DES CBC change looks dubious to me.

1999-06-09 13:41:51 +00:00 · 1999-06-09 13:41:51 +00:00 · c77f47abfa
commit c77f47abfa
parent 8151f52add
2 changed files with 13 additions and 0 deletions
--- a/7
+++ b/7
@ -10,8 +10,15 @@
     according to Mark Crispin <MRC@Panda.COM>.
     [Bodo Moeller]

+#if 0
  *) DES CBC did not update the IV. Weird.
     [Ben Laurie]
+#else
+     Look at des.c, cbc3_enc.c etc.: Those rely on that bevaviour of
+     des_cbc_encrypt and copy IVs themselves when they have to.
+     Either all those have to be changed too, or things must stay as they
+     are.
+#endif

  *) When bntest is run from "make test" it drives bc to check its
     calculations, as well as internally checking them. If an internal check
--- a/crypto/des/cbc_enc.c
+++ b/crypto/des/cbc_enc.c
@ -58,6 +58,8 @@

 #include "des_locl.h"

+/* Note that this is inconsistent with other DES functions in that it doesn't
+   update ivec */
 void des_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 	     des_key_schedule schedule, des_cblock *ivec, int enc)
 	{
@ -92,9 +94,11 @@ void des_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 			tout0=tin[0]; l2c(tout0,out);
 			tout1=tin[1]; l2c(tout1,out);
 			}
+#if 0
 		iv = &(*ivec)[0];
 		l2c(tout0,iv);
 		l2c(tout1,iv);
+#endif
 		}
 	else
 		{
@ -123,9 +127,11 @@ void des_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 		/*	xor0=tin0;
 			xor1=tin1; */
 			}
+#if 0
 		iv = &(*ivec)[0];
 		l2c(xor0,iv);
 		l2c(xor1,iv);
+#endif
 		}
 	tin0=tin1=tout0=tout1=xor0=xor1=0;
 	tin[0]=tin[1]=0;