Formatting fixes
authorGreg Hudson <ghudson@mit.edu>
Mon, 19 Sep 2011 05:34:17 +0000 (05:34 +0000)
committerGreg Hudson <ghudson@mit.edu>
Mon, 19 Sep 2011 05:34:17 +0000 (05:34 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25209 dc483132-0cff-0310-8789-dd5450dbe970

15 files changed:
src/include/k5-int-pkinit.h
src/include/krb5/krb5.hin
src/lib/gssapi/mechglue/g_initialize.c
src/lib/krb5/asn.1/asn1_encode.h
src/lib/krb5/asn.1/asn1_k_decode.c
src/lib/krb5/asn.1/asn1_k_decode.h
src/lib/krb5/asn.1/asn1_k_decode_kdc.c
src/lib/krb5/asn.1/asn1_k_encode.c
src/plugins/preauth/pkinit/Makefile.in
src/plugins/preauth/pkinit/pkinit.h
src/plugins/preauth/pkinit/pkinit_clnt.c
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
src/plugins/preauth/pkinit/pkinit_kdf_constants.c
src/plugins/preauth/pkinit/pkinit_kdf_test.c
src/plugins/preauth/pkinit/pkinit_lib.c

index 8490f82d919f0a348d32964dab876be943d1c527..0d1a986d2669b6ad3b3049010777e34a00b10fb0 100644 (file)
@@ -65,7 +65,7 @@ typedef struct _krb5_subject_pk_info {
     krb5_octet_data             subjectPublicKey; /* BIT STRING */
 } krb5_subject_pk_info;
 
-/** AuthPack  from RFC 4556*/
+/** AuthPack from RFC 4556*/
 typedef struct _krb5_auth_pack {
     krb5_pk_authenticator       pkAuthenticator;
     krb5_subject_pk_info        *clientPublicValue; /* Optional */
@@ -241,10 +241,12 @@ encode_krb5_td_dh_parameters(const krb5_algorithm_identifier **,
                              krb5_data **code);
 
 krb5_error_code
-encode_krb5_sp80056a_other_info(const krb5_sp80056a_other_info *,  krb5_data **);
+encode_krb5_sp80056a_other_info(const krb5_sp80056a_other_info *,
+                                krb5_data **);
 
 krb5_error_code
-encode_krb5_pkinit_supp_pub_info(const krb5_pkinit_supp_pub_info *, krb5_data **);
+encode_krb5_pkinit_supp_pub_info(const krb5_pkinit_supp_pub_info *,
+                                 krb5_data **);
 
 /*************************************************************************
  * Prototypes for pkinit asn.1 decode routines
index 5b6f0b9c1e64566fa792688c41832c83a2ac0bd9..7faf687062d7db7712376b68138a13abb12d626e 100644 (file)
@@ -4647,10 +4647,10 @@ void KRB5_CALLCONV
 krb5_free_data(krb5_context context, krb5_data *val);
 
 /**
- * @brief Free storage associated with a @c krb5_octet_data structure and its pointer.
+ * Free storage associated with a @c krb5_octet_data structure and its pointer.
  *
- * @param context           Context structure [input, output]
- * @param val               Pointer to data structure to be freed [input, output]
+ * @param [in] context          Context structure
+ * @param [in] val              Data structure to be freed
  *
  * @return
  * None
@@ -4659,10 +4659,7 @@ void KRB5_CALLCONV
 krb5_free_octet_data(krb5_context context, krb5_octet_data *val);
 
 /**
- * @brief Free the contents of a @c _krb5_data structure and zero the data field.
- *
- * @param context           Context structure [input, output]
- * @param val               Pointer to data structure to be freed [input, output]
+ * Free the contents of a krb5_data structure and zero the data field.
  *
  * @param [in] context          Library context
  * @param [in] val              Data structure to free contents of
index 89b2253bab677146fafc0cb0831895b1981359e5..30395312eb99377e30ce968edce68ecfb1455fd1 100644 (file)
@@ -579,13 +579,12 @@ static void
 updateMechList(void)
 {
 #if defined(_WIN32)
-    time_t lastConfModTime = getRegConfigModTime(MECH_KEY);
-    if (g_confFileModTime < lastConfModTime)
-    {
-        g_confFileModTime = lastConfModTime;
-        loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
-        loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
-    }
+       time_t lastConfModTime = getRegConfigModTime(MECH_KEY);
+       if (g_confFileModTime < lastConfModTime) {
+               g_confFileModTime = lastConfModTime;
+               loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
+               loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
+       }
 #else /* _WIN32 */
        char *fileName;
        struct stat fileInfo;
@@ -1058,6 +1057,7 @@ const char *fileName;
        char *sharedLib, *kernMod, *modOptions, *oid, *endp;
        char buffer[BUFSIZ], *oidStr;
        FILE *confFile;
+
        if ((confFile = fopen(fileName, "r")) == NULL) {
                return;
        }
@@ -1090,77 +1090,77 @@ const char *fileName;
                if (! *endp)
                        continue;
 
-           /* Find the end of the oid and make sure it is NULL-ended */
-           for (oid=endp; *endp && !isspace(*endp); endp++)
-                   ;
-
-           if (*endp) {
-                   *endp = '\0';
-            endp++;
-           }
-
-           /* Find the start of the shared lib name */
-           for (sharedLib = endp; *sharedLib && isspace(*sharedLib);
-                   sharedLib++)
-                   ;
-
-           /*
-            * Find the end of the shared lib name and make sure it is
-            *  NULL-terminated.
-            */
-           for (endp = sharedLib; *endp && !isspace(*endp); endp++)
-                   ;
-
-           if (*endp) {
-                   *endp = '\0';
-            endp++;
-           }
-
-           /* Find the start of the optional kernel module lib name */
-           for (kernMod = endp; *kernMod && isspace(*kernMod);
-                   kernMod++)
-                   ;
-
-           /*
-            * If this item starts with a bracket "[", then
-            * it is not a kernel module, but is a list of
-            * options for the user module to parse later.
-            */
-           if (*kernMod && *kernMod != '[') {
-                   /*
-                    * Find the end of the shared lib name and make sure
-                    * it is NULL-terminated.
-                    */
-               for (endp = kernMod; *endp && !isspace(*endp); endp++)
-                       ;
-
-               if (*endp) {
-                       *endp = '\0';
-                endp++;
-               }
-           } else
-                   kernMod = NULL;
-
-           /* Find the start of the optional module options list */
-           for (modOptions = endp; *modOptions && isspace(*modOptions);
-                   modOptions++);
-
-           if (*modOptions == '[')  {
-                   /* move past the opening bracket */
-                   for (modOptions = modOptions+1;
-                           *modOptions && isspace(*modOptions);
-                           modOptions++);
-
-                   /* Find the closing bracket */
-                   for (endp = modOptions;
-                           *endp && *endp != ']'; endp++);
-
-                   *endp = '\0';
-           } else {
-                   modOptions = NULL;
-           }
-
-        addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
+               /* Find the end of the oid and make sure it is NULL-ended */
+               for (oid = endp; *endp && !isspace(*endp); endp++)
+                       ;
+
+               if (*endp) {
+                       *endp = '\0';
+                       endp++;
+               }
+
+               /* Find the start of the shared lib name */
+               for (sharedLib = endp; *sharedLib && isspace(*sharedLib);
+                    sharedLib++)
+                       ;
+
+               /*
+                * Find the end of the shared lib name and make sure it is
+                *  NULL-terminated.
+                */
+               for (endp = sharedLib; *endp && !isspace(*endp); endp++)
+                       ;
+
+               if (*endp) {
+                       *endp = '\0';
+                       endp++;
+               }
+
+               /* Find the start of the optional kernel module lib name */
+               for (kernMod = endp; *kernMod && isspace(*kernMod);
+                    kernMod++)
+                       ;
+
+               /*
+                * If this item starts with a bracket "[", then
+                * it is not a kernel module, but is a list of
+                * options for the user module to parse later.
+                */
+               if (*kernMod && *kernMod != '[') {
+                       /*
+                        * Find the end of the shared lib name and make sure
+                        * it is NULL-terminated.
+                        */
+                       for (endp = kernMod; *endp && !isspace(*endp); endp++)
+                               ;
+
+                       if (*endp) {
+                               *endp = '\0';
+                               endp++;
+                       }
+               } else
+                       kernMod = NULL;
+
+               /* Find the start of the optional module options list */
+               for (modOptions = endp; *modOptions && isspace(*modOptions);
+                    modOptions++);
+
+               if (*modOptions == '[')  {
+                       /* move past the opening bracket */
+                       for (modOptions = modOptions+1;
+                            *modOptions && isspace(*modOptions);
+                            modOptions++);
+
+                       /* Find the closing bracket */
+                       for (endp = modOptions;
+                            *endp && *endp != ']'; endp++);
+
+                       *endp = '\0';
+               } else {
+                       modOptions = NULL;
+               }
+
+               addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
        } /* while */
        (void) fclose(confFile);
 } /* loadConfigFile */
@@ -1170,150 +1170,166 @@ const char *fileName;
 static time_t
 filetimeToTimet(const FILETIME *ft)
 {
-    ULARGE_INTEGER ull;
-    ull.LowPart = ft->dwLowDateTime;
-    ull.HighPart = ft->dwHighDateTime;
-    return (time_t )(ull.QuadPart / 10000000ULL - 11644473600ULL);
+       ULARGE_INTEGER ull;
+
+       ull.LowPart = ft->dwLowDateTime;
+       ull.HighPart = ft->dwHighDateTime;
+       return (time_t)(ull.QuadPart / 10000000ULL - 11644473600ULL);
 }
 
 static time_t
 getRegConfigModTime(const char *keyPath)
 {
-    time_t currentUserModTime = getRegKeyModTime(HKEY_CURRENT_USER, keyPath);
-    time_t localMachineModTime = getRegKeyModTime(HKEY_LOCAL_MACHINE, keyPath);
-    return currentUserModTime > localMachineModTime ? currentUserModTime : localMachineModTime;
+       time_t currentUserModTime = getRegKeyModTime(HKEY_CURRENT_USER,
+                                                    keyPath);
+       time_t localMachineModTime = getRegKeyModTime(HKEY_LOCAL_MACHINE,
+                                                     keyPath);
+
+       return currentUserModTime > localMachineModTime ? currentUserModTime :
+               localMachineModTime;
 }
 
 static time_t
 getRegKeyModTime(HKEY hBaseKey, const char *keyPath)
 {
-    HKEY hConfigKey;
-    HRESULT rc;
-    int iSubKey = 0;
-    time_t modTime = 0, keyModTime;
-    FILETIME keyLastWriteTime;
-    char subKeyName[256];
-    if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS,
-                           &hConfigKey)) != ERROR_SUCCESS) {
-        /* TODO: log error message */
-        return 0;
-    }
-    do {
-        int subKeyNameSize=256;
-        if ((rc = RegEnumKeyEx(hConfigKey, iSubKey++, subKeyName, &subKeyNameSize, NULL, NULL, NULL, &keyLastWriteTime)) != ERROR_SUCCESS) {
-            break;
-        }
-        keyModTime = filetimeToTimet(&keyLastWriteTime);
-        if (modTime < keyModTime) {
-            modTime = keyModTime;
-        }
-    } while (1);
-    RegCloseKey(hConfigKey);
-    return modTime;
+       HKEY hConfigKey;
+       HRESULT rc;
+       int iSubKey = 0;
+       time_t modTime = 0, keyModTime;
+       FILETIME keyLastWriteTime;
+       char subKeyName[256];
+
+       if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS,
+                              &hConfigKey)) != ERROR_SUCCESS) {
+               /* TODO: log error message */
+               return 0;
+       }
+       do {
+               int subKeyNameSize=256;
+               if ((rc = RegEnumKeyEx(hConfigKey, iSubKey++, subKeyName,
+                                      &subKeyNameSize, NULL, NULL, NULL,
+                                      &keyLastWriteTime)) != ERROR_SUCCESS) {
+                       break;
+               }
+               keyModTime = filetimeToTimet(&keyLastWriteTime);
+               if (modTime < keyModTime) {
+                       modTime = keyModTime;
+               }
+       } while (1);
+       RegCloseKey(hConfigKey);
+       return modTime;
 }
 
 static void
-getRegKeyValue(HKEY hKey, const char *keyPath, const char *valueName, void **data, DWORD* dataLen)
+getRegKeyValue(HKEY hKey, const char *keyPath, const char *valueName,
+              void **data, DWORD* dataLen)
 {
-    DWORD sizeRequired=*dataLen;
-    HRESULT hr;
-    /* Get data length required */
-    if ((hr=RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL, NULL, &sizeRequired)) != ERROR_SUCCESS)
-    {
-        /* TODO: LOG registry error */
-        return;
-    }
-    /* adjust data buffer size if necessary */
-    if (*dataLen < sizeRequired)
-    {
-        *dataLen = sizeRequired;
-        *data = realloc(*data, sizeRequired);
-        if (!*data)
-        {
-            *dataLen = 0;
-            /* TODO: LOG OOM ERROR! */
-            return;
-        }
-    }
-    /* get data */
-    if ((hr=RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL, *data, &sizeRequired)) != ERROR_SUCCESS)
-    {
-        /* LOG registry error */
-        return;
-    }
+       DWORD sizeRequired=*dataLen;
+       HRESULT hr;
+       /* Get data length required */
+       if ((hr = RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL,
+                             NULL, &sizeRequired)) != ERROR_SUCCESS) {
+               /* TODO: LOG registry error */
+               return;
+       }
+       /* adjust data buffer size if necessary */
+       if (*dataLen < sizeRequired) {
+               *dataLen = sizeRequired;
+               *data = realloc(*data, sizeRequired);
+               if (!*data) {
+                       *dataLen = 0;
+                       /* TODO: LOG OOM ERROR! */
+                       return;
+               }
+       }
+       /* get data */
+       if ((hr = RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL,
+                             *data, &sizeRequired)) != ERROR_SUCCESS) {
+               /* LOG registry error */
+               return;
+       }
 }
 
 static void
 loadConfigFromRegistry(HKEY hBaseKey, const char *keyPath)
 {
-    HKEY hConfigKey;
-    DWORD iSubKey, nSubKeys, maxSubKeyNameLen;
-    DWORD dataBufferSize, dataSizeRequired;
-    char *oidStr=NULL, *oid=NULL, *sharedLib=NULL, *kernMod=NULL, *modOptions=NULL;
-    DWORD oidStrLen=0, oidLen=0, sharedLibLen=0, kernModLen=0, modOptionsLen=0;
-    HRESULT rc;
-
-    if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS|KEY_QUERY_VALUE,
-                           &hConfigKey)) != ERROR_SUCCESS) {
-        /* TODO: log registry error */
-        return;
-    }
-
-    if ((rc = RegQueryInfoKey(hConfigKey,
-        NULL, /* lpClass */
-        NULL, /* lpcClass */
-        NULL, /* lpReserved */
-        &nSubKeys,
-        &maxSubKeyNameLen,
-        NULL, /* lpcMaxClassLen */
-        NULL, /* lpcValues */
-        NULL, /* lpcMaxValueNameLen */
-        NULL, /* lpcMaxValueLen */
-        NULL, /* lpcbSecurityDescriptor */
-        NULL  /* lpftLastWriteTime */ )) != ERROR_SUCCESS) {
-        goto cleanup;
-    }
-    oidStr = malloc(++maxSubKeyNameLen);
-    if (!oidStr) {
-        goto cleanup;
-    }
-    for (iSubKey=0; iSubKey<nSubKeys; iSubKey++) {
-        oidStrLen = maxSubKeyNameLen;
-        if ((rc = RegEnumKeyEx(hConfigKey, iSubKey, oidStr, &oidStrLen, NULL, NULL, NULL, NULL)) != ERROR_SUCCESS) {
-            /* TODO: log registry error */
-            continue;
-        }
-        getRegKeyValue(hConfigKey, oidStr, "OID", &oid, &oidLen);
-        getRegKeyValue(hConfigKey, oidStr, "Shared Library", &sharedLib, &sharedLibLen);
-        getRegKeyValue(hConfigKey, oidStr, "Kernel Module", &kernMod, &kernModLen);
-        getRegKeyValue(hConfigKey, oidStr, "Options", &modOptions, &modOptionsLen);
-        addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
-    }
+       HKEY hConfigKey;
+       DWORD iSubKey, nSubKeys, maxSubKeyNameLen;
+       DWORD dataBufferSize, dataSizeRequired;
+       char *oidStr = NULL, *oid = NULL, *sharedLib = NULL, *kernMod = NULL;
+       char *modOptions = NULL;
+       DWORD oidStrLen = 0, oidLen = 0, sharedLibLen = 0, kernModLen = 0;
+       DWORD modOptionsLen = 0;
+       HRESULT rc;
+
+       if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0,
+                              KEY_ENUMERATE_SUB_KEYS|KEY_QUERY_VALUE,
+                              &hConfigKey)) != ERROR_SUCCESS) {
+               /* TODO: log registry error */
+               return;
+       }
+
+       if ((rc = RegQueryInfoKey(hConfigKey,
+               NULL, /* lpClass */
+               NULL, /* lpcClass */
+               NULL, /* lpReserved */
+               &nSubKeys,
+               &maxSubKeyNameLen,
+               NULL, /* lpcMaxClassLen */
+               NULL, /* lpcValues */
+               NULL, /* lpcMaxValueNameLen */
+               NULL, /* lpcMaxValueLen */
+               NULL, /* lpcbSecurityDescriptor */
+               NULL  /* lpftLastWriteTime */ )) != ERROR_SUCCESS) {
+               goto cleanup;
+       }
+       oidStr = malloc(++maxSubKeyNameLen);
+       if (!oidStr) {
+               goto cleanup;
+       }
+       for (iSubKey=0; iSubKey<nSubKeys; iSubKey++) {
+               oidStrLen = maxSubKeyNameLen;
+               if ((rc = RegEnumKeyEx(hConfigKey, iSubKey, oidStr, &oidStrLen,
+                                      NULL, NULL, NULL, NULL)) !=
+                   ERROR_SUCCESS) {
+                       /* TODO: log registry error */
+                       continue;
+               }
+               getRegKeyValue(hConfigKey, oidStr, "OID", &oid, &oidLen);
+               getRegKeyValue(hConfigKey, oidStr, "Shared Library",
+                              &sharedLib, &sharedLibLen);
+               getRegKeyValue(hConfigKey, oidStr, "Kernel Module", &kernMod,
+                              &kernModLen);
+               getRegKeyValue(hConfigKey, oidStr, "Options", &modOptions,
+                              &modOptionsLen);
+               addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
+       }
 cleanup:
-    RegCloseKey(hConfigKey);
-    if (oidStr) {
-        free(oidStr);
-    }
-    if (oid) {
-        free(oid);
-    }
-    if (sharedLib) {
-        free(sharedLib);
-    }
-    if (kernMod) {
-        free(kernMod);
-    }
-    if (modOptions) {
-        free(modOptions);
-    }
+       RegCloseKey(hConfigKey);
+       if (oidStr) {
+               free(oidStr);
+       }
+       if (oid) {
+               free(oid);
+       }
+       if (sharedLib) {
+               free(sharedLib);
+       }
+       if (kernMod) {
+               free(kernMod);
+       }
+       if (modOptions) {
+               free(modOptions);
+       }
 }
 #endif
 
 static void
-addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib, const char *kernMod, const char *modOptions)
+addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib,
+              const char *kernMod, const char *modOptions)
 {
 #if defined(_WIN32)
-    const char *sharedPath;
+       const char *sharedPath;
 #else
        char sharedPath[sizeof (MECH_LIB_PREFIX) + BUFSIZ];
 #endif
@@ -1323,9 +1339,9 @@ addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib, const
        OM_uint32 minor;
        gss_buffer_desc oidBuf;
 
-    if ((!oid) || (!oidStr)) {
-        return;
-    }
+       if ((!oid) || (!oidStr)) {
+               return;
+       }
        /*
         * check if an entry for this oid already exists
         * if it does, and the library is already loaded then
@@ -1339,8 +1355,8 @@ addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib, const
                (void) syslog(LOG_INFO, "invalid mechanism oid"
                                " [%s] in configuration file", oid);
 #endif
-                       return;
-               }
+               return;
+       }
 
        aMech = searchMechList(mechOid);
        if (aMech && aMech->mech) {
@@ -1356,13 +1372,13 @@ addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib, const
                return;
        }
 #if defined(_WIN32)
-    sharedPath = sharedLib;
+       sharedPath = sharedLib;
 #else
        if (sharedLib[0] == '/')
                snprintf(sharedPath, sizeof(sharedPath), "%s", sharedLib);
        else
                snprintf(sharedPath, sizeof(sharedPath), "%s%s",
-                               MECH_LIB_PREFIX, sharedLib);
+                        MECH_LIB_PREFIX, sharedLib);
 #endif
        /*
         * are we creating a new mechanism entry or
index 773198f5f422b10055b35b51557967b98ed27d89..2e0b9939c652a879b995aaf3b8ec12df1ed3349f 100644 (file)
@@ -400,26 +400,26 @@ struct atype_info {
         &aux_seqinfo_##DESCNAME,                                \
     }
 /* Integer types.  */
-#define DEFINTTYPE(DESCNAME, CTYPENAME)                         \
-    typedef CTYPENAME aux_typedefname_##DESCNAME;               \
-    static asn1_intmax loadint_##DESCNAME(const void *p)        \
-    {                                                           \
-        assert(sizeof(CTYPENAME) <= sizeof(asn1_intmax));       \
-        return *(const aux_typedefname_##DESCNAME *)p;          \
-    }                                                           \
-    const struct atype_info krb5int_asn1type_##DESCNAME = {     \
+#define DEFINTTYPE(DESCNAME, CTYPENAME)                                 \
+    typedef CTYPENAME aux_typedefname_##DESCNAME;                       \
+    static asn1_intmax loadint_##DESCNAME(const void *p)                \
+    {                                                                   \
+        assert(sizeof(CTYPENAME) <= sizeof(asn1_intmax));               \
+        return *(const aux_typedefname_##DESCNAME *)p;                  \
+    }                                                                   \
+    const struct atype_info krb5int_asn1type_##DESCNAME = {             \
         atype_int, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0, 0,        \
-        loadint_##DESCNAME, 0,                                  \
+        loadint_##DESCNAME, 0,                                          \
     }
-#define DEFUINTTYPE(DESCNAME, CTYPENAME)                        \
-    typedef CTYPENAME aux_typedefname_##DESCNAME;               \
-    static asn1_uintmax loaduint_##DESCNAME(const void *p)      \
-    {                                                           \
-        assert(sizeof(CTYPENAME) <= sizeof(asn1_uintmax));      \
-        return *(const aux_typedefname_##DESCNAME *)p;          \
-    }                                                           \
-    const struct atype_info krb5int_asn1type_##DESCNAME = {     \
-        atype_uint, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0,  \
+#define DEFUINTTYPE(DESCNAME, CTYPENAME)                         \
+    typedef CTYPENAME aux_typedefname_##DESCNAME;                \
+    static asn1_uintmax loaduint_##DESCNAME(const void *p)       \
+    {                                                            \
+        assert(sizeof(CTYPENAME) <= sizeof(asn1_uintmax));       \
+        return *(const aux_typedefname_##DESCNAME *)p;           \
+    }                                                            \
+    const struct atype_info krb5int_asn1type_##DESCNAME = {      \
+        atype_uint, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0,   \
         0, 0, loaduint_##DESCNAME,                               \
     }
 /* Pointers to other types, to be encoded as those other types.  */
@@ -492,17 +492,19 @@ struct atype_info {
     typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME;      \
     const struct atype_info krb5int_asn1type_##DESCNAME = {             \
         atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME),         \
-        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, TAG, APPLICATION, CONSTRUCTED \
+        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, TAG, APPLICATION,  \
+        CONSTRUCTED                                                     \
     }
 
 /**
  * An encoding wrapped in an octet string
  */
-#define DEFOCTETWRAPTYPE(DESCNAME, BASEDESC)                           \
+#define DEFOCTETWRAPTYPE(DESCNAME, BASEDESC)                            \
     typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME;      \
     const struct atype_info krb5int_asn1type_##DESCNAME = {             \
         atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME),         \
-        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, ASN1_OCTETSTRING, UNIVERSAL, PRIMITIVE \
+        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, ASN1_OCTETSTRING,  \
+        UNIVERSAL, PRIMITIVE                                            \
     }
 
 /*
index 599a2159da5c98995c7ad520051fd4dd8affb34f..db33241129996e063fe408c7adfcf1d68a0114d6 100644 (file)
@@ -1349,8 +1349,7 @@ asn1_decode_sequence_of_trusted_ca(asn1buf *buf, krb5_trusted_ca ***val)
 }
 
 static asn1_error_code
-asn1_decode_kdf_alg_id_ptr( asn1buf *buf,
-                            krb5_octet_data **valptr)
+asn1_decode_kdf_alg_id_ptr(asn1buf *buf, krb5_octet_data **valptr)
 {
     decode_ptr(krb5_octet_data *, asn1_decode_kdf_alg_id);
 }
@@ -1733,8 +1732,8 @@ asn1_decode_typed_data_ptr(asn1buf *buf, krb5_typed_data **valptr)
 asn1_error_code
 asn1_decode_kdf_alg_id( asn1buf *buf, krb5_octet_data *val)
 {
-        setup();
-        val->data = NULL;
+    setup();
+    val->data = NULL;
     { begin_structure();
         get_lenfield(val->length,val->data,0,asn1_decode_oid);
         end_structure();
@@ -1745,7 +1744,7 @@ error_out:
     return retval;
 }
 
- asn1_error_code
+asn1_error_code
 asn1_decode_sequence_of_kdf_alg_id(asn1buf *buf,
                                    krb5_octet_data ***val)
 {
index ed51ab1646861a1ed3572848c1945454d906fb39..c19fe83eda8e7474f3451b29e97aa46fe6d30ab6 100644 (file)
@@ -277,7 +277,7 @@ asn1_error_code asn1_decode_iakerb_finished(asn1buf *buf,
                                             krb5_iakerb_finished *val);
 
 asn1_error_code
-asn1_decode_kdf_alg_id( asn1buf *buf, krb5_octet_data *val);
+asn1_decode_kdf_alg_id(asn1buf *buf, krb5_octet_data *val);
 
  asn1_error_code
 asn1_decode_sequence_of_kdf_alg_id(asn1buf *buf,
index c0aa2a2c3fb78d27272c611559f8103a8440d5a8..73abbd4c4ef4f1c5e9b2750ee3a55a3f1f21d718 100644 (file)
@@ -240,7 +240,7 @@ asn1_decode_auth_pack(asn1buf *buf, krb5_auth_pack *val)
         }
         opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
         opt_field(val->supportedKDFs, 4, asn1_decode_sequence_of_kdf_alg_id, NULL);
-                end_structure();
+        end_structure();
     }
     return 0;
 error_out:
@@ -258,8 +258,7 @@ error_out:
     }
     free(val->clientDHNonce.data);
     if (val->supportedKDFs) {
-
-        for (i=0; val->supportedKDFs[i]; i++)
+        for (i = 0; val->supportedKDFs[i]; i++)
             krb5_free_octet_data(NULL, val->supportedKDFs[i]);
         free(val->supportedKDFs);
         val->supportedKDFs = NULL;
index 2c7c43a832f842975f4116c853d9a29831abc219..9e03b67635e99ea4d1a7afaa1853328d79bef1fe 100644 (file)
@@ -1820,7 +1820,7 @@ asn1_encode_auth_pack(asn1buf *buf, const krb5_auth_pack *val,
     asn1_setup();
 
     if (val->supportedKDFs != NULL)
-        asn1_addfield( val->supportedKDFs, 4, asn1_encode_supported_kdfs);
+        asn1_addfield(val->supportedKDFs, 4, asn1_encode_supported_kdfs);
     if (val->clientDHNonce.length != 0)
         asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
     if (val->supportedCMSTypes != NULL)
index 1f81d1c029b0fc80334b4ecc62a8577975312e4f..c148d5a4b9bb9135cb066faf26d1a3a0bf4cc4d6 100644 (file)
@@ -30,7 +30,7 @@ STLIBOBJS= \
        pkinit_srv.o \
        pkinit_lib.o \
        pkinit_clnt.o \
-        pkinit_kdf_constants.o \
+       pkinit_kdf_constants.o \
        pkinit_profile.o \
        pkinit_identity.o \
        pkinit_matching.o \
@@ -57,10 +57,10 @@ clean::
        $(RM) pkinit_test_kdf
 
 check-unix:: pkinit_kdf_test
-            $(RUN_SETUP) $(VALGRIND) ./pkinit_kdf_test
+       $(RUN_SETUP) $(VALGRIND) ./pkinit_kdf_test
 
 pkinit_kdf_test: pkinit_kdf_test.o $(STLIBOBJS) $(SHLIB_EXPDEPS)
-                $(CC_LINK) -o $@ pkinit_kdf_test.o $(STLIBOBJS) $(SHLIB_EXPLIBS)
+       $(CC_LINK) -o $@ pkinit_kdf_test.o $(STLIBOBJS) $(SHLIB_EXPLIBS)
 
 @libnover_frag@
 @libobj_frag@
index 8928e9d80c2d48bd16840e8ae26a86cc51059ca9..ffe2a14f7ad5d41bde5b0bfd2d7c79f4dd021792 100644 (file)
@@ -219,13 +219,13 @@ typedef struct _pkinit_context *pkinit_context;
  * Client's per-request context
  */
 struct _pkinit_req_context {
-  unsigned int magic;
+    unsigned int magic;
     pkinit_req_crypto_context cryptoctx;
     pkinit_req_opts *opts;
     pkinit_identity_crypto_context idctx;
     pkinit_identity_opts *idopts;
     krb5_preauthtype pa_type;
-  int rfc6112_kdc;
+    int rfc6112_kdc;
 };
 typedef struct _pkinit_req_context *pkinit_req_context;
 
index 85b01673785987f14268d1a5cb7f31b4f392d2e3..3d3dcebb5386a0735e2f35bff2c57a01160bc109 100644 (file)
@@ -70,9 +70,9 @@ use_content_info(krb5_context context, pkinit_req_context req,
         return 0;
     if (krb5_principal_compare_any_realm(context, client,
                                          krb5_anonymous_principal()))
-                return 1;
+        return 1;
     return 0;
-    }
+}
 
 static krb5_error_code
 pkinit_as_req_create(krb5_context context, pkinit_context plgctx,
@@ -364,7 +364,7 @@ pkinit_as_req_create(krb5_context context,
             retval = ENOMEM;
             goto cleanup;
         }
-        if (use_content_info(context, reqctx, client))
+        if (use_content_info(context, reqctx, client)) {
             retval = cms_contentinfo_create(context, plgctx->cryptoctx,
                                             reqctx->cryptoctx, reqctx->idctx,
                                             CMS_SIGN_CLIENT, (unsigned char *)
@@ -372,7 +372,7 @@ pkinit_as_req_create(krb5_context context,
                                             coded_auth_pack->length,
                                             &req->signedAuthPack.data,
                                             &req->signedAuthPack.length);
-        else {
+        else {
             retval = cms_signeddata_create(context, plgctx->cryptoctx,
                                            reqctx->cryptoctx, reqctx->idctx,
                                            CMS_SIGN_CLIENT, 1,
@@ -1030,7 +1030,7 @@ pkinit_client_process(krb5_context context, krb5_clpreauth_moddata moddata,
     case KRB5_PADATA_PKINIT_KX:
         reqctx->rfc6112_kdc = 1;
         return 0;
-            case KRB5_PADATA_PK_AS_REQ:
+    case KRB5_PADATA_PK_AS_REQ:
         pkiDebug("processing KRB5_PADATA_PK_AS_REQ\n");
         processing_request = 1;
         break;
index 37685f3da444eec0da6230ad573db99069def30f..f6c7d5b5dc964c09bd68126c43a70798ec28f1ce 100644 (file)
@@ -2103,7 +2103,8 @@ pkinit_octetstring2key(krb5_context context,
                        unsigned char *key,
                        unsigned int dh_key_len,
                        krb5_keyblock *key_block)
-{   krb5_error_code retval;
+{
+    krb5_error_code retval;
     unsigned char *buf = NULL;
     unsigned char md[SHA_DIGEST_LENGTH];
     unsigned char counter;
@@ -2183,22 +2184,19 @@ pkinit_alg_values(krb5_context context,
         *hash_bytes = 20;
         *func = &EVP_sha1;
         return 0;
-    }
-    else if ((alg_id->length == krb5_pkinit_sha256_oid_len) &&
-             (0 == memcmp(alg_id->data, krb5_pkinit_sha256_oid,
-                          krb5_pkinit_sha256_oid_len))) {
+    } else if ((alg_id->length == krb5_pkinit_sha256_oid_len) &&
+               (0 == memcmp(alg_id->data, krb5_pkinit_sha256_oid,
+                            krb5_pkinit_sha256_oid_len))) {
         *hash_bytes = 32;
         *func = &EVP_sha256;
         return 0;
-    }
-    else if ((alg_id->length == krb5_pkinit_sha512_oid_len) &&
-             (0 == memcmp(alg_id->data, krb5_pkinit_sha512_oid,
-                          krb5_pkinit_sha512_oid_len))) {
+    } else if ((alg_id->length == krb5_pkinit_sha512_oid_len) &&
+               (0 == memcmp(alg_id->data, krb5_pkinit_sha512_oid,
+                            krb5_pkinit_sha512_oid_len))) {
         *hash_bytes = 32;
         *func = &EVP_sha512;
         return 0;
-    }
-    else {
+    } else {
         krb5_set_error_message(context, KRB5_ERR_BAD_S2K_PARAMS,
                                "Bad algorithm ID passed to PK-INIT KDF.");
         return KRB5_ERR_BAD_S2K_PARAMS;
index e967f38b8d836edabb80244597dcf62a54d4f462..f29764a1bd609048ecec80d92be3e179bce08f5a 100644 (file)
@@ -1,5 +1,5 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c */
+/* plugins/preauth/pkinit/pkinit_kdf_constants.c */
 /*
  * Copyright (C) 2011 by the Massachusetts Institute of Technology.
  * All rights reserved.
index 3f7c7c4a4b997aa479231136d859ae0ca086eb56..bb967bfbc762fbf789838c60f55c19f96c6bc499 100644 (file)
@@ -1,5 +1,5 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c */
+/* plugins/preauth/pkinit/pkinit_kdf_test.c */
 /*
  * Copyright (C) 2011 by the Massachusetts Institute of Technology.
  * All rights reserved.
 int secret_len = 256;
 char twenty_as[10];
 char eighteen_bs[9] ;
-char party_u_name [] = "lha@SU.SE";
-char party_v_name [] = "krbtgt/SU.SE@SU.SE";
+char party_u_name[] = "lha@SU.SE";
+char party_v_name[] = "krbtgt/SU.SE@SU.SE";
 int enctype_value = 18;
-krb5_octet key_hex [] =
+krb5_octet key_hex[] =
 {0xe6, 0xAB, 0x38, 0xC9, 0x41, 0x3E, 0x03, 0x5B,
  0xB0, 0x79, 0x20, 0x1E, 0xD0, 0xB6, 0xB7, 0x3D,
  0x8D, 0x49, 0xA8, 0x14, 0xA7, 0x37, 0xC0, 0x4E,
@@ -66,8 +66,7 @@ krb5_octet key_hex [] =
 const krb5_data lha_data = DATA_FROM_STRING("lha");
 
 int
-main (int argc,
-      char  **argv)
+main(int argc, char **argv)
 {
     /* arguments for calls to pkinit_alg_agility_kdf() */
     krb5_context context = 0;
@@ -87,13 +86,13 @@ main (int argc,
 
     /* initialize variables that get malloc'ed, so cleanup is safe */
     krb5_init_context (&context);
-    memset (&alg_id, 0, sizeof(alg_id));
-    memset (&as_req, 0, sizeof(as_req));
-    memset (&pk_as_rep, 0, sizeof(pk_as_rep));
-    memset (&key_block, 0, sizeof(key_block));
+    memset(&alg_id, 0, sizeof(alg_id));
+    memset(&as_req, 0, sizeof(as_req));
+    memset(&pk_as_rep, 0, sizeof(pk_as_rep));
+    memset(&key_block, 0, sizeof(key_block));
 
     /* set up algorithm id */
-    alg_id.algorithm.data = (unsigned char *) &krb5_pkinit_sha1_oid;
+    alg_id.algorithm.data = (unsigned char *)&krb5_pkinit_sha1_oid;
     alg_id.algorithm.length = krb5_pkinit_sha1_oid_len;
 
     /* set up a 256-byte, ALL-ZEROS secret */
@@ -134,7 +133,8 @@ main (int argc,
     }
 
     /* call pkinit_alg_agility_kdf() with test vector values*/
-    if (0 != (retval = pkinit_alg_agility_kdf(context, &secret, &alg_id.algorithm,
+    if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
+                                              &alg_id.algorithm,
                                               u_principal, v_principal,
                                               enctype, &as_req, &pk_as_rep,
                                               &key_block))) {
@@ -149,20 +149,16 @@ main (int argc,
         (0 == memcmp(key_block.contents, key_hex, key_block.length))) {
         printf("SUCCESS: Correct key value generated!");
         retval = 0;
-    }
-    else {
+    } else {
         printf("FAILURE: Incorrect key value generated!");
         retval = 1;
     }
 
 cleanup:
     /* release all allocated resources, whether good or bad return */
-    if (secret.data)
-        free(secret.data);
-    if (u_principal)
-        free(u_principal);
-    if (v_principal)
-        free(v_principal);
+    free(secret.data);
+    free(u_principal);
+    free(v_principal);
     krb5_free_keyblock_contents(context, &key_block);
     exit(retval);
 }
index 034587b138f3fa6e0e5918e8a7d7a4d890ee52d2..f93c0743f42ddcd28a3e1ba0d01e53e1d18c10b0 100644 (file)
@@ -164,8 +164,7 @@ free_krb5_auth_pack(krb5_auth_pack **in)
     if ((*in)->supportedCMSTypes != NULL)
         free_krb5_algorithm_identifiers(&((*in)->supportedCMSTypes));
     if ((*in)->supportedKDFs) {
-        krb5_octet_data **supportedKDFs =
-            (*in)->supportedKDFs;
+        krb5_octet_data **supportedKDFs = (*in)->supportedKDFs;
         unsigned i;
         for (i = 0; supportedKDFs[i]; i++)
             krb5_free_octet_data(NULL, supportedKDFs[i]);