krb5 commit: Remove krb5int_c_combine_keys()
Greg Hudson
ghudson at mit.edu
Wed May 29 19:18:55 EDT 2019
https://github.com/krb5/krb5/commit/925a7df2f486aaa3ff137d2bcdf8ff57186638c6
commit 925a7df2f486aaa3ff137d2bcdf8ff57186638c6
Author: Robbie Harwood <rharwood at redhat.com>
Date: Thu Apr 18 17:27:07 2019 -0400
Remove krb5int_c_combine_keys()
This method of combining keys was specified by
draft-ietf-krb-wg-kerberos-sam for DES and 3DES enctypes, and is
otherwise unused. Remove it.
[ghudson at mit.edu: rewrote commit message]
ticket: 8812
.gitignore | 1 -
src/include/k5-int.h | 7 -
src/lib/crypto/crypto_tests/Makefile.in | 12 +--
src/lib/crypto/crypto_tests/deps | 10 --
src/lib/crypto/crypto_tests/t_combine.c | 62 ---------
src/lib/crypto/krb/Makefile.in | 3 -
src/lib/crypto/krb/combine_keys.c | 227 -------------------------------
src/lib/crypto/krb/deps | 13 --
src/lib/crypto/libk5crypto.exports | 1 -
9 files changed, 3 insertions(+), 333 deletions(-)
diff --git a/.gitignore b/.gitignore
index 975ef54..140f0f8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -297,7 +297,6 @@ local.properties
/src/lib/crypto/crypto_tests/t_cksum5
/src/lib/crypto/crypto_tests/t_cksums
/src/lib/crypto/crypto_tests/t_cmac
-/src/lib/crypto/crypto_tests/t_combine
/src/lib/crypto/crypto_tests/t_cts
/src/lib/crypto/crypto_tests/t_decrypt
/src/lib/crypto/crypto_tests/t_derive
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 0fd1787..6feeb2f 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -672,13 +672,6 @@ zapfreedata(krb5_data *data)
}
}
-/*
- * Combine two keys (normally used by the hardware preauth mechanism)
- */
-krb5_error_code
-krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
- krb5_keyblock *key2, krb5_keyblock *outkey);
-
void krb5int_c_free_keyblock(krb5_context, krb5_keyblock *key);
void krb5int_c_free_keyblock_contents(krb5_context, krb5_keyblock *);
krb5_error_code krb5int_c_init_keyblock(krb5_context, krb5_enctype enctype,
diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in
index 09feeb5..0295ee1 100644
--- a/src/lib/crypto/crypto_tests/Makefile.in
+++ b/src/lib/crypto/crypto_tests/Makefile.in
@@ -23,8 +23,7 @@ EXTRADEPSRCS=\
$(srcdir)/t_short.c \
$(srcdir)/t_str2key.c \
$(srcdir)/t_derive.c \
- $(srcdir)/t_fork.c \
- $(srcdir)/t_combine.c
+ $(srcdir)/t_fork.c
##DOS##BUILDTOP = ..\..\..
@@ -33,8 +32,7 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \
aes-test \
camellia-test \
t_mddriver4 t_mddriver \
- t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2 \
- t_combine
+ t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2
$(RUN_TEST) ./t_nfold
$(RUN_TEST) ./t_encrypt
$(RUN_TEST) ./t_decrypt
@@ -59,7 +57,6 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \
$(RUN_TEST) ./t_fork
$(RUN_TEST) ./t_cf2 <$(srcdir)/t_cf2.in >t_cf2.output
diff t_cf2.output $(srcdir)/t_cf2.expected
- $(RUN_TEST) ./t_combine
# $(RUN_TEST) ./t_pkcs5
t_nfold$(EXEEXT): t_nfold.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
@@ -134,9 +131,6 @@ t_fork$(EXEEXT): t_fork.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
t_cf2$(EXEEXT): t_cf2.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o $@ t_cf2.$(OBJEXT) $(KRB5_BASE_LIBS)
-t_combine$(EXEEXT): t_combine.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $@ t_combine.$(OBJEXT) $(KRB5_BASE_LIBS)
-
clean:
$(RM) t_nfold.o t_nfold t_encrypt t_encrypt.o \
t_decrypt.o t_decrypt t_prng.o t_prng t_cmac.o t_cmac \
@@ -149,7 +143,7 @@ clean:
t_str2key.o t_derive t_derive.o t_fork t_fork.o \
t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) \
camellia-test camellia-test.o camellia-vt.txt \
- t_cf2 t_cf2.o t_cf2.output t_combine.o t_combine
+ t_cf2 t_cf2.o t_cf2.output
-$(RM) t_prng.output
-$(RM) t_prf.output
diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps
index 19fef25..0d10d4a 100644
--- a/src/lib/crypto/crypto_tests/deps
+++ b/src/lib/crypto/crypto_tests/deps
@@ -226,13 +226,3 @@ $(OUTPRE)t_fork.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
$(top_srcdir)/include/socket-utils.h t_fork.c
-$(OUTPRE)t_combine.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h t_combine.c
diff --git a/src/lib/crypto/crypto_tests/t_combine.c b/src/lib/crypto/crypto_tests/t_combine.c
deleted file mode 100644
index ba0622b..0000000
--- a/src/lib/crypto/crypto_tests/t_combine.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/crypto_tests/t_combine.c - krb5int_c_combine_keys tests */
-/*
- * Copyright (C) 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "k5-int.h"
-
-unsigned char des3_key1[] = "\x10\xB6\x75\xD5\x5B\xD9\x6E\x73"
- "\xFD\x54\xB3\x3D\x37\x52\xC1\x2A\xF7\x43\x91\xFE\x1C\x02\x37\x13";
-unsigned char des3_key2[] = "\xC8\xDA\x3E\xA7\xB6\x64\xAE\x7A"
- "\xB5\x70\x2A\x29\xB3\xBF\x9B\xA8\x46\x7C\x5B\xA8\x8A\x46\x70\x10";
-unsigned char des3_result[] = "\x2F\x79\x97\x3E\x3E\xA4\x73\x1A"
- "\xB9\x3D\xEF\x5E\x7C\x29\xFB\x2A\x68\x86\x1F\xC1\x85\x0E\x79\x92";
-
-int
-main(int argc, char **argv)
-{
- krb5_keyblock kb1, kb2, result;
-
- kb1.enctype = ENCTYPE_DES3_CBC_SHA1;
- kb1.contents = des3_key1;
- kb1.length = 24;
- kb2.enctype = ENCTYPE_DES3_CBC_SHA1;
- kb2.contents = des3_key2;
- kb2.length = 24;
- memset(&result, 0, sizeof(result));
- if (krb5int_c_combine_keys(NULL, &kb1, &kb2, &result) != 0)
- abort();
- if (result.enctype != ENCTYPE_DES3_CBC_SHA1 || result.length != 24 ||
- memcmp(result.contents, des3_result, 24) != 0)
- abort();
- krb5_free_keyblock_contents(NULL, &result);
-
- return 0;
-}
diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in
index c0e0b79..536bacb 100644
--- a/src/lib/crypto/krb/Makefile.in
+++ b/src/lib/crypto/krb/Makefile.in
@@ -22,7 +22,6 @@ STLIBOBJS=\
cksumtypes.o \
cmac.o \
coll_proof_cksum.o \
- combine_keys.o \
crypto_length.o \
crypto_libinit.o \
default_state.o \
@@ -84,7 +83,6 @@ OBJS=\
$(OUTPRE)cksumtypes.$(OBJEXT) \
$(OUTPRE)cmac.$(OBJEXT) \
$(OUTPRE)coll_proof_cksum.$(OBJEXT) \
- $(OUTPRE)combine_keys.$(OBJEXT) \
$(OUTPRE)crypto_length.$(OBJEXT) \
$(OUTPRE)crypto_libinit.$(OBJEXT) \
$(OUTPRE)default_state.$(OBJEXT) \
@@ -146,7 +144,6 @@ SRCS=\
$(srcdir)/cksumtypes.c \
$(srcdir)/cmac.c \
$(srcdir)/coll_proof_cksum.c \
- $(srcdir)/combine_keys.c \
$(srcdir)/crypto_length.c \
$(srcdir)/crypto_libinit.c \
$(srcdir)/default_state.c \
diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c
deleted file mode 100644
index c36434e..0000000
--- a/src/lib/crypto/krb/combine_keys.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* Copyright (c) 2002 Naval Research Laboratory (NRL/CCS) */
-/*
- * Permission to use, copy, modify and distribute this software and its
- * documentation is hereby granted, provided that both the copyright
- * notice and this permission notice appear in all copies of the software,
- * derivative works or modified versions, and any portions thereof.
- *
- * NRL ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" CONDITION AND
- * DISCLAIMS ANY LIABILITY OF ANY KIND FOR ANY DAMAGES WHATSOEVER
- * RESULTING FROM THE USE OF THIS SOFTWARE.
- */
-
-/*
- * Key combination function.
- *
- * If Key1 and Key2 are two keys to be combined, the algorithm to combine
- * them is as follows.
- *
- * Definitions:
- *
- * k-truncate is defined as truncating to the key size the input.
- *
- * DR is defined as the generate "random" data from a key
- * (defined in crypto draft)
- *
- * DK is defined as the key derivation function (krb5int_derive_key())
- *
- * (note: | means "concatenate")
- *
- * Combine key algorithm:
- *
- * R1 = DR(Key1, n-fold(Key2)) [ Output is length of Key1 ]
- * R2 = DR(Key2, n-fold(Key1)) [ Output is length of Key2 ]
- *
- * rnd = n-fold(R1 | R2) [ Note: output size of nfold must be appropriately
- * sized for random-to-key function ]
- * tkey = random-to-key(rnd)
- * Combine-Key(Key1, Key2) = DK(tkey, CombineConstant)
- *
- * CombineConstant is defined as the byte string:
- *
- * { 0x63 0x6f 0x6d 0x62 0x69 0x6e 0x65 }, which corresponds to the
- * ASCII encoding of the string "combine"
- */
-
-#include "crypto_int.h"
-
-static krb5_error_code dr(const struct krb5_enc_provider *enc,
- const krb5_keyblock *inkey, unsigned char *outdata,
- const krb5_data *in_constant);
-
-/*
- * We only support this combine_keys algorithm for des and 3des keys.
- * Everything else should use the PRF defined in the crypto framework.
- * We don't implement that yet.
- */
-
-static krb5_boolean
-enctype_ok(krb5_enctype e)
-{
- switch (e) {
- case ENCTYPE_DES3_CBC_SHA1:
- return TRUE;
- default:
- return FALSE;
- }
-}
-
-krb5_error_code
-krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
- krb5_keyblock *key2, krb5_keyblock *outkey)
-{
- unsigned char *r1 = NULL, *r2 = NULL, *combined = NULL, *rnd = NULL;
- unsigned char *output = NULL;
- size_t keybytes, keylength;
- const struct krb5_enc_provider *enc;
- krb5_data input, randbits;
- krb5_keyblock tkeyblock;
- krb5_key tkey = NULL;
- krb5_error_code ret;
- const struct krb5_keytypes *ktp;
- krb5_boolean myalloc = FALSE;
-
- if (!enctype_ok(key1->enctype) || !enctype_ok(key2->enctype))
- return KRB5_CRYPTO_INTERNAL;
-
- if (key1->length != key2->length || key1->enctype != key2->enctype)
- return KRB5_CRYPTO_INTERNAL;
-
- /* Find our encryption algorithm. */
- ktp = find_enctype(key1->enctype);
- if (ktp == NULL)
- return KRB5_BAD_ENCTYPE;
- enc = ktp->enc;
-
- keybytes = enc->keybytes;
- keylength = enc->keylength;
-
- /* Allocate and set up buffers. */
- r1 = k5alloc(keybytes, &ret);
- if (ret)
- goto cleanup;
- r2 = k5alloc(keybytes, &ret);
- if (ret)
- goto cleanup;
- rnd = k5alloc(keybytes, &ret);
- if (ret)
- goto cleanup;
- combined = k5calloc(2, keybytes, &ret);
- if (ret)
- goto cleanup;
- output = k5alloc(keylength, &ret);
- if (ret)
- goto cleanup;
-
- /*
- * Get R1 and R2 (by running the input keys through the DR algorithm.
- * Note this is most of derive-key, but not all.
- */
-
- input.length = key2->length;
- input.data = (char *) key2->contents;
- ret = dr(enc, key1, r1, &input);
- if (ret)
- goto cleanup;
-
- input.length = key1->length;
- input.data = (char *) key1->contents;
- ret = dr(enc, key2, r2, &input);
- if (ret)
- goto cleanup;
-
- /*
- * Concatenate the two keys together, and then run them through
- * n-fold to reduce them to a length appropriate for the random-to-key
- * operation. Note here that krb5int_nfold() takes sizes in bits, hence
- * the multiply by 8.
- */
-
- memcpy(combined, r1, keybytes);
- memcpy(combined + keybytes, r2, keybytes);
-
- krb5int_nfold((keybytes * 2) * 8, combined, keybytes * 8, rnd);
-
- /*
- * Run the "random" bits through random-to-key to produce a encryption
- * key.
- */
-
- randbits.length = keybytes;
- randbits.data = (char *) rnd;
- tkeyblock.length = keylength;
- tkeyblock.contents = output;
- tkeyblock.enctype = key1->enctype;
-
- ret = (*ktp->rand2key)(&randbits, &tkeyblock);
- if (ret)
- goto cleanup;
-
- ret = krb5_k_create_key(NULL, &tkeyblock, &tkey);
- if (ret)
- goto cleanup;
-
- /*
- * Run through derive-key one more time to produce the final key.
- * Note that the input to derive-key is the ASCII string "combine".
- */
-
- input.length = 7;
- input.data = "combine";
-
- /*
- * Just FYI: _if_ we have space here in the key, then simply use it
- * without modification. But if the key is blank (no allocated storage)
- * then allocate some memory for it. This allows programs to use one of
- * the existing keys as the output key, _or_ pass in a blank keyblock
- * for us to allocate. It's easier for us to allocate it since we already
- * know the crypto library internals
- */
-
- if (outkey->length == 0 || outkey->contents == NULL) {
- outkey->contents = k5alloc(keylength, &ret);
- if (ret)
- goto cleanup;
- outkey->length = keylength;
- outkey->enctype = key1->enctype;
- myalloc = TRUE;
- }
-
- ret = krb5int_derive_keyblock(enc, NULL, tkey, outkey, &input,
- DERIVE_RFC3961);
- if (ret) {
- if (myalloc) {
- free(outkey->contents);
- outkey->contents = NULL;
- }
- goto cleanup;
- }
-
-cleanup:
- zapfree(r1, keybytes);
- zapfree(r2, keybytes);
- zapfree(rnd, keybytes);
- zapfree(combined, keybytes * 2);
- zapfree(output, keylength);
- krb5_k_free_key(NULL, tkey);
- return ret;
-}
-
-/* Our DR function, a simple wrapper around krb5int_derive_random(). */
-static krb5_error_code
-dr(const struct krb5_enc_provider *enc, const krb5_keyblock *inkey,
- unsigned char *out, const krb5_data *in_constant)
-{
- krb5_data outdata = make_data(out, enc->keybytes);
- krb5_key key = NULL;
- krb5_error_code ret;
-
- ret = krb5_k_create_key(NULL, inkey, &key);
- if (ret != 0)
- return ret;
- ret = krb5int_derive_random(enc, NULL, key, &outdata, in_constant,
- DERIVE_RFC3961);
- krb5_k_free_key(NULL, key);
- return ret;
-}
diff --git a/src/lib/crypto/krb/deps b/src/lib/crypto/krb/deps
index f9a7408..2f4af19 100644
--- a/src/lib/crypto/krb/deps
+++ b/src/lib/crypto/krb/deps
@@ -191,19 +191,6 @@ coll_proof_cksum.so coll_proof_cksum.po $(OUTPRE)coll_proof_cksum.$(OBJEXT): \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
$(top_srcdir)/include/socket-utils.h coll_proof_cksum.c \
crypto_int.h
-combine_keys.so combine_keys.po $(OUTPRE)combine_keys.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h $(srcdir)/../builtin/crypto_mod.h \
- $(srcdir)/../builtin/sha2/sha2.h $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
- $(top_srcdir)/include/socket-utils.h combine_keys.c \
- crypto_int.h
crypto_length.so crypto_length.po $(OUTPRE)crypto_length.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports
index 6380429..451d5e0 100644
--- a/src/lib/crypto/libk5crypto.exports
+++ b/src/lib/crypto/libk5crypto.exports
@@ -58,7 +58,6 @@ krb5_c_prf_length
krb5int_c_mandatory_cksumtype
krb5_c_fx_cf2_simple
krb5int_c_weak_enctype
-krb5int_c_combine_keys
krb5_encrypt_data
krb5int_c_copy_keyblock
krb5int_c_copy_keyblock_contents
More information about the cvs-krb5
mailing list