Implement DES and 3DES PRF. Patch fromKAMADA Ken'ichi
authorSam Hartman <hartmans@mit.edu>
Thu, 30 Apr 2009 20:17:42 +0000 (20:17 +0000)
committerSam Hartman <hartmans@mit.edu>
Thu, 30 Apr 2009 20:17:42 +0000 (20:17 +0000)
Currently the DES and 3DES PRF output 16-byte results.  This is
consistent with RFC 3961, but we need to confirm it is consistent with
Heimdal and WG decisions.  See IETF 74 minutes for some discussion of
the concern as it applies to AES and thus possibly all simplified
profile enctypes.

ticket: 5587
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22298 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/crypto/des/Makefile.in
src/lib/crypto/des/des_int.h
src/lib/crypto/des/des_prf.c [new file with mode: 0644]
src/lib/crypto/etypes.c
src/lib/crypto/t_cf2.comments
src/lib/crypto/t_cf2.expected
src/lib/crypto/t_cf2.in

index d9e8d15f3ec4b3b3c3b4268ddf3f94ffb9cca8b4..ef700a74de55bc94a4f8483dbfb988bff0be34d1 100644 (file)
@@ -18,6 +18,7 @@ STLIBOBJS=\
        d3_cbc.o        \
        d3_aead.o       \
        d3_kysched.o    \
+       des_prf.o \
        f_aead.o        \
        f_cbc.o         \
        f_cksum.o       \
@@ -32,6 +33,7 @@ OBJS= $(OUTPRE)afsstring2key.$(OBJEXT)        \
        $(OUTPRE)d3_cbc.$(OBJEXT)       \
        $(OUTPRE)d3_aead.$(OBJEXT)      \
        $(OUTPRE)d3_kysched.$(OBJEXT)   \
+       $(OUTPRE)des_prf.$(OBJEXT) \
        $(OUTPRE)f_aead.$(OBJEXT)       \
        $(OUTPRE)f_cbc.$(OBJEXT)        \
        $(OUTPRE)f_cksum.$(OBJEXT)      \
@@ -46,6 +48,7 @@ SRCS= $(srcdir)/afsstring2key.c       \
        $(srcdir)/d3_cbc.c      \
        $(srcdir)/d3_aead.c     \
        $(srcdir)/d3_kysched.c  \
+       $(srcdir)/des_prf.c \
        $(srcdir)/f_aead.c      \
        $(srcdir)/f_cbc.c       \
        $(srcdir)/f_cksum.c     \
index db0e6765a041961cf0348421cd49361a269d35f1..4a1d52ae35cc4f5df3bb44a08151e303363a85d5 100644 (file)
@@ -374,5 +374,9 @@ extern krb5_error_code mit_des_set_random_generator_seed
 extern krb5_error_code mit_des_set_random_sequence_number
        (const krb5_data * sequence,
                   krb5_pointer random_state);
-
+krb5_error_code
+krb5int_des_prf (const struct krb5_enc_provider *enc,
+               const struct krb5_hash_provider *hash,
+               const krb5_keyblock *key,
+                const krb5_data *in, krb5_data *out);
 #endif /*DES_INTERNAL_DEFS*/
diff --git a/src/lib/crypto/des/des_prf.c b/src/lib/crypto/des/des_prf.c
new file mode 100644 (file)
index 0000000..9bb1085
--- /dev/null
@@ -0,0 +1,54 @@
+/*
+ * lib/crypto/des/des_prf.c
+ *
+ * Copyright (C) 2004, 2009  by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ * 
+ *
+ * This file contains an implementation of the RFC 3961 PRF for
+ * des-cbc-crc, des-cbc-md4, and des-cbc-md5 enctypes.
+ */
+
+#include "k5-int.h"
+#include "../hash_provider/hash_provider.h"            /* XXX is this ok? */
+
+krb5_error_code
+krb5int_des_prf (const struct krb5_enc_provider *enc,
+               const struct krb5_hash_provider *hash,
+               const krb5_keyblock *key,
+               const krb5_data *in, krb5_data *out)
+{
+  krb5_data tmp;
+  krb5_error_code ret = 0;
+
+  hash = &krb5int_hash_md5;            /* MD5 is always used. */
+  tmp.length = hash->hashsize;
+  tmp.data = malloc(hash->hashsize);
+  if (tmp.data == NULL)
+    return ENOMEM;
+  ret = hash->hash(1, in, &tmp);
+  if (ret == 0)
+      ret = enc->encrypt(key, NULL, &tmp, out);
+  free(tmp.data);
+  return ret;
+}
index debf585fa7051019a5745af76bfbf412762acd6e..c44ee413ea5430fcc080ef96804ae7a54e113331 100644 (file)
@@ -33,6 +33,7 @@
 #include "dk.h"
 #include "arcfour.h"
 #include "aes_s2k.h"
+#include "des/des_int.h"
 
 /* these will be linear searched.  if they ever get big, a binary
    search or hash table would be better, which means these would need
@@ -44,47 +45,47 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
     { ENCTYPE_DES_CBC_CRC,
       "des-cbc-crc", { 0 }, "DES cbc mode with CRC-32",
       &krb5int_enc_des, &krb5int_hash_crc32,
-      8,
+      16,
       krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
       krb5int_des_string_to_key,
-      NULL, /*PRF*/
+      krb5int_des_prf,
       CKSUMTYPE_RSA_MD5,
       NULL, /*AEAD*/
       ETYPE_WEAK },
     { ENCTYPE_DES_CBC_MD4,
       "des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4",
       &krb5int_enc_des, &krb5int_hash_md4,
-      8,
+      16,
       krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
       krb5int_des_string_to_key,
-      NULL, /*PRF*/
+      krb5int_des_prf,
       CKSUMTYPE_RSA_MD4,
       NULL, /*AEAD*/
       ETYPE_WEAK },
     { ENCTYPE_DES_CBC_MD5,
       "des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5",
       &krb5int_enc_des, &krb5int_hash_md5,
-      8,
+      16,
       krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
       krb5int_des_string_to_key,
-      NULL, /*PRF*/
+      krb5int_des_prf,
       CKSUMTYPE_RSA_MD5,
       NULL, /*AEAD*/
       ETYPE_WEAK },
     { ENCTYPE_DES_CBC_RAW,
       "des-cbc-raw", { 0 }, "DES cbc mode raw",
       &krb5int_enc_des, NULL,
-      8,
+      16,
       krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt,
       krb5int_des_string_to_key,
-      NULL, /*PRF*/
+      krb5int_des_prf,
       0,
       &krb5int_aead_raw,
       ETYPE_WEAK },
     { ENCTYPE_DES3_CBC_RAW,
       "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
       &krb5int_enc_des3, NULL,
-      8,
+      16,
       krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt,
       krb5int_dk_string_to_key,
       NULL, /*PRF*/
@@ -96,10 +97,10 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
       "Triple DES cbc mode with HMAC/sha1",
       &krb5int_enc_des3, &krb5int_hash_sha1,
-      8,
+      16,
       krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
       krb5int_dk_string_to_key,
-      NULL, /*PRF*/
+      krb5int_dk_prf,
       CKSUMTYPE_HMAC_SHA1_DES3,
       &krb5int_aead_dk,
       0 /*flags*/ },
index 4f01e7964a3244b625beef0087eb28cce3c7cfa6..504dc317339a5fb845c1b3c191a92d002ed08a86 100644 (file)
@@ -1,3 +1,5 @@
 The first test  mirrors the first two tests in t_prf.in.
 
 The second test mirrors the following four tests in t_prf.in.
+
+The third and fourth tests are simple tests of the DES and 3DES PRF.
index 104c6c4a046c7092808067fc946fa7c7259431de..709791121ab625e8f024c24360419cd9365a5a9b 100644 (file)
@@ -1,2 +1,4 @@
 97df97e4b798b29eb31ed7280287a92a
 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
+43bae3738c9467e6
+e58f9eb643862c13ad38e529313462a7f73e62834fe54a01
index d06fd5621240773f2ce8145deee88bd49d68c58a..b951e4c0e48207deda3314fd556aa1e7b00f5a2f 100644 (file)
@@ -8,3 +8,13 @@ key1
 key2
 a
 b
+1
+key1
+key2
+a
+b
+16
+key1
+key2
+a
+b