[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RC4-HMAC code

To: Jeff Dunning <jsd@lanl.gov>
Subject: Re: RC4-HMAC code
From: Assar Westerlund <assar@sics.se>
Date: 08 May 2001 18:08:33 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: Jeff Dunning's message of "Mon, 07 May 2001 16:16:45 -0600"
References: <5.1.0.14.2.20010507160938.041ab430@cic-mail.lanl.gov>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.070098 (Pterodactyl Gnus v0.98) Emacs/20.6

Jeff Dunning <jsd@lanl.gov> writes:
> Can code in the Heimdal distribution be used to decode a pre authentication 
> using the RC4-HMAC encryption type used by Windows 2000?

Yes, that's what the KDC would do if it got pre-authenticated requests
with that encryption type.

> If so, can you give me a short road map to the code?

I think you want the part in kdc/kereros5.c:^as_rep that starts:

    if(req->padata){

    }

But basically the pre-authentication data is encoded in an
EncryptedData, so you need to unpack it from there, decrypt it (which
is what krb5_crypto_init - krb5_decrypt_EncryptedData does), then
unwrap it again, now as a PA-ENC-TS-ENC and then you have the
timestamp.

The crypto functions used there are generic, but the
lib/krb5/crypto.c:^ARCFOUR_subdecrypt function should be the one that
(eventually) gets called and does the real work.

I hope this is useful and what you were looking for.  Otherwise,
please reformulate your question. :-)

> I am thinking that the testrc4.c program can be modified for this
> purpose, but I wanted to ask before I go too far down this path.

What testrc4.c program?  Where did you find it?

/assar

References:
- RC4-HMAC code
  - From: Jeff Dunning <jsd@lanl.gov>

Prev by Date: RC4-HMAC code
Next by Date: kaserver build problems with 0.3e?
Prev by thread: RC4-HMAC code
Next by thread: kaserver build problems with 0.3e?
Index(es):
- Date
- Thread