From ca480b9b4773b6ea6be7627e8857d6034d1d5849 Mon Sep 17 00:00:00 2001
From: ian <ian>
Date: Tue, 10 Sep 2002 20:01:35 +0000
Subject: [PATCH] Do not insist on iv if none wanted.  If get_key failes, do
 not crash.

---
 crypto/crypto.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/crypto/crypto.c b/crypto/crypto.c
index ec6a6de..3961158 100644
--- a/crypto/crypto.c
+++ b/crypto/crypto.c
@@ -165,7 +165,7 @@ int do_hbytes_blockcipher(ClientData cd, Tcl_Interp *ip, int encrypt,
   void *sched, **schedp;
 
   want_bufferslen= alg->blocksize * (mode->buf_blocks + mode->iv_blocks);
-  key= get_key(ip, key_obj, alg, want_bufferslen);
+  key= get_key(ip, key_obj, alg, want_bufferslen);  if (!key) return TCL_ERROR;
 
   schedp= (alg->decrypt.make_schedule==alg->encrypt.make_schedule
 	   || encrypt) ? &key->alpha : &key->beta;
@@ -181,7 +181,10 @@ int do_hbytes_blockcipher(ClientData cd, Tcl_Interp *ip, int encrypt,
   }
 
   iv_want= alg->blocksize * mode->iv_blocks;
-  if (hbytes_issentinel(&iv)) {
+  if (!iv_want) {
+    if (!hbytes_issentinel(&iv))
+      return staticerr(ip,"iv supplied but mode does not take one");
+  } else if (hbytes_issentinel(&iv)) {
     if (!encrypt) return staticerr(ip,"must supply iv when decrypting");
     rc= get_urandom(ip, key->buffers, iv_want);
     if (rc) return rc;
-- 
2.30.2