oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

use krb5_oid_to_enctype and remove all oids that are no longer needed

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13817 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2004-04-26 21:23:42 +00:00
parent 713ea798a8
commit 0d09bd5540
1 changed files with 5 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
lib/krb5/pkinit.c
View File

@@ -111,26 +111,6 @@ static unsigned sha1WithRSAEncryption_num[] =
{ 1, 2, 840, 113549, 1, 1, 5 }; { 1, 2, 840, 113549, 1, 1, 5 };
heim_oid heim_sha1WithRSAEncryption_oid = heim_oid heim_sha1WithRSAEncryption_oid =
oid_enc(sha1WithRSAEncryption_num); oid_enc(sha1WithRSAEncryption_num);
static unsigned rc2CBC_num[] =
{ 1, 2, 840, 113549, 3, 2 };
heim_oid heim_rc2CBC_oid =
oid_enc(rc2CBC_num);
static unsigned des_ede3_cbc_num[] =
{ 1, 2, 840, 113549, 3, 7 };
heim_oid heim_des_ede3_cbc_oid =
oid_enc(des_ede3_cbc_num);
static unsigned des_aes_128_cbc_num[] =
{ 2, 16, 840, 1, 101, 3, 4, 1, 2 };
heim_oid heim_aes_128_cbc_oid =
oid_enc(des_aes_128_cbc_num);
static unsigned des_aes_192_cbc_num[] =
{ 2, 16, 840, 1, 101, 3, 4, 1, 22 };
heim_oid heim_aes_192_cbc_oid =
oid_enc(des_aes_192_cbc_num);
static unsigned des_aes_256_cbc_num[] =
{ 2, 16, 840, 1, 101, 3, 4, 1, 42 };
heim_oid heim_aes_256_cbc_oid =
oid_enc(des_aes_256_cbc_num);
static unsigned pkcs7_data_num[] = static unsigned pkcs7_data_num[] =
{ 1, 2, 840, 113549, 1, 7, 1 }; { 1, 2, 840, 113549, 1, 7, 1 };
heim_oid pkcs7_data_oid = heim_oid pkcs7_data_oid =
@@ -1344,24 +1324,17 @@ pk_rd_pa_reply_enckey(krb5_context context,
params.data = ed.encryptedContentInfo.contentEncryptionAlgorithm.parameters->data; params.data = ed.encryptedContentInfo.contentEncryptionAlgorithm.parameters->data;
params.length = ed.encryptedContentInfo.contentEncryptionAlgorithm.parameters->length; params.length = ed.encryptedContentInfo.contentEncryptionAlgorithm.parameters->length;
/* XXXX krb5_crypto_oid2enctype */ ret = krb5_oid_to_enctype(context,
if (heim_oid_cmp(&ed.encryptedContentInfo.contentEncryptionAlgorithm.algorithm, &heim_rc2CBC_oid) == 0) { &ed.encryptedContentInfo.contentEncryptionAlgorithm.algorithm,
tmp_key.keytype = ETYPE_RC2_CBC_NONE; &tmp_key.keytype);
} else if (heim_oid_cmp(&ed.encryptedContentInfo.contentEncryptionAlgorithm.algorithm, &heim_des_ede3_cbc_oid) == 0) { if (ret)
tmp_key.keytype = ETYPE_DES3_CBC_NONE;
} else {
krb5_set_error_string(context, "PKINIT no support for oid "
"in contentEncryptionAlgorithm");
ret = KRB5KRB_AP_ERR_BADKEYVER;
goto out; goto out;
}
ret = krb5_crypto_init(context, &tmp_key, 0, &crypto); ret = krb5_crypto_init(context, &tmp_key, 0, &crypto);
if (ret) if (ret)
goto out; goto out;
ret = krb5_crypto_get_params(context, crypto, &params, ret = krb5_crypto_get_params(context, crypto, &params, &ivec);
&ivec);
if (ret) if (ret)
goto out; goto out;