subject:"\[jira\] \[Commented\] \(DIRKRB\-509\) Add SupportedKDFs in AuthPack"

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

2015-12-24 Thread Kai Zheng (JIRA)


[ 
https://issues.apache.org/jira/browse/DIRKRB-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15071397#comment-15071397
 ] 

Kai Zheng commented on DIRKRB-509:
--

Very cool to figure this out!! Note I heard this draft but never saw it before. 
:(

> Add SupportedKDFs in AuthPack
> -
>
> Key: DIRKRB-509
> URL: https://issues.apache.org/jira/browse/DIRKRB-509
> Project: Directory Kerberos
>  Issue Type: Bug
>Affects Versions: 1.0.0-RC2
>Reporter: Jiajia Li
>Assignee: Jiajia Li
>
> In mit source code k5-int-pkinit.h:
> {code}
> /** AuthPack from RFC 4556*/
> typedef struct _krb5_auth_pack {
> krb5_pk_authenticator   pkAuthenticator;
> krb5_subject_pk_info*clientPublicValue; /* Optional */
> krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
> krb5_data   clientDHNonce; /* Optional */
> krb5_data   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
> } krb5_auth_pack;
> {code}
> So we need add supportedKDFs in following define to enable decode the mit 
> request.
> {code}
>  AuthPack ::= SEQUENCE {
>  pkAuthenticator [0] PKAuthenticator,
>  clientPublicValue   [1] SubjectPublicKeyInfo OPTIONAL,
>  supportedCMSTypes   [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
>  clientDHNonce   [3] DHNonce OPTIONAL
>  }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

2015-12-24 Thread Kai Zheng (JIRA)


[ 
https://issues.apache.org/jira/browse/DIRKRB-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15071364#comment-15071364
 ] 

Kai Zheng commented on DIRKRB-509:
--

Good catch Jiajia!! It looks like MIT implementation is kinds of out of sync 
with the RFC4556 family. Did you report this to MIT KRB DEV?

Noted the comment for {{AuthPack}} in the head didn't update accordingly. I 
will fix it.

> Add SupportedKDFs in AuthPack
> -
>
> Key: DIRKRB-509
> URL: https://issues.apache.org/jira/browse/DIRKRB-509
> Project: Directory Kerberos
>  Issue Type: Bug
>Affects Versions: 1.0.0-RC2
>Reporter: Jiajia Li
>Assignee: Jiajia Li
>
> In mit source code k5-int-pkinit.h:
> {code}
> /** AuthPack from RFC 4556*/
> typedef struct _krb5_auth_pack {
> krb5_pk_authenticator   pkAuthenticator;
> krb5_subject_pk_info*clientPublicValue; /* Optional */
> krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
> krb5_data   clientDHNonce; /* Optional */
> krb5_data   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
> } krb5_auth_pack;
> {code}
> So we need add supportedKDFs in following define to enable decode the mit 
> request.
> {code}
>  AuthPack ::= SEQUENCE {
>  pkAuthenticator [0] PKAuthenticator,
>  clientPublicValue   [1] SubjectPublicKeyInfo OPTIONAL,
>  supportedCMSTypes   [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
>  clientDHNonce   [3] DHNonce OPTIONAL
>  }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

2015-12-24 Thread Jiajia Li (JIRA)


[ 
https://issues.apache.org/jira/browse/DIRKRB-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15071385#comment-15071385
 ] 

Jiajia Li commented on DIRKRB-509:
--

>From MIT KRB DEV: The define is from 
>https://tools.ietf.org/html/draft-ietf-krb-wg-pkinit-alg-agility-07, with some 
>extensions based on RFC4556.

> Add SupportedKDFs in AuthPack
> -
>
> Key: DIRKRB-509
> URL: https://issues.apache.org/jira/browse/DIRKRB-509
> Project: Directory Kerberos
>  Issue Type: Bug
>Affects Versions: 1.0.0-RC2
>Reporter: Jiajia Li
>Assignee: Jiajia Li
>
> In mit source code k5-int-pkinit.h:
> {code}
> /** AuthPack from RFC 4556*/
> typedef struct _krb5_auth_pack {
> krb5_pk_authenticator   pkAuthenticator;
> krb5_subject_pk_info*clientPublicValue; /* Optional */
> krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
> krb5_data   clientDHNonce; /* Optional */
> krb5_data   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
> } krb5_auth_pack;
> {code}
> So we need add supportedKDFs in following define to enable decode the mit 
> request.
> {code}
>  AuthPack ::= SEQUENCE {
>  pkAuthenticator [0] PKAuthenticator,
>  clientPublicValue   [1] SubjectPublicKeyInfo OPTIONAL,
>  supportedCMSTypes   [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
>  clientDHNonce   [3] DHNonce OPTIONAL
>  }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

2015-12-24 Thread Jiajia Li (JIRA)


[ 
https://issues.apache.org/jira/browse/DIRKRB-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15071371#comment-15071371
 ] 

Jiajia Li commented on DIRKRB-509:
--

Not yet, I will report it, thanks.

> Add SupportedKDFs in AuthPack
> -
>
> Key: DIRKRB-509
> URL: https://issues.apache.org/jira/browse/DIRKRB-509
> Project: Directory Kerberos
>  Issue Type: Bug
>Affects Versions: 1.0.0-RC2
>Reporter: Jiajia Li
>Assignee: Jiajia Li
>
> In mit source code k5-int-pkinit.h:
> {code}
> /** AuthPack from RFC 4556*/
> typedef struct _krb5_auth_pack {
> krb5_pk_authenticator   pkAuthenticator;
> krb5_subject_pk_info*clientPublicValue; /* Optional */
> krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
> krb5_data   clientDHNonce; /* Optional */
> krb5_data   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
> } krb5_auth_pack;
> {code}
> So we need add supportedKDFs in following define to enable decode the mit 
> request.
> {code}
>  AuthPack ::= SEQUENCE {
>  pkAuthenticator [0] PKAuthenticator,
>  clientPublicValue   [1] SubjectPublicKeyInfo OPTIONAL,
>  supportedCMSTypes   [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
>  clientDHNonce   [3] DHNonce OPTIONAL
>  }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

2015-12-21 Thread Jiajia Li (JIRA)


[ 
https://issues.apache.org/jira/browse/DIRKRB-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15067631#comment-15067631
 ] 

Jiajia Li commented on DIRKRB-509:
--

commit 803b3d05244d80af3447e3cdb4336fae85c2c4a9
Author: plusplusjiajia 
Date:   Tue Dec 22 14:44:39 2015 +0800

DIRKRB-509 Add SupportedKDFs in AuthPack.


> Add SupportedKDFs in AuthPack
> -
>
> Key: DIRKRB-509
> URL: https://issues.apache.org/jira/browse/DIRKRB-509
> Project: Directory Kerberos
>  Issue Type: Bug
>Affects Versions: 1.0.0-RC2
>Reporter: Jiajia Li
>Assignee: Jiajia Li
>
> In mit source code k5-int-pkinit.h:
> {code}
> /** AuthPack from RFC 4556*/
> typedef struct _krb5_auth_pack {
> krb5_pk_authenticator   pkAuthenticator;
> krb5_subject_pk_info*clientPublicValue; /* Optional */
> krb5_algorithm_identifier   **supportedCMSTypes; /* Optional */
> krb5_data   clientDHNonce; /* Optional */
> krb5_data   **supportedKDFs; /* OIDs of KDFs; OPTIONAL */
> } krb5_auth_pack;
> {code}
> So we need add supportedKDFs in following define to enable decode the mit 
> request.
> {code}
>  AuthPack ::= SEQUENCE {
>  pkAuthenticator [0] PKAuthenticator,
>  clientPublicValue   [1] SubjectPublicKeyInfo OPTIONAL,
>  supportedCMSTypes   [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
>  clientDHNonce   [3] DHNonce OPTIONAL
>  }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

[jira] [Commented] (DIRKRB-509) Add SupportedKDFs in AuthPack

5 matches

Site Navigation

Mail list logo

Footer information