Use the hash provider interface in krb5int_arcfour_string_to_key so

that we don't need a direct interface to MD4 in the crypto modules.
Also clean up the code a bit.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24672 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/krb/arcfour/Makefile.in b/src/lib/crypto/krb/arcfour/Makefile.in
index 93af66273ce0226d29b4de99298b0b190c77857b..589431d221eaae441209eff209c05514e6c78e91 100644 (file)
--- a/src/lib/crypto/krb/arcfour/Makefile.in
+++ b/src/lib/crypto/krb/arcfour/Makefile.in
@@ -1,7 +1,7 @@
 mydir=lib$(S)crypto$(S)krb$(S)arcfour
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../$(CRYPTO_IMPL) \
-       -I$(srcdir)/../../$(CRYPTO_IMPL)/md4
+       -I$(srcdir)/../../$(CRYPTO_IMPL)/hash_provider
 DEFS=
 
 ##DOS##BUILDTOP = ..\..\..\..

diff --git a/src/lib/crypto/krb/arcfour/arcfour_s2k.c b/src/lib/crypto/krb/arcfour/arcfour_s2k.c
index b77738ebb227dff3550152b3f169db64a5c1da25..5dc75332b2463c2021b84d65700ea1f481d08d4f 100644 (file)
--- a/src/lib/crypto/krb/arcfour/arcfour_s2k.c
+++ b/src/lib/crypto/krb/arcfour/arcfour_s2k.c
@@ -1,12 +1,8 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 #include "k5-int.h"
 #include "k5-utf8.h"
-#include "rsa-md4.h"
-#include "arcfour-int.h"
-
-#if TARGET_OS_MAC && !defined(DEPEND)
-#include <CoreFoundation/CFString.h>
-#endif
+#include "hash_provider.h"
+#include "arcfour.h"
 
 krb5_error_code
 krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
@@ -14,7 +10,8 @@ krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
                               const krb5_data *params, krb5_keyblock *key)
 {
     krb5_error_code err = 0;
-    krb5_MD4_CTX md4_context;
+    krb5_crypto_iov iov;
+    krb5_data hash_out;
     unsigned char *copystr;
     size_t copystrlen;
 
@@ -24,37 +21,19 @@ krb5int_arcfour_string_to_key(const struct krb5_keytypes *ktp,
     if (key->length != 16)
         return (KRB5_BAD_MSIZE);
 
-    /* We ignore salt per the Microsoft spec*/
-
-    /* compute the space needed for the new string.
-       Since the password must be stored in unicode, we need to increase
-       that number by 2x.
-    */
-
-    err = krb5int_utf8cs_to_ucs2les(string->data, string->length, &copystr, &copystrlen);
+    /* We ignore salt per the Microsoft spec. */
+    err = krb5int_utf8cs_to_ucs2les(string->data, string->length, &copystr,
+                                    &copystrlen);
     if (err)
         return err;
 
     /* the actual MD4 hash of the data */
-    krb5int_MD4Init(&md4_context);
-    krb5int_MD4Update(&md4_context, copystr, copystrlen);
-    krb5int_MD4Final(&md4_context);
-    memcpy(key->contents, md4_context.digest, 16);
-
-#if 0
-    /* test the string_to_key function */
-    printf("Hash=");
-    {
-        int counter;
-        for(counter=0;counter<16;counter++)
-            printf("%02x", md4_context.digest[counter]);
-        printf("\n");
-    }
-#endif /* 0 */
+    iov.flags = KRB5_CRYPTO_TYPE_DATA;
+    iov.data = make_data(copystr, copystrlen);
+    hash_out = make_data(key->contents, key->length);
+    err = krb5int_hash_md4.hash(&iov, 1, &hash_out);
 
     /* Zero out the data behind us */
-    memset(copystr, 0, copystrlen);
-    memset(&md4_context, 0, sizeof(md4_context));
-    free(copystr);
+    zapfree(copystr, copystrlen);
     return err;
 }