Page MenuHomeFreeBSD
Files F154664325

D24344.id70358.diff
No OneTemporary
Actions

D24344.id70358.diff
View Options

Index: sys/conf/files
===================================================================
--- sys/conf/files
+++ sys/conf/files
@@ -3944,9 +3944,6 @@
kgssapi/krb5/krb5_mech.c optional kgssapi
kgssapi/krb5/kcrypto.c optional kgssapi
kgssapi/krb5/kcrypto_aes.c optional kgssapi
-kgssapi/krb5/kcrypto_arcfour.c optional kgssapi
-kgssapi/krb5/kcrypto_des.c optional kgssapi
-kgssapi/krb5/kcrypto_des3.c optional kgssapi
kgssapi/kgss_if.m optional kgssapi
kgssapi/gsstest.c optional kgssapi_debug
# These files in libkern/ are those needed by all architectures. Some
Index: sys/kgssapi/krb5/kcrypto.h
===================================================================
--- sys/kgssapi/krb5/kcrypto.h
+++ sys/kgssapi/krb5/kcrypto.h
@@ -95,13 +95,8 @@
void *ks_priv;
};
-extern struct krb5_encryption_class krb5_des_encryption_class;
-extern struct krb5_encryption_class krb5_des3_encryption_class;
extern struct krb5_encryption_class krb5_aes128_encryption_class;
extern struct krb5_encryption_class krb5_aes256_encryption_class;
-extern struct krb5_encryption_class krb5_arcfour_encryption_class;
-extern struct krb5_encryption_class krb5_arcfour_56_encryption_class;
-extern struct timeval krb5_warn_interval;
static __inline void
krb5_set_key(struct krb5_key_state *ks, const void *keydata)
Index: sys/kgssapi/krb5/kcrypto.c
===================================================================
--- sys/kgssapi/krb5/kcrypto.c
+++ sys/kgssapi/krb5/kcrypto.c
@@ -42,20 +42,11 @@
#include "kcrypto.h"
static struct krb5_encryption_class *krb5_encryption_classes[] = {
- &krb5_des_encryption_class,
- &krb5_des3_encryption_class,
&krb5_aes128_encryption_class,
&krb5_aes256_encryption_class,
- &krb5_arcfour_encryption_class,
- &krb5_arcfour_56_encryption_class,
NULL
};
-struct timeval krb5_warn_interval = { .tv_sec = 3600, .tv_usec = 0 };
-SYSCTL_TIMEVAL_SEC(_kern, OID_AUTO, kgssapi_warn_interval, CTLFLAG_RW,
- &krb5_warn_interval,
- "Delay in seconds between warnings of deprecated KGSSAPI crypto.");
-
struct krb5_encryption_class *
krb5_find_encryption_class(int etype)
{
Index: sys/kgssapi/krb5/kcrypto_arcfour.c
===================================================================
--- sys/kgssapi/krb5/kcrypto_arcfour.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/*-
- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
- *
- * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
- * Authors: Doug Rabson <dfr@rabson.org>
- * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/lock.h>
-#include <sys/malloc.h>
-#include <sys/md5.h>
-#include <sys/kobj.h>
-#include <sys/mbuf.h>
-#include <crypto/rc4/rc4.h>
-
-#include <kgssapi/gssapi.h>
-#include <kgssapi/gssapi_impl.h>
-
-#include "kcrypto.h"
-
-static void
-arcfour_init(struct krb5_key_state *ks)
-{
- static struct timeval lastwarn;
-
- ks->ks_priv = NULL;
- if (ratecheck(&lastwarn, &krb5_warn_interval))
- gone_in(13, "RC4 cipher for Kerberos GSS");
-}
-
-static void
-arcfour_destroy(struct krb5_key_state *ks)
-{
-
-}
-
-static void
-arcfour_set_key(struct krb5_key_state *ks, const void *in)
-{
- void *kp = ks->ks_key;
-
- if (kp != in)
- bcopy(in, kp, 16);
-}
-
-static void
-arcfour_random_to_key(struct krb5_key_state *ks, const void *in)
-{
-
- arcfour_set_key(ks, in);
-}
-
-static void
-arcfour_hmac(uint8_t *key, uint8_t *data, size_t datalen,
- uint8_t *result)
-{
- uint8_t buf[64];
- MD5_CTX md5;
- int i;
-
- for (i = 0; i < 16; i++)
- buf[i] = key[i] ^ 0x36;
- for (; i < 64; i++)
- buf[i] = 0x36;
-
- MD5Init(&md5);
- MD5Update(&md5, buf, 64);
- MD5Update(&md5, data, datalen);
- MD5Final(result, &md5);
-
- for (i = 0; i < 16; i++)
- buf[i] = key[i] ^ 0x5c;
- for (; i < 64; i++)
- buf[i] = 0x5c;
-
- MD5Init(&md5);
- MD5Update(&md5, buf, 64);
- MD5Update(&md5, result, 16);
- MD5Final(result, &md5);
-}
-
-static void
-arcfour_derive_key(const struct krb5_key_state *ks, uint32_t usage,
- uint8_t *newkey)
-{
- uint8_t t[4];
-
- t[0] = (usage >> 24);
- t[1] = (usage >> 16);
- t[2] = (usage >> 8);
- t[3] = (usage >> 0);
- if (ks->ks_class->ec_type == ETYPE_ARCFOUR_HMAC_MD5_56) {
- uint8_t L40[14] = "fortybits";
- bcopy(t, L40 + 10, 4);
- arcfour_hmac(ks->ks_key, L40, 14, newkey);
- memset(newkey + 7, 0xab, 9);
- } else {
- arcfour_hmac(ks->ks_key, t, 4, newkey);
- }
-}
-
-static int
-rc4_crypt_int(void *rs, void *buf, u_int len)
-{
-
- rc4_crypt(rs, buf, buf, len);
- return (0);
-}
-
-static void
-arcfour_encrypt(const struct krb5_key_state *ks, struct mbuf *inout,
- size_t skip, size_t len, void *ivec, size_t ivlen)
-{
- struct rc4_state rs;
- uint8_t newkey[16];
-
- arcfour_derive_key(ks, 0, newkey);
-
- /*
- * If we have an IV, then generate a new key from it using HMAC.
- */
- if (ivec) {
- uint8_t kk[16];
- arcfour_hmac(newkey, ivec, ivlen, kk);
- rc4_init(&rs, kk, 16);
- } else {
- rc4_init(&rs, newkey, 16);
- }
-
- m_apply(inout, skip, len, rc4_crypt_int, &rs);
-}
-
-static int
-MD5Update_int(void *ctx, void *buf, u_int len)
-{
-
- MD5Update(ctx, buf, len);
- return (0);
-}
-
-static void
-arcfour_checksum(const struct krb5_key_state *ks, int usage,
- struct mbuf *inout, size_t skip, size_t inlen, size_t outlen)
-{
- MD5_CTX md5;
- uint8_t Ksign[16];
- uint8_t t[4];
- uint8_t sgn_cksum[16];
-
- arcfour_hmac(ks->ks_key, "signaturekey", 13, Ksign);
-
- t[0] = usage >> 0;
- t[1] = usage >> 8;
- t[2] = usage >> 16;
- t[3] = usage >> 24;
-
- MD5Init(&md5);
- MD5Update(&md5, t, 4);
- m_apply(inout, skip, inlen, MD5Update_int, &md5);
- MD5Final(sgn_cksum, &md5);
-
- arcfour_hmac(Ksign, sgn_cksum, 16, sgn_cksum);
- m_copyback(inout, skip + inlen, outlen, sgn_cksum);
-}
-
-struct krb5_encryption_class krb5_arcfour_encryption_class = {
- "arcfour-hmac-md5", /* name */
- ETYPE_ARCFOUR_HMAC_MD5, /* etype */
- 0, /* flags */
- 1, /* blocklen */
- 1, /* msgblocklen */
- 8, /* checksumlen */
- 128, /* keybits */
- 16, /* keylen */
- arcfour_init,
- arcfour_destroy,
- arcfour_set_key,
- arcfour_random_to_key,
- arcfour_encrypt,
- arcfour_encrypt,
- arcfour_checksum
-};
-
-struct krb5_encryption_class krb5_arcfour_56_encryption_class = {
- "arcfour-hmac-md5-56", /* name */
- ETYPE_ARCFOUR_HMAC_MD5_56, /* etype */
- 0, /* flags */
- 1, /* blocklen */
- 1, /* msgblocklen */
- 8, /* checksumlen */
- 128, /* keybits */
- 16, /* keylen */
- arcfour_init,
- arcfour_destroy,
- arcfour_set_key,
- arcfour_random_to_key,
- arcfour_encrypt,
- arcfour_encrypt,
- arcfour_checksum
-};
Index: sys/kgssapi/krb5/kcrypto_des.c
===================================================================
--- sys/kgssapi/krb5/kcrypto_des.c
+++ /dev/null
@@ -1,260 +0,0 @@
-/*-
- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
- *
- * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
- * Authors: Doug Rabson <dfr@rabson.org>
- * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/lock.h>
-#include <sys/kobj.h>
-#include <sys/malloc.h>
-#include <sys/md5.h>
-#include <sys/mutex.h>
-#include <sys/mbuf.h>
-#include <crypto/des/des.h>
-#include <opencrypto/cryptodev.h>
-
-#include <kgssapi/gssapi.h>
-#include <kgssapi/gssapi_impl.h>
-
-#include "kcrypto.h"
-
-struct des1_state {
- struct mtx ds_lock;
- crypto_session_t ds_session;
-};
-
-static void
-des1_init(struct krb5_key_state *ks)
-{
- static struct timeval lastwarn;
- struct des1_state *ds;
-
- ds = malloc(sizeof(struct des1_state), M_GSSAPI, M_WAITOK|M_ZERO);
- mtx_init(&ds->ds_lock, "gss des lock", NULL, MTX_DEF);
- ks->ks_priv = ds;
- if (ratecheck(&lastwarn, &krb5_warn_interval))
- gone_in(13, "DES cipher for Kerberos GSS");
-}
-
-static void
-des1_destroy(struct krb5_key_state *ks)
-{
- struct des1_state *ds = ks->ks_priv;
-
- if (ds->ds_session)
- crypto_freesession(ds->ds_session);
- mtx_destroy(&ds->ds_lock);
- free(ks->ks_priv, M_GSSAPI);
-
-}
-
-static void
-des1_set_key(struct krb5_key_state *ks, const void *in)
-{
- struct crypto_session_params csp;
- void *kp = ks->ks_key;
- struct des1_state *ds = ks->ks_priv;
-
- if (ds->ds_session)
- crypto_freesession(ds->ds_session);
-
- if (kp != in)
- bcopy(in, kp, ks->ks_class->ec_keylen);
-
- memset(&csp, 0, sizeof(csp));
- csp.csp_mode = CSP_MODE_CIPHER;
- csp.csp_ivlen = 8;
- csp.csp_cipher_alg = CRYPTO_DES_CBC;
- csp.csp_cipher_klen = 8;
- csp.csp_cipher_key = ks->ks_key;
-
- crypto_newsession(&ds->ds_session, &csp,
- CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
-}
-
-static void
-des1_random_to_key(struct krb5_key_state *ks, const void *in)
-{
- uint8_t *outkey = ks->ks_key;
- const uint8_t *inkey = in;
-
- /*
- * Expand 56 bits of random data to 64 bits as follows
- * (in the example, bit number 1 is the MSB of the 56
- * bits of random data):
- *
- * expanded =
- * 1 2 3 4 5 6 7 p
- * 9 10 11 12 13 14 15 p
- * 17 18 19 20 21 22 23 p
- * 25 26 27 28 29 30 31 p
- * 33 34 35 36 37 38 39 p
- * 41 42 43 44 45 46 47 p
- * 49 50 51 52 53 54 55 p
- * 56 48 40 32 24 16 8 p
- */
- outkey[0] = inkey[0];
- outkey[1] = inkey[1];
- outkey[2] = inkey[2];
- outkey[3] = inkey[3];
- outkey[4] = inkey[4];
- outkey[5] = inkey[5];
- outkey[6] = inkey[6];
- outkey[7] = (((inkey[0] & 1) << 1)
- | ((inkey[1] & 1) << 2)
- | ((inkey[2] & 1) << 3)
- | ((inkey[3] & 1) << 4)
- | ((inkey[4] & 1) << 5)
- | ((inkey[5] & 1) << 6)
- | ((inkey[6] & 1) << 7));
- des_set_odd_parity(outkey);
- if (des_is_weak_key(outkey))
- outkey[7] ^= 0xf0;
-
- des1_set_key(ks, ks->ks_key);
-}
-
-static int
-des1_crypto_cb(struct cryptop *crp)
-{
- int error;
- struct des1_state *ds = (struct des1_state *) crp->crp_opaque;
-
- if (crypto_ses2caps(ds->ds_session) & CRYPTOCAP_F_SYNC)
- return (0);
-
- error = crp->crp_etype;
- if (error == EAGAIN)
- error = crypto_dispatch(crp);
- mtx_lock(&ds->ds_lock);
- if (error || (crp->crp_flags & CRYPTO_F_DONE))
- wakeup(crp);
- mtx_unlock(&ds->ds_lock);
-
- return (0);
-}
-
-static void
-des1_encrypt_1(const struct krb5_key_state *ks, int buf_type, void *buf,
- size_t skip, size_t len, void *ivec, bool encrypt)
-{
- struct des1_state *ds = ks->ks_priv;
- struct cryptop *crp;
- int error;
-
- crp = crypto_getreq(ds->ds_session, M_WAITOK);
-
- crp->crp_payload_start = skip;
- crp->crp_payload_length = len;
- crp->crp_op = encrypt ? CRYPTO_OP_ENCRYPT : CRYPTO_OP_DECRYPT;
- crp->crp_flags = CRYPTO_F_CBIFSYNC | CRYPTO_F_IV_SEPARATE;
- if (ivec) {
- memcpy(crp->crp_iv, ivec, 8);
- } else {
- memset(crp->crp_iv, 0, 8);
- }
- crp->crp_buf_type = buf_type;
- crp->crp_buf = buf;
- crp->crp_opaque = ds;
- crp->crp_callback = des1_crypto_cb;
-
- error = crypto_dispatch(crp);
-
- if ((crypto_ses2caps(ds->ds_session) & CRYPTOCAP_F_SYNC) == 0) {
- mtx_lock(&ds->ds_lock);
- if (!error && !(crp->crp_flags & CRYPTO_F_DONE))
- error = msleep(crp, &ds->ds_lock, 0, "gssdes", 0);
- mtx_unlock(&ds->ds_lock);
- }
-
- crypto_freereq(crp);
-}
-
-static void
-des1_encrypt(const struct krb5_key_state *ks, struct mbuf *inout,
- size_t skip, size_t len, void *ivec, size_t ivlen)
-{
-
- des1_encrypt_1(ks, CRYPTO_BUF_MBUF, inout, skip, len, ivec, true);
-}
-
-static void
-des1_decrypt(const struct krb5_key_state *ks, struct mbuf *inout,
- size_t skip, size_t len, void *ivec, size_t ivlen)
-{
-
- des1_encrypt_1(ks, CRYPTO_BUF_MBUF, inout, skip, len, ivec, false);
-}
-
-static int
-MD5Update_int(void *ctx, void *buf, u_int len)
-{
-
- MD5Update(ctx, buf, len);
- return (0);
-}
-
-static void
-des1_checksum(const struct krb5_key_state *ks, int usage,
- struct mbuf *inout, size_t skip, size_t inlen, size_t outlen)
-{
- char hash[16];
- MD5_CTX md5;
-
- /*
- * This checksum is specifically for GSS-API. First take the
- * MD5 checksum of the message, then calculate the CBC mode
- * checksum of that MD5 checksum using a zero IV.
- */
- MD5Init(&md5);
- m_apply(inout, skip, inlen, MD5Update_int, &md5);
- MD5Final(hash, &md5);
-
- des1_encrypt_1(ks, CRYPTO_BUF_CONTIG, hash, 0, 16, NULL, true);
- m_copyback(inout, skip + inlen, outlen, hash + 8);
-}
-
-struct krb5_encryption_class krb5_des_encryption_class = {
- "des-cbc-md5", /* name */
- ETYPE_DES_CBC_CRC, /* etype */
- 0, /* flags */
- 8, /* blocklen */
- 8, /* msgblocklen */
- 8, /* checksumlen */
- 56, /* keybits */
- 8, /* keylen */
- des1_init,
- des1_destroy,
- des1_set_key,
- des1_random_to_key,
- des1_encrypt,
- des1_decrypt,
- des1_checksum
-};
Index: sys/kgssapi/krb5/kcrypto_des3.c
===================================================================
--- sys/kgssapi/krb5/kcrypto_des3.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/*-
- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
- *
- * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
- * Authors: Doug Rabson <dfr@rabson.org>
- * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/lock.h>
-#include <sys/malloc.h>
-#include <sys/mutex.h>
-#include <sys/kobj.h>
-#include <sys/mbuf.h>
-#include <crypto/des/des.h>
-#include <opencrypto/cryptodev.h>
-
-#include <kgssapi/gssapi.h>
-#include <kgssapi/gssapi_impl.h>
-
-#include "kcrypto.h"
-
-#define DES3_FLAGS (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE)
-
-struct des3_state {
- struct mtx ds_lock;
- crypto_session_t ds_cipher_session;
- crypto_session_t ds_hmac_session;
-};
-
-static void
-des3_init(struct krb5_key_state *ks)
-{
- static struct timeval lastwarn;
- struct des3_state *ds;
-
- ds = malloc(sizeof(struct des3_state), M_GSSAPI, M_WAITOK|M_ZERO);
- mtx_init(&ds->ds_lock, "gss des3 lock", NULL, MTX_DEF);
- ks->ks_priv = ds;
- if (ratecheck(&lastwarn, &krb5_warn_interval))
- gone_in(13, "DES3 cipher for Kerberos GSS");
-}
-
-static void
-des3_destroy(struct krb5_key_state *ks)
-{
- struct des3_state *ds = ks->ks_priv;
-
- if (ds->ds_cipher_session) {
- crypto_freesession(ds->ds_cipher_session);
- crypto_freesession(ds->ds_hmac_session);
- }
- mtx_destroy(&ds->ds_lock);
- free(ks->ks_priv, M_GSSAPI);
-}
-
-static void
-des3_set_key(struct krb5_key_state *ks, const void *in)
-{
- struct crypto_session_params csp;
- void *kp = ks->ks_key;
- struct des3_state *ds = ks->ks_priv;
-
- if (ds->ds_cipher_session) {
- crypto_freesession(ds->ds_cipher_session);
- crypto_freesession(ds->ds_hmac_session);
- }
-
- if (kp != in)
- bcopy(in, kp, ks->ks_class->ec_keylen);
-
- memset(&csp, 0, sizeof(csp));
- csp.csp_mode = CSP_MODE_DIGEST;
- csp.csp_auth_alg = CRYPTO_SHA1_HMAC;
- csp.csp_auth_klen = 24;
- csp.csp_auth_key = ks->ks_key;
-
- crypto_newsession(&ds->ds_hmac_session, &csp,
- CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
-
- memset(&csp, 0, sizeof(csp));
- csp.csp_mode = CSP_MODE_CIPHER;
- csp.csp_cipher_alg = CRYPTO_3DES_CBC;
- csp.csp_cipher_klen = 24;
- csp.csp_cipher_key = ks->ks_key;
- csp.csp_ivlen = 8;
-
- crypto_newsession(&ds->ds_cipher_session, &csp,
- CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
-}
-
-static void
-des3_random_to_key(struct krb5_key_state *ks, const void *in)
-{
- uint8_t *outkey;
- const uint8_t *inkey;
- int subkey;
-
- for (subkey = 0, outkey = ks->ks_key, inkey = in; subkey < 3;
- subkey++, outkey += 8, inkey += 7) {
- /*
- * Expand 56 bits of random data to 64 bits as follows
- * (in the example, bit number 1 is the MSB of the 56
- * bits of random data):
- *
- * expanded =
- * 1 2 3 4 5 6 7 p
- * 9 10 11 12 13 14 15 p
- * 17 18 19 20 21 22 23 p
- * 25 26 27 28 29 30 31 p
- * 33 34 35 36 37 38 39 p
- * 41 42 43 44 45 46 47 p
- * 49 50 51 52 53 54 55 p
- * 56 48 40 32 24 16 8 p
- */
- outkey[0] = inkey[0];
- outkey[1] = inkey[1];
- outkey[2] = inkey[2];
- outkey[3] = inkey[3];
- outkey[4] = inkey[4];
- outkey[5] = inkey[5];
- outkey[6] = inkey[6];
- outkey[7] = (((inkey[0] & 1) << 1)
- | ((inkey[1] & 1) << 2)
- | ((inkey[2] & 1) << 3)
- | ((inkey[3] & 1) << 4)
- | ((inkey[4] & 1) << 5)
- | ((inkey[5] & 1) << 6)
- | ((inkey[6] & 1) << 7));
- des_set_odd_parity(outkey);
- if (des_is_weak_key(outkey))
- outkey[7] ^= 0xf0;
- }
-
- des3_set_key(ks, ks->ks_key);
-}
-
-static int
-des3_crypto_cb(struct cryptop *crp)
-{
- int error;
- struct des3_state *ds = (struct des3_state *) crp->crp_opaque;
-
- if (crypto_ses2caps(crp->crp_session) & CRYPTOCAP_F_SYNC)
- return (0);
-
- error = crp->crp_etype;
- if (error == EAGAIN)
- error = crypto_dispatch(crp);
- mtx_lock(&ds->ds_lock);
- if (error || (crp->crp_flags & CRYPTO_F_DONE))
- wakeup(crp);
- mtx_unlock(&ds->ds_lock);
-
- return (0);
-}
-
-static void
-des3_encrypt_1(const struct krb5_key_state *ks, struct mbuf *inout,
- size_t skip, size_t len, void *ivec, bool encrypt)
-{
- struct des3_state *ds = ks->ks_priv;
- struct cryptop *crp;
- int error;
-
- crp = crypto_getreq(ds->ds_cipher_session, M_WAITOK);
-
- crp->crp_payload_start = skip;
- crp->crp_payload_length = len;
- crp->crp_op = encrypt ? CRYPTO_OP_ENCRYPT : CRYPTO_OP_DECRYPT;
- crp->crp_flags = CRYPTO_F_CBIFSYNC | CRYPTO_F_IV_SEPARATE;
- if (ivec) {
- memcpy(crp->crp_iv, ivec, 8);
- } else {
- memset(crp->crp_iv, 0, 8);
- }
- crp->crp_buf_type = CRYPTO_BUF_MBUF;
- crp->crp_mbuf = inout;
- crp->crp_opaque = ds;
- crp->crp_callback = des3_crypto_cb;
-
- error = crypto_dispatch(crp);
-
- if ((crypto_ses2caps(ds->ds_cipher_session) & CRYPTOCAP_F_SYNC) == 0) {
- mtx_lock(&ds->ds_lock);
- if (!error && !(crp->crp_flags & CRYPTO_F_DONE))
- error = msleep(crp, &ds->ds_lock, 0, "gssdes3", 0);
- mtx_unlock(&ds->ds_lock);
- }
-
- crypto_freereq(crp);
-}
-
-static void
-des3_encrypt(const struct krb5_key_state *ks, struct mbuf *inout,
- size_t skip, size_t len, void *ivec, size_t ivlen)
-{
-
- des3_encrypt_1(ks, inout, skip, len, ivec, true);
-}
-
-static void
-des3_decrypt(const struct krb5_key_state *ks, struct mbuf *inout,
- size_t skip, size_t len, void *ivec, size_t ivlen)
-{
-
- des3_encrypt_1(ks, inout, skip, len, ivec, false);
-}
-
-static void
-des3_checksum(const struct krb5_key_state *ks, int usage,
- struct mbuf *inout, size_t skip, size_t inlen, size_t outlen)
-{
- struct des3_state *ds = ks->ks_priv;
- struct cryptop *crp;
- int error;
-
- crp = crypto_getreq(ds->ds_hmac_session, M_WAITOK);
-
- crp->crp_payload_start = skip;
- crp->crp_payload_length = inlen;
- crp->crp_digest_start = skip + inlen;
- crp->crp_op = CRYPTO_OP_COMPUTE_DIGEST;
- crp->crp_flags = CRYPTO_F_CBIFSYNC;
- crp->crp_buf_type = CRYPTO_BUF_MBUF;
- crp->crp_mbuf = inout;
- crp->crp_opaque = ds;
- crp->crp_callback = des3_crypto_cb;
-
- error = crypto_dispatch(crp);
-
- if ((crypto_ses2caps(ds->ds_hmac_session) & CRYPTOCAP_F_SYNC) == 0) {
- mtx_lock(&ds->ds_lock);
- if (!error && !(crp->crp_flags & CRYPTO_F_DONE))
- error = msleep(crp, &ds->ds_lock, 0, "gssdes3", 0);
- mtx_unlock(&ds->ds_lock);
- }
-
- crypto_freereq(crp);
-}
-
-struct krb5_encryption_class krb5_des3_encryption_class = {
- "des3-cbc-sha1", /* name */
- ETYPE_DES3_CBC_SHA1, /* etype */
- EC_DERIVED_KEYS, /* flags */
- 8, /* blocklen */
- 8, /* msgblocklen */
- 20, /* checksumlen */
- 168, /* keybits */
- 24, /* keylen */
- des3_init,
- des3_destroy,
- des3_set_key,
- des3_random_to_key,
- des3_encrypt,
- des3_decrypt,
- des3_checksum
-};
-
-#if 0
-struct des3_dk_test {
- uint8_t key[24];
- uint8_t usage[8];
- size_t usagelen;
- uint8_t dk[24];
-};
-struct des3_dk_test tests[] = {
- {{0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1, 0x1c, 0x3d, 0xb5,
- 0x7c, 0x51, 0x89, 0x9b, 0x2c, 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97,
- 0x3b, 0x92},
- {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
- {0x92, 0x51, 0x79, 0xd0, 0x45, 0x91, 0xa7, 0x9b, 0x5d, 0x31, 0x92,
- 0xc4, 0xa7, 0xe9, 0xc2, 0x89, 0xb0, 0x49, 0xc7, 0x1f, 0x6e, 0xe6,
- 0x04, 0xcd}},
-
- {{0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57, 0x46, 0x57, 0x85,
- 0x31, 0xcb, 0x51, 0xc1, 0x5b, 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce,
- 0xe9, 0xf2},
- {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
- {0x9e, 0x58, 0xe5, 0xa1, 0x46, 0xd9, 0x94, 0x2a, 0x10, 0x1c, 0x46,
- 0x98, 0x45, 0xd6, 0x7a, 0x20, 0xe3, 0xc4, 0x25, 0x9e, 0xd9, 0x13,
- 0xf2, 0x07}},
-
- {{0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85, 0x9b, 0x75, 0xa1,
- 0x76, 0x54, 0x0b, 0x97, 0x52, 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2,
- 0x52, 0xbc},
- {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
- {0x13, 0xfe, 0xf8, 0x0d, 0x76, 0x3e, 0x94, 0xec, 0x6d, 0x13, 0xfd,
- 0x2c, 0xa1, 0xd0, 0x85, 0x07, 0x02, 0x49, 0xda, 0xd3, 0x98, 0x08,
- 0xea, 0xbf}},
-
- {{0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad, 0x70, 0x94, 0x68,
- 0x0b, 0x7c, 0x64, 0x94, 0x02, 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec,
- 0x92, 0xb5},
- {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
- {0xf8, 0xdf, 0xbf, 0x04, 0xb0, 0x97, 0xe6, 0xd9, 0xdc, 0x07, 0x02,
- 0x68, 0x6b, 0xcb, 0x34, 0x89, 0xd9, 0x1f, 0xd9, 0xa4, 0x51, 0x6b,
- 0x70, 0x3e}},
-
- {{0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38, 0xdc, 0xb9, 0xb9,
- 0x3e, 0xe5, 0xa7, 0x62, 0x92, 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8,
- 0x02, 0xfb},
- {0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73}, 8,
- {0x23, 0x70, 0xda, 0x57, 0x5d, 0x2a, 0x3d, 0xa8, 0x64, 0xce, 0xbf,
- 0xdc, 0x52, 0x04, 0xd5, 0x6d, 0xf7, 0x79, 0xa7, 0xdf, 0x43, 0xd9,
- 0xda, 0x43}},
-
- {{0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62, 0xe6, 0xa1, 0x45,
- 0x9d, 0x01, 0xdf, 0xd3, 0x0d, 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07,
- 0x04, 0xda},
- {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
- {0x34, 0x80, 0x57, 0xec, 0x98, 0xfd, 0xc4, 0x80, 0x16, 0x16, 0x1c,
- 0x2a, 0x4c, 0x7a, 0x94, 0x3e, 0x92, 0xae, 0x49, 0x2c, 0x98, 0x91,
- 0x75, 0xf7}},
-
- {{0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13, 0x15, 0x57, 0x19,
- 0xd5, 0x5e, 0x2f, 0x1f, 0x79, 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7,
- 0x91, 0x7c},
- {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
- {0xa8, 0x80, 0x8a, 0xc2, 0x67, 0xda, 0xda, 0x3d, 0xcb, 0xe9, 0xa7,
- 0xc8, 0x46, 0x26, 0xfb, 0xc7, 0x61, 0xc2, 0x94, 0xb0, 0x13, 0x15,
- 0xe5, 0xc1}},
-
- {{0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57, 0xdc, 0x8c, 0x34,
- 0x3b, 0xa1, 0x7f, 0x2c, 0xa1, 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad,
- 0xc4, 0x43},
- {0x00, 0x00, 0x00, 0x01, 0x55}, 5,
- {0xc8, 0x13, 0xf8, 0x8a, 0x3b, 0xe3, 0xb3, 0x34, 0xf7, 0x54, 0x25,
- 0xce, 0x91, 0x75, 0xfb, 0xe3, 0xc8, 0x49, 0x3b, 0x89, 0xc8, 0x70,
- 0x3b, 0x49}},
-
- {{0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, 0x2f, 0xea, 0xb9,
- 0xa8, 0x70, 0x1a, 0x89, 0xa4, 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec,
- 0xd0, 0x16},
- {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
- {0xf4, 0x8f, 0xfd, 0x6e, 0x83, 0xf8, 0x3e, 0x73, 0x54, 0xe6, 0x94,
- 0xfd, 0x25, 0x2c, 0xf8, 0x3b, 0xfe, 0x58, 0xf7, 0xd5, 0xba, 0x37,
- 0xec, 0x5d}},
-};
-#define N_TESTS (sizeof(tests) / sizeof(tests[0]))
-
-int
-main(int argc, char **argv)
-{
- struct krb5_key_state *key, *dk;
- uint8_t *dkp;
- int j, i;
-
- for (j = 0; j < N_TESTS; j++) {
- struct des3_dk_test *t = &tests[j];
- key = krb5_create_key(&des3_encryption_class);
- krb5_set_key(key, t->key);
- dk = krb5_derive_key(key, t->usage, t->usagelen);
- krb5_free_key(key);
- if (memcmp(dk->ks_key, t->dk, 24)) {
- printf("DES3 dk(");
- for (i = 0; i < 24; i++)
- printf("%02x", t->key[i]);
- printf(", ");
- for (i = 0; i < t->usagelen; i++)
- printf("%02x", t->usage[i]);
- printf(") failed\n");
- printf("should be: ");
- for (i = 0; i < 24; i++)
- printf("%02x", t->dk[i]);
- printf("\n result was: ");
- dkp = dk->ks_key;
- for (i = 0; i < 24; i++)
- printf("%02x", dkp[i]);
- printf("\n");
- }
- krb5_free_key(dk);
- }
-
- return (0);
-}
-#endif
Index: sys/modules/kgssapi_krb5/Makefile
===================================================================
--- sys/modules/kgssapi_krb5/Makefile
+++ sys/modules/kgssapi_krb5/Makefile
@@ -5,10 +5,7 @@
SRCS= krb5_mech.c \
kcrypto.c \
- kcrypto_des.c \
- kcrypto_des3.c \
kcrypto_aes.c \
- kcrypto_arcfour.c \
opt_inet6.h
SRCS+= kgss_if.h gssd.h

File Metadata

Mime Type
text/plain
Expires
Thu, Apr 30, 4:22 AM (17 h, 31 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
32448110
Default Alt Text
D24344.id70358.diff (27 KB)

Event Timeline