svn rev #21753: trunk/src/ include/ lib/crypto/

raeburn@MIT.EDU raeburn at MIT.EDU
Thu Jan 15 18:23:21 EST 2009


http://src.mit.edu/fisheye/changelog/krb5/?cs=21753
Commit By: raeburn
Log Message:
Make enctype and checksumtype name mapping table types private to the
crypto library.  Add a field for aliases to the record type so that
aliases don't have to be implemented by duplicating all the other
information.



Changed Files:
U   trunk/src/include/k5-int.h
U   trunk/src/lib/crypto/cksumtypes.c
U   trunk/src/lib/crypto/cksumtypes.h
U   trunk/src/lib/crypto/etypes.c
U   trunk/src/lib/crypto/etypes.h
U   trunk/src/lib/crypto/string_to_cksumtype.c
U   trunk/src/lib/crypto/string_to_enctype.c
Modified: trunk/src/include/k5-int.h
===================================================================
--- trunk/src/include/k5-int.h	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/include/k5-int.h	2009-01-15 23:22:53 UTC (rev 21753)
@@ -657,69 +657,6 @@
 				    size_t num_data);
 };
 
-typedef void (*krb5_encrypt_length_func) (const struct krb5_enc_provider *enc,
-  const struct krb5_hash_provider *hash,
-  size_t inputlen, size_t *length);
-
-typedef krb5_error_code (*krb5_crypt_func) (const struct krb5_enc_provider *enc,
-  const struct krb5_hash_provider *hash,
-  const krb5_keyblock *key, krb5_keyusage keyusage,
-  const krb5_data *ivec, 
-  const krb5_data *input, krb5_data *output);
-
-typedef krb5_error_code (*krb5_str2key_func) (const struct krb5_enc_provider *enc, const krb5_data *string,
-  const krb5_data *salt, const krb5_data *parm, krb5_keyblock *key);
-
-typedef krb5_error_code (*krb5_prf_func)(
-					 const struct krb5_enc_provider *enc,
-					 const struct krb5_hash_provider *hash,
-					 const krb5_keyblock *key,
-					 const krb5_data *in, krb5_data *out);
-
-struct krb5_keytypes {
-    krb5_enctype etype;
-    char *in_string;
-    char *out_string;
-    const struct krb5_enc_provider *enc;
-    const struct krb5_hash_provider *hash;
-    size_t prf_length;
-    krb5_encrypt_length_func encrypt_len;
-    krb5_crypt_func encrypt;
-    krb5_crypt_func decrypt;
-    krb5_str2key_func str2key;
-    krb5_prf_func prf;
-    krb5_cksumtype required_ctype;
-    const struct krb5_aead_provider *aead;
-};
-
-struct krb5_cksumtypes {
-    krb5_cksumtype ctype;
-    unsigned int flags;
-    char *in_string;
-    char *out_string;
-    /* if the hash is keyed, this is the etype it is keyed with.
-       Actually, it can be keyed by any etype which has the same
-       enc_provider as the specified etype.  DERIVE checksums can
-       be keyed with any valid etype. */
-    krb5_enctype keyed_etype;
-    /* I can't statically initialize a union, so I'm just going to use
-       two pointers here.  The keyhash is used if non-NULL.  If NULL,
-       then HMAC/hash with derived keys is used if the relevant flag
-       is set.  Otherwise, a non-keyed hash is computed.  This is all
-       kind of messy, but so is the krb5 api. */
-    const struct krb5_keyhash_provider *keyhash;
-    const struct krb5_hash_provider *hash;
-    /* This just gets uglier and uglier.  In the key derivation case,
-       we produce an hmac.  To make the hmac code work, we can't hack
-       the output size indicated by the hash provider, but we may want
-       a truncated hmac.  If we want truncation, this is the number of
-       bytes we truncate to; it should be 0 otherwise.  */
-    unsigned int trunc_size;
-};
-
-#define KRB5_CKSUMFLAG_DERIVE		0x0001
-#define KRB5_CKSUMFLAG_NOT_COLL_PROOF	0x0002
-
 /*
  * in here to deal with stuff from lib/crypto
  */

Modified: trunk/src/lib/crypto/cksumtypes.c
===================================================================
--- trunk/src/lib/crypto/cksumtypes.c	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/lib/crypto/cksumtypes.c	2009-01-15 23:22:53 UTC (rev 21753)
@@ -31,69 +31,58 @@
 
 const struct krb5_cksumtypes krb5_cksumtypes_list[] = {
     { CKSUMTYPE_CRC32, KRB5_CKSUMFLAG_NOT_COLL_PROOF,
-      "crc32", "CRC-32",
+      "crc32", { 0 }, "CRC-32",
       0, NULL,
       &krb5int_hash_crc32 },
 
     { CKSUMTYPE_RSA_MD4, 0,
-      "md4", "RSA-MD4",
+      "md4", { 0 }, "RSA-MD4",
       0, NULL,
       &krb5int_hash_md4 },
     { CKSUMTYPE_RSA_MD4_DES, 0,
-      "md4-des", "RSA-MD4 with DES cbc mode",
+      "md4-des", { 0 }, "RSA-MD4 with DES cbc mode",
       ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_md4des,
       NULL },
 
     { CKSUMTYPE_DESCBC, 0,
-      "des-cbc", "DES cbc mode",
+      "des-cbc", { 0 }, "DES cbc mode",
       ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_descbc,
       NULL },
 
     { CKSUMTYPE_RSA_MD5, 0,
-      "md5", "RSA-MD5",
+      "md5", { 0 }, "RSA-MD5",
       0, NULL,
       &krb5int_hash_md5 },
     { CKSUMTYPE_RSA_MD5_DES, 0,
-      "md5-des", "RSA-MD5 with DES cbc mode",
+      "md5-des", { 0 }, "RSA-MD5 with DES cbc mode",
       ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_md5des,
       NULL },
 
     { CKSUMTYPE_NIST_SHA, 0,
-      "sha", "NIST-SHA",
+      "sha", { 0 }, "NIST-SHA",
       0, NULL,
       &krb5int_hash_sha1 },
 
     { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
-      "hmac-sha1-des3", "HMAC-SHA1 DES3 key",
+      "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key",
       0, NULL,
       &krb5int_hash_sha1 },
-    { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
-      "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key", /* alias */
-      0, NULL,
-      &krb5int_hash_sha1 },
     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
-      "hmac-md5-rc4", "Microsoft HMAC MD5 (RC4 key)", 
+      "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" },
+      "Microsoft HMAC MD5 (RC4 key)", 
       ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
       NULL },
-    { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
-      "hmac-md5-enc", "Microsoft HMAC MD5 (RC4 key)",  /*Heimdal alias*/
-      ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
-      NULL },
-    { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
-      "hmac-md5-earcfour", "Microsoft HMAC MD5 (RC4 key)",  /* alias*/
-      ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
-      NULL },
 
     { CKSUMTYPE_HMAC_SHA1_96_AES128, KRB5_CKSUMFLAG_DERIVE,
-      "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key",
+      "hmac-sha1-96-aes128", { 0 }, "HMAC-SHA1 AES128 key",
       0, NULL, 
       &krb5int_hash_sha1, 12 },
     { CKSUMTYPE_HMAC_SHA1_96_AES256, KRB5_CKSUMFLAG_DERIVE,
-      "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key",
+      "hmac-sha1-96-aes256", { 0 }, "HMAC-SHA1 AES256 key",
       0, NULL, 
       &krb5int_hash_sha1, 12 },
     { CKSUMTYPE_MD5_HMAC_ARCFOUR, 0,
-      "md5-hmac-rc4", "Microsoft MD5 HMAC (RC4 key)",
+      "md5-hmac-rc4", { 0 }, "Microsoft MD5 HMAC (RC4 key)",
       ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_md5_hmac, 
       NULL }
 };

Modified: trunk/src/lib/crypto/cksumtypes.h
===================================================================
--- trunk/src/lib/crypto/cksumtypes.h	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/lib/crypto/cksumtypes.h	2009-01-15 23:22:53 UTC (rev 21753)
@@ -26,5 +26,34 @@
 
 #include "k5-int.h"
 
+struct krb5_cksumtypes {
+    krb5_cksumtype ctype;
+    unsigned int flags;
+    char *name;
+    char *aliases[2];
+    char *out_string;
+    /* if the hash is keyed, this is the etype it is keyed with.
+       Actually, it can be keyed by any etype which has the same
+       enc_provider as the specified etype.  DERIVE checksums can
+       be keyed with any valid etype. */
+    krb5_enctype keyed_etype;
+    /* I can't statically initialize a union, so I'm just going to use
+       two pointers here.  The keyhash is used if non-NULL.  If NULL,
+       then HMAC/hash with derived keys is used if the relevant flag
+       is set.  Otherwise, a non-keyed hash is computed.  This is all
+       kind of messy, but so is the krb5 api. */
+    const struct krb5_keyhash_provider *keyhash;
+    const struct krb5_hash_provider *hash;
+    /* This just gets uglier and uglier.  In the key derivation case,
+       we produce an hmac.  To make the hmac code work, we can't hack
+       the output size indicated by the hash provider, but we may want
+       a truncated hmac.  If we want truncation, this is the number of
+       bytes we truncate to; it should be 0 otherwise.  */
+    unsigned int trunc_size;
+};
+
+#define KRB5_CKSUMFLAG_DERIVE		0x0001
+#define KRB5_CKSUMFLAG_NOT_COLL_PROOF	0x0002
+
 extern const struct krb5_cksumtypes krb5_cksumtypes_list[];
 extern const unsigned int krb5_cksumtypes_length;

Modified: trunk/src/lib/crypto/etypes.c
===================================================================
--- trunk/src/lib/crypto/etypes.c	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/lib/crypto/etypes.c	2009-01-15 23:22:53 UTC (rev 21753)
@@ -42,7 +42,7 @@
 
 const struct krb5_keytypes krb5_enctypes_list[] = {
     { ENCTYPE_DES_CBC_CRC,
-      "des-cbc-crc", "DES cbc mode with CRC-32",
+      "des-cbc-crc", { 0 }, "DES cbc mode with CRC-32",
       &krb5int_enc_des, &krb5int_hash_crc32,
       8,
       krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
@@ -51,7 +51,7 @@
       CKSUMTYPE_RSA_MD5,
       NULL  /*AEAD*/ },
     { ENCTYPE_DES_CBC_MD4,
-      "des-cbc-md4", "DES cbc mode with RSA-MD4",
+      "des-cbc-md4", { 0 }, "DES cbc mode with RSA-MD4",
       &krb5int_enc_des, &krb5int_hash_md4,
       8,
       krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
@@ -60,7 +60,7 @@
       CKSUMTYPE_RSA_MD4,
       NULL  /*AEAD*/  },
     { ENCTYPE_DES_CBC_MD5,
-      "des-cbc-md5", "DES cbc mode with RSA-MD5",
+      "des-cbc-md5", { "des" }, "DES cbc mode with RSA-MD5",
       &krb5int_enc_des, &krb5int_hash_md5,
       8,
       krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
@@ -68,18 +68,8 @@
       NULL, /*PRF*/
       CKSUMTYPE_RSA_MD5,
       NULL  /*AEAD*/ },
-    { ENCTYPE_DES_CBC_MD5,
-      "des", "DES cbc mode with RSA-MD5", /* alias */
-      &krb5int_enc_des, &krb5int_hash_md5,
-      8,
-      krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt,
-      krb5int_des_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_RSA_MD5,
-      NULL  /*AEAD*/ },
-
     { ENCTYPE_DES_CBC_RAW,
-      "des-cbc-raw", "DES cbc mode raw",
+      "des-cbc-raw", { 0 }, "DES cbc mode raw",
       &krb5int_enc_des, NULL,
       8,
       krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt,
@@ -88,7 +78,7 @@
       0,
       &krb5int_aead_raw },
     { ENCTYPE_DES3_CBC_RAW,
-      "des3-cbc-raw", "Triple DES cbc mode raw",
+      "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw",
       &krb5int_enc_des3, NULL,
       8,
       krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt,
@@ -98,7 +88,8 @@
       &krb5int_aead_raw },
 
     { ENCTYPE_DES3_CBC_SHA1,
-      "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1",
+      "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" },
+      "Triple DES cbc mode with HMAC/sha1",
       &krb5int_enc_des3, &krb5int_hash_sha1,
       8,
       krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
@@ -106,27 +97,9 @@
       NULL, /*PRF*/
       CKSUMTYPE_HMAC_SHA1_DES3,
       &krb5int_aead_dk },
-    { ENCTYPE_DES3_CBC_SHA1,	/* alias */
-      "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1",
-      &krb5int_enc_des3, &krb5int_hash_sha1,
-      8,
-      krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
-      krb5int_dk_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_HMAC_SHA1_DES3,
-      &krb5int_aead_dk },
-    { ENCTYPE_DES3_CBC_SHA1,	/* alias */
-      "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1",
-      &krb5int_enc_des3, &krb5int_hash_sha1,
-      8,
-      krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
-      krb5int_dk_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_HMAC_SHA1_DES3,
-      &krb5int_aead_dk },
 
     { ENCTYPE_DES_HMAC_SHA1,
-      "des-hmac-sha1", "DES with HMAC/sha1",
+      "des-hmac-sha1", { 0 }, "DES with HMAC/sha1",
       &krb5int_enc_des, &krb5int_hash_sha1,
       8,
       krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
@@ -135,34 +108,19 @@
       0,
       NULL },
     { ENCTYPE_ARCFOUR_HMAC, 
-      "arcfour-hmac","ArcFour with HMAC/md5", &krb5int_enc_arcfour,
+      "arcfour-hmac", { "rc4-hmac", "arcfour-hmac-md5" },
+      "ArcFour with HMAC/md5",
+      &krb5int_enc_arcfour,
       &krb5int_hash_md5,
       0,
-krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_HMAC_MD5_ARCFOUR,
-      &krb5int_aead_arcfour },
-    { ENCTYPE_ARCFOUR_HMAC,  /* alias */
-      "rc4-hmac", "ArcFour with HMAC/md5", &krb5int_enc_arcfour,
-      &krb5int_hash_md5,
-      0,
       krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
       krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
       NULL, /*PRF*/
       CKSUMTYPE_HMAC_MD5_ARCFOUR,
       &krb5int_aead_arcfour },
-    { ENCTYPE_ARCFOUR_HMAC,  /* alias */
-      "arcfour-hmac-md5", "ArcFour with HMAC/md5", &krb5int_enc_arcfour,
-      &krb5int_hash_md5,
-      0,
-      krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_HMAC_MD5_ARCFOUR,
-      &krb5int_aead_arcfour },
     { ENCTYPE_ARCFOUR_HMAC_EXP, 
-      "arcfour-hmac-exp", "Exportable ArcFour with HMAC/md5",
+      "arcfour-hmac-exp", { "rc4-hmac-exp", "arcfour-hmac-md5-exp" },
+      "Exportable ArcFour with HMAC/md5",
       &krb5int_enc_arcfour,
       &krb5int_hash_md5,
       0,
@@ -171,29 +129,10 @@
       NULL, /*PRF*/
       CKSUMTYPE_HMAC_MD5_ARCFOUR,
       &krb5int_aead_arcfour },
-    { ENCTYPE_ARCFOUR_HMAC_EXP, /* alias */
-      "rc4-hmac-exp", "Exportable ArcFour with HMAC/md5",
-      &krb5int_enc_arcfour,
-      &krb5int_hash_md5,
-      0,
-      krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_HMAC_MD5_ARCFOUR,
-      &krb5int_aead_arcfour },
-    { ENCTYPE_ARCFOUR_HMAC_EXP, /* alias */
-      "arcfour-hmac-md5-exp", "Exportable ArcFour with HMAC/md5",
-      &krb5int_enc_arcfour,
-      &krb5int_hash_md5,
-      0,
-      krb5_arcfour_encrypt_length, krb5_arcfour_encrypt,
-      krb5_arcfour_decrypt, krb5int_arcfour_string_to_key,
-      NULL, /*PRF*/
-      CKSUMTYPE_HMAC_MD5_ARCFOUR,
-      &krb5int_aead_arcfour },
 
     { ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-      "aes128-cts-hmac-sha1-96", "AES-128 CTS mode with 96-bit SHA-1 HMAC",
+      "aes128-cts-hmac-sha1-96", { "aes128-cts" },
+      "AES-128 CTS mode with 96-bit SHA-1 HMAC",
       &krb5int_enc_aes128, &krb5int_hash_sha1,
       16,
       krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
@@ -201,17 +140,9 @@
       krb5int_dk_prf,
       CKSUMTYPE_HMAC_SHA1_96_AES128,
       &krb5int_aead_aes },
-    { ENCTYPE_AES128_CTS_HMAC_SHA1_96, /* alias */
-      "aes128-cts", "AES-128 CTS mode with 96-bit SHA-1 HMAC",
-      &krb5int_enc_aes128, &krb5int_hash_sha1,
-      16,
-      krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
-      krb5int_aes_string_to_key,
-      krb5int_dk_prf,
-      CKSUMTYPE_HMAC_SHA1_96_AES128,
-      &krb5int_aead_aes },
     { ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-      "aes256-cts-hmac-sha1-96", "AES-256 CTS mode with 96-bit SHA-1 HMAC",
+      "aes256-cts-hmac-sha1-96", { "aes256-cts" },
+      "AES-256 CTS mode with 96-bit SHA-1 HMAC",
       &krb5int_enc_aes256, &krb5int_hash_sha1,
       16,
       krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
@@ -219,15 +150,6 @@
       krb5int_dk_prf,
       CKSUMTYPE_HMAC_SHA1_96_AES256,
       &krb5int_aead_aes },
-    { ENCTYPE_AES256_CTS_HMAC_SHA1_96, /* alias */
-      "aes256-cts", "AES-256 CTS mode with 96-bit SHA-1 HMAC",
-      &krb5int_enc_aes256, &krb5int_hash_sha1,
-      16,
-      krb5int_aes_encrypt_length, krb5int_aes_dk_encrypt, krb5int_aes_dk_decrypt,
-      krb5int_aes_string_to_key,
-      krb5int_dk_prf,
-      CKSUMTYPE_HMAC_SHA1_96_AES256,
-      &krb5int_aead_aes },
 };
 
 const int krb5_enctypes_length =

Modified: trunk/src/lib/crypto/etypes.h
===================================================================
--- trunk/src/lib/crypto/etypes.h	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/lib/crypto/etypes.h	2009-01-15 23:22:53 UTC (rev 21753)
@@ -26,5 +26,41 @@
 
 #include "k5-int.h"
 
+typedef void (*krb5_encrypt_length_func) (const struct krb5_enc_provider *enc,
+  const struct krb5_hash_provider *hash,
+  size_t inputlen, size_t *length);
+
+typedef krb5_error_code (*krb5_crypt_func) (const struct krb5_enc_provider *enc,
+  const struct krb5_hash_provider *hash,
+  const krb5_keyblock *key, krb5_keyusage keyusage,
+  const krb5_data *ivec, 
+  const krb5_data *input, krb5_data *output);
+
+typedef krb5_error_code (*krb5_str2key_func) (const struct krb5_enc_provider *enc, const krb5_data *string,
+  const krb5_data *salt, const krb5_data *parm, krb5_keyblock *key);
+
+typedef krb5_error_code (*krb5_prf_func)(
+					 const struct krb5_enc_provider *enc,
+					 const struct krb5_hash_provider *hash,
+					 const krb5_keyblock *key,
+					 const krb5_data *in, krb5_data *out);
+
+struct krb5_keytypes {
+    krb5_enctype etype;
+    char *name;
+    char *aliases[2];
+    char *out_string;
+    const struct krb5_enc_provider *enc;
+    const struct krb5_hash_provider *hash;
+    size_t prf_length;
+    krb5_encrypt_length_func encrypt_len;
+    krb5_crypt_func encrypt;
+    krb5_crypt_func decrypt;
+    krb5_str2key_func str2key;
+    krb5_prf_func prf;
+    krb5_cksumtype required_ctype;
+    const struct krb5_aead_provider *aead;
+};
+
 extern const struct krb5_keytypes krb5_enctypes_list[];
 extern const int krb5_enctypes_length;

Modified: trunk/src/lib/crypto/string_to_cksumtype.c
===================================================================
--- trunk/src/lib/crypto/string_to_cksumtype.c	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/lib/crypto/string_to_cksumtype.c	2009-01-15 23:22:53 UTC (rev 21753)
@@ -30,13 +30,23 @@
 krb5_error_code KRB5_CALLCONV
 krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep)
 {
-    unsigned int i;
+    unsigned int i, j;
 
     for (i=0; i<krb5_cksumtypes_length; i++) {
-	if (strcasecmp(krb5_cksumtypes_list[i].in_string, string) == 0) {
+	if (strcasecmp(krb5_cksumtypes_list[i].name, string) == 0) {
 	    *cksumtypep = krb5_cksumtypes_list[i].ctype;
 	    return(0);
 	}
+#define MAX_ALIASES (sizeof(krb5_cksumtypes_list[i].aliases) / sizeof(krb5_cksumtypes_list[i].aliases[0]))
+	for (j = 0; j < MAX_ALIASES; j++) {
+	    const char *alias = krb5_cksumtypes_list[i].aliases[j];
+	    if (alias == NULL)
+		break;
+	    if (strcasecmp(alias, string) == 0) {
+		*cksumtypep = krb5_cksumtypes_list[i].ctype;
+		return 0;
+	    }
+	}
     }
 
     return(EINVAL);

Modified: trunk/src/lib/crypto/string_to_enctype.c
===================================================================
--- trunk/src/lib/crypto/string_to_enctype.c	2009-01-15 19:15:22 UTC (rev 21752)
+++ trunk/src/lib/crypto/string_to_enctype.c	2009-01-15 23:22:53 UTC (rev 21753)
@@ -30,13 +30,23 @@
 krb5_error_code KRB5_CALLCONV
 krb5_string_to_enctype(char *string, krb5_enctype *enctypep)
 {
-    int i;
+    int i, j;
 
     for (i=0; i<krb5_enctypes_length; i++) {
-	if (strcasecmp(krb5_enctypes_list[i].in_string, string) == 0) {
+	if (strcasecmp(krb5_enctypes_list[i].name, string) == 0) {
 	    *enctypep = krb5_enctypes_list[i].etype;
-	    return(0);
+	    return 0;
 	}
+#define MAX_ALIASES (sizeof(krb5_enctypes_list[i].aliases) / sizeof(krb5_enctypes_list[i].aliases[0]))
+	for (j = 0; j < MAX_ALIASES; j++) {
+	    const char *alias = krb5_enctypes_list[i].aliases[j];
+	    if (alias == NULL)
+		break;
+	    if (strcasecmp(alias, string) == 0) {
+		*enctypep = krb5_enctypes_list[i].etype;
+		return 0;
+	    }
+	}
     }
 
     return(EINVAL);




More information about the cvs-krb5 mailing list