Skip Menu |
 

Subject: finish AES implementation for 1.3
The partial implementation of AES in the current code base needs to be
finished.

File cvs changes with this ticket, or dependent tickets.
From: raeburn@mit.edu
Subject: CVS Commit
Avoid really, really huge cpu time usage caused by iteration count in
spoofed preauth data. (Merely huge cpu time usage is probably still
possible.)

* aes_s2k.c (krb5int_aes_string_to_key): Return an error if the supplied
iteration count is really, really large.


To generate a diff of this commit:



cvs diff -r1.4 -r1.5 krb5/src/lib/crypto/aes/ChangeLog
cvs diff -r1.1 -r1.2 krb5/src/lib/crypto/aes/aes_s2k.c
From: raeburn@mit.edu
Subject: CVS Commit
Finish implementation of CBC+CTS decryption and truncated HMAC for AES.
Fix memory management bugs.


To generate a diff of this commit:



cvs diff -r5.136 -r5.137 krb5/src/lib/crypto/ChangeLog
cvs diff -r5.9 -r5.10 krb5/src/lib/crypto/etypes.c
cvs diff -r5.4 -r5.5 krb5/src/lib/crypto/pbkdf2.c
cvs diff -r1.18 -r1.19 krb5/src/lib/crypto/dk/ChangeLog
cvs diff -r1.6 -r1.7 krb5/src/lib/crypto/dk/dk.h
krb5/src/lib/crypto/dk/dk_decrypt.c
krb5/src/lib/crypto/dk/dk_encrypt.c
cvs diff -r1.19 -r1.20 krb5/src/lib/crypto/enc_provider/ChangeLog
cvs diff -r1.2 -r1.3 krb5/src/lib/crypto/enc_provider/aes.c
From: raeburn@mit.edu
Subject: CVS Commit
* dk_encrypt.c (krb5int_aes_dk_encrypt): Set output length properly.


To generate a diff of this commit:



cvs diff -r1.19 -r1.20 krb5/src/lib/crypto/dk/ChangeLog
cvs diff -r1.7 -r1.8 krb5/src/lib/crypto/dk/dk_encrypt.c
From: raeburn@mit.edu
Subject: CVS Commit
* init_ctx.c (DEFAULT_ETYPE_LIST): Add AES with 256 bits at the front of the
list. No 128-bit support by defaut.


To generate a diff of this commit:



cvs diff -r5.381 -r5.382 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.68 -r5.69 krb5/src/lib/krb5/krb/init_ctx.c
From: raeburn@mit.edu
Subject: CVS Commit
Note to self: Save buffers before checkin, not after. Grr.


To generate a diff of this commit:



cvs diff -r5.69 -r5.70 krb5/src/lib/krb5/krb/init_ctx.c
From: raeburn@mit.edu
Subject: CVS Commit
Test AES. ** Not all tests pass at present. **

* default.exp: Add passes for testing AES.
(start_kerberos_daemons): Add a small delay between starting the "tail -f"
processes and appending the markers to their files.
(spawn_xterm): Add RLOGIN, RLOGIND, FTP, and FTPD to the list of variables to
export to the environment. Check that variables are defined before exporting
them.


To generate a diff of this commit:



cvs diff -r1.75 -r1.76 krb5/src/tests/dejagnu/config/ChangeLog
cvs diff -r1.79 -r1.80 krb5/src/tests/dejagnu/config/default.exp
From: raeburn@mit.edu
Subject: CVS Commit
* alt_prof.c (kadm5_get_config_params): Add aes256 to the default supported
enctypes list.


To generate a diff of this commit:



cvs diff -r1.88 -r1.89 krb5/src/lib/kadm5/ChangeLog
cvs diff -r1.35 -r1.36 krb5/src/lib/kadm5/alt_prof.c
From: raeburn@mit.edu
Subject: CVS Commit
* definitions.texinfo (DefaultETypeList, DefaultSupportedEnctypes): Update for
AES.
* install.texinfo (Client Machine Configuration Files): Fix typo in variable
reference.


To generate a diff of this commit:



cvs diff -r1.69 -r1.70 krb5/doc/ChangeLog
cvs diff -r1.13 -r1.14 krb5/doc/definitions.texinfo
cvs diff -r1.24 -r1.25 krb5/doc/install.texinfo
Basic AES implementation is done, and seems to be working; some bugs are
being triggered in the test suite. Mostly these have to do with GSS not
supporting AES for 1.3, and that's tracked in ticket 1429.
From: tlyu@mit.edu
Subject: CVS Commit
Download (untitled) / with headers
text/plain 1.5KiB
pullups from trunk. if there is still a memory management bug
relating to [1429] it should be opened as a separate bug.


To generate a diff of this commit:



cvs diff -r1.68.2.2 -r1.68.2.3 krb5/doc/ChangeLog
cvs diff -r1.13.2.1 -r1.13.2.2 krb5/doc/definitions.texinfo
cvs diff -r1.24 -r1.24.2.1 krb5/doc/install.texinfo
cvs diff -r1.348.2.7 -r1.348.2.8 krb5/src/include/ChangeLog
cvs diff -r1.135.2.3 -r1.135.2.4 krb5/src/include/k5-int.h
cvs diff -r5.136.2.1 -r5.136.2.2 krb5/src/lib/crypto/ChangeLog
cvs diff -r5.9 -r5.9.2.1 krb5/src/lib/crypto/etypes.c
cvs diff -r5.4 -r5.4.2.1 krb5/src/lib/crypto/pbkdf2.c
cvs diff -r1.4.2.1 -r1.4.2.2 krb5/src/lib/crypto/aes/ChangeLog
cvs diff -r1.1 -r1.1.2.1 krb5/src/lib/crypto/aes/aes_s2k.c
cvs diff -r1.18 -r1.18.2.1 krb5/src/lib/crypto/dk/ChangeLog
cvs diff -r1.6 -r1.6.2.1 krb5/src/lib/crypto/dk/dk.h
cvs diff -r1.6 -r1.6.4.1 krb5/src/lib/crypto/dk/dk_decrypt.c
krb5/src/lib/crypto/dk/dk_encrypt.c
cvs diff -r1.19 -r1.19.2.1
krb5/src/lib/crypto/enc_provider/ChangeLog
cvs diff -r1.2 -r1.2.2.1 krb5/src/lib/crypto/enc_provider/aes.c
cvs diff -r1.88 -r1.88.2.1 krb5/src/lib/kadm5/ChangeLog
cvs diff -r1.35 -r1.35.2.1 krb5/src/lib/kadm5/alt_prof.c
cvs diff -r5.378.2.7 -r5.378.2.8 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.20 -r5.20.2.1 krb5/src/lib/krb5/krb/fwd_tgt.c
cvs diff -r5.47.2.1 -r5.47.2.2 krb5/src/lib/krb5/krb/gc_frm_kdc.c
cvs diff -r5.68 -r5.68.2.1 krb5/src/lib/krb5/krb/init_ctx.c
cvs diff -r1.72.2.1 -r1.72.2.2
krb5/src/tests/dejagnu/config/ChangeLog
cvs diff -r1.76.2.1 -r1.76.2.2
krb5/src/tests/dejagnu/config/default.exp