krb5 commit: Remove krb5int_c_combine_keys()

Greg Hudson ghudson at mit.edu
Wed May 29 19:18:55 EDT 2019


https://github.com/krb5/krb5/commit/925a7df2f486aaa3ff137d2bcdf8ff57186638c6
commit 925a7df2f486aaa3ff137d2bcdf8ff57186638c6
Author: Robbie Harwood <rharwood at redhat.com>
Date:   Thu Apr 18 17:27:07 2019 -0400

    Remove krb5int_c_combine_keys()
    
    This method of combining keys was specified by
    draft-ietf-krb-wg-kerberos-sam for DES and 3DES enctypes, and is
    otherwise unused.  Remove it.
    
    [ghudson at mit.edu: rewrote commit message]
    
    ticket: 8812

 .gitignore                              |    1 -
 src/include/k5-int.h                    |    7 -
 src/lib/crypto/crypto_tests/Makefile.in |   12 +--
 src/lib/crypto/crypto_tests/deps        |   10 --
 src/lib/crypto/crypto_tests/t_combine.c |   62 ---------
 src/lib/crypto/krb/Makefile.in          |    3 -
 src/lib/crypto/krb/combine_keys.c       |  227 -------------------------------
 src/lib/crypto/krb/deps                 |   13 --
 src/lib/crypto/libk5crypto.exports      |    1 -
 9 files changed, 3 insertions(+), 333 deletions(-)

diff --git a/.gitignore b/.gitignore
index 975ef54..140f0f8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -297,7 +297,6 @@ local.properties
 /src/lib/crypto/crypto_tests/t_cksum5
 /src/lib/crypto/crypto_tests/t_cksums
 /src/lib/crypto/crypto_tests/t_cmac
-/src/lib/crypto/crypto_tests/t_combine
 /src/lib/crypto/crypto_tests/t_cts
 /src/lib/crypto/crypto_tests/t_decrypt
 /src/lib/crypto/crypto_tests/t_derive
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 0fd1787..6feeb2f 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -672,13 +672,6 @@ zapfreedata(krb5_data *data)
     }
 }
 
-/*
- * Combine two keys (normally used by the hardware preauth mechanism)
- */
-krb5_error_code
-krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
-                       krb5_keyblock *key2, krb5_keyblock *outkey);
-
 void krb5int_c_free_keyblock(krb5_context, krb5_keyblock *key);
 void krb5int_c_free_keyblock_contents(krb5_context, krb5_keyblock *);
 krb5_error_code krb5int_c_init_keyblock(krb5_context, krb5_enctype enctype,
diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in
index 09feeb5..0295ee1 100644
--- a/src/lib/crypto/crypto_tests/Makefile.in
+++ b/src/lib/crypto/crypto_tests/Makefile.in
@@ -23,8 +23,7 @@ EXTRADEPSRCS=\
 	$(srcdir)/t_short.c	\
 	$(srcdir)/t_str2key.c	\
 	$(srcdir)/t_derive.c	\
-	$(srcdir)/t_fork.c	\
-	$(srcdir)/t_combine.c
+	$(srcdir)/t_fork.c
 
 ##DOS##BUILDTOP = ..\..\..
 
@@ -33,8 +32,7 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \
 		aes-test  \
 		camellia-test  \
 		t_mddriver4 t_mddriver \
-		t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2 \
-		t_combine
+		t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2
 	$(RUN_TEST) ./t_nfold
 	$(RUN_TEST) ./t_encrypt
 	$(RUN_TEST) ./t_decrypt
@@ -59,7 +57,6 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \
 	$(RUN_TEST) ./t_fork
 	$(RUN_TEST) ./t_cf2 <$(srcdir)/t_cf2.in >t_cf2.output
 	diff t_cf2.output $(srcdir)/t_cf2.expected
-	$(RUN_TEST) ./t_combine
 #	$(RUN_TEST) ./t_pkcs5
 
 t_nfold$(EXEEXT): t_nfold.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
@@ -134,9 +131,6 @@ t_fork$(EXEEXT): t_fork.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
 t_cf2$(EXEEXT): t_cf2.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
 	$(CC_LINK) -o $@ t_cf2.$(OBJEXT) $(KRB5_BASE_LIBS)
 
-t_combine$(EXEEXT): t_combine.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
-	$(CC_LINK) -o $@ t_combine.$(OBJEXT) $(KRB5_BASE_LIBS)
-
 clean:
 	$(RM) t_nfold.o t_nfold t_encrypt t_encrypt.o \
 		t_decrypt.o t_decrypt t_prng.o t_prng t_cmac.o t_cmac \
@@ -149,7 +143,7 @@ clean:
 		t_str2key.o t_derive t_derive.o t_fork t_fork.o \
 		t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) \
 		camellia-test camellia-test.o camellia-vt.txt \
-		t_cf2 t_cf2.o t_cf2.output t_combine.o t_combine
+		t_cf2 t_cf2.o t_cf2.output
 
 	-$(RM) t_prng.output
 	-$(RM) t_prf.output
diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps
index 19fef25..0d10d4a 100644
--- a/src/lib/crypto/crypto_tests/deps
+++ b/src/lib/crypto/crypto_tests/deps
@@ -226,13 +226,3 @@ $(OUTPRE)t_fork.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h t_fork.c
-$(OUTPRE)t_combine.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
-  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
-  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h t_combine.c
diff --git a/src/lib/crypto/crypto_tests/t_combine.c b/src/lib/crypto/crypto_tests/t_combine.c
deleted file mode 100644
index ba0622b..0000000
--- a/src/lib/crypto/crypto_tests/t_combine.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/crypto_tests/t_combine.c - krb5int_c_combine_keys tests */
-/*
- * Copyright (C) 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- *   notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- *   notice, this list of conditions and the following disclaimer in
- *   the documentation and/or other materials provided with the
- *   distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "k5-int.h"
-
-unsigned char des3_key1[] = "\x10\xB6\x75\xD5\x5B\xD9\x6E\x73"
-    "\xFD\x54\xB3\x3D\x37\x52\xC1\x2A\xF7\x43\x91\xFE\x1C\x02\x37\x13";
-unsigned char des3_key2[] = "\xC8\xDA\x3E\xA7\xB6\x64\xAE\x7A"
-    "\xB5\x70\x2A\x29\xB3\xBF\x9B\xA8\x46\x7C\x5B\xA8\x8A\x46\x70\x10";
-unsigned char des3_result[] = "\x2F\x79\x97\x3E\x3E\xA4\x73\x1A"
-    "\xB9\x3D\xEF\x5E\x7C\x29\xFB\x2A\x68\x86\x1F\xC1\x85\x0E\x79\x92";
-
-int
-main(int argc, char **argv)
-{
-    krb5_keyblock kb1, kb2, result;
-
-    kb1.enctype = ENCTYPE_DES3_CBC_SHA1;
-    kb1.contents = des3_key1;
-    kb1.length = 24;
-    kb2.enctype = ENCTYPE_DES3_CBC_SHA1;
-    kb2.contents = des3_key2;
-    kb2.length = 24;
-    memset(&result, 0, sizeof(result));
-    if (krb5int_c_combine_keys(NULL, &kb1, &kb2, &result) != 0)
-        abort();
-    if (result.enctype != ENCTYPE_DES3_CBC_SHA1 || result.length != 24 ||
-        memcmp(result.contents, des3_result, 24) != 0)
-        abort();
-    krb5_free_keyblock_contents(NULL, &result);
-
-    return 0;
-}
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
index c0e0b79..536bacb 100644
--- a/src/lib/crypto/krb/Makefile.in
+++ b/src/lib/crypto/krb/Makefile.in
@@ -22,7 +22,6 @@ STLIBOBJS=\
 	cksumtypes.o		\
 	cmac.o			\
 	coll_proof_cksum.o	\
-	combine_keys.o		\
 	crypto_length.o		\
 	crypto_libinit.o	\
 	default_state.o 	\
@@ -84,7 +83,6 @@ OBJS=\
 	$(OUTPRE)cksumtypes.$(OBJEXT)		\
 	$(OUTPRE)cmac.$(OBJEXT)			\
 	$(OUTPRE)coll_proof_cksum.$(OBJEXT)	\
-	$(OUTPRE)combine_keys.$(OBJEXT)		\
 	$(OUTPRE)crypto_length.$(OBJEXT)	\
 	$(OUTPRE)crypto_libinit.$(OBJEXT)	\
 	$(OUTPRE)default_state.$(OBJEXT) 	\
@@ -146,7 +144,6 @@ SRCS=\
 	$(srcdir)/cksumtypes.c		\
 	$(srcdir)/cmac.c		\
 	$(srcdir)/coll_proof_cksum.c	\
-	$(srcdir)/combine_keys.c	\
 	$(srcdir)/crypto_length.c	\
 	$(srcdir)/crypto_libinit.c	\
 	$(srcdir)/default_state.c 	\
diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c
deleted file mode 100644
index c36434e..0000000
--- a/src/lib/crypto/krb/combine_keys.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* Copyright (c) 2002 Naval Research Laboratory (NRL/CCS) */
-/*
- * Permission to use, copy, modify and distribute this software and its
- * documentation is hereby granted, provided that both the copyright
- * notice and this permission notice appear in all copies of the software,
- * derivative works or modified versions, and any portions thereof.
- *
- * NRL ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" CONDITION AND
- * DISCLAIMS ANY LIABILITY OF ANY KIND FOR ANY DAMAGES WHATSOEVER
- * RESULTING FROM THE USE OF THIS SOFTWARE.
- */
-
-/*
- * Key combination function.
- *
- * If Key1 and Key2 are two keys to be combined, the algorithm to combine
- * them is as follows.
- *
- * Definitions:
- *
- * k-truncate is defined as truncating to the key size the input.
- *
- * DR is defined as the generate "random" data from a key
- * (defined in crypto draft)
- *
- * DK is defined as the key derivation function (krb5int_derive_key())
- *
- * (note: | means "concatenate")
- *
- * Combine key algorithm:
- *
- * R1 = DR(Key1, n-fold(Key2)) [ Output is length of Key1 ]
- * R2 = DR(Key2, n-fold(Key1)) [ Output is length of Key2 ]
- *
- * rnd = n-fold(R1 | R2) [ Note: output size of nfold must be appropriately
- *                         sized for random-to-key function ]
- * tkey = random-to-key(rnd)
- * Combine-Key(Key1, Key2) = DK(tkey, CombineConstant)
- *
- * CombineConstant is defined as the byte string:
- *
- * { 0x63 0x6f 0x6d 0x62 0x69 0x6e 0x65 }, which corresponds to the
- * ASCII encoding of the string "combine"
- */
-
-#include "crypto_int.h"
-
-static krb5_error_code dr(const struct krb5_enc_provider *enc,
-                          const krb5_keyblock *inkey, unsigned char *outdata,
-                          const krb5_data *in_constant);
-
-/*
- * We only support this combine_keys algorithm for des and 3des keys.
- * Everything else should use the PRF defined in the crypto framework.
- * We don't implement that yet.
- */
-
-static krb5_boolean
-enctype_ok(krb5_enctype e)
-{
-    switch (e) {
-    case ENCTYPE_DES3_CBC_SHA1:
-        return TRUE;
-    default:
-        return FALSE;
-    }
-}
-
-krb5_error_code
-krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
-                       krb5_keyblock *key2, krb5_keyblock *outkey)
-{
-    unsigned char *r1 = NULL, *r2 = NULL, *combined = NULL, *rnd = NULL;
-    unsigned char *output = NULL;
-    size_t keybytes, keylength;
-    const struct krb5_enc_provider *enc;
-    krb5_data input, randbits;
-    krb5_keyblock tkeyblock;
-    krb5_key tkey = NULL;
-    krb5_error_code ret;
-    const struct krb5_keytypes *ktp;
-    krb5_boolean myalloc = FALSE;
-
-    if (!enctype_ok(key1->enctype) || !enctype_ok(key2->enctype))
-        return KRB5_CRYPTO_INTERNAL;
-
-    if (key1->length != key2->length || key1->enctype != key2->enctype)
-        return KRB5_CRYPTO_INTERNAL;
-
-    /* Find our encryption algorithm. */
-    ktp = find_enctype(key1->enctype);
-    if (ktp == NULL)
-        return KRB5_BAD_ENCTYPE;
-    enc = ktp->enc;
-
-    keybytes = enc->keybytes;
-    keylength = enc->keylength;
-
-    /* Allocate and set up buffers. */
-    r1 = k5alloc(keybytes, &ret);
-    if (ret)
-        goto cleanup;
-    r2 = k5alloc(keybytes, &ret);
-    if (ret)
-        goto cleanup;
-    rnd = k5alloc(keybytes, &ret);
-    if (ret)
-        goto cleanup;
-    combined = k5calloc(2, keybytes, &ret);
-    if (ret)
-        goto cleanup;
-    output = k5alloc(keylength, &ret);
-    if (ret)
-        goto cleanup;
-
-    /*
-     * Get R1 and R2 (by running the input keys through the DR algorithm.
-     * Note this is most of derive-key, but not all.
-     */
-
-    input.length = key2->length;
-    input.data = (char *) key2->contents;
-    ret = dr(enc, key1, r1, &input);
-    if (ret)
-        goto cleanup;
-
-    input.length = key1->length;
-    input.data = (char *) key1->contents;
-    ret = dr(enc, key2, r2, &input);
-    if (ret)
-        goto cleanup;
-
-    /*
-     * Concatenate the two keys together, and then run them through
-     * n-fold to reduce them to a length appropriate for the random-to-key
-     * operation.  Note here that krb5int_nfold() takes sizes in bits, hence
-     * the multiply by 8.
-     */
-
-    memcpy(combined, r1, keybytes);
-    memcpy(combined + keybytes, r2, keybytes);
-
-    krb5int_nfold((keybytes * 2) * 8, combined, keybytes * 8, rnd);
-
-    /*
-     * Run the "random" bits through random-to-key to produce a encryption
-     * key.
-     */
-
-    randbits.length = keybytes;
-    randbits.data = (char *) rnd;
-    tkeyblock.length = keylength;
-    tkeyblock.contents = output;
-    tkeyblock.enctype = key1->enctype;
-
-    ret = (*ktp->rand2key)(&randbits, &tkeyblock);
-    if (ret)
-        goto cleanup;
-
-    ret = krb5_k_create_key(NULL, &tkeyblock, &tkey);
-    if (ret)
-        goto cleanup;
-
-    /*
-     * Run through derive-key one more time to produce the final key.
-     * Note that the input to derive-key is the ASCII string "combine".
-     */
-
-    input.length = 7;
-    input.data = "combine";
-
-    /*
-     * Just FYI: _if_ we have space here in the key, then simply use it
-     * without modification.  But if the key is blank (no allocated storage)
-     * then allocate some memory for it.  This allows programs to use one of
-     * the existing keys as the output key, _or_ pass in a blank keyblock
-     * for us to allocate.  It's easier for us to allocate it since we already
-     * know the crypto library internals
-     */
-
-    if (outkey->length == 0 || outkey->contents == NULL) {
-        outkey->contents = k5alloc(keylength, &ret);
-        if (ret)
-            goto cleanup;
-        outkey->length = keylength;
-        outkey->enctype = key1->enctype;
-        myalloc = TRUE;
-    }
-
-    ret = krb5int_derive_keyblock(enc, NULL, tkey, outkey, &input,
-                                  DERIVE_RFC3961);
-    if (ret) {
-        if (myalloc) {
-            free(outkey->contents);
-            outkey->contents = NULL;
-        }
-        goto cleanup;
-    }
-
-cleanup:
-    zapfree(r1, keybytes);
-    zapfree(r2, keybytes);
-    zapfree(rnd, keybytes);
-    zapfree(combined, keybytes * 2);
-    zapfree(output, keylength);
-    krb5_k_free_key(NULL, tkey);
-    return ret;
-}
-
-/* Our DR function, a simple wrapper around krb5int_derive_random(). */
-static krb5_error_code
-dr(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey,
-   unsigned char *out, const krb5_data *in_constant)
-{
-    krb5_data outdata = make_data(out, enc->keybytes);
-    krb5_key key = NULL;
-    krb5_error_code ret;
-
-    ret = krb5_k_create_key(NULL, inkey, &key);
-    if (ret != 0)
-        return ret;
-    ret = krb5int_derive_random(enc, NULL, key, &outdata, in_constant,
-                                DERIVE_RFC3961);
-    krb5_k_free_key(NULL, key);
-    return ret;
-}
diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps
index f9a7408..2f4af19 100644
--- a/src/lib/crypto/krb/deps
+++ b/src/lib/crypto/krb/deps
@@ -191,19 +191,6 @@ coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h coll_proof_cksum.c \
   crypto_int.h
-combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \
-  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
-  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
-  $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/crypto_mod.h \
-  $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
-  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
-  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
-  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
-  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
-  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
-  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
-  $(top_srcdir)/include/socket-utils.h combine_keys.c \
-  crypto_int.h
 crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index 6380429..451d5e0 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports
@@ -58,7 +58,6 @@ krb5_c_prf_length
 krb5int_c_mandatory_cksumtype
 krb5_c_fx_cf2_simple
 krb5int_c_weak_enctype
-krb5int_c_combine_keys
 krb5_encrypt_data
 krb5int_c_copy_keyblock
 krb5int_c_copy_keyblock_contents


More information about the cvs-krb5 mailing list