diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2018-04-03 19:36:00 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2018-04-03 19:36:00 +0000 |
| commit | b0e4d68d5124581ae353493d69bea352de4cff8a (patch) | |
| tree | 43300ec43e83eccd367fd76fdfdefba2dcd7d8f4 /src/lib/crypto/krb | |
| parent | 33a9b234e7087f573ef08cd7318c6497ba08b439 (diff) | |
| download | src-vendor/krb5.tar.gz src-vendor/krb5.zip | |
Import MIT KRB5 1.16.vendor/krb5/1.16vendor/krb5
Notes
Notes:
svn path=/vendor-crypto/krb5/dist/; revision=331939
svn path=/vendor-crypto/krb5/1.16/; revision=331941; tag=vendor/krb5/1.16
Diffstat (limited to 'src/lib/crypto/krb')
| -rw-r--r-- | src/lib/crypto/krb/Makefile.in | 2 | ||||
| -rw-r--r-- | src/lib/crypto/krb/crypto_int.h | 1 | ||||
| -rw-r--r-- | src/lib/crypto/krb/enctype_util.c | 16 | ||||
| -rw-r--r-- | src/lib/crypto/krb/etypes.c | 33 | ||||
| -rw-r--r-- | src/lib/crypto/krb/s2k_des.c | 4 | ||||
| -rw-r--r-- | src/lib/crypto/krb/s2k_pbkdf2.c | 4 | ||||
| -rw-r--r-- | src/lib/crypto/krb/s2k_rc4.c | 8 | ||||
| -rw-r--r-- | src/lib/crypto/krb/string_to_key.c | 7 | ||||
| -rw-r--r-- | src/lib/crypto/krb/t_fortuna.c | 2 |
9 files changed, 53 insertions, 24 deletions
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in index c5660c5fe1fa..fc01a2ced4ae 100644 --- a/src/lib/crypto/krb/Makefile.in +++ b/src/lib/crypto/krb/Makefile.in @@ -212,7 +212,7 @@ depend: $(SRCS) check-unix: t_fortuna if [ $(PRNG_ALG) = fortuna ]; then \ - $(RUN_TEST) ./t_fortuna > t_fortuna.output; \ + $(RUN_TEST) ./t_fortuna > t_fortuna.output && \ cmp t_fortuna.output $(srcdir)/t_fortuna.expected; \ fi diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h index d75b49c693f0..e5099291e309 100644 --- a/src/lib/crypto/krb/crypto_int.h +++ b/src/lib/crypto/krb/crypto_int.h @@ -111,6 +111,7 @@ struct krb5_keytypes { prf_func prf; krb5_cksumtype required_ctype; krb5_flags flags; + unsigned int ssf; }; #define ETYPE_WEAK 1 diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c index 0ed74bd6ebde..b1b40e7ecd6e 100644 --- a/src/lib/crypto/krb/enctype_util.c +++ b/src/lib/crypto/krb/enctype_util.c @@ -131,3 +131,19 @@ krb5_enctype_to_name(krb5_enctype enctype, krb5_boolean shortest, return ENOMEM; return 0; } + +/* The security of a mechanism cannot be summarized with a simple integer + * value, but we provide a per-enctype value for Cyrus SASL's SSF. */ +krb5_error_code +k5_enctype_to_ssf(krb5_enctype enctype, unsigned int *ssf_out) +{ + const struct krb5_keytypes *ktp; + + *ssf_out = 0; + + ktp = find_enctype(enctype); + if (ktp == NULL) + return EINVAL; + *ssf_out = ktp->ssf; + return 0; +} diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c index 0e5e977d418a..53d4a5c79b47 100644 --- a/src/lib/crypto/krb/etypes.c +++ b/src/lib/crypto/krb/etypes.c @@ -42,7 +42,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_des_string_to_key, k5_rand2key_des, krb5int_des_prf, CKSUMTYPE_RSA_MD5_DES, - ETYPE_WEAK }, + ETYPE_WEAK, 56 }, { ENCTYPE_DES_CBC_MD4, "des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4", &krb5int_enc_des, &krb5int_hash_md4, @@ -51,7 +51,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_des_string_to_key, k5_rand2key_des, krb5int_des_prf, CKSUMTYPE_RSA_MD4_DES, - ETYPE_WEAK }, + ETYPE_WEAK, 56 }, { ENCTYPE_DES_CBC_MD5, "des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5", &krb5int_enc_des, &krb5int_hash_md5, @@ -60,7 +60,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_des_string_to_key, k5_rand2key_des, krb5int_des_prf, CKSUMTYPE_RSA_MD5_DES, - ETYPE_WEAK }, + ETYPE_WEAK, 56 }, { ENCTYPE_DES_CBC_RAW, "des-cbc-raw", { 0 }, "DES cbc mode raw", &krb5int_enc_des, NULL, @@ -69,7 +69,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_des_string_to_key, k5_rand2key_des, krb5int_des_prf, 0, - ETYPE_WEAK }, + ETYPE_WEAK, 56 }, { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw", &krb5int_enc_des3, NULL, @@ -78,7 +78,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_dk_string_to_key, k5_rand2key_des3, NULL, /*PRF*/ 0, - ETYPE_WEAK }, + ETYPE_WEAK, 112 }, { ENCTYPE_DES3_CBC_SHA1, "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" }, @@ -89,7 +89,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_dk_string_to_key, k5_rand2key_des3, krb5int_dk_prf, CKSUMTYPE_HMAC_SHA1_DES3, - 0 /*flags*/ }, + 0 /*flags*/, 112 }, { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1", { 0 }, "DES with HMAC/sha1", @@ -99,7 +99,10 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_dk_string_to_key, k5_rand2key_des, NULL, /*PRF*/ 0, - ETYPE_WEAK }, + ETYPE_WEAK, 56 }, + + /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we + * consider its strength degraded and assign it an SSF value of 64. */ { ENCTYPE_ARCFOUR_HMAC, "arcfour-hmac", { "rc4-hmac", "arcfour-hmac-md5" }, "ArcFour with HMAC/md5", @@ -110,7 +113,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key, k5_rand2key_direct, krb5int_arcfour_prf, CKSUMTYPE_HMAC_MD5_ARCFOUR, - 0 /*flags*/ }, + 0 /*flags*/, 64 }, { ENCTYPE_ARCFOUR_HMAC_EXP, "arcfour-hmac-exp", { "rc4-hmac-exp", "arcfour-hmac-md5-exp" }, "Exportable ArcFour with HMAC/md5", @@ -121,7 +124,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key, k5_rand2key_direct, krb5int_arcfour_prf, CKSUMTYPE_HMAC_MD5_ARCFOUR, - ETYPE_WEAK + ETYPE_WEAK, 40 }, { ENCTYPE_AES128_CTS_HMAC_SHA1_96, @@ -133,7 +136,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_aes_string_to_key, k5_rand2key_direct, krb5int_dk_prf, CKSUMTYPE_HMAC_SHA1_96_AES128, - 0 /*flags*/ }, + 0 /*flags*/, 128 }, { ENCTYPE_AES256_CTS_HMAC_SHA1_96, "aes256-cts-hmac-sha1-96", { "aes256-cts", "aes256-sha1" }, "AES-256 CTS mode with 96-bit SHA-1 HMAC", @@ -143,7 +146,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_aes_string_to_key, k5_rand2key_direct, krb5int_dk_prf, CKSUMTYPE_HMAC_SHA1_96_AES256, - 0 /*flags*/ }, + 0 /*flags*/, 256 }, { ENCTYPE_CAMELLIA128_CTS_CMAC, "camellia128-cts-cmac", { "camellia128-cts" }, @@ -155,7 +158,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_camellia_string_to_key, k5_rand2key_direct, krb5int_dk_cmac_prf, CKSUMTYPE_CMAC_CAMELLIA128, - 0 /*flags*/ }, + 0 /*flags*/, 128 }, { ENCTYPE_CAMELLIA256_CTS_CMAC, "camellia256-cts-cmac", { "camellia256-cts" }, "Camellia-256 CTS mode with CMAC", @@ -166,7 +169,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_camellia_string_to_key, k5_rand2key_direct, krb5int_dk_cmac_prf, CKSUMTYPE_CMAC_CAMELLIA256, - 0 /*flags */ }, + 0 /*flags */, 256 }, { ENCTYPE_AES128_CTS_HMAC_SHA256_128, "aes128-cts-hmac-sha256-128", { "aes128-sha2" }, @@ -177,7 +180,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_aes2_string_to_key, k5_rand2key_direct, krb5int_aes2_prf, CKSUMTYPE_HMAC_SHA256_128_AES128, - 0 /*flags*/ }, + 0 /*flags*/, 128 }, { ENCTYPE_AES256_CTS_HMAC_SHA384_192, "aes256-cts-hmac-sha384-192", { "aes256-sha2" }, "AES-256 CTS mode with 192-bit SHA-384 HMAC", @@ -187,7 +190,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { krb5int_aes2_string_to_key, k5_rand2key_direct, krb5int_aes2_prf, CKSUMTYPE_HMAC_SHA384_192_AES256, - 0 /*flags*/ }, + 0 /*flags*/, 256 }, }; const int krb5int_enctypes_length = diff --git a/src/lib/crypto/krb/s2k_des.c b/src/lib/crypto/krb/s2k_des.c index 31a613bebc61..d5c29befcb2e 100644 --- a/src/lib/crypto/krb/s2k_des.c +++ b/src/lib/crypto/krb/s2k_des.c @@ -509,7 +509,7 @@ des_s2k(const krb5_data *pw, const krb5_data *salt, unsigned char *key_out) #define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4] #define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR - copylen = pw->length + (salt ? salt->length : 0); + copylen = pw->length + salt->length; /* Don't need NUL termination, at this point we're treating it as a byte array, not a string. */ copy = malloc(copylen); @@ -517,7 +517,7 @@ des_s2k(const krb5_data *pw, const krb5_data *salt, unsigned char *key_out) return ENOMEM; if (pw->length > 0) memcpy(copy, pw->data, pw->length); - if (salt != NULL && salt->length > 0) + if (salt->length > 0) memcpy(copy + pw->length, salt->data, salt->length); memset(&temp, 0, sizeof(temp)); diff --git a/src/lib/crypto/krb/s2k_pbkdf2.c b/src/lib/crypto/krb/s2k_pbkdf2.c index ec5856c2be79..1fea03408c76 100644 --- a/src/lib/crypto/krb/s2k_pbkdf2.c +++ b/src/lib/crypto/krb/s2k_pbkdf2.c @@ -47,7 +47,7 @@ krb5int_dk_string_to_key(const struct krb5_keytypes *ktp, keybytes = ktp->enc->keybytes; keylength = ktp->enc->keylength; - concatlen = string->length + (salt ? salt->length : 0); + concatlen = string->length + salt->length; concat = k5alloc(concatlen, &ret); if (ret != 0) @@ -63,7 +63,7 @@ krb5int_dk_string_to_key(const struct krb5_keytypes *ktp, if (string->length > 0) memcpy(concat, string->data, string->length); - if (salt != NULL && salt->length > 0) + if (salt->length > 0) memcpy(concat + string->length, salt->data, salt->length); krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring); diff --git a/src/lib/crypto/krb/s2k_rc4.c b/src/lib/crypto/krb/s2k_rc4.c index 49ad89d323b0..081a91217c69 100644 --- a/src/lib/crypto/krb/s2k_rc4.c +++ b/src/lib/crypto/krb/s2k_rc4.c @@ -10,6 +10,7 @@ krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, krb5_error_code err = 0; krb5_crypto_iov iov; krb5_data hash_out; + char *utf8; unsigned char *copystr; size_t copystrlen; @@ -20,8 +21,11 @@ krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp, return (KRB5_BAD_MSIZE); /* We ignore salt per the Microsoft spec. */ - err = krb5int_utf8cs_to_ucs2les(string->data, string->length, ©str, - ©strlen); + utf8 = k5memdup0(string->data, string->length, &err); + if (utf8 == NULL) + return err; + err = k5_utf8_to_utf16le(utf8, ©str, ©strlen); + free(utf8); if (err) return err; diff --git a/src/lib/crypto/krb/string_to_key.c b/src/lib/crypto/krb/string_to_key.c index b55ee75d2f34..352a8e8dcce2 100644 --- a/src/lib/crypto/krb/string_to_key.c +++ b/src/lib/crypto/krb/string_to_key.c @@ -43,6 +43,7 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, const krb5_data *params, krb5_keyblock *key) { krb5_error_code ret; + krb5_data empty = empty_data(); const struct krb5_keytypes *ktp; size_t keylength; @@ -51,8 +52,12 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, return KRB5_BAD_ENCTYPE; keylength = ktp->enc->keylength; + /* For compatibility with past behavior, treat a null salt as empty. */ + if (salt == NULL) + salt = ∅ + /* Fail gracefully if someone is using the old AFS string-to-key hack. */ - if (salt != NULL && salt->length == SALT_TYPE_AFS_LENGTH) + if (salt->length == SALT_TYPE_AFS_LENGTH) return EINVAL; key->contents = malloc(keylength); diff --git a/src/lib/crypto/krb/t_fortuna.c b/src/lib/crypto/krb/t_fortuna.c index 4f25bee62cb5..508ffcf915c7 100644 --- a/src/lib/crypto/krb/t_fortuna.c +++ b/src/lib/crypto/krb/t_fortuna.c @@ -85,7 +85,7 @@ head_tail_test(struct fortuna_state *st) { static unsigned char buffer[1024 * 1024]; unsigned char c; - size_t i, len = sizeof(buffer); + int i, len = sizeof(buffer); int bit, bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; double res; |