oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use krb5_set_error_message(), drop unused functions.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23278 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-06-23 03:25:46 +00:00
parent 06e2c6e17e
commit d23858caf2
1 changed files with 171 additions and 189 deletions
Download Patch File Download Diff File Expand all files Collapse all files

360
lib/krb5/crypto.c
View File

@@ -112,7 +112,6 @@ struct checksum_type {
struct encryption_type {
krb5_enctype type;
const char *name;
heim_oid *oid;
size_t blocksize;
size_t padsize;
size_t confoundersize;
@@ -339,7 +338,7 @@ krb5_DES_string_to_key(krb5_context context,
len = password.length + salt.saltvalue.length;
s = malloc(len);
if(len > 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(s, password.data, password.length);
@@ -431,7 +430,7 @@ DES3_string_to_key(krb5_context context,
len = password.length + salt.saltvalue.length;
str = malloc(len);
if(len != 0 && str == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(str, password.data, password.length);
@@ -445,7 +444,7 @@ DES3_string_to_key(krb5_context context,
if (ret) {
memset(str, 0, len);
free(str);
krb5_set_error_string(context, "out of memory");
krb5_set_error_message (context, ret, "malloc: out of memory");
return ret;
}
@@ -492,7 +491,7 @@ DES3_string_to_key_derived(krb5_context context,
s = malloc(len);
if(len != 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(s, password.data, password.length);
@@ -568,19 +567,19 @@ ARCFOUR_string_to_key(krb5_context context,
ret = wind_utf8ucs2_length(password.data, &len);
if (ret) {
krb5_set_error_string(context, "Password not an UCS2 string");
krb5_set_error_message (context, ret, "Password not an UCS2 string");
return ret;
}
s = malloc (len * sizeof(s[0]));
if (len != 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
ret = wind_utf8ucs2(password.data, s, &len);
if (ret) {
krb5_set_error_string(context, "Password not an UCS2 string");
krb5_set_error_message (context, ret, "Password not an UCS2 string");
goto out;
}
@@ -597,7 +596,7 @@ ARCFOUR_string_to_key(krb5_context context,
key->keytype = enctype;
ret = krb5_data_alloc (&key->keyvalue, 16);
if (ret) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
goto out;
}
MD4_Final (key->keyvalue.data, &m);
@@ -643,13 +642,13 @@ AES_string_to_key(krb5_context context,
kd.schedule = NULL;
ALLOC(kd.key, 1);
if(kd.key == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
kd.key->keytype = enctype;
ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size);
if (ret) {
krb5_set_error_string(context, "Failed to allocate pkcs5 key");
krb5_set_error_message (context, ret, "malloc: out of memory");
return ret;
}
@@ -659,7 +658,8 @@ AES_string_to_key(krb5_context context,
et->keytype->size, kd.key->keyvalue.data);
if (ret != 1) {
free_key_data(context, &kd);
krb5_set_error_string(context, "Error calculating s2k");
krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
"Error calculating s2k");
return KRB5_PROG_KEYTYPE_NOSUPP;
}
@@ -862,21 +862,24 @@ krb5_salttype_to_string (krb5_context context,
e = _find_enctype (etype);
if (e == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
etype);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
for (st = e->keytype->string_to_key; st && st->type; st++) {
if (st->type == stype) {
*string = strdup (st->name);
if (*string == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM,
"malloc: out of memory");
return ENOMEM;
}
return 0;
}
}
krb5_set_error_string(context, "salttype %d not supported", stype);
krb5_set_error_message (context, HEIM_ERR_SALTTYPE_NOSUPP,
"salttype %d not supported", stype);
return HEIM_ERR_SALTTYPE_NOSUPP;
}
@@ -891,8 +894,9 @@ krb5_string_to_salttype (krb5_context context,
e = _find_enctype (etype);
if (e == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
etype);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
for (st = e->keytype->string_to_key; st && st->type; st++) {
@@ -901,7 +905,8 @@ krb5_string_to_salttype (krb5_context context,
return 0;
}
}
krb5_set_error_string(context, "salttype %s not supported", string);
krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP,
"salttype %s not supported", string);
return HEIM_ERR_SALTTYPE_NOSUPP;
}
@@ -1003,16 +1008,18 @@ krb5_string_to_key_data_salt_opaque (krb5_context context,
struct encryption_type *et =_find_enctype(enctype);
struct salt_type *st;
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
enctype);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
enctype);
return KRB5_PROG_ETYPE_NOSUPP;
}
for(st = et->keytype->string_to_key; st && st->type; st++)
if(st->type == salt.salttype)
return (*st->string_to_key)(context, enctype, password,
salt, opaque, key);
krb5_set_error_string(context, "salt type %d not supported",
salt.salttype);
krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP,
"salt type %d not supported",
salt.salttype);
return HEIM_ERR_SALTTYPE_NOSUPP;
}
@@ -1057,12 +1064,13 @@ krb5_keytype_to_string(krb5_context context,
{
struct key_type *kt = _find_keytype(keytype);
if(kt == NULL) {
krb5_set_error_string(context, "key type %d not supported", keytype);
krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
"key type %d not supported", keytype);
return KRB5_PROG_KEYTYPE_NOSUPP;
}
*string = strdup(kt->name);
if(*string == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
return 0;
@@ -1079,7 +1087,8 @@ krb5_string_to_keytype(krb5_context context,
*keytype = keytypes[i]->type;
return 0;
}
krb5_set_error_string(context, "key type %s not supported", string);
krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
"key type %s not supported", string);
return KRB5_PROG_KEYTYPE_NOSUPP;
}
@@ -1090,8 +1099,9 @@ krb5_enctype_keysize(krb5_context context,
{
struct encryption_type *et = _find_enctype(type);
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
type);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type);
return KRB5_PROG_ETYPE_NOSUPP;
}
*keysize = et->keytype->size;
@@ -1105,7 +1115,8 @@ krb5_enctype_keybits(krb5_context context,
{
struct encryption_type *et = _find_enctype(type);
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type);
return KRB5_PROG_ETYPE_NOSUPP;
}
@@ -1121,8 +1132,9 @@ krb5_generate_random_keyblock(krb5_context context,
krb5_error_code ret;
struct encryption_type *et = _find_enctype(type);
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
type);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type);
return KRB5_PROG_ETYPE_NOSUPP;
}
ret = krb5_data_alloc(&key->keyvalue, et->keytype->size);
@@ -1151,7 +1163,7 @@ _key_schedule(krb5_context context,
return 0;
ALLOC(key->schedule, 1);
if(key->schedule == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
ret = krb5_data_alloc(key->schedule, kt->schedule_size);
@@ -1496,8 +1508,9 @@ krb5_hmac(krb5_context context,
krb5_error_code ret;
if (c == NULL) {
krb5_set_error_string (context, "checksum type %d not supported",
cktype);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
cktype);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
@@ -1812,7 +1825,7 @@ get_checksum_key(krb5_context context,
*key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */);
if(*key == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key);
@@ -1847,9 +1860,10 @@ create_checksum (krb5_context context,
}
keyed_checksum = (ct->flags & F_KEYED) != 0;
if(keyed_checksum && crypto == NULL) {
krb5_set_error_string (context, "Checksum type %s is keyed "
"but no crypto context (key) was passed in",
ct->name);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"Checksum type %s is keyed "
"but no crypto context (key) was passed in",
ct->name);
return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */
}
if(keyed_checksum) {
@@ -1895,8 +1909,9 @@ krb5_create_checksum(krb5_context context,
}
if(ct == NULL) {
krb5_set_error_string (context, "checksum type %d not supported",
type);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
@@ -1926,7 +1941,8 @@ verify_checksum(krb5_context context,
ct = _find_checksum(cksum->cksumtype);
if (ct == NULL || (ct->flags & F_DISABLED)) {
krb5_set_error_string (context, "checksum type %d not supported",
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
cksum->cksumtype);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
@@ -1936,9 +1952,10 @@ verify_checksum(krb5_context context,
}
keyed_checksum = (ct->flags & F_KEYED) != 0;
if(keyed_checksum && crypto == NULL) {
krb5_set_error_string (context, "Checksum type %s is keyed "
"but no crypto context (key) was passed in",
ct->name);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"Checksum type %s is keyed "
"but no crypto context (key) was passed in",
ct->name);
return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */
}
if(keyed_checksum)
@@ -1978,8 +1995,9 @@ krb5_verify_checksum(krb5_context context,
ct = _find_checksum(cksum->cksumtype);
if(ct == NULL) {
krb5_set_error_string (context, "checksum type %d not supported",
cksum->cksumtype);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
cksum->cksumtype);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
@@ -2007,7 +2025,8 @@ krb5_crypto_get_checksum_type(krb5_context context,
}
if (ct == NULL) {
krb5_set_error_string (context, "checksum type not found");
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type not found");
return KRB5_PROG_SUMTYPE_NOSUPP;
}
@@ -2024,8 +2043,9 @@ krb5_checksumsize(krb5_context context,
{
struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) {
krb5_set_error_string (context, "checksum type %d not supported",
type);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
*size = ct->checksumsize;
@@ -2039,8 +2059,9 @@ krb5_checksum_is_keyed(krb5_context context,
struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) {
if (context)
krb5_set_error_string (context, "checksum type %d not supported",
type);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
return ct->flags & F_KEYED;
@@ -2053,8 +2074,9 @@ krb5_checksum_is_collision_proof(krb5_context context,
struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) {
if (context)
krb5_set_error_string (context, "checksum type %d not supported",
type);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
return ct->flags & F_CPROOF;
@@ -2067,8 +2089,9 @@ krb5_checksum_disable(krb5_context context,
struct checksum_type *ct = _find_checksum(type);
if(ct == NULL) {
if (context)
krb5_set_error_string (context, "checksum type %d not supported",
type);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
type);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
ct->flags |= F_DISABLED;
@@ -2493,7 +2516,7 @@ AES_PRF(krb5_context context,
result.cksumtype = ct->type;
ret = krb5_data_alloc(&result.checksum, ct->checksumsize);
if (ret) {
krb5_set_error_string(context, "out memory");
krb5_set_error_message(context, ret, "out memory");
return ret;
}
@@ -2534,7 +2557,6 @@ AES_PRF(krb5_context context,
static struct encryption_type enctype_null = {
ETYPE_NULL,
"null",
NULL,
1,
1,
0,
@@ -2549,7 +2571,6 @@ static struct encryption_type enctype_null = {
static struct encryption_type enctype_des_cbc_crc = {
ETYPE_DES_CBC_CRC,
"des-cbc-crc",
NULL,
8,
8,
8,
@@ -2564,7 +2585,6 @@ static struct encryption_type enctype_des_cbc_crc = {
static struct encryption_type enctype_des_cbc_md4 = {
ETYPE_DES_CBC_MD4,
"des-cbc-md4",
NULL,
8,
8,
8,
@@ -2579,7 +2599,6 @@ static struct encryption_type enctype_des_cbc_md4 = {
static struct encryption_type enctype_des_cbc_md5 = {
ETYPE_DES_CBC_MD5,
"des-cbc-md5",
NULL,
8,
8,
8,
@@ -2594,7 +2613,6 @@ static struct encryption_type enctype_des_cbc_md5 = {
static struct encryption_type enctype_arcfour_hmac_md5 = {
ETYPE_ARCFOUR_HMAC_MD5,
"arcfour-hmac-md5",
NULL,
1,
1,
8,
@@ -2609,7 +2627,6 @@ static struct encryption_type enctype_arcfour_hmac_md5 = {
static struct encryption_type enctype_des3_cbc_md5 = {
ETYPE_DES3_CBC_MD5,
"des3-cbc-md5",
NULL,
8,
8,
8,
@@ -2624,7 +2641,6 @@ static struct encryption_type enctype_des3_cbc_md5 = {
static struct encryption_type enctype_des3_cbc_sha1 = {
ETYPE_DES3_CBC_SHA1,
"des3-cbc-sha1",
NULL,
8,
8,
8,
@@ -2639,7 +2655,6 @@ static struct encryption_type enctype_des3_cbc_sha1 = {
static struct encryption_type enctype_old_des3_cbc_sha1 = {
ETYPE_OLD_DES3_CBC_SHA1,
"old-des3-cbc-sha1",
NULL,
8,
8,
8,
@@ -2654,7 +2669,6 @@ static struct encryption_type enctype_old_des3_cbc_sha1 = {
static struct encryption_type enctype_aes128_cts_hmac_sha1 = {
ETYPE_AES128_CTS_HMAC_SHA1_96,
"aes128-cts-hmac-sha1-96",
NULL,
16,
1,
16,
@@ -2669,7 +2683,6 @@ static struct encryption_type enctype_aes128_cts_hmac_sha1 = {
static struct encryption_type enctype_aes256_cts_hmac_sha1 = {
ETYPE_AES256_CTS_HMAC_SHA1_96,
"aes256-cts-hmac-sha1-96",
NULL,
16,
1,
16,
@@ -2684,7 +2697,6 @@ static struct encryption_type enctype_aes256_cts_hmac_sha1 = {
static struct encryption_type enctype_des_cbc_none = {
ETYPE_DES_CBC_NONE,
"des-cbc-none",
NULL,
8,
8,
0,
@@ -2699,7 +2711,6 @@ static struct encryption_type enctype_des_cbc_none = {
static struct encryption_type enctype_des_cfb64_none = {
ETYPE_DES_CFB64_NONE,
"des-cfb64-none",
NULL,
1,
1,
0,
@@ -2714,7 +2725,6 @@ static struct encryption_type enctype_des_cfb64_none = {
static struct encryption_type enctype_des_pcbc_none = {
ETYPE_DES_PCBC_NONE,
"des-pcbc-none",
NULL,
8,
8,
0,
@@ -2729,7 +2739,6 @@ static struct encryption_type enctype_des_pcbc_none = {
static struct encryption_type enctype_des3_cbc_none = {
ETYPE_DES3_CBC_NONE,
"des3-cbc-none",
NULL,
8,
8,
0,
@@ -2781,14 +2790,15 @@ krb5_enctype_to_string(krb5_context context,
struct encryption_type *e;
e = _find_enctype(etype);
if(e == NULL) {
krb5_set_error_string (context, "encryption type %d not supported",
etype);
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
*string = NULL;
return KRB5_PROG_ETYPE_NOSUPP;
}
*string = strdup(e->name);
if(*string == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
return 0;
@@ -2805,43 +2815,9 @@ krb5_string_to_enctype(krb5_context context,
*etype = etypes[i]->type;
return 0;
}
krb5_set_error_string (context, "encryption type %s not supported",
string);
return KRB5_PROG_ETYPE_NOSUPP;
}
krb5_error_code KRB5_LIB_FUNCTION
_krb5_enctype_to_oid(krb5_context context,
krb5_enctype etype,
heim_oid *oid)
{
struct encryption_type *et = _find_enctype(etype);
if(et == NULL) {
krb5_set_error_string (context, "encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
if(et->oid == NULL) {
krb5_set_error_string (context, "%s have not oid", et->name);
return KRB5_PROG_ETYPE_NOSUPP;
}
krb5_clear_error_string(context);
return der_copy_oid(et->oid, oid);
}
krb5_error_code KRB5_LIB_FUNCTION
_krb5_oid_to_enctype(krb5_context context,
const heim_oid *oid,
krb5_enctype *etype)
{
int i;
for(i = 0; i < num_etypes; i++) {
if(etypes[i]->oid && der_heim_oid_cmp(etypes[i]->oid, oid) == 0) {
*etype = etypes[i]->type;
return 0;
}
}
krb5_set_error_string(context, "enctype for oid not supported");
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %s not supported",
string);
return KRB5_PROG_ETYPE_NOSUPP;
}
@@ -2852,7 +2828,8 @@ krb5_enctype_to_keytype(krb5_context context,
{
struct encryption_type *e = _find_enctype(etype);
if(e == NULL) {
krb5_set_error_string (context, "encryption type %d not supported",
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
@@ -2860,21 +2837,6 @@ krb5_enctype_to_keytype(krb5_context context,
return 0;
}
#if 0
krb5_error_code KRB5_LIB_FUNCTION
krb5_keytype_to_enctype(krb5_context context,
krb5_keytype keytype,
krb5_enctype *etype)
{
struct key_type *kt = _find_keytype(keytype);
krb5_warnx(context, "krb5_keytype_to_enctype(%u)", keytype);
if(kt == NULL)
return KRB5_PROG_KEYTYPE_NOSUPP;
*etype = kt->best_etype;
return 0;
}
#endif
krb5_error_code KRB5_LIB_FUNCTION
krb5_keytype_to_enctypes (krb5_context context,
krb5_keytype keytype,
@@ -2892,7 +2854,7 @@ krb5_keytype_to_enctypes (krb5_context context,
}
ret = malloc(n * sizeof(*ret));
if (ret == NULL && n != 0) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
n = 0;
@@ -2927,7 +2889,7 @@ krb5_keytype_to_enctypes_default (krb5_context context,
;
ret = malloc (n * sizeof(*ret));
if (ret == NULL && n != 0) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
for (i = 0; i < n; ++i)
@@ -2943,13 +2905,15 @@ krb5_enctype_valid(krb5_context context,
{
struct encryption_type *e = _find_enctype(etype);
if(e == NULL) {
krb5_set_error_string (context, "encryption type %d not supported",
etype);
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
if (e->flags & F_DISABLED) {
krb5_set_error_string (context, "encryption type %s is disabled",
e->name);
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %s is disabled",
e->name);
return KRB5_PROG_ETYPE_NOSUPP;
}
return 0;
@@ -2961,13 +2925,15 @@ krb5_cksumtype_valid(krb5_context context,
{
struct checksum_type *c = _find_checksum(ctype);
if (c == NULL) {
krb5_set_error_string (context, "checksum type %d not supported",
ctype);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %d not supported",
ctype);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
if (c->flags & F_DISABLED) {
krb5_set_error_string (context, "checksum type %s is disabled",
c->name);
krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP,
"checksum type %s is disabled",
c->name);
return KRB5_PROG_SUMTYPE_NOSUPP;
}
return 0;
@@ -3025,7 +2991,7 @@ encrypt_internal_derived(krb5_context context,
total_sz = block_sz + checksum_sz;
p = calloc(1, total_sz);
if(p == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
@@ -3092,7 +3058,7 @@ encrypt_internal(krb5_context context,
block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */
p = calloc(1, block_sz);
if(p == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
@@ -3157,7 +3123,7 @@ encrypt_internal_special(krb5_context context,
tmp = malloc (sz);
if (tmp == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
p = tmp;
@@ -3196,8 +3162,9 @@ decrypt_internal_derived(krb5_context context,
checksum_sz = CHECKSUMSIZE(et->keyed_checksum);
if (len < checksum_sz + et->confoundersize) {
krb5_set_error_string(context, "Encrypted data shorter then "
"checksum + confunder");
krb5_set_error_message(context, KRB5_BAD_MSIZE,
"Encrypted data shorter then "
"checksum + confunder");
return KRB5_BAD_MSIZE;
}
@@ -3208,7 +3175,7 @@ decrypt_internal_derived(krb5_context context,
p = malloc(len);
if(len != 0 && p == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(p, data, len);
@@ -3253,7 +3220,7 @@ decrypt_internal_derived(krb5_context context,
result->data = realloc(p, l);
if(result->data == NULL && l != 0) {
free(p);
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
result->length = l;
@@ -3282,7 +3249,7 @@ decrypt_internal(krb5_context context,
checksum_sz = CHECKSUMSIZE(et->checksum);
p = malloc(len);
if(len != 0 && p == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(p, data, len);
@@ -3318,7 +3285,7 @@ decrypt_internal(krb5_context context,
result->data = realloc(p, l);
if(result->data == NULL && l != 0) {
free(p);
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
result->length = l;
@@ -3347,7 +3314,7 @@ decrypt_internal_special(krb5_context context,
p = malloc (len);
if (p == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(p, data, len);
@@ -3362,7 +3329,7 @@ decrypt_internal_special(krb5_context context,
result->data = realloc(p, sz);
if(result->data == NULL && sz != 0) {
free(p);
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
result->length = sz;
@@ -3562,13 +3529,13 @@ derive_key(krb5_context context,
nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8);
k = malloc(nblocks * et->blocksize);
if(k == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
ret = _krb5_n_fold(constant, len, k, et->blocksize);
if (ret) {
free(k);
krb5_set_error_string(context, "out of memory");
krb5_set_error_message(context, ret, "malloc: out of memory");
return ret;
}
for(i = 0; i < nblocks; i++) {
@@ -3585,7 +3552,7 @@ derive_key(krb5_context context,
size_t res_len = (kt->bits + 7) / 8;
if(len != 0 && c == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
memcpy(c, constant, len);
@@ -3593,13 +3560,13 @@ derive_key(krb5_context context,
k = malloc(res_len);
if(res_len != 0 && k == NULL) {
free(c);
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
ret = _krb5_n_fold(c, len, k, res_len);
if (ret) {
free(k);
krb5_set_error_string(context, "out of memory");
krb5_set_error_message(context, ret, "malloc: out of memory");
return ret;
}
free(c);
@@ -3615,10 +3582,10 @@ derive_key(krb5_context context,
memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length);
break;
default:
krb5_set_error_string(context,
"derive_key() called with unknown keytype (%u)",
kt->type);
ret = KRB5_CRYPTO_INTERNAL;
krb5_set_error_message(context, ret,
"derive_key() called with unknown keytype (%u)",
kt->type);
break;
}
if (key->schedule) {
@@ -3660,8 +3627,9 @@ krb5_derive_key(krb5_context context,
et = _find_enctype (etype);
if (et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
etype);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
@@ -3694,7 +3662,7 @@ _get_derived_key(krb5_context context,
}
d = _new_derived_key(crypto, usage);
if(d == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
krb5_copy_keyblock(context, crypto->key.key, &d->key);
@@ -3714,7 +3682,7 @@ krb5_crypto_init(krb5_context context,
krb5_error_code ret;
ALLOC(*crypto, 1);
if(*crypto == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
if(etype == ETYPE_NULL)
@@ -3723,14 +3691,16 @@ krb5_crypto_init(krb5_context context,
if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) {
free(*crypto);
*crypto = NULL;
krb5_set_error_string (context, "encryption type %d not supported",
etype);
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
if((*crypto)->et->keytype->size != key->keyvalue.length) {
free(*crypto);
*crypto = NULL;
krb5_set_error_string (context, "encryption key has bad length");
krb5_set_error_message (context, KRB5_BAD_KEYSIZE,
"encryption key has bad length");
return KRB5_BAD_KEYSIZE;
}
ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key);
@@ -3818,8 +3788,9 @@ krb5_enctype_disable(krb5_context context,
struct encryption_type *et = _find_enctype(enctype);
if(et == NULL) {
if (context)
krb5_set_error_string (context, "encryption type %d not supported",
enctype);
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
enctype);
return KRB5_PROG_ETYPE_NOSUPP;
}
et->flags |= F_DISABLED;
@@ -3840,15 +3811,17 @@ krb5_string_to_key_derived(krb5_context context,
u_char *tmp;
if(et == NULL) {
krb5_set_error_string (context, "encryption type %d not supported",
etype);
krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
etype);
return KRB5_PROG_ETYPE_NOSUPP;
}
keylen = et->keytype->bits / 8;
ALLOC(kd.key, 1);
if(kd.key == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM,
"malloc: out of memory");
return ENOMEM;
}
ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size);
@@ -3860,13 +3833,13 @@ krb5_string_to_key_derived(krb5_context context,
tmp = malloc (keylen);
if(tmp == NULL) {
krb5_free_keyblock(context, kd.key);
krb5_set_error_string (context, "malloc: out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
ret = _krb5_n_fold(str, len, tmp, keylen);
if (ret) {
free(tmp);
krb5_set_error_string(context, "out of memory");
krb5_set_error_message (context, ENOMEM, "malloc: out of memory");
return ret;
}
kd.schedule = NULL;
@@ -3985,14 +3958,16 @@ krb5_random_to_key(krb5_context context,
krb5_error_code ret;
struct encryption_type *et = _find_enctype(type);
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
type);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type);
return KRB5_PROG_ETYPE_NOSUPP;
}
if ((et->keytype->bits + 7) / 8 > size) {
krb5_set_error_string(context, "encryption key %s needs %d bytes "
"of random to make an encryption key out of it",
et->name, (int)et->keytype->size);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption key %s needs %d bytes "
"of random to make an encryption key out of it",
et->name, (int)et->keytype->size);
return KRB5_PROG_ETYPE_NOSUPP;
}
ret = krb5_data_alloc(&key->keyvalue, et->keytype->size);
@@ -4024,15 +3999,16 @@ _krb5_pk_octetstring2key(krb5_context context,
unsigned char shaoutput[20];
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
type);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type);
return KRB5_PROG_ETYPE_NOSUPP;
}
keylen = (et->keytype->bits + 7) / 8;
keydata = malloc(keylen);
if (keydata == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
@@ -4079,7 +4055,8 @@ encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data)
&pn, &size, ret);
if (ret) {
krb5_data_zero(data);
krb5_set_error_string(context, "Failed to encode KRB5PrincipalName");
krb5_set_error_message(context, ret,
"Failed to encode KRB5PrincipalName");
return ret;
}
if (data->length != size)
@@ -4115,7 +4092,7 @@ encode_otherinfo(krb5_context context,
ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length,
&pubinfo, &size, ret);
if (ret) {
krb5_set_error_string(context, "out of memory");
krb5_set_error_message(context, ret, "out of memory");
return ret;
}
if (pub.length != size)
@@ -4142,7 +4119,7 @@ encode_otherinfo(krb5_context context,
free(otherinfo.partyVInfo.data);
free(pub.data);
if (ret) {
krb5_set_error_string(context, "out of memory");
krb5_set_error_message(context, ret, "out of memory");
return ret;
}
if (other->length != size)
@@ -4173,28 +4150,31 @@ _krb5_pk_kdf(krb5_context context,
unsigned char shaoutput[20];
if (der_heim_oid_cmp(oid_id_pkinit_kdf_ah_sha1(), &ai->algorithm) != 0) {
krb5_set_error_string(context, "kdf not supported");
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"kdf not supported");
return KRB5_PROG_ETYPE_NOSUPP;
}
if (ai->parameters != NULL &&
(ai->parameters->length != 2 ||
memcmp(ai->parameters->data, "\x05\x00", 2) != 0))
{
krb5_set_error_string(context, "kdf params not NULL or the NULL-type");
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"kdf params not NULL or the NULL-type");
return KRB5_PROG_ETYPE_NOSUPP;
}
et = _find_enctype(enctype);
if(et == NULL) {
krb5_set_error_string(context, "encryption type %d not supported",
enctype);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
enctype);
return KRB5_PROG_ETYPE_NOSUPP;
}
keylen = (et->keytype->bits + 7) / 8;
keydata = malloc(keylen);
if (keydata == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
@@ -4245,8 +4225,9 @@ krb5_crypto_prf_length(krb5_context context,
struct encryption_type *et = _find_enctype(type);
if(et == NULL || et->prf_length == 0) {
krb5_set_error_string(context, "encryption type %d not supported",
type);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"encryption type %d not supported",
type);
return KRB5_PROG_ETYPE_NOSUPP;
}
@@ -4265,8 +4246,9 @@ krb5_crypto_prf(krb5_context context,
krb5_data_zero(output);
if(et->prf == NULL) {
krb5_set_error_string(context, "kerberos prf for %s not supported",
et->name);
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
"kerberos prf for %s not supported",
et->name);
return KRB5_PROG_ETYPE_NOSUPP;
}