Skip to content

Commit

Permalink
Fix verification of RODC-issued PAC KDC signature
Browse files Browse the repository at this point in the history 
Per [MS-PAC] 2.8, PAC_SIGNATURE_DATA may contain an RODCIdentifier
following the checksum.  In k5_pac_verify_kdc_checksum(), do not
assume that the checksum spans the remainder of the buffer; instead,
look up the checksum length by its type.

[ghudson@mit.edu: edited commit message and comment; reordered code
for clarity]

ticket: 9031 (new)
  • Loading branch information
@iboukris @greghudson
iboukris authored and greghudson committed Sep 25, 2021
1 parent 036ce5e commit b5efddd
Showing 1 changed file with 11 additions and 2 deletions.
13 changes: 11 additions & 2 deletions src/lib/krb5/krb/pac.c
View file
Expand Up @@ -596,6 +596,7 @@ k5_pac_verify_kdc_checksum(krb5_context context,
krb5_checksum checksum;
krb5_boolean valid;
krb5_octet *p;
size_t cksumlen;

ret = k5_pac_locate_buffer(context, pac, KRB5_PAC_PRIVSVR_CHECKSUM,
&privsvr_checksum);
Expand All @@ -615,11 +616,19 @@ k5_pac_verify_kdc_checksum(krb5_context context,

p = (krb5_octet *)privsvr_checksum.data;
checksum.checksum_type = load_32_le(p);
checksum.length = privsvr_checksum.length - PAC_SIGNATURE_DATA_LENGTH;
checksum.contents = p + PAC_SIGNATURE_DATA_LENGTH;
if (!krb5_c_is_keyed_cksum(checksum.checksum_type))
return KRB5KRB_AP_ERR_INAPP_CKSUM;

/* There may be an RODCIdentifier trailer (see [MS-PAC] 2.8), so look up
* the length of the checksum by its type. */
ret = krb5_c_checksum_length(context, checksum.checksum_type, &cksumlen);
if (ret)
return ret;
if (cksumlen > privsvr_checksum.length - PAC_SIGNATURE_DATA_LENGTH)
return KRB5_BAD_MSIZE;
checksum.length = cksumlen;
checksum.contents = p + PAC_SIGNATURE_DATA_LENGTH;

server_checksum.data += PAC_SIGNATURE_DATA_LENGTH;
server_checksum.length -= PAC_SIGNATURE_DATA_LENGTH;

Expand Down

0 comments on commit b5efddd

Please sign in to comment.