[krbdev.mit.edu #3195] asn.1 encoding of kvno does not follow rfc4120
Ezra Peisach via RT
rt-comment at krbdev.mit.edu
Wed Sep 28 11:00:24 EDT 2005
rfc4120 requires that kvno be an unsigned integer... We are encoding
as a signed int.
EncryptedData ::= SEQUENCE {
etype [0] Int32 -- EncryptionType --,
kvno [1] UInt32 OPTIONAL,
cipher [2] OCTET STRING -- ciphertext
}
Heimdal in 0.7.1 is encoded as a signed integer as well.
A simple fix for this would be the following to lib/krb5/asn1
Index: asn1_k_decode.c
===================================================================
--- asn1_k_decode.c (revision 17399)
+++ asn1_k_decode.c (working copy)
@@ -311,7 +311,7 @@
}
integer_convert(asn1_decode_int,int)
integer_convert(asn1_decode_int32,krb5_int32)
-integer_convert(asn1_decode_kvno,krb5_kvno)
+unsigned_integer_convert(asn1_decode_kvno,krb5_kvno)
integer_convert(asn1_decode_enctype,krb5_enctype)
integer_convert(asn1_decode_cksumtype,krb5_cksumtype)
integer_convert(asn1_decode_octet,krb5_octet)
Index: asn1_k_encode.c
===================================================================
--- asn1_k_encode.c (revision 17399)
+++ asn1_k_encode.c (working copy)
@@ -214,9 +214,8 @@
return ASN1_MISSING_FIELD;
asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
- /* krb5_kvno should be int */
if(val->kvno)
- asn1_addfield((int) val->kvno,1,asn1_encode_integer);
+ asn1_addfield(val->kvno,1,asn1_encode_unsigned_integer);
asn1_addfield(val->enctype,0,asn1_encode_integer);
asn1_makeseq();
-------------------------
More information about the krb5-bugs
mailing list