oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix krb5's gss_pseudo_random() (n is big-endian)

Browse Source 
The first enctype RFC3961 prf output length's bytes are correct because
the little- and big-endian representations of unsigned zero are the
same.  The second block of output was wrong because the counter was not
being encoded as big-endian.

This change could break applications.  But those applications would not
have been interoperating with other implementations anyways (in
particular: MIT's).
This commit is contained in:
Nicolas Williams
2013-10-30 14:26:15 -05:00
parent 71fcd51659
commit 7d45909537
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/gssapi/krb5/prf.c
View File

@@ -119,7 +119,7 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
while(dol > 0) {
size_t tsize;
_gsskrb5_encode_om_uint32(num, input.data);
_gsskrb5_encode_be_om_uint32(num, input.data);
ret = krb5_crypto_prf(context, crypto, &input, &output);
if (ret) {
@@ -133,7 +133,7 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
tsize = min(dol, output.length);
memcpy(p, output.data, tsize);
p += output.length;
p += tsize;
dol -= tsize;
krb5_data_free(&output);
num++;