[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: arcfour-hmac checksum salt value

11 mar 2008 kl. 12.42 skrev Kevin Coffman:

> While implementing arcfour-hmac for Linux Kernel NFS use, I have run
> into the following issue:
> According to rfc4757 (sections 7.2 and 7.3), the salt value when
> generating the checksum for both MIC and WRAP tokens is 15.  However,
> the MIT, Heimdal, and Java implementations all seem to map the usage
> values (used while creating the checksum) in WRAP tokens to a salt
> value of 13 instead.
> Can someone verify that either I'm confused, or the spec is wrong in
> the case of the checksum salt value that Microsoft used for WRAP
> tokens?

 From where do you get 13 in heimdal ?

 From what I can read, heimdal uses KRB5_KU_USAGE_SIGN that later in  
the crypto layer is mapped to 15 for the mic checksum.