[1859] in Kerberos-V5-bugs
Re: k5 gss doesn't conform to spec
daemon@ATHENA.MIT.EDU (Sean Mullan)
Tue Apr 2 12:51:17 1996
To: Doug Engert <DEEngert@anl.gov>
Cc: "Theodore Ts'o" <tytso@MIT.EDU>, "Richard Basch" <basch@lehman.com>,
krb5-bugs@MIT.EDU, John Linn <linn@cam.ov.com>,
mullan_s@apollo.hp.com (Sean Mullan), Rich Salz <rsalz@osf.org>
In-Reply-To: <199604021653.KAA23008@pembroke.ctd.anl.gov>
Date: Tue, 02 Apr 1996 12:50:19 -0500
From: Sean Mullan <mullan_s@apollo.hp.com>
On Tue, 2 Apr 1996 10:53:48 -0600 Doug Engert wrote:
>Theodore Ts'o writes:
> > Date: Fri, 29 Mar 1996 02:10:49 -0500
> > From: "Richard Basch" <basch@lehman.com>
> >
> > 1.2.2.1 Checksum
> >
> > DES MAC MD5 algorithm ... A standard 64-bit DES-CBC MAC is computed per
> > [FIPS PUB 113], employing the context key and a zero IV.
> >
> > If you follow the checksum logic, it uses the key as the IV.
> >
> > Thanks for noticing this. A quick check through our sources indicates
> > that GSSAPI is the only thing that is using CKSUMTYPE_DESCBC.
>>
> > The only question, though, is whether anything else used to use that
> > cksumtype. My main concern at this point is old OSF/DCE
> > implementations. If someone has any information on that score, I'd
> > appreciate hearing about it.
>
>Ted,
>
>I got your voice mail on this subject, sorry, I was not in the
>office. The changes I had to add to K5.6 to get it to work with DCE
>was to use CKSUMTYPE_RSA_MD4 rather then CKSUMTYPE_RSA_MD5 as the
>default. I do NOT have the OSF source (yet) to check if the
>CKSUMTYPE_DESCBC is used at all.
>
>If you have a mod you would like me to try, I can test to see if I can
>still get tickets, forward them and get a DCE context.
>
>Is it as simple as replacing the two calls to
>mit_des_cbc_cksum(in, contents, in_length, schedule, key); with
>mit_des_cbc_cksum(in, contents, in_length, schedule, 0);
>in /lib/crypto/des/cbc_cksum.c ?
>
>Or is there some trap to install to make sure it is not using the
>CKSUMTYPE_DESCBC?
>
>I also forward this on to mullan_s@apollo.hp.com (Sean Mullan)
>and Rich Salz <rsalz@osf.org> who have access to the source.
>
> Douglas E. Engert
> Systems Programming
> Argonne National Laboratory
> 9700 South Cass Avenue
> Argonne, Illinois 60439
> (708) 252-5444
>
> Internet: DEEngert@anl.gov
Yes, I just checked the DCE sources and CKSUMTYPE_DESCBC is used
in the password change protocol and when transmitting keys across the
network between security replicas.
I would need a bit more context to understand the issue described above.
Please let me know if I can be of more help.
Thanks,
Sean
(HP)
