diff options
Diffstat (limited to 'source4/heimdal/lib/hcrypto/des.c')
| -rw-r--r-- | source4/heimdal/lib/hcrypto/des.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/source4/heimdal/lib/hcrypto/des.c b/source4/heimdal/lib/hcrypto/des.c index c9067d7bcc..43ff8a3f50 100644 --- a/source4/heimdal/lib/hcrypto/des.c +++ b/source4/heimdal/lib/hcrypto/des.c @@ -92,6 +92,8 @@ #include <krb5-types.h> #include <assert.h> +#include <roken.h> + #include "des.h" #include "ui.h" @@ -180,14 +182,13 @@ static DES_cblock weak_keys[] = { int DES_is_weak_key(DES_cblock *key) { + int weak = 0; int i; - /* Not constant time size if the key is weak, the app should not use it. */ - for (i = 0; i < sizeof(weak_keys)/sizeof(weak_keys[0]); i++) { - if (memcmp(weak_keys[i], key, DES_CBLOCK_LEN) == 0) - return 1; - } - return 0; + for (i = 0; i < sizeof(weak_keys)/sizeof(weak_keys[0]); i++) + weak ^= (ct_memcmp(weak_keys[i], key, DES_CBLOCK_LEN) == 0); + + return !!weak; } /** |