[15961] in Kerberos_V5_Development
Re: krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used
daemon@ATHENA.MIT.EDU (Luke Howard)
Fri Jul 2 17:35:57 2010
Mime-Version: 1.0 (Apple Message framework v1078)
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <4C2DFB36.7080704@anl.gov>
Date: Fri, 2 Jul 2010 23:35:51 +0200
Message-Id: <8E8C66A7-1410-44CB-BF82-42BDFFAB3053@padl.com>
To: "Douglas E. Engert" <deengert@anl.gov>
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On 02/07/2010, at 4:44 PM, Douglas E. Engert wrote:
>
>
> On 7/1/2010 4:35 PM, Luke Howard wrote:
>>> With msDS-SupportedEncryptionTypes = 16 (AES256) The first verify fails
>>> as expected, and the keytab is searched, and each key is tried. But
>>> the RC4 key (23) gets a KRB5KRB_AP_ERR_BAD_INTEGRITY as the compare
>>> of the computed and supplied checksums don't match.
>>
>> Perhaps they're rc4-hmac with the AES key. (This really wouldn't surprise me. Ironically it might make the code path simpler.)
>>
>
> I was thinking along the same lines last night. I tried you second patch, and that did not work
> getting these messages:
> GSS-API error accepting context: Unspecified GSS failure. Minor code may provide more information
> GSS-API error accepting context: Key size is incompatible with encryption type
OK, so we need both patches?
> The CKSUMTYPE_MD5_HMAC_ARCFOUR = -137 may also be misnamed, and the
> same patch might be needed with it as well. I don't know where is is
> used, but since HMAC can use any key <= 64 bytes, it may not need the
> & krb5int_enc_arcfour.
That might be OK, it was just used for NetLogon, not by Kerberos.
-- Luke
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev