oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Add _krb5_crypto_iov_should_sign helper function

Browse Source 
Add a helper function which contains the knowledge about whether
a particular portion of a krb5_crypto_iovec should be signed or not.
This commit is contained in:
Simon Wilkinson
2018-05-14 13:40:57 +01:00
committed by Jeffrey Altman
parent c1eb9828f4
commit eb5eae59a4
2 changed files with 21 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
lib/krb5/crypto.c
View File

@@ -1335,10 +1335,8 @@ iov_sign_data_len(krb5_crypto_iov *data, int num_data)
size_t i, len;
for (len = 0, i = 0; i < num_data; i++) {
if (data[i].flags != KRB5_CRYPTO_TYPE_DATA &&
data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY)
continue;
len += data[i].data.length;
if (_krb5_crypto_iov_should_sign(&data[i]))
len += data[i].data.length;
}
return len;
@@ -1824,20 +1822,17 @@ krb5_create_checksum_iov(krb5_context context,
len = 0;
for (i = 0; i < num_data; i++) {
if (data[i].flags != KRB5_CRYPTO_TYPE_DATA &&
data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY)
continue;
len += data[i].data.length;
if (_krb5_crypto_iov_should_sign(&data[i]))
len += data[i].data.length;
}
p = q = malloc(len);
for (i = 0; i < num_data; i++) {
if (data[i].flags != KRB5_CRYPTO_TYPE_DATA &&
data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY)
continue;
memcpy(q, data[i].data.data, data[i].data.length);
q += data[i].data.length;
if (_krb5_crypto_iov_should_sign(&data[i])) {
memcpy(q, data[i].data.data, data[i].data.length);
q += data[i].data.length;
}
}
ret = krb5_create_checksum(context, crypto, usage, 0, p, len, &cksum);
@@ -1903,20 +1898,17 @@ krb5_verify_checksum_iov(krb5_context context,
len = 0;
for (i = 0; i < num_data; i++) {
if (data[i].flags != KRB5_CRYPTO_TYPE_DATA &&
data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY)
continue;
len += data[i].data.length;
if (_krb5_crypto_iov_should_sign(&data[i]))
len += data[i].data.length;
}
p = q = malloc(len);
for (i = 0; i < num_data; i++) {
if (data[i].flags != KRB5_CRYPTO_TYPE_DATA &&
data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY)
continue;
memcpy(q, data[i].data.data, data[i].data.length);
q += data[i].data.length;
if (_krb5_crypto_iov_should_sign(&data[i])) {
memcpy(q, data[i].data.data, data[i].data.length);
q += data[i].data.length;
}
}
cksum.cksumtype = CHECKSUMTYPE(et->keyed_checksum);