[1667] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: additional bugs for Beta 7

daemon@ATHENA.MIT.EDU (Marc Horowitz)
Thu Aug 29 15:29:47 1996

To: Sam Hartman <hartmans@MIT.EDU>
Cc: "Barry Jaspan" <bjaspan@MIT.EDU>, krbcore@MIT.EDU
In-Reply-To: Your message of "12 Aug 1996 12:04:11 EDT."
             <tslbuggpp1g.fsf@tertius.mit.edu> 
Date: Thu, 29 Aug 1996 15:29:36 EDT
From: Marc Horowitz <marc@MIT.EDU>

In message <tslbuggpp1g.fsf@tertius.mit.edu>, Sam Hartman <hartmans@MIT.EDU> writes:

>>     Barry> I think that code is a botch by design and should be fixed;
>>     Barry> otherwise, we'll have the same problem when we introduce
>>     Barry> new 3DES enctypes with a different checksum scheme.  I
>>     Barry> talked to Ted about this a while ago, and I think I put
>>     Barry> some notes on it in my kdb.tex documentation (which maybe I
>>     Barry> never mvoed into the krbdev locker...)
>> 
>> 	I've been lax on reading your docs; I'll try to catch up on
>> reading fairly soon.  I certainly agree with you that this code is
>> broken is broken by design, but think patching it for Beta7 well
>> enough to work with the single-DES datatypes is reasonable.  Marc had
>> some good ideas for how to deal with this long term; I'll try to dig
>> them up, although I suspect they were mostly fleshed out in a
>> discussion I had with him in his car.

Here's my idea.

The Kerberos protocol used to have the notion of key types and
encryption types as distinct entities.  Now, there are just encryption
types, which is a good thing, but some of these etypes happen to have
the same underlying cryptosystem.  The routines which deal with this
stuff know which etypes happen to use the same cryptosystem, and this
causes really ugly, hard-to-maintain code in places.

A simple solution is to have the etype array have an element which
identifies, for internal uses, the cryptosystem.  Then, instead of
code like

	if ((etype == ENCTYPE_DES_CBC_CRC) ||
	    (etype == ENCTYPE_DES_CBC_MD5) ||
	    (etype == ENCTYPE_DES_CBC_RAW))
		etype = ENCTYPE_DES_CBC_CRC;
	if ((etype == ENCTYPE_DES3_CBC_SHA) ||
	    (etype == ENCTYPE_DES_CBC_RAW))
		etype = ENCTYPE_DES3_SHA;
	....

we could instead just say

	if (eblock1->cstype == eblock2->cstype)

and when new etypes were added, the right thing would happen
everywhere.

		Marc
home help back first fref pref prev next nref lref last post