From 9e71fcd5db98fb7ace02e8684486cc7f092d82ad Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Wed, 17 Apr 2019 17:07:46 -0400 Subject: [PATCH] Remove support for no-flags SAM-2 preauth When neither the send-encrypted-sad nor the use-sad-as-key flag is set in the SAM-2 challenge, the protocol calls for the AS key to be combined with the string-to-key of the SAD using a key combination method which has only been implemented for DES and 3DES enctypes. Rather than extending key combination, remove support for this case. [ghudson@mit.edu: rewrote commit message, added comment] ticket: 8812 (new) (cherry picked from commit c30e0af224ef3716513744fd86aec3eeea90abf9) --- src/lib/krb5/krb/preauth_sam2.c | 40 +++++++++------------------------ 1 file changed, 11 insertions(+), 29 deletions(-) diff --git a/src/lib/krb5/krb/preauth_sam2.c b/src/lib/krb5/krb/preauth_sam2.c index c7484c47e..fda86bee2 100644 --- a/src/lib/krb5/krb/preauth_sam2.c +++ b/src/lib/krb5/krb/preauth_sam2.c @@ -211,38 +211,20 @@ sam2_process(krb5_context context, krb5_clpreauth_moddata moddata, /* Get encryption key to be used for checksum and sam_response */ if (!(sc2b->sam_flags & KRB5_SAM_USE_SAD_AS_KEY)) { /* Retain as_key from above gak_fct call. */ - - if (!(sc2b->sam_flags & KRB5_SAM_SEND_ENCRYPTED_SAD)) { - /* as_key = combine_key (as_key, string_to_key(SAD)) */ - krb5_keyblock tmp_kb; - - retval = krb5_c_string_to_key(context, sc2b->sam_etype, - &response_data, salt, &tmp_kb); - - if (retval) { - krb5_free_sam_challenge_2(context, sc2); - krb5_free_sam_challenge_2_body(context, sc2b); - if (defsalt.length) free(defsalt.data); - return(retval); - } - - /* This should be a call to the crypto library some day */ - /* key types should already match the sam_etype */ - retval = krb5int_c_combine_keys(context, &ctx->as_key, &tmp_kb, - &ctx->as_key); - - if (retval) { - krb5_free_sam_challenge_2(context, sc2); - krb5_free_sam_challenge_2_body(context, sc2b); - if (defsalt.length) free(defsalt.data); - return(retval); - } - krb5_free_keyblock_contents(context, &tmp_kb); - } - if (defsalt.length) free(defsalt.data); + if (!(sc2b->sam_flags & KRB5_SAM_SEND_ENCRYPTED_SAD)) { + /* + * If no flags are set, the protocol calls for us to combine the + * initial reply key with the SAD, using a method which is only + * specified for DES and 3DES enctypes. We no longer support this + * case. + */ + krb5_free_sam_challenge_2(context, sc2); + krb5_free_sam_challenge_2_body(context, sc2b); + return(KRB5_SAM_UNSUPPORTED); + } } else { /* as_key = string_to_key(SAD) */