Permalink
Browse files

ticket: 6588

version_fixed: 1.7.1
status: resolved

pull up r23389 from trunk

 ------------------------------------------------------------------------
 r23389 | ghudson | 2009-11-30 14:03:58 -0500 (Mon, 30 Nov 2009) | 10 lines

 ticket: 6588
 subject: Fix ivec chaining for DES iov encryption
 tags: pullup
 target_version: 1.7.1

 krb5int_des_cbc_decrypt_iov was using a plaintext block to update the
 ivec.  Fix it to use the last cipher block, borrowing from the
 corresponding des3 function.  The impact of this bug is not serious
 since ivec chaining is not typically used with IOV encryption in 1.7.

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@23644 dc483132-0cff-0310-8789-dd5450dbe970
  • Loading branch information...
tlyu
tlyu committed Jan 12, 2010
1 parent 014d3ba commit 1543e25bd7524ca4373da70ae40917ec091dd485
Showing with 5 additions and 2 deletions.
  1. +5 −2 src/lib/crypto/des/f_aead.c
@@ -187,6 +187,9 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
}
if (ivec != NULL)
memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
if (ivec != NULL) {
op = ivec;
PUT_HALF_BLOCK(ocipherl, op);
PUT_HALF_BLOCK(ocipherr, op);
}
}

0 comments on commit 1543e25

Please sign in to comment.