Require the raw key have the correct size and do away with the

minsize. Minsize was a thing that originated from RC2, but since RC2 is done in the x509/cms subsystem now there is no need to keep that around. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20981 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 20:05:50 +00:00
parent b0a4e5a01b
commit bf02504f31
1 changed files with 1 additions and 9 deletions
--- a/lib/krb5/crypto.c
+++ b/lib/krb5/crypto.c
@@ -80,7 +80,6 @@ struct key_type {
    const char *name;
    size_t bits;
    size_t size;
-    size_t minsize;
    size_t schedule_size;
 #if 0
    krb5_enctype best_etype;
@@ -725,7 +724,6 @@ static struct key_type keytype_null = {
    0,
    0,
    0,
-    0,
    NULL,
    NULL,
    NULL
@@ -736,7 +734,6 @@ static struct key_type keytype_des = {
    "des",
    56,
    sizeof(DES_cblock),
-    sizeof(DES_cblock),
    sizeof(DES_key_schedule),
    krb5_DES_random_key,
    krb5_DES_schedule,
@@ -749,7 +746,6 @@ static struct key_type keytype_des3 = {
    "des3",
    168,
    3 * sizeof(DES_cblock), 
-    3 * sizeof(DES_cblock), 
    3 * sizeof(DES_key_schedule), 
    DES3_random_key,
    DES3_schedule,
@@ -762,7 +758,6 @@ static struct key_type keytype_des3_derived = {
    "des3",
    168,
    3 * sizeof(DES_cblock),
-    3 * sizeof(DES_cblock),
    3 * sizeof(DES_key_schedule), 
    DES3_random_key,
    DES3_schedule,
@@ -775,7 +770,6 @@ static struct key_type keytype_aes128 = {
    "aes-128",
    128,
    16,
-    16,
    sizeof(struct krb5_aes_schedule),
    NULL,
    AES_schedule,
@@ -787,7 +781,6 @@ static struct key_type keytype_aes256 = {
    "aes-256",
    256,
    32,
-    32,
    sizeof(struct krb5_aes_schedule),
    NULL,
    AES_schedule,
@@ -799,7 +792,6 @@ static struct key_type keytype_arcfour = {
    "arcfour",
    128,
    16,
-    16,
    sizeof(RC4_KEY),
    NULL,
    ARCFOUR_schedule,
@@ -3692,7 +3684,7 @@ krb5_crypto_init(krb5_context context,
 			       etype);
 	return KRB5_PROG_ETYPE_NOSUPP;
    }
-    if((*crypto)->et->keytype->minsize > key->keyvalue.length) {
+    if((*crypto)->et->keytype->size != key->keyvalue.length) {
 	free(*crypto);
 	*crypto = NULL;
 	krb5_set_error_string (context, "encryption key has bad length");