From: "Kenneth R. Robinette" <[EMAIL PROTECTED]> Organization: InterSoft International, Inc. To: [EMAIL PROTECTED] Date sent: Mon, 25 Mar 2002 14:32:17 -0600 Subject: OpenSSL 0.9.7 SNAP Send reply to: [EMAIL PROTECTED]
In a followup to my posting yesterday, I have tested the following code to replace lines 2050-2079 within kssl.c This was tested with a Redhat 6.0 system, using SRP-1.7.5 and a Windows based SSL client. if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0)) { kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "EVP_DecryptInit_ex error decrypting authenticator.\n"); krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto err; } outl = dec_authent->cipher->length; if (!EVP_Cipher(&ciph_ctx,unenc_authent,dec_authent->cipher- >data,outl)) { kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "EVP_Cipher error decrypting authenticator.\n"); krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto err; } Ken In the 0.9.7 SNAPS, kssl.c, located in the ssl directory has a problem on the EVP_DecryptFinal_ex fuction. The kerberos ticket that is being decryped in lines 2050-2078 was encrypted by Kerberos itself, not by OpenSSL. It would appear that the Kerberos padding logic is NOT the same as the current OpenSSL EVP padding logic. In my test case, the kerberos ticket to be decrypted has a length of 112 bytes, which is a multiple of the DES blocksize. There is no padding on the encrypted data. OpenSSL expects padding, in this case 8 bytes, which of course is not present. The call to EVP_DecryptUpdate returns an outl value of 104, then the call to EVP_DecryptFinal_Ex fails because of the lack of padding. If you dump the contents of the buffer decrypted by the EVP_DecryptUpdate call, the data is correct. In fact you can comment out the EVP_DecryptFinal_ex call, adjust outl to 112 bytes, and everything else works as it should However commenting out the EVP_DecryptFinal_ex call will prevent the proper cleanup of the structures involved. Perhaps it would be better to use Kerbers 5 to decrypt the ticket, or lower level OpenSSL calls. I attempted to use the optional set padding call, but without success. Ken __________________________________________________ Support InterSoft International, Inc. Voice: 888-823-1541, International 281-398-7060 Fax: 888-823-1542, International 281-560-9170 [EMAIL PROTECTED] http://www.securenetterm.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl- [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] _ Support InterSoft International, Inc. Voice: 888-823-1541, International 281-398-7060 Fax: 888-823-1542, International 281-560-9170 [EMAIL PROTECTED] http://www.securenetterm.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]