From: Sam Hartman Date: Fri, 19 Oct 2001 20:33:37 +0000 (+0000) Subject: Ignore salt for arc4 string2key per Microsoft spec X-Git-Tag: krb5-1.3-alpha1~1025 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=1c23f0932639e3c79889fbe51fec028eef485f95;p=krb5.git Ignore salt for arc4 string2key per Microsoft spec git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13825 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/arcfour/ChangeLog b/src/lib/crypto/arcfour/ChangeLog index c9b641a8c..91782a055 100644 --- a/src/lib/crypto/arcfour/ChangeLog +++ b/src/lib/crypto/arcfour/ChangeLog @@ -1,5 +1,8 @@ 2001-10-19 Sam Hartman + * string_to_key.c (krb5_arcfour_string_to_key): Ignore salt + (krb5_arcfour_string_to_key): Use memset not bzero + * arcfour.c (krb5_arcfour_decrypt): Return error if salt cannot be allocated (krb5_arcfour_encrypt): Only memset bits of key to known value on export-grade crypto diff --git a/src/lib/crypto/arcfour/string_to_key.c b/src/lib/crypto/arcfour/string_to_key.c index d41bc2585..3871ea892 100644 --- a/src/lib/crypto/arcfour/string_to_key.c +++ b/src/lib/crypto/arcfour/string_to_key.c @@ -25,11 +25,7 @@ krb5_arcfour_string_to_key(enc, string, salt, key) if (key->length != 16) return (KRB5_BAD_MSIZE); - /* handle the salt... - We really don't salt our key, else it won't work with MSFT, but - handle it anyway - */ - saltlen=salt?salt->length:0; + /* We ignore salt per the Microsoft spec*/ /* compute the space needed for the new string. Since the password must be stored in unicode, we need to increase @@ -39,16 +35,14 @@ krb5_arcfour_string_to_key(enc, string, salt, key) thes user's password is in ascii. */ slen = ((string->length)>128)?128:string->length; - len=(slen)*2 + saltlen; + len=(slen)*2; copystr = malloc((size_t) len); if (copystr == NULL) return ENOMEM; - /* make the string. start by creating the unicode version of the password - then copy the salt to the end of the string */ + /* make the string. start by creating the unicode version of the password*/ asctouni(copystr, string->data, slen ); - memcpy(copystr+(slen*2), salt->data, saltlen); /* the actual MD4 hash of the data */ krb5_MD4Init(&md4_context); @@ -65,7 +59,7 @@ krb5_arcfour_string_to_key(enc, string, salt, key) #endif /* 0 */ /* Zero out the data behind us */ - bzero(copystr, len); - bzero(&md4_context, sizeof(md4_context)); + memset (copystr, 0, len); + memset(&md4_context, 0, sizeof(md4_context)); return 0; }