From 307b319c410581ad98a1d3d0034338240256fefa Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Thu, 10 May 2007 03:58:07 +0000 Subject: [PATCH] Rewrite weak key check to use a small custom struct instead of wedging data into krb5_data, and use the array size rather than a sentinel for loop control. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19547 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/enc_provider/rc4.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/lib/crypto/enc_provider/rc4.c b/src/lib/crypto/enc_provider/rc4.c index 5a4c8c0bb..a88ad7937 100644 --- a/src/lib/crypto/enc_provider/rc4.c +++ b/src/lib/crypto/enc_provider/rc4.c @@ -35,12 +35,12 @@ k5_arcfour_make_key(const krb5_data *, krb5_keyblock *); static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd}; static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc}; -static const krb5_data arcfour_weakkeys[] = { - {KV5M_DATA, sizeof (arcfour_weakkey1), - (char * ) arcfour_weakkey1}, - {KV5M_DATA, sizeof (arcfour_weakkey2), - (char * ) arcfour_weakkey2}, - {KV5M_DATA, 0, 0} +static const struct { + size_t length; + const unsigned char *data; +} arcfour_weakkeys[] = { + { sizeof (arcfour_weakkey1), arcfour_weakkey1}, + { sizeof (arcfour_weakkey2), arcfour_weakkey2}, }; static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx) @@ -84,10 +84,12 @@ k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key, if (key_len != 16) return KRB5_BAD_MSIZE; /*this is probably not the correct error code to return */ - for(counter=0;arcfour_weakkeys[counter].length >0; counter++) - if (memcmp(key, arcfour_weakkeys[counter].data, - arcfour_weakkeys[counter].length) == 0) - return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ + for (counter=0; + counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]); + counter++) + if (!memcmp(key, arcfour_weakkeys[counter].data, + arcfour_weakkeys[counter].length)) + return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ state = &ctx->state[0]; ctx->x = 0; -- 2.26.2