From 60df0e81227bc4741423cdb382f7a0e9c0b9672f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Wed, 30 May 2007 18:41:59 +0000 Subject: [PATCH] Force des3 for win2k. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20703 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/pkinit.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kdc/pkinit.c b/kdc/pkinit.c index 27948f796..4a6319008 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -679,6 +679,7 @@ pk_mk_pa_reply_enckey(krb5_context context, krb5_keyblock *reply_key, ContentInfo *content_info) { + const heim_oid *envelopedAlg = NULL; krb5_error_code ret; krb5_data buf, signed_data; size_t size; @@ -691,6 +692,8 @@ pk_mk_pa_reply_enckey(krb5_context context, ReplyKeyPack_Win2k kp; memset(&kp, 0, sizeof(kp)); + envelopedAlg = oid_id_rsadsi_des_ede3_cbc(); + ret = copy_EncryptionKey(reply_key, &kp.replyKey); if (ret) { krb5_clear_error_string(context); @@ -799,7 +802,8 @@ pk_mk_pa_reply_enckey(krb5_context context, ret = hx509_cms_envelope_1(kdc_identity->hx509ctx, 0, client_params->cert, - signed_data.data, signed_data.length, NULL, + signed_data.data, signed_data.length, + envelopedAlg, oid_id_pkcs7_signedData(), &buf); if (ret) goto out;