size_t rrc = 0;
unsigned int gssHeaderLen, gssTrailerLen;
size_t dataLen, assocDataLen;
+ krb5_context krbContext;
if (!CTX_IS_ESTABLISHED(ctx))
return GSS_S_NO_CONTEXT;
+ GSSEAP_KRB_INIT(&krbContext);
+
acceptorFlag = CTX_IS_INITIATOR(ctx) ? 0 : TOK_FLAG_SENDER_IS_ACCEPTOR;
keyUsage = ((toktype == TOK_TYPE_WRAP)
? (CTX_IS_INITIATOR(ctx)
size_t ec = 0;
size_t confDataLen = dataLen - assocDataLen;
- code = krb5_c_crypto_length(ctx->kerberosCtx, ctx->encryptionType,
+ code = krb5_c_crypto_length(krbContext, ctx->encryptionType,
KRB5_CRYPTO_TYPE_HEADER, &krbHeaderLen);
if (code != 0)
goto cleanup;
- code = krb5_c_padding_length(ctx->kerberosCtx, ctx->encryptionType,
+ code = krb5_c_padding_length(krbContext, ctx->encryptionType,
confDataLen + 16 /* E(Header) */,
&krbPadLen);
if (code != 0)
if (krbPadLen == 0 && (ctx->gssFlags & GSS_C_DCE_STYLE)) {
/* Windows rejects AEAD tokens with non-zero EC */
- code = krb5_c_block_size(ctx->kerberosCtx, ctx->encryptionType, &ec);
+ code = krb5_c_block_size(krbContext, ctx->encryptionType, &ec);
if (code != 0)
goto cleanup;
} else
ec = krbPadLen;
- code = krb5_c_crypto_length(ctx->kerberosCtx, ctx->encryptionType,
+ code = krb5_c_crypto_length(krbContext, ctx->encryptionType,
KRB5_CRYPTO_TYPE_TRAILER, &krbTrailerLen);
if (code != 0)
goto cleanup;
memset(tbuf, 0xFF, ec);
memcpy(tbuf + ec, header->buffer.value, 16);
- code = gssEapEncrypt(ctx->kerberosCtx,
+ code = gssEapEncrypt(krbContext,
((ctx->gssFlags & GSS_C_DCE_STYLE) != 0),
- ec, rrc, ctx->rfc3961Key,
+ ec, rrc, &ctx->rfc3961Key,
keyUsage, 0, iov, iov_count);
if (code != 0)
goto cleanup;
gssHeaderLen = 16;
- code = krb5_c_crypto_length(ctx->kerberosCtx, ctx->encryptionType,
+ code = krb5_c_crypto_length(krbContext, ctx->encryptionType,
KRB5_CRYPTO_TYPE_CHECKSUM,
&gssTrailerLen);
if (code != 0)
}
store_64_be(ctx->sendSeq, outbuf + 8);
- code = gssEapSign(ctx->kerberosCtx, ctx->checksumType,
- rrc, ctx->rfc3961Key, keyUsage,
+ code = gssEapSign(krbContext, ctx->checksumType,
+ rrc, &ctx->rfc3961Key, keyUsage,
iov, iov_count);
if (code != 0)
goto cleanup;