You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Jiajia Li (JIRA)" <ji...@apache.org> on 2015/12/22 07:36:46 UTC

[jira] [Created] (DIRKRB-509) Add SupportedKDFs in AuthPack

Jiajia Li created DIRKRB-509:
--------------------------------

             Summary: Add SupportedKDFs in AuthPack
                 Key: DIRKRB-509
                 URL: https://issues.apache.org/jira/browse/DIRKRB-509
             Project: Directory Kerberos
          Issue Type: Bug
    Affects Versions: 1.0.0-RC2
            Reporter: Jiajia Li
            Assignee: Jiajia Li


In mit source code k5-int-pkinit.h:
{code}
/** AuthPack from RFC 4556*/
typedef struct _krb5_auth_pack {
    krb5_pk_authenticator       pkAuthenticator;
    krb5_subject_pk_info        *clientPublicValue; /* Optional */
    krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
    krb5_data                   clientDHNonce; /* Optional */
    krb5_data                   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
} krb5_auth_pack;
{code}

So we need add supportedKDFs in following define to enable decode the mit request.
{code}
 AuthPack ::= SEQUENCE {
     pkAuthenticator         [0] PKAuthenticator,
     clientPublicValue       [1] SubjectPublicKeyInfo OPTIONAL,
     supportedCMSTypes       [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
     clientDHNonce           [3] DHNonce OPTIONAL
 }
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)