diff options
author | Richard Levitte <levitte@openssl.org> | 2002-10-11 22:37:29 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-10-11 22:37:29 +0000 |
commit | 1729588435f4c380f4c3c61e2ee6515cffc6d4ba (patch) | |
tree | 01a126c114c11e7a98d9d36eb7bdec614c7d17bb /crypto/aes | |
parent | 6f7c2cb31e6856435eb8e4a59ae18eda2fce34b2 (diff) |
The AES CTR API was buggy, we need to save the encrypted counter as well
between calls, or that will be lost if it returned with *num non-zero.
Diffstat (limited to 'crypto/aes')
-rw-r--r-- | crypto/aes/aes.h | 4 | ||||
-rw-r--r-- | crypto/aes/aes_ctr.c | 9 |
2 files changed, 8 insertions, 5 deletions
diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h index e8da921ec5..f708f6f34b 100644 --- a/crypto/aes/aes.h +++ b/crypto/aes/aes.h @@ -99,7 +99,9 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num); void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, - unsigned char *counter, unsigned int *num); + unsigned char counter[AES_BLOCK_SIZE], + unsigned char ecount_buf[AES_BLOCK_SIZE], + unsigned int *num); #ifdef __cplusplus diff --git a/crypto/aes/aes_ctr.c b/crypto/aes/aes_ctr.c index aea3db2092..6a89f4def2 100644 --- a/crypto/aes/aes_ctr.c +++ b/crypto/aes/aes_ctr.c @@ -94,11 +94,12 @@ static void AES_ctr128_inc(unsigned char *counter) { */ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, - unsigned char *counter, unsigned int *num) { + unsigned char counter[AES_BLOCK_SIZE], + unsigned char ecount_buf[AES_BLOCK_SIZE], + unsigned int *num) { unsigned int n; unsigned long l=length; - unsigned char tmp[AES_BLOCK_SIZE]; assert(in && out && key && counter && num); @@ -106,10 +107,10 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, while (l--) { if (n == 0) { - AES_encrypt(counter, tmp, key); + AES_encrypt(counter, ecount_buf, key); AES_ctr128_inc(counter); } - *(out++) = *(in++) ^ tmp[n]; + *(out++) = *(in++) ^ ecount_buf[n]; n = (n+1) % AES_BLOCK_SIZE; } |