diff options
| author | Sam Hartman <hartmans@mit.edu> | 2008-12-01 16:43:43 +0000 |
|---|---|---|
| committer | Sam Hartman <hartmans@mit.edu> | 2008-12-01 16:43:43 +0000 |
| commit | d9a0bd7c84f61dad49b3850432cb2426b991cf1b (patch) | |
| tree | c363d6ac33f060eb7be179e3c745662aafdae06d | |
| parent | 15ec9de8d7ba1f1929b7bb403d1c6810024eeccb (diff) | |
| download | krb5-d9a0bd7c84f61dad49b3850432cb2426b991cf1b.zip krb5-d9a0bd7c84f61dad49b3850432cb2426b991cf1b.tar.gz krb5-d9a0bd7c84f61dad49b3850432cb2426b991cf1b.tar.bz2 | |
Ensure padding is initialized on return from krb5_c_encrypt_iov()
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mskrb-integ-crypto-iov@21239 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/crypto/arcfour/arcfour_aead.c | 7 | ||||
| -rw-r--r-- | src/lib/crypto/dk/dk_aead.c | 27 |
2 files changed, 29 insertions, 5 deletions
diff --git a/src/lib/crypto/arcfour/arcfour_aead.c b/src/lib/crypto/arcfour/arcfour_aead.c index e9398f4..b506c49 100644 --- a/src/lib/crypto/arcfour/arcfour_aead.c +++ b/src/lib/crypto/arcfour/arcfour_aead.c @@ -96,6 +96,7 @@ krb5int_arcfour_encrypt_iov(const struct krb5_aead_provider *aead, krb5_keyusage ms_usage; char salt_data[14]; krb5_data salt; + size_t i; d1.length = d2.length = d3.length = 0; d1.data = d2.data = d3.data = NULL; @@ -117,6 +118,12 @@ krb5int_arcfour_encrypt_iov(const struct krb5_aead_provider *aead, if (trailer != NULL) trailer->data.length = 0; + /* Ensure that there is no padding */ + for (i = 0; i < num_data; i++) { + if (data[i].flags == KRB5_CRYPTO_TYPE_PADDING) + data[i].data.length = 0; + } + ret = alloc_derived_key(enc, &k1, &d1, key); if (ret != 0) goto cleanup; diff --git a/src/lib/crypto/dk/dk_aead.c b/src/lib/crypto/dk/dk_aead.c index 746b8c7..ba21d47 100644 --- a/src/lib/crypto/dk/dk_aead.c +++ b/src/lib/crypto/dk/dk_aead.c @@ -73,7 +73,7 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, krb5_crypto_iov *header, *trailer; krb5_keyblock ke, ki; size_t i; - size_t blocksize = 0; /* careful, this is enc block size not confounder len */ + size_t blocksize = 0; size_t plainlen = 0; size_t hmacsize = 0; unsigned char *cksum = NULL; @@ -92,10 +92,27 @@ krb5int_dk_encrypt_iov(const struct krb5_aead_provider *aead, return ret; for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_DATA_IOV(iov)) - plainlen += iov->data.length; + if (!ENCRYPT_DATA_IOV(iov)) /* DATA | PADDING */ + continue; + + if (iov->flags == KRB5_CRYPTO_TYPE_PADDING && i > 0) { + const krb5_crypto_iov *data_to_pad = &data[i - 1]; + size_t padlen = 0; + + if (blocksize != 0) { + padlen = blocksize - (data_to_pad->data.length % blocksize); + + if (iov->data.length < padlen) + return KRB5_BAD_MSIZE; + } + + memset(iov->data.data, 0, padlen); + iov->data.length = padlen; + } + + plainlen += iov->data.length; } if (blocksize == 0) { @@ -250,7 +267,7 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, return KRB5_BAD_MSIZE; } else { /* Check that the input data is correctly padded */ - if (cipherlen % blocksize != 0) + if ((cipherlen % blocksize) != 0) return KRB5_BAD_MSIZE; } |