krb5 commit: Enforce minimum PBKDF2 iteration count
Tom Yu
tlyu at MIT.EDU
Fri Nov 15 17:57:33 EST 2013
https://github.com/krb5/krb5/commit/7a7736a3ea321aeb4b281ae2712e27becb00d720
commit 7a7736a3ea321aeb4b281ae2712e27becb00d720
Author: Tom Yu <tlyu at mit.edu>
Date: Fri Nov 15 16:11:32 2013 -0500
Enforce minimum PBKDF2 iteration count
Also add a testing interface to allow weak iteration counts.
(Published test vectors use weak iteration counts.)
ticket: 7465
target_version: 1.12
tags: pullup
src/lib/crypto/crypto_tests/t_str2key.c | 292 ++++++++++++++++++++++++-------
src/lib/crypto/krb/s2k_pbkdf2.c | 5 +
src/lib/crypto/libk5crypto.exports | 1 +
3 files changed, 233 insertions(+), 65 deletions(-)
diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
index e9b29ba..8c71ac3 100644
--- a/src/lib/crypto/crypto_tests/t_str2key.c
+++ b/src/lib/crypto/crypto_tests/t_str2key.c
@@ -32,6 +32,8 @@ struct test {
char *salt;
krb5_data params;
krb5_data expected_key;
+ krb5_error_code expected_err;
+ krb5_boolean allow_weak;
} test_cases[] = {
/* AFS string-to-key tests from old t_afss2k.c. */
{
@@ -39,168 +41,216 @@ struct test {
"",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xA4\xD0\xD0\x9B\x86\x92\xB0\xC2" }
+ { KV5M_DATA, 8, "\xA4\xD0\xD0\x9B\x86\x92\xB0\xC2" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"M",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xF1\xF2\x9E\xAB\xD0\xEF\xDF\x73" }
+ { KV5M_DATA, 8, "\xF1\xF2\x9E\xAB\xD0\xEF\xDF\x73" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xD6\x85\x61\xC4\xF2\x94\xF4\xA1" }
+ { KV5M_DATA, 8, "\xD6\x85\x61\xC4\xF2\x94\xF4\xA1" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My ",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xD0\xE3\xA7\x83\x94\x61\xE0\xD0" }
+ { KV5M_DATA, 8, "\xD0\xE3\xA7\x83\x94\x61\xE0\xD0" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My P",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xD5\x62\xCD\x94\x61\xCB\x97\xDF" }
+ { KV5M_DATA, 8, "\xD5\x62\xCD\x94\x61\xCB\x97\xDF" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Pa",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x9E\xA2\xA2\xEC\xA8\x8C\x6B\x8F" }
+ { KV5M_DATA, 8, "\x9E\xA2\xA2\xEC\xA8\x8C\x6B\x8F" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Pas",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xE3\x91\x6D\xD3\x85\xF1\x67\xC4" }
+ { KV5M_DATA, 8, "\xE3\x91\x6D\xD3\x85\xF1\x67\xC4" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Pass",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xF4\xC4\x73\xC8\x8A\xE9\x94\x6D" }
+ { KV5M_DATA, 8, "\xF4\xC4\x73\xC8\x8A\xE9\x94\x6D" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Passw",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xA1\x9E\xB3\xAD\x6B\xE3\xAB\xD9" }
+ { KV5M_DATA, 8, "\xA1\x9E\xB3\xAD\x6B\xE3\xAB\xD9" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Passwo",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xAD\xA1\xCE\x10\x37\x83\xA7\x8C" }
+ { KV5M_DATA, 8, "\xAD\xA1\xCE\x10\x37\x83\xA7\x8C" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Passwor",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xD3\x01\xD0\xF7\x3E\x7A\x49\x0B" }
+ { KV5M_DATA, 8, "\xD3\x01\xD0\xF7\x3E\x7A\x49\x0B" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Password",
"Sodium Chloride",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xB6\x2A\x4A\xEC\x9D\x4C\x68\xDF" }
+ { KV5M_DATA, 8, "\xB6\x2A\x4A\xEC\x9D\x4C\x68\xDF" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x61\xEF\xE6\x83\xE5\x8A\x6B\x98" }
+ { KV5M_DATA, 8, "\x61\xEF\xE6\x83\xE5\x8A\x6B\x98" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"M",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x68\xCD\x68\xAD\xC4\x86\xCD\xE5" }
+ { KV5M_DATA, 8, "\x68\xCD\x68\xAD\xC4\x86\xCD\xE5" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x83\xA1\xC8\x86\x8F\x67\xD0\x62" }
+ { KV5M_DATA, 8, "\x83\xA1\xC8\x86\x8F\x67\xD0\x62" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My ",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x9E\xC7\x8F\xA4\xA4\xB3\xE0\xD5" }
+ { KV5M_DATA, 8, "\x9E\xC7\x8F\xA4\xA4\xB3\xE0\xD5" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My P",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xD9\x92\x86\x8F\x9D\x8C\x85\xE6" }
+ { KV5M_DATA, 8, "\xD9\x92\x86\x8F\x9D\x8C\x85\xE6" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Pa",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xDA\xF2\x92\x83\xF4\x9B\xA7\xAD" }
+ { KV5M_DATA, 8, "\xDA\xF2\x92\x83\xF4\x9B\xA7\xAD" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Pas",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x91\xCD\xAD\xEF\x86\xDF\xD3\xA2" }
+ { KV5M_DATA, 8, "\x91\xCD\xAD\xEF\x86\xDF\xD3\xA2" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Pass",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x73\xD3\x67\x68\x8F\x6E\xE3\x73" }
+ { KV5M_DATA, 8, "\x73\xD3\x67\x68\x8F\x6E\xE3\x73" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Passw",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xC4\x61\x85\x9D\xAD\xF4\xDC\xB0" }
+ { KV5M_DATA, 8, "\xC4\x61\x85\x9D\xAD\xF4\xDC\xB0" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Passwo",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\xE9\x02\x83\x16\x2C\xEC\xE0\x08" }
+ { KV5M_DATA, 8, "\xE9\x02\x83\x16\x2C\xEC\xE0\x08" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Passwor",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x61\xC8\x26\x29\xD9\x73\x6E\xB6" }
+ { KV5M_DATA, 8, "\x61\xC8\x26\x29\xD9\x73\x6E\xB6" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"My Password",
"NaCl",
{ KV5M_DATA, 1, "\1" },
- { KV5M_DATA, 8, "\x8C\xA8\x9E\xC4\xA8\xDC\x31\x73" }
+ { KV5M_DATA, 8, "\x8C\xA8\x9E\xC4\xA8\xDC\x31\x73" },
+ 0,
+ FALSE
},
/* Test vectors from RFC 3961 appendix A.2. */
@@ -209,42 +259,54 @@ struct test {
"password",
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 1, "\0" },
- { KV5M_DATA, 8, "\xCB\xC2\x2F\xAE\x23\x52\x98\xE3" }
+ { KV5M_DATA, 8, "\xCB\xC2\x2F\xAE\x23\x52\x98\xE3" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"potatoe",
"WHITEHOUSE.GOVdanny",
{ KV5M_DATA, 1, "\0" },
- { KV5M_DATA, 8, "\xDF\x3D\x32\xA7\x4F\xD9\x2A\x01" }
+ { KV5M_DATA, 8, "\xDF\x3D\x32\xA7\x4F\xD9\x2A\x01" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"\xF0\x9D\x84\x9E",
"EXAMPLE.COMpianist",
{ KV5M_DATA, 1, "\0" },
- { KV5M_DATA, 8, "\x4F\xFB\x26\xBA\xB0\xCD\x94\x13" }
+ { KV5M_DATA, 8, "\x4F\xFB\x26\xBA\xB0\xCD\x94\x13" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"\xC3\x9F",
"ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87",
{ KV5M_DATA, 1, "\0" },
- { KV5M_DATA, 8, "\x62\xC8\x1A\x52\x32\xB5\xE6\x9D" }
+ { KV5M_DATA, 8, "\x62\xC8\x1A\x52\x32\xB5\xE6\x9D" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"11119999",
"AAAAAAAA",
{ KV5M_DATA, 1, "\0" },
- { KV5M_DATA, 8, "\x98\x40\x54\xd0\xf1\xa7\x3e\x31" }
+ { KV5M_DATA, 8, "\x98\x40\x54\xd0\xf1\xa7\x3e\x31" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES_CBC_CRC,
"NNNN6666",
"FFFFAAAA",
{ KV5M_DATA, 1, "\0" },
- { KV5M_DATA, 8, "\xC4\xBF\x6B\x25\xAD\xF7\xA4\xF8" }
+ { KV5M_DATA, 8, "\xC4\xBF\x6B\x25\xAD\xF7\xA4\xF8" },
+ 0,
+ FALSE
},
/* Test vectors from RFC 3961 appendix A.4. */
@@ -254,7 +316,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 0, NULL },
{ KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C"
- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }
+ "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES3_CBC_SHA1,
@@ -262,7 +326,9 @@ struct test {
"WHITEHOUSE.GOVdanny",
{ KV5M_DATA, 0, NULL },
{ KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37"
- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" }
+ "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES3_CBC_SHA1,
@@ -270,7 +336,9 @@ struct test {
"EXAMPLE.COMbuckaroo",
{ KV5M_DATA, 0, NULL },
{ KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA"
- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" }
+ "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES3_CBC_SHA1,
@@ -278,7 +346,9 @@ struct test {
"ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87",
{ KV5M_DATA, 0, NULL },
{ KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0"
- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" }
+ "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" },
+ 0,
+ FALSE
},
{
ENCTYPE_DES3_CBC_SHA1,
@@ -286,7 +356,9 @@ struct test {
"EXAMPLE.COMpianist",
{ KV5M_DATA, 0, NULL },
{ KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E"
- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" }
+ "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" },
+ 0,
+ FALSE
},
/* Test vectors from RFC 3962 appendix B. */
@@ -296,7 +368,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 4, "\0\0\0\1" },
{ KV5M_DATA, 16,
- "\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" }
+ "\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -305,7 +379,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\1" },
{ KV5M_DATA, 32,
"\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B"
- "\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" }
+ "\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -313,7 +389,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 4, "\0\0\0\2" },
{ KV5M_DATA, 16,
- "\xC6\x51\xBF\x29\xE2\x30\x0A\xC2\x7F\xA4\x69\xD6\x93\xBD\xDA\x13" }
+ "\xC6\x51\xBF\x29\xE2\x30\x0A\xC2\x7F\xA4\x69\xD6\x93\xBD\xDA\x13" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -322,7 +400,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\2" },
{ KV5M_DATA, 32,
"\xA2\xE1\x6D\x16\xB3\x60\x69\xC1\x35\xD5\xE9\xD2\xE2\x5F\x89\x61"
- "\x02\x68\x56\x18\xB9\x59\x14\xB4\x67\xC6\x76\x22\x22\x58\x24\xFF" }
+ "\x02\x68\x56\x18\xB9\x59\x14\xB4\x67\xC6\x76\x22\x22\x58\x24\xFF" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -330,7 +410,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 16,
- "\x4C\x01\xCD\x46\xD6\x32\xD0\x1E\x6D\xBE\x23\x0A\x01\xED\x64\x2A" }
+ "\x4C\x01\xCD\x46\xD6\x32\xD0\x1E\x6D\xBE\x23\x0A\x01\xED\x64\x2A" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -339,7 +421,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 32,
"\x55\xA6\xAC\x74\x0A\xD1\x7B\x48\x46\x94\x10\x51\xE1\xE8\xB0\xA7"
- "\x54\x8D\x93\xB0\xAB\x30\xA8\xBC\x3F\xF1\x62\x80\x38\x2B\x8C\x2A" }
+ "\x54\x8D\x93\xB0\xAB\x30\xA8\xBC\x3F\xF1\x62\x80\x38\x2B\x8C\x2A" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -347,7 +431,9 @@ struct test {
"\x12\x34\x56\x78\x78\x56\x34\x12",
{ KV5M_DATA, 4, "\0\0\0\5" },
{ KV5M_DATA, 16,
- "\xE9\xB2\x3D\x52\x27\x37\x47\xDD\x5C\x35\xCB\x55\xBE\x61\x9D\x8E" }
+ "\xE9\xB2\x3D\x52\x27\x37\x47\xDD\x5C\x35\xCB\x55\xBE\x61\x9D\x8E" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -356,7 +442,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\5" },
{ KV5M_DATA, 32,
"\x97\xA4\xE7\x86\xBE\x20\xD8\x1A\x38\x2D\x5E\xBC\x96\xD5\x90\x9C"
- "\xAB\xCD\xAD\xC8\x7C\xA4\x8F\x57\x45\x04\x15\x9F\x16\xC3\x6E\x31" }
+ "\xAB\xCD\xAD\xC8\x7C\xA4\x8F\x57\x45\x04\x15\x9F\x16\xC3\x6E\x31" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -364,7 +452,9 @@ struct test {
"pass phrase equals block size",
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 16,
- "\x59\xD1\xBB\x78\x9A\x82\x8B\x1A\xA5\x4E\xF9\xC2\x88\x3F\x69\xED" }
+ "\x59\xD1\xBB\x78\x9A\x82\x8B\x1A\xA5\x4E\xF9\xC2\x88\x3F\x69\xED" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -373,7 +463,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 32,
"\x89\xAD\xEE\x36\x08\xDB\x8B\xC7\x1F\x1B\xFB\xFE\x45\x94\x86\xB0"
- "\x56\x18\xB7\x0C\xBA\xE2\x20\x92\x53\x4E\x56\xC5\x53\xBA\x4B\x34" }
+ "\x56\x18\xB7\x0C\xBA\xE2\x20\x92\x53\x4E\x56\xC5\x53\xBA\x4B\x34" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -381,7 +473,9 @@ struct test {
"pass phrase exceeds block size",
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 16,
- "\xCB\x80\x05\xDC\x5F\x90\x17\x9A\x7F\x02\x10\x4C\x00\x18\x75\x1D" }
+ "\xCB\x80\x05\xDC\x5F\x90\x17\x9A\x7F\x02\x10\x4C\x00\x18\x75\x1D" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -390,7 +484,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 32,
"\xD7\x8C\x5C\x9C\xB8\x72\xA8\xC9\xDA\xD4\x69\x7F\x0B\xB5\xB2\xD2"
- "\x14\x96\xC8\x2B\xEB\x2C\xAE\xDA\x21\x12\xFC\xEE\xA0\x57\x40\x1B" }
+ "\x14\x96\xC8\x2B\xEB\x2C\xAE\xDA\x21\x12\xFC\xEE\xA0\x57\x40\x1B" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
@@ -398,7 +494,9 @@ struct test {
"EXAMPLE.COMpianist",
{ KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
{ KV5M_DATA, 16,
- "\xF1\x49\xC1\xF2\xE1\x54\xA7\x34\x52\xD4\x3E\x7F\xE6\x2A\x56\xE5" }
+ "\xF1\x49\xC1\xF2\xE1\x54\xA7\x34\x52\xD4\x3E\x7F\xE6\x2A\x56\xE5" },
+ 0,
+ TRUE
},
{
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
@@ -407,7 +505,22 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
{ KV5M_DATA, 32,
"\x4B\x6D\x98\x39\xF8\x44\x06\xDF\x1F\x09\xCC\x16\x6D\xB4\xB8\x3C"
- "\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" }
+ "\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" },
+ 0,
+ TRUE
+ },
+ /* Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are
+ * forbidden. */
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "\xF0\x9D\x84\x9E",
+ "EXAMPLE.COMpianist",
+ { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+ { KV5M_DATA, 32,
+ "\x4B\x6D\x98\x39\xF8\x44\x06\xDF\x1F\x09\xCC\x16\x6D\xB4\xB8\x3C"
+ "\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" },
+ KRB5_ERR_BAD_S2K_PARAMS,
+ FALSE
},
/* The same inputs applied to Camellia enctypes. */
@@ -417,7 +530,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 4, "\0\0\0\1" },
{ KV5M_DATA, 16,
- "\x57\xD0\x29\x72\x98\xFF\xD9\xD3\x5D\xE5\xA4\x7F\xB4\xBD\xE2\x4B" }
+ "\x57\xD0\x29\x72\x98\xFF\xD9\xD3\x5D\xE5\xA4\x7F\xB4\xBD\xE2\x4B" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -426,7 +541,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\1" },
{ KV5M_DATA, 32,
"\xB9\xD6\x82\x8B\x20\x56\xB7\xBE\x65\x6D\x88\xA1\x23\xB1\xFA\xC6"
- "\x82\x14\xAC\x2B\x72\x7E\xCF\x5F\x69\xAF\xE0\xC4\xDF\x2A\x6D\x2C" }
+ "\x82\x14\xAC\x2B\x72\x7E\xCF\x5F\x69\xAF\xE0\xC4\xDF\x2A\x6D\x2C" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA128_CTS_CMAC,
@@ -434,7 +551,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 4, "\0\0\0\2" },
{ KV5M_DATA, 16,
- "\x73\xF1\xB5\x3A\xA0\xF3\x10\xF9\x3B\x1D\xE8\xCC\xAA\x0C\xB1\x52" }
+ "\x73\xF1\xB5\x3A\xA0\xF3\x10\xF9\x3B\x1D\xE8\xCC\xAA\x0C\xB1\x52" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -443,7 +562,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\2" },
{ KV5M_DATA, 32,
"\x83\xFC\x58\x66\xE5\xF8\xF4\xC6\xF3\x86\x63\xC6\x5C\x87\x54\x9F"
- "\x34\x2B\xC4\x7E\xD3\x94\xDC\x9D\x3C\xD4\xD1\x63\xAD\xE3\x75\xE3" }
+ "\x34\x2B\xC4\x7E\xD3\x94\xDC\x9D\x3C\xD4\xD1\x63\xAD\xE3\x75\xE3" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA128_CTS_CMAC,
@@ -451,7 +572,9 @@ struct test {
"ATHENA.MIT.EDUraeburn",
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 16,
- "\x8E\x57\x11\x45\x45\x28\x55\x57\x5F\xD9\x16\xE7\xB0\x44\x87\xAA" }
+ "\x8E\x57\x11\x45\x45\x28\x55\x57\x5F\xD9\x16\xE7\xB0\x44\x87\xAA" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -460,7 +583,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 32,
"\x77\xF4\x21\xA6\xF2\x5E\x13\x83\x95\xE8\x37\xE5\xD8\x5D\x38\x5B"
- "\x4C\x1B\xFD\x77\x2E\x11\x2C\xD9\x20\x8C\xE7\x2A\x53\x0B\x15\xE6" }
+ "\x4C\x1B\xFD\x77\x2E\x11\x2C\xD9\x20\x8C\xE7\x2A\x53\x0B\x15\xE6" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA128_CTS_CMAC,
@@ -468,7 +593,9 @@ struct test {
"\x12\x34\x56\x78\x78\x56\x34\x12",
{ KV5M_DATA, 4, "\0\0\0\5" },
{ KV5M_DATA, 16,
- "\x00\x49\x8F\xD9\x16\xBF\xC1\xC2\xB1\x03\x1C\x17\x08\x01\xB3\x81" }
+ "\x00\x49\x8F\xD9\x16\xBF\xC1\xC2\xB1\x03\x1C\x17\x08\x01\xB3\x81" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -477,7 +604,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\5" },
{ KV5M_DATA, 32,
"\x11\x08\x3A\x00\xBD\xFE\x6A\x41\xB2\xF1\x97\x16\xD6\x20\x2F\x0A"
- "\xFA\x94\x28\x9A\xFE\x8B\x27\xA0\x49\xBD\x28\xB1\xD7\x6C\x38\x9A" }
+ "\xFA\x94\x28\x9A\xFE\x8B\x27\xA0\x49\xBD\x28\xB1\xD7\x6C\x38\x9A" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA128_CTS_CMAC,
@@ -485,7 +614,9 @@ struct test {
"pass phrase equals block size",
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 16,
- "\x8B\xF6\xC3\xEF\x70\x9B\x98\x1D\xBB\x58\x5D\x08\x68\x43\xBE\x05" }
+ "\x8B\xF6\xC3\xEF\x70\x9B\x98\x1D\xBB\x58\x5D\x08\x68\x43\xBE\x05" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -494,7 +625,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 32,
"\x11\x9F\xE2\xA1\xCB\x0B\x1B\xE0\x10\xB9\x06\x7A\x73\xDB\x63\xED"
- "\x46\x65\xB4\xE5\x3A\x98\xD1\x78\x03\x5D\xCF\xE8\x43\xA6\xB9\xB0" }
+ "\x46\x65\xB4\xE5\x3A\x98\xD1\x78\x03\x5D\xCF\xE8\x43\xA6\xB9\xB0" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA128_CTS_CMAC,
@@ -502,7 +635,9 @@ struct test {
"pass phrase exceeds block size",
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 16,
- "\x57\x52\xAC\x8D\x6A\xD1\xCC\xFE\x84\x30\xB3\x12\x87\x1C\x2F\x74" }
+ "\x57\x52\xAC\x8D\x6A\xD1\xCC\xFE\x84\x30\xB3\x12\x87\x1C\x2F\x74" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -511,7 +646,9 @@ struct test {
{ KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
{ KV5M_DATA, 32,
"\x61\x4D\x5D\xFC\x0B\xA6\xD3\x90\xB4\x12\xB8\x9A\xE4\xD5\xB0\x88"
- "\xB6\x12\xB3\x16\x51\x09\x94\x67\x9D\xDB\x43\x83\xC7\x12\x6D\xDF" }
+ "\xB6\x12\xB3\x16\x51\x09\x94\x67\x9D\xDB\x43\x83\xC7\x12\x6D\xDF" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA128_CTS_CMAC,
@@ -519,7 +656,9 @@ struct test {
"EXAMPLE.COMpianist",
{ KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
{ KV5M_DATA, 16,
- "\xCC\x75\xC7\xFD\x26\x0F\x1C\x16\x58\x01\x1F\xCC\x0D\x56\x06\x16" }
+ "\xCC\x75\xC7\xFD\x26\x0F\x1C\x16\x58\x01\x1F\xCC\x0D\x56\x06\x16" },
+ 0,
+ TRUE
},
{
ENCTYPE_CAMELLIA256_CTS_CMAC,
@@ -528,7 +667,22 @@ struct test {
{ KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
{ KV5M_DATA, 32,
"\x16\x3B\x76\x8C\x6D\xB1\x48\xB4\xEE\xC7\x16\x3D\xF5\xAE\xD7\x0E"
- "\x20\x6B\x68\xCE\xC0\x78\xBC\x06\x9E\xD6\x8A\x7E\xD3\x6B\x1E\xCC" }
+ "\x20\x6B\x68\xCE\xC0\x78\xBC\x06\x9E\xD6\x8A\x7E\xD3\x6B\x1E\xCC" },
+ 0,
+ TRUE
+ },
+ /* Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are
+ * forbidden. */
+ {
+ ENCTYPE_CAMELLIA256_CTS_CMAC,
+ "\xf0\x9d\x84\x9e",
+ "EXAMPLE.COMpianist",
+ { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+ { KV5M_DATA, 32,
+ "\x16\x3B\x76\x8C\x6D\xB1\x48\xB4\xEE\xC7\x16\x3D\xF5\xAE\xD7\x0E"
+ "\x20\x6B\x68\xCE\xC0\x78\xBC\x06\x9E\xD6\x8A\x7E\xD3\x6B\x1E\xCC" },
+ KRB5_ERR_BAD_S2K_PARAMS,
+ FALSE
}
};
@@ -552,6 +706,8 @@ printhex(const char *head, void *data, size_t len)
printf("\n");
}
+extern int k5_allow_weak_pbkdf2iter;
+
int
main(int argc, char **argv)
{
@@ -571,10 +727,11 @@ main(int argc, char **argv)
string = string2data(test->string);
salt = string2data(test->salt);
assert(krb5_init_keyblock(context, test->enctype, 0, &keyblock) == 0);
+ k5_allow_weak_pbkdf2iter = test->allow_weak;
ret = krb5_c_string_to_key_with_params(context, test->enctype,
&string, &salt, &test->params,
keyblock);
- if (ret != 0) {
+ if (ret != test->expected_err) {
com_err(argv[0], ret, "in krb5_c_string_to_key_with_params");
exit(1);
}
@@ -586,8 +743,13 @@ main(int argc, char **argv)
printf("String: %s\n", test->string);
printf("Salt: %s\n", test->salt);
printhex("Params: ", test->params.data, test->params.length);
- printhex("Key: ", keyblock->contents, keyblock->length);
+ if (test->expected_err == 0)
+ printhex("Key: ", keyblock->contents, keyblock->length);
+ else
+ printf("Expected error: %d\n", (int)test->expected_err);
}
+ if (test->expected_err != 0)
+ continue;
assert(keyblock->length == test->expected_key.length);
if (memcmp(keyblock->contents, test->expected_key.data,
keyblock->length) != 0) {
diff --git a/src/lib/crypto/krb/s2k_pbkdf2.c b/src/lib/crypto/krb/s2k_pbkdf2.c
index 4ada811..e223911 100644
--- a/src/lib/crypto/krb/s2k_pbkdf2.c
+++ b/src/lib/crypto/krb/s2k_pbkdf2.c
@@ -103,6 +103,8 @@ cleanup:
#define MAX_ITERATION_COUNT 0x1000000L
+krb5_boolean k5_allow_weak_pbkdf2iter = FALSE;
+
static krb5_error_code
pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string,
const krb5_data *salt, const krb5_data *pepper,
@@ -127,6 +129,9 @@ pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string,
if (((iter_count >> 16) >> 16) != 1)
return KRB5_ERR_BAD_S2K_PARAMS;
}
+ if (!k5_allow_weak_pbkdf2iter && iter_count < def_iter_count)
+ return KRB5_ERR_BAD_S2K_PARAMS;
+
} else
iter_count = def_iter_count;
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index b96833c..9342387 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports
@@ -101,3 +101,4 @@ k5_sha256_final
k5_sha256_init
k5_sha256_update
krb5int_nfold
+k5_allow_weak_pbkdf2iter
More information about the cvs-krb5
mailing list