Use oid_id_pkcs7_data for pkinit-9 encKey reply to match windows DC

behavior better.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20927 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-06-05 17:23:44 +00:00
parent dbb87065cd
commit a7169a17a6

View File

@@ -679,7 +679,7 @@ pk_mk_pa_reply_enckey(krb5_context context,
krb5_keyblock *reply_key,
ContentInfo *content_info)
{
const heim_oid *envelopedAlg = NULL;
const heim_oid *envelopedAlg = NULL, *sdAlg = NULL;
krb5_error_code ret;
krb5_data buf, signed_data;
size_t size;
@@ -693,6 +693,7 @@ pk_mk_pa_reply_enckey(krb5_context context,
memset(&kp, 0, sizeof(kp));
envelopedAlg = oid_id_rsadsi_des_ede3_cbc();
sdAlg = oid_id_pkcs7_data();
ret = copy_EncryptionKey(reply_key, &kp.replyKey);
if (ret) {
@@ -712,6 +713,8 @@ pk_mk_pa_reply_enckey(krb5_context context,
ReplyKeyPack kp;
memset(&kp, 0, sizeof(kp));
sdAlg = oid_id_pkrkeydata();
ret = copy_EncryptionKey(reply_key, &kp.replyKey);
if (ret) {
krb5_clear_error_string(context);
@@ -773,7 +776,7 @@ pk_mk_pa_reply_enckey(krb5_context context,
ret = hx509_cms_create_signed_1(kdc_identity->hx509ctx,
0,
oid_id_pkrkeydata(),
sdAlg,
buf.data,
buf.length,
NULL,