From 970f88562bfb14e4ab74f358063517b3ca5d0cd2 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Thu, 25 Jan 2001 21:12:55 +0000 Subject: [PATCH] * t_afss2k.c: Extend test cases to cover situation where krb5_data refers to strings that are not nul-terminated. Reorder functions to avoid inlining, to keep debugging easier. * afsstring2key.c (mit_afs_string_to_key): Don't depend on nul-termination of input strings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12944 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/des/ChangeLog | 8 ++++++ src/lib/crypto/des/afsstring2key.c | 16 ++++++----- src/lib/crypto/des/t_afss2k.c | 43 +++++++++++++++++++++--------- 3 files changed, 49 insertions(+), 18 deletions(-) diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog index 09d884980..f01da3670 100644 --- a/src/lib/crypto/des/ChangeLog +++ b/src/lib/crypto/des/ChangeLog @@ -1,3 +1,11 @@ +2001-01-25 Ken Raeburn + + * t_afss2k.c: Extend test cases to cover situation where krb5_data + refers to strings that are not nul-terminated. Reorder functions + to avoid inlining, to keep debugging easier. + * afsstring2key.c (mit_afs_string_to_key): Don't depend on + nul-termination of input strings. + 2001-01-20 Ken Raeburn * afsstring2key.c (mit_afs_string_to_key): Allocate and pass diff --git a/src/lib/crypto/des/afsstring2key.c b/src/lib/crypto/des/afsstring2key.c index fa2275cf8..59417d5bf 100644 --- a/src/lib/crypto/des/afsstring2key.c +++ b/src/lib/crypto/des/afsstring2key.c @@ -63,6 +63,9 @@ static char *afs_crypt PROTOTYPE((char*,char*,char*)); +#undef min +#define min(a,b) ((a)>(b)?(b):(a)) + krb5_error_code mit_afs_string_to_key (keyblock, data, salt) krb5_keyblock FAR * keyblock; @@ -75,14 +78,15 @@ mit_afs_string_to_key (keyblock, data, salt) set up. */ char *realm = salt->data; - register unsigned int i; - register krb5_octet *key = keyblock->contents; + unsigned int i, j; + krb5_octet *key = keyblock->contents; if (data->length <= 8) { unsigned char password[9]; /* trailing nul for crypt() */ char afs_crypt_buf[16]; - strncpy(password, realm, 8); + memset (password, 0, sizeof (password)); + memcpy (password, realm, min (salt->length, 8)); for (i=0; i<8; i++) if (isupper(password[i])) password[i] = tolower(password[i]); @@ -102,15 +106,15 @@ mit_afs_string_to_key (keyblock, data, salt) } else { mit_des_cblock ikey, tkey; mit_des_key_schedule key_sked; - unsigned int pw_len = strlen(realm)+data->length; + unsigned int pw_len = salt->length+data->length; unsigned char *password = malloc(pw_len+1); if (!password) return ENOMEM; /* some bound checks from the original code are elided here as the malloc above makes sure we have enough storage. */ strcpy (password, data->data); - for (i=data->length; *realm; i++) { - password[i] = *realm++; + for (i=data->length, j = 0; j < salt->length; i++, j++) { + password[i] = realm[j]; if (isupper(password[i])) password[i] = tolower(password[i]); } diff --git a/src/lib/crypto/des/t_afss2k.c b/src/lib/crypto/des/t_afss2k.c index 8c967f996..ba59e1ac4 100644 --- a/src/lib/crypto/des/t_afss2k.c +++ b/src/lib/crypto/des/t_afss2k.c @@ -27,7 +27,24 @@ struct test_case test_cases[] = { } }, { - "NaCl", -1, + "NaCl", 4, + { + { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, + { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, + { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, + { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, + { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, + { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, + { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, + { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, + { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, + { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, + { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, + { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, + } + }, + { + "NaCl2", 4, { { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, @@ -45,6 +62,19 @@ struct test_case test_cases[] = { }, }; +static void do_it (struct test_case *tcase); + +int +main (int argc, char *argv[]) +{ + int i; + + me = argv[0]; + for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++) + do_it (&test_cases[i]); + return 0; +} + static void do_it (struct test_case *tcase) { @@ -80,14 +110,3 @@ do_it (struct test_case *tcase) abort (); } } - -int -main (int argc, char *argv[]) -{ - int i; - - me = argv[0]; - for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++) - do_it (&test_cases[i]); - return 0; -} -- 2.26.2