JAVA 1.6 and EncryptionTypes in AS-REQ are too Restrictive

Douglas E. Engert deengert at anl.gov
Thu Jul 15 15:57:27 EDT 2010


Possible bug in Java 1.6?

  Situation:
    KDCs - mixed AD domain with 2008 and 2003 DCs.

    Client - Java 1.6 program that uses Krb5LoginModule
    (i.e. Java kinit, or application) can fail on MacOS, Ubuntu,
     Solaris 10, Windows 7.

     User - User has changed password since domain converted
     to mixed 2008-2003.

Client issues first AS-REQ listing in the etype field AES(128 and/or 256),
DES3,RC4,DES as encryption types to 2008 KDC.

KDC responds KRB5-ERROR PREAUTH_REQUIRED and lists the above encryption
types (minus the DES3) in PA-ENCTYPES-INFO2

Client sends second AS-REQ with PA-ENC-TIMESTAMP encrypted using AES(128 or 256)
but in the etype field it only lists the single AES type used for the timestamp.

Based on RFC 4120, sending only the single EncryptionType in the etype
might be considered the bug? Or is the client being to zealous in
trying to use only one EncryptioType?


(With mixed 2008-2003 DCs, the TGT must use RC4, as the TGT might be
  used against a 2003 DC that does not support AES. So DC returns
  KDC_ERR_ETYPE_NOTSUPP (14) as it think the client can not handle RC4.)

The MIT, Heimdal and Solaris kinit work fine as they return
the same list of encryption Types in both the first and second AS-REQ, and
the KDC can accept a encrypted timestamp in AES, and send a AS-REP using RC4.

This may have limited exposure, as java 1.6 does not distribute a kinit
accept on Windows. But the application with the problem gets its own TGT.

The circumvention appears to be to add:
    default_tkt_enctypes = arcfour-hmac-md5
to the krb5.conf used by the Java application.

-- 

  Douglas E. Engert  <DEEngert at anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444





More information about the Kerberos mailing list