From 497fcd1e8a540e8bc7ab32c8013cb2fdcb771da5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 22 Apr 2004 22:13:00 +0000
Subject: [PATCH] (DES3_random_to_key): make it produce the right result
 (DES3_postproc): use DES3_random_to_key (krb5_random_to_key): check the
 required number of bits (not the size of the key)

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13748 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/crypto.c | 48 +++++++++++++++++------------------------------
 1 file changed, 17 insertions(+), 31 deletions(-)

diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c
index 496f0caf5..16bea70ad 100644
--- a/lib/krb5/crypto.c
+++ b/lib/krb5/crypto.c
@@ -486,16 +486,25 @@ DES3_random_to_key(krb5_context context,
 		   const void *data,
 		   size_t size)
 {
-    u_char *p = key->keyvalue.data;
+    unsigned char *x = key->keyvalue.data;
     const u_char *q = data;
     DES_cblock *k;
     int i, j;
 
-    p[7] = p[15] = p[23] = 0;
-    for (j = 0, i = 0; i < 21; i++) {
-	j = i / 7;
-	p[j + i] = q[i] & 0x7f;
-	p[(j * 8) + 7] = (p[(j * 8) + 7] << 1) | (q[i] >> 7);
+    memset(x, 0, sizeof(x));
+    for (i = 0; i < 3; ++i) {
+	unsigned char foo;
+	for (j = 0; j < 7; ++j) {
+	    unsigned char b = q[7 * i + j];
+
+	    x[8 * i + j] = b;
+	}
+	foo = 0;
+	for (j = 6; j >= 0; --j) {
+	    foo |= q[7 * i + j] & 1;
+	    foo <<= 1;
+	}
+	x[8 * i + 7] = foo;
     }
     k = key->keyvalue.data;
     for (i = 0; i < 3; i++) {
@@ -3489,35 +3498,12 @@ static void
 DES3_postproc(krb5_context context,
 	      unsigned char *k, size_t len, struct key_data *key)
 {
-    unsigned char x[24];
-    int i, j;
+    DES3_random_to_key(context, key->key, k, len);
 
-    memset(x, 0, sizeof(x));
-    for (i = 0; i < 3; ++i) {
-	unsigned char foo;
-
-	for (j = 0; j < 7; ++j) {
-	    unsigned char b = k[7 * i + j];
-
-	    x[8 * i + j] = b;
-	}
-	foo = 0;
-	for (j = 6; j >= 0; --j) {
-	    foo |= k[7 * i + j] & 1;
-	    foo <<= 1;
-	}
-	x[8 * i + 7] = foo;
-    }
-    k = key->key->keyvalue.data;
-    memcpy(k, x, 24);
-    memset(x, 0, sizeof(x));
     if (key->schedule) {
 	krb5_free_data(context, key->schedule);
 	key->schedule = NULL;
     }
-    DES_set_odd_parity((DES_cblock*)k);
-    DES_set_odd_parity((DES_cblock*)(k + 8));
-    DES_set_odd_parity((DES_cblock*)(k + 16));
 }
 
 static krb5_error_code
@@ -3923,7 +3909,7 @@ krb5_random_to_key(krb5_context context,
 			      type);
 	return KRB5_PROG_ETYPE_NOSUPP;
     }
-    if (et->keytype->size > size) {
+    if ((et->keytype->bits + 7) / 8 > size) {
 	krb5_set_error_string(context, "encryption key %s needs %d bytes "
 			      "of random to make an encryption key out of it",
 			      et->name, et->keytype->size);