From 713ea798a8a5ebea327720b1ba05e2294c4daf7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Mon, 26 Apr 2004 21:21:54 +0000 Subject: [PATCH] use krb5_enctype_to_oid git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13816 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/pkinit.c | 43 ++++++++++++++++--------------------------- 1 file changed, 16 insertions(+), 27 deletions(-) diff --git a/kdc/pkinit.c b/kdc/pkinit.c index 8543f9e9f..e50037ef6 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -599,25 +599,6 @@ pk_mk_pa_reply_enckey(krb5_context context, } } - switch (enveloped_enctype) { - case ETYPE_DES3_CBC_NONE: - ret = krb5_data_alloc(&iv, 8); - if (ret) { - krb5_set_error_string(context, "malloc out of memory"); - goto out; - } - break; - default: - krb5_set_error_string(context, "not support for enctype %d", - enveloped_enctype); - ret = KRB5_PROG_KEYTYPE_NOSUPP; - goto out; - } - - enc_alg = &ed.encryptedContentInfo.contentEncryptionAlgorithm; - - krb5_generate_random_block(iv.data, iv.length); - ret = krb5_generate_random_keyblock(context, enveloped_enctype, &tmp_key); if (ret) goto out; @@ -626,17 +607,25 @@ pk_mk_pa_reply_enckey(krb5_context context, if (ret) goto out; - switch (enveloped_enctype) { - case ETYPE_DES3_CBC_NONE: - copy_oid(&heim_des_ede3_cbc_oid, &enc_alg->algorithm); - break; - default: - krb5_set_error_string(context, "PKINIT no support for enctype %d", - enveloped_enctype); - ret = KRB5_PROG_KEYTYPE_NOSUPP; + + ret = krb5_crypto_getblocksize(context, crypto, &iv.length); + if (ret) + goto out; + + ret = krb5_data_alloc(&iv, iv.length); + if (ret) { + krb5_set_error_string(context, "malloc out of memory"); goto out; } + krb5_generate_random_block(iv.data, iv.length); + + enc_alg = &ed.encryptedContentInfo.contentEncryptionAlgorithm; + + ret = krb5_enctype_to_oid(context, enveloped_enctype, &enc_alg->algorithm); + if (ret) + goto out; + ret = krb5_crypto_set_params(context, crypto, &iv, ¶ms); if (ret) goto out;