[2696] in Kerberos-V5-bugs
Re: krb5-admin/395: addprinc -randkey appears to generate the same key each time
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Wed Mar 12 16:05:48 1997
Date: Wed, 12 Mar 1997 21:02:08 GMT
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: krb5-bugs-redist@MIT.EDU
[ My response to Paul's bug report is below. This message has already
been entered in the PR database. ]
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: ppomes@Qualcomm.com
Cc: krb5-bugs@MIT.EDU, ppomes@Qualcomm.com, tep@sdsc.edu
Subject:
Date: Wed, 12 Mar 1997 19:19:07 GMT
You can relax; there is not a serious bug here.
To explain: When you create a principal with kadm5_create_principal
(which kadmin's add_princ uses), you have to specify a password. If
you are going to randomize the principal's key, then of course that
password doesn't matter; but you still need to specify one.
Therefore, when you call add_principal -randkey, the following
sequence of events occurs:
1. Create principal with pw = "\x01\x02...\xff" and with
DISALLOW_ALL_TIX set.
2. Randomize the principal's key.
3. Modify the principal to unset DISALLOW_ALL_TIX.
In step 1, passwd_check() is called with the dummy password, which is
why you saw it containing the same value each time. That password is
never used. passwd_check() is never called with a random key, because
a random key is not a password.
You can verify that keys are being randomized by extracting a
principal twice into a keytab and using klist -k -K to show the actual
keys.
That being said, there are still a couple minor issues to resolve:
a. You said "the -randkey argument to ... modprinc". modprinc never
modifies principal keys, so it does not take the -randkey argument.
If it does not actually generate a usage message when one is supplied,
though, that is a bug that could confuse a user and should be fixed.
b. There is actually a specific automated test to make sure that
kadm5_randkey_principal really does generate unique keys. However, a
quick glance at the Makefile seems to show that it isn't being run.
This should be fixed.
Before closing this PR I am going to review and verify all the claims
I've made above and fix the minor bugs.
Barry