X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=chiark-tcl.git;a=blobdiff_plain;f=crypto%2Fcrypto.c;fp=crypto%2Fcrypto.c;h=39611580eb150ea4e792853db363578d550d4b0a;hp=ec6a6dec54ec1204e56a8f934917be2f17812272;hb=ca480b9b4773b6ea6be7627e8857d6034d1d5849;hpb=79480f2c416419bcde9b9ac78f5f10bd4cc724e3

diff --git a/crypto/crypto.c b/crypto/crypto.c
index ec6a6de..3961158 100644
--- a/crypto/crypto.c
+++ b/crypto/crypto.c
@@ -165,7 +165,7 @@ int do_hbytes_blockcipher(ClientData cd, Tcl_Interp *ip, int encrypt,
   void *sched, **schedp;
 
   want_bufferslen= alg->blocksize * (mode->buf_blocks + mode->iv_blocks);
-  key= get_key(ip, key_obj, alg, want_bufferslen);
+  key= get_key(ip, key_obj, alg, want_bufferslen);  if (!key) return TCL_ERROR;
 
   schedp= (alg->decrypt.make_schedule==alg->encrypt.make_schedule
 	   || encrypt) ? &key->alpha : &key->beta;
@@ -181,7 +181,10 @@ int do_hbytes_blockcipher(ClientData cd, Tcl_Interp *ip, int encrypt,
   }
 
   iv_want= alg->blocksize * mode->iv_blocks;
-  if (hbytes_issentinel(&iv)) {
+  if (!iv_want) {
+    if (!hbytes_issentinel(&iv))
+      return staticerr(ip,"iv supplied but mode does not take one");
+  } else if (hbytes_issentinel(&iv)) {
     if (!encrypt) return staticerr(ip,"must supply iv when decrypting");
     rc= get_urandom(ip, key->buffers, iv_want);
     if (rc) return rc;