From 247a699f0ea9c22c3c423afabb99c96d7d4131ef Mon Sep 17 00:00:00 2001
From: John Kohl <jtkohl@mit.edu>
Date: Tue, 13 Feb 1990 16:49:35 +0000
Subject: [PATCH] fix several major flaws, to make it work

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@356 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/kdb/decrypt_key.c | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/lib/kdb/decrypt_key.c b/src/lib/kdb/decrypt_key.c
index 50b963153..80f10c99f 100644
--- a/src/lib/kdb/decrypt_key.c
+++ b/src/lib/kdb/decrypt_key.c
@@ -36,34 +36,40 @@ krb5_keyblock *out;
 {
     krb5_error_code retval;
 
-    *out = *in;
-    out->length = krb5_encrypt_size(in->length, eblock->crypto_entry);
+    /* the encrypted version is stored as the unencrypted key length
+       (in host byte order), followed by the encrypted key.
+     */
+    out->keytype = in->keytype;
+    out->length = krb5_encrypt_size(in->length-sizeof(in->length),
+				    eblock->crypto_entry);
     out->contents = (krb5_octet *)malloc(out->length);
     if (!out->contents) {
 	out->contents = 0;
 	out->length = 0;
 	return ENOMEM;
     }
+    /* copy out the real length count */
+    bcopy((char *)in->contents, (char *)&out->length,
+	  sizeof(out->length));
+
+    /* remember the contents of the encrypted version has a sizeof(in->length)
+       integer length of the real embedded key, followed by the
+       encrypted key, so the offset here is needed */
     if (retval = (*eblock->crypto_entry->
-		  decrypt_func)((krb5_pointer) in->contents,
+		  decrypt_func)((krb5_pointer) (((char *) in->contents) +
+						sizeof(in->length)),
 				(krb5_pointer) out->contents,
-				in->length, eblock)) {
+				in->length-sizeof(in->length), eblock)) {
 	free((char *)out->contents);
 	out->contents = 0;
 	out->length = 0;
 	return retval;
     }
-    out->length -= sizeof(out->length);
     if (out->length < 0) {
 	free((char *)out->contents);
 	out->contents = 0;
 	out->length = 0;
 	return KRB5_KDB_INVALIDKEYSIZE;
     }
-    /* shift key down to beginning of contents, and ignore extra wasted
-       space */
-    bcopy((char *)out->contents,
-	  ((char *) out->contents ) + sizeof(out->length),
-	  out->length);
     return retval;
 }
-- 
2.26.2