[OpenAFS] AFS Token / Kerberos v5 ticket

Mon, 19 Oct 2009 17:37:44 +0200

This is a cryptographically signed message in MIME format.

--------------ms040407090208010000080902
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hi,

I'm trying to find a way to decrypt efficiently an AFS Token created
with "kinit + aklog" in order to access the encrypted data.

Every attempt I made to use the tkt_DecodeTicket5 function was
unsuccessful (this function is supposed to exist for this purpose, isn't
it ?)

My last (and ultimate) idea is to map the AFS Token to a krb5_ticket and
to decrypt it with the krb5_decrypt_tkt_part function.
That's not an easy trick and I would like to know if someone has already
written something about this ....

My questions are :
* Is it possible to map an AFS Token to a krb5_ticket and decrypt it
using krb5_decrypt_tkt_part function ?
    The encrypted part of AFS Tokens created with "kinit+aklog" is based
on the krb5_encrypt_tkt_part function so I think that's possible.

* Does anyone have already tried something like this ?
    Anyone could help me doing this ?

For sure, any other idea to access the encrypted content of the AFS
Tokens created with "kinit + aklog" are accepted.

Thanks in advance

Remi

-- 

Remi Ferrand             | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 |     et de Physique des Particules
Fax. +33(0)4.72.69.41.70 | Centre de Calcul - http://cc.in2p3.fr/

--------------ms040407090208010000080902
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM2zCC
A20wggJVoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwKzELMAkGA1UEBhMCRlIxDTALBgNVBAoT
BENOUlMxDTALBgNVBAMTBENOUlMwHhcNMDEwNDI3MDU0NjQ5WhcNMTEwNDI1MDU0NjQ5WjA0
MQswCQYDVQQGEwJGUjENMAsGA1UEChMEQ05SUzEWMBQGA1UEAxMNQ05SUy1TdGFuZGFyZDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANzhHiE9BovqvV60iNsPk5e0bQc9hmIA
Lcr/tUqO51akj2Es8aAqq/Yq3Xwsv+91VQusCU7nTmHA5wzwkBVFEgLCjOvDEmTiYxAYLssH
MdmB5dwpgpsxVuKBHopvp+ipWBFEVoNds054cC3ftv1ygUXV8e5Nzu++1T0MkCBFmgmArw9M
2iAOgL86s+sngMC5D8ChTkDcOv1qKr9A1SxxgPn4umvk6ioAqy++mvCndm2YKZwPL/BC8hiX
W8n2zBlfusK+EtJcsJCUwLfLBgTvjzDtMi16SveTu6AJpLTuM8vQg5u1tbOQ3o6QHlmcINVL
Hu3XTE+G+hw6KqHprAWgnb8CAwEAAaOBkjCBjzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRn
WaXlB3RJA+8Fz8wupBjVEMiePDBTBgNVHSMETDBKgBRW62i50lx+mLWlU8ORb2NYxPlrt6Ev
pC0wKzELMAkGA1UEBhMCRlIxDTALBgNVBAoTBENOUlMxDTALBgNVBAMTBENOUlOCAQAwCwYD
VR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4IBAQAGA0eDckWQwk7hIderF6kBVQbKQG1Voh1e
6+IUI1nkCeKQ9jyNNgYPS6cmI2XC6gaacru4jMuKX+95NiV+ANfzBpT7g0QpJjfH7umHzmyG
gBtxPdJir/bNYmxTD+Z6kwCMey4z4EEdqr5lmHbxlQd0s+Y/U3XVSwY2SynE9tyOE4BAEHOC
rRV7BHFQtTcz8shku6EQfjbGra9vcFKm0a7MzLqw6FkSj2INrQPdSyroiTmIUS/tYei3MIfb
J1VtZoejUQmAYXFRBb4THdlBMPx1XwqWmxj/vpCBtBPAchEI/Wqaage99IMstGA2ZAf6PWqn
sJAEdoPdM8s04heYBAuhMIIEsTCCA5mgAwIBAgIDAJceMA0GCSqGSIb3DQEBBQUAMDQxCzAJ
BgNVBAYTAkZSMQ0wCwYDVQQKEwRDTlJTMRYwFAYDVQQDEw1DTlJTLVN0YW5kYXJkMB4XDTA5
MDIwNjA4MTA1MVoXDTExMDIwNjA4MTA1MVowbjELMAkGA1UEBhMCRlIxDTALBgNVBAoTBENO
UlMxEDAOBgNVBAsTB1VTUjY0MDIxFTATBgNVBAMTDFJlbWkgRmVycmFuZDEnMCUGCSqGSIb3
DQEJARYYcmVtaS5mZXJyYW5kQGNjLmluMnAzLmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxBuDf5CGn1V0n2nqQQnVO2pPfHQ3E57a7jHNmZNYD3aOF9WVJjXwQfPpbwcE
m10vP/MURe/QjlN8ImcRCGNXybAsQyDV839HFuvUCN92Qju9B2IoQx/kUlmu7Gtcnzt2aTVb
jexZHdGkiv5GkWseqTOBXmDRfCOSDiowUX8YeSqEs+s0M0Urva5jLhyGIQRUBGvp7U0z0wug
XzUBufJS9i2fO4OvwZBqyCigOBfDfY/18Jx3haJadKaeG23pAJkeGPMit7L/gMfWIVYQ8kQa
F6ddd7D4axoGIYpy26DV1f+5WFV6yogegzH7Z2TP/zc9/ATOctSW9RLD9VBHpk1MawIDAQAB
o4IBkDCCAYwwDAYDVR0TAQH/BAIwADARBglghkgBhvhCAQEEBAMCBLAwDgYDVR0PAQH/BAQD
AgXgMHgGCWCGSAGG+EIBDQRrFmlDZXJ0aWZpY2F0IENOUlMtU3RhbmRhcmQuIFBvdXIgdG91
dGUgaW5mb3JtYXRpb24gc2UgcmVwb3J0ZXIg4CBodHRwOi8vaWdjLnNlcnZpY2VzLmNucnMu
ZnIvQ05SUy1TdGFuZGFyZC8wHQYDVR0OBBYEFHuV0UmWU13s1WE1Vedp53drFMYoMFMGA1Ud
IwRMMEqAFGdZpeUHdEkD7wXPzC6kGNUQyJ48oS+kLTArMQswCQYDVQQGEwJGUjENMAsGA1UE
ChMEQ05SUzENMAsGA1UEAxMEQ05SU4IBAjAjBgNVHREEHDAagRhyZW1pLmZlcnJhbmRAY2Mu
aW4ycDMuZnIwRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL2NybHMuc2VydmljZXMuY25ycy5m
ci9DTlJTLVN0YW5kYXJkL2dldGRlci5jcmwwDQYJKoZIhvcNAQEFBQADggEBACdZ1ociRxMY
oWWBFZmDMT5Aa5rLvuSzKax8bb3WXqWOmk8D5LlSO17F3mkR5TekcDFSJ8/jXeFG4Q+toHxR
AyV3L3LCL6cUd29L0zJNj2E1QcRIzuuug/GCWszQP+VsatGn1TT/1najETgbAdolWdCByX9A
tRL0lo7G5Kz7TB31e08ZPus9k7fOPhClIAKxY4m6kxf2O73pkHu7kXbbgWjxFkF3rEq4qcYq
XsC9F2pUkCxKiKBI727aknODrvW0keb57kZldafCD/kBYcp32Vm68TBhzq844stfc1LPZXCc
XWW8PiToRxlgyopZ1e5bCzsVEdLiofRa8F9muSmjK+gwggSxMIIDmaADAgECAgMAlx4wDQYJ
KoZIhvcNAQEFBQAwNDELMAkGA1UEBhMCRlIxDTALBgNVBAoTBENOUlMxFjAUBgNVBAMTDUNO
UlMtU3RhbmRhcmQwHhcNMDkwMjA2MDgxMDUxWhcNMTEwMjA2MDgxMDUxWjBuMQswCQYDVQQG
EwJGUjENMAsGA1UEChMEQ05SUzEQMA4GA1UECxMHVVNSNjQwMjEVMBMGA1UEAxMMUmVtaSBG
ZXJyYW5kMScwJQYJKoZIhvcNAQkBFhhyZW1pLmZlcnJhbmRAY2MuaW4ycDMuZnIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEG4N/kIafVXSfaepBCdU7ak98dDcTntruMc2Z
k1gPdo4X1ZUmNfBB8+lvBwSbXS8/8xRF79COU3wiZxEIY1fJsCxDINXzf0cW69QI33ZCO70H
YihDH+RSWa7sa1yfO3ZpNVuN7Fkd0aSK/kaRax6pM4FeYNF8I5IOKjBRfxh5KoSz6zQzRSu9
rmMuHIYhBFQEa+ntTTPTC6BfNQG58lL2LZ87g6/BkGrIKKA4F8N9j/XwnHeFolp0pp4bbekA
mR4Y8yK3sv+Ax9YhVhDyRBoXp113sPhrGgYhinLboNXV/7lYVXrKiB6DMftnZM//Nz38BM5y
1Jb1EsP1UEemTUxrAgMBAAGjggGQMIIBjDAMBgNVHRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQE
AwIEsDAOBgNVHQ8BAf8EBAMCBeAweAYJYIZIAYb4QgENBGsWaUNlcnRpZmljYXQgQ05SUy1T
dGFuZGFyZC4gUG91ciB0b3V0ZSBpbmZvcm1hdGlvbiBzZSByZXBvcnRlciDgIGh0dHA6Ly9p
Z2Muc2VydmljZXMuY25ycy5mci9DTlJTLVN0YW5kYXJkLzAdBgNVHQ4EFgQUe5XRSZZTXezV
YTVV52nnd2sUxigwUwYDVR0jBEwwSoAUZ1ml5Qd0SQPvBc/MLqQY1RDInjyhL6QtMCsxCzAJ
BgNVBAYTAkZSMQ0wCwYDVQQKEwRDTlJTMQ0wCwYDVQQDEwRDTlJTggECMCMGA1UdEQQcMBqB
GHJlbWkuZmVycmFuZEBjYy5pbjJwMy5mcjBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3Js
cy5zZXJ2aWNlcy5jbnJzLmZyL0NOUlMtU3RhbmRhcmQvZ2V0ZGVyLmNybDANBgkqhkiG9w0B
AQUFAAOCAQEAJ1nWhyJHExihZYEVmYMxPkBrmsu+5LMprHxtvdZepY6aTwPkuVI7XsXeaRHl
N6RwMVInz+Nd4UbhD62gfFEDJXcvcsIvpxR3b0vTMk2PYTVBxEjO666D8YJazNA/5Wxq0afV
NP/WdqMROBsB2iVZ0IHJf0C1EvSWjsbkrPtMHfV7Txk+6z2Tt84+EKUgArFjibqTF/Y7vemQ
e7uRdtuBaPEWQXesSripxipewL0XalSQLEqIoEjvbtqSc4Ou9bSR5vnuRmV1p8IP+QFhynfZ
WbrxMGHOrzjiy19zUs9lcJxdZbw+JOhHGWDKilnV7lsLOxUR0uKh9FrwX2a5KaMr6DGCAr4w
ggK6AgEBMDswNDELMAkGA1UEBhMCRlIxDTALBgNVBAoTBENOUlMxFjAUBgNVBAMTDUNOUlMt
U3RhbmRhcmQCAwCXHjAJBgUrDgMCGgUAoIIBWDAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
MBwGCSqGSIb3DQEJBTEPFw0wOTEwMTkxNTM3NDRaMCMGCSqGSIb3DQEJBDEWBBQqYIfp2Qkn
XEUNoIMdgOSz/LAj3zBKBgkrBgEEAYI3EAQxPTA7MDQxCzAJBgNVBAYTAkZSMQ0wCwYDVQQK
EwRDTlJTMRYwFAYDVQQDEw1DTlJTLVN0YW5kYXJkAgMAlx4wTAYLKoZIhvcNAQkQAgsxPaA7
MDQxCzAJBgNVBAYTAkZSMQ0wCwYDVQQKEwRDTlJTMRYwFAYDVQQDEw1DTlJTLVN0YW5kYXJk
AgMAlx4wXwYJKoZIhvcNAQkPMVIwUDALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI
hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMA0GCSqG
SIb3DQEBAQUABIIBAFc+QM27KLrw5h5wA6BQMU/UvHQfQdFJWGczauQue7gd2UKxqQOlWXD2
8/ZB7uCQjzYG99wOsI1OhmxrYQj6Vl1pvAPFNi7Km330hYrnGSSt2PxHoBkvCF3/pWK1TTCe
kD7ioDOYd2bLCZfvmIKzW0qxokrCEpp8fb5gllj/gcmT3XeNMkrnIy1dC711uPqPH0zdRSPe
Dt0hMOAD7VRyJ3LWyR028n/bdy4Nv9VTeh+qudUrwx7OUgBxs5u3z1SS7bZcDm6F/5jS1Tbq
J6SCPmoKlxD26Tnqdki7Pnmt9KRbnpZrHKfNkcpLJWoQf/5n3BloCpMPKJKFnjLz2FmQqWEA
AAAAAAA=
--------------ms040407090208010000080902--