[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RC4-HMAC code
Jeff Dunning <firstname.lastname@example.org> writes:
> Can code in the Heimdal distribution be used to decode a pre authentication
> using the RC4-HMAC encryption type used by Windows 2000?
Yes, that's what the KDC would do if it got pre-authenticated requests
with that encryption type.
> If so, can you give me a short road map to the code?
I think you want the part in kdc/kereros5.c:^as_rep that starts:
But basically the pre-authentication data is encoded in an
EncryptedData, so you need to unpack it from there, decrypt it (which
is what krb5_crypto_init - krb5_decrypt_EncryptedData does), then
unwrap it again, now as a PA-ENC-TS-ENC and then you have the
The crypto functions used there are generic, but the
lib/krb5/crypto.c:^ARCFOUR_subdecrypt function should be the one that
(eventually) gets called and does the real work.
I hope this is useful and what you were looking for. Otherwise,
please reformulate your question. :-)
> I am thinking that the testrc4.c program can be modified for this
> purpose, but I wanted to ask before I go too far down this path.
What testrc4.c program? Where did you find it?