[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kerberos decryption and Ethereal, help requested




"Ronnie Sahlberg" <ronnie_sahlberg@ozemail.com.au> writes:

> A question:
> Your example code decrypts the encrypted data inside the Ticket inside the
> TGS-REP packet.
> Your example code specifies usage==2.
>
> Is usage always 2 when decrypting the blob inside a ticket or is usage only
> 2 when decrypted this blob inside a ticket inside a TGS-REP pdu?
>
> How do I figure out what usage should be?
> (I was told it was the MSG Type but that was apparently incorrect)

The keyusage is diffrent for diffrent encrypted blobs. See section 7.5.1 in
draft-ietf-krb-wg-kerberos-clarifications-05.txt for when they are used.

> Second question,   can someone point me to where in the sources I can find
> either the ASN.1 descriptions or the code handling the
> ASN.1/BER data in the decrypted blob?
> I.e. now that I have the ASN.1 encoded data, where do I find out WHAT this
> data is?

Its all in rfc1510 or kerberos-clarifications, I recommend the later. I
think you are looking for the structure named EncKDCRepPart.

BTW kerberos is ASN.1/DER, but that will make little diffrence for you as
you are only decoding.

Love

PGP signature