diff options
| author | Jack Lloyd <[email protected]> | 2017-05-13 10:54:51 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2017-05-13 10:54:51 -0400 |
| commit | 2914fcfb736b0a156ee14e4775a587ad92171ca3 (patch) | |
| tree | 272492e1e76cb68d8d08ae425f6a36a5e003c2b7 /src/lib/modes | |
| parent | 2c5919cd5aa3d7723919f729cab9938df1cc4f94 (diff) | |
Handle IV carryover in CBC, CFB, and stream ciphers
Allow an empty nonce to mean "continue using the current cipher state".
GH #864
Diffstat (limited to 'src/lib/modes')
| -rw-r--r-- | src/lib/modes/cbc/cbc.cpp | 2 | ||||
| -rw-r--r-- | src/lib/modes/cfb/cfb.cpp | 15 | ||||
| -rw-r--r-- | src/lib/modes/stream_mode.h | 5 |
3 files changed, 18 insertions, 4 deletions
diff --git a/src/lib/modes/cbc/cbc.cpp b/src/lib/modes/cbc/cbc.cpp index 188b4a0aa..fbe56da82 100644 --- a/src/lib/modes/cbc/cbc.cpp +++ b/src/lib/modes/cbc/cbc.cpp @@ -1,6 +1,6 @@ /* * CBC Mode -* (C) 1999-2007,2013 Jack Lloyd +* (C) 1999-2007,2013,2017 Jack Lloyd * (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity * * Botan is released under the Simplified BSD License (see license.txt) diff --git a/src/lib/modes/cfb/cfb.cpp b/src/lib/modes/cfb/cfb.cpp index 148e16c6c..56d234090 100644 --- a/src/lib/modes/cfb/cfb.cpp +++ b/src/lib/modes/cfb/cfb.cpp @@ -67,7 +67,7 @@ size_t CFB_Mode::default_nonce_length() const bool CFB_Mode::valid_nonce_length(size_t n) const { - return (n == cipher().block_size()); + return (n == 0 || n == cipher().block_size()); } void CFB_Mode::key_schedule(const uint8_t key[], size_t length) @@ -80,7 +80,18 @@ void CFB_Mode::start_msg(const uint8_t nonce[], size_t nonce_len) if(!valid_nonce_length(nonce_len)) throw Invalid_IV_Length(name(), nonce_len); - m_shift_register.assign(nonce, nonce + nonce_len); + if(nonce_len == 0) + { + if(m_shift_register.empty()) + { + throw Invalid_State("CFB requires a non-empty initial nonce"); + } + } + else + { + m_shift_register.assign(nonce, nonce + nonce_len); + } + m_keystream_buf.resize(m_shift_register.size()); cipher().encrypt(m_shift_register, m_keystream_buf); } diff --git a/src/lib/modes/stream_mode.h b/src/lib/modes/stream_mode.h index e32044a4b..27a94a7c7 100644 --- a/src/lib/modes/stream_mode.h +++ b/src/lib/modes/stream_mode.h @@ -56,7 +56,10 @@ class BOTAN_DLL Stream_Cipher_Mode : public Cipher_Mode private: void start_msg(const uint8_t nonce[], size_t nonce_len) override { - m_cipher->set_iv(nonce, nonce_len); + if(nonce_len > 0) + { + m_cipher->set_iv(nonce, nonce_len); + } } void key_schedule(const uint8_t key[], size_t length) override |