Issue in generating Authenticator Data in AP_REQ

Sankar Das sankar_das at
Fri Aug 17 02:56:06 EDT 2012

I am trying to implement a Kerberos client to run againts KDC. I am having a problem in generating the "Authenticator Data" in AP_REQ. I am following the procedure mentioned below:
Step-1: Buffer creation as below
Step-2: The entire buffer is passed to OpenSSL encryption function (i.e. EVP_EncryptInit_ex(), EVPEncryptUpdate(), EVP_EncryptFinal_ex())
        to get the ciphertext
Note: The enc-part of the received ticket in AS_REP is used as the key for the encryption.

Aug 16 18:48:13 krb5kdc[17823](info): TGS_REQ (3 etypes {23 3 1}) PROCESS_TGS: authtime 0,  <unknown client> for <unknown server>, ASN.1 identifier doesn't match expected value

I am new to this list. So please excuse me if this topic has already been discussed. Any help would be appreciated.

More information about the krbdev mailing list