* aes.c (krb5int_aes_encrypt, krb5int_aes_decrypt): Copy out value for new IV

ticket: 2223
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16038 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 10 insertions, 0 deletions

diff --git a/src/lib/crypto/enc_provider/ChangeLog b/src/lib/crypto/enc_provider/ChangeLog
index 35af036258..f27a6c3563 100644
--- a/src/lib/crypto/enc_provider/ChangeLog
+++ b/src/lib/crypto/enc_provider/ChangeLog
@@ -1,3 +1,8 @@
+2004-02-09  Ken Raeburn  <raeburn@mit.edu>
+
+	* aes.c (krb5int_aes_encrypt, krb5int_aes_decrypt): Copy out value
+	for new IV.
+
 2003-12-19  Ken Raeburn  <raeburn@mit.edu>
 
 	* arcfour.c (arcfour_weakkey1, arcfour_weakkey2,
diff --git a/src/lib/crypto/enc_provider/aes.c b/src/lib/crypto/enc_provider/aes.c
index c6b77f0ecf..2bbddddd98 100644
--- a/src/lib/crypto/enc_provider/aes.c
+++ b/src/lib/crypto/enc_provider/aes.c
@@ -91,6 +91,8 @@ krb5int_aes_encrypt(const krb5_keyblock *key, const krb5_data *ivec,
 	xorblock(tmp, tmp3);
 	enc(tmp2, tmp, &ctx);
 	memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE);
+	if (ivec)
+	    memcpy(ivec->data, tmp2, BLOCK_SIZE);
     }
 
     return 0;
@@ -149,6 +151,9 @@ krb5int_aes_decrypt(const krb5_keyblock *key, const krb5_data *ivec,
 	dec(tmp3, tmp2, &ctx);
 	xorblock(tmp3, tmp);
 	memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE);
+	if (ivec)
+	    memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE,
+		   BLOCK_SIZE);
     }
 
     return 0;