backup key protocol implementation and impacts on heimdal
Love Hörnquist Åstrand
lha at kth.se
Sun Oct 3 15:56:33 MDT 2010
2 okt 2010 kl. 14:34 skrev Matthieu Patou:
> I finally managed to have a working implementation of backup key remote protocol.
>
> We have still an issue when we are generating the key first but I'm hoping for microsoft to provide us explanation of what's wrong.
>
> Basically I need only 1 small change in heimdal to make it work (see attached patch), it's in order to make find_private_alg non static.
>
> This function is used in get_pk_from_raw_keypair_params, this function creates a hx509_private_key out of the different raw rsa parameters stored in the active directory (modulus, private exponent, public exponent, coefficient, ...).
>
> By the way the solution I used to cope with the fact that we have the private in this "form" is to allocate a RSA object, set the different attribute with the raw blobs stored in the AD (they have been converted to BN just before) and then assign it to a hx509_private_key object (with _hx509_private_key_assign_rsa).
If we make hx509_parse_private_key() support the msft format, then we wont need your patch ?
Where can I find your patchset ?
Love
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3815 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20101003/4753cbad/attachment.bin>
More information about the samba-technical
mailing list