From 5f0f1d3160f729a0876e6c24a32aa448089fd461 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 18 Feb 2011 15:06:57 +0000 Subject: [PATCH] Fix a conceptual bug in r24639: the intermediate key container length should be the hash's output size, not its block size. (The bug did not show up in testing because it is harmless in practice; MD5 has a larger block size than output size.) ticket: 6869 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24641 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/krb/checksum/hmac_md5.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/crypto/krb/checksum/hmac_md5.c b/src/lib/crypto/krb/checksum/hmac_md5.c index f0ec60479..784b746f5 100644 --- a/src/lib/crypto/krb/checksum/hmac_md5.c +++ b/src/lib/crypto/krb/checksum/hmac_md5.c @@ -52,7 +52,7 @@ krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp, return KRB5_BAD_ENCTYPE; if (ctp->ctype == CKSUMTYPE_HMAC_MD5_ARCFOUR) { /* Compute HMAC(key, "signaturekey\0") to get the signing key ks. */ - ret = alloc_data(&ds, ctp->hash->blocksize); + ret = alloc_data(&ds, ctp->hash->hashsize); if (ret != 0) goto cleanup; -- 2.26.2