

KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


NNAAMMEE
       krb_mk_req,     krb_rd_req,    krb_kntoln,    krb_set_key,
       krb_get_cred,   krb_mk_priv,   krb_rd_priv,   krb_mk_safe,
       krb_rd_safe,  krb_mk_err,  krb_rd_err,  krb_ck_repl - Ker-
       beros authentication library

SSYYNNOOPPSSIISS
       ##iinncclluuddee <<kkeerrbbeerroossIIVV//ddeess..hh>>
       ##iinncclluuddee <<kkeerrbbeerroossIIVV//kkrrbb..hh>>

       eexxtteerrnn cchhaarr **kkrrbb__eerrrr__ttxxtt[[]];;

       iinntt kkrrbb__mmkk__rreeqq((aauutthheenntt,,sseerrvviiccee,,iinnssttaannccee,,rreeaallmm,,cchheecckkssuumm))
       KKTTEEXXTT aauutthheenntt;;
       cchhaarr **sseerrvviiccee;;
       cchhaarr **iinnssttaannccee;;
       cchhaarr **rreeaallmm;;
       uu__lloonngg cchheecckkssuumm;;

       iinntt kkrrbb__rrdd__rreeqq((aauutthheenntt,,sseerrvviiccee,,iinnssttaannccee,,ffrroomm__aaddddrr,,aadd,,ffnn))
       KKTTEEXXTT aauutthheenntt;;
       cchhaarr **sseerrvviiccee;;
       cchhaarr **iinnssttaannccee;;
       uu__lloonngg ffrroomm__aaddddrr;;
       AAUUTTHH__DDAATT **aadd;;
       cchhaarr **ffnn;;

       iinntt kkrrbb__kknnttoollnn((aadd,,llnnaammee))
       AAUUTTHH__DDAATT **aadd;;
       cchhaarr **llnnaammee;;

       iinntt kkrrbb__sseett__kkeeyy((kkeeyy,,ccvvtt))
       cchhaarr **kkeeyy;;
       iinntt ccvvtt;;

       iinntt kkrrbb__ggeett__ccrreedd((sseerrvviiccee,,iinnssttaannccee,,rreeaallmm,,cc))
       cchhaarr **sseerrvviiccee;;
       cchhaarr **iinnssttaannccee;;
       cchhaarr **rreeaallmm;;
       CCRREEDDEENNTTIIAALLSS **cc;;

       lloonngg kkrrbb__mmkk__pprriivv((iinn,,oouutt,,iinn__lleennggtthh,,sscchheedduullee,,kkeeyy,,sseennddeerr,,rreecceeiivveerr))
       uu__cchhaarr **iinn;;
       uu__cchhaarr **oouutt;;
       uu__lloonngg iinn__lleennggtthh;;
       ddeess__ccbblloocckk kkeeyy;;
       ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
       ssttrruucctt ssoocckkaaddddrr__iinn **sseennddeerr;;
       ssttrruucctt ssoocckkaaddddrr__iinn **rreecceeiivveerr;;

       lloonngg kkrrbb__rrdd__pprriivv((iinn,,iinn__lleennggtthh,,sscchheedduullee,,kkeeyy,,sseennddeerr,,rreecceeiivveerr,,mmssgg__ddaattaa))


MIT Project Athena     Kerberos Version 4.0                     1


KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


       uu__cchhaarr **iinn;;
       uu__lloonngg iinn__lleennggtthh;;
       KKeeyy__sscchheedduullee sscchheedduullee;;
       ddeess__ccbblloocckk kkeeyy;;
       ssttrruucctt ssoocckkaaddddrr__iinn **sseennddeerr;;
       ssttrruucctt ssoocckkaaddddrr__iinn **rreecceeiivveerr;;
       MMSSGG__DDAATT **mmssgg__ddaattaa;;

       lloonngg kkrrbb__mmkk__ssaaffee((iinn,,oouutt,,iinn__lleennggtthh,,kkeeyy,,sseennddeerr,,rreecceeiivveerr))
       uu__cchhaarr **iinn;;
       uu__cchhaarr **oouutt;;
       uu__lloonngg iinn__lleennggtthh;;
       ddeess__ccbblloocckk kkeeyy;;
       ssttrruucctt ssoocckkaaddddrr__iinn **sseennddeerr;;
       ssttrruucctt ssoocckkaaddddrr__iinn **rreecceeiivveerr;;

       lloonngg kkrrbb__rrdd__ssaaffee((iinn,,lleennggtthh,,kkeeyy,,sseennddeerr,,rreecceeiivveerr,,mmssgg__ddaattaa))
       uu__cchhaarr **iinn;;
       uu__lloonngg lleennggtthh;;
       ddeess__ccbblloocckk kkeeyy;;
       ssttrruucctt ssoocckkaaddddrr__iinn **sseennddeerr;;
       ssttrruucctt ssoocckkaaddddrr__iinn **rreecceeiivveerr;;
       MMSSGG__DDAATT **mmssgg__ddaattaa;;

       lloonngg kkrrbb__mmkk__eerrrr((oouutt,,ccooddee,,ssttrriinngg))
       uu__cchhaarr **oouutt;;
       lloonngg ccooddee;;
       cchhaarr **ssttrriinngg;;

       lloonngg kkrrbb__rrdd__eerrrr((iinn,,lleennggtthh,,ccooddee,,mmssgg__ddaattaa))
       uu__cchhaarr **iinn;;
       uu__lloonngg lleennggtthh;;
       lloonngg ccooddee;;
       MMSSGG__DDAATT **mmssgg__ddaattaa;;

DDEESSCCRRIIPPTTIIOONN
       This library supports network authentication  and  various
       related  operations.   The  library contains many routines
       beyond those described in this man page, but they are  not
       intended to be used directly.  Instead, they are called by
       the routines that are described, the authentication server
       and the login program.

       _k_r_b___e_r_r___t_x_t_[_] contains text string descriptions of various
       Kerberos error codes returned  by  some  of  the  routines
       below.

       _k_r_b___m_k___r_e_q takes a pointer to a text structure in which an
       authenticator is to be built.  It  also  takes  the  name,
       instance,  and  realm  of  the  service  to be used and an
       optional checksum.  It is up to the application to  decide


MIT Project Athena     Kerberos Version 4.0                     2


KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


       how to generate the checksum.  _k_r_b___m_k___r_e_q then retrieves a
       ticket for the desired service and creates an  authentica-
       tor.   The authenticator is built in _a_u_t_h_e_n_t and is acces-
       sible to the calling procedure.

       It is up to the application to get  the  authenticator  to
       the  service  where it will be read by _k_r_b___r_d___r_e_q_.  Unless
       an attacker possesses the session  key  contained  in  the
       ticket,  it  will  be  unable to modify the authenticator.
       Thus, the checksum can be used to verify the  authenticity
       of the other data that will pass through a connection.

       _k_r_b___r_d___r_e_q takes an authenticator of type KKTTEEXXTT,, a service
       name, an instance, the address of the host originating the
       request,  and  a  pointer  to a structure of type AAUUTTHH__DDAATT
       which is filled in  with  information  obtained  from  the
       authenticator.   It  also optionally takes the name of the
       file in which it will find the secret key(s) for the  ser-
       vice.   If  the  supplied  _i_n_s_t_a_n_c_e contains "*", then the
       first service key with the same service name found in  the
       service  key  file will be used, and the _i_n_s_t_a_n_c_e argument
       will be filled in with the chosen  instance.   This  means
       that  the  caller  must provide space for such an instance
       name.

       It is used to find out  information  about  the  principal
       when  a  request  has been made to a service.  It is up to
       the application protocol to get the authenticator from the
       client  to  the service.  The authenticator is then passed
       to _k_r_b___r_d___r_e_q to extract the desired information.

       _k_r_b___r_d___r_e_q returns zero (RD_AP_OK) upon successful authen-
       tication.   If a packet was forged, modified, or replayed,
       authentication will fail.  If the authentication fails,  a
       non-zero value is returned indicating the particular prob-
       lem encountered.  See _k_r_b_._h for the list of error codes.

       If the last argument is the null string  (""),  krb_rd_req
       will  use  the  file /etc/srvtab to find its keys.  If the
       last argument is NULL, it will assume  that  the  key  has
       been  set  by _k_r_b___s_e_t___k_e_y and will not bother looking fur-
       ther.

       _k_r_b___k_n_t_o_l_n converts a Kerberos name to a local  name.   It
       takes  a  structure of type AUTH_DAT and uses the name and
       instance to look in the database /etc/aname  to  find  the
       corresponding  local name.  The local name is returned and
       can be used by an application to change uids, directories,
       or  other  parameters.  It is not an integral part of Ker-
       beros, but is instead provided to support the use of  Ker-
       beros in existing utilities.


MIT Project Athena     Kerberos Version 4.0                     3


KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


       _k_r_b___s_e_t___k_e_y  takes as an argument a des key.  It then cre-
       ates a key schedule from it and saves the original key  to
       be  used  as  an initialization vector.  It is used to set
       the server's key which must be used to decrypt tickets.

       If called with a  non-zero  second  argument,  _k_r_b___s_e_t___k_e_y
       will  first  convert  the input from a string of arbitrary
       length to a DES key by encrypting it with a one-way  func-
       tion.

       In   most  cases  it  should  not  be  necessary  to  call
       _k_r_b___s_e_t___k_e_y_.  The necessary keys will usually be  obtained
       and  set  inside  _k_r_b___r_d___r_e_q_.  _k_r_b___s_e_t___k_e_y is provided for
       those applications that do not wish to place the  applica-
       tion keys on disk.

       _k_r_b___g_e_t___c_r_e_d  searches  the  caller's  ticket  file  for a
       ticket for the given service, instance, and realm; and, if
       a  ticket  is found, fills in the given CREDENTIALS struc-
       ture with the ticket information.

       If the ticket was found, _k_r_b___g_e_t___c_r_e_d returns  GC_OK.   If
       the  ticket  file  can't  be found, can't be read, doesn't
       belong to the user (other  than  root),  isn't  a  regular
       file,  or  is  in  the  wrong  mode, the error GC_TKFIL is
       returned.

       _k_r_b___m_k___p_r_i_v creates an  encrypted,  authenticated  message
       from  any arbitrary application data, pointed to by _i_n and
       _i_n___l_e_n_g_t_h bytes long.  The private session key, pointed to
       by _k_e_y and the key schedule, _s_c_h_e_d_u_l_e_, are used to encrypt
       the data and some header information  using  _p_c_b_c___e_n_c_r_y_p_t_.
       _s_e_n_d_e_r  and  _r_e_c_e_i_v_e_r point to the Internet address of the
       two parties.  In addition to providing privacy, this  pro-
       tocol  message  protects against modifications, insertions
       or replays.   The  encapsulated  message  and  header  are
       placed  in  the  area  pointed  to  by _o_u_t and the routine
       returns the length of the  output,  or  -1  indicating  an
       error.

       _k_r_b___r_d___p_r_i_v   decrypts   and   authenticates   a  received
       _k_r_b___m_k___p_r_i_v message.  _i_n points to the  beginning  of  the
       received  message, whose length is specified in _i_n___l_e_n_g_t_h_.
       The private session key, pointed to by _k_e_y_,  and  the  key
       schedule,  _s_c_h_e_d_u_l_e_,  are  used  to decrypt and verify the
       received message.  _m_s_g___d_a_t_a is  a  pointer  to  a  _M_S_G___D_A_T
       struct,  defined  in  _k_r_b_._h_.   The  routine  fills  in the
       _a_p_p___d_a_t_a field with a pointer to the decrypted application
       data,  _a_p_p___l_e_n_g_t_h  with  the length of the _a_p_p___d_a_t_a field,
       _t_i_m_e___s_e_c and _t_i_m_e___5_m_s with the timestamps in the  message,
       and  _s_w_a_p  with  a  1 if the byte order of the receiver is


MIT Project Athena     Kerberos Version 4.0                     4


KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


       different than that of the sender.  (The application  must
       still determine if it is appropriate to byte-swap applica-
       tion data; the Kerberos protocol fields are already  taken
       care  of).  The _h_a_s_h field returns a value useful as input
       to the _k_r_b___c_k___r_e_p_l routine.

       The routine returns zero if ok, or a Kerberos error  code.
       Modified messages and old messages cause errors, but it is
       up to the caller to check the time sequence  of  messages,
       and  to  check  against  recently  replayed messages using
       _k_r_b___c_k___r_e_p_l if so desired.

       _k_r_b___m_k___s_a_f_e creates an authenticated, but unencrypted mes-
       sage from any arbitrary application data, pointed to by _i_n
       and  _i_n___l_e_n_g_t_h  bytes  long.   The  private  session  key,
       pointed to by _k_e_y_, is used to seed the _q_u_a_d___c_k_s_u_m_(_) check-
       sum algorithm used as part of the authentication.   _s_e_n_d_e_r
       and _r_e_c_e_i_v_e_r point to the Internet address of the two par-
       ties.  This message does not  provide  privacy,  but  does
       protect  (via detection) against modifications, insertions
       or replays.   The  encapsulated  message  and  header  are
       placed  in  the  area  pointed  to  by _o_u_t and the routine
       returns the length of the  output,  or  -1  indicating  an
       error.  The authentication provided by this routine is not
       as strong as that provided by _k_r_b___m_k___p_r_i_v or by  computing
       the  checksum  using  _c_b_c___c_k_s_u_m  instead,  both  of  which
       authenticate via DES.


       _k_r_b___r_d___s_a_f_e authenticates a received _k_r_b___m_k___s_a_f_e  message.
       _i_n  points to the beginning of the received message, whose
       length is specified in  _i_n___l_e_n_g_t_h_.   The  private  session
       key,  pointed  to by _k_e_y_, is used to seed the quad_cksum()
       routine as part of  the  authentication.   _m_s_g___d_a_t_a  is  a
       pointer  to a _M_S_G___D_A_T struct, defined in _k_r_b_._h _.  The rou-
       tine fills in these _M_S_G___D_A_T  fields:  the  _a_p_p___d_a_t_a  field
       with  a  pointer  to the application data, _a_p_p___l_e_n_g_t_h with
       the length of the _a_p_p___d_a_t_a field,  _t_i_m_e___s_e_c  and  _t_i_m_e___5_m_s
       with  the  timestamps in the message, and _s_w_a_p with a 1 if
       the byte order of the receiver is different than  that  of
       the  sender.   (The application must still determine if it
       is appropriate to byte-swap application data; the Kerberos
       protocol  fields  are  already  taken  care of).  The _h_a_s_h
       field returns a value useful as input to  the  _k_r_b___c_k___r_e_p_l
       routine.

       The  routine returns zero if ok, or a Kerberos error code.
       Modified messages and old messages cause errors, but it is
       up  to  the caller to check the time sequence of messages,
       and to check  against  recently  replayed  messages  using
       _k_r_b___c_k___r_e_p_l if so desired.


MIT Project Athena     Kerberos Version 4.0                     5


KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


       _k_r_b___m_k___e_r_r  constructs  an application level error message
       that may be used along with  _k_r_b___m_k___p_r_i_v  or  _k_r_b___m_k___s_a_f_e_.
       _o_u_t is a pointer to the output buffer, _c_o_d_e is an applica-
       tion specific error code, and  _s_t_r_i_n_g  is  an  application
       specific error string.


       _k_r_b___r_d___e_r_r  unpacks  a  received  _k_r_b___m_k___e_r_r  message.  _i_n
       points to the beginning of  the  received  message,  whose
       length  is specified in _i_n___l_e_n_g_t_h_.  _c_o_d_e is a pointer to a
       value to be filled in with the error value provided by the
       application.   _m_s_g___d_a_t_a  is a pointer to a _M_S_G___D_A_T struct,
       defined in _k_r_b_._h _.  The routine  fills  in  these  _M_S_G___D_A_T
       fields:  the _a_p_p___d_a_t_a field with a pointer to the applica-
       tion  error  text,  _a_p_p___l_e_n_g_t_h  with  the  length  of  the
       _a_p_p___d_a_t_a field, and _s_w_a_p with a 1 if the byte order of the
       receiver is different  than  that  of  the  sender.   (The
       application  must  still determine if it is appropriate to
       byte-swap application data; the Kerberos  protocol  fields
       are already taken care of).

       The  routine  returns  zero  if the error message has been
       successfully received, or a Kerberos error code.

       The _K_T_E_X_T structure is used to pass around text of varying
       lengths.   It  consists  of  a  buffer for the data, and a
       length.  krb_rd_req takes an argument of  this  type  con-
       taining  the  authenticator,  and  krb_mk_req  returns the
       authenticator in a structure of this type.   KTEXT  itself
       is  really a pointer to the structure.   The actual struc-
       ture is of type KTEXT_ST.

       The _A_U_T_H___D_A_T structure is filled  in  by  krb_rd_req.   It
       must be allocated before calling krb_rd_req, and a pointer
       to it is passed.  The structure is  filled  in  with  data
       obtained from Kerberos.  _M_S_G___D_A_T structure is filled in by
       either krb_rd_priv, krb_rd_safe, or krb_rd_err.   It  must
       be  allocated  before  the  call  and  a  pointer to it is
       passed.  The structure is filled  in  with  data  obtained
       from Kerberos.


FFIILLEESS
       /usr/include/kerberosIV/krb.h
       /usr/lib/libkrb.a
       /usr/include/kerberosIV/des.h
       /usr/lib/libdes.a
       /etc/kerberosIV/aname
       /etc/kerberosIV/srvtab
       /tmp/tkt[uid]


MIT Project Athena     Kerberos Version 4.0                     6


KERBEROS(3)          BSD Programmer's Manual          KERBEROS(3)


SSEEEE AALLSSOO
       kerberos(1), des_crypt(3)

DDIIAAGGNNOOSSTTIICCSS
BBUUGGSS
       The  caller  of  _k_r_b___r_d___r_e_q_,  _k_r_b___r_d___p_r_i_v_, _a_n_d _k_r_b___r_d___s_a_f_e
       must  check  time   order   and   for   replay   attempts.
       _k_r_b___c_k___r_e_p_l is not implemented yet.

AAUUTTHHOORRSS
       Clifford Neuman, MIT Project Athena
       Steve  Miller, MIT Project Athena/Digital Equipment Corpo-
       ration

RREESSTTRRIICCTTIIOONNSS
       COPYRIGHT 1985,1986,1989 Massachusetts Institute of  Tech-
       nology


MIT Project Athena     Kerberos Version 4.0                     7