From 1cdc3a62b8f436fb78e00a1b6da20857d37b526f Mon Sep 17 00:00:00 2001
Message-Id: <1cdc3a62b8f436fb78e00a1b6da20857d37b526f.1718766691.git.mdw@distorted.org.uk>
From: Mark Wooding <mdw@chiark.greenend.org.uk>
Date: Mon, 22 Dec 2014 20:32:58 +0000
Subject: [PATCH] progs/rspit.c: Better handling of block cipher IVs.
Organization: Straylight/Edgeware

From: Mark Wooding <mdw@distorted.org.uk>

  * Check the IV length during option parsing, rather than at the end.

  * Don't accumulate IV material because we don't do that with keys.
---
 progs/rspit.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/progs/rspit.c b/progs/rspit.c
index 7ca1cce8..2793fb41 100644
--- a/progs/rspit.c
+++ b/progs/rspit.c
@@ -831,9 +831,14 @@ static grand *gen_ofb(unsigned i)
 	break;
       case 'i': {
 	char *p;
+	DRESET(&iv);
 	unhex(optarg, &p, &iv);
 	if (*p)
 	  die(EXIT_FAILURE, "bad hex IV `%s'", optarg);
+	if (iv.len != ciphertab[i].blksz) {
+	  die(EXIT_FAILURE, "bad IV length %lu (must be %lu)",
+	      (unsigned long)iv.len, (unsigned long)ciphertab[i].blksz);
+	}
       } break;
       default:
 	return (0);
@@ -843,13 +848,8 @@ static grand *gen_ofb(unsigned i)
   if (!d.len)
     randkey(&d, ciphertab[i].keysz);
   r = ciphertab[i].ofb(d.buf, d.len);
-  if (iv.len) {
-    if (iv.len != ciphertab[i].blksz) {
-      die(EXIT_FAILURE, "bad IV length %lu (must be %lu)",
-	  (unsigned long)iv.len, (unsigned long)ciphertab[i].blksz);
-    }
+  if (iv.len)
     r->ops->misc(r, GRAND_SEEDBLOCK, iv.buf);
-  }
 
   dstr_destroy(&d);
   dstr_destroy(&iv);
@@ -888,9 +888,14 @@ static grand *gen_counter(unsigned i)
 	break;
       case 'i': {
 	char *p;
+	DRESET(&iv);
 	unhex(optarg, &p, &iv);
 	if (*p)
 	  die(EXIT_FAILURE, "bad hex IV `%s'", optarg);
+	if (iv.len != ciphertab[i].blksz) {
+	  die(EXIT_FAILURE, "bad IV length %lu (must be %lu)",
+	      (unsigned long)iv.len, (unsigned long)ciphertab[i].blksz);
+	}
       } break;
       default:
 	return (0);
@@ -900,13 +905,8 @@ static grand *gen_counter(unsigned i)
   if (!d.len)
     randkey(&d, ciphertab[i].keysz);
   r = ciphertab[i].counter(d.buf, d.len);
-  if (iv.len) {
-    if (iv.len != ciphertab[i].blksz) {
-      die(EXIT_FAILURE, "bad IV length %lu (must be %lu)",
-	  (unsigned long)iv.len, (unsigned long)ciphertab[i].blksz);
-    }
+  if (iv.len)
     r->ops->misc(r, GRAND_SEEDBLOCK, iv.buf);
-  }
 
   dstr_destroy(&d);
   dstr_destroy(&iv);
-- 
[mdw]