Handle IV carryover in CBC, CFB, and stream ciphers

Allow an empty nonce to mean "continue using the current cipher state". GH #864
author: Jack Lloyd <[email protected]> 2017-05-13 10:54:51 -0400
committer: Jack Lloyd <[email protected]> 2017-05-13 10:54:51 -0400
commit: 2914fcfb736b0a156ee14e4775a587ad92171ca3 (patch)
tree: 272492e1e76cb68d8d08ae425f6a36a5e003c2b7 /src/lib/block/aes/aes_ni
parent: 2c5919cd5aa3d7723919f729cab9938df1cc4f94 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/src/lib/block/aes/aes_ni/aes_ni.cpp b/src/lib/block/aes/aes_ni/aes_ni.cpp
index 52f4e44a2..65c1dc300 100644
--- a/src/lib/block/aes/aes_ni/aes_ni.cpp
+++ b/src/lib/block/aes/aes_ni/aes_ni.cpp
@@ -109,6 +109,8 @@ __m128i aes_256_key_expansion(__m128i key, __m128i key2)
 BOTAN_FUNC_ISA("ssse3,aes")
 void AES_128::aesni_encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
    {
+   BOTAN_ASSERT(m_EK.empty() == false, "Key was set");
+
    const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
    __m128i* out_mm = reinterpret_cast<__m128i*>(out);
 
@@ -186,6 +188,8 @@ void AES_128::aesni_encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks)
 BOTAN_FUNC_ISA("ssse3,aes")
 void AES_128::aesni_decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
    {
+   BOTAN_ASSERT(m_DK.empty() == false, "Key was set");
+
    const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
    __m128i* out_mm = reinterpret_cast<__m128i*>(out);
 
@@ -316,6 +320,8 @@ void AES_128::aesni_key_schedule(const uint8_t key[], size_t)
 BOTAN_FUNC_ISA("ssse3,aes")
 void AES_192::aesni_encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
    {
+   BOTAN_ASSERT(m_EK.empty() == false, "Key was set");
+
    const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
    __m128i* out_mm = reinterpret_cast<__m128i*>(out);
 
@@ -399,6 +405,8 @@ void AES_192::aesni_encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks)
 BOTAN_FUNC_ISA("ssse3,aes")
 void AES_192::aesni_decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
    {
+   BOTAN_ASSERT(m_DK.empty() == false, "Key was set");
+
    const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
    __m128i* out_mm = reinterpret_cast<__m128i*>(out);
 
@@ -532,6 +540,8 @@ void AES_192::aesni_key_schedule(const uint8_t key[], size_t)
 BOTAN_FUNC_ISA("ssse3,aes")
 void AES_256::aesni_encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
    {
+   BOTAN_ASSERT(m_EK.empty() == false, "Key was set");
+
    const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
    __m128i* out_mm = reinterpret_cast<__m128i*>(out);
 
@@ -621,6 +631,8 @@ void AES_256::aesni_encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks)
 BOTAN_FUNC_ISA("ssse3,aes")
 void AES_256::aesni_decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
    {
+   BOTAN_ASSERT(m_DK.empty() == false, "Key was set");
+
    const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
    __m128i* out_mm = reinterpret_cast<__m128i*>(out);
author	Jack Lloyd <[email protected]>	2017-05-13 10:54:51 -0400
committer	Jack Lloyd <[email protected]>	2017-05-13 10:54:51 -0400
commit	2914fcfb736b0a156ee14e4775a587ad92171ca3 (patch)
tree	272492e1e76cb68d8d08ae425f6a36a5e003c2b7 /src/lib/block/aes/aes_ni
parent	2c5919cd5aa3d7723919f729cab9938df1cc4f94 (diff)