Zero CTR mode IV in IV Included mode.

author Pekka Riikonen <priikone@silcnet.org>

Mon, 5 Nov 2007 21:14:29 +0000 (21:14 +0000)

committer Pekka Riikonen <priikone@silcnet.org>

Mon, 5 Nov 2007 21:14:29 +0000 (21:14 +0000)
author Pekka Riikonen <priikone@silcnet.org>
Mon, 5 Nov 2007 21:14:29 +0000 (21:14 +0000)
committer Pekka Riikonen <priikone@silcnet.org>
Mon, 5 Nov 2007 21:14:29 +0000 (21:14 +0000)
diff --git a/CHANGES.TOOLKIT b/CHANGES.TOOLKIT

index 65844e8f1bbf7992ffc82b3bddeb81f404c8f231..9a6e6f3dd25105d846792be1040c328a5ac6f214 100644 (file)
--- a/CHANGES.TOOLKIT
+++ b/CHANGES.TOOLKIT
@@ -1,3 +1,9 @@
+Mon Nov  5 23:07:58 EET 2007  Pekka Riikonen <priikone@silcnet.org>
+
+       * Zero tail of CTR mode IV in IV Included mode.  Change does
+         not cause compatibility issues.  Affected file is
+         lib/silcske/silcske.c.
+
  Mon Nov  5 22:24:25 EET 2007  Pekka Riikonen <priikone@silcnet.org>
  
         * Fixed CTR mode rekey.  Affected file is lib/silcske/silcske.c.
diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c

index 6583562882a527511507da098aab92db0367338d..b3a151e6eaeb7f8f4a5b947cb3b4e11a731a2614 100644 (file)
--- a/lib/silcske/silcske.c
+++ b/lib/silcske/silcske.c
@@ -3391,7 +3391,7 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
                            SilcHmac *ret_hmac_receive,
                            SilcHash *ret_hash)
  {
-  unsigned char iv[32];
+  unsigned char iv[SILC_HASH_MAXLEN];
    SilcBool iv_included = (prop->flags & SILC_SKE_SP_FLAG_IV_INCLUDED);
  
    /* Allocate ciphers to be used in the communication */
@@ -3443,6 +3443,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
           silc_hash_make(prop->hash, keymat->receive_iv, 8, iv);
           if (!iv_included)
             memcpy(iv + 4, keymat->receive_iv, 8);
+         else
+           memset(iv + 4, 0, 12);
         }
  
          silc_cipher_set_iv(*ret_send_key, iv);
@@ -3467,6 +3469,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
           silc_hash_make(prop->hash, keymat->send_iv, 8, iv);
           if (!iv_included)
             memcpy(iv + 4, keymat->send_iv, 8);
+         else
+           memset(iv + 4, 0, 12);
         }
  
          silc_cipher_set_iv(*ret_receive_key, iv);
@@ -3498,6 +3502,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
           silc_hash_make(prop->hash, keymat->send_iv, 8, iv);
           if (!iv_included)
             memcpy(iv + 4, keymat->send_iv, 8);
+         else
+           memset(iv + 4, 0, 12);
         }
  
         silc_cipher_set_iv(*ret_send_key, iv);
@@ -3523,6 +3529,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
           silc_hash_make(prop->hash, keymat->receive_iv, 8, iv);
           if (!iv_included)
             memcpy(iv + 4, keymat->receive_iv, 8);
+         else
+           memset(iv + 4, 0, 12);
         }
  
         silc_cipher_set_iv(*ret_receive_key, iv);
author	Pekka Riikonen <priikone@silcnet.org>
	Mon, 5 Nov 2007 21:14:29 +0000 (21:14 +0000)
committer	Pekka Riikonen <priikone@silcnet.org>
	Mon, 5 Nov 2007 21:14:29 +0000 (21:14 +0000)
CHANGES.TOOLKIT		patch \| blob \| history
lib/silcske/silcske.c		patch \| blob \| history