backup key protocol implementation and impacts on heimdal
abartlet at samba.org
Sun Oct 3 16:18:03 MDT 2010
On Sun, 2010-10-03 at 21:56 +0000, Love Hörnquist Åstrand wrote:
> 2 okt 2010 kl. 14:34 skrev Matthieu Patou:
> > I finally managed to have a working implementation of backup key remote protocol.
> > We have still an issue when we are generating the key first but I'm hoping for microsoft to provide us explanation of what's wrong.
> > Basically I need only 1 small change in heimdal to make it work (see attached patch), it's in order to make find_private_alg non static.
> > This function is used in get_pk_from_raw_keypair_params, this function creates a hx509_private_key out of the different raw rsa parameters stored in the active directory (modulus, private exponent, public exponent, coefficient, ...).
> > By the way the solution I used to cope with the fact that we have the private in this "form" is to allocate a RSA object, set the different attribute with the raw blobs stored in the AD (they have been converted to BN just before) and then assign it to a hx509_private_key object (with _hx509_private_key_assign_rsa).
> If we make hx509_parse_private_key() support the msft format, then we wont need your patch ?
> Where can I find your patchset ?
I found it at:
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 190 bytes
Desc: This is a digitally signed message part
More information about the samba-technical