Re: OTP: Putting the nonce in the cookie

Sumit Bose <sbose(a)redhat.com&gt; wrote Wed, 18 May 2011 14:09:34 +0200: | > I recently pushed[0] some code for putting the nonce in the PA-FX-COOKIE | > (to branch otp-wip of git://git.nordu.net/krb-otp.git). It took some | > changes to generic FAST code though. Please let me know if you think | > this isn't a good way of solving it. For example, I can't really see | > how this is supposed to work with authentications sets. | | I wonder if similar would be possilbe by adding KRB5_PADATA_FX_COOKIE to | server_supported_pa_types. If this really works server_verify_preauth() | should be called twice, once with the cookie and the other time with the | OTP REQ data. Since we don't know in which order the data item will come | we have to safe them and can check the nonce only in the second run. That's a clever idea. The problem with this is in the edata_proc (server_get_edata() in our case) where we have to put the nonce in the cookie. Without changes to get_preauth_hint_list() I can't really see how we would find the cookie padata entry. And we do know the order. From RFC 6113 2.4: From the standpoint of evaluating the pre-authentication, the KDC first starts by initializing the pre-authentication state. If a PA- FX-COOKIE pre-authentication data item is present, it is processed first; see Section 5.2 for a definition.