oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(verify_checksum): call (*ct->checksum) directly, avoiding redundant

Browse Source 
lookups and memory leaks


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6271 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1999-05-21 12:46:38 +00:00
parent 641c286e2e
commit fa88e29d84
1 changed files with 24 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
lib/krb5/crypto.c
View File

@@ -1127,21 +1127,22 @@ get_checksum_key(krb5_context context,
struct key_data **key) struct key_data **key)
{ {
krb5_error_code ret = 0; krb5_error_code ret = 0;
if(ct->flags & F_DERIVED) if(ct->flags & F_DERIVED)
ret = _get_derived_key(context, crypto, usage, key); ret = _get_derived_key(context, crypto, usage, key);
else { else if(ct->flags & F_VARIANT) {
if(ct->flags & F_VARIANT) { int i;
int i;
*key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */); *key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */);
if(*key == NULL) if(*key == NULL)
return ENOMEM; return ENOMEM;
ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key); ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key);
if(ret) if(ret)
return ret; return ret;
for(i = 0; i < (*key)->key->keyvalue.length; i++) for(i = 0; i < (*key)->key->keyvalue.length; i++)
((unsigned char*)(*key)->key->keyvalue.data)[i] ^= 0xF0; ((unsigned char*)(*key)->key->keyvalue.data)[i] ^= 0xF0;
} else } else {
*key = &crypto->key; *key = &crypto->key;
} }
if(ret == 0) if(ret == 0)
ret = _key_schedule(context, *key); ret = _key_schedule(context, *key);
@@ -1238,16 +1239,18 @@ verify_checksum(krb5_context context,
if(ct->verify) if(ct->verify)
return (*ct->verify)(context, dkey, data, len, cksum); return (*ct->verify)(context, dkey, data, len, cksum);
ret = do_checksum(context, ct, crypto, usage, data, len, &c); ret = krb5_data_alloc (&c.checksum, ct->checksumsize);
if(ret) if (ret)
return ret; return ret;
(*ct->checksum)(context, dkey, data, len, &c);
if(c.checksum.length != cksum->checksum.length || if(c.checksum.length != cksum->checksum.length ||
memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length))
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
else else
ret = 0; ret = 0;
free_Checksum(&c); krb5_data_free (&c.checksum);
return ret; return ret;
} }
@@ -1926,7 +1929,8 @@ krb5_generate_random_block(void *buf, size_t len)
/* XXX should be moved someplace else */ /* XXX should be moved someplace else */
static void static void
DES3_postproc(unsigned char *k, size_t len, struct key_data *key) DES3_postproc(krb5_context context,
unsigned char *k, size_t len, struct key_data *key)
{ {
unsigned char x[24]; unsigned char x[24];
int ki = 0, xi = 0, kb = 8, xb = 8; int ki = 0, xi = 0, kb = 8, xb = 8;
@@ -1956,8 +1960,7 @@ DES3_postproc(unsigned char *k, size_t len, struct key_data *key)
k = key->key->keyvalue.data; k = key->key->keyvalue.data;
memcpy(k, x, 24); memcpy(k, x, 24);
memset(x, 0, sizeof(x)); memset(x, 0, sizeof(x));
krb5_data_free(key->schedule); krb5_free_data(context, key->schedule);
free(key->schedule);
key->schedule = NULL; key->schedule = NULL;
des_set_odd_parity((des_cblock*)k); des_set_odd_parity((des_cblock*)k);
des_set_odd_parity((des_cblock*)(k + 8)); des_set_odd_parity((des_cblock*)(k + 8));
@@ -2009,7 +2012,7 @@ derive_key(krb5_context context,
/* XXX keytype dependent post-processing */ /* XXX keytype dependent post-processing */
switch(kt->type) { switch(kt->type) {
case KEYTYPE_DES3: case KEYTYPE_DES3:
DES3_postproc(k, nblocks * et->blocksize, key); DES3_postproc(context, k, nblocks * et->blocksize, key);
break; break;
default: default:
krb5_warnx(context, "derive_key() called with unknown keytype (%u)", krb5_warnx(context, "derive_key() called with unknown keytype (%u)",