From 0e7da60c8f9ce2885d4a5bba0ab71f57b389f9aa Mon Sep 17 00:00:00 2001 From: Richard Basch Date: Sat, 2 Dec 1995 16:33:40 +0000 Subject: [PATCH] XOR the last byte of weak keys with 0xf0, according to spec git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7156 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/des/d3_str2ky.c | 4 ++-- src/lib/crypto/des/string2key.c | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/lib/crypto/des/d3_str2ky.c b/src/lib/crypto/des/d3_str2ky.c index 3e3e285bd..6acf21870 100644 --- a/src/lib/crypto/des/d3_str2ky.c +++ b/src/lib/crypto/des/d3_str2ky.c @@ -103,7 +103,7 @@ const krb5_data FAR * salt; for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) { mit_des_fixup_key_parity(key[j]); if (mit_des_is_weak_key(key[j])) - *((krb5_octet *)(key[j])) ^= 0xf0; + ((krb5_octet *)(key[j]))[7] ^= 0xf0; } /* Now, CBC encrypt with itself */ @@ -127,7 +127,7 @@ const krb5_data FAR * salt; for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) { mit_des_fixup_key_parity(key[j]); if (mit_des_is_weak_key(key[j])) - *((krb5_octet *)(key[j])) ^= 0xf0; + ((krb5_octet *)(key[j]))[7] ^= 0xf0; } return 0; diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c index e36ebcbc7..7c58b5083 100644 --- a/src/lib/crypto/des/string2key.c +++ b/src/lib/crypto/des/string2key.c @@ -144,6 +144,8 @@ const krb5_data FAR * salt; /* fix key parity */ mit_des_fixup_key_parity(key); + if (mit_des_is_weak_key(key)) + ((krb5_octet *)key)[7] ^= 0xf0; /* Now one-way encrypt it with the folded key */ (void) mit_des_key_sched(key, key_sked); @@ -157,6 +159,8 @@ const krb5_data FAR * salt; /* now fix up key parity again */ mit_des_fixup_key_parity(key); + if (mit_des_is_weak_key(key)) + ((krb5_octet *)key)[7] ^= 0xf0; #if 0 if (mit_des_debug) -- 2.26.2