summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb/mk_rep.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5/krb/mk_rep.c')
-rw-r--r--src/lib/krb5/krb/mk_rep.c44
1 files changed, 4 insertions, 40 deletions
diff --git a/src/lib/krb5/krb/mk_rep.c b/src/lib/krb5/krb/mk_rep.c
index 45784284c..f0398475f 100644
--- a/src/lib/krb5/krb/mk_rep.c
+++ b/src/lib/krb5/krb/mk_rep.c
@@ -45,14 +45,11 @@ krb5_mk_rep(context, auth_context, outbuf)
krb5_error_code retval;
krb5_enctype enctype;
krb5_ap_rep_enc_part repl;
- krb5_encrypt_block eblock;
krb5_ap_rep reply;
krb5_data * scratch;
krb5_data * toutbuf;
- /* verify a valid enctype is available */
- if (!valid_enctype(enctype = auth_context->keyblock->enctype))
- return KRB5_PROG_ETYPE_NOSUPP;
+ enctype = auth_context->keyblock->enctype;
/* Make the reply */
if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) ||
@@ -72,49 +69,16 @@ krb5_mk_rep(context, auth_context, outbuf)
if ((retval = encode_krb5_ap_rep_enc_part(&repl, &scratch)))
return retval;
- /* put together an eblock for this encryption */
- krb5_use_enctype(context, &eblock, enctype);
- reply.enc_part.enctype = enctype;
- reply.enc_part.kvno = 0; /* XXX user set? */
-
- reply.enc_part.ciphertext.length = krb5_encrypt_size(scratch->length,
- eblock.crypto_entry);
- /* add padding area, and zero it */
- if (!(scratch->data = realloc(scratch->data,
- reply.enc_part.ciphertext.length))) {
- /* may destroy scratch->data */
- krb5_xfree(scratch);
- return ENOMEM;
- }
- memset(scratch->data + scratch->length, 0,
- reply.enc_part.ciphertext.length - scratch->length);
- if (!(reply.enc_part.ciphertext.data =
- malloc(reply.enc_part.ciphertext.length))) {
- retval = ENOMEM;
+ if ((retval = krb5_encrypt_helper(context, auth_context->keyblock,
+ KRB5_KEYUSAGE_AP_REP_ENCPART,
+ scratch, &reply.enc_part)))
goto cleanup_scratch;
- }
-
- /* do any necessary key pre-processing */
- if ((retval = krb5_process_key(context, &eblock, auth_context->keyblock)))
- goto cleanup_encpart;
-
- /* call the encryption routine */
- if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
- (krb5_pointer) reply.enc_part.ciphertext.data,
- scratch->length, &eblock, 0))) {
- krb5_finish_key(context, &eblock);
- goto cleanup_encpart;
- }
-
- if ((retval = krb5_finish_key(context, &eblock)))
- goto cleanup_encpart;
if (!(retval = encode_krb5_ap_rep(&reply, &toutbuf))) {
*outbuf = *toutbuf;
krb5_xfree(toutbuf);
}
-cleanup_encpart:
memset(reply.enc_part.ciphertext.data, 0, reply.enc_part.ciphertext.length);
free(reply.enc_part.ciphertext.data);
reply.enc_part.ciphertext.length = 0;
generated by cgit (git 2.34.1) at 2024-07-03 05:21:39 +0000