diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-02-28 23:57:56 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-02-28 23:57:56 +0000 |
| commit | 8bca4d095c32c35af8f0972e00a92925f9c1c8cf (patch) | |
| tree | 55fcb8bf0afee7f3f2749f251532938e51539638 /src/lib/crypto/krb/arcfour | |
| parent | 32e465127666a7b4ea2f37f99c1dd3ecb2ce24e7 (diff) | |
| download | krb5-8bca4d095c32c35af8f0972e00a92925f9c1c8cf.tar.gz krb5-8bca4d095c32c35af8f0972e00a92925f9c1c8cf.tar.xz krb5-8bca4d095c32c35af8f0972e00a92925f9c1c8cf.zip | |
Simplify lib/crypto/krb/arcfour in the wake of r23444. Move the
contents of arcfour_aead.c into arcfour.c, turn the key derivation
helper functions into static functions, and eliminate arcfour-int.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24673 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/krb/arcfour')
| -rw-r--r-- | src/lib/crypto/krb/arcfour/Makefile.in | 3 | ||||
| -rw-r--r-- | src/lib/crypto/krb/arcfour/arcfour-int.h | 33 | ||||
| -rw-r--r-- | src/lib/crypto/krb/arcfour/arcfour.c | 281 | ||||
| -rw-r--r-- | src/lib/crypto/krb/arcfour/arcfour.h | 3 | ||||
| -rw-r--r-- | src/lib/crypto/krb/arcfour/arcfour_aead.c | 296 | ||||
| -rw-r--r-- | src/lib/crypto/krb/arcfour/deps | 23 |
6 files changed, 276 insertions, 363 deletions
diff --git a/src/lib/crypto/krb/arcfour/Makefile.in b/src/lib/crypto/krb/arcfour/Makefile.in index 589431d22..ce2912884 100644 --- a/src/lib/crypto/krb/arcfour/Makefile.in +++ b/src/lib/crypto/krb/arcfour/Makefile.in @@ -13,17 +13,14 @@ PROG_RPATH=$(KRB5_LIBDIR) STLIBOBJS=\ arcfour.o \ - arcfour_aead.o \ arcfour_s2k.o OBJS=\ $(OUTPRE)arcfour.$(OBJEXT) \ - $(OUTPRE)arcfour_aead.$(OBJEXT) \ $(OUTPRE)arcfour_s2k.$(OBJEXT) SRCS=\ $(srcdir)/arcfour.c \ - $(srcdir)/arcfour_aead.c\ $(srcdir)/arcfour_s2k.c ##DOS##LIBOBJS = $(OBJS) diff --git a/src/lib/crypto/krb/arcfour/arcfour-int.h b/src/lib/crypto/krb/arcfour/arcfour-int.h deleted file mode 100644 index 15ab75bbd..000000000 --- a/src/lib/crypto/krb/arcfour/arcfour-int.h +++ /dev/null @@ -1,33 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - - ARCFOUR cipher (based on a cipher posted on the Usenet in Spring-95). - This cipher is widely believed and has been tested to be equivalent - with the RC4 cipher from RSA Data Security, Inc. (RC4 is a trademark - of RSA Data Security) - -*/ -#ifndef ARCFOUR_INT_H -#define ARCFOUR_INT_H - -#include "arcfour.h" - -#define CONFOUNDERLENGTH 8 - -krb5_keyusage -krb5int_arcfour_translate_usage(krb5_keyusage usage); - -krb5_error_code -krb5int_arcfour_usage_key(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *session_keyblock, - krb5_keyusage usage, - krb5_keyblock *out); - -krb5_error_code -krb5int_arcfour_enc_key(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *usage_keyblock, - const krb5_data *checksum, krb5_keyblock *out); - -#endif /* ARCFOUR_INT_H */ diff --git a/src/lib/crypto/krb/arcfour/arcfour.c b/src/lib/crypto/krb/arcfour/arcfour.c index 783b777ca..4793cc38d 100644 --- a/src/lib/crypto/krb/arcfour/arcfour.c +++ b/src/lib/crypto/krb/arcfour/arcfour.c @@ -8,9 +8,12 @@ */ #include "k5-int.h" -#include "arcfour-int.h" +#include "arcfour.h" +#include "aead.h" #include "hash_provider/hash_provider.h" +#define CONFOUNDERLENGTH 8 + const char l40[] = "fortybits"; krb5_keyusage @@ -35,12 +38,11 @@ krb5int_arcfour_translate_usage(krb5_keyusage usage) } /* Derive a usage key from a session key and krb5 usage constant. */ -krb5_error_code -krb5int_arcfour_usage_key(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *session_keyblock, - krb5_keyusage usage, - krb5_keyblock *out) +static krb5_error_code +usage_key(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *session_keyblock, krb5_keyusage usage, + krb5_keyblock *out) { char salt_buf[14]; unsigned int salt_len; @@ -66,11 +68,11 @@ krb5int_arcfour_usage_key(const struct krb5_enc_provider *enc, } /* Derive an encryption key from a usage key and (typically) checksum. */ -krb5_error_code -krb5int_arcfour_enc_key(const struct krb5_enc_provider *enc, - const struct krb5_hash_provider *hash, - const krb5_keyblock *usage_keyblock, - const krb5_data *checksum, krb5_keyblock *out) +static krb5_error_code +enc_key(const struct krb5_enc_provider *enc, + const struct krb5_hash_provider *hash, + const krb5_keyblock *usage_keyblock, const krb5_data *checksum, + krb5_keyblock *out) { krb5_keyblock *trunc_keyblock = NULL; krb5_data out_data = make_data(out->contents, out->length); @@ -91,3 +93,258 @@ krb5int_arcfour_enc_key(const struct krb5_enc_provider *enc, krb5int_c_free_keyblock(NULL, trunc_keyblock); return ret; } + +unsigned int +krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, + krb5_cryptotype type) +{ + switch (type) { + case KRB5_CRYPTO_TYPE_HEADER: + return ktp->hash->hashsize + CONFOUNDERLENGTH; + case KRB5_CRYPTO_TYPE_PADDING: + case KRB5_CRYPTO_TYPE_TRAILER: + return 0; + case KRB5_CRYPTO_TYPE_CHECKSUM: + return ktp->hash->hashsize; + default: + assert(0 && + "invalid cryptotype passed to krb5int_arcfour_crypto_length"); + return 0; + } +} + +/* Encrypt or decrypt using a keyblock. */ +static krb5_error_code +keyblock_crypt(const struct krb5_enc_provider *enc, krb5_keyblock *keyblock, + const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) +{ + krb5_error_code ret; + krb5_key key; + + ret = krb5_k_create_key(NULL, keyblock, &key); + if (ret != 0) + return ret; + /* Works for encryption or decryption since arcfour is a stream cipher. */ + ret = enc->encrypt(key, ivec, data, num_data); + krb5_k_free_key(NULL, key); + return ret; +} + +krb5_error_code +krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_error_code ret; + krb5_crypto_iov *header, *trailer; + krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; + krb5_data checksum, confounder, header_data; + size_t i; + + /* + * Caller must have provided space for the header, padding + * and trailer; per RFC 4757 we will arrange it as: + * + * Checksum | E(Confounder | Plaintext) + */ + + header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (header == NULL || + header->data.length < hash->hashsize + CONFOUNDERLENGTH) + return KRB5_BAD_MSIZE; + + header_data = header->data; + + /* Trailer may be absent. */ + trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (trailer != NULL) + trailer->data.length = 0; + + /* Ensure that there is no padding. */ + for (i = 0; i < num_data; i++) { + if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING) + data[i].data.length = 0; + } + + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &usage_keyblock); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &enc_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive a usage key from the session key and usage. */ + ret = usage_key(enc, hash, &key->keyblock, usage, usage_keyblock); + if (ret != 0) + goto cleanup; + + /* Generate a confounder in the header block, after the checksum. */ + header->data.length = hash->hashsize + CONFOUNDERLENGTH; + confounder = make_data(header->data.data + hash->hashsize, + CONFOUNDERLENGTH); + ret = krb5_c_random_make_octets(0, &confounder); + if (ret != 0) + goto cleanup; + checksum = make_data(header->data.data, hash->hashsize); + + /* Adjust pointers so confounder is at start of header. */ + header->data.length -= hash->hashsize; + header->data.data += hash->hashsize; + + /* Compute the checksum using the usage key. */ + ret = krb5int_hmac_keyblock(hash, usage_keyblock, data, num_data, + &checksum); + if (ret != 0) + goto cleanup; + + /* Derive the encryption key from the usage key and checksum. */ + ret = enc_key(enc, hash, usage_keyblock, &checksum, enc_keyblock); + if (ret) + goto cleanup; + + ret = keyblock_crypt(enc, enc_keyblock, ivec, data, num_data); + +cleanup: + header->data = header_data; /* Restore header pointers. */ + krb5int_c_free_keyblock(NULL, usage_keyblock); + krb5int_c_free_keyblock(NULL, enc_keyblock); + return ret; +} + +krb5_error_code +krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key, + krb5_keyusage usage, const krb5_data *ivec, + krb5_crypto_iov *data, size_t num_data) +{ + const struct krb5_enc_provider *enc = ktp->enc; + const struct krb5_hash_provider *hash = ktp->hash; + krb5_error_code ret; + krb5_crypto_iov *header, *trailer; + krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; + krb5_data checksum, header_data, comp_checksum = empty_data(); + + header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (header == NULL || + header->data.length != hash->hashsize + CONFOUNDERLENGTH) + return KRB5_BAD_MSIZE; + + header_data = header->data; + + trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (trailer != NULL && trailer->data.length != 0) + return KRB5_BAD_MSIZE; + + /* Allocate buffers. */ + ret = alloc_data(&comp_checksum, hash->hashsize); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &usage_keyblock); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, + &enc_keyblock); + if (ret != 0) + goto cleanup; + + checksum = make_data(header->data.data, hash->hashsize); + + /* Adjust pointers so confounder is at start of header. */ + header->data.length -= hash->hashsize; + header->data.data += hash->hashsize; + + /* We may have to try two usage values; see below. */ + do { + /* Derive a usage key from the session key and usage. */ + ret = usage_key(enc, hash, &key->keyblock, usage, usage_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive the encryption key from the usage key and checksum. */ + ret = enc_key(enc, hash, usage_keyblock, &checksum, enc_keyblock); + if (ret) + goto cleanup; + + /* Decrypt the ciphertext. */ + ret = keyblock_crypt(enc, enc_keyblock, ivec, data, num_data); + if (ret != 0) + goto cleanup; + + /* Compute HMAC(usage key, plaintext) to get the checksum. */ + ret = krb5int_hmac_keyblock(hash, usage_keyblock, data, num_data, + &comp_checksum); + if (ret != 0) + goto cleanup; + + if (memcmp(checksum.data, comp_checksum.data, hash->hashsize) != 0) { + if (usage == 9) { + /* + * RFC 4757 specifies usage 8 for TGS-REP encrypted parts + * encrypted in a subkey, but the value used by MS is actually + * 9. We now use 9 to start with, but fall back to 8 on + * failure in case we are communicating with a KDC using the + * value from the RFC. ivec is always NULL in this case. + * We need to re-encrypt the data in the wrong key first. + */ + ret = keyblock_crypt(enc, enc_keyblock, NULL, data, num_data); + if (ret != 0) + goto cleanup; + usage = 8; + continue; + } + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + goto cleanup; + } + + break; + } while (1); + +cleanup: + header->data = header_data; /* Restore header pointers. */ + krb5int_c_free_keyblock(NULL, usage_keyblock); + krb5int_c_free_keyblock(NULL, enc_keyblock); + zapfree(comp_checksum.data, comp_checksum.length); + return ret; +} + +krb5_error_code +krb5int_arcfour_gsscrypt(const krb5_keyblock *keyblock, krb5_keyusage usage, + const krb5_data *kd_data, krb5_crypto_iov *data, + size_t num_data) +{ + const struct krb5_enc_provider *enc = &krb5int_enc_arcfour; + const struct krb5_hash_provider *hash = &krb5int_hash_md5; + krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; + krb5_error_code ret; + + ret = krb5int_c_init_keyblock(NULL, keyblock->enctype, enc->keybytes, + &usage_keyblock); + if (ret != 0) + goto cleanup; + ret = krb5int_c_init_keyblock(NULL, keyblock->enctype, enc->keybytes, + &enc_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive a usage key from the session key and usage. */ + ret = usage_key(enc, hash, keyblock, usage, usage_keyblock); + if (ret != 0) + goto cleanup; + + /* Derive the encryption key from the usage key and kd_data. */ + ret = enc_key(enc, hash, usage_keyblock, kd_data, enc_keyblock); + if (ret != 0) + goto cleanup; + + /* Encrypt or decrypt (encrypt_iov works for both) the input. */ + ret = keyblock_crypt(enc, enc_keyblock, 0, data, num_data); + +cleanup: + krb5int_c_free_keyblock(NULL, usage_keyblock); + krb5int_c_free_keyblock(NULL, enc_keyblock); + return ret; +} diff --git a/src/lib/crypto/krb/arcfour/arcfour.h b/src/lib/crypto/krb/arcfour/arcfour.h index 7ec0d77b9..34cbcc0f3 100644 --- a/src/lib/crypto/krb/arcfour/arcfour.h +++ b/src/lib/crypto/krb/arcfour/arcfour.h @@ -4,6 +4,9 @@ #include "etypes.h" +krb5_keyusage +krb5int_arcfour_translate_usage(krb5_keyusage usage); + unsigned int krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, krb5_cryptotype type); diff --git a/src/lib/crypto/krb/arcfour/arcfour_aead.c b/src/lib/crypto/krb/arcfour/arcfour_aead.c deleted file mode 100644 index 6f8292134..000000000 --- a/src/lib/crypto/krb/arcfour/arcfour_aead.c +++ /dev/null @@ -1,296 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * lib/crypto/arcfour/arcfour_aead.c - * - * Copyright 2008 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include "k5-int.h" -#include "arcfour.h" -#include "arcfour-int.h" -#include "hash_provider/hash_provider.h" -#include "aead.h" - -/* AEAD */ - -unsigned int -krb5int_arcfour_crypto_length(const struct krb5_keytypes *ktp, - krb5_cryptotype type) -{ - switch (type) { - case KRB5_CRYPTO_TYPE_HEADER: - return ktp->hash->hashsize + CONFOUNDERLENGTH; - case KRB5_CRYPTO_TYPE_PADDING: - case KRB5_CRYPTO_TYPE_TRAILER: - return 0; - case KRB5_CRYPTO_TYPE_CHECKSUM: - return ktp->hash->hashsize; - default: - assert(0 && - "invalid cryptotype passed to krb5int_arcfour_crypto_length"); - return 0; - } -} - -/* Encrypt or decrypt using a keyblock. */ -static krb5_error_code -keyblock_crypt(const struct krb5_enc_provider *enc, krb5_keyblock *keyblock, - const krb5_data *ivec, krb5_crypto_iov *data, size_t num_data) -{ - krb5_error_code ret; - krb5_key key; - - ret = krb5_k_create_key(NULL, keyblock, &key); - if (ret != 0) - return ret; - /* Works for encryption or decryption since arcfour is a stream cipher. */ - ret = enc->encrypt(key, ivec, data, num_data); - krb5_k_free_key(NULL, key); - return ret; -} - -krb5_error_code -krb5int_arcfour_encrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data) -{ - const struct krb5_enc_provider *enc = ktp->enc; - const struct krb5_hash_provider *hash = ktp->hash; - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; - krb5_data checksum, confounder, header_data; - size_t i; - - /* - * Caller must have provided space for the header, padding - * and trailer; per RFC 4757 we will arrange it as: - * - * Checksum | E(Confounder | Plaintext) - */ - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || - header->data.length < hash->hashsize + CONFOUNDERLENGTH) - return KRB5_BAD_MSIZE; - - header_data = header->data; - - /* Trailer may be absent. */ - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer != NULL) - trailer->data.length = 0; - - /* Ensure that there is no padding. */ - for (i = 0; i < num_data; i++) { - if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING) - data[i].data.length = 0; - } - - ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, - &usage_keyblock); - if (ret != 0) - goto cleanup; - ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, - &enc_keyblock); - if (ret != 0) - goto cleanup; - - /* Derive a usage key from the session key and usage. */ - ret = krb5int_arcfour_usage_key(enc, hash, &key->keyblock, usage, - usage_keyblock); - if (ret != 0) - goto cleanup; - - /* Generate a confounder in the header block, after the checksum. */ - header->data.length = hash->hashsize + CONFOUNDERLENGTH; - confounder = make_data(header->data.data + hash->hashsize, - CONFOUNDERLENGTH); - ret = krb5_c_random_make_octets(0, &confounder); - if (ret != 0) - goto cleanup; - checksum = make_data(header->data.data, hash->hashsize); - - /* Adjust pointers so confounder is at start of header. */ - header->data.length -= hash->hashsize; - header->data.data += hash->hashsize; - - /* Compute the checksum using the usage key. */ - ret = krb5int_hmac_keyblock(hash, usage_keyblock, data, num_data, - &checksum); - if (ret != 0) - goto cleanup; - - /* Derive the encryption key from the usage key and checksum. */ - ret = krb5int_arcfour_enc_key(enc, hash, usage_keyblock, &checksum, - enc_keyblock); - if (ret) - goto cleanup; - - ret = keyblock_crypt(enc, enc_keyblock, ivec, data, num_data); - -cleanup: - header->data = header_data; /* Restore header pointers. */ - krb5int_c_free_keyblock(NULL, usage_keyblock); - krb5int_c_free_keyblock(NULL, enc_keyblock); - return ret; -} - -krb5_error_code -krb5int_arcfour_decrypt(const struct krb5_keytypes *ktp, krb5_key key, - krb5_keyusage usage, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data) -{ - const struct krb5_enc_provider *enc = ktp->enc; - const struct krb5_hash_provider *hash = ktp->hash; - krb5_error_code ret; - krb5_crypto_iov *header, *trailer; - krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; - krb5_data checksum, header_data, comp_checksum = empty_data(); - - header = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_HEADER); - if (header == NULL || - header->data.length != hash->hashsize + CONFOUNDERLENGTH) - return KRB5_BAD_MSIZE; - - header_data = header->data; - - trailer = krb5int_c_locate_iov(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); - if (trailer != NULL && trailer->data.length != 0) - return KRB5_BAD_MSIZE; - - /* Allocate buffers. */ - ret = alloc_data(&comp_checksum, hash->hashsize); - if (ret != 0) - goto cleanup; - ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, - &usage_keyblock); - if (ret != 0) - goto cleanup; - ret = krb5int_c_init_keyblock(NULL, key->keyblock.enctype, enc->keybytes, - &enc_keyblock); - if (ret != 0) - goto cleanup; - - checksum = make_data(header->data.data, hash->hashsize); - - /* Adjust pointers so confounder is at start of header. */ - header->data.length -= hash->hashsize; - header->data.data += hash->hashsize; - - /* We may have to try two usage values; see below. */ - do { - /* Derive a usage key from the session key and usage. */ - ret = krb5int_arcfour_usage_key(enc, hash, &key->keyblock, usage, - usage_keyblock); - if (ret != 0) - goto cleanup; - - /* Derive the encryption key from the usage key and checksum. */ - ret = krb5int_arcfour_enc_key(enc, hash, usage_keyblock, &checksum, - enc_keyblock); - if (ret) - goto cleanup; - - /* Decrypt the ciphertext. */ - ret = keyblock_crypt(enc, enc_keyblock, ivec, data, num_data); - if (ret != 0) - goto cleanup; - - /* Compute HMAC(usage key, plaintext) to get the checksum. */ - ret = krb5int_hmac_keyblock(hash, usage_keyblock, data, num_data, - &comp_checksum); - if (ret != 0) - goto cleanup; - - if (memcmp(checksum.data, comp_checksum.data, hash->hashsize) != 0) { - if (usage == 9) { - /* - * RFC 4757 specifies usage 8 for TGS-REP encrypted parts - * encrypted in a subkey, but the value used by MS is actually - * 9. We now use 9 to start with, but fall back to 8 on - * failure in case we are communicating with a KDC using the - * value from the RFC. ivec is always NULL in this case. - * We need to re-encrypt the data in the wrong key first. - */ - ret = keyblock_crypt(enc, enc_keyblock, NULL, data, num_data); - if (ret != 0) - goto cleanup; - usage = 8; - continue; - } - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - goto cleanup; - } - - break; - } while (1); - -cleanup: - header->data = header_data; /* Restore header pointers. */ - krb5int_c_free_keyblock(NULL, usage_keyblock); - krb5int_c_free_keyblock(NULL, enc_keyblock); - zapfree(comp_checksum.data, comp_checksum.length); - return ret; -} - -krb5_error_code -krb5int_arcfour_gsscrypt(const krb5_keyblock *keyblock, krb5_keyusage usage, - const krb5_data *kd_data, krb5_crypto_iov *data, - size_t num_data) -{ - const struct krb5_enc_provider *enc = &krb5int_enc_arcfour; - const struct krb5_hash_provider *hash = &krb5int_hash_md5; - krb5_keyblock *usage_keyblock = NULL, *enc_keyblock = NULL; - krb5_error_code ret; - - ret = krb5int_c_init_keyblock(NULL, keyblock->enctype, enc->keybytes, - &usage_keyblock); - if (ret != 0) - goto cleanup; - ret = krb5int_c_init_keyblock(NULL, keyblock->enctype, enc->keybytes, - &enc_keyblock); - if (ret != 0) - goto cleanup; - - /* Derive a usage key from the session key and usage. */ - ret = krb5int_arcfour_usage_key(enc, hash, keyblock, usage, - usage_keyblock); - if (ret != 0) - goto cleanup; - - /* Derive the encryption key from the usage key and kd_data. */ - ret = krb5int_arcfour_enc_key(enc, hash, usage_keyblock, kd_data, - enc_keyblock); - if (ret != 0) - goto cleanup; - - /* Encrypt or decrypt (encrypt_iov works for both) the input. */ - ret = keyblock_crypt(enc, enc_keyblock, 0, data, num_data); - -cleanup: - krb5int_c_free_keyblock(NULL, usage_keyblock); - krb5int_c_free_keyblock(NULL, enc_keyblock); - return ret; -} diff --git a/src/lib/crypto/krb/arcfour/deps b/src/lib/crypto/krb/arcfour/deps index 8d026c451..2bfa78931 100644 --- a/src/lib/crypto/krb/arcfour/deps +++ b/src/lib/crypto/krb/arcfour/deps @@ -3,7 +3,7 @@ # arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../openssl/hash_provider/hash_provider.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ @@ -12,25 +12,11 @@ arcfour.so arcfour.po $(OUTPRE)arcfour.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - arcfour-int.h arcfour.c arcfour.h -arcfour_aead.so arcfour_aead.po $(OUTPRE)arcfour_aead.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../openssl/hash_provider/hash_provider.h \ - $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h $(srcdir)/../etypes.h \ - $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ - $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ - $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ - $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ - $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ - $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ - $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h arcfour-int.h \ - arcfour.h arcfour_aead.c + arcfour.c arcfour.h arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(srcdir)/../../openssl/md4/rsa-md4.h \ + $(COM_ERR_DEPS) $(srcdir)/../../builtin/hash_provider/hash_provider.h \ $(srcdir)/../etypes.h $(top_srcdir)/include/k5-buf.h \ $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ @@ -39,5 +25,4 @@ arcfour_s2k.so arcfour_s2k.po $(OUTPRE)arcfour_s2k.$(OBJEXT): \ $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/krb5.h \ $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/port-sockets.h \ - $(top_srcdir)/include/socket-utils.h arcfour-int.h \ - arcfour.h arcfour_s2k.c + $(top_srcdir)/include/socket-utils.h arcfour.h arcfour_s2k.c |