From 6ce8b3450b2c24ba09a298895c724a40a929d024 Mon Sep 17 00:00:00 2001 From: Sam Hartman Date: Tue, 24 Feb 2004 21:07:22 +0000 Subject: [PATCH] Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 Previously, MIT had support for a version of the des3 enctype with a 32-bit length prepended to encrypted data. Remove that support. This is non-standard and is no longer needed even at MIT. Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16122 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/ChangeLog | 4 + src/include/krb5.hin | 5 +- src/kdc/ChangeLog | 8 ++ src/kdc/kdc_preauth.c | 1 - src/kdc/kerberos_v4.c | 6 +- src/kdc/main.c | 17 ---- src/lib/crypto/ChangeLog | 4 + src/lib/crypto/dk/ChangeLog | 6 ++ src/lib/crypto/dk/checksum.c | 78 ----------------- src/lib/crypto/dk/dk.h | 25 ------ src/lib/crypto/dk/dk_decrypt.c | 139 ------------------------------- src/lib/crypto/dk/dk_encrypt.c | 147 --------------------------------- src/lib/crypto/etypes.c | 13 --- src/lib/crypto/make_checksum.c | 10 --- src/lib/krb4/ChangeLog | 4 + src/lib/krb4/rd_svc_key.c | 3 +- 16 files changed, 30 insertions(+), 440 deletions(-) diff --git a/src/include/ChangeLog b/src/include/ChangeLog index fdfcce86d..1e5b3e90b 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -1,3 +1,7 @@ +2004-02-24 Sam Hartman + + * krb5.hin: Remove des3 with 32-bit length + 2004-01-04 Jeffrey Altman * win-mac.h: conditionally define strcasecmp/strncasecmp macros diff --git a/src/include/krb5.hin b/src/include/krb5.hin index a397cb74a..676cf22ea 100644 --- a/src/include/krb5.hin +++ b/src/include/krb5.hin @@ -356,9 +356,6 @@ typedef struct _krb5_enc_data { #define ENCTYPE_ARCFOUR_HMAC 0x0017 #define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 #define ENCTYPE_UNKNOWN 0x01ff -/* local crud */ -/* marc's DES-3 with 32-bit length */ -#define ENCTYPE_LOCAL_DES3_HMAC_SHA1 0x7007 #define CKSUMTYPE_CRC32 0x0001 #define CKSUMTYPE_RSA_MD4 0x0002 @@ -2413,6 +2410,8 @@ krb5_get_init_creds_opt_set_salt (krb5_get_init_creds_opt *opt, krb5_data *salt); + + krb5_error_code KRB5_CALLCONV krb5_get_init_creds_password (krb5_context context, diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index ccc42d629..b95a6ac7e 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,3 +1,11 @@ +2004-02-24 Sam Hartman + + * kerberos_v4.c (compat_decrypt_key): As below. + + * kdc_preauth.c (enctype_requires_etype_info_2): As below. + + * main.c (initialize_realms): Remove support for marc 3des with length + 2004-02-24 Ken Raeburn * Makefile.in (OBJS, krb5kdc, fakeka): Link against apputils lib diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index 342f05021..a8d9216ba 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -465,7 +465,6 @@ enctype_requires_etype_info_2(krb5_enctype enctype) case ENCTYPE_DES3_CBC_RAW: case ENCTYPE_ARCFOUR_HMAC: case ENCTYPE_ARCFOUR_HMAC_EXP : - case ENCTYPE_LOCAL_DES3_HMAC_SHA1: return 0; default: if (krb5_c_valid_enctype(enctype)) diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index 1d1ca702e..ffa5bdd2b 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -378,8 +378,7 @@ compat_decrypt_key (krb5_key_data *in5, unsigned char *out4, retval = -1; } else { /* KLUDGE! If it's a non-raw des3 key, bash its enctype */ - if (out5->enctype == ENCTYPE_DES3_CBC_SHA1 || - out5->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) + if (out5->enctype == ENCTYPE_DES3_CBC_SHA1 ) out5->enctype = ENCTYPE_DES3_CBC_RAW; } } @@ -500,9 +499,6 @@ kerb_get_principal(char *name, char *inst, /* could have wild cards */ if (krb5_dbe_find_enctype(kdc_context, &entries, ENCTYPE_DES3_CBC_RAW, -1, kvno, &pkey) && - krb5_dbe_find_enctype(kdc_context, &entries, - ENCTYPE_LOCAL_DES3_HMAC_SHA1, - -1, kvno, &pkey) && krb5_dbe_find_enctype(kdc_context, &entries, ENCTYPE_DES3_CBC_SHA1, -1, kvno, &pkey) && diff --git a/src/kdc/main.c b/src/kdc/main.c index 9ddcaaa9e..961f3bbee 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -432,10 +432,6 @@ initialize_realms(krb5_context kcontext, int argc, char **argv) char *v4mode = 0; #endif extern char *optarg; -#ifdef ATHENA_DES3_KLUDGE - extern struct krb5_keytypes krb5_enctypes_list[]; - extern int krb5_enctypes_length; -#endif if (!krb5_aprof_init(DEFAULT_KDC_PROFILE, KDC_PROFILE_ENV, &aprof)) { hierarchy[0] = "kdcdefaults"; @@ -524,19 +520,6 @@ initialize_realms(krb5_context kcontext, int argc, char **argv) enable_v4_crossrealm(argv[0]); #endif break; - case '3': -#ifdef ATHENA_DES3_KLUDGE - if (krb5_enctypes_list[krb5_enctypes_length-1].etype - != ENCTYPE_LOCAL_DES3_HMAC_SHA1) { - fprintf(stderr, - "internal inconsistency in enctypes_list" - " while disabling\n" - "des3-marc-hmac-sha1 enctype\n"); - exit(1); - } - krb5_enctypes_length--; - break; -#endif case '?': default: usage(argv[0]); diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index 4bd14efbd..9ec0fe2ff 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,7 @@ +2004-02-24 Sam Hartman + + * etypes.c: Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 + 2004-02-18 Ken Raeburn * block_size.c, checksum_length.c, cksumtype_to_string.c, diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog index af7d148da..fb32bfdc3 100644 --- a/src/lib/crypto/dk/ChangeLog +++ b/src/lib/crypto/dk/ChangeLog @@ -1,3 +1,9 @@ +2004-02-24 Sam Hartman + + * dk.h: As below. + + * checksum.c dk_decrypt.c dk_encrypt.c: Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 + 2004-02-18 Ken Raeburn * checksum.c, derive.c, dk_decrypt.c, dk_encrypt.c: Use ANSI C diff --git a/src/lib/crypto/dk/checksum.c b/src/lib/crypto/dk/checksum.c index 4cd540d39..2f30cb740 100644 --- a/src/lib/crypto/dk/checksum.c +++ b/src/lib/crypto/dk/checksum.c @@ -101,81 +101,3 @@ cleanup: return(ret); } -#ifdef ATHENA_DES3_KLUDGE -krb5_error_code -krb5_marc_dk_make_checksum(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *input, krb5_data *output) -{ - int i; - struct krb5_enc_provider *enc; - size_t blocksize, keybytes, keylength; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data datain[2]; - unsigned char *kcdata; - krb5_keyblock kc; - - for (i=0; ienctype) - break; - } - - if (i == krb5_enctypes_length) - return(KRB5_BAD_ENCTYPE); - - enc = krb5_enctypes_list[i].enc; - - /* allocate and set to-be-derived keys */ - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - - /* key->length will be tested in enc->encrypt - output->length will be tested in krb5_hmac */ - - if ((kcdata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - - kc.contents = kcdata; - kc.length = keylength; - - /* derive the key */ - - datain[0].data = constantdata; - datain[0].length = K5CLENGTH; - - datain[0].data[0] = (usage>>24)&0xff; - datain[0].data[1] = (usage>>16)&0xff; - datain[0].data[2] = (usage>>8)&0xff; - datain[0].data[3] = usage&0xff; - - datain[0].data[4] = 0x99; - - if ((ret = krb5_derive_key(enc, key, &kc, &datain[0])) != 0) - goto cleanup; - - /* hash the data */ - - datain[0].length = 4; - datain[0].data[0] = (input->length>>24)&0xff; - datain[0].data[1] = (input->length>>16)&0xff; - datain[0].data[2] = (input->length>>8)&0xff; - datain[0].data[3] = input->length&0xff; - - datain[1] = *input; - - if ((ret = krb5_hmac(hash, &kc, 2, datain, output)) != 0) - memset(output->data, 0, output->length); - - /* ret is set correctly by the prior call */ - -cleanup: - memset(kcdata, 0, keylength); - - free(kcdata); - - return(ret); -} -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/dk/dk.h b/src/lib/crypto/dk/dk.h index a224167ea..b9c7f7007 100644 --- a/src/lib/crypto/dk/dk.h +++ b/src/lib/crypto/dk/dk.h @@ -79,28 +79,3 @@ krb5_error_code krb5_dk_make_checksum const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *input, krb5_data *output); -#ifdef ATHENA_DES3_KLUDGE -void krb5_marc_dk_encrypt_length -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - size_t input, size_t *length); - -krb5_error_code krb5_marc_dk_encrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, krb5_data *output); - -krb5_error_code krb5_marc_dk_decrypt -(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, const krb5_data *input, - krb5_data *arg_output); - -krb5_error_code krb5_marc_dk_make_checksum -(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *input, krb5_data *output); -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/dk/dk_decrypt.c b/src/lib/crypto/dk/dk_decrypt.c index bebd2665e..c4397382a 100644 --- a/src/lib/crypto/dk/dk_decrypt.c +++ b/src/lib/crypto/dk/dk_decrypt.c @@ -201,142 +201,3 @@ cleanup: return(ret); } -#ifdef ATHENA_DES3_KLUDGE -krb5_error_code -krb5_marc_dk_decrypt(enc, hash, key, usage, ivec, input, output) - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - const krb5_keyblock *key; - krb5_keyusage usage; - const krb5_data *ivec; - const krb5_data *input; - krb5_data *output; -{ - krb5_error_code ret; - size_t hashsize, blocksize, keybytes, keylength, enclen, plainlen; - unsigned char *plaindata, *kedata, *kidata, *cksum, *cn; - krb5_keyblock ke, ki; - krb5_data d1, d2; - unsigned char constantdata[K5CLENGTH]; - - /* allocate and set up ciphertext and to-be-derived keys */ - - hashsize = hash->hashsize; - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - - enclen = input->length - hashsize; - - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaindata = (unsigned char *) malloc(enclen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } - if ((cksum = (unsigned char *) malloc(hashsize)) == NULL) { - free(plaindata); - free(kidata); - free(kedata); - return(ENOMEM); - } - - ke.contents = kedata; - ke.length = keylength; - ki.contents = kidata; - ki.length = keylength; - - /* derive the keys */ - - d1.data = constantdata; - d1.length = K5CLENGTH; - - d1.data[0] = (usage>>24)&0xff; - d1.data[1] = (usage>>16)&0xff; - d1.data[2] = (usage>>8)&0xff; - d1.data[3] = usage&0xff; - - d1.data[4] = 0xAA; - - if ((ret = krb5_derive_key(enc, key, &ke, &d1)) != 0) - goto cleanup; - - d1.data[4] = 0x55; - - if ((ret = krb5_derive_key(enc, key, &ki, &d1)) != 0) - goto cleanup; - - /* decrypt the ciphertext */ - - d1.length = enclen; - d1.data = input->data; - - d2.length = enclen; - d2.data = plaindata; - - if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) - cn = d1.data + d1.length - blocksize; - else - cn = NULL; - - /* verify the hash */ - - d1.length = hashsize; - d1.data = cksum; - - if ((ret = krb5_hmac(hash, &ki, 1, &d2, &d1)) != 0) - goto cleanup; - - if (memcmp(cksum, input->data+enclen, hashsize) != 0) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - /* because this encoding isn't self-describing wrt length, the - best we can do here is to compute the length minus the - confounder. */ - - /* get the real plaintext length and copy the data into the output */ - - plainlen = ((((plaindata+blocksize)[0])<<24) | - (((plaindata+blocksize)[1])<<16) | - (((plaindata+blocksize)[2])<<8) | - ((plaindata+blocksize)[3])); - - if (plainlen > (enclen - blocksize - 4)) - return(KRB5_BAD_MSIZE); - - if (output->length < plainlen) - return(KRB5_BAD_MSIZE); - - output->length = plainlen; - - memcpy(output->data, d2.data+4+blocksize, output->length); - - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - - ret = 0; - -cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaindata, 0, enclen); - memset(cksum, 0, hashsize); - - free(cksum); - free(plaindata); - free(kidata); - free(kedata); - - return(ret); -} -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/dk/dk_encrypt.c b/src/lib/crypto/dk/dk_encrypt.c index 08d26856c..2431e61c8 100644 --- a/src/lib/crypto/dk/dk_encrypt.c +++ b/src/lib/crypto/dk/dk_encrypt.c @@ -360,150 +360,3 @@ cleanup: return(ret); } -#ifdef ATHENA_DES3_KLUDGE -void -krb5_marc_dk_encrypt_length(enc, hash, inputlen, length) - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - size_t inputlen; - size_t *length; -{ - size_t blocksize, hashsize; - - blocksize = enc->block_size; - hashsize = hash->hashsize; - *length = krb5_roundup(blocksize+4+inputlen, blocksize) + hashsize; -} - -krb5_error_code -krb5_marc_dk_encrypt(enc, hash, key, usage, ivec, input, output) - const struct krb5_enc_provider *enc; - const struct krb5_hash_provider *hash; - const krb5_keyblock *key; - krb5_keyusage usage; - const krb5_data *ivec; - const krb5_data *input; - krb5_data *output; -{ - size_t blocksize, keybytes, keylength, plainlen, enclen; - krb5_error_code ret; - unsigned char constantdata[K5CLENGTH]; - krb5_data d1, d2; - unsigned char *plaintext, *kedata, *kidata, *cn; - krb5_keyblock ke, ki; - - /* allocate and set up plaintext and to-be-derived keys */ - - blocksize = enc->block_size; - keybytes = enc->keybytes; - keylength = enc->keylength; - plainlen = krb5_roundup(blocksize+4+input->length, blocksize); - - krb5_marc_dk_encrypt_length(enc, hash, input->length, &enclen); - - /* key->length, ivec will be tested in enc->encrypt */ - - if (output->length < enclen) - return(KRB5_BAD_MSIZE); - - if ((kedata = (unsigned char *) malloc(keylength)) == NULL) - return(ENOMEM); - if ((kidata = (unsigned char *) malloc(keylength)) == NULL) { - free(kedata); - return(ENOMEM); - } - if ((plaintext = (unsigned char *) malloc(plainlen)) == NULL) { - free(kidata); - free(kedata); - return(ENOMEM); - } - - ke.contents = kedata; - ke.length = keylength; - ki.contents = kidata; - ki.length = keylength; - - /* derive the keys */ - - d1.data = constantdata; - d1.length = K5CLENGTH; - - d1.data[0] = (usage>>24)&0xff; - d1.data[1] = (usage>>16)&0xff; - d1.data[2] = (usage>>8)&0xff; - d1.data[3] = usage&0xff; - - d1.data[4] = 0xAA; - - if ((ret = krb5_derive_key(enc, key, &ke, &d1))) - goto cleanup; - - d1.data[4] = 0x55; - - if ((ret = krb5_derive_key(enc, key, &ki, &d1))) - goto cleanup; - - /* put together the plaintext */ - - d1.length = blocksize; - d1.data = plaintext; - - if ((ret = krb5_c_random_make_octets(/* XXX */ 0, &d1))) - goto cleanup; - - (plaintext+blocksize)[0] = (input->length>>24)&0xff; - (plaintext+blocksize)[1] = (input->length>>16)&0xff; - (plaintext+blocksize)[2] = (input->length>>8)&0xff; - (plaintext+blocksize)[3] = input->length&0xff; - - memcpy(plaintext+blocksize+4, input->data, input->length); - - memset(plaintext+blocksize+4+input->length, 0, - plainlen - (blocksize+4+input->length)); - - /* encrypt the plaintext */ - - d1.length = plainlen; - d1.data = plaintext; - - d2.length = plainlen; - d2.data = output->data; - - if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2)))) - goto cleanup; - - if (ivec != NULL && ivec->length == blocksize) - cn = d2.data + d2.length - blocksize; - else - cn = NULL; - - /* hash the plaintext */ - - d2.length = enclen - plainlen; - d2.data = output->data+plainlen; - - output->length = enclen; - - if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2))) { - memset(d2.data, 0, d2.length); - goto cleanup; - } - - /* update ivec */ - if (cn != NULL) - memcpy(ivec->data, cn, blocksize); - - /* ret is set correctly by the prior call */ - -cleanup: - memset(kedata, 0, keylength); - memset(kidata, 0, keylength); - memset(plaintext, 0, plainlen); - - free(plaintext); - free(kidata); - free(kedata); - - return(ret); -} -#endif /* ATHENA_DES3_KLUDGE */ diff --git a/src/lib/crypto/etypes.c b/src/lib/crypto/etypes.c index 6dcf02643..0a153743a 100644 --- a/src/lib/crypto/etypes.c +++ b/src/lib/crypto/etypes.c @@ -148,19 +148,6 @@ const struct krb5_keytypes krb5_enctypes_list[] = { &krb5int_enc_aes256, &krb5int_hash_sha1, krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt, krb5int_aes_string_to_key, CKSUMTYPE_HMAC_SHA1_96_AES256 }, - -#ifdef ATHENA_DES3_KLUDGE - /* - * If you are using this, you're almost certainly doing the - * Wrong Thing. - */ - { ENCTYPE_LOCAL_DES3_HMAC_SHA1, - "des3-marc-hmac-sha1", - "Triple DES with HMAC/sha1 and 32-bit length code", - &krb5int_enc_des3, &krb5int_hash_sha1, - krb5_marc_dk_encrypt_length, krb5_marc_dk_encrypt, krb5_marc_dk_decrypt, - krb5int_dk_string_to_key, CKSUMTYPE_HMAC_SHA1_DES3 }, -#endif }; const int krb5_enctypes_length = diff --git a/src/lib/crypto/make_checksum.c b/src/lib/crypto/make_checksum.c index 40a181db4..4a2f00072 100644 --- a/src/lib/crypto/make_checksum.c +++ b/src/lib/crypto/make_checksum.c @@ -83,16 +83,6 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, ret = (*(krb5_cksumtypes_list[i].keyhash->hash))(key, usage, 0, input, &data); } else if (krb5_cksumtypes_list[i].flags & KRB5_CKSUMFLAG_DERIVE) { - /* any key is ok */ -#ifdef ATHENA_DES3_KLUDGE - /* - * XXX Punt on actually using krb5_marc_dk_make_checksum - * for now because we never actually use a DES3 session key - * anywhere on Athena, and this is temporary anyway. - * In any case, it's way too hairy to actually make this work - * properly. - */ -#endif ret = krb5_dk_make_checksum(krb5_cksumtypes_list[i].hash, key, usage, input, &data); } else { diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog index 0b8744c25..7ca42a356 100644 --- a/src/lib/krb4/ChangeLog +++ b/src/lib/krb4/ChangeLog @@ -1,3 +1,7 @@ +2004-02-24 Sam Hartman + + * rd_svc_key.c (krb54_get_service_keyblock): Remove ENCTYPE_LOCAL_DES3_HMAC_SHA1 + 2003-12-11 Sam Hartman * rd_req.c (krb_rd_req_with_key): Note that the expiration difference between krb5 and krb4 is important diff --git a/src/lib/krb4/rd_svc_key.c b/src/lib/krb4/rd_svc_key.c index c68c8e266..2728f4a1c 100644 --- a/src/lib/krb4/rd_svc_key.c +++ b/src/lib/krb4/rd_svc_key.c @@ -195,8 +195,7 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock) /* Bash types */ /* KLUDGE! If it's a non-raw des3 key, bash its enctype */ /* See kdc/kerberos_v4.c */ - if (keyblock->enctype == ENCTYPE_DES3_CBC_SHA1 || - keyblock->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) + if (keyblock->enctype == ENCTYPE_DES3_CBC_SHA1 ) keyblock->enctype = ENCTYPE_DES3_CBC_RAW; krb5_kt_free_entry(krb5__krb4_context, &kt_entry); -- 2.26.2