Session Key through GSS-API
ghudson at mit.edu
Tue Feb 28 12:10:54 EST 2023
On 2/28/23 08:17, Stephen Brown via krbdev wrote:
> My application is using Kerberos via GSS-API but needs to access the session key. I saw that I can call gss_inquire_sec_context_by_oid() passing in GSS_C_INQ_SSPI_SESSION_KEY. However it looks like the key returned by this method is obtained via krb5_auth_con_getsendsubkey() which is the sub-session key (I believe) and not what I need.
Can you give a little more context around what protocol this application
is implementing and why it needs the ticket session key and not the subkey?
More information about the krbdev