From: Richard Basch <probe@mit.edu>
Date: Sat, 2 Dec 1995 16:33:40 +0000 (+0000)
Subject: XOR the last byte of weak keys with 0xf0, according to spec
X-Git-Tag: krb5-1.0-beta6~751
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0e7da60c8f9ce2885d4a5bba0ab71f57b389f9aa;p=krb5.git

XOR the last byte of weak keys with 0xf0, according to spec

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7156 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/crypto/des/d3_str2ky.c b/src/lib/crypto/des/d3_str2ky.c
index 3e3e285bd..6acf21870 100644
--- a/src/lib/crypto/des/d3_str2ky.c
+++ b/src/lib/crypto/des/d3_str2ky.c
@@ -103,7 +103,7 @@ const krb5_data FAR * salt;
     for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) {
 	mit_des_fixup_key_parity(key[j]);
 	if (mit_des_is_weak_key(key[j]))
-	    *((krb5_octet *)(key[j])) ^= 0xf0;
+	    ((krb5_octet *)(key[j]))[7] ^= 0xf0;
     }
 
     /* Now, CBC encrypt with itself */
@@ -127,7 +127,7 @@ const krb5_data FAR * salt;
     for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) {
 	mit_des_fixup_key_parity(key[j]);
 	if (mit_des_is_weak_key(key[j]))
-	    *((krb5_octet *)(key[j])) ^= 0xf0;
+	    ((krb5_octet *)(key[j]))[7] ^= 0xf0;
     }
 
     return 0;
diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c
index e36ebcbc7..7c58b5083 100644
--- a/src/lib/crypto/des/string2key.c
+++ b/src/lib/crypto/des/string2key.c
@@ -144,6 +144,8 @@ const krb5_data FAR * salt;
 
     /* fix key parity */
     mit_des_fixup_key_parity(key);
+    if (mit_des_is_weak_key(key))
+	((krb5_octet *)key)[7] ^= 0xf0;
 
     /* Now one-way encrypt it with the folded key */
     (void) mit_des_key_sched(key, key_sked);
@@ -157,6 +159,8 @@ const krb5_data FAR * salt;
 
     /* now fix up key parity again */
     mit_des_fixup_key_parity(key);
+    if (mit_des_is_weak_key(key))
+	((krb5_octet *)key)[7] ^= 0xf0;
 
 #if 0
     if (mit_des_debug)