[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-brezak-win2k-krb-rc4-hmac-04.txt key usages

To: lukeh@PADL.COM
Subject: Re: draft-brezak-win2k-krb-rc4-hmac-04.txt key usages
From: Luke Howard <lukeh@PADL.COM>
Date: Thu, 28 Nov 2002 10:00:05 +1100
Cc: heimdal-discuss@sics.se
Organization: PADL Software Pty Ltd
Reply-To: lukeh@PADL.COM
Sender: owner-heimdal-discuss@sics.se
Versions: dmail (bsd44) 2.4c/makemail 2.9d


I don't think that krb5_create_checksum() should not apply
CHECKSUM_USAGE() for the rc4-hmac checksum types. See
modified implementation below.

static krb5_error_code usage2arcfour (krb5_context context, int *usage);

krb5_error_code
krb5_create_checksum(krb5_context context,
                     krb5_crypto crypto,
                     krb5_key_usage usage,
                     int type,
                     void *data,
                     size_t len,
                     Checksum *result)
{
    /*
     * According to draft-brezak-win2k-krb-rc4-hmac-04.txt,
     * different key derivation salts need to be used.
     */
    krb5_error_code ret;

    if (type == CKSUMTYPE_HMAC_MD5 ||
        crypto->et->flags & F_SPECIAL) {
        ret = usage2arcfour(context, (int *)&usage);
        if (ret != 0) {
            return ret;
        }
    } else {
        usage = CHECKSUM_USAGE(usage);
    }
    return create_checksum(context, crypto,
                           usage,
                           type, data, len, result);
}

-- Luke

--
Luke Howard | PADL Software Pty Ltd | www.padl.com

Prev by Date: Heimdal, Openafs and Win2000
Prev by thread: Re: draft-brezak-win2k-krb-rc4-hmac-04.txt key usages
Next by thread: Heimdal, Openafs and Win2000
Index(es):
- Date
- Thread