Rename krb5_dbekd_encrypt_key_data and krb5_dbekd_decrypt_key_data to
authorGreg Hudson <ghudson@mit.edu>
Fri, 2 Jul 2010 17:33:44 +0000 (17:33 +0000)
committerGreg Hudson <ghudson@mit.edu>
Fri, 2 Jul 2010 17:33:44 +0000 (17:33 +0000)
just use the krb5_dbe prefix.

ticket: 6749
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24164 dc483132-0cff-0310-8789-dd5450dbe970

20 files changed:
src/include/kdb.h
src/kadmin/dbutil/dump.c
src/kadmin/dbutil/kdb5_create.c
src/kadmin/dbutil/kdb5_mkey.c
src/kdc/do_as_req.c
src/kdc/do_tgs_req.c
src/kdc/kdc_preauth.c
src/kdc/kdc_util.c
src/lib/kadm5/srv/server_kdb.c
src/lib/kadm5/srv/svr_principal.c
src/lib/kdb/decrypt_key.c
src/lib/kdb/encrypt_key.c
src/lib/kdb/kdb5.c
src/lib/kdb/kdb_cpw.c
src/lib/kdb/kdb_default.c
src/lib/kdb/keytab.c
src/lib/kdb/libkdb5.exports
src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c
src/tests/create/kdb5_mkdums.c
src/tests/verify/kdb5_verify.c

index 4406126b93a12ea2450215c6970c71ae5c06aa0f..b65130d72d1218a69b55789b3aee124044f0952d 100644 (file)
@@ -516,19 +516,19 @@ krb5_db_setup_mkey_name ( krb5_context context,
                           krb5_principal *principal);
 
 krb5_error_code
-krb5_dbekd_decrypt_key_data( krb5_context         context,
-                             const krb5_keyblock        * mkey,
-                             const krb5_key_data        * key_data,
-                             krb5_keyblock      * dbkey,
-                             krb5_keysalt       * keysalt);
+krb5_dbe_decrypt_key_data( krb5_context         context,
+                           const krb5_keyblock        * mkey,
+                           const krb5_key_data        * key_data,
+                           krb5_keyblock      * dbkey,
+                           krb5_keysalt       * keysalt);
 
 krb5_error_code
-krb5_dbekd_encrypt_key_data( krb5_context                 context,
-                             const krb5_keyblock        * mkey,
-                             const krb5_keyblock        * dbkey,
-                             const krb5_keysalt         * keysalt,
-                             int                          keyver,
-                             krb5_key_data              * key_data);
+krb5_dbe_encrypt_key_data( krb5_context                 context,
+                           const krb5_keyblock        * mkey,
+                           const krb5_keyblock        * dbkey,
+                           const krb5_keysalt         * keysalt,
+                           int                          keyver,
+                           krb5_key_data              * key_data);
 
 krb5_error_code
 krb5_dbe_fetch_act_key_list(krb5_context          context,
@@ -749,34 +749,19 @@ krb5_error_code
 krb5_def_promote_db(krb5_context, char *, char **);
 
 krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context             context,
-                                 const krb5_keyblock    * mkey,
-                                 const krb5_key_data    * key_data,
-                                 krb5_keyblock          * dbkey,
-                                 krb5_keysalt           * keysalt);
+krb5_dbe_def_decrypt_key_data( krb5_context             context,
+                               const krb5_keyblock    * mkey,
+                               const krb5_key_data    * key_data,
+                               krb5_keyblock          * dbkey,
+                               krb5_keysalt           * keysalt);
 
 krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context             context,
-                                 const krb5_keyblock    * mkey,
-                                 const krb5_keyblock    * dbkey,
-                                 const krb5_keysalt     * keysalt,
-                                 int                      keyver,
-                                 krb5_key_data          * key_data);
-
-krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context     context,
-                                 const krb5_keyblock    * mkey,
-                                 const krb5_key_data    * key_data,
-                                 krb5_keyblock  * dbkey,
-                                 krb5_keysalt   * keysalt);
-
-krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context             context,
-                                 const krb5_keyblock    * mkey,
-                                 const krb5_keyblock    * dbkey,
-                                 const krb5_keysalt     * keysalt,
-                                 int                      keyver,
-                                 krb5_key_data          * key_data);
+krb5_dbe_def_encrypt_key_data( krb5_context             context,
+                               const krb5_keyblock    * mkey,
+                               const krb5_keyblock    * dbkey,
+                               const krb5_keysalt     * keysalt,
+                               int                      keyver,
+                               krb5_key_data          * key_data);
 
 krb5_error_code
 krb5_db_create_policy( krb5_context kcontext,
index d0495e4cf56d1bbba4e5f361f32b41e135476e23..64c63afb19fabc91a907a802a7c78fbd685c90d9 100644 (file)
@@ -302,9 +302,8 @@ krb5_error_code master_key_convert(context, db_entry)
             retval = krb5_dbe_find_mkey(context, master_keylist, db_entry, &tmp_mkey);
             if (retval)
                 return retval;
-            retval = krb5_dbekd_decrypt_key_data(context, tmp_mkey,
-                                                 key_data, &v5plainkey,
-                                                 &keysalt);
+            retval = krb5_dbe_decrypt_key_data(context, tmp_mkey, key_data,
+                                               &v5plainkey, &keysalt);
             if (retval)
                 return retval;
 
@@ -313,10 +312,9 @@ krb5_error_code master_key_convert(context, db_entry)
             key_ptr = &v5plainkey;
             kvno = (krb5_kvno) key_data->key_data_kvno;
 
-            retval = krb5_dbekd_encrypt_key_data(context, &new_master_keyblock,
-                                                 key_ptr, &keysalt,
-                                                 (int) kvno,
-                                                 &new_key_data);
+            retval = krb5_dbe_encrypt_key_data(context, &new_master_keyblock,
+                                               key_ptr, &keysalt, (int) kvno,
+                                               &new_key_data);
             if (retval)
                 return retval;
             krb5_free_keyblock_contents(context, &v5plainkey);
index ba16535871364357d3615c620cb4e4df622e9dcd..cf2f2a7f2f5a27eeda0fb3a2b8e471efebe9efc0 100644 (file)
@@ -403,12 +403,9 @@ tgt_keysalt_iterate(ksent, ptr)
         ind = iargs->dbentp->n_key_data-1;
         if (!(kret = krb5_c_make_random_key(context, ksent->ks_enctype,
                                             &key))) {
-            kret = krb5_dbekd_encrypt_key_data(context,
-                                               iargs->rblock->key,
-                                               &key,
-                                               NULL,
-                                               1,
-                                               &iargs->dbentp->key_data[ind]);
+            kret = krb5_dbe_encrypt_key_data(context, iargs->rblock->key,
+                                             &key, NULL, 1,
+                                             &iargs->dbentp->key_data[ind]);
             krb5_free_keyblock_contents(context, &key);
         }
     }
@@ -462,9 +459,9 @@ add_principal(context, princ, op, pblock)
         else
             mkey_kvno = 1;  /* Default */
         entry.attributes |= KRB5_KDB_DISALLOW_ALL_TIX;
-        if ((retval = krb5_dbekd_encrypt_key_data(context, pblock->key,
-                                                  &master_keyblock, NULL,
-                                                  mkey_kvno, entry.key_data)))
+        if ((retval = krb5_dbe_encrypt_key_data(context, pblock->key,
+                                                &master_keyblock, NULL,
+                                                mkey_kvno, entry.key_data)))
             return retval;
         /*
          * There should always be at least one "active" mkey so creating the
index 6abd796d966a64572219dea1caad664d678c6862..9c397b6ab1097901c5efd21835632528a9e75095 100644 (file)
@@ -90,7 +90,7 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
 
     /* alloc enough space to hold new and existing key_data */
     /*
-     * The encrypted key is malloc'ed by krb5_dbekd_encrypt_key_data and
+     * The encrypted key is malloc'ed by krb5_dbe_encrypt_key_data and
      * krb5_key_data key_data_contents is a pointer to this key.  Using some
      * logic from master_key_convert().
      */
@@ -105,10 +105,9 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
 
     /* Note, mkey does not have salt */
     /* add new mkey encrypted with itself to mkey princ entry */
-    if ((retval = krb5_dbekd_encrypt_key_data(context, new_mkey,
-                                              new_mkey, NULL,
-                                              (int) new_mkey_kvno,
-                                              &master_entry->key_data[0]))) {
+    if ((retval = krb5_dbe_encrypt_key_data(context, new_mkey, new_mkey, NULL,
+                                            (int) new_mkey_kvno,
+                                            &master_entry->key_data[0]))) {
         return (retval);
     }
     /* the mvkno should be that of the newest mkey */
@@ -156,11 +155,9 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
 
         memset(&tmp_key_data, 0, sizeof(tmp_key_data));
         /* encrypt the new mkey with the older mkey */
-        retval = krb5_dbekd_encrypt_key_data(context, &keylist_node->keyblock,
-                                             new_mkey,
-                                             NULL, /* no keysalt */
-                                             (int) new_mkey_kvno,
-                                             &tmp_key_data);
+        retval = krb5_dbe_encrypt_key_data(context, &keylist_node->keyblock,
+                                           new_mkey, NULL, (int) new_mkey_kvno,
+                                           &tmp_key_data);
         if (retval)
             goto clean_n_exit;
 
@@ -171,11 +168,10 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
         /*
          * Store old key in master_entry keydata past the new mkey
          */
-        retval = krb5_dbekd_encrypt_key_data(context, new_mkey,
-                                             &keylist_node->keyblock,
-                                             NULL, /* no keysalt */
-                                             (int) keylist_node->kvno,
-                                             &master_entry->key_data[i]);
+        retval = krb5_dbe_encrypt_key_data(context, new_mkey,
+                                           &keylist_node->keyblock,
+                                           NULL, (int) keylist_node->kvno,
+                                           &master_entry->key_data[i]);
         if (retval)
             goto clean_n_exit;
     }
index 9ceac84aaf24e700837c0a2b704ecc5c7053a70e..18ce37f2799cf72598de1ebd4da37727027c4a13 100644 (file)
@@ -489,9 +489,9 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
      *
      *  server_keyblock is later used to generate auth data signatures
      */
-    if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context, mkey_ptr,
-                                               server_key, &server_keyblock,
-                                               NULL))) {
+    if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+                                             server_key, &server_keyblock,
+                                             NULL))) {
         status = "DECRYPT_SERVER_KEY";
         goto errout;
     }
@@ -537,9 +537,9 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
     }
 
     /* convert client.key_data into a real key */
-    if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context, mkey_ptr,
-                                               client_key, &client_keyblock,
-                                               NULL))) {
+    if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+                                             client_key, &client_keyblock,
+                                             NULL))) {
         status = "DECRYPT_CLIENT_KEY";
         goto errout;
     }
index f1ae84b97cee32f842631507fb0f78f6a6b7c6b1..827f65cb309954180969673c18987a6e45213dec 100644 (file)
@@ -675,10 +675,9 @@ tgt_again:
          * Convert server.key into a real key
          * (it may be encrypted in the database)
          */
-        if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context,
-                                                   mkey_ptr,
-                                                   server_key, &encrypting_key,
-                                                   NULL))) {
+        if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+                                                 server_key, &encrypting_key,
+                                                 NULL))) {
             status = "DECRYPT_SERVER_KEY";
             goto cleanup;
         }
index 00800aab0520af73a5002026fbcb23d07b7b0194..d754edcf41679692a4c612db97664a3ffd3e994a 100644 (file)
@@ -773,8 +773,8 @@ get_entry_data(krb5_context context,
             if (krb5_dbe_find_enctype(context, entry, request->ktype[i],
                                       -1, 0, &entry_key) != 0)
                 continue;
-            if (krb5_dbekd_decrypt_key_data(context, mkey_ptr,
-                                            entry_key, &keys[k], NULL) != 0) {
+            if (krb5_dbe_decrypt_key_data(context, mkey_ptr, entry_key,
+                                          &keys[k], NULL) != 0) {
                 if (keys[k].contents != NULL)
                     krb5_free_keyblock_contents(context, &keys[k]);
                 memset(&keys[k], 0, sizeof(keys[k]));
@@ -1474,8 +1474,8 @@ verify_enc_timestamp(krb5_context context, krb5_db_entry *client,
                                               -1, 0, &client_key)))
             goto cleanup;
 
-        if ((retval = krb5_dbekd_decrypt_key_data(context, mkey_ptr,
-                                                  client_key, &key, NULL)))
+        if ((retval = krb5_dbe_decrypt_key_data(context, mkey_ptr, client_key,
+                                                &key, NULL)))
             goto cleanup;
 
         key.enctype = enc_data->enctype;
@@ -2156,10 +2156,9 @@ get_sam_edata(krb5_context context, krb5_kdc_req *request,
                     return retval;
                 }
                 /* convert server.key into a real key */
-                retval = krb5_dbekd_decrypt_key_data(kdc_context,
-                                                     mkey_ptr,
-                                                     assoc_key, &encrypting_key,
-                                                     NULL);
+                retval = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr,
+                                                   assoc_key, &encrypting_key,
+                                                   NULL);
                 if (retval) {
                     kdc_err(kdc_context, retval,
                             "snk4 pulling out key entry");
@@ -2819,8 +2818,8 @@ static krb5_error_code verify_pkinit_request(
          * Unfortunately this key is stored encrypted even though it's
          * not sensitive...
          */
-        krtn = krb5_dbekd_decrypt_key_data(context, mkey_ptr,
-                                           key_data, &decrypted_key, NULL);
+        krtn = krb5_dbe_decrypt_key_data(context, mkey_ptr, key_data,
+                                         &decrypted_key, NULL);
         if(krtn) {
             kdcPkinitDebug("verify_pkinit_request: error decrypting cert hash block\n");
             break;
index 6fa2d73a2f68449691bffc3c1429b32dfefdb54a..16c06296a47e6571296a9b9be74c75516ef797fa 100644 (file)
@@ -512,9 +512,8 @@ kdc_get_server_key(krb5_ticket *ticket, unsigned int flags,
         goto errout;
     }
     if ((*key = (krb5_keyblock *)malloc(sizeof **key))) {
-        retval = krb5_dbekd_decrypt_key_data(kdc_context, mkey_ptr,
-                                             server_key,
-                                             *key, NULL);
+        retval = krb5_dbe_decrypt_key_data(kdc_context, mkey_ptr, server_key,
+                                           *key, NULL);
     } else
         retval = ENOMEM;
     retval = krb5_c_enctype_compare(kdc_context, ticket->enc_part.enctype,
index 3c09f9097f9520d2a48753eb7bce1feb71ad7d07..768c8f7395bc68f9e105d52080a922e501e59e68 100644 (file)
@@ -213,8 +213,8 @@ kdb_get_hist_key(kadm5_server_handle_t handle, krb5_keyblock *hist_keyblock,
     if (ret)
         goto done;
 
-    ret = krb5_dbekd_decrypt_key_data(handle->context, mkey,
-                                      &kdb.key_data[0], hist_keyblock, NULL);
+    ret = krb5_dbe_decrypt_key_data(handle->context, mkey, &kdb.key_data[0],
+                                    hist_keyblock, NULL);
     if (ret)
         goto done;
 
index 469a8e885ab92873e6cd03309355e8439e4edb6e..451e4ff020e792387959252d23b3198538df13a0 100644 (file)
@@ -977,18 +977,15 @@ check_pw_reuse(krb5_context context,
     krb5_error_code ret;
 
     for (x = 0; x < n_new_key_data; x++) {
-        ret = krb5_dbekd_decrypt_key_data(context,
-                                          mkey,
-                                          &(new_key_data[x]),
-                                          &newkey, NULL);
+        ret = krb5_dbe_decrypt_key_data(context, mkey, &(new_key_data[x]),
+                                        &newkey, NULL);
         if (ret)
             return(ret);
         for (y = 0; y < n_pw_hist_data; y++) {
             for (z = 0; z < pw_hist_data[y].n_key_data; z++) {
-                ret = krb5_dbekd_decrypt_key_data(context,
-                                                  hist_keyblock,
-                                                  &pw_hist_data[y].key_data[z],
-                                                  &histkey, NULL);
+                ret = krb5_dbe_decrypt_key_data(context, hist_keyblock,
+                                                &pw_hist_data[y].key_data[z],
+                                                &histkey, NULL);
                 if (ret)
                     return(ret);
 
@@ -1047,17 +1044,14 @@ int create_history_entry(krb5_context context, krb5_keyblock *mkey,
     memset(hist->key_data, 0, n_key_data*sizeof(krb5_key_data));
 
     for (i = 0; i < n_key_data; i++) {
-        ret = krb5_dbekd_decrypt_key_data(context,
-                                          mkey,
-                                          &key_data[i],
-                                          &key, &salt);
+        ret = krb5_dbe_decrypt_key_data(context, mkey, &key_data[i], &key,
+                                        &salt);
         if (ret)
             return ret;
 
-        ret = krb5_dbekd_encrypt_key_data(context, hist_key,
-                                          &key, &salt,
-                                          key_data[i].key_data_kvno,
-                                          &hist->key_data[i]);
+        ret = krb5_dbe_encrypt_key_data(context, hist_key, &key, &salt,
+                                        key_data[i].key_data_kvno,
+                                        &hist->key_data[i]);
         if (ret)
             return ret;
 
@@ -1731,9 +1725,8 @@ kadm5_setv4key_principal(void *server_handle,
         goto done;
 
     /* use tmp_key_data as temporary location and reallocate later */
-    ret = krb5_dbekd_encrypt_key_data(handle->context, act_mkey,
-                                      keyblock, &keysalt, kvno + 1,
-                                      &tmp_key_data);
+    ret = krb5_dbe_encrypt_key_data(handle->context, act_mkey, keyblock,
+                                    &keysalt, kvno + 1, &tmp_key_data);
     if (ret) {
         goto done;
     }
@@ -1935,12 +1928,10 @@ kadm5_setkey_principal_3(void *server_handle,
         if (ret)
             goto done;
 
-        ret = krb5_dbekd_encrypt_key_data(handle->context,
-                                          act_mkey,
-                                          &keyblocks[i],
-                                          n_ks_tuple ? &keysalt : NULL,
-                                          kvno + 1,
-                                          &tmp_key_data);
+        ret = krb5_dbe_encrypt_key_data(handle->context, act_mkey,
+                                        &keyblocks[i],
+                                        n_ks_tuple ? &keysalt : NULL, kvno + 1,
+                                        &tmp_key_data);
         if (ret)
             goto done;
 
@@ -2120,9 +2111,8 @@ static int decrypt_key_data(krb5_context context, krb5_keyblock *mkey,
     memset(keys, 0, n_key_data*sizeof(krb5_keyblock));
 
     for (i = 0; i < n_key_data; i++) {
-        ret = krb5_dbekd_decrypt_key_data(context, mkey,
-                                          &key_data[i],
-                                          &keys[i], NULL);
+        ret = krb5_dbe_decrypt_key_data(context, mkey, &key_data[i], &keys[i],
+                                        NULL);
         if (ret) {
             for (; i >= 0; i--) {
                 if (keys[i].contents) {
@@ -2218,9 +2208,8 @@ kadm5_ret_t kadm5_decrypt_key(void *server_handle,
         }
     }
 
-    if ((ret = krb5_dbekd_decrypt_key_data(handle->context,
-                                           mkey_ptr, key_data,
-                                           keyblock, keysalt)))
+    if ((ret = krb5_dbe_decrypt_key_data(handle->context, mkey_ptr, key_data,
+                                         keyblock, keysalt)))
         return ret;
 
     /*
index 8006cf3fa1558951b9e0c024f5fbecf2e83839d9..37c45975c3f588872e9303b1e11a4d88b99c9937 100644 (file)
  */
 
 krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context     context,
-                                 const krb5_keyblock    * mkey,
-                                 const krb5_key_data    * key_data,
-                                 krb5_keyblock  * dbkey,
-                                 krb5_keysalt   * keysalt)
+krb5_dbe_def_decrypt_key_data( krb5_context     context,
+                               const krb5_keyblock    * mkey,
+                               const krb5_key_data    * key_data,
+                               krb5_keyblock  * dbkey,
+                               krb5_keysalt   * keysalt)
 {
     krb5_error_code       retval = 0;
     krb5_int16            tmplen;
index bbf520bf8b9d9d6eb596cdb361d1b85f9491ed48..02f093244c5530deb6c20f4805e3d2df6bdd19b8 100644 (file)
  */
 
 krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context             context,
-                                 const krb5_keyblock    * mkey,
-                                 const krb5_keyblock    * dbkey,
-                                 const krb5_keysalt     * keysalt,
-                                 int                      keyver,
-                                 krb5_key_data          * key_data)
+krb5_dbe_def_encrypt_key_data( krb5_context             context,
+                               const krb5_keyblock    * mkey,
+                               const krb5_keyblock    * dbkey,
+                               const krb5_keysalt     * keysalt,
+                               int                      keyver,
+                               krb5_key_data          * key_data)
 {
     krb5_error_code               retval;
     krb5_octet                  * ptr;
index bfcdbd6af97b3f9746defffb954e4db6fb1e13b9..11be6dfd4dbe9a829b1f8793db4ecd2c578ff83a 100644 (file)
@@ -267,9 +267,9 @@ kdb_setup_opt_functions(db_library lib)
     if (lib->vftabl.promote_db == NULL)
         lib->vftabl.promote_db = krb5_def_promote_db;
     if (lib->vftabl.dbekd_decrypt_key_data == NULL)
-        lib->vftabl.dbekd_decrypt_key_data = krb5_dbekd_def_decrypt_key_data;
+        lib->vftabl.dbekd_decrypt_key_data = krb5_dbe_def_decrypt_key_data;
     if (lib->vftabl.dbekd_encrypt_key_data == NULL)
-        lib->vftabl.dbekd_encrypt_key_data = krb5_dbekd_def_encrypt_key_data;
+        lib->vftabl.dbekd_encrypt_key_data = krb5_dbe_def_encrypt_key_data;
 }
 
 #ifdef STATIC_PLUGINS
@@ -2308,11 +2308,11 @@ clean_n_exit:
 }
 
 krb5_error_code
-krb5_dbekd_decrypt_key_data( krb5_context         kcontext,
-                             const krb5_keyblock        * mkey,
-                             const krb5_key_data        * key_data,
-                             krb5_keyblock      * dbkey,
-                             krb5_keysalt       * keysalt)
+krb5_dbe_decrypt_key_data( krb5_context         kcontext,
+                           const krb5_keyblock        * mkey,
+                           const krb5_key_data        * key_data,
+                           krb5_keyblock      * dbkey,
+                           krb5_keysalt       * keysalt)
 {
     krb5_error_code status = 0;
     kdb_vftabl *v;
@@ -2324,12 +2324,12 @@ krb5_dbekd_decrypt_key_data( krb5_context         kcontext,
 }
 
 krb5_error_code
-krb5_dbekd_encrypt_key_data( krb5_context                 kcontext,
-                             const krb5_keyblock        * mkey,
-                             const krb5_keyblock        * dbkey,
-                             const krb5_keysalt         * keysalt,
-                             int                          keyver,
-                             krb5_key_data              * key_data)
+krb5_dbe_encrypt_key_data( krb5_context                 kcontext,
+                           const krb5_keyblock        * mkey,
+                           const krb5_keyblock        * dbkey,
+                           const krb5_keysalt         * keysalt,
+                           int                          keyver,
+                           krb5_key_data              * key_data)
 {
     krb5_error_code status = 0;
     kdb_vftabl *v;
index 723d98eaf6a03f4b0599471bd006683f0ec31246..dcf00ab05a1e798a619acb955fc74cce8ee1e5a6 100644 (file)
@@ -186,9 +186,8 @@ add_key_rnd(context, master_key, ks_tuple, ks_tuple_count, db_entry, kvno)
         /* db library will free this. Since, its a so, it could actually be using different memory management
            function. So, its better if the memory is allocated by the db's malloc. So, a temporary memory is used
            here which will later be copied to the db_entry */
-        retval = krb5_dbekd_encrypt_key_data(context, master_key,
-                                             &key, NULL, kvno,
-                                             &tmp_key_data);
+        retval = krb5_dbe_encrypt_key_data(context, master_key, &key, NULL,
+                                           kvno, &tmp_key_data);
 
         krb5_free_keyblock_contents(context, &key);
         if( retval )
@@ -464,9 +463,9 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd,
 
         /* memory allocation to be done by db. So, use temporary block and later copy
            it to the memory allocated by db */
-        retval = krb5_dbekd_encrypt_key_data(context, master_key, &key,
-                                             (const krb5_keysalt *)&key_salt,
-                                             kvno, &tmp_key_data);
+        retval = krb5_dbe_encrypt_key_data(context, master_key, &key,
+                                           (const krb5_keysalt *)&key_salt,
+                                           kvno, &tmp_key_data);
         if (key_salt.data.data)
             free(key_salt.data.data);
         free(key.contents);
index 545d5036023e6fff850fe9b55eb384172768298b..e8fe54ff1f267922ebb0df446f4860c660a8b0fc 100644 (file)
@@ -463,9 +463,9 @@ krb5_def_verify_master_key(krb5_context    context,
         return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
     }
 
-    if ((retval = krb5_dbekd_decrypt_key_data(context, mkey,
-                                              &master_entry.key_data[0],
-                                              &tempkey, NULL))) {
+    if ((retval = krb5_dbe_decrypt_key_data(context, mkey,
+                                            &master_entry.key_data[0],
+                                            &tempkey, NULL))) {
         krb5_db_free_principal(context, &master_entry, nprinc);
         return retval;
     }
@@ -534,9 +534,8 @@ krb5_def_fetch_mkey_list(krb5_context        context,
      */
 
     if (mkey->enctype == master_entry.key_data[0].key_data_type[0]) {
-        if (krb5_dbekd_decrypt_key_data(context, mkey,
-                                        &master_entry.key_data[0],
-                                        &cur_mkey, NULL) == 0) {
+        if (krb5_dbe_decrypt_key_data(context, mkey, &master_entry.key_data[0],
+                                      &cur_mkey, NULL) == 0) {
             found_key = TRUE;
         }
     }
@@ -549,9 +548,9 @@ krb5_def_fetch_mkey_list(krb5_context        context,
         for (aux_data_entry = mkey_aux_data_list; aux_data_entry != NULL;
              aux_data_entry = aux_data_entry->next) {
 
-            if (krb5_dbekd_decrypt_key_data(context, mkey,
-                                             &aux_data_entry->latest_mkey,
-                                             &cur_mkey, NULL) == 0) {
+            if (krb5_dbe_decrypt_key_data(context, mkey,
+                                          &aux_data_entry->latest_mkey,
+                                          &cur_mkey, NULL) == 0) {
                 found_key = TRUE;
                 break;
             }
@@ -596,10 +595,9 @@ krb5_def_fetch_mkey_list(krb5_context        context,
             memset(*mkey_list_node, 0, sizeof(krb5_keylist_node));
         }
         key_data = &master_entry.key_data[i];
-        retval = krb5_dbekd_decrypt_key_data(context, &cur_mkey,
-                                             key_data,
-                                             &((*mkey_list_node)->keyblock),
-                                             NULL);
+        retval = krb5_dbe_decrypt_key_data(context, &cur_mkey, key_data,
+                                           &((*mkey_list_node)->keyblock),
+                                           NULL);
         if (retval)
             goto clean_n_exit;
 
index 03cc897c3d8e5970dda2794aa305723a277dbc78..ae02e918f507cfb6910cd5de6d4343b0e44d1817 100644 (file)
@@ -185,8 +185,8 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry)
         goto error;
 
 
-    kerror = krb5_dbekd_decrypt_key_data(context, master_key,
-                                         key_data, &entry->key, NULL);
+    kerror = krb5_dbe_decrypt_key_data(context, master_key, key_data,
+                                       &entry->key, NULL);
     if (kerror)
         goto error;
 
index c9880982dd2c2a46ecdc1f753cc24b96f5a90f7a..c32a8db5ed87240053caa70e1739c8bae6b112ff 100644 (file)
@@ -55,10 +55,10 @@ krb5_dbe_update_mkey_aux
 krb5_dbe_update_mkvno
 krb5_dbe_update_mod_princ_data
 krb5_dbe_update_tl_data
-krb5_dbekd_def_encrypt_key_data
-krb5_dbekd_def_decrypt_key_data
-krb5_dbekd_decrypt_key_data
-krb5_dbekd_encrypt_key_data
+krb5_dbe_def_encrypt_key_data
+krb5_dbe_def_decrypt_key_data
+krb5_dbe_decrypt_key_data
+krb5_dbe_encrypt_key_data
 krb5_kt_kdb_ops
 krb5_ktkdb_close
 krb5_ktkdb_get_entry
index eb3dec74bd745338a410a4a5e03bc7776f81742e..cc918142c600f12843bde66c0e868730e8e1078f 100644 (file)
@@ -2322,12 +2322,8 @@ kdb_ldap_tgt_keysalt_iterate(krb5_key_salt_tuple *ksent, krb5_pointer ptr)
 
     if (!(kret = krb5_c_make_random_key(context, ksent->ks_enctype,
                                         &key))) {
-        kret = krb5_dbekd_encrypt_key_data(context,
-                                           iargs->rblock->key,
-                                           &key,
-                                           NULL,
-                                           1,
-                                           &entry->key_data[ind]);
+        kret = krb5_dbe_encrypt_key_data(context, iargs->rblock->key, &key,
+                                         NULL, 1, &entry->key_data[ind]);
         krb5_free_keyblock_contents(context, &key);
     }
     /*}*/
@@ -2441,9 +2437,9 @@ kdb_ldap_create_principal(krb5_context context, krb5_principal princ,
                 goto cleanup;
             }
             kvno = 1; /* New key is getting set */
-            retval = krb5_dbekd_encrypt_key_data(context, master_keyblock,
-                                                 &key, NULL, kvno,
-                                                 &entry.key_data[entry.n_key_data - 1]);
+            retval = krb5_dbe_encrypt_key_data(context, master_keyblock,
+                                               &key, NULL, kvno,
+                                               &entry.key_data[entry.n_key_data - 1]);
             krb5_free_keyblock_contents(context, &key);
             if (retval) {
                 goto cleanup;
@@ -2477,9 +2473,9 @@ kdb_ldap_create_principal(krb5_context context, krb5_principal princ,
         memset(entry.key_data, 0, sizeof(krb5_key_data));
         entry.n_key_data++;
         kvno = 1; /* New key is getting set */
-        retval = krb5_dbekd_encrypt_key_data(context, pblock->key,
-                                             master_keyblock, NULL, kvno,
-                                             &entry.key_data[entry.n_key_data - 1]);
+        retval = krb5_dbe_encrypt_key_data(context, pblock->key,
+                                           master_keyblock, NULL, kvno,
+                                           &entry.key_data[entry.n_key_data - 1]);
         if (retval) {
             goto cleanup;
         }
index 29143e0fd2afb1411b5f3eca50ae1b0a4ce42a03..3179b968ef14feb098513608ed9a71481c8c9104 100644 (file)
@@ -292,9 +292,9 @@ add_princ(context, str_newprinc)
             goto error;
         }
 
-        if ((retval = krb5_dbekd_encrypt_key_data(context,&master_keyblock,
-                                                  &key, NULL, 1,
-                                                  newentry.key_data))) {
+        if ((retval = krb5_dbe_encrypt_key_data(context, &master_keyblock,
+                                                &key, NULL, 1,
+                                                newentry.key_data))) {
             com_err(progname, retval, "while encrypting key for '%s'",
                     princ_name);
             free(key.contents);
index 63995a504e2c2e3604fbcb47e4bad14c42287805..2e465f36f771336331ab5ff8fb2270c339de8c47 100644 (file)
@@ -281,8 +281,8 @@ check_princ(context, str_princ)
         goto errout;
     }
 
-    if ((retval = krb5_dbekd_decrypt_key_data(context, &master_keyblock,
-                                              kdbe.key_data, &db_key, NULL))) {
+    if ((retval = krb5_dbe_decrypt_key_data(context, &master_keyblock,
+                                            kdbe.key_data, &db_key, NULL))) {
         com_err(progname, retval, "while decrypting key for '%s'", princ_name);
         goto errout;
     }