diff options
| author | John Kohl <jtkohl@mit.edu> | 1990-02-13 16:49:35 +0000 |
|---|---|---|
| committer | John Kohl <jtkohl@mit.edu> | 1990-02-13 16:49:35 +0000 |
| commit | 247a699f0ea9c22c3c423afabb99c96d7d4131ef (patch) | |
| tree | 52a139372732e779ef32d8c548522994f80b7212 /src/lib/kdb | |
| parent | 71a014d81aa0ab281c16b1675977eeb9ffb30960 (diff) | |
| download | krb5-247a699f0ea9c22c3c423afabb99c96d7d4131ef.tar.gz krb5-247a699f0ea9c22c3c423afabb99c96d7d4131ef.tar.xz krb5-247a699f0ea9c22c3c423afabb99c96d7d4131ef.zip | |
fix several major flaws, to make it work
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@356 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/kdb')
| -rw-r--r-- | src/lib/kdb/decrypt_key.c | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/src/lib/kdb/decrypt_key.c b/src/lib/kdb/decrypt_key.c index 50b9631536..80f10c99fa 100644 --- a/src/lib/kdb/decrypt_key.c +++ b/src/lib/kdb/decrypt_key.c @@ -36,34 +36,40 @@ krb5_keyblock *out; { krb5_error_code retval; - *out = *in; - out->length = krb5_encrypt_size(in->length, eblock->crypto_entry); + /* the encrypted version is stored as the unencrypted key length + (in host byte order), followed by the encrypted key. + */ + out->keytype = in->keytype; + out->length = krb5_encrypt_size(in->length-sizeof(in->length), + eblock->crypto_entry); out->contents = (krb5_octet *)malloc(out->length); if (!out->contents) { out->contents = 0; out->length = 0; return ENOMEM; } + /* copy out the real length count */ + bcopy((char *)in->contents, (char *)&out->length, + sizeof(out->length)); + + /* remember the contents of the encrypted version has a sizeof(in->length) + integer length of the real embedded key, followed by the + encrypted key, so the offset here is needed */ if (retval = (*eblock->crypto_entry-> - decrypt_func)((krb5_pointer) in->contents, + decrypt_func)((krb5_pointer) (((char *) in->contents) + + sizeof(in->length)), (krb5_pointer) out->contents, - in->length, eblock)) { + in->length-sizeof(in->length), eblock)) { free((char *)out->contents); out->contents = 0; out->length = 0; return retval; } - out->length -= sizeof(out->length); if (out->length < 0) { free((char *)out->contents); out->contents = 0; out->length = 0; return KRB5_KDB_INVALIDKEYSIZE; } - /* shift key down to beginning of contents, and ignore extra wasted - space */ - bcopy((char *)out->contents, - ((char *) out->contents ) + sizeof(out->length), - out->length); return retval; } |