svn rev #24672: trunk/src/lib/crypto/krb/arcfour/

ghudson@MIT.EDU ghudson at MIT.EDU
Mon Feb 28 15:56:02 EST 2011 

http://src.mit.edu/fisheye/changelog/krb5/?cs=24672
Commit By: ghudson
Log Message:
Use the hash provider interface in krb5int_arcfour_string_to_key so
that we don't need a direct interface to MD4 in the crypto modules.
Also clean up the code a bit.



Changed Files:
U   trunk/src/lib/crypto/krb/arcfour/Makefile.in
U   trunk/src/lib/crypto/krb/arcfour/arcfour_s2k.c
Modified: trunk/src/lib/crypto/krb/arcfour/Makefile.in
===================================================================
--- trunk/src/lib/crypto/krb/arcfour/Makefile.in	2011-02-28 17:42:32 UTC (rev 24671)
+++ trunk/src/lib/crypto/krb/arcfour/Makefile.in	2011-02-28 20:56:02 UTC (rev 24672)
@@ -1,7 +1,7 @@
 mydir=lib$(S)crypto$(S)krb$(S)arcfour
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) \
-	-I$(srcdir)/../../$(CRYPTO_IMPL)/md4
+	-I$(srcdir)/../../$(CRYPTO_IMPL)/hash_provider
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..

Modified: trunk/src/lib/crypto/krb/arcfour/arcfour_s2k.c
===================================================================
--- trunk/src/lib/crypto/krb/arcfour/arcfour_s2k.c	2011-02-28 17:42:32 UTC (rev 24671)
+++ trunk/src/lib/crypto/krb/arcfour/arcfour_s2k.c	2011-02-28 20:56:02 UTC (rev 24672)
@@ -1,20 +1,17 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 #include "k5-int.h"
 #include "k5-utf8.h"
-#include "rsa-md4.h"
-#include "arcfour-int.h"
+#include "hash_provider.h"
+#include "arcfour.h"
 
-#if TARGET_OS_MAC && !defined(DEPEND)
-#include <CoreFoundation/CFString.h>
-#endif
-
 krb5_error_code
 krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
                               const krb5_data *string, const krb5_data *salt,
                               const krb5_data *params, krb5_keyblock *key)
 {
     krb5_error_code err = 0;
-    krb5_MD4_CTX md4_context;
+    krb5_crypto_iov iov;
+    krb5_data hash_out;
     unsigned char *copystr;
     size_t copystrlen;
 
@@ -24,37 +21,19 @@
     if (key->length != 16)
         return (KRB5_BAD_MSIZE);
 
-    /* We ignore salt per the Microsoft spec*/
-
-    /* compute the space needed for the new string.
-       Since the password must be stored in unicode, we need to increase
-       that number by 2x.
-    */
-
-    err = krb5int_utf8cs_to_ucs2les(string->data, string->length, &copystr, &copystrlen);
+    /* We ignore salt per the Microsoft spec. */
+    err = krb5int_utf8cs_to_ucs2les(string->data, string->length, &copystr,
+                                    &copystrlen);
     if (err)
         return err;
 
     /* the actual MD4 hash of the data */
-    krb5int_MD4Init(&md4_context);
-    krb5int_MD4Update(&md4_context, copystr, copystrlen);
-    krb5int_MD4Final(&md4_context);
-    memcpy(key->contents, md4_context.digest, 16);
+    iov.flags = KRB5_CRYPTO_TYPE_DATA;
+    iov.data = make_data(copystr, copystrlen);
+    hash_out = make_data(key->contents, key->length);
+    err = krb5int_hash_md4.hash(&iov, 1, &hash_out);
 
-#if 0
-    /* test the string_to_key function */
-    printf("Hash=");
-    {
-        int counter;
-        for(counter=0;counter<16;counter++)
-            printf("%02x", md4_context.digest[counter]);
-        printf("\n");
-    }
-#endif /* 0 */
-
     /* Zero out the data behind us */
-    memset(copystr, 0, copystrlen);
-    memset(&md4_context, 0, sizeof(md4_context));
-    free(copystr);
+    zapfree(copystr, copystrlen);
     return err;
 }

More information about the cvs-krb5 mailing list