HEIMDAL:lib/krb5: use krb5_verify_checksum() in krb5_c_verify_checksum()

This allows the optimized checksum->verify() function to be used.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source4/heimdal/lib/krb5/mit_glue.c b/source4/heimdal/lib/krb5/mit_glue.c
index 16c230a11f96fa136111f617cd6baca513869bd6..53b20fd2d470f370dcb9bd2cb8a5fa7f83ea8ae1 100644 (file)
--- a/source4/heimdal/lib/krb5/mit_glue.c
+++ b/source4/heimdal/lib/krb5/mit_glue.c
@@ -67,22 +67,23 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key,
                       const krb5_checksum *cksum, krb5_boolean *valid)
 {
     krb5_error_code ret;
-    krb5_checksum data_cksum;
+    krb5_crypto crypto;
 
     *valid = 0;
 
-    ret = krb5_c_make_checksum(context, cksum->cksumtype,
-                              key, usage, data, &data_cksum);
+    ret = krb5_crypto_init(context, key, 0, &crypto);
     if (ret)
        return ret;
 
-    if (data_cksum.cksumtype == cksum->cksumtype
-       && krb5_data_ct_cmp(&data_cksum.checksum, &cksum->checksum) == 0)
-       *valid = 1;
+    ret = krb5_verify_checksum(context, crypto, usage,
+                              data->data, data->length, cksum);
+    krb5_crypto_destroy(context, crypto);
 
-    krb5_free_checksum_contents(context, &data_cksum);
+    if (ret == 0) {
+       *valid = 1;
+    }
 
-    return 0;
+    return ret;
 }
 
 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL