#8 Investigate Sign and Seal issues.
Closed a year ago by simo. Opened 5 years ago by simo.

According to a report, sign/seal always fail when SPNEGO is negotiated.

Also when NTLM is negotiated we fore gss_wrap() to always seal, reggardless of the conf_req flag, this may be incorrect.


Tests with various combinations vs Windows server and returned errors
server_side_dump.txt

This is a very helpful comment from Rahul [via email]:

[...] we've came to know about a bug specific to using NTLM under SPNEGO regarding resetting the state of RC4 cipher and it is documented in MS-SPNG (https://msdn.microsoft.com/en-us/library/cc247021.aspx) section 3.3.5.1, as a deviation of the Microsoft implementation of SPNEGO from the specification:

3.3.5.1 NTLM RC4 Key State for MechListMIC and First Signed Message
When NTLM is negotiated, the SPNG client MUST set OriginalHandle to ClientHandle before generating the mechListMIC and then set ClientHandle to OriginalHandle after generating the mechListMIC. This results in the RC4 key state being the same for the mechListMIC and for the first message signed by the application.
Because the RC4 key state is the same for the mechListMIC and for the first message signed by the application, the SPNG server MUST set OriginalHandle to ServerHandle before validating the mechListMIC and then set ServerHandle to OriginalHandle after validating the mechListMIC.

Metadata Update from @simo:
- Issue assigned to simo

4 years ago

project migrated to github, please reopen there if still an issue

Metadata Update from @simo:
- Issue close_status updated to: None
- Issue priority set to: None (was: 3)
- Issue status updated to: Closed (was: Open)

a year ago

Login to comment on this ticket.

Metadata