git.michaelhowe.org Git - packages/o/openafs.git/commit

]> git.michaelhowe.org Git - packages/o/openafs.git/commit

projects / packages / o / openafs.git / commit

author	Chaskiel Grundman <cg2v@andrew.cmu.edu>
	Mon, 18 Mar 2013 01:58:47 +0000 (21:58 -0400)
committer	Russ Allbery <rra@debian.org>
	Mon, 22 Jul 2013 20:47:34 +0000 (13:47 -0700)
commit	923f04bcd734b6aec7dbcb742f0d737983f3951e
tree	40bfe084981ead027a675fa572890a2fa727d65f	tree \| snapshot
parent	e51991d4d5f2ea8d988680195ff74116bd5cf45b	commit \| diff

Derive DES/fcrypt session key from other key types

If a kerberos 5 ticket has a session key with a non-DES enctype,
use the NIST SP800-108 KDF in counter mode with HMAC_MD5 as the PRF to
construct a DES key to be used by rxkad.

To satisfy the requirements of the KDF, DES3 keys are first compressed into a
168 bit form by reversing the RFC3961 random-to-key algorithm

Change-Id: I4dc8e83a641f9892b31c109fb9025251de3dcb27

src/aklog/aklog.c		diff \| blob \| history
src/rxkad/rxkad_prototypes.h		diff \| blob \| history
src/rxkad/ticket5.c		diff \| blob \| history
src/shlibafsrpc/libafsrpc.map		diff \| blob \| history

RSS Atom