[3191] in Kerberos-V5-bugs
krb5-libs/936: krb5_c_decrypt does not understand similarity between des keys
daemon@ATHENA.MIT.EDU (assar@sics.se)
Mon Mar 26 01:09:10 2001
Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@MIT.EDU, assar@sics.se
Message-Id: <200103260608.f2Q68fa285132@ratatosk.pdc.kth.se>
Date: Mon, 26 Mar 2001 08:08:41 +0200 (CEST)
From: assar@sics.se
To: krb5-bugs@mit.edu
Cc: hartmans@mit.edu
>Number: 936
>Category: krb5-libs
>Synopsis: krb5_c_decrypt does not understand similarity between des keys
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Mar 26 01:09:00 EST 2001
>Last-Modified:
>Originator: Assar Westerlund
>Organization:
heimdal hackers
>Release: krb5-1.2.2
>Environment:
any
>Description:
krb5_c_decrypt (and thus lots of other stuff), does not understand
that you can use a DES key to decrypt any des-encrypted data
independent of the checksum applied. This causes lots of stuff to
fail, even when there's a perfectly fine key.
>How-To-Repeat:
>Fix:
--- decrypt.c~ Wed Feb 28 23:07:29 2001
+++ decrypt.c Sun Mar 4 08:44:55 2001
@@ -37,6 +37,7 @@
krb5_data *output;
{
int i;
+ const struct krb5_keytypes *enctype;
for (i=0; i<krb5_enctypes_length; i++) {
if (krb5_enctypes_list[i].etype == key->enctype)
@@ -46,11 +47,26 @@
if (i == krb5_enctypes_length)
return(KRB5_BAD_ENCTYPE);
- if ((input->enctype != ENCTYPE_UNKNOWN) &&
- (krb5_enctypes_list[i].etype != input->enctype))
+ enctype = &krb5_enctypes_list[i];
+
+ if (input->enctype != ENCTYPE_UNKNOWN) {
+ int j;
+
+ for (j=0; j<krb5_enctypes_length; j++) {
+ if (krb5_enctypes_list[j].etype == input->enctype)
+ break;
+ }
+
+ if (j == krb5_enctypes_length)
return(KRB5_BAD_ENCTYPE);
- return((*(krb5_enctypes_list[i].decrypt))
- (krb5_enctypes_list[i].enc, krb5_enctypes_list[i].hash,
+ if (enctype->enc != krb5_enctypes_list[j].enc)
+ return(KRB5_BAD_ENCTYPE);
+
+ enctype = &krb5_enctypes_list[j];
+ }
+
+ return((*(enctype->decrypt))
+ (enctype->enc, enctype->hash,
key, usage, ivec, &input->ciphertext, output));
}
>Audit-Trail:
>Unformatted:
