----- Original Message ----- > Currently, SPICE tickets sent to the server are encrypted using a 1024 bit > public RSA key provided by the server. This key type/size is unfortunately > set in stone in the SPICE protocol as part of the SpiceLinkReply message, > and the key is sent by the server early in the link process (before the > server and the client agree on a SpiceLinkAuthMechanism). > > This can be an issue if the server can't create a 1024 bit RSA key (for > example, if it was disabled because it's deemed not secure enough by the > server administrator). This happens for example in fips mode > ( http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf ) > > Luckily, the server gets the client caps before sending it this RSA key, > and it sends its caps in message containing this RSA key. By advertising a > new capability on the client and the server, it's thus possible to indicate > that other ways of encrypting the SPICE ticket are supported by both client > and server, and use that when available. When the capability is present, an > additional 'ticket_encryption' field is added to the SpiceLinkReply > structure to indicate that the SPICE ticket is not encrypted using > the legacy RSA 1024 bit key. > > As the situation described above would happen in hardened setups, I've > added support for an unencrypted SPICE ticket which is only used for TLS > channels. For non-TLS channels, the old method is still used in order to > not send the ticket in plain text on unencrypted connections. > > This commit is a first step towards that. It sends an additional field as > part of SpiceLinkReply. The size of the SpiceLinkReply message is sent to > the client, and the client accesses the caps by using the caps_offset > field, so we can safely send this additional field to older clients as they > will not look at it. > --- > server/reds.c | 1 + > spice-common | 2 +- > 2 files changed, 2 insertions(+), 1 deletion(-) > > diff --git a/server/reds.c b/server/reds.c > index f45092b..fbeb1a5 100644 > --- a/server/reds.c > +++ b/server/reds.c > @@ -1404,6 +1404,7 @@ static int reds_send_link_ack(RedLinkInfo *link) > ack.num_channel_caps = channel_caps->num_caps; > header.size += (ack.num_common_caps + ack.num_channel_caps) * > sizeof(uint32_t); > ack.caps_offset = sizeof(SpiceLinkReply); > + ack.ticket_encryption = SPICE_TICKET_ENCRYPTION_RSA; Since there is a header.size, this shouldn't break older clients, ack. > if (!reds_generate_ticket_pubkey(link, &ack)) > goto end; > > diff --git a/spice-common b/spice-common > index 57ce430..a26bc7b 160000 > --- a/spice-common > +++ b/spice-common > @@ -1 +1 @@ > -Subproject commit 57ce430ccd66bd1ca2447c14503234cfb88e2365 > +Subproject commit a26bc7befc3d4f15f4bd8ea05f01e63ee0308350 > -- > 1.8.5.3 > > _______________________________________________ > Spice-devel mailing list > Spice-devel@xxxxxxxxxxxxxxxxxxxxx > http://lists.freedesktop.org/mailman/listinfo/spice-devel > _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel