diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-10-19 20:04:21 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-10-19 20:04:21 +0000 |
| commit | e6b93b7dd43bb765900b2db71641479b597844da (patch) | |
| tree | 2b6da09e37da6ca699a8cb43c87e8a4218132254 /src/lib/crypto/krb/yarrow/ycipher.c | |
| parent | 04a5d19e61bedbb1da4db52334c00f7a54a9d5a8 (diff) | |
| download | krb5-e6b93b7dd43bb765900b2db71641479b597844da.tar.gz krb5-e6b93b7dd43bb765900b2db71641479b597844da.tar.xz krb5-e6b93b7dd43bb765900b2db71641479b597844da.zip | |
Implement new APIs to allow improved crypto performance
Merge branches/enc-perf to trunk. Adds the krb5_key opaque type, the
krb5_k_* APIs to use them, and caching of derived keys when krb5_k_*
functions are used. Updates the krb5 auth context and GSS id-rec to
use krb5_keys.
ticket: 6576
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22944 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/krb/yarrow/ycipher.c')
| -rw-r--r-- | src/lib/crypto/krb/yarrow/ycipher.c | 41 |
1 files changed, 19 insertions, 22 deletions
diff --git a/src/lib/crypto/krb/yarrow/ycipher.c b/src/lib/crypto/krb/yarrow/ycipher.c index 2af410440..84cadd13f 100644 --- a/src/lib/crypto/krb/yarrow/ycipher.c +++ b/src/lib/crypto/krb/yarrow/ycipher.c @@ -42,27 +42,28 @@ krb5int_yarrow_cipher_init const struct krb5_enc_provider *enc = &yarrow_enc_provider; krb5_error_code ret; krb5_data randombits; + krb5_keyblock keyblock; + keybytes = enc->keybytes; keylength = enc->keylength; assert (keybytes == CIPHER_KEY_SIZE); - if (ctx->key.contents) { - memset (ctx->key.contents, 0, ctx->key.length); - free (ctx->key.contents); - } - ctx->key.contents = (void *) malloc (keylength); - ctx->key.length = keylength; - if (ctx->key.contents == NULL) + krb5_k_free_key(NULL, ctx->key); + ctx->key = NULL; + keyblock.contents = malloc(keylength); + keyblock.length = keylength; + if (keyblock.contents == NULL) return (YARROW_NOMEM); randombits.data = (char *) key; randombits.length = keybytes; - ret = enc->make_key (&randombits, &ctx->key); - if (ret) { - memset (ctx->key.contents, 0, ctx->key.length); - free(ctx->key.contents); - ctx->key.contents = NULL; - return (YARROW_FAIL); - } - return (YARROW_OK); + ret = enc->make_key(&randombits, &keyblock); + if (ret != 0) + goto cleanup; + ret = krb5_k_create_key(NULL, &keyblock, &ctx->key); +cleanup: + free(keyblock.contents); + if (ret) + return YARROW_FAIL; + return YARROW_OK; } int krb5int_yarrow_cipher_encrypt_block @@ -76,7 +77,7 @@ int krb5int_yarrow_cipher_encrypt_block ind.length = CIPHER_BLOCK_SIZE; outd.data = (char *) out; outd.length = CIPHER_BLOCK_SIZE; - ret = enc->encrypt (&ctx->key, 0, &ind, &outd); + ret = enc->encrypt(ctx->key, 0, &ind, &outd); if (ret) return YARROW_FAIL; return YARROW_OK; @@ -87,10 +88,6 @@ krb5int_yarrow_cipher_final (CIPHER_CTX *ctx) { - if (ctx->key.contents) { - memset (ctx->key.contents, 0, ctx->key.length); - free (ctx->key.contents); - } - ctx->key.contents = 0; - ctx->key.length = 0; + krb5_k_free_key(NULL, ctx->key); + ctx->key = NULL; } |