d36b180200
add CMS symmetrical parameters here, enctype rc2-cbc XXX RC2CBCParameter is wrong because the compiler is broken
Love Hörnquist Åstrand
2004-04-26 19:11:04 +00:00
9ce4894fcf
add KEYTYPE_RC2
Love Hörnquist Åstrand
2004-04-26 19:04:56 +00:00
054e0d01d6
add partial CMS parameter handling, this is needed for RC2
Love Hörnquist Åstrand
2004-04-26 19:02:56 +00:00
fa7e58f5bf
x
Johan Danielsson
2004-04-26 07:14:34 +00:00
5e02dc0ec1
allow parsing directly from strings with krb5_config_parse_string_multi
Johan Danielsson
2004-04-26 07:14:28 +00:00
4ac10a4c46
try to resolve hostnames
Johan Danielsson
2004-04-26 06:13:45 +00:00
2b2581d27a
x
Johan Danielsson
2004-04-25 21:27:41 +00:00
f3dc346f5d
(krb5_storage_from_fd): dup the file descriptor so we don't have to keep track of it in two places
Johan Danielsson
2004-04-25 21:27:34 +00:00
1be4ca7ac2
x
Johan Danielsson
2004-04-25 19:38:11 +00:00
e95a1672b8
krb5_cc_copy_cache_match now lives in libkrb5
Johan Danielsson
2004-04-25 19:38:02 +00:00
898468d57e
add krb5_compare_creds.3
Johan Danielsson
2004-04-25 19:31:26 +00:00
5f9df92e40
move krb5_compare_creds to its own manpage
Johan Danielsson
2004-04-25 19:29:53 +00:00
26457b7135
replace krb5_free_creds_contents by krb5_free_cred_contents
Johan Danielsson
2004-04-25 19:25:35 +00:00
76a580ad8a
x
Love Hörnquist Åstrand
2004-04-25 19:07:56 +00:00
6357f48500
handle non blocksized cbc messages
Love Hörnquist Åstrand
2004-04-25 19:06:51 +00:00
234befda59
add AES_cbc_encrypt
Love Hörnquist Åstrand
2004-04-25 19:05:05 +00:00
5eca4bbf39
add krb5_cc_next_cred_match() and krb5_cc_copy_cred_match()
Johan Danielsson
2004-04-25 17:20:19 +00:00
b24e10c46b
(krb5_compare_creds): add more matching options
Johan Danielsson
2004-04-25 16:12:04 +00:00
851f04f5e0
add more creds match flags
Johan Danielsson
2004-04-25 16:11:37 +00:00
25de2f6777
add --valid-for option
Johan Danielsson
2004-04-25 16:03:45 +00:00
63ac41ecad
use the right oid for pkauthdata
Love Hörnquist Åstrand
2004-04-25 15:58:07 +00:00
44e0ad43e8
x
Love Hörnquist Åstrand
2004-04-25 15:35:24 +00:00
fe0d0505cf
always send both win2k compat version and the ietf draft one, this is possible microsoft since they use wrong/diffrent PA number. Make the configuration flag boolean configuring if NOT to send the win2k compat glue.
Love Hörnquist Åstrand
2004-04-25 15:34:29 +00:00
8791dd6c6e
(krb5_store_creds): set is_skey flag if length of second ticket is > 0
Johan Danielsson
2004-04-25 14:54:44 +00:00
8eb58824b5
document krb5_{de,en}crypt_ivec
Love Hörnquist Åstrand
2004-04-25 14:50:13 +00:00
89f71476cb
pacify mdoclint
Love Hörnquist Åstrand
2004-04-25 14:30:09 +00:00
4fa6529707
use IV for envelopeddata encryption, patch originally from Luke Howard <lukeh@padl.com>, tweeked by me.
Love Hörnquist Åstrand
2004-04-25 14:29:33 +00:00
a7f10685cc
document KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER
Love Hörnquist Åstrand
2004-04-25 14:23:24 +00:00
8550c8f01f
document that krb5_data_free cleans the structure too
Love Hörnquist Åstrand
2004-04-25 14:21:16 +00:00
2b36497494
use IV for envelopeddata encryption, patch originally from Luke Howard <lukeh@padl.com>, tweeked by me.
Love Hörnquist Åstrand
2004-04-25 14:20:07 +00:00
34fa8c9204
x
Johan Danielsson
2004-04-24 22:47:07 +00:00
bc8821c0f9
use rk_SYS_LARGEFILE
Johan Danielsson
2004-04-24 21:54:01 +00:00
381738d7f9
x
Johan Danielsson
2004-04-24 21:53:02 +00:00
ef6bd838dc
like AC_SYS_LARGEFILE, but also add to CPPFLAGS
Johan Danielsson
2004-04-24 21:51:32 +00:00
9125cb5647
Fix the cache flags bitorder issue with a storage flag instead of a separate function.
Johan Danielsson
2004-04-24 21:17:02 +00:00
878240ccc4
x
Love Hörnquist Åstrand
2004-04-24 16:10:00 +00:00
227900ca1c
move out the oid check from get_reply_key
Love Hörnquist Åstrand
2004-04-24 16:09:42 +00:00
261d6cef84
uniquify error messages
Love Hörnquist Åstrand
2004-04-24 15:19:01 +00:00
0161e447c4
make the pkinit nonce same os the plain nonce for now
Love Hörnquist Åstrand
2004-04-24 15:17:32 +00:00
ab0c82c636
more w2k compat from Luke Howard <lukeh@padl.com> add RC2 support, clean up error messages
Love Hörnquist Åstrand
2004-04-24 15:07:39 +00:00
1365676e29
remove more dependency on krb5_config->pkinit_flags
Love Hörnquist Åstrand
2004-04-24 13:29:23 +00:00
c9aac6c50e
(_krb5_pk_convert_rep): convert microsoft style answer to IETF, From Luke Howard <lukeh@padl.com> (_krb5_pk_create_sign): ms handles NULL in param, so always send it (_krb5_pk_mk_padata): look for [realms]REALM = { win2k_pkinit = bool }
Love Hörnquist Åstrand
2004-04-24 13:15:01 +00:00
76d1e32354
(_krb5_pk_create_sign): always set the digestAlgorithm to sha1 (both for SignerInfo and SignedData, add new function _set_digest_alg to set it
Love Hörnquist Åstrand
2004-04-24 12:26:38 +00:00
c68ce70373
x
Love Hörnquist Åstrand
2004-04-24 12:09:02 +00:00
452afa5916
test vectors from RFC2268
Love Hörnquist Åstrand
2004-04-24 12:08:54 +00:00
e166f76126
(RC2_set_key): rewrite the mask calculation
Love Hörnquist Åstrand
2004-04-24 12:08:22 +00:00
d3ee5536f7
(RC2_set_key): handle keys where effective bits are diffrent from keylength
Love Hörnquist Åstrand
2004-04-24 12:05:26 +00:00
5c405cf489
include rc2.h, and when I'm here, make aes mandatory
Love Hörnquist Åstrand
2004-04-23 20:23:36 +00:00
47bed55995
add ENCTYPE_ARCFOUR_HMAC as compat glue for MIT kerberos
Love Hörnquist Åstrand
2004-04-23 19:48:19 +00:00
b5a7b42a3a
(krb5_crypto_init): clear return pointer on failure
Love Hörnquist Åstrand
2004-04-23 19:43:57 +00:00
f135b1bfe8
x
Love Hörnquist Åstrand
2004-04-23 19:25:52 +00:00
e8470007a1
rc2 implementation
Love Hörnquist Åstrand
2004-04-23 19:23:38 +00:00
f4826c51a0
x
Love Hörnquist Åstrand
2004-04-22 22:14:24 +00:00
497fcd1e8a
(DES3_random_to_key): make it produce the right result (DES3_postproc): use DES3_random_to_key (krb5_random_to_key): check the required number of bits (not the size of the key)
Love Hörnquist Åstrand
2004-04-22 22:13:00 +00:00
2be538b05c
test random to key function
Love Hörnquist Åstrand
2004-04-22 22:09:35 +00:00
2037600911
comment out the "@"/"" test for now
Love Hörnquist Åstrand
2004-04-22 22:00:51 +00:00
3df9dedd06
document that krb5_string_to_key_derived is broken for non 3des enctypes and thus deprecated
Love Hörnquist Åstrand
2004-04-22 21:36:03 +00:00
d5f8428a44
x
Love Hörnquist Åstrand
2004-04-22 11:54:51 +00:00
e597b84708
(generate_dh_keyblock): use the new function krb5_random_to_key
Love Hörnquist Åstrand
2004-04-22 11:54:37 +00:00
fb27fb0d91
add des and DES3 random_to_key hooks, they need special processing
Love Hörnquist Åstrand
2004-04-22 11:53:12 +00:00
b17bf61cc0
(krb5_random_to_key): new function
Love Hörnquist Åstrand
2004-04-22 08:00:08 +00:00
f9a1ff77fe
document krb5_random_to_key
Love Hörnquist Åstrand
2004-04-22 07:59:32 +00:00
7298e49a3f
use the first proposed enable enctype
Love Hörnquist Åstrand
2004-04-21 15:21:05 +00:00
b8ddf0d0a7
(krb5_set_default_in_tkt_etypes): use the return from krb5_enctype_valid
Love Hörnquist Åstrand
2004-04-21 13:36:33 +00:00
35140ccefa
at least try to handle diffrent enveloped enctypes
Love Hörnquist Åstrand
2004-04-21 11:30:20 +00:00
06146a0885
x
Love Hörnquist Åstrand
2004-04-21 00:55:05 +00:00
8b7d2a4dc4
1.28.2.16: (der_get_oid): handle all oid components being smaller then 127 and allocate one extra element since first byte is split to to elements.
Love Hörnquist Åstrand
2004-04-21 00:53:58 +00:00
21139ee8f0
x
Love Hörnquist Åstrand
2004-04-19 23:30:17 +00:00
432db5d5c9
add --credential argument that just remove one credential entry out of the cache specified
Love Hörnquist Åstrand
2004-04-17 17:00:06 +00:00
627a7a31ef
x
Love Hörnquist Åstrand
2004-04-17 09:03:11 +00:00
2553080b05
replace the krb5.conf configuration option that describes the mapping between principals and subject names with a file, default /var/heimdal/pki-mapping. XXX this should be pushed into HDB XXX should add issuer too
Love Hörnquist Åstrand
2004-04-17 09:01:35 +00:00
4121fc049e
merge certificate/private_key to a user_id
Love Hörnquist Åstrand
2004-04-17 08:43:40 +00:00
e6dca71033
update prototype for pk_initialize
Love Hörnquist Åstrand
2004-04-16 09:00:18 +00:00
8bc1b3e836
merge certificate/private_key to a user_id
Love Hörnquist Åstrand
2004-04-16 00:40:21 +00:00
bb7814c980
adapt to heim_integer changes
Love Hörnquist Åstrand
2004-04-16 00:38:36 +00:00
69cdbef7a8
merge certificate/private_key to a user_id
Love Hörnquist Åstrand
2004-04-15 23:45:40 +00:00
eac2949b39
adapt to heim_integer changes merge certificate/private_key to a user_id
Love Hörnquist Åstrand
2004-04-15 23:44:02 +00:00
abc38c3ab4
use KRB5_PADATA_PK_AS_REQ_WIN free X509_STORE
Love Hörnquist Åstrand
2004-04-15 13:52:49 +00:00
4d732f1c66
x
Love Hörnquist Åstrand
2004-04-14 13:57:22 +00:00
876e4da04d
even more evil stuff for cross-compiling
Love Hörnquist Åstrand
2004-04-14 13:53:35 +00:00
d32da4ab7f
x
Love Hörnquist Åstrand
2004-04-14 12:48:20 +00:00
24072eaa7f
use AC_RUN_IFELSE so we can handle cross compiling
Love Hörnquist Åstrand
2004-04-14 12:47:37 +00:00
30d6172fe7
x
Love Hörnquist Åstrand
2004-04-13 14:35:50 +00:00
08f10ab3ca
define BUILD_KRB5_LIB when building libkrb5.la, add KRB5_LIB_FUNCTION proto
Love Hörnquist Åstrand
2004-04-13 14:35:39 +00:00
Love Hörnquist Åstrand