From: Richard Levitte Date: Fri, 11 Oct 2002 22:37:44 +0000 (+0000) Subject: The AES CTR API was buggy, we need to save the encrypted counter as well X-Git-Tag: OpenSSL_0_9_7-beta4~121 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=dbcc560717323ec3bd4be36618db5c0d38eac419;p=oweals%2Fopenssl.git The AES CTR API was buggy, we need to save the encrypted counter as well between calls, or that will be lost if it returned with *num non-zero. --- diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h index e8da921ec5..f708f6f34b 100644 --- a/crypto/aes/aes.h +++ b/crypto/aes/aes.h @@ -99,7 +99,9 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num); void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, - unsigned char *counter, unsigned int *num); + unsigned char counter[AES_BLOCK_SIZE], + unsigned char ecount_buf[AES_BLOCK_SIZE], + unsigned int *num); #ifdef __cplusplus diff --git a/crypto/aes/aes_ctr.c b/crypto/aes/aes_ctr.c index aea3db2092..6a89f4def2 100644 --- a/crypto/aes/aes_ctr.c +++ b/crypto/aes/aes_ctr.c @@ -94,11 +94,12 @@ static void AES_ctr128_inc(unsigned char *counter) { */ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, - unsigned char *counter, unsigned int *num) { + unsigned char counter[AES_BLOCK_SIZE], + unsigned char ecount_buf[AES_BLOCK_SIZE], + unsigned int *num) { unsigned int n; unsigned long l=length; - unsigned char tmp[AES_BLOCK_SIZE]; assert(in && out && key && counter && num); @@ -106,10 +107,10 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, while (l--) { if (n == 0) { - AES_encrypt(counter, tmp, key); + AES_encrypt(counter, ecount_buf, key); AES_ctr128_inc(counter); } - *(out++) = *(in++) ^ tmp[n]; + *(out++) = *(in++) ^ ecount_buf[n]; n = (n+1) % AES_BLOCK_SIZE; }