184 lines
7.1 KiB
Diff
184 lines
7.1 KiB
Diff
From e0c8eb1bf93e0591e363e414378c70c255a6e6b6 Mon Sep 17 00:00:00 2001
|
|
From: Robbie Harwood <rharwood@redhat.com>
|
|
Date: Tue, 15 Jan 2019 16:16:57 -0500
|
|
Subject: [PATCH] Add function and enctype flag for deprecations
|
|
|
|
krb5int_c_deprecated_enctype() checks for the ETYPE_DEPRECATED flag on
|
|
enctypes. All ENCTYPE_WEAK enctypes are currently deprecated; not all
|
|
deprecated enctypes are considered weak. Deprecations follow RFC 6649
|
|
and RFC 8429.
|
|
|
|
(cherry picked from commit 484a6e7712f9b66e782b2520f07b0883889e116f)
|
|
---
|
|
src/include/k5-int.h | 1 +
|
|
src/lib/crypto/krb/crypto_int.h | 9 ++++++++-
|
|
src/lib/crypto/krb/enctype_util.c | 7 +++++++
|
|
src/lib/crypto/krb/etypes.c | 19 ++++++++++---------
|
|
src/lib/crypto/libk5crypto.exports | 1 +
|
|
src/lib/krb5_32.def | 3 +++
|
|
6 files changed, 30 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
|
|
index 8f9329c59..255cee822 100644
|
|
--- a/src/include/k5-int.h
|
|
+++ b/src/include/k5-int.h
|
|
@@ -2077,6 +2077,7 @@ krb5_get_tgs_ktypes(krb5_context, krb5_const_principal, krb5_enctype **);
|
|
krb5_boolean krb5_is_permitted_enctype(krb5_context, krb5_enctype);
|
|
|
|
krb5_boolean KRB5_CALLCONV krb5int_c_weak_enctype(krb5_enctype);
|
|
+krb5_boolean KRB5_CALLCONV krb5int_c_deprecated_enctype(krb5_enctype);
|
|
krb5_error_code k5_enctype_to_ssf(krb5_enctype enctype, unsigned int *ssf_out);
|
|
|
|
krb5_error_code krb5_kdc_rep_decrypt_proc(krb5_context, const krb5_keyblock *,
|
|
diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
|
|
index e5099291e..6c1c77cac 100644
|
|
--- a/src/lib/crypto/krb/crypto_int.h
|
|
+++ b/src/lib/crypto/krb/crypto_int.h
|
|
@@ -114,7 +114,14 @@ struct krb5_keytypes {
|
|
unsigned int ssf;
|
|
};
|
|
|
|
-#define ETYPE_WEAK 1
|
|
+/*
|
|
+ * "Weak" means the enctype is believed to be vulnerable to practical attacks,
|
|
+ * and will be disabled unless allow_weak_crypto is set to true. "Deprecated"
|
|
+ * means the enctype has been deprecated by the IETF, and affects display and
|
|
+ * logging.
|
|
+ */
|
|
+#define ETYPE_WEAK (1 << 0)
|
|
+#define ETYPE_DEPRECATED (1 << 1)
|
|
|
|
extern const struct krb5_keytypes krb5int_enctypes_list[];
|
|
extern const int krb5int_enctypes_length;
|
|
diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c
|
|
index b1b40e7ec..e394f4e19 100644
|
|
--- a/src/lib/crypto/krb/enctype_util.c
|
|
+++ b/src/lib/crypto/krb/enctype_util.c
|
|
@@ -51,6 +51,13 @@ krb5int_c_weak_enctype(krb5_enctype etype)
|
|
return (ktp != NULL && (ktp->flags & ETYPE_WEAK) != 0);
|
|
}
|
|
|
|
+krb5_boolean KRB5_CALLCONV
|
|
+krb5int_c_deprecated_enctype(krb5_enctype etype)
|
|
+{
|
|
+ const struct krb5_keytypes *ktp = find_enctype(etype);
|
|
+ return ktp != NULL && (ktp->flags & ETYPE_DEPRECATED) != 0;
|
|
+}
|
|
+
|
|
krb5_error_code KRB5_CALLCONV
|
|
krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2,
|
|
krb5_boolean *similar)
|
|
diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c
|
|
index 53d4a5c79..8f44c37e7 100644
|
|
--- a/src/lib/crypto/krb/etypes.c
|
|
+++ b/src/lib/crypto/krb/etypes.c
|
|
@@ -33,6 +33,7 @@
|
|
that the keytypes are all near each other. I'd rather not make
|
|
that assumption. */
|
|
|
|
+/* Deprecations come from RFC 6649 and RFC 8249. */
|
|
const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
{ ENCTYPE_DES_CBC_CRC,
|
|
"des-cbc-crc", { 0 }, "DES cbc mode with CRC-32",
|
|
@@ -42,7 +43,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_des_string_to_key, k5_rand2key_des,
|
|
krb5int_des_prf,
|
|
CKSUMTYPE_RSA_MD5_DES,
|
|
- ETYPE_WEAK, 56 },
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 56 },
|
|
{ ENCTYPE_DES_CBC_MD4,
|
|
"des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4",
|
|
&krb5int_enc_des, &krb5int_hash_md4,
|
|
@@ -51,7 +52,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_des_string_to_key, k5_rand2key_des,
|
|
krb5int_des_prf,
|
|
CKSUMTYPE_RSA_MD4_DES,
|
|
- ETYPE_WEAK, 56 },
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 56 },
|
|
{ ENCTYPE_DES_CBC_MD5,
|
|
"des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5",
|
|
&krb5int_enc_des, &krb5int_hash_md5,
|
|
@@ -60,7 +61,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_des_string_to_key, k5_rand2key_des,
|
|
krb5int_des_prf,
|
|
CKSUMTYPE_RSA_MD5_DES,
|
|
- ETYPE_WEAK, 56 },
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 56 },
|
|
{ ENCTYPE_DES_CBC_RAW,
|
|
"des-cbc-raw", { 0 }, "DES cbc mode raw",
|
|
&krb5int_enc_des, NULL,
|
|
@@ -69,7 +70,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_des_string_to_key, k5_rand2key_des,
|
|
krb5int_des_prf,
|
|
0,
|
|
- ETYPE_WEAK, 56 },
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 56 },
|
|
{ ENCTYPE_DES3_CBC_RAW,
|
|
"des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
|
|
&krb5int_enc_des3, NULL,
|
|
@@ -78,7 +79,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_dk_string_to_key, k5_rand2key_des3,
|
|
NULL, /*PRF*/
|
|
0,
|
|
- ETYPE_WEAK, 112 },
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 112 },
|
|
|
|
{ ENCTYPE_DES3_CBC_SHA1,
|
|
"des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
|
|
@@ -89,7 +90,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_dk_string_to_key, k5_rand2key_des3,
|
|
krb5int_dk_prf,
|
|
CKSUMTYPE_HMAC_SHA1_DES3,
|
|
- 0 /*flags*/, 112 },
|
|
+ ETYPE_DEPRECATED, 112 },
|
|
|
|
{ ENCTYPE_DES_HMAC_SHA1,
|
|
"des-hmac-sha1", { 0 }, "DES with HMAC/sha1",
|
|
@@ -99,7 +100,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_dk_string_to_key, k5_rand2key_des,
|
|
NULL, /*PRF*/
|
|
0,
|
|
- ETYPE_WEAK, 56 },
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 56 },
|
|
|
|
/* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we
|
|
* consider its strength degraded and assign it an SSF value of 64. */
|
|
@@ -113,7 +114,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key,
|
|
k5_rand2key_direct, krb5int_arcfour_prf,
|
|
CKSUMTYPE_HMAC_MD5_ARCFOUR,
|
|
- 0 /*flags*/, 64 },
|
|
+ ETYPE_DEPRECATED, 64 },
|
|
{ ENCTYPE_ARCFOUR_HMAC_EXP,
|
|
"arcfour-hmac-exp", { "rc4-hmac-exp", "arcfour-hmac-md5-exp" },
|
|
"Exportable ArcFour with HMAC/md5",
|
|
@@ -124,7 +125,7 @@ const struct krb5_keytypes krb5int_enctypes_list[] = {
|
|
krb5int_arcfour_decrypt, krb5int_arcfour_string_to_key,
|
|
k5_rand2key_direct, krb5int_arcfour_prf,
|
|
CKSUMTYPE_HMAC_MD5_ARCFOUR,
|
|
- ETYPE_WEAK, 40
|
|
+ ETYPE_WEAK | ETYPE_DEPRECATED, 40
|
|
},
|
|
|
|
{ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
|
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
|
|
index 82eb5f30c..90afdf5f7 100644
|
|
--- a/src/lib/crypto/libk5crypto.exports
|
|
+++ b/src/lib/crypto/libk5crypto.exports
|
|
@@ -109,3 +109,4 @@ k5_allow_weak_pbkdf2iter
|
|
krb5_c_prfplus
|
|
krb5_c_derive_prfplus
|
|
k5_enctype_to_ssf
|
|
+krb5int_c_deprecated_enctype
|
|
diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def
|
|
index c35022931..e6a487593 100644
|
|
--- a/src/lib/krb5_32.def
|
|
+++ b/src/lib/krb5_32.def
|
|
@@ -487,3 +487,6 @@ EXPORTS
|
|
encode_krb5_pa_spake @444 ; PRIVATE
|
|
decode_krb5_pa_spake @445 ; PRIVATE
|
|
k5_free_pa_spake @446 ; PRIVATE
|
|
+
|
|
+; new in 1.18
|
|
+ krb5int_c_deprecated_enctype @450 ; PRIVATE
|