From 260161b4fe2a05b9afa95446eee9096f6c75ceaf Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Thu, 22 Sep 2011 18:09:45 +0000 Subject: [PATCH] Support special salt type in default krb5_dbe_cpw This change allows the "special" salt type to be used in supported_enctypes or in the argument to kadmin's cpw -e. If used, kadmind will pick a salt consisting of 64 random bits represented as 16 printable ASCII characters. The use of random explicit salts creates some interoperability issues and is not generally recommended, but can be useful for interop testing, as a workaround for obscure bugs, or to increase the difficulty of brute-force password searches in situations where none of the interoperability issues apply. ticket: 6964 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25226 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/kdb/kdb_cpw.c | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c index 88811e71b..abaae4f7c 100644 --- a/src/lib/kdb/kdb_cpw.c +++ b/src/lib/kdb/kdb_cpw.c @@ -339,6 +339,37 @@ krb5_dbe_ark(context, master_key, ks_tuple, ks_tuple_count, db_entry) return(retval); } +/* Construct a random explicit salt. */ +static krb5_error_code +make_random_salt(krb5_context context, krb5_keysalt *salt_out) +{ + krb5_error_code retval; + unsigned char rndbuf[8]; + krb5_data salt, rnd = make_data(rndbuf, sizeof(rndbuf)); + unsigned int i; + + /* + * Salts are limited by RFC 4120 to 7-bit ASCII. For ease of examination + * and to avoid certain folding issues for older enctypes, we use printable + * characters with four fixed bits and four random bits, encoding 64 + * psuedo-random bits into 16 bytes. + */ + retval = krb5_c_random_make_octets(context, &rnd); + if (retval) + return retval; + retval = alloc_data(&salt, sizeof(rndbuf) * 2); + if (retval) + return retval; + for (i = 0; i < sizeof(rndbuf); i++) { + salt.data[i * 2] = 0x40 | (rndbuf[i] >> 4); + salt.data[i * 2 + 1] = 0x40 | (rndbuf[i] & 0xf); + } + + salt_out->type = KRB5_KDB_SALTTYPE_SPECIAL; + salt_out->data = salt; + return 0; +} + /* * Add key_data for a krb5_db_entry * If passwd is NULL the assumes that the caller wants a random password. @@ -431,6 +462,11 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd, return retval; key_salt.data.length = SALT_TYPE_AFS_LENGTH; /*length actually used below...*/ break; + case KRB5_KDB_SALTTYPE_SPECIAL: + retval = make_random_salt(context, &key_salt); + if (retval) + return retval; + break; default: return(KRB5_KDB_BAD_SALTTYPE); } -- 2.26.2