Corrected Copyrights and some minor reorganization in openssl impl.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23090 dc483132-0cff-0310-8789-dd5450dbe970
author: Zhanna Tsitkov <tsitkova@mit.edu> 2009-10-29 21:36:47 +0000
committer: Zhanna Tsitkov <tsitkova@mit.edu> 2009-10-29 21:36:47 +0000
commit: 3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd (patch)
tree: 5447ea6cc7b61296320cc0d08be1d4daa63837d6 /src/lib/crypto/openssl/enc_provider
parent: 73ee11a0fd1dc90719ca22602dab6b2c28bd9272 (diff)
download: krb5-3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd.tar.gz
krb5-3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd.tar.xz
krb5-3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd.zip
5 files changed, 141 insertions, 69 deletions
diff --git a/src/lib/crypto/openssl/enc_provider/aes.c b/src/lib/crypto/openssl/enc_provider/aes.c
index 76f81d41e..21d71f8a3 100644
--- a/src/lib/crypto/openssl/enc_provider/aes.c
+++ b/src/lib/crypto/openssl/enc_provider/aes.c
@@ -27,7 +27,6 @@
 #include "k5-int.h"
 #include "enc_provider.h"
 #include "rand2key.h"
-#include "aes.h"
 #include "aead.h"
 #include "hash_provider/hash_provider.h"
 #include <openssl/evp.h>
@@ -54,6 +53,7 @@ static krb5_error_code
 cts_decr_iov(krb5_key key, const krb5_data *ivec,
                     krb5_crypto_iov *data, size_t num_data, size_t dlen);
 
+#define BLOCK_SIZE 16
 #define NUM_BITS 8
 #define IV_CTS_BUF_SIZE 16 /* 16 - hardcoded in CRYPTO_cts128_en/decrypt */
 
@@ -73,26 +73,19 @@ cbc_enc(krb5_key key, const krb5_data *ivec,
 		    const krb5_data *input, krb5_data *output)
 {
     int             ret = 0, tmp_len = 0;
-    unsigned char  *key_buf = NULL;
     unsigned char  *tmp_buf = NULL;
     EVP_CIPHER_CTX  ciph_ctx;
 
-    key_buf = OPENSSL_malloc(key->keyblock.length);
-    if (!key_buf)
-        return ENOMEM;
-
     tmp_len = input->length;
     tmp_buf = OPENSSL_malloc(input->length);
     if (!tmp_buf){
-        OPENSSL_free(key_buf);
         return ENOMEM;
     }
-    memcpy(key_buf, key->keyblock.contents, key->keyblock.length);
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
     ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
-                  NULL, key_buf, (ivec) ? (unsigned char*)ivec->data : NULL);
+                  NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
 
     if (ret == 1){
         EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); 
@@ -112,9 +105,7 @@ cbc_enc(krb5_key key, const krb5_data *ivec,
         ret = KRB5_CRYPTO_INTERNAL;
     }
 
-    memset(key_buf, 0, key->keyblock.length);
     memset(tmp_buf, 0, input->length);
-    OPENSSL_free(key_buf);
     OPENSSL_free(tmp_buf);
 
     return ret;
@@ -125,26 +116,19 @@ cbc_decr(krb5_key key, const krb5_data *ivec,
 		    const krb5_data *input, krb5_data *output)
 {
     int              ret = 0, tmp_len = 0;
-    unsigned char   *key_buf = NULL;
     unsigned char   *tmp_buf = NULL;
     EVP_CIPHER_CTX   ciph_ctx;
 
-    key_buf = OPENSSL_malloc(key->keyblock.length);
-    if (!key_buf)
-        return ENOMEM;
-
     tmp_len = input->length;
     tmp_buf = OPENSSL_malloc(input->length);
     if (!tmp_buf){
-        OPENSSL_free(key_buf);
         return ENOMEM;
     }
-    memcpy(key_buf, key->keyblock.contents, key->keyblock.length);
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
     ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
-                  NULL, key_buf, (ivec) ? (unsigned char*)ivec->data : NULL);
+                  NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
     if (ret == 1) {
         EVP_CIPHER_CTX_set_padding(&ciph_ctx,0); 
         ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf, &tmp_len,
@@ -164,9 +148,7 @@ cbc_decr(krb5_key key, const krb5_data *ivec,
         ret = KRB5_CRYPTO_INTERNAL;
     }
 
-    memset(key_buf, 0, key->keyblock.length);
     memset(tmp_buf, 0, input->length);
-    OPENSSL_free(key_buf);
     OPENSSL_free(tmp_buf);
 
     return ret;
diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps
index 08954482b..5ac919d11 100644
--- a/src/lib/crypto/openssl/enc_provider/deps
+++ b/src/lib/crypto/openssl/enc_provider/deps
@@ -35,8 +35,8 @@ aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
   $(SRCTOP)/include/krb5/authdata_plugin.h $(SRCTOP)/include/krb5/locate_plugin.h \
   $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
-  $(SRCTOP)/include/socket-utils.h $(srcdir)/../aes/aes.h \
-  $(srcdir)/../aes/uitypes.h $(srcdir)/aes.c \
+  $(SRCTOP)/include/socket-utils.h \
+  $(srcdir)/aes.c \
   $(srcdir)/enc_provider.h \
   $(srcdir)/../../krb/aead.h $(srcdir)/../../krb/cksumtypes.h \
   $(srcdir)/../../krb/rand2key/rand2key.h
diff --git a/src/lib/crypto/openssl/enc_provider/des.c b/src/lib/crypto/openssl/enc_provider/des.c
index a4208eefc..208a0d16d 100644
--- a/src/lib/crypto/openssl/enc_provider/des.c
+++ b/src/lib/crypto/openssl/enc_provider/des.c
@@ -1,4 +1,52 @@
 /* lib/crypto/openssl/enc_provider/des.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
 #include "k5-int.h"
@@ -55,7 +103,6 @@ k5_des_encrypt(krb5_key key, const krb5_data *ivec,
 {
     int              ret = 0, tmp_len = 0;
     unsigned int     tmp_buf_len = 0;
-    unsigned char   *keybuf  = NULL;
     unsigned char   *tmp_buf = NULL;
     EVP_CIPHER_CTX   ciph_ctx;
 
@@ -63,9 +110,6 @@ k5_des_encrypt(krb5_key key, const krb5_data *ivec,
     if (ret)
         return ret;
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
-
     tmp_buf_len = output->length*2;
     tmp_buf=OPENSSL_malloc(tmp_buf_len);
     if (!tmp_buf)
@@ -74,7 +118,7 @@ k5_des_encrypt(krb5_key key, const krb5_data *ivec,
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
-    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, keybuf,
+    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents,
                              (ivec) ? (unsigned char*)ivec->data  : NULL);
     if (ret) {
         EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
@@ -108,7 +152,6 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec,
 {
     /* key->keyblock.enctype was checked by the caller */
     int              ret = 0, tmp_len = 0;
-    unsigned char   *keybuf  = NULL;
     unsigned char   *tmp_buf;
     EVP_CIPHER_CTX  ciph_ctx;
 
@@ -116,8 +159,6 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec,
     if (ret)
         return ret;
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
 
     tmp_buf=OPENSSL_malloc(output->length);
     if (!tmp_buf)
@@ -126,7 +167,7 @@ k5_des_decrypt(krb5_key key, const krb5_data *ivec,
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
-    ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, keybuf,
+    ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL, key->keyblock.contents,
                              (ivec) ? (unsigned char*)ivec->data : NULL);
     if (ret) {
         EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
@@ -160,7 +201,6 @@ k5_des_encrypt_iov(krb5_key key,
     int             ret = 0, tmp_len = MIT_DES_BLOCK_LENGTH;
     int             oblock_len = MIT_DES_BLOCK_LENGTH * num_data;
     unsigned char  *iblock = NULL, *oblock = NULL;
-    unsigned char  *keybuf = NULL ;
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX  ciph_ctx;
 
@@ -176,8 +216,6 @@ k5_des_encrypt_iov(krb5_key key,
     IOV_BLOCK_STATE_INIT(&input_pos);
     IOV_BLOCK_STATE_INIT(&output_pos);
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
 
     ret = validate_iov(key, ivec, data, num_data);
     if (ret)
@@ -188,7 +226,7 @@ k5_des_encrypt_iov(krb5_key key,
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
     ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL,
-                             keybuf, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL);
+                             key->keyblock.contents, (ivec && ivec->data) ? (unsigned char*)ivec->data : NULL);
     if (!ret){
         EVP_CIPHER_CTX_cleanup(&ciph_ctx);
         OPENSSL_free(iblock);
@@ -238,7 +276,6 @@ k5_des_decrypt_iov(krb5_key key,
     int                    tmp_len = MIT_DES_BLOCK_LENGTH;
     int                    oblock_len = MIT_DES_BLOCK_LENGTH*num_data;
     unsigned char         *iblock = NULL, *oblock = NULL;
-    unsigned char         *keybuf = NULL;
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX         ciph_ctx;
 
@@ -254,9 +291,6 @@ k5_des_decrypt_iov(krb5_key key,
     IOV_BLOCK_STATE_INIT(&input_pos);
     IOV_BLOCK_STATE_INIT(&output_pos);
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
-
     ret = validate_iov(key, ivec, data, num_data);
     if (ret)
         return ret;
@@ -266,7 +300,7 @@ k5_des_decrypt_iov(krb5_key key,
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
     ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_cbc(), NULL,
-                             keybuf, (ivec) ? (unsigned char*)ivec->data : NULL);
+                             key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
     if (!ret){
         EVP_CIPHER_CTX_cleanup(&ciph_ctx);
         OPENSSL_free(iblock);
diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c
index d2ea66df9..4d08bc4b1 100644
--- a/src/lib/crypto/openssl/enc_provider/des3.c
+++ b/src/lib/crypto/openssl/enc_provider/des3.c
@@ -1,4 +1,51 @@
 /* lib/crypto/openssl/enc_provider/des3.c
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+/*
+ * Copyright (C) 1998 by the FundsXpress, INC.
+ *
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may require
+ * a specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of FundsXpress. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  FundsXpress makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
 #include "k5-int.h"
@@ -56,7 +103,6 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec,
 {
     int              ret = 0, tmp_len = 0;
     unsigned int     tmp_buf_len = 0;
-    unsigned char   *keybuf  = NULL;
     unsigned char   *tmp_buf = NULL;
     EVP_CIPHER_CTX   ciph_ctx;
 
@@ -64,9 +110,6 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec,
     if (ret)
 	return ret;
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
-
     tmp_buf_len = output->length * 2;
     tmp_buf = OPENSSL_malloc(tmp_buf_len);
     if (!tmp_buf)
@@ -74,7 +117,7 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec,
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
-    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, keybuf,
+    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, key->keyblock.contents,
                              (ivec) ? (unsigned char*)ivec->data : NULL);
     if (ret) {
         EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
@@ -109,7 +152,6 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec,
 {
     int              ret = 0, tmp_len = 0;
     unsigned int     tmp_buf_len = 0;
-    unsigned char   *keybuf  = NULL;
     unsigned char   *tmp_buf = NULL;
     EVP_CIPHER_CTX   ciph_ctx;
 
@@ -117,8 +159,6 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec,
     if (ret)
 	return ret;
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
 
     tmp_buf_len = output->length;
     tmp_buf=OPENSSL_malloc(tmp_buf_len);
@@ -127,7 +167,7 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec,
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
-    ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, keybuf,
+    ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL, key->keyblock.contents,
                              (ivec) ? (unsigned char*)ivec->data: NULL);
     if (ret) {
         EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
@@ -165,7 +205,6 @@ k5_des3_encrypt_iov(krb5_key key,
     int                    tmp_len = MIT_DES_BLOCK_LENGTH;
     int                    oblock_len = MIT_DES_BLOCK_LENGTH*num_data;
     unsigned char         *iblock = NULL, *oblock = NULL;
-    unsigned char         *keybuf = NULL;
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX         ciph_ctx;
 
@@ -185,15 +224,12 @@ k5_des3_encrypt_iov(krb5_key key,
     IOV_BLOCK_STATE_INIT(&input_pos);
     IOV_BLOCK_STATE_INIT(&output_pos);
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
-
     memset(oblock, 0, oblock_len);
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
     ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL,
-                             keybuf, (ivec) ? (unsigned char*)ivec->data : NULL);
+                             key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
     if (!ret){
         EVP_CIPHER_CTX_cleanup(&ciph_ctx);
         OPENSSL_free(iblock);
@@ -248,7 +284,6 @@ k5_des3_decrypt_iov(krb5_key key,
     int                    tmp_len = MIT_DES_BLOCK_LENGTH;
     int                    oblock_len = MIT_DES_BLOCK_LENGTH * num_data;
     unsigned char         *iblock = NULL, *oblock = NULL;
-    unsigned char         *keybuf = NULL ;
     struct iov_block_state input_pos, output_pos;
     EVP_CIPHER_CTX         ciph_ctx;
 
@@ -268,15 +303,12 @@ k5_des3_decrypt_iov(krb5_key key,
     IOV_BLOCK_STATE_INIT(&input_pos);
     IOV_BLOCK_STATE_INIT(&output_pos);
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
-
     memset(oblock, 0, oblock_len);
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
     ret = EVP_DecryptInit_ex(&ciph_ctx, EVP_des_ede3_cbc(), NULL,
-                             keybuf, (ivec) ? (unsigned char*)ivec->data : NULL);
+                             key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
     if (!ret){
         EVP_CIPHER_CTX_cleanup(&ciph_ctx);
         OPENSSL_free(iblock);
diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
index fd1c7238d..42a3aea1c 100644
--- a/src/lib/crypto/openssl/enc_provider/rc4.c
+++ b/src/lib/crypto/openssl/enc_provider/rc4.c
@@ -1,8 +1,39 @@
 /*  lib/crypto/openssl/enc_provider/rc4.c
  *
  * #include STD_DISCLAIMER
+ *
+ * Copyright (C) 2009 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/* arcfour.c
+ *
+ * Copyright (c) 2000 by Computer Science Laboratory,
+ *                       Rensselaer Polytechnic Institute
+ *
+ * #include STD_DISCLAIMER
  */
 
+
 #include "k5-int.h"
 #include <aead.h>
 #include <rand2key.h>
@@ -33,7 +64,6 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state,
            const krb5_data *input, krb5_data *output)
 {
     int ret = 0, tmp_len = 0;
-    unsigned char   *keybuf  = NULL;
     unsigned char   *tmp_buf = NULL;
     EVP_CIPHER_CTX  ciph_ctx;
 
@@ -43,12 +73,9 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state,
     if (input->length != output->length)
         return(KRB5_BAD_MSIZE);
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
-
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
-    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, keybuf, NULL);
+    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, key->keyblock.contents, NULL);
     if (ret) {
         tmp_buf=(unsigned char *)output->data;
         ret = EVP_EncryptUpdate(&ciph_ctx, tmp_buf,  &tmp_len,
@@ -79,17 +106,14 @@ k5_arcfour_docrypt_iov(krb5_key key,
 {
     size_t i;
     int ret = 0, tmp_len = 0;
-    unsigned char   *keybuf  = NULL ;
     unsigned char   *tmp_buf = NULL;
     krb5_crypto_iov *iov     = NULL;
     EVP_CIPHER_CTX  ciph_ctx;
 
-    keybuf=key->keyblock.contents;
-    keybuf[key->keyblock.length] = '\0';
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
 
-    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, keybuf, NULL);
+    ret = EVP_EncryptInit_ex(&ciph_ctx, EVP_rc4(), NULL, key->keyblock.contents, NULL);
     if (!ret){
         EVP_CIPHER_CTX_cleanup(&ciph_ctx);
         return KRB5_CRYPTO_INTERNAL;
author	Zhanna Tsitkov <tsitkova@mit.edu>	2009-10-29 21:36:47 +0000
committer	Zhanna Tsitkov <tsitkova@mit.edu>	2009-10-29 21:36:47 +0000
commit	3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd (patch)
tree	5447ea6cc7b61296320cc0d08be1d4daa63837d6 /src/lib/crypto/openssl/enc_provider
parent	73ee11a0fd1dc90719ca22602dab6b2c28bd9272 (diff)
download	krb5-3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd.tar.gz krb5-3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd.tar.xz krb5-3ba4b0893874ad835ccdad8b35c7e1ff62f9ecdd.zip