From d23858caf20337c6d207fbee7551dfc74e806d73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Mon, 23 Jun 2008 03:25:46 +0000 Subject: [PATCH] Use krb5_set_error_message(), drop unused functions. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23278 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/krb5/crypto.c | 360 ++++++++++++++++++++++------------------------ 1 file changed, 171 insertions(+), 189 deletions(-) diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index 94271579a..d905bb236 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -112,7 +112,6 @@ struct checksum_type { struct encryption_type { krb5_enctype type; const char *name; - heim_oid *oid; size_t blocksize; size_t padsize; size_t confoundersize; @@ -339,7 +338,7 @@ krb5_DES_string_to_key(krb5_context context, len = password.length + salt.saltvalue.length; s = malloc(len); if(len > 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(s, password.data, password.length); @@ -431,7 +430,7 @@ DES3_string_to_key(krb5_context context, len = password.length + salt.saltvalue.length; str = malloc(len); if(len != 0 && str == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(str, password.data, password.length); @@ -445,7 +444,7 @@ DES3_string_to_key(krb5_context context, if (ret) { memset(str, 0, len); free(str); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message (context, ret, "malloc: out of memory"); return ret; } @@ -492,7 +491,7 @@ DES3_string_to_key_derived(krb5_context context, s = malloc(len); if(len != 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(s, password.data, password.length); @@ -568,19 +567,19 @@ ARCFOUR_string_to_key(krb5_context context, ret = wind_utf8ucs2_length(password.data, &len); if (ret) { - krb5_set_error_string(context, "Password not an UCS2 string"); + krb5_set_error_message (context, ret, "Password not an UCS2 string"); return ret; } s = malloc (len * sizeof(s[0])); if (len != 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = wind_utf8ucs2(password.data, s, &len); if (ret) { - krb5_set_error_string(context, "Password not an UCS2 string"); + krb5_set_error_message (context, ret, "Password not an UCS2 string"); goto out; } @@ -597,7 +596,7 @@ ARCFOUR_string_to_key(krb5_context context, key->keytype = enctype; ret = krb5_data_alloc (&key->keyvalue, 16); if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); goto out; } MD4_Final (key->keyvalue.data, &m); @@ -643,13 +642,13 @@ AES_string_to_key(krb5_context context, kd.schedule = NULL; ALLOC(kd.key, 1); if(kd.key == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ENOMEM; } kd.key->keytype = enctype; ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); if (ret) { - krb5_set_error_string(context, "Failed to allocate pkcs5 key"); + krb5_set_error_message (context, ret, "malloc: out of memory"); return ret; } @@ -659,7 +658,8 @@ AES_string_to_key(krb5_context context, et->keytype->size, kd.key->keyvalue.data); if (ret != 1) { free_key_data(context, &kd); - krb5_set_error_string(context, "Error calculating s2k"); + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "Error calculating s2k"); return KRB5_PROG_KEYTYPE_NOSUPP; } @@ -862,21 +862,24 @@ krb5_salttype_to_string (krb5_context context, e = _find_enctype (etype); if (e == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); return KRB5_PROG_ETYPE_NOSUPP; } for (st = e->keytype->string_to_key; st && st->type; st++) { if (st->type == stype) { *string = strdup (st->name); if (*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + "malloc: out of memory"); return ENOMEM; } return 0; } } - krb5_set_error_string(context, "salttype %d not supported", stype); + krb5_set_error_message (context, HEIM_ERR_SALTTYPE_NOSUPP, + "salttype %d not supported", stype); return HEIM_ERR_SALTTYPE_NOSUPP; } @@ -891,8 +894,9 @@ krb5_string_to_salttype (krb5_context context, e = _find_enctype (etype); if (e == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); return KRB5_PROG_ETYPE_NOSUPP; } for (st = e->keytype->string_to_key; st && st->type; st++) { @@ -901,7 +905,8 @@ krb5_string_to_salttype (krb5_context context, return 0; } } - krb5_set_error_string(context, "salttype %s not supported", string); + krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP, + "salttype %s not supported", string); return HEIM_ERR_SALTTYPE_NOSUPP; } @@ -1003,16 +1008,18 @@ krb5_string_to_key_data_salt_opaque (krb5_context context, struct encryption_type *et =_find_enctype(enctype); struct salt_type *st; if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - enctype); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + enctype); return KRB5_PROG_ETYPE_NOSUPP; } for(st = et->keytype->string_to_key; st && st->type; st++) if(st->type == salt.salttype) return (*st->string_to_key)(context, enctype, password, salt, opaque, key); - krb5_set_error_string(context, "salt type %d not supported", - salt.salttype); + krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP, + "salt type %d not supported", + salt.salttype); return HEIM_ERR_SALTTYPE_NOSUPP; } @@ -1057,12 +1064,13 @@ krb5_keytype_to_string(krb5_context context, { struct key_type *kt = _find_keytype(keytype); if(kt == NULL) { - krb5_set_error_string(context, "key type %d not supported", keytype); + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "key type %d not supported", keytype); return KRB5_PROG_KEYTYPE_NOSUPP; } *string = strdup(kt->name); if(*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } return 0; @@ -1079,7 +1087,8 @@ krb5_string_to_keytype(krb5_context context, *keytype = keytypes[i]->type; return 0; } - krb5_set_error_string(context, "key type %s not supported", string); + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "key type %s not supported", string); return KRB5_PROG_KEYTYPE_NOSUPP; } @@ -1090,8 +1099,9 @@ krb5_enctype_keysize(krb5_context context, { struct encryption_type *et = _find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + type); return KRB5_PROG_ETYPE_NOSUPP; } *keysize = et->keytype->size; @@ -1105,7 +1115,8 @@ krb5_enctype_keybits(krb5_context context, { struct encryption_type *et = _find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", type); return KRB5_PROG_ETYPE_NOSUPP; } @@ -1121,8 +1132,9 @@ krb5_generate_random_keyblock(krb5_context context, krb5_error_code ret; struct encryption_type *et = _find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + type); return KRB5_PROG_ETYPE_NOSUPP; } ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); @@ -1151,7 +1163,7 @@ _key_schedule(krb5_context context, return 0; ALLOC(key->schedule, 1); if(key->schedule == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = krb5_data_alloc(key->schedule, kt->schedule_size); @@ -1496,8 +1508,9 @@ krb5_hmac(krb5_context context, krb5_error_code ret; if (c == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - cktype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + cktype); return KRB5_PROG_SUMTYPE_NOSUPP; } @@ -1812,7 +1825,7 @@ get_checksum_key(krb5_context context, *key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */); if(*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key); @@ -1847,9 +1860,10 @@ create_checksum (krb5_context context, } keyed_checksum = (ct->flags & F_KEYED) != 0; if(keyed_checksum && crypto == NULL) { - krb5_set_error_string (context, "Checksum type %s is keyed " - "but no crypto context (key) was passed in", - ct->name); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "Checksum type %s is keyed " + "but no crypto context (key) was passed in", + ct->name); return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ } if(keyed_checksum) { @@ -1895,8 +1909,9 @@ krb5_create_checksum(krb5_context context, } if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + type); return KRB5_PROG_SUMTYPE_NOSUPP; } @@ -1926,7 +1941,8 @@ verify_checksum(krb5_context context, ct = _find_checksum(cksum->cksumtype); if (ct == NULL || (ct->flags & F_DISABLED)) { - krb5_set_error_string (context, "checksum type %d not supported", + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", cksum->cksumtype); return KRB5_PROG_SUMTYPE_NOSUPP; } @@ -1936,9 +1952,10 @@ verify_checksum(krb5_context context, } keyed_checksum = (ct->flags & F_KEYED) != 0; if(keyed_checksum && crypto == NULL) { - krb5_set_error_string (context, "Checksum type %s is keyed " - "but no crypto context (key) was passed in", - ct->name); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "Checksum type %s is keyed " + "but no crypto context (key) was passed in", + ct->name); return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ } if(keyed_checksum) @@ -1978,8 +1995,9 @@ krb5_verify_checksum(krb5_context context, ct = _find_checksum(cksum->cksumtype); if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - cksum->cksumtype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + cksum->cksumtype); return KRB5_PROG_SUMTYPE_NOSUPP; } @@ -2007,7 +2025,8 @@ krb5_crypto_get_checksum_type(krb5_context context, } if (ct == NULL) { - krb5_set_error_string (context, "checksum type not found"); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type not found"); return KRB5_PROG_SUMTYPE_NOSUPP; } @@ -2024,8 +2043,9 @@ krb5_checksumsize(krb5_context context, { struct checksum_type *ct = _find_checksum(type); if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + type); return KRB5_PROG_SUMTYPE_NOSUPP; } *size = ct->checksumsize; @@ -2039,8 +2059,9 @@ krb5_checksum_is_keyed(krb5_context context, struct checksum_type *ct = _find_checksum(type); if(ct == NULL) { if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + type); return KRB5_PROG_SUMTYPE_NOSUPP; } return ct->flags & F_KEYED; @@ -2053,8 +2074,9 @@ krb5_checksum_is_collision_proof(krb5_context context, struct checksum_type *ct = _find_checksum(type); if(ct == NULL) { if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + type); return KRB5_PROG_SUMTYPE_NOSUPP; } return ct->flags & F_CPROOF; @@ -2067,8 +2089,9 @@ krb5_checksum_disable(krb5_context context, struct checksum_type *ct = _find_checksum(type); if(ct == NULL) { if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + type); return KRB5_PROG_SUMTYPE_NOSUPP; } ct->flags |= F_DISABLED; @@ -2493,7 +2516,7 @@ AES_PRF(krb5_context context, result.cksumtype = ct->type; ret = krb5_data_alloc(&result.checksum, ct->checksumsize); if (ret) { - krb5_set_error_string(context, "out memory"); + krb5_set_error_message(context, ret, "out memory"); return ret; } @@ -2534,7 +2557,6 @@ AES_PRF(krb5_context context, static struct encryption_type enctype_null = { ETYPE_NULL, "null", - NULL, 1, 1, 0, @@ -2549,7 +2571,6 @@ static struct encryption_type enctype_null = { static struct encryption_type enctype_des_cbc_crc = { ETYPE_DES_CBC_CRC, "des-cbc-crc", - NULL, 8, 8, 8, @@ -2564,7 +2585,6 @@ static struct encryption_type enctype_des_cbc_crc = { static struct encryption_type enctype_des_cbc_md4 = { ETYPE_DES_CBC_MD4, "des-cbc-md4", - NULL, 8, 8, 8, @@ -2579,7 +2599,6 @@ static struct encryption_type enctype_des_cbc_md4 = { static struct encryption_type enctype_des_cbc_md5 = { ETYPE_DES_CBC_MD5, "des-cbc-md5", - NULL, 8, 8, 8, @@ -2594,7 +2613,6 @@ static struct encryption_type enctype_des_cbc_md5 = { static struct encryption_type enctype_arcfour_hmac_md5 = { ETYPE_ARCFOUR_HMAC_MD5, "arcfour-hmac-md5", - NULL, 1, 1, 8, @@ -2609,7 +2627,6 @@ static struct encryption_type enctype_arcfour_hmac_md5 = { static struct encryption_type enctype_des3_cbc_md5 = { ETYPE_DES3_CBC_MD5, "des3-cbc-md5", - NULL, 8, 8, 8, @@ -2624,7 +2641,6 @@ static struct encryption_type enctype_des3_cbc_md5 = { static struct encryption_type enctype_des3_cbc_sha1 = { ETYPE_DES3_CBC_SHA1, "des3-cbc-sha1", - NULL, 8, 8, 8, @@ -2639,7 +2655,6 @@ static struct encryption_type enctype_des3_cbc_sha1 = { static struct encryption_type enctype_old_des3_cbc_sha1 = { ETYPE_OLD_DES3_CBC_SHA1, "old-des3-cbc-sha1", - NULL, 8, 8, 8, @@ -2654,7 +2669,6 @@ static struct encryption_type enctype_old_des3_cbc_sha1 = { static struct encryption_type enctype_aes128_cts_hmac_sha1 = { ETYPE_AES128_CTS_HMAC_SHA1_96, "aes128-cts-hmac-sha1-96", - NULL, 16, 1, 16, @@ -2669,7 +2683,6 @@ static struct encryption_type enctype_aes128_cts_hmac_sha1 = { static struct encryption_type enctype_aes256_cts_hmac_sha1 = { ETYPE_AES256_CTS_HMAC_SHA1_96, "aes256-cts-hmac-sha1-96", - NULL, 16, 1, 16, @@ -2684,7 +2697,6 @@ static struct encryption_type enctype_aes256_cts_hmac_sha1 = { static struct encryption_type enctype_des_cbc_none = { ETYPE_DES_CBC_NONE, "des-cbc-none", - NULL, 8, 8, 0, @@ -2699,7 +2711,6 @@ static struct encryption_type enctype_des_cbc_none = { static struct encryption_type enctype_des_cfb64_none = { ETYPE_DES_CFB64_NONE, "des-cfb64-none", - NULL, 1, 1, 0, @@ -2714,7 +2725,6 @@ static struct encryption_type enctype_des_cfb64_none = { static struct encryption_type enctype_des_pcbc_none = { ETYPE_DES_PCBC_NONE, "des-pcbc-none", - NULL, 8, 8, 0, @@ -2729,7 +2739,6 @@ static struct encryption_type enctype_des_pcbc_none = { static struct encryption_type enctype_des3_cbc_none = { ETYPE_DES3_CBC_NONE, "des3-cbc-none", - NULL, 8, 8, 0, @@ -2781,14 +2790,15 @@ krb5_enctype_to_string(krb5_context context, struct encryption_type *e; e = _find_enctype(etype); if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); *string = NULL; return KRB5_PROG_ETYPE_NOSUPP; } *string = strdup(e->name); if(*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } return 0; @@ -2805,43 +2815,9 @@ krb5_string_to_enctype(krb5_context context, *etype = etypes[i]->type; return 0; } - krb5_set_error_string (context, "encryption type %s not supported", - string); - return KRB5_PROG_ETYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_enctype_to_oid(krb5_context context, - krb5_enctype etype, - heim_oid *oid) -{ - struct encryption_type *et = _find_enctype(etype); - if(et == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - if(et->oid == NULL) { - krb5_set_error_string (context, "%s have not oid", et->name); - return KRB5_PROG_ETYPE_NOSUPP; - } - krb5_clear_error_string(context); - return der_copy_oid(et->oid, oid); -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_oid_to_enctype(krb5_context context, - const heim_oid *oid, - krb5_enctype *etype) -{ - int i; - for(i = 0; i < num_etypes; i++) { - if(etypes[i]->oid && der_heim_oid_cmp(etypes[i]->oid, oid) == 0) { - *etype = etypes[i]->type; - return 0; - } - } - krb5_set_error_string(context, "enctype for oid not supported"); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %s not supported", + string); return KRB5_PROG_ETYPE_NOSUPP; } @@ -2852,7 +2828,8 @@ krb5_enctype_to_keytype(krb5_context context, { struct encryption_type *e = _find_enctype(etype); if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", etype); return KRB5_PROG_ETYPE_NOSUPP; } @@ -2860,21 +2837,6 @@ krb5_enctype_to_keytype(krb5_context context, return 0; } -#if 0 -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctype(krb5_context context, - krb5_keytype keytype, - krb5_enctype *etype) -{ - struct key_type *kt = _find_keytype(keytype); - krb5_warnx(context, "krb5_keytype_to_enctype(%u)", keytype); - if(kt == NULL) - return KRB5_PROG_KEYTYPE_NOSUPP; - *etype = kt->best_etype; - return 0; -} -#endif - krb5_error_code KRB5_LIB_FUNCTION krb5_keytype_to_enctypes (krb5_context context, krb5_keytype keytype, @@ -2892,7 +2854,7 @@ krb5_keytype_to_enctypes (krb5_context context, } ret = malloc(n * sizeof(*ret)); if (ret == NULL && n != 0) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } n = 0; @@ -2927,7 +2889,7 @@ krb5_keytype_to_enctypes_default (krb5_context context, ; ret = malloc (n * sizeof(*ret)); if (ret == NULL && n != 0) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } for (i = 0; i < n; ++i) @@ -2943,13 +2905,15 @@ krb5_enctype_valid(krb5_context context, { struct encryption_type *e = _find_enctype(etype); if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); return KRB5_PROG_ETYPE_NOSUPP; } if (e->flags & F_DISABLED) { - krb5_set_error_string (context, "encryption type %s is disabled", - e->name); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %s is disabled", + e->name); return KRB5_PROG_ETYPE_NOSUPP; } return 0; @@ -2961,13 +2925,15 @@ krb5_cksumtype_valid(krb5_context context, { struct checksum_type *c = _find_checksum(ctype); if (c == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - ctype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %d not supported", + ctype); return KRB5_PROG_SUMTYPE_NOSUPP; } if (c->flags & F_DISABLED) { - krb5_set_error_string (context, "checksum type %s is disabled", - c->name); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + "checksum type %s is disabled", + c->name); return KRB5_PROG_SUMTYPE_NOSUPP; } return 0; @@ -3025,7 +2991,7 @@ encrypt_internal_derived(krb5_context context, total_sz = block_sz + checksum_sz; p = calloc(1, total_sz); if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } @@ -3092,7 +3058,7 @@ encrypt_internal(krb5_context context, block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ p = calloc(1, block_sz); if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } @@ -3157,7 +3123,7 @@ encrypt_internal_special(krb5_context context, tmp = malloc (sz); if (tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } p = tmp; @@ -3196,8 +3162,9 @@ decrypt_internal_derived(krb5_context context, checksum_sz = CHECKSUMSIZE(et->keyed_checksum); if (len < checksum_sz + et->confoundersize) { - krb5_set_error_string(context, "Encrypted data shorter then " - "checksum + confunder"); + krb5_set_error_message(context, KRB5_BAD_MSIZE, + "Encrypted data shorter then " + "checksum + confunder"); return KRB5_BAD_MSIZE; } @@ -3208,7 +3175,7 @@ decrypt_internal_derived(krb5_context context, p = malloc(len); if(len != 0 && p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(p, data, len); @@ -3253,7 +3220,7 @@ decrypt_internal_derived(krb5_context context, result->data = realloc(p, l); if(result->data == NULL && l != 0) { free(p); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } result->length = l; @@ -3282,7 +3249,7 @@ decrypt_internal(krb5_context context, checksum_sz = CHECKSUMSIZE(et->checksum); p = malloc(len); if(len != 0 && p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(p, data, len); @@ -3318,7 +3285,7 @@ decrypt_internal(krb5_context context, result->data = realloc(p, l); if(result->data == NULL && l != 0) { free(p); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } result->length = l; @@ -3347,7 +3314,7 @@ decrypt_internal_special(krb5_context context, p = malloc (len); if (p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(p, data, len); @@ -3362,7 +3329,7 @@ decrypt_internal_special(krb5_context context, result->data = realloc(p, sz); if(result->data == NULL && sz != 0) { free(p); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } result->length = sz; @@ -3562,13 +3529,13 @@ derive_key(krb5_context context, nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8); k = malloc(nblocks * et->blocksize); if(k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = _krb5_n_fold(constant, len, k, et->blocksize); if (ret) { free(k); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); return ret; } for(i = 0; i < nblocks; i++) { @@ -3585,7 +3552,7 @@ derive_key(krb5_context context, size_t res_len = (kt->bits + 7) / 8; if(len != 0 && c == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(c, constant, len); @@ -3593,13 +3560,13 @@ derive_key(krb5_context context, k = malloc(res_len); if(res_len != 0 && k == NULL) { free(c); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = _krb5_n_fold(c, len, k, res_len); if (ret) { free(k); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); return ret; } free(c); @@ -3615,10 +3582,10 @@ derive_key(krb5_context context, memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length); break; default: - krb5_set_error_string(context, - "derive_key() called with unknown keytype (%u)", - kt->type); ret = KRB5_CRYPTO_INTERNAL; + krb5_set_error_message(context, ret, + "derive_key() called with unknown keytype (%u)", + kt->type); break; } if (key->schedule) { @@ -3660,8 +3627,9 @@ krb5_derive_key(krb5_context context, et = _find_enctype (etype); if (et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); return KRB5_PROG_ETYPE_NOSUPP; } @@ -3694,7 +3662,7 @@ _get_derived_key(krb5_context context, } d = _new_derived_key(crypto, usage); if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } krb5_copy_keyblock(context, crypto->key.key, &d->key); @@ -3714,7 +3682,7 @@ krb5_crypto_init(krb5_context context, krb5_error_code ret; ALLOC(*crypto, 1); if(*crypto == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } if(etype == ETYPE_NULL) @@ -3723,14 +3691,16 @@ krb5_crypto_init(krb5_context context, if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) { free(*crypto); *crypto = NULL; - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); return KRB5_PROG_ETYPE_NOSUPP; } if((*crypto)->et->keytype->size != key->keyvalue.length) { free(*crypto); *crypto = NULL; - krb5_set_error_string (context, "encryption key has bad length"); + krb5_set_error_message (context, KRB5_BAD_KEYSIZE, + "encryption key has bad length"); return KRB5_BAD_KEYSIZE; } ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key); @@ -3818,8 +3788,9 @@ krb5_enctype_disable(krb5_context context, struct encryption_type *et = _find_enctype(enctype); if(et == NULL) { if (context) - krb5_set_error_string (context, "encryption type %d not supported", - enctype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + enctype); return KRB5_PROG_ETYPE_NOSUPP; } et->flags |= F_DISABLED; @@ -3840,15 +3811,17 @@ krb5_string_to_key_derived(krb5_context context, u_char *tmp; if(et == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); return KRB5_PROG_ETYPE_NOSUPP; } keylen = et->keytype->bits / 8; ALLOC(kd.key, 1); if(kd.key == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + "malloc: out of memory"); return ENOMEM; } ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); @@ -3860,13 +3833,13 @@ krb5_string_to_key_derived(krb5_context context, tmp = malloc (keylen); if(tmp == NULL) { krb5_free_keyblock(context, kd.key); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = _krb5_n_fold(str, len, tmp, keylen); if (ret) { free(tmp); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message (context, ENOMEM, "malloc: out of memory"); return ret; } kd.schedule = NULL; @@ -3985,14 +3958,16 @@ krb5_random_to_key(krb5_context context, krb5_error_code ret; struct encryption_type *et = _find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + type); return KRB5_PROG_ETYPE_NOSUPP; } if ((et->keytype->bits + 7) / 8 > size) { - krb5_set_error_string(context, "encryption key %s needs %d bytes " - "of random to make an encryption key out of it", - et->name, (int)et->keytype->size); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption key %s needs %d bytes " + "of random to make an encryption key out of it", + et->name, (int)et->keytype->size); return KRB5_PROG_ETYPE_NOSUPP; } ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); @@ -4024,15 +3999,16 @@ _krb5_pk_octetstring2key(krb5_context context, unsigned char shaoutput[20]; if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + type); return KRB5_PROG_ETYPE_NOSUPP; } keylen = (et->keytype->bits + 7) / 8; keydata = malloc(keylen); if (keydata == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } @@ -4079,7 +4055,8 @@ encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data) &pn, &size, ret); if (ret) { krb5_data_zero(data); - krb5_set_error_string(context, "Failed to encode KRB5PrincipalName"); + krb5_set_error_message(context, ret, + "Failed to encode KRB5PrincipalName"); return ret; } if (data->length != size) @@ -4115,7 +4092,7 @@ encode_otherinfo(krb5_context context, ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length, &pubinfo, &size, ret); if (ret) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "out of memory"); return ret; } if (pub.length != size) @@ -4142,7 +4119,7 @@ encode_otherinfo(krb5_context context, free(otherinfo.partyVInfo.data); free(pub.data); if (ret) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "out of memory"); return ret; } if (other->length != size) @@ -4173,28 +4150,31 @@ _krb5_pk_kdf(krb5_context context, unsigned char shaoutput[20]; if (der_heim_oid_cmp(oid_id_pkinit_kdf_ah_sha1(), &ai->algorithm) != 0) { - krb5_set_error_string(context, "kdf not supported"); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "kdf not supported"); return KRB5_PROG_ETYPE_NOSUPP; } if (ai->parameters != NULL && (ai->parameters->length != 2 || memcmp(ai->parameters->data, "\x05\x00", 2) != 0)) { - krb5_set_error_string(context, "kdf params not NULL or the NULL-type"); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "kdf params not NULL or the NULL-type"); return KRB5_PROG_ETYPE_NOSUPP; } et = _find_enctype(enctype); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - enctype); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + enctype); return KRB5_PROG_ETYPE_NOSUPP; } keylen = (et->keytype->bits + 7) / 8; keydata = malloc(keylen); if (keydata == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } @@ -4245,8 +4225,9 @@ krb5_crypto_prf_length(krb5_context context, struct encryption_type *et = _find_enctype(type); if(et == NULL || et->prf_length == 0) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + type); return KRB5_PROG_ETYPE_NOSUPP; } @@ -4265,8 +4246,9 @@ krb5_crypto_prf(krb5_context context, krb5_data_zero(output); if(et->prf == NULL) { - krb5_set_error_string(context, "kerberos prf for %s not supported", - et->name); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "kerberos prf for %s not supported", + et->name); return KRB5_PROG_ETYPE_NOSUPP; }