Re: [Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
On 2015-07-23 11:06, Alexander Bokovoy wrote: On Thu, 23 Jul 2015, Christian Heimes wrote: This patch removes the dependency on M2Crypto in favor for cryptography. Cryptography is more strict about the key size and doesn't support non-standard key sizes: from M2Crypto import RC4 from ipaserver.dcerpc import arcfour_encrypt RC4.RC4(b'key').update(b'data') 'o\r@\x8c' arcfour_encrypt(b'key', b'data') Traceback (most recent call last): ... ValueError: Invalid key size (24) for RC4. Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported: arcfour_encrypt(b'key12', b'data') '\xcd\xf80d' RC4.RC4(b'key12').update(b'data') '\xcd\xf80d' Note that we are using NTLMv2 or Kerberos user session keys which are 128 bit long in this context. And please rework the spec file change as Honza noted. Thanks for the feedback regarding the key size, 128bit works. Is RC4 really the only supported algorithm for session keys? RC4 is insecure, especially the first few bytes have a high bias. It may not be much of an issue for short-lived session keys, though. Christian signature.asc Description: OpenPGP digital signature -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
On Thu, 23 Jul 2015, Christian Heimes wrote: On 2015-07-23 11:06, Alexander Bokovoy wrote: On Thu, 23 Jul 2015, Christian Heimes wrote: This patch removes the dependency on M2Crypto in favor for cryptography. Cryptography is more strict about the key size and doesn't support non-standard key sizes: from M2Crypto import RC4 from ipaserver.dcerpc import arcfour_encrypt RC4.RC4(b'key').update(b'data') 'o\r@\x8c' arcfour_encrypt(b'key', b'data') Traceback (most recent call last): ... ValueError: Invalid key size (24) for RC4. Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported: arcfour_encrypt(b'key12', b'data') '\xcd\xf80d' RC4.RC4(b'key12').update(b'data') '\xcd\xf80d' Note that we are using NTLMv2 or Kerberos user session keys which are 128 bit long in this context. And please rework the spec file change as Honza noted. Thanks for the feedback regarding the key size, 128bit works. Is RC4 really the only supported algorithm for session keys? RC4 is insecure, especially the first few bytes have a high bias. It may not be much of an issue for short-lived session keys, though. It is not a session key algorithm. It is an algorithm used to encrypt trust authentication information when passing it over. We pass trust authentication information in clear, then encrypt it with a session key for the transfer and on the receiving side DC does unwrapping and uses the clear-text version of the trust secret to derive all needed cross-realm keys. MS-LSAD puts it this way (5.1.1): - Implementations of this protocol protect the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB structure by encrypting the data referenced by that structure's AuthBlob field. The RC4 algorithm is used to encrypt the data on request (and reply) and decrypt the data on receipt. The key, required during runtime by the RC4 algorithm, is the 16-byte key specified by the method that uses this structure (for example, see section 3.1.4.7.10). The size of data (the AuthSize field of LSAPR_TRUSTED_DOMAIN_AUTH_BLOB) must remain unencrypted. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
On Thu, 23 Jul 2015, Christian Heimes wrote:
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
From da4aa9baa932e335ad0bd0f3cfe2551667c7ca76 Mon Sep 17 00:00:00 2001
From: Christian Heimes chei...@redhat.com
Date: Tue, 21 Jul 2015 15:18:40 +0200
Subject: [PATCH] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
---
freeipa.spec.in | 1 +
ipaserver/dcerpc.py | 15 ++-
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/freeipa.spec.in b/freeipa.spec.in
index
fef20e1f7e6fde9b90851a2686e515a6a779f954..afae22430515a9f15eced9e16e0a6e192400e6e2
100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -150,6 +150,7 @@ Requires(preun): python systemd-units
Requires(postun): python systemd-units
Requires: python-dns = 1.11.1
Requires: python-kdcproxy = 0.3
+Requires: python-cryptography
Requires: zip
Requires: policycoreutils = 2.1.12-5
Requires: tar
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index
4de5afb540e880e8948749c2cfa9a019eb807c47..578b3ee209ee988bca4d75bd5b898f339625236c
100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -42,7 +42,8 @@ from samba.ndr import ndr_pack, ndr_print
from samba import net
import samba
import random
-from M2Crypto import RC4
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
+from cryptography.hazmat.backends import default_backend
try:
from ldap.controls import RequestControl as LDAPControl #pylint:
disable=F0401
except ImportError:
@@ -120,6 +121,14 @@ def assess_dcerpc_exception(num=None,message=None):
message %(message)s (both may be None)''') %
dict(num=num, message=message)
return errors.RemoteRetrieveError(reason=reason)
+
+def arcfour_encrypt(key, data):
+algorithm = algorithms.ARC4(key)
+cipher = Cipher(algorithm, mode=None, backend=default_backend())
+encryptor = cipher.encryptor()
+return encryptor.update(data)
+
+
class ExtendedDNControl(LDAPControl):
# This class attempts to implement LDAP control that would work
# with both python-ldap 2.4.x and 2.3.x, thus there is mix of properties
@@ -910,10 +919,6 @@ class TrustDomainInstance(object):
self.info['is_pdc'] = (result.role == lsa.LSA_ROLE_PRIMARY)
def generate_auth(self, trustdom_secret):
-def arcfour_encrypt(key, data):
-c = RC4.RC4(key)
-return c.update(data)
-
password_blob = string_to_array(trustdom_secret.encode('utf-16-le'))
clear_value = drsblobs.AuthInfoClear()
--
2.4.3
ACK. Tested by re-establishing trust to AD.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
Hi, Dne 23.7.2015 v 10:43 Christian Heimes napsal(a): This patch removes the dependency on M2Crypto in favor for cryptography. Cryptography is more strict about the key size and doesn't support non-standard key sizes: from M2Crypto import RC4 from ipaserver.dcerpc import arcfour_encrypt RC4.RC4(b'key').update(b'data') 'o\r@\x8c' arcfour_encrypt(b'key', b'data') Traceback (most recent call last): ... ValueError: Invalid key size (24) for RC4. Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported: arcfour_encrypt(b'key12', b'data') '\xcd\xf80d' RC4.RC4(b'key12').update(b'data') '\xcd\xf80d' http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4 https://fedorahosted.org/freeipa/ticket/5148 NACK on the spec file change. There is a BuildRequires and Requires on m2crypto, replace them with BuildRequires and Requires on python-cryptography. Honza -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
On 2015-07-23 10:54, Jan Cholasta wrote:
Hi,
Dne 23.7.2015 v 10:43 Christian Heimes napsal(a):
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
NACK on the spec file change. There is a BuildRequires and Requires on
m2crypto, replace them with BuildRequires and Requires on
python-cryptography.
Argh, m2crypto ... I was looking for M2Crypto (case sensitive). Here is
an updated patch.
An additional Requires: python-cryptography is not required.
server-trust-ad depends on ipa-server which depends on the ipa-python
package. The ipa-python package already has Requires: python-cryptography.
Christian
From d0a6ab9f9c0723af7ca027fd3522a063428b7f34 Mon Sep 17 00:00:00 2001
From: Christian Heimes chei...@redhat.com
Date: Tue, 21 Jul 2015 15:18:40 +0200
Subject: [PATCH] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
---
freeipa.spec.in | 2 --
ipaserver/dcerpc.py | 15 ++-
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/freeipa.spec.in b/freeipa.spec.in
index fef20e1f7e6fde9b90851a2686e515a6a779f954..bf04582de949e6fe8ae34ea5a96f32598247aa7e 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -84,7 +84,6 @@ BuildRequires: python-lxml
BuildRequires: python-pyasn1 = 0.0.9a
BuildRequires: python-qrcode-core = 5.0.0
BuildRequires: python-dns = 1.11.1
-BuildRequires: m2crypto
BuildRequires: check
BuildRequires: libsss_idmap-devel
BuildRequires: libsss_nss_idmap-devel = 1.12.2
@@ -219,7 +218,6 @@ Integrated DNS server is BIND 9. OpenDNSSEC provides key management.
Summary: Virtual package to install packages required for Active Directory trusts
Group: System Environment/Base
Requires: %{name}-server = %version-%release
-Requires: m2crypto
Requires: samba-python
Requires: samba = %{samba_version}
Requires: samba-winbind
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index 4de5afb540e880e8948749c2cfa9a019eb807c47..578b3ee209ee988bca4d75bd5b898f339625236c 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -42,7 +42,8 @@ from samba.ndr import ndr_pack, ndr_print
from samba import net
import samba
import random
-from M2Crypto import RC4
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
+from cryptography.hazmat.backends import default_backend
try:
from ldap.controls import RequestControl as LDAPControl #pylint: disable=F0401
except ImportError:
@@ -120,6 +121,14 @@ def assess_dcerpc_exception(num=None,message=None):
message %(message)s (both may be None)''') % dict(num=num, message=message)
return errors.RemoteRetrieveError(reason=reason)
+
+def arcfour_encrypt(key, data):
+algorithm = algorithms.ARC4(key)
+cipher = Cipher(algorithm, mode=None, backend=default_backend())
+encryptor = cipher.encryptor()
+return encryptor.update(data)
+
+
class ExtendedDNControl(LDAPControl):
# This class attempts to implement LDAP control that would work
# with both python-ldap 2.4.x and 2.3.x, thus there is mix of properties
@@ -910,10 +919,6 @@ class TrustDomainInstance(object):
self.info['is_pdc'] = (result.role == lsa.LSA_ROLE_PRIMARY)
def generate_auth(self, trustdom_secret):
-def arcfour_encrypt(key, data):
-c = RC4.RC4(key)
-return c.update(data)
-
password_blob = string_to_array(trustdom_secret.encode('utf-16-le'))
clear_value = drsblobs.AuthInfoClear()
--
2.4.3
signature.asc
Description: OpenPGP digital signature
--
Manage your subscription for the
Re: [Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
On Thu, 23 Jul 2015, Christian Heimes wrote: This patch removes the dependency on M2Crypto in favor for cryptography. Cryptography is more strict about the key size and doesn't support non-standard key sizes: from M2Crypto import RC4 from ipaserver.dcerpc import arcfour_encrypt RC4.RC4(b'key').update(b'data') 'o\r@\x8c' arcfour_encrypt(b'key', b'data') Traceback (most recent call last): ... ValueError: Invalid key size (24) for RC4. Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported: arcfour_encrypt(b'key12', b'data') '\xcd\xf80d' RC4.RC4(b'key12').update(b'data') '\xcd\xf80d' Note that we are using NTLMv2 or Kerberos user session keys which are 128 bit long in this context. And please rework the spec file change as Honza noted. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
[Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
From da4aa9baa932e335ad0bd0f3cfe2551667c7ca76 Mon Sep 17 00:00:00 2001
From: Christian Heimes chei...@redhat.com
Date: Tue, 21 Jul 2015 15:18:40 +0200
Subject: [PATCH] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
---
freeipa.spec.in | 1 +
ipaserver/dcerpc.py | 15 ++-
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/freeipa.spec.in b/freeipa.spec.in
index fef20e1f7e6fde9b90851a2686e515a6a779f954..afae22430515a9f15eced9e16e0a6e192400e6e2 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -150,6 +150,7 @@ Requires(preun): python systemd-units
Requires(postun): python systemd-units
Requires: python-dns = 1.11.1
Requires: python-kdcproxy = 0.3
+Requires: python-cryptography
Requires: zip
Requires: policycoreutils = 2.1.12-5
Requires: tar
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index 4de5afb540e880e8948749c2cfa9a019eb807c47..578b3ee209ee988bca4d75bd5b898f339625236c 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -42,7 +42,8 @@ from samba.ndr import ndr_pack, ndr_print
from samba import net
import samba
import random
-from M2Crypto import RC4
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
+from cryptography.hazmat.backends import default_backend
try:
from ldap.controls import RequestControl as LDAPControl #pylint: disable=F0401
except ImportError:
@@ -120,6 +121,14 @@ def assess_dcerpc_exception(num=None,message=None):
message %(message)s (both may be None)''') % dict(num=num, message=message)
return errors.RemoteRetrieveError(reason=reason)
+
+def arcfour_encrypt(key, data):
+algorithm = algorithms.ARC4(key)
+cipher = Cipher(algorithm, mode=None, backend=default_backend())
+encryptor = cipher.encryptor()
+return encryptor.update(data)
+
+
class ExtendedDNControl(LDAPControl):
# This class attempts to implement LDAP control that would work
# with both python-ldap 2.4.x and 2.3.x, thus there is mix of properties
@@ -910,10 +919,6 @@ class TrustDomainInstance(object):
self.info['is_pdc'] = (result.role == lsa.LSA_ROLE_PRIMARY)
def generate_auth(self, trustdom_secret):
-def arcfour_encrypt(key, data):
-c = RC4.RC4(key)
-return c.update(data)
-
password_blob = string_to_array(trustdom_secret.encode('utf-16-le'))
clear_value = drsblobs.AuthInfoClear()
--
2.4.3
signature.asc
Description: OpenPGP digital signature
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
