The incorrect size was being used to compare the computed message
digest and the supplied checksum for the "fixed" md4 case, causing
decryption integrity failures.
[Fixed by epeisach/audited by basch; fixes 'make check']
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8099
dc483132-0cff-0310-8789-
dd5450dbe970
+Tue May 21 22:33:12 1996 Richard Basch <basch@lehman.com>
+
+ * md4crypto.c: Incorrrect size arguments were being passed causing
+ decrypt integrity failures with the "fixed" md4 algorithm. The old
+ path was also fixed to better reflect the appropriate size variables
+ even though the two in use were identical (if someone copied the
+ code to make a new crypto system, they may spend a long time
+ debugging because of the misuse of variables).
+ [Tracked down by epeisach; audited by basch.]
+
Mon May 20 17:16:47 1996 Theodore Y. Ts'o <tytso@mit.edu>
* md4crypto.c, md4crypto.h: Change use of RSA_MD4_DES_CKSUM_LENGTH
/* now encrypt the checksum */
retval = mit_des_cbc_encrypt((mit_des_cblock *)&working.digest[0],
(mit_des_cblock *)&outtmp[0],
- OLD_RSA_MD4_DES_CKSUM_LENGTH,
+ RSA_MD4_CKSUM_LENGTH,
(struct mit_des_ks_struct *)
eblock.priv,
keyblock.contents,
/* Compare the checksums */
if (memcmp((char *) &outtmp[RSA_MD4_DES_CONFOUND_LENGTH],
(char *) &working.digest[0],
- NEW_RSA_MD4_DES_CKSUM_LENGTH))
+ RSA_MD4_CKSUM_LENGTH))
retval = KRB5KRB_AP_ERR_BAD_INTEGRITY;
}
else
projects / krb5.git / commitdiff