|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: ATTENTION CGD(4) USERS - blowfish change committed
From: Daniel Carosone (dan
geek.com.au)
Date: Thu Mar 18 2004 - 04:44:17 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Mar 18, 2004 at 10:54:08AM +1100, Daniel Carosone wrote:
> A flag day is still required for the blowfish issue. These changes
> will be committed today, around 8 hours from now, and a followup
> message sent when its done.
This change has been committed.
> This issue ONLY affects cgd users with the blowfish cipher. These
> users will need to take special steps before next updating their
> kernels. See below for further details.
--
Dan.
> BLOWFISH CIPHER USERS ONLY:
>
> I believe this affects a very small number of users other than myself;
> indeed since several previous alert mails in an attempt to find them,
> only 2 such users have come forward. They have both agreed the
> requirement for backwards compatibility does not warrant the effort
> nor the mess in the code. This code does exist, if it should later
> prove to be needed, but will not be in the tree.
>
> Further, by the nature of the issue, I have strong reasons to believe
> that, even if they missed these mails, there would be few other users
> of blowfish who update their systems with any regularity; any such
> users would have tripped over the problem in the same way I did when
> it was first found over a year ago.
>
> The fix is a kernel change, but the problem can be (was) exposed by
> userland changes in the cgdconfig binary, compiler, libraries, etc.
>
> The problem stems from two issues with the underlying blowfish
> encryption routines used by cgd:
> - they take key length arguments counted in bytes, rather than bits
> like all the opther ciphers.
> - they silently truncate any keys longer than an internal limit,
> rather than returning an error (which would have exposed the
> previous discrepancy immediately).
>
> As a result, the kernel reads too much data as the key from cgdconfig,
> and then truncates most of it. This can easily be demonstrated/tested.
> Currently, Blowfish users will find that if they mis-enter the cgd
> passphrase on the first attempt, when validation fails and cgdconfig
> prompts for the passphrase again, the cgd will not correctly configure
> even when given a correct passphrase.
>
> Blowfish users will need to dump their cgd's prior to installing a
> kernel with the change, reboot into single user with a new kernel,
> recreate the cgd and restore their filesystems. Once they have done
> so, they will not be able to use the cgd with an old kernel, and will
> not be able to use an old cgd image with a new kernel.
>
> The current rev of src/sys/dev/cgd.c is 1.14; it will be 1.15 after
> the change is committed.
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
iD8DBQFAWX2BEAVxvV4N66cRAhPOAJwPLQWHCPDg+0gf9+j0l9239OVyKQCgtm5h
655fynig7weP4eMHm/XkT+c=
=J4JW
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]