From 6c9935df9ab101e4276a99d1523e9fca69412424 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@mit.edu>
Date: Sat, 3 Jan 2009 21:43:18 +0000
Subject: On decrypt, the ivec should be chained from ciphertext not output

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mskrb-integ@21689 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/crypto/des/d3_aead.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/lib/crypto/des/d3_aead.c b/src/lib/crypto/des/d3_aead.c
index cfe2170..42ac395 100644
--- a/src/lib/crypto/des/d3_aead.c
+++ b/src/lib/crypto/des/d3_aead.c
@@ -199,6 +199,9 @@ krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
 	krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
     }
 
-    if (ivec != NULL)
-	memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
+    if (ivec != NULL) {
+	op = ivec;
+	PUT_HALF_BLOCK(ocipherl,op);
+	PUT_HALF_BLOCK(ocipherr, op);
+    }
 }
-- 
cgit v1.1