changes for new encryption structure
authorJohn Kohl <jtkohl@mit.edu>
Wed, 10 Oct 1990 16:51:17 +0000 (16:51 +0000)
committerJohn Kohl <jtkohl@mit.edu>
Wed, 10 Oct 1990 16:51:17 +0000 (16:51 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1224 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/mk_priv.c
src/lib/krb5/krb/mk_rep.c
src/lib/krb5/krb/rd_priv.c
src/lib/krb5/krb/rd_rep.c
src/lib/krb5/krb/rd_req_dec.c

index 1ad7af1aa1299e4904e60c8c1c9c96c4d9606e7e..3a182cf8b10d4b259da3c725b6331724338ac5c9 100644 (file)
@@ -62,7 +62,8 @@ OLDDECLARG(krb5_data *, outbuf)
 
     if (!valid_etype(etype))
        return KRB5_PROG_ETYPE_NOSUPP;
-    privmsg.etype = etype; 
+    privmsg.enc_part.etype = etype; 
+    privmsg.enc_part.kvno = 0; /* XXX allow user-set? */
 
     privmsg_enc_part.user_data = *userdata;
     privmsg_enc_part.s_address = sender_addr->address;
@@ -89,22 +90,28 @@ OLDDECLARG(krb5_data *, outbuf)
     /* put together an eblock for this encryption */
 
     eblock.crypto_entry = krb5_csarray[etype]->system;
-    privmsg.enc_part.length = krb5_encrypt_size(scratch->length,
+    privmsg.enc_part.ciphertext.length = krb5_encrypt_size(scratch->length,
                                                eblock.crypto_entry);
     /* add padding area, and zero it */
-    if (!(scratch->data = realloc(scratch->data, privmsg.enc_part.length))) {
+    if (!(scratch->data = realloc(scratch->data,
+                                 privmsg.enc_part.ciphertext.length))) {
        /* may destroy scratch->data */
        xfree(scratch);
        return ENOMEM;
     }
     bzero(scratch->data + scratch->length,
-         privmsg.enc_part.length - scratch->length);
-    if (!(privmsg.enc_part.data = malloc(privmsg.enc_part.length))) {
+         privmsg.enc_part.ciphertext.length - scratch->length);
+    if (!(privmsg.enc_part.ciphertext.data =
+         malloc(privmsg.enc_part.ciphertext.length))) {
         retval = ENOMEM;
         goto clean_scratch;
     }
 
-#define cleanup_encpart() {(void) bzero(privmsg.enc_part.data, privmsg.enc_part.length); free(privmsg.enc_part.data); privmsg.enc_part.length = 0; privmsg.enc_part.data = 0;}
+#define cleanup_encpart() {\
+(void) bzero(privmsg.enc_part.ciphertext.data, \
+            privmsg.enc_part.ciphertext.length); \
+free(privmsg.enc_part.ciphertext.data); \
+privmsg.enc_part.ciphertext.length = 0; privmsg.enc_part.ciphertext.data = 0;}
 
     /* do any necessary key pre-processing */
     if (retval = krb5_process_key(&eblock, key)) {
@@ -115,7 +122,7 @@ OLDDECLARG(krb5_data *, outbuf)
 
     /* call the encryption routine */
     if (retval = krb5_encrypt((krb5_pointer) scratch->data,
-                             (krb5_pointer) privmsg.enc_part.data,
+                             (krb5_pointer) privmsg.enc_part.ciphertext.data,
                              scratch->length, &eblock,
                              i_vector)) {
         goto clean_prockey;
@@ -123,8 +130,9 @@ OLDDECLARG(krb5_data *, outbuf)
 
     /* put last block into the i_vector */
     if (i_vector)
-       bcopy(privmsg.enc_part.data +
-             (privmsg.enc_part.length - eblock.crypto_entry->block_length),
+       bcopy(privmsg.enc_part.ciphertext.data +
+             (privmsg.enc_part.ciphertext.length -
+              eblock.crypto_entry->block_length),
              i_vector,
              eblock.crypto_entry->block_length);
           
index fe8d4fdf2483c58c43e70bd584ae4e74bbee75fe..7df97389a1c2852fa16c577dbb47384d816938c7 100644 (file)
@@ -67,22 +67,31 @@ krb5_data *outbuf;
     /* put together an eblock for this encryption */
 
     eblock.crypto_entry = krb5_csarray[etype]->system;
-    reply.enc_part.length = krb5_encrypt_size(scratch->length,
-                                             eblock.crypto_entry);
+    reply.enc_part.etype = etype;
+    reply.enc_part.kvno = 0;           /* XXX user set? */
+
+    reply.enc_part.ciphertext.length = krb5_encrypt_size(scratch->length,
+                                                        eblock.crypto_entry);
     /* add padding area, and zero it */
-    if (!(scratch->data = realloc(scratch->data, reply.enc_part.length))) {
+    if (!(scratch->data = realloc(scratch->data,
+                                 reply.enc_part.ciphertext.length))) {
        /* may destroy scratch->data */
        xfree(scratch);
        return ENOMEM;
     }
     bzero(scratch->data + scratch->length,
-         reply.enc_part.length - scratch->length);
-    if (!(reply.enc_part.data = malloc(reply.enc_part.length))) {
+         reply.enc_part.ciphertext.length - scratch->length);
+    if (!(reply.enc_part.ciphertext.data =
+         malloc(reply.enc_part.ciphertext.length))) {
        retval = ENOMEM;
        goto clean_scratch;
     }
 
-#define cleanup_encpart() {(void) bzero(reply.enc_part.data, reply.enc_part.length); free(reply.enc_part.data); reply.enc_part.length = 0; reply.enc_part.data = 0;}
+#define cleanup_encpart() {\
+(void) bzero(reply.enc_part.ciphertext.data, \
+            reply.enc_part.ciphertext.length); \
+free(reply.enc_part.ciphertext.data); \
+reply.enc_part.ciphertext.length = 0; reply.enc_part.ciphertext.data = 0;}
 
     /* do any necessary key pre-processing */
     if (retval = krb5_process_key(&eblock, kblock)) {
@@ -93,7 +102,7 @@ krb5_data *outbuf;
 
     /* call the encryption routine */
     if (retval = krb5_encrypt((krb5_pointer) scratch->data,
-                             (krb5_pointer) reply.enc_part.data,
+                             (krb5_pointer) reply.enc_part.ciphertext.data,
                              scratch->length, &eblock, 0)) {
        goto clean_prockey;
     }
index 45bd4f5006a3c9819a691b030b66887999370691..10cb7ab610ba80dc15089adccb254875365cfe75 100644 (file)
@@ -75,16 +75,16 @@ OLDDECLARG(krb5_data *, outbuf)
        return retval;
     }
     
-#define cleanup_privmsg() {(void)xfree(privmsg->enc_part.data); (void)xfree(privmsg);}
-    if (!valid_etype(privmsg->etype)) {
+#define cleanup_privmsg() {(void)xfree(privmsg->enc_part.ciphertext.data); (void)xfree(privmsg);}
+    if (!valid_etype(privmsg->enc_part.etype)) {
        cleanup_privmsg();
        return KRB5_PROG_ETYPE_NOSUPP; /* XXX */
     }
                           
     /* put together an eblock for this decryption */
 
-    eblock.crypto_entry = krb5_csarray[privmsg->etype]->system;
-    scratch.length = privmsg->enc_part.length;
+    eblock.crypto_entry = krb5_csarray[privmsg->enc_part.etype]->system;
+    scratch.length = privmsg->enc_part.ciphertext.length;
     
     if (!(scratch.data = malloc(scratch.length))) {
        cleanup_privmsg();
@@ -103,7 +103,7 @@ OLDDECLARG(krb5_data *, outbuf)
 #define cleanup_prockey() {(void) krb5_finish_key(&eblock);}
 
     /* call the decryption routine */
-    if (retval = krb5_decrypt((krb5_pointer) privmsg->enc_part.data,
+    if (retval = krb5_decrypt((krb5_pointer) privmsg->enc_part.ciphertext.data,
                              (krb5_pointer) scratch.data,
                              scratch.length, &eblock,
                              i_vector)) {
@@ -117,8 +117,9 @@ OLDDECLARG(krb5_data *, outbuf)
        input */
     /* put last block into the i_vector */
     if (i_vector)
-       bcopy(privmsg->enc_part.data +
-             (privmsg->enc_part.length - eblock.crypto_entry->block_length),
+       bcopy(privmsg->enc_part.ciphertext.data +
+             (privmsg->enc_part.ciphertext.length -
+              eblock.crypto_entry->block_length),
              i_vector,
              eblock.crypto_entry->block_length);
 
index db8791cb6f5a3bc631ed8db4283094eecf1f04f1..fffe26ff8478a05a3a3edd16efc4b23949f49c58 100644 (file)
@@ -56,9 +56,13 @@ krb5_ap_rep_enc_part *repl;
 
     /* put together an eblock for this encryption */
 
-    eblock.crypto_entry = krb5_keytype_array[kblock->keytype]->system;
+    if (!valid_etype(reply->enc_part.etype)) {
+       krb5_free_ap_rep(reply);
+       return KRB5_PROG_ETYPE_NOSUPP;
+    }
+    eblock.crypto_entry = krb5_csarray[reply->enc_part.etype]->system;
 
-    scratch.length = reply->enc_part.length;
+    scratch.length = reply->enc_part.ciphertext.length;
     if (!(scratch.data = malloc(scratch.length))) {
        krb5_free_ap_rep(reply);
        return(ENOMEM);
@@ -73,7 +77,7 @@ krb5_ap_rep_enc_part *repl;
     }
 
     /* call the encryption routine */
-    if (retval = krb5_decrypt((krb5_pointer) reply->enc_part.data,
+    if (retval = krb5_decrypt((krb5_pointer) reply->enc_part.ciphertext.data,
                              (krb5_pointer) scratch.data,
                              scratch.length, &eblock, 0)) {
        (void) krb5_finish_key(&eblock);
index 9be554eef54f3632de5ce2ce53bbf3b48817f965..f63cfa5fef3bf09735d0ab52b29808c8d380387b 100644 (file)
@@ -84,7 +84,7 @@ krb5_tkt_authent *tktauthent;
     /* fetch a server key */
     if (keyproc) {
        retval = (*keyproc)(keyprocarg, req->ticket->server,
-                           req->ticket->skvno, &tkt_key);
+                           req->ticket->enc_part.kvno, &tkt_key);
     } else {
        krb5_keytab keytabid;
        krb5_keytab_entry ktentry;
@@ -98,7 +98,7 @@ krb5_tkt_authent *tktauthent;
        }
        if (!retval) {
            retval = krb5_kt_get_entry(keytabid, req->ticket->server,
-                                      req->ticket->skvno, &ktentry);
+                                      req->ticket->enc_part.kvno, &ktentry);
            (void) krb5_kt_close(keytabid);
            if (!retval) {
                retval = krb5_copy_keyblock(&ktentry.key, &tkt_key_real);
@@ -189,9 +189,12 @@ krb5_authenticator **authpp;
 
     /* put together an eblock for this encryption */
 
-    eblock.crypto_entry = krb5_keytype_array[sesskey->keytype]->system;
+    if (!valid_etype(request->authenticator.etype))
+       return KRB5_PROG_ETYPE_NOSUPP;
 
-    scratch.length = request->authenticator.length;
+    eblock.crypto_entry = krb5_csarray[request->authenticator.etype]->system;
+
+    scratch.length = request->authenticator.ciphertext.length;
     if (!(scratch.data = malloc(scratch.length)))
        return(ENOMEM);
 
@@ -202,7 +205,7 @@ krb5_authenticator **authpp;
     }
 
     /* call the encryption routine */
-    if (retval = krb5_decrypt((krb5_pointer) request->authenticator.data,
+    if (retval = krb5_decrypt((krb5_pointer) request->authenticator.ciphertext.data,
                              (krb5_pointer) scratch.data,
                              scratch.length, &eblock, 0)) {
        (void) krb5_finish_key(&eblock);