| Subject: | Proposed implementation of krb5_server_decrypt_ticket_keyblock and krb5_server_decrypt_ticket_keytab |
Over the last few years there have been several higher level security
protocols (TLS KRB5 and RX KRB5) which have required the ability to
perform a ticket decryption outside of the AP_REQ/AP_REP exchange.
In addition, in recent days it has become clear that there is a need for
some mechanism for tools such as kvno and asetkey to be able to validate
whether or not a given keytab in fact contains a entry that can be used
to decrypt the service ticket issued by the KDC. This has become an
issue because of Microsoft's failure to maintain consistent behavior
related to salts and the various versions of their ktpass tool when
generating keytab entries for single DES enctypes.
Attached to this ticket is a proposed src/lib/krb5/krb/srv_dec_tkt.c
file. It contains both keytab and keyblock versions of a
krb5_server_decrypt_ticket function. The keytab version is appropriate
for use with tools such as kvno and asetkey. The keyblock version is
more appropriate for use with higher level security protocols.
This contribution is a minor re-working of work originally performed by
Marcus Watts.
protocols (TLS KRB5 and RX KRB5) which have required the ability to
perform a ticket decryption outside of the AP_REQ/AP_REP exchange.
In addition, in recent days it has become clear that there is a need for
some mechanism for tools such as kvno and asetkey to be able to validate
whether or not a given keytab in fact contains a entry that can be used
to decrypt the service ticket issued by the KDC. This has become an
issue because of Microsoft's failure to maintain consistent behavior
related to salts and the various versions of their ktpass tool when
generating keytab entries for single DES enctypes.
Attached to this ticket is a proposed src/lib/krb5/krb/srv_dec_tkt.c
file. It contains both keytab and keyblock versions of a
krb5_server_decrypt_ticket function. The keytab version is appropriate
for use with tools such as kvno and asetkey. The keyblock version is
more appropriate for use with higher level security protocols.
This contribution is a minor re-working of work originally performed by
Marcus Watts.
/*
* lib/krb5/krb/srv_dec_tkt.c
*
* Copyright 2006 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* Server decrypt ticket via keytab or keyblock.
*
* Different from krb5_rd_req_decoded. (krb5/src/lib/krb5/krb/rd_req_dec.c)
* - No krb5_principal_compare or KRB5KRB_AP_ERR_BADMATCH error.
* - No replay cache processing.
* - No skew checking or KRB5KRB_AP_ERR_SKEW error.
* - No address checking or KRB5KRB_AP_ERR_BADADDR error.
* - No time validation.
* - No permitted enctype validation or KRB5_NOPERM_ETYPE error.
* - Does not free ticket->enc_part2 on error.
*/
#include <k5-int.h>
krb5_error_code KRB5_CALLCONV
krb5_server_decrypt_ticket_keyblock(krb5_context context,
krb5_keyblock *key,
krb5_ticket *ticket)
{
krb5_error_code retval;
krb5_data *realm;
krb5_transited *trans;
retval = krb5_decrypt_tkt_part(context, key, ticket);
if (retval)
goto done;
trans = &ticket->enc_part2->transited;
realm = &ticket->enc_part2->client->realm;
if (trans->tr_contents.data && *trans->tr_contents.data) {
retval = krb5_check_transited_list(context, &trans->tr_contents,
realm, &ticket->server->realm);
goto done;
}
if (ticket->enc_part2->flags & TKT_FLG_INVALID) { /* ie, KDC_OPT_POSTDATED */
retval = KRB5KRB_AP_ERR_TKT_INVALID;
goto done;
}
done:
return retval;
}
krb5_error_code KRB5_CALLCONV
krb5_server_decrypt_ticket_keytab(krb5_context context,
krb5_keytab kt,
krb5_ticket *ticket)
{
krb5_error_code retval;
krb5_enctype enctype;
krb5_keytab_entry ktent;
enctype = req->ticket->enc_part.enctype;
if ((retval = krb5_kt_get_entry(context, keytab, req->ticket->server,
req->ticket->enc_part.kvno,
enctype, &ktent)))
return retval;
retval = krb5_server_decrypt_ticket_keyblock(context, &ktent.key, req->ticket);
/* Upon error, Free keytab entry first, then return */
(void) krb5_kt_free_entry(context, &ktent);
return retval;
}
* lib/krb5/krb/srv_dec_tkt.c
*
* Copyright 2006 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* Server decrypt ticket via keytab or keyblock.
*
* Different from krb5_rd_req_decoded. (krb5/src/lib/krb5/krb/rd_req_dec.c)
* - No krb5_principal_compare or KRB5KRB_AP_ERR_BADMATCH error.
* - No replay cache processing.
* - No skew checking or KRB5KRB_AP_ERR_SKEW error.
* - No address checking or KRB5KRB_AP_ERR_BADADDR error.
* - No time validation.
* - No permitted enctype validation or KRB5_NOPERM_ETYPE error.
* - Does not free ticket->enc_part2 on error.
*/
#include <k5-int.h>
krb5_error_code KRB5_CALLCONV
krb5_server_decrypt_ticket_keyblock(krb5_context context,
krb5_keyblock *key,
krb5_ticket *ticket)
{
krb5_error_code retval;
krb5_data *realm;
krb5_transited *trans;
retval = krb5_decrypt_tkt_part(context, key, ticket);
if (retval)
goto done;
trans = &ticket->enc_part2->transited;
realm = &ticket->enc_part2->client->realm;
if (trans->tr_contents.data && *trans->tr_contents.data) {
retval = krb5_check_transited_list(context, &trans->tr_contents,
realm, &ticket->server->realm);
goto done;
}
if (ticket->enc_part2->flags & TKT_FLG_INVALID) { /* ie, KDC_OPT_POSTDATED */
retval = KRB5KRB_AP_ERR_TKT_INVALID;
goto done;
}
done:
return retval;
}
krb5_error_code KRB5_CALLCONV
krb5_server_decrypt_ticket_keytab(krb5_context context,
krb5_keytab kt,
krb5_ticket *ticket)
{
krb5_error_code retval;
krb5_enctype enctype;
krb5_keytab_entry ktent;
enctype = req->ticket->enc_part.enctype;
if ((retval = krb5_kt_get_entry(context, keytab, req->ticket->server,
req->ticket->enc_part.kvno,
enctype, &ktent)))
return retval;
retval = krb5_server_decrypt_ticket_keyblock(context, &ktent.key, req->ticket);
/* Upon error, Free keytab entry first, then return */
(void) krb5_kt_free_entry(context, &ktent);
return retval;
}