/*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
unsigned char *tbuf = NULL;
int keyUsage;
size_t rrc = 0;
- unsigned int gssHeaderLen, gssTrailerLen;
+ size_t gssHeaderLen, gssTrailerLen;
size_t dataLen, assocDataLen;
krb5_context krbContext;
+#ifdef HAVE_HEIMDAL_VERSION
+ krb5_crypto krbCrypto = NULL;
+#endif
if (ctx->encryptionType == ENCTYPE_NULL) {
*minor = GSSEAP_KEY_UNAVAILABLE;
trailer = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
+#ifdef HAVE_HEIMDAL_VERSION
+ code = krb5_crypto_init(krbContext, &ctx->rfc3961Key, ETYPE_NULL, &krbCrypto);
+ if (code != 0)
+ goto cleanup;
+#endif
+
if (toktype == TOK_TYPE_WRAP && conf_req_flag) {
- unsigned int krbHeaderLen, krbTrailerLen, krbPadLen;
- size_t ec = 0;
- size_t confDataLen = dataLen - assocDataLen;
+ size_t krbHeaderLen, krbTrailerLen, krbPadLen;
+ size_t ec = 0, confDataLen = dataLen - assocDataLen;
- code = krb5_c_crypto_length(krbContext, ctx->encryptionType,
- KRB5_CRYPTO_TYPE_HEADER, &krbHeaderLen);
+ code = krbCryptoLength(krbContext, KRB_CRYPTO_CONTEXT(ctx),
+ KRB5_CRYPTO_TYPE_HEADER, &krbHeaderLen);
if (code != 0)
goto cleanup;
- code = krb5_c_padding_length(krbContext, ctx->encryptionType,
- confDataLen + 16 /* E(Header) */,
- &krbPadLen);
+ code = krbPaddingLength(krbContext, KRB_CRYPTO_CONTEXT(ctx),
+ confDataLen + 16 /* E(Header) */,
+ &krbPadLen);
if (code != 0)
goto cleanup;
if (krbPadLen == 0 && (ctx->gssFlags & GSS_C_DCE_STYLE)) {
/* Windows rejects AEAD tokens with non-zero EC */
- code = krb5_c_block_size(krbContext, ctx->encryptionType, &ec);
+ code = krbBlockSize(krbContext, KRB_CRYPTO_CONTEXT(ctx), &ec);
if (code != 0)
goto cleanup;
} else
ec = krbPadLen;
- code = krb5_c_crypto_length(krbContext, ctx->encryptionType,
- KRB5_CRYPTO_TYPE_TRAILER, &krbTrailerLen);
+ code = krbCryptoLength(krbContext, KRB_CRYPTO_CONTEXT(ctx),
+ KRB5_CRYPTO_TYPE_TRAILER, &krbTrailerLen);
if (code != 0)
goto cleanup;
code = gssEapEncrypt(krbContext,
((ctx->gssFlags & GSS_C_DCE_STYLE) != 0),
- ec, rrc, &ctx->rfc3961Key,
- keyUsage, 0, iov, iov_count);
+ ec, rrc, KRB_CRYPTO_CONTEXT(ctx),
+ keyUsage, iov, iov_count);
if (code != 0)
goto cleanup;
gssHeaderLen = 16;
- code = krb5_c_crypto_length(krbContext, ctx->encryptionType,
- KRB5_CRYPTO_TYPE_CHECKSUM,
- &gssTrailerLen);
+ code = krbCryptoLength(krbContext, KRB_CRYPTO_CONTEXT(ctx),
+ KRB5_CRYPTO_TYPE_CHECKSUM, &gssTrailerLen);
if (code != 0)
goto cleanup;
}
store_uint64_be(ctx->sendSeq, outbuf + 8);
- code = gssEapSign(krbContext, ctx->checksumType,
- rrc, &ctx->rfc3961Key, keyUsage,
+ code = gssEapSign(krbContext, ctx->checksumType, rrc,
+ KRB_CRYPTO_CONTEXT(ctx), keyUsage,
iov, iov_count);
if (code != 0)
goto cleanup;
cleanup:
if (code != 0)
gssEapReleaseIov(iov, iov_count);
+#ifdef HAVE_HEIMDAL_VERSION
+ if (krbCrypto != NULL)
+ krb5_crypto_destroy(krbContext, krbCrypto);
+#endif
*minor = code;