oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use krb5_set_error_message(), drop unused functions.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23278 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-06-23 03:25:46 +00:00
parent 06e2c6e17e
commit d23858caf2
1 changed files with 171 additions and 189 deletions
Download Patch File Download Diff File Expand all files Collapse all files

288
lib/krb5/crypto.c
View File

@@ -112,7 +112,6 @@ struct checksum_type {
struct encryption_type { struct encryption_type {
krb5_enctype type; krb5_enctype type;
const char *name; const char *name;
heim_oid *oid;
size_t blocksize; size_t blocksize;
size_t padsize; size_t padsize;
size_t confoundersize; size_t confoundersize;
@@ -339,7 +338,7 @@ krb5_DES_string_to_key(krb5_context context,
len = password.length + salt.saltvalue.length; len = password.length + salt.saltvalue.length;
s = malloc(len); s = malloc(len);
if(len > 0 && s == NULL) { if(len > 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(s, password.data, password.length); memcpy(s, password.data, password.length);
@@ -431,7 +430,7 @@ DES3_string_to_key(krb5_context context,
len = password.length + salt.saltvalue.length; len = password.length + salt.saltvalue.length;
str = malloc(len); str = malloc(len);
if(len != 0 && str == NULL) { if(len != 0 && str == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(str, password.data, password.length); memcpy(str, password.data, password.length);
@@ -445,7 +444,7 @@ DES3_string_to_key(krb5_context context,
if (ret) { if (ret) {
memset(str, 0, len); memset(str, 0, len);
free(str); free(str);
krb5_set_error_string(context, "out of memory"); krb5_set_error_message (context, ret, "malloc: out of memory");
return ret; return ret;
} }
@@ -492,7 +491,7 @@ DES3_string_to_key_derived(krb5_context context,
s = malloc(len); s = malloc(len);
if(len != 0 && s == NULL) { if(len != 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(s, password.data, password.length); memcpy(s, password.data, password.length);
@@ -568,19 +567,19 @@ ARCFOUR_string_to_key(krb5_context context,
ret = wind_utf8ucs2_length(password.data, &len); ret = wind_utf8ucs2_length(password.data, &len);
if (ret) { if (ret) {
krb5_set_error_string(context, "Password not an UCS2 string"); krb5_set_error_message (context, ret, "Password not an UCS2 string");
return ret; return ret;
} }
s = malloc (len * sizeof(s[0])); s = malloc (len * sizeof(s[0]));
if (len != 0 && s == NULL) { if (len != 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = wind_utf8ucs2(password.data, s, &len); ret = wind_utf8ucs2(password.data, s, &len);
if (ret) { if (ret) {
krb5_set_error_string(context, "Password not an UCS2 string"); krb5_set_error_message (context, ret, "Password not an UCS2 string");
goto out; goto out;
} }
@@ -597,7 +596,7 @@ ARCFOUR_string_to_key(krb5_context context,
key->keytype = enctype; key->keytype = enctype;
ret = krb5_data_alloc (&key->keyvalue, 16); ret = krb5_data_alloc (&key->keyvalue, 16);
if (ret) { if (ret) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
goto out; goto out;
} }
MD4_Final (key->keyvalue.data, &m); MD4_Final (key->keyvalue.data, &m);
@@ -643,13 +642,13 @@ AES_string_to_key(krb5_context context,
kd.schedule = NULL; kd.schedule = NULL;
ALLOC(kd.key, 1); ALLOC(kd.key, 1);
if(kd.key == NULL) { if(kd.key == NULL) {
krb5_set_error_string (context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
kd.key->keytype = enctype; kd.key->keytype = enctype;
ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size);
if (ret) { if (ret) {
krb5_set_error_string(context, "Failed to allocate pkcs5 key"); krb5_set_error_message (context, ret, "malloc: out of memory");
return ret; return ret;
} }
@@ -659,7 +658,8 @@ AES_string_to_key(krb5_context context,
et->keytype->size, kd.key->keyvalue.data); et->keytype->size, kd.key->keyvalue.data);
if (ret != 1) { if (ret != 1) {
free_key_data(context, &kd); free_key_data(context, &kd);
krb5_set_error_string(context, "Error calculating s2k"); krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
"Error calculating s2k");
return KRB5_PROG_KEYTYPE_NOSUPP; return KRB5_PROG_KEYTYPE_NOSUPP;
} }
@@ -862,7 +862,8 @@ krb5_salttype_to_string (krb5_context context,
e = _find_enctype (etype); e = _find_enctype (etype);
if (e == NULL) { if (e == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -870,13 +871,15 @@ krb5_salttype_to_string (krb5_context context,
if (st->type == stype) { if (st->type == stype) {
*string = strdup (st->name); *string = strdup (st->name);
if (*string == NULL) { if (*string == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM,
"malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
return 0; return 0;
} }
} }
krb5_set_error_string(context, "salttype %d not supported", stype); krb5_set_error_message (context, HEIM_ERR_SALTTYPE_NOSUPP,
"salttype %d not supported", stype);
return HEIM_ERR_SALTTYPE_NOSUPP; return HEIM_ERR_SALTTYPE_NOSUPP;
} }
@@ -891,7 +894,8 @@ krb5_string_to_salttype (krb5_context context,
e = _find_enctype (etype); e = _find_enctype (etype);
if (e == NULL) { if (e == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -901,7 +905,8 @@ krb5_string_to_salttype (krb5_context context,
return 0; return 0;
} }
} }
krb5_set_error_string(context, "salttype %s not supported", string); krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP,
"salttype %s not supported", string);
return HEIM_ERR_SALTTYPE_NOSUPP; return HEIM_ERR_SALTTYPE_NOSUPP;
} }
@@ -1003,7 +1008,8 @@ krb5_string_to_key_data_salt_opaque (krb5_context context,
struct encryption_type *et =_find_enctype(enctype); struct encryption_type *et =_find_enctype(enctype);
struct salt_type *st; struct salt_type *st;
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
enctype); enctype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -1011,7 +1017,8 @@ krb5_string_to_key_data_salt_opaque (krb5_context context,
if(st->type == salt.salttype) if(st->type == salt.salttype)
return (*st->string_to_key)(context, enctype, password, return (*st->string_to_key)(context, enctype, password,
salt, opaque, key); salt, opaque, key);
krb5_set_error_string(context, "salt type %d not supported", krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP,
"salt type %d not supported",
salt.salttype); salt.salttype);
return HEIM_ERR_SALTTYPE_NOSUPP; return HEIM_ERR_SALTTYPE_NOSUPP;
} }
@@ -1057,12 +1064,13 @@ krb5_keytype_to_string(krb5_context context,
{ {
struct key_type *kt = _find_keytype(keytype); struct key_type *kt = _find_keytype(keytype);
if(kt == NULL) { if(kt == NULL) {
krb5_set_error_string(context, "key type %d not supported", keytype); krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
"key type %d not supported", keytype);
return KRB5_PROG_KEYTYPE_NOSUPP; return KRB5_PROG_KEYTYPE_NOSUPP;
} }
*string = strdup(kt->name); *string = strdup(kt->name);
if(*string == NULL) { if(*string == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
return 0; return 0;
@@ -1079,7 +1087,8 @@ krb5_string_to_keytype(krb5_context context,
*keytype = keytypes[i]->type; *keytype = keytypes[i]->type;
return 0; return 0;
} }
krb5_set_error_string(context, "key type %s not supported", string); krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
"key type %s not supported", string);
return KRB5_PROG_KEYTYPE_NOSUPP; return KRB5_PROG_KEYTYPE_NOSUPP;
} }
@@ -1090,7 +1099,8 @@ krb5_enctype_keysize(krb5_context context,
{ {
struct encryption_type *et = _find_enctype(type); struct encryption_type *et = _find_enctype(type);
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type); type);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -1105,7 +1115,8 @@ krb5_enctype_keybits(krb5_context context,
{ {
struct encryption_type *et = _find_enctype(type); struct encryption_type *et = _find_enctype(type);
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type); type);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -1121,7 +1132,8 @@ krb5_generate_random_keyblock(krb5_context context,
krb5_error_code ret; krb5_error_code ret;
struct encryption_type *et = _find_enctype(type); struct encryption_type *et = _find_enctype(type);
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type); type);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -1151,7 +1163,7 @@ _key_schedule(krb5_context context,
return 0; return 0;
ALLOC(key->schedule, 1); ALLOC(key->schedule, 1);
if(key->schedule == NULL) { if(key->schedule == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = krb5_data_alloc(key->schedule, kt->schedule_size); ret = krb5_data_alloc(key->schedule, kt->schedule_size);
@@ -1496,7 +1508,8 @@ krb5_hmac(krb5_context context,
krb5_error_code ret; krb5_error_code ret;
if (c == NULL) { if (c == NULL) {
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
cktype); cktype);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -1812,7 +1825,7 @@ get_checksum_key(krb5_context context,
*key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */); *key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */);
if(*key == NULL) { if(*key == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key); ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key);
@@ -1847,7 +1860,8 @@ create_checksum (krb5_context context,
} }
keyed_checksum = (ct->flags & F_KEYED) != 0; keyed_checksum = (ct->flags & F_KEYED) != 0;
if(keyed_checksum && crypto == NULL) { if(keyed_checksum && crypto == NULL) {
krb5_set_error_string (context, "Checksum type %s is keyed " krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"Checksum type %s is keyed "
"but no crypto context (key) was passed in", "but no crypto context (key) was passed in",
ct->name); ct->name);
return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */
@@ -1895,7 +1909,8 @@ krb5_create_checksum(krb5_context context,
} }
if(ct == NULL) { if(ct == NULL) {
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type); type);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -1926,7 +1941,8 @@ verify_checksum(krb5_context context,
ct = _find_checksum(cksum->cksumtype); ct = _find_checksum(cksum->cksumtype);
if (ct == NULL || (ct->flags & F_DISABLED)) { if (ct == NULL || (ct->flags & F_DISABLED)) {
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
cksum->cksumtype); cksum->cksumtype);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -1936,7 +1952,8 @@ verify_checksum(krb5_context context,
} }
keyed_checksum = (ct->flags & F_KEYED) != 0; keyed_checksum = (ct->flags & F_KEYED) != 0;
if(keyed_checksum && crypto == NULL) { if(keyed_checksum && crypto == NULL) {
krb5_set_error_string (context, "Checksum type %s is keyed " krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"Checksum type %s is keyed "
"but no crypto context (key) was passed in", "but no crypto context (key) was passed in",
ct->name); ct->name);
return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */
@@ -1978,7 +1995,8 @@ krb5_verify_checksum(krb5_context context,
ct = _find_checksum(cksum->cksumtype); ct = _find_checksum(cksum->cksumtype);
if(ct == NULL) { if(ct == NULL) {
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
cksum->cksumtype); cksum->cksumtype);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -2007,7 +2025,8 @@ krb5_crypto_get_checksum_type(krb5_context context,
} }
if (ct == NULL) { if (ct == NULL) {
krb5_set_error_string (context, "checksum type not found"); krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type not found");
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -2024,7 +2043,8 @@ krb5_checksumsize(krb5_context context,
{ {
struct checksum_type *ct = _find_checksum(type); struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) { if(ct == NULL) {
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type); type);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -2039,7 +2059,8 @@ krb5_checksum_is_keyed(krb5_context context,
struct checksum_type *ct = _find_checksum(type); struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) { if(ct == NULL) {
if (context) if (context)
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type); type);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -2053,7 +2074,8 @@ krb5_checksum_is_collision_proof(krb5_context context,
struct checksum_type *ct = _find_checksum(type); struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) { if(ct == NULL) {
if (context) if (context)
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type); type);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -2067,7 +2089,8 @@ krb5_checksum_disable(krb5_context context,
struct checksum_type *ct = _find_checksum(type); struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) { if(ct == NULL) {
if (context) if (context)
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type); type);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -2493,7 +2516,7 @@ AES_PRF(krb5_context context,
result.cksumtype = ct->type; result.cksumtype = ct->type;
ret = krb5_data_alloc(&result.checksum, ct->checksumsize); ret = krb5_data_alloc(&result.checksum, ct->checksumsize);
if (ret) { if (ret) {
krb5_set_error_string(context, "out memory"); krb5_set_error_message(context, ret, "out memory");
return ret; return ret;
} }
@@ -2534,7 +2557,6 @@ AES_PRF(krb5_context context,
static struct encryption_type enctype_null = { static struct encryption_type enctype_null = {
ETYPE_NULL, ETYPE_NULL,
"null", "null",
NULL,
1, 1,
1, 1,
0, 0,
@@ -2549,7 +2571,6 @@ static struct encryption_type enctype_null = {
static struct encryption_type enctype_des_cbc_crc = { static struct encryption_type enctype_des_cbc_crc = {
ETYPE_DES_CBC_CRC, ETYPE_DES_CBC_CRC,
"des-cbc-crc", "des-cbc-crc",
NULL,
8, 8,
8, 8,
8, 8,
@@ -2564,7 +2585,6 @@ static struct encryption_type enctype_des_cbc_crc = {
static struct encryption_type enctype_des_cbc_md4 = { static struct encryption_type enctype_des_cbc_md4 = {
ETYPE_DES_CBC_MD4, ETYPE_DES_CBC_MD4,
"des-cbc-md4", "des-cbc-md4",
NULL,
8, 8,
8, 8,
8, 8,
@@ -2579,7 +2599,6 @@ static struct encryption_type enctype_des_cbc_md4 = {
static struct encryption_type enctype_des_cbc_md5 = { static struct encryption_type enctype_des_cbc_md5 = {
ETYPE_DES_CBC_MD5, ETYPE_DES_CBC_MD5,
"des-cbc-md5", "des-cbc-md5",
NULL,
8, 8,
8, 8,
8, 8,
@@ -2594,7 +2613,6 @@ static struct encryption_type enctype_des_cbc_md5 = {
static struct encryption_type enctype_arcfour_hmac_md5 = { static struct encryption_type enctype_arcfour_hmac_md5 = {
ETYPE_ARCFOUR_HMAC_MD5, ETYPE_ARCFOUR_HMAC_MD5,
"arcfour-hmac-md5", "arcfour-hmac-md5",
NULL,
1, 1,
1, 1,
8, 8,
@@ -2609,7 +2627,6 @@ static struct encryption_type enctype_arcfour_hmac_md5 = {
static struct encryption_type enctype_des3_cbc_md5 = { static struct encryption_type enctype_des3_cbc_md5 = {
ETYPE_DES3_CBC_MD5, ETYPE_DES3_CBC_MD5,
"des3-cbc-md5", "des3-cbc-md5",
NULL,
8, 8,
8, 8,
8, 8,
@@ -2624,7 +2641,6 @@ static struct encryption_type enctype_des3_cbc_md5 = {
static struct encryption_type enctype_des3_cbc_sha1 = { static struct encryption_type enctype_des3_cbc_sha1 = {
ETYPE_DES3_CBC_SHA1, ETYPE_DES3_CBC_SHA1,
"des3-cbc-sha1", "des3-cbc-sha1",
NULL,
8, 8,
8, 8,
8, 8,
@@ -2639,7 +2655,6 @@ static struct encryption_type enctype_des3_cbc_sha1 = {
static struct encryption_type enctype_old_des3_cbc_sha1 = { static struct encryption_type enctype_old_des3_cbc_sha1 = {
ETYPE_OLD_DES3_CBC_SHA1, ETYPE_OLD_DES3_CBC_SHA1,
"old-des3-cbc-sha1", "old-des3-cbc-sha1",
NULL,
8, 8,
8, 8,
8, 8,
@@ -2654,7 +2669,6 @@ static struct encryption_type enctype_old_des3_cbc_sha1 = {
static struct encryption_type enctype_aes128_cts_hmac_sha1 = { static struct encryption_type enctype_aes128_cts_hmac_sha1 = {
ETYPE_AES128_CTS_HMAC_SHA1_96, ETYPE_AES128_CTS_HMAC_SHA1_96,
"aes128-cts-hmac-sha1-96", "aes128-cts-hmac-sha1-96",
NULL,
16, 16,
1, 1,
16, 16,
@@ -2669,7 +2683,6 @@ static struct encryption_type enctype_aes128_cts_hmac_sha1 = {
static struct encryption_type enctype_aes256_cts_hmac_sha1 = { static struct encryption_type enctype_aes256_cts_hmac_sha1 = {
ETYPE_AES256_CTS_HMAC_SHA1_96, ETYPE_AES256_CTS_HMAC_SHA1_96,
"aes256-cts-hmac-sha1-96", "aes256-cts-hmac-sha1-96",
NULL,
16, 16,
1, 1,
16, 16,
@@ -2684,7 +2697,6 @@ static struct encryption_type enctype_aes256_cts_hmac_sha1 = {
static struct encryption_type enctype_des_cbc_none = { static struct encryption_type enctype_des_cbc_none = {
ETYPE_DES_CBC_NONE, ETYPE_DES_CBC_NONE,
"des-cbc-none", "des-cbc-none",
NULL,
8, 8,
8, 8,
0, 0,
@@ -2699,7 +2711,6 @@ static struct encryption_type enctype_des_cbc_none = {
static struct encryption_type enctype_des_cfb64_none = { static struct encryption_type enctype_des_cfb64_none = {
ETYPE_DES_CFB64_NONE, ETYPE_DES_CFB64_NONE,
"des-cfb64-none", "des-cfb64-none",
NULL,
1, 1,
1, 1,
0, 0,
@@ -2714,7 +2725,6 @@ static struct encryption_type enctype_des_cfb64_none = {
static struct encryption_type enctype_des_pcbc_none = { static struct encryption_type enctype_des_pcbc_none = {
ETYPE_DES_PCBC_NONE, ETYPE_DES_PCBC_NONE,
"des-pcbc-none", "des-pcbc-none",
NULL,
8, 8,
8, 8,
0, 0,
@@ -2729,7 +2739,6 @@ static struct encryption_type enctype_des_pcbc_none = {
static struct encryption_type enctype_des3_cbc_none = { static struct encryption_type enctype_des3_cbc_none = {
ETYPE_DES3_CBC_NONE, ETYPE_DES3_CBC_NONE,
"des3-cbc-none", "des3-cbc-none",
NULL,
8, 8,
8, 8,
0, 0,
@@ -2781,14 +2790,15 @@ krb5_enctype_to_string(krb5_context context,
struct encryption_type *e; struct encryption_type *e;
e = _find_enctype(etype); e = _find_enctype(etype);
if(e == NULL) { if(e == NULL) {
krb5_set_error_string (context, "encryption type %d not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
*string = NULL; *string = NULL;
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
*string = strdup(e->name); *string = strdup(e->name);
if(*string == NULL) { if(*string == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
return 0; return 0;
@@ -2805,46 +2815,12 @@ krb5_string_to_enctype(krb5_context context,
*etype = etypes[i]->type; *etype = etypes[i]->type;
return 0; return 0;
} }
krb5_set_error_string (context, "encryption type %s not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %s not supported",
string); string);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
krb5_error_code KRB5_LIB_FUNCTION
_krb5_enctype_to_oid(krb5_context context,
krb5_enctype etype,
heim_oid *oid)
{
struct encryption_type *et = _find_enctype(etype);
if(et == NULL) {
krb5_set_error_string (context, "encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
if(et->oid == NULL) {
krb5_set_error_string (context, "%s have not oid", et->name);
return KRB5_PROG_ETYPE_NOSUPP;
}
krb5_clear_error_string(context);
return der_copy_oid(et->oid, oid);
}
krb5_error_code KRB5_LIB_FUNCTION
_krb5_oid_to_enctype(krb5_context context,
const heim_oid *oid,
krb5_enctype *etype)
{
int i;
for(i = 0; i < num_etypes; i++) {
if(etypes[i]->oid && der_heim_oid_cmp(etypes[i]->oid, oid) == 0) {
*etype = etypes[i]->type;
return 0;
}
}
krb5_set_error_string(context, "enctype for oid not supported");
return KRB5_PROG_ETYPE_NOSUPP;
}
krb5_error_code KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_FUNCTION
krb5_enctype_to_keytype(krb5_context context, krb5_enctype_to_keytype(krb5_context context,
krb5_enctype etype, krb5_enctype etype,
@@ -2852,7 +2828,8 @@ krb5_enctype_to_keytype(krb5_context context,
{ {
struct encryption_type *e = _find_enctype(etype); struct encryption_type *e = _find_enctype(etype);
if(e == NULL) { if(e == NULL) {
krb5_set_error_string (context, "encryption type %d not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -2860,21 +2837,6 @@ krb5_enctype_to_keytype(krb5_context context,
return 0; return 0;
} }
#if 0
krb5_error_code KRB5_LIB_FUNCTION
krb5_keytype_to_enctype(krb5_context context,
krb5_keytype keytype,
krb5_enctype *etype)
{
struct key_type *kt = _find_keytype(keytype);
krb5_warnx(context, "krb5_keytype_to_enctype(%u)", keytype);
if(kt == NULL)
return KRB5_PROG_KEYTYPE_NOSUPP;
*etype = kt->best_etype;
return 0;
}
#endif
krb5_error_code KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_FUNCTION
krb5_keytype_to_enctypes (krb5_context context, krb5_keytype_to_enctypes (krb5_context context,
krb5_keytype keytype, krb5_keytype keytype,
@@ -2892,7 +2854,7 @@ krb5_keytype_to_enctypes (krb5_context context,
} }
ret = malloc(n * sizeof(*ret)); ret = malloc(n * sizeof(*ret));
if (ret == NULL && n != 0) { if (ret == NULL && n != 0) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
n = 0; n = 0;
@@ -2927,7 +2889,7 @@ krb5_keytype_to_enctypes_default (krb5_context context,
; ;
ret = malloc (n * sizeof(*ret)); ret = malloc (n * sizeof(*ret));
if (ret == NULL && n != 0) { if (ret == NULL && n != 0) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
for (i = 0; i < n; ++i) for (i = 0; i < n; ++i)
@@ -2943,12 +2905,14 @@ krb5_enctype_valid(krb5_context context,
{ {
struct encryption_type *e = _find_enctype(etype); struct encryption_type *e = _find_enctype(etype);
if(e == NULL) { if(e == NULL) {
krb5_set_error_string (context, "encryption type %d not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
if (e->flags & F_DISABLED) { if (e->flags & F_DISABLED) {
krb5_set_error_string (context, "encryption type %s is disabled", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %s is disabled",
e->name); e->name);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -2961,12 +2925,14 @@ krb5_cksumtype_valid(krb5_context context,
{ {
struct checksum_type *c = _find_checksum(ctype); struct checksum_type *c = _find_checksum(ctype);
if (c == NULL) { if (c == NULL) {
krb5_set_error_string (context, "checksum type %d not supported", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
ctype); ctype);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
if (c->flags & F_DISABLED) { if (c->flags & F_DISABLED) {
krb5_set_error_string (context, "checksum type %s is disabled", krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %s is disabled",
c->name); c->name);
return KRB5_PROG_SUMTYPE_NOSUPP; return KRB5_PROG_SUMTYPE_NOSUPP;
} }
@@ -3025,7 +2991,7 @@ encrypt_internal_derived(krb5_context context,
total_sz = block_sz + checksum_sz; total_sz = block_sz + checksum_sz;
p = calloc(1, total_sz); p = calloc(1, total_sz);
if(p == NULL) { if(p == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
@@ -3092,7 +3058,7 @@ encrypt_internal(krb5_context context,
block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */
p = calloc(1, block_sz); p = calloc(1, block_sz);
if(p == NULL) { if(p == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
@@ -3157,7 +3123,7 @@ encrypt_internal_special(krb5_context context,
tmp = malloc (sz); tmp = malloc (sz);
if (tmp == NULL) { if (tmp == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
p = tmp; p = tmp;
@@ -3196,7 +3162,8 @@ decrypt_internal_derived(krb5_context context,
checksum_sz = CHECKSUMSIZE(et->keyed_checksum); checksum_sz = CHECKSUMSIZE(et->keyed_checksum);
if (len < checksum_sz + et->confoundersize) { if (len < checksum_sz + et->confoundersize) {
krb5_set_error_string(context, "Encrypted data shorter then " krb5_set_error_message(context, KRB5_BAD_MSIZE,
"Encrypted data shorter then "
"checksum + confunder"); "checksum + confunder");
return KRB5_BAD_MSIZE; return KRB5_BAD_MSIZE;
} }
@@ -3208,7 +3175,7 @@ decrypt_internal_derived(krb5_context context,
p = malloc(len); p = malloc(len);
if(len != 0 && p == NULL) { if(len != 0 && p == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(p, data, len); memcpy(p, data, len);
@@ -3253,7 +3220,7 @@ decrypt_internal_derived(krb5_context context,
result->data = realloc(p, l); result->data = realloc(p, l);
if(result->data == NULL && l != 0) { if(result->data == NULL && l != 0) {
free(p); free(p);
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
result->length = l; result->length = l;
@@ -3282,7 +3249,7 @@ decrypt_internal(krb5_context context,
checksum_sz = CHECKSUMSIZE(et->checksum); checksum_sz = CHECKSUMSIZE(et->checksum);
p = malloc(len); p = malloc(len);
if(len != 0 && p == NULL) { if(len != 0 && p == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(p, data, len); memcpy(p, data, len);
@@ -3318,7 +3285,7 @@ decrypt_internal(krb5_context context,
result->data = realloc(p, l); result->data = realloc(p, l);
if(result->data == NULL && l != 0) { if(result->data == NULL && l != 0) {
free(p); free(p);
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
result->length = l; result->length = l;
@@ -3347,7 +3314,7 @@ decrypt_internal_special(krb5_context context,
p = malloc (len); p = malloc (len);
if (p == NULL) { if (p == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(p, data, len); memcpy(p, data, len);
@@ -3362,7 +3329,7 @@ decrypt_internal_special(krb5_context context,
result->data = realloc(p, sz); result->data = realloc(p, sz);
if(result->data == NULL && sz != 0) { if(result->data == NULL && sz != 0) {
free(p); free(p);
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
result->length = sz; result->length = sz;
@@ -3562,13 +3529,13 @@ derive_key(krb5_context context,
nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8); nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8);
k = malloc(nblocks * et->blocksize); k = malloc(nblocks * et->blocksize);
if(k == NULL) { if(k == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = _krb5_n_fold(constant, len, k, et->blocksize); ret = _krb5_n_fold(constant, len, k, et->blocksize);
if (ret) { if (ret) {
free(k); free(k);
krb5_set_error_string(context, "out of memory"); krb5_set_error_message(context, ret, "malloc: out of memory");
return ret; return ret;
} }
for(i = 0; i < nblocks; i++) { for(i = 0; i < nblocks; i++) {
@@ -3585,7 +3552,7 @@ derive_key(krb5_context context,
size_t res_len = (kt->bits + 7) / 8; size_t res_len = (kt->bits + 7) / 8;
if(len != 0 && c == NULL) { if(len != 0 && c == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
memcpy(c, constant, len); memcpy(c, constant, len);
@@ -3593,13 +3560,13 @@ derive_key(krb5_context context,
k = malloc(res_len); k = malloc(res_len);
if(res_len != 0 && k == NULL) { if(res_len != 0 && k == NULL) {
free(c); free(c);
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = _krb5_n_fold(c, len, k, res_len); ret = _krb5_n_fold(c, len, k, res_len);
if (ret) { if (ret) {
free(k); free(k);
krb5_set_error_string(context, "out of memory"); krb5_set_error_message(context, ret, "malloc: out of memory");
return ret; return ret;
} }
free(c); free(c);
@@ -3615,10 +3582,10 @@ derive_key(krb5_context context,
memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length); memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length);
break; break;
default: default:
krb5_set_error_string(context, ret = KRB5_CRYPTO_INTERNAL;
krb5_set_error_message(context, ret,
"derive_key() called with unknown keytype (%u)", "derive_key() called with unknown keytype (%u)",
kt->type); kt->type);
ret = KRB5_CRYPTO_INTERNAL;
break; break;
} }
if (key->schedule) { if (key->schedule) {
@@ -3660,7 +3627,8 @@ krb5_derive_key(krb5_context context,
et = _find_enctype (etype); et = _find_enctype (etype);
if (et == NULL) { if (et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -3694,7 +3662,7 @@ _get_derived_key(krb5_context context,
} }
d = _new_derived_key(crypto, usage); d = _new_derived_key(crypto, usage);
if(d == NULL) { if(d == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
krb5_copy_keyblock(context, crypto->key.key, &d->key); krb5_copy_keyblock(context, crypto->key.key, &d->key);
@@ -3714,7 +3682,7 @@ krb5_crypto_init(krb5_context context,
krb5_error_code ret; krb5_error_code ret;
ALLOC(*crypto, 1); ALLOC(*crypto, 1);
if(*crypto == NULL) { if(*crypto == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
if(etype == ETYPE_NULL) if(etype == ETYPE_NULL)
@@ -3723,14 +3691,16 @@ krb5_crypto_init(krb5_context context,
if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) { if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) {
free(*crypto); free(*crypto);
*crypto = NULL; *crypto = NULL;
krb5_set_error_string (context, "encryption type %d not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
if((*crypto)->et->keytype->size != key->keyvalue.length) { if((*crypto)->et->keytype->size != key->keyvalue.length) {
free(*crypto); free(*crypto);
*crypto = NULL; *crypto = NULL;
krb5_set_error_string (context, "encryption key has bad length"); krb5_set_error_message (context, KRB5_BAD_KEYSIZE,
"encryption key has bad length");
return KRB5_BAD_KEYSIZE; return KRB5_BAD_KEYSIZE;
} }
ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key); ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key);
@@ -3818,7 +3788,8 @@ krb5_enctype_disable(krb5_context context,
struct encryption_type *et = _find_enctype(enctype); struct encryption_type *et = _find_enctype(enctype);
if(et == NULL) { if(et == NULL) {
if (context) if (context)
krb5_set_error_string (context, "encryption type %d not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
enctype); enctype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -3840,7 +3811,8 @@ krb5_string_to_key_derived(krb5_context context,
u_char *tmp; u_char *tmp;
if(et == NULL) { if(et == NULL) {
krb5_set_error_string (context, "encryption type %d not supported", krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype); etype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -3848,7 +3820,8 @@ krb5_string_to_key_derived(krb5_context context,
ALLOC(kd.key, 1); ALLOC(kd.key, 1);
if(kd.key == NULL) { if(kd.key == NULL) {
krb5_set_error_string (context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM,
"malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size);
@@ -3860,13 +3833,13 @@ krb5_string_to_key_derived(krb5_context context,
tmp = malloc (keylen); tmp = malloc (keylen);
if(tmp == NULL) { if(tmp == NULL) {
krb5_free_keyblock(context, kd.key); krb5_free_keyblock(context, kd.key);
krb5_set_error_string (context, "malloc: out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
ret = _krb5_n_fold(str, len, tmp, keylen); ret = _krb5_n_fold(str, len, tmp, keylen);
if (ret) { if (ret) {
free(tmp); free(tmp);
krb5_set_error_string(context, "out of memory"); krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ret; return ret;
} }
kd.schedule = NULL; kd.schedule = NULL;
@@ -3985,12 +3958,14 @@ krb5_random_to_key(krb5_context context,
krb5_error_code ret; krb5_error_code ret;
struct encryption_type *et = _find_enctype(type); struct encryption_type *et = _find_enctype(type);
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type); type);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
if ((et->keytype->bits + 7) / 8 > size) { if ((et->keytype->bits + 7) / 8 > size) {
krb5_set_error_string(context, "encryption key %s needs %d bytes " krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption key %s needs %d bytes "
"of random to make an encryption key out of it", "of random to make an encryption key out of it",
et->name, (int)et->keytype->size); et->name, (int)et->keytype->size);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
@@ -4024,7 +3999,8 @@ _krb5_pk_octetstring2key(krb5_context context,
unsigned char shaoutput[20]; unsigned char shaoutput[20];
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type); type);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -4032,7 +4008,7 @@ _krb5_pk_octetstring2key(krb5_context context,
keydata = malloc(keylen); keydata = malloc(keylen);
if (keydata == NULL) { if (keydata == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
@@ -4079,7 +4055,8 @@ encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data)
&pn, &size, ret); &pn, &size, ret);
if (ret) { if (ret) {
krb5_data_zero(data); krb5_data_zero(data);
krb5_set_error_string(context, "Failed to encode KRB5PrincipalName"); krb5_set_error_message(context, ret,
"Failed to encode KRB5PrincipalName");
return ret; return ret;
} }
if (data->length != size) if (data->length != size)
@@ -4115,7 +4092,7 @@ encode_otherinfo(krb5_context context,
ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length, ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length,
&pubinfo, &size, ret); &pubinfo, &size, ret);
if (ret) { if (ret) {
krb5_set_error_string(context, "out of memory"); krb5_set_error_message(context, ret, "out of memory");
return ret; return ret;
} }
if (pub.length != size) if (pub.length != size)
@@ -4142,7 +4119,7 @@ encode_otherinfo(krb5_context context,
free(otherinfo.partyVInfo.data); free(otherinfo.partyVInfo.data);
free(pub.data); free(pub.data);
if (ret) { if (ret) {
krb5_set_error_string(context, "out of memory"); krb5_set_error_message(context, ret, "out of memory");
return ret; return ret;
} }
if (other->length != size) if (other->length != size)
@@ -4173,20 +4150,23 @@ _krb5_pk_kdf(krb5_context context,
unsigned char shaoutput[20]; unsigned char shaoutput[20];
if (der_heim_oid_cmp(oid_id_pkinit_kdf_ah_sha1(), &ai->algorithm) != 0) { if (der_heim_oid_cmp(oid_id_pkinit_kdf_ah_sha1(), &ai->algorithm) != 0) {
krb5_set_error_string(context, "kdf not supported"); krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"kdf not supported");
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
if (ai->parameters != NULL && if (ai->parameters != NULL &&
(ai->parameters->length != 2 || (ai->parameters->length != 2 ||
memcmp(ai->parameters->data, "\x05\x00", 2) != 0)) memcmp(ai->parameters->data, "\x05\x00", 2) != 0))
{ {
krb5_set_error_string(context, "kdf params not NULL or the NULL-type"); krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"kdf params not NULL or the NULL-type");
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
et = _find_enctype(enctype); et = _find_enctype(enctype);
if(et == NULL) { if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
enctype); enctype);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -4194,7 +4174,7 @@ _krb5_pk_kdf(krb5_context context,
keydata = malloc(keylen); keydata = malloc(keylen);
if (keydata == NULL) { if (keydata == NULL) {
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM; return ENOMEM;
} }
@@ -4245,7 +4225,8 @@ krb5_crypto_prf_length(krb5_context context,
struct encryption_type *et = _find_enctype(type); struct encryption_type *et = _find_enctype(type);
if(et == NULL || et->prf_length == 0) { if(et == NULL || et->prf_length == 0) {
krb5_set_error_string(context, "encryption type %d not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type); type);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }
@@ -4265,7 +4246,8 @@ krb5_crypto_prf(krb5_context context,
krb5_data_zero(output); krb5_data_zero(output);
if(et->prf == NULL) { if(et->prf == NULL) {
krb5_set_error_string(context, "kerberos prf for %s not supported", krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"kerberos prf for %s not supported",
et->name); et->name);
return KRB5_PROG_ETYPE_NOSUPP; return KRB5_PROG_ETYPE_NOSUPP;
} }