The AES CTR API was buggy, we need to save the encrypted counter as well

between calls, or that will be lost if it returned with *num non-zero.

The AES CTR API was buggy, we need to save the encrypted counter as well
between calls, or that will be lost if it returned with *num non-zero.
17295884 · Richard Levitte · 6f7c2cb3 · 17295884 · 17295884
隐藏空白更改
内联并排

Showing with 8 addition and 5 deletion

crypto/aes/aes.h crypto/aes/aes.h +3 -1

crypto/aes/aes_ctr.c crypto/aes/aes_ctr.c +5 -4

未找到文件。
--- a/crypto/aes/aes.h
+++ b/crypto/aes/aes.h
@@ -99,7 +99,9 @@ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
 	unsigned char *ivec, int *num);
 void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
 	const unsigned long length, const AES_KEY *key,
-	unsigned char *counter, unsigned int *num);
+	unsigned char counter[AES_BLOCK_SIZE],
+	unsigned char ecount_buf[AES_BLOCK_SIZE],
+	unsigned int *num);


 #ifdef  __cplusplus

--- a/crypto/aes/aes_ctr.c
+++ b/crypto/aes/aes_ctr.c
@@ -94,11 +94,12 @@ static void AES_ctr128_inc(unsigned char *counter) {
 */
 void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
 	const unsigned long length, const AES_KEY *key,
-	unsigned char *counter, unsigned int *num) {
+	unsigned char counter[AES_BLOCK_SIZE],
+	unsigned char ecount_buf[AES_BLOCK_SIZE],
+	unsigned int *num) {

 	unsigned int n;
 	unsigned long l=length;
-	unsigned char tmp[AES_BLOCK_SIZE];

 	assert(in && out && key && counter && num);

@@ -106,10 +107,10 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,

 	while (l--) {
 		if (n == 0) {
-			AES_encrypt(counter, tmp, key);
+			AES_encrypt(counter, ecount_buf, key);
 			AES_ctr128_inc(counter);
 		}
-		*(out++) = *(in++) ^ tmp[n];
+		*(out++) = *(in++) ^ ecount_buf[n];
 		n = (n+1) % AES_BLOCK_SIZE;
 	}