[20408] in Kerberos_V5_Development
Session Key through GSS-API
daemon@ATHENA.MIT.EDU (Stephen Brown via krbdev)
Tue Feb 28 12:03:53 2023
To: "krbdev@mit.edu" <krbdev@mit.edu>
Date: Tue, 28 Feb 2023 13:17:24 +0000
Message-ID: <SN4PR13MB527934F3E8134C26F11B473A91AC9@SN4PR13MB5279.namprd13.prod.outlook.com>
MIME-Version: 1.0
Content-Language: en-US
From: Stephen Brown via krbdev <krbdev@mit.edu>
Reply-To: Stephen Brown <Stephen.Brown@progress.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Hi All,
My application is using Kerberos via GSS-API but needs to access the session key. I saw that I can call gss_inquire_sec_context_by_oid() passing in GSS_C_INQ_SSPI_SESSION_KEY. However it looks like the key returned by this method is obtained via krb5_auth_con_getsendsubkey() which is the sub-session key (I believe) and not what I need. I've verified that krb5_auth_con_getkey() does return the key that I need. But I didn't see any way of accessing it through the GSS-API. Is there a way to obtain the session key through GSS-API? Or any other thoughts/suggestions?
Thanks,
Stephen
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
