[17045] in Kerberos-V5-bugs
[krbdev.mit.edu #9181] verify_mic_v3 broken in 1.22
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Sun Aug 17 13:42:50 2025
From: "Greg Hudson via RT" <rt@krbdev.mit.edu>
In-Reply-To: <rt-4.4.3-2-3572882-1755444148-446.9181-5-0@mit.edu>
Message-ID: <rt-4.4.3-2-3595867-1755452562-1554.9181-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9181":;
Content-Type: multipart/mixed; boundary="----------=_1755452562-3595867-2"
Date: Sun, 17 Aug 2025 13:42:43 -0400
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Reply-To: rt@krbdev.mit.edu
Errors-To: krb5-bugs-bounces@mit.edu
This is a multi-part message in MIME format...
------------=_1755452562-3595867-2
Content-Type: text/plain; charset="utf-8"
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9181 >
I've attached a fix, which I am fairly confident about. (The actual commit
will also add tests.)
------------=_1755452562-3595867-2
Content-Type: text/plain; charset="utf-8"; name="patch.txt"
Content-Disposition: inline; filename="patch.txt"
Content-Transfer-Encoding: 7bit
RT-Attachment: 9181/103781/25914
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
index 28411429bf..386842e8a6 100644
--- a/src/lib/gssapi/krb5/util_crypt.c
+++ b/src/lib/gssapi/krb5/util_crypt.c
@@ -322,12 +322,16 @@ kg_verify_checksum_v3(krb5_context context, krb5_key key, krb5_keyusage usage,
uint8_t ckhdr[16];
krb5_boolean valid;
- /* Compose an RFC 4121 token header with EC and RRC set to 0. */
+ /*
+ * Compose an RFC 4121 token header for the checksum. For a wrap token,
+ * the EC and RRC fields have the value 0 for the checksum operation,
+ * regardless of their values in the actual token (RFC 4121 section 4.2.4).
+ * For a MIC token, the corresponding four bytes have the value 0xFF.
+ */
store_16_be(toktype, ckhdr);
ckhdr[2] = flags;
ckhdr[3] = 0xFF;
- store_16_be(0, ckhdr + 4);
- store_16_be(0, ckhdr + 6);
+ store_32_be((toktype == KG2_TOK_MIC_MSG) ? 0xFFFFFFFF : 0, ckhdr + 4);
store_64_be(seqnum, ckhdr + 8);
/* Verify the checksum over the data and composed header. */
diff --git a/src/lib/gssapi/krb5/verify_mic.c b/src/lib/gssapi/krb5/verify_mic.c
index 9852f49912..1c11d2016f 100644
--- a/src/lib/gssapi/krb5/verify_mic.c
+++ b/src/lib/gssapi/krb5/verify_mic.c
@@ -90,7 +90,6 @@ verify_mic_v3(krb5_context context, OM_uint32 *minor_status,
krb5_gss_ctx_id_rec *ctx, struct k5input *in,
gss_buffer_t message)
{
- OM_uint32 status;
krb5_keyusage usage;
krb5_key key;
krb5_cksumtype cksumtype;
@@ -124,12 +123,10 @@ verify_mic_v3(krb5_context context, OM_uint32 *minor_status,
}
assert(key != NULL);
- status = kg_verify_checksum_v3(context, key, usage, cksumtype,
- KG2_TOK_MIC_MSG, flags, seqnum,
- message->value, message->length,
- in->ptr, in->len);
- if (status != GSS_S_COMPLETE)
- return status;
+ if (!kg_verify_checksum_v3(context, key, usage, cksumtype, KG2_TOK_MIC_MSG,
+ flags, seqnum, message->value, message->length,
+ in->ptr, in->len))
+ return GSS_S_BAD_SIG;
return g_seqstate_check(ctx->seqstate, seqnum);
}
------------=_1755452562-3595867-2
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
------------=_1755452562-3595867-2--
