1 files changed, 38 insertions, 41 deletions

diff --git a/src/lib/crypto/crypto_tests/t_cksum.c b/src/lib/crypto/crypto_tests/t_cksum.c
index 16a994f..c4f22bc 100644
--- a/src/lib/crypto/crypto_tests/t_cksum.c
+++ b/src/lib/crypto/crypto_tests/t_cksum.c
@@ -35,33 +35,27 @@
 #define MD5_K5BETA_COMPAT
 #define MD4_K5BETA_COMPAT
 
-#if     MD == 4
-extern struct krb5_keyhash_provider krb5int_keyhash_md4des;
-#define khp krb5int_keyhash_md4des
+#if MD == 4
+#define CKTYPE CKSUMTYPE_RSA_MD4_DES
 #endif
 
-#if     MD == 5
-extern struct krb5_keyhash_provider krb5int_keyhash_md5des;
-#define khp krb5int_keyhash_md5des
+#if MD == 5
+#define CKTYPE CKSUMTYPE_RSA_MD5_DES
 #endif
 
 static void
-print_checksum(text, number, message, checksum)
-    char       *text;
-    int        number;
-    char       *message;
-    krb5_data  *checksum;
+print_checksum(char *text, int number, char *message, krb5_checksum *checksum)
 {
-    int i;
+    unsigned int i;
 
     printf("%s MD%d checksum(\"%s\") = ", text, number, message);
     for (i=0; i<checksum->length; i++)
-        printf("%02x", (unsigned char) checksum->data[i]);
+        printf("%02x", (unsigned char) checksum->contents[i]);
     printf("\n");
 }
 
 static void
-parse_hexstring(const char *s, krb5_data *dat)
+parse_hexstring(const char *s, krb5_checksum *cksum)
 {
     size_t i, len;
     unsigned int byte;
@@ -69,16 +63,18 @@ parse_hexstring(const char *s, krb5_data *dat)
 
     len = strlen(s);
     cp = malloc(len / 2);
-    dat->data = (char *)cp;
+    cksum->contents = cp;
     if (cp == NULL) {
-        dat->length = 0;
+        cksum->length = 0;
         return;
     }
-    dat->length = len / 2;
+    cksum->length = len / 2;
     for (i = 0; i + 1 < len; i += 2) {
         sscanf(&s[i], "%2x", &byte);
         *cp++ = byte;
     }
+    cksum->checksum_type = CKTYPE;
+    cksum->magic = KV5M_CHECKSUM;
 }
 
 /*
@@ -95,11 +91,11 @@ main(argc, argv)
 {
     int                   msgindex;
     krb5_boolean          valid;
-    size_t                length;
     krb5_keyblock         keyblock;
     krb5_key              key;
     krb5_error_code       kret=0;
-    krb5_data             plaintext, newstyle_checksum, knowncksum_dat;
+    krb5_data             plaintext;
+    krb5_checksum         checksum, knowncksum;
 
     /* this is a terrible seed, but that's ok for the test. */
 
@@ -114,27 +110,23 @@ main(argc, argv)
 
     krb5_k_create_key(NULL, &keyblock, &key);
 
-    length = khp.hashsize;
-
-    newstyle_checksum.length = length;
-
-    if (!(newstyle_checksum.data = (char *)
-          malloc((unsigned) newstyle_checksum.length))) {
-        printf("cannot get memory for new style checksum\n");
-        return(ENOMEM);
-    }
     for (msgindex = 1; msgindex + 1 < argc; msgindex += 2) {
         plaintext.length = strlen(argv[msgindex]);
         plaintext.data = argv[msgindex];
 
-        if ((kret = (*(khp.hash))(key, 0, &plaintext, &newstyle_checksum))) {
+        /* Create a checksum. */
+        kret = krb5_k_make_checksum(NULL, CKTYPE, key, 0, &plaintext,
+                                    &checksum);
+        if (kret != 0) {
             printf("krb5_calculate_checksum choked with %d\n", kret);
             break;
         }
-        print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
+        print_checksum("correct", MD, argv[msgindex], &checksum);
 
-        if ((kret = (*(khp.verify))(key, 0, &plaintext, &newstyle_checksum,
-                                    &valid))) {
+        /* Verify it. */
+        kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &checksum,
+                                      &valid);
+        if (kret != 0) {
             printf("verify on new checksum choked with %d\n", kret);
             break;
         }
@@ -145,9 +137,11 @@ main(argc, argv)
         }
         printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
 
-        newstyle_checksum.data[0]++;
-        if ((kret = (*(khp.verify))(key, 0, &plaintext, &newstyle_checksum,
-                                    &valid))) {
+        /* Corrupt the checksum and see if it still verifies. */
+        checksum.contents[0]++;
+        kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &checksum,
+                                      &valid);
+        if (kret != 0) {
             printf("verify on new checksum choked with %d\n", kret);
             break;
         }
@@ -157,14 +151,18 @@ main(argc, argv)
             break;
         }
         printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
-        parse_hexstring(argv[msgindex+1], &knowncksum_dat);
-        if (knowncksum_dat.data == NULL) {
+        free(checksum.contents);
+
+        /* Verify a known-good checksum for this plaintext. */
+        parse_hexstring(argv[msgindex+1], &knowncksum);
+        if (knowncksum.contents == NULL) {
             printf("parse_hexstring failed\n");
             kret = 1;
             break;
         }
-        if ((kret = (*(khp.verify))(key, 0, &plaintext, &knowncksum_dat,
-                                    &valid))) {
+        kret = krb5_k_verify_checksum(NULL, key, 0, &plaintext, &knowncksum,
+                                      &valid);
+        if (kret != 0) {
             printf("verify on known checksum choked with %d\n", kret);
             break;
         }
@@ -174,9 +172,8 @@ main(argc, argv)
             break;
         }
         printf("Verify on known checksum succeeded\n");
-        kret = 0;
+        free(knowncksum.contents);
     }
-    free(newstyle_checksum.data);
     if (!kret)
         printf("%d tests passed successfully for MD%d checksum\n", (argc-1)/2, MD);