------------------------------------------------------------------------
r22095 | hartmans | 2009-03-16 12:50:23 -0400 (Mon, 16 Mar 2009) | 7 lines
Changed paths:
M /trunk/src/lib/crypto/Makefile.in
A /trunk/src/lib/crypto/t_cf2.c
A /trunk/src/lib/crypto/t_cf2.comments
A /trunk/src/lib/crypto/t_cf2.expected
A /trunk/src/lib/crypto/t_cf2.in
A /trunk/src/lib/crypto/t_prf.comments
A /trunk/src/lib/crypto/t_prf.expected
A /trunk/src/lib/crypto/t_prf.in
ticket: 6421
Implement test cases for CF2
Implement a simple program to call KRB-FX-CF2 and print the resulting
keys. Add to regression tests. Also, use the PRF testing application
to confirm that CF2 generates consistent keys if called by hand.
------------------------------------------------------------------------
r22094 | hartmans | 2009-03-16 12:50:09 -0400 (Mon, 16 Mar 2009) | 6 lines
Changed paths:
M /trunk/src/include/krb5/krb5.hin
M /trunk/src/lib/crypto/Makefile.in
A /trunk/src/lib/crypto/cf2.c
M /trunk/src/lib/crypto/etypes.h
M /trunk/src/lib/crypto/libk5crypto.exports
ticket: 6421
Subject: Implement KRB-FX_CF2
Draft-ietf-krb-wg-preauth-framework defines a function KRB-FX-CF2 that
combines two keys of arbitrary enctype. Implement this function as an
exported API.
ticket: 6421
version_fixed: 1.7
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@22228
dc483132-0cff-0310-8789-
dd5450dbe970
krb5_error_code KRB5_CALLCONV
krb5_c_prf_length (krb5_context, krb5_enctype, size_t *outlen);
+krb5_error_code KRB5_CALLCONV
+krb5_c_fx_cf2_simple(krb5_context context,
+ krb5_keyblock *k1, const char *pepper1,
+ krb5_keyblock *k2, const char *pepper2,
+ krb5_keyblock **out);
+ /* Returns KRB-FX-CF2 in a newly allocated
+ * keyblock on success or an error code on error.
+ * This function is simple in that it assumes
+ * pepper1 and pepper2 are C strings with no
+ * internal nulls and that the enctype of the
+ * result will be the same as that of k1. Both
+ * of these assumptions are true of current
+ * specs.
+ */
+
krb5_error_code KRB5_CALLCONV
krb5_c_make_random_key
EXTRADEPSRCS=\
$(srcdir)/t_nfold.c \
+ $(srcdir)/t_cf2.c \
$(srcdir)/t_encrypt.c \
$(srcdir)/t_prf.c \
$(srcdir)/t_prng.c \
STLIBOBJS=\
aead.o \
block_size.o \
+ cf2.o \
checksum_length.o \
cksumtype_to_string.o \
cksumtypes.o \
OBJS=\
$(OUTPRE)aead.$(OBJEXT) \
$(OUTPRE)block_size.$(OBJEXT) \
+ $(OUTPRE)cf2$(OBJEXT) \
$(OUTPRE)checksum_length.$(OBJEXT) \
$(OUTPRE)cksumtype_to_string.$(OBJEXT) \
$(OUTPRE)cksumtypes.$(OBJEXT) \
$(srcdir)/old_api_glue.c \
$(srcdir)/pbkdf2.c \
$(srcdir)/prf.c \
+ $(srcdir)/cf2.c \
$(srcdir)/prng.c \
$(srcdir)/random_to_key.c \
$(srcdir)/state.c \
clean-unix:: clean-liblinks clean-libs clean-libobjs
-check-unix:: t_nfold t_encrypt t_prf t_prng t_hmac t_pkcs5
+check-unix:: t_nfold t_encrypt t_prf t_prng t_hmac t_pkcs5 t_cf2
$(RUN_SETUP) $(VALGRIND) ./t_nfold
$(RUN_SETUP) $(VALGRIND) ./t_encrypt
$(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \
diff t_prng.output $(srcdir)/t_prng.expected
$(RUN_SETUP) $(VALGRIND) ./t_hmac
+ $(RUN_SETUP) $(VALGRIND) ./t_prf <$(srcdir)/t_prf.in >t_prf.output
+ diff t_prf.output $(srcdir)/t_prf.expected
+ $(RUN_SETUP) $(VALGRIND) ./t_cf2 <$(srcdir)/t_cf2.in >t_cf2.output
+ diff t_cf2.output $(srcdir)/t_cf2.expected
+
# $(RUN_SETUP) $(VALGRIND) ./t_pkcs5
t_prf$(EXEEXT): t_prf.$(OBJEXT) $(SUPPORT_DEPLIB)
$(CC_LINK) -o $@ t_prf.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+t_cf2$(EXEEXT): t_cf2.$(OBJEXT) $(SUPPORT_DEPLIB)
+ $(CC_LINK) -o $@ t_cf2.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+
+
t_prng$(EXEEXT): t_prng.$(OBJEXT) $(SUPPORT_DEPLIB)
$(CC_LINK) -o $@ t_prng.$(OBJEXT) -lk5crypto -lcom_err $(SUPPORT_LIB)
clean::
$(RM) t_nfold.o t_nfold t_encrypt t_encrypt.o t_prng.o t_prng \
- t_hmac.o t_hmac t_pkcs5.o t_pkcs5 pbkdf2.o t_prf t_prf.o
+ t_hmac.o t_hmac t_pkcs5.o t_pkcs5 pbkdf2.o t_prf t_prf.o t_cf2 t_cf2.o
-$(RM) t_prng.output
all-windows::
--- /dev/null
+/*
+ * lib/crypto/cf2.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ *
+ * Implement KRB_FX_CF2 function per
+ *draft-ietf-krb-wg-preauth-framework-09. Take two keys and two
+ *pepper strings as input and return a combined key.
+ */
+
+#include <k5-int.h>
+#include <assert.h>
+#include "etypes.h"
+
+
+/*
+ * Call the PRF function multiple times with the pepper prefixed with
+ * a count byte to get enough bits of output.
+ */
+static krb5_error_code
+prf_plus( krb5_context context, krb5_keyblock *k,const char *pepper,
+ size_t keybytes, char **out)
+{
+ krb5_error_code retval = 0;
+ size_t prflen, iterations;
+ krb5_data out_data;
+ krb5_data in_data;
+ char *buffer = NULL;
+ struct k5buf prf_inbuf;
+ krb5int_buf_init_dynamic(&prf_inbuf);
+ krb5int_buf_add_len( &prf_inbuf, "\001", 1);
+ krb5int_buf_add( &prf_inbuf, pepper);
+ retval = krb5_c_prf_length( context, k->enctype, &prflen);
+ if (retval != 0)
+ goto cleanup;
+ iterations = keybytes/prflen;
+ if ((keybytes%prflen) != 0)
+ iterations++;
+ assert(iterations <= 254);
+ buffer = malloc(iterations*prflen);
+ if (buffer == NULL) {
+ retval = ENOMEM;
+ goto cleanup;
+ }
+ if (krb5int_buf_len( &prf_inbuf) == -1) {
+ retval = ENOMEM;
+ goto cleanup;
+ }
+ in_data.length = (krb5_int32) krb5int_buf_len( &prf_inbuf);
+ in_data.data = krb5int_buf_data( &prf_inbuf);
+ out_data.length = prflen;
+ out_data.data = buffer;
+
+ while (iterations > 0) {
+ retval = krb5_c_prf( context, k, &in_data, &out_data);
+ if (retval != 0)
+ goto cleanup;
+ out_data.data += prflen;
+ in_data.data[0]++;
+ iterations--;
+ }
+ cleanup:
+ if (retval == 0 )
+ *out = buffer;
+ else{
+ if (buffer != NULL)
+ free(buffer);
+ }
+ krb5int_free_buf( &prf_inbuf);
+ return retval;
+}
+
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_fx_cf2_simple(krb5_context context,
+ krb5_keyblock *k1, const char *pepper1,
+ krb5_keyblock *k2, const char *pepper2,
+ krb5_keyblock **out)
+{
+ const struct krb5_keytypes *out_enctype;
+ size_t keybytes, keylength, i;
+ char *prf1 = NULL, *prf2 = NULL;
+ krb5_data keydata;
+ krb5_enctype out_enctype_num;
+ krb5_error_code retval = 0;
+ krb5_keyblock *out_key = NULL;
+
+
+ if (k1 == NULL ||!krb5_c_valid_enctype(k1->enctype))
+ return KRB5_BAD_ENCTYPE;
+ if (k2 == NULL || !krb5_c_valid_enctype(k2->enctype))
+ return KRB5_BAD_ENCTYPE;
+ out_enctype_num = k1->enctype;
+ assert(out != NULL);
+ assert ((out_enctype = find_enctype(out_enctype_num)) != NULL);
+ if (out_enctype->prf == NULL) {
+ if (context)
+ krb5int_set_error(&(context->err) , KRB5_CRYPTO_INTERNAL,
+ "Enctype %d has no PRF", out_enctype_num);
+ return KRB5_CRYPTO_INTERNAL;
+ }
+ keybytes = out_enctype->enc->keybytes;
+ keylength = out_enctype->enc->keylength;
+
+ retval = prf_plus( context, k1, pepper1, keybytes, &prf1);
+ if (retval != 0)
+ goto cleanup;
+ retval = prf_plus( context, k2, pepper2, keybytes, &prf2);
+ if (retval != 0)
+ goto cleanup;
+ for (i = 0; i < keybytes; i++)
+ prf1[i] ^= prf2[i];
+ zap(prf2, keybytes);
+ retval = krb5int_c_init_keyblock( context, out_enctype_num, keylength, &out_key);
+ if (retval != 0)
+ goto cleanup;
+ keydata.data = prf1;
+ keydata.length = keybytes;
+ retval = out_enctype->enc->make_key( &keydata, out_key);
+
+ cleanup:
+ if (retval == 0)
+ *out = out_key;
+ else krb5int_c_free_keyblock( context, out_key);
+ if (prf1 != NULL) {
+ zap(prf1, keybytes);
+ free(prf1);
+ }
+ if (prf2 != NULL)
+ free(prf2);
+ return retval;
+}
extern const struct krb5_keytypes krb5_enctypes_list[];
extern const int krb5_enctypes_length;
+
+static inline const struct krb5_keytypes*
+find_enctype (krb5_enctype enctype)
+{
+ int i;
+ for (i=0; i<krb5_enctypes_length; i++) {
+ if (krb5_enctypes_list[i].etype == enctype)
+ break;
+ }
+
+ if (i == krb5_enctypes_length)
+ return NULL;
+ return &krb5_enctypes_list[i];
+}
krb5_arcfour_encrypt
krb5_arcfour_encrypt_length
krb5_c_block_size
+krb5_c_fx_cf2_simple
krb5_c_checksum_length
krb5_c_crypto_length
krb5_c_crypto_length_iov
--- /dev/null
+/*
+ * lib/crypto/t_cf2.c
+ *
+ * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ * This file contains tests for theKRB-FX-CF2 code in Kerberos, based
+ *on the PRF regression tests. It reads an input file, and writes an
+ *output file. It is assumed that the output file will be diffed
+ *against expected output to see whether regression tests pass. The
+ *input file is a very primitive format.
+ *First line: enctype
+ *second line: key to pass to string2key; also used as salt
+ *Third line: second key to pass to string2key
+ *fourth line: pepper1
+ *fifth line: pepper2
+ *scanf is used to read the file, so interior spaces are not permitted. The program outputs the hex bytes of the key.
+ */
+#include <krb5.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <string.h>
+
+int main () {
+ char pepper1[1024], pepper2[1024];
+ krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL;
+ krb5_data s2k;
+ unsigned int i;
+ while (1) {
+ krb5_enctype enctype;
+ char s[1025];
+
+ if (scanf( "%d", &enctype) == EOF)
+ break;
+ if (scanf("%1024s", &s[0]) == EOF)
+ break;
+ assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0);
+ s2k.data = &s[0];
+ s2k.length = strlen(s);
+ assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0);
+ if (scanf("%1024s", &s[0]) == EOF)
+ break;
+ assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0);
+ s2k.data = &s[0];
+ s2k.length = strlen(s);
+ assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0);
+ if (scanf("%1024s %1024s", pepper1, pepper2) == EOF)
+ break;
+ assert(krb5_c_fx_cf2_simple(0, k1, pepper1,
+ k2, pepper2, &out) ==0);
+ i = out->length;
+ for (; i > 0; i--) {
+ printf ("%02x",
+ (unsigned int) ((unsigned char) out->contents[out->length-i]));
+ }
+ printf ("\n");
+
+ krb5_free_keyblock(0,out);
+ out = NULL;
+
+ krb5_free_keyblock(0, k1);
+ k1 = NULL;
+ krb5_free_keyblock(0, k2);
+ k2 = NULL;
+ }
+
+ return (0);
+}
--- /dev/null
+The first test mirrors the first two tests in t_prf.in.
+
+The second test mirrors the following four tests in t_prf.in.
--- /dev/null
+97df97e4b798b29eb31ed7280287a92a
+4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b
--- /dev/null
+17
+key1
+key2
+a
+b
+18
+key1
+key2
+a
+b
--- /dev/null
+The first two tests are effectively a call to krb-fx-cf2 for
+aes-128-cts. This mirrorrs the first test in t_cf2.in.
+
+
+The next four tests mirror a call to KRB-FX-CF2 for aes256-cts; this
+mirrors the second test in t_cf2.in.
+
+
--- /dev/null
+77b39a37a868920f2a51f9dd150c5717
+e06c0dd31ff02091994f2ef5178bfe3d
+b2628c788e2e9c4a9bb4644678c29f2f
+b406373350cee8a6126f4a9b65a0cd21
+ff0e289ea756c0559a0e911856961a49
+0d674dd0f9a6806525a4d92e828bd15a
--- /dev/null
+17
+key1
+2 0161
+17
+key2
+2 0162
+18
+key1
+2 0161
+18
+key1
+2 0261
+18
+key2
+2 0162
+18
+key2
+2 0262
projects / krb5.git / commitdiff