Fix krb5int_c_combine_keys

When krb5int_c_combine_keys was updated to use the new crypto
interface, a small bug was introduced.  It turns out the temporary
keyblock created needs to have its enctype set; otherwise, when
krb5int_derive_keyblock() is called later, it will fail with
KRB5_BAD_ENCTYPE.

ticket: 7914
target_version: 1.12.2
tags: pullup

diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c
index 0c44e8b430ea3b747a54a9b8a5b00818de9c9191..9ab0ac4f94bbf3da03f6bb08292f43777bbf3187 100644 (file)
--- a/src/lib/crypto/krb/combine_keys.c
+++ b/src/lib/crypto/krb/combine_keys.c
@@ -155,6 +155,7 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
     randbits.data = (char *) rnd;
     tkeyblock.length = keylength;
     tkeyblock.contents = output;
+    tkeyblock.enctype = key1->enctype;
 
     ret = (*ktp->rand2key)(&randbits, &tkeyblock);
     if (ret)