diff options
| author | Tom Yu <tlyu@mit.edu> | 1998-12-16 21:16:33 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 1998-12-16 21:16:33 +0000 |
| commit | 949ae78dd56914b1d1491e3e7d27c46e602493c1 (patch) | |
| tree | 3e4c0c0358251090d9e3e3004319f3a48c03b80a /src/lib/crypto/old/old_decrypt.c | |
| parent | ca24cb257ba4281303aac4c83718f71ce295398c (diff) | |
| download | krb5-949ae78dd56914b1d1491e3e7d27c46e602493c1.tar.gz krb5-949ae78dd56914b1d1491e3e7d27c46e602493c1.tar.xz krb5-949ae78dd56914b1d1491e3e7d27c46e602493c1.zip | |
* old_decrypt.c (krb5_old_decrypt): Initialize the ivec to the key
if we're using DES_CBC_CRC, for backwards compatibility. We
weren't noticing this before because it only trashes the first
block, which is the confounder, which we weren't actually
verifying because checksum was unconditionally succeeding prior to
the other patch.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11092 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/old/old_decrypt.c')
| -rw-r--r-- | src/lib/crypto/old/old_decrypt.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/crypto/old/old_decrypt.c b/src/lib/crypto/old/old_decrypt.c index ad0b39ebf..26019e164 100644 --- a/src/lib/crypto/old/old_decrypt.c +++ b/src/lib/crypto/old/old_decrypt.c @@ -40,7 +40,7 @@ krb5_old_decrypt(enc, hash, key, usage, ivec, input, arg_output) krb5_error_code ret; size_t blocksize, hashsize, plainsize; unsigned char *plaintext, *cksumdata; - krb5_data output, cksum; + krb5_data output, cksum, crcivec; int alloced; (*(enc->block_size))(&blocksize); @@ -76,6 +76,13 @@ krb5_old_decrypt(enc, hash, key, usage, ivec, input, arg_output) /* decrypt it */ + /* XXX this is gross, but I don't have much choice */ + if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) { + crcivec.length = key->length; + crcivec.data = key->contents; + ivec = &crcivec; + } + if (ret = ((*(enc->decrypt))(key, ivec, input, &output))) goto cleanup; |