Allow setting CTR width via string

Prohibit very small counter widths (under 4 bytes), since they lead
to trivial keystream reuse.

Add tests.

Fix clone which always returned an object with a block-wide counter.

2 files changed, 7 insertions, 3 deletions

diff --git a/src/lib/stream/ctr/ctr.cpp b/src/lib/stream/ctr/ctr.cpp
index d0b44589b..99a589bb9 100644
--- a/src/lib/stream/ctr/ctr.cpp
+++ b/src/lib/stream/ctr/ctr.cpp
@@ -32,7 +32,7 @@ CTR_BE::CTR_BE(BlockCipher* cipher, size_t ctr_size) :
    m_iv(m_cipher->block_size()),
    m_pad_pos(0)
    {
-   if(m_ctr_size == 0 || m_ctr_size > m_block_size)
+   if(m_ctr_size < 4 || m_ctr_size > m_block_size)
       throw Invalid_Argument("Invalid CTR-BE counter size");
    }
 
@@ -55,7 +55,11 @@ void CTR_BE::key_schedule(const uint8_t key[], size_t key_len)
 
 std::string CTR_BE::name() const
    {
-   return ("CTR-BE(" + m_cipher->name() + ")");
+   if(m_ctr_size == m_block_size)
+      return ("CTR-BE(" + m_cipher->name() + ")");
+   else
+      return ("CTR-BE(" + m_cipher->name() + "," + std::to_string(m_ctr_size) + ")");
+
    }
 
 void CTR_BE::cipher(const uint8_t in[], uint8_t out[], size_t length)
diff --git a/src/lib/stream/ctr/ctr.h b/src/lib/stream/ctr/ctr.h
index 3ff63b8e5..c4c598161 100644
--- a/src/lib/stream/ctr/ctr.h
+++ b/src/lib/stream/ctr/ctr.h
@@ -34,7 +34,7 @@ class BOTAN_PUBLIC_API(2,0) CTR_BE final : public StreamCipher
       std::string name() const override;
 
       CTR_BE* clone() const override
-         { return new CTR_BE(m_cipher->clone()); }
+         { return new CTR_BE(m_cipher->clone(), m_ctr_size); }
 
       void clear() override;