diff options
author | Greg Hudson <ghudson@mit.edu> | 2009-11-30 19:03:58 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2009-11-30 19:03:58 +0000 |
commit | 59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6 (patch) | |
tree | d39041b9e440872ced62ae821809bdc31ff16ae3 /src | |
parent | 2b02e102d3c4e3bb54c936d301371d6b3d88cb52 (diff) | |
download | krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.zip krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.tar.gz krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.tar.bz2 |
Fix ivec chaining for DES iov encryption
krb5int_des_cbc_decrypt_iov was using a plaintext block to update the
ivec. Fix it to use the last cipher block, borrowing from the
corresponding des3 function. The impact of this bug is not serious
since ivec chaining is not typically used with IOV encryption in 1.7.
ticket: 6588
tags: pullup
target_version: 1.7.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23389 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/crypto/builtin/des/f_aead.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c index 8e700cd..1f4d94a 100644 --- a/src/lib/crypto/builtin/des/f_aead.c +++ b/src/lib/crypto/builtin/des/f_aead.c @@ -188,6 +188,9 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } - if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + if (ivec != NULL) { + op = ivec; + PUT_HALF_BLOCK(ocipherl, op); + PUT_HALF_BLOCK(ocipherr, op); + } } |