DH_compute_key might not include zero pre-filling, add it back. Reported by Tom Yu of MIT Kerberos
This commit is contained in:
Love Hornquist Astrand
16
kdc/pkinit.c
16
kdc/pkinit.c
@@ -227,10 +227,7 @@ generate_dh_keyblock(krb5_context context,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
dh_gen_keylen = DH_size(client_params->u.dh.key);
|
size = DH_size(client_params->u.dh.key);
|
||||||
size = BN_num_bytes(client_params->u.dh.key->p);
|
|
||||||
if (size < dh_gen_keylen)
|
|
||||||
size = dh_gen_keylen;
|
|
||||||
|
|
||||||
dh_gen_key = malloc(size);
|
dh_gen_key = malloc(size);
|
||||||
if (dh_gen_key == NULL) {
|
if (dh_gen_key == NULL) {
|
||||||
@@ -238,17 +235,20 @@ generate_dh_keyblock(krb5_context context,
|
|||||||
krb5_set_error_message(context, ret, "malloc: out of memory");
|
krb5_set_error_message(context, ret, "malloc: out of memory");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(dh_gen_key, 0, size - dh_gen_keylen);
|
|
||||||
|
|
||||||
dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen),
|
dh_gen_keylen = DH_compute_key(dh_gen_key,client_params->u.dh.public_key, client_params->u.dh.key);
|
||||||
client_params->u.dh.public_key,
|
|
||||||
client_params->u.dh.key);
|
|
||||||
if (dh_gen_keylen == -1) {
|
if (dh_gen_keylen == -1) {
|
||||||
ret = KRB5KRB_ERR_GENERIC;
|
ret = KRB5KRB_ERR_GENERIC;
|
||||||
krb5_set_error_message(context, ret,
|
krb5_set_error_message(context, ret,
|
||||||
"Can't compute Diffie-Hellman key");
|
"Can't compute Diffie-Hellman key");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
if (dh_gen_keylen < size) {
|
||||||
|
size -= dh_gen_keylen;
|
||||||
|
memmove(dh_gen_key + size, dh_gen_key, size);
|
||||||
|
memset(dh_gen_key, 0, size);
|
||||||
|
}
|
||||||
|
|
||||||
ret = 0;
|
ret = 0;
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
} else if (client_params->keyex == USE_ECDH) {
|
} else if (client_params->keyex == USE_ECDH) {
|
||||||
|
|||||||
@@ -1416,10 +1416,7 @@ pk_rd_pa_reply_dh(krb5_context context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
dh_gen_keylen = DH_size(ctx->u.dh);
|
size = DH_size(ctx->u.dh);
|
||||||
size = BN_num_bytes(ctx->u.dh->p);
|
|
||||||
if (size < dh_gen_keylen)
|
|
||||||
size = dh_gen_keylen;
|
|
||||||
|
|
||||||
dh_gen_key = malloc(size);
|
dh_gen_key = malloc(size);
|
||||||
if (dh_gen_key == NULL) {
|
if (dh_gen_key == NULL) {
|
||||||
@@ -1427,10 +1424,8 @@ pk_rd_pa_reply_dh(krb5_context context,
|
|||||||
krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
|
krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(dh_gen_key, 0, size - dh_gen_keylen);
|
|
||||||
|
|
||||||
dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen),
|
dh_gen_keylen = DH_compute_key(dh_gen_key, kdc_dh_pubkey, ctx->u.dh);
|
||||||
kdc_dh_pubkey, ctx->u.dh);
|
|
||||||
if (dh_gen_keylen == -1) {
|
if (dh_gen_keylen == -1) {
|
||||||
ret = KRB5KRB_ERR_GENERIC;
|
ret = KRB5KRB_ERR_GENERIC;
|
||||||
dh_gen_keylen = 0;
|
dh_gen_keylen = 0;
|
||||||
@@ -1438,6 +1433,12 @@ pk_rd_pa_reply_dh(krb5_context context,
|
|||||||
N_("PKINIT: Can't compute Diffie-Hellman key", ""));
|
N_("PKINIT: Can't compute Diffie-Hellman key", ""));
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
if (dh_gen_keylen < size) {
|
||||||
|
size -= dh_gen_keylen;
|
||||||
|
memmove(dh_gen_key + size, dh_gen_key, size);
|
||||||
|
memset(dh_gen_key, 0, size);
|
||||||
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
const EC_GROUP *group;
|
const EC_GROUP *group;
|
||||||
|
|||||||
Reference in New Issue
Block a user