[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Checksum in mk_req_internal

To: "]ke Sandgren" <ake@cs.umu.se>
Subject: Re: Checksum in mk_req_internal
From: joda@pdc.kth.se (Johan Danielsson)
Date: 16 Apr 1999 11:51:20 +0200
Cc: Assar Westerlund <assar@sics.se>, heimdal-discuss@sics.se
In-Reply-To: "]ke Sandgren"'s message of "Thu, 15 Apr 1999 17:41:14 +0200 (MET DST)"
References: <Pine.GSO.3.95.990415173631.11675A-100000@ytterboda.cs.umu.se>
Sender: owner-heimdal-discuss@sics.se

"]ke Sandgren" <ake@cs.umu.se> writes:

> The problem is that the kdc (DCE secd in this case) returns error

Try this:

--- mk_req_ext.c	1999/02/11 21:03:44	1.19
+++ mk_req_ext.c	1999/04/16 09:41:09
@@ -94,6 +94,15 @@
   krb5_copy_keyblock(context, &in_creds->session, &ac->keyblock);
   
   if (in_data) {
+      if(ac->keyblock->keytype == ETYPE_DES_CBC_CRC) {
+	  /* this is to make DCE secd happy */
+	  ret = krb5_create_checksum(context, 
+				     NULL,
+				     CKSUMTYPE_RSA_MD4,
+				     in_data->data,
+				     in_data->length,
+				     &c);
+      } else {
       krb5_crypto crypto;
       krb5_crypto_init(context, ac->keyblock, 0, &crypto);
       ret = krb5_create_checksum(context, 
@@ -104,6 +113,7 @@
 				 &c);
       
       krb5_crypto_destroy(context, crypto);
+      }
       c_opt = &c;
   } else {
       c_opt = NULL;

> What i can't understand is why init_crypto/create_checksum is done
> the way it is.

You mean in general, or just in this part of the code? I think the
general idea is that the encryption type should tell you what checksum
to use, but DCE uses keytypes, not enctypes.

/Johan

References:
- Re: Checksum in mk_req_internal
  - From: "]ke Sandgren" <ake@cs.umu.se>

Prev by Date: Re: Checksum in mk_req_internal
Next by Date: diff's for reading cachefile's of type 1
Prev by thread: Re: Checksum in mk_req_internal
Next by thread: diff's for reading cachefile's of type 1
Index(es):
- Date
- Thread