2 * lib/crypto/verify_checksum_iov.c
4 * Copyright 2008 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
28 #include "cksumtypes.h"
31 krb5_error_code KRB5_CALLCONV
32 krb5_c_verify_checksum_iov(krb5_context context,
33 krb5_cksumtype checksum_type,
34 const krb5_keyblock *key,
36 const krb5_crypto_iov *data,
44 krb5_crypto_iov *checksum;
46 for (i=0; i<krb5_cksumtypes_length; i++) {
47 if (krb5_cksumtypes_list[i].ctype == checksum_type)
51 if (i == krb5_cksumtypes_length)
52 return(KRB5_BAD_ENCTYPE);
54 checksum = krb5int_c_locate_iov((krb5_crypto_iov *)data, num_data, KRB5_CRYPTO_TYPE_CHECKSUM);
56 return(KRB5_BAD_MSIZE);
58 /* if there's actually a verify function, call it */
60 if (krb5_cksumtypes_list[i].keyhash &&
61 krb5_cksumtypes_list[i].keyhash->verify_iov)
62 return((*(krb5_cksumtypes_list[i].keyhash->verify_iov))(key, usage, 0,
67 /* otherwise, make the checksum again, and compare */
69 if ((ret = krb5_c_checksum_length(context, checksum_type, &hashsize)))
72 if (checksum->data.length != hashsize)
73 return(KRB5_BAD_MSIZE);
75 computed.data = malloc(hashsize);
76 if (computed.data == NULL) {
79 computed.length = hashsize;
81 if ((ret = krb5int_c_make_checksum_iov(&krb5_cksumtypes_list[i], key, usage,
82 data, num_data, &computed))) {
87 *valid = (memcmp(computed.data, &checksum->data, hashsize) == 0);