[PATCH 01/10] s4-backupkey: Ensure RSA modulus is 2048 bits

Arvid Requate requate at univention.de
Mon Jul 7 11:14:30 MDT 2014 

RSA_generate_key_ex doesn't always generate a modulus of requested
bit length. Tests with Windows 7 clients showed that they decline
x509 certificates (MS-BKRP 2.2.1) in cases where the modulus length
is smaller than the specified 2048 bits. For the user this resulted
in DPAPI failing to retrieve stored credentials after the user password
has been changed at least two times. On the server side log.samba showed
that the client also called the as yet unlimplemented ServerWrap sub-
protocol function BACKUPKEY_BACKUP_KEY_GUID after it had called the
ClientWarp function BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID. After
enabling DPAPI auditing on the Windows Clients the Event Viewer showed
Event-ID 4692 failing with a FailureReason value of 0x7a in these cases.
This patch fixed these issues.

Signed-off-by: Arvid Requate <requate at univention.de>
---
 source4/rpc_server/backupkey/dcesrv_backupkey.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c 
b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index 87799db..765caeb 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -759,6 +759,7 @@ static WERROR create_heimdal_rsa_key(TALLOC_CTX *ctx, 
hx509_context *hctx,
        uint8_t *p0, *p;
        size_t len;
        int bits = 2048;
+       int RSA_returned_bits;
 
        *_rsa = NULL;
 
@@ -776,11 +777,15 @@ static WERROR create_heimdal_rsa_key(TALLOC_CTX *ctx, 
hx509_context *hctx,
                return WERR_INTERNAL_ERROR;
        }
 
-       ret = RSA_generate_key_ex(rsa, bits, pub_expo, NULL);
-       if(ret != 1) {
-               RSA_free(rsa);
-               BN_free(pub_expo);
-               return WERR_INTERNAL_ERROR;
+       while (RSA_returned_bits != bits) {
+               ret = RSA_generate_key_ex(rsa, bits, pub_expo, NULL);
+               if(ret != 1) {
+                       RSA_free(rsa);
+                       BN_free(pub_expo);
+                       return WERR_INTERNAL_ERROR;
+               }
+               RSA_returned_bits = BN_num_bits(rsa->n);
+               DEBUG(6, ("RSA_generate_key_ex returned %d Bits\n", 
RSA_returned_bits));
        }
        BN_free(pub_expo);
 
-- 
2.0.0.rc2

More information about the samba-technical mailing list