add krb5_is_enctype_weak

2011-09-26 08:47:32 +02:00
parent 9a127beb26
commit 777b24fbb5
3 changed files with 22 additions and 0 deletions
--- a/lib/krb5/crypto.c
+++ b/lib/krb5/crypto.c
@@ -2280,6 +2280,26 @@ krb5_allow_weak_crypto(krb5_context context,
    return 0;
 }

+/**
+ * Returns is the encryption is strong or weak
+ *
+ * @param context Kerberos 5 context
+ * @param enctype encryption type to probe
+ *
+ * @return Returns true if encryption type is weak or is not supported.
+ *
+ * @ingroup krb5_crypto
+ */
+
+KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
+krb5_is_enctype_weak(krb5_context context, krb5_enctype enctype)
+{
+    struct _krb5_encryption_type *et = _krb5_find_enctype(enctype);
+    if(et == NULL || (et->flags & F_WEAK))
+	return TRUE;
+    return FALSE;
+}
+
 static size_t
 wrapped_length (krb5_context context,
 		krb5_crypto  crypto,
--- a/lib/krb5/libkrb5-exports.def.in
+++ b/lib/krb5/libkrb5-exports.def.in
@@ -387,6 +387,7 @@ EXPORTS
 	krb5_init_ets
 	krb5_initlog
 	krb5_is_config_principal
+	krb5_is_enctype_weak
 	krb5_is_thread_safe
 #ifdef HAVE_KCM
 	krb5_kcm_call
--- a/lib/krb5/version-script.map
+++ b/lib/krb5/version-script.map
@@ -387,6 +387,7 @@ HEIMDAL_KRB5_2.0 {
 		krb5_init_ets;
 		krb5_initlog;
 		krb5_is_config_principal;
+		krb5_is_enctype_weak;
 		krb5_is_thread_safe;
 		krb5_kcm_call;
 		krb5_kcm_storage_request;