From: "Kenneth R. Robinette" <[EMAIL PROTECTED]>
Organization: InterSoft International, Inc.
To: [EMAIL PROTECTED]
Date sent: Mon, 25 Mar 2002 14:32:17 -0600
Subject: OpenSSL 0.9.7 SNAP
Send reply to: [EMAIL PROTECTED]
In a followup to my posting yesterday, I have tested the following
code to replace lines 2050-2079 within kssl.c
This was tested with a Redhat 6.0 system, using SRP-1.7.5 and a
Windows based SSL client.
if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0))
{
kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
"EVP_DecryptInit_ex error decrypting
authenticator.\n");
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err;
}
outl = dec_authent->cipher->length;
if (!EVP_Cipher(&ciph_ctx,unenc_authent,dec_authent->cipher-
>data,outl))
{
kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
"EVP_Cipher error decrypting
authenticator.\n");
krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
goto err;
}
Ken
In the 0.9.7 SNAPS, kssl.c, located in the ssl directory has a
problem on the EVP_DecryptFinal_ex fuction.
The kerberos ticket that is being decryped in lines 2050-2078 was
encrypted by Kerberos itself, not by OpenSSL. It would appear that
the Kerberos padding logic is NOT the same as the current OpenSSL EVP
padding logic.
In my test case, the kerberos ticket to be decrypted has a length of
112 bytes, which is a multiple of the DES blocksize. There is no
padding on the encrypted data. OpenSSL expects padding, in this case
8 bytes, which of course is not present. The call to
EVP_DecryptUpdate returns an outl value of 104, then the call to
EVP_DecryptFinal_Ex fails because of the lack of padding. If you
dump the contents of the buffer decrypted by the EVP_DecryptUpdate
call, the data is correct. In fact you can comment out the
EVP_DecryptFinal_ex call, adjust outl to 112 bytes, and everything
else works as it should However commenting out the
EVP_DecryptFinal_ex call will prevent the proper cleanup of the
structures involved.
Perhaps it would be better to use Kerbers 5 to decrypt the ticket, or
lower level OpenSSL calls.
I attempted to use the optional set padding call, but without
success.
Ken
__________________________________________________
Support
InterSoft International, Inc.
Voice: 888-823-1541, International 281-398-7060
Fax: 888-823-1542, International 281-560-9170
[EMAIL PROTECTED]
http://www.securenetterm.com
______________________________________________________________________
OpenSSL Project
http://www.openssl.org
Development Mailing List openssl-
[EMAIL PROTECTED]
Automated List Manager
[EMAIL PROTECTED]
_
Support
InterSoft International, Inc.
Voice: 888-823-1541, International 281-398-7060
Fax: 888-823-1542, International 281-560-9170
[EMAIL PROTECTED]
http://www.securenetterm.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
