Problem writing keyblock to krb5.keytab w/keytab binary format.

[Ken Raeburn]

On Jul 15, 2009, at 12:36, kerberos at noopy.org wrote:
> In my DES calls I:
>  - pad and convert the salt from string to unsigned long to byte[8].
>  - use the converted salt as the key and initialization vector.
>  - use a cipher mode of CBC.
>  - write password to crypto stream.
>  - return array of bytes that reflect my encrypted key.
>  - binary write keyblock to new.keytab.

This is not the mechanism Kerberos uses for generating a DES key from  
a password and salt.  Check RFC 3961, particularly section 6.2.

-- 
Ken Raeburn / raeburn at mit.edu / no longer at MIT Kerberos Consortium