Message ID | 20180506175153.22629-4-zackw@panix.com |
---|---|
State | New |
Headers | show |
Series | Revise crypto documentation, deprecate DES, add --disable-crypt | expand |
On 05/06/2018 07:51 PM, Zack Weinberg wrote: > +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r', 'cbc_crypt', > + 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and decrypt > + data with the DES block cipher, which is no longer considered secure. > + Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and > + post-processing of the encryption key and data to be encrypted, and > + encrypt and setkey are not thread-safe. Software that still uses these > + functions should switch to a modern cryptography library, such as GnuTLS. GNUTLS is no longer part of the GNU project. You should recommend libgcrypt instead. > Changes to build and runtime requirements: > > [Add changes to build and runtime requirements here] > diff --git a/crypt/Makefile b/crypt/Makefile > index 303800df73..e122bcebf0 100644 > --- a/crypt/Makefile > +++ b/crypt/Makefile > @@ -32,6 +32,9 @@ libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \ > > tests := cert md5c-test sha256c-test sha512c-test badsalttest > > +# cert.c tests the deprecated setkey/encrypt interface > +CFLAGS-cert.c = -Wno-deprecated-declarations Okay. > ifeq ($(crypt-in-libc),yes) > routines += $(libcrypt-routines) > endif > diff --git a/crypt/crypt.h b/crypt/crypt.h > index 5da098b715..22cf13ff89 100644 > --- a/crypt/crypt.h > +++ b/crypt/crypt.h > @@ -32,13 +32,18 @@ __BEGIN_DECLS > extern char *crypt (const char *__key, const char *__salt) > __THROW __nonnull ((1, 2)); > > -/* Setup DES tables according KEY. */ > -extern void setkey (const char *__key) __THROW __nonnull ((1)); > +/* Set the encryption key for subsequent calls to 'encrypt'. > + This function should not be used in new programs, because the cipher > + it uses is DES, which is unacceptably weak by modern standards. */ > +extern void setkey (const char *__key) > + __THROW __nonnull ((1)) __attribute_deprecated__; > > /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt > - block in place. */ > + block in place. The key is controlled by 'setkey'. > + This function should not be used in new programs, because the cipher > + it uses is DES, which is unacceptably weak by modern standards. */ > extern void encrypt (char *__glibc_block, int __edflag) > - __THROW __nonnull ((1)); > + __THROW __nonnull ((1)) __attribute_deprecated__; > > #ifdef __USE_GNU > /* Reentrant versions of the functions above. The additional argument > @@ -63,11 +68,11 @@ extern char *crypt_r (const char *__key, const char *__salt, > > extern void setkey_r (const char *__key, > struct crypt_data * __restrict __data) > - __THROW __nonnull ((1, 2)); > + __THROW __nonnull ((1, 2)) __attribute_deprecated__; > > extern void encrypt_r (char *__glibc_block, int __edflag, > struct crypt_data * __restrict __data) > - __THROW __nonnull ((1, 3)); > + __THROW __nonnull ((1, 3)) __attribute_deprecated__; > #endif Okay. > __END_DECLS > diff --git a/posix/unistd.h b/posix/unistd.h > index 4d149f9945..5d4e07f6c8 100644 > --- a/posix/unistd.h > +++ b/posix/unistd.h > @@ -1127,10 +1127,12 @@ extern char *crypt (const char *__key, const char *__salt) > __THROW __nonnull ((1, 2)); > > /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt > - block in place. */ > -extern void encrypt (char *__glibc_block, int __edflag) > - __THROW __nonnull ((1)); > + block in place. The key is controlled by 'setkey', in stdlib.h. > > + This function should not be used in new programs, because the cipher > + it uses is DES, which is unacceptably weak by modern standards. */ > +extern void encrypt (char *__glibc_block, int __edflag) > + __THROW __nonnull ((1)) __attribute_deprecated__; Okay. > > /* Swab pairs bytes in the first N bytes of the area pointed to by > FROM and copy the result to TO. The value of TO must not be in the > diff --git a/stdlib/stdlib.h b/stdlib/stdlib.h > index 6b1ead31e0..5b104bcc51 100644 > --- a/stdlib/stdlib.h > +++ b/stdlib/stdlib.h > @@ -959,8 +959,13 @@ extern int getsubopt (char **__restrict __optionp, > > > #ifdef __USE_XOPEN > -/* Setup DES tables according KEY. */ > -extern void setkey (const char *__key) __THROW __nonnull ((1)); > +/* Set the encryption key for subsequent calls to 'encrypt', which is > + declared in unistd.h. > + > + This function should not be used in new programs, because the cipher > + it uses is DES, which is unacceptably weak by modern standards. */ > +extern void setkey (const char *__key) > + __THROW __nonnull ((1)) __attribute_deprecated__; > #endif Okay. > diff --git a/sunrpc/Makefile b/sunrpc/Makefile > index 8f2a3c8213..07fb90de6b 100644 > --- a/sunrpc/Makefile > +++ b/sunrpc/Makefile > @@ -156,6 +156,15 @@ CFLAGS-pmap_rmt.c += -fexceptions > CFLAGS-clnt_perr.c += -fexceptions > CFLAGS-openchild.c += -fexceptions > > +# These files implement Secure RPC authentication using DES, which is > +# no longer secure and has had some of the associated functions tagged > +# __attribute_deprecated__. > +CFLAGS-auth_des.c += -Wno-deprecated-declarations > +CFLAGS-des_crypt.c += -Wno-deprecated-declarations > +CFLAGS-des_soft.c += -Wno-deprecated-declarations > +CFLAGS-svcauth_des.c += -Wno-deprecated-declarations > +CFLAGS-xcrypt.c += -Wno-deprecated-declarations > + Okay. > sunrpc-CPPFLAGS = -D_RPC_THREAD_SAFE_ > CPPFLAGS += $(sunrpc-CPPFLAGS) > BUILD_CPPFLAGS += $(sunrpc-CPPFLAGS) > diff --git a/sunrpc/rpc/des_crypt.h b/sunrpc/rpc/des_crypt.h > index 77cca3cbed..85875afa11 100644 > --- a/sunrpc/rpc/des_crypt.h > +++ b/sunrpc/rpc/des_crypt.h > @@ -70,6 +70,10 @@ __BEGIN_DECLS > * DESERR_NOHWDEVICE is returned if DES_HW was specified but > * there was no hardware to do it on (the data will still be > * encrypted though, in software). > + * > + * None of the functions in this header should be used in new programs, > + * because the cipher they use is DES, which is unacceptably weak by > + * modern standards. > */ > > > @@ -77,19 +81,20 @@ __BEGIN_DECLS > * Cipher Block Chaining mode > */ > extern int cbc_crypt (char *__key, char *__buf, unsigned __len, > - unsigned __mode, char *__ivec) __THROW; > + unsigned __mode, char *__ivec) > + __THROW __attribute_deprecated__; > > /* > * Electronic Code Book mode > */ > extern int ecb_crypt (char *__key, char *__buf, unsigned __len, > - unsigned __mode) __THROW; > + unsigned __mode) __THROW __attribute_deprecated__; > > /* > * Set des parity for a key. > * DES parity is odd and in the low bit of each byte > */ > -extern void des_setparity (char *__key) __THROW; > +extern void des_setparity (char *__key) __THROW __attribute_deprecated__; Okay. Thanks, Florian
On Tue, May 8, 2018 at 10:33 AM, Florian Weimer <fweimer@redhat.com> wrote: > On 05/06/2018 07:51 PM, Zack Weinberg wrote: > >> +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r', >> 'cbc_crypt', >> + 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and >> decrypt >> + data with the DES block cipher, which is no longer considered secure. >> + Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and >> + post-processing of the encryption key and data to be encrypted, and >> + encrypt and setkey are not thread-safe. Software that still uses these >> + functions should switch to a modern cryptography library, such as >> GnuTLS. > > GNUTLS is no longer part of the GNU project. You should recommend libgcrypt > instead. Thanks, I didn't know that. Will change. libgcrypt is also a better suggestion because it's a cryptography library first, rather than a TLS protocol client first. zw
diff --git a/NEWS b/NEWS index 5155c86318..2fe2da8b59 100644 --- a/NEWS +++ b/NEWS @@ -63,6 +63,14 @@ Deprecated and removed features, and other changes affecting compatibility: binaries; the headers <ustat.h> and <sys/ustat.h> have been removed. This function has been deprecated in favor of fstatfs and statfs. +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r', 'cbc_crypt', + 'ecb_crypt', and 'des_setparity' are deprecated. They encrypt and decrypt + data with the DES block cipher, which is no longer considered secure. + Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and + post-processing of the encryption key and data to be encrypted, and + encrypt and setkey are not thread-safe. Software that still uses these + functions should switch to a modern cryptography library, such as GnuTLS. + Changes to build and runtime requirements: [Add changes to build and runtime requirements here] diff --git a/crypt/Makefile b/crypt/Makefile index 303800df73..e122bcebf0 100644 --- a/crypt/Makefile +++ b/crypt/Makefile @@ -32,6 +32,9 @@ libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \ tests := cert md5c-test sha256c-test sha512c-test badsalttest +# cert.c tests the deprecated setkey/encrypt interface +CFLAGS-cert.c = -Wno-deprecated-declarations + ifeq ($(crypt-in-libc),yes) routines += $(libcrypt-routines) endif diff --git a/crypt/crypt.h b/crypt/crypt.h index 5da098b715..22cf13ff89 100644 --- a/crypt/crypt.h +++ b/crypt/crypt.h @@ -32,13 +32,18 @@ __BEGIN_DECLS extern char *crypt (const char *__key, const char *__salt) __THROW __nonnull ((1, 2)); -/* Setup DES tables according KEY. */ -extern void setkey (const char *__key) __THROW __nonnull ((1)); +/* Set the encryption key for subsequent calls to 'encrypt'. + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ +extern void setkey (const char *__key) + __THROW __nonnull ((1)) __attribute_deprecated__; /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt - block in place. */ + block in place. The key is controlled by 'setkey'. + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ extern void encrypt (char *__glibc_block, int __edflag) - __THROW __nonnull ((1)); + __THROW __nonnull ((1)) __attribute_deprecated__; #ifdef __USE_GNU /* Reentrant versions of the functions above. The additional argument @@ -63,11 +68,11 @@ extern char *crypt_r (const char *__key, const char *__salt, extern void setkey_r (const char *__key, struct crypt_data * __restrict __data) - __THROW __nonnull ((1, 2)); + __THROW __nonnull ((1, 2)) __attribute_deprecated__; extern void encrypt_r (char *__glibc_block, int __edflag, struct crypt_data * __restrict __data) - __THROW __nonnull ((1, 3)); + __THROW __nonnull ((1, 3)) __attribute_deprecated__; #endif __END_DECLS diff --git a/posix/unistd.h b/posix/unistd.h index 4d149f9945..5d4e07f6c8 100644 --- a/posix/unistd.h +++ b/posix/unistd.h @@ -1127,10 +1127,12 @@ extern char *crypt (const char *__key, const char *__salt) __THROW __nonnull ((1, 2)); /* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt - block in place. */ -extern void encrypt (char *__glibc_block, int __edflag) - __THROW __nonnull ((1)); + block in place. The key is controlled by 'setkey', in stdlib.h. + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ +extern void encrypt (char *__glibc_block, int __edflag) + __THROW __nonnull ((1)) __attribute_deprecated__; /* Swab pairs bytes in the first N bytes of the area pointed to by FROM and copy the result to TO. The value of TO must not be in the diff --git a/stdlib/stdlib.h b/stdlib/stdlib.h index 6b1ead31e0..5b104bcc51 100644 --- a/stdlib/stdlib.h +++ b/stdlib/stdlib.h @@ -959,8 +959,13 @@ extern int getsubopt (char **__restrict __optionp, #ifdef __USE_XOPEN -/* Setup DES tables according KEY. */ -extern void setkey (const char *__key) __THROW __nonnull ((1)); +/* Set the encryption key for subsequent calls to 'encrypt', which is + declared in unistd.h. + + This function should not be used in new programs, because the cipher + it uses is DES, which is unacceptably weak by modern standards. */ +extern void setkey (const char *__key) + __THROW __nonnull ((1)) __attribute_deprecated__; #endif diff --git a/sunrpc/Makefile b/sunrpc/Makefile index 8f2a3c8213..07fb90de6b 100644 --- a/sunrpc/Makefile +++ b/sunrpc/Makefile @@ -156,6 +156,15 @@ CFLAGS-pmap_rmt.c += -fexceptions CFLAGS-clnt_perr.c += -fexceptions CFLAGS-openchild.c += -fexceptions +# These files implement Secure RPC authentication using DES, which is +# no longer secure and has had some of the associated functions tagged +# __attribute_deprecated__. +CFLAGS-auth_des.c += -Wno-deprecated-declarations +CFLAGS-des_crypt.c += -Wno-deprecated-declarations +CFLAGS-des_soft.c += -Wno-deprecated-declarations +CFLAGS-svcauth_des.c += -Wno-deprecated-declarations +CFLAGS-xcrypt.c += -Wno-deprecated-declarations + sunrpc-CPPFLAGS = -D_RPC_THREAD_SAFE_ CPPFLAGS += $(sunrpc-CPPFLAGS) BUILD_CPPFLAGS += $(sunrpc-CPPFLAGS) diff --git a/sunrpc/rpc/des_crypt.h b/sunrpc/rpc/des_crypt.h index 77cca3cbed..85875afa11 100644 --- a/sunrpc/rpc/des_crypt.h +++ b/sunrpc/rpc/des_crypt.h @@ -70,6 +70,10 @@ __BEGIN_DECLS * DESERR_NOHWDEVICE is returned if DES_HW was specified but * there was no hardware to do it on (the data will still be * encrypted though, in software). + * + * None of the functions in this header should be used in new programs, + * because the cipher they use is DES, which is unacceptably weak by + * modern standards. */ @@ -77,19 +81,20 @@ __BEGIN_DECLS * Cipher Block Chaining mode */ extern int cbc_crypt (char *__key, char *__buf, unsigned __len, - unsigned __mode, char *__ivec) __THROW; + unsigned __mode, char *__ivec) + __THROW __attribute_deprecated__; /* * Electronic Code Book mode */ extern int ecb_crypt (char *__key, char *__buf, unsigned __len, - unsigned __mode) __THROW; + unsigned __mode) __THROW __attribute_deprecated__; /* * Set des parity for a key. * DES parity is odd and in the low bit of each byte */ -extern void des_setparity (char *__key) __THROW; +extern void des_setparity (char *__key) __THROW __attribute_deprecated__; __END_DECLS