wrong key is generated by krb5_c_string_to_key

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

wrong key is generated by krb5_c_string_to_key

Ashi1986
Hi All ,

This is my setup .

windows 8.1 64 bit
windows 2012 R2 server AD and KDC .
BS2000 with MIT kerberos 1.13.2

I generate keytab for  SPN using this command  :

ktpass -princ host/<Host name>@domain name -mapuser <domain name\domain user pass> pass <password> -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCIPAL -out C:\KeyTab\HMAC7U6.keytab

I am trying to decrypt AP_REQ using this keytab.
I looked at kvno, encryption type and everything else matches.

while configuring the DES-CBC-CRC and DES-CBC-MD5 it works fine and Kerberos connection established.

while decrypting the packet in krb5_c_decrypt -> krb5_k_decrypt -> krb5int_arcfour_decrypt
returning KRB5KRB_AP_ERR_BAD_INTEGRITY?

In case of encryption type RC4-HMAC, AES128-SHA1 and AES256-SHA1, It is noticed that keys generated from the password by using the function [lib/crypto/krb/string_to_key.c\krb5_c_string_to_key] is different from the key generated with the same password with KTPASS command.

In case of DES-CBC-CRC and DES-CBC-MD5, generated keys are exactly matched with the keys generated by KTPASS command.

Therefore kerberos connection becomes successful with the encryption type DES-CBC-CRC and DES-CBC-MD5 and connection gets failed with error code KRB5KRB_AP_ERR_BAD_INTEGRITY with the encryption type RC4-HMAC, AES128-SHA1 and AES256-SHA1.

Please suggest how to fix this problem.

Any help would be appreciated !!!

Thanks & Regards
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Robbie Harwood
Ashi1986 <[hidden email]> writes:

> Hi All ,
>
> This is my setup .
>
> windows 8.1 64 bit
> windows 2012 R2 server AD and KDC .
> BS2000 with MIT kerberos 1.13.2
>
> In case of encryption type RC4-HMAC, AES128-SHA1 and AES256-SHA1, It is
> noticed that keys generated from the password by using the function
> [lib/crypto/krb/string_to_key.c\*krb5_c_string_to_key*] is different from
> the key generated with the same password with KTPASS command.
Is this potentially related to the string-to-key fixes in
89ce6420832858950271858e7c6e1a2eefebc683 ?

It might be worth trying with a version that includes that commit.

thanks,
--Robbie

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos

signature.asc (847 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Ashi1986
Thanks for your response.

can you please specify the version which I should use.

Thank You
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Robbie Harwood
Ashi1986 <[hidden email]> writes:

> can you please specify the version which I should use.

It has not yet been included in a released version to my knowledge,
which is why I indicated a commit (i.e., build that commit from git).

Thanks,
--Robbie

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos

signature.asc (847 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Mark Pröhl
In reply to this post by Ashi1986
On 06/02/2017 02:29 PM, Ashi1986 wrote:

> Hi All ,
>
> This is my setup .
>
> windows 8.1 64 bit
> windows 2012 R2 server AD and KDC .
> BS2000 with MIT kerberos 1.13.2
>
> I generate keytab for  SPN using this command  :
>
> ktpass -princ host/<Host name>@domain name -mapuser <domain name\domain user
> pass> pass <password> -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCIPAL -out
> C:\KeyTab\HMAC7U6.keytab
>
> I am trying to decrypt AP_REQ using this keytab.
> I looked at kvno, encryption type and everything else matches.
>
> while configuring the DES-CBC-CRC and DES-CBC-MD5 it works fine and Kerberos
> connection established.
>
> while decrypting the packet in krb5_c_decrypt -> krb5_k_decrypt ->
> krb5int_arcfour_decrypt
> returning KRB5KRB_AP_ERR_BAD_INTEGRITY?
>
> In case of encryption type RC4-HMAC, AES128-SHA1 and AES256-SHA1, It is
> noticed that keys generated from the password by using the function
> [lib/crypto/krb/string_to_key.c\*krb5_c_string_to_key*] is different from
> the key generated with the same password with KTPASS command.
>
> In case of DES-CBC-CRC and DES-CBC-MD5, generated keys are exactly matched
> with the keys generated by KTPASS command.
>
> Therefore kerberos connection becomes successful with the encryption type
> DES-CBC-CRC and DES-CBC-MD5 and connection gets failed with error code
> KRB5KRB_AP_ERR_BAD_INTEGRITY with the encryption type RC4-HMAC, AES128-SHA1
> and AES256-SHA1.
>
> Please suggest how to fix this problem.
>
> Any help would be appreciated !!!
>
> Thanks & Regards
>
>

If I do understand you correct, the keytab with the invalid RC4 and AES
keys is generated with ktpass.exe. If so, how should that be related to
the krb5_c_string_to_key function from MIT Kerberos?

And did you try to use msktutil instead of ktpass.exe?

- Mark
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Isaac Boukris
On Mon, Jun 5, 2017 at 6:51 PM, Mark Pröhl <[hidden email]> wrote:

> On 06/02/2017 02:29 PM, Ashi1986 wrote:
>> Hi All ,
>>
>> This is my setup .
>>
>> windows 8.1 64 bit
>> windows 2012 R2 server AD and KDC .
>> BS2000 with MIT kerberos 1.13.2
>>
>> I generate keytab for  SPN using this command  :
>>
>> ktpass -princ host/<Host name>@domain name -mapuser <domain name\domain user
>> pass> pass <password> -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCIPAL -out
>> C:\KeyTab\HMAC7U6.keytab
>>
> If I do understand you correct, the keytab with the invalid RC4 and AES
> keys is generated with ktpass.exe. If so, how should that be related to
> the krb5_c_string_to_key function from MIT Kerberos?

For AES keys I'd suspect the salt doesn't match (afaik, in AD the salt
is the LHS of the UPN attribute when the password was last set).

But the unmatched RC4 keys is strange, you could derive the key
manually since its just an md4 hash with no salt, something like:
# echo -n password | iconv -t UTF-16LE | openssl dgst -md4
And compare with the key in the keytab:
# klist -Kekt krb5.keytab

HTH

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Ashi1986
Thank you very much for the response.

>manually since its just an md4 hash with no salt, something like:
># echo -n password | iconv -t UTF-16LE | openssl dgst -md4
>And compare with the key in the keytab:
># klist -Kekt krb5.keytab

I have derived the key manually by using the below command:
# echo -n password | iconv -t UTF-16LE | openssl dgst -md4
and the generated key regarding RC4 is same as key generated by KTPASS command.

but the key generated by MIT function krb5_c_string_to_key is different from the key generated by KTPASS command.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Isaac Boukris
On Tue, Jun 6, 2017 at 11:48 AM, Ashi1986 <[hidden email]> wrote:

>>manually since its just an md4 hash with no salt, something like:
>># echo -n password | iconv -t UTF-16LE | openssl dgst -md4
>>And compare with the key in the keytab:
>># klist -Kekt krb5.keytab
>
> I have derived the key manually by using the below command:
> # echo -n password | iconv -t UTF-16LE | openssl dgst -md4
> and the generated key regarding RC4 is same as key generated by KTPASS
> command.
>
> but the key generated by MIT function krb5_c_string_to_key is different from
> the key generated by KTPASS command.

Maybe try to compare your usage to how it is used in ktutil code,
which works perfectly fine afaict (using arcfour-hmac enc-type), see:
https://buildfarm.opencsw.org/source/xref/krb5/src/kadmin/ktutil/ktutil_funcs.c#89
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Benjamin Kaduk-2
In reply to this post by Ashi1986
On Tue, Jun 06, 2017 at 01:48:58AM -0700, Ashi1986 wrote:

> Thank you very much for the response.
>
> >manually since its just an md4 hash with no salt, something like:
> ># echo -n password | iconv -t UTF-16LE | openssl dgst -md4
> >And compare with the key in the keytab:
> ># klist -Kekt krb5.keytab
>
> I have derived the key manually by using the below command:
> # echo -n password | iconv -t UTF-16LE | openssl dgst -md4
> and the generated key regarding RC4 is same as key generated by KTPASS
> command.
>
> but the key generated by MIT function krb5_c_string_to_key is different from
> the key generated by KTPASS command.

To confirm, this is the MIT 1.13.2 code that is producing the
inconsistent result?

If so, you might try to apply manually the diff from the commit that
Robbie mentioned already.

-Ben
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Ashi1986
Thanks for your response.

>>If so, you might try to apply manually the diff from the commit that
>>Robbie mentioned already.
I am new to open source, can you please share the link from where I can get the commit sources.

Thank You
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: wrong key is generated by krb5_c_string_to_key

Benjamin Kaduk-2
On Tue, Jun 06, 2017 at 11:55:23PM -0700, Ashi1986 wrote:
> Thanks for your response.
>
> >>If so, you might try to apply manually the diff from the commit that
> >>Robbie mentioned already.
> I am new to open source, can you please share the link from where I can get
> the commit sources.

Sorry for the slow response.

You should be able to save
https://github.com/krb5/krb5/commit/89ce6420832858950271858e7c6e1a2eefebc683.diff
to a file in order to have the patch locally.

What to do with it then depends on how you are currently getting
your kerberos software.  If you are using an OS supplied version (as
from Fedora or Debian), then you would need to download the source
package from that distribution (instead of the binary package you
are currently using), and use that distro's package-building
workflow to apply the extra patch and produce binary packages
containing it (that can then be manually installed).  If, on the
other hand, you are currently compiling kerberos from source, then
you can use the patch(1) utility to apply the downloaded patch and
rebuild quickly.

But more details for any of those methods are probably out of scope
for this mailing list; your OS should have various forums for
support (if you're using OS packages), or there are general
references for building software online.

-Ben
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Loading...