krb5 commit: Allow zero cksumtype in krb5_k_verify_checksum()

Greg Hudson ghudson at mit.edu
Wed Mar 9 14:16:47 EST 2016 

https://github.com/krb5/krb5/commit/78e77f10aca448161077016677b0fe963d6bf9ee
commit 78e77f10aca448161077016677b0fe963d6bf9ee
Author: Greg Hudson <ghudson at mit.edu>
Date:   Fri Mar 4 13:25:28 2016 -0500

    Allow zero cksumtype in krb5_k_verify_checksum()
    
    A checksum type of 0 means to use the mandatory checksum type in
    krb5_k_make_checksum(), krb5_k_make_checksum_iov(), and
    krb5_k_verify_checksum_iov().  Extend this meaning to
    krb5_k_verify_checksum() for the checksum type in the krb5_checksum
    argument.  This change also applies to krb5_c_verify_checksum().
    
    Add code to t_cksums.c to test checksum verification, including with
    checksum type 0 for applicable test cases.
    
    ticket: 8375 (new)

 src/include/krb5/krb5.hin              |   12 ++++++++----
 src/lib/crypto/crypto_tests/t_cksums.c |   28 +++++++++++++++++++++++++++-
 src/lib/crypto/krb/verify_checksum.c   |   11 ++++++++++-
 3 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 851cea3..0a0d272 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -904,8 +904,10 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
  *
  * This function verifies that @a cksum is a valid checksum for @a data.  If
  * the checksum type of @a cksum is a keyed checksum, @a key is used to verify
- * the checksum.  The actual checksum key will be derived from @a key and @a
- * usage if key derivation is specified for the checksum type.
+ * the checksum.  If the checksum type in @a cksum is 0 and @a key is not NULL,
+ * the mandatory checksum type for @a key will be used.  The actual checksum
+ * key will be derived from @a key and @a usage if key derivation is specified
+ * for the checksum type.
  *
  * @note This function is similar to krb5_k_verify_checksum(), but operates
  * on keyblock @a key.
@@ -1470,8 +1472,10 @@ krb5_k_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
  *
  * This function verifies that @a cksum is a valid checksum for @a data.  If
  * the checksum type of @a cksum is a keyed checksum, @a key is used to verify
- * the checksum.  The actual checksum key will be derived from @a key and @a
- * usage if key derivation is specified for the checksum type.
+ * the checksum.  If the checksum type in @a cksum is 0 and @a key is not NULL,
+ * the mandatory checksum type for @a key will be used.  The actual checksum
+ * key will be derived from @a key and @a usage if key derivation is specified
+ * for the checksum type.
  *
  * @note This function is similar to krb5_c_verify_checksum(), but operates
  * on opaque @a key.
diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
index cad16f7..7c4c6db 100644
--- a/src/lib/crypto/crypto_tests/t_cksums.c
+++ b/src/lib/crypto/crypto_tests/t_cksums.c
@@ -174,7 +174,8 @@ main(int argc, char **argv)
     krb5_keyblock kb, *kbp;
     krb5_data plain;
     krb5_checksum cksum;
-    krb5_boolean verbose = FALSE;
+    krb5_cksumtype mtype;
+    krb5_boolean valid, verbose = FALSE;
     int status = 0;
 
     if (argc >= 2 && strcmp(argv[1], "-v") == 0)
@@ -214,6 +215,31 @@ main(int argc, char **argv)
             if (!verbose)
                 break;
         }
+
+        /* Test that the checksum verifies successfully. */
+        ret = krb5_c_verify_checksum(context, kbp, test->usage, &plain, &cksum,
+                                     &valid);
+        assert(!ret);
+        if (!valid) {
+            printf("test %d verify failed\n", (int)i);
+            status = 1;
+            if (!verbose)
+                break;
+        }
+
+        if (kbp != NULL) {
+            ret = krb5int_c_mandatory_cksumtype(context, kbp->enctype, &mtype);
+            assert(!ret);
+            if (test->sumtype == mtype) {
+                /* Test that a checksum type of 0 uses the mandatory checksum
+                 * type for the key. */
+                cksum.checksum_type = 0;
+                ret = krb5_c_verify_checksum(context, kbp, test->usage, &plain,
+                                             &cksum, &valid);
+                assert(!ret && valid);
+            }
+        }
+
         krb5_free_checksum_contents(context, &cksum);
     }
     return status;
diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c
index 45b33f4..09425ea 100644
--- a/src/lib/crypto/krb/verify_checksum.c
+++ b/src/lib/crypto/krb/verify_checksum.c
@@ -33,6 +33,7 @@ krb5_k_verify_checksum(krb5_context context, krb5_key key,
                        const krb5_checksum *cksum, krb5_boolean *valid)
 {
     const struct krb5_cksumtypes *ctp;
+    krb5_cksumtype cksumtype;
     krb5_crypto_iov iov;
     krb5_error_code ret;
     krb5_data cksum_data;
@@ -41,7 +42,15 @@ krb5_k_verify_checksum(krb5_context context, krb5_key key,
     iov.flags = KRB5_CRYPTO_TYPE_DATA;
     iov.data = *data;
 
-    ctp = find_cksumtype(cksum->checksum_type);
+    /* A 0 checksum type means use the mandatory checksum. */
+    cksumtype = cksum->checksum_type;
+    if (cksumtype == 0 && key != NULL) {
+        ret = krb5int_c_mandatory_cksumtype(context, key->keyblock.enctype,
+                                            &cksumtype);
+        if (ret)
+            return ret;
+    }
+    ctp = find_cksumtype(cksumtype);
     if (ctp == NULL)
         return KRB5_BAD_ENCTYPE;

More information about the cvs-krb5 mailing list