[1219] in Kerberos_V5_Development
Re: Can I get some help tracking down md4 lossage?
daemon@ATHENA.MIT.EDU (Ezra Peisach)
Tue May 21 19:36:49 1996
To: Sam Hartman <hartmans@MIT.EDU>
Cc: krbdev@MIT.EDU
In-Reply-To: Your message of "Tue, 21 May 1996 13:47:49 EDT."
<199605211747.NAA20625@tertius.mit.edu>
Date: Tue, 21 May 1996 19:36:40 EDT
From: Ezra Peisach <epeisach@MIT.EDU>
I have tracked down the failure - and the patch below seems to fix the
problem. I found this problem with a few printf's and comparing the md4
and the md5 code.... They are amazingly similar - except for the change
below. Note: I do not have the time to carefully follow the code in this
verify function - so someone who is familiar with the code should
definitely audit the patch....
cvs diff: Diffing .
Index: md4crypto.c
===================================================================
RCS file: /mit/krb5/.cvsroot/src/lib/crypto/md4/md4crypto.c,v
retrieving revision 5.29
diff -c -r5.29 md4crypto.c
*** md4crypto.c 1996/05/20 21:18:37 5.29
--- md4crypto.c 1996/05/21 23:29:00
***************
*** 309,315 ****
/* Compare the checksums */
if (memcmp((char *) &outtmp[RSA_MD4_DES_CONFOUND_LENGTH],
(char *) &working.digest[0],
! NEW_RSA_MD4_DES_CKSUM_LENGTH))
retval = KRB5KRB_AP_ERR_BAD_INTEGRITY;
}
else
--- 309,315 ----
/* Compare the checksums */
if (memcmp((char *) &outtmp[RSA_MD4_DES_CONFOUND_LENGTH],
(char *) &working.digest[0],
! RSA_MD4_CKSUM_LENGTH))
retval = KRB5KRB_AP_ERR_BAD_INTEGRITY;
}
else
