disable single-DES by default
authorTom Yu <tlyu@mit.edu>
Wed, 28 Jan 2009 23:22:27 +0000 (23:22 +0000)
committerTom Yu <tlyu@mit.edu>
Wed, 28 Jan 2009 23:22:27 +0000 (23:22 +0000)
Mark all single-DES enctypes as "weak", and create a new libdefaults
variable "allow_weak_crypto", which defaults to "false".

ticket: 6353
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21823 dc483132-0cff-0310-8789-dd5450dbe970

src/include/k5-int.h
src/kadmin/testing/proto/krb5.conf.proto
src/lib/crypto/etypes.c
src/lib/crypto/etypes.h
src/lib/crypto/libk5crypto.exports
src/lib/crypto/valid_enctype.c
src/lib/krb5/krb/init_ctx.c
src/tests/dejagnu/config/default.exp

index 063c30310811cd6fd55bce84aaf9aa1375fc85f0..7de6c1a605044400bb2a65ab80b8e74f2ae6a611 100644 (file)
@@ -1228,6 +1228,8 @@ struct _krb5_context {
 
     /* For Sun iprop code; does this really have to be here?  */
     struct _kdb_log_context *kdblog_context;
+
+    krb5_boolean allow_weak_crypto;
 };
 
 /* could be used in a table to find an etype and initialize a block */
@@ -2318,6 +2320,8 @@ typedef struct
 krb5_boolean krb5_is_permitted_enctype_ext 
          ( krb5_context, krb5_etypes_permitted *);
 
+krb5_boolean KRB5_CALLCONV krb5_c_weak_enctype(krb5_enctype);
+
 krb5_error_code krb5_kdc_rep_decrypt_proc
        (krb5_context,
                const krb5_keyblock *,
index c2648d6c67e7ef9bc06284a08491038990ca233e..b6ce16bff5ec78fa5081280a9f25346f15024c92 100644 (file)
@@ -2,6 +2,7 @@
        default_realm = __REALM__
        default_keytab_name = FILE:__K5ROOT__/v5srvtab
        dns_fallback = no
+       allow_weak_crypto = true
 
 [realms]
        __REALM__ = {
index c300f3b2c1f92da32a9f4ae3639dece7c16ab2e5..1c969ae020b2d4a90ab28a37f19985508f75f077 100644 (file)
@@ -49,7 +49,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_des_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_RSA_MD5,
-      NULL  /*AEAD*/ },
+      NULL, /*AEAD*/
+      ETYPE_WEAK },
     { ENCTYPE_DES_CBC_MD4,
       "des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4",
       &krb5int_enc_des, &krb5int_hash_md4,
@@ -58,7 +59,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_des_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_RSA_MD4,
-      NULL  /*AEAD*/  },
+      NULL, /*AEAD*/
+      ETYPE_WEAK },
     { ENCTYPE_DES_CBC_MD5,
       "des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5",
       &krb5int_enc_des, &krb5int_hash_md5,
@@ -67,7 +69,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_des_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_RSA_MD5,
-      NULL  /*AEAD*/ },
+      NULL, /*AEAD*/
+      ETYPE_WEAK },
     { ENCTYPE_DES_CBC_RAW,
       "des-cbc-raw", { 0 }, "DES cbc mode raw",
       &krb5int_enc_des, NULL,
@@ -76,7 +79,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_des_string_to_key,
       NULL, /*PRF*/
       0,
-      &krb5int_aead_raw },
+      &krb5int_aead_raw,
+      ETYPE_WEAK },
     { ENCTYPE_DES3_CBC_RAW,
       "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
       &krb5int_enc_des3, NULL,
@@ -85,7 +89,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_dk_string_to_key,
       NULL, /*PRF*/
       0,
-      &krb5int_aead_raw },
+      &krb5int_aead_raw,
+      ETYPE_WEAK },
 
     { ENCTYPE_DES3_CBC_SHA1,
       "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
@@ -96,7 +101,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_dk_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_HMAC_SHA1_DES3,
-      &krb5int_aead_dk },
+      &krb5int_aead_dk,
+      0 /*flags*/ },
 
     { ENCTYPE_DES_HMAC_SHA1,
       "des-hmac-sha1", { 0 }, "DES with HMAC/sha1",
@@ -106,7 +112,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_dk_string_to_key,
       NULL, /*PRF*/
       0,
-      NULL },
+      NULL,
+      ETYPE_WEAK },
     { ENCTYPE_ARCFOUR_HMAC, 
       "arcfour-hmac", { "rc4-hmac", "arcfour-hmac-md5" },
       "ArcFour with HMAC/md5",
@@ -117,7 +124,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_HMAC_MD5_ARCFOUR,
-      &krb5int_aead_arcfour },
+      &krb5int_aead_arcfour,
+      0 /*flags*/ },
     { ENCTYPE_ARCFOUR_HMAC_EXP, 
       "arcfour-hmac-exp", { "rc4-hmac-exp", "arcfour-hmac-md5-exp" },
       "Exportable ArcFour with HMAC/md5",
@@ -128,7 +136,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_HMAC_MD5_ARCFOUR,
-      &krb5int_aead_arcfour },
+      &krb5int_aead_arcfour,
+      0 /*flags*/ },
 
     { ENCTYPE_AES128_CTS_HMAC_SHA1_96,
       "aes128-cts-hmac-sha1-96", { "aes128-cts" },
@@ -139,7 +148,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_aes_string_to_key,
       krb5int_dk_prf,
       CKSUMTYPE_HMAC_SHA1_96_AES128,
-      &krb5int_aead_aes },
+      &krb5int_aead_aes,
+      0 /*flags*/ },
     { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
       "aes256-cts-hmac-sha1-96", { "aes256-cts" },
       "AES-256 CTS mode with 96-bit SHA-1 HMAC",
@@ -149,7 +159,8 @@ const struct krb5_keytypes krb5_enctypes_list[] = {
       krb5int_aes_string_to_key,
       krb5int_dk_prf,
       CKSUMTYPE_HMAC_SHA1_96_AES256,
-      &krb5int_aead_aes },
+      &krb5int_aead_aes,
+      0 /*flags*/ },
 };
 
 const int krb5_enctypes_length =
index af2718d826188ae3329c3fa8bff8737272abf3c8..17b448cee947801568f8b3d3c819e65cd0f60625 100644 (file)
@@ -60,7 +60,10 @@ struct krb5_keytypes {
     krb5_prf_func prf;
     krb5_cksumtype required_ctype;
     const struct krb5_aead_provider *aead;
+    krb5_flags flags;
 };
 
+#define ETYPE_WEAK 1
+
 extern const struct krb5_keytypes krb5_enctypes_list[];
 extern const int krb5_enctypes_length;
index 867d9a23295156cb2847834d3da3748d0a63edd4..3cb79de26b3533d673ac80001f267eada0fa03fa 100644 (file)
@@ -45,6 +45,7 @@ krb5_c_valid_cksumtype
 krb5_c_valid_enctype
 krb5_c_verify_checksum
 krb5_c_verify_checksum_iov
+krb5_c_weak_enctype
 krb5_calculate_checksum
 krb5_checksum_size
 krb5_cksumtype_to_string
index f36023084a3db128317bc4a41fe241acaf4385f9..7b9a92a8995ca26128c66e6a54db682f7b53589a 100644 (file)
@@ -45,3 +45,24 @@ valid_enctype(krb5_enctype etype)
 {
     return krb5_c_valid_enctype (etype);
 }
+
+krb5_boolean KRB5_CALLCONV
+krb5_c_weak_enctype(krb5_enctype etype)
+{
+    int i;
+    const struct krb5_keytypes *k;
+
+    for (i = 0; i < krb5_enctypes_length; i++) {
+#if 0
+       if (krb5_enctypes_list[i].etype == etype &&
+           krb5_enctypes_list[i].flags | ETYPE_WEAK)
+           return(1);
+#endif
+       k = &krb5_enctypes_list[i];
+       if (k->etype == etype && (k->flags & ETYPE_WEAK)) {
+           return(1);
+       }
+    }
+
+    return(0);
+}
index f916660f9dda8cf3f435184fd388f8e16726f0ad..bab143e6f86aef4494faaef155b4fdbb45d5512e 100644 (file)
@@ -171,6 +171,12 @@ init_common (krb5_context *context, krb5_boolean secure, krb5_boolean kdc)
        if ((retval = krb5_os_init_context(ctx, kdc)))
                goto cleanup;
 
+       retval = profile_get_boolean(ctx->profile, "libdefaults",
+                                    "allow_weak_crypto", NULL, 0, &tmp);
+       if (retval)
+               goto cleanup;
+       ctx->allow_weak_crypto = tmp;
+
        /* initialize the prng (not well, but passable) */
        if ((retval = krb5_c_random_os_entropy( ctx, 0, NULL)) !=0)
          goto cleanup;
@@ -289,6 +295,8 @@ krb5_set_default_in_tkt_ktypes(krb5_context context, const krb5_enctype *ktypes)
        for (i = 0; ktypes[i]; i++) {
            if (!krb5_c_valid_enctype(ktypes[i])) 
                return KRB5_PROG_ETYPE_NOSUPP;
+           if (!context->allow_weak_crypto && krb5_c_weak_enctype(ktypes[i]))
+               return KRB5_PROG_ETYPE_NOSUPP;
        }
 
        /* Now copy the default ktypes into the context pointer */
@@ -314,6 +322,7 @@ get_profile_etype_list(krb5_context context, krb5_enctype **ktypes, char *profst
                       unsigned int ctx_count, krb5_enctype *ctx_list)
 {
     krb5_enctype *old_ktypes;
+    krb5_enctype ktype;
 
     if (ctx_count) {
        /* application-set defaults */
@@ -367,9 +376,11 @@ get_profile_etype_list(krb5_context context, krb5_enctype **ktypes, char *profst
        j = 0;
        i = 1;
        while (1) {
-           if (! krb5_string_to_enctype(sp, &old_ktypes[j]))
+           if (!krb5_string_to_enctype(sp, &ktype) &&
+               (context->allow_weak_crypto || !krb5_c_weak_enctype(ktype))) {
+               old_ktypes[j] = ktype;
                j++;
-
+           }
            if (i++ >= count)
                break;
 
@@ -410,6 +421,8 @@ krb5_set_default_tgs_enctypes (krb5_context context, const krb5_enctype *ktypes)
        for (i = 0; ktypes[i]; i++) {
            if (!krb5_c_valid_enctype(ktypes[i])) 
                return KRB5_PROG_ETYPE_NOSUPP;
+           if (!context->allow_weak_crypto && krb5_c_weak_enctype(ktypes[i]))
+               return KRB5_PROG_ETYPE_NOSUPP;
        }
 
        /* Now copy the default ktypes into the context pointer */
index 2c6c56f736e6c5639c1dcc54b6b893f3042c2dd5..aa53f333f33212ac2bdc24e84c42a5b50d93d20b 100644 (file)
@@ -1024,6 +1024,7 @@ proc setup_krb5_conf { {type client} } {
        puts $conffile "\[libdefaults\]"
        puts $conffile "        default_realm = $REALMNAME"
        puts $conffile "        dns_lookup_kdc = false"
+       puts $conffile "        allow_weak_crypto = true"
        if [info exists default_tgs_enctypes($type)] {
            puts $conffile \
                    "   default_tgs_enctypes = $default_tgs_enctypes($type)"