RFC 3961 says the simplified profile PRF should truncate the hash
output to "multiple of m", which MIT krb5 interprets as the largest
possible multiple of m. RFC 6113 appendix A also uses that
interpretation for the KRB-FX-CF2 test vector. So the DES3 PRF should
truncate the 20-byte SHA-1 result to 16 bytes, not 8. Also make
krb5_crypto_prf_length work with DES3 by giving the DES3 enctype a
non-zero PRF length.
Signed-off-by: Nicolas Williams <nico@cryptonector.com>
Greg Hudson
cdf39f1369