Problems with unkeyed crypto hashing code

Frank J. Nagy nagy at fnal.gov
Tue Jul 26 12:38:51 EDT 2011


I am working against Kerberos 1.9.1 trying to get some legacy
code running which calls krb5_checksum_calculate
The basic code is roughly:

   hashbuf.checksum_type = CKSUMTYPE_RSA_MD5;
   hashbuf.length = krb5_checksum_size(ctx, hashbuf.checksum_type);
   hashbuf.contents = malloc(hashbuf.length);
   code = krb5_calculate_checksum(ctx, hashbuf.checksum_type,
				 prnbuf, len, NULL, 0, &hashbuf);

where prnbuf is the input text string (length len) and output
hash is into hasbuf.

Note that no key test is provided (NULL, 0) and that in the
cksumtypes table RSA_MD5 is one of the CKSUM_UNKEYED codes.

I have tried, besides RSA_MD5, all the CKSUM_UNKEYED codes
(CRC32, RSA_MD4 qand NIST_SHA) and all return the error
code which translates to

     Key size is incompatible with encryption type

This does not seem right to me.

-- 
= Dr. Frank J. Nagy    [Applied Scientist]
= Fermilab Computing Division/Lab and Scientific Core Services
= Service Operations Support Dept/Engineering Support Group
= nagy at fnal.gov or fjnagy at gmail.com
= Web page: http://home.fnal.gov/~nagy/
= Feynman Computing FCC394   630-840-4935  FAX 840-6345
= USnail: Fermilab POB 500 MS/369 Batavia, IL 60510
= ICBM: 40d 51m 34s N, 88d 12d 29d W, 651 ft ASL
+ "This seat. It warms your ass. Wonderful." -- Dr. Bishop



More information about the Kerberos mailing list