oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(verify_mic_des3): fix 3des verify_mic to conform to rfc (and mit

Browse Source 
kerberos), provide backward compat hook


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11624 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2003-01-27 14:12:15 +00:00
parent dc2b3cf973
commit 1be5e6bcc6
2 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/gssapi/krb5/verify_mic.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -141,6 +141,7 @@ verify_mic_des3
int cmp;
Checksum csum;
char *tmp;
char ivec[8];
p = token_buffer->value;
ret = gssapi_krb5_verify_header (&p,
@@ -167,11 +168,15 @@ verify_mic_des3
}
/* verify sequence number */
if (context_handle->more_flags & COMPAT_OLD_DES3)
memset(ivec, 0, 8);
else
memcpy(ivec, p + 8, 8);
ret = krb5_decrypt (gssapi_krb5_context,
crypto,
KRB5_KU_USAGE_SEQ,
p, 8, &seq_data);
ret = krb5_decrypt_ivec (gssapi_krb5_context,
crypto,
KRB5_KU_USAGE_SEQ,
p, 8, &seq_data, ivec);
if (ret) {
gssapi_krb5_set_error_string ();
krb5_crypto_destroy (gssapi_krb5_context, crypto);

15
lib/gssapi/verify_mic.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -141,6 +141,7 @@ verify_mic_des3
int cmp;
Checksum csum;
char *tmp;
char ivec[8];
p = token_buffer->value;
ret = gssapi_krb5_verify_header (&p,
@@ -167,11 +168,15 @@ verify_mic_des3
}
/* verify sequence number */
if (context_handle->more_flags & COMPAT_OLD_DES3)
memset(ivec, 0, 8);
else
memcpy(ivec, p + 8, 8);
ret = krb5_decrypt (gssapi_krb5_context,
crypto,
KRB5_KU_USAGE_SEQ,
p, 8, &seq_data);
ret = krb5_decrypt_ivec (gssapi_krb5_context,
crypto,
KRB5_KU_USAGE_SEQ,
p, 8, &seq_data, ivec);
if (ret) {
gssapi_krb5_set_error_string ();
krb5_crypto_destroy (gssapi_krb5_context, crypto);