projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 53f829b)
XOR the last byte of weak keys with 0xf0, according to spec
authorRichard Basch <probe@mit.edu>
Sat, 2 Dec 1995 16:33:40 +0000 (16:33 +0000)
committerRichard Basch <probe@mit.edu>
Sat, 2 Dec 1995 16:33:40 +0000 (16:33 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7156 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/crypto/des/d3_str2ky.c patch | blob | history
src/lib/crypto/des/string2key.c patch | blob | history

diff --git a/src/lib/crypto/des/d3_str2ky.c b/src/lib/crypto/des/d3_str2ky.c
index 3e3e285bda167d3729b30f5e0923f70a081dfb6c..6acf2187004da466d328bace45f06e92a2b10814 100644 (file)
--- a/src/lib/crypto/des/d3_str2ky.c
+++ b/src/lib/crypto/des/d3_str2ky.c
@@ -103,7 +103,7 @@ const krb5_data FAR * salt;
     for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) {
        mit_des_fixup_key_parity(key[j]);
        if (mit_des_is_weak_key(key[j]))
-           *((krb5_octet *)(key[j])) ^= 0xf0;
+           ((krb5_octet *)(key[j]))[7] ^= 0xf0;
     }
 
     /* Now, CBC encrypt with itself */
@@ -127,7 +127,7 @@ const krb5_data FAR * salt;
     for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) {
        mit_des_fixup_key_parity(key[j]);
        if (mit_des_is_weak_key(key[j]))
-           *((krb5_octet *)(key[j])) ^= 0xf0;
+           ((krb5_octet *)(key[j]))[7] ^= 0xf0;
     }
 
     return 0;
diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c
index e36ebcbc7b0703a6b722b7ab3a076adc8371a985..7c58b50833c3630efeaf36b5a3965bc00645a104 100644 (file)
--- a/src/lib/crypto/des/string2key.c
+++ b/src/lib/crypto/des/string2key.c
@@ -144,6 +144,8 @@ const krb5_data FAR * salt;
 
     /* fix key parity */
     mit_des_fixup_key_parity(key);
+    if (mit_des_is_weak_key(key))
+       ((krb5_octet *)key)[7] ^= 0xf0;
 
     /* Now one-way encrypt it with the folded key */
     (void) mit_des_key_sched(key, key_sked);
@@ -157,6 +159,8 @@ const krb5_data FAR * salt;
 
     /* now fix up key parity again */
     mit_des_fixup_key_parity(key);
+    if (mit_des_is_weak_key(key))
+       ((krb5_octet *)key)[7] ^= 0xf0;
 
 #if 0
     if (mit_des_debug)
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.