diff options
| author | Richard Basch <probe@mit.edu> | 1996-05-07 23:22:02 +0000 |
|---|---|---|
| committer | Richard Basch <probe@mit.edu> | 1996-05-07 23:22:02 +0000 |
| commit | a364eb5488daaa743980a21a5f3a7100232ee0dc (patch) | |
| tree | 2f13adf8d52f7c86ef85ed627cfadb582e7c7992 /src | |
| parent | 4b5ae5629998c34378b3d5eea8f062201e256263 (diff) | |
| download | krb5-a364eb5488daaa743980a21a5f3a7100232ee0dc.tar.gz krb5-a364eb5488daaa743980a21a5f3a7100232ee0dc.tar.xz krb5-a364eb5488daaa743980a21a5f3a7100232ee0dc.zip | |
Don't do more than the necessary encryptions for a single cblock length
random key. Only the larger cblocks need a second wrap-around cbc encrypt
to prevent leaking a codebook.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7922 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/crypto/des/random_key.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/lib/crypto/des/random_key.c b/src/lib/crypto/des/random_key.c index b24ec51ef..1dc4600b4 100644 --- a/src/lib/crypto/des/random_key.c +++ b/src/lib/crypto/des/random_key.c @@ -80,10 +80,11 @@ mit_des_generate_random_key(state, randkey) (* state->eblock.crypto_entry->encrypt_func) (state->sequence.data /*in*/, randkey->contents /*out*/, state->sequence.length, eblock, zero_ivec); - (* state->eblock.crypto_entry->encrypt_func) - (randkey->contents /*in*/, randkey->contents /*out*/, - randkey->length, eblock, - randkey->contents + randkey->length - sizeof(mit_des_cblock)); + if (state->sequence.length > sizeof(mit_des_cblock)) + (* state->eblock.crypto_entry->encrypt_func) + (randkey->contents /*in*/, randkey->contents /*out*/, + randkey->length, eblock, + randkey->contents + randkey->length - sizeof(mit_des_cblock)); /* Increment the sequence number, with wraparound (LSB) */ for (i = 0; i < state->sequence.length; i++) { |