Using KDC's master key to encrypt data
Alejandro Perez Mendez
alex at um.es
Thu Aug 9 04:27:09 EDT 2012
as part of the GSS-preauth plugin
(http://k5wiki.kerberos.org/wiki/Projects/GSS-API_preauth), I would like
to encrypt & sign the contents of PA-FX-COOKIE, using some key shared
amongst all the KDC's belonging to the same realm. I guess that key
could be the one associated to principal krbtgt, but don't know if there
exists any other key that I could use for that purpose.
How do I access that key from my preauth plugin?
What function can I use to encrypt the data?
More information about the krbdev