X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.orig;a=blobdiff_plain;f=util_crypt.c;h=9841c9dcf7568f2e5f911010947f9ff8ad2341bd;hp=62e880e5b0163cb9e0104dbd836362621b949598;hb=163856b1a70d7773c46d4ea5495b85c4dce0f089;hpb=5df2dcc26a31c87842368ce56caca635bcb1d435

diff --git a/util_crypt.c b/util_crypt.c
index 62e880e..9841c9d 100644
--- a/util_crypt.c
+++ b/util_crypt.c
@@ -90,7 +90,12 @@
  */
 static krb5_error_code
 mapIov(krb5_context context, int dce_style, size_t ec, size_t rrc,
-       krb5_enctype enctype, gss_iov_buffer_desc *iov,
+#ifdef HAVE_HEIMDAL_VERSION
+       krb5_crypto crypto,
+#else
+       krb5_keyblock *crypto,
+#endif
+       gss_iov_buffer_desc *iov,
        int iov_count, krb5_crypto_iov **pkiov,
        size_t *pkiov_count)
 {
@@ -99,7 +104,7 @@ mapIov(krb5_context context, int dce_style, size_t ec, size_t rrc,
     int i = 0, j;
     size_t kiov_count;
     krb5_crypto_iov *kiov;
-    unsigned int k5_headerlen = 0, k5_trailerlen = 0;
+    size_t k5_headerlen = 0, k5_trailerlen = 0;
     size_t gss_headerlen, gss_trailerlen;
     krb5_error_code code;
 
@@ -112,13 +117,11 @@ mapIov(krb5_context context, int dce_style, size_t ec, size_t rrc,
     trailer = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
     assert(trailer == NULL || rrc == 0);
 
-    code = krb5_c_crypto_length(context, enctype, KRB5_CRYPTO_TYPE_HEADER,
-                                &k5_headerlen);
+    code = krbCryptoLength(context, crypto, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
     if (code != 0)
         return code;
 
-    code = krb5_c_crypto_length(context, enctype, KRB5_CRYPTO_TYPE_TRAILER,
-                                &k5_trailerlen);
+    code = krbCryptoLength(context, crypto, KRB5_CRYPTO_TYPE_TRAILER, &k5_trailerlen);
     if (code != 0)
         return code;
 
@@ -198,89 +201,83 @@ mapIov(krb5_context context, int dce_style, size_t ec, size_t rrc,
 }
 
 int
-gssEapEncrypt(krb5_context context, int dce_style, size_t ec,
-              size_t rrc, krb5_keyblock *key, int usage, krb5_pointer iv,
-              gss_iov_buffer_desc *iov, int iov_count)
+gssEapEncrypt(krb5_context context,
+              int dce_style,
+              size_t ec,
+              size_t rrc,
+#ifdef HAVE_HEIMDAL_VERSION
+              krb5_crypto crypto,
+#else
+              krb5_keyblock *crypto,
+#endif
+              int usage,
+              gss_iov_buffer_desc *iov,
+              int iov_count)
 {
     krb5_error_code code;
-    size_t blocksize;
-    krb5_data ivd, *pivd;
     size_t kiov_count;
-    krb5_crypto_iov *kiov;
+    krb5_crypto_iov *kiov = NULL;
 
-    if (iv) {
-        code = krb5_c_block_size(context, KRB_KEY_TYPE(key), &blocksize);
-        if (code)
-            return(code);
-
-        ivd.length = blocksize;
-        ivd.data = GSSEAP_MALLOC(ivd.length);
-        if (ivd.data == NULL)
-            return ENOMEM;
-        memcpy(ivd.data, iv, ivd.length);
-        pivd = &ivd;
-    } else {
-        pivd = NULL;
-    }
+    code = mapIov(context, dce_style, ec, rrc, crypto,
+                  iov, iov_count, &kiov, &kiov_count);
+    if (code != 0)
+        goto cleanup;
 
-    code = mapIov(context, dce_style, ec, rrc,
-                  KRB_KEY_TYPE(key), iov, iov_count,
-                  &kiov, &kiov_count);
-    if (code == 0) {
-        code = krb5_c_encrypt_iov(context, key, usage, pivd, kiov, kiov_count);
-        GSSEAP_FREE(kiov);
-    }
+#ifdef HAVE_HEIMDAL_VERSION
+    code = krb5_encrypt_iov_ivec(context, crypto, usage, kiov, kiov_count, NULL);
+#else
+    code = krb5_c_encrypt_iov(context, crypto, usage, NULL, kiov, kiov_count);
+#endif
+    if (code != 0)
+        goto cleanup;
 
-    if (pivd != NULL)
-        GSSEAP_FREE(pivd->data);
+cleanup:
+    if (kiov != NULL)
+        GSSEAP_FREE(kiov);
 
     return code;
 }
 
 int
-gssEapDecrypt(krb5_context context, int dce_style, size_t ec,
-              size_t rrc, krb5_keyblock *key, int usage, krb5_pointer iv,
-              gss_iov_buffer_desc *iov, int iov_count)
+gssEapDecrypt(krb5_context context,
+              int dce_style,
+              size_t ec,
+              size_t rrc,
+#ifdef HAVE_HEIMDAL_VERSION
+              krb5_crypto crypto,
+#else
+              krb5_keyblock *crypto,
+#endif
+              int usage,
+              gss_iov_buffer_desc *iov,
+              int iov_count)
 {
     krb5_error_code code;
-    size_t blocksize;
-    krb5_data ivd, *pivd;
     size_t kiov_count;
     krb5_crypto_iov *kiov;
 
-    if (iv) {
-        code = krb5_c_block_size(context, KRB_KEY_TYPE(key), &blocksize);
-        if (code)
-            return(code);
-
-        ivd.length = blocksize;
-        ivd.data = GSSEAP_MALLOC(ivd.length);
-        if (ivd.data == NULL)
-            return ENOMEM;
-        memcpy(ivd.data, iv, ivd.length);
-        pivd = &ivd;
-    } else {
-        pivd = NULL;
-    }
+    code = mapIov(context, dce_style, ec, rrc, crypto,
+                  iov, iov_count, &kiov, &kiov_count);
+    if (code != 0)
+        goto cleanup;
 
-    code = mapIov(context, dce_style, ec, rrc,
-                  KRB_KEY_TYPE(key), iov, iov_count,
-                  &kiov, &kiov_count);
-    if (code == 0) {
-        code = krb5_c_decrypt_iov(context, key, usage, pivd, kiov, kiov_count);
-        GSSEAP_FREE(kiov);
-    }
+#ifdef HAVE_HEIMDAL_VERSION
+    code = krb5_decrypt_iov_ivec(context, crypto, usage, kiov, kiov_count, NULL);
+#else
+    code = krb5_c_decrypt_iov(context, crypto, usage, NULL, kiov, kiov_count);
+#endif
 
-    if (pivd != NULL)
-        GSSEAP_FREE(pivd->data);
+cleanup:
+    if (kiov != NULL)
+        GSSEAP_FREE(kiov);
 
     return code;
 }
 
-krb5_cryptotype
+int
 gssEapMapCryptoFlag(OM_uint32 type)
 {
-    krb5_cryptotype ktype;
+    int ktype;
 
     switch (GSS_IOV_BUFFER_TYPE(type)) {
     case GSS_IOV_BUFFER_TYPE_DATA: