diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-12-01 01:36:42 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-12-01 01:36:42 +0000 |
| commit | fe22c91239dd9a7c272537437d07124cb1cb19ea (patch) | |
| tree | f81fd0fba0482910c5d3cfd3967f054e3446cb43 /src/lib/crypto | |
| parent | a6706b261c6968621ebfb9398ca23da77df61c85 (diff) | |
Fix AES IOV decryption of small messages
AES messages never need to be padded because the confounder ensures
that the plaintext is at least one block long. Remove a check in
krb5int_dk_decrypt_iov which was rejecting short AES messages because
it didn't count the header length.
ticket: 6589
tags: pullup
target_version: 1.7.1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23397 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto')
| -rw-r--r-- | src/lib/crypto/krb/dk/dk_aead.c | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/src/lib/crypto/krb/dk/dk_aead.c b/src/lib/crypto/krb/dk/dk_aead.c index e5cdd96d2..1801a7300 100644 --- a/src/lib/crypto/krb/dk/dk_aead.c +++ b/src/lib/crypto/krb/dk/dk_aead.c @@ -216,20 +216,15 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) return ret; - for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; - - if (ENCRYPT_DATA_IOV(iov)) - cipherlen += iov->data.length; - } + if (blocksize != 0) { + /* Check that the input data is correctly padded. */ + for (i = 0; i < num_data; i++) { + const krb5_crypto_iov *iov = &data[i]; - if (blocksize == 0) { - /* Check for correct input length in CTS mode */ - if (enc->block_size != 0 && cipherlen < enc->block_size) - return KRB5_BAD_MSIZE; - } else { - /* Check that the input data is correctly padded */ - if ((cipherlen % blocksize) != 0) + if (ENCRYPT_DATA_IOV(iov)) + cipherlen += iov->data.length; + } + if (cipherlen % blocksize != 0) return KRB5_BAD_MSIZE; } |