From 899f4db2c2fce4d7246d6149961dfb5071efcb05 Mon Sep 17 00:00:00 2001 From: Arvid Requate Date: Mon, 7 Jul 2014 17:39:51 +0200 Subject: [PATCH] s4-backupkey: Ensure RSA modulus is 2048 bits RSA_generate_key_ex doesn't always generate a modulus of requested bit length. Tests with Windows 7 clients showed that they decline x509 certificates (MS-BKRP 2.2.1) in cases where the modulus length is smaller than the specified 2048 bits. For the user this resulted in DPAPI failing to retrieve stored credentials after the user password has been changed at least two times. On the server side log.samba showed that the client also called the as yet unlimplemented ServerWrap sub- protocol function BACKUPKEY_BACKUP_KEY_GUID after it had called the ClientWarp function BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID. After enabling DPAPI auditing on the Windows Clients the Event Viewer showed Event-ID 4692 failing with a FailureReason value of 0x7a in these cases. Signed-off-by: Arvid Requate Reviewed-by: Andrew Bartlett Reviewed-by: Garming Sam BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980 (cherry picked from commit 9b2ff26c893e5748d12d7a37a93eef7b1f4b1a1b) --- source4/rpc_server/backupkey/dcesrv_backupkey.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index 9020da75cda..7daa500ce5a 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -759,6 +759,7 @@ static WERROR create_heimdal_rsa_key(TALLOC_CTX *ctx, hx509_context *hctx, uint8_t *p0, *p; size_t len; int bits = 2048; + int RSA_returned_bits; *_rsa = NULL; @@ -776,11 +777,15 @@ static WERROR create_heimdal_rsa_key(TALLOC_CTX *ctx, hx509_context *hctx, return WERR_INTERNAL_ERROR; } - ret = RSA_generate_key_ex(rsa, bits, pub_expo, NULL); - if(ret != 1) { - RSA_free(rsa); - BN_free(pub_expo); - return WERR_INTERNAL_ERROR; + while (RSA_returned_bits != bits) { + ret = RSA_generate_key_ex(rsa, bits, pub_expo, NULL); + if(ret != 1) { + RSA_free(rsa); + BN_free(pub_expo); + return WERR_INTERNAL_ERROR; + } + RSA_returned_bits = BN_num_bits(rsa->n); + DEBUG(6, ("RSA_generate_key_ex returned %d Bits\n", RSA_returned_bits)); } BN_free(pub_expo); -- 2.11.4.GIT