diff options
Diffstat (limited to 'src/lib/gssapi/krb5/util_crypt.c')
-rw-r--r-- | src/lib/gssapi/krb5/util_crypt.c | 36 |
1 files changed, 21 insertions, 15 deletions
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c index 93d4694..33562bc 100644 --- a/src/lib/gssapi/krb5/util_crypt.c +++ b/src/lib/gssapi/krb5/util_crypt.c @@ -54,8 +54,6 @@ * $Id$ */ -static unsigned char zeros[8] = {0,0,0,0,0,0,0,0}; - int kg_confounder_size(context, key) krb5_context context; @@ -105,9 +103,10 @@ kg_encrypt_size(context, key, n) } krb5_error_code -kg_encrypt(context, key, iv, in, out, length) +kg_encrypt(context, key, usage, iv, in, out, length) krb5_context context; krb5_keyblock *key; + int usage; krb5_pointer iv; krb5_pointer in; krb5_pointer out; @@ -123,7 +122,10 @@ kg_encrypt(context, key, iv, in, out, length) return(code); ivd.length = blocksize; - ivd.data = iv; + ivd.data = malloc(ivd.length); + if (ivd.data == NULL) + return ENOMEM; + memcpy(ivd.data, iv, ivd.length); pivd = &ivd; } else { pivd = NULL; @@ -135,25 +137,26 @@ kg_encrypt(context, key, iv, in, out, length) outputd.ciphertext.length = length; outputd.ciphertext.data = out; - return(krb5_c_encrypt(context, key, - /* XXX this routine is only used for the old - bare-des stuff which doesn't use the - key usage */ 0, pivd, &inputd, &outputd)); + code = krb5_c_encrypt(context, key, usage, pivd, &inputd, &outputd); + if (pivd != NULL) + krb5_free_data_contents(context, pivd); + return code; } /* length is the length of the cleartext. */ krb5_error_code -kg_decrypt(context, key, iv, in, out, length) +kg_decrypt(context, key, usage, iv, in, out, length) krb5_context context; krb5_keyblock *key; + int usage; krb5_pointer iv; krb5_pointer in; krb5_pointer out; int length; { krb5_error_code code; - size_t blocksize, enclen; + size_t blocksize; krb5_data ivd, *pivd, outputd; krb5_enc_data inputd; @@ -162,7 +165,10 @@ kg_decrypt(context, key, iv, in, out, length) return(code); ivd.length = blocksize; - ivd.data = iv; + ivd.data = malloc(ivd.length); + if (ivd.data == NULL) + return ENOMEM; + memcpy(ivd.data, iv, ivd.length); pivd = &ivd; } else { pivd = NULL; @@ -175,8 +181,8 @@ kg_decrypt(context, key, iv, in, out, length) outputd.length = length; outputd.data = out; - return(krb5_c_decrypt(context, key, - /* XXX this routine is only used for the old - bare-des stuff which doesn't use the - key usage */ 0, pivd, &inputd, &outputd)); + code = krb5_c_decrypt(context, key, usage, pivd, &inputd, &outputd); + if (pivd != NULL) + krb5_free_data_contents(context, pivd); + return code; } |