From: Greg Hudson Date: Mon, 14 Jun 2010 20:00:03 +0000 (+0000) Subject: Adjust the PKINIT DH debugging code: X-Git-Tag: krb5-1.9-beta1~191 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=198bff2487daf274d7aafcfd64227fe17676221c;p=krb5.git Adjust the PKINIT DH debugging code: * Use %p and void * for pointers instead of %x and int * Don't call the computed symmetric key the "secret key" since that's easily confused with the private key g^x. * Print the private key when printing DH parameters, instead of the q value (not even sure what they is). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24136 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index d000466e3..770642f31 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -2246,7 +2246,7 @@ client_process_dh(krb5_context context, DH_compute_key(*client_key, server_pub_key, cryptoctx->dh); #ifdef DEBUG_DH print_pubkey(server_pub_key, "server's pub_key="); - pkiDebug("client secret key (%d)= ", *client_key_len); + pkiDebug("client computed key (%d)= ", *client_key_len); print_buffer(*client_key, *client_key_len); #endif @@ -2384,7 +2384,7 @@ server_process_dh(krb5_context context, print_dh(dh_server, "client&server's DH params\n"); print_pubkey(dh->pub_key, "client's pub_key="); print_pubkey(dh_server->pub_key, "server's pub_key="); - pkiDebug("server secret key="); + pkiDebug("server computed key="); print_buffer(*server_key, *server_key_len); #endif @@ -3527,7 +3527,7 @@ pkinit_C_Decrypt(pkinit_identity_crypto_context id_cryptoctx, rv = id_cryptoctx->p11->C_Decrypt(id_cryptoctx->session, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen); if (rv == CKR_OK) { - pkiDebug("pData %x *pulDataLen %d\n", (unsigned int) pData, + pkiDebug("pData %p *pulDataLen %d\n", (void *) pData, (int) *pulDataLen); } return rv; @@ -3568,9 +3568,9 @@ pkinit_decode_data_pkcs11(krb5_context context, if (cp == NULL) return ENOMEM; len = data_len; - pkiDebug("session %x edata %x edata_len %d data %x datalen @%x %d\n", - (int) id_cryptoctx->session, (int) data, (int) data_len, (int) cp, - (int) &len, (int) len); + pkiDebug("session %p edata %p edata_len %d data %p datalen @%p %d\n", + (void *) id_cryptoctx->session, (void *) data, (int) data_len, + (void *) cp, (void *) &len, (int) len); if ((r = pkinit_C_Decrypt(id_cryptoctx, data, (CK_ULONG) data_len, cp, &len)) != CKR_OK) { pkiDebug("C_Decrypt: %s\n", pkinit_pkcs11_code_to_text(r)); @@ -5659,7 +5659,8 @@ print_dh(DH * dh, char *msg) if (dh) DHparams_print(bio_err, dh); - BN_print(bio_err, dh->q); + BIO_puts(bio_err, "private key: "); + BN_print(bio_err, dh->priv_key); BIO_puts(bio_err, (const char *)"\n"); BIO_free(bio_err);