rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Add SPAKE support

Browse Source 
- Improve protections on internal sensitive buffers
- Improve internal hex encoding/decoding
This commit is contained in:
Robbie Harwood 2018-03-27 11:02:50 -04:00
parent 8b49b0644c
commit 2c340efca2
13 changed files with 17226 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

866
Add-ASN.1-encoders-and-decoders-for-SPAKE-types.patch Normal file
View File

@ -0,0 +1,866 @@
From 09304f3859f2dd637b7cc27ba1cb3fb3603a3576 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Sat, 13 Jun 2015 16:04:53 -0400
Subject: [PATCH] Add ASN.1 encoders and decoders for SPAKE types
Add a new internal header k5-spake.h. Add ASN.1 encoder and decoder
functions and an internal free function for SPAKE types. Add ASN.1
tests and asn1c test vectors the new types.
The additions to to make-vectors.c use C99 designated initializers in
order to initialize unions. This is okay since make-vectors.c is only
compiled as part of "make test-vectors" and not as part of the regular
build.
(cherry picked from commit 78a09d95dff6915da4079bc611f4bb95f6a95f70)
---
src/include/k5-spake.h | 107 +++++++++++++++++++++++++++++++++++
src/lib/krb5/asn.1/asn1_k_encode.c | 52 ++++++++++++++++-
src/lib/krb5/krb/kfree.c | 40 +++++++++++++
src/lib/krb5/libkrb5.exports | 6 ++
src/tests/asn.1/Makefile.in | 2 +-
src/tests/asn.1/krb5_decode_test.c | 37 ++++++++++++
src/tests/asn.1/krb5_encode_test.c | 29 ++++++++++
src/tests/asn.1/ktest.c | 97 +++++++++++++++++++++++++++++++
src/tests/asn.1/ktest.h | 9 +++
src/tests/asn.1/ktest_equal.c | 49 ++++++++++++++++
src/tests/asn.1/ktest_equal.h | 6 ++
src/tests/asn.1/make-vectors.c | 56 ++++++++++++++++++
src/tests/asn.1/reference_encode.out | 6 ++
src/tests/asn.1/spake.asn1 | 44 ++++++++++++++
src/tests/asn.1/trval_reference.out | 50 ++++++++++++++++
15 files changed, 588 insertions(+), 2 deletions(-)
create mode 100644 src/include/k5-spake.h
create mode 100644 src/tests/asn.1/spake.asn1
diff --git a/src/include/k5-spake.h b/src/include/k5-spake.h
new file mode 100644
index 000000000..ddb5d810d
--- /dev/null
+++ b/src/include/k5-spake.h
@@ -0,0 +1,107 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* include/k5-spake.h - SPAKE preauth mech declarations */
+/*
+ * Copyright (C) 2015 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * The SPAKE preauth mechanism allows long-term client keys to be used for
+ * preauthentication without exposing them to offline dictionary attacks. The
+ * negotiated key can also be used for second-factor authentication. This
+ * header file declares structures and encoder/decoder functions for the
+ * mechanism's padata messages.
+ */
+
+#ifndef K5_SPAKE_H
+#define K5_SPAKE_H
+
+#include "k5-int.h"
+
+/* SPAKESecondFactor is contained within a SPAKEChallenge, SPAKEResponse, or
+ * EncryptedData message and contains a second-factor challenge or response. */
+typedef struct krb5_spake_factor_st {
+ int32_t type;
+ krb5_data *data;
+} krb5_spake_factor;
+
+/* SPAKESupport is sent from the client to the KDC to indicate which group the
+ * client supports. */
+typedef struct krb5_spake_support_st {
+ int32_t ngroups;
+ int32_t *groups;
+} krb5_spake_support;
+
+/* SPAKEChallenge is sent from the KDC to the client to communicate its group
+ * selection, public value, and second-factor challenge options. */
+typedef struct krb5_spake_challenge_st {
+ int32_t group;
+ krb5_data pubkey;
+ krb5_spake_factor **factors;
+} krb5_spake_challenge;
+
+/* SPAKEResponse is sent from the client to the KDC to communicate its public
+ * value and encrypted second-factor response. */
+typedef struct krb5_spake_response_st {
+ krb5_data pubkey;
+ krb5_enc_data factor;
+} krb5_spake_response;
+
+enum krb5_spake_msgtype {
+ SPAKE_MSGTYPE_UNKNOWN = -1,
+ SPAKE_MSGTYPE_SUPPORT = 0,
+ SPAKE_MSGTYPE_CHALLENGE = 1,
+ SPAKE_MSGTYPE_RESPONSE = 2,
+ SPAKE_MSGTYPE_ENCDATA = 3
+};
+
+/* PA-SPAKE is a choice among the message types which can appear in a PA-SPAKE
+ * padata element. */
+typedef struct krb5_pa_spake_st {
+ enum krb5_spake_msgtype choice;
+ union krb5_spake_message_choices {
+ krb5_spake_support support;
+ krb5_spake_challenge challenge;
+ krb5_spake_response response;
+ krb5_enc_data encdata;
+ } u;
+} krb5_pa_spake;
+
+krb5_error_code encode_krb5_spake_factor(const krb5_spake_factor *val,
+ krb5_data **code_out);
+krb5_error_code decode_krb5_spake_factor(const krb5_data *code,
+ krb5_spake_factor **val_out);
+void k5_free_spake_factor(krb5_context context, krb5_spake_factor *val);
+
+krb5_error_code encode_krb5_pa_spake(const krb5_pa_spake *val,
+ krb5_data **code_out);
+krb5_error_code decode_krb5_pa_spake(const krb5_data *code,
+ krb5_pa_spake **val_out);
+void k5_free_pa_spake(krb5_context context, krb5_pa_spake *val);
+
+#endif /* K5_SPAKE_H */
diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c
index 3b23fe34a..29f6b903d 100644
--- a/src/lib/krb5/asn.1/asn1_k_encode.c
+++ b/src/lib/krb5/asn.1/asn1_k_encode.c
@@ -25,7 +25,7 @@
*/
#include "asn1_encode.h"
-#include <assert.h>
+#include "k5-spake.h"
DEFINT_IMMEDIATE(krb5_version, KVNO, KRB5KDC_ERR_BAD_PVNO);
@@ -1817,3 +1817,53 @@ static const struct atype_info *secure_cookie_fields[] = {
DEFSEQTYPE(secure_cookie, krb5_secure_cookie, secure_cookie_fields);
MAKE_ENCODER(encode_krb5_secure_cookie, secure_cookie);
MAKE_DECODER(decode_krb5_secure_cookie, secure_cookie);
+
+DEFFIELD(spake_factor_0, krb5_spake_factor, type, 0, int32);
+DEFFIELD(spake_factor_1, krb5_spake_factor, data, 1, opt_ostring_data_ptr);
+static const struct atype_info *spake_factor_fields[] = {
+ &k5_atype_spake_factor_0, &k5_atype_spake_factor_1
+};
+DEFSEQTYPE(spake_factor, krb5_spake_factor, spake_factor_fields);
+DEFPTRTYPE(spake_factor_ptr, spake_factor);
+DEFNULLTERMSEQOFTYPE(seqof_spake_factor, spake_factor_ptr);
+DEFPTRTYPE(ptr_seqof_spake_factor, seqof_spake_factor);
+MAKE_ENCODER(encode_krb5_spake_factor, spake_factor);
+MAKE_DECODER(decode_krb5_spake_factor, spake_factor);
+
+DEFCNFIELD(spake_support_0, krb5_spake_support, groups, ngroups, 0,
+ cseqof_int32);
+static const struct atype_info *spake_support_fields[] = {
+ &k5_atype_spake_support_0
+};
+DEFSEQTYPE(spake_support, krb5_spake_support, spake_support_fields);
+
+DEFFIELD(spake_challenge_0, krb5_spake_challenge, group, 0, int32);
+DEFFIELD(spake_challenge_1, krb5_spake_challenge, pubkey, 1, ostring_data);
+DEFFIELD(spake_challenge_2, krb5_spake_challenge, factors, 2,
+ ptr_seqof_spake_factor);
+static const struct atype_info *spake_challenge_fields[] = {
+ &k5_atype_spake_challenge_0, &k5_atype_spake_challenge_1,
+ &k5_atype_spake_challenge_2
+};
+DEFSEQTYPE(spake_challenge, krb5_spake_challenge, spake_challenge_fields);
+
+DEFFIELD(spake_response_0, krb5_spake_response, pubkey, 0, ostring_data);
+DEFFIELD(spake_response_1, krb5_spake_response, factor, 1, encrypted_data);
+static const struct atype_info *spake_response_fields[] = {
+ &k5_atype_spake_response_0, &k5_atype_spake_response_1,
+};
+DEFSEQTYPE(spake_response, krb5_spake_response, spake_response_fields);
+
+DEFCTAGGEDTYPE(pa_spake_0, 0, spake_support);
+DEFCTAGGEDTYPE(pa_spake_1, 1, spake_challenge);
+DEFCTAGGEDTYPE(pa_spake_2, 2, spake_response);
+DEFCTAGGEDTYPE(pa_spake_3, 3, encrypted_data);
+static const struct atype_info *pa_spake_alternatives[] = {
+ &k5_atype_pa_spake_0, &k5_atype_pa_spake_1, &k5_atype_pa_spake_2,
+ &k5_atype_pa_spake_3
+};
+DEFCHOICETYPE(pa_spake_choice, union krb5_spake_message_choices,
+ enum krb5_spake_msgtype, pa_spake_alternatives);
+DEFCOUNTEDTYPE_SIGNED(pa_spake, krb5_pa_spake, u, choice, pa_spake_choice);
+MAKE_ENCODER(encode_krb5_pa_spake, pa_spake);
+MAKE_DECODER(decode_krb5_pa_spake, pa_spake);
diff --git a/src/lib/krb5/krb/kfree.c b/src/lib/krb5/krb/kfree.c
index a631807d3..e1ea1494a 100644
--- a/src/lib/krb5/krb/kfree.c
+++ b/src/lib/krb5/krb/kfree.c
@@ -51,6 +51,7 @@
*/
#include "k5-int.h"
+#include "k5-spake.h"
#include <assert.h>
void KRB5_CALLCONV
@@ -890,3 +891,42 @@ k5_free_secure_cookie(krb5_context context, krb5_secure_cookie *val)
k5_zapfree_pa_data(val->data);
free(val);
}
+
+void
+k5_free_spake_factor(krb5_context context, krb5_spake_factor *val)
+{
+ if (val == NULL)
+ return;
+ krb5_free_data(context, val->data);
+ free(val);
+}
+
+void
+k5_free_pa_spake(krb5_context context, krb5_pa_spake *val)
+{
+ krb5_spake_factor **f;
+
+ if (val == NULL)
+ return;
+ switch (val->choice) {
+ case SPAKE_MSGTYPE_SUPPORT:
+ free(val->u.support.groups);
+ break;
+ case SPAKE_MSGTYPE_CHALLENGE:
+ krb5_free_data_contents(context, &val->u.challenge.pubkey);
+ for (f = val->u.challenge.factors; f != NULL && *f != NULL; f++)
+ k5_free_spake_factor(context, *f);
+ free(val->u.challenge.factors);
+ break;
+ case SPAKE_MSGTYPE_RESPONSE:
+ krb5_free_data_contents(context, &val->u.response.pubkey);
+ krb5_free_data_contents(context, &val->u.response.factor.ciphertext);
+ break;
+ case SPAKE_MSGTYPE_ENCDATA:
+ krb5_free_data_contents(context, &val->u.encdata.ciphertext);
+ break;
+ default:
+ break;
+ }
+ free(val);
+}
diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
index ed6cad6ad..622bc3673 100644
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -36,6 +36,7 @@ decode_krb5_pa_otp_req
decode_krb5_pa_otp_enc_req
decode_krb5_pa_pac_req
decode_krb5_pa_s4u_x509_user
+decode_krb5_pa_spake
decode_krb5_padata_sequence
decode_krb5_priv
decode_krb5_safe
@@ -44,6 +45,7 @@ decode_krb5_sam_challenge_2_body
decode_krb5_sam_response_2
decode_krb5_secure_cookie
decode_krb5_setpw_req
+decode_krb5_spake_factor
decode_krb5_tgs_rep
decode_krb5_tgs_req
decode_krb5_ticket
@@ -85,6 +87,7 @@ encode_krb5_pa_otp_challenge
encode_krb5_pa_otp_req
encode_krb5_pa_otp_enc_req
encode_krb5_pa_s4u_x509_user
+encode_krb5_pa_spake
encode_krb5_padata_sequence
encode_krb5_pkinit_supp_pub_info
encode_krb5_priv
@@ -95,6 +98,7 @@ encode_krb5_sam_challenge_2_body
encode_krb5_sam_response_2
encode_krb5_secure_cookie
encode_krb5_sp80056a_other_info
+encode_krb5_spake_factor
encode_krb5_tgs_rep
encode_krb5_tgs_req
encode_krb5_ticket
@@ -128,7 +132,9 @@ k5_free_kkdcp_message
k5_free_pa_otp_challenge
k5_free_pa_otp_req
k5_free_secure_cookie
+k5_free_pa_spake
k5_free_serverlist
+k5_free_spake_factor
k5_hostrealm_free_context
k5_init_trace
k5_is_string_numeric
diff --git a/src/tests/asn.1/Makefile.in b/src/tests/asn.1/Makefile.in
index fec4e109e..ec9c67495 100644
--- a/src/tests/asn.1/Makefile.in
+++ b/src/tests/asn.1/Makefile.in
@@ -9,7 +9,7 @@ SRCS= $(srcdir)/krb5_encode_test.c $(srcdir)/krb5_decode_test.c \
ASN1SRCS= $(srcdir)/krb5.asn1 $(srcdir)/pkix.asn1 $(srcdir)/otp.asn1 \
$(srcdir)/pkinit.asn1 $(srcdir)/pkinit-agility.asn1 \
- $(srcdir)/cammac.asn1
+ $(srcdir)/cammac.asn1 $(srcdir)/spake.asn1
all: krb5_encode_test krb5_decode_test krb5_decode_leak t_trval
diff --git a/src/tests/asn.1/krb5_decode_test.c b/src/tests/asn.1/krb5_decode_test.c
index f17f9b1f1..ee70fa4b9 100644
--- a/src/tests/asn.1/krb5_decode_test.c
+++ b/src/tests/asn.1/krb5_decode_test.c
@@ -25,6 +25,7 @@
*/
#include "k5-int.h"
+#include "k5-spake.h"
#include "ktest.h"
#include "com_err.h"
#include "utility.h"
@@ -1107,6 +1108,42 @@ int main(argc, argv)
ktest_empty_secure_cookie(&ref);
}
+ /****************************************************************/
+ /* decode_krb5_spake_factor */
+ {
+ setup(krb5_spake_factor,ktest_make_minimal_spake_factor);
+ decode_run("spake_factor","(optionals NULL)","30 05 A0 03 02 01 01",decode_krb5_spake_factor,ktest_equal_spake_factor,k5_free_spake_factor);
+ ktest_empty_spake_factor(&ref);
+ }
+ {
+ setup(krb5_spake_factor,ktest_make_maximal_spake_factor);
+ decode_run("spake_factor","","30 0E A0 03 02 01 02 A1 07 04 05 66 64 61 74 61",decode_krb5_spake_factor,ktest_equal_spake_factor,k5_free_spake_factor);
+ ktest_empty_spake_factor(&ref);
+ }
+
+ /****************************************************************/
+ /* decode_krb5_pa_spake */
+ {
+ setup(krb5_pa_spake,ktest_make_support_pa_spake);
+ decode_run("pa_spake","(support)","A0 0C 30 0A A0 08 30 06 02 01 01 02 01 02",decode_krb5_pa_spake,ktest_equal_pa_spake,k5_free_pa_spake);
+ ktest_empty_pa_spake(&ref);
+ }
+ {
+ setup(krb5_pa_spake,ktest_make_challenge_pa_spake);
+ decode_run("pa_spake","(challenge)","A1 2D 30 2B A0 03 02 01 01 A1 09 04 07 54 20 76 61 6C 75 65 A2 19 30 17 30 05 A0 03 02 01 01 30 0E A0 03 02 01 02 A1 07 04 05 66 64 61 74 61",decode_krb5_pa_spake,ktest_equal_pa_spake,k5_free_pa_spake);
+ ktest_empty_pa_spake(&ref);
+ }
+ {
+ setup(krb5_pa_spake,ktest_make_response_pa_spake);
+ decode_run("pa_spake","(response)","A2 34 30 32 A0 09 04 07 53 20 76 61 6C 75 65 A1 25 30 23 A0 03 02 01 00 A1 03 02 01 05 A2 17 04 15 6B 72 62 41 53 4E 2E 31 20 74 65 73 74 20 6D 65 73 73 61 67 65",decode_krb5_pa_spake,ktest_equal_pa_spake,k5_free_pa_spake);
+ ktest_empty_pa_spake(&ref);
+ }
+ {
+ setup(krb5_pa_spake,ktest_make_encdata_pa_spake);
+ decode_run("pa_spake","(encdata)","A3 25 30 23 A0 03 02 01 00 A1 03 02 01 05 A2 17 04 15 6B 72 62 41 53 4E 2E 31 20 74 65 73 74 20 6D 65 73 73 61 67 65",decode_krb5_pa_spake,ktest_equal_pa_spake,k5_free_pa_spake);
+ ktest_empty_pa_spake(&ref);
+ }
+
#ifndef DISABLE_PKINIT
/****************************************************************/
diff --git a/src/tests/asn.1/krb5_encode_test.c b/src/tests/asn.1/krb5_encode_test.c
index f5710b68c..3efbfb4c0 100644
--- a/src/tests/asn.1/krb5_encode_test.c
+++ b/src/tests/asn.1/krb5_encode_test.c
@@ -759,6 +759,35 @@ main(argc, argv)
encode_run(cookie, "secure_cookie", "", encode_krb5_secure_cookie);
ktest_empty_secure_cookie(&cookie);
}
+ /****************************************************************/
+ /* encode_krb5_spake_factor */
+ {
+ krb5_spake_factor factor;
+ ktest_make_minimal_spake_factor(&factor);
+ encode_run(factor, "spake_factor", "(optionals NULL)",
+ encode_krb5_spake_factor);
+ ktest_empty_spake_factor(&factor);
+ ktest_make_maximal_spake_factor(&factor);
+ encode_run(factor, "spake_factor", "", encode_krb5_spake_factor);
+ ktest_empty_spake_factor(&factor);
+ }
+ /****************************************************************/
+ /* encode_krb5_pa_spake */
+ {
+ krb5_pa_spake pa_spake;
+ ktest_make_support_pa_spake(&pa_spake);
+ encode_run(pa_spake, "pa_spake", "(support)", encode_krb5_pa_spake);
+ ktest_empty_pa_spake(&pa_spake);
+ ktest_make_challenge_pa_spake(&pa_spake);
+ encode_run(pa_spake, "pa_spake", "(challenge)", encode_krb5_pa_spake);
+ ktest_empty_pa_spake(&pa_spake);
+ ktest_make_response_pa_spake(&pa_spake);
+ encode_run(pa_spake, "pa_spake", "(response)", encode_krb5_pa_spake);
+ ktest_empty_pa_spake(&pa_spake);
+ ktest_make_encdata_pa_spake(&pa_spake);
+ encode_run(pa_spake, "pa_spake", "(encdata)", encode_krb5_pa_spake);
+ ktest_empty_pa_spake(&pa_spake);
+ }
#ifndef DISABLE_PKINIT
/****************************************************************/
/* encode_krb5_pa_pk_as_req */
diff --git a/src/tests/asn.1/ktest.c b/src/tests/asn.1/ktest.c
index cf63f3f66..5bfdc5be2 100644
--- a/src/tests/asn.1/ktest.c
+++ b/src/tests/asn.1/ktest.c
@@ -1018,6 +1018,66 @@ ktest_make_sample_secure_cookie(krb5_secure_cookie *p)
p->time = SAMPLE_TIME;
}
+void
+ktest_make_minimal_spake_factor(krb5_spake_factor *p)
+{
+ p->type = 1;
+ p->data = NULL;
+}
+
+void
+ktest_make_maximal_spake_factor(krb5_spake_factor *p)
+{
+ p->type = 2;
+ p->data = ealloc(sizeof(*p->data));
+ krb5_data_parse(p->data, "fdata");
+}
+
+void
+ktest_make_support_pa_spake(krb5_pa_spake *p)
+{
+ krb5_spake_support *s = &p->u.support;
+
+ s->ngroups = 2;
+ s->groups = ealloc(s->ngroups * sizeof(*s->groups));
+ s->groups[0] = 1;
+ s->groups[1] = 2;
+ p->choice = SPAKE_MSGTYPE_SUPPORT;
+}
+
+void
+ktest_make_challenge_pa_spake(krb5_pa_spake *p)
+{
+ krb5_spake_challenge *c = &p->u.challenge;
+
+ c->group = 1;
+ krb5_data_parse(&c->pubkey, "T value");
+ c->factors = ealloc(3 * sizeof(*c->factors));
+ c->factors[0] = ealloc(sizeof(*c->factors[0]));
+ ktest_make_minimal_spake_factor(c->factors[0]);
+ c->factors[1] = ealloc(sizeof(*c->factors[1]));
+ ktest_make_maximal_spake_factor(c->factors[1]);
+ c->factors[2] = NULL;
+ p->choice = SPAKE_MSGTYPE_CHALLENGE;
+}
+
+void
+ktest_make_response_pa_spake(krb5_pa_spake *p)
+{
+ krb5_spake_response *r = &p->u.response;
+
+ krb5_data_parse(&r->pubkey, "S value");
+ ktest_make_sample_enc_data(&r->factor);
+ p->choice = SPAKE_MSGTYPE_RESPONSE;
+}
+
+void
+ktest_make_encdata_pa_spake(krb5_pa_spake *p)
+{
+ ktest_make_sample_enc_data(&p->u.encdata);
+ p->choice = SPAKE_MSGTYPE_ENCDATA;
+}
+
/****************************************************************/
/* destructors */
@@ -1858,3 +1918,40 @@ ktest_empty_secure_cookie(krb5_secure_cookie *p)
{
ktest_empty_pa_data_array(p->data);
}
+
+void
+ktest_empty_spake_factor(krb5_spake_factor *p)
+{
+ krb5_free_data(NULL, p->data);
+ p->data = NULL;
+}
+
+void
+ktest_empty_pa_spake(krb5_pa_spake *p)
+{
+ krb5_spake_factor **f;
+
+ switch (p->choice) {
+ case SPAKE_MSGTYPE_SUPPORT:
+ free(p->u.support.groups);
+ break;
+ case SPAKE_MSGTYPE_CHALLENGE:
+ ktest_empty_data(&p->u.challenge.pubkey);
+ for (f = p->u.challenge.factors; *f != NULL; f++) {
+ ktest_empty_spake_factor(*f);
+ free(*f);
+ }
+ free(p->u.challenge.factors);
+ break;
+ case SPAKE_MSGTYPE_RESPONSE:
+ ktest_empty_data(&p->u.response.pubkey);
+ ktest_destroy_enc_data(&p->u.response.factor);
+ break;
+ case SPAKE_MSGTYPE_ENCDATA:
+ ktest_destroy_enc_data(&p->u.encdata);
+ break;
+ default:
+ break;
+ }
+ p->choice = SPAKE_MSGTYPE_UNKNOWN;
+}
diff --git a/src/tests/asn.1/ktest.h b/src/tests/asn.1/ktest.h
index 493303cc8..1413cfae1 100644
--- a/src/tests/asn.1/ktest.h
+++ b/src/tests/asn.1/ktest.h
@@ -28,6 +28,7 @@
#define __KTEST_H__
#include "k5-int.h"
+#include "k5-spake.h"
#include "kdb.h"
#define SAMPLE_USEC 123456
@@ -124,6 +125,12 @@ void ktest_make_sample_kkdcp_message(krb5_kkdcp_message *p);
void ktest_make_minimal_cammac(krb5_cammac *p);
void ktest_make_maximal_cammac(krb5_cammac *p);
void ktest_make_sample_secure_cookie(krb5_secure_cookie *p);
+void ktest_make_minimal_spake_factor(krb5_spake_factor *p);
+void ktest_make_maximal_spake_factor(krb5_spake_factor *p);
+void ktest_make_support_pa_spake(krb5_pa_spake *p);
+void ktest_make_challenge_pa_spake(krb5_pa_spake *p);
+void ktest_make_response_pa_spake(krb5_pa_spake *p);
+void ktest_make_encdata_pa_spake(krb5_pa_spake *p);
/*----------------------------------------------------------------------*/
@@ -209,6 +216,8 @@ void ktest_empty_ldap_seqof_key_data(krb5_context, ldap_seqof_key_data *p);
void ktest_empty_kkdcp_message(krb5_kkdcp_message *p);
void ktest_empty_cammac(krb5_cammac *p);
void ktest_empty_secure_cookie(krb5_secure_cookie *p);
+void ktest_empty_spake_factor(krb5_spake_factor *p);
+void ktest_empty_pa_spake(krb5_pa_spake *p);
extern krb5_context test_context;
extern char *sample_principal_name;
diff --git a/src/tests/asn.1/ktest_equal.c b/src/tests/asn.1/ktest_equal.c
index e8bb88944..714cc4398 100644
--- a/src/tests/asn.1/ktest_equal.c
+++ b/src/tests/asn.1/ktest_equal.c
@@ -853,6 +853,13 @@ ktest_equal_sequence_of_otp_tokeninfo(krb5_otp_tokeninfo **ref,
array_compare(ktest_equal_otp_tokeninfo);
}
+int
+ktest_equal_sequence_of_spake_factor(krb5_spake_factor **ref,
+ krb5_spake_factor **var)
+{
+ array_compare(ktest_equal_spake_factor);
+}
+
#ifndef DISABLE_PKINIT
static int
@@ -1094,3 +1101,45 @@ ktest_equal_secure_cookie(krb5_secure_cookie *ref, krb5_secure_cookie *var)
p = p && ref->time == ref->time;
return p;
}
+
+int
+ktest_equal_spake_factor(krb5_spake_factor *ref, krb5_spake_factor *var)
+{
+ int p = TRUE;
+ if (ref == var) return TRUE;
+ else if (ref == NULL || var == NULL) return FALSE;
+ p = p && scalar_equal(type);
+ p = p && ptr_equal(data,ktest_equal_data);
+ return p;
+}
+
+int
+ktest_equal_pa_spake(krb5_pa_spake *ref, krb5_pa_spake *var)
+{
+ int p = TRUE;
+ if (ref == var) return TRUE;
+ else if (ref == NULL || var == NULL) return FALSE;
+ else if (ref->choice != var->choice) return FALSE;
+ switch (ref->choice) {
+ case SPAKE_MSGTYPE_SUPPORT:
+ p = p && scalar_equal(u.support.ngroups);
+ p = p && (memcmp(ref->u.support.groups,var->u.support.groups,
+ ref->u.support.ngroups * sizeof(int32_t)) == 0);
+ break;
+ case SPAKE_MSGTYPE_CHALLENGE:
+ p = p && struct_equal(u.challenge.pubkey,ktest_equal_data);
+ p = p && ptr_equal(u.challenge.factors,
+ ktest_equal_sequence_of_spake_factor);
+ break;
+ case SPAKE_MSGTYPE_RESPONSE:
+ p = p && struct_equal(u.response.pubkey,ktest_equal_data);
+ p = p && struct_equal(u.response.factor,ktest_equal_enc_data);
+ break;
+ case SPAKE_MSGTYPE_ENCDATA:
+ p = p && struct_equal(u.encdata,ktest_equal_enc_data);
+ break;
+ default:
+ break;
+ }
+ return p;
+}
diff --git a/src/tests/asn.1/ktest_equal.h b/src/tests/asn.1/ktest_equal.h
index c7b5d7467..cfa82ac6e 100644
--- a/src/tests/asn.1/ktest_equal.h
+++ b/src/tests/asn.1/ktest_equal.h
@@ -28,6 +28,7 @@
#define __KTEST_EQUAL_H__
#include "k5-int.h"
+#include "k5-spake.h"
#include "kdb.h"
/* int ktest_equal_structure(krb5_structure *ref, *var) */
@@ -97,6 +98,8 @@ ktest_equal_sequence_of_algorithm_identifier(krb5_algorithm_identifier **ref,
krb5_algorithm_identifier **var);
int ktest_equal_sequence_of_otp_tokeninfo(krb5_otp_tokeninfo **ref,
krb5_otp_tokeninfo **var);
+int ktest_equal_sequence_of_spake_factor(krb5_spake_factor **ref,
+ krb5_spake_factor **var);
len_array(ktest_equal_array_of_enctype,krb5_enctype);
len_array(ktest_equal_array_of_data,krb5_data);
@@ -152,4 +155,7 @@ int ktest_equal_cammac(krb5_cammac *ref, krb5_cammac *var);
int ktest_equal_secure_cookie(krb5_secure_cookie *ref,
krb5_secure_cookie *var);
+generic(ktest_equal_spake_factor, krb5_spake_factor);
+generic(ktest_equal_pa_spake, krb5_pa_spake);
+
#endif
diff --git a/src/tests/asn.1/make-vectors.c b/src/tests/asn.1/make-vectors.c
index 3cb8a45ba..2fc85466b 100644
--- a/src/tests/asn.1/make-vectors.c
+++ b/src/tests/asn.1/make-vectors.c
@@ -40,6 +40,8 @@
#include <PA-OTP-REQUEST.h>
#include <PA-OTP-ENC-REQUEST.h>
#include <AD-CAMMAC.h>
+#include <SPAKESecondFactor.h>
+#include <PA-SPAKE.h>
static unsigned char buf[8192];
static size_t buf_pos;
@@ -168,6 +170,36 @@ static struct other_verifiers overfs = { { verifiers, 2, 2 } };
static AD_CAMMAC_t cammac_2 = { { { (void *)adlist_2, 2, 2 } },
&vmac_1, &vmac_2, &overfs };
+/* SPAKESecondFactor */
+static SPAKESecondFactor_t factor_1 = { 1, NULL };
+static OCTET_STRING_t factor_data = { "fdata", 5 };
+static SPAKESecondFactor_t factor_2 = { 2, &factor_data };
+
+/* PA-SPAKE (support) */
+static Int32_t group_1 = 1, group_2 = 2, *groups[] = { &group_1, &group_2 };
+static PA_SPAKE_t pa_spake_1 = { PA_SPAKE_PR_support,
+ { .support = { { groups, 2, 2 } } } };
+
+/* PA-SPAKE (challenge) */
+static SPAKESecondFactor_t *factors[2] = { &factor_1, &factor_2 };
+static PA_SPAKE_t pa_spake_2 = { PA_SPAKE_PR_challenge,
+ { .challenge = { 1, { "T value", 7 },
+ { factors, 2, 2 } } } };
+
+/* PA-SPAKE (response) */
+UInt32_t enctype_5 = 5;
+static PA_SPAKE_t pa_spake_3 = { PA_SPAKE_PR_response,
+ { .response = { { "S value", 7 },
+ { 0, &enctype_5,
+ { "krbASN.1 test message",
+ 21 } } } } };
+
+/* PA-SPAKE (encdata) */
+static PA_SPAKE_t pa_spake_4 = { PA_SPAKE_PR_encdata,
+ { .encdata = { 0, &enctype_5,
+ { "krbASN.1 test message",
+ 21 } } } };
+
static int
consume(const void *data, size_t size, void *dummy)
{
@@ -272,6 +304,30 @@ main()
der_encode(&asn_DEF_AD_CAMMAC, &cammac_2, consume, NULL);
printbuf();
+ printf("\nMinimal SPAKESecondFactor:\n");
+ der_encode(&asn_DEF_SPAKESecondFactor, &factor_1, consume, NULL);
+ printbuf();
+
+ printf("\nMaximal SPAKESecondFactor:\n");
+ der_encode(&asn_DEF_SPAKESecondFactor, &factor_2, consume, NULL);
+ printbuf();
+
+ printf("\nPA-SPAKE (support):\n");
+ der_encode(&asn_DEF_PA_SPAKE, &pa_spake_1, consume, NULL);
+ printbuf();
+
+ printf("\nPA-SPAKE (challenge):\n");
+ der_encode(&asn_DEF_PA_SPAKE, &pa_spake_2, consume, NULL);
+ printbuf();
+
+ printf("\nPA-SPAKE (response):\n");
+ der_encode(&asn_DEF_PA_SPAKE, &pa_spake_3, consume, NULL);
+ printbuf();
+
+ printf("\nPA-SPAKE (encdata):\n");
+ der_encode(&asn_DEF_PA_SPAKE, &pa_spake_4, consume, NULL);
+ printbuf();
+
printf("\n");
return 0;
}
diff --git a/src/tests/asn.1/reference_encode.out b/src/tests/asn.1/reference_encode.out
index 824e0798b..a76deead2 100644
--- a/src/tests/asn.1/reference_encode.out
+++ b/src/tests/asn.1/reference_encode.out
@@ -72,3 +72,9 @@ encode_krb5_kkdcp_message: 30 82 01 FC A0 82 01 EC 04 82 01 E8 6A 82 01 E4 30 82
encode_krb5_cammac(optionals NULL): 30 12 A0 10 30 0E 30 0C A0 03 02 01 01 A1 05 04 03 61 64 31
encode_krb5_cammac: 30 81 F2 A0 1E 30 1C 30 0C A0 03 02 01 01 A1 05 04 03 61 64 31 30 0C A0 03 02 01 02 A1 05 04 03 61 64 32 A1 3D 30 3B A0 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A1 03 02 01 05 A2 03 02 01 10 A3 13 30 11 A0 03 02 01 01 A1 0A 04 08 63 6B 73 75 6D 6B 64 63 A2 3D 30 3B A0 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A1 03 02 01 05 A2 03 02 01 10 A3 13 30 11 A0 03 02 01 01 A1 0A 04 08 63 6B 73 75 6D 73 76 63 A3 52 30 50 30 13 A3 11 30 0F A0 03 02 01 01 A1 08 04 06 63 6B 73 75 6D 31 30 39 A0 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A1 03 02 01 05 A2 03 02 01 10 A3 11 30 0F A0 03 02 01 01 A1 08 04 06 63 6B 73 75 6D 32
encode_krb5_secure_cookie: 30 2C 02 04 2D F8 02 25 30 24 30 10 A1 03 02 01 0D A2 09 04 07 70 61 2D 64 61 74 61 30 10 A1 03 02 01 0D A2 09 04 07 70 61 2D 64 61 74 61
+encode_krb5_spake_factor(optionals NULL): 30 05 A0 03 02 01 01
+encode_krb5_spake_factor: 30 0E A0 03 02 01 02 A1 07 04 05 66 64 61 74 61
+encode_krb5_pa_spake(support): A0 0C 30 0A A0 08 30 06 02 01 01 02 01 02
+encode_krb5_pa_spake(challenge): A1 2D 30 2B A0 03 02 01 01 A1 09 04 07 54 20 76 61 6C 75 65 A2 19 30 17 30 05 A0 03 02 01 01 30 0E A0 03 02 01 02 A1 07 04 05 66 64 61 74 61
+encode_krb5_pa_spake(response): A2 34 30 32 A0 09 04 07 53 20 76 61 6C 75 65 A1 25 30 23 A0 03 02 01 00 A1 03 02 01 05 A2 17 04 15 6B 72 62 41 53 4E 2E 31 20 74 65 73 74 20 6D 65 73 73 61 67 65
+encode_krb5_pa_spake(encdata): A3 25 30 23 A0 03 02 01 00 A1 03 02 01 05 A2 17 04 15 6B 72 62 41 53 4E 2E 31 20 74 65 73 74 20 6D 65 73 73 61 67 65
diff --git a/src/tests/asn.1/spake.asn1 b/src/tests/asn.1/spake.asn1
new file mode 100644
index 000000000..50718d8ad
--- /dev/null
+++ b/src/tests/asn.1/spake.asn1
@@ -0,0 +1,44 @@
+KerberosV5SPAKE {
+ iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) kerberosV5(2) modules(4) spake(8)
+} DEFINITIONS EXPLICIT TAGS ::= BEGIN
+
+IMPORTS
+ EncryptedData, Int32
+ FROM KerberosV5Spec2 { iso(1) identified-organization(3)
+ dod(6) internet(1) security(5) kerberosV5(2) modules(4)
+ krb5spec2(2) };
+ -- as defined in RFC 4120.
+
+SPAKESupport ::= SEQUENCE {
+ groups [0] SEQUENCE (SIZE(1..MAX)) OF Int32,
+ ...
+}
+
+SPAKEChallenge ::= SEQUENCE {
+ group [0] Int32,
+ pubkey [1] OCTET STRING,
+ factors [2] SEQUENCE (SIZE(1..MAX)) OF SPAKESecondFactor,
+ ...
+}
+
+SPAKESecondFactor ::= SEQUENCE {
+ type [0] Int32,
+ data [1] OCTET STRING OPTIONAL
+}
+
+SPAKEResponse ::= SEQUENCE {
+ pubkey [0] OCTET STRING,
+ factor [1] EncryptedData, -- SPAKESecondFactor
+ ...
+}
+
+PA-SPAKE ::= CHOICE {
+ support [0] SPAKESupport,
+ challenge [1] SPAKEChallenge,
+ response [2] SPAKEResponse,
+ encdata [3] EncryptedData,
+ ...
+}
+
+END
diff --git a/src/tests/asn.1/trval_reference.out b/src/tests/asn.1/trval_reference.out
index c27a0425b..e5c715924 100644
--- a/src/tests/asn.1/trval_reference.out
+++ b/src/tests/asn.1/trval_reference.out
@@ -1584,3 +1584,53 @@ encode_krb5_secure_cookie:
. . [Sequence/Sequence Of]
. . . [1] [Integer] 13
. . . [2] [Octet String] "pa-data"
+
+encode_krb5_spake_factor(optionals NULL):
+
+[Sequence/Sequence Of]
+. [0] [Integer] 1
+
+encode_krb5_spake_factor:
+
+[Sequence/Sequence Of]
+. [0] [Integer] 2
+. [1] [Octet String] "fdata"
+
+encode_krb5_pa_spake(support):
+
+[CONT 0]
+. [Sequence/Sequence Of]
+. . [0] [Sequence/Sequence Of]
+. . . [Integer] 1
+. . . [Integer] 2
+
+encode_krb5_pa_spake(challenge):
+
+[CONT 1]
+. [Sequence/Sequence Of]
+. . [0] [Integer] 1
+. . [1] [Octet String] "T value"
+. . [2] [Sequence/Sequence Of]
+. . . [Sequence/Sequence Of]
+. . . . [0] [Integer] 1
+. . . [Sequence/Sequence Of]
+. . . . [0] [Integer] 2
+. . . . [1] [Octet String] "fdata"
+
+encode_krb5_pa_spake(response):
+
+[CONT 2]
+. [Sequence/Sequence Of]
+. . [0] [Octet String] "S value"
+. . [1] [Sequence/Sequence Of]
+. . . [0] [Integer] 0
+. . . [1] [Integer] 5
+. . . [2] [Octet String] "krbASN.1 test message"
+
+encode_krb5_pa_spake(encdata):
+
+[CONT 3]
+. [Sequence/Sequence Of]
+. . [0] [Integer] 0
+. . [1] [Integer] 5
+. . [2] [Octet String] "krbASN.1 test message"

14349
Add-SPAKE-preauth-support.patch Normal file
View File

File diff suppressed because it is too large Load Diff

31
Add-doc-index-entries-for-SPAKE-constants.patch Normal file
View File

@ -0,0 +1,31 @@
From c4c9ca6edde2157cd42839d227e5f3defd4011a1 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 27 Mar 2018 00:49:43 -0400
Subject: [PATCH] Add doc index entries for SPAKE constants
ticket: 8647
(cherry picked from commit c010c9031753f356bb380e8a1324cc34721f8221)
---
doc/appdev/refs/macros/index.rst | 2 ++
1 file changed, 2 insertions(+)
diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
index dba818b26..47c6d4413 100644
--- a/doc/appdev/refs/macros/index.rst
+++ b/doc/appdev/refs/macros/index.rst
@@ -190,6 +190,7 @@ Public
KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM.rst
KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID.rst
KRB5_KEYUSAGE_PA_SAM_RESPONSE.rst
+ KRB5_KEYUSAGE_SPAKE.rst
KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY.rst
KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY.rst
KRB5_KEYUSAGE_TGS_REQ_AD_SESSKEY.rst
@@ -274,6 +275,7 @@ Public
KRB5_PADATA_SAM_RESPONSE.rst
KRB5_PADATA_SAM_RESPONSE_2.rst
KRB5_PADATA_SESAME.rst
+ KRB5_PADATA_SPAKE.rst
KRB5_PADATA_SVR_REFERRAL_INFO.rst
KRB5_PADATA_TGS_REQ.rst
KRB5_PADATA_USE_SPECIFIED_KVNO.rst

119
Add-k5_buf_add_vfmt-to-k5buf-interface.patch Normal file
View File

@ -0,0 +1,119 @@
From 4705fc3c9df924b0c1de015e63f95f98eb563dd3 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 4 Jan 2018 14:35:12 -0500
Subject: [PATCH] Add k5_buf_add_vfmt to k5buf interface
(cherry picked from commit f05766469efc2a055085c0bcf9d40c4cdf47fe36)
---
src/include/k5-buf.h | 8 ++++++++
src/util/support/k5buf.c | 26 +++++++++++++++-----------
src/util/support/libkrb5support-fixed.exports | 1 +
3 files changed, 24 insertions(+), 11 deletions(-)
diff --git a/src/include/k5-buf.h b/src/include/k5-buf.h
index f3207bd09..1223916a6 100644
--- a/src/include/k5-buf.h
+++ b/src/include/k5-buf.h
@@ -76,6 +76,14 @@ void k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
#endif
;
+/* Add sprintf-style formatted data to BUF, with a va_list. The value of ap is
+ * undefined after the call. */
+void k5_buf_add_vfmt(struct k5buf *buf, const char *fmt, va_list ap)
+#if !defined(__cplusplus) && (__GNUC__ > 2)
+ __attribute__((__format__(__printf__, 2, 0)))
+#endif
+ ;
+
/* Extend the length of buf by len and return a pointer to the reserved space,
* to be filled in by the caller. Return NULL on error. */
void *k5_buf_get_space(struct k5buf *buf, size_t len);
diff --git a/src/util/support/k5buf.c b/src/util/support/k5buf.c
index f619f6a48..35978f238 100644
--- a/src/util/support/k5buf.c
+++ b/src/util/support/k5buf.c
@@ -141,9 +141,9 @@ k5_buf_add_len(struct k5buf *buf, const void *data, size_t len)
}
void
-k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
+k5_buf_add_vfmt(struct k5buf *buf, const char *fmt, va_list ap)
{
- va_list ap;
+ va_list apcopy;
int r;
size_t remaining;
char *tmp;
@@ -154,9 +154,7 @@ k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
if (buf->buftype == K5BUF_FIXED) {
/* Format the data directly into the fixed buffer. */
- va_start(ap, fmt);
r = vsnprintf(endptr(buf), remaining, fmt, ap);
- va_end(ap);
if (SNPRINTF_OVERFLOW(r, remaining))
set_error(buf);
else
@@ -166,9 +164,9 @@ k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
/* Optimistically format the data directly into the dynamic buffer. */
assert(buf->buftype == K5BUF_DYNAMIC);
- va_start(ap, fmt);
- r = vsnprintf(endptr(buf), remaining, fmt, ap);
- va_end(ap);
+ va_copy(apcopy, ap);
+ r = vsnprintf(endptr(buf), remaining, fmt, apcopy);
+ va_end(apcopy);
if (!SNPRINTF_OVERFLOW(r, remaining)) {
buf->len += (unsigned int) r;
return;
@@ -179,9 +177,7 @@ k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
if (!ensure_space(buf, r))
return;
remaining = buf->space - buf->len;
- va_start(ap, fmt);
r = vsnprintf(endptr(buf), remaining, fmt, ap);
- va_end(ap);
if (SNPRINTF_OVERFLOW(r, remaining)) /* Shouldn't ever happen. */
k5_buf_free(buf);
else
@@ -191,9 +187,7 @@ k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
/* It's a pre-C99 snprintf implementation, or something else went wrong.
* Fall back to asprintf. */
- va_start(ap, fmt);
r = vasprintf(&tmp, fmt, ap);
- va_end(ap);
if (r < 0) {
k5_buf_free(buf);
return;
@@ -206,6 +200,16 @@ k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
free(tmp);
}
+void
+k5_buf_add_fmt(struct k5buf *buf, const char *fmt, ...)
+{
+ va_list ap;
+
+ va_start(ap, fmt);
+ k5_buf_add_vfmt(buf, fmt, ap);
+ va_end(ap);
+}
+
void *
k5_buf_get_space(struct k5buf *buf, size_t len)
{
diff --git a/src/util/support/libkrb5support-fixed.exports b/src/util/support/libkrb5support-fixed.exports
index 30c946e7e..cb9bf0826 100644
--- a/src/util/support/libkrb5support-fixed.exports
+++ b/src/util/support/libkrb5support-fixed.exports
@@ -6,6 +6,7 @@ k5_buf_init_dynamic
k5_buf_add
k5_buf_add_len
k5_buf_add_fmt
+k5_buf_add_vfmt
k5_buf_get_space
k5_buf_truncate
k5_buf_status

496
Add-libkrb5support-hex-functions-and-tests.patch Normal file
View File

@ -0,0 +1,496 @@
From 9fa4d4095164c09b70061fce5c31ccbd97bc7553 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 19 Feb 2018 00:51:44 -0500
Subject: [PATCH] Add libkrb5support hex functions and tests
(cherry picked from commit 720dea558da0062d3cea4385327161e62cf09a5e)
---
.gitignore | 1 +
src/include/k5-hex.h | 53 ++++++++
src/util/support/Makefile.in | 15 ++-
src/util/support/deps | 6 +
src/util/support/hex.c | 116 ++++++++++++++++++
src/util/support/libkrb5support-fixed.exports | 2 +
src/util/support/t_hex.c | 169 ++++++++++++++++++++++++++
7 files changed, 359 insertions(+), 3 deletions(-)
create mode 100644 src/include/k5-hex.h
create mode 100644 src/util/support/hex.c
create mode 100644 src/util/support/t_hex.c
diff --git a/.gitignore b/.gitignore
index c13b5e356..91c8b942e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -517,6 +517,7 @@ local.properties
/src/util/support/libkrb5support.exports
/src/util/support/t_base64
+/src/util/support/t_hex
/src/util/support/t_json
/src/util/support/t_k5buf
/src/util/support/t_path
diff --git a/src/include/k5-hex.h b/src/include/k5-hex.h
new file mode 100644
index 000000000..75bd2cb19
--- /dev/null
+++ b/src/include/k5-hex.h
@@ -0,0 +1,53 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* include/k5-hex.h - libkrb5support hex encoding/decoding declarations */
+/*
+ * Copyright (C) 2018 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef K5_HEX_H
+#define K5_HEX_H
+
+#include "k5-platform.h"
+
+/*
+ * Encode len bytes in hex, placing the result in allocated storage in
+ * *hex_out. Use uppercase hex digits if uppercase is non-zero. Return 0 on
+ * success, ENOMEM on error.
+ */
+int k5_hex_encode(const void *bytes, size_t len, int uppercase,
+ char **hex_out);
+
+/*
+ * Decode hex bytes, placing the result in allocated storage in *bytes_out and
+ * *len_out. Null-terminate the result (primarily for decoding passwords in
+ * libkdb_ldap). Return 0 on success, ENOMEM or EINVAL on error.
+ */
+int k5_hex_decode(const char *hex, uint8_t **bytes_out, size_t *len_out);
+
+#endif /* K5_HEX_H */
diff --git a/src/util/support/Makefile.in b/src/util/support/Makefile.in
index 58ac2e333..caaf15822 100644
--- a/src/util/support/Makefile.in
+++ b/src/util/support/Makefile.in
@@ -82,6 +82,7 @@ STLIBOBJS= \
path.o \
base64.o \
json.o \
+ hex.o \
bcmp.o \
strerror_r.o \
$(GETTIMEOFDAY_ST_OBJ) \
@@ -107,6 +108,7 @@ LIBOBJS= \
$(OUTPRE)path.$(OBJEXT) \
$(OUTPRE)base64.$(OBJEXT) \
$(OUTPRE)json.$(OBJEXT) \
+ $(OUTPRE)hex.$(OBJEXT) \
$(OUTPRE)bcmp.$(OBJEXT) \
$(OUTPRE)strerror_r.$(OBJEXT) \
$(GETTIMEOFDAY_OBJ) \
@@ -137,10 +139,12 @@ SRCS=\
$(srcdir)/t_unal.c \
$(srcdir)/t_path.c \
$(srcdir)/t_json.c \
+ $(srcdir)/t_hex.c \
$(srcdir)/zap.c \
$(srcdir)/path.c \
$(srcdir)/base64.c \
$(srcdir)/json.c \
+ $(srcdir)/hex.c \
$(srcdir)/bcmp.c \
$(srcdir)/strerror_r.c \
$(srcdir)/t_utf8.c \
@@ -216,6 +220,9 @@ T_JSON_OBJS= t_json.o json.o base64.o k5buf.o $(PRINTF_ST_OBJ)
t_json: $(T_JSON_OBJS)
$(CC_LINK) -o $@ $(T_JSON_OBJS)
+t_hex: t_hex.o hex.o
+ $(CC_LINK) -o $@ t_hex.o hex.o
+
t_unal: t_unal.o
$(CC_LINK) -o t_unal t_unal.o
@@ -227,7 +234,8 @@ T_UTF16_OBJS= t_utf16.o utf8_conv.o utf8.o k5buf.o $(PRINTF_ST_OBJ)
t_utf16: $(T_UTF16_OBJS)
$(CC_LINK) -o $@ $(T_UTF16_OBJS)
-TEST_PROGS= t_k5buf t_path t_path_win t_base64 t_json t_unal t_utf8 t_utf16
+TEST_PROGS= t_k5buf t_path t_path_win t_base64 t_json t_hex t_unal t_utf8 \
+ t_utf16
check-unix: $(TEST_PROGS)
./t_k5buf
@@ -235,6 +243,7 @@ check-unix: $(TEST_PROGS)
./t_path_win
./t_base64
./t_json
+ ./t_hex
./t_unal
./t_utf8
./t_utf16
@@ -242,8 +251,8 @@ check-unix: $(TEST_PROGS)
clean:
$(RM) t_k5buf.o t_k5buf t_unal.o t_unal path_win.o path_win
$(RM) t_path_win.o t_path_win t_path.o t_path t_base64.o t_base64
- $(RM) t_json.o t_json libkrb5support.exports t_utf8.o t_utf8
- $(RM) t_utf16.o t_utf16
+ $(RM) t_json.o t_json t_hex.o t_hex libkrb5support.exports
+ $(RM) t_utf8.o t_utf8 t_utf16.o t_utf16
@lib_frag@
@libobj_frag@
diff --git a/src/util/support/deps b/src/util/support/deps
index 34d8a884b..80e9a1c58 100644
--- a/src/util/support/deps
+++ b/src/util/support/deps
@@ -63,6 +63,9 @@ t_path.so t_path.po $(OUTPRE)t_path.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
t_path.c
t_json.so t_json.po $(OUTPRE)t_json.$(OBJEXT): $(top_srcdir)/include/k5-json.h \
t_json.c
+t_hex.so t_hex.po $(OUTPRE)t_hex.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-thread.h t_hex.c
zap.so zap.po $(OUTPRE)zap.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \
zap.c
@@ -76,6 +79,9 @@ json.so json.po $(OUTPRE)json.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/k5-base64.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-json.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-thread.h json.c
+hex.so hex.po $(OUTPRE)hex.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-thread.h hex.c
bcmp.so bcmp.po $(OUTPRE)bcmp.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \
bcmp.c
diff --git a/src/util/support/hex.c b/src/util/support/hex.c
new file mode 100644
index 000000000..4407ff9ff
--- /dev/null
+++ b/src/util/support/hex.c
@@ -0,0 +1,116 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* util/support/hex.c - hex encoding/decoding implementation */
+/*
+ * Copyright (C) 2018 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <k5-platform.h>
+#include <k5-hex.h>
+#include <ctype.h>
+
+static inline char
+hex_digit(uint8_t bval, int uppercase)
+{
+ assert(bval >= 0 && bval <= 0xF);
+ if (bval < 10)
+ return '0' + bval;
+ else if (uppercase)
+ return 'A' + (bval - 10);
+ else
+ return 'a' + (bval - 10);
+}
+
+int
+k5_hex_encode(const void *bytes, size_t len, int uppercase, char **hex_out)
+{
+ size_t i;
+ const uint8_t *p = bytes;
+ char *hex;
+
+ *hex_out = NULL;
+
+ hex = malloc(len * 2 + 1);
+ if (hex == NULL)
+ return ENOMEM;
+
+ for (i = 0; i < len; i++) {
+ hex[i * 2] = hex_digit(p[i] >> 4, uppercase);
+ hex[i * 2 + 1] = hex_digit(p[i] & 0xF, uppercase);
+ }
+ hex[len * 2] = '\0';
+
+ *hex_out = hex;
+ return 0;
+}
+
+/* Decode a hex digit. Return 0-15 on success, -1 on invalid input. */
+static inline int
+decode_hexchar(unsigned char c)
+{
+ if (isdigit(c))
+ return c - '0';
+ if (c >= 'A' && c <= 'F')
+ return c - 'A' + 10;
+ if (c >= 'a' && c <= 'f')
+ return c - 'a' + 10;
+ return -1;
+}
+
+int
+k5_hex_decode(const char *hex, uint8_t **bytes_out, size_t *len_out)
+{
+ size_t hexlen, i;
+ int h1, h2;
+ uint8_t *bytes;
+
+ *bytes_out = NULL;
+ *len_out = 0;
+
+ hexlen = strlen(hex);
+ if (hexlen % 2 != 0)
+ return EINVAL;
+ bytes = malloc(hexlen / 2 + 1);
+ if (bytes == NULL)
+ return ENOMEM;
+
+ for (i = 0; i < hexlen / 2; i++) {
+ h1 = decode_hexchar(hex[i * 2]);
+ h2 = decode_hexchar(hex[i * 2 + 1]);
+ if (h1 == -1 || h2 == -1) {
+ free(bytes);
+ return EINVAL;
+ }
+ bytes[i] = h1 * 16 + h2;
+ }
+ bytes[i] = 0;
+
+ *bytes_out = bytes;
+ *len_out = hexlen / 2;
+ return 0;
+}
diff --git a/src/util/support/libkrb5support-fixed.exports b/src/util/support/libkrb5support-fixed.exports
index fd74a1897..30c946e7e 100644
--- a/src/util/support/libkrb5support-fixed.exports
+++ b/src/util/support/libkrb5support-fixed.exports
@@ -16,6 +16,8 @@ k5_get_error
k5_free_error
k5_clear_error
k5_set_error_info_callout_fn
+k5_hex_decode
+k5_hex_encode
k5_json_array_add
k5_json_array_create
k5_json_array_fmt
diff --git a/src/util/support/t_hex.c b/src/util/support/t_hex.c
new file mode 100644
index 000000000..a586a1bc8
--- /dev/null
+++ b/src/util/support/t_hex.c
@@ -0,0 +1,169 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* util/support/t_hex.c - Test hex encoding and decoding */
+/*
+ * Copyright (C) 2018 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <k5-platform.h>
+#include <k5-hex.h>
+
+struct {
+ const char *hex;
+ const char *binary;
+ size_t binary_len;
+ int uppercase;
+} tests[] = {
+ /* Invalid hex strings */
+ { "1" },
+ { "123" },
+ { "0/" },
+ { "/0" },
+ { "0:" },
+ { ":0" },
+ { "0@" },
+ { "@0" },
+ { "0G" },
+ { "G0" },
+ { "0`" },
+ { "`0" },
+ { "0g" },
+ { "g0" },
+ { " 00 " },
+ { "0\x01" },
+
+ { "", "", 0 },
+ { "00", "\x00", 1 },
+ { "01", "\x01", 1 },
+ { "10", "\x10", 1 },
+ { "01ff", "\x01\xFF", 2 },
+ { "A0B0C0", "\xA0\xB0\xC0", 3, 1 },
+ { "1a2b3c4d5e6f", "\x1A\x2B\x3C\x4D\x5E\x6F", 6 },
+ { "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+ "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
+ "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF", 32 },
+
+ /* All byte values, lowercase */
+ { "0001020304050607", "\x00\x01\x02\x03\x04\x05\x06\x07", 8 },
+ { "08090a0b0c0d0e0f", "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 8 },
+ { "1011121314151617", "\x10\x11\x12\x13\x14\x15\x16\x17", 8 },
+ { "18191a1b1c1d1e1f", "\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 8 },
+ { "2021222324252627", "\x20\x21\x22\x23\x24\x25\x26\x27", 8 },
+ { "28292a2b2c2d2e2f", "\x28\x29\x2A\x2B\x2C\x2D\x2E\x2F", 8 },
+ { "3031323334353637", "\x30\x31\x32\x33\x34\x35\x36\x37", 8 },
+ { "38393a3b3c3d3e3f", "\x38\x39\x3A\x3B\x3C\x3D\x3E\x3F", 8 },
+ { "4041424344454647", "\x40\x41\x42\x43\x44\x45\x46\x47", 8 },
+ { "48494a4b4c4d4e4f", "\x48\x49\x4A\x4B\x4C\x4D\x4E\x4F", 8 },
+ { "5051525354555657", "\x50\x51\x52\x53\x54\x55\x56\x57", 8 },
+ { "58595a5b5c5d5e5f", "\x58\x59\x5A\x5B\x5C\x5D\x5E\x5F", 8 },
+ { "6061626364656667", "\x60\x61\x62\x63\x64\x65\x66\x67", 8 },
+ { "68696a6b6c6d6e6f", "\x68\x69\x6A\x6B\x6C\x6D\x6E\x6F", 8 },
+ { "7071727374757677", "\x70\x71\x72\x73\x74\x75\x76\x77", 8 },
+ { "78797a7b7c7d7e7f", "\x78\x79\x7A\x7B\x7C\x7D\x7E\x7F", 8 },
+ { "8081828384858687", "\x80\x81\x82\x83\x84\x85\x86\x87", 8 },
+ { "88898a8b8c8d8e8f", "\x88\x89\x8A\x8B\x8C\x8D\x8E\x8F", 8 },
+ { "9091929394959697", "\x90\x91\x92\x93\x94\x95\x96\x97", 8 },
+ { "98999a9b9c9d9e9f", "\x98\x99\x9A\x9B\x9C\x9D\x9E\x9F", 8 },
+ { "a0a1a2a3a4a5a6a7", "\xA0\xA1\xA2\xA3\xA4\xA5\xA6\xA7", 8 },
+ { "a8a9aaabacadaeaf", "\xA8\xA9\xAA\xAB\xAC\xAD\xAE\xAF", 8 },
+ { "b0b1b2b3b4b5b6b7", "\xB0\xB1\xB2\xB3\xB4\xB5\xB6\xB7", 8 },
+ { "b8b9babbbcbdbebf", "\xB8\xB9\xBA\xBB\xBC\xBD\xBE\xBF", 8 },
+ { "c0c1c2c3c4c5c6c7", "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7", 8 },
+ { "c8c9cacbcccdcecf", "\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF", 8 },
+ { "d0d1d2d3d4d5d6d7", "\xD0\xD1\xD2\xD3\xD4\xD5\xD6\xD7", 8 },
+ { "d8d9dadbdcdddedf", "\xD8\xD9\xDA\xDB\xDC\xDD\xDE\xDF", 8 },
+ { "e0e1e2e3e4e5e6e7", "\xE0\xE1\xE2\xE3\xE4\xE5\xE6\xE7", 8 },
+ { "e8e9eaebecedeeef", "\xE8\xE9\xEA\xEB\xEC\xED\xEE\xEF", 8 },
+ { "f0f1f2f3f4f5f6f7", "\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7", 8 },
+ { "f8f9fafbfcfdfeff", "\xF8\xF9\xFA\xFB\xFC\xFD\xFE\xFF", 8 },
+
+ /* All byte values, uppercase */
+ { "0001020304050607", "\x00\x01\x02\x03\x04\x05\x06\x07", 8, 1 },
+ { "08090A0B0C0D0E0F", "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 8, 1 },
+ { "1011121314151617", "\x10\x11\x12\x13\x14\x15\x16\x17", 8, 1 },
+ { "18191A1B1C1D1E1F", "\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 8, 1 },
+ { "2021222324252627", "\x20\x21\x22\x23\x24\x25\x26\x27", 8, 1 },
+ { "28292A2B2C2D2E2F", "\x28\x29\x2A\x2B\x2C\x2D\x2E\x2F", 8, 1 },
+ { "3031323334353637", "\x30\x31\x32\x33\x34\x35\x36\x37", 8, 1 },
+ { "38393A3B3C3D3E3F", "\x38\x39\x3A\x3B\x3C\x3D\x3E\x3F", 8, 1 },
+ { "4041424344454647", "\x40\x41\x42\x43\x44\x45\x46\x47", 8, 1 },
+ { "48494A4B4C4D4E4F", "\x48\x49\x4A\x4B\x4C\x4D\x4E\x4F", 8, 1 },
+ { "5051525354555657", "\x50\x51\x52\x53\x54\x55\x56\x57", 8, 1 },
+ { "58595A5B5C5D5E5F", "\x58\x59\x5A\x5B\x5C\x5D\x5E\x5F", 8, 1 },
+ { "6061626364656667", "\x60\x61\x62\x63\x64\x65\x66\x67", 8, 1 },
+ { "68696A6B6C6D6E6F", "\x68\x69\x6A\x6B\x6C\x6D\x6E\x6F", 8, 1 },
+ { "7071727374757677", "\x70\x71\x72\x73\x74\x75\x76\x77", 8, 1 },
+ { "78797A7B7C7D7E7F", "\x78\x79\x7A\x7B\x7C\x7D\x7E\x7F", 8, 1 },
+ { "8081828384858687", "\x80\x81\x82\x83\x84\x85\x86\x87", 8, 1 },
+ { "88898A8B8C8D8E8F", "\x88\x89\x8A\x8B\x8C\x8D\x8E\x8F", 8, 1 },
+ { "9091929394959697", "\x90\x91\x92\x93\x94\x95\x96\x97", 8, 1 },
+ { "98999A9B9C9D9E9F", "\x98\x99\x9A\x9B\x9C\x9D\x9E\x9F", 8, 1 },
+ { "A0A1A2A3A4A5A6A7", "\xA0\xA1\xA2\xA3\xA4\xA5\xA6\xA7", 8, 1 },
+ { "A8A9AAABACADAEAF", "\xA8\xA9\xAA\xAB\xAC\xAD\xAE\xAF", 8, 1 },
+ { "B0B1B2B3B4B5B6B7", "\xB0\xB1\xB2\xB3\xB4\xB5\xB6\xB7", 8, 1 },
+ { "B8B9BABBBCBDBEBF", "\xB8\xB9\xBA\xBB\xBC\xBD\xBE\xBF", 8, 1 },
+ { "C0C1C2C3C4C5C6C7", "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7", 8, 1 },
+ { "C8C9CACBCCCDCECF", "\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF", 8, 1 },
+ { "D0D1D2D3D4D5D6D7", "\xD0\xD1\xD2\xD3\xD4\xD5\xD6\xD7", 8, 1 },
+ { "D8D9DADBDCDDDEDF", "\xD8\xD9\xDA\xDB\xDC\xDD\xDE\xDF", 8, 1 },
+ { "E0E1E2E3E4E5E6E7", "\xE0\xE1\xE2\xE3\xE4\xE5\xE6\xE7", 8, 1 },
+ { "E8E9EAEBECEDEEEF", "\xE8\xE9\xEA\xEB\xEC\xED\xEE\xEF", 8, 1 },
+ { "F0F1F2F3F4F5F6F7", "\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7", 8, 1 },
+ { "F8F9FAFBFCFDFEFF", "\xF8\xF9\xFA\xFB\xFC\xFD\xFE\xFF", 8, 1 },
+};
+
+int main()
+{
+ size_t i;
+ char *hex;
+ int ret;
+ uint8_t *bytes;
+ size_t len;
+
+ for (i = 0; i < sizeof(tests) / sizeof(*tests); i++) {
+ if (tests[i].binary == NULL) {
+ ret = k5_hex_decode(tests[i].hex, &bytes, &len);
+ assert(ret == EINVAL && bytes == NULL && len == 0);
+ continue;
+ }
+
+ ret = k5_hex_decode(tests[i].hex, &bytes, &len);
+ assert(ret == 0);
+ assert(len == tests[i].binary_len);
+ assert(memcmp(bytes, tests[i].binary, len) == 0);
+ assert(bytes[len] == 0);
+ free(bytes);
+
+ ret = k5_hex_encode((uint8_t *)tests[i].binary, tests[i].binary_len,
+ tests[i].uppercase, &hex);
+ assert(ret == 0);
+ assert(strcmp(tests[i].hex, hex) == 0);
+ free(hex);
+ }
+ return 0;
+}

106
Add-vector-support-to-k5_sha256.patch Normal file
View File

@ -0,0 +1,106 @@
From 73fe8ea67105a4e056c82a0593dad8e6820f05d4 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Sat, 3 Feb 2018 20:53:42 -0500
Subject: [PATCH] Add vector support to k5_sha256()
Add a length argument so that multiple krb5_data values can be passed
to k5_sha256(), for efficient computation of SHA-256 hashes over
concatenations of data values.
(cherry picked from commit 4f3373e8c55b3e9bdfb5b065e07214c5816c85fa)
---
src/include/k5-int.h | 4 ++--
src/lib/crypto/builtin/sha2/sha256.c | 6 ++++--
src/lib/crypto/crypto_tests/t_sha2.c | 2 +-
src/lib/crypto/openssl/sha256.c | 6 ++++--
src/lib/krb5/rcache/rc_conv.c | 2 +-
5 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 9378ae047..1c1d9783b 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -635,9 +635,9 @@ krb5int_arcfour_gsscrypt(const krb5_keyblock *keyblock, krb5_keyusage usage,
#define K5_SHA256_HASHLEN (256 / 8)
-/* Write the SHA-256 hash of in to out. */
+/* Write the SHA-256 hash of in (containing n elements) to out. */
krb5_error_code
-k5_sha256(const krb5_data *in, uint8_t out[K5_SHA256_HASHLEN]);
+k5_sha256(const krb5_data *in, size_t n, uint8_t out[K5_SHA256_HASHLEN]);
/*
* Attempt to zero memory in a way that compilers won't optimize out.
diff --git a/src/lib/crypto/builtin/sha2/sha256.c b/src/lib/crypto/builtin/sha2/sha256.c
index 2b5cbe480..9a940b3f8 100644
--- a/src/lib/crypto/builtin/sha2/sha256.c
+++ b/src/lib/crypto/builtin/sha2/sha256.c
@@ -257,12 +257,14 @@ k5_sha256_final(void *res, SHA256_CTX *m)
}
krb5_error_code
-k5_sha256(const krb5_data *in, uint8_t out[K5_SHA256_HASHLEN])
+k5_sha256(const krb5_data *in, size_t n, uint8_t out[K5_SHA256_HASHLEN])
{
SHA256_CTX ctx;
+ size_t i;
k5_sha256_init(&ctx);
- k5_sha256_update(&ctx, in->data, in->length);
+ for (i = 0; i < n; i++)
+ k5_sha256_update(&ctx, in[i].data, in[i].length);
k5_sha256_final(out, &ctx);
return 0;
}
diff --git a/src/lib/crypto/crypto_tests/t_sha2.c b/src/lib/crypto/crypto_tests/t_sha2.c
index 12f32869b..e6fa58498 100644
--- a/src/lib/crypto/crypto_tests/t_sha2.c
+++ b/src/lib/crypto/crypto_tests/t_sha2.c
@@ -125,7 +125,7 @@ hash_test(const struct krb5_hash_provider *hash, struct test *tests)
if (hash == &krb5int_hash_sha256) {
/* Try again using k5_sha256(). */
- if (k5_sha256(&iov.data, (uint8_t *)hval.data) != 0)
+ if (k5_sha256(&iov.data, 1, (uint8_t *)hval.data) != 0)
abort();
if (memcmp(hval.data, t->hash, hval.length) != 0)
abort();
diff --git a/src/lib/crypto/openssl/sha256.c b/src/lib/crypto/openssl/sha256.c
index fa095d472..0edd8b7ba 100644
--- a/src/lib/crypto/openssl/sha256.c
+++ b/src/lib/crypto/openssl/sha256.c
@@ -34,16 +34,18 @@
#include <openssl/evp.h>
krb5_error_code
-k5_sha256(const krb5_data *in, uint8_t out[K5_SHA256_HASHLEN])
+k5_sha256(const krb5_data *in, size_t n, uint8_t out[K5_SHA256_HASHLEN])
{
EVP_MD_CTX *ctx;
+ size_t i;
int ok;
ctx = EVP_MD_CTX_new();
if (ctx == NULL)
return ENOMEM;
ok = EVP_DigestInit_ex(ctx, EVP_sha256(), NULL);
- ok = ok && EVP_DigestUpdate(ctx, in->data, in->length);
+ for (i = 0; i < n; i++)
+ ok = ok && EVP_DigestUpdate(ctx, in[i].data, in[i].length);
ok = ok && EVP_DigestFinal_ex(ctx, out, NULL);
EVP_MD_CTX_free(ctx);
return ok ? 0 : ENOMEM;
diff --git a/src/lib/krb5/rcache/rc_conv.c b/src/lib/krb5/rcache/rc_conv.c
index 0e021f5d8..f2fe528ac 100644
--- a/src/lib/krb5/rcache/rc_conv.c
+++ b/src/lib/krb5/rcache/rc_conv.c
@@ -58,7 +58,7 @@ krb5_rc_hash_message(krb5_context context, const krb5_data *message,
*out = NULL;
/* Calculate the binary checksum. */
- retval = k5_sha256(message, cksum);
+ retval = k5_sha256(message, 1, cksum);
if (retval)
return retval;

149
Implement-k5_buf_init_dynamic_zap.patch Normal file
View File

@ -0,0 +1,149 @@
From 7a578d56d42d12973ec17be4cffd983c57aa38c9 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 26 Mar 2018 11:12:39 -0400
Subject: [PATCH] Implement k5_buf_init_dynamic_zap
Add a variant of dynamic k5buf objects which zeroes memory when
reallocating or freeing the buffer.
(cherry picked from commit 8ee8246c14702dc03b02e31b9fb5b7c2bb674bfb)
---
src/include/k5-buf.h | 6 +++-
src/util/support/k5buf.c | 41 +++++++++++++++++++++------
src/util/support/libkrb5support-fixed.exports | 1 +
3 files changed, 39 insertions(+), 9 deletions(-)
diff --git a/src/include/k5-buf.h b/src/include/k5-buf.h
index 1223916a6..48e2a7d53 100644
--- a/src/include/k5-buf.h
+++ b/src/include/k5-buf.h
@@ -45,7 +45,7 @@
*/
/* Buffer type values */
-enum k5buftype { K5BUF_ERROR, K5BUF_FIXED, K5BUF_DYNAMIC };
+enum k5buftype { K5BUF_ERROR, K5BUF_FIXED, K5BUF_DYNAMIC, K5BUF_DYNAMIC_ZAP };
struct k5buf {
enum k5buftype buftype;
@@ -63,6 +63,10 @@ void k5_buf_init_fixed(struct k5buf *buf, char *data, size_t space);
/* Initialize a k5buf using an internally allocated dynamic buffer. */
void k5_buf_init_dynamic(struct k5buf *buf);
+/* Initialize a k5buf using an internally allocated dynamic buffer, zeroing
+ * memory when reallocating or freeing. */
+void k5_buf_init_dynamic_zap(struct k5buf *buf);
+
/* Add a C string to BUF. */
void k5_buf_add(struct k5buf *buf, const char *data);
diff --git a/src/util/support/k5buf.c b/src/util/support/k5buf.c
index 35978f238..b2b5e5b67 100644
--- a/src/util/support/k5buf.c
+++ b/src/util/support/k5buf.c
@@ -37,7 +37,7 @@
/*
* Structure invariants:
*
- * buftype is K5BUF_FIXED, K5BUF_DYNAMIC, or K5BUF_ERROR
+ * buftype is K5BUF_FIXED, K5BUF_DYNAMIC, K5BUF_DYNAMIC_ZAP, or K5BUF_ERROR
* if buftype is K5BUF_ERROR, the other fields are NULL or 0
* if buftype is not K5BUF_ERROR:
* space > 0
@@ -77,22 +77,35 @@ ensure_space(struct k5buf *buf, size_t len)
return 1;
if (buf->buftype == K5BUF_FIXED) /* Can't resize a fixed buffer. */
goto error_exit;
- assert(buf->buftype == K5BUF_DYNAMIC);
+ assert(buf->buftype == K5BUF_DYNAMIC || buf->buftype == K5BUF_DYNAMIC_ZAP);
new_space = buf->space * 2;
while (new_space - buf->len - 1 < len) {
if (new_space > SIZE_MAX / 2)
goto error_exit;
new_space *= 2;
}
- new_data = realloc(buf->data, new_space);
- if (new_data == NULL)
- goto error_exit;
+ if (buf->buftype == K5BUF_DYNAMIC_ZAP) {
+ /* realloc() could leave behind a partial copy of sensitive data. */
+ new_data = malloc(new_space);
+ if (new_data == NULL)
+ goto error_exit;
+ memcpy(new_data, buf->data, buf->len);
+ new_data[buf->len] = '\0';
+ zap(buf->data, buf->len);
+ free(buf->data);
+ } else {
+ new_data = realloc(buf->data, new_space);
+ if (new_data == NULL)
+ goto error_exit;
+ }
buf->data = new_data;
buf->space = new_space;
return 1;
error_exit:
- if (buf->buftype == K5BUF_DYNAMIC)
+ if (buf->buftype == K5BUF_DYNAMIC_ZAP)
+ zap(buf->data, buf->len);
+ if (buf->buftype == K5BUF_DYNAMIC_ZAP || buf->buftype == K5BUF_DYNAMIC)
free(buf->data);
set_error(buf);
return 0;
@@ -123,6 +136,14 @@ k5_buf_init_dynamic(struct k5buf *buf)
*endptr(buf) = '\0';
}
+void
+k5_buf_init_dynamic_zap(struct k5buf *buf)
+{
+ k5_buf_init_dynamic(buf);
+ if (buf->buftype == K5BUF_DYNAMIC)
+ buf->buftype = K5BUF_DYNAMIC_ZAP;
+}
+
void
k5_buf_add(struct k5buf *buf, const char *data)
{
@@ -163,7 +184,7 @@ k5_buf_add_vfmt(struct k5buf *buf, const char *fmt, va_list ap)
}
/* Optimistically format the data directly into the dynamic buffer. */
- assert(buf->buftype == K5BUF_DYNAMIC);
+ assert(buf->buftype == K5BUF_DYNAMIC || buf->buftype == K5BUF_DYNAMIC_ZAP);
va_copy(apcopy, ap);
r = vsnprintf(endptr(buf), remaining, fmt, apcopy);
va_end(apcopy);
@@ -197,6 +218,8 @@ k5_buf_add_vfmt(struct k5buf *buf, const char *fmt, va_list ap)
memcpy(endptr(buf), tmp, r + 1);
buf->len += r;
}
+ if (buf->buftype == K5BUF_DYNAMIC_ZAP)
+ zap(tmp, strlen(tmp));
free(tmp);
}
@@ -241,7 +264,9 @@ k5_buf_free(struct k5buf *buf)
{
if (buf->buftype == K5BUF_ERROR)
return;
- assert(buf->buftype == K5BUF_DYNAMIC);
+ assert(buf->buftype == K5BUF_DYNAMIC || buf->buftype == K5BUF_DYNAMIC_ZAP);
+ if (buf->buftype == K5BUF_DYNAMIC_ZAP)
+ zap(buf->data, buf->len);
free(buf->data);
set_error(buf);
}
diff --git a/src/util/support/libkrb5support-fixed.exports b/src/util/support/libkrb5support-fixed.exports
index cb9bf0826..a5e2ade04 100644
--- a/src/util/support/libkrb5support-fixed.exports
+++ b/src/util/support/libkrb5support-fixed.exports
@@ -3,6 +3,7 @@ k5_base64_encode
k5_bcmp
k5_buf_init_fixed
k5_buf_init_dynamic
+k5_buf_init_dynamic_zap
k5_buf_add
k5_buf_add_len
k5_buf_add_fmt

151
Move-zap-definition-to-k5-platform.h.patch Normal file
View File

@ -0,0 +1,151 @@
From 5824de8b471d132ed58eece98c614c56c7b0d48d Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 26 Mar 2018 10:54:29 -0400
Subject: [PATCH] Move zap() definition to k5-platform.h
Make it possible to use zap() in parts of the code which should not
include k5-int.h by moving its definition to k5-platform.h.
(cherry picked from commit df6bef6f9ea6a5f6f3956a2988cd658c78aae817)
---
src/include/k5-int.h | 45 ---------------------------------------------
src/include/k5-platform.h | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
src/util/support/zap.c | 4 ++--
3 files changed, 48 insertions(+), 48 deletions(-)
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 1c1d9783b..69b81a7f7 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -639,51 +639,6 @@ krb5int_arcfour_gsscrypt(const krb5_keyblock *keyblock, krb5_keyusage usage,
krb5_error_code
k5_sha256(const krb5_data *in, size_t n, uint8_t out[K5_SHA256_HASHLEN]);
-/*
- * Attempt to zero memory in a way that compilers won't optimize out.
- *
- * This mechanism should work even for heap storage about to be freed,
- * or automatic storage right before we return from a function.
- *
- * Then, even if we leak uninitialized memory someplace, or UNIX
- * "core" files get created with world-read access, some of the most
- * sensitive data in the process memory will already be safely wiped.
- *
- * We're not going so far -- yet -- as to try to protect key data that
- * may have been written into swap space....
- */
-#ifdef _WIN32
-# define zap(ptr, len) SecureZeroMemory(ptr, len)
-#elif defined(__STDC_LIB_EXT1__)
-/*
- * Use memset_s() which cannot be optimized out. Avoid memset_s(NULL, 0, 0, 0)
- * which would cause a runtime constraint violation.
- */
-static inline void zap(void *ptr, size_t len)
-{
- if (len > 0)
- memset_s(ptr, len, 0, len);
-}
-#elif defined(__GNUC__) || defined(__clang__)
-/*
- * Use an asm statement which declares a memory clobber to force the memset to
- * be carried out. Avoid memset(NULL, 0, 0) which has undefined behavior.
- */
-static inline void zap(void *ptr, size_t len)
-{
- if (len > 0)
- memset(ptr, 0, len);
- __asm__ __volatile__("" : : "r" (ptr) : "memory");
-}
-#else
-/*
- * Use a function from libkrb5support to defeat inlining unless link-time
- * optimization is used. The function uses a volatile pointer, which prevents
- * current compilers from optimizing out the memset.
- */
-# define zap(ptr, len) krb5int_zap(ptr, len)
-#endif
-
/* Convenience function: zap and free ptr if it is non-NULL. */
static inline void
zapfree(void *ptr, size_t len)
diff --git a/src/include/k5-platform.h b/src/include/k5-platform.h
index 548c0486d..07ef6a4ca 100644
--- a/src/include/k5-platform.h
+++ b/src/include/k5-platform.h
@@ -40,7 +40,7 @@
* + [v]asprintf
* + strerror_r
* + mkstemp
- * + zap (support function; macro is in k5-int.h)
+ * + zap (support function and macro)
* + constant time memory comparison
* + path manipulation
* + _, N_, dgettext, bindtextdomain (for localization)
@@ -1022,6 +1022,51 @@ extern int krb5int_gettimeofday(struct timeval *tp, void *ignore);
#define gettimeofday krb5int_gettimeofday
#endif
+/*
+ * Attempt to zero memory in a way that compilers won't optimize out.
+ *
+ * This mechanism should work even for heap storage about to be freed,
+ * or automatic storage right before we return from a function.
+ *
+ * Then, even if we leak uninitialized memory someplace, or UNIX
+ * "core" files get created with world-read access, some of the most
+ * sensitive data in the process memory will already be safely wiped.
+ *
+ * We're not going so far -- yet -- as to try to protect key data that
+ * may have been written into swap space....
+ */
+#ifdef _WIN32
+# define zap(ptr, len) SecureZeroMemory(ptr, len)
+#elif defined(__STDC_LIB_EXT1__)
+/*
+ * Use memset_s() which cannot be optimized out. Avoid memset_s(NULL, 0, 0, 0)
+ * which would cause a runtime constraint violation.
+ */
+static inline void zap(void *ptr, size_t len)
+{
+ if (len > 0)
+ memset_s(ptr, len, 0, len);
+}
+#elif defined(__GNUC__) || defined(__clang__)
+/*
+ * Use an asm statement which declares a memory clobber to force the memset to
+ * be carried out. Avoid memset(NULL, 0, 0) which has undefined behavior.
+ */
+static inline void zap(void *ptr, size_t len)
+{
+ if (len > 0)
+ memset(ptr, 0, len);
+ __asm__ __volatile__("" : : "r" (ptr) : "memory");
+}
+#else
+/*
+ * Use a function from libkrb5support to defeat inlining unless link-time
+ * optimization is used. The function uses a volatile pointer, which prevents
+ * current compilers from optimizing out the memset.
+ */
+# define zap(ptr, len) krb5int_zap(ptr, len)
+#endif
+
extern void krb5int_zap(void *ptr, size_t len);
/*
diff --git a/src/util/support/zap.c b/src/util/support/zap.c
index ed31630db..2f6cdd70e 100644
--- a/src/util/support/zap.c
+++ b/src/util/support/zap.c
@@ -25,8 +25,8 @@
*/
/*
- * krb5int_zap() is used by zap() (a static inline function defined in
- * k5-int.h) on non-Windows, non-gcc compilers, in order to prevent the
+ * krb5int_zap() is used by zap() (a macro or static inline function defined in
+ * k5-platform.h) on non-Windows, non-gcc compilers, in order to prevent the
* compiler from inlining and optimizing out the memset() call.
*/

62
Use-k5_buf_init_dynamic_zap-where-appropriate.patch Normal file
View File

@ -0,0 +1,62 @@
From 9168f0c02a066543a8d03c60e4f05d5f4073f373 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 26 Mar 2018 11:24:49 -0400
Subject: [PATCH] Use k5_buf_init_dynamic_zap where appropriate
(cherry picked from commit 9172599008f3a6790d4a9a67acff58049742dcb6)
---
src/lib/krb5/ccache/cc_file.c | 4 ++--
src/lib/krb5/ccache/cc_keyring.c | 2 +-
src/util/support/utf8_conv.c | 4 +++-
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c
index 6789c09e1..9263a0054 100644
--- a/src/lib/krb5/ccache/cc_file.c
+++ b/src/lib/krb5/ccache/cc_file.c
@@ -758,7 +758,7 @@ fcc_next_cred(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor,
memset(creds, 0, sizeof(*creds));
k5_cc_mutex_lock(context, &data->lock);
- k5_buf_init_dynamic(&buf);
+ k5_buf_init_dynamic_zap(&buf);
ret = krb5_lock_file(context, fileno(fcursor->fp), KRB5_LOCKMODE_SHARED);
if (ret)
@@ -982,7 +982,7 @@ fcc_store(krb5_context context, krb5_ccache id, krb5_creds *creds)
goto cleanup;
/* Marshal the cred and write it to the file with a single append write. */
- k5_buf_init_dynamic(&buf);
+ k5_buf_init_dynamic_zap(&buf);
k5_marshal_cred(&buf, version, creds);
ret = k5_buf_status(&buf);
if (ret)
diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
index fba710b1b..8419f6ebf 100644
--- a/src/lib/krb5/ccache/cc_keyring.c
+++ b/src/lib/krb5/ccache/cc_keyring.c
@@ -1295,7 +1295,7 @@ krcc_store(krb5_context context, krb5_ccache id, krb5_creds *creds)
goto errout;
/* Serialize credential using the file ccache version 4 format. */
- k5_buf_init_dynamic(&buf);
+ k5_buf_init_dynamic_zap(&buf);
k5_marshal_cred(&buf, 4, creds);
ret = k5_buf_status(&buf);
if (ret)
diff --git a/src/util/support/utf8_conv.c b/src/util/support/utf8_conv.c
index 5cfc2c512..08cef4168 100644
--- a/src/util/support/utf8_conv.c
+++ b/src/util/support/utf8_conv.c
@@ -99,7 +99,9 @@ k5_utf8_to_utf16le(const char *utf8, uint8_t **utf16_out, size_t *nbytes_out)
*utf16_out = NULL;
*nbytes_out = 0;
- k5_buf_init_dynamic(&buf);
+ /* UTF-16 conversion is used for RC4 string-to-key, so treat this data as
+ * sensitive. */
+ k5_buf_init_dynamic_zap(&buf);
/* Examine next UTF-8 character. */
while (*utf8 != '\0') {

869
Use-libkrb5support-hex-functions-where-appropriate.patch Normal file
View File

@ -0,0 +1,869 @@
From a77bccb3fd953ae5800768efc0fb4a13753cb785 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 19 Feb 2018 00:52:35 -0500
Subject: [PATCH] Use libkrb5support hex functions where appropriate
(cherry picked from commit b0c700608be7455041a8afc0e4502e8783ee7f30)
---
src/kadmin/dbutil/deps | 16 +++---
src/kadmin/dbutil/tabdump.c | 19 +++----
src/kadmin/ktutil/deps | 13 +++--
src/kadmin/ktutil/ktutil_funcs.c | 30 ++++------
src/lib/crypto/crypto_tests/deps | 39 +++++++------
src/lib/crypto/crypto_tests/t_cksum.c | 35 +++---------
src/lib/crypto/crypto_tests/t_crc.c | 28 ++--------
src/lib/crypto/crypto_tests/t_hmac.c | 34 +++++------
src/plugins/kdb/ldap/ldap_util/deps | 18 +++---
.../kdb/ldap/ldap_util/kdb5_ldap_services.c | 32 ++++-------
.../kdb/ldap/ldap_util/kdb5_ldap_services.h | 2 -
src/plugins/kdb/ldap/libkdb_ldap/deps | 19 ++++---
.../kdb/ldap/libkdb_ldap/ldap_service_stash.c | 65 +++-------------------
.../kdb/ldap/libkdb_ldap/ldap_service_stash.h | 3 -
.../kdb/ldap/libkdb_ldap/libkdb_ldap.exports | 1 -
src/slave/deps | 15 ++---
src/slave/kproplog.c | 11 ++--
src/tests/gssapi/deps | 14 ++---
src/tests/gssapi/t_prf.c | 13 +++--
19 files changed, 152 insertions(+), 255 deletions(-)
diff --git a/src/kadmin/dbutil/deps b/src/kadmin/dbutil/deps
index 4dcc33628..8b0965aac 100644
--- a/src/kadmin/dbutil/deps
+++ b/src/kadmin/dbutil/deps
@@ -185,14 +185,14 @@ $(OUTPRE)tabdump.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/iprop.h \
$(top_srcdir)/include/iprop_hdr.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/kdb.h $(top_srcdir)/include/kdb_log.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h kdb5_util.h tabdump.c \
- tdumputil.h
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
+ $(top_srcdir)/include/kdb_log.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ kdb5_util.h tabdump.c tdumputil.h
$(OUTPRE)tdumputil.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
diff --git a/src/kadmin/dbutil/tabdump.c b/src/kadmin/dbutil/tabdump.c
index fb36b060a..2f313dbb0 100644
--- a/src/kadmin/dbutil/tabdump.c
+++ b/src/kadmin/dbutil/tabdump.c
@@ -32,6 +32,7 @@
#include <k5-int.h>
#include "k5-platform.h" /* for asprintf */
+#include "k5-hex.h"
#include <limits.h>
#include <stdio.h>
@@ -230,9 +231,7 @@ static int
write_data(struct rec_args *args, krb5_data *data)
{
int ret;
- char *p;
- size_t i;
- struct k5buf buf;
+ char *hex;
struct rechandle *h = args->rh;
struct tdopts *opts = args->opts;
@@ -241,17 +240,15 @@ write_data(struct rec_args *args, krb5_data *data)
return -1;
return 0;
}
- k5_buf_init_dynamic(&buf);
- p = data->data;
- for (i = 0; i < data->length; i++)
- k5_buf_add_fmt(&buf, "%02x", (unsigned char)p[i]);
- if (buf.data == NULL) {
- errno = ENOMEM;
+ ret = k5_hex_encode(data->data, data->length, FALSE, &hex);
+ if (ret) {
+ errno = ret;
return -1;
}
- ret = writefield(h, "%s", (char *)buf.data);
- k5_buf_free(&buf);
+
+ ret = writefield(h, "%s", hex);
+ free(hex);
return ret;
}
diff --git a/src/kadmin/ktutil/deps b/src/kadmin/ktutil/deps
index 4df399924..5863e63c7 100644
--- a/src/kadmin/ktutil/deps
+++ b/src/kadmin/ktutil/deps
@@ -18,9 +18,10 @@ $(OUTPRE)ktutil_funcs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h ktutil.h ktutil_funcs.c
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ ktutil.h ktutil_funcs.c
diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c
index 7a3aa0dca..5843e24b7 100644
--- a/src/kadmin/ktutil/ktutil_funcs.c
+++ b/src/kadmin/ktutil/ktutil_funcs.c
@@ -29,6 +29,7 @@
*/
#include "k5-int.h"
+#include "k5-hex.h"
#include "ktutil.h"
#include <string.h>
#include <ctype.h>
@@ -106,9 +107,8 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno,
krb5_keyblock key;
char buf[BUFSIZ];
char promptstr[1024];
-
- char *cp;
- int i, tmp;
+ uint8_t *keybytes;
+ size_t keylen;
unsigned int pwsize = BUFSIZ;
retval = krb5_parse_name(context, princ_str, &princ);
@@ -199,24 +199,18 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno,
goto cleanup;
}
- lp->entry->key.enctype = enctype;
- lp->entry->key.contents = (krb5_octet *) malloc((strlen(buf) + 1) / 2);
- if (!lp->entry->key.contents) {
- retval = ENOMEM;
+ retval = k5_hex_decode(buf, &keybytes, &keylen);
+ if (retval) {
+ if (retval == EINVAL) {
+ fprintf(stderr, _("addent: Illegal character in key.\n"));
+ retval = 0;
+ }
goto cleanup;
}
- i = 0;
- for (cp = buf; *cp; cp += 2) {
- if (!isxdigit((int) cp[0]) || !isxdigit((int) cp[1])) {
- fprintf(stderr, _("addent: Illegal character in key.\n"));
- retval = 0;
- goto cleanup;
- }
- sscanf(cp, "%02x", &tmp);
- lp->entry->key.contents[i++] = (krb5_octet) tmp;
- }
- lp->entry->key.length = i;
+ lp->entry->key.enctype = enctype;
+ lp->entry->key.contents = keybytes;
+ lp->entry->key.length = keylen;
}
lp->entry->principal = princ;
lp->entry->vno = kvno;
diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps
index bc5422a06..5d94a593d 100644
--- a/src/lib/crypto/crypto_tests/deps
+++ b/src/lib/crypto/crypto_tests/deps
@@ -73,12 +73,13 @@ $(OUTPRE)t_hmac.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
$(srcdir)/../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h t_hmac.c
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ t_hmac.c
$(OUTPRE)t_pkcs5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -143,12 +144,13 @@ $(OUTPRE)t_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h t_cksum.c
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ t_cksum.c
$(OUTPRE)t_cksums.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
@@ -165,12 +167,13 @@ $(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
$(srcdir)/../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h t_crc.c
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ t_crc.c
$(OUTPRE)t_mddriver.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
diff --git a/src/lib/crypto/crypto_tests/t_cksum.c b/src/lib/crypto/crypto_tests/t_cksum.c
index 2200fe76e..0edaeb850 100644
--- a/src/lib/crypto/crypto_tests/t_cksum.c
+++ b/src/lib/crypto/crypto_tests/t_cksum.c
@@ -27,6 +27,7 @@
/* Test checksum and checksum compatability for rsa-md[4,5]-des. */
#include "k5-int.h"
+#include "k5-hex.h"
#define MD5_K5BETA_COMPAT
#define MD4_K5BETA_COMPAT
@@ -50,29 +51,6 @@ print_checksum(char *text, int number, char *message, krb5_checksum *checksum)
printf("\n");
}
-static void
-parse_hexstring(const char *s, krb5_checksum *cksum)
-{
- size_t i, len;
- unsigned int byte;
- unsigned char *cp;
-
- len = strlen(s);
- cp = malloc(len / 2);
- cksum->contents = cp;
- if (cp == NULL) {
- cksum->length = 0;
- return;
- }
- cksum->length = len / 2;
- for (i = 0; i + 1 < len; i += 2) {
- sscanf(&s[i], "%2x", &byte);
- *cp++ = byte;
- }
- cksum->checksum_type = CKTYPE;
- cksum->magic = KV5M_CHECKSUM;
-}
-
/*
* Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES
* checksums.
@@ -86,6 +64,7 @@ main(argc, argv)
char **argv;
{
int msgindex;
+ size_t len;
krb5_boolean valid;
krb5_keyblock keyblock;
krb5_key key;
@@ -150,12 +129,14 @@ main(argc, argv)
free(checksum.contents);
/* Verify a known-good checksum for this plaintext. */
- parse_hexstring(argv[msgindex+1], &knowncksum);
- if (knowncksum.contents == NULL) {
- printf("parse_hexstring failed\n");
- kret = 1;
+ kret = k5_hex_decode(argv[msgindex + 1], &knowncksum.contents, &len);
+ if (kret) {
+ printf("k5_hex_decode failed\n");
break;
}
+ knowncksum.length = len;
+ knowncksum.checksum_type = CKTYPE;
+ knowncksum.magic = KV5M_CHECKSUM;
kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &knowncksum,
&valid);
if (kret != 0) {
diff --git a/src/lib/crypto/crypto_tests/t_crc.c b/src/lib/crypto/crypto_tests/t_crc.c
index 190773252..1a35cfba5 100644
--- a/src/lib/crypto/crypto_tests/t_crc.c
+++ b/src/lib/crypto/crypto_tests/t_crc.c
@@ -32,6 +32,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <k5-hex.h>
#include "crypto_int.h"
#define HEX 1
@@ -139,31 +140,12 @@ timetest(unsigned int nblk, unsigned int blksiz)
}
#endif
-static void gethexstr(char *data, size_t *outlen, unsigned char *outbuf,
- size_t buflen)
-{
- size_t inlen;
- char *cp, buf[3];
- long n;
-
- inlen = strlen(data);
- *outlen = 0;
- for (cp = data; (size_t) (cp - data) < inlen; cp += 2) {
- strncpy(buf, cp, 2);
- buf[2] = '\0';
- n = strtol(buf, NULL, 16);
- outbuf[(*outlen)++] = n;
- if (*outlen > buflen)
- break;
- }
-}
-
static void
verify(void)
{
unsigned int i;
struct crc_trial trial;
- unsigned char buf[4];
+ uint8_t *bytes;
size_t len;
unsigned long cksum;
char *typestr;
@@ -179,9 +161,11 @@ verify(void)
break;
case HEX:
typestr = "HEX";
- gethexstr(trial.data, &len, buf, 4);
+ if (k5_hex_decode(trial.data, &bytes, &len) != 0)
+ abort();
cksum = 0;
- mit_crc32(buf, len, &cksum);
+ mit_crc32(bytes, len, &cksum);
+ free(bytes);
break;
default:
typestr = "BOGUS";
diff --git a/src/lib/crypto/crypto_tests/t_hmac.c b/src/lib/crypto/crypto_tests/t_hmac.c
index 8961380ea..93d54828f 100644
--- a/src/lib/crypto/crypto_tests/t_hmac.c
+++ b/src/lib/crypto/crypto_tests/t_hmac.c
@@ -34,6 +34,7 @@
#include <string.h>
#include <ctype.h>
+#include <k5-hex.h>
#include "crypto_int.h"
#define ASIZE(ARRAY) (sizeof(ARRAY)/sizeof(ARRAY[0]))
@@ -136,12 +137,10 @@ static void test_hmac()
{
krb5_keyblock key;
krb5_data in, out;
- char outbuf[20];
- char stroutbuf[80];
+ char outbuf[20], *hexdigest;
krb5_error_code err;
- unsigned int i, j;
+ unsigned int i;
int lose = 0;
- struct k5buf buf;
/* RFC 2202 test vector. */
static const struct hmac_test md5tests[] = {
@@ -151,13 +150,13 @@ static void test_hmac()
0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb,
},
8, "Hi There",
- "0x9294727a3638bb1c13f48ef8158bfc9d"
+ "9294727a3638bb1c13f48ef8158bfc9d"
},
{
4, "Jefe",
28, "what do ya want for nothing?",
- "0x750c783e6ab0b503eaa86e310a5db738"
+ "750c783e6ab0b503eaa86e310a5db738"
},
{
@@ -172,7 +171,7 @@ static void test_hmac()
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
},
- "0x56be34521d144c88dbb8c733f0e8b3f6"
+ "56be34521d144c88dbb8c733f0e8b3f6"
},
{
@@ -188,7 +187,7 @@ static void test_hmac()
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
},
- "0x697eaf0aca3a3aea3a75164746ffaa79"
+ "697eaf0aca3a3aea3a75164746ffaa79"
},
{
@@ -197,7 +196,7 @@ static void test_hmac()
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
},
20, "Test With Truncation",
- "0x56461ef2342edc00f9bab995690efd4c"
+ "56461ef2342edc00f9bab995690efd4c"
},
{
@@ -212,7 +211,7 @@ static void test_hmac()
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
},
54, "Test Using Larger Than Block-Size Key - Hash Key First",
- "0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
+ "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
},
{
@@ -228,7 +227,7 @@ static void test_hmac()
},
73,
"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
- "0x6f630fad67cda0ee1fb1f562db3aa53e"
+ "6f630fad67cda0ee1fb1f562db3aa53e"
},
};
@@ -246,19 +245,16 @@ static void test_hmac()
exit(1);
}
- k5_buf_init_fixed(&buf, stroutbuf, sizeof(stroutbuf));
- k5_buf_add(&buf, "0x");
- for (j = 0; j < out.length; j++)
- k5_buf_add_fmt(&buf, "%02x", 0xff & outbuf[j]);
- if (k5_buf_status(&buf) != 0)
+ if (k5_hex_encode(out.data, out.length, FALSE, &hexdigest) != 0)
abort();
- if (strcmp(stroutbuf, md5tests[i].hexdigest)) {
+ if (strcmp(hexdigest, md5tests[i].hexdigest)) {
printf("*** CHECK FAILED!\n"
- "\tReturned: %s.\n"
- "\tExpected: %s.\n", stroutbuf, md5tests[i].hexdigest);
+ "\tReturned: 0x%s.\n"
+ "\tExpected: 0x%s.\n", hexdigest, md5tests[i].hexdigest);
lose++;
} else
printf("Matches expected result.\n");
+ free(hexdigest);
}
/* Do again with SHA-1 tests.... */
diff --git a/src/plugins/kdb/ldap/ldap_util/deps b/src/plugins/kdb/ldap/ldap_util/deps
index 75d4dd0cf..be0194c00 100644
--- a/src/plugins/kdb/ldap/ldap_util/deps
+++ b/src/plugins/kdb/ldap/ldap_util/deps
@@ -89,15 +89,15 @@ $(OUTPRE)kdb5_ldap_services.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(srcdir)/../libkdb_ldap/ldap_krbcontainer.h $(srcdir)/../libkdb_ldap/ldap_misc.h \
$(srcdir)/../libkdb_ldap/ldap_realm.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- $(top_srcdir)/lib/kdb/kdb5.h kdb5_ldap_list.h kdb5_ldap_policy.h \
- kdb5_ldap_realm.h kdb5_ldap_services.c kdb5_ldap_services.h \
- kdb5_ldap_util.h
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
+ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+ $(top_srcdir)/include/socket-utils.h $(top_srcdir)/lib/kdb/kdb5.h \
+ kdb5_ldap_list.h kdb5_ldap_policy.h kdb5_ldap_realm.h \
+ kdb5_ldap_services.c kdb5_ldap_services.h kdb5_ldap_util.h
$(OUTPRE)getdate.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \
getdate.c
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
index 3d6994c67..ce038fc3d 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
@@ -37,6 +37,7 @@
*/
#include <k5-int.h>
+#include <k5-hex.h>
#include "kdb5_ldap_util.h"
#include "kdb5_ldap_list.h"
@@ -96,11 +97,10 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
char *service_object = NULL;
char *file_name = NULL, *tmp_file = NULL;
char passwd[MAX_SERVICE_PASSWD_LEN];
- char *str = NULL;
+ char *str = NULL, *hexpasswd = NULL;
char line[MAX_LEN];
FILE *pfile = NULL;
krb5_boolean print_usage = FALSE;
- krb5_data hexpasswd = {0, 0, NULL};
mode_t old_mode = 0;
/*
@@ -183,21 +183,12 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
}
/* Convert the password to hexadecimal */
- {
- krb5_data pwd;
-
- pwd.length = passwd_len;
- pwd.data = passwd;
-
- ret = tohex(pwd, &hexpasswd);
- if (ret != 0) {
- com_err(me, ret,
- _("Failed to convert the password to hexadecimal"));
- memset(passwd, 0, passwd_len);
- goto cleanup;
- }
+ ret = k5_hex_encode(passwd, passwd_len, FALSE, &hexpasswd);
+ zap(passwd, passwd_len);
+ if (ret != 0) {
+ com_err(me, ret, _("Failed to convert the password to hexadecimal"));
+ goto cleanup;
}
- memset(passwd, 0, passwd_len);
/* TODO: file lock for the service password file */
@@ -225,7 +216,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
if (str == NULL) {
if (feof(pfile)) {
/* If the service object dn is not present in the service password file */
- if (fprintf(pfile, "%s#{HEX}%s\n", service_object, hexpasswd.data) < 0) {
+ if (fprintf(pfile, "%s#{HEX}%s\n", service_object, hexpasswd) < 0) {
com_err(me, errno,
_("Failed to write service object password to file"));
fclose(pfile);
@@ -277,7 +268,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
while (fgets(line, MAX_LEN, pfile) != NULL) {
if (((str = strstr(line, service_object)) != NULL) &&
(line[strlen(service_object)] == '#')) {
- if (fprintf(newfile, "%s#{HEX}%s\n", service_object, hexpasswd.data) < 0) {
+ if (fprintf(newfile, "%s#{HEX}%s\n", service_object, hexpasswd) < 0) {
com_err(me, errno, _("Failed to write service object "
"password to file"));
fclose(newfile);
@@ -322,10 +313,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
cleanup:
- if (hexpasswd.length != 0) {
- memset(hexpasswd.data, 0, hexpasswd.length);
- free(hexpasswd.data);
- }
+ zapfreestr(hexpasswd);
if (service_object)
free(service_object);
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.h b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.h
index cf652c578..08af62e17 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.h
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.h
@@ -32,6 +32,4 @@
#define MAX_LEN 1024
#define MAX_SERVICE_PASSWD_LEN 256
-extern int tohex(krb5_data, krb5_data *);
-
extern void kdb5_ldap_stash_service_password(int argc, char **argv);
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/deps b/src/plugins/kdb/ldap/libkdb_ldap/deps
index 1ff28553f..afca604dc 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/deps
+++ b/src/plugins/kdb/ldap/libkdb_ldap/deps
@@ -220,15 +220,16 @@ ldap_service_stash.so ldap_service_stash.po $(OUTPRE)ldap_service_stash.$(OBJEXT
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h $(top_srcdir)/lib/kdb/kdb5.h \
- kdb_ldap.h ldap_handle.h ldap_krbcontainer.h ldap_main.h \
- ldap_misc.h ldap_realm.h ldap_service_stash.c ldap_service_stash.h
+ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-hex.h \
+ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+ $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ $(top_srcdir)/lib/kdb/kdb5.h kdb_ldap.h ldap_handle.h \
+ ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \
+ ldap_service_stash.c ldap_service_stash.h
kdb_xdr.so kdb_xdr.po $(OUTPRE)kdb_xdr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
index 87a2118ff..cb30f4a7f 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
@@ -31,16 +31,16 @@
#include "ldap_main.h"
#include "kdb_ldap.h"
#include "ldap_service_stash.h"
+#include <k5-hex.h>
#include <ctype.h>
/* Decode a password of the form {HEX}<hexstring>. */
static krb5_error_code
dec_password(krb5_context context, const char *str, char **password_out)
{
+ krb5_error_code ret;
+ uint8_t *bytes;
size_t len;
- const unsigned char *p;
- unsigned char *password, *q;
- unsigned int k;
*password_out = NULL;
@@ -48,30 +48,15 @@ dec_password(krb5_context context, const char *str, char **password_out)
k5_setmsg(context, EINVAL, _("Not a hexadecimal password"));
return EINVAL;
}
- str += 5;
- len = strlen(str);
- if (len % 2 != 0) {
- k5_setmsg(context, EINVAL, _("Password corrupt"));
- return EINVAL;
+ ret = k5_hex_decode(str + 5, &bytes, &len);
+ if (ret) {
+ if (ret == EINVAL)
+ k5_setmsg(context, ret, _("Password corrupt"));
+ return ret;
}
- q = password = malloc(len / 2 + 1);
- if (password == NULL)
- return ENOMEM;
-
- for (p = (unsigned char *)str; *p != '\0'; p += 2) {
- if (!isxdigit(*p) || !isxdigit(p[1])) {
- free(password);
- k5_setmsg(context, EINVAL, _("Password corrupt"));
- return EINVAL;
- }
- sscanf((char *)p, "%2x", &k);
- *q++ = k;
- }
- *q = '\0';
-
- *password_out = (char *)password;
+ *password_out = (char *)bytes;
return 0;
}
@@ -128,35 +113,3 @@ krb5_ldap_readpassword(krb5_context context, const char *filename,
/* Extract the plain password information. */
return dec_password(context, val, password_out);
}
-
-/* Encodes a sequence of bytes in hexadecimal */
-
-int
-tohex(krb5_data in, krb5_data *ret)
-{
- unsigned int i=0;
- int err = 0;
-
- ret->length = 0;
- ret->data = NULL;
-
- ret->data = malloc((unsigned int)in.length * 2 + 1 /*Null termination */);
- if (ret->data == NULL) {
- err = ENOMEM;
- goto cleanup;
- }
- ret->length = in.length * 2;
- ret->data[ret->length] = 0;
-
- for (i = 0; i < in.length; i++)
- snprintf(ret->data + 2 * i, 3, "%02x", in.data[i] & 0xff);
-
-cleanup:
-
- if (ret->length == 0) {
- free(ret->data);
- ret->data = NULL;
- }
-
- return err;
-}
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.h b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.h
index dbf62443a..03cf9a1f7 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.h
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.h
@@ -37,7 +37,4 @@ krb5_error_code
krb5_ldap_readpassword(krb5_context context, const char *filename,
const char *name, char **password_out);
-int
-tohex(krb5_data, krb5_data *);
-
#endif
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports b/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports
index 2342f1db8..5376d3453 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports
+++ b/src/plugins/kdb/ldap/libkdb_ldap/libkdb_ldap.exports
@@ -1,4 +1,3 @@
-tohex
krb5_ldap_open
krb5_ldap_close
krb5_ldap_db_init
diff --git a/src/slave/deps b/src/slave/deps
index c3677a5e1..c0f558ecd 100644
--- a/src/slave/deps
+++ b/src/slave/deps
@@ -64,10 +64,11 @@ $(OUTPRE)kproplog.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/iprop.h \
$(top_srcdir)/include/iprop_hdr.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/kdb.h $(top_srcdir)/include/kdb_log.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h kproplog.c
+ $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
+ $(top_srcdir)/include/kdb_log.h $(top_srcdir)/include/krb5.h \
+ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+ kproplog.c
diff --git a/src/slave/kproplog.c b/src/slave/kproplog.c
index 4f19eeb8c..d4aed7ba6 100644
--- a/src/slave/kproplog.c
+++ b/src/slave/kproplog.c
@@ -9,6 +9,7 @@
*/
#include "k5-int.h"
+#include "k5-hex.h"
#include <locale.h>
#include <sys/types.h>
#include <sys/mman.h>
@@ -106,15 +107,15 @@ print_deltat(uint32_t *deltat)
static void
print_hex(const char *tag, utf8str_t *str)
{
- unsigned int i;
unsigned int len;
+ char *hex;
len = str->utf8str_t_len;
- printf("\t\t\t%s(%d): 0x", tag, len);
- for (i = 0; i < len; i++)
- printf("%02x", (krb5_octet)str->utf8str_t_val[i]);
- printf("\n");
+ if (k5_hex_encode(str->utf8str_t_val, len, FALSE, &hex) != 0)
+ abort();
+ printf("\t\t\t%s(%d): 0x%s\n", tag, len, hex);
+ free(hex);
}
/* Display string primitive. */
diff --git a/src/tests/gssapi/deps b/src/tests/gssapi/deps
index b784deb63..0b50d9ed3 100644
--- a/src/tests/gssapi/deps
+++ b/src/tests/gssapi/deps
@@ -149,13 +149,13 @@ $(OUTPRE)t_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(srcdir)/../../lib/gssapi/krb5/gssapiP_krb5.h $(srcdir)/../../lib/gssapi/krb5/gssapi_krb5.h \
$(srcdir)/../../lib/gssapi/mechglue/mechglue.h $(srcdir)/../../lib/gssapi/mechglue/mglueP.h \
$(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- common.h t_prf.c
+ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-hex.h \
+ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+ $(top_srcdir)/include/socket-utils.h common.h t_prf.c
$(OUTPRE)t_s4u.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \
diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
index 2c8c85188..6a698ce0f 100644
--- a/src/tests/gssapi/t_prf.c
+++ b/src/tests/gssapi/t_prf.c
@@ -24,6 +24,7 @@
*/
#include "k5-int.h"
+#include "k5-hex.h"
#include "common.h"
#include "mglueP.h"
#include "gssapiP_krb5.h"
@@ -109,12 +110,14 @@ static struct {
static size_t
fromhex(const char *hexstr, unsigned char *out)
{
- const char *p;
- size_t count;
+ uint8_t *bytes;
+ size_t len;
- for (p = hexstr, count = 0; *p != '\0'; p += 2, count++)
- sscanf(p, "%2hhx", &out[count]);
- return count;
+ if (k5_hex_decode(hexstr, &bytes, &len) != 0)
+ abort();
+ memcpy(out, bytes, len);
+ free(bytes);
+ return len;
}
int

3
kdc.conf
View File

@ -1,6 +1,7 @@
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
spake_preauth_kdc_challenge = edwards25519
[realms]
EXAMPLE.COM = {
@ -8,5 +9,5 @@
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal
supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal
}

1
krb5.conf
View File

@ -14,6 +14,7 @@ includedir /etc/krb5.conf.d/
forwardable = true
rdns = false
pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
spake_preauth_groups = edwards25519
# default_realm = EXAMPLE.COM
[realms]

19
krb5.spec
View File

@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
Name: krb5
Version: 1.16
# for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
Release: 14%{?dist}
Release: 15%{?dist}
# lookaside-cached sources; two downloads and a build artifact
Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz
@ -75,6 +75,16 @@ Patch48: Allow-validation-of-PACs-with-enterprise-names.patch
Patch49: Fix-read-overflow-in-KDC-sort_pa_data.patch
Patch50: Include-preauth-name-in-trace-output-if-possible.patch
Patch51: Report-extended-errors-in-kinit-k-t-KDB.patch
Patch52: Add-libkrb5support-hex-functions-and-tests.patch
Patch53: Use-libkrb5support-hex-functions-where-appropriate.patch
Patch54: Add-ASN.1-encoders-and-decoders-for-SPAKE-types.patch
Patch55: Add-k5_buf_add_vfmt-to-k5buf-interface.patch
Patch56: Add-vector-support-to-k5_sha256.patch
Patch57: Move-zap-definition-to-k5-platform.h.patch
Patch58: Implement-k5_buf_init_dynamic_zap.patch
Patch59: Use-k5_buf_init_dynamic_zap-where-appropriate.patch
Patch60: Add-SPAKE-preauth-support.patch
Patch61: Add-doc-index-entries-for-SPAKE-constants.patch
License: MIT
URL: http://web.mit.edu/kerberos/www/
@ -724,7 +734,12 @@ exit 0
%{_libdir}/libkadm5srv_mit.so.*
%changelog
* Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-13
* Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-15
- Add SPAKE support
- Improve protections on internal sensitive buffers
- Improve internal hex encoding/decoding
* Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-14
- Fix problem with ccache_name logic in previous build
* Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-13