oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

switch to KRB5_ENCTYPE

Browse Source
This commit is contained in:
Love Hörnquist Åstrand
2011-07-24 16:02:22 -07:00
parent c97322adf2
commit 8060a561db
17 changed files with 65 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/gssapi/krb5/arcfour.c
View File

@@ -86,7 +86,7 @@ arcfour_mic_key(krb5_context context, krb5_keyblock *key,
cksum_k5.checksum.data = k5_data;
cksum_k5.checksum.length = sizeof(k5_data);
if (key->keytype == ENCTYPE_ARCFOUR_HMAC_MD5_56) {
if (key->keytype == KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56) {
char L40[14] = "fortybits";
memcpy(L40 + 10, T, sizeof(T));
@@ -100,7 +100,7 @@ arcfour_mic_key(krb5_context context, krb5_keyblock *key,
if (ret)
return ret;
key5.keytype = ENCTYPE_ARCFOUR_HMAC_MD5;
key5.keytype = KRB5_ENCTYPE_ARCFOUR_HMAC_MD5;
key5.keyvalue = cksum_k5.checksum;
cksum_k6.checksum.data = key6_data;

15
lib/gssapi/krb5/get_mic.c
View File

@@ -285,7 +285,6 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_get_mic
const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle;
krb5_keyblock *key;
OM_uint32 ret;
krb5_keytype keytype;
GSSAPI_KRB5_INIT (&context);
@@ -300,10 +299,11 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_get_mic
*minor_status = ret;
return GSS_S_FAILURE;
}
krb5_enctype_to_keytype (context, key->keytype, &keytype);
switch (keytype) {
case KEYTYPE_DES :
switch (key->keytype) {
case KRB5_ENCTYPE_DES_CBC_CRC :
case KRB5_ENCTYPE_DES_CBC_MD4 :
case KRB5_ENCTYPE_DES_CBC_MD5 :
#ifdef HEIM_WEAK_CRYPTO
ret = mic_des (minor_status, ctx, context, qop_req,
message_buffer, message_token, key);
@@ -311,12 +311,13 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_get_mic
ret = GSS_S_FAILURE;
#endif
break;
case KEYTYPE_DES3 :
case KRB5_ENCTYPE_DES3_CBC_MD5 :
case KRB5_ENCTYPE_DES3_CBC_SHA1 :
ret = mic_des3 (minor_status, ctx, context, qop_req,
message_buffer, message_token, key);
break;
case KEYTYPE_ARCFOUR:
case KEYTYPE_ARCFOUR_56:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56:
ret = _gssapi_get_mic_arcfour (minor_status, ctx, context, qop_req,
message_buffer, message_token, key);
break;

2
lib/gssapi/krb5/test_cfx.c
View File

@@ -148,7 +148,7 @@ main(int argc, char **argv)
errx(1, "krb5_context_init: %d", ret);
ret = krb5_generate_random_keyblock(context,
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96,
&keyblock);
if (ret)
krb5_err(context, 1, ret, "krb5_generate_random_keyblock");

15
lib/gssapi/krb5/unwrap.c
View File

@@ -392,7 +392,6 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_unwrap
krb5_keyblock *key;
krb5_context context;
OM_uint32 ret;
krb5_keytype keytype;
gsskrb5_ctx ctx = (gsskrb5_ctx) context_handle;
output_message_buffer->value = NULL;
@@ -414,12 +413,13 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_unwrap
*minor_status = ret;
return GSS_S_FAILURE;
}
krb5_enctype_to_keytype (context, key->keytype, &keytype);
*minor_status = 0;
switch (keytype) {
case KEYTYPE_DES :
switch (key->keytype) {
case KRB5_ENCTYPE_DES_CBC_CRC :
case KRB5_ENCTYPE_DES_CBC_MD4 :
case KRB5_ENCTYPE_DES_CBC_MD5 :
#ifdef HEIM_WEAK_CRYPTO
ret = unwrap_des (minor_status, ctx,
input_message_buffer, output_message_buffer,
@@ -428,13 +428,14 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_unwrap
ret = GSS_S_FAILURE;
#endif
break;
case KEYTYPE_DES3 :
case KRB5_ENCTYPE_DES3_CBC_MD5 :
case KRB5_ENCTYPE_DES3_CBC_SHA1 :
ret = unwrap_des3 (minor_status, ctx, context,
input_message_buffer, output_message_buffer,
conf_state, qop_state, key);
break;
case KEYTYPE_ARCFOUR:
case KEYTYPE_ARCFOUR_56:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56:
ret = _gssapi_unwrap_arcfour (minor_status, ctx, context,
input_message_buffer, output_message_buffer,
conf_state, qop_state, key);

16
lib/gssapi/krb5/verify_mic.c
View File

@@ -281,7 +281,6 @@ _gsskrb5_verify_mic_internal
{
krb5_keyblock *key;
OM_uint32 ret;
krb5_keytype keytype;
if (ctx->more_flags & IS_CFX)
return _gssapi_verify_mic_cfx (minor_status, ctx,
@@ -296,9 +295,11 @@ _gsskrb5_verify_mic_internal
return GSS_S_FAILURE;
}
*minor_status = 0;
krb5_enctype_to_keytype (context, key->keytype, &keytype);
switch (keytype) {
case KEYTYPE_DES :
switch (key->keytype) {
case KRB5_ENCTYPE_DES_CBC_CRC :
case KRB5_ENCTYPE_DES_CBC_MD4 :
case KRB5_ENCTYPE_DES_CBC_MD5 :
#ifdef HEIM_WEAK_CRYPTO
ret = verify_mic_des (minor_status, ctx, context,
message_buffer, token_buffer, qop_state, key,
@@ -307,13 +308,14 @@ _gsskrb5_verify_mic_internal
ret = GSS_S_FAILURE;
#endif
break;
case KEYTYPE_DES3 :
case KRB5_ENCTYPE_DES3_CBC_MD5 :
case KRB5_ENCTYPE_DES3_CBC_SHA1 :
ret = verify_mic_des3 (minor_status, ctx, context,
message_buffer, token_buffer, qop_state, key,
type);
break;
case KEYTYPE_ARCFOUR :
case KEYTYPE_ARCFOUR_56 :
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56:
ret = _gssapi_verify_mic_arcfour (minor_status, ctx,
context,
message_buffer, token_buffer,

29
lib/gssapi/krb5/wrap.c
View File

@@ -147,7 +147,6 @@ _gsskrb5_wrap_size_limit (
krb5_context context;
krb5_keyblock *key;
OM_uint32 ret;
krb5_keytype keytype;
const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle;
GSSAPI_KRB5_INIT (&context);
@@ -164,23 +163,25 @@ _gsskrb5_wrap_size_limit (
*minor_status = ret;
return GSS_S_FAILURE;
}
krb5_enctype_to_keytype (context, key->keytype, &keytype);
switch (keytype) {
case KEYTYPE_DES :
switch (key->keytype) {
case KRB5_ENCTYPE_DES_CBC_CRC :
case KRB5_ENCTYPE_DES_CBC_MD4 :
case KRB5_ENCTYPE_DES_CBC_MD5 :
#ifdef HEIM_WEAK_CRYPTO
ret = sub_wrap_size(req_output_size, max_input_size, 8, 22);
#else
ret = GSS_S_FAILURE;
#endif
break;
case ENCTYPE_ARCFOUR_HMAC_MD5:
case ENCTYPE_ARCFOUR_HMAC_MD5_56:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56:
ret = _gssapi_wrap_size_arcfour(minor_status, ctx, context,
conf_req_flag, qop_req,
req_output_size, max_input_size, key);
break;
case KEYTYPE_DES3 :
case KRB5_ENCTYPE_DES3_CBC_MD5 :
case KRB5_ENCTYPE_DES3_CBC_SHA1 :
ret = sub_wrap_size(req_output_size, max_input_size, 8, 34);
break;
default :
@@ -558,10 +559,11 @@ _gsskrb5_wrap
*minor_status = ret;
return GSS_S_FAILURE;
}
krb5_enctype_to_keytype (context, key->keytype, &keytype);
switch (keytype) {
case KEYTYPE_DES :
switch (key->keytype) {
case KRB5_ENCTYPE_DES_CBC_CRC :
case KRB5_ENCTYPE_DES_CBC_MD4 :
case KRB5_ENCTYPE_DES_CBC_MD5 :
#ifdef HEIM_WEAK_CRYPTO
ret = wrap_des (minor_status, ctx, context, conf_req_flag,
qop_req, input_message_buffer, conf_state,
@@ -570,13 +572,14 @@ _gsskrb5_wrap
ret = GSS_S_FAILURE;
#endif
break;
case KEYTYPE_DES3 :
case KRB5_ENCTYPE_DES3_CBC_MD5 :
case KRB5_ENCTYPE_DES3_CBC_SHA1 :
ret = wrap_des3 (minor_status, ctx, context, conf_req_flag,
qop_req, input_message_buffer, conf_state,
output_message_buffer, key);
break;
case KEYTYPE_ARCFOUR:
case KEYTYPE_ARCFOUR_56:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5:
case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56:
ret = _gssapi_wrap_arcfour (minor_status, ctx, context, conf_req_flag,
qop_req, input_message_buffer, conf_state,
output_message_buffer, key);