pullup from 1.2 branch

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12442 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 60 insertions, 8 deletions

diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog
index a9bdafe99c..1929ff6a1a 100644
--- a/src/lib/crypto/dk/ChangeLog
+++ b/src/lib/crypto/dk/ChangeLog
@@ -1,3 +1,17 @@
+2000-06-03  Tom Yu  <tlyu@mit.edu>
+
+	* dk_encrypt.c (krb5_dk_encrypt, krb5_marc_dk_encrypt): Chain
+	ivecs.
+	
+	* dk_decrypt.c (krb5_dk_decrypt, krb5_marc_dk_decrypt): Chain
+	ivecs.
+
+2000-04-28  Ken Raeburn  <raeburn@mit.edu>
+
+	* derive.c (krb5_derive_key): If memory allocation fails, release
+	other allocated blocks before returning, instead of trying to
+	release them after returning.
+
 2000-01-21  Ken Raeburn  <raeburn@mit.edu>
 
 	* checksum.c (krb5_dk_make_checksum): enc_providers are now
diff --git a/src/lib/crypto/dk/derive.c b/src/lib/crypto/dk/derive.c
index 8765605fbc..dbd4a2a2d8 100644
--- a/src/lib/crypto/dk/derive.c
+++ b/src/lib/crypto/dk/derive.c
@@ -51,14 +51,14 @@ krb5_derive_key(enc, inkey, outkey, in_constant)
 	return(ENOMEM);
 
     if ((outblockdata = (unsigned char *) malloc(blocksize)) == NULL) {
-	return(ENOMEM);
 	free(inblockdata);
+	return(ENOMEM);
     }
 
     if ((rawkey = (unsigned char *) malloc(keybytes)) == NULL) {
-	return(ENOMEM);
 	free(outblockdata);
 	free(inblockdata);
+	return(ENOMEM);
     }
 
     inblock.data = inblockdata;
diff --git a/src/lib/crypto/dk/dk_decrypt.c b/src/lib/crypto/dk/dk_decrypt.c
index d3077615f8..d6e7c0db30 100644
--- a/src/lib/crypto/dk/dk_decrypt.c
+++ b/src/lib/crypto/dk/dk_decrypt.c
@@ -41,7 +41,7 @@ krb5_dk_decrypt(enc, hash, key, usage, ivec, input, output)
 {
     krb5_error_code ret;
     size_t hashsize, blocksize, keybytes, keylength, enclen, plainlen;
-    unsigned char *plaindata, *kedata, *kidata, *cksum;
+    unsigned char *plaindata, *kedata, *kidata, *cksum, *cn;
     krb5_keyblock ke, ki;
     krb5_data d1, d2;
     unsigned char constantdata[K5CLENGTH];
@@ -108,6 +108,11 @@ krb5_dk_decrypt(enc, hash, key, usage, ivec, input, output)
     if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0)
 	goto cleanup;
 
+    if (ivec != NULL && ivec->length == blocksize)
+	cn = d1.data + d1.length - blocksize;
+    else
+	cn = NULL;
+
     /* verify the hash */
 
     d1.length = hashsize;
@@ -134,6 +139,9 @@ krb5_dk_decrypt(enc, hash, key, usage, ivec, input, output)
 
     memcpy(output->data, d2.data+blocksize, output->length);
 
+    if (cn != NULL)
+	memcpy(ivec->data, cn, blocksize);
+
     ret = 0;
 
 cleanup:
@@ -163,7 +171,7 @@ krb5_marc_dk_decrypt(enc, hash, key, usage, ivec, input, output)
 {
     krb5_error_code ret;
     size_t hashsize, blocksize, keybytes, keylength, enclen, plainlen;
-    unsigned char *plaindata, *kedata, *kidata, *cksum;
+    unsigned char *plaindata, *kedata, *kidata, *cksum, *cn;
     krb5_keyblock ke, ki;
     krb5_data d1, d2;
     unsigned char constantdata[K5CLENGTH];
@@ -230,6 +238,11 @@ krb5_marc_dk_decrypt(enc, hash, key, usage, ivec, input, output)
     if ((ret = ((*(enc->decrypt))(&ke, ivec, &d1, &d2))) != 0)
 	goto cleanup;
 
+    if (ivec != NULL && ivec->length == blocksize)
+	cn = d1.data + d1.length - blocksize;
+    else
+	cn = NULL;
+
     /* verify the hash */
 
     d1.length = hashsize;
@@ -264,6 +277,9 @@ krb5_marc_dk_decrypt(enc, hash, key, usage, ivec, input, output)
 
     memcpy(output->data, d2.data+4+blocksize, output->length);
 
+    if (cn != NULL)
+	memcpy(ivec->data, cn, blocksize);
+
     ret = 0;
 
 cleanup:
diff --git a/src/lib/crypto/dk/dk_encrypt.c b/src/lib/crypto/dk/dk_encrypt.c
index 8627353dbc..2bc2b6ba42 100644
--- a/src/lib/crypto/dk/dk_encrypt.c
+++ b/src/lib/crypto/dk/dk_encrypt.c
@@ -65,7 +65,7 @@ krb5_dk_encrypt(enc, hash, key, usage, ivec, input, output)
     krb5_error_code ret;
     unsigned char constantdata[K5CLENGTH];
     krb5_data d1, d2;
-    unsigned char *plaintext, *kedata, *kidata;
+    unsigned char *plaintext, *kedata, *kidata, *cn;
     krb5_keyblock ke, ki;
 
     /* allocate and set up plaintext and to-be-derived keys */
@@ -142,6 +142,11 @@ krb5_dk_encrypt(enc, hash, key, usage, ivec, input, output)
     if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2))))
 	goto cleanup;
 
+    if (ivec != NULL && ivec->length == blocksize)
+	cn = d2.data + d2.length - blocksize;
+    else
+	cn = NULL;
+
     /* hash the plaintext */
 
     d2.length = enclen - plainlen;
@@ -149,8 +154,14 @@ krb5_dk_encrypt(enc, hash, key, usage, ivec, input, output)
 
     output->length = enclen;
 
-    if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2)))
+    if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2))) {
 	memset(d2.data, 0, d2.length);
+	goto cleanup;
+    }
+
+    /* update ivec */
+    if (cn != NULL)
+	memcpy(ivec->data, cn, blocksize);
 
     /* ret is set correctly by the prior call */
 
@@ -196,7 +207,7 @@ krb5_marc_dk_encrypt(enc, hash, key, usage, ivec, input, output)
     krb5_error_code ret;
     unsigned char constantdata[K5CLENGTH];
     krb5_data d1, d2;
-    unsigned char *plaintext, *kedata, *kidata;
+    unsigned char *plaintext, *kedata, *kidata, *cn;
     krb5_keyblock ke, ki;
 
     /* allocate and set up plaintext and to-be-derived keys */
@@ -278,6 +289,11 @@ krb5_marc_dk_encrypt(enc, hash, key, usage, ivec, input, output)
     if ((ret = ((*(enc->encrypt))(&ke, ivec, &d1, &d2))))
 	goto cleanup;
 
+    if (ivec != NULL && ivec->length == blocksize)
+	cn = d2.data + d2.length - blocksize;
+    else
+	cn = NULL;
+
     /* hash the plaintext */
 
     d2.length = enclen - plainlen;
@@ -285,8 +301,14 @@ krb5_marc_dk_encrypt(enc, hash, key, usage, ivec, input, output)
 
     output->length = enclen;
 
-    if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2)))
+    if ((ret = krb5_hmac(hash, &ki, 1, &d1, &d2))) {
 	memset(d2.data, 0, d2.length);
+	goto cleanup;
+    }
+
+    /* update ivec */
+    if (cn != NULL)
+	memcpy(ivec->data, cn, blocksize);
 
     /* ret is set correctly by the prior call */