Use of RC4-hmac in kssl.c

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Use of RC4-hmac in kssl.c

Markus Moeller

I am using openssl with the Kerberos ciphers and a w2k3 kdc and was wondering if adding RC4-HMAC to the list for des_ede3_cbc would be OK or was there a reason not to include it ?

Thanks
Markus

/* Given KRB5 enctype (basically DES or 3DES),
** return closest match openssl EVP_ encryption algorithm.
** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.
** Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK.
*/

const EVP_CIPHER *
kssl_map_enc(krb5_enctype enctype)
{
  switch (enctype)
  {
    case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
    case ENCTYPE_DES_CBC_CRC:
    case ENCTYPE_DES_CBC_MD4:
    case ENCTYPE_DES_CBC_MD5:
    case ENCTYPE_DES_CBC_RAW:
      return EVP_des_cbc();
      break;
    case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
    case ENCTYPE_DES3_CBC_SHA:
    case ENCTYPE_DES3_CBC_RAW:
      return EVP_des_ede3_cbc();
      break;
    default: return NULL;
      break;
  }
}