Rewrite weak key check to use a small custom struct instead of wedging

data into krb5_data, and use the array size rather than a sentinel for
loop control.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19547 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/enc_provider/rc4.c b/src/lib/crypto/enc_provider/rc4.c
index 5a4c8c0bbf44a10a37bb59a3d0da6deef9853d7a..a88ad79376d4428916629a14275d7dbf98835510 100644 (file)
--- a/src/lib/crypto/enc_provider/rc4.c
+++ b/src/lib/crypto/enc_provider/rc4.c
@@ -35,12 +35,12 @@ k5_arcfour_make_key(const krb5_data *, krb5_keyblock *);
 
 static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd};
 static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc};
-static const krb5_data arcfour_weakkeys[] = {
-    {KV5M_DATA, sizeof (arcfour_weakkey1),
-     (char * ) arcfour_weakkey1},
-    {KV5M_DATA, sizeof (arcfour_weakkey2),
-     (char * ) arcfour_weakkey2},
-    {KV5M_DATA, 0, 0}
+static const struct {
+    size_t length;
+    const unsigned char *data;
+} arcfour_weakkeys[] = {
+    { sizeof (arcfour_weakkey1), arcfour_weakkey1},
+    { sizeof (arcfour_weakkey2), arcfour_weakkey2},
 };
 
 static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx)
@@ -84,10 +84,12 @@ k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key,
   if (key_len != 16)
     return KRB5_BAD_MSIZE;     /*this is probably not the correct error code
                                 to return */
-  for(counter=0;arcfour_weakkeys[counter].length >0; counter++)
-    if (memcmp(key, arcfour_weakkeys[counter].data,
-              arcfour_weakkeys[counter].length) == 0)
-      return KRB5DES_WEAK_KEY; /* most certainly not the correct error */
+  for (counter=0;
+       counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]);
+       counter++)
+      if (!memcmp(key, arcfour_weakkeys[counter].data,
+                 arcfour_weakkeys[counter].length))
+         return KRB5DES_WEAK_KEY; /* most certainly not the correct error */
 
   state = &ctx->state[0];
   ctx->x = 0;