aboutsummaryrefslogtreecommitdiff
path: root/src/lib/crypto/krb/verify_checksum.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/crypto/krb/verify_checksum.c')
-rw-r--r--src/lib/crypto/krb/verify_checksum.c40
1 files changed, 19 insertions, 21 deletions
diff --git a/src/lib/crypto/krb/verify_checksum.c b/src/lib/crypto/krb/verify_checksum.c
index 72b5595..ae15cc8 100644
--- a/src/lib/crypto/krb/verify_checksum.c
+++ b/src/lib/crypto/krb/verify_checksum.c
@@ -33,6 +33,8 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key,
const krb5_checksum *cksum, krb5_boolean *valid)
{
unsigned int i;
+ const struct krb5_cksumtypes *ctp;
+ const struct krb5_keyhash_provider *keyhash;
size_t hashsize;
krb5_error_code ret;
krb5_data indata;
@@ -42,19 +44,16 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key,
if (krb5_cksumtypes_list[i].ctype == cksum->checksum_type)
break;
}
-
if (i == krb5_cksumtypes_length)
- return(KRB5_BAD_ENCTYPE);
-
- /* if there's actually a verify function, call it */
+ return KRB5_BAD_ENCTYPE;
+ ctp = &krb5_cksumtypes_list[i];
indata.length = cksum->length;
indata.data = (char *) cksum->contents;
- if (krb5_cksumtypes_list[i].keyhash) {
- const struct krb5_keyhash_provider *keyhash;
-
- keyhash = krb5_cksumtypes_list[i].keyhash;
+ /* If there's actually a verify function, call it. */
+ if (ctp->keyhash) {
+ keyhash = ctp->keyhash;
if (keyhash->verify == NULL && keyhash->verify_iov != NULL) {
krb5_crypto_iov iov[1];
@@ -62,31 +61,30 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key,
iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
iov[0].data = *data;
- return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata, valid);
+ return (*keyhash->verify_iov)(key, usage, 0, iov, 1, &indata,
+ valid);
} else if (keyhash->verify != NULL) {
return (*keyhash->verify)(key, usage, 0, data, &indata, valid);
}
}
- /* otherwise, make the checksum again, and compare */
-
- if ((ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize)))
- return(ret);
+ /* Otherwise, make the checksum again, and compare. */
+ ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize);
+ if (ret)
+ return ret;
if (cksum->length != hashsize)
- return(KRB5_BAD_MSIZE);
+ return KRB5_BAD_MSIZE;
computed.length = hashsize;
- if ((ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage,
- data, &computed))) {
- free(computed.contents);
- return(ret);
- }
+ ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage,
+ data, &computed);
+ if (ret)
+ return ret;
*valid = (memcmp(computed.contents, cksum->contents, hashsize) == 0);
free(computed.contents);
-
- return(0);
+ return 0;
}
generated by cgit v1.1 at 2024-10-19 22:06:26 +0000