use krb5_generate_subkey_extended()

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14452 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-01-05 02:34:08 +00:00
parent 847cb0fa5b
commit 52594dcc54
2 changed files with 20 additions and 2 deletions
--- a/lib/krb5/auth_context.c
+++ b/lib/krb5/auth_context.c
@@ -322,7 +322,9 @@ krb5_auth_con_generatelocalsubkey(krb5_context context,
    krb5_error_code ret;
    krb5_keyblock *subkey;

-    ret = krb5_generate_subkey (context, key, &subkey);
+    ret = krb5_generate_subkey_extended (context, key,
+					 auth_context->keytype,
+					 &subkey);
    if(ret)
 	return ret;
    if(auth_context->local_subkey)
--- a/lib/krb5/generate_subkey.c
+++ b/lib/krb5/generate_subkey.c
@@ -39,6 +39,15 @@ krb5_error_code KRB5_LIB_FUNCTION
 krb5_generate_subkey(krb5_context context,
 		     const krb5_keyblock *key,
 		     krb5_keyblock **subkey)
+{
+    return krb5_generate_subkey_extended(context, key, key->keytype, subkey);
+}
+
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_generate_subkey_extended(krb5_context context,
+			      const krb5_keyblock *key,
+			      krb5_enctype etype,
+			      krb5_keyblock **subkey)
 {
    krb5_error_code ret;

@@ -47,8 +56,15 @@ krb5_generate_subkey(krb5_context context,
 	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
    }
-    ret = krb5_generate_random_keyblock(context, key->keytype, *subkey);
+
+    if (etype == ETYPE_NULL)
+	etype = key->keytype; /* use session key etype */
+
+    /* XXX should we use the session key as input to the RF? */
+    ret = krb5_generate_random_keyblock(context, etype, *subkey);
    if(ret)
 	free(*subkey);
+
    return ret;
 }
+