4 * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
7 * For copying and distribution information, please see the file
11 #include "mit-copyright.h"
18 #ifdef KRB_CRYPT_DEBUG
22 static int dcmp_tkt_int PROTOTYPE((KTEXT tkt, unsigned char *flags,
23 char *pname, char *pinstance, char *prealm,
24 unsigned KRB4_32 *paddress, C_Block session,
25 int *life, unsigned KRB4_32 *time_sec,
26 char *sname, char *sinstance, C_Block key,
27 Key_schedule key_s, krb5_keyblock *k5key));
29 * This routine takes a ticket and pointers to the variables that
30 * should be filled in based on the information in the ticket. It
32 * decrypts the ticket using the given key, and
34 * fills in values for its arguments.
36 * Note: if the client realm field in the ticket is the null string,
37 * then the "prealm" variable is filled in with the local realm (as
38 * defined by KRB_REALM).
40 * If the ticket byte order is different than the host's byte order
41 * (as indicated by the byte order bit of the "flags" field), then
42 * the KDC timestamp "time_sec" is byte-swapped. The other fields
43 * potentially affected by byte order, "paddress" and "session" are
46 * The routine returns KFAILURE if any of the "pname", "pinstance",
47 * or "prealm" fields is too big, otherwise it returns KSUCCESS.
49 * The corresponding routine to generate tickets is create_ticket.
50 * When changes are made to this routine, the corresponding changes
51 * should also be made to that file.
53 * See create_ticket.c for the format of the ticket packet.
57 decomp_ticket(tkt, flags, pname, pinstance, prealm, paddress, session,
58 life, time_sec, sname, sinstance, key, key_s)
59 KTEXT tkt; /* The ticket to be decoded */
60 unsigned char *flags; /* Kerberos ticket flags */
61 char *pname; /* Authentication name */
62 char *pinstance; /* Principal's instance */
63 char *prealm; /* Principal's authentication domain */
64 unsigned KRB4_32 *paddress; /* Net address of entity
65 * requesting ticket */
66 C_Block session; /* Session key inserted in ticket */
67 int *life; /* Lifetime of the ticket */
68 unsigned KRB4_32 *time_sec; /* Issue time and date */
69 char *sname; /* Service name */
70 char *sinstance; /* Service instance */
71 C_Block key; /* Service's secret key
72 * (to decrypt the ticket) */
73 Key_schedule key_s; /* The precomputed key schedule */
76 dcmp_tkt_int(tkt, flags, pname, pinstance, prealm,
77 paddress, session, life, time_sec, sname, sinstance,
82 decomp_tkt_krb5(tkt, flags, pname, pinstance, prealm, paddress, session,
83 life, time_sec, sname, sinstance, k5key)
84 KTEXT tkt; /* The ticket to be decoded */
85 unsigned char *flags; /* Kerberos ticket flags */
86 char *pname; /* Authentication name */
87 char *pinstance; /* Principal's instance */
88 char *prealm; /* Principal's authentication domain */
89 unsigned KRB4_32 *paddress; /* Net address of entity
90 * requesting ticket */
91 C_Block session; /* Session key inserted in ticket */
92 int *life; /* Lifetime of the ticket */
93 unsigned KRB4_32 *time_sec; /* Issue time and date */
94 char *sname; /* Service name */
95 char *sinstance; /* Service instance */
96 krb5_keyblock *k5key; /* krb5 keyblock of service */
98 C_Block key; /* placeholder; doesn't get used */
99 Key_schedule key_s; /* placeholder; doesn't get used */
102 dcmp_tkt_int(tkt, flags, pname, pinstance, prealm, paddress, session,
103 life, time_sec, sname, sinstance, key, key_s, k5key);
107 dcmp_tkt_int(tkt, flags, pname, pinstance, prealm, paddress, session,
108 life, time_sec, sname, sinstance, key, key_s, k5key)
109 KTEXT tkt; /* The ticket to be decoded */
110 unsigned char *flags; /* Kerberos ticket flags */
111 char *pname; /* Authentication name */
112 char *pinstance; /* Principal's instance */
113 char *prealm; /* Principal's authentication domain */
114 unsigned KRB4_32 *paddress; /* Net address of entity
115 * requesting ticket */
116 C_Block session; /* Session key inserted in ticket */
117 int *life; /* Lifetime of the ticket */
118 unsigned KRB4_32 *time_sec; /* Issue time and date */
119 char *sname; /* Service name */
120 char *sinstance; /* Service instance */
121 C_Block key; /* Service's secret key
122 * (to decrypt the ticket) */
123 Key_schedule key_s; /* The precomputed key schedule */
124 krb5_keyblock *k5key; /* krb5 keyblock of service */
126 static int tkt_swap_bytes;
128 char *ptr = (char *)tkt->dat;
131 /* Do the decryption */
132 #ifdef KRB_CRYPT_DEBUG
135 char *keybuf[BUFSIZ]; /* Avoid secret stuff in stdio buffers */
137 fp = fopen("/kerberos/tkt.des", "wb");
139 fwrite(tkt->dat, 1, tkt->length, fp);
141 memset(keybuf, 0, sizeof(keybuf)); /* Clear the buffer */
150 in.enctype = k5key->enctype;
152 in.ciphertext.length = tkt->length;
153 in.ciphertext.data = tkt->dat;
154 out.length = tkt->length;
155 out.data = malloc(tkt->length);
156 if (out.data == NULL)
157 return KFAILURE; /* XXX maybe ENOMEM? */
159 /* XXX note the following assumes that context arg isn't used */
161 krb5_c_decrypt(NULL, k5key,
162 KRB5_KEYUSAGE_KDC_REP_TICKET, NULL, &in, &out);
167 memcpy(tkt->dat, out.data, out.length);
168 memset(out.data, 0, out.length);
172 pcbc_encrypt((C_Block *)tkt->dat,(C_Block *)tkt->dat,
173 (long) tkt->length,key_s,(C_Block *) key,0);
175 #endif /* ! NOENCRYPTION */
176 #ifdef KRB_CRYPT_DEBUG
179 char *keybuf[BUFSIZ]; /* Avoid secret stuff in stdio buffers */
181 fp = fopen("/kerberos/tkt.clear", "wb");
183 fwrite(tkt->dat, 1, tkt->length, fp);
185 memset(keybuf, 0, sizeof(keybuf)); /* Clear the buffer */
189 *flags = *ptr; /* get flags byte */
190 ptr += sizeof(*flags);
192 if (HOST_BYTE_ORDER != ((*flags >> K_FLAG_ORDER)& 1))
195 if (strlen(ptr) >= ANAME_SZ)
197 (void) strcpy(pname,ptr); /* pname */
198 ptr += strlen(pname) + 1;
200 if (strlen(ptr) >= INST_SZ)
202 (void) strcpy(pinstance,ptr); /* instance */
203 ptr += strlen(pinstance) + 1;
205 if (strlen(ptr) >= REALM_SZ)
207 (void) strcpy(prealm,ptr); /* realm */
208 ptr += strlen(prealm) + 1;
209 /* temporary hack until realms are dealt with properly */
211 (void) strcpy(prealm,KRB_REALM);
213 memcpy((char *)paddress, ptr, 4); /* net address */
216 memcpy((char *)session, ptr, 8); /* session key */
218 #ifdef notdef /* DONT SWAP SESSION KEY spm 10/22/86 */
220 swap_C_Block(session);
223 /* get lifetime, being certain we don't get negative lifetimes */
224 uptr = (unsigned char *) ptr++;
227 memcpy((char *) time_sec, ptr, 4); /* issue time */
230 *time_sec = krb4_swab32(*time_sec);
232 if (strlen(ptr) >= ANAME_SZ)
234 (void) strcpy(sname,ptr); /* service name */
235 ptr += 1 + strlen(sname);
237 if (strlen (ptr) >= INST_SZ)
239 (void) strcpy(sinstance,ptr); /* instance */
240 ptr += 1 + strlen(sinstance);
242 #ifdef KRB_CRYPT_DEBUG
244 krb_log("service=%s.%s len(sname)=%d, len(sinstance)=%d",
245 sname, sinstance, strlen(sname), strlen(sinstance));
246 krb_log("ptr - tkt->dat=%d",(char *)ptr - (char *)tkt->dat);