svn rev #23644: branches/krb5-1-7/src/lib/crypto/des/
tlyu@MIT.EDU
tlyu at MIT.EDU
Mon Jan 11 23:15:35 EST 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=23644
Commit By: tlyu
Log Message:
ticket: 6588
version_fixed: 1.7.1
status: resolved
pull up r23389 from trunk
------------------------------------------------------------------------
r23389 | ghudson | 2009-11-30 14:03:58 -0500 (Mon, 30 Nov 2009) | 10 lines
ticket: 6588
subject: Fix ivec chaining for DES iov encryption
tags: pullup
target_version: 1.7.1
krb5int_des_cbc_decrypt_iov was using a plaintext block to update the
ivec. Fix it to use the last cipher block, borrowing from the
corresponding des3 function. The impact of this bug is not serious
since ivec chaining is not typically used with IOV encryption in 1.7.
Changed Files:
U branches/krb5-1-7/src/lib/crypto/des/f_aead.c
Modified: branches/krb5-1-7/src/lib/crypto/des/f_aead.c
===================================================================
--- branches/krb5-1-7/src/lib/crypto/des/f_aead.c 2010-01-12 04:15:30 UTC (rev 23643)
+++ branches/krb5-1-7/src/lib/crypto/des/f_aead.c 2010-01-12 04:15:35 UTC (rev 23644)
@@ -187,6 +187,9 @@
krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
}
- if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
+ if (ivec != NULL) {
+ op = ivec;
+ PUT_HALF_BLOCK(ocipherl, op);
+ PUT_HALF_BLOCK(ocipherr, op);
+ }
}
More information about the cvs-krb5
mailing list