From patchwork Mon Apr 30 16:27:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zack Weinberg X-Patchwork-Id: 27056 Received: (qmail 23224 invoked by alias); 30 Apr 2018 16:27:37 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 23067 invoked by uid 89); 30 Apr 2018 16:27:36 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-25.9 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_PASS autolearn=ham version=3.3.2 spammy=modern, DES, authentication, rpc X-HELO: mailbackend.panix.com From: Zack Weinberg To: libc-alpha@sourceware.org Cc: carlos@redhat.com, fweimer@redhat.com, nmav@redhat.com Subject: [PATCH 2/3] Deprecate DES encryption functions. Date: Mon, 30 Apr 2018 12:27:30 -0400 Message-Id: <20180430162731.2971-3-zackw@panix.com> In-Reply-To: <20180430162731.2971-1-zackw@panix.com> References: <20180430162731.2971-1-zackw@panix.com> MIME-Version: 1.0 The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt, ecb_crypt, and des_setparity should not be used in new programs, because they use the DES block cipher, which is unacceptably weak by modern standards. Mark all of them with __attribute_deprecated__. cbc_crypt, ecb_crypt, and des_setparity are already compat symbols when glibc is configured with --disable-obsolete-rpc. I think it is appropriate to keep encrypt, setkey, encrypt_r, and setkey_r as normal symbols until they are formally deprecated in POSIX (see http://austingroupbugs.net/view.php?id=1192 for the status of that process). DES-based authentication for Sun RPC is also insecure and should be deprecated or even removed, but maybe that can be left as TI-RPC's problem. * crypt/crypt.h: Update comments above encrypt and setkey. Mark encrypt, setkey, encrypt_r, and setkey_r with __attribute_deprecated__. * posix/unistd.h: Update comments above encrypt. Mark encrypt with __attribute_deprecated__. * stdlib/stdlib.h: Update comments above setkey. Mark setkey with __attribute_deprecated__. * sunrpc/rpc/des_crypt.h: Add comment explaining why none of these functions should be used in new programs. Mark cbc_crypt, ecb_crypt, and des_setparity with __attribute_deprecated__. * crypt/Makefile: Use -Wno-deprecated-declarations for the test program cert.c. * sunrpc/Makefile: Use -Wno-deprecated-declarations for auth_des.c, des_crypt.c, des_soft.c, svcauth_des.c, and xcrypt.c. --- NEWS | 8 ++++++++ crypt/Makefile | 3 +++ crypt/crypt.h | 17 +++++++++++------ posix/unistd.h | 8 +++++--- stdlib/stdlib.h | 9 +++++++-- sunrpc/Makefile | 9 +++++++++ sunrpc/rpc/des_crypt.h | 11 ++++++++--- 7 files changed, 51 insertions(+), 14 deletions(-) diff --git a/NEWS b/NEWS index 363e918da1..68bae1c407 100644 --- a/NEWS +++ b/NEWS @@ -59,6 +59,14 @@ Deprecated and removed features, and other changes affecting compatibility: * The tilegx*-*-linux-gnu configurations are no longer supported. +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r', 'cbc_crypt', + 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and decrypt + data with the DES block cipher, which is no longer considered secure. + Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and + post-processing of the encryption key and data to be encrypted, and + encrypt and setkey are not thread-safe. Software that still uses these + functions should switch to a modern cryptography library, such as GnuTLS. + Changes to build and runtime requirements: [Add changes to build and runtime requirements here] diff --git a/crypt/Makefile b/crypt/Makefile index 303800df73..e122bcebf0 100644 --- a/crypt/Makefile +++ b/crypt/Makefile @@ -32,6 +32,9 @@ libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \ tests := cert md5c-test sha256c-test sha512c-test badsalttest +# cert.c tests the deprecated setkey/encrypt interface +CFLAGS-cert.c = -Wno-deprecated-declarations + ifeq ($(crypt-in-libc),yes) routines += $(libcrypt-routines) endif diff --git a/crypt/crypt.h b/crypt/crypt.h index 5da098b715..22cf13ff89 100644 --- a/crypt/crypt.h +++ b/crypt/crypt.h @@ -32,13 +32,18 @@ __BEGIN_DECLS extern char *crypt (const char *__key, const char *__salt) __THROW __nonnull ((1, 2)); -/* Setup DES tables according KEY. */ -extern void setkey (const char *__key) __THROW __nonnull ((1)); +/* Set the encryption key for subsequent calls to 'encrypt'. + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ +extern void setkey (const char *__key) + __THROW __nonnull ((1)) __attribute_deprecated__; /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt - block in place. */ + block in place. The key is controlled by 'setkey'. + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ extern void encrypt (char *__glibc_block, int __edflag) - __THROW __nonnull ((1)); + __THROW __nonnull ((1)) __attribute_deprecated__; #ifdef __USE_GNU /* Reentrant versions of the functions above. The additional argument @@ -63,11 +68,11 @@ extern char *crypt_r (const char *__key, const char *__salt, extern void setkey_r (const char *__key, struct crypt_data * __restrict __data) - __THROW __nonnull ((1, 2)); + __THROW __nonnull ((1, 2)) __attribute_deprecated__; extern void encrypt_r (char *__glibc_block, int __edflag, struct crypt_data * __restrict __data) - __THROW __nonnull ((1, 3)); + __THROW __nonnull ((1, 3)) __attribute_deprecated__; #endif __END_DECLS diff --git a/posix/unistd.h b/posix/unistd.h index 4d149f9945..5d4e07f6c8 100644 --- a/posix/unistd.h +++ b/posix/unistd.h @@ -1127,10 +1127,12 @@ extern char *crypt (const char *__key, const char *__salt) __THROW __nonnull ((1, 2)); /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt - block in place. */ -extern void encrypt (char *__glibc_block, int __edflag) - __THROW __nonnull ((1)); + block in place. The key is controlled by 'setkey', in stdlib.h. + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ +extern void encrypt (char *__glibc_block, int __edflag) + __THROW __nonnull ((1)) __attribute_deprecated__; /* Swab pairs bytes in the first N bytes of the area pointed to by FROM and copy the result to TO. The value of TO must not be in the diff --git a/stdlib/stdlib.h b/stdlib/stdlib.h index 6b1ead31e0..5b104bcc51 100644 --- a/stdlib/stdlib.h +++ b/stdlib/stdlib.h @@ -959,8 +959,13 @@ extern int getsubopt (char **__restrict __optionp, #ifdef __USE_XOPEN -/* Setup DES tables according KEY. */ -extern void setkey (const char *__key) __THROW __nonnull ((1)); +/* Set the encryption key for subsequent calls to 'encrypt', which is + declared in unistd.h. + + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ +extern void setkey (const char *__key) + __THROW __nonnull ((1)) __attribute_deprecated__; #endif diff --git a/sunrpc/Makefile b/sunrpc/Makefile index 8f2a3c8213..07fb90de6b 100644 --- a/sunrpc/Makefile +++ b/sunrpc/Makefile @@ -156,6 +156,15 @@ CFLAGS-pmap_rmt.c += -fexceptions CFLAGS-clnt_perr.c += -fexceptions CFLAGS-openchild.c += -fexceptions +# These files implement Secure RPC authentication using DES, which is +# no longer secure and has had some of the associated functions tagged +# __attribute_deprecated__. +CFLAGS-auth_des.c += -Wno-deprecated-declarations +CFLAGS-des_crypt.c += -Wno-deprecated-declarations +CFLAGS-des_soft.c += -Wno-deprecated-declarations +CFLAGS-svcauth_des.c += -Wno-deprecated-declarations +CFLAGS-xcrypt.c += -Wno-deprecated-declarations + sunrpc-CPPFLAGS = -D_RPC_THREAD_SAFE_ CPPFLAGS += $(sunrpc-CPPFLAGS) BUILD_CPPFLAGS += $(sunrpc-CPPFLAGS) diff --git a/sunrpc/rpc/des_crypt.h b/sunrpc/rpc/des_crypt.h index 77cca3cbed..85875afa11 100644 --- a/sunrpc/rpc/des_crypt.h +++ b/sunrpc/rpc/des_crypt.h @@ -70,6 +70,10 @@ __BEGIN_DECLS * DESERR_NOHWDEVICE is returned if DES_HW was specified but * there was no hardware to do it on (the data will still be * encrypted though, in software). + * + * None of the functions in this header should be used in new programs, + * because the cipher they use is DES, which is unacceptably weak by + * modern standards. */ @@ -77,19 +81,20 @@ __BEGIN_DECLS * Cipher Block Chaining mode */ extern int cbc_crypt (char *__key, char *__buf, unsigned __len, - unsigned __mode, char *__ivec) __THROW; + unsigned __mode, char *__ivec) + __THROW __attribute_deprecated__; /* * Electronic Code Book mode */ extern int ecb_crypt (char *__key, char *__buf, unsigned __len, - unsigned __mode) __THROW; + unsigned __mode) __THROW __attribute_deprecated__; /* * Set des parity for a key. * DES parity is odd and in the low bit of each byte */ -extern void des_setparity (char *__key) __THROW; +extern void des_setparity (char *__key) __THROW __attribute_deprecated__; __END_DECLS