Session key extraction

Luke Howard lukeh at
Tue Dec 23 00:24:23 EST 2008

> Is there any plan to implement the equivalent of the
> SECPKG_ATTR_KEY_INFO attribute, which in SSPI provides information
> about the encryption algorithm associated with the context?  Having
> this information gives callers at least a chance of using the session
> key with the correct encryption algorithm.

OK, now calling gss_inquire_sec_context_by_oid() with  
GSS_C_INQ_SESSION_KEY will return a buffer set with two members. The  
first is the session key; the second is an OID identifying the session  
key type.

For the Kerberos mechanism, the OID is:


-- Luke

More information about the krbdev mailing list