src - FreeBSD source tree

diff options


context:
space:
mode:

author	Cy Schubert <cy@FreeBSD.org>	2018-04-03 19:36:00 +0000
committer	Cy Schubert <cy@FreeBSD.org>	2018-04-03 19:36:00 +0000
commit	b0e4d68d5124581ae353493d69bea352de4cff8a (patch)
tree	43300ec43e83eccd367fd76fdfdefba2dcd7d8f4 /src/lib/crypto
parent	33a9b234e7087f573ef08cd7318c6497ba08b439 (diff)
download	src-vendor/krb5.tar.gz src-vendor/krb5.zip

Import MIT KRB5 1.16.vendor/krb5/1.16 vendor/krb5

Notes

Notes: svn path=/vendor-crypto/krb5/dist/; revision=331939 svn path=/vendor-crypto/krb5/1.16/; revision=331941; tag=vendor/krb5/1.16

Diffstat (limited to 'src/lib/crypto')

-rw-r--r--

src/lib/crypto/builtin/des/des_int.h

-rw-r--r--

src/lib/crypto/builtin/des/destest.c

-rw-r--r--

src/lib/crypto/builtin/enc_provider/rc4.c

-rw-r--r--

src/lib/crypto/builtin/sha2/sha256.c

-rw-r--r--

src/lib/crypto/builtin/sha2/sha512.c

-rw-r--r--

src/lib/crypto/krb/Makefile.in

-rw-r--r--

src/lib/crypto/krb/crypto_int.h

-rw-r--r--

src/lib/crypto/krb/enctype_util.c

-rw-r--r--

src/lib/crypto/krb/etypes.c

-rw-r--r--

src/lib/crypto/krb/s2k_des.c

-rw-r--r--

src/lib/crypto/krb/s2k_pbkdf2.c

-rw-r--r--

src/lib/crypto/krb/s2k_rc4.c

-rw-r--r--

src/lib/crypto/krb/string_to_key.c

-rw-r--r--

src/lib/crypto/krb/t_fortuna.c

-rw-r--r--

src/lib/crypto/libk5crypto.exports

15 files changed, 62 insertions, 31 deletions

diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h
index 0801cb5828c9..67e40a19ca32 100644
--- a/src/lib/crypto/builtin/des/des_int.h
+++ b/src/lib/crypto/builtin/des/des_int.h

@@ -74,7 +74,7 @@

#endif /* defined(__MACH__) && defined(__APPLE__) */

/* Macro to add deprecated attribute to DES types and functions */

-/* Currently only defined on Mac OS X 10.5 and later. */

+/* Currently only defined on macOS 10.5 and later. */

#ifndef KRB5INT_DES_DEPRECATED

#define KRB5INT_DES_DEPRECATED

#endif

diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c
index 6eeb070d867f..dd2f68ec4032 100644
--- a/src/lib/crypto/builtin/des/destest.c
+++ b/src/lib/crypto/builtin/des/destest.c

@@ -52,6 +52,7 @@

/* Test a DES implementation against known inputs & outputs. */

#include "des_int.h"

+#include <ctype.h>

#include <stdio.h>

void convert (char *, unsigned char []);

@@ -160,7 +161,7 @@ convert(text, cblock)

{

for (i = 0; i < 8; i++) {

- if (text[i*2] < 0 || text[i*2] >= 128)

+ if (!isascii((unsigned char)text[i * 2]))

abort ();

if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {

printf("Bad value byte %d in %s\n", i, text);

diff --git a/src/lib/crypto/builtin/enc_provider/rc4.c b/src/lib/crypto/builtin/enc_provider/rc4.c
index 3776f80715ab..df710489eaf0 100644
--- a/src/lib/crypto/builtin/enc_provider/rc4.c
+++ b/src/lib/crypto/builtin/enc_provider/rc4.c

@@ -113,7 +113,7 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,

return KRB5_BAD_MSIZE;

if (state != NULL) {

- cipher_state = (ArcFourCipherState *)state->data;

+ cipher_state = (ArcFourCipherState *)(void *)state->data;

arcfour_ctx = &cipher_state->ctx;

if (cipher_state->initialized == 0) {

ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents,

diff --git a/src/lib/crypto/builtin/sha2/sha256.c b/src/lib/crypto/builtin/sha2/sha256.c
index e34bed575c5f..2b5cbe480503 100644
--- a/src/lib/crypto/builtin/sha2/sha256.c
+++ b/src/lib/crypto/builtin/sha2/sha256.c

@@ -211,14 +211,14 @@ k5_sha256_update(SHA256_CTX *m, const void *v, size_t len)

#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)

int i;

uint32_t current[16];

- struct x32 *u = (struct x32*)m->save;

+ struct x32 *u = (struct x32*)(void*)m->save;

for(i = 0; i < 8; i++){

current[2*i+0] = swap_uint32_t(u[i].a);

current[2*i+1] = swap_uint32_t(u[i].b);

}

calc(m, current);

#else

- calc(m, (uint32_t*)m->save);

+ calc(m, (uint32_t*)(void*)m->save);

#endif

offset = 0;

}

diff --git a/src/lib/crypto/builtin/sha2/sha512.c b/src/lib/crypto/builtin/sha2/sha512.c
index 8f0ce894033f..6130655576c9 100644
--- a/src/lib/crypto/builtin/sha2/sha512.c
+++ b/src/lib/crypto/builtin/sha2/sha512.c

@@ -217,14 +217,14 @@ k5_sha512_update (SHA512_CTX *m, const void *v, size_t len)

#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)

int i;

uint64_t current[16];

- struct x64 *us = (struct x64*)m->save;

+ struct x64 *us = (struct x64*)(void*)m->save;

for(i = 0; i < 8; i++){

current[2*i+0] = swap_uint64_t(us[i].a);

current[2*i+1] = swap_uint64_t(us[i].b);

}

calc(m, current);

#else

- calc(m, (uint64_t*)m->save);

+ calc(m, (uint64_t*)(void*)m->save);

#endif

offset = 0;

}

diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
index c5660c5fe1fa..fc01a2ced4ae 100644
--- a/src/lib/crypto/krb/Makefile.in
+++ b/src/lib/crypto/krb/Makefile.in

@@ -212,7 +212,7 @@ depend: $(SRCS)

check-unix: t_fortuna

if [ $(PRNG_ALG) = fortuna ]; then \

- $(RUN_TEST) ./t_fortuna > t_fortuna.output; \

+ $(RUN_TEST) ./t_fortuna > t_fortuna.output && \

cmp t_fortuna.output $(srcdir)/t_fortuna.expected; \

diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
index d75b49c693f0..e5099291e309 100644
--- a/src/lib/crypto/krb/crypto_int.h
+++ b/src/lib/crypto/krb/crypto_int.h

@@ -111,6 +111,7 @@ struct krb5_keytypes {

prf_func prf;

krb5_cksumtype required_ctype;

krb5_flags flags;

+ unsigned int ssf;

};

#define ETYPE_WEAK 1

diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
index 0ed74bd6ebde..b1b40e7ecd6e 100644
--- a/src/lib/crypto/krb/enctype_util.c
+++ b/src/lib/crypto/krb/enctype_util.c

@@ -131,3 +131,19 @@ krb5_enctype_to_name(krb5_enctype enctype, krb5_boolean shortest,

return ENOMEM;

return 0;

}

+/* The security of a mechanism cannot be summarized with a simple integer

+ * value, but we provide a per-enctype value for Cyrus SASL's SSF. */

+krb5_error_code

+k5_enctype_to_ssf(krb5_enctype enctype, unsigned int *ssf_out)

+ const struct krb5_keytypes *ktp;

+ *ssf_out = 0;

+ ktp = find_enctype(enctype);

+ if (ktp == NULL)

+ return EINVAL;

+ *ssf_out = ktp->ssf;

+ return 0;

diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
index 0e5e977d418a..53d4a5c79b47 100644
--- a/src/lib/crypto/krb/etypes.c
+++ b/src/lib/crypto/krb/etypes.c

@@ -42,7 +42,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_des_string_to_key, k5_rand2key_des,

krb5int_des_prf,

CKSUMTYPE_RSA_MD5_DES,

- ETYPE_WEAK },

+ ETYPE_WEAK, 56 },

{ ENCTYPE_DES_CBC_MD4,

"des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4",

&krb5int_enc_des, &krb5int_hash_md4,

@@ -51,7 +51,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_des_string_to_key, k5_rand2key_des,

krb5int_des_prf,

CKSUMTYPE_RSA_MD4_DES,

- ETYPE_WEAK },

+ ETYPE_WEAK, 56 },

{ ENCTYPE_DES_CBC_MD5,

"des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5",

&krb5int_enc_des, &krb5int_hash_md5,

@@ -60,7 +60,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_des_string_to_key, k5_rand2key_des,

krb5int_des_prf,

CKSUMTYPE_RSA_MD5_DES,

- ETYPE_WEAK },

+ ETYPE_WEAK, 56 },

{ ENCTYPE_DES_CBC_RAW,

"des-cbc-raw", { 0 }, "DES cbc mode raw",

&krb5int_enc_des, NULL,

@@ -69,7 +69,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_des_string_to_key, k5_rand2key_des,

krb5int_des_prf,

- ETYPE_WEAK },

+ ETYPE_WEAK, 56 },

{ ENCTYPE_DES3_CBC_RAW,

"des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",

&krb5int_enc_des3, NULL,

@@ -78,7 +78,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_dk_string_to_key, k5_rand2key_des3,

NULL, /*PRF*/

- ETYPE_WEAK },

+ ETYPE_WEAK, 112 },

{ ENCTYPE_DES3_CBC_SHA1,

"des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },

@@ -89,7 +89,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_dk_string_to_key, k5_rand2key_des3,

krb5int_dk_prf,

CKSUMTYPE_HMAC_SHA1_DES3,

- 0 /*flags*/ },

+ 0 /*flags*/, 112 },

{ ENCTYPE_DES_HMAC_SHA1,

"des-hmac-sha1", { 0 }, "DES with HMAC/sha1",

@@ -99,7 +99,10 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_dk_string_to_key, k5_rand2key_des,

NULL, /*PRF*/

- ETYPE_WEAK },

+ ETYPE_WEAK, 56 },

+ /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we

+ * consider its strength degraded and assign it an SSF value of 64. */

{ ENCTYPE_ARCFOUR_HMAC,

"arcfour-hmac", { "rc4-hmac", "arcfour-hmac-md5" },

"ArcFour with HMAC/md5",

@@ -110,7 +113,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key,

k5_rand2key_direct, krb5int_arcfour_prf,

CKSUMTYPE_HMAC_MD5_ARCFOUR,

- 0 /*flags*/ },

+ 0 /*flags*/, 64 },

{ ENCTYPE_ARCFOUR_HMAC_EXP,

"arcfour-hmac-exp", { "rc4-hmac-exp", "arcfour-hmac-md5-exp" },

"Exportable ArcFour with HMAC/md5",

@@ -121,7 +124,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key,

k5_rand2key_direct, krb5int_arcfour_prf,

CKSUMTYPE_HMAC_MD5_ARCFOUR,

- ETYPE_WEAK

+ ETYPE_WEAK, 40

{ ENCTYPE_AES128_CTS_HMAC_SHA1_96,

@@ -133,7 +136,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_aes_string_to_key, k5_rand2key_direct,

krb5int_dk_prf,

CKSUMTYPE_HMAC_SHA1_96_AES128,

- 0 /*flags*/ },

+ 0 /*flags*/, 128 },

{ ENCTYPE_AES256_CTS_HMAC_SHA1_96,

"aes256-cts-hmac-sha1-96", { "aes256-cts", "aes256-sha1" },

"AES-256 CTS mode with 96-bit SHA-1 HMAC",

@@ -143,7 +146,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_aes_string_to_key, k5_rand2key_direct,

krb5int_dk_prf,

CKSUMTYPE_HMAC_SHA1_96_AES256,

- 0 /*flags*/ },

+ 0 /*flags*/, 256 },

{ ENCTYPE_CAMELLIA128_CTS_CMAC,

"camellia128-cts-cmac", { "camellia128-cts" },

@@ -155,7 +158,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_camellia_string_to_key, k5_rand2key_direct,

krb5int_dk_cmac_prf,

CKSUMTYPE_CMAC_CAMELLIA128,

- 0 /*flags*/ },

+ 0 /*flags*/, 128 },

{ ENCTYPE_CAMELLIA256_CTS_CMAC,

"camellia256-cts-cmac", { "camellia256-cts" },

"Camellia-256 CTS mode with CMAC",

@@ -166,7 +169,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_camellia_string_to_key, k5_rand2key_direct,

krb5int_dk_cmac_prf,

CKSUMTYPE_CMAC_CAMELLIA256,

- 0 /*flags */ },

+ 0 /*flags */, 256 },

{ ENCTYPE_AES128_CTS_HMAC_SHA256_128,

"aes128-cts-hmac-sha256-128", { "aes128-sha2" },

@@ -177,7 +180,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_aes2_string_to_key, k5_rand2key_direct,

krb5int_aes2_prf,

CKSUMTYPE_HMAC_SHA256_128_AES128,

- 0 /*flags*/ },

+ 0 /*flags*/, 128 },

{ ENCTYPE_AES256_CTS_HMAC_SHA384_192,

"aes256-cts-hmac-sha384-192", { "aes256-sha2" },

"AES-256 CTS mode with 192-bit SHA-384 HMAC",

@@ -187,7 +190,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {

krb5int_aes2_string_to_key, k5_rand2key_direct,

krb5int_aes2_prf,

CKSUMTYPE_HMAC_SHA384_192_AES256,

- 0 /*flags*/ },

+ 0 /*flags*/, 256 },

};

const int krb5int_enctypes_length =

diff --git a/src/lib/crypto/krb/s2k_des.c b/src/lib/crypto/krb/s2k_des.c
index 31a613bebc61..d5c29befcb2e 100644
--- a/src/lib/crypto/krb/s2k_des.c
+++ b/src/lib/crypto/krb/s2k_des.c

@@ -509,7 +509,7 @@ des_s2k(const krb5_data *pw, const krb5_data *salt, unsigned char *key_out)

#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4]

#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR

- copylen = pw->length + (salt ? salt->length : 0);

+ copylen = pw->length + salt->length;

/* Don't need NUL termination, at this point we're treating it as

a byte array, not a string. */

copy = malloc(copylen);

@@ -517,7 +517,7 @@ des_s2k(const krb5_data *pw, const krb5_data *salt, unsigned char *key_out)

return ENOMEM;

if (pw->length > 0)

memcpy(copy, pw->data, pw->length);

- if (salt != NULL && salt->length > 0)

+ if (salt->length > 0)

memcpy(copy + pw->length, salt->data, salt->length);

memset(&temp, 0, sizeof(temp));

diff --git a/src/lib/crypto/krb/s2k_pbkdf2.c b/src/lib/crypto/krb/s2k_pbkdf2.c
index ec5856c2be79..1fea03408c76 100644
--- a/src/lib/crypto/krb/s2k_pbkdf2.c
+++ b/src/lib/crypto/krb/s2k_pbkdf2.c

@@ -47,7 +47,7 @@ krb5int_dk_string_to_key(const struct krb5_keytypes *ktp,

keybytes = ktp->enc->keybytes;

keylength = ktp->enc->keylength;

- concatlen = string->length + (salt ? salt->length : 0);

+ concatlen = string->length + salt->length;

concat = k5alloc(concatlen, &ret);

if (ret != 0)

@@ -63,7 +63,7 @@ krb5int_dk_string_to_key(const struct krb5_keytypes *ktp,

if (string->length > 0)

memcpy(concat, string->data, string->length);

- if (salt != NULL && salt->length > 0)

+ if (salt->length > 0)

memcpy(concat + string->length, salt->data, salt->length);

krb5int_nfold(concatlen*8, concat, keybytes*8, foldstring);

diff --git a/src/lib/crypto/krb/s2k_rc4.c b/src/lib/crypto/krb/s2k_rc4.c
index 49ad89d323b0..081a91217c69 100644
--- a/src/lib/crypto/krb/s2k_rc4.c
+++ b/src/lib/crypto/krb/s2k_rc4.c

@@ -10,6 +10,7 @@ krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,

krb5_error_code err = 0;

krb5_crypto_iov iov;

krb5_data hash_out;

+ char *utf8;

unsigned char *copystr;

size_t copystrlen;

@@ -20,8 +21,11 @@ krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,

return (KRB5_BAD_MSIZE);

/* We ignore salt per the Microsoft spec. */

- err = krb5int_utf8cs_to_ucs2les(string->data, string->length, &copystr,

- &copystrlen);

+ utf8 = k5memdup0(string->data, string->length, &err);

+ if (utf8 == NULL)

+ return err;

+ err = k5_utf8_to_utf16le(utf8, &copystr, &copystrlen);

+ free(utf8);

if (err)

return err;

diff --git a/src/lib/crypto/krb/string_to_key.c b/src/lib/crypto/krb/string_to_key.c
index b55ee75d2f34..352a8e8dcce2 100644
--- a/src/lib/crypto/krb/string_to_key.c
+++ b/src/lib/crypto/krb/string_to_key.c

@@ -43,6 +43,7 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype,

const krb5_data *params, krb5_keyblock *key)

{

krb5_error_code ret;

+ krb5_data empty = empty_data();

const struct krb5_keytypes *ktp;

size_t keylength;

@@ -51,8 +52,12 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype,

return KRB5_BAD_ENCTYPE;

keylength = ktp->enc->keylength;

+ /* For compatibility with past behavior, treat a null salt as empty. */

+ if (salt == NULL)

+ salt = ∅

/* Fail gracefully if someone is using the old AFS string-to-key hack. */

- if (salt != NULL && salt->length == SALT_TYPE_AFS_LENGTH)

+ if (salt->length == SALT_TYPE_AFS_LENGTH)

return EINVAL;

key->contents = malloc(keylength);

diff --git a/src/lib/crypto/krb/t_fortuna.c b/src/lib/crypto/krb/t_fortuna.c
index 4f25bee62cb5..508ffcf915c7 100644
--- a/src/lib/crypto/krb/t_fortuna.c
+++ b/src/lib/crypto/krb/t_fortuna.c

@@ -85,7 +85,7 @@ head_tail_test(struct fortuna_state *st)

{

static unsigned char buffer[1024 * 1024];

unsigned char c;

- size_t i, len = sizeof(buffer);

+ int i, len = sizeof(buffer);

int bit, bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };

double res;

diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index 447e45644453..82eb5f30c031 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports

@@ -108,3 +108,4 @@ krb5int_nfold

k5_allow_weak_pbkdf2iter

krb5_c_prfplus

krb5_c_derive_prfplus

+k5_enctype_to_ssf