Problems with unkeyed crypto hashing code
Greg Hudson
ghudson at MIT.EDU
Tue Jul 26 14:42:33 EDT 2011
On Tue, 2011-07-26 at 12:38 -0400, Frank J. Nagy wrote:
> Key size is incompatible with encryption type
>
> This does not seem right to me.
This is a bug, yes. The problem is that the glue code translates the
null key into an invalid key block, which then triggers the error.
The easiest course of action is probably to change the code to use the
non-deprecated API, krb5_c_make_checksum(). The bug should be fixed in
1.10. I can supply a patch if it would help.
More information about the Kerberos
mailing list