arcfour-hmac checksum salt value
Love Hörnquist Åstrand
lha at kth.se
Fri Mar 14 11:03:06 EDT 2008
11 mar 2008 kl. 12.42 skrev Kevin Coffman:
> While implementing arcfour-hmac for Linux Kernel NFS use, I have run
> into the following issue:
> According to rfc4757 (sections 7.2 and 7.3), the salt value when
> generating the checksum for both MIC and WRAP tokens is 15. However,
> the MIT, Heimdal, and Java implementations all seem to map the usage
> values (used while creating the checksum) in WRAP tokens to a salt
> value of 13 instead.
> Can someone verify that either I'm confused, or the spec is wrong in
> the case of the checksum salt value that Microsoft used for WRAP
From where do you get 13 in heimdal ?
From what I can read, heimdal uses KRB5_KU_USAGE_SIGN that later in
the crypto layer is mapped to 15 for the mic checksum.
More information about the krbdev