use new master key functions

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3369 ec53bebd-3082-4978-b11e-865c3cabbd6b

kdc/main.c

@@ -52,38 +52,24 @@ sigterm(int sig)
 int
 main(int argc, char **argv)
 {
-    int c;
+    krb5_error_code ret;
+    EncryptionKey key;
     set_progname(argv[0]);
     
     krb5_init_context(&context);
 
     configure(argc, argv);
 
-    if(keyfile){
+    ret = hdb_read_master_key(context, keyfile, &key);
-	FILE *f;
+    if(ret && ret != ENOENT)
-	size_t len;
+	krb5_err(context, 1, ret, "Failed to open master key file");
-	unsigned char buf[1024];
+    if(ret == 0){
-	EncryptionKey key;
+	set_master_key(key);
-	f = fopen(keyfile, "r");
-	if(f == NULL){
-	    kdc_log(0, "Failed to open master key file %s", keyfile);
-	    exit(1);
-	}
-	len = fread(buf, 1, sizeof(buf), f);
-	fclose(f);
-	if(decode_EncryptionKey(buf, len, &key, &len)){
-	    kdc_log(0, "Failed to parse contents of master key file %s", keyfile);
-	    exit(1);
-	}	    
-	set_master_key(&key);
 	memset(key.keyvalue.data, 0, key.keyvalue.length);
 	free_EncryptionKey(&key);
-    }else{
+	kdc_log(5, "Database is encrypted");
-	des_cblock key;
+    }else
-	des_new_random_key(&key);
+	kdc_log(5, "Database is not encrypted");
-	memset(&key, 0, sizeof(key));
-    }
-
     
     signal(SIGINT, sigterm);
     loop();

kdc/misc.c

@@ -66,16 +66,17 @@ db_fetch(krb5_principal principal)
     return ent;
 }
 
-static des_key_schedule master_key;
+static krb5_data master_key;
 static int master_key_set;
 
 void
-set_master_key(EncryptionKey *key)
+set_master_key(EncryptionKey key)
 {
-    if(key->keytype != KEYTYPE_DES || key->keyvalue.length != 8)
+    krb5_error_code ret;
-	abort();
+    ret = hdb_process_master_key(context, key, &master_key);
-    des_set_random_generator_seed(key->keyvalue.data);
+    if(ret)
-    des_set_key(key->keyvalue.data, master_key);
+	krb5_err(context, 1, ret, "Error processing master key file");
+    des_set_random_generator_seed(key.keyvalue.data);
     master_key_set = 1;
 }