From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 4 Mar 2016 18:25:28 +0000 (-0500)
Subject: Allow zero cksumtype in krb5_k_verify_checksum()
X-Git-Tag: krb5-1.15-beta1~244
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=78e77f10aca448161077016677b0fe963d6bf9ee;p=thirdparty%2Fkrb5.git

Allow zero cksumtype in krb5_k_verify_checksum()

A checksum type of 0 means to use the mandatory checksum type in
krb5_k_make_checksum(), krb5_k_make_checksum_iov(), and
krb5_k_verify_checksum_iov().  Extend this meaning to
krb5_k_verify_checksum() for the checksum type in the krb5_checksum
argument.  This change also applies to krb5_c_verify_checksum().

Add code to t_cksums.c to test checksum verification, including with
checksum type 0 for applicable test cases.

ticket: 8375 (new)
---

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 851cea3734..0a0d272ca1 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -904,8 +904,10 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
  *
  * This function verifies that @a cksum is a valid checksum for @a data.  If
  * the checksum type of @a cksum is a keyed checksum, @a key is used to verify
- * the checksum.  The actual checksum key will be derived from @a key and @a
- * usage if key derivation is specified for the checksum type.
+ * the checksum.  If the checksum type in @a cksum is 0 and @a key is not NULL,
+ * the mandatory checksum type for @a key will be used.  The actual checksum
+ * key will be derived from @a key and @a usage if key derivation is specified
+ * for the checksum type.
  *
  * @note This function is similar to krb5_k_verify_checksum(), but operates
  * on keyblock @a key.
@@ -1470,8 +1472,10 @@ krb5_k_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
  *
  * This function verifies that @a cksum is a valid checksum for @a data.  If
  * the checksum type of @a cksum is a keyed checksum, @a key is used to verify
- * the checksum.  The actual checksum key will be derived from @a key and @a
- * usage if key derivation is specified for the checksum type.
+ * the checksum.  If the checksum type in @a cksum is 0 and @a key is not NULL,
+ * the mandatory checksum type for @a key will be used.  The actual checksum
+ * key will be derived from @a key and @a usage if key derivation is specified
+ * for the checksum type.
  *
  * @note This function is similar to krb5_c_verify_checksum(), but operates
  * on opaque @a key.
diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c
index cad16f7594..7c4c6dbb67 100644
--- a/src/lib/crypto/crypto_tests/t_cksums.c
+++ b/src/lib/crypto/crypto_tests/t_cksums.c
@@ -174,7 +174,8 @@ main(int argc, char **argv)
     krb5_keyblock kb, *kbp;
     krb5_data plain;
     krb5_checksum cksum;
-    krb5_boolean verbose = FALSE;
+    krb5_cksumtype mtype;
+    krb5_boolean valid, verbose = FALSE;
     int status = 0;
 
     if (argc >= 2 && strcmp(argv[1], "-v") == 0)
@@ -214,6 +215,31 @@ main(int argc, char **argv)
             if (!verbose)
                 break;
         }
+
+        /* Test that the checksum verifies successfully. */
+        ret = krb5_c_verify_checksum(context, kbp, test->usage, &plain, &cksum,
+                                     &valid);
+        assert(!ret);
+        if (!valid) {
+            printf("test %d verify failed\n", (int)i);
+            status = 1;
+            if (!verbose)
+                break;
+        }
+
+        if (kbp != NULL) {
+            ret = krb5int_c_mandatory_cksumtype(context, kbp->enctype, &mtype);
+            assert(!ret);
+            if (test->sumtype == mtype) {
+                /* Test that a checksum type of 0 uses the mandatory checksum
+                 * type for the key. */
+                cksum.checksum_type = 0;
+                ret = krb5_c_verify_checksum(context, kbp, test->usage, &plain,
+                                             &cksum, &valid);
+                assert(!ret && valid);
+            }
+        }
+
         krb5_free_checksum_contents(context, &cksum);
     }
     return status;
diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c
index 45b33f4244..09425ea7aa 100644
--- a/src/lib/crypto/krb/verify_checksum.c
+++ b/src/lib/crypto/krb/verify_checksum.c
@@ -33,6 +33,7 @@ krb5_k_verify_checksum(krb5_context context, krb5_key key,
                        const krb5_checksum *cksum, krb5_boolean *valid)
 {
     const struct krb5_cksumtypes *ctp;
+    krb5_cksumtype cksumtype;
     krb5_crypto_iov iov;
     krb5_error_code ret;
     krb5_data cksum_data;
@@ -41,7 +42,15 @@ krb5_k_verify_checksum(krb5_context context, krb5_key key,
     iov.flags = KRB5_CRYPTO_TYPE_DATA;
     iov.data = *data;
 
-    ctp = find_cksumtype(cksum->checksum_type);
+    /* A 0 checksum type means use the mandatory checksum. */
+    cksumtype = cksum->checksum_type;
+    if (cksumtype == 0 && key != NULL) {
+        ret = krb5int_c_mandatory_cksumtype(context, key->keyblock.enctype,
+                                            &cksumtype);
+        if (ret)
+            return ret;
+    }
+    ctp = find_cksumtype(cksumtype);
     if (ctp == NULL)
         return KRB5_BAD_ENCTYPE;