From: Pekka Riikonen <priikone@silcnet.org>
Date: Mon, 5 Nov 2007 21:12:55 +0000 (+0000)
Subject: 	Zero tail of CTR mode IV in IV Included mode.
X-Git-Tag: silc.client.1.1.3~2
X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff_plain;h=771e796bf38a0ecc73390aa295cd68e75a79e640

	Zero tail of CTR mode IV in IV Included mode.
---

diff --git a/CHANGES b/CHANGES
index 7a495d43..144212be 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,13 @@
+Mon Nov  5 23:07:58 EET 2007  Pekka Riikonen <priikone@silcnet.org>
+
+	* Zero tail of CTR mode IV in IV Included mode.  Change does
+	  not cause compatibility issues.  Affected file is
+	  lib/silcske/silcske.c.
+
 Mon Nov  5 22:24:25 EET 2007  Pekka Riikonen <priikone@silcnet.org>
 
+	* SILC Toolkit 1.1.4.
+
 	* Fixed CTR mode rekey.  Affected file is lib/silcske/silcske.c.
 
 	* Rewrote the IV Included CTR mode encryption/decryption in
diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c
index 4a407490..89e4a848 100644
--- a/lib/silcske/silcske.c
+++ b/lib/silcske/silcske.c
@@ -3285,7 +3285,7 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
 			   SilcHmac *ret_hmac_receive,
 			   SilcHash *ret_hash)
 {
-  unsigned char iv[32];
+  unsigned char iv[SILC_HASH_MAXLEN];
   SilcBool iv_included = (prop->flags & SILC_SKE_SP_FLAG_IV_INCLUDED);
 
   /* Allocate ciphers to be used in the communication */
@@ -3337,6 +3337,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
 	  silc_hash_make(prop->hash, keymat->receive_iv, 8, iv);
 	  if (!iv_included)
 	    memcpy(iv + 4, keymat->receive_iv, 8);
+	  else
+	    memset(iv + 4, 0, 12);
 	}
 
         silc_cipher_set_iv(*ret_send_key, iv);
@@ -3361,6 +3363,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
 	  silc_hash_make(prop->hash, keymat->send_iv, 8, iv);
 	  if (!iv_included)
 	    memcpy(iv + 4, keymat->send_iv, 8);
+	  else
+	    memset(iv + 4, 0, 12);
 	}
 
         silc_cipher_set_iv(*ret_receive_key, iv);
@@ -3392,6 +3396,8 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
 	  silc_hash_make(prop->hash, keymat->send_iv, 8, iv);
 	  if (!iv_included)
 	    memcpy(iv + 4, keymat->send_iv, 8);
+	  else
+	    memset(iv + 4, 0, 12);
 	}
 
 	silc_cipher_set_iv(*ret_send_key, iv);
@@ -3417,7 +3423,9 @@ SilcBool silc_ske_set_keys(SilcSKE ske,
 	  silc_hash_make(prop->hash, keymat->receive_iv, 8, iv);
 	  if (!iv_included)
 	    memcpy(iv + 4, keymat->receive_iv, 8);
-	}
+	  else
+	    memset(iv + 4, 0, 12);
+ 	}
 
 	silc_cipher_set_iv(*ret_receive_key, iv);
       } else {