Skip Menu |
 

Subject: Remove single-DES support
Release 1.8 began a transition away from single-DES support by
requiring "allow_weak_crypto = true". Due to the 56-bit key size of
single-DES, an unknown key can be recovered via brute-force attack
with a small investment in cloud computing resources.

This ticket removes single-DES support for release 1.18.
Specifically, it removes:

* The afs3 and v4 salt types. The afs3 salt type indicates an AFS-
specific string-to-key function which only applies to single-DES
keys. The v4 salt type (indicating the empty salt) was a
transitional measure for converting krb4 databases; although it was
not restricted for use with single-DES keys, it is not useful for
other key types.

* The des-cbc-crc, des-cbc-md4, des-cbc-md5, and des-hmac-sha1
encryption types.

* The crc32, des-cbc, md4-des, and md5-des checksum types.
Also to be removed: the des_crc_session_supported profile variable.
From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 1.6KiB

Remove the v4 and afs3 salt types

In preparation for removing single-DES support, remove the v4 and afs3
salt types. The afs3 salt type could only be used with single-DES
keys, and the v4 salt type was only useful for single-DES keys from
krb4 databases.

[ghudson@mit.edu: wrote commit message]

https://github.com/krb5/krb5/commit/e0a35ff48c09a26ebb9aefd7e98855a84574b8be
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: e0a35ff48c09a26ebb9aefd7e98855a84574b8be
Branch: master
doc/admin/conf_files/kdc_conf.rst | 2 -
src/include/kdb.h | 4 +-
src/kadmin/testing/proto/kdc.conf.proto | 2 +-
src/kdc/kdc_preauth.c | 40 ++++---------------
.../unit-test/api.current/chpass-principal-v2.exp | 8 ++--
.../unit-test/api.current/get-principal-v2.exp | 4 +-
src/lib/kdb/kdb5.c | 4 --
src/lib/kdb/kdb_cpw.c | 16 +-------
src/lib/krb5/krb/str_conv.c | 2 -
src/lib/krb5/krb/t_get_etype_info.py | 7 ---
src/man/kdc.conf.man | 16 +-------
src/tests/dejagnu/config/default.exp | 17 --------
src/tests/t_etype_info.py | 24 +-----------
src/tests/t_keytab.py | 5 --
src/tests/t_renprinc.py | 2 +-
src/tests/t_salt.py | 26 +------------
src/util/k5test.py | 11 -----
17 files changed, 25 insertions(+), 165 deletions(-)
From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 2.7KiB

Update test suite to avoid single-DES enctypes

Remove the CRC exercise code, since CRC is DES-only.

https://github.com/krb5/krb5/commit/50588db5d26e81f3d564d1f69435af34ae80d9b2
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 50588db5d26e81f3d564d1f69435af34ae80d9b2
Branch: master
src/kadmin/testing/proto/kdc.conf.proto | 2 +-
src/kadmin/testing/util/tcl_kadm5.c | 2 -
src/lib/crypto/crypto_tests/CRC.pm | 156 -----------
src/lib/crypto/crypto_tests/Makefile.in | 31 +--
src/lib/crypto/crypto_tests/crc.pl | 111 --------
src/lib/crypto/crypto_tests/deps | 24 --
src/lib/crypto/crypto_tests/t_cf2.expected | 1 -
src/lib/crypto/crypto_tests/t_cf2.in | 5 -
src/lib/crypto/crypto_tests/t_cksum.c | 160 ------------
src/lib/crypto/crypto_tests/t_cksums.c | 8 +-
src/lib/crypto/crypto_tests/t_combine.c | 18 --
src/lib/crypto/crypto_tests/t_crc.c | 148 -----------
src/lib/crypto/crypto_tests/t_decrypt.c | 148 -----------
src/lib/crypto/crypto_tests/t_encrypt.c | 3 -
src/lib/crypto/crypto_tests/t_short.c | 3 -
src/lib/crypto/crypto_tests/t_str2key.c | 274 --------------------
src/lib/crypto/crypto_tests/vectors.c | 3 +-
.../unit-test/api.current/chpass-principal-v2.exp | 8 +-
.../unit-test/api.current/get-principal-v2.exp | 4 +-
.../unit-test/api.current/randkey-principal-v2.exp | 11 +-
src/lib/kadm5/unit-test/setkey-test.c | 6 +-
src/lib/krb5/keytab/t_keytab.c | 40 ++--
src/lib/krb5/krb/t_etypes.c | 67 +----
src/lib/krb5/krb/t_ser.c | 2 +-
src/lib/krb5/os/t_trace.c | 2 +-
src/lib/krb5/os/t_trace.ref | 2 +-
src/tests/asn.1/ktest.c | 2 +-
src/tests/asn.1/pkinit_encode.out | 2 +-
src/tests/asn.1/pkinit_trval.out | 2 +-
src/tests/dejagnu/config/default.exp | 226 ++---------------
src/tests/gssapi/t_invalid.c | 20 +--
src/tests/gssapi/t_pcontok.c | 17 +-
src/tests/gssapi/t_prf.c | 7 -
src/tests/t_etype_info.py | 4 +-
src/tests/t_keyrollover.py | 6 +-
src/tests/t_salt.py | 2 +-
src/tests/t_sesskeynego.py | 18 +--
src/util/k5test.py | 2 +-
38 files changed, 88 insertions(+), 1459 deletions(-)
From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 3.9KiB

Remove support for single-DES and CRC

Single-DES removal brings us closer to compliance with RFC 6649.
Single-DES was disabled by default starting in release 1.8, and
user-visible deprecation warnings were issued starting in release
1.17.

https://github.com/krb5/krb5/commit/fb2dada5eb89c4cd4e39dedd6dbb7dbd5e94f8b8
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: fb2dada5eb89c4cd4e39dedd6dbb7dbd5e94f8b8
Branch: master
.gitignore | 1 -
doc/admin/advanced/retiring-des.rst | 5 +
doc/admin/conf_files/kdc_conf.rst | 17 +-
doc/admin/conf_files/krb5_conf.rst | 17 +-
doc/admin/enctypes.rst | 38 +-
doc/appdev/refs/macros/index.rst | 1 +
doc/conf.py | 2 +-
doc/mitK5features.rst | 2 +-
src/include/k5-int.h | 1 -
src/include/krb5/krb5.hin | 10 +-
src/include/win-mac.h | 12 -
src/kdc/kdc_util.c | 14 -
src/kdc/main.c | 6 -
src/kdc/realm_data.h | 1 -
src/lib/crypto/builtin/des/des_int.h | 1 -
src/lib/crypto/builtin/enc_provider/Makefile.in | 3 -
src/lib/crypto/builtin/enc_provider/deps | 12 -
src/lib/crypto/builtin/enc_provider/des.c | 120 ----
src/lib/crypto/builtin/hash_provider/Makefile.in | 7 +-
src/lib/crypto/builtin/hash_provider/deps | 13 -
src/lib/crypto/builtin/hash_provider/hash_crc32.c | 56 --
src/lib/crypto/krb/Makefile.in | 9 -
src/lib/crypto/krb/cksumtypes.c | 24 -
src/lib/crypto/krb/combine_keys.c | 3 -
src/lib/crypto/krb/crc32.c | 165 -----
src/lib/crypto/krb/crypto_int.h | 16 -
src/lib/crypto/krb/default_state.c | 4 -
src/lib/crypto/krb/deps | 36 -
src/lib/crypto/krb/enc_old.c | 181 -----
src/lib/crypto/krb/etypes.c | 46 --
src/lib/crypto/krb/s2k_des.c | 691 --------------------
src/lib/crypto/libk5crypto.exports | 1 -
src/lib/crypto/openssl/enc_provider/Makefile.in | 3 -
src/lib/crypto/openssl/enc_provider/deps | 11 -
src/lib/crypto/openssl/enc_provider/des.c | 218 ------
src/lib/crypto/openssl/hash_provider/Makefile.in | 10 +-
src/lib/crypto/openssl/hash_provider/deps | 12 -
src/lib/crypto/openssl/hash_provider/hash_crc32.c | 56 --
src/lib/gssapi/krb5/accept_sec_context.c | 3 -
src/lib/gssapi/krb5/gssapiP_krb5.h | 20 +-
src/lib/gssapi/krb5/k5seal.c | 28 +-
src/lib/gssapi/krb5/k5sealiov.c | 20 -
src/lib/gssapi/krb5/k5unseal.c | 112 ----
src/lib/gssapi/krb5/k5unsealiov.c | 34 +-
src/lib/gssapi/krb5/util_crypt.c | 41 --
src/lib/kadm5/kadm_rpc_xdr.c | 10 -
src/lib/krb5/ccache/cc_mslsa.c | 11 +-
src/lib/krb5/krb/auth_con.c | 23 +-
src/lib/krb5/krb/gic_keytab.c | 4 -
src/lib/krb5/krb/init_ctx.c | 9 -
src/lib/krb5/krb/mk_req_ext.c | 43 +--
src/lib/krb5/krb/s4u_creds.c | 3 -
src/lib/krb5/krb/ser_ctx.c | 2 +-
src/man/kdc.conf.man | 47 +--
src/man/krb5.conf.man | 6 +-
.../leash/htmlhelp/html/Encryption_Types.htm | 14 +-
56 files changed, 74 insertions(+), 2181 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Display unsupported enctype names

Add a table of unsupported enctype numbers to enctype_util.c and
consult it in krb5_enctype_to_name(). Treat unsupported enctype
numbers as deprecated in krb5int_c_deprecated_enctype(). In kadmin,
display "UNSUPPORTED:" before invalid enctype names.

https://github.com/krb5/krb5/commit/ebbc6e8e99ee9d5d757411200a6a3173171774df
Author: Greg Hudson <ghudson@mit.edu>
Commit: ebbc6e8e99ee9d5d757411200a6a3173171774df
Branch: master
src/kadmin/cli/kadmin.c | 4 +++-
src/lib/crypto/krb/enctype_util.c | 22 +++++++++++++++++++++-
2 files changed, 24 insertions(+), 2 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Remove now-unused checksum functions

fb2dada5eb89c4cd4e39dedd6dbb7dbd5e94f8b8 removed all call sites of
krb5int_cbc_checksum(), krb5int_confounder_verify(), and
krb5int_confounder_checksum(), but neglected the functions themselves.

https://github.com/krb5/krb5/commit/2063ff09b384d466c15aca8970c01d074230c815
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 2063ff09b384d466c15aca8970c01d074230c815
Branch: master
src/lib/crypto/krb/Makefile.in | 6 -
src/lib/crypto/krb/checksum_cbc.c | 41 --------
src/lib/crypto/krb/checksum_confounder.c | 159 ------------------------------
src/lib/crypto/krb/crypto_int.h | 16 ---
src/lib/crypto/krb/deps | 26 -----
5 files changed, 0 insertions(+), 248 deletions(-)
Subject: git commit
From: ghudson@mit.edu

Don't error on invalid enctypes in keytab

krb5_ktfile_get_entry() used krb5_c_enctype_compare() to compare
enctypes, in order to share keys between single-DES enctypes. As
key-sharing between enctypes is no longer done and single-DES support
has been removed, use a simple equality test to match the enctype.
This fixes a bug where krb5_kt_get_entry() would error out if the
keytab contained any entries with invalid enctypes (include single-DES
entries, after commit fb2dada5eb89c4cd4e39dedd6dbb7dbd5e94f8b8) even
if a matching entry is found.

[ghudson@mit.edu: rewrote commit message]

https://github.com/krb5/krb5/commit/38be1a0a31a6104cdf8c8d72828905775f6d6636
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 38be1a0a31a6104cdf8c8d72828905775f6d6636
Branch: master
src/lib/krb5/keytab/kt_file.c | 27 +++++----------------------
1 files changed, 5 insertions(+), 22 deletions(-)