diff options
| author | Luke Howard <lukeh@padl.com> | 2010-05-14 17:15:37 +0000 |
|---|---|---|
| committer | Luke Howard <lukeh@padl.com> | 2010-05-14 17:15:37 +0000 |
| commit | 1dd837a7f9483944311a92d16b121743b12b89b3 (patch) | |
| tree | bb3d02c1e6d3c39ab6ada4e1356fda8637ecb33c | |
| parent | 2a007367dd054a77e24e334326a0ceac523e6bd8 (diff) | |
| download | krb5-1dd837a7f9483944311a92d16b121743b12b89b3.zip krb5-1dd837a7f9483944311a92d16b121743b12b89b3.tar.gz krb5-1dd837a7f9483944311a92d16b121743b12b89b3.tar.bz2 | |
when chaining, use a fresh nonce for each invocation
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/camellia-ccm@24037 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/crypto/krb/dk/dk_ccm.c | 47 |
1 files changed, 4 insertions, 43 deletions
diff --git a/src/lib/crypto/krb/dk/dk_ccm.c b/src/lib/crypto/krb/dk/dk_ccm.c index 15c198a..6f6f675 100644 --- a/src/lib/crypto/krb/dk/dk_ccm.c +++ b/src/lib/crypto/krb/dk/dk_ccm.c @@ -224,49 +224,9 @@ valid_cipher_state_p(const krb5_data *state, unsigned int n) } /* - * Returns TRUE if the cipher state is in its initial state. + * Format initial counter block. Counter may be chained + * across invocations. */ -static krb5_boolean -initial_cipher_state_p(const krb5_data *state) -{ - unsigned int i, n; - - if (state == NULL) - return TRUE; - - n = 14 - (unsigned)state->data[0]; - - for (i = 1; i < n; i++) { - if (state->data[i] != 0) - return FALSE; - } - - return TRUE; -} - -static krb5_error_code -init_cipher_state(krb5_data *counter, - krb5_data *nonce, - const krb5_data *state, - unsigned int n) -{ - krb5_error_code ret; - - assert(nonce->length == n); - - if (!valid_cipher_state_p(state, n)) - return KRB5_BAD_MSIZE; - - if (initial_cipher_state_p(state)) { - ret = krb5_c_random_make_octets(NULL, nonce); - if (ret != 0) - return ret; - } else - memcpy(nonce->data, &state->data[1], n); - - return 0; -} - static krb5_error_code format_Ctr0(krb5_data *counter, const krb5_data *nonce, @@ -346,7 +306,8 @@ krb5int_ccm_encrypt(const struct krb5_keytypes *ktp, header->data.length = header_len; - ret = init_cipher_state(&counter, &header->data, state, header_len); + /* Initialize nonce */ + ret = krb5_c_random_make_octets(NULL, &header->data); if (ret != 0) goto cleanup; |