oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

remove trailing whitespace

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-09-13 09:21:03 +00:00
parent e172367898
commit 6937d41a02
940 changed files with 23827 additions and 23827 deletions
Download Patch File Download Diff File Expand all files Collapse all files

324
lib/krb5/crypto.c
View File

@@ -1,34 +1,34 @@
/*
* Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "krb5_locl.h"
@@ -82,7 +82,7 @@ struct krb5_crypto_data {
struct salt_type {
krb5_salttype type;
const char *name;
krb5_error_code (*string_to_key)(krb5_context, krb5_enctype, krb5_data,
krb5_error_code (*string_to_key)(krb5_context, krb5_enctype, krb5_data,
krb5_salt, krb5_data, krb5_keyblock*);
};
@@ -146,7 +146,7 @@ struct encryption_type {
static struct checksum_type *_find_checksum(krb5_cksumtype type);
static struct encryption_type *_find_enctype(krb5_enctype type);
static struct key_type *_find_keytype(krb5_keytype type);
static krb5_error_code _get_derived_key(krb5_context, krb5_crypto,
static krb5_error_code _get_derived_key(krb5_context, krb5_crypto,
unsigned, struct key_data**);
static struct key_data *_new_derived_key(krb5_crypto crypto, unsigned usage);
static krb5_error_code derive_key(krb5_context context,
@@ -155,13 +155,13 @@ static krb5_error_code derive_key(krb5_context context,
const void *constant,
size_t len);
static krb5_error_code hmac(krb5_context context,
struct checksum_type *cm,
const void *data,
size_t len,
struct checksum_type *cm,
const void *data,
size_t len,
unsigned usage,
struct key_data *keyblock,
Checksum *result);
static void free_key_data(krb5_context,
static void free_key_data(krb5_context,
struct key_data *,
struct encryption_type *);
static krb5_error_code usage2arcfour (krb5_context, unsigned *);
@@ -219,7 +219,7 @@ krb5_DES_AFS3_CMU_string_to_key (krb5_data pw,
{
char password[8+1]; /* crypt is limited to 8 chars anyway */
int i;
for(i = 0; i < 8; i++) {
char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^
((i < cell.length) ?
@@ -308,10 +308,10 @@ DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key)
int reverse = 0;
unsigned char *p;
unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe,
unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe,
0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf };
memset(key, 0, 8);
p = (unsigned char*)key;
for (i = 0; i < length; i++) {
unsigned char tmp = data[i];
@@ -436,7 +436,7 @@ DES3_string_to_key(krb5_context context,
unsigned char tmp[24];
DES_cblock keys[3];
krb5_error_code ret;
len = password.length + salt.saltvalue.length;
str = malloc(len);
if(len != 0 && str == NULL) {
@@ -467,7 +467,7 @@ DES3_string_to_key(krb5_context context,
}
memset(&ivec, 0, sizeof(ivec));
DES_ede3_cbc_encrypt(tmp,
tmp, sizeof(tmp),
tmp, sizeof(tmp),
&s[0], &s[1], &s[2], &ivec, DES_ENCRYPT);
memset(s, 0, sizeof(s));
memset(&ivec, 0, sizeof(ivec));
@@ -548,7 +548,7 @@ DES3_random_to_key(krb5_context context,
DES_set_odd_parity(&k[i]);
if(DES_is_weak_key(&k[i]))
xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
}
}
}
/*
@@ -556,7 +556,7 @@ DES3_random_to_key(krb5_context context,
*/
static void
ARCFOUR_schedule(krb5_context context,
ARCFOUR_schedule(krb5_context context,
struct key_type *kt,
struct key_data *kd)
{
@@ -603,7 +603,7 @@ ARCFOUR_string_to_key(krb5_context context,
ret = wind_utf8ucs2(password.data, s, &len);
if (ret) {
krb5_set_error_message (context, ret,
krb5_set_error_message (context, ret,
N_("Password not an UCS2 string", ""));
goto out;
}
@@ -680,7 +680,7 @@ AES_string_to_key(krb5_context context,
ret = PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length,
salt.saltvalue.data, salt.saltvalue.length,
iter,
iter,
et->keytype->size, kd.key->keyvalue.data);
if (ret != 1) {
free_key_data(context, &kd, et);
@@ -824,8 +824,8 @@ static struct key_type keytype_des3 = {
KEYTYPE_DES3,
"des3",
168,
24,
sizeof(struct evp_schedule),
24,
sizeof(struct evp_schedule),
DES3_random_key,
evp_schedule,
des3_salt,
@@ -981,7 +981,7 @@ krb5_get_pw_salt(krb5_context context,
int i;
krb5_error_code ret;
char *p;
salt->salttype = KRB5_PW_SALT;
len = strlen(principal->realm);
for (i = 0; i < principal->name.name_string.len; ++i)
@@ -1002,7 +1002,7 @@ krb5_get_pw_salt(krb5_context context,
}
krb5_error_code KRB5_LIB_FUNCTION
krb5_free_salt(krb5_context context,
krb5_free_salt(krb5_context context,
krb5_salt salt)
{
krb5_data_free(&salt.saltvalue);
@@ -1049,7 +1049,7 @@ krb5_string_to_key_data_salt (krb5_context context,
{
krb5_data opaque;
krb5_data_zero(&opaque);
return krb5_string_to_key_data_salt_opaque(context, enctype, password,
return krb5_string_to_key_data_salt_opaque(context, enctype, password,
salt, opaque, key);
}
@@ -1075,9 +1075,9 @@ krb5_string_to_key_data_salt_opaque (krb5_context context,
enctype);
return KRB5_PROG_ETYPE_NOSUPP;
}
for(st = et->keytype->string_to_key; st && st->type; st++)
for(st = et->keytype->string_to_key; st && st->type; st++)
if(st->type == salt.salttype)
return (*st->string_to_key)(context, enctype, password,
return (*st->string_to_key)(context, enctype, password,
salt, opaque, key);
krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP,
N_("salt type %d not supported", ""),
@@ -1115,7 +1115,7 @@ krb5_string_to_key_salt_opaque (krb5_context context,
krb5_data pw;
pw.data = rk_UNCONST(password);
pw.length = strlen(password);
return krb5_string_to_key_data_salt_opaque(context, enctype,
return krb5_string_to_key_data_salt_opaque(context, enctype,
pw, salt, opaque, key);
}
@@ -1165,13 +1165,13 @@ krb5_generate_random_keyblock(krb5_context context,
return KRB5_PROG_ETYPE_NOSUPP;
}
ret = krb5_data_alloc(&key->keyvalue, et->keytype->size);
if(ret)
if(ret)
return ret;
key->keytype = type;
if(et->keytype->random_key)
(*et->keytype->random_key)(context, key);
else
krb5_generate_random_block(key->keyvalue.data,
krb5_generate_random_block(key->keyvalue.data,
key->keyvalue.length);
return 0;
}
@@ -1251,18 +1251,18 @@ RSA_MD4_checksum(krb5_context context,
}
static krb5_error_code
des_checksum(krb5_context context,
des_checksum(krb5_context context,
const EVP_MD *evp_md,
struct key_data *key,
const void *data,
size_t len,
const void *data,
size_t len,
Checksum *cksum)
{
struct evp_schedule *ctx = key->schedule->data;
EVP_MD_CTX *m;
DES_cblock ivec;
unsigned char *p = cksum->checksum.data;
krb5_generate_random_block(p, 8);
m = EVP_MD_CTX_create();
@@ -1323,10 +1323,10 @@ des_verify(krb5_context context,
}
static krb5_error_code
RSA_MD4_DES_checksum(krb5_context context,
RSA_MD4_DES_checksum(krb5_context context,
struct key_data *key,
const void *data,
size_t len,
const void *data,
size_t len,
unsigned usage,
Checksum *cksum)
{
@@ -1417,9 +1417,9 @@ SHA1_checksum(krb5_context context,
/* HMAC according to RFC2104 */
static krb5_error_code
hmac(krb5_context context,
struct checksum_type *cm,
const void *data,
size_t len,
struct checksum_type *cm,
const void *data,
size_t len,
unsigned usage,
struct key_data *keyblock,
Checksum *result)
@@ -1428,7 +1428,7 @@ hmac(krb5_context context,
unsigned char *key;
size_t key_len;
int i;
ipad = malloc(cm->blocksize + len);
if (ipad == NULL)
return ENOMEM;
@@ -1441,10 +1441,10 @@ hmac(krb5_context context,
memset(opad, 0x5c, cm->blocksize);
if(keyblock->key->keyvalue.length > cm->blocksize){
(*cm->checksum)(context,
keyblock,
keyblock->key->keyvalue.data,
keyblock->key->keyvalue.length,
(*cm->checksum)(context,
keyblock,
keyblock->key->keyvalue.data,
keyblock->key->keyvalue.length,
usage,
result);
key = result->checksum.data;
@@ -1460,9 +1460,9 @@ hmac(krb5_context context,
memcpy(ipad + cm->blocksize, data, len);
(*cm->checksum)(context, keyblock, ipad, cm->blocksize + len,
usage, result);
memcpy(opad + cm->blocksize, result->checksum.data,
memcpy(opad + cm->blocksize, result->checksum.data,
result->checksum.length);
(*cm->checksum)(context, keyblock, opad,
(*cm->checksum)(context, keyblock, opad,
cm->blocksize + cm->checksumsize, usage, result);
memset(ipad, 0, cm->blocksize + len);
free(ipad);
@@ -1477,7 +1477,7 @@ krb5_hmac(krb5_context context,
krb5_cksumtype cktype,
const void *data,
size_t len,
unsigned usage,
unsigned usage,
krb5_keyblock *key,
Checksum *result)
{
@@ -1505,9 +1505,9 @@ krb5_hmac(krb5_context context,
static krb5_error_code
SP_HMAC_SHA1_checksum(krb5_context context,
struct key_data *key,
const void *data,
size_t len,
struct key_data *key,
const void *data,
size_t len,
unsigned usage,
Checksum *result)
{
@@ -1580,12 +1580,12 @@ HMAC_MD5_checksum(krb5_context context,
}
static struct checksum_type checksum_none = {
CKSUMTYPE_NONE,
"none",
1,
0,
CKSUMTYPE_NONE,
"none",
1,
0,
NONE_checksum,
0,
NONE_checksum,
NULL
};
static struct checksum_type checksum_crc32 = {
@@ -1723,10 +1723,10 @@ _find_checksum(krb5_cksumtype type)
}
static krb5_error_code
get_checksum_key(krb5_context context,
get_checksum_key(krb5_context context,
krb5_crypto crypto,
unsigned usage, /* not krb5_key_usage */
struct checksum_type *ct,
struct checksum_type *ct,
struct key_data **key)
{
krb5_error_code ret = 0;
@@ -1742,12 +1742,12 @@ get_checksum_key(krb5_context context,
return ENOMEM;
}
ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key);
if(ret)
if(ret)
return ret;
for(i = 0; i < (*key)->key->keyvalue.length; i++)
((unsigned char*)(*key)->key->keyvalue.data)[i] ^= 0xF0;
} else {
*key = &crypto->key;
*key = &crypto->key;
}
if(ret == 0)
ret = _key_schedule(context, *key);
@@ -1766,7 +1766,7 @@ create_checksum (krb5_context context,
krb5_error_code ret;
struct key_data *dkey;
int keyed_checksum;
if (ct->flags & F_DISABLED) {
krb5_clear_error_string (context);
return KRB5_PROG_SUMTYPE_NOSUPP;
@@ -1889,7 +1889,7 @@ verify_checksum(krb5_context context,
return ret;
}
if(c.checksum.length != cksum->checksum.length ||
if(c.checksum.length != cksum->checksum.length ||
memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) {
krb5_clear_error_string (context);
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
@@ -1903,7 +1903,7 @@ verify_checksum(krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_verify_checksum(krb5_context context,
krb5_crypto crypto,
krb5_key_usage usage,
krb5_key_usage usage,
void *data,
size_t len,
Checksum *cksum)
@@ -1935,22 +1935,22 @@ krb5_crypto_get_checksum_type(krb5_context context,
krb5_cksumtype *type)
{
struct checksum_type *ct = NULL;
if (crypto != NULL) {
ct = crypto->et->keyed_checksum;
if (ct == NULL)
ct = crypto->et->checksum;
}
if (ct == NULL) {
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
N_("checksum type not found", ""));
return KRB5_PROG_SUMTYPE_NOSUPP;
}
}
*type = ct->type;
return 0;
return 0;
}
@@ -2022,9 +2022,9 @@ krb5_checksum_disable(krb5_context context,
static krb5_error_code
NULL_encrypt(krb5_context context,
struct key_data *key,
void *data,
size_t len,
struct key_data *key,
void *data,
size_t len,
krb5_boolean encryptp,
int usage,
void *ivec)
@@ -2034,9 +2034,9 @@ NULL_encrypt(krb5_context context,
static krb5_error_code
evp_encrypt(krb5_context context,
struct key_data *key,
void *data,
size_t len,
struct key_data *key,
void *data,
size_t len,
krb5_boolean encryptp,
int usage,
void *ivec)
@@ -2064,9 +2064,9 @@ evp_encrypt(krb5_context context,
#ifdef WEAK_ENCTYPES
static krb5_error_code
evp_des_encrypt_null_ivec(krb5_context context,
struct key_data *key,
void *data,
size_t len,
struct key_data *key,
void *data,
size_t len,
krb5_boolean encryptp,
int usage,
void *ignore_ivec)
@@ -2083,9 +2083,9 @@ evp_des_encrypt_null_ivec(krb5_context context,
static krb5_error_code
evp_des_encrypt_key_ivec(krb5_context context,
struct key_data *key,
void *data,
size_t len,
struct key_data *key,
void *data,
size_t len,
krb5_boolean encryptp,
int usage,
void *ignore_ivec)
@@ -2102,9 +2102,9 @@ evp_des_encrypt_key_ivec(krb5_context context,
static krb5_error_code
DES_CFB64_encrypt_null_ivec(krb5_context context,
struct key_data *key,
void *data,
size_t len,
struct key_data *key,
void *data,
size_t len,
krb5_boolean encryptp,
int usage,
void *ignore_ivec)
@@ -2120,9 +2120,9 @@ DES_CFB64_encrypt_null_ivec(krb5_context context,
static krb5_error_code
DES_PCBC_encrypt_key_ivec(krb5_context context,
struct key_data *key,
void *data,
size_t len,
struct key_data *key,
void *data,
size_t len,
krb5_boolean encryptp,
int usage,
void *ignore_ivec)
@@ -2358,7 +2358,7 @@ AES_PRF(krb5_context context,
krb5_abortx(context, "internal prf error");
derived = NULL;
ret = krb5_derive_key(context, crypto->key.key,
ret = krb5_derive_key(context, crypto->key.key,
crypto->et->type, "prf", 3, &derived);
if (ret)
krb5_abortx(context, "krb5_derive_key");
@@ -2366,14 +2366,14 @@ AES_PRF(krb5_context context,
ret = krb5_data_alloc(out, crypto->et->blocksize);
if (ret)
krb5_abortx(context, "malloc failed");
{
{
const EVP_CIPHER *c = (*crypto->et->keytype->evp)();
EVP_CIPHER_CTX ctx;
/* XXX blksz 1 for cts, so we can't use that */
EVP_CIPHER_CTX_init(&ctx); /* ivec all zero */
EVP_CipherInit_ex(&ctx, c, NULL, derived->keyvalue.data, NULL, 1);
EVP_Cipher(&ctx, out->data, result.checksum.data, 16);
EVP_Cipher(&ctx, out->data, result.checksum.data, 16);
EVP_CIPHER_CTX_cleanup(&ctx);
}
@@ -2416,7 +2416,7 @@ static struct encryption_type enctype_arcfour_hmac_md5 = {
NULL
};
#ifdef DES3_OLD_ENCTYPE
static struct encryption_type enctype_des3_cbc_md5 = {
static struct encryption_type enctype_des3_cbc_md5 = {
ETYPE_DES3_CBC_MD5,
"des3-cbc-md5",
8,
@@ -2597,7 +2597,7 @@ static struct encryption_type *etypes[] = {
&enctype_des3_cbc_none, /* used by the gss-api mech */
&enctype_arcfour_hmac_md5,
#ifdef DES3_OLD_ENCTYPE
&enctype_des3_cbc_md5,
&enctype_des3_cbc_md5,
&enctype_old_des3_cbc_sha1,
#endif
#ifdef WEAK_ENCTYPES
@@ -2681,7 +2681,7 @@ krb5_enctype_to_keytype(krb5_context context,
}
krb5_error_code KRB5_LIB_FUNCTION
krb5_enctype_valid(krb5_context context,
krb5_enctype_valid(krb5_context context,
krb5_enctype etype)
{
struct encryption_type *e = _find_enctype(etype);
@@ -2723,7 +2723,7 @@ krb5_cksumtype_to_enctype(krb5_context context,
*etype = ETYPE_NULL;
for(i = 0; i < num_etypes; i++) {
if(etypes[i]->keyed_checksum &&
if(etypes[i]->keyed_checksum &&
etypes[i]->keyed_checksum->type == ctype)
{
*etype = etypes[i]->type;
@@ -2739,7 +2739,7 @@ krb5_cksumtype_to_enctype(krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_cksumtype_valid(krb5_context context,
krb5_cksumtype_valid(krb5_context context,
krb5_cksumtype ctype)
{
struct checksum_type *c = _find_checksum(ctype);
@@ -2802,7 +2802,7 @@ encrypt_internal_derived(krb5_context context,
krb5_error_code ret;
struct key_data *dkey;
const struct encryption_type *et = crypto->et;
checksum_sz = CHECKSUMSIZE(et->keyed_checksum);
sz = et->confoundersize + len;
@@ -2813,17 +2813,17 @@ encrypt_internal_derived(krb5_context context,
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
return ENOMEM;
}
q = p;
krb5_generate_random_block(q, et->confoundersize); /* XXX */
q += et->confoundersize;
memcpy(q, data, len);
ret = create_checksum(context,
ret = create_checksum(context,
et->keyed_checksum,
crypto,
crypto,
INTEGRITY_USAGE(usage),
p,
p,
block_sz,
&cksum);
if(ret == 0 && cksum.checksum.length != checksum_sz) {
@@ -2867,9 +2867,9 @@ encrypt_internal(krb5_context context,
unsigned char *p, *q;
krb5_error_code ret;
const struct encryption_type *et = crypto->et;
checksum_sz = CHECKSUMSIZE(et->checksum);
sz = et->confoundersize + checksum_sz + len;
block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */
p = calloc(1, block_sz);
@@ -2877,7 +2877,7 @@ encrypt_internal(krb5_context context,
krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
return ENOMEM;
}
q = p;
krb5_generate_random_block(q, et->confoundersize); /* XXX */
q += et->confoundersize;
@@ -2885,11 +2885,11 @@ encrypt_internal(krb5_context context,
q += checksum_sz;
memcpy(q, data, len);
ret = create_checksum(context,
ret = create_checksum(context,
et->checksum,
crypto,
0,
p,
p,
block_sz,
&cksum);
if(ret == 0 && cksum.checksum.length != checksum_sz) {
@@ -2972,7 +2972,7 @@ decrypt_internal_derived(krb5_context context,
struct key_data *dkey;
struct encryption_type *et = crypto->et;
unsigned long l;
checksum_sz = CHECKSUMSIZE(et->keyed_checksum);
if (len < checksum_sz + et->confoundersize) {
krb5_set_error_message(context, KRB5_BAD_MSIZE,
@@ -3050,7 +3050,7 @@ decrypt_internal(krb5_context context,
Checksum cksum;
size_t checksum_sz, l;
struct encryption_type *et = crypto->et;
if ((len % et->padsize) != 0) {
krb5_clear_error_string(context);
return KRB5_BAD_MSIZE;
@@ -3063,7 +3063,7 @@ decrypt_internal(krb5_context context,
return ENOMEM;
}
memcpy(p, data, len);
ret = _key_schedule(context, &crypto->key);
if(ret) {
free(p);
@@ -3125,7 +3125,7 @@ decrypt_internal_special(krb5_context context,
return ENOMEM;
}
memcpy(p, data, len);
ret = (*et->encrypt)(context, &crypto->key, p, len, FALSE, usage, ivec);
if (ret) {
free(p);
@@ -3167,7 +3167,7 @@ find_iv(krb5_crypto_iov *data, int num_data, int type)
* @ingroup krb5_crypto
*
* Kerberos encrypted data look like this:
*
*
* 1. KRB5_CRYPTO_TYPE_HEADER
* 2. array KRB5_CRYPTO_TYPE_DATA and KRB5_CRYPTO_TYPE_SIGN_ONLY in
* any order, however the receiver have to aware of the
@@ -3193,15 +3193,15 @@ krb5_encrypt_iov_ivec(krb5_context context,
struct key_data *dkey;
const struct encryption_type *et = crypto->et;
krb5_crypto_iov *tiv, *piv, *hiv;
if(!derived_crypto(context, crypto)) {
if(!derived_crypto(context, crypto)) {
krb5_clear_error_string(context);
return KRB5_CRYPTO_INTERNAL;
}
headersz = et->confoundersize;
trailersz = CHECKSUMSIZE(et->keyed_checksum);
for (len = 0, i = 0; i < num_data; i++) {
if (data[i].flags != KRB5_CRYPTO_TYPE_HEADER &&
data[i].flags == KRB5_CRYPTO_TYPE_DATA) {
@@ -3269,11 +3269,11 @@ krb5_encrypt_iov_ivec(krb5_context context,
q += data[i].data.length;
}
ret = create_checksum(context,
ret = create_checksum(context,
et->keyed_checksum,
crypto,
crypto,
INTEGRITY_USAGE(usage),
p,
p,
len,
&cksum);
free(p);
@@ -3393,15 +3393,15 @@ krb5_decrypt_iov_ivec(krb5_context context,
struct key_data *dkey;
struct encryption_type *et = crypto->et;
krb5_crypto_iov *tiv, *hiv;
if(!derived_crypto(context, crypto)) {
if(!derived_crypto(context, crypto)) {
krb5_clear_error_string(context);
return KRB5_CRYPTO_INTERNAL;
}
headersz = et->confoundersize;
trailersz = CHECKSUMSIZE(et->keyed_checksum);
for (len = 0, i = 0; i < num_data; i++)
if (data[i].flags == KRB5_CRYPTO_TYPE_DATA)
len += data[i].data.length;
@@ -3549,7 +3549,7 @@ krb5_create_checksum_iov(krb5_context context,
size_t len;
char *p, *q;
if(!derived_crypto(context, crypto)) {
if(!derived_crypto(context, crypto)) {
krb5_clear_error_string(context);
return KRB5_CRYPTO_INTERNAL;
}
@@ -3635,7 +3635,7 @@ krb5_encrypt_ivec(krb5_context context,
void *ivec)
{
if(derived_crypto(context, crypto))
return encrypt_internal_derived(context, crypto, usage,
return encrypt_internal_derived(context, crypto, usage,
data, len, result, ivec);
else if (special_crypto(context, crypto))
return encrypt_internal_special (context, crypto, usage,
@@ -3683,7 +3683,7 @@ krb5_decrypt_ivec(krb5_context context,
void *ivec)
{
if(derived_crypto(context, crypto))
return decrypt_internal_derived(context, crypto, usage,
return decrypt_internal_derived(context, crypto, usage,
data, len, result, ivec);
else if (special_crypto (context, crypto))
return decrypt_internal_special(context, crypto, usage,
@@ -3711,7 +3711,7 @@ krb5_decrypt_EncryptedData(krb5_context context,
const EncryptedData *e,
krb5_data *result)
{
return krb5_decrypt(context, crypto, usage,
return krb5_decrypt(context, crypto, usage,
e->cipher.data, e->cipher.length, result);
}
@@ -3758,7 +3758,7 @@ seed_something(void)
krb5_free_context(context);
}
}
if (RAND_status() == 1) {
/* Update the seed file */
if (seedfile[0])
@@ -3773,7 +3773,7 @@ void KRB5_LIB_FUNCTION
krb5_generate_random_block(void *buf, size_t len)
{
static int rng_initialized = 0;
HEIMDAL_MUTEX_lock(&crypto_mutex);
if (!rng_initialized) {
if (seed_something())
@@ -3829,7 +3829,7 @@ derive_key(krb5_context context,
}
for(i = 0; i < nblocks; i++) {
if(i > 0)
memcpy(k + i * et->blocksize,
memcpy(k + i * et->blocksize,
k + (i - 1) * et->blocksize,
et->blocksize);
(*et->encrypt)(context, key, k + i * et->blocksize, et->blocksize,
@@ -3860,7 +3860,7 @@ derive_key(krb5_context context,
}
free(c);
}
/* XXX keytype dependent post-processing */
switch(kt->type) {
case KEYTYPE_DES3:
@@ -3930,14 +3930,14 @@ krb5_derive_key(krb5_context context,
ret = derive_key(context, et, &d, constant, constant_len);
if (ret == 0)
ret = krb5_copy_keyblock(context, d.key, derived_key);
free_key_data(context, &d, et);
free_key_data(context, &d, et);
return ret;
}
static krb5_error_code
_get_derived_key(krb5_context context,
krb5_crypto crypto,
unsigned usage,
_get_derived_key(krb5_context context,
krb5_crypto crypto,
unsigned usage,
struct key_data **key)
{
int i;
@@ -4029,7 +4029,7 @@ krb5_crypto_destroy(krb5_context context,
krb5_crypto crypto)
{
int i;
for(i = 0; i < crypto->num_key_usage; i++)
free_key_usage(context, &crypto->key_usage[i], crypto->et);
free(crypto->key_usage);
@@ -4059,7 +4059,7 @@ krb5_crypto_getenctype(krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_crypto_getpadsize(krb5_context context,
krb5_crypto crypto,
size_t *padsize)
size_t *padsize)
{
*padsize = crypto->et->padsize;
return 0;
@@ -4179,7 +4179,7 @@ krb5_string_to_key_derived(krb5_context context,
DES3_postproc (context, tmp, keylen, &kd); /* XXX */
memset(tmp, 0, keylen);
free(tmp);
ret = derive_key(context,
ret = derive_key(context,
et,
&kd,
"kerberos", /* XXX well known constant */
@@ -4295,7 +4295,7 @@ krb5_random_to_key(krb5_context context,
krb5_error_code ret;
struct encryption_type *et = _find_enctype(type);
if(et == NULL) {
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
N_("encryption type %d not supported", ""),
type);
return KRB5_PROG_ETYPE_NOSUPP;
@@ -4309,7 +4309,7 @@ krb5_random_to_key(krb5_context context,
return KRB5_PROG_ETYPE_NOSUPP;
}
ret = krb5_data_alloc(&key->keyvalue, et->keytype->size);
if(ret)
if(ret)
return ret;
key->keytype = type;
if (et->keytype->random_to_key)
@@ -4450,8 +4450,8 @@ encode_otherinfo(krb5_context context,
otherinfo.algorithmID = *ai;
otherinfo.suppPubInfo = &pub;
ASN1_MALLOC_ENCODE(PkinitSP80056AOtherInfo, other->data, other->length,
ASN1_MALLOC_ENCODE(PkinitSP80056AOtherInfo, other->data, other->length,
&otherinfo, &size, ret);
free(otherinfo.partyUInfo.data);
free(otherinfo.partyVInfo.data);
@@ -4493,8 +4493,8 @@ _krb5_pk_kdf(krb5_context context,
return KRB5_PROG_ETYPE_NOSUPP;
}
if (ai->parameters != NULL &&
(ai->parameters->length != 2 ||
memcmp(ai->parameters->data, "\x05\x00", 2) != 0))
(ai->parameters->length != 2 ||
memcmp(ai->parameters->data, "\x05\x00", 2) != 0))
{
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
N_("kdf params not NULL or the NULL-type",
@@ -4517,7 +4517,7 @@ _krb5_pk_kdf(krb5_context context,
return ENOMEM;
}
ret = encode_otherinfo(context, ai, client, server,
ret = encode_otherinfo(context, ai, client, server,
enctype, as_req, pk_as_rep, ticket, &other);
if (ret) {
free(keydata);
@@ -4577,7 +4577,7 @@ krb5_crypto_prf_length(krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_crypto_prf(krb5_context context,
const krb5_crypto crypto,
const krb5_data *input,
const krb5_data *input,
krb5_data *output)
{
struct encryption_type *et = crypto->et;