From 3f80a77313f94e3f1bcd0041f222e6a2b81de35a Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Tue, 28 May 2019 15:22:45 -0400 Subject: [PATCH] Remove support for single-DES and CRC --- ...ing-newlines-to-deprecation-warnings.patch | 2 +- Display-unsupported-enctype-names.patch | 79 + ...-the-doc-kadm5-tex-files-as-historic.patch | 2 +- ...ze-example-enctypes-in-documentation.patch | 2 +- Remove-checksum-type-profile-variables.patch | 2 +- ...d-variable-def_kslist-from-two-files.patch | 2 +- Remove-support-for-single-DES-and-CRC.patch | 3336 +++++++++++++++++ Remove-the-v4-and-afs3-salt-types.patch | 508 +++ Set-a-more-modern-default-ksu-CMD_PATH.patch | 2 +- Support-389ds-s-lockout-model.patch | 2 +- ....1-SAM-tests-to-use-a-modern-enctype.patch | 2 +- ...lt-krb5kdc-mkey-manual-entry-enctype.patch | 2 +- ...t-suite-to-avoid-single-DES-enctypes.patch | 2328 ++++++++++++ ...ost3-FIPS-with-PRNG-SPAKE-and-RADIUS.patch | 43 +- krb5.spec | 11 +- 15 files changed, 6274 insertions(+), 49 deletions(-) create mode 100644 Display-unsupported-enctype-names.patch create mode 100644 Remove-support-for-single-DES-and-CRC.patch create mode 100644 Remove-the-v4-and-afs3-salt-types.patch create mode 100644 Update-test-suite-to-avoid-single-DES-enctypes.patch rename krb5-1.17post2-FIPS-with-PRNG-SPAKE-and-RADIUS.patch => krb5-1.17post3-FIPS-with-PRNG-SPAKE-and-RADIUS.patch (93%) diff --git a/Add-missing-newlines-to-deprecation-warnings.patch b/Add-missing-newlines-to-deprecation-warnings.patch index a62701f..173cd61 100644 --- a/Add-missing-newlines-to-deprecation-warnings.patch +++ b/Add-missing-newlines-to-deprecation-warnings.patch @@ -1,4 +1,4 @@ -From d60851da93427e05793d52825ebc49448ae365b2 Mon Sep 17 00:00:00 2001 +From 4928699bdfd051bf0d69afee0b15574c15f40a48 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Tue, 21 May 2019 12:52:26 -0400 Subject: [PATCH] Add missing newlines to deprecation warnings diff --git a/Display-unsupported-enctype-names.patch b/Display-unsupported-enctype-names.patch new file mode 100644 index 0000000..af727f7 --- /dev/null +++ b/Display-unsupported-enctype-names.patch @@ -0,0 +1,79 @@ +From 144eea330aba65a140c0e0bf66ad3cfe06f28899 Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Tue, 21 May 2019 13:34:39 -0400 +Subject: [PATCH] Display unsupported enctype names + +Add a table of unsupported enctype numbers to enctype_util.c and +consult it in krb5_enctype_to_name(). Treat unsupported enctype +numbers as deprecated in krb5int_c_deprecated_enctype(). In kadmin, +display "UNSUPPORTED:" before invalid enctype names. + +ticket: 8808 +(cherry picked from commit ebbc6e8e99ee9d5d757411200a6a3173171774df) +--- + src/kadmin/cli/kadmin.c | 4 +++- + src/lib/crypto/krb/enctype_util.c | 22 +++++++++++++++++++++- + 2 files changed, 24 insertions(+), 2 deletions(-) + +diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c +index fe4cb493c..b4d1aad93 100644 +--- a/src/kadmin/cli/kadmin.c ++++ b/src/kadmin/cli/kadmin.c +@@ -1461,7 +1461,9 @@ kadmin_getprinc(int argc, char *argv[]) + enctype, sizeof(enctype))) + snprintf(enctype, sizeof(enctype), _(""), + key_data->key_data_type[0]); +- if (krb5int_c_deprecated_enctype(key_data->key_data_type[0])) ++ if (!krb5_c_valid_enctype(key_data->key_data_type[0])) ++ deprecated = "UNSUPPORTED:"; ++ else if (krb5int_c_deprecated_enctype(key_data->key_data_type[0])) + deprecated = "DEPRECATED:"; + printf("Key: vno %d, %s%s", key_data->key_data_kvno, deprecated, + enctype); +diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c +index e394f4e19..1542d4062 100644 +--- a/src/lib/crypto/krb/enctype_util.c ++++ b/src/lib/crypto/krb/enctype_util.c +@@ -36,6 +36,18 @@ + + #include "crypto_int.h" + ++struct { ++ krb5_enctype etype; ++ const char *name; ++} unsupported_etypes[] = { ++ { ENCTYPE_DES_CBC_CRC, "des-cbc-crc" }, ++ { ENCTYPE_DES_CBC_MD4, "des-cbc-md4" }, ++ { ENCTYPE_DES_CBC_MD5, "des-cbc-md5" }, ++ { ENCTYPE_DES_CBC_RAW, "des-cbc-raw" }, ++ { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" }, ++ { ENCTYPE_NULL, NULL } ++}; ++ + krb5_boolean KRB5_CALLCONV + krb5_c_valid_enctype(krb5_enctype etype) + { +@@ -55,7 +67,7 @@ krb5_boolean KRB5_CALLCONV + krb5int_c_deprecated_enctype(krb5_enctype etype) + { + const struct krb5_keytypes *ktp = find_enctype(etype); +- return ktp != NULL && (ktp->flags & ETYPE_DEPRECATED) != 0; ++ return ktp == NULL || (ktp->flags & ETYPE_DEPRECATED) != 0; + } + + krb5_error_code KRB5_CALLCONV +@@ -122,6 +134,14 @@ krb5_enctype_to_name(krb5_enctype enctype, krb5_boolean shortest, + const char *name; + int i; + ++ for (i = 0; unsupported_etypes[i].etype != ENCTYPE_NULL; i++) { ++ if (enctype == unsupported_etypes[i].etype) { ++ if (strlcpy(buffer, unsupported_etypes[i].name, buflen) >= buflen) ++ return ENOMEM; ++ return 0; ++ } ++ } ++ + ktp = find_enctype(enctype); + if (ktp == NULL) + return EINVAL; diff --git a/Mark-the-doc-kadm5-tex-files-as-historic.patch b/Mark-the-doc-kadm5-tex-files-as-historic.patch index bd068d5..1956a98 100644 --- a/Mark-the-doc-kadm5-tex-files-as-historic.patch +++ b/Mark-the-doc-kadm5-tex-files-as-historic.patch @@ -1,4 +1,4 @@ -From 1b138c349fa167f713572c8a37bc6fa39280396c Mon Sep 17 00:00:00 2001 +From b68ee166602b787c5acabe3d1b4780e527d672a7 Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Thu, 11 Apr 2019 18:33:04 -0400 Subject: [PATCH] Mark the doc/kadm5 tex files as historic diff --git a/Modernize-example-enctypes-in-documentation.patch b/Modernize-example-enctypes-in-documentation.patch index 0f14e5d..a94494e 100644 --- a/Modernize-example-enctypes-in-documentation.patch +++ b/Modernize-example-enctypes-in-documentation.patch @@ -1,4 +1,4 @@ -From c60e5d66e2aaa9123a333c4f7d5a44fdc735ec66 Mon Sep 17 00:00:00 2001 +From eb4fb8cb24e6cac194acc2c507b334658fc5431d Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Thu, 11 Apr 2019 18:25:41 -0400 Subject: [PATCH] Modernize example enctypes in documentation diff --git a/Remove-checksum-type-profile-variables.patch b/Remove-checksum-type-profile-variables.patch index 62f04c8..a392a60 100644 --- a/Remove-checksum-type-profile-variables.patch +++ b/Remove-checksum-type-profile-variables.patch @@ -1,4 +1,4 @@ -From 69bd1ba5a7002856778cf1d46082423ef89a0c0c Mon Sep 17 00:00:00 2001 +From 46aa5ffd844a280f368d78c7c395bb1b2323dfbe Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Mon, 13 May 2019 14:19:57 -0400 Subject: [PATCH] Remove checksum type profile variables diff --git a/Remove-dead-variable-def_kslist-from-two-files.patch b/Remove-dead-variable-def_kslist-from-two-files.patch index b6bb3d9..fa8e263 100644 --- a/Remove-dead-variable-def_kslist-from-two-files.patch +++ b/Remove-dead-variable-def_kslist-from-two-files.patch @@ -1,4 +1,4 @@ -From 5a009bddbec41c5811db9f7d0583fa4e4b726ee9 Mon Sep 17 00:00:00 2001 +From cc4aace493d1caaca9edebcc5d836e847e358afd Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Thu, 2 May 2019 16:57:51 -0400 Subject: [PATCH] Remove dead variable def_kslist from two files diff --git a/Remove-support-for-single-DES-and-CRC.patch b/Remove-support-for-single-DES-and-CRC.patch new file mode 100644 index 0000000..6c7e2e9 --- /dev/null +++ b/Remove-support-for-single-DES-and-CRC.patch @@ -0,0 +1,3336 @@ +From 2cc75213f2227cffeaf60ad0c4ef60b5466b073e Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 24 May 2019 13:12:03 -0400 +Subject: [PATCH] Remove support for single-DES and CRC + +Single-DES removal brings us closer to compliance with RFC 6649. +Single-DES was disabled by default starting in release 1.8, and +user-visible deprecation warnings were issued starting in release +1.17. + +ticket: 8808 +(cherry picked from commit fb2dada5eb89c4cd4e39dedd6dbb7dbd5e94f8b8) +[rharwood@redhat.com: .gitignore removal] +--- + doc/admin/advanced/retiring-des.rst | 5 + + doc/admin/conf_files/kdc_conf.rst | 17 +- + doc/admin/conf_files/krb5_conf.rst | 17 +- + doc/admin/enctypes.rst | 38 +- + doc/appdev/refs/macros/index.rst | 1 + + doc/conf.py | 2 +- + doc/mitK5features.rst | 2 +- + src/include/k5-int.h | 1 - + src/include/krb5/krb5.hin | 10 +- + src/include/win-mac.h | 12 - + src/kdc/kdc_util.c | 14 - + src/kdc/main.c | 6 - + src/kdc/realm_data.h | 1 - + src/lib/crypto/builtin/des/des_int.h | 1 - + .../crypto/builtin/enc_provider/Makefile.in | 3 - + src/lib/crypto/builtin/enc_provider/deps | 12 - + src/lib/crypto/builtin/enc_provider/des.c | 120 --- + .../crypto/builtin/hash_provider/Makefile.in | 7 +- + src/lib/crypto/builtin/hash_provider/deps | 13 - + .../crypto/builtin/hash_provider/hash_crc32.c | 56 -- + src/lib/crypto/krb/Makefile.in | 9 - + src/lib/crypto/krb/cksumtypes.c | 24 - + src/lib/crypto/krb/combine_keys.c | 3 - + src/lib/crypto/krb/crc32.c | 165 ----- + src/lib/crypto/krb/crypto_int.h | 16 - + src/lib/crypto/krb/default_state.c | 4 - + src/lib/crypto/krb/deps | 36 - + src/lib/crypto/krb/enc_old.c | 181 ----- + src/lib/crypto/krb/etypes.c | 46 -- + src/lib/crypto/krb/s2k_des.c | 691 ------------------ + src/lib/crypto/libk5crypto.exports | 1 - + .../crypto/openssl/enc_provider/Makefile.in | 3 - + src/lib/crypto/openssl/enc_provider/deps | 11 - + src/lib/crypto/openssl/enc_provider/des.c | 218 ------ + .../crypto/openssl/hash_provider/Makefile.in | 10 +- + src/lib/crypto/openssl/hash_provider/deps | 12 - + .../crypto/openssl/hash_provider/hash_crc32.c | 56 -- + src/lib/gssapi/krb5/accept_sec_context.c | 3 - + src/lib/gssapi/krb5/gssapiP_krb5.h | 20 +- + src/lib/gssapi/krb5/k5seal.c | 28 +- + src/lib/gssapi/krb5/k5sealiov.c | 20 - + src/lib/gssapi/krb5/k5unseal.c | 112 --- + src/lib/gssapi/krb5/k5unsealiov.c | 34 +- + src/lib/gssapi/krb5/util_crypt.c | 41 -- + src/lib/kadm5/kadm_rpc_xdr.c | 10 - + src/lib/krb5/ccache/cc_mslsa.c | 11 +- + src/lib/krb5/krb/auth_con.c | 23 +- + src/lib/krb5/krb/gic_keytab.c | 4 - + src/lib/krb5/krb/init_ctx.c | 9 - + src/lib/krb5/krb/mk_req_ext.c | 43 +- + src/lib/krb5/krb/s4u_creds.c | 3 - + src/lib/krb5/krb/ser_ctx.c | 2 +- + src/man/kdc.conf.man | 47 +- + src/man/krb5.conf.man | 6 +- + .../leash/htmlhelp/html/Encryption_Types.htm | 14 +- + 55 files changed, 74 insertions(+), 2180 deletions(-) + delete mode 100644 src/lib/crypto/builtin/enc_provider/des.c + delete mode 100644 src/lib/crypto/builtin/hash_provider/hash_crc32.c + delete mode 100644 src/lib/crypto/krb/crc32.c + delete mode 100644 src/lib/crypto/krb/enc_old.c + delete mode 100644 src/lib/crypto/krb/s2k_des.c + delete mode 100644 src/lib/crypto/openssl/enc_provider/des.c + delete mode 100644 src/lib/crypto/openssl/hash_provider/hash_crc32.c + +diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst +index ebac95f24..4a964c15c 100644 +--- a/doc/admin/advanced/retiring-des.rst ++++ b/doc/admin/advanced/retiring-des.rst +@@ -22,6 +22,11 @@ However, deployments of krb5 using Kerberos databases created with older + versions of krb5 will not necessarily start using strong crypto for + ordinary operation without administrator intervention. + ++MIT krb5 began flagging deprecated encryption types with release 1.17, ++and removed DES (single-DES) support in release 1.18. As a ++consequence, a release prior to 1.18 is required to perform these ++migrations. ++ + Types of keys + ------------- + +diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst +index 62d1bfc05..2c6ea1855 100644 +--- a/doc/admin/conf_files/kdc_conf.rst ++++ b/doc/admin/conf_files/kdc_conf.rst +@@ -381,13 +381,6 @@ The following tags may be specified in a [realms] subsection: + listed in **host_based_services**. ``no_host_referral = *`` will + disable referral processing altogether. + +-**des_crc_session_supported** +- (Boolean value). If set to true, the KDC will assume that service +- principals support des-cbc-crc for session key enctype negotiation +- purposes. If **allow_weak_crypto** in :ref:`libdefaults` is +- false, or if des-cbc-crc is not a permitted enctype, then this +- variable has no effect. Defaults to true. New in release 1.11. +- + **reject_bad_transit** + (Boolean value.) If set to true, the KDC will check the list of + transited realms for cross-realm tickets against the transit path +@@ -848,13 +841,8 @@ Encryption types marked as "weak" are available for compatibility but + not recommended for use. + + ==================================================== ========================================================= +-des-cbc-crc DES cbc mode with CRC-32 (weak) +-des-cbc-md4 DES cbc mode with RSA-MD4 (weak) +-des-cbc-md5 DES cbc mode with RSA-MD5 (weak) +-des-cbc-raw DES cbc mode raw (weak) + des3-cbc-raw Triple DES cbc mode raw (weak) + des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 +-des-hmac-sha1 DES with HMAC/sha1 (weak) + aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC + aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC + aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC +@@ -863,7 +851,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 + arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak) + camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC + camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC +-des The DES family: des-cbc-crc, des-cbc-md5, and des-cbc-md4 (weak) + des3 The triple DES family: des3-cbc-sha1 + aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128 + rc4 The RC4 family: arcfour-hmac +@@ -875,8 +862,8 @@ types for the variable in question. Types or families can be removed + from the current list by prefixing them with a minus sign ("-"). + Types or families can be prefixed with a plus sign ("+") for symmetry; + it has the same meaning as just listing the type or family. For +-example, "``DEFAULT -des``" would be the default set of encryption +-types with DES types removed, and "``des3 DEFAULT``" would be the ++example, "``DEFAULT -rc4``" would be the default set of encryption ++types with RC4 types removed, and "``des3 DEFAULT``" would be the + default set of encryption types with triple DES types moved to the + front. + +diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst +index 5df3bfe36..89f02434b 100644 +--- a/doc/admin/conf_files/krb5_conf.rst ++++ b/doc/admin/conf_files/krb5_conf.rst +@@ -106,10 +106,7 @@ The libdefaults section may contain any of the following relations: + in :ref:`Encryption_types` in :ref:`kdc.conf(5)`) will be filtered + out of the lists **default_tgs_enctypes**, + **default_tkt_enctypes**, and **permitted_enctypes**. The default +- value for this tag is false, which may cause authentication +- failures in existing Kerberos infrastructures that do not support +- strong crypto. Users in affected environments should set this tag +- to true until their infrastructure adopts stronger ciphers. ++ value for this tag is false. + + **canonicalize** + If this flag is set to true, initial ticket requests to the KDC +@@ -163,9 +160,7 @@ The libdefaults section may contain any of the following relations: + preference from highest to lowest. The list may be delimited with + commas or whitespace. See :ref:`Encryption_types` in + :ref:`kdc.conf(5)` for a list of the accepted values for this tag. +- The default value is |defetypes|, but single-DES encryption types +- will be implicitly removed from this list if the value of +- **allow_weak_crypto** is false. ++ The default value is |defetypes|. + + Do not set this unless required for specific backward + compatibility purposes; stale values of this setting can prevent +@@ -177,9 +172,7 @@ The libdefaults section may contain any of the following relations: + the client should request when making an AS-REQ, in order of + preference from highest to lowest. The format is the same as for + default_tgs_enctypes. The default value for this tag is +- |defetypes|, but single-DES encryption types will be implicitly +- removed from this list if the value of **allow_weak_crypto** is +- false. ++ |defetypes|. + + Do not set this unless required for specific backward + compatibility purposes; stale values of this setting can prevent +@@ -297,9 +290,7 @@ The libdefaults section may contain any of the following relations: + **permitted_enctypes** + Identifies all encryption types that are permitted for use in + session key encryption. The default value for this tag is +- |defetypes|, but single-DES encryption types will be implicitly +- removed from this list if the value of **allow_weak_crypto** is +- false. ++ |defetypes|. + + **plugin_base_dir** + If set, determines the base directory where krb5 plugins are +diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst +index 3cdfc92cf..84183a53c 100644 +--- a/doc/admin/enctypes.rst ++++ b/doc/admin/enctypes.rst +@@ -48,17 +48,12 @@ Session key selection + The KDC chooses the session key enctype by taking the intersection of + its **permitted_enctypes** list, the list of long-term keys for the + most recent kvno of the service, and the client's requested list of +-enctypes. If **allow_weak_crypto** is true, all services are assumed +-to support des-cbc-crc. ++enctypes. + +-Starting in krb5-1.11, **des_crc_session_supported** in +-:ref:`kdc.conf(5)` allows additional control over whether the KDC +-issues des-cbc-crc session keys. +- +-Also starting in krb5-1.11, it is possible to set a string attribute +-on a service principal to control what session key enctypes the KDC +-may issue for service tickets for that principal. See +-:ref:`set_string` in :ref:`kadmin(1)` for details. ++Starting in krb5-1.11, it is possible to set a string attribute on a ++service principal to control what session key enctypes the KDC may ++issue for service tickets for that principal. See :ref:`set_string` ++in :ref:`kadmin(1)` for details. + + + Choosing enctypes for a service +@@ -86,11 +81,11 @@ affect how enctypes are chosen. + + **allow_weak_crypto** + defaults to *false* starting with krb5-1.8. When *false*, removes +- single-DES enctypes (and other weak enctypes) from +- **permitted_enctypes**, **default_tkt_enctypes**, and +- **default_tgs_enctypes**. Do not set this to *true* unless the +- use of weak enctypes is an acceptable risk for your environment +- and the weak enctypes are required for backward compatibility. ++ weak enctypes from **permitted_enctypes**, ++ **default_tkt_enctypes**, and **default_tgs_enctypes**. Do not ++ set this to *true* unless the use of weak enctypes is an ++ acceptable risk for your environment and the weak enctypes are ++ required for backward compatibility. + + **permitted_enctypes** + controls the set of enctypes that a service will accept as session +@@ -127,9 +122,9 @@ See :ref:`Encryption_types` for additional information about enctypes. + ========================== ===== ======== ======= + enctype weak? krb5 Windows + ========================== ===== ======== ======= +-des-cbc-crc weak all >=2000 +-des-cbc-md4 weak all ? +-des-cbc-md5 weak all >=2000 ++des-cbc-crc weak <1.18 >=2000 ++des-cbc-md4 weak <1.18 ? ++des-cbc-md5 weak <1.18 >=2000 + des3-cbc-sha1 >=1.1 none + arcfour-hmac >=1.3 >=2000 + arcfour-hmac-exp weak >=1.3 >=2000 +@@ -141,6 +136,7 @@ camellia128-cts-cmac >=1.9 none + camellia256-cts-cmac >=1.9 none + ========================== ===== ======== ======= + +-krb5 releases 1.8 and later disable the single-DES enctypes by +-default. Microsoft Windows releases Windows 7 and later disable +-single-DES enctypes by default. ++krb5 releases 1.18 and later do not support single-DES. krb5 releases ++1.8 and later disable the single-DES enctypes by default. Microsoft ++Windows releases Windows 7 and later disable single-DES enctypes by ++default. +diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst +index 47c6d4413..534795d15 100644 +--- a/doc/appdev/refs/macros/index.rst ++++ b/doc/appdev/refs/macros/index.rst +@@ -55,6 +55,7 @@ Public + ENCTYPE_DES3_CBC_RAW.rst + ENCTYPE_DES3_CBC_SHA.rst + ENCTYPE_DES3_CBC_SHA1.rst ++ ENCTYPE_DES3_CBC_SHA1.rst + ENCTYPE_DES_CBC_CRC.rst + ENCTYPE_DES_CBC_MD4.rst + ENCTYPE_DES_CBC_MD5.rst +diff --git a/doc/conf.py b/doc/conf.py +index c32e33001..759367c21 100644 +--- a/doc/conf.py ++++ b/doc/conf.py +@@ -272,7 +272,7 @@ else: + rst_epilog += ''' + .. |krb5conf| replace:: ``/etc/krb5.conf`` + .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal des3-cbc-sha1:normal arcfour-hmac-md5:normal`` +-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4`` ++.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac`` + .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96`` + .. |copy| unicode:: U+000A9 + ''' +diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst +index 584f7b893..a19068e26 100644 +--- a/doc/mitK5features.rst ++++ b/doc/mitK5features.rst +@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB + + krb4 support: Kerberos 5 release < 1.8 + +-DES support: configurable (See :ref:`retiring-des`) ++DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`) + + Interoperability + ---------------- +diff --git a/src/include/k5-int.h b/src/include/k5-int.h +index 1a78fd7a9..e0c557554 100644 +--- a/src/include/k5-int.h ++++ b/src/include/k5-int.h +@@ -200,7 +200,6 @@ typedef unsigned char u_char; + #define KRB5_CONF_DEFAULT_REALM "default_realm" + #define KRB5_CONF_DEFAULT_TGS_ENCTYPES "default_tgs_enctypes" + #define KRB5_CONF_DEFAULT_TKT_ENCTYPES "default_tkt_enctypes" +-#define KRB5_CONF_DES_CRC_SESSION_SUPPORTED "des_crc_session_supported" + #define KRB5_CONF_DICT_FILE "dict_file" + #define KRB5_CONF_DISABLE "disable" + #define KRB5_CONF_DISABLE_ENCRYPTED_TIMESTAMP "disable_encrypted_timestamp" +diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin +index 346e796a5..5f596d1fc 100644 +--- a/src/include/krb5/krb5.hin ++++ b/src/include/krb5/krb5.hin +@@ -422,13 +422,13 @@ typedef struct _krb5_crypto_iov { + + /* per Kerberos v5 protocol spec */ + #define ENCTYPE_NULL 0x0000 +-#define ENCTYPE_DES_CBC_CRC 0x0001 /**< DES cbc mode with CRC-32 */ +-#define ENCTYPE_DES_CBC_MD4 0x0002 /**< DES cbc mode with RSA-MD4 */ +-#define ENCTYPE_DES_CBC_MD5 0x0003 /**< DES cbc mode with RSA-MD5 */ +-#define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated DES cbc mode raw */ ++#define ENCTYPE_DES_CBC_CRC 0x0001 /**< @deprecated no longer supported */ ++#define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */ ++#define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */ ++#define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */ + #define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */ + #define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */ +-#define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated */ ++#define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */ + /* PKINIT */ + #define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */ + #define ENCTYPE_MD5_RSA_CMS 0x000a /**< MD5 with RSA, CMS signature */ +diff --git a/src/include/win-mac.h b/src/include/win-mac.h +index c3744ed14..dc0f2a1ae 100644 +--- a/src/include/win-mac.h ++++ b/src/include/win-mac.h +@@ -176,18 +176,6 @@ typedef _W64 int ssize_t; + #define HAVE_STDLIB_H + #endif + +-/* This controls which encryption routines libcrypto will provide */ +-#define PROVIDE_DES_CBC_MD5 +-#define PROVIDE_DES_CBC_CRC +-#define PROVIDE_DES_CBC_RAW +-#define PROVIDE_DES_CBC_CKSUM +-#define PROVIDE_CRC32 +-#define PROVIDE_RSA_MD4 +-#define PROVIDE_RSA_MD5 +-/* #define PROVIDE_DES3_CBC_SHA */ +-/* #define PROVIDE_DES3_CBC_RAW */ +-/* #define PROVIDE_NIST_SHA */ +- + /* Ugly. Microsoft, in stdc mode, doesn't support the low-level i/o + * routines directly. Rather, they only export the _ version. + * The following defines works around this problem. +diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c +index f2741090e..df1ba6acf 100644 +--- a/src/kdc/kdc_util.c ++++ b/src/kdc/kdc_util.c +@@ -991,17 +991,6 @@ dbentry_supports_enctype(kdc_realm_t *kdc_active_realm, krb5_db_entry *server, + free(etypes_str); + free(etypes); + +- /* If configured to, assume every server without a session_enctypes +- * attribute supports DES_CBC_CRC. */ +- if (kdc_active_realm->realm_assume_des_crc_sess && +- enctype == ENCTYPE_DES_CBC_CRC) +- return TRUE; +- +- /* Due to an ancient interop problem, assume nothing supports des-cbc-md5 +- * unless there's a session_enctypes explicitly saying that it does. */ +- if (enctype == ENCTYPE_DES_CBC_MD5) +- return FALSE; +- + /* Assume the server supports any enctype it has a long-term key for. */ + return !krb5_dbe_find_enctype(kdc_context, server, enctype, -1, 0, &datap); + } +@@ -1752,9 +1741,6 @@ krb5_boolean + enctype_requires_etype_info_2(krb5_enctype enctype) + { + switch(enctype) { +- case ENCTYPE_DES_CBC_CRC: +- case ENCTYPE_DES_CBC_MD4: +- case ENCTYPE_DES_CBC_MD5: + case ENCTYPE_DES3_CBC_SHA1: + case ENCTYPE_DES3_CBC_RAW: + case ENCTYPE_ARCFOUR_HMAC: +diff --git a/src/kdc/main.c b/src/kdc/main.c +index 1596c1c5b..8d4df4d6a 100644 +--- a/src/kdc/main.c ++++ b/src/kdc/main.c +@@ -307,12 +307,6 @@ init_realm(kdc_realm_t * rdp, krb5_pointer aprof, char *realm, + &rdp->realm_reject_bad_transit)) + rdp->realm_reject_bad_transit = TRUE; + +- /* Handle assume des-cbc-crc is supported for session keys */ +- hierarchy[2] = KRB5_CONF_DES_CRC_SESSION_SUPPORTED; +- if (krb5_aprof_get_boolean(aprof, hierarchy, TRUE, +- &rdp->realm_assume_des_crc_sess)) +- rdp->realm_assume_des_crc_sess = TRUE; +- + /* Handle ticket maximum life */ + hierarchy[2] = KRB5_CONF_MAX_LIFE; + if (krb5_aprof_get_deltat(aprof, hierarchy, TRUE, &rdp->realm_maxlife)) +diff --git a/src/kdc/realm_data.h b/src/kdc/realm_data.h +index 859daf159..8d698dcb8 100644 +--- a/src/kdc/realm_data.h ++++ b/src/kdc/realm_data.h +@@ -73,7 +73,6 @@ typedef struct __kdc_realm_data { + krb5_deltat realm_maxrlife; /* Maximum renewable life for realm */ + krb5_boolean realm_reject_bad_transit; /* Accept unverifiable transited_realm ? */ + krb5_boolean realm_restrict_anon; /* Anon to local TGT only */ +- krb5_boolean realm_assume_des_crc_sess; /* Assume princs support des-cbc-crc for session keys */ + } kdc_realm_t; + + struct server_handle { +diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h +index 67e40a19c..f8dc6b296 100644 +--- a/src/lib/crypto/builtin/des/des_int.h ++++ b/src/lib/crypto/builtin/des/des_int.h +@@ -131,7 +131,6 @@ typedef struct mit_des_ran_key_seed { + /* the first byte of the key is already in the keyblock */ + + #define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) +-#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH + /* This used to be 8*sizeof(krb5_octet) */ + #define MIT_DES_KEYSIZE 8 + +diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in +index 4fd3311b4..3459e1d0e 100644 +--- a/src/lib/crypto/builtin/enc_provider/Makefile.in ++++ b/src/lib/crypto/builtin/enc_provider/Makefile.in +@@ -11,21 +11,18 @@ LOCALINCLUDES = -I$(srcdir)/../des \ + ##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst + + STLIBOBJS= \ +- des.o \ + des3.o \ + rc4.o \ + aes.o \ + camellia.o + + OBJS= \ +- $(OUTPRE)des.$(OBJEXT) \ + $(OUTPRE)des3.$(OBJEXT) \ + $(OUTPRE)aes.$(OBJEXT) \ + $(OUTPRE)camellia.$(OBJEXT) \ + $(OUTPRE)rc4.$(OBJEXT) + + SRCS= \ +- $(srcdir)/des.c \ + $(srcdir)/des3.c \ + $(srcdir)/aes.c \ + $(srcdir)/camellia.c \ +diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps +index 72e340766..7a3324c44 100644 +--- a/src/lib/crypto/builtin/enc_provider/deps ++++ b/src/lib/crypto/builtin/enc_provider/deps +@@ -1,18 +1,6 @@ + # + # Generated makefile dependencies follow. + # +-des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +- $(srcdir)/../aes/aes.h $(srcdir)/../crypto_mod.h $(srcdir)/../des/des_int.h \ +- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des.c + des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +diff --git a/src/lib/crypto/builtin/enc_provider/des.c b/src/lib/crypto/builtin/enc_provider/des.c +deleted file mode 100644 +index 30b8229f8..000000000 +--- a/src/lib/crypto/builtin/enc_provider/des.c ++++ /dev/null +@@ -1,120 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-#include "crypto_int.h" +-#include "des_int.h" +- +-static krb5_error_code +-validate_and_schedule(krb5_key key, const krb5_data *ivec, +- const krb5_crypto_iov *data, size_t num_data, +- mit_des_key_schedule schedule) +-{ +- if (key->keyblock.length != 8) +- return KRB5_BAD_KEYSIZE; +- if (iov_total_length(data, num_data, FALSE) % 8 != 0) +- return KRB5_BAD_MSIZE; +- if (ivec != NULL && ivec->length != 8) +- return KRB5_BAD_MSIZE; +- +- switch (mit_des_key_sched(key->keyblock.contents, schedule)) { +- case -1: +- return(KRB5DES_BAD_KEYPAR); +- case -2: +- return(KRB5DES_WEAK_KEY); +- } +- return 0; +-} +- +-static krb5_error_code +-des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- mit_des_key_schedule schedule; +- krb5_error_code err; +- +- err = validate_and_schedule(key, ivec, data, num_data, schedule); +- if (err) +- return err; +- +- krb5int_des_cbc_encrypt(data, num_data, schedule, +- ivec != NULL ? (unsigned char *) ivec->data : +- NULL); +- +- zap(schedule, sizeof(schedule)); +- return 0; +-} +- +-static krb5_error_code +-des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- mit_des_key_schedule schedule; +- krb5_error_code err; +- +- err = validate_and_schedule(key, ivec, data, num_data, schedule); +- if (err) +- return err; +- +- krb5int_des_cbc_decrypt(data, num_data, schedule, +- ivec != NULL ? (unsigned char *) ivec->data : +- NULL); +- +- zap(schedule, sizeof(schedule)); +- return 0; +-} +- +-static krb5_error_code +-des_cbc_mac(krb5_key key, const krb5_crypto_iov *data, size_t num_data, +- const krb5_data *ivec, krb5_data *output) +-{ +- mit_des_key_schedule schedule; +- krb5_error_code err; +- +- err = validate_and_schedule(key, ivec, data, num_data, schedule); +- if (err) +- return err; +- +- if (output->length != 8) +- return KRB5_CRYPTO_INTERNAL; +- +- krb5int_des_cbc_mac(data, num_data, schedule, +- ivec != NULL ? (unsigned char *) ivec->data : NULL, +- (unsigned char *) output->data); +- +- zap(schedule, sizeof(schedule)); +- return 0; +-} +- +-const struct krb5_enc_provider krb5int_enc_des = { +- 8, +- 7, 8, +- des_encrypt, +- des_decrypt, +- des_cbc_mac, +- krb5int_des_init_state, +- krb5int_default_free_state +-}; +diff --git a/src/lib/crypto/builtin/hash_provider/Makefile.in b/src/lib/crypto/builtin/hash_provider/Makefile.in +index 2f587a497..ceebf9380 100644 +--- a/src/lib/crypto/builtin/hash_provider/Makefile.in ++++ b/src/lib/crypto/builtin/hash_provider/Makefile.in +@@ -8,20 +8,17 @@ LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb -I$(srcdir)/../md4 \ + ##DOS##OBJFILE = ..\..\$(OUTPRE)hash_provider.lst + + STLIBOBJS= \ +- hash_crc32.o \ + hash_md4.o \ + hash_md5.o \ + hash_sha1.o \ + hash_sha2.o + +-OBJS= $(OUTPRE)hash_crc32.$(OBJEXT) \ +- $(OUTPRE)hash_md4.$(OBJEXT) \ ++OBJS= $(OUTPRE)hash_md4.$(OBJEXT) \ + $(OUTPRE)hash_md5.$(OBJEXT) \ + $(OUTPRE)hash_sha1.$(OBJEXT) \ + $(OUTPRE)hash_sha2.$(OBJEXT) + +-SRCS= $(srcdir)/hash_crc32.c \ +- $(srcdir)/hash_md4.c \ ++SRCS= $(srcdir)/hash_md4.c \ + $(srcdir)/hash_md5.c \ + $(srcdir)/hash_sha1.c \ + $(srcdir)/hash_sha2.c +diff --git a/src/lib/crypto/builtin/hash_provider/deps b/src/lib/crypto/builtin/hash_provider/deps +index 18f89b383..fb65a44be 100644 +--- a/src/lib/crypto/builtin/hash_provider/deps ++++ b/src/lib/crypto/builtin/hash_provider/deps +@@ -1,19 +1,6 @@ + # + # Generated makefile dependencies follow. + # +-hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ +- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- hash_crc32.c + hash_md4.so hash_md4.po $(OUTPRE)hash_md4.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +diff --git a/src/lib/crypto/builtin/hash_provider/hash_crc32.c b/src/lib/crypto/builtin/hash_provider/hash_crc32.c +deleted file mode 100644 +index 1d0be5563..000000000 +--- a/src/lib/crypto/builtin/hash_provider/hash_crc32.c ++++ /dev/null +@@ -1,56 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-#include "crypto_int.h" +- +-static krb5_error_code +-k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +-{ +- unsigned long c; +- unsigned int i; +- +- if (output->length != CRC32_CKSUM_LENGTH) +- return KRB5_CRYPTO_INTERNAL; +- +- c = 0; +- for (i = 0; i < num_data; i++) { +- const krb5_crypto_iov *iov = &data[i]; +- +- if (SIGN_IOV(iov)) +- mit_crc32(iov->data.data, iov->data.length, &c); +- } +- +- store_32_le(c, output->data); +- return 0; +-} +- +-const struct krb5_hash_provider krb5int_hash_crc32 = { +- "CRC32", +- CRC32_CKSUM_LENGTH, +- 1, +- k5_crc32_hash +-}; +diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in +index fc01a2ced..c0e0b791b 100644 +--- a/src/lib/crypto/krb/Makefile.in ++++ b/src/lib/crypto/krb/Makefile.in +@@ -23,7 +23,6 @@ STLIBOBJS=\ + cmac.o \ + coll_proof_cksum.o \ + combine_keys.o \ +- crc32.o \ + crypto_length.o \ + crypto_libinit.o \ + default_state.o \ +@@ -37,7 +36,6 @@ STLIBOBJS=\ + enc_dk_cmac.o \ + enc_dk_hmac.o \ + enc_etm.o \ +- enc_old.o \ + enc_raw.o \ + enc_rc4.o \ + etypes.o \ +@@ -61,7 +59,6 @@ STLIBOBJS=\ + prng.o \ + prng_$(PRNG_ALG).o \ + random_to_key.o \ +- s2k_des.o \ + s2k_pbkdf2.o \ + s2k_rc4.o \ + state.o \ +@@ -88,7 +85,6 @@ OBJS=\ + $(OUTPRE)cmac.$(OBJEXT) \ + $(OUTPRE)coll_proof_cksum.$(OBJEXT) \ + $(OUTPRE)combine_keys.$(OBJEXT) \ +- $(OUTPRE)crc32.$(OBJEXT) \ + $(OUTPRE)crypto_length.$(OBJEXT) \ + $(OUTPRE)crypto_libinit.$(OBJEXT) \ + $(OUTPRE)default_state.$(OBJEXT) \ +@@ -102,7 +98,6 @@ OBJS=\ + $(OUTPRE)enc_dk_cmac.$(OBJEXT) \ + $(OUTPRE)enc_dk_hmac.$(OBJEXT) \ + $(OUTPRE)enc_etm.$(OBJEXT) \ +- $(OUTPRE)enc_old.$(OBJEXT) \ + $(OUTPRE)enc_raw.$(OBJEXT) \ + $(OUTPRE)enc_rc4.$(OBJEXT) \ + $(OUTPRE)etypes.$(OBJEXT) \ +@@ -126,7 +121,6 @@ OBJS=\ + $(OUTPRE)prng.$(OBJEXT) \ + $(OUTPRE)prng_$(PRNG_ALG).$(OBJEXT) \ + $(OUTPRE)random_to_key.$(OBJEXT) \ +- $(OUTPRE)s2k_des.$(OBJEXT) \ + $(OUTPRE)s2k_pbkdf2.$(OBJEXT) \ + $(OUTPRE)s2k_rc4.$(OBJEXT) \ + $(OUTPRE)state.$(OBJEXT) \ +@@ -153,7 +147,6 @@ SRCS=\ + $(srcdir)/cmac.c \ + $(srcdir)/coll_proof_cksum.c \ + $(srcdir)/combine_keys.c \ +- $(srcdir)/crc32.c \ + $(srcdir)/crypto_length.c \ + $(srcdir)/crypto_libinit.c \ + $(srcdir)/default_state.c \ +@@ -167,7 +160,6 @@ SRCS=\ + $(srcdir)/enc_dk_cmac.c \ + $(srcdir)/enc_dk_hmac.c \ + $(srcdir)/enc_etm.c \ +- $(srcdir)/enc_old.c \ + $(srcdir)/enc_raw.c \ + $(srcdir)/enc_rc4.c \ + $(srcdir)/etypes.c \ +@@ -192,7 +184,6 @@ SRCS=\ + $(srcdir)/prng_$(PRNG_ALG).c \ + $(srcdir)/cf2.c \ + $(srcdir)/random_to_key.c \ +- $(srcdir)/s2k_des.c \ + $(srcdir)/s2k_pbkdf2.c \ + $(srcdir)/s2k_rc4.c \ + $(srcdir)/state.c \ +diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c +index 85967f9aa..ecc2e08c9 100644 +--- a/src/lib/crypto/krb/cksumtypes.c ++++ b/src/lib/crypto/krb/cksumtypes.c +@@ -28,42 +28,18 @@ + #include "crypto_int.h" + + const struct krb5_cksumtypes krb5int_cksumtypes_list[] = { +- { CKSUMTYPE_CRC32, +- "crc32", { 0 }, "CRC-32", +- NULL, &krb5int_hash_crc32, +- krb5int_unkeyed_checksum, NULL, +- 4, 4, CKSUM_UNKEYED | CKSUM_NOT_COLL_PROOF }, +- + { CKSUMTYPE_RSA_MD4, + "md4", { 0 }, "RSA-MD4", + NULL, &krb5int_hash_md4, + krb5int_unkeyed_checksum, NULL, + 16, 16, CKSUM_UNKEYED }, + +- { CKSUMTYPE_RSA_MD4_DES, +- "md4-des", { 0 }, "RSA-MD4 with DES cbc mode", +- &krb5int_enc_des, &krb5int_hash_md4, +- krb5int_confounder_checksum, krb5int_confounder_verify, +- 24, 24, 0 }, +- +- { CKSUMTYPE_DESCBC, +- "des-cbc", { 0 }, "DES cbc mode", +- &krb5int_enc_des, NULL, +- krb5int_cbc_checksum, NULL, +- 8, 8, 0 }, +- + { CKSUMTYPE_RSA_MD5, + "md5", { 0 }, "RSA-MD5", + NULL, &krb5int_hash_md5, + krb5int_unkeyed_checksum, NULL, + 16, 16, CKSUM_UNKEYED }, + +- { CKSUMTYPE_RSA_MD5_DES, +- "md5-des", { 0 }, "RSA-MD5 with DES cbc mode", +- &krb5int_enc_des, &krb5int_hash_md5, +- krb5int_confounder_checksum, krb5int_confounder_verify, +- 24, 24, 0 }, +- + { CKSUMTYPE_NIST_SHA, + "sha", { 0 }, "NIST-SHA", + NULL, &krb5int_hash_sha1, +diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c +index 90905c5ae..c36434e17 100644 +--- a/src/lib/crypto/krb/combine_keys.c ++++ b/src/lib/crypto/krb/combine_keys.c +@@ -60,9 +60,6 @@ static krb5_boolean + enctype_ok(krb5_enctype e) + { + switch (e) { +- case ENCTYPE_DES_CBC_CRC: +- case ENCTYPE_DES_CBC_MD4: +- case ENCTYPE_DES_CBC_MD5: + case ENCTYPE_DES3_CBC_SHA1: + return TRUE; + default: +diff --git a/src/lib/crypto/krb/crc32.c b/src/lib/crypto/krb/crc32.c +deleted file mode 100644 +index 11fe312da..000000000 +--- a/src/lib/crypto/krb/crc32.c ++++ /dev/null +@@ -1,165 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/krb/crc32.c */ +-/* +- * Copyright 1990, 2002 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +-/* +- * Copyright (C) 1986 Gary S. Brown. You may use this program, or +- * code or tables extracted from it, as desired without restriction. +- */ +- +-/* +- * +- * CRC-32/AUTODIN-II routines +- */ +- +-#include "crypto_int.h" +- +-/* First, the polynomial itself and its table of feedback terms. The */ +-/* polynomial is */ +-/* X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0 */ +-/* Note that we take it "backwards" and put the highest-order term in */ +-/* the lowest-order bit. The X^32 term is "implied"; the LSB is the */ +-/* X^31 term, etc. The X^0 term (usually shown as "+1") results in */ +-/* the MSB being 1. */ +- +-/* Note that the usual hardware shift register implementation, which */ +-/* is what we're using (we're merely optimizing it by doing eight-bit */ +-/* chunks at a time) shifts bits into the lowest-order term. In our */ +-/* implementation, that means shifting towards the right. Why do we */ +-/* do it this way? Because the calculated CRC must be transmitted in */ +-/* order from highest-order term to lowest-order term. UARTs transmit */ +-/* characters in order from LSB to MSB. By storing the CRC this way, */ +-/* we hand it to the UART in the order low-byte to high-byte; the UART */ +-/* sends each low-bit to hight-bit; and the result is transmission bit */ +-/* by bit from highest- to lowest-order term without requiring any bit */ +-/* shuffling on our part. Reception works similarly. */ +- +-/* The feedback terms table consists of 256, 32-bit entries. Notes: */ +-/* */ +-/* 1. The table can be generated at runtime if desired; code to do so */ +-/* is shown later. It might not be obvious, but the feedback */ +-/* terms simply represent the results of eight shift/xor opera- */ +-/* tions for all combinations of data and CRC register values. */ +-/* */ +-/* 2. The CRC accumulation logic is the same for all CRC polynomials, */ +-/* be they sixteen or thirty-two bits wide. You simply choose the */ +-/* appropriate table. Alternatively, because the table can be */ +-/* generated at runtime, you can start by generating the table for */ +-/* the polynomial in question and use exactly the same "updcrc", */ +-/* if your application needn't simultaneously handle two CRC */ +-/* polynomials. (Note, however, that XMODEM is strange.) */ +-/* */ +-/* 3. For 16-bit CRCs, the table entries need be only 16 bits wide; */ +-/* of course, 32-bit entries work OK if the high 16 bits are zero. */ +-/* */ +-/* 4. The values must be right-shifted by eight bits by the "updcrc" */ +-/* logic; the shift must be unsigned (bring in zeroes). On some */ +-/* hardware you could probably optimize the shift in assembler by */ +-/* using byte-swap instructions. */ +- +-static u_long const crc_table[256] = { +- 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, +- 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, +- 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, +- 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, +- 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, +- 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, +- 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, +- 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, +- 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, +- 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, +- 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, +- 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, +- 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, +- 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, +- 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, +- 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, +- 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, +- 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, +- 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, +- 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, +- 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, +- 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, +- 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, +- 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, +- 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, +- 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, +- 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, +- 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, +- 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, +- 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, +- 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, +- 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, +- 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, +- 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, +- 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, +- 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, +- 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, +- 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, +- 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, +- 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, +- 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, +- 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, +- 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, +- 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, +- 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, +- 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, +- 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, +- 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, +- 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, +- 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, +- 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, +- 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, +- 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, +- 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, +- 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, +- 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, +- 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, +- 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, +- 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, +- 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, +- 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, +- 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, +- 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, +- 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d +-}; +- +-void +-mit_crc32(krb5_pointer in, size_t in_length, unsigned long *cksum) +-{ +- u_char *data; +- u_long c = *cksum; +- int idx; +- size_t i; +- +- data = (u_char *)in; +- for (i = 0; i < in_length; i++) { +- idx = (int) (data[i] ^ c); +- idx &= 0xff; +- c >>= 8; +- c ^= crc_table[idx]; +- } +- +- *cksum = c; +-} +diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h +index 6c1c77cac..b18d5e2e3 100644 +--- a/src/lib/crypto/krb/crypto_int.h ++++ b/src/lib/crypto/krb/crypto_int.h +@@ -180,8 +180,6 @@ extern const size_t krb5int_cksumtypes_length; + /*** Prototypes for enctype table functions ***/ + + /* Length */ +-unsigned int krb5int_old_crypto_length(const struct krb5_keytypes *ktp, +- krb5_cryptotype type); + unsigned int krb5int_raw_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + unsigned int krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, +@@ -196,10 +194,6 @@ unsigned int krb5int_aes2_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type); + + /* Encrypt */ +-krb5_error_code krb5int_old_encrypt(const struct krb5_keytypes *ktp, +- krb5_key key, krb5_keyusage usage, +- const krb5_data *ivec, +- krb5_crypto_iov *data, size_t num_data); + krb5_error_code krb5int_raw_encrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, +@@ -224,10 +218,6 @@ krb5_error_code krb5int_etm_encrypt(const struct krb5_keytypes *ktp, + krb5_crypto_iov *data, size_t num_data); + + /* Decrypt */ +-krb5_error_code krb5int_old_decrypt(const struct krb5_keytypes *ktp, +- krb5_key key, krb5_keyusage usage, +- const krb5_data *ivec, +- krb5_crypto_iov *data, size_t num_data); + krb5_error_code krb5int_raw_decrypt(const struct krb5_keytypes *ktp, + krb5_key key, krb5_keyusage usage, + const krb5_data *ivec, +@@ -388,10 +378,6 @@ krb5_error_code krb5int_cmac_checksum(const struct krb5_enc_provider *enc, + size_t num_data, + krb5_data *output); + +-/* Compute a CRC-32 checksum. c is in-out to allow chaining; init to 0. */ +-#define CRC32_CKSUM_LENGTH 4 +-void mit_crc32(krb5_pointer in, size_t in_length, unsigned long *c); +- + /* Translate an RFC 3961 key usage to a Microsoft RC4 usage. */ + krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); + +@@ -455,7 +441,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block); + /* Modules must implement the k5_sha256() function prototyped in k5-int.h. */ + + /* Modules must implement the following enc_providers and hash_providers: */ +-extern const struct krb5_enc_provider krb5int_enc_des; + extern const struct krb5_enc_provider krb5int_enc_des3; + extern const struct krb5_enc_provider krb5int_enc_arcfour; + extern const struct krb5_enc_provider krb5int_enc_aes128; +@@ -465,7 +450,6 @@ extern const struct krb5_enc_provider krb5int_enc_aes256_ctr; + extern const struct krb5_enc_provider krb5int_enc_camellia128; + extern const struct krb5_enc_provider krb5int_enc_camellia256; + +-extern const struct krb5_hash_provider krb5int_hash_crc32; + extern const struct krb5_hash_provider krb5int_hash_md4; + extern const struct krb5_hash_provider krb5int_hash_md5; + extern const struct krb5_hash_provider krb5int_hash_sha1; +diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c +index c7bfe323f..0757c8b02 100644 +--- a/src/lib/crypto/krb/default_state.c ++++ b/src/lib/crypto/krb/default_state.c +@@ -39,10 +39,6 @@ krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage, + if (alloc_data(state_out, 8)) + return ENOMEM; + +- /* des-cbc-crc uses the key as the initial ivec. */ +- if (key->enctype == ENCTYPE_DES_CBC_CRC) +- memcpy(state_out->data, key->contents, state_out->length); +- + return 0; + } + +diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps +index 2a7f9b0ef..f9a740860 100644 +--- a/src/lib/crypto/krb/deps ++++ b/src/lib/crypto/krb/deps +@@ -204,18 +204,6 @@ combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h combine_keys.c \ + crypto_int.h +-crc32.so crc32.po $(OUTPRE)crc32.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ +- $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- crc32.c crypto_int.h + crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +@@ -372,18 +360,6 @@ enc_etm.so enc_etm.po $(OUTPRE)enc_etm.$(OBJEXT): $(BUILDTOP)/include/autoconf.h + $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ + $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ + crypto_int.h enc_etm.c +-enc_old.so enc_old.po $(OUTPRE)enc_old.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ +- $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- crypto_int.h enc_old.c + enc_raw.so enc_raw.po $(OUTPRE)enc_raw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ +@@ -660,18 +636,6 @@ random_to_key.so random_to_key.po $(OUTPRE)random_to_key.$(OBJEXT): \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h crypto_int.h random_to_key.c +-s2k_des.so s2k_des.po $(OUTPRE)s2k_des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ +- $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- crypto_int.h s2k_des.c + s2k_pbkdf2.so s2k_pbkdf2.po $(OUTPRE)s2k_pbkdf2.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +diff --git a/src/lib/crypto/krb/enc_old.c b/src/lib/crypto/krb/enc_old.c +deleted file mode 100644 +index 1b02a5915..000000000 +--- a/src/lib/crypto/krb/enc_old.c ++++ /dev/null +@@ -1,181 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/krb/enc_old.c */ +-/* +- * Copyright 2008 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-#include "crypto_int.h" +- +-unsigned int +-krb5int_old_crypto_length(const struct krb5_keytypes *ktp, +- krb5_cryptotype type) +-{ +- switch (type) { +- case KRB5_CRYPTO_TYPE_HEADER: +- return ktp->enc->block_size + ktp->hash->hashsize; +- case KRB5_CRYPTO_TYPE_PADDING: +- return ktp->enc->block_size; +- case KRB5_CRYPTO_TYPE_TRAILER: +- return 0; +- case KRB5_CRYPTO_TYPE_CHECKSUM: +- return ktp->hash->hashsize; +- default: +- assert(0 && "invalid cryptotype passed to krb5int_old_crypto_length"); +- return 0; +- } +-} +- +-krb5_error_code +-krb5int_old_encrypt(const struct krb5_keytypes *ktp, krb5_key key, +- krb5_keyusage usage, const krb5_data *ivec, +- krb5_crypto_iov *data, size_t num_data) +-{ +- const struct krb5_enc_provider *enc = ktp->enc; +- const struct krb5_hash_provider *hash = ktp->hash; +- krb5_error_code ret; +- krb5_crypto_iov *header, *trailer, *padding; +- krb5_data checksum, confounder, crcivec = empty_data(); +- unsigned int plainlen, padsize; +- size_t i; +- +- /* E(Confounder | Checksum | Plaintext | Pad) */ +- +- plainlen = enc->block_size + hash->hashsize; +- for (i = 0; i < num_data; i++) { +- krb5_crypto_iov *iov = &data[i]; +- +- if (iov->flags == KRB5_CRYPTO_TYPE_DATA) +- plainlen += iov->data.length; +- } +- +- header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); +- if (header == NULL || +- header->data.length < enc->block_size + hash->hashsize) +- return KRB5_BAD_MSIZE; +- +- /* Trailer may be absent. */ +- trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); +- if (trailer != NULL) +- trailer->data.length = 0; +- +- /* Check that the input data is correctly padded. */ +- padsize = krb5_roundup(plainlen, enc->block_size) - plainlen; +- padding = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_PADDING); +- if (padsize > 0 && (padding == NULL || padding->data.length < padsize)) +- return KRB5_BAD_MSIZE; +- if (padding) { +- padding->data.length = padsize; +- memset(padding->data.data, 0, padsize); +- } +- +- /* Generate a confounder in the header block. */ +- confounder = make_data(header->data.data, enc->block_size); +- ret = krb5_c_random_make_octets(0, &confounder); +- if (ret != 0) +- goto cleanup; +- checksum = make_data(header->data.data + enc->block_size, hash->hashsize); +- memset(checksum.data, 0, hash->hashsize); +- +- /* Checksum the plaintext with zeroed checksum and padding. */ +- ret = hash->hash(data, num_data, &checksum); +- if (ret != 0) +- goto cleanup; +- +- /* Use the key as the ivec for des-cbc-crc if none was provided. */ +- if (key->keyblock.enctype == ENCTYPE_DES_CBC_CRC && ivec == NULL) { +- ret = alloc_data(&crcivec, key->keyblock.length); +- if (ret != 0) +- goto cleanup; +- memcpy(crcivec.data, key->keyblock.contents, key->keyblock.length); +- ivec = &crcivec; +- } +- +- ret = enc->encrypt(key, ivec, data, num_data); +- if (ret != 0) +- goto cleanup; +- +-cleanup: +- zapfree(crcivec.data, crcivec.length); +- return ret; +-} +- +-krb5_error_code +-krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, +- krb5_keyusage usage, const krb5_data *ivec, +- krb5_crypto_iov *data, size_t num_data) +-{ +- const struct krb5_enc_provider *enc = ktp->enc; +- const struct krb5_hash_provider *hash = ktp->hash; +- krb5_error_code ret; +- krb5_crypto_iov *header, *trailer; +- krb5_data checksum, crcivec = empty_data(); +- char *saved_checksum = NULL; +- +- /* Check that the input data is correctly padded. */ +- if (iov_total_length(data, num_data, FALSE) % enc->block_size != 0) +- return KRB5_BAD_MSIZE; +- +- header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); +- if (header == NULL || +- header->data.length != enc->block_size + hash->hashsize) +- return KRB5_BAD_MSIZE; +- +- trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); +- if (trailer != NULL && trailer->data.length != 0) +- return KRB5_BAD_MSIZE; +- +- /* Use the key as the ivec for des-cbc-crc if none was provided. */ +- if (key->keyblock.enctype == ENCTYPE_DES_CBC_CRC && ivec == NULL) { +- ret = alloc_data(&crcivec, key->keyblock.length); +- memcpy(crcivec.data, key->keyblock.contents, key->keyblock.length); +- ivec = &crcivec; +- } +- +- /* Decrypt the ciphertext. */ +- ret = enc->decrypt(key, ivec, data, num_data); +- if (ret != 0) +- goto cleanup; +- +- /* Save the checksum, then zero it out in the plaintext. */ +- checksum = make_data(header->data.data + enc->block_size, hash->hashsize); +- saved_checksum = k5memdup(checksum.data, checksum.length, &ret); +- if (saved_checksum == NULL) +- goto cleanup; +- memset(checksum.data, 0, checksum.length); +- +- /* +- * Checksum the plaintext (with zeroed checksum field), storing the result +- * back into the plaintext field we just zeroed out. Then compare it to +- * the saved checksum. +- */ +- ret = hash->hash(data, num_data, &checksum); +- if (k5_bcmp(checksum.data, saved_checksum, checksum.length) != 0) { +- ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; +- goto cleanup; +- } +- +-cleanup: +- zapfree(crcivec.data, crcivec.length); +- zapfree(saved_checksum, hash->hashsize); +- return ret; +-} +diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c +index 8f44c37e7..fc278783b 100644 +--- a/src/lib/crypto/krb/etypes.c ++++ b/src/lib/crypto/krb/etypes.c +@@ -35,42 +35,6 @@ + + /* Deprecations come from RFC 6649 and RFC 8249. */ + const struct krb5_keytypes krb5int_enctypes_list[] = { +- { ENCTYPE_DES_CBC_CRC, +- "des-cbc-crc", { 0 }, "DES cbc mode with CRC-32", +- &krb5int_enc_des, &krb5int_hash_crc32, +- 16, +- krb5int_old_crypto_length, krb5int_old_encrypt, krb5int_old_decrypt, +- krb5int_des_string_to_key, k5_rand2key_des, +- krb5int_des_prf, +- CKSUMTYPE_RSA_MD5_DES, +- ETYPE_WEAK | ETYPE_DEPRECATED, 56 }, +- { ENCTYPE_DES_CBC_MD4, +- "des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4", +- &krb5int_enc_des, &krb5int_hash_md4, +- 16, +- krb5int_old_crypto_length, krb5int_old_encrypt, krb5int_old_decrypt, +- krb5int_des_string_to_key, k5_rand2key_des, +- krb5int_des_prf, +- CKSUMTYPE_RSA_MD4_DES, +- ETYPE_WEAK | ETYPE_DEPRECATED, 56 }, +- { ENCTYPE_DES_CBC_MD5, +- "des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5", +- &krb5int_enc_des, &krb5int_hash_md5, +- 16, +- krb5int_old_crypto_length, krb5int_old_encrypt, krb5int_old_decrypt, +- krb5int_des_string_to_key, k5_rand2key_des, +- krb5int_des_prf, +- CKSUMTYPE_RSA_MD5_DES, +- ETYPE_WEAK | ETYPE_DEPRECATED, 56 }, +- { ENCTYPE_DES_CBC_RAW, +- "des-cbc-raw", { 0 }, "DES cbc mode raw", +- &krb5int_enc_des, NULL, +- 16, +- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt, +- krb5int_des_string_to_key, k5_rand2key_des, +- krb5int_des_prf, +- 0, +- ETYPE_WEAK | ETYPE_DEPRECATED, 56 }, + { ENCTYPE_DES3_CBC_RAW, + "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw", + &krb5int_enc_des3, NULL, +@@ -92,16 +56,6 @@ const struct krb5_keytypes krb5int_enctypes_list[] = { + CKSUMTYPE_HMAC_SHA1_DES3, + ETYPE_DEPRECATED, 112 }, + +- { ENCTYPE_DES_HMAC_SHA1, +- "des-hmac-sha1", { 0 }, "DES with HMAC/sha1", +- &krb5int_enc_des, &krb5int_hash_sha1, +- 8, +- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, +- krb5int_dk_string_to_key, k5_rand2key_des, +- NULL, /*PRF*/ +- 0, +- ETYPE_WEAK | ETYPE_DEPRECATED, 56 }, +- + /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we + * consider its strength degraded and assign it an SSF value of 64. */ + { ENCTYPE_ARCFOUR_HMAC, +diff --git a/src/lib/crypto/krb/s2k_des.c b/src/lib/crypto/krb/s2k_des.c +deleted file mode 100644 +index d5c29befc..000000000 +--- a/src/lib/crypto/krb/s2k_des.c ++++ /dev/null +@@ -1,691 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-/* +- * RFC 3961 and AFS string to key. These are not standard crypto primitives +- * (RFC 3961 string-to-key is implemented in OpenSSL for historical reasons but +- * it doesn't get weak keys right), so we have to implement them here. +- */ +- +-#include +-#include "crypto_int.h" +- +-#undef min +-#define min(a,b) ((a)>(b)?(b):(a)) +- +-/* Compute a CBC checksum of in (with length len) using the specified key and +- * ivec. The result is written into out. */ +-static krb5_error_code +-des_cbc_mac(const unsigned char *keybits, const unsigned char *ivec, +- const unsigned char *in, size_t len, unsigned char *out) +-{ +- krb5_error_code ret; +- krb5_keyblock kb; +- krb5_key key; +- krb5_crypto_iov iov[2]; +- unsigned char zero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; +- krb5_data outd, ivecd; +- +- /* Make a key from keybits. */ +- kb.magic = KV5M_KEYBLOCK; +- kb.enctype = ENCTYPE_DES_CBC_CRC; +- kb.length = 8; +- kb.contents = (unsigned char *)keybits; +- ret = krb5_k_create_key(NULL, &kb, &key); +- if (ret) +- return ret; +- +- /* Make iovs for the input data, padding it out to the block size. */ +- iov[0].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[0].data = make_data((unsigned char *)in, len); +- iov[1].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[1].data = make_data(zero, krb5_roundup(len, 8) - len); +- +- /* Make krb5_data structures for the ivec and output. */ +- ivecd = make_data((unsigned char *)ivec, 8); +- outd = make_data(out, 8); +- +- /* Call the cbc_mac operation of the module's DES enc-provider. */ +- ret = krb5int_enc_des.cbc_mac(key, iov, 2, &ivecd, &outd); +- krb5_k_free_key(NULL, key); +- return ret; +-} +- +-/*** AFS string-to-key constants ***/ +- +-/* Initial permutation */ +-static const char IP[] = { +- 58,50,42,34,26,18,10, 2, +- 60,52,44,36,28,20,12, 4, +- 62,54,46,38,30,22,14, 6, +- 64,56,48,40,32,24,16, 8, +- 57,49,41,33,25,17, 9, 1, +- 59,51,43,35,27,19,11, 3, +- 61,53,45,37,29,21,13, 5, +- 63,55,47,39,31,23,15, 7, +-}; +- +-/* Final permutation, FP = IP^(-1) */ +-static const char FP[] = { +- 40, 8,48,16,56,24,64,32, +- 39, 7,47,15,55,23,63,31, +- 38, 6,46,14,54,22,62,30, +- 37, 5,45,13,53,21,61,29, +- 36, 4,44,12,52,20,60,28, +- 35, 3,43,11,51,19,59,27, +- 34, 2,42,10,50,18,58,26, +- 33, 1,41, 9,49,17,57,25, +-}; +- +-/* +- * Permuted-choice 1 from the key bits to yield C and D. +- * Note that bits 8,16... are left out: They are intended for a parity check. +- */ +-static const char PC1_C[] = { +- 57,49,41,33,25,17, 9, +- 1,58,50,42,34,26,18, +- 10, 2,59,51,43,35,27, +- 19,11, 3,60,52,44,36, +-}; +- +-static const char PC1_D[] = { +- 63,55,47,39,31,23,15, +- 7,62,54,46,38,30,22, +- 14, 6,61,53,45,37,29, +- 21,13, 5,28,20,12, 4, +-}; +- +-/* Sequence of shifts used for the key schedule */ +-static const char shifts[] = { +- 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, +-}; +- +-/* Permuted-choice 2, to pick out the bits from the CD array that generate the +- * key schedule */ +-static const char PC2_C[] = { +- 14,17,11,24, 1, 5, +- 3,28,15, 6,21,10, +- 23,19,12, 4,26, 8, +- 16, 7,27,20,13, 2, +-}; +- +-static const char PC2_D[] = { +- 41,52,31,37,47,55, +- 30,40,51,45,33,48, +- 44,49,39,56,34,53, +- 46,42,50,36,29,32, +-}; +- +-/* The E bit-selection table */ +-static const char e[] = { +- 32, 1, 2, 3, 4, 5, +- 4, 5, 6, 7, 8, 9, +- 8, 9,10,11,12,13, +- 12,13,14,15,16,17, +- 16,17,18,19,20,21, +- 20,21,22,23,24,25, +- 24,25,26,27,28,29, +- 28,29,30,31,32, 1, +-}; +- +-/* P is a permutation on the selected combination of the current L and key. */ +-static const char P[] = { +- 16, 7,20,21, +- 29,12,28,17, +- 1,15,23,26, +- 5,18,31,10, +- 2, 8,24,14, +- 32,27, 3, 9, +- 19,13,30, 6, +- 22,11, 4,25, +-}; +- +-/* +- * The 8 selection functions. +- * For some reason, they give a 0-origin +- * index, unlike everything else. +- */ +-static const char S[8][64] = { +- {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, +- 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, +- 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, +- 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13}, +- +- {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, +- 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, +- 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, +- 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9}, +- +- {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, +- 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, +- 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, +- 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12}, +- +- { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, +- 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, +- 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, +- 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14}, +- +- { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, +- 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, +- 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, +- 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3}, +- +- {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, +- 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, +- 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, +- 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13}, +- +- { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, +- 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, +- 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, +- 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12}, +- +- {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, +- 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, +- 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, +- 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11}, +-}; +- +- +-/* Set up the key schedule from the key. */ +-static void +-afs_crypt_setkey(char *key, char *E, char (*KS)[48]) +-{ +- int i, j, k, t; +- char C[28], D[28]; /* Used to calculate key schedule. */ +- +- /* +- * First, generate C and D by permuting +- * the key. The low order bit of each +- * 8-bit char is not used, so C and D are only 28 +- * bits apiece. +- */ +- for (i = 0; i < 28; i++) { +- C[i] = key[PC1_C[i] - 1]; +- D[i] = key[PC1_D[i] - 1]; +- } +- /* +- * To generate Ki, rotate C and D according +- * to schedule and pick up a permutation +- * using PC2. +- */ +- for (i = 0; i < 16; i++) { +- /* Rotate. */ +- for (k = 0; k < shifts[i]; k++) { +- t = C[0]; +- for (j = 0; j < 28 - 1; j++) +- C[j] = C[j + 1]; +- C[27] = t; +- t = D[0]; +- for (j = 0; j < 28 - 1; j++) +- D[j] = D[j + 1]; +- D[27] = t; +- } +- /* Get Ki. Note C and D are concatenated. */ +- for (j = 0; j < 24; j++) { +- KS[i][j] = C[PC2_C[j]-1]; +- KS[i][j+24] = D[PC2_D[j]-28-1]; +- } +- } +- +- memcpy(E, e, 48); +-} +- +-/* +- * The payoff: encrypt a block. +- */ +- +-static void +-afs_encrypt_block(char *block, char *E, char (*KS)[48]) +-{ +- const long edflag = 0; +- int i, ii; +- int t, j, k; +- char tempL[32]; +- char f[32]; +- char L[64]; /* Current block divided into two halves */ +- char *const R = &L[32]; +- /* The combination of the key and the input, before selection. */ +- char preS[48]; +- +- /* First, permute the bits in the input. */ +- for (j = 0; j < 64; j++) +- L[j] = block[IP[j] - 1]; +- /* Perform an encryption operation 16 times. */ +- for (ii = 0; ii < 16; ii++) { +- /* Set direction. */ +- i = (edflag) ? 15 - ii : ii; +- /* Save the R array, which will be the new L. */ +- memcpy(tempL, R, 32); +- /* Expand R to 48 bits using the E selector; exclusive-or with the +- * current key bits. */ +- for (j = 0; j < 48; j++) +- preS[j] = R[E[j] - 1] ^ KS[i][j]; +- /* +- * The pre-select bits are now considered in 8 groups of 6 bits each. +- * The 8 selection functions map these 6-bit quantities into 4-bit +- * quantities and the results permuted to make an f(R, K). The +- * indexing into the selection functions is peculiar; it could be +- * simplified by rewriting the tables. +- */ +- for (j = 0; j < 8; j++) { +- t = 6 * j; +- k = S[j][(preS[t + 0] << 5) + +- (preS[t + 1] << 3) + +- (preS[t + 2] << 2) + +- (preS[t + 3] << 1) + +- (preS[t + 4] << 0) + +- (preS[t + 5] << 4)]; +- t = 4 * j; +- f[t + 0] = (k >> 3) & 1; +- f[t + 1] = (k >> 2) & 1; +- f[t + 2] = (k >> 1) & 1; +- f[t + 3] = (k >> 0) & 1; +- } +- /* The new R is L ^ f(R, K). The f here has to be permuted first, +- * though. */ +- for (j = 0; j < 32; j++) +- R[j] = L[j] ^ f[P[j] - 1]; +- /* Finally, the new L (the original R) is copied back. */ +- memcpy(L, tempL, 32); +- } +- /* The output L and R are reversed. */ +- for (j = 0; j < 32; j++) { +- t = L[j]; +- L[j] = R[j]; +- R[j] = t; +- } +- /* The final output gets the inverse permutation of the very original. */ +- for (j = 0; j < 64; j++) +- block[j] = L[FP[j] - 1]; +-} +- +-/* iobuf must be at least 16 bytes */ +-static char * +-afs_crypt(const char *pw, const char *salt, char *iobuf) +-{ +- int i, j, c; +- int temp; +- char block[66]; +- char E[48]; +- char KS[16][48]; /* Key schedule, generated from key */ +- +- for (i = 0; i < 66; i++) +- block[i] = 0; +- for (i = 0; (c = *pw) != '\0' && i < 64; pw++){ +- for(j = 0; j < 7; j++, i++) +- block[i] = (c >> (6 - j)) & 01; +- i++; +- } +- +- afs_crypt_setkey(block, E, KS); +- +- for (i = 0; i < 66; i++) +- block[i] = 0; +- +- for (i = 0; i < 2; i++) { +- c = *salt++; +- iobuf[i] = c; +- if (c > 'Z') +- c -= 6; +- if (c > '9') +- c -= 7; +- c -= '.'; +- for (j = 0; j < 6; j++) { +- if ((c >> j) & 01) { +- temp = E[6 * i + j]; +- E[6 * i + j] = E[6 * i + j + 24]; +- E[6 * i + j + 24] = temp; +- } +- } +- } +- +- for (i = 0; i < 25; i++) +- afs_encrypt_block(block, E, KS); +- +- for (i = 0; i < 11; i++) { +- c = 0; +- for (j = 0; j < 6; j++) { +- c <<= 1; +- c |= block[6 * i + j]; +- } +- c += '.'; +- if (c > '9') +- c += 7; +- if (c > 'Z') +- c += 6; +- iobuf[i + 2] = c; +- } +- iobuf[i + 2] = 0; +- if (iobuf[1] == 0) +- iobuf[1] = iobuf[0]; +- return iobuf; +-} +- +-static krb5_error_code +-afs_s2k_oneblock(const krb5_data *data, const krb5_data *salt, +- unsigned char *key_out) +-{ +- unsigned int i; +- unsigned char password[9]; /* trailing nul for crypt() */ +- char afs_crypt_buf[16]; +- +- /* +- * Run afs_crypt and use the first eight returned bytes after the copy of +- * the (fixed) salt. +- * +- * Since the returned bytes are alphanumeric, the output is limited to +- * 2**48 possibilities; for each byte, only 64 possible values can be used. +- */ +- +- memset(password, 0, sizeof(password)); +- if (salt->length > 0) +- memcpy(password, salt->data, min(salt->length, 8)); +- for (i = 0; i < 8; i++) { +- if (isupper(password[i])) +- password[i] = tolower(password[i]); +- } +- for (i = 0; i < data->length; i++) +- password[i] ^= data->data[i]; +- for (i = 0; i < 8; i++) { +- if (password[i] == '\0') +- password[i] = 'X'; +- } +- password[8] = '\0'; +- /* Out-of-bounds salt characters are equivalent to a salt string +- * of "p1". */ +- strncpy((char *)key_out, +- (char *)afs_crypt((char *)password, "#~", afs_crypt_buf) + 2, 8); +- for (i = 0; i < 8; i++) +- key_out[i] <<= 1; +- /* Fix up key parity again. */ +- k5_des_fixup_key_parity(key_out); +- zap(password, sizeof(password)); +- return 0; +-} +- +-static krb5_error_code +-afs_s2k_multiblock(const krb5_data *data, const krb5_data *salt, +- unsigned char *key_out) +-{ +- krb5_error_code ret; +- unsigned char ivec[8], tkey[8], *password; +- size_t pw_len = salt->length + data->length; +- unsigned int i, j; +- +- /* Do a CBC checksum, twice, and use the result as the new key. */ +- +- password = malloc(pw_len); +- if (!password) +- return ENOMEM; +- +- if (data->length > 0) +- memcpy(password, data->data, data->length); +- for (i = data->length, j = 0; j < salt->length; i++, j++) { +- password[i] = salt->data[j]; +- if (isupper(password[i])) +- password[i] = tolower(password[i]); +- } +- +- memcpy(ivec, "kerberos", sizeof(ivec)); +- memcpy(tkey, ivec, sizeof(tkey)); +- k5_des_fixup_key_parity(tkey); +- ret = des_cbc_mac(tkey, ivec, password, pw_len, tkey); +- if (ret) +- goto cleanup; +- +- memcpy(ivec, tkey, sizeof(ivec)); +- k5_des_fixup_key_parity(tkey); +- ret = des_cbc_mac(tkey, ivec, password, pw_len, key_out); +- if (ret) +- goto cleanup; +- k5_des_fixup_key_parity(key_out); +- +-cleanup: +- zapfree(password, pw_len); +- return ret; +-} +- +-static krb5_error_code +-afs_s2k(const krb5_data *data, const krb5_data *salt, unsigned char *key_out) +-{ +- if (data->length <= 8) +- return afs_s2k_oneblock(data, salt, key_out); +- else +- return afs_s2k_multiblock(data, salt, key_out); +-} +- +-static krb5_error_code +-des_s2k(const krb5_data *pw, const krb5_data *salt, unsigned char *key_out) +-{ +- union { +- /* 8 "forward" bytes, 8 "reverse" bytes */ +- unsigned char uc[16]; +- krb5_ui_4 ui[4]; +- } temp; +- unsigned int i; +- krb5_ui_4 x, y, z; +- unsigned char *p, *copy; +- size_t copylen; +- krb5_error_code ret; +- +- /* As long as the architecture is big-endian or little-endian, it +- doesn't matter which it is. Think of it as reversing the +- bytes, and also reversing the bits within each byte. But this +- current algorithm is dependent on having four 8-bit char values +- exactly overlay a 32-bit integral type. */ +- if (sizeof(temp.uc) != sizeof(temp.ui) +- || (unsigned char)~0 != 0xFF +- || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF +- || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4, +- !(temp.ui[0] == 0x01020304 +- || temp.ui[0] == 0x04030201))) +- abort(); +-#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4] +-#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR +- +- copylen = pw->length + salt->length; +- /* Don't need NUL termination, at this point we're treating it as +- a byte array, not a string. */ +- copy = malloc(copylen); +- if (copy == NULL) +- return ENOMEM; +- if (pw->length > 0) +- memcpy(copy, pw->data, pw->length); +- if (salt->length > 0) +- memcpy(copy + pw->length, salt->data, salt->length); +- +- memset(&temp, 0, sizeof(temp)); +- p = temp.uc; +- /* Handle the fan-fold xor operation by splitting the data into +- forward and reverse sections, and combine them later, rather +- than having to do the reversal over and over again. */ +- for (i = 0; i < copylen; i++) { +- *p++ ^= copy[i]; +- if (p == temp.uc+16) { +- p = temp.uc; +-#ifdef PRINT_TEST_VECTORS +- { +- int j; +- printf("after %d input bytes:\nforward block:\t", i+1); +- for (j = 0; j < 8; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\nreverse block:\t"); +- for (j = 8; j < 16; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +- } +- } +- +-#ifdef PRINT_TEST_VECTORS +- if (p != temp.uc) { +- int j; +- printf("at end, after %d input bytes:\nforward block:\t", i); +- for (j = 0; j < 8; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\nreverse block:\t"); +- for (j = 8; j < 16; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +-#define REVERSE(VAR) \ +- { \ +- krb5_ui_4 old = VAR, temp1 = 0; \ +- int j; \ +- for (j = 0; j < 32; j++) { \ +- temp1 = (temp1 << 1) | (old & 1); \ +- old >>= 1; \ +- } \ +- VAR = temp1; \ +- } +- +- FETCH4 (x, 8); +- FETCH4 (y, 12); +- /* Ignore high bits of each input byte. */ +- x &= 0x7F7F7F7F; +- y &= 0x7F7F7F7F; +- /* Reverse the bit strings -- after this, y is "before" x. */ +- REVERSE (x); +- REVERSE (y); +-#ifdef PRINT_TEST_VECTORS +- { +- int j; +- union { unsigned char uc[4]; krb5_ui_4 ui; } t2; +- printf("after reversal, reversed block:\n\t\t"); +- t2.ui = y; +- for (j = 0; j < 4; j++) +- printf(" %02x", t2.uc[j] & 0xff); +- t2.ui = x; +- for (j = 0; j < 4; j++) +- printf(" %02x", t2.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +- /* Ignored bits are now at the bottom of each byte, where we'll +- * put the parity bits. Good. */ +- FETCH4 (z, 0); +- z &= 0x7F7F7F7F; +- /* Ignored bits for z are at the top of each byte; fix that. */ +- z <<= 1; +- /* Finish the fan-fold xor for these four bytes. */ +- z ^= y; +- PUT4 (z, 0); +- /* Now do the second four bytes. */ +- FETCH4 (z, 4); +- z &= 0x7F7F7F7F; +- /* Ignored bits for z are at the top of each byte; fix that. */ +- z <<= 1; +- /* Finish the fan-fold xor for these four bytes. */ +- z ^= x; +- PUT4 (z, 4); +- +-#ifdef PRINT_TEST_VECTORS +- { +- int j; +- printf("after reversal, combined block:\n\t\t"); +- for (j = 0; j < 8; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +- +-#define FIXUP(k) (k5_des_fixup_key_parity(k), \ +- k5_des_is_weak_key(k) ? (k[7] ^= 0xF0) : 0) +- +- /* Now temp.cb is the temporary key, with invalid parity. */ +- FIXUP(temp.uc); +- +-#ifdef PRINT_TEST_VECTORS +- { +- int j; +- printf("after fixing parity and weak keys:\n\t\t"); +- for (j = 0; j < 8; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +- +- ret = des_cbc_mac(temp.uc, temp.uc, copy, copylen, temp.uc); +- if (ret) +- goto cleanup; +- +-#ifdef PRINT_TEST_VECTORS +- { +- int j; +- printf("cbc checksum:\n\t\t"); +- for (j = 0; j < 8; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +- +- FIXUP(temp.uc); +- +-#ifdef PRINT_TEST_VECTORS +- { +- int j; +- printf("after fixing parity and weak keys:\n\t\t"); +- for (j = 0; j < 8; j++) +- printf(" %02x", temp.uc[j] & 0xff); +- printf("\n"); +- } +-#endif +- +- memcpy(key_out, temp.uc, 8); +- +-cleanup: +- zap(&temp, sizeof(temp)); +- zapfree(copy, copylen); +- return ret; +-} +- +-krb5_error_code +-krb5int_des_string_to_key(const struct krb5_keytypes *ktp, +- const krb5_data *string, const krb5_data *salt, +- const krb5_data *parm, krb5_keyblock *keyblock) +-{ +- int type; +- +- if (parm != NULL) { +- if (parm->length != 1) +- return KRB5_ERR_BAD_S2K_PARAMS; +- type = parm->data[0]; +- if (type != 0 && type != 1) +- return KRB5_ERR_BAD_S2K_PARAMS; +- } else +- type = 0; +- +- /* Use AFS string to key if we were told to. */ +- if (type == 1) +- return afs_s2k(string, salt, keyblock->contents); +- +- return des_s2k(string, salt, keyblock->contents); +-} +diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports +index 90afdf5f7..63804299f 100644 +--- a/src/lib/crypto/libk5crypto.exports ++++ b/src/lib/crypto/libk5crypto.exports +@@ -85,7 +85,6 @@ krb5_k_prf + krb5_k_reference_key + krb5_k_verify_checksum + krb5_k_verify_checksum_iov +-mit_crc32 + krb5int_aes_encrypt + krb5int_aes_decrypt + krb5int_enc_des3 +diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in +index b9e28c9cd..a9069d22d 100644 +--- a/src/lib/crypto/openssl/enc_provider/Makefile.in ++++ b/src/lib/crypto/openssl/enc_provider/Makefile.in +@@ -3,21 +3,18 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S).. + LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. + + STLIBOBJS= \ +- des.o \ + des3.o \ + rc4.o \ + aes.o \ + camellia.o + + OBJS= \ +- $(OUTPRE)des.$(OBJEXT) \ + $(OUTPRE)des3.$(OBJEXT) \ + $(OUTPRE)aes.$(OBJEXT) \ + $(OUTPRE)camellia.$(OBJEXT) \ + $(OUTPRE)rc4.$(OBJEXT) + + SRCS= \ +- $(srcdir)/des.c \ + $(srcdir)/des3.c \ + $(srcdir)/aes.c \ + $(srcdir)/camellia.c \ +diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps +index 428fcf6f5..1c28cc842 100644 +--- a/src/lib/crypto/openssl/enc_provider/deps ++++ b/src/lib/crypto/openssl/enc_provider/deps +@@ -1,17 +1,6 @@ + # + # Generated makefile dependencies follow. + # +-des.so des.po $(OUTPRE)des.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +- $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des.c + des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +diff --git a/src/lib/crypto/openssl/enc_provider/des.c b/src/lib/crypto/openssl/enc_provider/des.c +deleted file mode 100644 +index a662db512..000000000 +--- a/src/lib/crypto/openssl/enc_provider/des.c ++++ /dev/null +@@ -1,218 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/openssl/enc_provider/des.c */ +-/* +- * Copyright (C) 2009 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-#include "crypto_int.h" +-#include +-#include +- +-#define DES_BLOCK_SIZE 8 +-#define DES_KEY_SIZE 8 +-#define DES_KEY_BYTES 7 +- +-static krb5_error_code +-validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, +- size_t num_data, krb5_boolean *empty) +-{ +- size_t input_length = iov_total_length(data, num_data, FALSE); +- +- if (key->keyblock.length != DES_KEY_SIZE) +- return(KRB5_BAD_KEYSIZE); +- if ((input_length%DES_BLOCK_SIZE) != 0) +- return(KRB5_BAD_MSIZE); +- if (ivec && (ivec->length != 8)) +- return(KRB5_BAD_MSIZE); +- +- *empty = (input_length == 0); +- return 0; +-} +- +-static krb5_error_code +-k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- int ret, olen = DES_BLOCK_SIZE; +- unsigned char iblock[DES_BLOCK_SIZE], oblock[DES_BLOCK_SIZE]; +- struct iov_cursor cursor; +- EVP_CIPHER_CTX *ctx; +- krb5_boolean empty; +- +- ret = validate(key, ivec, data, num_data, &empty); +- if (ret != 0 || empty) +- return ret; +- +- ctx = EVP_CIPHER_CTX_new(); +- if (ctx == NULL) +- return ENOMEM; +- +- ret = EVP_EncryptInit_ex(ctx, EVP_des_cbc(), NULL, +- key->keyblock.contents, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL); +- if (!ret) { +- EVP_CIPHER_CTX_free(ctx); +- return KRB5_CRYPTO_INTERNAL; +- } +- +- EVP_CIPHER_CTX_set_padding(ctx, 0); +- +- k5_iov_cursor_init(&cursor, data, num_data, DES_BLOCK_SIZE, FALSE); +- while (k5_iov_cursor_get(&cursor, iblock)) { +- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES_BLOCK_SIZE); +- if (!ret) +- break; +- k5_iov_cursor_put(&cursor, oblock); +- } +- +- if (ivec != NULL) +- memcpy(ivec->data, oblock, DES_BLOCK_SIZE); +- +- EVP_CIPHER_CTX_free(ctx); +- +- zap(iblock, sizeof(iblock)); +- zap(oblock, sizeof(oblock)); +- +- if (ret != 1) +- return KRB5_CRYPTO_INTERNAL; +- return 0; +-} +- +-static krb5_error_code +-k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- int ret, olen = DES_BLOCK_SIZE; +- unsigned char iblock[DES_BLOCK_SIZE], oblock[DES_BLOCK_SIZE]; +- struct iov_cursor cursor; +- EVP_CIPHER_CTX *ctx; +- krb5_boolean empty; +- +- ret = validate(key, ivec, data, num_data, &empty); +- if (ret != 0 || empty) +- return ret; +- +- ctx = EVP_CIPHER_CTX_new(); +- if (ctx == NULL) +- return ENOMEM; +- +- ret = EVP_DecryptInit_ex(ctx, EVP_des_cbc(), NULL, +- key->keyblock.contents, +- (ivec) ? (unsigned char*)ivec->data : NULL); +- if (!ret) { +- EVP_CIPHER_CTX_free(ctx); +- return KRB5_CRYPTO_INTERNAL; +- } +- +- EVP_CIPHER_CTX_set_padding(ctx,0); +- +- k5_iov_cursor_init(&cursor, data, num_data, DES_BLOCK_SIZE, FALSE); +- while (k5_iov_cursor_get(&cursor, iblock)) { +- ret = EVP_DecryptUpdate(ctx, oblock, &olen, iblock, DES_BLOCK_SIZE); +- if (!ret) +- break; +- k5_iov_cursor_put(&cursor, oblock); +- } +- +- if (ivec != NULL) +- memcpy(ivec->data, iblock, DES_BLOCK_SIZE); +- +- EVP_CIPHER_CTX_free(ctx); +- +- zap(iblock, sizeof(iblock)); +- zap(oblock, sizeof(oblock)); +- +- if (ret != 1) +- return KRB5_CRYPTO_INTERNAL; +- return 0; +-} +- +-static krb5_error_code +-k5_des_cbc_mac(krb5_key key, const krb5_crypto_iov *data, size_t num_data, +- const krb5_data *ivec, krb5_data *output) +-{ +- int ret; +- struct iov_cursor cursor; +- DES_cblock blockY, blockB; +- DES_key_schedule sched; +- krb5_boolean empty; +- +- ret = validate(key, ivec, data, num_data, &empty); +- if (ret != 0) +- return ret; +- +- if (output->length != DES_BLOCK_SIZE) +- return KRB5_BAD_MSIZE; +- +- if (DES_set_key((DES_cblock *)key->keyblock.contents, &sched) != 0) +- return KRB5_CRYPTO_INTERNAL; +- +- if (ivec != NULL) +- memcpy(blockY, ivec->data, DES_BLOCK_SIZE); +- else +- memset(blockY, 0, DES_BLOCK_SIZE); +- +- k5_iov_cursor_init(&cursor, data, num_data, DES_BLOCK_SIZE, FALSE); +- while (k5_iov_cursor_get(&cursor, blockB)) { +- store_64_n(load_64_n(blockB) ^ load_64_n(blockY), blockB); +- DES_ecb_encrypt(&blockB, &blockY, &sched, 1); +- } +- +- memcpy(output->data, blockY, DES_BLOCK_SIZE); +- return 0; +-} +- +-const struct krb5_enc_provider krb5int_enc_des = { +- DES_BLOCK_SIZE, +- DES_KEY_BYTES, DES_KEY_SIZE, +- k5_des_encrypt, +- k5_des_decrypt, +- k5_des_cbc_mac, +- krb5int_des_init_state, +- krb5int_default_free_state +-}; +diff --git a/src/lib/crypto/openssl/hash_provider/Makefile.in b/src/lib/crypto/openssl/hash_provider/Makefile.in +index 7762e20a5..f7245fbd1 100644 +--- a/src/lib/crypto/openssl/hash_provider/Makefile.in ++++ b/src/lib/crypto/openssl/hash_provider/Makefile.in +@@ -2,15 +2,11 @@ mydir=lib$(S)crypto$(S)openssl$(S)hash_provider + BUILDTOP=$(REL)..$(S)..$(S)..$(S).. + LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. + +-STLIBOBJS= \ +- hash_crc32.o \ +- hash_evp.o ++STLIBOBJS= hash_evp.o + +-OBJS= $(OUTPRE)hash_crc32.$(OBJEXT) \ +- $(OUTPRE)hash_evp.$(OBJEXT) ++OBJS= $(OUTPRE)hash_evp.$(OBJEXT) + +-SRCS= $(srcdir)/hash_crc32.c \ +- $(srcdir)/hash_evp.c ++SRCS= $(srcdir)/hash_evp.c + + all-unix: all-libobjs + +diff --git a/src/lib/crypto/openssl/hash_provider/deps b/src/lib/crypto/openssl/hash_provider/deps +index 87dd02012..690574cab 100644 +--- a/src/lib/crypto/openssl/hash_provider/deps ++++ b/src/lib/crypto/openssl/hash_provider/deps +@@ -1,18 +1,6 @@ + # + # Generated makefile dependencies follow. + # +-hash_crc32.so hash_crc32.po $(OUTPRE)hash_crc32.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- hash_crc32.c + hash_evp.so hash_evp.po $(OUTPRE)hash_evp.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +diff --git a/src/lib/crypto/openssl/hash_provider/hash_crc32.c b/src/lib/crypto/openssl/hash_provider/hash_crc32.c +deleted file mode 100644 +index 4013843ed..000000000 +--- a/src/lib/crypto/openssl/hash_provider/hash_crc32.c ++++ /dev/null +@@ -1,56 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-#include "crypto_int.h" +- +-static krb5_error_code +-k5_crc32_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) +-{ +- unsigned long c; +- unsigned int i; +- +- if (output->length != CRC32_CKSUM_LENGTH) +- return(KRB5_CRYPTO_INTERNAL); +- +- c = 0; +- for (i = 0; i < num_data; i++) { +- const krb5_crypto_iov *iov = &data[i]; +- +- if (SIGN_IOV(iov)) +- mit_crc32(iov->data.data, iov->data.length, &c); +- } +- +- store_32_le(c, output->data); +- return(0); +-} +- +-const struct krb5_hash_provider krb5int_hash_crc32 = { +- "CRC32", +- CRC32_CKSUM_LENGTH, +- 1, +- k5_crc32_hash +-}; +diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c +index 5baa6cecf..439ae6aeb 100644 +--- a/src/lib/gssapi/krb5/accept_sec_context.c ++++ b/src/lib/gssapi/krb5/accept_sec_context.c +@@ -1011,9 +1011,6 @@ kg_accept_krb5(minor_status, context_handle, + } + + switch (negotiated_etype) { +- case ENCTYPE_DES_CBC_MD5: +- case ENCTYPE_DES_CBC_MD4: +- case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES3_CBC_SHA1: + case ENCTYPE_ARCFOUR_HMAC: + case ENCTYPE_ARCFOUR_HMAC_EXP: +diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h +index e92be88b4..2647434ba 100644 +--- a/src/lib/gssapi/krb5/gssapiP_krb5.h ++++ b/src/lib/gssapi/krb5/gssapiP_krb5.h +@@ -120,17 +120,17 @@ extern const gss_OID_set kg_all_mechs; + /* These are to be stored in little-endian order, i.e., des-mac is + stored as 02 00. */ + enum sgn_alg { +- SGN_ALG_DES_MAC_MD5 = 0x0000, +- SGN_ALG_MD2_5 = 0x0001, +- SGN_ALG_DES_MAC = 0x0002, +- SGN_ALG_3 = 0x0003, /* not published */ ++ /* SGN_ALG_DES_MAC_MD5 = 0x0000, */ ++ /* SGN_ALG_MD2_5 = 0x0001, */ ++ /* SGN_ALG_DES_MAC = 0x0002, */ ++ /* SGN_ALG_3 = 0x0003, /\* not published *\/ */ + SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */ + SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 + }; + enum seal_alg { + SEAL_ALG_NONE = 0xffff, +- SEAL_ALG_DES = 0x0000, +- SEAL_ALG_1 = 0x0001, /* not published */ ++ /* SEAL_ALG_DES = 0x0000, */ ++ /* SEAL_ALG_1 = 0x0001, /\* not published *\/ */ + SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */ + SEAL_ALG_DES3KD = 0x0002 + }; +@@ -147,12 +147,12 @@ enum seal_alg { + #define KG_USAGE_INITIATOR_SIGN 25 + + enum qop { +- GSS_KRB5_INTEG_C_QOP_MD5 = 0x0001, /* *partial* MD5 = "MD2.5" */ +- GSS_KRB5_INTEG_C_QOP_DES_MD5 = 0x0002, +- GSS_KRB5_INTEG_C_QOP_DES_MAC = 0x0003, ++ /* GSS_KRB5_INTEG_C_QOP_MD5 = 0x0001, */ ++ /* GSS_KRB5_INTEG_C_QOP_DES_MD5 = 0x0002, */ ++ /* GSS_KRB5_INTEG_C_QOP_DES_MAC = 0x0003, */ + GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004, + GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff, +- GSS_KRB5_CONF_C_QOP_DES = 0x0100, ++ /* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */ + GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, + GSS_KRB5_CONF_C_QOP_MASK = 0xff00 + }; +diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c +index 4da531b58..d1cdce486 100644 +--- a/src/lib/gssapi/krb5/k5seal.c ++++ b/src/lib/gssapi/krb5/k5seal.c +@@ -71,7 +71,6 @@ make_seal_token_v1 (krb5_context context, + char *data_ptr; + krb5_data plaind; + krb5_checksum md5cksum; +- krb5_checksum cksum; + /* msglen contains the message length + * we are signing/encrypting. tmsglen + * contains the length of the message +@@ -137,12 +136,8 @@ make_seal_token_v1 (krb5_context context, + + /* pad the plaintext, encrypt if needed, and stick it in the token */ + +- /* initialize the the cksum */ ++ /* initialize the the checksum */ + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_MD2_5: +- md5cksum.checksum_type = CKSUMTYPE_RSA_MD5; +- break; + case SGN_ALG_HMAC_SHA1_DES3_KD: + md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; + break; +@@ -152,7 +147,6 @@ make_seal_token_v1 (krb5_context context, + sign_usage = 15; + break; + default: +- case SGN_ALG_DES_MAC: + abort (); + } + +@@ -203,26 +197,6 @@ make_seal_token_v1 (krb5_context context, + return(code); + } + switch(signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case 3: +- +- code = kg_encrypt_inplace(context, seq, KG_USAGE_SEAL, +- (g_OID_equal(oid, gss_mech_krb5_old) ? +- seq->keyblock.contents : NULL), +- md5cksum.contents, 16); +- if (code) { +- krb5_free_checksum_contents(context, &md5cksum); +- xfree (plain); +- gssalloc_free(t); +- return code; +- } +- +- cksum.length = cksum_size; +- cksum.contents = md5cksum.contents + 16 - cksum.length; +- +- memcpy(ptr+14, cksum.contents, cksum.length); +- break; +- + case SGN_ALG_HMAC_SHA1_DES3_KD: + /* + * Using key derivation, the call to krb5_c_make_checksum +diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c +index 88caa856f..9bb2ee109 100644 +--- a/src/lib/gssapi/krb5/k5sealiov.c ++++ b/src/lib/gssapi/krb5/k5sealiov.c +@@ -145,10 +145,6 @@ make_seal_token_v1_iov(krb5_context context, + + /* initialize the checksum */ + switch (ctx->signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_MD2_5: +- md5cksum.checksum_type = CKSUMTYPE_RSA_MD5; +- break; + case SGN_ALG_HMAC_SHA1_DES3_KD: + md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; + break; +@@ -158,7 +154,6 @@ make_seal_token_v1_iov(krb5_context context, + sign_usage = 15; + break; + default: +- case SGN_ALG_DES_MAC: + abort (); + } + +@@ -183,21 +178,6 @@ make_seal_token_v1_iov(krb5_context context, + goto cleanup; + + switch (ctx->signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_3: +- code = kg_encrypt_inplace(context, ctx->seq, KG_USAGE_SEAL, +- (g_OID_equal(ctx->mech_used, +- gss_mech_krb5_old) ? +- ctx->seq->keyblock.contents : NULL), +- md5cksum.contents, 16); +- if (code != 0) +- goto cleanup; +- +- cksum.length = ctx->cksum_size; +- cksum.contents = md5cksum.contents + 16 - cksum.length; +- +- memcpy(ptr + 14, cksum.contents, cksum.length); +- break; + case SGN_ALG_HMAC_SHA1_DES3_KD: + assert(md5cksum.length == ctx->cksum_size); + memcpy(ptr + 14, md5cksum.contents, md5cksum.length); +diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c +index 57720c2ea..9b183bc33 100644 +--- a/src/lib/gssapi/krb5/k5unseal.c ++++ b/src/lib/gssapi/krb5/k5unseal.c +@@ -76,7 +76,6 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + int sealalg; + int bad_pad = 0; + gss_buffer_desc token; +- krb5_checksum cksum; + krb5_checksum md5cksum; + krb5_data plaind; + char *data_ptr; +@@ -132,7 +131,6 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + but few enough that we can try them all. */ + + if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || +- (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) || + (ctx->sealalg == SEAL_ALG_DES3KD && + signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| + (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && +@@ -142,16 +140,11 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + } + + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_MD2_5: + case SGN_ALG_HMAC_MD5: + cksum_len = 8; + if (toktype != KG_TOK_SEAL_MSG) + sign_usage = 15; + break; +- case SGN_ALG_3: +- cksum_len = 16; +- break; + case SGN_ALG_HMAC_SHA1_DES3_KD: + cksum_len = 20; + break; +@@ -260,12 +253,6 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + + /* initialize the the cksum */ + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_MD2_5: +- case SGN_ALG_DES_MAC: +- case SGN_ALG_3: +- md5cksum.checksum_type = CKSUMTYPE_RSA_MD5; +- break; + case SGN_ALG_HMAC_MD5: + md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; + break; +@@ -282,105 +269,6 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + md5cksum.length = sumlen; + + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_3: +- /* compute the checksum of the message */ +- +- /* 8 = bytes of token body to be checksummed according to spec */ +- +- if (! (data_ptr = xmalloc(8 + plainlen))) { +- if (sealalg != 0xffff) +- xfree(plain); +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = ENOMEM; +- return(GSS_S_FAILURE); +- } +- +- (void) memcpy(data_ptr, ptr-2, 8); +- +- (void) memcpy(data_ptr+8, plain, plainlen); +- +- plaind.length = 8 + plainlen; +- plaind.data = data_ptr; +- code = krb5_k_make_checksum(context, md5cksum.checksum_type, +- ctx->seq, sign_usage, +- &plaind, &md5cksum); +- xfree(data_ptr); +- +- if (code) { +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = code; +- return(GSS_S_FAILURE); +- } +- +- code = kg_encrypt_inplace(context, ctx->seq, KG_USAGE_SEAL, +- (g_OID_equal(ctx->mech_used, +- gss_mech_krb5_old) ? +- ctx->seq->keyblock.contents : NULL), +- md5cksum.contents, 16); +- if (code) { +- krb5_free_checksum_contents(context, &md5cksum); +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = code; +- return GSS_S_FAILURE; +- } +- +- if (signalg == 0) +- cksum.length = 8; +- else +- cksum.length = 16; +- cksum.contents = md5cksum.contents + 16 - cksum.length; +- +- code = k5_bcmp(cksum.contents, ptr + 14, cksum.length); +- break; +- +- case SGN_ALG_MD2_5: +- if (!ctx->seed_init && +- (code = kg_make_seed(context, ctx->subkey, ctx->seed))) { +- krb5_free_checksum_contents(context, &md5cksum); +- if (sealalg != 0xffff) +- xfree(plain); +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = code; +- return GSS_S_FAILURE; +- } +- +- if (! (data_ptr = xmalloc(sizeof(ctx->seed) + 8 + plainlen))) { +- krb5_free_checksum_contents(context, &md5cksum); +- if (sealalg == 0) +- xfree(plain); +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = ENOMEM; +- return(GSS_S_FAILURE); +- } +- (void) memcpy(data_ptr, ptr-2, 8); +- (void) memcpy(data_ptr+8, ctx->seed, sizeof(ctx->seed)); +- (void) memcpy(data_ptr+8+sizeof(ctx->seed), plain, plainlen); +- plaind.length = 8 + sizeof(ctx->seed) + plainlen; +- plaind.data = data_ptr; +- krb5_free_checksum_contents(context, &md5cksum); +- code = krb5_k_make_checksum(context, md5cksum.checksum_type, +- ctx->seq, sign_usage, +- &plaind, &md5cksum); +- xfree(data_ptr); +- +- if (code) { +- if (sealalg == 0) +- xfree(plain); +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = code; +- return(GSS_S_FAILURE); +- } +- +- code = k5_bcmp(md5cksum.contents, ptr + 14, 8); +- /* Falls through to defective-token?? */ +- + default: + *minor_status = 0; + return(GSS_S_DEFECTIVE_TOKEN); +diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c +index f15d2db69..85a9574f3 100644 +--- a/src/lib/gssapi/krb5/k5unsealiov.c ++++ b/src/lib/gssapi/krb5/k5unsealiov.c +@@ -44,7 +44,6 @@ kg_unseal_v1_iov(krb5_context context, + unsigned char *ptr; + int sealalg; + int signalg; +- krb5_checksum cksum; + krb5_checksum md5cksum; + size_t cksum_len = 0; + size_t conflen = 0; +@@ -54,8 +53,8 @@ kg_unseal_v1_iov(krb5_context context, + size_t sumlen; + krb5_keyusage sign_usage = KG_USAGE_SIGN; + +- md5cksum.length = cksum.length = 0; +- md5cksum.contents = cksum.contents = NULL; ++ md5cksum.length = 0; ++ md5cksum.contents = NULL; + + header = kg_locate_header_iov(iov, iov_count, toktype); + assert(header != NULL); +@@ -103,7 +102,6 @@ kg_unseal_v1_iov(krb5_context context, + } + + if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || +- (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) || + (ctx->sealalg == SEAL_ALG_DES3KD && + signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| + (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && +@@ -113,16 +111,11 @@ kg_unseal_v1_iov(krb5_context context, + } + + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_MD2_5: + case SGN_ALG_HMAC_MD5: + cksum_len = 8; + if (toktype != KG_TOK_WRAP_MSG) + sign_usage = 15; + break; +- case SGN_ALG_3: +- cksum_len = 16; +- break; + case SGN_ALG_HMAC_SHA1_DES3_KD: + cksum_len = 20; + break; +@@ -189,12 +182,6 @@ kg_unseal_v1_iov(krb5_context context, + /* initialize the checksum */ + + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_MD2_5: +- case SGN_ALG_DES_MAC: +- case SGN_ALG_3: +- md5cksum.checksum_type = CKSUMTYPE_RSA_MD5; +- break; + case SGN_ALG_HMAC_MD5: + md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; + break; +@@ -223,23 +210,6 @@ kg_unseal_v1_iov(krb5_context context, + } + + switch (signalg) { +- case SGN_ALG_DES_MAC_MD5: +- case SGN_ALG_3: +- code = kg_encrypt_inplace(context, ctx->seq, KG_USAGE_SEAL, +- (g_OID_equal(ctx->mech_used, +- gss_mech_krb5_old) ? +- ctx->seq->keyblock.contents : NULL), +- md5cksum.contents, 16); +- if (code != 0) { +- retval = GSS_S_FAILURE; +- goto cleanup; +- } +- +- cksum.length = cksum_len; +- cksum.contents = md5cksum.contents + 16 - cksum.length; +- +- code = k5_bcmp(cksum.contents, ptr + 14, cksum.length); +- break; + case SGN_ALG_HMAC_SHA1_DES3_KD: + case SGN_ALG_HMAC_MD5: + code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); +diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c +index 0cebde12a..80954aff7 100644 +--- a/src/lib/gssapi/krb5/util_crypt.c ++++ b/src/lib/gssapi/krb5/util_crypt.c +@@ -74,27 +74,6 @@ kg_copy_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey) + return 0; + } + +-static krb5_error_code +-kg_derive_des_enc_key(krb5_context context, krb5_key subkey, krb5_key *out) +-{ +- krb5_error_code code; +- krb5_keyblock *keyblock; +- unsigned int i; +- +- *out = NULL; +- +- code = krb5_k_key_keyblock(context, subkey, &keyblock); +- if (code != 0) +- return code; +- +- for (i = 0; i < keyblock->length; i++) +- keyblock->contents[i] ^= 0xF0; +- +- code = krb5_k_create_key(context, keyblock, out); +- krb5_free_keyblock(context, keyblock); +- return code; +-} +- + krb5_error_code + kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey, + krb5_cksumtype *cksumtype) +@@ -118,26 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey, + return code; + + switch (subkey->keyblock.enctype) { +- case ENCTYPE_DES_CBC_MD5: +- case ENCTYPE_DES_CBC_MD4: +- case ENCTYPE_DES_CBC_CRC: +- krb5_k_free_key(context, ctx->seq); +- code = krb5_k_create_key(context, &subkey->keyblock, &ctx->seq); +- if (code != 0) +- return code; +- +- krb5_k_free_key(context, ctx->enc); +- code = kg_derive_des_enc_key(context, subkey, &ctx->enc); +- if (code != 0) +- return code; +- +- ctx->enc->keyblock.enctype = ENCTYPE_DES_CBC_RAW; +- ctx->seq->keyblock.enctype = ENCTYPE_DES_CBC_RAW; +- ctx->signalg = SGN_ALG_DES_MAC_MD5; +- ctx->cksum_size = 8; +- ctx->sealalg = SEAL_ALG_DES; +- +- break; + case ENCTYPE_DES3_CBC_SHA1: + code = kg_copy_keys(context, ctx, subkey); + if (code != 0) +diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c +index 745ee857e..f22ea7f1f 100644 +--- a/src/lib/kadm5/kadm_rpc_xdr.c ++++ b/src/lib/kadm5/kadm_rpc_xdr.c +@@ -1109,16 +1109,6 @@ xdr_krb5_octet(XDR *xdrs, krb5_octet *objp) + bool_t + xdr_krb5_enctype(XDR *xdrs, krb5_enctype *objp) + { +- /* +- * This used to be xdr_krb5_keytype, but keytypes and enctypes have +- * been merged into only enctypes. However, randkey_principal +- * already ensures that only a key of ENCTYPE_DES_CBC_CRC will be +- * returned to v1 clients, and ENCTYPE_DES_CBC_CRC has the same +- * value as KEYTYPE_DES used too, which is what all v1 clients +- * expect. Therefore, IMHO, just encoding whatever enctype we get +- * is safe. +- */ +- + if (!xdr_int32(xdrs, (int32_t *) objp)) + return (FALSE); + return (TRUE); +diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c +index 0d00c86d4..4367322b7 100644 +--- a/src/lib/krb5/ccache/cc_mslsa.c ++++ b/src/lib/krb5/ccache/cc_mslsa.c +@@ -1103,13 +1103,14 @@ GetMSTGT(krb5_context context, HANDLE LogonHandle, ULONG PackageId, KERB_EXTERNA + } + + if (krb5_get_tgs_ktypes(context, NULL, &etype_list)) { +- ptr = etype_list = NULL; +- etype = ENCTYPE_DES_CBC_CRC; +- } else { +- ptr = etype_list + 1; +- etype = *etype_list; ++ /* No enctypes - nothing we can do. */ ++ bIsLsaError = TRUE; ++ goto cleanup; + } + ++ ptr = etype_list + 1; ++ etype = *etype_list; ++ + while ( etype ) { + // Try once more but this time specify the Encryption Type + // (This will not store the retrieved tickets in the LSA cache unless +diff --git a/src/lib/krb5/krb/auth_con.c b/src/lib/krb5/krb/auth_con.c +index 1dfce631c..aa90454f3 100644 +--- a/src/lib/krb5/krb/auth_con.c ++++ b/src/lib/krb5/krb/auth_con.c +@@ -313,28 +313,11 @@ krb5_auth_con_getremoteseqnumber(krb5_context context, krb5_auth_context auth_co + krb5_error_code KRB5_CALLCONV + krb5_auth_con_initivector(krb5_context context, krb5_auth_context auth_context) + { +- krb5_error_code ret; +- krb5_enctype enctype; +- + if (auth_context->key == NULL) + return EINVAL; +- ret = krb5_c_init_state(context, &auth_context->key->keyblock, +- KRB5_KEYUSAGE_KRB_PRIV_ENCPART, +- &auth_context->cstate); +- if (ret) +- return ret; +- +- /* +- * Historically we used a zero-filled buffer of the enctype block size. +- * This matches every existing enctype except RC4 (which has a block size +- * of 1) and des-cbc-crc (which uses the key instead of a zero-filled +- * buffer). Special-case des-cbc-crc to remain interoperable. +- */ +- enctype = krb5_k_key_enctype(context, auth_context->key); +- if (enctype == ENCTYPE_DES_CBC_CRC) +- zap(auth_context->cstate.data, auth_context->cstate.length); +- +- return 0; ++ return krb5_c_init_state(context, &auth_context->key->keyblock, ++ KRB5_KEYUSAGE_KRB_PRIV_ENCPART, ++ &auth_context->cstate); + } + + krb5_error_code +diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c +index e82f42581..1d70cf46f 100644 +--- a/src/lib/krb5/krb/gic_keytab.c ++++ b/src/lib/krb5/krb/gic_keytab.c +@@ -130,10 +130,6 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab, + } + etypes = p; + etypes[count++] = etype; +- /* All DES key types work with des-cbc-crc, which is more likely to be +- * accepted by the KDC (since MIT KDCs refuse des-cbc-md5). */ +- if (etype == ENCTYPE_DES_CBC_MD5 || etype == ENCTYPE_DES_CBC_MD4) +- etypes[count++] = ENCTYPE_DES_CBC_CRC; + etypes[count] = 0; + } + if (ret != KRB5_KT_END) +diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c +index 37405728c..b597dda54 100644 +--- a/src/lib/krb5/krb/init_ctx.c ++++ b/src/lib/krb5/krb/init_ctx.c +@@ -56,17 +56,12 @@ + #include "brand.c" + #include "../krb5_libinit.h" + +-/* The des-mdX entries are last for now, because it's easy to +- configure KDCs to issue TGTs with des-mdX keys and then not accept +- them. This'll be fixed, but for better compatibility, let's prefer +- des-crc for now. */ + static krb5_enctype default_enctype_list[] = { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, + ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC, +- ENCTYPE_DES_CBC_CRC, ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_MD4, + 0 + }; + +@@ -483,10 +478,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey, + /* Set all enctypes in the default list. */ + for (i = 0; default_list[i]; i++) + mod_list(default_list[i], sel, weak, &list); +- } else if (strcasecmp(token, "des") == 0) { +- mod_list(ENCTYPE_DES_CBC_CRC, sel, weak, &list); +- mod_list(ENCTYPE_DES_CBC_MD5, sel, weak, &list); +- mod_list(ENCTYPE_DES_CBC_MD4, sel, weak, &list); + } else if (strcasecmp(token, "des3") == 0) { + mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list); + } else if (strcasecmp(token, "aes") == 0) { +diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c +index dce092781..9fc6a0e52 100644 +--- a/src/lib/krb5/krb/mk_req_ext.c ++++ b/src/lib/krb5/krb/mk_req_ext.c +@@ -82,36 +82,6 @@ generate_authenticator(krb5_context, + krb5_enctype *desired_etypes, + krb5_enctype tkt_enctype); + +-/* Return the checksum type for the AP request, or 0 to use the enctype's +- * mandatory checksum. */ +-static krb5_cksumtype +-ap_req_cksum(krb5_context context, krb5_auth_context auth_context, +- krb5_enctype enctype) +-{ +- /* Use the configured checksum type if one was set. */ +- if (auth_context->req_cksumtype) +- return auth_context->req_cksumtype; +- +- /* +- * Otherwise choose based on the enctype. For interoperability with very +- * old implementations, use unkeyed MD4 or MD5 checkums for DES enctypes. +- * (The authenticator checksum does not have to be keyed since it is +- * contained within an encrypted blob.) +- */ +- switch (enctype) { +- case ENCTYPE_DES_CBC_CRC: +- case ENCTYPE_DES_CBC_MD5: +- return CKSUMTYPE_RSA_MD5; +- break; +- case ENCTYPE_DES_CBC_MD4: +- return CKSUMTYPE_RSA_MD4; +- break; +- default: +- /* Use the mandatory checksum type for the enctype. */ +- return 0; +- } +-} +- + krb5_error_code KRB5_CALLCONV + krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, + krb5_flags ap_req_options, krb5_data *in_data, +@@ -198,15 +168,10 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, + checksum.length = in_data->length; + checksum.contents = (krb5_octet *) in_data->data; + } else { +- krb5_enctype enctype = krb5_k_key_enctype(context, +- (*auth_context)->key); +- krb5_cksumtype cksumtype = ap_req_cksum(context, *auth_context, +- enctype); +- if ((retval = krb5_k_make_checksum(context, +- cksumtype, +- (*auth_context)->key, +- KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM, +- in_data, &checksum))) ++ retval = krb5_k_make_checksum(context, 0, (*auth_context)->key, ++ KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM, ++ in_data, &checksum); ++ if (retval) + goto cleanup_cksum; + } + checksump = &checksum; +diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c +index 614ed4190..d8015c64a 100644 +--- a/src/lib/krb5/krb/s4u_creds.c ++++ b/src/lib/krb5/krb/s4u_creds.c +@@ -341,9 +341,6 @@ verify_s4u2self_reply(krb5_context context, + assert(req_s4u_user != NULL); + + switch (subkey->enctype) { +- case ENCTYPE_DES_CBC_CRC: +- case ENCTYPE_DES_CBC_MD4: +- case ENCTYPE_DES_CBC_MD5: + case ENCTYPE_DES3_CBC_SHA1: + case ENCTYPE_DES3_CBC_RAW: + case ENCTYPE_ARCFOUR_HMAC: +diff --git a/src/lib/krb5/krb/ser_ctx.c b/src/lib/krb5/krb/ser_ctx.c +index 39f656322..55491428b 100644 +--- a/src/lib/krb5/krb/ser_ctx.c ++++ b/src/lib/krb5/krb/ser_ctx.c +@@ -400,7 +400,7 @@ krb5_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_octet * + } else + context->tgs_etypes = NULL; + +- /* Allowable checksum */ ++ /* Allowable clockskew */ + if ((kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain))) + goto cleanup; + context->clockskew = (krb5_deltat) ibuf; +diff --git a/src/man/kdc.conf.man b/src/man/kdc.conf.man +index 4a75be8cb..8058134ac 100644 +--- a/src/man/kdc.conf.man ++++ b/src/man/kdc.conf.man +@@ -441,13 +441,6 @@ marks the server principal as host\-based or the service is also + listed in \fBhost_based_services\fP\&. \fBno_host_referral = *\fP will + disable referral processing altogether. + .TP +-\fBdes_crc_session_supported\fP +-(Boolean value). If set to true, the KDC will assume that service +-principals support des\-cbc\-crc for session key enctype negotiation +-purposes. If \fBallow_weak_crypto\fP in libdefaults is +-false, or if des\-cbc\-crc is not a permitted enctype, then this +-variable has no effect. Defaults to true. New in release 1.11. +-.TP + \fBreject_bad_transit\fP + (Boolean value.) If set to true, the KDC will check the list of + transited realms for cross\-realm tickets against the transit path +@@ -969,30 +962,6 @@ center; + |l|l|. + _ + T{ +-des\-cbc\-crc +-T} T{ +-DES cbc mode with CRC\-32 (weak) +-T} +-_ +-T{ +-des\-cbc\-md4 +-T} T{ +-DES cbc mode with RSA\-MD4 (weak) +-T} +-_ +-T{ +-des\-cbc\-md5 +-T} T{ +-DES cbc mode with RSA\-MD5 (weak) +-T} +-_ +-T{ +-des\-cbc\-raw +-T} T{ +-DES cbc mode raw (weak) +-T} +-_ +-T{ + des3\-cbc\-raw + T} T{ + Triple DES cbc mode raw (weak) +@@ -1005,12 +974,6 @@ Triple DES cbc mode with HMAC/sha1 + T} + _ + T{ +-des\-hmac\-sha1 +-T} T{ +-DES with HMAC/sha1 (weak) +-T} +-_ +-T{ + aes256\-cts\-hmac\-sha1\-96 aes256\-cts aes256\-sha1 + T} T{ + AES\-256 CTS mode with 96\-bit SHA\-1 HMAC +@@ -1059,12 +1022,6 @@ Camellia\-128 CTS mode with CMAC + T} + _ + T{ +-des +-T} T{ +-The DES family: des\-cbc\-crc, des\-cbc\-md5, and des\-cbc\-md4 (weak) +-T} +-_ +-T{ + des3 + T} T{ + The triple DES family: des3\-cbc\-sha1 +@@ -1095,8 +1052,8 @@ types for the variable in question. Types or families can be removed + from the current list by prefixing them with a minus sign ("\-"). + Types or families can be prefixed with a plus sign ("+") for symmetry; + it has the same meaning as just listing the type or family. For +-example, "\fBDEFAULT \-des\fP" would be the default set of encryption +-types with DES types removed, and "\fBdes3 DEFAULT\fP" would be the ++example, "\fBDEFAULT \-rc4\fP" would be the default set of encryption ++types with RC4 types removed, and "\fBdes3 DEFAULT\fP" would be the + default set of encryption types with triple DES types moved to the + front. + .sp +diff --git a/src/man/krb5.conf.man b/src/man/krb5.conf.man +index aafdf7f83..d6ff91c3b 100644 +--- a/src/man/krb5.conf.man ++++ b/src/man/krb5.conf.man +@@ -254,7 +254,7 @@ the client should request when making a TGS\-REQ, in order of + preference from highest to lowest. The list may be delimited with + commas or whitespace. See Encryption_types in + kdc.conf(5) for a list of the accepted values for this tag. +-The default value is \fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 aes256\-cts\-hmac\-sha384\-192 aes128\-cts\-hmac\-sha256\-128 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types ++The default value is \fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 aes256\-cts\-hmac\-sha384\-192 aes128\-cts\-hmac\-sha256\-128 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac\fP, but weak encryption types + will be implicitly removed from this list if the value of + \fBallow_weak_crypto\fP is false. + .sp +@@ -268,7 +268,7 @@ Identifies the supported list of session key encryption types that + the client should request when making an AS\-REQ, in order of + preference from highest to lowest. The format is the same as for + default_tgs_enctypes. The default value for this tag is +-\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 aes256\-cts\-hmac\-sha384\-192 aes128\-cts\-hmac\-sha256\-128 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types will be implicitly ++\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 aes256\-cts\-hmac\-sha384\-192 aes128\-cts\-hmac\-sha256\-128 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac\fP, but weak encryption types will be implicitly + removed from this list if the value of \fBallow_weak_crypto\fP is + false. + .sp +@@ -388,7 +388,7 @@ used across NATs. The default value is true. + \fBpermitted_enctypes\fP + Identifies all encryption types that are permitted for use in + session key encryption. The default value for this tag is +-\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 aes256\-cts\-hmac\-sha384\-192 aes128\-cts\-hmac\-sha256\-128 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types will be implicitly ++\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 aes256\-cts\-hmac\-sha384\-192 aes128\-cts\-hmac\-sha256\-128 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac\fP, but weak encryption types will be implicitly + removed from this list if the value of \fBallow_weak_crypto\fP is + false. + .TP +diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm +index aad42a389..1aebdd0b4 100644 +--- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm ++++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm +@@ -79,18 +79,6 @@ will have an entry in the Encryption type column.
+ Description + + +- des- +- The DES (Data Encryption Standard) +-family is a symmetric block cipher. It was designed to handle only +-56-bit keys which is not enough for modern computing power. It is now +-considered to be weak encryption.
    +-
  • des-cbc-crc (weak)
    • +-
  • des-cbc-md5 (weak)
    • +-
  • des-cbc-md4 (weak)
    • +- +-
+- +- + des3- + The triple DES family improves on + the original DES (Data Encryption Standard) by using 3 separate 56-bit +@@ -106,7 +94,7 @@ keys. Some modes of 3DES are considered weak while others are strong + + aes + The AES Advanced Encryption Standard +-family, like DES and 3DES, is a symmetric block cipher and was designed ++family, like 3DES, is a symmetric block cipher and was designed + to replace them. It can use multiple key sizes. Kerberos specifies use + for 256-bit and 128-bit keys. +
    diff --git a/Remove-the-v4-and-afs3-salt-types.patch b/Remove-the-v4-and-afs3-salt-types.patch new file mode 100644 index 0000000..671e933 --- /dev/null +++ b/Remove-the-v4-and-afs3-salt-types.patch @@ -0,0 +1,508 @@ +From 35395701a34f68e99abfe23d07b93c59cd63ad50 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 24 May 2019 13:11:44 -0400 +Subject: [PATCH] Remove the v4 and afs3 salt types + +In preparation for removing single-DES support, remove the v4 and afs3 +salt types. The afs3 salt type could only be used with single-DES +keys, and the v4 salt type was only useful for single-DES keys from +krb4 databases. + +[ghudson@mit.edu: wrote commit message] + +ticket: 8808 +(cherry picked from commit e0a35ff48c09a26ebb9aefd7e98855a84574b8be) +--- + doc/admin/conf_files/kdc_conf.rst | 2 - + src/include/kdb.h | 4 +- + src/kadmin/testing/proto/kdc.conf.proto | 2 +- + src/kdc/kdc_preauth.c | 40 +++++-------------- + .../api.current/chpass-principal-v2.exp | 8 ++-- + .../api.current/get-principal-v2.exp | 4 +- + src/lib/kdb/kdb5.c | 4 -- + src/lib/kdb/kdb_cpw.c | 16 +------- + src/lib/krb5/krb/str_conv.c | 2 - + src/lib/krb5/krb/t_get_etype_info.py | 7 ---- + src/man/kdc.conf.man | 14 +------ + src/tests/dejagnu/config/default.exp | 17 -------- + src/tests/t_etype_info.py | 24 +---------- + src/tests/t_keytab.py | 5 --- + src/tests/t_renprinc.py | 2 +- + src/tests/t_salt.py | 26 +----------- + src/util/k5test.py | 11 ----- + 17 files changed, 24 insertions(+), 164 deletions(-) + +diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst +index c73791ceb..62d1bfc05 100644 +--- a/doc/admin/conf_files/kdc_conf.rst ++++ b/doc/admin/conf_files/kdc_conf.rst +@@ -917,10 +917,8 @@ follows: + + ================= ============================================ + normal default for Kerberos Version 5 +-v4 the only type used by Kerberos Version 4 (no salt) + norealm same as the default, without using realm information + onlyrealm uses only realm information as the salt +-afs3 AFS version 3, only used for compatibility with Kerberos 4 in AFS + special generate a random salt + ================= ============================================ + +diff --git a/src/include/kdb.h b/src/include/kdb.h +index 9812a35e6..7749cfc99 100644 +--- a/src/include/kdb.h ++++ b/src/include/kdb.h +@@ -73,11 +73,11 @@ + + /* Salt types */ + #define KRB5_KDB_SALTTYPE_NORMAL 0 +-#define KRB5_KDB_SALTTYPE_V4 1 ++/* #define KRB5_KDB_SALTTYPE_V4 1 */ + #define KRB5_KDB_SALTTYPE_NOREALM 2 + #define KRB5_KDB_SALTTYPE_ONLYREALM 3 + #define KRB5_KDB_SALTTYPE_SPECIAL 4 +-#define KRB5_KDB_SALTTYPE_AFS3 5 ++/* #define KRB5_KDB_SALTTYPE_AFS3 5 */ + #define KRB5_KDB_SALTTYPE_CERTHASH 6 + + /* Attributes */ +diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto +index 61283ac77..45df78b91 100644 +--- a/src/kadmin/testing/proto/kdc.conf.proto ++++ b/src/kadmin/testing/proto/kdc.conf.proto +@@ -12,5 +12,5 @@ + kadmind_port = 1751 + kpasswd_port = 1752 + master_key_type = des3-hmac-sha1 +- supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-md5:normal des-cbc-raw:normal ++ supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-md5:normal des-cbc-raw:normal + } +diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c +index caf133c14..508a5cf89 100644 +--- a/src/kdc/kdc_preauth.c ++++ b/src/kdc/kdc_preauth.c +@@ -781,8 +781,8 @@ add_etype_info(krb5_context context, krb5_kdcpreauth_rock rock, + return add_pa_data_element(pa_list, pa); + } + +-/* Add PW-SALT or AFS3-SALT entries to pa_list as appropriate for the request +- * and client principal. */ ++/* Add PW-SALT entries to pa_list as appropriate for the request and client ++ * principal. */ + static krb5_error_code + add_pw_salt(krb5_context context, krb5_kdcpreauth_rock rock, + krb5_pa_data ***pa_list) +@@ -801,21 +801,13 @@ add_pw_salt(krb5_context context, krb5_kdcpreauth_rock rock, + if (ret) + return 0; + +- if (salttype == KRB5_KDB_SALTTYPE_AFS3) { +- ret = alloc_pa_data(KRB5_PADATA_AFS3_SALT, salt->length + 1, &pa); +- if (ret) +- goto cleanup; +- memcpy(pa->contents, salt->data, salt->length); +- pa->contents[salt->length] = '\0'; +- } else { +- /* Steal memory from salt to make the pa-data entry. */ +- ret = alloc_pa_data(KRB5_PADATA_PW_SALT, 0, &pa); +- if (ret) +- goto cleanup; +- pa->length = salt->length; +- pa->contents = (uint8_t *)salt->data; +- salt->data = NULL; +- } ++ /* Steal memory from salt to make the pa-data entry. */ ++ ret = alloc_pa_data(KRB5_PADATA_PW_SALT, 0, &pa); ++ if (ret) ++ goto cleanup; ++ pa->length = salt->length; ++ pa->contents = (uint8_t *)salt->data; ++ salt->data = NULL; + + /* add_pa_data_element() claims pa on success or failure. */ + ret = add_pa_data_element(pa_list, pa); +@@ -1545,20 +1537,6 @@ _make_etype_info_entry(krb5_context context, + &salttype, &salt); + if (retval) + goto cleanup; +- if (etype_info2 && salttype == KRB5_KDB_SALTTYPE_AFS3) { +- switch (etype) { +- case ENCTYPE_DES_CBC_CRC: +- case ENCTYPE_DES_CBC_MD4: +- case ENCTYPE_DES_CBC_MD5: +- retval = alloc_data(&entry->s2kparams, 1); +- if (retval) +- goto cleanup; +- entry->s2kparams.data[0] = 1; +- break; +- default: +- break; +- } +- } + + entry->length = salt->length; + entry->salt = (unsigned char *)salt->data; +diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +index 8361fb085..db899a1dc 100644 +--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +@@ -18,8 +18,8 @@ proc test200 {} { + + # I'd like to specify a long list of keysalt tuples and make sure + # that chpass does the right thing, but we can only use those +- # enctypes that krbtgt has a key for: des-cbc-crc:normal and +- # des-cbc-crc:v4, according to the prototype kdc.conf. ++ # enctypes that krbtgt has a key for: des-cbc-crc:normal ++ # according to the prototype kdc.conf. + if {! [cmd [format { + kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ + $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ +@@ -53,10 +53,10 @@ proc test200 {} { + } + + # XXX Perhaps I should actually check the key type returned. +- if {$num_keys == 3} { ++ if {$num_keys == 2} { + pass "$test" + } else { +- fail "$test: $num_keys keys, should be 3" ++ fail "$test: $num_keys keys, should be 2" + } + if { ! [cmd {kadm5_destroy $server_handle}]} { + perror "$test: unexpected failure in destroy" +diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +index 86c45f49e..8526897ed 100644 +--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +@@ -143,8 +143,8 @@ proc test101_102 {rpc} { + } + + set failed 0 +- if {$num_keys != 3} { +- fail "$test: num_keys $num_keys should be 3" ++ if {$num_keys != 2} { ++ fail "$test: num_keys $num_keys should be 2" + set failed 1 + } + for {set i 0} {$i < $num_keys} {incr i} { +diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c +index da5332217..b81a44312 100644 +--- a/src/lib/kdb/kdb5.c ++++ b/src/lib/kdb/kdb5.c +@@ -2312,15 +2312,11 @@ krb5_dbe_compute_salt(krb5_context context, const krb5_key_data *key, + if (retval) + return retval; + break; +- case KRB5_KDB_SALTTYPE_V4: +- sdata = empty_data(); +- break; + case KRB5_KDB_SALTTYPE_NOREALM: + retval = krb5_principal2salt_norealm(context, princ, &sdata); + if (retval) + return retval; + break; +- case KRB5_KDB_SALTTYPE_AFS3: + case KRB5_KDB_SALTTYPE_ONLYREALM: + return krb5_copy_data(context, &princ->realm, salt_out); + case KRB5_KDB_SALTTYPE_SPECIAL: +diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c +index 03efc28ed..450860f47 100644 +--- a/src/lib/kdb/kdb_cpw.c ++++ b/src/lib/kdb/kdb_cpw.c +@@ -260,7 +260,6 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd, + krb5_keysalt key_salt; + krb5_keyblock key; + krb5_data pwd; +- krb5_data afs_params = string2data("\1"), *s2k_params; + int i, j; + krb5_key_data *kd_slot; + +@@ -268,7 +267,6 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd, + krb5_boolean similar; + + similar = 0; +- s2k_params = NULL; + + /* + * We could use krb5_keysalt_iterate to replace this loop, or use +@@ -316,18 +314,6 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd, + &key_salt.data))) + return(retval); + break; +- case KRB5_KDB_SALTTYPE_V4: +- key_salt.data.length = 0; +- key_salt.data.data = 0; +- break; +- case KRB5_KDB_SALTTYPE_AFS3: +- retval = krb5int_copy_data_contents(context, +- &db_entry->princ->realm, +- &key_salt.data); +- if (retval) +- return retval; +- s2k_params = &afs_params; +- break; + case KRB5_KDB_SALTTYPE_SPECIAL: + retval = make_random_salt(context, &key_salt); + if (retval) +@@ -342,7 +328,7 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd, + retval = krb5_c_string_to_key_with_params(context, + ks_tuple[i].ks_enctype, + &pwd, &key_salt.data, +- s2k_params, &key); ++ NULL, &key); + if (retval) { + free(key_salt.data.data); + return retval; +diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c +index 3d057241b..c8421a8c1 100644 +--- a/src/lib/krb5/krb/str_conv.c ++++ b/src/lib/krb5/krb/str_conv.c +@@ -61,11 +61,9 @@ struct salttype_lookup_entry { + #include "kdb.h" + static const struct salttype_lookup_entry salttype_table[] = { + { KRB5_KDB_SALTTYPE_NORMAL, "normal" }, +- { KRB5_KDB_SALTTYPE_V4, "v4", }, + { KRB5_KDB_SALTTYPE_NOREALM, "norealm", }, + { KRB5_KDB_SALTTYPE_ONLYREALM, "onlyrealm", }, + { KRB5_KDB_SALTTYPE_SPECIAL, "special", }, +- { KRB5_KDB_SALTTYPE_AFS3, "afs3", }, + }; + static const int salttype_table_nents = sizeof(salttype_table)/ + sizeof(salttype_table[0]); +diff --git a/src/lib/krb5/krb/t_get_etype_info.py b/src/lib/krb5/krb/t_get_etype_info.py +index 7c400be86..3c9168591 100644 +--- a/src/lib/krb5/krb/t_get_etype_info.py ++++ b/src/lib/krb5/krb/t_get_etype_info.py +@@ -9,9 +9,6 @@ realm.run([kadminl, 'ank', '-nokey', '+preauth', 'pnokey']) + realm.run([kadminl, 'ank', '-e', 'aes256-cts:special', '-pw', 'pw', 'exp']) + realm.run([kadminl, 'ank', '-e', 'aes256-cts:special', '-pw', 'pw', '+preauth', + 'pexp']) +-realm.run([kadminl, 'ank', '-e', 'des-cbc-crc:afs3', '-pw', 'pw', 'afs']) +-realm.run([kadminl, 'ank', '-e', 'des-cbc-crc:afs3', '-pw', 'pw', '+preauth', +- 'pafs']) + + # Extract the explicit salt values from the database. + out = realm.run([kdb5_util, 'tabdump', 'keyinfo']) +@@ -56,8 +53,4 @@ realm.run(['./t_get_etype_info', 'exp'], + realm.run(['./t_get_etype_info', 'pexp'], + expected_msg='etype: aes256-cts\nsalt: ' + pexp_salt + '\n') + +-msg = 'etype: des-cbc-crc\nsalt: KRBTEST.COM\ns2kparams: 01\n' +-realm.run(['./t_get_etype_info', 'afs'], expected_msg=msg) +-realm.run(['./t_get_etype_info', 'pafs'], expected_msg=msg) +- + success('krb5_get_etype_info() tests') +diff --git a/src/man/kdc.conf.man b/src/man/kdc.conf.man +index ab3ee0289..4a75be8cb 100644 +--- a/src/man/kdc.conf.man ++++ b/src/man/kdc.conf.man +@@ -1,6 +1,6 @@ + .\" Man page generated from reStructuredText. + . +-.TH "KDC.CONF" "5" " " "1.17" "MIT Kerberos" ++.TH "KDC.CONF" "5" " " "1.18" "MIT Kerberos" + .SH NAME + kdc.conf \- Kerberos V5 KDC configuration file + . +@@ -1148,12 +1148,6 @@ default for Kerberos Version 5 + T} + _ + T{ +-v4 +-T} T{ +-the only type used by Kerberos Version 4 (no salt) +-T} +-_ +-T{ + norealm + T} T{ + same as the default, without using realm information +@@ -1166,12 +1160,6 @@ uses only realm information as the salt + T} + _ + T{ +-afs3 +-T} T{ +-AFS version 3, only used for compatibility with Kerberos 4 in AFS +-T} +-_ +-T{ + special + T} T{ + generate a random salt +diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp +index ea9bedd45..c061d764e 100644 +--- a/src/tests/dejagnu/config/default.exp ++++ b/src/tests/dejagnu/config/default.exp +@@ -238,22 +238,6 @@ set passes { + {master_key_type=aes256-cts-hmac-sha1-96} + {dummy=[verbose -log "AES + DES enctypes, DES3 TGT"]} + } +- { +- des-v4 +- mode=udp +- des3_krbtgt=0 +- {supported_enctypes=des-cbc-crc:v4} +- {default_tkt_enctypes(client)=des-cbc-crc} +- {dummy=[verbose -log "DES TGT, DES-CRC enctype, V4 salt"]} +- } +- { +- des-md5-v4 +- mode=udp +- des3_krbtgt=0 +- {supported_enctypes=des-cbc-md5:v4 des-cbc-crc:v4} +- {default_tkt_enctypes(client)=des-cbc-md5 des-cbc-crc} +- {dummy=[verbose -log "DES TGT, DES-MD5 and -CRC enctypes, V4 salt"]} +- } + { + all-enctypes + mode=udp +@@ -356,7 +340,6 @@ set unused_passes { + aes128-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:norealm \ + des3-cbc-sha1:normal des3-cbc-sha1:none \ + des-cbc-md5:normal des-cbc-md4:normal des-cbc-crc:normal \ +- des-cbc-md5:v4 des-cbc-md4:v4 des-cbc-crc:v4 \ + } + {dummy=[verbose -log "DES3 TGT, default enctypes"]} + } +diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py +index 2026e7876..c21d054f1 100644 +--- a/src/tests/t_etype_info.py ++++ b/src/tests/t_etype_info.py +@@ -1,6 +1,6 @@ + from k5test import * + +-supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac des-cbc-crc:afs3' ++supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac' + conf = {'libdefaults': {'allow_weak_crypto': 'true'}, + 'realms': {'$realm': {'supported_enctypes': supported_enctypes}}} + realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf) +@@ -43,28 +43,6 @@ test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4 des-cbc-crc', + test_etinfo('preauthuser', 'rc4 aes256-cts', + ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser']) + +-# AFS3 salt for DES enctypes is conveyed using s2kparams in +-# PA-ETYPE-INFO2, not at all in PA-ETYPE-INFO, and with a special padata +-# type instead of PA-PW-SALT. +-test_etinfo('user', 'des-cbc-crc rc4', +- ['asrep etype_info2 des-cbc-crc KRBTEST.COM 01', +- 'asrep etype_info des-cbc-crc KRBTEST.COM', +- 'asrep afs3_salt KRBTEST.COM']) +-test_etinfo('preauthuser', 'des-cbc-crc rc4', +- ['error etype_info2 des-cbc-crc KRBTEST.COM 01', +- 'error etype_info des-cbc-crc KRBTEST.COM']) +- +-# DES keys can be used with other DES enctypes. The requested enctype +-# shows up in the etype-info, not the database key enctype. +-test_etinfo('user', 'des-cbc-md4 rc4', +- ['asrep etype_info2 des-cbc-md4 KRBTEST.COM 01', +- 'asrep etype_info des-cbc-md4 KRBTEST.COM', +- 'asrep afs3_salt KRBTEST.COM']) +-test_etinfo('user', 'des-cbc-md5 rc4', +- ['asrep etype_info2 des KRBTEST.COM 01', +- 'asrep etype_info des KRBTEST.COM', +- 'asrep afs3_salt KRBTEST.COM']) +- + # If no keys are found matching the request enctypes, a + # preauth-required error can be generated with no etype-info at all + # (to allow for preauth mechs which don't depend on long-term keys). +diff --git a/src/tests/t_keytab.py b/src/tests/t_keytab.py +index 72e09daac..633f7c7ef 100755 +--- a/src/tests/t_keytab.py ++++ b/src/tests/t_keytab.py +@@ -155,9 +155,6 @@ realm.run([kadminl, 'ank', '-pw', 'pw', 'default']) + realm.run([kadminl, 'ank', '-e', 'aes256-cts:special', '-pw', 'pw', 'exp']) + realm.run([kadminl, 'ank', '-e', 'aes256-cts:special', '-pw', 'pw', '+preauth', + 'pexp']) +-realm.run([kadminl, 'ank', '-e', 'des-cbc-crc:afs3', '-pw', 'pw', 'afs']) +-realm.run([kadminl, 'ank', '-e', 'des-cbc-crc:afs3', '-pw', 'pw', '+preauth', +- 'pafs']) + + # Extract one of the explicit salt values from the database. + out = realm.run([kdb5_util, 'tabdump', 'keyinfo']) +@@ -187,8 +184,6 @@ test_addent(realm, 'default', '-f') + test_addent(realm, 'default', '-f -e aes128-cts') + test_addent(realm, 'exp', '-f') + test_addent(realm, 'pexp', '-f') +-test_addent(realm, 'afs', '-f') +-test_addent(realm, 'pafs', '-f') + + success('Keytab-related tests') + success('Keytab-related tests') +diff --git a/src/tests/t_renprinc.py b/src/tests/t_renprinc.py +index 46cbed441..3dbb3e77e 100755 +--- a/src/tests/t_renprinc.py ++++ b/src/tests/t_renprinc.py +@@ -25,7 +25,7 @@ from k5test import * + enctype = "aes128-cts" + + realm = K5Realm(create_host=False, create_user=False) +-salttypes = ('normal', 'v4', 'norealm', 'onlyrealm') ++salttypes = ('normal', 'norealm', 'onlyrealm') + + # For a variety of salt types, test that we can rename a principal and + # still get tickets with the same password. +diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py +index 278911a22..008efcb03 100755 +--- a/src/tests/t_salt.py ++++ b/src/tests/t_salt.py +@@ -15,13 +15,9 @@ def test_salt(realm, e1, salt, e2): + realm.run([kadminl, 'delprinc', 'user']) + + # Enctype/salt pairs chosen with non-default salt types. +-# The enctypes are mostly arbitrary, though afs3 must only be used with des. +-# We do not enforce that v4 salts must only be used with des, but it seems +-# like a good idea. +-salts = [('des-cbc-crc', 'afs3'), +- ('des3-cbc-sha1', 'norealm'), ++# The enctypes are mostly arbitrary. ++salts = [('des3-cbc-sha1', 'norealm'), + ('arcfour-hmac', 'onlyrealm'), +- ('des-cbc-crc', 'v4'), + ('aes128-cts-hmac-sha1-96', 'special')] + # These enctypes are chosen to cover the different string-to-key routines. + # Omit ":normal" from aes256 to check that salttype defaulting works. +@@ -56,22 +52,4 @@ dup_kstypes = ['arcfour-hmac-md5:normal,rc4-hmac:normal', + for ks in dup_kstypes: + test_dup(realm, ks) + +-# Attempt to create a principal with a non-des enctype and the afs3 salt, +-# verifying that the expected error is received and the principal creation +-# fails. +-def test_reject_afs3(realm, etype): +- query = 'ank -e ' + etype + ':afs3 -pw password princ1' +- realm.run([kadminl, 'ank', '-e', etype + ':afs3', '-pw', 'password', +- 'princ1'], expected_code=1, +- expected_msg='Invalid key generation parameters from KDC') +- realm.run([kadminl, 'getprinc', 'princ1'], expected_code=1, +- expected_msg='Principal does not exist') +- +-# Verify that the afs3 salt is rejected for arcfour and pbkdf2 enctypes. +-# We do not currently do any verification on the key-generation parameters +-# for the triple-DES enctypes, so that test is commented out. +-test_reject_afs3(realm, 'arcfour-hmac') +-test_reject_afs3(realm, 'aes256-cts-hmac-sha1-96') +-#test_reject_afs3(realm, 'des3-cbc-sha1') +- + success("Salt types") +diff --git a/src/util/k5test.py b/src/util/k5test.py +index 3aec1ef92..b6d93f1d8 100644 +--- a/src/util/k5test.py ++++ b/src/util/k5test.py +@@ -1246,17 +1246,6 @@ _passes = [ + # No special settings; exercises AES256. + ('default', None, None, None), + +- # Exercise a DES enctype and the v4 salt type. +- ('desv4', None, +- {'libdefaults': { +- 'default_tgs_enctypes': 'des-cbc-crc', +- 'default_tkt_enctypes': 'des-cbc-crc', +- 'permitted_enctypes': 'des-cbc-crc', +- 'allow_weak_crypto': 'true'}}, +- {'realms': {'$realm': { +- 'supported_enctypes': 'des-cbc-crc:v4', +- 'master_key_type': 'des-cbc-crc'}}}), +- + # Exercise the DES3 enctype. + ('des3', None, + {'libdefaults': { diff --git a/Set-a-more-modern-default-ksu-CMD_PATH.patch b/Set-a-more-modern-default-ksu-CMD_PATH.patch index 4cf3da5..31f9602 100644 --- a/Set-a-more-modern-default-ksu-CMD_PATH.patch +++ b/Set-a-more-modern-default-ksu-CMD_PATH.patch @@ -1,4 +1,4 @@ -From 4b11c083e2019ece267cfa5379bd417334e2038e Mon Sep 17 00:00:00 2001 +From 6b50f9c5b2a1b856e65fa69de05e7c05d2b89614 Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Tue, 23 Aug 2016 16:32:09 -0400 Subject: [PATCH] Set a more modern default ksu CMD_PATH diff --git a/Support-389ds-s-lockout-model.patch b/Support-389ds-s-lockout-model.patch index 3b4c595..2800e0b 100644 --- a/Support-389ds-s-lockout-model.patch +++ b/Support-389ds-s-lockout-model.patch @@ -1,4 +1,4 @@ -From 49ca1fc11d4e58289b518db7cdd4093b06ca9cf1 Mon Sep 17 00:00:00 2001 +From 2c00970b3fe53b38f976c79f648fdd75a2682287 Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Tue, 23 Aug 2016 16:47:44 -0400 Subject: [PATCH] Support 389ds's lockout model diff --git a/Update-ASN.1-SAM-tests-to-use-a-modern-enctype.patch b/Update-ASN.1-SAM-tests-to-use-a-modern-enctype.patch index bd98230..980797e 100644 --- a/Update-ASN.1-SAM-tests-to-use-a-modern-enctype.patch +++ b/Update-ASN.1-SAM-tests-to-use-a-modern-enctype.patch @@ -1,4 +1,4 @@ -From f179301f52e0e40eee9ac493bae0e82be49b7c28 Mon Sep 17 00:00:00 2001 +From 152e88043117927c334fead93bb3bd3dd74593b7 Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Tue, 16 Apr 2019 14:16:39 -0400 Subject: [PATCH] Update ASN.1 SAM tests to use a modern enctype diff --git a/Update-default-krb5kdc-mkey-manual-entry-enctype.patch b/Update-default-krb5kdc-mkey-manual-entry-enctype.patch index 462d774..ff99839 100644 --- a/Update-default-krb5kdc-mkey-manual-entry-enctype.patch +++ b/Update-default-krb5kdc-mkey-manual-entry-enctype.patch @@ -1,4 +1,4 @@ -From e2b0a71ca45d6895c9df132560789774993e657d Mon Sep 17 00:00:00 2001 +From 2957d2186ee2b60b80e6ba97a1f5d661ccb20f30 Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Mon, 20 May 2019 16:52:57 -0400 Subject: [PATCH] Update default krb5kdc mkey manual-entry enctype diff --git a/Update-test-suite-to-avoid-single-DES-enctypes.patch b/Update-test-suite-to-avoid-single-DES-enctypes.patch new file mode 100644 index 0000000..56aa947 --- /dev/null +++ b/Update-test-suite-to-avoid-single-DES-enctypes.patch @@ -0,0 +1,2328 @@ +From 8fe2563e133e904e56c3ed3b9b970bb632c843b6 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 24 May 2019 13:11:55 -0400 +Subject: [PATCH] Update test suite to avoid single-DES enctypes + +Remove the CRC exercise code, since CRC is DES-only. + +ticket: 8808 +(cherry picked from commit 50588db5d26e81f3d564d1f69435af34ae80d9b2) +--- + src/kadmin/testing/proto/kdc.conf.proto | 2 +- + src/kadmin/testing/util/tcl_kadm5.c | 2 - + src/lib/crypto/crypto_tests/CRC.pm | 156 ---------- + src/lib/crypto/crypto_tests/Makefile.in | 31 +- + src/lib/crypto/crypto_tests/crc.pl | 111 ------- + src/lib/crypto/crypto_tests/deps | 24 -- + src/lib/crypto/crypto_tests/t_cf2.expected | 1 - + src/lib/crypto/crypto_tests/t_cf2.in | 5 - + src/lib/crypto/crypto_tests/t_cksum.c | 160 ---------- + src/lib/crypto/crypto_tests/t_cksums.c | 8 +- + src/lib/crypto/crypto_tests/t_combine.c | 18 -- + src/lib/crypto/crypto_tests/t_crc.c | 148 ---------- + src/lib/crypto/crypto_tests/t_decrypt.c | 148 ---------- + src/lib/crypto/crypto_tests/t_encrypt.c | 3 - + src/lib/crypto/crypto_tests/t_short.c | 3 - + src/lib/crypto/crypto_tests/t_str2key.c | 274 ------------------ + src/lib/crypto/crypto_tests/vectors.c | 3 +- + .../api.current/chpass-principal-v2.exp | 8 +- + .../api.current/get-principal-v2.exp | 4 +- + .../api.current/randkey-principal-v2.exp | 11 +- + src/lib/kadm5/unit-test/setkey-test.c | 6 +- + src/lib/krb5/keytab/t_keytab.c | 40 +-- + src/lib/krb5/krb/t_etypes.c | 67 +---- + src/lib/krb5/krb/t_ser.c | 2 +- + src/lib/krb5/os/t_trace.c | 2 +- + src/lib/krb5/os/t_trace.ref | 2 +- + src/tests/asn.1/ktest.c | 2 +- + src/tests/asn.1/pkinit_encode.out | 2 +- + src/tests/asn.1/pkinit_trval.out | 2 +- + src/tests/dejagnu/config/default.exp | 226 ++------------- + src/tests/gssapi/t_invalid.c | 20 +- + src/tests/gssapi/t_pcontok.c | 17 +- + src/tests/gssapi/t_prf.c | 7 - + src/tests/t_etype_info.py | 4 +- + src/tests/t_keyrollover.py | 6 +- + src/tests/t_salt.py | 2 +- + src/tests/t_sesskeynego.py | 18 +- + src/util/k5test.py | 2 +- + 38 files changed, 88 insertions(+), 1459 deletions(-) + delete mode 100644 src/lib/crypto/crypto_tests/CRC.pm + delete mode 100644 src/lib/crypto/crypto_tests/crc.pl + delete mode 100644 src/lib/crypto/crypto_tests/t_cksum.c + delete mode 100644 src/lib/crypto/crypto_tests/t_crc.c + +diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto +index 45df78b91..8a4b87de1 100644 +--- a/src/kadmin/testing/proto/kdc.conf.proto ++++ b/src/kadmin/testing/proto/kdc.conf.proto +@@ -12,5 +12,5 @@ + kadmind_port = 1751 + kpasswd_port = 1752 + master_key_type = des3-hmac-sha1 +- supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-md5:normal des-cbc-raw:normal ++ supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal + } +diff --git a/src/kadmin/testing/util/tcl_kadm5.c b/src/kadmin/testing/util/tcl_kadm5.c +index 9dde579ef..4d3114b11 100644 +--- a/src/kadmin/testing/util/tcl_kadm5.c ++++ b/src/kadmin/testing/util/tcl_kadm5.c +@@ -1514,8 +1514,6 @@ static Tcl_DString *unparse_keytype(krb5_enctype enctype) + switch (enctype) { + /* XXX is this right? */ + case ENCTYPE_NULL: Tcl_DStringAppend(str, "ENCTYPE_NULL", -1); break; +- case ENCTYPE_DES_CBC_CRC: +- Tcl_DStringAppend(str, "ENCTYPE_DES_CBC_CRC", -1); break; + default: + sprintf(buf, "UNKNOWN KEYTYPE (0x%x)", enctype); + Tcl_DStringAppend(str, buf, -1); +diff --git a/src/lib/crypto/crypto_tests/CRC.pm b/src/lib/crypto/crypto_tests/CRC.pm +deleted file mode 100644 +index ee2ab2ae8..000000000 +--- a/src/lib/crypto/crypto_tests/CRC.pm ++++ /dev/null +@@ -1,156 +0,0 @@ +-# Copyright 2002 by the Massachusetts Institute of Technology. +-# All Rights Reserved. +-# +-# Export of this software from the United States of America may +-# require a specific license from the United States Government. +-# It is the responsibility of any person or organization contemplating +-# export to obtain such a license before exporting. +-# +-# WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +-# distribute this software and its documentation for any purpose and +-# without fee is hereby granted, provided that the above copyright +-# notice appear in all copies and that both that copyright notice and +-# this permission notice appear in supporting documentation, and that +-# the name of M.I.T. not be used in advertising or publicity pertaining +-# to distribution of the software without specific, written prior +-# permission. Furthermore if you modify this software you must label +-# your software as modified software and not distribute it in such a +-# fashion that it might be confused with the original M.I.T. software. +-# M.I.T. makes no representations about the suitability of +-# this software for any purpose. It is provided "as is" without express +-# or implied warranty. +- +-package CRC; +- +-# CRC: implement a CRC using the Poly package (yes this is slow) +-# +-# message M(x) = m_0 * x^0 + m_1 * x^1 + ... + m_(k-1) * x^(k-1) +-# generator P(x) = p_0 * x^0 + p_1 * x^1 + ... + p_n * x^n +-# remainder R(x) = r_0 * x^0 + r_1 * x^1 + ... + r_(n-1) * x^(n-1) +-# +-# R(x) = (x^n * M(x)) % P(x) +-# +-# Note that if F(x) = x^n * M(x) + R(x), then F(x) = 0 mod P(x) . +-# +-# In MIT Kerberos 5, R(x) is taken as the CRC, as opposed to what +-# ISO 3309 does. +-# +-# ISO 3309 adds a precomplement and a postcomplement. +-# +-# The ISO 3309 postcomplement is of the form +-# +-# A(x) = x^0 + x^1 + ... + x^(n-1) . +-# +-# The ISO 3309 precomplement is of the form +-# +-# B(x) = x^k * A(x) . +-# +-# The ISO 3309 FCS is then +-# +-# (x^n * M(x)) % P(x) + B(x) % P(x) + A(x) , +-# +-# which is equivalent to +-# +-# (x^n * M(x) + B(x)) % P(x) + A(x) . +-# +-# In ISO 3309, the transmitted frame is +-# +-# F'(x) = x^n * M(x) + R(x) + R'(x) + A(x) , +-# +-# where +-# +-# R'(x) = B(x) % P(x) . +-# +-# Note that this means that if a new remainder is computed over the +-# frame F'(x) (treating F'(x) as the new M(x)), it will be equal to a +-# constant. +-# +-# F'(x) = 0 + R'(x) + A(x) mod P(x) , +-# +-# then +-# +-# (F'(x) + x^k * A(x)) * x^n +-# +-# = ((R'(x) + A(x)) + x^k * A(x)) * x^n mod P(x) +-# +-# = (x^k * A(x) + A(x) + x^k * A(x)) * x^n mod P(x) +-# +-# = (0 + A(x)) * x^n mod P(x) +-# +-# Note that (A(x) * x^n) % P(x) is a constant, and that this result +-# depends on B(x) being x^k * A(x). +- +-use Carp; +-use Poly; +- +-sub new { +- my $self = shift; +- my $class = ref($self) || $self; +- my %args = @_; +- $self = {bitsendian => "little"}; +- bless $self, $class; +- $self->setpoly($args{"Poly"}) if exists $args{"Poly"}; +- $self->bitsendian($args{"bitsendian"}) +- if exists $args{"bitsendian"}; +- $self->{precomp} = $args{precomp} if exists $args{precomp}; +- $self->{postcomp} = $args{postcomp} if exists $args{postcomp}; +- return $self; +-} +- +-sub setpoly { +- my $self = shift; +- my($arg) = @_; +- croak "need a polynomial" if !$arg->isa("Poly"); +- $self->{Poly} = $arg; +- return $self; +-} +- +-sub crc { +- my $self = shift; +- my $msg = Poly->new(@_); +- my($order, $r, $precomp); +- $order = $self->{Poly}->order; +- # B(x) = x^k * precomp +- $precomp = $self->{precomp} ? +- $self->{precomp} * Poly->powers2poly(scalar(@_)) : Poly->new; +- # R(x) = (x^n * M(x)) % P(x) +- $r = ($msg * Poly->powers2poly($order)) % $self->{Poly}; +- # B(x) % P(x) +- $r += $precomp % $self->{Poly}; +- $r += $self->{postcomp} if exists $self->{postcomp}; +- return $r; +-} +- +-# endianness of bits of each octet +-# +-# Note that the message is always treated as being sent in big-endian +-# octet order. +-# +-# Usually, the message will be treated as bits being little-endian, +-# since that is the common case for serial implementations that +-# present data in octets; e.g., most UARTs shift octets onto the line +-# in little-endian order, and protocols such as ISO 3309, V.42, +-# etc. treat individual octets as being sent LSB-first. +- +-sub bitsendian { +- my $self = shift; +- my($arg) = @_; +- croak "bad bit endianness" if $arg !~ /big|little/; +- $self->{bitsendian} = $arg; +- return $self; +-} +- +-sub crcstring { +- my $self = shift; +- my($arg) = @_; +- my($packstr, @m); +- { +- $packstr = "B*", last if $self->{bitsendian} =~ /big/; +- $packstr = "b*", last if $self->{bitsendian} =~ /little/; +- croak "bad bit endianness"; +- }; +- @m = split //, unpack $packstr, $arg; +- return $self->crc(@m); +-} +- +-1; +diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in +index c5eba1b10..09feeb50e 100644 +--- a/src/lib/crypto/crypto_tests/Makefile.in ++++ b/src/lib/crypto/crypto_tests/Makefile.in +@@ -16,9 +16,7 @@ EXTRADEPSRCS=\ + $(srcdir)/aes-test.c \ + $(srcdir)/camellia-test.c \ + $(srcdir)/t_cf2.c \ +- $(srcdir)/t_cksum.c \ + $(srcdir)/t_cksums.c \ +- $(srcdir)/t_crc.c \ + $(srcdir)/t_mddriver.c \ + $(srcdir)/t_kperf.c \ + $(srcdir)/t_sha2.c \ +@@ -30,15 +28,12 @@ EXTRADEPSRCS=\ + + ##DOS##BUILDTOP = ..\..\.. + +-# NOTE: The t_cksum known checksum values are primarily for regression +-# testing. They are not derived a priori, but are known to produce +-# checksums that interoperate. + check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \ +- t_cksum4 t_cksum5 t_cksums \ ++ t_cksums \ + aes-test \ + camellia-test \ + t_mddriver4 t_mddriver \ +- t_crc t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2 \ ++ t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2 \ + t_combine + $(RUN_TEST) ./t_nfold + $(RUN_TEST) ./t_encrypt +@@ -47,10 +42,7 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \ + $(RUN_TEST) ./t_cmac + $(RUN_TEST) ./t_hmac + $(RUN_TEST) ./t_prf +- $(RUN_TEST) ./t_cksum4 "this is a test" e3f76a07f3401e3536b43a3f54226c39422c35682c354835 +- $(RUN_TEST) ./t_cksum5 "this is a test" e3f76a07f3401e351143ee6f4c09be1edb4264d55015db53 + $(RUN_TEST) ./t_cksums +- $(RUN_TEST) ./t_crc + $(RUN_TEST) ./t_cts + $(RUN_TEST) ./aes-test -k > vk.txt + cmp vk.txt $(srcdir)/expect-vk.txt +@@ -109,24 +101,9 @@ t_short$(EXEEXT): t_short.$(OBJEXT) $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o $@ t_short.$(OBJEXT) \ + $(KRB5_BASE_LIBS) + +-t_cksum4.o: $(srcdir)/t_cksum.c +- $(CC) -DMD=4 $(ALL_CFLAGS) -o t_cksum4.o -c $(srcdir)/t_cksum.c +- +-t_cksum5.o: $(srcdir)/t_cksum.c +- $(CC) -DMD=5 $(ALL_CFLAGS) -o t_cksum5.o -c $(srcdir)/t_cksum.c +- +-t_cksum4: t_cksum4.o $(CRYTPO_DEPLIB) +- $(CC_LINK) -o t_cksum4 t_cksum4.o $(KRB5_BASE_LIBS) +- +-t_cksum5: t_cksum5.o $(CRYPTO_DEPLIB) +- $(CC_LINK) -o t_cksum5 t_cksum5.o $(KRB5_BASE_LIBS) +- + t_cksums: t_cksums.o $(CRYTPO_DEPLIB) + $(CC_LINK) -o t_cksums t_cksums.o -lkrb5 $(KRB5_BASE_LIBS) + +-t_crc: t_crc.o $(KRB5_BASE_DEPLIBS) +- $(CC_LINK) -o $@ t_crc.o $(KRB5_BASE_LIBS) +- + aes-test: aes-test.$(OBJEXT) $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o aes-test aes-test.$(OBJEXT) $(KRB5_BASE_LIBS) + +@@ -165,9 +142,9 @@ clean: + t_decrypt.o t_decrypt t_prng.o t_prng t_cmac.o t_cmac \ + t_hmac.o t_hmac t_pkcs5.o t_pkcs5 pbkdf2.o t_prf t_prf.o \ + aes-test.o aes-test vt.txt vk.txt kresults.out \ +- t_crc.o t_crc t_cts.o t_cts \ ++ t_cts.o t_cts \ + t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \ +- t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o t_cksums t_cksums.o \ ++ t_cksums t_cksums.o \ + t_kperf.o t_kperf t_sha2.o t_sha2 t_short t_short.o t_str2key \ + t_str2key.o t_derive t_derive.o t_fork t_fork.o \ + t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) \ +diff --git a/src/lib/crypto/crypto_tests/crc.pl b/src/lib/crypto/crypto_tests/crc.pl +deleted file mode 100644 +index b21b6b15d..000000000 +--- a/src/lib/crypto/crypto_tests/crc.pl ++++ /dev/null +@@ -1,111 +0,0 @@ +-# Copyright 2002 by the Massachusetts Institute of Technology. +-# All Rights Reserved. +-# +-# Export of this software from the United States of America may +-# require a specific license from the United States Government. +-# It is the responsibility of any person or organization contemplating +-# export to obtain such a license before exporting. +-# +-# WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +-# distribute this software and its documentation for any purpose and +-# without fee is hereby granted, provided that the above copyright +-# notice appear in all copies and that both that copyright notice and +-# this permission notice appear in supporting documentation, and that +-# the name of M.I.T. not be used in advertising or publicity pertaining +-# to distribution of the software without specific, written prior +-# permission. Furthermore if you modify this software you must label +-# your software as modified software and not distribute it in such a +-# fashion that it might be confused with the original M.I.T. software. +-# M.I.T. makes no representations about the suitability of +-# this software for any purpose. It is provided "as is" without express +-# or implied warranty. +- +-use CRC; +- +-print "*** crudely testing polynomial functions ***\n"; +- +-$x = Poly->new(1,1,1,1); +-$y = Poly->new(1,1); +-print "x = @{[$x->pretty]}\ny = @{[$y->pretty]}\n"; +-$q = $x / $y; +-$r = $x % $y; +-print $x->pretty, " = (", $y->pretty , ") * (", $q->pretty, +- ") + ", $r->pretty, "\n"; +-$q = $y / $x; +-$r = $y % $x; +-print "y / x = @{[$q->pretty]}\ny % x = @{[$r->pretty]}\n"; +- +-# ISO 3309 32-bit FCS polynomial +-$fcs32 = Poly->powers2poly(32,26,23,22,16,12,11,10,8,7,5,4,2,1,0); +-print "fcs32 = ", $fcs32->pretty, "\n"; +- +-$crc = CRC->new(Poly => $fcs32, bitsendian => "little"); +- +-print "\n"; +- +-print "*** little endian, no complementation ***\n"; +-for ($i = 0; $i < 256; $i++) { +- $r = $crc->crcstring(pack "C", $i); +- printf ("%02x: ", $i) if !($i % 8); +- print ($r->revhex, ($i % 8 == 7) ? "\n" : " "); +-} +- +-print "\n"; +- +-print "*** little endian, 4 bits, no complementation ***\n"; +-for ($i = 0; $i < 16; $i++) { +- @m = (split //, unpack "b*", pack "C", $i)[0..3]; +- $r = $crc->crc(@m); +- printf ("%02x: ", $i) if !($i % 8); +- print ($r->revhex, ($i % 8 == 7) ? "\n" : " "); +-} +- +-print "\n"; +- +-print "*** test vectors for t_crc.c, little endian ***\n"; +-for ($i = 1; $i <= 4; $i *=2) { +- for ($j = 0; $j < $i * 8; $j++) { +- @m = split //, unpack "b*", pack "V", 1 << $j; +- splice @m, $i * 8; +- $r = $crc->crc(@m); +- $m = unpack "H*", pack "b*", join("", @m); +- print "{HEX, \"$m\", 0x", $r->revhex, "},\n"; +- } +-} +-@m = ("foo", "test0123456789", +- "MASSACHVSETTS INSTITVTE OF TECHNOLOGY"); +-foreach $m (@m) { +- $r = $crc->crcstring($m); +- print "{STR, \"$m\", 0x", $r->revhex, "},\n"; +-} +-__END__ +- +-print "*** big endian, no complementation ***\n"; +-for ($i = 0; $i < 256; $i++) { +- $r = $crc->crcstring(pack "C", $i); +- printf ("%02x: ", $i) if !($i % 8); +- print ($r->hex, ($i % 8 == 7) ? "\n" : " "); +-} +- +-# all ones polynomial of order 31 +-$ones = Poly->new((1) x 32); +- +-print "*** big endian, ISO-3309 style\n"; +-$crc = CRC->new(Poly => $fcs32, +- bitsendian => "little", +- precomp => $ones, +- postcomp => $ones); +-for ($i = 0; $i < 256; $i++) { +- $r = $crc->crcstring(pack "C", $i); +- print ($r->hex, ($i % 8 == 7) ? "\n" : " "); +-} +- +-for ($i = 0; $i < 0; $i++) { +- $x = Poly->new((1) x 32, (0) x $i); +- $y = Poly->new((1) x 32); +- $f = ($x % $fcs32) + $y; +- $r = (($f + $x) * Poly->powers2poly(32)) % $fcs32; +- @out = @$r; +- unshift @out, 0 while @out < 32; +- print @out, "\n"; +-} +diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps +index 5d94a593d..19fef2582 100644 +--- a/src/lib/crypto/crypto_tests/deps ++++ b/src/lib/crypto/crypto_tests/deps +@@ -140,17 +140,6 @@ $(OUTPRE)camellia-test.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(top_srcdir)/include/socket-utils.h camellia-test.c + $(OUTPRE)t_cf2.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ + $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h t_cf2.c +-$(OUTPRE)t_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- t_cksum.c + $(OUTPRE)t_cksums.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ +@@ -161,19 +150,6 @@ $(OUTPRE)t_cksums.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ + $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ + $(top_srcdir)/include/socket-utils.h t_cksums.c +-$(OUTPRE)t_crc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ +- $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \ +- $(srcdir)/../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-hex.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- t_crc.c + $(OUTPRE)t_mddriver.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \ +diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected +index 11a24b800..f8251a16c 100644 +--- a/src/lib/crypto/crypto_tests/t_cf2.expected ++++ b/src/lib/crypto/crypto_tests/t_cf2.expected +@@ -1,6 +1,5 @@ + 97df97e4b798b29eb31ed7280287a92a + 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b +-43bae3738c9467e6 + e58f9eb643862c13ad38e529313462a7f73e62834fe54a01 + 24d7f6b6bae4e5c00d2082c5ebab3672 + edd02a39d2dbde31611c16e610be062c +diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in +index e62ead7d8..73e2f8fbc 100644 +--- a/src/lib/crypto/crypto_tests/t_cf2.in ++++ b/src/lib/crypto/crypto_tests/t_cf2.in +@@ -8,11 +8,6 @@ key1 + key2 + a + b +-1 +-key1 +-key2 +-a +-b + 16 + key1 + key2 +diff --git a/src/lib/crypto/crypto_tests/t_cksum.c b/src/lib/crypto/crypto_tests/t_cksum.c +deleted file mode 100644 +index 0edaeb850..000000000 +--- a/src/lib/crypto/crypto_tests/t_cksum.c ++++ /dev/null +@@ -1,160 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/crypto_tests/t_cksum.c */ +-/* +- * Copyright 1995 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* Test checksum and checksum compatability for rsa-md[4,5]-des. */ +- +-#include "k5-int.h" +-#include "k5-hex.h" +- +-#define MD5_K5BETA_COMPAT +-#define MD4_K5BETA_COMPAT +- +-#if MD == 4 +-#define CKTYPE CKSUMTYPE_RSA_MD4_DES +-#endif +- +-#if MD == 5 +-#define CKTYPE CKSUMTYPE_RSA_MD5_DES +-#endif +- +-static void +-print_checksum(char *text, int number, char *message, krb5_checksum *checksum) +-{ +- unsigned int i; +- +- printf("%s MD%d checksum(\"%s\") = ", text, number, message); +- for (i=0; ilength; i++) +- printf("%02x", (unsigned char) checksum->contents[i]); +- printf("\n"); +-} +- +-/* +- * Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES +- * checksums. +- */ +- +-krb5_octet testkey[8] = { 0x45, 0x01, 0x49, 0x61, 0x58, 0x19, 0x1a, 0x3d }; +- +-int +-main(argc, argv) +- int argc; +- char **argv; +-{ +- int msgindex; +- size_t len; +- krb5_boolean valid; +- krb5_keyblock keyblock; +- krb5_key key; +- krb5_error_code kret=0; +- krb5_data plaintext; +- krb5_checksum checksum, knowncksum; +- +- /* this is a terrible seed, but that's ok for the test. */ +- +- plaintext.length = 8; +- plaintext.data = (char *) testkey; +- +- krb5_c_random_seed(/* XXX */ 0, &plaintext); +- +- keyblock.enctype = ENCTYPE_DES_CBC_CRC; +- keyblock.length = sizeof(testkey); +- keyblock.contents = testkey; +- +- krb5_k_create_key(NULL, &keyblock, &key); +- +- for (msgindex = 1; msgindex + 1 < argc; msgindex += 2) { +- plaintext.length = strlen(argv[msgindex]); +- plaintext.data = argv[msgindex]; +- +- /* Create a checksum. */ +- kret = krb5_k_make_checksum(NULL, CKTYPE, key, 0, &plaintext, +- &checksum); +- if (kret != 0) { +- printf("krb5_calculate_checksum choked with %d\n", kret); +- break; +- } +- print_checksum("correct", MD, argv[msgindex], &checksum); +- +- /* Verify it. */ +- kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &checksum, +- &valid); +- if (kret != 0) { +- printf("verify on new checksum choked with %d\n", kret); +- break; +- } +- if (!valid) { +- printf("verify on new checksum failed\n"); +- kret = 1; +- break; +- } +- printf("Verify succeeded for \"%s\"\n", argv[msgindex]); +- +- /* Corrupt the checksum and see if it still verifies. */ +- checksum.contents[0]++; +- kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &checksum, +- &valid); +- if (kret != 0) { +- printf("verify on new checksum choked with %d\n", kret); +- break; +- } +- if (valid) { +- printf("verify on new checksum succeeded, but shouldn't have\n"); +- kret = 1; +- break; +- } +- printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); +- free(checksum.contents); +- +- /* Verify a known-good checksum for this plaintext. */ +- kret = k5_hex_decode(argv[msgindex + 1], &knowncksum.contents, &len); +- if (kret) { +- printf("k5_hex_decode failed\n"); +- break; +- } +- knowncksum.length = len; +- knowncksum.checksum_type = CKTYPE; +- knowncksum.magic = KV5M_CHECKSUM; +- kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &knowncksum, +- &valid); +- if (kret != 0) { +- printf("verify on known checksum choked with %d\n", kret); +- break; +- } +- if (!valid) { +- printf("verify on known checksum failed\n"); +- kret = 1; +- break; +- } +- printf("Verify on known checksum succeeded\n"); +- free(knowncksum.contents); +- } +- if (!kret) +- printf("%d tests passed successfully for MD%d checksum\n", (argc-1)/2, MD); +- +- krb5_k_free_key(NULL, key); +- +- return(kret); +-} +diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c +index 5afc90ed8..4da14ea43 100644 +--- a/src/lib/crypto/crypto_tests/t_cksums.c ++++ b/src/lib/crypto/crypto_tests/t_cksums.c +@@ -27,7 +27,7 @@ + /* + * This harness tests checksum results against known values. With the -v flag, + * results for all tests are displayed. This harness only works for +- * deterministic checksums; for rsa-md4-des and rsa-md5-des, see t_cksum.c. ++ * deterministic checksums. + */ + + #include "k5-int.h" +@@ -40,12 +40,6 @@ struct test { + krb5_data keybits; + krb5_data cksum; + } test_cases[] = { +- { +- { KV5M_DATA, 3, "abc" }, +- CKSUMTYPE_CRC32, 0, 0, { KV5M_DATA, 0, "" }, +- { KV5M_DATA, 4, +- "\xD0\x98\x65\xCA" } +- }, + { + { KV5M_DATA, 3, "one" }, + CKSUMTYPE_RSA_MD4, 0, 0, { KV5M_DATA, 0, "" }, +diff --git a/src/lib/crypto/crypto_tests/t_combine.c b/src/lib/crypto/crypto_tests/t_combine.c +index 89219c762..ba0622bcf 100644 +--- a/src/lib/crypto/crypto_tests/t_combine.c ++++ b/src/lib/crypto/crypto_tests/t_combine.c +@@ -32,10 +32,6 @@ + + #include "k5-int.h" + +-unsigned char des_key1[] = "\x04\x86\xCD\x97\x61\xDF\xD6\x29"; +-unsigned char des_key2[] = "\x1A\x54\x9B\x7F\xDC\x20\x83\x0E"; +-unsigned char des_result[] = "\xC2\x13\x01\x52\x89\x26\xC4\xF7"; +- + unsigned char des3_key1[] = "\x10\xB6\x75\xD5\x5B\xD9\x6E\x73" + "\xFD\x54\xB3\x3D\x37\x52\xC1\x2A\xF7\x43\x91\xFE\x1C\x02\x37\x13"; + unsigned char des3_key2[] = "\xC8\xDA\x3E\xA7\xB6\x64\xAE\x7A" +@@ -48,20 +44,6 @@ main(int argc, char **argv) + { + krb5_keyblock kb1, kb2, result; + +- kb1.enctype = ENCTYPE_DES_CBC_CRC; +- kb1.contents = des_key1; +- kb1.length = 8; +- kb2.enctype = ENCTYPE_DES_CBC_CRC; +- kb2.contents = des_key2; +- kb2.length = 8; +- memset(&result, 0, sizeof(result)); +- if (krb5int_c_combine_keys(NULL, &kb1, &kb2, &result) != 0) +- abort(); +- if (result.enctype != ENCTYPE_DES_CBC_CRC || result.length != 8 || +- memcmp(result.contents, des_result, 8) != 0) +- abort(); +- krb5_free_keyblock_contents(NULL, &result); +- + kb1.enctype = ENCTYPE_DES3_CBC_SHA1; + kb1.contents = des3_key1; + kb1.length = 24; +diff --git a/src/lib/crypto/crypto_tests/t_crc.c b/src/lib/crypto/crypto_tests/t_crc.c +deleted file mode 100644 +index 8cd1d36cb..000000000 +--- a/src/lib/crypto/crypto_tests/t_crc.c ++++ /dev/null +@@ -1,148 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/crypto_tests/t_crc.c */ +-/* +- * Copyright 2002,2005 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* +- * Sanity checks for CRC32. +- */ +-#include +-#include +-#include +-#include +-#include +-#include +-#include "crypto_int.h" +- +-#define HEX 1 +-#define STR 2 +-struct crc_trial { +- int type; +- char *data; +- unsigned long sum; +-}; +- +-struct crc_trial trials[] = { +- {HEX, "01", 0x77073096}, +- {HEX, "02", 0xee0e612c}, +- {HEX, "04", 0x076dc419}, +- {HEX, "08", 0x0edb8832}, +- {HEX, "10", 0x1db71064}, +- {HEX, "20", 0x3b6e20c8}, +- {HEX, "40", 0x76dc4190}, +- {HEX, "80", 0xedb88320}, +- {HEX, "0100", 0x191b3141}, +- {HEX, "0200", 0x32366282}, +- {HEX, "0400", 0x646cc504}, +- {HEX, "0800", 0xc8d98a08}, +- {HEX, "1000", 0x4ac21251}, +- {HEX, "2000", 0x958424a2}, +- {HEX, "4000", 0xf0794f05}, +- {HEX, "8000", 0x3b83984b}, +- {HEX, "0001", 0x77073096}, +- {HEX, "0002", 0xee0e612c}, +- {HEX, "0004", 0x076dc419}, +- {HEX, "0008", 0x0edb8832}, +- {HEX, "0010", 0x1db71064}, +- {HEX, "0020", 0x3b6e20c8}, +- {HEX, "0040", 0x76dc4190}, +- {HEX, "0080", 0xedb88320}, +- {HEX, "01000000", 0xb8bc6765}, +- {HEX, "02000000", 0xaa09c88b}, +- {HEX, "04000000", 0x8f629757}, +- {HEX, "08000000", 0xc5b428ef}, +- {HEX, "10000000", 0x5019579f}, +- {HEX, "20000000", 0xa032af3e}, +- {HEX, "40000000", 0x9b14583d}, +- {HEX, "80000000", 0xed59b63b}, +- {HEX, "00010000", 0x01c26a37}, +- {HEX, "00020000", 0x0384d46e}, +- {HEX, "00040000", 0x0709a8dc}, +- {HEX, "00080000", 0x0e1351b8}, +- {HEX, "00100000", 0x1c26a370}, +- {HEX, "00200000", 0x384d46e0}, +- {HEX, "00400000", 0x709a8dc0}, +- {HEX, "00800000", 0xe1351b80}, +- {HEX, "00000100", 0x191b3141}, +- {HEX, "00000200", 0x32366282}, +- {HEX, "00000400", 0x646cc504}, +- {HEX, "00000800", 0xc8d98a08}, +- {HEX, "00001000", 0x4ac21251}, +- {HEX, "00002000", 0x958424a2}, +- {HEX, "00004000", 0xf0794f05}, +- {HEX, "00008000", 0x3b83984b}, +- {HEX, "00000001", 0x77073096}, +- {HEX, "00000002", 0xee0e612c}, +- {HEX, "00000004", 0x076dc419}, +- {HEX, "00000008", 0x0edb8832}, +- {HEX, "00000010", 0x1db71064}, +- {HEX, "00000020", 0x3b6e20c8}, +- {HEX, "00000040", 0x76dc4190}, +- {HEX, "00000080", 0xedb88320}, +- {STR, "foo", 0x7332bc33}, +- {STR, "test0123456789", 0xb83e88d6}, +- {STR, "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 0xe34180f7} +-}; +- +-#define NTRIALS (sizeof(trials) / sizeof(trials[0])) +- +- +-int +-main(void) +-{ +- unsigned int i; +- struct crc_trial trial; +- uint8_t *bytes; +- size_t len; +- unsigned long cksum; +- char *typestr; +- +- for (i = 0; i < NTRIALS; i++) { +- trial = trials[i]; +- switch (trial.type) { +- case STR: +- len = strlen(trial.data); +- typestr = "STR"; +- cksum = 0; +- mit_crc32(trial.data, len, &cksum); +- break; +- case HEX: +- typestr = "HEX"; +- if (k5_hex_decode(trial.data, &bytes, &len) != 0) +- abort(); +- cksum = 0; +- mit_crc32(bytes, len, &cksum); +- free(bytes); +- break; +- default: +- typestr = "BOGUS"; +- fprintf(stderr, "bad trial type %d\n", trial.type); +- exit(1); +- } +- printf("%s: %s \"%s\" = 0x%08lx\n", +- (trial.sum == cksum) ? "OK" : "***BAD***", +- typestr, trial.data, cksum); +- } +- exit(0); +-} +diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c +index 4ae0256cc..a40a85500 100644 +--- a/src/lib/crypto/crypto_tests/t_decrypt.c ++++ b/src/lib/crypto/crypto_tests/t_decrypt.c +@@ -39,151 +39,6 @@ struct test { + krb5_data keybits; + krb5_data ciphertext; + } test_cases[] = { +- { +- ENCTYPE_DES_CBC_CRC, +- { KV5M_DATA, 0, "" }, 0, +- { KV5M_DATA, 8, +- "\x45\xE6\x08\x7C\xDF\x13\x8F\xB5" }, +- { KV5M_DATA, 16, +- "\x28\xF6\xB0\x9A\x01\x2B\xCC\xF7\x2F\xB0\x51\x22\xB2\x83\x9E\x6E" } +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- { KV5M_DATA, 1, "1" }, 1, +- { KV5M_DATA, 8, +- "\x92\xA7\x15\x58\x10\x58\x6B\x2F" }, +- { KV5M_DATA, 16, +- "\xB4\xC8\x71\xC2\xF3\xE7\xBF\x76\x05\xEF\xD6\x2F\x2E\xEE\xC2\x05" } +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- { KV5M_DATA, 9, "9 bytesss" }, 2, +- { KV5M_DATA, 8, +- "\xA4\xB9\x51\x4A\x61\x64\x64\x23" }, +- { KV5M_DATA, 24, +- "\x5F\x14\xC3\x51\x78\xD3\x3D\x7C\xDE\x0E\xC1\x69\xC6\x23\xCC\x83" +- "\x21\xB7\xB8\xBD\x34\xEA\x7E\xFE" } +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- { KV5M_DATA, 13, "13 bytes byte", }, 3, +- { KV5M_DATA, 8, +- "\x2F\x16\xA2\xA7\xFD\xB0\x57\x68" }, +- { KV5M_DATA, 32, +- "\x0B\x58\x8E\x38\xD9\x71\x43\x3C\x9D\x86\xD8\xBA\xEB\xF6\x3E\x4C" +- "\x1A\x01\x66\x6E\x76\xD8\xA5\x4A\x32\x93\xF7\x26\x79\xED\x88\xC9" } +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4, +- { KV5M_DATA, 8, +- "\xBC\x8F\x70\xFD\x20\x97\xD6\x7C" }, +- { KV5M_DATA, 48, +- "\x38\xD6\x32\xD2\xC2\x0A\x7C\x2E\xA2\x50\xFC\x8E\xCE\x42\x93\x8E" +- "\x92\xA9\xF5\xD3\x02\x50\x26\x65\xC1\xA3\x37\x29\xC1\x05\x0D\xC2" +- "\x05\x62\x98\xFB\xFB\x16\x82\xCE\xEB\x65\xE5\x92\x04\xFD\xA7\xDF" } +- }, +- +- { +- ENCTYPE_DES_CBC_MD4, +- { KV5M_DATA, 0, "", }, 0, +- { KV5M_DATA, 8, +- "\x13\xEF\x45\xD0\xD6\xD9\xA1\x5D" }, +- { KV5M_DATA, 24, +- "\x1F\xB2\x02\xBF\x07\xAF\x30\x47\xFB\x78\x01\xE5\x88\x56\x86\x86" +- "\xBA\x63\xD7\x8B\xE3\xE8\x7D\xC7" } +- }, +- { +- ENCTYPE_DES_CBC_MD4, +- { KV5M_DATA, 1, "1", }, 1, +- { KV5M_DATA, 8, +- "\x64\x68\x86\x54\xDC\x26\x9E\x67" }, +- { KV5M_DATA, 32, +- "\x1F\x6C\xB9\xCE\xCB\x73\xF7\x55\xAB\xFD\xB3\xD5\x65\xBD\x31\xD5" +- "\xA2\xE6\x4B\xFE\x44\xC4\x91\xE2\x0E\xEB\xE5\xBD\x20\xE4\xD2\xA9" } +- }, +- { +- ENCTYPE_DES_CBC_MD4, +- { KV5M_DATA, 9, "9 bytesss", }, 2, +- { KV5M_DATA, 8, +- "\x68\x04\xFB\x26\xDF\x8A\x4C\x32" }, +- { KV5M_DATA, 40, +- "\x08\xA5\x3D\x62\xFE\xC3\x33\x8A\xD1\xD2\x18\xE6\x0D\xBD\xD3\xB2" +- "\x12\x94\x06\x79\xD1\x25\xE0\x62\x1B\x3B\xAB\x46\x80\xCE\x03\x67" +- "\x6A\x2C\x42\x0E\x9B\xE7\x84\xEB" } +- }, +- { +- ENCTYPE_DES_CBC_MD4, +- { KV5M_DATA, 13, "13 bytes byte", }, 3, +- { KV5M_DATA, 8, +- "\x23\x4A\x43\x6E\xC7\x2F\xA8\x0B" }, +- { KV5M_DATA, 40, +- "\x17\xCD\x45\xE1\x4F\xF0\x6B\x28\x40\xA6\x03\x6E\x9A\xA7\xA4\x14" +- "\x4E\x29\x76\x81\x44\xA0\xC1\x82\x7D\x8C\x4B\xC7\xC9\x90\x6E\x72" +- "\xCD\x4D\xC3\x28\xF6\x64\x8C\x99" } +- }, +- { +- ENCTYPE_DES_CBC_MD4, +- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4, +- { KV5M_DATA, 8, +- "\x1F\xD5\xF7\x43\x34\xC4\xFB\x8C" }, +- { KV5M_DATA, 56, +- "\x51\x13\x4C\xD8\x95\x1E\x9D\x57\xC0\xA3\x60\x53\xE0\x4C\xE0\x3E" +- "\xCB\x84\x22\x48\x8F\xDD\xC5\xC0\x74\xC4\xD8\x5E\x60\xA2\xAE\x42" +- "\x3C\x3C\x70\x12\x01\x31\x4F\x36\x2C\xB0\x74\x48\x09\x16\x79\xC6" +- "\xA4\x96\xC1\x1D\x7B\x93\xC7\x1B" } +- }, +- +- { +- ENCTYPE_DES_CBC_MD5, +- { KV5M_DATA, 0, "", }, 0, +- { KV5M_DATA, 8, +- "\x4A\x54\x5E\x0B\xF7\xA2\x26\x31" }, +- { KV5M_DATA, 24, +- "\x78\x4C\xD8\x15\x91\xA0\x34\xBE\x82\x55\x6F\x56\xDC\xA3\x22\x4B" +- "\x62\xD9\x95\x6F\xA9\x0B\x1B\x93" } +- }, +- { +- ENCTYPE_DES_CBC_MD5, +- { KV5M_DATA, 1, "1", }, 1, +- { KV5M_DATA, 8, +- "\xD5\x80\x4A\x26\x9D\xC4\xE6\x45" }, +- { KV5M_DATA, 32, +- "\xFF\xA2\x5C\x7B\xE2\x87\x59\x6B\xFE\x58\x12\x6E\x90\xAA\xA0\xF1" +- "\x2D\x9A\x82\xA0\xD8\x6D\xF6\xD5\xF9\x07\x4B\x6B\x39\x9E\x7F\xF1" } +- }, +- { +- ENCTYPE_DES_CBC_MD5, +- { KV5M_DATA, 9, "9 bytesss", }, 2, +- { KV5M_DATA, 8, +- "\xC8\x31\x2F\x7F\x83\xEA\x46\x40" }, +- { KV5M_DATA, 40, +- "\xE7\x85\x03\x37\xF2\xCC\x5E\x3F\x35\xCE\x3D\x69\xE2\xC3\x29\x86" +- "\x38\xA7\xAA\x44\xB8\x78\x03\x1E\x39\x85\x1E\x47\xC1\x5B\x5D\x0E" +- "\xE7\xE7\xAC\x54\xDE\x11\x1D\x80" } +- }, +- { +- ENCTYPE_DES_CBC_MD5, +- { KV5M_DATA, 13, "13 bytes byte", }, 3, +- { KV5M_DATA, 8, +- "\x7F\xDA\x3E\x62\xAD\x8A\xF1\x8C" }, +- { KV5M_DATA, 40, +- "\xD7\xA8\x03\x2E\x19\x99\x4C\x92\x87\x77\x50\x65\x95\xFB\xDA\x98" +- "\x83\x15\x8A\x85\x14\x54\x8E\x29\x6E\x91\x1C\x29\xF4\x65\xC6\x72" +- "\x36\x60\x00\x55\x8B\xFC\x2E\x88" } +- }, +- { +- ENCTYPE_DES_CBC_MD5, +- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4, +- { KV5M_DATA, 8, +- "\xD3\xD6\x83\x29\x70\xA7\x37\x52" }, +- { KV5M_DATA, 56, +- "\x8A\x48\x16\x6A\x4C\x6F\xEA\xE6\x07\xA8\xCF\x68\xB3\x81\xC0\x75" +- "\x5E\x40\x2B\x19\xDB\xC0\xF8\x1A\x7D\x7C\xA1\x9A\x25\xE0\x52\x23" +- "\xF6\x06\x44\x09\xBF\x5A\x4F\x50\xAC\xD8\x26\x63\x9F\xFA\x76\x73" +- "\xFD\x32\x4E\xC1\x9E\x42\x95\x02" } +- }, +- + { + ENCTYPE_DES3_CBC_SHA1, + { KV5M_DATA, 0, "", }, 0, +@@ -669,9 +524,6 @@ printhex(const char *head, void *data, size_t len) + + static krb5_enctype + enctypes[] = { +- ENCTYPE_DES_CBC_CRC, +- ENCTYPE_DES_CBC_MD4, +- ENCTYPE_DES_CBC_MD5, + ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, +diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c +index 4afbddedb..bd9b94691 100644 +--- a/src/lib/crypto/crypto_tests/t_encrypt.c ++++ b/src/lib/crypto/crypto_tests/t_encrypt.c +@@ -37,9 +37,6 @@ + + /* What enctypes should we test?*/ + krb5_enctype interesting_enctypes[] = { +- ENCTYPE_DES_CBC_CRC, +- ENCTYPE_DES_CBC_MD4, +- ENCTYPE_DES_CBC_MD5, + ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, +diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c +index 40fa2821f..d4c2b97df 100644 +--- a/src/lib/crypto/crypto_tests/t_short.c ++++ b/src/lib/crypto/crypto_tests/t_short.c +@@ -34,9 +34,6 @@ + #include "k5-int.h" + + krb5_enctype interesting_enctypes[] = { +- ENCTYPE_DES_CBC_CRC, +- ENCTYPE_DES_CBC_MD4, +- ENCTYPE_DES_CBC_MD5, + ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, +diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c +index 27896e61e..cdb1acc6d 100644 +--- a/src/lib/crypto/crypto_tests/t_str2key.c ++++ b/src/lib/crypto/crypto_tests/t_str2key.c +@@ -35,280 +35,6 @@ struct test { + krb5_error_code expected_err; + krb5_boolean allow_weak; + } test_cases[] = { +- /* AFS string-to-key tests from old t_afss2k.c. */ +- { +- ENCTYPE_DES_CBC_CRC, +- "", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xA4\xD0\xD0\x9B\x86\x92\xB0\xC2" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "M", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xF1\xF2\x9E\xAB\xD0\xEF\xDF\x73" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xD6\x85\x61\xC4\xF2\x94\xF4\xA1" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My ", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xD0\xE3\xA7\x83\x94\x61\xE0\xD0" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My P", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xD5\x62\xCD\x94\x61\xCB\x97\xDF" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Pa", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x9E\xA2\xA2\xEC\xA8\x8C\x6B\x8F" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Pas", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xE3\x91\x6D\xD3\x85\xF1\x67\xC4" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Pass", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xF4\xC4\x73\xC8\x8A\xE9\x94\x6D" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Passw", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xA1\x9E\xB3\xAD\x6B\xE3\xAB\xD9" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Passwo", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xAD\xA1\xCE\x10\x37\x83\xA7\x8C" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Passwor", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xD3\x01\xD0\xF7\x3E\x7A\x49\x0B" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Password", +- { KV5M_DATA, 15, "Sodium Chloride" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xB6\x2A\x4A\xEC\x9D\x4C\x68\xDF" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x61\xEF\xE6\x83\xE5\x8A\x6B\x98" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "M", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x68\xCD\x68\xAD\xC4\x86\xCD\xE5" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x83\xA1\xC8\x86\x8F\x67\xD0\x62" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My ", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x9E\xC7\x8F\xA4\xA4\xB3\xE0\xD5" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My P", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xD9\x92\x86\x8F\x9D\x8C\x85\xE6" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Pa", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xDA\xF2\x92\x83\xF4\x9B\xA7\xAD" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Pas", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x91\xCD\xAD\xEF\x86\xDF\xD3\xA2" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Pass", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x73\xD3\x67\x68\x8F\x6E\xE3\x73" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Passw", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xC4\x61\x85\x9D\xAD\xF4\xDC\xB0" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Passwo", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\xE9\x02\x83\x16\x2C\xEC\xE0\x08" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Passwor", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x61\xC8\x26\x29\xD9\x73\x6E\xB6" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "My Password", +- { KV5M_DATA, 4, "NaCl" }, +- { KV5M_DATA, 1, "\1" }, +- { KV5M_DATA, 8, "\x8C\xA8\x9E\xC4\xA8\xDC\x31\x73" }, +- 0, +- FALSE +- }, +- +- /* Test vectors from RFC 3961 appendix A.2. */ +- { +- ENCTYPE_DES_CBC_CRC, +- "password", +- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" }, +- { KV5M_DATA, 1, "\0" }, +- { KV5M_DATA, 8, "\xCB\xC2\x2F\xAE\x23\x52\x98\xE3" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "potatoe", +- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" }, +- { KV5M_DATA, 1, "\0" }, +- { KV5M_DATA, 8, "\xDF\x3D\x32\xA7\x4F\xD9\x2A\x01" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "\xF0\x9D\x84\x9E", +- { KV5M_DATA, 18, "EXAMPLE.COMpianist" }, +- { KV5M_DATA, 1, "\0" }, +- { KV5M_DATA, 8, "\x4F\xFB\x26\xBA\xB0\xCD\x94\x13" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "\xC3\x9F", +- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" }, +- { KV5M_DATA, 1, "\0" }, +- { KV5M_DATA, 8, "\x62\xC8\x1A\x52\x32\xB5\xE6\x9D" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "11119999", +- { KV5M_DATA, 8, "AAAAAAAA" }, +- { KV5M_DATA, 1, "\0" }, +- { KV5M_DATA, 8, "\x98\x40\x54\xd0\xf1\xa7\x3e\x31" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES_CBC_CRC, +- "NNNN6666", +- { KV5M_DATA, 8, "FFFFAAAA" }, +- { KV5M_DATA, 1, "\0" }, +- { KV5M_DATA, 8, "\xC4\xBF\x6B\x25\xAD\xF7\xA4\xF8" }, +- 0, +- FALSE +- }, +- + /* Test vectors from RFC 3961 appendix A.4. */ + { + ENCTYPE_DES3_CBC_SHA1, +diff --git a/src/lib/crypto/crypto_tests/vectors.c b/src/lib/crypto/crypto_tests/vectors.c +index c1a765732..bcf5c9106 100644 +--- a/src/lib/crypto/crypto_tests/vectors.c ++++ b/src/lib/crypto/crypto_tests/vectors.c +@@ -30,7 +30,8 @@ + * + * N.B.: Doesn't compile -- this file uses some routines internal to our + * crypto library which are declared "static" and thus aren't accessible +- * without modifying the other sources. ++ * without modifying the other sources. Additionally, some ciphers have been ++ * removed. + */ + + #include +diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +index db899a1dc..740425c69 100644 +--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +@@ -18,8 +18,8 @@ proc test200 {} { + + # I'd like to specify a long list of keysalt tuples and make sure + # that chpass does the right thing, but we can only use those +- # enctypes that krbtgt has a key for: des-cbc-crc:normal +- # according to the prototype kdc.conf. ++ # enctypes that krbtgt has a key for: the AES enctypes, according to ++ # the prototype kdc.conf. + if {! [cmd [format { + kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ + $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ +@@ -53,10 +53,10 @@ proc test200 {} { + } + + # XXX Perhaps I should actually check the key type returned. +- if {$num_keys == 2} { ++ if {$num_keys == 5} { + pass "$test" + } else { +- fail "$test: $num_keys keys, should be 2" ++ fail "$test: $num_keys keys, should be 5" + } + if { ! [cmd {kadm5_destroy $server_handle}]} { + perror "$test: unexpected failure in destroy" +diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +index 8526897ed..3ea1ba29b 100644 +--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +@@ -143,8 +143,8 @@ proc test101_102 {rpc} { + } + + set failed 0 +- if {$num_keys != 2} { +- fail "$test: num_keys $num_keys should be 2" ++ if {$num_keys != 5} { ++ fail "$test: num_keys $num_keys should be 5" + set failed 1 + } + for {set i 0} {$i < $num_keys} {incr i} { +diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp +index ee652cbd3..2925c1c43 100644 +--- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp +@@ -16,10 +16,9 @@ proc test100 {} { + return + } + +- # I'd like to specify a long list of keysalt tuples and make sure +- # that randkey does the right thing, but we can only use those +- # enctypes that krbtgt has a key for: des-cbc-crc:normal and +- # des-cbc-crc:v4, according to the prototype kdc.conf. ++ # I'd like to specify a long list of keysalt tuples and make sure that ++ # randkey does the right thing, but we can only use those enctypes that ++ # krbtgt has a key for: 3DES and AES, according to the prototype kdc.conf. + if {! [cmd [format { + kadm5_init admin admin $KADM5_ADMIN_SERVICE null \ + $KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \ +@@ -47,10 +46,10 @@ proc test100 {} { + } + + # XXX Perhaps I should actually check the key type returned. +- if {$num_keys == 2} { ++ if {$num_keys == 5} { + pass "$test" + } else { +- fail "$test: $num_keys keys, should be 2" ++ fail "$test: $num_keys keys, should be 5" + } + if { ! [cmd {kadm5_destroy $server_handle}]} { + perror "$test: unexpected failure in destroy" +diff --git a/src/lib/kadm5/unit-test/setkey-test.c b/src/lib/kadm5/unit-test/setkey-test.c +index fa2392f81..8e7df96e9 100644 +--- a/src/lib/kadm5/unit-test/setkey-test.c ++++ b/src/lib/kadm5/unit-test/setkey-test.c +@@ -19,15 +19,15 @@ need a random number generator + #endif /* no random */ + + krb5_keyblock test1[] = { +- {0, ENCTYPE_DES_CBC_CRC, 0, 0}, ++ {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0}, + {-1}, + }; + krb5_keyblock test2[] = { +- {0, ENCTYPE_DES_CBC_CRC, 0, 0}, ++ {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0}, + {-1}, + }; + krb5_keyblock test3[] = { +- {0, ENCTYPE_DES_CBC_CRC, 0, 0}, ++ {0, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0, 0}, + {-1}, + }; + +diff --git a/src/lib/krb5/keytab/t_keytab.c b/src/lib/krb5/keytab/t_keytab.c +index c845596d6..ea4ce6819 100644 +--- a/src/lib/krb5/keytab/t_keytab.c ++++ b/src/lib/krb5/keytab/t_keytab.c +@@ -96,6 +96,8 @@ kt_test(krb5_context context, const char *name) + krb5_principal princ; + krb5_kt_cursor cursor, cursor2; + int cnt; ++ krb5_enctype e1 = ENCTYPE_AES128_CTS_HMAC_SHA256_128, ++ e2 = ENCTYPE_AES256_CTS_HMAC_SHA384_192; + + kret = krb5_kt_resolve(context, name, &kt); + CHECK(kret, "resolve"); +@@ -139,9 +141,9 @@ kt_test(krb5_context context, const char *name) + /* =================== Add entries to keytab ================= */ + /* + * Add the following for this principal +- * enctype 1, kvno 1, key = "1" +- * enctype 2, kvno 1, key = "1" +- * enctype 1, kvno 2, key = "2" ++ * enctype e1, kvno 1, key = "1" ++ * enctype e2, kvno 1, key = "1" ++ * enctype e1, kvno 2, key = "2" + */ + memset(&kent, 0, sizeof(kent)); + kent.magic = KV5M_KEYTAB_ENTRY; +@@ -149,7 +151,7 @@ kt_test(krb5_context context, const char *name) + kent.timestamp = 327689; + kent.vno = 1; + kent.key.magic = KV5M_KEYBLOCK; +- kent.key.enctype = 1; ++ kent.key.enctype = e1; + kent.key.length = 1; + kent.key.contents = (krb5_octet *) "1"; + +@@ -157,11 +159,11 @@ kt_test(krb5_context context, const char *name) + kret = krb5_kt_add_entry(context, kt, &kent); + CHECK(kret, "Adding initial entry"); + +- kent.key.enctype = 2; ++ kent.key.enctype = e2; + kret = krb5_kt_add_entry(context, kt, &kent); + CHECK(kret, "Adding second entry"); + +- kent.key.enctype = 1; ++ kent.key.enctype = e1; + kent.vno = 2; + kent.key.contents = (krb5_octet *) "2"; + kret = krb5_kt_add_entry(context, kt, &kent); +@@ -183,7 +185,7 @@ kt_test(krb5_context context, const char *name) + cnt = 0; + while((kret = krb5_kt_next_entry(context, kt, &kent, &cursor)) == 0) { + if(((kent.vno != 1) && (kent.vno != 2)) || +- ((kent.key.enctype != 1) && (kent.key.enctype != 2)) || ++ ((kent.key.enctype != e1) && (kent.key.enctype != e2)) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Error in read contents\n"); +@@ -231,7 +233,7 @@ kt_test(krb5_context context, const char *name) + /* Ensure a valid answer - we did not specify an enctype or kvno */ + if (!krb5_principal_compare(context, princ, kent.principal) || + ((kent.vno != 1) && (kent.vno != 2)) || +- ((kent.key.enctype != 1) && (kent.key.enctype != 2)) || ++ ((kent.key.enctype != e1) && (kent.key.enctype != e2)) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Retrieved principal does not check\n"); +@@ -243,12 +245,12 @@ kt_test(krb5_context context, const char *name) + /* Try to lookup a specific enctype - but unspecified kvno - should give + * max kvno + */ +- kret = krb5_kt_get_entry(context, kt, princ, 0, 1, &kent); ++ kret = krb5_kt_get_entry(context, kt, princ, 0, e1, &kent); + CHECK(kret, "looking up principal"); + + /* Ensure a valid answer - we did specified an enctype */ + if (!krb5_principal_compare(context, princ, kent.principal) || +- (kent.vno != 2) || (kent.key.enctype != 1) || ++ (kent.vno != 2) || (kent.key.enctype != e1) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Retrieved principal does not check\n"); +@@ -266,7 +268,7 @@ kt_test(krb5_context context, const char *name) + + /* Ensure a valid answer - we did not specify a kvno */ + if (!krb5_principal_compare(context, princ, kent.principal) || +- (kent.vno != 2) || (kent.key.enctype != 1) || ++ (kent.vno != 2) || (kent.key.enctype != e1) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Retrieved principal does not check\n"); +@@ -281,11 +283,11 @@ kt_test(krb5_context context, const char *name) + + /* Try to lookup specified enctype and kvno */ + +- kret = krb5_kt_get_entry(context, kt, princ, 1, 1, &kent); ++ kret = krb5_kt_get_entry(context, kt, princ, 1, e1, &kent); + CHECK(kret, "looking up principal"); + + if (!krb5_principal_compare(context, princ, kent.principal) || +- (kent.vno != 1) || (kent.key.enctype != 1) || ++ (kent.vno != 1) || (kent.key.enctype != e1) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Retrieved principal does not check\n"); +@@ -334,7 +336,7 @@ kt_test(krb5_context context, const char *name) + + /* Try to lookup specified enctype and kvno - that does not exist*/ + +- kret = krb5_kt_get_entry(context, kt, princ, 3, 1, &kent); ++ kret = krb5_kt_get_entry(context, kt, princ, 3, e1, &kent); + CHECK_ERR(kret, KRB5_KT_KVNONOTFOUND, + "looking up specific principal, kvno, enctype"); + +@@ -347,12 +349,12 @@ kt_test(krb5_context context, const char *name) + kret = krb5_parse_name(context, "test/test2@TEST.MIT.EDU", &princ); + CHECK(kret, "parsing principal"); + +- kret = krb5_kt_get_entry(context, kt, princ, 0, 1, &kent); ++ kret = krb5_kt_get_entry(context, kt, princ, 0, e1, &kent); + CHECK(kret, "looking up principal"); + +- /* Ensure a valid answer - we are looking for max(kvno) and enc=1 */ ++ /* Ensure a valid answer - we are looking for max(kvno) and enc=e1 */ + if (!krb5_principal_compare(context, princ, kent.principal) || +- (kent.vno != 2) || (kent.key.enctype != 1) || ++ (kent.vno != 2) || (kent.key.enctype != e1) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Retrieved principal does not check\n"); +@@ -368,12 +370,12 @@ kt_test(krb5_context context, const char *name) + krb5_free_keytab_entry_contents(context, &kent); + /* And ensure gone */ + +- kret = krb5_kt_get_entry(context, kt, princ, 0, 1, &kent); ++ kret = krb5_kt_get_entry(context, kt, princ, 0, e1, &kent); + CHECK(kret, "looking up principal"); + + /* Ensure a valid answer - kvno should now be 1 - we deleted 2 */ + if (!krb5_principal_compare(context, princ, kent.principal) || +- (kent.vno != 1) || (kent.key.enctype != 1) || ++ (kent.vno != 1) || (kent.key.enctype != e1) || + (kent.key.length != 1) || + (kent.key.contents[0] != kent.vno +'0')) { + fprintf(stderr, "Delete principal check failed\n"); +diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c +index 317637684..f609e938a 100644 +--- a/src/lib/krb5/krb/t_etypes.c ++++ b/src/lib/krb5/krb/t_etypes.c +@@ -36,20 +36,6 @@ static struct { + krb5_error_code expected_err_noweak; + krb5_error_code expected_err_weak; + } tests[] = { +- /* Empty string, unused default list */ +- { "", +- { ENCTYPE_DES_CBC_CRC, 0 }, +- { 0 }, +- { 0 }, +- 0, 0 +- }, +- /* Single weak enctype */ +- { "des-cbc-md4", +- { 0 }, +- { 0 }, +- { ENCTYPE_DES_CBC_MD4, 0 }, +- 0, 0 +- }, + /* Single non-weak enctype */ + { "aes128-cts-hmac-sha1-96", + { 0 }, +@@ -57,35 +43,11 @@ static struct { + { ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 }, + 0, 0 + }, +- /* Two enctypes, one an alias, one weak */ +- { "rc4-hmac des-cbc-md5", +- { 0 }, +- { ENCTYPE_ARCFOUR_HMAC, 0 }, +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES_CBC_MD5, 0 }, +- 0, 0 +- }, +- /* Three enctypes, all weak, case variation, funky separators */ +- { " deS-HMac-shA1 , arCFour-hmaC-mD5-exp\tdeS3-Cbc-RAw\n", +- { 0 }, +- { 0 }, +- { ENCTYPE_DES_HMAC_SHA1, ENCTYPE_ARCFOUR_HMAC_EXP, +- ENCTYPE_DES3_CBC_RAW, 0 }, +- 0, 0 +- }, +- /* Default set with enctypes added (one weak in each pair) */ +- { "DEFAULT des-cbc-raw +des3-hmac-sha1", +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 }, +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 }, +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, +- ENCTYPE_DES_CBC_RAW, ENCTYPE_DES3_CBC_SHA1, 0 }, +- 0, 0 +- }, + /* Default set with enctypes removed */ + { "default -aes128-cts -des-hmac-sha1", +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_HMAC_SHA1, 0 }, ++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 }, ++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_DES_CBC_MD5, 0 }, + 0, 0 + }, + /* Family followed by enctype */ +@@ -105,31 +67,22 @@ static struct { + { ENCTYPE_CAMELLIA128_CTS_CMAC, 0 }, + { ENCTYPE_CAMELLIA128_CTS_CMAC, 0 } + }, +- /* Enctype followed by two families */ +- { "+rc4-hmAC des3 +des", +- { 0 }, +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 }, +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES_CBC_CRC, +- ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_MD4 }, +- 0, 0 +- }, + /* Default set with family added and enctype removed */ + { "DEFAULT +aes -arcfour-hmac-md5", +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES_CBC_CRC, 0 }, ++ { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 }, + { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, + ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, + ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 }, +- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES_CBC_CRC, ++ { ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, + 0 }, + 0, 0 + }, + /* Default set with families removed and enctypes added (one redundant) */ +- { "DEFAULT -des -des3 rc4-hmac rc4-hmac-exp", ++ { "DEFAULT -des3 rc4-hmac rc4-hmac-exp", + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, +- ENCTYPE_DES_CBC_CRC, ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_MD4, 0 }, ++ ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 }, + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_ARCFOUR_HMAC, 0 }, + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +@@ -158,17 +111,17 @@ static struct { + }, + /* Test krb5_set_default_in_tkt_ktypes */ + { NULL, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_DES_CBC_CRC, 0 }, + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_DES_CBC_CRC, 0 }, ++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, ++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, + 0, 0 + }, + /* Should get KRB5_CONFIG_ETYPE_NOSUPP if app-provided list has no strong + * enctypes and allow_weak_crypto=false. */ + { NULL, +- { ENCTYPE_DES_CBC_CRC, 0 }, ++ { ENCTYPE_ARCFOUR_HMAC_EXP, 0 }, + { 0 }, +- { ENCTYPE_DES_CBC_CRC, 0 }, ++ { ENCTYPE_ARCFOUR_HMAC_EXP, 0 }, + KRB5_CONFIG_ETYPE_NOSUPP, 0 + }, + /* Should get EINVAL if app provides an empty list. */ +diff --git a/src/lib/krb5/krb/t_ser.c b/src/lib/krb5/krb/t_ser.c +index 1d6cceaa2..f1a8c2553 100644 +--- a/src/lib/krb5/krb/t_ser.c ++++ b/src/lib/krb5/krb/t_ser.c +@@ -272,7 +272,7 @@ ser_acontext_test(krb5_context kcontext, int verbose) + KV5M_AUTH_CONTEXT))) { + memset(&ukeyblock, 0, sizeof(ukeyblock)); + memset(keydata, 0, sizeof(keydata)); +- ukeyblock.enctype = ENCTYPE_DES_CBC_MD5; ++ ukeyblock.enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128; + ukeyblock.length = sizeof(keydata); + ukeyblock.contents = keydata; + keydata[0] = 0xde; +diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c +index 5aea68e8d..10ba8d0ac 100644 +--- a/src/lib/krb5/os/t_trace.c ++++ b/src/lib/krb5/os/t_trace.c +@@ -204,7 +204,7 @@ main (int argc, char *argv[]) + padatap = NULL; + + TRACE(ctx, "krb5_enctype, display shortest name of enctype: {etype}", +- ENCTYPE_DES_CBC_CRC); ++ ENCTYPE_AES128_CTS_HMAC_SHA1_96); + TRACE(ctx, "krb5_enctype *, display list of enctypes: {etypes}", enctypes); + TRACE(ctx, "krb5_enctype *, display list of enctypes: {etypes}", NULL); + +diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref +index bd5d9b6b6..044a66999 100644 +--- a/src/lib/krb5/os/t_trace.ref ++++ b/src/lib/krb5/os/t_trace.ref +@@ -40,7 +40,7 @@ int, krb5_principal type: NT 4 style name and SID + int, krb5_principal type: ? + krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0 + krb5_pa_data **, display list of padata type numbers: (empty) +-krb5_enctype, display shortest name of enctype: des-cbc-crc ++krb5_enctype, display shortest name of enctype: aes128-cts + krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511 + krb5_enctype *, display list of enctypes: (empty) + krb5_ccache, display type:name: FILE:/path/to/ccache +diff --git a/src/tests/asn.1/ktest.c b/src/tests/asn.1/ktest.c +index 6bf6e54ac..258377299 100644 +--- a/src/tests/asn.1/ktest.c ++++ b/src/tests/asn.1/ktest.c +@@ -893,7 +893,7 @@ ktest_make_sample_sp80056a_other_info(krb5_sp80056a_other_info *p) + void + ktest_make_sample_pkinit_supp_pub_info(krb5_pkinit_supp_pub_info *p) + { +- p->enctype = ENCTYPE_DES_CBC_CRC; ++ p->enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192; + ktest_make_sample_data(&p->as_req); + ktest_make_sample_data(&p->pk_as_rep); + } +diff --git a/src/tests/asn.1/pkinit_encode.out b/src/tests/asn.1/pkinit_encode.out +index 3b0f7190a..55a60bbef 100644 +--- a/src/tests/asn.1/pkinit_encode.out ++++ b/src/tests/asn.1/pkinit_encode.out +@@ -10,4 +10,4 @@ encode_krb5_kdc_dh_key_info: 30 25 A0 0B 03 09 00 6B 72 62 35 64 61 74 61 A1 03 + encode_krb5_reply_key_pack: 30 26 A0 13 30 11 A0 03 02 01 01 A1 0A 04 08 31 32 33 34 35 36 37 38 A1 0F 30 0D A0 03 02 01 01 A1 06 04 04 31 32 33 34 + encode_krb5_reply_key_pack_draft9: 30 1A A0 13 30 11 A0 03 02 01 01 A1 0A 04 08 31 32 33 34 35 36 37 38 A1 03 02 01 2A + encode_krb5_sp80056a_other_info: 30 81 81 30 0B 06 09 2A 86 48 86 F7 12 01 02 02 A0 32 04 30 30 2E A0 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A1 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A1 32 04 30 30 2E A0 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A1 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A2 0A 04 08 6B 72 62 35 64 61 74 61 +-encode_krb5_pkinit_supp_pub_info: 30 1D A0 03 02 01 01 A1 0A 04 08 6B 72 62 35 64 61 74 61 A2 0A 04 08 6B 72 62 35 64 61 74 61 ++encode_krb5_pkinit_supp_pub_info: 30 1D A0 03 02 01 14 A1 0A 04 08 6B 72 62 35 64 61 74 61 A2 0A 04 08 6B 72 62 35 64 61 74 61 +diff --git a/src/tests/asn.1/pkinit_trval.out b/src/tests/asn.1/pkinit_trval.out +index f9edbe154..9557188a8 100644 +--- a/src/tests/asn.1/pkinit_trval.out ++++ b/src/tests/asn.1/pkinit_trval.out +@@ -145,6 +145,6 @@ encode_krb5_sp80056a_other_info: + encode_krb5_pkinit_supp_pub_info: + + [Sequence/Sequence Of] +-. [0] [Integer] 1 ++. [0] [Integer] 20 + . [1] [Octet String] "krb5data" + . [2] [Octet String] "krb5data" +diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp +index c061d764e..e8adee234 100644 +--- a/src/tests/dejagnu/config/default.exp ++++ b/src/tests/dejagnu/config/default.exp +@@ -16,21 +16,6 @@ set stty_init {erase \^h kill \^u} + set env(TERM) dumb + + set des3_krbtgt 0 +-set tgt_support_desmd5 0 +- +-# The names of the individual passes must be unique; lots of things +-# depend on it. The PASSES variable may not contain comments; only +-# small pieces get evaluated, so comments will do strange things. +- +-# Most of the purpose of using multiple passes is to exercise the +-# dependency of various bugs on configuration file settings, +-# particularly with regards to encryption types. +- +-# The des.no-kdc-md5 pass will fail if the KDC does not constrain +-# session key enctypes to those in its permitted_enctypes list. It +-# works by assuming enctype similarity, thus allowing the client to +-# request a des-cbc-md4 session key. Since only des-cbc-crc is in the +-# KDC's permitted_enctypes list, the TGT will be unusable. + + if { [string length $VALGRIND] } { + rename spawn valgrind_aux_spawn +@@ -111,47 +96,21 @@ if { $PRIOCNTL_HACK } { + } + } + +-# The des.des3-tgt.no-kdc-des3 pass will fail if the KDC doesn't +-# constrain ticket key enctypes to those in permitted_enctypes. It +-# does this by not putting des3 in the permitted_enctypes, while +-# creating a TGT princpal that has a des3 key as well as a des key. ++# The names of the individual passes must be unique; lots of things ++# depend on it. The PASSES variable may not contain comments; only ++# small pieces get evaluated, so comments will do strange things. + +-# XXX -- master_key_type is fragile w.r.t. permitted_enctypes; it is +-# possible to configure things such that you have a master_key_type +-# that is not permitted, and the error message used to be cryptic. ++# Most of the purpose of using multiple passes is to exercise the ++# dependency of various bugs on configuration file settings, ++# particularly with regards to encryption types. + + set passes { +- { +- des +- mode=udp +- des3_krbtgt=0 +- {supported_enctypes=des-cbc-crc:normal} +- {dummy=[verbose -log "DES TGT, DES enctype"]} +- } +- { +- des.des3tgt +- mode=udp +- des3_krbtgt=1 +- {supported_enctypes=des-cbc-crc:normal} +- {dummy=[verbose -log "DES3 TGT, DES enctype"]} +- } + { + des3 + mode=udp + des3_krbtgt=1 +- {supported_enctypes=des3-cbc-sha1:normal des-cbc-crc:normal} +- {dummy=[verbose -log "DES3 TGT, DES3 + DES enctypes"]} +- } +- { +- aes-des +- mode=udp +- des3_krbtgt=0 +- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des-cbc-crc:normal} +- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des-cbc-crc} +- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des-cbc-crc} +- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des-cbc-crc} +- {master_key_type=aes256-cts-hmac-sha1-96} +- {dummy=[verbose -log "AES + DES enctypes"]} ++ {supported_enctypes=des3-cbc-sha1:normal} ++ {dummy=[verbose -log "DES3 TGT, DES3 enctype"]} + } + { + aes-only +@@ -220,10 +179,10 @@ set passes { + aes-des3 + mode=udp + des3_krbtgt=0 +- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal des-cbc-crc:normal} +- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc} +- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc} +- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc} ++ {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal} ++ {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} ++ {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} ++ {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} + {master_key_type=aes256-cts-hmac-sha1-96} + {dummy=[verbose -log "AES + DES3 + DES enctypes"]} + } +@@ -231,12 +190,12 @@ set passes { + aes-des3tgt + mode=udp + des3_krbtgt=1 +- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal des-cbc-crc:normal} +- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc} +- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc} +- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc} ++ {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal} ++ {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} ++ {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} ++ {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} + {master_key_type=aes256-cts-hmac-sha1-96} +- {dummy=[verbose -log "AES + DES enctypes, DES3 TGT"]} ++ {dummy=[verbose -log "AES enctypes, DES3 TGT"]} + } + { + all-enctypes +@@ -248,115 +207,8 @@ set passes { + {allow_weak_crypto(server)=false} + {dummy=[verbose -log "all default enctypes"]} + } +- { +- des.no-kdc-md5 +- mode=udp +- des3_krbtgt=0 +- tgt_support_desmd5=0 +- {permitted_enctypes(kdc)=des-cbc-crc} +- {default_tgs_enctypes(client)=des-cbc-md5 des-cbc-md4 des-cbc-crc} +- {default_tkt_enctypes(client)=des-cbc-md5 des-cbc-md4 des-cbc-crc} +- {supported_enctypes=des-cbc-crc:normal} +- {master_key_type=des-cbc-crc} +- {dummy=[verbose -log \ +- "DES TGT, KDC permitting only des-cbc-crc"]} +- } +- { +- des.des3-tgt.no-kdc-des3 +- mode=udp +- tgt_support_desmd5=0 +- {permitted_enctypes(kdc)=des-cbc-crc} +- {default_tgs_enctypes(client)=des-cbc-crc} +- {default_tkt_enctypes(client)=des-cbc-crc} +- {supported_enctypes=des3-cbc-sha1:normal des-cbc-crc:normal} +- {master_key_type=des-cbc-crc} +- {dummy=[verbose -log \ +- "DES3 TGT, KDC permitting only des-cbc-crc"]} +- } + } + +-# des.md5-tgt is set as unused, since it won't trigger the error case +-# if SUPPORT_DESMD5 isn't honored. +- +-# The des.md5-tgt pass will fail if enctype similarity is inconsisent; +-# between 1.0.x and 1.1, the decrypt functions became more strict +-# about matching enctypes, while the KDB retrieval functions didn't +-# coerce the enctype to match what was requested. It works by setting +-# SUPPORT_DESMD5 on the TGT principal, forcing an enctype of +-# des-cbc-md5 on the TGT key. Since the database only contains a +-# des-cbc-crc key, the decrypt will fail if enctypes are not coerced. +- +-# des.no-kdc-md5.client-md4-skey is retained in unsed_passes, even +-# though des.no-kdc-md5 is roughly equivalent, since the associated +-# comment needs additional investigation at some point re the kadmin +-# client. +- +-# The des.no-kdc-md5.client-md4-skey will fail on TGS requests due to +-# the KDC issuing session keys that it won't accept. It will also +-# fail for a kadmin client, but for different reasons, since the kadm5 +-# library does some curious filtering of enctypes, and also uses +-# get_in_tkt() rather than get_init_creds(); the former does an +-# intersection of the enctypes provided by the caller and those listed +-# in the config file! +- +-set unused_passes { +- { +- des.md5-tgt +- des3_krbtgt=0 +- tgt_support_desmd5=1 +- supported_enctypes=des-cbc-crc:normal +- {permitted_enctypes(kdc)=des-cbc-md5 des-cbc-md4 des-cbc-crc} +- {permitted_enctypes(client)=des-cbc-md5 des-cbc-md4 des-cbc-crc} +- {dummy=[verbose -log "DES TGT, SUPPORTS_DESMD5"]} +- } +- { +- des.md5-tgt.no-kdc-md5 +- des3_krbtgt=0 +- tgt_support_desmd5=1 +- {permitted_enctypes(kdc)=des-cbc-crc} +- {default_tgs_enctypes(client)=des-cbc-crc} +- {default_tkt_enctypes(client)=des-cbc-crc} +- {supported_enctypes=des-cbc-crc:normal} +- {master_key_type=des-cbc-crc} +- {dummy=[verbose -log \ +- "DES TGT, SUPPORTS_DESMD5, KDC permitting only des-cbc-crc"]} +- } +- { +- des.no-kdc-md5.client-md4-skey +- des3_krbtgt=0 +- {permitted_enctypes(kdc)=des-cbc-crc} +- {permitted_enctypes(client)=des-cbc-crc des-cbc-md4} +- {default_tgs_enctypes(client)=des-cbc-crc des-cbc-md4} +- {default_tkt_enctypes(client)=des-cbc-md4} +- {supported_enctypes=des-cbc-crc:normal} +- {dummy=[verbose -log \ +- "DES TGT, DES enctype, KDC permitting only des-cbc-crc, client requests des-cbc-md4 session key"]} +- } +- { +- all-enctypes +- des3_krbtgt=1 +- {supported_enctypes=\ +- aes256-cts-hmac-sha1-96:normal aes256-cts-hmac-sha1-96:norealm \ +- aes128-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:norealm \ +- des3-cbc-sha1:normal des3-cbc-sha1:none \ +- des-cbc-md5:normal des-cbc-md4:normal des-cbc-crc:normal \ +- } +- {dummy=[verbose -log "DES3 TGT, default enctypes"]} +- } +- { +- aes-tcp +- mode=tcp +- des3_krbtgt=0 +- {supported_enctypes=aes256-cts-hmac-sha1-96:normal} +- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96} +- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96} +- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96} +- {master_key_type=aes256-cts-hmac-sha1-96} +- {dummy=[verbose -log "AES via TCP"]} +- } +-} +-# {supported_enctypes=des-cbc-md5:normal des-cbc-crc:normal twofish256-hmac-sha1:normal } +- + # This shouldn't be necessary on dejagnu-1.4 and later, but 1.3 seems + # to need it because its runtest.exp doesn't deal with PASS at all. + if [info exists PASS] { +@@ -1095,7 +947,7 @@ proc setup_kerberos_db { standalone } { + global REALMNAME KDB5_UTIL KADMIN_LOCAL KEY + global tmppwd hostname + global spawn_id +- global des3_krbtgt tgt_support_desmd5 ++ global des3_krbtgt + global multipass_name last_passname_db + + set failall 0 +@@ -1334,48 +1186,6 @@ proc setup_kerberos_db { standalone } { + } + } + } +- if $tgt_support_desmd5 { +- # Make TGT support des-cbc-md5 +- set test "kadmin.local TGT to SUPPORT_DESMD5" +- set body { +- if $failall { +- break +- } +- spawn $KADMIN_LOCAL -r $REALMNAME +- verbose "starting $test" +- expect_after $def_exp_after +- +- expect "kadmin.local: " +- send "modprinc +support_desmd5 krbtgt/$REALMNAME@$REALMNAME\r" +- # It echos... +- expect "modprinc +support_desmd5 krbtgt/$REALMNAME@$REALMNAME\r" +- expect { +- "Principal \"krbtgt/$REALMNAME@$REALMNAME\" modified.\r\n" { } +- } +- expect "kadmin.local: " +- send "quit\r" +- expect eof +- catch expect_after +- if ![check_exit_status kadmin_local] { +- break +- } +- } +- set ret [catch $body] +- catch "expect eof" +- catch expect_after +- if $ret { +- set failall 1 +- if $standalone { +- fail $test +- } else { +- delete_db +- } +- } else { +- if $standalone { +- pass $test +- } +- } +- } + envstack_pop + + # create the admin database lock file +diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c +index 2a332a8ae..9876a11e6 100644 +--- a/src/tests/gssapi/t_invalid.c ++++ b/src/tests/gssapi/t_invalid.c +@@ -84,17 +84,6 @@ struct test { + size_t toklen; + const char *token; + } tests[] = { +- { +- ENCTYPE_DES_CBC_CRC, ENCTYPE_DES_CBC_RAW, +- SEAL_ALG_DES, SGN_ALG_DES_MAC_MD5, 8, +- 8, +- "\x26\xEC\xBA\xB6\xFE\xBA\x91\xCE", +- 53, +- "\x60\x33\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x00" +- "\x00\x00\x00\xFF\xFF\xF0\x0B\x90\x7B\xC4\xFC\xEB\xF4\x84\x9C\x5A" +- "\xA8\x56\x41\x3E\xE1\x62\xEE\x38\xD1\x34\x9A\xE3\xFB\xC9\xFD\x0A" +- "\xDC\x83\xE1\x4A\xE4" +- }, + { + ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW, + SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20, +@@ -160,8 +149,6 @@ make_fake_context(const struct test *test) + gss_union_ctx_id_t uctx; + krb5_gss_ctx_id_t kgctx; + krb5_keyblock kb; +- unsigned char encbuf[8]; +- size_t i; + + kgctx = calloc(1, sizeof(*kgctx)); + if (kgctx == NULL) +@@ -184,11 +171,6 @@ make_fake_context(const struct test *test) + if (krb5_k_create_key(NULL, &kb, &kgctx->seq) != 0) + abort(); + +- if (kb.enctype == ENCTYPE_DES_CBC_RAW) { +- for (i = 0; i < 8; i++) +- encbuf[i] = kb.contents[i] ^ 0xF0; +- kb.contents = encbuf; +- } + if (krb5_k_create_key(NULL, &kb, &kgctx->enc) != 0) + abort(); + +@@ -248,7 +230,7 @@ test_bogus_1964_token(gss_ctx_id_t ctx) + gss_iov_buffer_desc iov; + + store_16_be(KG_TOK_SIGN_MSG, tokbuf); +- store_16_le(SGN_ALG_DES_MAC_MD5, tokbuf + 2); ++ store_16_le(SGN_ALG_HMAC_MD5, tokbuf + 2); + store_16_le(SEAL_ALG_NONE, tokbuf + 4); + store_16_le(0xFFFF, tokbuf + 6); + memset(tokbuf + 8, 0, 16); +diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c +index c40ea434c..7368f752f 100644 +--- a/src/tests/gssapi/t_pcontok.c ++++ b/src/tests/gssapi/t_pcontok.c +@@ -43,7 +43,6 @@ + #include "k5-int.h" + #include "common.h" + +-#define SGN_ALG_DES_MAC_MD5 0x00 + #define SGN_ALG_HMAC_SHA1_DES3_KD 0x04 + #define SGN_ALG_HMAC_MD5 0x11 + +@@ -78,11 +77,7 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out) + ret = krb5_k_create_key(context, &seqkb, &seq); + check_k5err(context, "krb5_k_create_key", ret); + +- if (signalg == SGN_ALG_DES_MAC_MD5) { +- cktype = CKSUMTYPE_RSA_MD5; +- cksize = 8; +- ckusage = 0; +- } else if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) { ++ if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) { + cktype = CKSUMTYPE_HMAC_SHA1_DES3; + cksize = 20; + ckusage = 23; +@@ -122,15 +117,7 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out) + d = make_data(ptr - 8, 8); + ret = krb5_k_make_checksum(context, cktype, seq, ckusage, &d, &cksum); + check_k5err(context, "krb5_k_make_checksum", ret); +- if (signalg == SGN_ALG_DES_MAC_MD5) { +- iov.flags = KRB5_CRYPTO_TYPE_DATA; +- iov.data = make_data(cksum.contents, 16); +- ret = krb5_k_encrypt_iov(context, seq, 0, NULL, &iov, 1); +- check_k5err(context, "krb5_k_encrypt_iov", ret); +- memcpy(ptr + 8, cksum.contents + 8, 8); +- } else { +- memcpy(ptr + 8, cksum.contents, cksize); +- } ++ memcpy(ptr + 8, cksum.contents, cksize); + + /* Create the sequence number (8 bytes). */ + iov.flags = KRB5_CRYPTO_TYPE_DATA; +diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c +index 6a698ce0f..f71774cdc 100644 +--- a/src/tests/gssapi/t_prf.c ++++ b/src/tests/gssapi/t_prf.c +@@ -41,13 +41,6 @@ static struct { + const char *key2; + const char *out2; + } tests[] = { +- { ENCTYPE_DES_CBC_CRC, +- "E607FE9DABB57AE0", +- "803C4121379FC4B87CE413B67707C4632EBED2C6D6B7" +- "2A55E878836E35E21600D915D590DED5B6D77BB30A1F", +- "54758316B6257A75", +- "279E4105F7ADC9BD6EF28ABE31D89B442FE0058388BA" +- "33264ACB5729562DC637950F6BD144B654BE7700B2D6" }, + { ENCTYPE_DES3_CBC_SHA1, + "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2", + "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9" +diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py +index c21d054f1..2a052fc17 100644 +--- a/src/tests/t_etype_info.py ++++ b/src/tests/t_etype_info.py +@@ -24,7 +24,7 @@ def test_etinfo(princ, enctypes, expected_lines): + # With no newer enctypes in the request, PA-ETYPE-INFO2, + # PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one + # key for the most preferred matching enctype. +-test_etinfo('user', 'rc4-hmac-exp des3 rc4 des-cbc-crc', ++test_etinfo('user', 'rc4-hmac-exp des3 rc4', + ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser', + 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser', + 'asrep pw_salt KRBTEST.COMuser']) +@@ -37,7 +37,7 @@ test_etinfo('user', 'rc4 aes256-cts', + + # In preauth-required errors, PA-PW-SALT does not appear, but the same + # etype-info2 values are expected. +-test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4 des-cbc-crc', ++test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4', + ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser', + 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser']) + test_etinfo('preauthuser', 'rc4 aes256-cts', +diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py +index 4af6804f2..2c825a692 100755 +--- a/src/tests/t_keyrollover.py ++++ b/src/tests/t_keyrollover.py +@@ -2,7 +2,7 @@ from k5test import * + + rollover_krb5_conf = {'libdefaults': {'allow_weak_crypto': 'true'}} + +-realm = K5Realm(krbtgt_keysalt='des-cbc-crc:normal', ++realm = K5Realm(krbtgt_keysalt='aes128-cts-hmac-sha256-128:normal', + krb5_conf=rollover_krb5_conf) + + princ1 = 'host/test1@%s' % (realm.realm,) +@@ -22,9 +22,9 @@ realm.run([kvno, princ1]) + realm.run([kadminl, 'purgekeys', realm.krbtgt_princ]) + # Make sure an old TGT fails after purging old TGS key. + realm.run([kvno, princ2], expected_code=1) +-ddes = "DEPRECATED:des-cbc-crc" ++et = "aes128-cts-hmac-sha256-128" + msg = 'krbtgt/%s@%s\n\tEtype (skey, tkt): %s, %s' % \ +- (realm.realm, realm.realm, ddes, ddes) ++ (realm.realm, realm.realm, et, et) + realm.run([klist, '-e'], expected_msg=msg) + + # Check that new key actually works. +diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py +index 008efcb03..65084bbf3 100755 +--- a/src/tests/t_salt.py ++++ b/src/tests/t_salt.py +@@ -22,7 +22,7 @@ salts = [('des3-cbc-sha1', 'norealm'), + # These enctypes are chosen to cover the different string-to-key routines. + # Omit ":normal" from aes256 to check that salttype defaulting works. + second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal', +- 'des3-cbc-sha1:normal', 'des-cbc-crc:normal'] ++ 'des3-cbc-sha1:normal'] + + # Test using different salt types in a principal's key list. + # Parameters from one key in the list must not leak over to later ones. +diff --git a/src/tests/t_sesskeynego.py b/src/tests/t_sesskeynego.py +index da02f224a..621b27156 100755 +--- a/src/tests/t_sesskeynego.py ++++ b/src/tests/t_sesskeynego.py +@@ -23,13 +23,7 @@ conf2 = {'libdefaults': {'default_tgs_enctypes': 'aes256-cts,aes128-cts'}} + conf3 = {'libdefaults': { + 'allow_weak_crypto': 'true', + 'default_tkt_enctypes': 'aes128-cts', +- 'default_tgs_enctypes': 'rc4-hmac,aes128-cts,des-cbc-crc'}} +-conf4 = {'libdefaults': { +- 'allow_weak_crypto': 'true', +- 'default_tkt_enctypes': 'aes256-cts', +- 'default_tgs_enctypes': 'des-cbc-crc,rc4-hmac,aes256-cts'}, +- 'realms': {'$realm': {'des_crc_session_supported': 'false'}}} +- ++ 'default_tgs_enctypes': 'rc4-hmac,aes128-cts'}} + # Test with client request and session_enctypes preferring aes128, but + # aes256 long-term key. + realm = K5Realm(krb5_conf=conf1, create_host=False, get_creds=False) +@@ -63,16 +57,6 @@ test_kvno(realm, 'aes128-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96') + realm.run([kadminl, 'setstr', 'server', 'session_enctypes', + 'rc4-hmac,aes128-cts,aes256-cts']) + test_kvno(realm, 'DEPRECATED:arcfour-hmac', 'aes256-cts-hmac-sha1-96') +- +-# 3c: Test des-cbc-crc default assumption. +-realm.run([kadminl, 'delstr', 'server', 'session_enctypes']) +-test_kvno(realm, 'DEPRECATED:des-cbc-crc', 'aes256-cts-hmac-sha1-96') +-realm.stop() +- +-# Last go: test that we can disable the des-cbc-crc assumption +-realm = K5Realm(krb5_conf=conf4, get_creds=False) +-realm.run([kadminl, 'addprinc', '-randkey', '-e', 'aes256-cts', 'server']) +-test_kvno(realm, 'aes256-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96') + realm.stop() + + success('sesskeynego') +diff --git a/src/util/k5test.py b/src/util/k5test.py +index b6d93f1d8..da2782e15 100644 +--- a/src/util/k5test.py ++++ b/src/util/k5test.py +@@ -1307,7 +1307,7 @@ _passes = [ + 'master_key_type': 'aes256-sha2'}}}), + + # Test a setup with modern principal keys but an old TGT key. +- ('aes256.destgt', 'des-cbc-crc:normal', ++ ('aes256.destgt', 'arcfour-hmac:normal', + {'libdefaults': {'allow_weak_crypto': 'true'}}, + None) + ] diff --git a/krb5-1.17post2-FIPS-with-PRNG-SPAKE-and-RADIUS.patch b/krb5-1.17post3-FIPS-with-PRNG-SPAKE-and-RADIUS.patch similarity index 93% rename from krb5-1.17post2-FIPS-with-PRNG-SPAKE-and-RADIUS.patch rename to krb5-1.17post3-FIPS-with-PRNG-SPAKE-and-RADIUS.patch index 295bc5d..98c4782 100644 --- a/krb5-1.17post2-FIPS-with-PRNG-SPAKE-and-RADIUS.patch +++ b/krb5-1.17post3-FIPS-with-PRNG-SPAKE-and-RADIUS.patch @@ -1,7 +1,7 @@ -From 35dbfaa4a224bbbdd0d75a0383fbe09d7deb389f Mon Sep 17 00:00:00 2001 +From b52fa25acec9c0302532e1610ffe390d714e8f7a Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Fri, 9 Nov 2018 15:12:21 -0500 -Subject: [PATCH] krb5-1.17post2 FIPS with PRNG, SPAKE, and RADIUS +Subject: [PATCH] krb5-1.17post3 FIPS with PRNG, SPAKE, and RADIUS NB: Use openssl's PRNG in FIPS mode, be aware during SPAKE group negotiation, and taint within krad. @@ -15,10 +15,11 @@ awareness of what we can and can't safely call. This will slow down some calls slightly (FIPS_mode() takes multiple locks), but not for any ciphers we care about - which is to say that AES is fine. Shame about the SPAKE groups though. + +post3 is (confusingly) on top of the 1DES removal. --- src/lib/crypto/krb/prng.c | 11 ++++- .../crypto/openssl/enc_provider/camellia.c | 6 +++ - src/lib/crypto/openssl/enc_provider/des.c | 9 ++++ src/lib/crypto/openssl/enc_provider/des3.c | 6 +++ src/lib/crypto/openssl/enc_provider/rc4.c | 13 +++++- .../crypto/openssl/hash_provider/hash_evp.c | 4 ++ @@ -31,7 +32,7 @@ AES is fine. Shame about the SPAKE groups though. src/lib/krad/t_attr.c | 3 +- src/lib/krad/t_attrset.c | 4 +- src/plugins/preauth/spake/groups.c | 8 ++++ - 15 files changed, 132 insertions(+), 33 deletions(-) + 14 files changed, 123 insertions(+), 33 deletions(-) diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c index cb9ca9b98..f0e9984ca 100644 @@ -88,40 +89,6 @@ index 2da691329..f79679a0b 100644 state->length = 16; state->data = (void *) malloc(16); if (state->data == NULL) -diff --git a/src/lib/crypto/openssl/enc_provider/des.c b/src/lib/crypto/openssl/enc_provider/des.c -index a662db512..7d17d287e 100644 ---- a/src/lib/crypto/openssl/enc_provider/des.c -+++ b/src/lib/crypto/openssl/enc_provider/des.c -@@ -85,6 +85,9 @@ k5_des_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - EVP_CIPHER_CTX *ctx; - krb5_boolean empty; - -+ if (FIPS_mode()) -+ return KRB5_CRYPTO_INTERNAL; -+ - ret = validate(key, ivec, data, num_data, &empty); - if (ret != 0 || empty) - return ret; -@@ -133,6 +136,9 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, - EVP_CIPHER_CTX *ctx; - krb5_boolean empty; - -+ if (FIPS_mode()) -+ return KRB5_CRYPTO_INTERNAL; -+ - ret = validate(key, ivec, data, num_data, &empty); - if (ret != 0 || empty) - return ret; -@@ -182,6 +188,9 @@ k5_des_cbc_mac(krb5_key key, const krb5_crypto_iov *data, size_t num_data, - DES_key_schedule sched; - krb5_boolean empty; - -+ if (FIPS_mode()) -+ return KRB5_CRYPTO_INTERNAL; -+ - ret = validate(key, ivec, data, num_data, &empty); - if (ret != 0) - return ret; diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c index 1c439c2cd..8be555a8d 100644 --- a/src/lib/crypto/openssl/enc_provider/des3.c diff --git a/krb5.spec b/krb5.spec index 7808495..2b86cc1 100644 --- a/krb5.spec +++ b/krb5.spec @@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.17 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces) -Release: 25%{?dist} +Release: 26%{?dist} # lookaside-cached sources; two downloads and a build artifact Source0: https://web.mit.edu/kerberos/dist/krb5/1.17/krb5-%{version}%{prerelease}.tar.gz @@ -89,7 +89,6 @@ Patch123: Avoid-alignment-warnings-in-openssl-rc4.c.patch Patch124: Simply-OpenSSL-PKCS7-decryption-code.patch Patch125: Improve-error-messages-from-kadmin-change_password.patch Patch126: Remove-more-dead-code.patch -Patch127: krb5-1.17post2-FIPS-with-PRNG-SPAKE-and-RADIUS.patch Patch128: Remove-checksum-type-profile-variables.patch Patch129: Remove-dead-variable-def_kslist-from-two-files.patch Patch130: Mark-the-doc-kadm5-tex-files-as-historic.patch @@ -99,6 +98,11 @@ Patch133: Update-default-krb5kdc-mkey-manual-entry-enctype.patch Patch134: Support-389ds-s-lockout-model.patch Patch135: Add-missing-newlines-to-deprecation-warnings.patch Patch136: Set-a-more-modern-default-ksu-CMD_PATH.patch +Patch137: Remove-the-v4-and-afs3-salt-types.patch +Patch138: Update-test-suite-to-avoid-single-DES-enctypes.patch +Patch139: Remove-support-for-single-DES-and-CRC.patch +Patch140: Display-unsupported-enctype-names.patch +Patch141: krb5-1.17post3-FIPS-with-PRNG-SPAKE-and-RADIUS.patch License: MIT URL: https://web.mit.edu/kerberos/www/ @@ -708,6 +712,9 @@ exit 0 %{_libdir}/libkadm5srv_mit.so.* %changelog +* Tue May 28 2019 Robbie Harwood - 1.17-26 +- Remove support for single-DES and CRC + * Wed May 22 2019 Robbie Harwood - 1.17-25 - Add missing newlines to deprecation warnings - Switch to upstream's ksu path patch