crypto: Fixes for recent Heimdal changes
[openafs.git] / src / crypto / rfc3961 / krb5_locl.h
1 /* This is a shim header that's included by crypto.c, and turns it into
2  * something that we can actually build on its own.
3  */
4
5 #ifdef KERNEL
6
7 #include "config.h"
8
9 #else
10
11 #include <roken.h>
12
13 #include <fcntl.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <sys/param.h>
17 #include <inttypes.h>
18 #include <sys/types.h>
19 #include <sys/errno.h>
20 #include <pthread.h>
21
22 #endif
23
24 #include <hcrypto/evp.h>
25 #include <hcrypto/sha.h>
26
27 #include "rfc3961.h"
28
29 #ifndef KERNEL
30 # define HEIMDAL_MUTEX pthread_mutex_t
31 # define HEIMDAL_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
32 # define HEIMDAL_MUTEX_init(m) pthread_mutex_init(m, NULL)
33 # define HEIMDAL_MUTEX_lock(m) pthread_mutex_lock(m)
34 # define HEIMDAL_MUTEX_unlock(m) pthread_mutex_unlock(m)
35 # define HEIMDAL_MUTEX_destroy(m) pthread_mutex_destroy(m)
36 #endif
37
38 #define HEIMDAL_SMALLER 1
39 #define HEIM_CRYPTO_NO_TRIPLE_DES
40 #define HEIM_CRYPTO_NO_ARCFOUR
41 #define HEIM_CRYPTO_NO_PK
42
43 #define ALLOC(X, N) (X) = calloc((N), sizeof(*(X)))
44
45 #ifndef max
46 #define max(a,b) (((a)>(b))?(a):(b))
47 #endif
48
49 #ifndef O_BINARY
50 #define O_BINARY 0
51 #endif
52
53 #ifndef O_CLOEXEC
54 #define O_CLOEXEC 0
55 #endif
56
57 typedef int krb5_boolean;
58 typedef ssize_t krb5_ssize_t;
59
60 #define KRB5_KU_AS_REP_ENC_PART 3
61 #define KRB5_KU_USAGE_SEAL 22
62 #define KRB5_KU_USAGE_SIGN 23
63 #define KRB5_KU_USAGE_SEQ 24
64
65 #define TRUE 1
66 #define FALSE 0
67
68 /* From the ASN.1 */
69
70 typedef struct EncryptedData {
71   int etype;
72   int *kvno;
73   heim_octet_string cipher;
74 } EncryptedData;
75
76 typedef enum krb5_salttype {
77     KRB5_PW_SALT = 3,
78     KRB5_AFS3_SALT = 10
79 } krb5_salttype;
80
81 typedef enum krb5_keytype {
82     KEYTYPE_NULL        = 0,
83     KEYTYPE_DES         = 1,
84     KEYTYPE_DES3        = 7,
85     KEYTYPE_AES128      = 17,
86     KEYTYPE_AES256      = 18,
87     KEYTYPE_ARCFOUR     = 23,
88     KEYTYPE_ARCFOUR_56  = 24
89 } krb5_keytype;
90
91 typedef struct krb5_salt {
92     krb5_salttype salttype;
93     krb5_data saltvalue;
94 } krb5_salt;
95
96 typedef struct krb5_crypto_iov {
97     unsigned int flags;
98     /* ignored */
99 #define KRB5_CRYPTO_TYPE_EMPTY          0
100     /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_HEADER) */
101 #define KRB5_CRYPTO_TYPE_HEADER         1
102     /* IN and OUT */
103 #define KRB5_CRYPTO_TYPE_DATA           2
104     /* IN */
105 #define KRB5_CRYPTO_TYPE_SIGN_ONLY      3
106    /* (only for encryption) OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_TRAILER) */
107 #define KRB5_CRYPTO_TYPE_PADDING        4
108    /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_TRAILER) */
109 #define KRB5_CRYPTO_TYPE_TRAILER        5
110    /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_CHECKSUM) */
111 #define KRB5_CRYPTO_TYPE_CHECKSUM       6
112     krb5_data data;
113 } krb5_crypto_iov;
114
115 #define ETYPE_NULL 0
116
117 #define KRB5_LIB_FUNCTION
118 #define KRB5_LIB_CALL
119
120 /* Error codes */
121 #define KRB5_BAD_MSIZE -1765328194
122 #define KRB5_BAD_KEYSIZE -1765328195
123 #define KRB5_PROG_SUMTYPE_NOSUPP -1765328231
124 #define KRB5_PROG_KEYTYPE_NOSUPP -1765328233
125 #define KRB5_PROG_ETYPE_NOSUPP -1765328234
126 #define HEIM_ERR_SALTTYPE_NOSUPP -1980176638
127 #define KRB5KRB_AP_ERR_BAD_INTEGRITY -1765328353
128
129 #define KRB5_CRYPTO_INTERNAL 1
130
131 /* Currently, we just disable localised error strings. We'll get the error
132  * numbers out, but no meaningful text */
133 #define N_(X, Y) X
134
135 /* These have to be real functions, because IRIX doesn't seem to support
136  * variadic macros */
137 void krb5_set_error_message(krb5_context, krb5_error_code, const char *, ...);
138 krb5_error_code krb5_abortx(krb5_context, const char *, ...);
139
140 #define krb5_clear_error_message(ctx)
141
142 /* Local prototypes. These are functions that we aren't admitting to in the
143  * public API */
144 krb5_error_code _krb5_n_fold(const void *str, size_t len, void *, size_t);
145 krb5_error_code krb5_derive_key(krb5_context context, const krb5_keyblock *key,
146                                 krb5_enctype etype, const void *constant,
147                                 size_t constant_len,
148                                 krb5_keyblock **derived_key);
149 krb5_error_code krb5_enctype_keysize(krb5_context context,
150                                      krb5_enctype type,
151                                      size_t *keysize);
152 krb5_ssize_t _krb5_put_int(void *buffer, unsigned long value, size_t size);
153 void krb5_data_zero(krb5_data *p);
154 krb5_error_code krb5_data_copy(krb5_data *p, const void *data, size_t len);
155 void krb5_free_data(krb5_context context, krb5_data *p);
156 krb5_error_code krb5_copy_keyblock(krb5_context,
157                                    const krb5_keyblock *,
158                                    krb5_keyblock **);
159 void krb5_free_keyblock(krb5_context, krb5_keyblock *);
160 int krb5_data_ct_cmp(const krb5_data *, const krb5_data *);
161 int der_copy_octet_string(const krb5_data *, krb5_data *);
162 int copy_EncryptionKey(const krb5_keyblock *, krb5_keyblock *);
163 int ct_memcmp(const void *p1, const void *p2, size_t len);
164
165 #include "crypto.h"
166
167 struct _krb5_checksum_type * _krb5_find_checksum (krb5_cksumtype);
168 struct _krb5_encryption_type * _krb5_find_enctype (krb5_enctype);
169 void _krb5_free_key_data (krb5_context, struct _krb5_key_data *,
170                           struct _krb5_encryption_type *);
171 void _krb5_evp_cleanup (krb5_context, struct _krb5_key_data *);
172
173 krb5_error_code _krb5_evp_encrypt (krb5_context, struct _krb5_key_data *,
174                                    void *, size_t, krb5_boolean, int,
175                                    void *);
176 krb5_error_code _krb5_evp_encrypt_cts (krb5_context, struct _krb5_key_data *,
177                                        void *,size_t, krb5_boolean,
178                                        int, void *);
179 void _krb5_evp_schedule (krb5_context, struct _krb5_key_type *,
180                          struct _krb5_key_data *);
181 krb5_error_code _krb5_SP_HMAC_SHA1_checksum (krb5_context,
182                                              struct _krb5_key_data *,
183                                              const void *,
184                                              size_t, unsigned, Checksum *);
185
186 /* These are bodges - we don't implement these encryption types, but
187  * crypto.c contains hard coded references to them, and to these funcs.
188  *
189  * They will never actually be called ...
190  */
191 static_inline krb5_error_code
192 _krb5_usage2arcfour(krb5_context context, unsigned *usage) {
193    return -1;
194 }
195
196 static_inline void
197 _krb5_DES3_random_to_key (krb5_context context,
198                           krb5_keyblock *key,
199                           const void *rand,
200                           size_t size) {
201    return;
202 }
203
204 #define _krb5_AES_salt NULL