diff options
| author | Sam Hartman <hartmans@mit.edu> | 2001-10-19 20:33:37 +0000 |
|---|---|---|
| committer | Sam Hartman <hartmans@mit.edu> | 2001-10-19 20:33:37 +0000 |
| commit | 1c23f0932639e3c79889fbe51fec028eef485f95 (patch) | |
| tree | f13aae14264c3686dd546370b86d92ce915d2e4e /src | |
| parent | 2c55e86593458e5e06320e74ee776bde17c100bb (diff) | |
| download | krb5-1c23f0932639e3c79889fbe51fec028eef485f95.tar.gz krb5-1c23f0932639e3c79889fbe51fec028eef485f95.tar.xz krb5-1c23f0932639e3c79889fbe51fec028eef485f95.zip | |
Ignore salt for arc4 string2key per Microsoft spec
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13825 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/crypto/arcfour/ChangeLog | 3 | ||||
| -rw-r--r-- | src/lib/crypto/arcfour/string_to_key.c | 16 |
2 files changed, 8 insertions, 11 deletions
diff --git a/src/lib/crypto/arcfour/ChangeLog b/src/lib/crypto/arcfour/ChangeLog index c9b641a8c..91782a055 100644 --- a/src/lib/crypto/arcfour/ChangeLog +++ b/src/lib/crypto/arcfour/ChangeLog @@ -1,5 +1,8 @@ 2001-10-19 Sam Hartman <hartmans@mit.edu> + * string_to_key.c (krb5_arcfour_string_to_key): Ignore salt + (krb5_arcfour_string_to_key): Use memset not bzero + * arcfour.c (krb5_arcfour_decrypt): Return error if salt cannot be allocated (krb5_arcfour_encrypt): Only memset bits of key to known value on export-grade crypto diff --git a/src/lib/crypto/arcfour/string_to_key.c b/src/lib/crypto/arcfour/string_to_key.c index d41bc2585..3871ea892 100644 --- a/src/lib/crypto/arcfour/string_to_key.c +++ b/src/lib/crypto/arcfour/string_to_key.c @@ -25,11 +25,7 @@ krb5_arcfour_string_to_key(enc, string, salt, key) if (key->length != 16) return (KRB5_BAD_MSIZE); - /* handle the salt... - We really don't salt our key, else it won't work with MSFT, but - handle it anyway - */ - saltlen=salt?salt->length:0; + /* We ignore salt per the Microsoft spec*/ /* compute the space needed for the new string. Since the password must be stored in unicode, we need to increase @@ -39,16 +35,14 @@ krb5_arcfour_string_to_key(enc, string, salt, key) thes user's password is in ascii. */ slen = ((string->length)>128)?128:string->length; - len=(slen)*2 + saltlen; + len=(slen)*2; copystr = malloc((size_t) len); if (copystr == NULL) return ENOMEM; - /* make the string. start by creating the unicode version of the password - then copy the salt to the end of the string */ + /* make the string. start by creating the unicode version of the password*/ asctouni(copystr, string->data, slen ); - memcpy(copystr+(slen*2), salt->data, saltlen); /* the actual MD4 hash of the data */ krb5_MD4Init(&md4_context); @@ -65,7 +59,7 @@ krb5_arcfour_string_to_key(enc, string, salt, key) #endif /* 0 */ /* Zero out the data behind us */ - bzero(copystr, len); - bzero(&md4_context, sizeof(md4_context)); + memset (copystr, 0, len); + memset(&md4_context, 0, sizeof(md4_context)); return 0; } |