[29501] in CVS-changelog-for-Kerberos-V5
krb5 commit: Add a PKINIT test using RSA
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Jul 20 11:26:16 2016
Date: Wed, 20 Jul 2016 11:26:12 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201607201526.u6KFQCut017609@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/b55c2ecf1e938132524f2bc079ec1ba3734b0383
commit b55c2ecf1e938132524f2bc079ec1ba3734b0383
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed May 4 11:25:32 2016 -0400
Add a PKINIT test using RSA
In t_pkinit.py, add a simple PKINIT test using RSA encryption instead
of a Diffie-Hellman exchange.
src/tests/t_pkinit.py | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/src/tests/t_pkinit.py b/src/tests/t_pkinit.py
index f0214b6..526473b 100755
--- a/src/tests/t_pkinit.py
+++ b/src/tests/t_pkinit.py
@@ -111,6 +111,12 @@ realm.kinit(realm.user_princ,
realm.klist(realm.user_princ)
realm.run([kvno, realm.host_princ])
+# Try again using RSA instead of DH.
+realm.kinit(realm.user_princ,
+ flags=['-X', 'X509_user_identity=%s' % file_identity,
+ '-X', 'flag_RSA_PROTOCOL=yes'])
+realm.klist(realm.user_princ)
+
# Run the basic test - PKINIT with FILE: identity, with a password on the key,
# supplied by the prompter.
# Expect failure if the responder does nothing, and we have no prompter.
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
