diff options
author | Jack Lloyd <[email protected]> | 2017-10-20 20:15:16 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-10-20 20:15:16 -0400 |
commit | cba904d7a474ef4151654c762d110ffd19841b33 (patch) | |
tree | c49b12f2017607c43723465c2965b11a271e23e9 /src/lib | |
parent | a6e051bea6e7341f8f7b8ab40e042e1e099b9b8b (diff) |
Allow setting CTR width via string
Prohibit very small counter widths (under 4 bytes), since they lead
to trivial keystream reuse.
Add tests.
Fix clone which always returned an object with a block-wide counter.
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/stream/ctr/ctr.cpp | 8 | ||||
-rw-r--r-- | src/lib/stream/ctr/ctr.h | 2 | ||||
-rw-r--r-- | src/lib/stream/stream_cipher.cpp | 10 |
3 files changed, 14 insertions, 6 deletions
diff --git a/src/lib/stream/ctr/ctr.cpp b/src/lib/stream/ctr/ctr.cpp index d0b44589b..99a589bb9 100644 --- a/src/lib/stream/ctr/ctr.cpp +++ b/src/lib/stream/ctr/ctr.cpp @@ -32,7 +32,7 @@ CTR_BE::CTR_BE(BlockCipher* cipher, size_t ctr_size) : m_iv(m_cipher->block_size()), m_pad_pos(0) { - if(m_ctr_size == 0 || m_ctr_size > m_block_size) + if(m_ctr_size < 4 || m_ctr_size > m_block_size) throw Invalid_Argument("Invalid CTR-BE counter size"); } @@ -55,7 +55,11 @@ void CTR_BE::key_schedule(const uint8_t key[], size_t key_len) std::string CTR_BE::name() const { - return ("CTR-BE(" + m_cipher->name() + ")"); + if(m_ctr_size == m_block_size) + return ("CTR-BE(" + m_cipher->name() + ")"); + else + return ("CTR-BE(" + m_cipher->name() + "," + std::to_string(m_ctr_size) + ")"); + } void CTR_BE::cipher(const uint8_t in[], uint8_t out[], size_t length) diff --git a/src/lib/stream/ctr/ctr.h b/src/lib/stream/ctr/ctr.h index 3ff63b8e5..c4c598161 100644 --- a/src/lib/stream/ctr/ctr.h +++ b/src/lib/stream/ctr/ctr.h @@ -34,7 +34,7 @@ class BOTAN_PUBLIC_API(2,0) CTR_BE final : public StreamCipher std::string name() const override; CTR_BE* clone() const override - { return new CTR_BE(m_cipher->clone()); } + { return new CTR_BE(m_cipher->clone(), m_ctr_size); } void clear() override; diff --git a/src/lib/stream/stream_cipher.cpp b/src/lib/stream/stream_cipher.cpp index f33d68296..c0e75c0a8 100644 --- a/src/lib/stream/stream_cipher.cpp +++ b/src/lib/stream/stream_cipher.cpp @@ -44,12 +44,16 @@ std::unique_ptr<StreamCipher> StreamCipher::create(const std::string& algo_spec, const SCAN_Name req(algo_spec); #if defined(BOTAN_HAS_CTR_BE) - if(req.algo_name() == "CTR-BE" && req.arg_count() == 1) + if((req.algo_name() == "CTR-BE" || req.algo_name() == "CTR") && req.arg_count_between(1,2)) { if(provider.empty() || provider == "base") { - if(auto c = BlockCipher::create(req.arg(0))) - return std::unique_ptr<StreamCipher>(new CTR_BE(c.release())); + auto cipher = BlockCipher::create(req.arg(0)); + if(cipher) + { + size_t ctr_size = req.arg_as_integer(1, cipher->block_size()); + return std::unique_ptr<StreamCipher>(new CTR_BE(cipher.release(), ctr_size)); + } } } #endif |