Session key extraction
Luke Howard
lukeh at padl.com
Tue Dec 23 00:24:23 EST 2008
> Is there any plan to implement the equivalent of the
> SECPKG_ATTR_KEY_INFO attribute, which in SSPI provides information
> about the encryption algorithm associated with the context? Having
> this information gives callers at least a chance of using the session
> key with the correct encryption algorithm.
OK, now calling gss_inquire_sec_context_by_oid() with
GSS_C_INQ_SESSION_KEY will return a buffer set with two members. The
first is the session key; the second is an OID identifying the session
key type.
For the Kerberos mechanism, the OID is:
1.2.840.113554.1.2.2.4.<enctype>
-- Luke
More information about the krbdev
mailing list