use our own des string-to-key function, since the one from openssl

sometimes generates wrong output git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10802 ec53bebd-3082-4978-b11e-865c3cabbd6b
2001-12-20 22:28:45 +00:00
parent 2edd648e6b
commit d71eccdf57
1 changed files with 35 additions and 5 deletions
--- a/lib/krb5/crypto.c
+++ b/lib/krb5/crypto.c
@@ -156,6 +156,37 @@ DES_schedule(krb5_context context,
    des_set_key(key->key->keyvalue.data, key->schedule->data);
 }

+static void
+DES_string_to_key_int(unsigned char *data, size_t length, des_cblock *key)
+{
+    des_key_schedule schedule;
+    int i;
+    int reverse = 0;
+    unsigned char *p;
+
+    unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe, 
+			     0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf };
+    memset(key, 0, 8);
+    
+    p = (unsigned char*)key;
+    for (i = 0; i < length; i++) {
+	unsigned char tmp = data[i];
+	if (!reverse)
+	    *p++ ^= (tmp << 1);
+	else
+	    *--p ^= (swap[tmp & 0xf] << 4) | swap[(tmp & 0xf0) >> 4];
+	if((i % 8) == 7)
+	    reverse = !reverse;
+    }
+    des_set_odd_parity(key);
+    if(des_is_weak_key(key))
+	(*key)[7] ^= 0xF0;
+    des_set_key(key, schedule);
+    des_cbc_cksum((void*)data, key, length, schedule, key);
+    memset(schedule, 0, sizeof(schedule));
+    des_set_odd_parity(key);
+}
+
 static krb5_error_code
 DES_string_to_key(krb5_context context,
 		  krb5_enctype enctype,
@@ -163,20 +194,19 @@ DES_string_to_key(krb5_context context,
 		  krb5_salt salt,
 		  krb5_keyblock *key)
 {
-    char *s;
+    unsigned char *s;
    size_t len;
    des_cblock tmp;

-    len = password.length + salt.saltvalue.length + 1;
+    len = password.length + salt.saltvalue.length;
    s = malloc(len);
-    if(s == NULL) {
+    if(len > 0 && s == NULL) {
 	krb5_set_error_string(context, "malloc: out of memory");
 	return ENOMEM;
    }
    memcpy(s, password.data, password.length);
    memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length);
-    s[len - 1] = '\0';
-    des_string_to_key(s, &tmp);
+    DES_string_to_key_int(s, len, &tmp);
    key->keytype = enctype;
    krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp));
    memset(&tmp, 0, sizeof(tmp));