diff options
author | Luke Howard <lukeh@padl.com> | 2009-10-19 20:02:18 +0000 |
---|---|---|
committer | Luke Howard <lukeh@padl.com> | 2009-10-19 20:02:18 +0000 |
commit | df9c31a7876329cef57d15e375ae3a871f0c712c (patch) | |
tree | 58b316f954dfd33ee81d148b15e08b9a7efa9dba /src | |
parent | 78f2c6c0bee2e0c3c3968faf4fd99e1764de4952 (diff) | |
download | krb5-df9c31a7876329cef57d15e375ae3a871f0c712c.zip krb5-df9c31a7876329cef57d15e375ae3a871f0c712c.tar.gz krb5-df9c31a7876329cef57d15e375ae3a871f0c712c.tar.bz2 |
init_state needs to return a deterministic value, it seems
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/aes-ccm@22943 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/crypto/builtin/enc_provider/aes_ctr.c | 8 | ||||
-rw-r--r-- | src/lib/crypto/krb/dk/dk_ccm.c | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/src/lib/crypto/builtin/enc_provider/aes_ctr.c b/src/lib/crypto/builtin/enc_provider/aes_ctr.c index 4645bbd..3dedc24 100644 --- a/src/lib/crypto/builtin/enc_provider/aes_ctr.c +++ b/src/lib/crypto/builtin/enc_provider/aes_ctr.c @@ -272,13 +272,14 @@ krb5int_aes_init_state_ctr (const krb5_keyblock *key, krb5_keyusage usage, assert(n >= 7 && n <= 13); state->length = 16; - state->data = malloc(state->length); - if (state->data == NULL) - return ENOMEM; + state->data = k5alloc(state->length, &code); + if (code != 0) + return code; q = 15 - n; state->data[0] = q - 1; +#if 0 nonce.data = &state->data[1]; nonce.length = n; @@ -290,6 +291,7 @@ krb5int_aes_init_state_ctr (const krb5_keyblock *key, krb5_keyusage usage, } memset(&state->data[1 + n], 0, q); +#endif return 0; } diff --git a/src/lib/crypto/krb/dk/dk_ccm.c b/src/lib/crypto/krb/dk/dk_ccm.c index 37d9313..a9be2aa 100644 --- a/src/lib/crypto/krb/dk/dk_ccm.c +++ b/src/lib/crypto/krb/dk/dk_ccm.c @@ -303,7 +303,7 @@ krb5int_ccm_encrypt_iov(const struct krb5_aead_provider *aead, if (ivec != NULL) { if (ivec->length != 16 || ivec->data[0] & ~(CCM_FLAG_MASK_Q) || - 15 - (unsigned)ivec->data[0] != header_len) { + 14 - (unsigned)ivec->data[0] != header_len) { ret = KRB5_BAD_MSIZE; goto cleanup; } |