RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4757, "The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows", December 2006

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2067
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Michiko Short
Date Reported: 2010-03-05
Rejected by: Sean Turner
Date Rejected: 2011-06-28

Section 7.3 says:

// Encrypt the data (if encrypting)

                   if (encrypt)
                           RC4(Kcrypt, data);

                   // Save first 8 octets of HMAC Sgn_Cksum

                   Sgn_Cksum = HMAC(Ksign, Sgn_Cksum);
                   memcpy(Token.SGN_CKSUM, Sgn_Cksum, 8);

It should say:

// Encrypt the data (if encrypting)

                   if (encrypt)
                           RC4(Kcrypt, data);

                    // Sum the padding buffer
 
                   Sgn_Cksum += MD5(padding);

                   // Encrypt the padding (if encrypting)

                   if (padding)
                           RC4(Kcrypt, padding);

                  // Save first 8 octets of HMAC Sgn_Cksum

                   Sgn_Cksum = HMAC(Ksign, Sgn_Cksum);
                   memcpy(Token.SGN_CKSUM, Sgn_Cksum, 8);

Notes:

WRAP missing padding
--VERIFIER NOTES--
Turns out padding is already included in data, so Errata 1674, which I just approved, covers this. I verified this with Magnus Nystrom.

Report New Errata