diff options
author | Sam Hartman <hartmans@mit.edu> | 2008-12-01 16:42:13 +0000 |
---|---|---|
committer | Sam Hartman <hartmans@mit.edu> | 2008-12-01 16:42:13 +0000 |
commit | 5ff2db3b6cfa52dc5f8776d0c2a7aaebee18ef68 (patch) | |
tree | a0dca63f3cad26a8077ed025fcae5190566f8547 | |
parent | 92da1c27b741036fbd9677fe9cc72e57e6a2f339 (diff) | |
download | krb5-5ff2db3b6cfa52dc5f8776d0c2a7aaebee18ef68.zip krb5-5ff2db3b6cfa52dc5f8776d0c2a7aaebee18ef68.tar.gz krb5-5ff2db3b6cfa52dc5f8776d0c2a7aaebee18ef68.tar.bz2 |
Validate input lengths correctly for CTS ciphers
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mskrb-integ-crypto-iov@21221 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r-- | src/lib/crypto/dk/dk_aead.c | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/src/lib/crypto/dk/dk_aead.c b/src/lib/crypto/dk/dk_aead.c index c042f66..b319570 100644 --- a/src/lib/crypto/dk/dk_aead.c +++ b/src/lib/crypto/dk/dk_aead.c @@ -99,11 +99,14 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, plainlen += iov->data.length; } - /* Check that the input data is correctly padded */ - - if (blocksize != 0 && - plainlen % blocksize != 0) { - return KRB5_BAD_MSIZE; + if (blocksize == 0) { + /* Check for correct input length in CTS mode */ + if (enc->block_size != 0 && plainlen < enc->block_size) + return KRB5_BAD_MSIZE; + } else { + /* Check that the input data is correctly padded */ + if (plainlen % blocksize != 0) + return KRB5_BAD_MSIZE; } /* Validate header and trailer lengths. */ @@ -218,7 +221,7 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, krb5_keyblock ke, ki; size_t i; size_t blocksize = 0; /* careful, this is enc block size not confounder len */ - size_t plainlen = 0; + size_t cipherlen = 0; size_t hmacsize = 0; unsigned char *cksum = NULL; @@ -240,14 +243,17 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, if (iov->flags == KRB5_CRYPTO_TYPE_DATA || iov->flags == KRB5_CRYPTO_TYPE_PADDING) - plainlen += iov->data.length; + cipherlen += iov->data.length; } - /* Check that the input data is correctly padded */ - - if (blocksize != 0 && - plainlen % blocksize != 0) { - return KRB5_BAD_MSIZE; + if (blocksize == 0) { + /* Check for correct input length in CTS mode */ + if (enc->block_size != 0 && cipherlen < enc->block_size) + return KRB5_BAD_MSIZE; + } else { + /* Check that the input data is correctly padded */ + if (cipherlen % blocksize != 0) + return KRB5_BAD_MSIZE; } /* Validate header and trailer lengths */ |