[prev in list] [next in list] [prev in thread] [next in thread]
List: krbdev
Subject: Re: TGS-REP TICKET decrypting problem
From: Greg Hudson <ghudson () mit ! edu>
Date: 2014-04-27 15:56:21
Message-ID: 535D28A5.7030706 () mit ! edu
[Download RAW message or body]
On 04/25/2014 05:18 AM, somenath saha wrote:
> I'm facing a problem while decrypting enc-part of the ticket in TGS_REP
> message. While decrypting the ticket in TGS_REP message (with
> KRB5_KEYUSAGE_KDC_REP_TICKET), I am getting an error message
> KRB_AP_ERR_BAD_INTEGRITY though I have able to decrypt the enc-part of
> AS_REP message using the same Server Secret Key.
I wasn't able to tell from this description what might be going wrong.
A ticket should be decryptable with the server's key whether it came
from an AS reply or a TGS reply. Make sure the ticket in the TGS reply
is for the same server and is using the same kvno and enctype.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic