Enforce minimum PBKDF2 iteration count

Also add a testing interface to allow weak iteration counts.
(Published test vectors use weak iteration counts.)

ticket: 7465
target_version: 1.12
tags: pullup

1 files changed, 5 insertions, 0 deletions

diff --git a/src/lib/crypto/krb/s2k_pbkdf2.c b/src/lib/crypto/krb/s2k_pbkdf2.c
index 4ada811ec..e22391111 100644
--- a/src/lib/crypto/krb/s2k_pbkdf2.c
+++ b/src/lib/crypto/krb/s2k_pbkdf2.c
@@ -103,6 +103,8 @@ cleanup:
 
 #define MAX_ITERATION_COUNT             0x1000000L
 
+krb5_boolean k5_allow_weak_pbkdf2iter = FALSE;
+
 static krb5_error_code
 pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string,
                      const krb5_data *salt, const krb5_data *pepper,
@@ -127,6 +129,9 @@ pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string,
             if (((iter_count >> 16) >> 16) != 1)
                 return KRB5_ERR_BAD_S2K_PARAMS;
         }
+        if (!k5_allow_weak_pbkdf2iter && iter_count < def_iter_count)
+            return KRB5_ERR_BAD_S2K_PARAMS;
+
     } else
         iter_count = def_iter_count;