pull up r23397 from trunk

 ------------------------------------------------------------------------
 r23397 | ghudson | 2009-11-30 20:36:42 -0500 (Mon, 30 Nov 2009) | 10 lines

 ticket: 6589
 subject: Fix AES IOV decryption of small messages
 tags: pullup
 target_version: 1.7.1

 AES messages never need to be padded because the confounder ensures
 that the plaintext is at least one block long.  Remove a check in
 krb5int_dk_decrypt_iov which was rejecting short AES messages because
 it didn't count the header length.

ticket: 6589
version_fixed: 1.7.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@23645 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/dk/dk_aead.c b/src/lib/crypto/dk/dk_aead.c
index e995f9ae69ab22f0602b46a72271fd6b64eae811..1aa27687fbd135f6f41faf3e37f3d02c76b0fc4d 100644 (file)
--- a/src/lib/crypto/dk/dk_aead.c
+++ b/src/lib/crypto/dk/dk_aead.c
@@ -245,20 +245,15 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead,
     if (ret != 0)
        return ret;
 
+    if (blocksize != 0) {
+       /* Check that the input data is correctly padded. */
     for (i = 0; i < num_data; i++) {
        const krb5_crypto_iov *iov = &data[i];
 
        if (ENCRYPT_DATA_IOV(iov))
            cipherlen += iov->data.length;
     }
-
-    if (blocksize == 0) {
-       /* Check for correct input length in CTS mode */
-       if (enc->block_size != 0 && cipherlen < enc->block_size)
-           return KRB5_BAD_MSIZE;
-    } else {
-       /* Check that the input data is correctly padded */
-       if ((cipherlen % blocksize) != 0)
+        if (cipherlen % blocksize != 0)
            return KRB5_BAD_MSIZE;
     }