* extend dh_rep
* add krb5_free_octet_data
* extend pkinit free functions
pkinit: add supportedKDFs and kdfID to structures
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25194
dc483132-0cff-0310-8789-
dd5450dbe970
krb5_octet_data subjectPublicKey; /* BIT STRING */
} krb5_subject_pk_info;
-/* AuthPack */
+/** AuthPack from RFC 4556*/
typedef struct _krb5_auth_pack {
krb5_pk_authenticator pkAuthenticator;
krb5_subject_pk_info *clientPublicValue; /* Optional */
krb5_algorithm_identifier **supportedCMSTypes; /* Optional */
krb5_octet_data clientDHNonce; /* Optional */
+krb5_octet_data **supportedKDFs; /*< object identifiers of KDFs; OPTIONAL*/
} krb5_auth_pack;
/* AuthPack draft9 */
krb5_octet_data kdcPkId; /* Optional */
} krb5_pa_pk_as_req;
-/* DHRepInfo */
+/** Pkinit DHRepInfo */
typedef struct _krb5_dh_rep_info {
krb5_octet_data dhSignedData;
krb5_octet_data serverDHNonce; /* Optional */
+ krb5_octet_data *kdfID; /**< OID of selected KDF OPTIONAL*/
} krb5_dh_rep_info;
/* KDCDHKeyInfo */
krb5_free_data(krb5_context context, krb5_data *val);
/**
- * Free the contents of a krb_data structure.
+ * @brief Free storage associated with a @c krb5_octet_data structure and its pointer.
+ *
+ * @param context Context structure [input, output]
+ * @param val Pointer to data structure to be freed [input, output]
+ *
+ * @return
+ * None
+ */
+void KRB5_CALLCONV
+krb5_free_octet_data(krb5_context context, krb5_octet_data *val);
+
+/**
+ * @brief Free the contents of a @c _krb5_data structure and zero the data field.
+ *
+ * @param context Context structure [input, output]
+ * @param val Pointer to data structure to be freed [input, output]
*
* @param [in] context Library context
* @param [in] val Data structure to free contents of
free(val);
}
+
+void KRB5_CALLCONV
+krb5_free_octet_data(krb5_context context, krb5_octet_data *val)
+{
+ if (val == NULL)
+ return;
+ free(val->data);
+ free(val);
+}
+
void KRB5_CALLCONV
krb5_free_data_contents(krb5_context context, krb5_data *val)
{
krb5_free_krbhst
krb5_free_ktypes
krb5_free_last_req
+krb5_free_octet_data
krb5_free_pa_data
krb5_free_pa_enc_ts
krb5_free_pa_for_user
free((*in)->pkAuthenticator.paChecksum.contents);
if ((*in)->supportedCMSTypes != NULL)
free_krb5_algorithm_identifiers(&((*in)->supportedCMSTypes));
+ if (*(*in)->supportedKDFs) {
+ krb5_octet_data **supportedKDFs =
+ (*in)->supportedKDFs;
+ unsigned i;
+ for (i = 0; supportedKDFs[i]; i++)
+ krb5_free_octet_data(NULL, supportedKDFs[i]);
+ free(supportedKDFs);
+ }
free(*in);
}
if (*in == NULL) return;
switch ((*in)->choice) {
case choice_pa_pk_as_rep_dhInfo:
+ krb5_free_octet_data(NULL, (*in)->u.dh_Info.kdfID);
free((*in)->u.dh_Info.dhSignedData.data);
break;
case choice_pa_pk_as_rep_encKeyPack: