From: Greg Hudson Date: Fri, 28 Oct 2011 15:45:03 +0000 (+0000) Subject: Fix intermediate key length in hmac-md5 checksum X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=94f2cc96913426fd7add452cdea423877c2dcf0a;p=krb5.git Fix intermediate key length in hmac-md5 checksum When using hmac-md5, the intermediate key length is the output of the hash function (128 bits), not the input key length. Relevant if the input key is not an RC4 key. ticket: 6994 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25418 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/krb/checksum_hmac_md5.c b/src/lib/crypto/krb/checksum_hmac_md5.c index 6c5f6175d..8145875ba 100644 --- a/src/lib/crypto/krb/checksum_hmac_md5.c +++ b/src/lib/crypto/krb/checksum_hmac_md5.c @@ -59,7 +59,7 @@ krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, ret = krb5int_hmac(ctp->hash, key, &iov, 1, &ds); if (ret) goto cleanup; - ks.length = key->keyblock.length; + ks.length = ds.length; ks.contents = (krb5_octet *) ds.data; keyblock = &ks; } else /* For md5-hmac, just use the key. */