void *sched, **schedp;
want_bufferslen= alg->blocksize * (mode->buf_blocks + mode->iv_blocks);
- key= get_key(ip, key_obj, alg, want_bufferslen);
+ key= get_key(ip, key_obj, alg, want_bufferslen); if (!key) return TCL_ERROR;
schedp= (alg->decrypt.make_schedule==alg->encrypt.make_schedule
|| encrypt) ? &key->alpha : &key->beta;
}
iv_want= alg->blocksize * mode->iv_blocks;
- if (hbytes_issentinel(&iv)) {
+ if (!iv_want) {
+ if (!hbytes_issentinel(&iv))
+ return staticerr(ip,"iv supplied but mode does not take one");
+ } else if (hbytes_issentinel(&iv)) {
if (!encrypt) return staticerr(ip,"must supply iv when decrypting");
rc= get_urandom(ip, key->buffers, iv_want);
if (rc) return rc;