2 * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "gsskrb5_locl.h"
37 * Implements draft-brezak-win2k-krb-rc4-hmac-04.txt
39 * The arcfour message have the following formats:
59 * WRAP in DCE-style have a fixed size header, the oid and length over
60 * the WRAP header is a total of
61 * GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE +
62 * GSS_ARCFOUR_WRAP_TOKEN_SIZE byte (ie total of 45 bytes overhead,
63 * remember the 2 bytes from APPL [0] SEQ).
66 #define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32
67 #define GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE 13
70 static krb5_error_code
71 arcfour_mic_key(krb5_context context
, krb5_keyblock
*key
,
72 const void *cksum_data
, size_t cksum_size
,
73 void *key6_data
, size_t key6_size
)
86 cksum_k5
.checksum
.data
= k5_data
;
87 cksum_k5
.checksum
.length
= sizeof(k5_data
);
89 if (key
->keytype
== KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56
) {
90 char L40
[14] = "fortybits";
92 memcpy(L40
+ 10, T
, sizeof(T
));
93 ret
= krb5_hmac(context
, CKSUMTYPE_RSA_MD5
,
94 L40
, 14, 0, key
, &cksum_k5
);
95 memset(&k5_data
[7], 0xAB, 9);
97 ret
= krb5_hmac(context
, CKSUMTYPE_RSA_MD5
,
98 T
, 4, 0, key
, &cksum_k5
);
103 key5
.keytype
= KRB5_ENCTYPE_ARCFOUR_HMAC_MD5
;
104 key5
.keyvalue
= cksum_k5
.checksum
;
106 cksum_k6
.checksum
.data
= key6_data
;
107 cksum_k6
.checksum
.length
= key6_size
;
109 return krb5_hmac(context
, CKSUMTYPE_RSA_MD5
,
110 cksum_data
, cksum_size
, 0, &key5
, &cksum_k6
);
114 static krb5_error_code
115 arcfour_mic_cksum_iov(krb5_context context
,
116 krb5_keyblock
*key
, unsigned usage
,
117 u_char
*sgn_cksum
, size_t sgn_cksum_sz
,
118 const u_char
*v1
, size_t l1
,
119 const void *v2
, size_t l2
,
120 const gss_iov_buffer_desc
*iov
,
122 const gss_iov_buffer_desc
*padding
)
132 assert(sgn_cksum_sz
== 8);
136 for (i
=0; i
< iov_count
; i
++) {
137 switch (GSS_IOV_BUFFER_TYPE(iov
[i
].type
)) {
138 case GSS_IOV_BUFFER_TYPE_DATA
:
139 case GSS_IOV_BUFFER_TYPE_SIGN_ONLY
:
145 len
+= iov
[i
].buffer
.length
;
149 len
+= padding
->buffer
.length
;
156 memcpy(ptr
+ ofs
, v1
, l1
);
158 memcpy(ptr
+ ofs
, v2
, l2
);
161 for (i
=0; i
< iov_count
; i
++) {
162 switch (GSS_IOV_BUFFER_TYPE(iov
[i
].type
)) {
163 case GSS_IOV_BUFFER_TYPE_DATA
:
164 case GSS_IOV_BUFFER_TYPE_SIGN_ONLY
:
172 iov
[i
].buffer
.length
);
173 ofs
+= iov
[i
].buffer
.length
;
178 padding
->buffer
.value
,
179 padding
->buffer
.length
);
180 ofs
+= padding
->buffer
.length
;
183 ret
= krb5_crypto_init(context
, key
, 0, &crypto
);
189 ret
= krb5_create_checksum(context
,
198 memcpy(sgn_cksum
, CKSUM
.checksum
.data
, sgn_cksum_sz
);
199 free_Checksum(&CKSUM
);
201 krb5_crypto_destroy(context
, crypto
);
206 static krb5_error_code
207 arcfour_mic_cksum(krb5_context context
,
208 krb5_keyblock
*key
, unsigned usage
,
209 u_char
*sgn_cksum
, size_t sgn_cksum_sz
,
210 const u_char
*v1
, size_t l1
,
211 const void *v2
, size_t l2
,
212 const void *v3
, size_t l3
)
214 gss_iov_buffer_desc iov
;
216 iov
.type
= GSS_IOV_BUFFER_TYPE_SIGN_ONLY
;
217 iov
.buffer
.value
= rk_UNCONST(v3
);
218 iov
.buffer
.length
= l3
;
220 return arcfour_mic_cksum_iov(context
, key
, usage
,
221 sgn_cksum
, sgn_cksum_sz
,
228 _gssapi_get_mic_arcfour(OM_uint32
* minor_status
,
229 const gsskrb5_ctx context_handle
,
230 krb5_context context
,
232 const gss_buffer_t message_buffer
,
233 gss_buffer_t message_token
,
238 size_t len
, total_len
;
239 u_char k6_data
[16], *p0
, *p
;
240 EVP_CIPHER_CTX rc4_key
;
242 _gsskrb5_encap_length (22, &len
, &total_len
, GSS_KRB5_MECHANISM
);
244 message_token
->length
= total_len
;
245 message_token
->value
= malloc (total_len
);
246 if (message_token
->value
== NULL
) {
247 *minor_status
= ENOMEM
;
248 return GSS_S_FAILURE
;
251 p0
= _gssapi_make_mech_header(message_token
->value
,
256 *p
++ = 0x01; /* TOK_ID */
258 *p
++ = 0x11; /* SGN_ALG */
260 *p
++ = 0xff; /* Filler */
267 ret
= arcfour_mic_cksum(context
,
268 key
, KRB5_KU_USAGE_SIGN
,
269 p0
+ 16, 8, /* SGN_CKSUM */
270 p0
, 8, /* TOK_ID, SGN_ALG, Filer */
271 message_buffer
->value
, message_buffer
->length
,
274 _gsskrb5_release_buffer(minor_status
, message_token
);
276 return GSS_S_FAILURE
;
279 ret
= arcfour_mic_key(context
, key
,
280 p0
+ 16, 8, /* SGN_CKSUM */
281 k6_data
, sizeof(k6_data
));
283 _gsskrb5_release_buffer(minor_status
, message_token
);
285 return GSS_S_FAILURE
;
288 HEIMDAL_MUTEX_lock(&context_handle
->ctx_id_mutex
);
289 krb5_auth_con_getlocalseqnumber (context
,
290 context_handle
->auth_context
,
292 p
= p0
+ 8; /* SND_SEQ */
293 _gsskrb5_encode_be_om_uint32(seq_number
, p
);
295 krb5_auth_con_setlocalseqnumber (context
,
296 context_handle
->auth_context
,
298 HEIMDAL_MUTEX_unlock(&context_handle
->ctx_id_mutex
);
300 memset (p
+ 4, (context_handle
->more_flags
& LOCAL
) ? 0 : 0xff, 4);
302 EVP_CIPHER_CTX_init(&rc4_key
);
303 EVP_CipherInit_ex(&rc4_key
, EVP_rc4(), NULL
, k6_data
, NULL
, 1);
304 EVP_Cipher(&rc4_key
, p
, p
, 8);
305 EVP_CIPHER_CTX_cleanup(&rc4_key
);
307 memset(k6_data
, 0, sizeof(k6_data
));
310 return GSS_S_COMPLETE
;
315 _gssapi_verify_mic_arcfour(OM_uint32
* minor_status
,
316 const gsskrb5_ctx context_handle
,
317 krb5_context context
,
318 const gss_buffer_t message_buffer
,
319 const gss_buffer_t token_buffer
,
320 gss_qop_t
* qop_state
,
327 u_char SND_SEQ
[8], cksum_data
[8], *p
;
334 p
= token_buffer
->value
;
335 omret
= _gsskrb5_verify_header (&p
,
336 token_buffer
->length
,
342 if (memcmp(p
, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */
343 return GSS_S_BAD_SIG
;
345 if (memcmp (p
, "\xff\xff\xff\xff", 4) != 0)
346 return GSS_S_BAD_MIC
;
349 ret
= arcfour_mic_cksum(context
,
350 key
, KRB5_KU_USAGE_SIGN
,
351 cksum_data
, sizeof(cksum_data
),
353 message_buffer
->value
, message_buffer
->length
,
357 return GSS_S_FAILURE
;
360 ret
= arcfour_mic_key(context
, key
,
361 cksum_data
, sizeof(cksum_data
),
362 k6_data
, sizeof(k6_data
));
365 return GSS_S_FAILURE
;
368 cmp
= ct_memcmp(cksum_data
, p
+ 8, 8);
371 return GSS_S_BAD_MIC
;
375 EVP_CIPHER_CTX rc4_key
;
377 EVP_CIPHER_CTX_init(&rc4_key
);
378 EVP_CipherInit_ex(&rc4_key
, EVP_rc4(), NULL
, (void *)k6_data
, NULL
, 0);
379 EVP_Cipher(&rc4_key
, SND_SEQ
, p
, 8);
380 EVP_CIPHER_CTX_cleanup(&rc4_key
);
382 memset(k6_data
, 0, sizeof(k6_data
));
385 _gsskrb5_decode_be_om_uint32(SND_SEQ
, &seq_number
);
387 if (context_handle
->more_flags
& LOCAL
)
388 cmp
= memcmp(&SND_SEQ
[4], "\xff\xff\xff\xff", 4);
390 cmp
= memcmp(&SND_SEQ
[4], "\x00\x00\x00\x00", 4);
392 memset(SND_SEQ
, 0, sizeof(SND_SEQ
));
395 return GSS_S_BAD_MIC
;
398 HEIMDAL_MUTEX_lock(&context_handle
->ctx_id_mutex
);
399 omret
= _gssapi_msg_order_check(context_handle
->order
, seq_number
);
400 HEIMDAL_MUTEX_unlock(&context_handle
->ctx_id_mutex
);
405 return GSS_S_COMPLETE
;
409 _gssapi_wrap_arcfour(OM_uint32
* minor_status
,
410 const gsskrb5_ctx context_handle
,
411 krb5_context context
,
414 const gss_buffer_t input_message_buffer
,
416 gss_buffer_t output_message_buffer
,
419 u_char Klocaldata
[16], k6_data
[16], *p
, *p0
;
420 size_t len
, total_len
, datalen
;
421 krb5_keyblock Klocal
;
428 datalen
= input_message_buffer
->length
;
430 if (IS_DCE_STYLE(context_handle
)) {
431 len
= GSS_ARCFOUR_WRAP_TOKEN_SIZE
;
432 _gssapi_encap_length(len
, &len
, &total_len
, GSS_KRB5_MECHANISM
);
433 total_len
+= datalen
;
435 datalen
+= 1; /* padding */
436 len
= datalen
+ GSS_ARCFOUR_WRAP_TOKEN_SIZE
;
437 _gssapi_encap_length(len
, &len
, &total_len
, GSS_KRB5_MECHANISM
);
440 output_message_buffer
->length
= total_len
;
441 output_message_buffer
->value
= malloc (total_len
);
442 if (output_message_buffer
->value
== NULL
) {
443 *minor_status
= ENOMEM
;
444 return GSS_S_FAILURE
;
447 p0
= _gssapi_make_mech_header(output_message_buffer
->value
,
452 *p
++ = 0x02; /* TOK_ID */
454 *p
++ = 0x11; /* SGN_ALG */
457 *p
++ = 0x10; /* SEAL_ALG */
460 *p
++ = 0xff; /* SEAL_ALG */
463 *p
++ = 0xff; /* Filler */
468 HEIMDAL_MUTEX_lock(&context_handle
->ctx_id_mutex
);
469 krb5_auth_con_getlocalseqnumber (context
,
470 context_handle
->auth_context
,
473 _gsskrb5_encode_be_om_uint32(seq_number
, p0
+ 8);
475 krb5_auth_con_setlocalseqnumber (context
,
476 context_handle
->auth_context
,
478 HEIMDAL_MUTEX_unlock(&context_handle
->ctx_id_mutex
);
481 (context_handle
->more_flags
& LOCAL
) ? 0 : 0xff,
484 krb5_generate_random_block(p0
+ 24, 8); /* fill in Confounder */
486 /* p points to data */
487 p
= p0
+ GSS_ARCFOUR_WRAP_TOKEN_SIZE
;
488 memcpy(p
, input_message_buffer
->value
, input_message_buffer
->length
);
490 if (!IS_DCE_STYLE(context_handle
))
491 p
[input_message_buffer
->length
] = 1; /* padding */
493 ret
= arcfour_mic_cksum(context
,
494 key
, KRB5_KU_USAGE_SEAL
,
495 p0
+ 16, 8, /* SGN_CKSUM */
496 p0
, 8, /* TOK_ID, SGN_ALG, SEAL_ALG, Filler */
497 p0
+ 24, 8, /* Confounder */
498 p0
+ GSS_ARCFOUR_WRAP_TOKEN_SIZE
,
502 _gsskrb5_release_buffer(minor_status
, output_message_buffer
);
503 return GSS_S_FAILURE
;
509 Klocal
.keytype
= key
->keytype
;
510 Klocal
.keyvalue
.data
= Klocaldata
;
511 Klocal
.keyvalue
.length
= sizeof(Klocaldata
);
513 for (i
= 0; i
< 16; i
++)
514 Klocaldata
[i
] = ((u_char
*)key
->keyvalue
.data
)[i
] ^ 0xF0;
516 ret
= arcfour_mic_key(context
, &Klocal
,
517 p0
+ 8, 4, /* SND_SEQ */
518 k6_data
, sizeof(k6_data
));
519 memset(Klocaldata
, 0, sizeof(Klocaldata
));
521 _gsskrb5_release_buffer(minor_status
, output_message_buffer
);
523 return GSS_S_FAILURE
;
528 EVP_CIPHER_CTX rc4_key
;
530 EVP_CIPHER_CTX_init(&rc4_key
);
531 EVP_CipherInit_ex(&rc4_key
, EVP_rc4(), NULL
, k6_data
, NULL
, 1);
532 EVP_Cipher(&rc4_key
, p0
+ 24, p0
+ 24, 8 + datalen
);
533 EVP_CIPHER_CTX_cleanup(&rc4_key
);
535 memset(k6_data
, 0, sizeof(k6_data
));
537 ret
= arcfour_mic_key(context
, key
,
538 p0
+ 16, 8, /* SGN_CKSUM */
539 k6_data
, sizeof(k6_data
));
541 _gsskrb5_release_buffer(minor_status
, output_message_buffer
);
543 return GSS_S_FAILURE
;
547 EVP_CIPHER_CTX rc4_key
;
549 EVP_CIPHER_CTX_init(&rc4_key
);
550 EVP_CipherInit_ex(&rc4_key
, EVP_rc4(), NULL
, k6_data
, NULL
, 1);
551 EVP_Cipher(&rc4_key
, p0
+ 8, p0
+ 8 /* SND_SEQ */, 8);
552 EVP_CIPHER_CTX_cleanup(&rc4_key
);
553 memset(k6_data
, 0, sizeof(k6_data
));
557 *conf_state
= conf_req_flag
;
560 return GSS_S_COMPLETE
;
563 OM_uint32
_gssapi_unwrap_arcfour(OM_uint32
*minor_status
,
564 const gsskrb5_ctx context_handle
,
565 krb5_context context
,
566 const gss_buffer_t input_message_buffer
,
567 gss_buffer_t output_message_buffer
,
569 gss_qop_t
*qop_state
,
572 u_char Klocaldata
[16];
573 krb5_keyblock Klocal
;
578 u_char k6_data
[16], SND_SEQ
[8], Confounder
[8];
579 u_char cksum_data
[8];
583 size_t padlen
= 0, len
;
590 p0
= input_message_buffer
->value
;
592 if (IS_DCE_STYLE(context_handle
)) {
593 len
= GSS_ARCFOUR_WRAP_TOKEN_SIZE
+
594 GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE
;
595 if (input_message_buffer
->length
< len
)
596 return GSS_S_BAD_MECH
;
598 len
= input_message_buffer
->length
;
601 omret
= _gssapi_verify_mech_header(&p0
,
607 /* length of mech header */
608 len
= (p0
- (u_char
*)input_message_buffer
->value
) +
609 GSS_ARCFOUR_WRAP_TOKEN_SIZE
;
611 if (len
> input_message_buffer
->length
)
612 return GSS_S_BAD_MECH
;
615 datalen
= input_message_buffer
->length
- len
;
619 if (memcmp(p
, "\x02\x01", 2) != 0)
620 return GSS_S_BAD_SIG
;
622 if (memcmp(p
, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */
623 return GSS_S_BAD_SIG
;
626 if (memcmp (p
, "\x10\x00", 2) == 0)
628 else if (memcmp (p
, "\xff\xff", 2) == 0)
631 return GSS_S_BAD_SIG
;
634 if (memcmp (p
, "\xff\xff", 2) != 0)
635 return GSS_S_BAD_MIC
;
638 ret
= arcfour_mic_key(context
, key
,
639 p0
+ 16, 8, /* SGN_CKSUM */
640 k6_data
, sizeof(k6_data
));
643 return GSS_S_FAILURE
;
647 EVP_CIPHER_CTX rc4_key
;
649 EVP_CIPHER_CTX_init(&rc4_key
);
650 EVP_CipherInit_ex(&rc4_key
, EVP_rc4(), NULL
, k6_data
, NULL
, 1);
651 EVP_Cipher(&rc4_key
, SND_SEQ
, p0
+ 8, 8);
652 EVP_CIPHER_CTX_cleanup(&rc4_key
);
653 memset(k6_data
, 0, sizeof(k6_data
));
656 _gsskrb5_decode_be_om_uint32(SND_SEQ
, &seq_number
);
658 if (context_handle
->more_flags
& LOCAL
)
659 cmp
= memcmp(&SND_SEQ
[4], "\xff\xff\xff\xff", 4);
661 cmp
= memcmp(&SND_SEQ
[4], "\x00\x00\x00\x00", 4);
665 return GSS_S_BAD_MIC
;
671 Klocal
.keytype
= key
->keytype
;
672 Klocal
.keyvalue
.data
= Klocaldata
;
673 Klocal
.keyvalue
.length
= sizeof(Klocaldata
);
675 for (i
= 0; i
< 16; i
++)
676 Klocaldata
[i
] = ((u_char
*)key
->keyvalue
.data
)[i
] ^ 0xF0;
678 ret
= arcfour_mic_key(context
, &Klocal
,
680 k6_data
, sizeof(k6_data
));
681 memset(Klocaldata
, 0, sizeof(Klocaldata
));
684 return GSS_S_FAILURE
;
687 output_message_buffer
->value
= malloc(datalen
);
688 if (output_message_buffer
->value
== NULL
) {
689 *minor_status
= ENOMEM
;
690 return GSS_S_FAILURE
;
692 output_message_buffer
->length
= datalen
;
695 EVP_CIPHER_CTX rc4_key
;
697 EVP_CIPHER_CTX_init(&rc4_key
);
698 EVP_CipherInit_ex(&rc4_key
, EVP_rc4(), NULL
, k6_data
, NULL
, 1);
699 EVP_Cipher(&rc4_key
, Confounder
, p0
+ 24, 8);
700 EVP_Cipher(&rc4_key
, output_message_buffer
->value
, p0
+ GSS_ARCFOUR_WRAP_TOKEN_SIZE
, datalen
);
701 EVP_CIPHER_CTX_cleanup(&rc4_key
);
703 memcpy(Confounder
, p0
+ 24, 8); /* Confounder */
704 memcpy(output_message_buffer
->value
,
705 p0
+ GSS_ARCFOUR_WRAP_TOKEN_SIZE
,
708 memset(k6_data
, 0, sizeof(k6_data
));
710 if (!IS_DCE_STYLE(context_handle
)) {
711 ret
= _gssapi_verify_pad(output_message_buffer
, datalen
, &padlen
);
713 _gsskrb5_release_buffer(minor_status
, output_message_buffer
);
717 output_message_buffer
->length
-= padlen
;
720 ret
= arcfour_mic_cksum(context
,
721 key
, KRB5_KU_USAGE_SEAL
,
722 cksum_data
, sizeof(cksum_data
),
724 Confounder
, sizeof(Confounder
),
725 output_message_buffer
->value
,
726 output_message_buffer
->length
+ padlen
);
728 _gsskrb5_release_buffer(minor_status
, output_message_buffer
);
730 return GSS_S_FAILURE
;
733 cmp
= ct_memcmp(cksum_data
, p0
+ 16, 8); /* SGN_CKSUM */
735 _gsskrb5_release_buffer(minor_status
, output_message_buffer
);
737 return GSS_S_BAD_MIC
;
740 HEIMDAL_MUTEX_lock(&context_handle
->ctx_id_mutex
);
741 omret
= _gssapi_msg_order_check(context_handle
->order
, seq_number
);
742 HEIMDAL_MUTEX_unlock(&context_handle
->ctx_id_mutex
);
747 *conf_state
= conf_flag
;
750 return GSS_S_COMPLETE
;
754 max_wrap_length_arcfour(const gsskrb5_ctx ctx
,
757 OM_uint32
*max_input_size
)
760 * if GSS_C_DCE_STYLE is in use:
761 * - we only need to encapsulate the WRAP token
762 * However, since this is a fixed since, we just
764 if (IS_DCE_STYLE(ctx
)) {
765 size_t len
, total_len
;
767 len
= GSS_ARCFOUR_WRAP_TOKEN_SIZE
;
768 _gssapi_encap_length(len
, &len
, &total_len
, GSS_KRB5_MECHANISM
);
770 if (input_length
< len
)
773 *max_input_size
= input_length
- len
;
776 size_t extrasize
= GSS_ARCFOUR_WRAP_TOKEN_SIZE
;
777 size_t blocksize
= 8;
778 size_t len
, total_len
;
780 len
= 8 + input_length
+ blocksize
+ extrasize
;
782 _gsskrb5_encap_length(len
, &len
, &total_len
, GSS_KRB5_MECHANISM
);
784 total_len
-= input_length
; /* token length */
785 if (total_len
< input_length
) {
786 *max_input_size
= (input_length
- total_len
);
787 (*max_input_size
) &= (~(OM_uint32
)(blocksize
- 1));
793 return GSS_S_COMPLETE
;
797 _gssapi_wrap_size_arcfour(OM_uint32
*minor_status
,
798 const gsskrb5_ctx ctx
,
799 krb5_context context
,
802 OM_uint32 req_output_size
,
803 OM_uint32
*max_input_size
,
809 ret
= krb5_crypto_init(context
, key
, 0, &crypto
);
812 return GSS_S_FAILURE
;
815 ret
= max_wrap_length_arcfour(ctx
, crypto
,
816 req_output_size
, max_input_size
);
819 krb5_crypto_destroy(context
, crypto
);
820 return GSS_S_FAILURE
;
823 krb5_crypto_destroy(context
, crypto
);
825 return GSS_S_COMPLETE
;