_Hash[3] += D;
- context->Intermediate_Hash[4] += E;
-
- context->Message_Block_Index = 0;
-}
-
-
-/*
- * SHA1PadMessage
- *
- * Description:
- * According to the standard, the message must be padded to an even
- * 512 bits. The first padding bit must be a '1'. The last 64
- * bits represent the length of the original message. All bits in
- * between should be 0. This function will pad the message
- * according to those rules by filling the Message_Block array
- * accordingly. It will also call the ProcessMessageBlock function
- * provided appropriately. When it returns, it can be assumed that
- * the message digest has been computed.
- *
- * Parameters:
- * context: [in/out]
- * The context to pad
- * ProcessMessageBlock: [in]
- * The appropriate SHA*ProcessMessageBlock function
- * Returns:
- * Nothing.
- *
- */
-
-static void SHA1PadMessage(struct SHA1Context *context)
-{
- /*
- * Check to see if the current message block is too small to hold
- * the initial padding bits and length. If so, we will pad the
- * block, process it, and then continue padding into a second
- * block.
- */
- if (context->Message_Block_Index > 55)
- {
- context->Message_Block[context->Message_Block_Index++] = 0x80;
- while(context->Message_Block_Index < 64)
- {
- context->Message_Block[context->Message_Block_Index++] = 0;
- }
-
- SHA1ProcessMessageBlock(context);
-
- while(context->Message_Block_Index < 56)
- {
- context->Message_Block[context->Message_Block_Index++] = 0;
- }
- }
- else
- {
- context->Message_Block[context->Message_Block_Index++] = 0x80;
- while(context->Message_Block_Index < 56)
- {
- context->Message_Block[context->Message_Block_Index++] = 0;
- }
- }
-
- /*
- * Store the message length as the last 8 octets
- */
- context->Message_Block[56] = context->Length_High >> 24;
- context->Message_Block[57] = context->Length_High >> 16;
- context->Message_Block[58] = context->Length_High >> 8;
- context->Message_Block[59] = context->Length_High;
- context->Message_Block[60] = context->Length_Low >> 24;
- context->Message_Block[61] = context->Length_Low >> 16;
- context->Message_Block[62] = context->Length_Low >> 8;
- context->Message_Block[63] = context->Length_Low;
-
- SHA1ProcessMessageBlock(context);
-}
diff --git a/source4/lib/crypto/sha1.h b/source4/lib/crypto/sha1.h
deleted file mode 100644
index 4a2d448bfc..0000000000
--- a/source4/lib/crypto/sha1.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- This file contains the reference implementation of SHA-1
- from http://www.ietf.org/rfc/rfc3174.txt
-*/
-/*
- * sha1.h
- *
- * Description:
- * This is the header file for code which implements the Secure
- * Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
- * April 17, 1995.
- *
- * Many of the variable names in this code, especially the
- * single character names, were used because those were the names
- * used in the publication.
- *
- * Please read the file sha1.c for more information.
- *
- */
-#ifndef _SHA1_H_
-#define _SHA1_H_
-
-#ifndef _SHA_enum_
-#define _SHA_enum_
-enum
-{
- shaSuccess = 0,
- shaNull, /* Null pointer parameter */
- shaInputTooLong, /* input data too long */
- shaStateError /* called Input after Result */
-};
-#endif
-#define SHA1HashSize 20
-
-/*
- * This structure will hold context information for the SHA-1
- * hashing operation
- */
-struct SHA1Context
-{
- uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
-
- uint32_t Length_Low; /* Message length in bits */
- uint32_t Length_High; /* Message length in bits */
-
- /* Index into message block array */
- int16_t Message_Block_Index;
- uint8_t Message_Block[64]; /* 512-bit message blocks */
-
- int Computed; /* Is the digest computed? */
- int Corrupted; /* Is the message digest corrupted? */
-};
-
-/*
- * Function Prototypes
- */
-
-int SHA1Init(struct SHA1Context *);
-int SHA1Update(struct SHA1Context *, const uint8_t *data, size_t data_len);
-int SHA1Final(uint8_t Message_Digest[SHA1HashSize], struct SHA1Context *);
-
-#endif
diff --git a/source4/lib/crypto/sha1test.c b/source4/lib/crypto/sha1test.c
deleted file mode 100644
index 7777764277..0000000000
--- a/source4/lib/crypto/sha1test.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- This file contains the reference implementation of SHA-1
- from http://www.ietf.org/rfc/rfc3174.txt
-*/
-/*
- * sha1test.c
- *
- * Description:
- * This file will exercise the SHA-1 code performing the three
- * tests documented in FIPS PUB 180-1 plus one which calls
- * SHA1Input with an exact multiple of 512 bits, plus a few
- * error test checks.
- *
- * Portability Issues:
- * None.
- *
- */
-
-#include "includes.h"
-#include "torture/torture.h"
-
-#include "lib/crypto/crypto.h"
-
-struct torture_context;
-
-/*
- * Define patterns for testing
- */
-#define TEST1 "abc"
-#define TEST2a "abcdbcdecdefdefgefghfghighijhi"
-#define TEST2b "jkijkljklmklmnlmnomnopnopq"
-#define TEST2 TEST2a TEST2b
-#define TEST3 "a"
-#define TEST4a "01234567012345670123456701234567"
-#define TEST4b "01234567012345670123456701234567"
- /* an exact multiple of 512 bits */
-#define TEST4 TEST4a TEST4b
-static const char *testarray[4] =
-{
- TEST1,
- TEST2,
- TEST3,
- TEST4
-};
-static int repeatcount[4] = { 1, 1, 1000000, 10 };
-static const char *resultarray[4] =
-{
- "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D ",
- "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1 ",
- "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F ",
- "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52 "
-};
-
-
-bool torture_local_crypto_sha1(struct torture_context *tctx)
-{
- struct SHA1Context sha;
- int i, j, err;
- uint8_t Message_Digest[20];
- bool ret = true;
- char tmp[60 + 10];
-
- /*
- * Perform SHA-1 tests
- */
- for(j = 0; j < 4; ++j)
- {
- ZERO_STRUCT(tmp);
- torture_comment(tctx, "Test %d: %d, '%s'\n",
- j+1,
- repeatcount[j],
- testarray[j]);
-
- err = SHA1Init(&sha);
- torture_assert_int_equal(tctx, err, 0, "SHA1Init Error");
-
- for(i = 0; i < repeatcount[j]; ++i)
- {
- err = SHA1Update(&sha,
- (const unsigned char *) testarray[j],
- strlen(testarray[j]));
- torture_assert_int_equal(tctx, err, 0, "SHA1Update Error");
- }
-
- err = SHA1Final(Message_Digest, &sha);
- torture_assert_int_equal(tctx, err, 0,
- "SHA1Result Error, could not compute message digest.");
- torture_comment(tctx, "\t");
- for(i = 0; i < 20 ; ++i)
- {
- snprintf(tmp+(i*3), sizeof(tmp) - (i*3),"%02X ", Message_Digest[i]);
- torture_comment(tctx, "%02X ", Message_Digest[i]);
- }
- torture_comment(tctx, "\n");
- torture_comment(tctx, "Should match:\n\t%s\n", resultarray[j]);
- if (strcmp(resultarray[j], tmp) != 0) {
- ret = false;
- }
- }
-
- /* Test some error returns */
- err = SHA1Update(&sha,(const unsigned char *) testarray[1], 1);
- torture_assert_int_equal(tctx, err, shaStateError, "SHA1Update failed");
- err = SHA1Init(0);
- torture_assert_int_equal(tctx, err, shaNull, "SHA1Init failed");
-
- return true;
-}
-
-
diff --git a/source4/torture/local/local.c b/source4/torture/local/local.c
index 1c3274adcd..bf53df4a11 100644
--- a/source4/torture/local/local.c
+++ b/source4/torture/local/local.c
@@ -68,16 +68,13 @@ NTSTATUS torture_local_init(void)
torture_suite_add_simple_test(suite, "TALLOC", torture_local_talloc);
torture_suite_add_simple_test(suite, "REPLACE", torture_local_replace);
- torture_suite_add_simple_test(suite, "CRYPTO-SHA1",
- torture_local_crypto_sha1);
torture_suite_add_simple_test(suite,
"CRYPTO-MD4", torture_local_crypto_md4);
torture_suite_add_simple_test(suite, "CRYPTO-MD5",
torture_local_crypto_md5);
torture_suite_add_simple_test(suite, "CRYPTO-HMACMD5",
torture_local_crypto_hmacmd5);
- torture_suite_add_simple_test(suite, "CRYPTO-HMACSHA1",
- torture_local_crypto_hmacsha1);
+
for (i = 0; suite_generators[i]; i++)
torture_suite_add_suite(suite,
suite_generators[i](talloc_autofree_context()));