Skip Menu |
 

Download (untitled) / with headers
text/plain 4.9KiB
From fcusack@ratbert.iconnet.net Wed Nov 25 15:56:03 1998
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id PAA01439 for <bugs@RT-11.MIT.EDU>; Wed, 25 Nov 1998 15:56:02 -0500
Received: from ratbert.iconnet.net by MIT.EDU with SMTP
id AA12192; Wed, 25 Nov 98 15:55:45 EST
Received: (from fcusack@localhost)
by ratbert.iconnet.net (8.9.1/8.9.1) id PAA09774;
Wed, 25 Nov 1998 15:56:34 -0500 (EST)
Message-Id: <199811252056.PAA09774@ratbert.iconnet.net>
Date: Wed, 25 Nov 1998 15:56:34 -0500 (EST)
From: fcusack@iconnet.net
Reply-To: fcusack@iconnet.net
To: krb5-bugs@MIT.EDU
Cc: fcusack@iconnet.net
Subject: checksum vulnerability in SAM preauth
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 664
>Category: krb5-kdc
>Synopsis: checksum vulnerability in SAM preauth
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Nov 25 15:57:01 EST 1998
>Last-Modified:
>Originator: Frank Cusack
>Organization:
Icon CMT Corp.
Show quoted text
>Release: krb5-current-19981119
>Environment:
N/A
System: SunOS ratbert 5.6 Generic_105181-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4

Show quoted text
>Description:
a) sam-checksums are probably going away, and just the
krb-error checksum field will be used. (?)
b) checksum should not be calculated when the range of
the sad is small.
c) the checksum code didn't work under the new crypo API
anyway.

I just ifdef'd it out.
Show quoted text
>How-To-Repeat:
>Fix:
Index: kdc/preauth/pa_sam_cryptocard.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/kdc/preauth/pa_sam_cryptocard.c,v
retrieving revision 1.3
diff -u -r1.3 pa_sam_cryptocard.c
--- pa_sam_cryptocard.c 1998/11/25 06:13:10 1.3
+++ pa_sam_cryptocard.c 1998/11/25 20:50:59
@@ -301,7 +301,8 @@
sc.sam_pk_for_sad.length = 0;
sc.sam_nonce = 0;

- /* Generate checksum */
+#if 0
+ /* We don't calculate a checksum since it could be used to crack the SAD */
sc.sam_cksum.length = krb5_checksum_size(context, CKSUMTYPE_RSA_MD5_DES);
if ((sc.sam_cksum.contents = malloc(sc.sam_cksum.length)) == NULL) {
retval = ENOMEM;
@@ -316,6 +317,7 @@
&sc.sam_cksum)) {
goto cleanup;
}
+#endif /* 0 */

if (retval = encode_krb5_sam_challenge(&sc, &scratch))
goto cleanup;
Index: kdc/preauth/pa_sam_digi_path.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/kdc/preauth/pa_sam_digi_path.c,v
retrieving revision 1.3
diff -u -r1.3 pa_sam_digi_path.c
--- pa_sam_digi_path.c 1998/11/25 06:13:10 1.3
+++ pa_sam_digi_path.c 1998/11/25 20:50:59
@@ -205,7 +205,8 @@
sc.sam_pk_for_sad.length = 0;
sc.sam_nonce = 0;

- /* Generate checksum */
+#if 0
+ /* We don't calculate a checksum since it could be used to crack the SAD */
sc.sam_cksum.length = krb5_checksum_size(context, CKSUMTYPE_RSA_MD5_DES);
if ((sc.sam_cksum.contents = malloc(sc.sam_cksum.length)) == NULL) {
retval = ENOMEM;
@@ -220,6 +221,7 @@
&sc.sam_cksum)) {
goto cleanup;
}
+#endif /* 0 */

if (retval = encode_krb5_sam_challenge(&sc, &scratch))
goto cleanup;
Index: kdc/preauth/pa_sam_grail.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/kdc/preauth/pa_sam_grail.c,v
retrieving revision 1.1
diff -u -r1.1 pa_sam_grail.c
--- pa_sam_grail.c 1998/11/25 04:06:18 1.1
+++ pa_sam_grail.c 1998/11/25 20:50:59
@@ -105,7 +105,8 @@
sc.sam_pk_for_sad.length = 0;
sc.sam_nonce = 0;

- /* Generate checksum */
+#if 0
+ /* We don't calculate a checksum since it could be used to crack the SAD */
sc.sam_cksum.length = krb5_checksum_size(context, CKSUMTYPE_RSA_MD5_DES);
if ((sc.sam_cksum.contents = malloc(sc.sam_cksum.length)) == NULL) {
retval = ENOMEM;
@@ -120,6 +121,7 @@
&sc.sam_cksum)) {
goto cleanup;
}
+#endif /* 0 */

if (retval = encode_krb5_sam_challenge(&sc, &scratch))
goto cleanup;
Index: kdc/preauth/pa_sam_securid.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/kdc/preauth/pa_sam_securid.c,v
retrieving revision 1.2
diff -u -r1.2 pa_sam_securid.c
--- pa_sam_securid.c 1998/11/25 18:34:20 1.2
+++ pa_sam_securid.c 1998/11/25 20:51:00
@@ -201,7 +201,8 @@
sc.sam_pk_for_sad.length = 0;
sc.sam_nonce = 0;

- /* Generate checksum */
+#if 0
+ /* We don't calculate a checksum since it could be used to crack the SAD */
sc.sam_cksum.length = krb5_checksum_size(context, CKSUMTYPE_RSA_MD5_DES);
if ((sc.sam_cksum.contents = malloc(sc.sam_cksum.length)) == NULL) {
return ENOMEM;
@@ -215,6 +216,7 @@
&sc.sam_cksum)) {
goto cleanup;
}
+#endif /* 0 */

if (retval = encode_krb5_sam_challenge(&sc, &scratch))
goto cleanup;
Show quoted text
>Audit-Trail:
>Unformatted: