Handle diffrences between libhcrypto and libcrypto.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17111 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
21
kdc/pkinit.c
21
kdc/pkinit.c
@@ -190,9 +190,7 @@ generate_dh_keyblock(krb5_context context, pk_client_params *client_params,
|
|||||||
memset(&key, 0, sizeof(key));
|
memset(&key, 0, sizeof(key));
|
||||||
|
|
||||||
if (!DH_generate_key(client_params->dh)) {
|
if (!DH_generate_key(client_params->dh)) {
|
||||||
krb5_set_error_string(context, "Can't generate Diffie-Hellman "
|
krb5_set_error_string(context, "Can't generate Diffie-Hellman keys");
|
||||||
"keys (%s)",
|
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
|
||||||
ret = KRB5KRB_ERR_GENERIC;
|
ret = KRB5KRB_ERR_GENERIC;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
@@ -219,8 +217,7 @@ generate_dh_keyblock(krb5_context context, pk_client_params *client_params,
|
|||||||
client_params->dh_public_key,
|
client_params->dh_public_key,
|
||||||
client_params->dh);
|
client_params->dh);
|
||||||
if (dh_gen_keylen == -1) {
|
if (dh_gen_keylen == -1) {
|
||||||
krb5_set_error_string(context, "Can't compute Diffie-Hellman key (%s)",
|
krb5_set_error_string(context, "Can't compute Diffie-Hellman key");
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
|
||||||
ret = KRB5KRB_ERR_GENERIC;
|
ret = KRB5KRB_ERR_GENERIC;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
@@ -250,7 +247,7 @@ integer_to_BN(krb5_context context, const char *field, heim_integer *f)
|
|||||||
krb5_set_error_string(context, "PKINIT: parsing BN failed %s", field);
|
krb5_set_error_string(context, "PKINIT: parsing BN failed %s", field);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
bn->neg = f->negative;
|
BN_set_negative(bn, f->negative);
|
||||||
return bn;
|
return bn;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -305,8 +302,7 @@ get_dh_param(krb5_context context,
|
|||||||
|
|
||||||
dh = DH_new();
|
dh = DH_new();
|
||||||
if (dh == NULL) {
|
if (dh == NULL) {
|
||||||
krb5_set_error_string(context, "Cannot create DH structure (%s)",
|
krb5_set_error_string(context, "Cannot create DH structure");
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
|
||||||
ret = ENOMEM;
|
ret = ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
@@ -342,9 +338,10 @@ get_dh_param(krb5_context context,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (DH_check(dh, &dhret) != 1) {
|
|
||||||
krb5_set_error_string(context, "PKINIT DH data not ok: %s",
|
if (DH_check_pubkey(dh, client_params->dh_public_key, &dhret) != 1 ||
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
dhret != 0) {
|
||||||
|
krb5_set_error_string(context, "PKINIT DH data not ok");
|
||||||
ret = KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED;
|
ret = KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
@@ -691,7 +688,7 @@ BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer)
|
|||||||
return ENOMEM;
|
return ENOMEM;
|
||||||
}
|
}
|
||||||
BN_bn2bin(bn, integer->data);
|
BN_bn2bin(bn, integer->data);
|
||||||
integer->negative = bn->neg;
|
integer->negative = BN_is_negative(bn);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user