From fda4d92b862b869a07c2b0122d25e23019c3b18c Mon Sep 17 00:00:00 2001
From: probe <probe@dc483132-0cff-0310-8789-dd5450dbe970>
Date: Sat, 2 Dec 1995 16:33:40 +0000
Subject: [PATCH] XOR the last byte of weak keys with 0xf0, according to spec.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7156 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/crypto/des/d3_str2ky.c  | 4 ++--
 src/lib/crypto/des/string2key.c | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/lib/crypto/des/d3_str2ky.c b/src/lib/crypto/des/d3_str2ky.c
index 3e3e285bda..6acf218700 100644
--- a/src/lib/crypto/des/d3_str2ky.c
+++ b/src/lib/crypto/des/d3_str2ky.c
@@ -103,7 +103,7 @@ const krb5_data FAR * salt;
     for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) {
 	mit_des_fixup_key_parity(key[j]);
 	if (mit_des_is_weak_key(key[j]))
-	    *((krb5_octet *)(key[j])) ^= 0xf0;
+	    ((krb5_octet *)(key[j]))[7] ^= 0xf0;
     }
 
     /* Now, CBC encrypt with itself */
@@ -127,7 +127,7 @@ const krb5_data FAR * salt;
     for (j = 0; j < keyblock->length/sizeof(mit_des_cblock); j++) {
 	mit_des_fixup_key_parity(key[j]);
 	if (mit_des_is_weak_key(key[j]))
-	    *((krb5_octet *)(key[j])) ^= 0xf0;
+	    ((krb5_octet *)(key[j]))[7] ^= 0xf0;
     }
 
     return 0;
diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c
index e36ebcbc7b..7c58b50833 100644
--- a/src/lib/crypto/des/string2key.c
+++ b/src/lib/crypto/des/string2key.c
@@ -144,6 +144,8 @@ const krb5_data FAR * salt;
 
     /* fix key parity */
     mit_des_fixup_key_parity(key);
+    if (mit_des_is_weak_key(key))
+	((krb5_octet *)key)[7] ^= 0xf0;
 
     /* Now one-way encrypt it with the folded key */
     (void) mit_des_key_sched(key, key_sked);
@@ -157,6 +159,8 @@ const krb5_data FAR * salt;
 
     /* now fix up key parity again */
     mit_des_fixup_key_parity(key);
+    if (mit_des_is_weak_key(key))
+	((krb5_octet *)key)[7] ^= 0xf0;
 
 #if 0
     if (mit_des_debug)