X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=util_cksum.c;h=cbd531d3fbdcca7ac370798d7cf691f04306f992;hb=163856b1a70d7773c46d4ea5495b85c4dce0f089;hp=505256c0ddd4f990e4a2e4f55a3a60c66aeafe4f;hpb=6ce212c9c7eeabe92a4a96922b97eb89737d5a64;p=mech_eap.orig diff --git a/util_cksum.c b/util_cksum.c index 505256c..cbd531d 100644 --- a/util_cksum.c +++ b/util_cksum.c @@ -51,13 +51,21 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* + * Message protection services: checksum helpers. + */ + #include "gssapiP_eap.h" static int gssEapChecksum(krb5_context context, krb5_cksumtype type, size_t rrc, - krb5_keyblock *key, +#ifdef HAVE_HEIMDAL_VERSION + krb5_crypto crypto, +#else + krb5_keyblock *crypto, +#endif krb5_keyusage sign_usage, gss_iov_buffer_desc *iov, int iov_count, @@ -70,13 +78,15 @@ gssEapChecksum(krb5_context context, krb5_crypto_iov *kiov; size_t kiov_count; int i = 0, j; - unsigned int k5_checksumlen; + size_t k5_checksumlen; +#ifdef HAVE_HEIMDAL_VERSION + krb5_cksumtype cksumtype; +#endif if (verify) *valid = FALSE; - code = krb5_c_crypto_length(context, KRB_KEYTYPE(key), - KRB5_CRYPTO_TYPE_CHECKSUM, &k5_checksumlen); + code = krbCryptoLength(context, crypto, KRB5_CRYPTO_TYPE_CHECKSUM, &k5_checksumlen); if (code != 0) return code; @@ -126,17 +136,28 @@ gssEapChecksum(krb5_context context, } i++; +#ifdef HAVE_HEIMDAL_VERSION + if (verify) { + code = krb5_verify_checksum_iov(context, crypto, sign_usage, + kiov, kiov_count, &cksumtype); + *valid = (code == 0); + } else { + code = krb5_create_checksum_iov(context, crypto, sign_usage, + kiov, kiov_count, &cksumtype); + } +#else if (verify) { krb5_boolean kvalid = FALSE; - code = krb5_c_verify_checksum_iov(context, type, key, + code = krb5_c_verify_checksum_iov(context, type, crypto, sign_usage, kiov, kiov_count, &kvalid); *valid = kvalid; } else { - code = krb5_c_make_checksum_iov(context, type, key, + code = krb5_c_make_checksum_iov(context, type, crypto, sign_usage, kiov, kiov_count); } +#endif /* HAVE_HEIMDAL_VERSION */ GSSEAP_FREE(kiov); @@ -147,12 +168,16 @@ int gssEapSign(krb5_context context, krb5_cksumtype type, size_t rrc, - krb5_keyblock *key, +#ifdef HAVE_HEIMDAL_VERSION + krb5_crypto crypto, +#else + krb5_keyblock *crypto, +#endif krb5_keyusage sign_usage, gss_iov_buffer_desc *iov, int iov_count) { - return gssEapChecksum(context, type, rrc, key, + return gssEapChecksum(context, type, rrc, crypto, sign_usage, iov, iov_count, 0, NULL); } @@ -160,16 +185,21 @@ int gssEapVerify(krb5_context context, krb5_cksumtype type, size_t rrc, - krb5_keyblock *key, +#ifdef HAVE_HEIMDAL_VERSION + krb5_crypto crypto, +#else + krb5_keyblock *crypto, +#endif krb5_keyusage sign_usage, gss_iov_buffer_desc *iov, int iov_count, int *valid) { - return gssEapChecksum(context, type, rrc, key, + return gssEapChecksum(context, type, rrc, crypto, sign_usage, iov, iov_count, 1, valid); } +#if 0 OM_uint32 gssEapEncodeGssChannelBindings(OM_uint32 *minor, gss_channel_bindings_t chanBindings, @@ -180,7 +210,7 @@ gssEapEncodeGssChannelBindings(OM_uint32 *minor, unsigned char *p; if (chanBindings != GSS_C_NO_CHANNEL_BINDINGS) { - length = sizeof(OM_uint32) * 5; + length = 24; length += chanBindings->initiator_address.length; length += chanBindings->acceptor_address.length; length += chanBindings->application_data.length; @@ -212,3 +242,4 @@ gssEapEncodeGssChannelBindings(OM_uint32 *minor, *minor = 0; return GSS_S_COMPLETE; } +#endif