RFC Errata
RFC 4757, "The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows", December 2006
Note: This RFC has been updated by RFC 6649
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 1648
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Ganga Mahesh Siddem
Date Reported: 2008-12-31
Rejected by: Sean Turner
Date Rejected: 2011-06-28
Section 7.3 says:
Kcrypt = HMAC(Klocal, "fortybits", (int32)0); // len includes terminating null Kseq = HMAC(Kss, "fortybits", (int32)0); // len includes terminating null
It should say:
Kcrypt = HMAC(Klocal,(int32)0, "fortybits"); // len includes terminating null Kseq = HMAC(Kss, (int32)0,"fortybits"); // len includes terminating null
Notes:
Larry Zhu confirmed this issue.Misordered arguments in HMAC function.
--VERIFIER NOTES--
I checked with Magnus Nystrom. He said their implementation is equal to the RFC.