netbsd-bugs: kern/25609: /crypto/des/des badly broken

Subject: kern/25609: /crypto/des/des badly broken
To: None <gnats-bugs@gnats.netbsd.org>
From: None <vax@carolina.rr.com>
List: netbsd-bugs
Date: 05/17/2004 06:57:53
>Number:         25609
>Category:       kern
>Synopsis:       DES's des_set_key sets up bogus key schedule
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon May 17 10:59:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     VaX#n8
>Release:        NetBSD 1.6.2
>Organization:
School of Heart-Knox
	
>Environment:
	
	
>Description:
	
The key schedule had a field, weak_key, added to it.
The des_set_key_unchecked routine has not been changed to account for it.

I found this because TCFS wouldn't work properly when compiled into the
kernel.  This was a real brain-bender!

>How-To-Repeat:

This code proves it in userland (compile with -I/sys):

#include <stdio.h>
#include <stdlib.h>
#include <err.h>
#include <strings.h>
#include <sys/malloc.h>
#include <crypto/des/des.h>

int main() {
	des_key_schedule ks;
	int i, j;
	const char *kptr = calloc(1, sizeof(des_cblock));
    unsigned char *p;


	des_set_key_unchecked ((des_cblock *)kptr, ks);

for (j = 0; j<(sizeof(des_key_schedule)/sizeof(struct des_ks_struct)); j++) {
	for (i = 0; i < sizeof(des_cblock); i++) printf("%02x", ks[j].ks.cblock[i]);
	printf(", ");
    p = (char *) &ks[j].weak_key;
	for (i = 0; i < sizeof(int); i++) printf("%02x", p[i]);
	printf("\n");
}

	printf("\n");
	bzero(ks, sizeof(des_key_schedule));

	des_set_key_unchecked ((des_cblock *)kptr, ks);

for (j = 0; j<(sizeof(des_key_schedule)/sizeof(struct des_ks_struct)); j++) {
	for (i = 0; i < sizeof(des_cblock); i++) printf("%02x", ks[j].ks.cblock[i]);
	printf(", ");
    p = (char *) &ks[j].weak_key;
	for (i = 0; i < sizeof(int); i++) printf("%02x", p[i]);
	printf("\n");
}

    exit(0);
}

Sample output:

0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 1f000000 /* uninitialized garbage! */
1f000000ecb8bfbf, 00720548
7c85040870aa0408, 07090000
000000002e850408, 58aa0408
40a90408ecb8bfbf, 1f000000
1f000000ecb8bfbf, 98b8bfbf

0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000
0000000000000000, 00000000

>Fix:
	
TBD.
>Release-Note:
>Audit-Trail:
>Unformatted: