Fix ivec chaining for DES iov encryption

krb5int_des_cbc_decrypt_iov was using a plaintext block to update the ivec. Fix it to use the last cipher block, borrowing from the corresponding des3 function. The impact of this bug is not serious since ivec chaining is not typically used with IOV encryption in 1.7. ticket: 6588 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23389 dc483132-0cff-0310-8789-dd5450dbe970
author: Greg Hudson <ghudson@mit.edu> 2009-11-30 19:03:58 +0000
committer: Greg Hudson <ghudson@mit.edu> 2009-11-30 19:03:58 +0000
commit: 59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6 (patch)
tree: d39041b9e440872ced62ae821809bdc31ff16ae3 /src
parent: 2b02e102d3c4e3bb54c936d301371d6b3d88cb52 (diff)
download: krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.zip
krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.tar.gz
krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.tar.bz2
1 files changed, 5 insertions, 2 deletions
diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c
index 8e700cd..1f4d94a 100644
--- a/src/lib/crypto/builtin/des/f_aead.c
+++ b/src/lib/crypto/builtin/des/f_aead.c
@@ -188,6 +188,9 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
         krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
     }
 
-    if (ivec != NULL)
-        memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
+    if (ivec != NULL) {
+        op = ivec;
+        PUT_HALF_BLOCK(ocipherl, op);
+        PUT_HALF_BLOCK(ocipherr, op);
+    }
 }
author	Greg Hudson <ghudson@mit.edu>	2009-11-30 19:03:58 +0000
committer	Greg Hudson <ghudson@mit.edu>	2009-11-30 19:03:58 +0000
commit	59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6 (patch)
tree	d39041b9e440872ced62ae821809bdc31ff16ae3 /src
parent	2b02e102d3c4e3bb54c936d301371d6b3d88cb52 (diff)
download	krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.zip krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.tar.gz krb5-59eb61c9e01f0f6627cf2e58f40b2c7bc939adc6.tar.bz2