From 4e97fec15df8fe5f95431f6bce52d4ab812e5f46 Mon Sep 17 00:00:00 2001
From: lhoward <lhoward@dc483132-0cff-0310-8789-dd5450dbe970>
Date: Mon, 29 Dec 2008 22:33:27 +0000
Subject: [PATCH] Support init_state for CCM

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/aes-ccm@21633 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/crypto/dk/dk_ccm.c            | 16 +++++++++++---
 src/lib/crypto/enc_provider/aes_ctr.c | 31 ++++++++++++++++++++++++---
 2 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/src/lib/crypto/dk/dk_ccm.c b/src/lib/crypto/dk/dk_ccm.c
index d28b5fce60..41f60223ab 100644
--- a/src/lib/crypto/dk/dk_ccm.c
+++ b/src/lib/crypto/dk/dk_ccm.c
@@ -300,9 +300,19 @@ krb5int_ccm_encrypt_iov(const struct krb5_aead_provider *aead,
 
     header->data.length = header_len;
 
-    ret = krb5_c_random_make_octets(/* XXX */ NULL, &header->data);
-    if (ret != 0)
-	goto cleanup;
+    if (ivec != NULL) {
+	if (ivec->length != 16 ||
+	    ivec->data[0] & ~(CCM_FLAG_MASK_Q) ||
+	    15 - (unsigned)ivec->data[0] != header_len) {
+	    ret = KRB5_BAD_MSIZE;
+	    goto cleanup;
+	}
+	memcpy(header->data.data, &ivec->data[1], header_len);
+    } else {
+	ret = krb5_c_random_make_octets(/* XXX */ NULL, &header->data);
+	if (ret != 0)
+	    goto cleanup;
+    }
 
     sign_data = (krb5_crypto_iov *)calloc(num_data + 1, sizeof(krb5_crypto_iov));
     if (sign_data == NULL) {
diff --git a/src/lib/crypto/enc_provider/aes_ctr.c b/src/lib/crypto/enc_provider/aes_ctr.c
index e7bf0a7d6b..a6e36344f0 100644
--- a/src/lib/crypto/enc_provider/aes_ctr.c
+++ b/src/lib/crypto/enc_provider/aes_ctr.c
@@ -261,11 +261,36 @@ static krb5_error_code
 krb5int_aes_init_state_ctr (const krb5_keyblock *key, krb5_keyusage usage,
 			    krb5_data *state)
 {
-    state->length = BLOCK_SIZE;
-    state->data = calloc(1, state->length);
+    krb5_data nonce;
+    unsigned int n, q;
+    krb5_error_code code;
+
+    code = krb5_c_crypto_length(NULL, key->enctype, KRB5_CRYPTO_TYPE_HEADER, &n);
+    if (code != 0)
+	return code;
+
+    assert(n >= 7 && n <= 13);
+
+    state->length = 16;
+    state->data = malloc(state->length);
     if (state->data == NULL)
 	return ENOMEM;
-    state->data[0] = CCM_DEFAULT_COUNTER_LEN - 1;
+
+    q = 15 - n;
+    state->data[0] = q - 1;
+
+    nonce.data = &state->data[1];
+    nonce.length = n;
+
+    code = krb5_c_random_make_octets(NULL, &nonce);
+    if (code != 0) {
+	free(state->data);
+	state->data = NULL;
+	return code;
+    }
+
+    memset(&state->data[1 + n], 0, q);
+
     return 0;
 }