diff options
| author | lloyd <[email protected]> | 2011-04-05 11:08:54 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2011-04-05 11:08:54 +0000 |
| commit | 55bbfdc0348f5f82a6dd5075e77bb4a1d18c53dc (patch) | |
| tree | 8a3e081bf04d66b2302abf5c3be81ec97c11a263 /src | |
| parent | d81b3d27abb1b261d2e8c6222865b1ab358595e7 (diff) | |
PR 145 was based around an easy misunderstanding of the CTR code.
Add some comments to help explain what is going on. Also add a
test using 512 blocks; all the existing ones were shorter, so
increment was not being tested at all. :(
Diffstat (limited to 'src')
| -rw-r--r-- | src/stream/ctr/ctr.cpp | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/src/stream/ctr/ctr.cpp b/src/stream/ctr/ctr.cpp index d221dc441..3a370eca3 100644 --- a/src/stream/ctr/ctr.cpp +++ b/src/stream/ctr/ctr.cpp @@ -1,6 +1,6 @@ /* * Counter mode -* (C) 1999-2010 Jack Lloyd +* (C) 1999-2011 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -85,20 +85,21 @@ void CTR_BE::set_iv(const byte iv[], size_t iv_len) if(!valid_iv_length(iv_len)) throw Invalid_IV_Length(name(), iv_len); - const size_t BLOCK_SIZE = permutation->block_size(); + const size_t bs = permutation->block_size(); zeroise(counter); counter.copy(0, iv, iv_len); + /* + * Set counter blocks to IV, IV + 1, ... IV + 255 + */ for(size_t i = 1; i != 256; ++i) { - counter.copy(i*BLOCK_SIZE, - &counter[(i-1)*BLOCK_SIZE], - BLOCK_SIZE); + counter.copy(i*bs, &counter[(i-1)*bs], bs); - for(size_t j = 0; j != BLOCK_SIZE; ++j) - if(++counter[i*BLOCK_SIZE + (BLOCK_SIZE-1-j)]) + for(size_t j = 0; j != bs; ++j) + if(++counter[i*bs + (bs - 1 - j)]) break; } @@ -111,12 +112,17 @@ void CTR_BE::set_iv(const byte iv[], size_t iv_len) */ void CTR_BE::increment_counter() { - const size_t BLOCK_SIZE = permutation->block_size(); + const size_t bs = permutation->block_size(); + /* + * Each counter value always needs to be incremented by 256, + * so we don't touch the lowest byte and instead treat it as + * an increment of one starting with the next byte. + */ for(size_t i = 0; i != 256; ++i) { - for(size_t j = 1; j != BLOCK_SIZE; ++j) - if(++counter[i*BLOCK_SIZE + (BLOCK_SIZE-1-j)]) + for(size_t j = 1; j != bs; ++j) + if(++counter[i*bs + (bs - 1 - j)]) break; } |