next up previous contents
Next: kadm5_get_principal Up: Function Details Previous: kadm5_modify_principal   Contents

kadm5_chpass_principal, randkey_principal

The algorithm for determining whether a password is in the principal's key history is complicated by the use of the kadmin/history K$_h$ encrypting key.

  1. For kadm5_chpass_principal, convert the password to a key using string-to-key and the salt method specified by the command line arguments.

  2. If the POLICY bit is set and pw_history_num is not zero, check if the new key is in the history.
    1. Retrieve the principal's current key and decrypt it with K$_M$. If it is the same as the new key, return KADM5_PASS_REUSE.
    2. Retrieve the kadmin/history key K$_h$ and decrypt it with K$_M$.
    3. Encrypt the principal's new key in K$_h$.
    4. If the principal's new key encrypted in K$_h$ is in old_keys, return KADM5_PASS_REUSE.
    5. Encrypt the principal's current key in K$_h$ and store it in old_keys.
    6. Erase the memory containing K$_h$.

  3. Encrypt the principal's new key in K$_M$ and store it in the database.
  4. Erase the memory containing K$_M$.

To store the an encrypted key in old_keys, insert it as the old_key_next element of old_keys, and increment old_key_next by one modulo pw_history_num.


next up previous contents
Next: kadm5_get_principal Up: Function Details Previous: kadm5_modify_principal   Contents
Autobuild 2009-09-05