* Link Yarrow into the build

* Use Yarrow as the PRNG with the compatibility API
* Write most of new PRNG entropy API
* Write but (currently) do not use PRNG test harness
* Fix Yarrow ciphers not to depend on libkrb5

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13982 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 13 insertions, 4 deletions

diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog
index fad87f165..fdca6742e 100644
--- a/src/lib/crypto/yarrow/ChangeLog
+++ b/src/lib/crypto/yarrow/ChangeLog
@@ -1,3 +1,7 @@
+2001-11-14  Sam Hartman  <hartmans@mit.edu>
+
+	* ycipher.c (krb5int_yarrow_cipher_init):  Use free not free_keyblock_contents
+
 2001-11-09  Sam Hartman  <hartmans@mit.edu>
 
 	* Makefile.in: New file
diff --git a/src/lib/crypto/yarrow/ycipher.c b/src/lib/crypto/yarrow/ycipher.c
index b2c7a9672..983f7a2a3 100644
--- a/src/lib/crypto/yarrow/ycipher.c
+++ b/src/lib/crypto/yarrow/ycipher.c
@@ -33,7 +33,8 @@
 #include "enc_provider.h"
 #include "assert.h"
 
-int krb5int_yarrow_cipher_init
+int
+krb5int_yarrow_cipher_init
 (CIPHER_CTX *ctx,
  unsigned const char * key)
 {
@@ -43,8 +44,10 @@ int krb5int_yarrow_cipher_init
   krb5_data randombits;
   enc->keysize (&keybytes, &keylength);
   assert (keybytes == CIPHER_KEY_SIZE);
-  if (ctx->key.contents)
-    krb5_free_keyblock_contents (0, &ctx->key);
+  if (ctx->key.contents) {
+    memset (ctx->key.contents, 0, ctx->key.length);
+    free (ctx->key.contents);
+  }
   ctx->key.contents = (void *) malloc  (keylength);
   ctx->key.length = keylength;
   if (ctx->key.contents == NULL)
@@ -53,7 +56,9 @@ int krb5int_yarrow_cipher_init
   randombits.length = keybytes;
   ret = enc->make_key (&randombits, &ctx->key);
   if (ret) {
-    krb5_free_keyblock_contents (0, &ctx->key);
+    memset (ctx->key.contents, 0, ctx->key.length);
+    free(ctx->key.contents);
+    ctx->key.contents = NULL;
     return (YARROW_FAIL);
   }
   return (YARROW_OK);