+ krb5_error_code code;
+ int i;
+ OM_uint32 tmpMinor;
+ size_t prflen;
+ krb5_data t, ns;
+ unsigned char *p;
+
+ prf_out->length = 0;
+ prf_out->value = NULL;
+
+ if (!CTX_IS_ESTABLISHED(ctx))
+ return GSS_S_NO_CONTEXT;
+
+ t.length = 0;
+ t.data = NULL;
+
+ ns.length = 0;
+ ns.data = NULL;
+
+ if (prf_key != GSS_C_PRF_KEY_FULL &&
+ prf_key != GSS_C_PRF_KEY_FULL) {
+ code = EINVAL;
+ goto cleanup;
+ }
+
+ prf_out->value = GSSEAP_MALLOC(desired_output_len);
+ if (prf_out->value == NULL) {
+ code = ENOMEM;
+ goto cleanup;
+ }
+ prf_out->length = desired_output_len;
+
+ code = krb5_c_prf_length(ctx->kerberosCtx,
+ ctx->encryptionType,
+ &prflen);
+ if (code != 0)
+ goto cleanup;
+
+ ns.length = 4 + prf_in->length;
+ ns.data = GSSEAP_MALLOC(ns.length);
+ if (ns.data == NULL) {
+ code = ENOMEM;
+ goto cleanup;
+ }
+
+ t.length = prflen;
+ t.data = GSSEAP_MALLOC(t.length);
+ if (t.data == NULL) {
+ code = ENOMEM;
+ goto cleanup;
+ }
+
+ memcpy(ns.data + 4, prf_in->value, prf_in->length);
+ i = 0;
+ p = (unsigned char *)prf_out->value;
+ while (desired_output_len > 0) {
+ store_uint32_be(i, ns.data);
+
+ code = krb5_c_prf(ctx->kerberosCtx, ctx->encryptionKey, &ns, &t);
+ if (code != 0)
+ goto cleanup;
+
+ memcpy(p, t.data, MIN(t.length, desired_output_len));
+
+ p += t.length;
+ desired_output_len -= t.length;
+ i++;
+ }
+
+cleanup:
+ if (code != 0)
+ gss_release_buffer(&tmpMinor, prf_out);
+ krb5_free_data_contents(ctx->kerberosCtx, &ns);
+ krb5_free_data_contents(ctx->kerberosCtx, &t);
+
+ *minor = code;
+ return (code == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE;