projects / oweals / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Don't zap AES CBC IV, when decrypting truncated content in place.
[oweals/openssl.git] / crypto / aes / aes_cbc.c
diff --git a/crypto/aes/aes_cbc.c b/crypto/aes/aes_cbc.c
index e43135e8a022440dd10d58bae06147f40992f515..d2ba6bcdb4659d1ed9c6a01a898b08e167e0f2ef 100644 (file)
--- a/crypto/aes/aes_cbc.c
+++ b/crypto/aes/aes_cbc.c
@@ -65,7 +65,8 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 
        unsigned long n;
        unsigned long len = length;
-       unsigned char tmp[AES_BLOCK_SIZE], *iv = ivec;
+       unsigned char tmp[AES_BLOCK_SIZE];
+       const unsigned char *iv = ivec;
 
        assert(in && out && key && ivec);
        assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
@@ -82,13 +83,12 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                }
                if (len) {
                        for(n=0; n < len; ++n)
-                               tmp[n] = in[n] ^ iv[n];
+                               out[n] = in[n] ^ iv[n];
                        for(n=len; n < AES_BLOCK_SIZE; ++n)
-                               tmp[n] = iv[n];
-                       AES_encrypt(tmp, tmp, key);
-                       memcpy(out, tmp, AES_BLOCK_SIZE);
+                               out[n] = iv[n];
+                       AES_encrypt(out, out, key);
                        iv = out;
-               }                       
+               }
                memcpy(ivec,iv,AES_BLOCK_SIZE);
        } else if (in != out) {
                while (len >= AES_BLOCK_SIZE) {
@@ -120,10 +120,12 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                }
                if (len) {
                        memcpy(tmp, in, AES_BLOCK_SIZE);
-                       AES_decrypt(tmp, tmp, key);
+                       AES_decrypt(tmp, out, key);
                        for(n=0; n < len; ++n)
-                               out[n] = tmp[n] ^ ivec[n];
+                               out[n] ^= ivec[n];
+                       for(n=len; n < AES_BLOCK_SIZE; ++n)
+                               out[n] = tmp[n];
                        memcpy(ivec, tmp, AES_BLOCK_SIZE);
-               }                       
+               }
        }
 }
Unnamed repository; edit this file 'description' to name the repository.