1 .\" $Id: kerberos.3,v 1.2 1996/06/12 21:29:18 bg Exp $
2 .\" $FreeBSD: src/crypto/kerberosIV/man/kerberos.3,v 1.2 2000/02/24 20:21:14 markm Exp $
3 .\" Copyright 1989 by the Massachusetts Institute of Technology.
5 .\" For copying and distribution information,
6 .\" please see the file <mit-copyright.h>.
8 .TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena"
10 krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred,
11 krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err,
12 krb_rd_err, krb_ck_repl \- Kerberos authentication library
17 #include <openssl/des.h>
21 extern char *krb_err_txt[];
24 int krb_mk_req(authent,service,instance,realm,checksum)
32 int krb_rd_req(authent,service,instance,from_addr,ad,fn)
41 int krb_kntoln(ad,lname)
46 int krb_set_key(key,cvt)
51 int krb_get_cred(service,instance,realm,c)
58 long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver)
63 des_key_schedule schedule;
64 struct sockaddr_in *sender;
65 struct sockaddr_in *receiver;
68 long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data)
71 Key_schedule schedule;
73 struct sockaddr_in *sender;
74 struct sockaddr_in *receiver;
78 long krb_mk_safe(in,out,in_length,key,sender,receiver)
83 struct sockaddr_in *sender;
84 struct sockaddr_in *receiver;
87 long krb_rd_safe(in,length,key,sender,receiver,msg_data)
91 struct sockaddr_in *sender;
92 struct sockaddr_in *receiver;
96 long krb_mk_err(out,code,string)
102 long krb_rd_err(in,length,code,msg_data)
110 This library supports network authentication and various related
111 operations. The library contains many routines beyond those described
112 in this man page, but they are not intended to be used directly.
113 Instead, they are called by the routines that are described, the
114 authentication server and the login program.
117 contains text string descriptions of various Kerberos error codes returned
118 by some of the routines below.
121 takes a pointer to a text structure in which an authenticator is to be
122 built. It also takes the name, instance, and realm of the service to be
123 used and an optional checksum. It is up to the application to decide
124 how to generate the checksum.
126 then retrieves a ticket for the desired service and creates an
127 authenticator. The authenticator is built in
130 to the calling procedure.
132 It is up to the application to get the authenticator to the service
133 where it will be read by
135 Unless an attacker posesses the session key contained in the ticket, it
136 will be unable to modify the authenticator. Thus, the checksum can be
137 used to verify the authenticity of the other data that will pass through
141 takes an authenticator of type
143 a service name, an instance, the address of the
144 host originating the request, and a pointer to a structure of type
146 which is filled in with information obtained from the authenticator.
147 It also optionally takes the name of the file in which it will find the
148 secret key(s) for the service.
151 contains "*", then the first service key with the same service name
152 found in the service key file will be used, and the
154 argument will be filled in with the chosen instance. This means that
155 the caller must provide space for such an instance name.
157 It is used to find out information about the principal when a request
158 has been made to a service. It is up to the application protocol to get
159 the authenticator from the client to the service. The authenticator is
162 to extract the desired information.
165 returns zero (RD_AP_OK) upon successful authentication. If a packet was
166 forged, modified, or replayed, authentication will fail. If the
167 authentication fails, a non-zero value is returned indicating the
168 particular problem encountered. See
170 for the list of error codes.
172 If the last argument is the null string (""), krb_rd_req will use the
173 file /etc/srvtab to find its keys. If the last argument is NULL, it
174 will assume that the key has been set by
176 and will not bother looking further.
179 converts a Kerberos name to a local name. It takes a structure
180 of type AUTH_DAT and uses the name and instance to look in the database
181 /etc/aname to find the corresponding local name. The local name is
182 returned and can be used by an application to change uids, directories,
183 or other parameters. It is not an integral part of Kerberos, but is
184 instead provided to support the use of Kerberos in existing utilities.
187 takes as an argument a des key. It then creates
188 a key schedule from it and saves the original key to be used as an
189 initialization vector.
190 It is used to set the server's key which
191 must be used to decrypt tickets.
193 If called with a non-zero second argument,
195 will first convert the input from a string of arbitrary length to a DES
196 key by encrypting it with a one-way function.
198 In most cases it should not be necessary to call
200 The necessary keys will usually be obtained and set inside
201 .I krb_rd_req. krb_set_key
202 is provided for those applications that do not wish to place the
203 application keys on disk.
206 searches the caller's ticket file for a ticket for the given service, instance,
207 and realm; and, if a ticket is found, fills in the given CREDENTIALS structure
208 with the ticket information.
210 If the ticket was found,
213 If the ticket file can't be found, can't be read, doesn't belong to
214 the user (other than root), isn't a regular file, or is in the wrong
215 mode, the error GC_TKFIL is returned.
218 creates an encrypted, authenticated
219 message from any arbitrary application data, pointed to by
224 The private session key, pointed to by
226 and the key schedule,
228 are used to encrypt the data and some header information using
233 point to the Internet address of the two parties.
234 In addition to providing privacy, this protocol message protects
235 against modifications, insertions or replays. The encapsulated message and
236 header are placed in the area pointed to by
238 and the routine returns the length of the output, or -1 indicating
242 decrypts and authenticates a received
246 points to the beginning of the received message, whose length
249 The private session key, pointed to by
251 and the key schedule,
253 are used to decrypt and verify the received message.
259 The routine fills in the
261 field with a pointer to the decrypted application data,
263 with the length of the
269 with the timestamps in the message, and
271 with a 1 if the byte order of the receiver is different than that of
272 the sender. (The application must still determine if it is appropriate
273 to byte-swap application data; the Kerberos protocol fields are already taken
276 field returns a value useful as input to the
280 The routine returns zero if ok, or a Kerberos error code. Modified messages
281 and old messages cause errors, but it is up to the caller to
282 check the time sequence of messages, and to check against recently replayed
288 creates an authenticated, but unencrypted message from any arbitrary
295 The private session key, pointed to by
299 checksum algorithm used as part of the authentication.
303 point to the Internet address of the two parties.
304 This message does not provide privacy, but does protect (via detection)
305 against modifications, insertions or replays. The encapsulated message and
306 header are placed in the area pointed to by
308 and the routine returns the length of the output, or -1 indicating
310 The authentication provided by this routine is not as strong as that
313 or by computing the checksum using
315 instead, both of which authenticate via DES.
319 authenticates a received
323 points to the beginning of the received message, whose length
326 The private session key, pointed to by
328 is used to seed the quad_cksum() routine as part of the authentication.
334 The routine fills in these
339 field with a pointer to the application data,
341 with the length of the
347 with the timestamps in the message, and
349 with a 1 if the byte order of the receiver is different than that of
351 (The application must still determine if it is appropriate
352 to byte-swap application data; the Kerberos protocol fields are already taken
355 field returns a value useful as input to the
359 The routine returns zero if ok, or a Kerberos error code. Modified messages
360 and old messages cause errors, but it is up to the caller to
361 check the time sequence of messages, and to check against recently replayed
367 constructs an application level error message that may be used along
373 is a pointer to the output buffer,
375 is an application specific error code, and
377 is an application specific error string.
385 points to the beginning of the received message, whose length
389 is a pointer to a value to be filled in with the error
390 value provided by the application.
396 The routine fills in these
400 field with a pointer to the application error text,
402 with the length of the
406 with a 1 if the byte order of the receiver is different than that of
407 the sender. (The application must still determine if it is appropriate
408 to byte-swap application data; the Kerberos protocol fields are already taken
411 The routine returns zero if the error message has been successfully received,
412 or a Kerberos error code.
416 structure is used to pass around text of varying lengths. It consists
417 of a buffer for the data, and a length. krb_rd_req takes an argument of this
418 type containing the authenticator, and krb_mk_req returns the
419 authenticator in a structure of this type. KTEXT itself is really a
420 pointer to the structure. The actual structure is of type KTEXT_ST.
424 structure is filled in by krb_rd_req. It must be allocated before
425 calling krb_rd_req, and a pointer to it is passed. The structure is
426 filled in with data obtained from Kerberos.
428 structure is filled in by either krb_rd_priv, krb_rd_safe, or
429 krb_rd_err. It must be allocated before the call and a pointer to it
430 is passed. The structure is
431 filled in with data obtained from Kerberos.
448 kerberos(1), des_crypt(3)
452 .I krb_rd_req, krb_rd_priv, and krb_rd_safe
453 must check time order and for replay attempts.
455 is not implemented yet.
457 Clifford Neuman, MIT Project Athena
459 Steve Miller, MIT Project Athena/Digital Equipment Corporation
461 COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology