[3/4] Deprecate DES encryption functions.
Commit Message
The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt,
ecb_crypt, and des_setparity should not be used in new programs,
because they use the DES block cipher, which is unacceptably weak by
modern standards. Mark all of them with __attribute_deprecated__.
cbc_crypt, ecb_crypt, and des_setparity are already compat symbols
when glibc is configured with --disable-obsolete-rpc. I think it is
appropriate to keep encrypt, setkey, encrypt_r, and setkey_r as normal
symbols until they are formally deprecated in POSIX
(see http://austingroupbugs.net/view.php?id=1192 for the status of
that process).
DES-based authentication for Sun RPC is also insecure and should be
deprecated or even removed, but maybe that can be left as TI-RPC's
problem.
* crypt/crypt.h: Update comments above encrypt and setkey. Mark
encrypt, setkey, encrypt_r, and setkey_r with __attribute_deprecated__.
* posix/unistd.h: Update comments above encrypt.
Mark encrypt with __attribute_deprecated__.
* stdlib/stdlib.h: Update comments above setkey.
Mark setkey with __attribute_deprecated__.
* sunrpc/rpc/des_crypt.h: Add comment explaining why none of
these functions should be used in new programs. Mark cbc_crypt,
ecb_crypt, and des_setparity with __attribute_deprecated__.
* crypt/Makefile: Use -Wno-deprecated-declarations for the test
program cert.c.
* sunrpc/Makefile: Use -Wno-deprecated-declarations for
auth_des.c, des_crypt.c, des_soft.c, svcauth_des.c, and xcrypt.c.
---
NEWS | 8 ++++++++
crypt/Makefile | 3 +++
crypt/crypt.h | 17 +++++++++++------
posix/unistd.h | 8 +++++---
stdlib/stdlib.h | 9 +++++++--
sunrpc/Makefile | 9 +++++++++
sunrpc/rpc/des_crypt.h | 11 ++++++++---
7 files changed, 51 insertions(+), 14 deletions(-)
Comments
On 05/06/2018 07:51 PM, Zack Weinberg wrote:
> +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r', 'cbc_crypt',
> + 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and decrypt
> + data with the DES block cipher, which is no longer considered secure.
> + Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and
> + post-processing of the encryption key and data to be encrypted, and
> + encrypt and setkey are not thread-safe. Software that still uses these
> + functions should switch to a modern cryptography library, such as GnuTLS.
GNUTLS is no longer part of the GNU project. You should recommend
libgcrypt instead.
> Changes to build and runtime requirements:
>
> [Add changes to build and runtime requirements here]
> diff --git a/crypt/Makefile b/crypt/Makefile
> index 303800df73..e122bcebf0 100644
> --- a/crypt/Makefile
> +++ b/crypt/Makefile
> @@ -32,6 +32,9 @@ libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
>
> tests := cert md5c-test sha256c-test sha512c-test badsalttest
>
> +# cert.c tests the deprecated setkey/encrypt interface
> +CFLAGS-cert.c = -Wno-deprecated-declarations
Okay.
> ifeq ($(crypt-in-libc),yes)
> routines += $(libcrypt-routines)
> endif
> diff --git a/crypt/crypt.h b/crypt/crypt.h
> index 5da098b715..22cf13ff89 100644
> --- a/crypt/crypt.h
> +++ b/crypt/crypt.h
> @@ -32,13 +32,18 @@ __BEGIN_DECLS
> extern char *crypt (const char *__key, const char *__salt)
> __THROW __nonnull ((1, 2));
>
> -/* Setup DES tables according KEY. */
> -extern void setkey (const char *__key) __THROW __nonnull ((1));
> +/* Set the encryption key for subsequent calls to 'encrypt'.
> + This function should not be used in new programs, because the cipher
> + it uses is DES, which is unacceptably weak by modern standards. */
> +extern void setkey (const char *__key)
> + __THROW __nonnull ((1)) __attribute_deprecated__;
>
> /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
> - block in place. */
> + block in place. The key is controlled by 'setkey'.
> + This function should not be used in new programs, because the cipher
> + it uses is DES, which is unacceptably weak by modern standards. */
> extern void encrypt (char *__glibc_block, int __edflag)
> - __THROW __nonnull ((1));
> + __THROW __nonnull ((1)) __attribute_deprecated__;
>
> #ifdef __USE_GNU
> /* Reentrant versions of the functions above. The additional argument
> @@ -63,11 +68,11 @@ extern char *crypt_r (const char *__key, const char *__salt,
>
> extern void setkey_r (const char *__key,
> struct crypt_data * __restrict __data)
> - __THROW __nonnull ((1, 2));
> + __THROW __nonnull ((1, 2)) __attribute_deprecated__;
>
> extern void encrypt_r (char *__glibc_block, int __edflag,
> struct crypt_data * __restrict __data)
> - __THROW __nonnull ((1, 3));
> + __THROW __nonnull ((1, 3)) __attribute_deprecated__;
> #endif
Okay.
> __END_DECLS
> diff --git a/posix/unistd.h b/posix/unistd.h
> index 4d149f9945..5d4e07f6c8 100644
> --- a/posix/unistd.h
> +++ b/posix/unistd.h
> @@ -1127,10 +1127,12 @@ extern char *crypt (const char *__key, const char *__salt)
> __THROW __nonnull ((1, 2));
>
> /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
> - block in place. */
> -extern void encrypt (char *__glibc_block, int __edflag)
> - __THROW __nonnull ((1));
> + block in place. The key is controlled by 'setkey', in stdlib.h.
>
> + This function should not be used in new programs, because the cipher
> + it uses is DES, which is unacceptably weak by modern standards. */
> +extern void encrypt (char *__glibc_block, int __edflag)
> + __THROW __nonnull ((1)) __attribute_deprecated__;
Okay.
>
> /* Swab pairs bytes in the first N bytes of the area pointed to by
> FROM and copy the result to TO. The value of TO must not be in the
> diff --git a/stdlib/stdlib.h b/stdlib/stdlib.h
> index 6b1ead31e0..5b104bcc51 100644
> --- a/stdlib/stdlib.h
> +++ b/stdlib/stdlib.h
> @@ -959,8 +959,13 @@ extern int getsubopt (char **__restrict __optionp,
>
>
> #ifdef __USE_XOPEN
> -/* Setup DES tables according KEY. */
> -extern void setkey (const char *__key) __THROW __nonnull ((1));
> +/* Set the encryption key for subsequent calls to 'encrypt', which is
> + declared in unistd.h.
> +
> + This function should not be used in new programs, because the cipher
> + it uses is DES, which is unacceptably weak by modern standards. */
> +extern void setkey (const char *__key)
> + __THROW __nonnull ((1)) __attribute_deprecated__;
> #endif
Okay.
> diff --git a/sunrpc/Makefile b/sunrpc/Makefile
> index 8f2a3c8213..07fb90de6b 100644
> --- a/sunrpc/Makefile
> +++ b/sunrpc/Makefile
> @@ -156,6 +156,15 @@ CFLAGS-pmap_rmt.c += -fexceptions
> CFLAGS-clnt_perr.c += -fexceptions
> CFLAGS-openchild.c += -fexceptions
>
> +# These files implement Secure RPC authentication using DES, which is
> +# no longer secure and has had some of the associated functions tagged
> +# __attribute_deprecated__.
> +CFLAGS-auth_des.c += -Wno-deprecated-declarations
> +CFLAGS-des_crypt.c += -Wno-deprecated-declarations
> +CFLAGS-des_soft.c += -Wno-deprecated-declarations
> +CFLAGS-svcauth_des.c += -Wno-deprecated-declarations
> +CFLAGS-xcrypt.c += -Wno-deprecated-declarations
> +
Okay.
> sunrpc-CPPFLAGS = -D_RPC_THREAD_SAFE_
> CPPFLAGS += $(sunrpc-CPPFLAGS)
> BUILD_CPPFLAGS += $(sunrpc-CPPFLAGS)
> diff --git a/sunrpc/rpc/des_crypt.h b/sunrpc/rpc/des_crypt.h
> index 77cca3cbed..85875afa11 100644
> --- a/sunrpc/rpc/des_crypt.h
> +++ b/sunrpc/rpc/des_crypt.h
> @@ -70,6 +70,10 @@ __BEGIN_DECLS
> * DESERR_NOHWDEVICE is returned if DES_HW was specified but
> * there was no hardware to do it on (the data will still be
> * encrypted though, in software).
> + *
> + * None of the functions in this header should be used in new programs,
> + * because the cipher they use is DES, which is unacceptably weak by
> + * modern standards.
> */
>
>
> @@ -77,19 +81,20 @@ __BEGIN_DECLS
> * Cipher Block Chaining mode
> */
> extern int cbc_crypt (char *__key, char *__buf, unsigned __len,
> - unsigned __mode, char *__ivec) __THROW;
> + unsigned __mode, char *__ivec)
> + __THROW __attribute_deprecated__;
>
> /*
> * Electronic Code Book mode
> */
> extern int ecb_crypt (char *__key, char *__buf, unsigned __len,
> - unsigned __mode) __THROW;
> + unsigned __mode) __THROW __attribute_deprecated__;
>
> /*
> * Set des parity for a key.
> * DES parity is odd and in the low bit of each byte
> */
> -extern void des_setparity (char *__key) __THROW;
> +extern void des_setparity (char *__key) __THROW __attribute_deprecated__;
Okay.
Thanks,
Florian
On Tue, May 8, 2018 at 10:33 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 05/06/2018 07:51 PM, Zack Weinberg wrote:
>
>> +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r',
>> 'cbc_crypt',
>> + 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and
>> decrypt
>> + data with the DES block cipher, which is no longer considered secure.
>> + Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and
>> + post-processing of the encryption key and data to be encrypted, and
>> + encrypt and setkey are not thread-safe. Software that still uses these
>> + functions should switch to a modern cryptography library, such as
>> GnuTLS.
>
> GNUTLS is no longer part of the GNU project. You should recommend libgcrypt
> instead.
Thanks, I didn't know that. Will change. libgcrypt is also a better
suggestion because it's a cryptography library first, rather than a
TLS protocol client first.
zw
@@ -63,6 +63,14 @@ Deprecated and removed features, and other changes affecting compatibility:
binaries; the headers <ustat.h> and <sys/ustat.h> have been removed. This
function has been deprecated in favor of fstatfs and statfs.
+* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r', 'cbc_crypt',
+ 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and decrypt
+ data with the DES block cipher, which is no longer considered secure.
+ Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and
+ post-processing of the encryption key and data to be encrypted, and
+ encrypt and setkey are not thread-safe. Software that still uses these
+ functions should switch to a modern cryptography library, such as GnuTLS.
+
Changes to build and runtime requirements:
[Add changes to build and runtime requirements here]
@@ -32,6 +32,9 @@ libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
tests := cert md5c-test sha256c-test sha512c-test badsalttest
+# cert.c tests the deprecated setkey/encrypt interface
+CFLAGS-cert.c = -Wno-deprecated-declarations
+
ifeq ($(crypt-in-libc),yes)
routines += $(libcrypt-routines)
endif
@@ -32,13 +32,18 @@ __BEGIN_DECLS
extern char *crypt (const char *__key, const char *__salt)
__THROW __nonnull ((1, 2));
-/* Setup DES tables according KEY. */
-extern void setkey (const char *__key) __THROW __nonnull ((1));
+/* Set the encryption key for subsequent calls to 'encrypt'.
+ This function should not be used in new programs, because the cipher
+ it uses is DES, which is unacceptably weak by modern standards. */
+extern void setkey (const char *__key)
+ __THROW __nonnull ((1)) __attribute_deprecated__;
/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
- block in place. */
+ block in place. The key is controlled by 'setkey'.
+ This function should not be used in new programs, because the cipher
+ it uses is DES, which is unacceptably weak by modern standards. */
extern void encrypt (char *__glibc_block, int __edflag)
- __THROW __nonnull ((1));
+ __THROW __nonnull ((1)) __attribute_deprecated__;
#ifdef __USE_GNU
/* Reentrant versions of the functions above. The additional argument
@@ -63,11 +68,11 @@ extern char *crypt_r (const char *__key, const char *__salt,
extern void setkey_r (const char *__key,
struct crypt_data * __restrict __data)
- __THROW __nonnull ((1, 2));
+ __THROW __nonnull ((1, 2)) __attribute_deprecated__;
extern void encrypt_r (char *__glibc_block, int __edflag,
struct crypt_data * __restrict __data)
- __THROW __nonnull ((1, 3));
+ __THROW __nonnull ((1, 3)) __attribute_deprecated__;
#endif
__END_DECLS
@@ -1127,10 +1127,12 @@ extern char *crypt (const char *__key, const char *__salt)
__THROW __nonnull ((1, 2));
/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
- block in place. */
-extern void encrypt (char *__glibc_block, int __edflag)
- __THROW __nonnull ((1));
+ block in place. The key is controlled by 'setkey', in stdlib.h.
+ This function should not be used in new programs, because the cipher
+ it uses is DES, which is unacceptably weak by modern standards. */
+extern void encrypt (char *__glibc_block, int __edflag)
+ __THROW __nonnull ((1)) __attribute_deprecated__;
/* Swab pairs bytes in the first N bytes of the area pointed to by
FROM and copy the result to TO. The value of TO must not be in the
@@ -959,8 +959,13 @@ extern int getsubopt (char **__restrict __optionp,
#ifdef __USE_XOPEN
-/* Setup DES tables according KEY. */
-extern void setkey (const char *__key) __THROW __nonnull ((1));
+/* Set the encryption key for subsequent calls to 'encrypt', which is
+ declared in unistd.h.
+
+ This function should not be used in new programs, because the cipher
+ it uses is DES, which is unacceptably weak by modern standards. */
+extern void setkey (const char *__key)
+ __THROW __nonnull ((1)) __attribute_deprecated__;
#endif
@@ -156,6 +156,15 @@ CFLAGS-pmap_rmt.c += -fexceptions
CFLAGS-clnt_perr.c += -fexceptions
CFLAGS-openchild.c += -fexceptions
+# These files implement Secure RPC authentication using DES, which is
+# no longer secure and has had some of the associated functions tagged
+# __attribute_deprecated__.
+CFLAGS-auth_des.c += -Wno-deprecated-declarations
+CFLAGS-des_crypt.c += -Wno-deprecated-declarations
+CFLAGS-des_soft.c += -Wno-deprecated-declarations
+CFLAGS-svcauth_des.c += -Wno-deprecated-declarations
+CFLAGS-xcrypt.c += -Wno-deprecated-declarations
+
sunrpc-CPPFLAGS = -D_RPC_THREAD_SAFE_
CPPFLAGS += $(sunrpc-CPPFLAGS)
BUILD_CPPFLAGS += $(sunrpc-CPPFLAGS)
@@ -70,6 +70,10 @@ __BEGIN_DECLS
* DESERR_NOHWDEVICE is returned if DES_HW was specified but
* there was no hardware to do it on (the data will still be
* encrypted though, in software).
+ *
+ * None of the functions in this header should be used in new programs,
+ * because the cipher they use is DES, which is unacceptably weak by
+ * modern standards.
*/
@@ -77,19 +81,20 @@ __BEGIN_DECLS
* Cipher Block Chaining mode
*/
extern int cbc_crypt (char *__key, char *__buf, unsigned __len,
- unsigned __mode, char *__ivec) __THROW;
+ unsigned __mode, char *__ivec)
+ __THROW __attribute_deprecated__;
/*
* Electronic Code Book mode
*/
extern int ecb_crypt (char *__key, char *__buf, unsigned __len,
- unsigned __mode) __THROW;
+ unsigned __mode) __THROW __attribute_deprecated__;
/*
* Set des parity for a key.
* DES parity is odd and in the low bit of each byte
*/
-extern void des_setparity (char *__key) __THROW;
+extern void des_setparity (char *__key) __THROW __attribute_deprecated__;
__END_DECLS