You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Jiajia Li (JIRA)" <ji...@apache.org> on 2015/12/22 07:36:46 UTC
[jira] [Created] (DIRKRB-509) Add SupportedKDFs in AuthPack
Jiajia Li created DIRKRB-509:
--------------------------------
Summary: Add SupportedKDFs in AuthPack
Key: DIRKRB-509
URL: https://issues.apache.org/jira/browse/DIRKRB-509
Project: Directory Kerberos
Issue Type: Bug
Affects Versions: 1.0.0-RC2
Reporter: Jiajia Li
Assignee: Jiajia Li
In mit source code k5-int-pkinit.h:
{code}
/** AuthPack from RFC 4556*/
typedef struct _krb5_auth_pack {
krb5_pk_authenticator pkAuthenticator;
krb5_subject_pk_info *clientPublicValue; /* Optional */
krb5_algorithm_identifier **supportedCMSTypes; /* Optional */
krb5_data clientDHNonce; /* Optional */
krb5_data **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
} krb5_auth_pack;
{code}
So we need add supportedKDFs in following define to enable decode the mit request.
{code}
AuthPack ::= SEQUENCE {
pkAuthenticator [0] PKAuthenticator,
clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
clientDHNonce [3] DHNonce OPTIONAL
}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)