From 0db1a056ea40d4fb4414943d78923056b6098951 Mon Sep 17 00:00:00 2001 From: Marc Horowitz Date: Sat, 22 Aug 1998 03:53:04 +0000 Subject: [PATCH] convert to new crypto api git-svn-id: svn://anonsvn.mit.edu/krb5/branches/marc-3des@10869 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/dbutil/kdb5_create.c | 24 ++++++++---------------- src/kadmin/v4server/admin_server.c | 2 +- src/kadmin/v4server/kadm_ser_wrap.c | 2 +- src/kadmin/v4server/kadm_server.h | 1 - 4 files changed, 10 insertions(+), 19 deletions(-) diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c index e1051448d3..81c2b7f22f 100644 --- a/src/kadmin/dbutil/kdb5_create.c +++ b/src/kadmin/dbutil/kdb5_create.c @@ -293,9 +293,8 @@ tgt_keysalt_iterate(ksent, ptr) krb5_context context; krb5_error_code kret; struct iterate_args *iargs; - krb5_keyblock random_keyblock, *key; + krb5_keyblock key; krb5_int32 ind; - krb5_encrypt_block random_encblock; krb5_pointer rseed; krb5_data pwd; @@ -308,32 +307,25 @@ tgt_keysalt_iterate(ksent, ptr) * Convert the master key password into a key for this particular * encryption system. */ - krb5_use_enctype(context, &random_encblock, ksent->ks_enctype); pwd.data = mkey_password; pwd.length = strlen(mkey_password); - if (kret = krb5_string_to_key(context, &random_encblock, &random_keyblock, - &pwd, &master_salt)) + if (kret = krb5_c_random_seed(context, &pwd)) return kret; - if ((kret = krb5_init_random_key(context, &random_encblock, - &random_keyblock, &rseed))) - return kret; - + if (!(kret = krb5_dbe_create_key_data(iargs->ctx, iargs->dbentp))) { ind = iargs->dbentp->n_key_data-1; - if (!(kret = krb5_random_key(context, - &random_encblock, rseed, - &key))) { + if (!(kret = krb5_c_make_random_key(context, ksent->ks_enctype, + &key))) { kret = krb5_dbekd_encrypt_key_data(context, iargs->rblock->key, - key, + &key, NULL, 1, &iargs->dbentp->key_data[ind]); - krb5_free_keyblock(context, key); + krb5_free_keyblock_contents(context, &key); } } - memset((char *)random_keyblock.contents, 0, random_keyblock.length); - free(random_keyblock.contents); + return(kret); } diff --git a/src/kadmin/v4server/admin_server.c b/src/kadmin/v4server/admin_server.c index c9ae24c2ae..90bf087c95 100644 --- a/src/kadmin/v4server/admin_server.c +++ b/src/kadmin/v4server/admin_server.c @@ -476,7 +476,7 @@ void process_client(fd, who) } status = krb5_dbekd_decrypt_key_data(kadm_context, - &server_parm.master_encblock, + &server_parm.master_keyblock, kdatap, &cpw_skey, (krb5_keysalt *) NULL); diff --git a/src/kadmin/v4server/kadm_ser_wrap.c b/src/kadmin/v4server/kadm_ser_wrap.c index 4653fb5688..bca814d076 100644 --- a/src/kadmin/v4server/kadm_ser_wrap.c +++ b/src/kadmin/v4server/kadm_ser_wrap.c @@ -91,7 +91,7 @@ kadm_ser_init(inter, realm) if (retval) return KADM_NO_MAST; krb5_db_fetch_mkey(kadm_context, server_parm.master_princ, - &server_parm.master_keyblock.enctype, + server_parm.master_keyblock.enctype, (inter == 1), FALSE, params->stash_file, NULL, diff --git a/src/kadmin/v4server/kadm_server.h b/src/kadmin/v4server/kadm_server.h index e7a7fed272..f293273265 100644 --- a/src/kadmin/v4server/kadm_server.h +++ b/src/kadmin/v4server/kadm_server.h @@ -35,7 +35,6 @@ typedef struct { char sinst[INST_SZ]; char krbrlm[REALM_SZ]; krb5_principal sprinc; - krb5_encrypt_block master_encblock; krb5_principal master_princ; krb5_keyblock master_keyblock; krb5_deltat max_life; -- 2.47.2