diff options
author | Greg Hudson <ghudson@mit.edu> | 2009-10-19 20:04:21 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2009-10-19 20:04:21 +0000 |
commit | e6b93b7dd43bb765900b2db71641479b597844da (patch) | |
tree | 2b6da09e37da6ca699a8cb43c87e8a4218132254 /src/lib/krb5/krb/auth_con.c | |
parent | 04a5d19e61bedbb1da4db52334c00f7a54a9d5a8 (diff) | |
download | krb5-e6b93b7dd43bb765900b2db71641479b597844da.tar.gz krb5-e6b93b7dd43bb765900b2db71641479b597844da.tar.xz krb5-e6b93b7dd43bb765900b2db71641479b597844da.zip |
Implement new APIs to allow improved crypto performance
Merge branches/enc-perf to trunk. Adds the krb5_key opaque type, the
krb5_k_* APIs to use them, and caching of derived keys when krb5_k_*
functions are used. Updates the krb5 auth context and GSS id-rec to
use krb5_keys.
ticket: 6576
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22944 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/auth_con.c')
-rw-r--r-- | src/lib/krb5/krb/auth_con.c | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/src/lib/krb5/krb/auth_con.c b/src/lib/krb5/krb/auth_con.c index b88219cdb..ee31fb82b 100644 --- a/src/lib/krb5/krb/auth_con.c +++ b/src/lib/krb5/krb/auth_con.c @@ -56,12 +56,12 @@ krb5_auth_con_free(krb5_context context, krb5_auth_context auth_context) krb5_free_address(context, auth_context->remote_port); if (auth_context->authentp) krb5_free_authenticator(context, auth_context->authentp); - if (auth_context->keyblock) - krb5_free_keyblock(context, auth_context->keyblock); + if (auth_context->key) + krb5_k_free_key(context, auth_context->key); if (auth_context->send_subkey) - krb5_free_keyblock(context, auth_context->send_subkey); + krb5_k_free_key(context, auth_context->send_subkey); if (auth_context->recv_subkey) - krb5_free_keyblock(context, auth_context->recv_subkey); + krb5_k_free_key(context, auth_context->recv_subkey); if (auth_context->rcache) krb5_rc_close(context, auth_context->rcache); if (auth_context->permitted_etypes) @@ -160,16 +160,16 @@ krb5_auth_con_setports(krb5_context context, krb5_auth_context auth_context, krb krb5_error_code KRB5_CALLCONV krb5_auth_con_setuseruserkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock) { - if (auth_context->keyblock) - krb5_free_keyblock(context, auth_context->keyblock); - return(krb5_copy_keyblock(context, keyblock, &(auth_context->keyblock))); + if (auth_context->key) + krb5_k_free_key(context, auth_context->key); + return(krb5_k_create_key(context, keyblock, &(auth_context->key))); } krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) { - if (auth_context->keyblock) - return krb5_copy_keyblock(context, auth_context->keyblock, keyblock); + if (auth_context->key) + return krb5_k_key_keyblock(context, auth_context->key, keyblock); *keyblock = NULL; return 0; } @@ -190,10 +190,10 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock) { if (ac->send_subkey != NULL) - krb5_free_keyblock(ctx, ac->send_subkey); + krb5_k_free_key(ctx, ac->send_subkey); ac->send_subkey = NULL; if (keyblock !=NULL) - return krb5_copy_keyblock(ctx, keyblock, &ac->send_subkey); + return krb5_k_create_key(ctx, keyblock, &ac->send_subkey); else return 0; } @@ -202,10 +202,10 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock) { if (ac->recv_subkey != NULL) - krb5_free_keyblock(ctx, ac->recv_subkey); + krb5_k_free_key(ctx, ac->recv_subkey); ac->recv_subkey = NULL; if (keyblock != NULL) - return krb5_copy_keyblock(ctx, keyblock, &ac->recv_subkey); + return krb5_k_create_key(ctx, keyblock, &ac->recv_subkey); else return 0; } @@ -214,7 +214,7 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock) { if (ac->send_subkey != NULL) - return krb5_copy_keyblock(ctx, ac->send_subkey, keyblock); + return krb5_k_key_keyblock(ctx, ac->send_subkey, keyblock); *keyblock = NULL; return 0; } @@ -223,7 +223,7 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock) { if (ac->recv_subkey != NULL) - return krb5_copy_keyblock(ctx, ac->recv_subkey, keyblock); + return krb5_k_key_keyblock(ctx, ac->recv_subkey, keyblock); *keyblock = NULL; return 0; } @@ -268,12 +268,13 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_initivector(krb5_context context, krb5_auth_context auth_context) { krb5_error_code ret; + krb5_enctype enctype; - if (auth_context->keyblock) { + if (auth_context->key) { size_t blocksize; - if ((ret = krb5_c_block_size(context, auth_context->keyblock->enctype, - &blocksize))) + enctype = krb5_k_key_enctype(context, auth_context->key); + if ((ret = krb5_c_block_size(context, enctype, &blocksize))) return(ret); if ((auth_context->i_vector = (krb5_pointer)calloc(1,blocksize))) { return 0; |