----- Original Message -----
From: "Guy Harris"
Sent: Saturday, February 21, 2004 8:33 PM
Subject: Re: [Ethereal-dev] kerberos stuff and nettle question
> On Fri, Feb 20, 2004 at 09:17:38PM +1100, Ronnie Sahlberg wrote:
> > beware i just checked in the completely new rewritten kerberos
dissector
> > together with asn.1 ber helpers in packet-ber.c
>
> Also, when displaying the class/{primitive|constructed}/tag field, why
> show the tag for universal types as a bitfield but not show the tag for
> non-universal types (when it's not 0b11111) as a bitfield? (X.680
> doesn't list any class tag assignments > 24, saying that 31 and up are
> reserved for addenda, so there aren't any universal types that wouldn't
> fit into the bitfield now.)
Good point. I will fix that.
I looked again as EricW's suggestion to just call krb5_c_decrypt(context,
key, usage, ivec, input, output) from the kerberos library.
Indeed this would be much simpler than hacking something up using nettle.
I think that would definitely be the way to go.
But now I need help. Help me please.
I have a capture file with Kerberos in it. I have the keytab file. I save
the encrypted blob from the packet to a file
and read it into a small test application but krb5_c_decrypt() just returns
BAD_INTEGRITY :-(
Attached is an archive containing a small capture file, the keytab file and
a test program (that should be linked with libk5crypto.a).
I saved the encrypted part from the AS-REP packet into a 220 byte large
file.
The test program reads this file into a char array.
The test program also reads the keytab file and builds a list of
principals/keys.
I then as good as I can build the various structures that krb5_c_decrypt()
wants but it just does not work.
I belive there are Kerberos implementors on the list, please lend me a hand
and ethereal will become even better.
Eric?
Attachment:
krb.tgz
Description: application/compressed