|
Packit |
fd8b60 |
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* Copyright (C) 1998 by the FundsXpress, INC.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* All rights reserved.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* Export of this software from the United States of America may require
|
|
Packit |
fd8b60 |
* a specific license from the United States Government. It is the
|
|
Packit |
fd8b60 |
* responsibility of any person or organization contemplating export to
|
|
Packit |
fd8b60 |
* obtain such a license before exporting.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
Packit |
fd8b60 |
* distribute this software and its documentation for any purpose and
|
|
Packit |
fd8b60 |
* without fee is hereby granted, provided that the above copyright
|
|
Packit |
fd8b60 |
* notice appear in all copies and that both that copyright notice and
|
|
Packit |
fd8b60 |
* this permission notice appear in supporting documentation, and that
|
|
Packit |
fd8b60 |
* the name of FundsXpress. not be used in advertising or publicity pertaining
|
|
Packit |
fd8b60 |
* to distribution of the software without specific, written prior
|
|
Packit |
fd8b60 |
* permission. FundsXpress makes no representations about the suitability of
|
|
Packit |
fd8b60 |
* this software for any purpose. It is provided "as is" without express
|
|
Packit |
fd8b60 |
* or implied warranty.
|
|
Packit |
fd8b60 |
*
|
|
Packit |
fd8b60 |
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
|
Packit |
fd8b60 |
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
Packit |
fd8b60 |
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
#include "crypto_int.h"
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* The following functions were removed from the API in krb5 1.3 but
|
|
Packit |
fd8b60 |
* still need to be exported for ABI compatibility. The other
|
|
Packit |
fd8b60 |
* functions defined in this file are still in the API (and thus
|
|
Packit |
fd8b60 |
* prototyped in krb5.hin) but are deprecated.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV valid_enctype(krb5_enctype ktype);
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV valid_cksumtype(krb5_cksumtype ctype);
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV is_coll_proof_cksum(krb5_cksumtype ctype);
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV is_keyed_cksum(krb5_cksumtype ctype);
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV krb5_random_confounder(size_t, krb5_pointer);
|
|
Packit |
fd8b60 |
krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key,
|
|
Packit |
fd8b60 |
krb5_pointer ivec, krb5_data *data,
|
|
Packit |
fd8b60 |
krb5_enc_data *enc_data);
|
|
Packit |
fd8b60 |
krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key,
|
|
Packit |
fd8b60 |
krb5_pointer ivec, krb5_enc_data *data,
|
|
Packit |
fd8b60 |
krb5_data *enc_data);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_encrypt(krb5_context context, krb5_const_pointer inptr,
|
|
Packit |
fd8b60 |
krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
krb5_pointer ivec)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_data inputd, ivecd;
|
|
Packit |
fd8b60 |
krb5_enc_data outputd;
|
|
Packit |
fd8b60 |
size_t blocksize, outlen;
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (ivec) {
|
|
Packit |
fd8b60 |
ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ivecd = make_data(ivec, blocksize);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* size is the length of the input cleartext data. */
|
|
Packit |
fd8b60 |
inputd = make_data((void *) inptr, size);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/*
|
|
Packit |
fd8b60 |
* The size of the output buffer isn't part of the old api. Not too
|
|
Packit |
fd8b60 |
* safe. So, we assume here that it's big enough.
|
|
Packit |
fd8b60 |
*/
|
|
Packit |
fd8b60 |
ret = krb5_c_encrypt_length(context, eblock->key->enctype, size, &outlen);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
outputd.ciphertext = make_data(outptr, outlen);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return krb5_c_encrypt(context, eblock->key, 0, ivec ? &ivecd : 0,
|
|
Packit |
fd8b60 |
&inputd, &outputd);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_decrypt(krb5_context context, krb5_const_pointer inptr,
|
|
Packit |
fd8b60 |
krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
krb5_pointer ivec)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_enc_data inputd;
|
|
Packit |
fd8b60 |
krb5_data outputd, ivecd;
|
|
Packit |
fd8b60 |
size_t blocksize;
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (ivec) {
|
|
Packit |
fd8b60 |
ret = krb5_c_block_size(context, eblock->key->enctype, &blocksize);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ivecd = make_data(ivec, blocksize);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* size is the length of the input ciphertext data */
|
|
Packit |
fd8b60 |
inputd.enctype = eblock->key->enctype;
|
|
Packit |
fd8b60 |
inputd.ciphertext = make_data((void *) inptr, size);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* we don't really know how big this is, but the code tends to assume
|
|
Packit |
fd8b60 |
that the output buffer size should be the same as the input
|
|
Packit |
fd8b60 |
buffer size */
|
|
Packit |
fd8b60 |
outputd = make_data(outptr, size);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return krb5_c_decrypt(context, eblock->key, 0, ivec ? &ivecd : 0,
|
|
Packit |
fd8b60 |
&inputd, &outputd);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_process_key(krb5_context context, krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
const krb5_keyblock *key)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
eblock->key = (krb5_keyblock *) key;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_finish_key(krb5_context context, krb5_encrypt_block *eblock)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_string_to_key(krb5_context context, const krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
krb5_keyblock *keyblock, const krb5_data *data,
|
|
Packit |
fd8b60 |
const krb5_data *salt)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return krb5_c_string_to_key(context, eblock->crypto_entry, data, salt,
|
|
Packit |
fd8b60 |
keyblock);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
const krb5_keyblock *keyblock, krb5_pointer *ptr)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_data data = make_data(keyblock->contents, keyblock->length);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return krb5_c_random_seed(context, &data);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_finish_random_key(krb5_context context, const krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
krb5_pointer *ptr)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
krb5_pointer ptr, krb5_keyblock **keyblock)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_keyblock *key;
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
*keyblock = NULL;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
key = malloc(sizeof(krb5_keyblock));
|
|
Packit |
fd8b60 |
if (key == NULL)
|
|
Packit |
fd8b60 |
return ENOMEM;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = krb5_c_make_random_key(context, eblock->crypto_entry, key);
|
|
Packit |
fd8b60 |
if (ret) {
|
|
Packit |
fd8b60 |
free(key);
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
*keyblock = key;
|
|
Packit |
fd8b60 |
return(ret);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_enctype KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_eblock_enctype(krb5_context context, const krb5_encrypt_block *eblock)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return eblock->crypto_entry;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_use_enctype(krb5_context context, krb5_encrypt_block *eblock,
|
|
Packit |
fd8b60 |
krb5_enctype enctype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
eblock->crypto_entry = enctype;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
size_t KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_encrypt_size(size_t length, krb5_enctype crypto)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
size_t ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (krb5_c_encrypt_length(NULL, crypto, length, &ret))
|
|
Packit |
fd8b60 |
return (size_t) -1; /* XXX */
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
size_t KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_checksum_size(krb5_context context, krb5_cksumtype ctype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
size_t ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (krb5_c_checksum_length(context, ctype, &ret))
|
|
Packit |
fd8b60 |
return (size_t) -1; /* XXX */
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
/* Guess the enctype for an untyped key used with checksum type ctype. */
|
|
Packit |
fd8b60 |
static krb5_enctype
|
|
Packit |
fd8b60 |
guess_enctype(krb5_cksumtype ctype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
const struct krb5_cksumtypes *ctp;
|
|
Packit |
fd8b60 |
int i;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (ctype == CKSUMTYPE_HMAC_MD5_ARCFOUR)
|
|
Packit |
fd8b60 |
return ENCTYPE_ARCFOUR_HMAC;
|
|
Packit |
fd8b60 |
ctp = find_cksumtype(ctype);
|
|
Packit |
fd8b60 |
if (ctp == NULL || ctp->enc == NULL)
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
for (i = 0; i < krb5int_enctypes_length; i++) {
|
|
Packit |
fd8b60 |
if (krb5int_enctypes_list[i].enc == ctp->enc)
|
|
Packit |
fd8b60 |
return i;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype,
|
|
Packit |
fd8b60 |
krb5_const_pointer in, size_t in_length,
|
|
Packit |
fd8b60 |
krb5_const_pointer seed, size_t seed_length,
|
|
Packit |
fd8b60 |
krb5_checksum *outcksum)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_data input = make_data((void *) in, in_length);
|
|
Packit |
fd8b60 |
krb5_keyblock keyblock, *kptr = NULL;
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
krb5_checksum cksum;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (seed != NULL) {
|
|
Packit |
fd8b60 |
keyblock.enctype = guess_enctype(ctype);
|
|
Packit |
fd8b60 |
keyblock.length = seed_length;
|
|
Packit |
fd8b60 |
keyblock.contents = (unsigned char *) seed;
|
|
Packit |
fd8b60 |
kptr = &keyblock;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = krb5_c_make_checksum(context, ctype, kptr, 0, &input, &cksum);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (outcksum->length < cksum.length) {
|
|
Packit |
fd8b60 |
memset(cksum.contents, 0, cksum.length);
|
|
Packit |
fd8b60 |
free(cksum.contents);
|
|
Packit |
fd8b60 |
return KRB5_BAD_MSIZE;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
outcksum->magic = cksum.magic;
|
|
Packit |
fd8b60 |
outcksum->checksum_type = cksum.checksum_type;
|
|
Packit |
fd8b60 |
memcpy(outcksum->contents, cksum.contents, cksum.length);
|
|
Packit |
fd8b60 |
outcksum->length = cksum.length;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
free(cksum.contents);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return(0);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype,
|
|
Packit |
fd8b60 |
const krb5_checksum *cksum, krb5_const_pointer in,
|
|
Packit |
fd8b60 |
size_t in_length, krb5_const_pointer seed,
|
|
Packit |
fd8b60 |
size_t seed_length)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_data input = make_data((void *) in, in_length);
|
|
Packit |
fd8b60 |
krb5_keyblock keyblock, *kptr = NULL;
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
krb5_boolean valid;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (seed != NULL) {
|
|
Packit |
fd8b60 |
keyblock.enctype = guess_enctype(ctype);
|
|
Packit |
fd8b60 |
keyblock.length = seed_length;
|
|
Packit |
fd8b60 |
keyblock.contents = (unsigned char *) seed;
|
|
Packit |
fd8b60 |
kptr = &keyblock;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = krb5_c_verify_checksum(context, kptr, 0, &input, cksum, &valid);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (!valid)
|
|
Packit |
fd8b60 |
return KRB5KRB_AP_ERR_BAD_INTEGRITY;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code KRB5_CALLCONV
|
|
Packit |
fd8b60 |
krb5_random_confounder(size_t size, krb5_pointer ptr)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_data random_data = make_data(ptr, size);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return krb5_c_random_make_octets(NULL, &random_data);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code krb5_encrypt_data(krb5_context context, krb5_keyblock *key,
|
|
Packit |
fd8b60 |
krb5_pointer ivec, krb5_data *data,
|
|
Packit |
fd8b60 |
krb5_enc_data *enc_data)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
size_t enclen, blocksize;
|
|
Packit |
fd8b60 |
krb5_data ivecd;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = krb5_c_encrypt_length(context, key->enctype, data->length, &enclen);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (ivec) {
|
|
Packit |
fd8b60 |
ret = krb5_c_block_size(context, key->enctype, &blocksize);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ivecd = make_data(ivec, blocksize);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
enc_data->magic = KV5M_ENC_DATA;
|
|
Packit |
fd8b60 |
enc_data->kvno = 0;
|
|
Packit |
fd8b60 |
enc_data->enctype = key->enctype;
|
|
Packit |
fd8b60 |
ret = alloc_data(&enc_data->ciphertext, enclen);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = krb5_c_encrypt(context, key, 0, ivec ? &ivecd : 0, data, enc_data);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
free(enc_data->ciphertext.data);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_error_code krb5_decrypt_data(krb5_context context, krb5_keyblock *key,
|
|
Packit |
fd8b60 |
krb5_pointer ivec, krb5_enc_data *enc_data,
|
|
Packit |
fd8b60 |
krb5_data *data)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
krb5_error_code ret;
|
|
Packit |
fd8b60 |
krb5_data ivecd;
|
|
Packit |
fd8b60 |
size_t blocksize;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
if (ivec) {
|
|
Packit |
fd8b60 |
ret = krb5_c_block_size(context, key->enctype, &blocksize);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ivecd = make_data(ivec, blocksize);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = alloc_data(data, enc_data->ciphertext.length);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
return ret;
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
ret = krb5_c_decrypt(context, key, 0, ivec ? &ivecd : 0, enc_data, data);
|
|
Packit |
fd8b60 |
if (ret)
|
|
Packit |
fd8b60 |
free(data->data);
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
return 0;
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV
|
|
Packit |
fd8b60 |
valid_cksumtype(krb5_cksumtype ctype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return krb5_c_valid_cksumtype(ctype);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV
|
|
Packit |
fd8b60 |
is_keyed_cksum(krb5_cksumtype ctype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return krb5_c_is_keyed_cksum(ctype);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV
|
|
Packit |
fd8b60 |
is_coll_proof_cksum(krb5_cksumtype ctype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return krb5_c_is_coll_proof_cksum(ctype);
|
|
Packit |
fd8b60 |
}
|
|
Packit |
fd8b60 |
|
|
Packit |
fd8b60 |
krb5_boolean KRB5_CALLCONV
|
|
Packit |
fd8b60 |
valid_enctype(krb5_enctype etype)
|
|
Packit |
fd8b60 |
{
|
|
Packit |
fd8b60 |
return krb5_c_valid_enctype(etype);
|
|
Packit |
fd8b60 |
}
|