From f60ec15834d8a3486562e5f6be033fb20560f905 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Sun, 24 Jul 2011 14:03:08 -0700 Subject: [PATCH] partly unify enctype/keytype since there is only enctypes --- lib/gssapi/krb5/arcfour.c | 4 ++-- lib/gssapi/krb5/wrap.c | 4 ++-- lib/hdb/mkey.c | 2 +- lib/krb5/auth_context.c | 2 +- lib/krb5/crypto-aes.c | 4 ++-- lib/krb5/crypto-arcfour.c | 2 +- lib/krb5/crypto-des.c | 4 ++-- lib/krb5/crypto-des3.c | 4 ++-- lib/krb5/crypto-null.c | 2 +- lib/krb5/crypto.c | 6 +++--- lib/krb5/crypto.h | 2 +- lib/krb5/get_in_tkt.c | 2 +- lib/krb5/init_creds_pw.c | 2 +- lib/krb5/krb5.h | 6 ++++-- 14 files changed, 24 insertions(+), 22 deletions(-) diff --git a/lib/gssapi/krb5/arcfour.c b/lib/gssapi/krb5/arcfour.c index 0264207e4..15b1b3434 100644 --- a/lib/gssapi/krb5/arcfour.c +++ b/lib/gssapi/krb5/arcfour.c @@ -86,7 +86,7 @@ arcfour_mic_key(krb5_context context, krb5_keyblock *key, cksum_k5.checksum.data = k5_data; cksum_k5.checksum.length = sizeof(k5_data); - if (key->keytype == KEYTYPE_ARCFOUR_56) { + if (key->keytype == ENCTYPE_ARCFOUR_HMAC_MD5_56) { char L40[14] = "fortybits"; memcpy(L40 + 10, T, sizeof(T)); @@ -100,7 +100,7 @@ arcfour_mic_key(krb5_context context, krb5_keyblock *key, if (ret) return ret; - key5.keytype = KEYTYPE_ARCFOUR; + key5.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; key5.keyvalue = cksum_k5.checksum; cksum_k6.checksum.data = key6_data; diff --git a/lib/gssapi/krb5/wrap.c b/lib/gssapi/krb5/wrap.c index efd0d82c4..1026e4191 100644 --- a/lib/gssapi/krb5/wrap.c +++ b/lib/gssapi/krb5/wrap.c @@ -174,8 +174,8 @@ _gsskrb5_wrap_size_limit ( ret = GSS_S_FAILURE; #endif break; - case KEYTYPE_ARCFOUR: - case KEYTYPE_ARCFOUR_56: + case ENCTYPE_ARCFOUR_HMAC_MD5: + case ENCTYPE_ARCFOUR_HMAC_MD5_56: ret = _gssapi_wrap_size_arcfour(minor_status, ctx, context, conf_req_flag, qop_req, req_output_size, max_input_size, key); diff --git a/lib/hdb/mkey.c b/lib/hdb/mkey.c index 9a13d55a5..9eb98fca3 100644 --- a/lib/hdb/mkey.c +++ b/lib/hdb/mkey.c @@ -228,7 +228,7 @@ read_master_encryptionkey(krb5_context context, const char *filename, should cover all cases, but will break if someone has hacked this code to really use des-cbc-md5 -- but then that's not my problem. */ - if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5) + if(key.keytype == ETYPE_DES_CBC_CRC || key.keytype == ETYPE_DES_CBC_MD5) key.keytype = ETYPE_DES_CFB64_NONE; ret = hdb_process_master_key(context, 0, &key, 0, mkey); diff --git a/lib/krb5/auth_context.c b/lib/krb5/auth_context.c index 518e19359..25ae15cf0 100644 --- a/lib/krb5/auth_context.c +++ b/lib/krb5/auth_context.c @@ -58,7 +58,7 @@ krb5_auth_con_init(krb5_context context, p->remote_address = NULL; p->local_port = 0; p->remote_port = 0; - p->keytype = KEYTYPE_NULL; + p->keytype = ENCTYPE_NULL; p->cksumtype = CKSUMTYPE_NONE; *auth_context = p; return 0; diff --git a/lib/krb5/crypto-aes.c b/lib/krb5/crypto-aes.c index e8facd85d..b97854206 100644 --- a/lib/krb5/crypto-aes.c +++ b/lib/krb5/crypto-aes.c @@ -38,7 +38,7 @@ */ static struct _krb5_key_type keytype_aes128 = { - KEYTYPE_AES128, + ENCTYPE_AES128_CTS_HMAC_SHA1_96, "aes-128", 128, 16, @@ -52,7 +52,7 @@ static struct _krb5_key_type keytype_aes128 = { }; static struct _krb5_key_type keytype_aes256 = { - KEYTYPE_AES256, + ENCTYPE_AES256_CTS_HMAC_SHA1_96, "aes-256", 256, 32, diff --git a/lib/krb5/crypto-arcfour.c b/lib/krb5/crypto-arcfour.c index 82769aea6..1b369d2fd 100644 --- a/lib/krb5/crypto-arcfour.c +++ b/lib/krb5/crypto-arcfour.c @@ -38,7 +38,7 @@ #include "krb5_locl.h" static struct _krb5_key_type keytype_arcfour = { - KEYTYPE_ARCFOUR, + ENCTYPE_ARCFOUR_HMAC_MD5, "arcfour", 128, 16, diff --git a/lib/krb5/crypto-des.c b/lib/krb5/crypto-des.c index 63ce901d9..f6f1c6881 100644 --- a/lib/krb5/crypto-des.c +++ b/lib/krb5/crypto-des.c @@ -69,7 +69,7 @@ krb5_DES_random_to_key(krb5_context context, } static struct _krb5_key_type keytype_des_old = { - KEYTYPE_DES, + ETYPE_DES_CBC_CRC, "des-old", 56, 8, @@ -83,7 +83,7 @@ static struct _krb5_key_type keytype_des_old = { }; static struct _krb5_key_type keytype_des = { - KEYTYPE_DES, + ETYPE_DES_CBC_CRC, "des", 56, 8, diff --git a/lib/krb5/crypto-des3.c b/lib/krb5/crypto-des3.c index d50c5cebe..43806038b 100644 --- a/lib/krb5/crypto-des3.c +++ b/lib/krb5/crypto-des3.c @@ -55,7 +55,7 @@ DES3_random_key(krb5_context context, #ifdef DES3_OLD_ENCTYPE static struct _krb5_key_type keytype_des3 = { - KEYTYPE_DES3, + ETYPE_OLD_DES3_CBC_SHA1, "des3", 168, 24, @@ -70,7 +70,7 @@ static struct _krb5_key_type keytype_des3 = { #endif static struct _krb5_key_type keytype_des3_derived = { - KEYTYPE_DES3, + ETYPE_OLD_DES3_CBC_SHA1, "des3", 168, 24, diff --git a/lib/krb5/crypto-null.c b/lib/krb5/crypto-null.c index 69d0e7c34..3b643123f 100644 --- a/lib/krb5/crypto-null.c +++ b/lib/krb5/crypto-null.c @@ -38,7 +38,7 @@ #endif static struct _krb5_key_type keytype_null = { - KEYTYPE_NULL, + ENCTYPE_NULL, "null", 0, 0, diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index a1b46b13a..37eb2c546 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -1898,11 +1898,11 @@ _krb5_derive_key(krb5_context context, /* XXX keytype dependent post-processing */ switch(kt->type) { - case KEYTYPE_DES3: + case ETYPE_OLD_DES3_CBC_SHA1: _krb5_DES3_random_to_key(context, key->key, k, nblocks * et->blocksize); break; - case KEYTYPE_AES128: - case KEYTYPE_AES256: + case ENCTYPE_AES128_CTS_HMAC_SHA1_96: + case ENCTYPE_AES256_CTS_HMAC_SHA1_96: memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length); break; default: diff --git a/lib/krb5/crypto.h b/lib/krb5/crypto.h index bf945875b..9b95b8f0c 100644 --- a/lib/krb5/crypto.h +++ b/lib/krb5/crypto.h @@ -69,7 +69,7 @@ struct salt_type { }; struct _krb5_key_type { - krb5_keytype type; /* XXX */ + krb5_enctype type; const char *name; size_t bits; size_t size; diff --git a/lib/krb5/get_in_tkt.c b/lib/krb5/get_in_tkt.c index 27f4964e6..41618b961 100644 --- a/lib/krb5/get_in_tkt.c +++ b/lib/krb5/get_in_tkt.c @@ -480,7 +480,7 @@ krb5_get_in_cred(krb5_context context, } } if(pa) { - salt.salttype = pa->padata_type; + salt.salttype = (krb5_salttype)pa->padata_type; salt.saltvalue = pa->padata_value; ret = (*key_proc)(context, etype, salt, keyseed, &key); diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c index f2185628e..37f4147c3 100644 --- a/lib/krb5/init_creds_pw.c +++ b/lib/krb5/init_creds_pw.c @@ -915,7 +915,7 @@ process_pa_info(krb5_context context, PA_DATA *pa = find_pa_data(md, pa_prefs[i].type); if (pa == NULL) continue; - paid->salt.salttype = pa_prefs[i].type; + paid->salt.salttype = (krb5_salttype)pa_prefs[i].type; p = (*pa_prefs[i].salt_info)(context, client, asreq, paid, &pa->padata_value); } diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index 2224b92e9..2d555ea06 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -326,7 +326,9 @@ typedef HostAddress krb5_address; typedef HostAddresses krb5_addresses; -typedef enum krb5_keytype { +typedef krb5_enctype krb5_keytype; + +enum krb5_keytype_old { KEYTYPE_NULL = ETYPE_NULL, KEYTYPE_DES = ETYPE_DES_CBC_CRC, KEYTYPE_DES3 = ETYPE_OLD_DES3_CBC_SHA1, @@ -334,7 +336,7 @@ typedef enum krb5_keytype { KEYTYPE_AES256 = ETYPE_AES256_CTS_HMAC_SHA1_96, KEYTYPE_ARCFOUR = ETYPE_ARCFOUR_HMAC_MD5, KEYTYPE_ARCFOUR_56 = ETYPE_ARCFOUR_HMAC_MD5_56 -} krb5_keytype; +}; typedef EncryptionKey krb5_keyblock;