directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jiajia Li (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DIRKRB-509) Add SupportedKDFs in AuthPack
Date Tue, 22 Dec 2015 06:36:46 GMT
Jiajia Li created DIRKRB-509:
--------------------------------

             Summary: Add SupportedKDFs in AuthPack
                 Key: DIRKRB-509
                 URL: https://issues.apache.org/jira/browse/DIRKRB-509
             Project: Directory Kerberos
          Issue Type: Bug
    Affects Versions: 1.0.0-RC2
            Reporter: Jiajia Li
            Assignee: Jiajia Li


In mit source code k5-int-pkinit.h:
{code}
/** AuthPack from RFC 4556*/
typedef struct _krb5_auth_pack {
    krb5_pk_authenticator       pkAuthenticator;
    krb5_subject_pk_info        *clientPublicValue; /* Optional */
    krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
    krb5_data                   clientDHNonce; /* Optional */
    krb5_data                   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
} krb5_auth_pack;
{code}

So we need add supportedKDFs in following define to enable decode the mit request.
{code}
 AuthPack ::= SEQUENCE {
     pkAuthenticator         [0] PKAuthenticator,
     clientPublicValue       [1] SubjectPublicKeyInfo OPTIONAL,
     supportedCMSTypes       [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
     clientDHNonce           [3] DHNonce OPTIONAL
 }
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message