From: Tom Yu Date: Tue, 12 Jan 2010 04:15:40 +0000 (+0000) Subject: pull up r23397 from trunk X-Git-Tag: krb5-1.7.1-beta1~9 X-Git-Url: http://git.tremily.us/gitweb.cgi?a=commitdiff_plain;h=5cea08900470400937fe837020d09dcc2b341456;p=krb5.git pull up r23397 from trunk ------------------------------------------------------------------------ r23397 | ghudson | 2009-11-30 20:36:42 -0500 (Mon, 30 Nov 2009) | 10 lines ticket: 6589 subject: Fix AES IOV decryption of small messages tags: pullup target_version: 1.7.1 AES messages never need to be padded because the confounder ensures that the plaintext is at least one block long. Remove a check in krb5int_dk_decrypt_iov which was rejecting short AES messages because it didn't count the header length. ticket: 6589 version_fixed: 1.7.1 status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@23645 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/dk/dk_aead.c b/src/lib/crypto/dk/dk_aead.c index e995f9ae6..1aa27687f 100644 --- a/src/lib/crypto/dk/dk_aead.c +++ b/src/lib/crypto/dk/dk_aead.c @@ -245,20 +245,15 @@ krb5int_dk_decrypt_iov(const struct krb5_aead_provider *aead, if (ret != 0) return ret; + if (blocksize != 0) { + /* Check that the input data is correctly padded. */ for (i = 0; i < num_data; i++) { const krb5_crypto_iov *iov = &data[i]; if (ENCRYPT_DATA_IOV(iov)) cipherlen += iov->data.length; } - - if (blocksize == 0) { - /* Check for correct input length in CTS mode */ - if (enc->block_size != 0 && cipherlen < enc->block_size) - return KRB5_BAD_MSIZE; - } else { - /* Check that the input data is correctly padded */ - if ((cipherlen % blocksize) != 0) + if (cipherlen % blocksize != 0) return KRB5_BAD_MSIZE; }