Allow a zero checksum type to be passed into krb5_k_verify_checksum_iov;

this indicates that the mandatory checksum type for the key is to be used.
This interface is necessary because there is no public interface through
which the mandatory checksum type for an encryption type can be determined.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24304 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/krb/verify_checksum_iov.c b/src/lib/crypto/krb/verify_checksum_iov.c
index 0934ae5118777dabca5a2c376d58714a78816f57..d5427baecd9b6a48c0a7a23051769983b96729e3 100644 (file)
--- a/src/lib/crypto/krb/verify_checksum_iov.c
+++ b/src/lib/crypto/krb/verify_checksum_iov.c
@@ -43,6 +43,12 @@ krb5_k_verify_checksum_iov(krb5_context context,
     krb5_data computed;
     krb5_crypto_iov *checksum;
 
+    if (checksum_type == 0) {
+        ret = krb5int_c_mandatory_cksumtype(context, key->keyblock.enctype,
+                                            &checksum_type);
+        if (ret != 0)
+            return ret;
+    }
     ctp = find_cksumtype(checksum_type);
     if (ctp == NULL)
         return KRB5_BAD_ENCTYPE;