* d3_str2ky.c: Updated to include some of the randomness throughout

		the entire key.  The second 3-DES CBC encryption of the block
		should use an ivec of the last cipher block.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7208 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/des/d3_str2ky.c b/src/lib/crypto/des/d3_str2ky.c
index 67c0bf1ced0d673ed8ec6bea4dcaf76b550e3a08..8e64ad4d9e76cba3b129ee22f3d96d1916627f0a 100644 (file)
--- a/src/lib/crypto/des/d3_str2ky.c
+++ b/src/lib/crypto/des/d3_str2ky.c
@@ -107,20 +107,16 @@ const krb5_data FAR * salt;
 
     /* Now, CBC encrypt with itself */
     (void) mit_des3_key_sched(*((mit_des3_cblock *)key), ks);
-    (void) mit_des3_cbc_encrypt((mit_des_cblock *)key,
-                               (mit_des_cblock *)key,
-                               keyblock->length,
+    (void) mit_des3_cbc_encrypt(key, key, keyblock->length,
                                ((mit_des_key_schedule *)ks)[0],
                                ((mit_des_key_schedule *)ks)[1],
                                ((mit_des_key_schedule *)ks)[2],
                                zero_ivec, TRUE);
-    (void) mit_des3_cbc_encrypt((mit_des_cblock *)key,
-                               (mit_des_cblock *)key,
-                               keyblock->length,
+    (void) mit_des3_cbc_encrypt(key, key, keyblock->length,
                                ((mit_des_key_schedule *)ks)[0],
                                ((mit_des_key_schedule *)ks)[1],
                                ((mit_des_key_schedule *)ks)[2],
-                               zero_ivec, TRUE);
+                               key[2], TRUE);
 
     /* erase key_sked */
     memset((char *)ks, 0, sizeof(ks));