From: Ken Raeburn Date: Thu, 10 May 2007 03:58:07 +0000 (+0000) Subject: Rewrite weak key check to use a small custom struct instead of wedging X-Git-Tag: krb5-1.7-alpha1~1111 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=307b319c410581ad98a1d3d0034338240256fefa;p=krb5.git Rewrite weak key check to use a small custom struct instead of wedging data into krb5_data, and use the array size rather than a sentinel for loop control. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19547 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/enc_provider/rc4.c b/src/lib/crypto/enc_provider/rc4.c index 5a4c8c0bb..a88ad7937 100644 --- a/src/lib/crypto/enc_provider/rc4.c +++ b/src/lib/crypto/enc_provider/rc4.c @@ -35,12 +35,12 @@ k5_arcfour_make_key(const krb5_data *, krb5_keyblock *); static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd}; static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc}; -static const krb5_data arcfour_weakkeys[] = { - {KV5M_DATA, sizeof (arcfour_weakkey1), - (char * ) arcfour_weakkey1}, - {KV5M_DATA, sizeof (arcfour_weakkey2), - (char * ) arcfour_weakkey2}, - {KV5M_DATA, 0, 0} +static const struct { + size_t length; + const unsigned char *data; +} arcfour_weakkeys[] = { + { sizeof (arcfour_weakkey1), arcfour_weakkey1}, + { sizeof (arcfour_weakkey2), arcfour_weakkey2}, }; static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx) @@ -84,10 +84,12 @@ k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key, if (key_len != 16) return KRB5_BAD_MSIZE; /*this is probably not the correct error code to return */ - for(counter=0;arcfour_weakkeys[counter].length >0; counter++) - if (memcmp(key, arcfour_weakkeys[counter].data, - arcfour_weakkeys[counter].length) == 0) - return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ + for (counter=0; + counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]); + counter++) + if (!memcmp(key, arcfour_weakkeys[counter].data, + arcfour_weakkeys[counter].length)) + return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ state = &ctx->state[0]; ctx->x = 0;