[krbdev.mit.edu #5425] nonce needs to be random
Ezra Peisach via RT
rt-comment at krbdev.mit.edu
Thu Feb 1 11:48:34 EST 2007
Be careful... I have another issue on record in the database - the nonce
is required to be an unsigned int 32 on the wire...
We are currently encoding this as an integer on the wire...
We need to make sure to know what would happen if an old client and new server
are talking - or a new client/old server wrt to encoding.
To make matters worse - I know that Heimdal is also using an integer. Their
integer handling code is not as generous as ours... If we send an unsigned integer
with the high bit set - then ASN.1 needs I believe 5 bytes for an unsigned integer
and four for a signed... The Heimdal code will reject the encoding.
One solution - which I believe Heimdal uses is that the nonces are randomly
chosen and the high bit masked off... Not an ideal solution...
So - yes the change is needed - but we need to be careful on how it is done...
Ezra
More information about the krb5-bugs
mailing list