From 45f64dbe3b5310926a15b24b0210a24997a8af79 Mon Sep 17 00:00:00 2001
From: Pekka Riikonen <priikone@silcnet.org>
Date: Fri, 22 Feb 2008 14:29:58 +0000
Subject: [PATCH] 	Fixed partial encryption in CTR mode.   Does not
 affect interop 	in SILC.

---
 CHANGES                           |  9 ++++++++-
 lib/silccrypt/aes.c               | 29 ++++++-----------------------
 lib/silccrypt/rijndael_internal.h |  1 +
 3 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/CHANGES b/CHANGES
index 5d9787ad..e6d976c8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,10 @@
+Fri Feb 22 16:12:27 EET 2008  Pekka Riikonen <priikone@silcnet.org>
+
+	* Fixed partial encryption in CTR mode in AES.  Change does not
+	  affect interoperability in SILC due to the way CTR is used in
+	  SILC.  But, fixed anyway.  Affected files are
+	  lib/silccrypt/aes.c and rijndael_internal.h.
+
 Tue Jan  8 09:41:57 EET 2008  Pekka Riikonen <priikone@silcnet.org>
 
 	* Fixed printable fingerprint bufferoverlfow, RedHat bug 372021.
@@ -45,7 +52,7 @@ Sun Nov 11 16:02:12 EET 2007 Pekka Riikonen <priikone@silcnet.org>
 Sun Nov 11 14:15:48 EET 2007  Pekka Riikonen <priikone@silcnet.org>
 
 	* SILC Toolkit 1.1.5.
-
+	
 Sun Nov 11 11:22:35 EET 2007  Pekka Riikonen <priikone@silcnet.org>
 
 	* Fixed connection authentication with public keys to use
diff --git a/lib/silccrypt/aes.c b/lib/silccrypt/aes.c
index 9c5a2f19..f41a61d6 100644
--- a/lib/silccrypt/aes.c
+++ b/lib/silccrypt/aes.c
@@ -190,13 +190,7 @@ SILC_CIPHER_API_CONTEXT_LEN(aes_ctr)
 SILC_CIPHER_API_ENCRYPT(aes_ctr)
 {
   AesContext *aes = context;
-  SilcUInt32 ctr[4];
-  int i;
-
-  SILC_GET32_MSB(ctr[0], iv);
-  SILC_GET32_MSB(ctr[1], iv + 4);
-  SILC_GET32_MSB(ctr[2], iv + 8);
-  SILC_GET32_MSB(ctr[3], iv + 12);
+  int i, k;
 
   i = aes->u.enc.inf.b[2];
   if (!i)
@@ -204,28 +198,17 @@ SILC_CIPHER_API_ENCRYPT(aes_ctr)
 
   while (len-- > 0) {
     if (i == 16) {
-      if (++ctr[3] == 0)
-	if (++ctr[2] == 0)
-	  if (++ctr[1] == 0)
-	    ++ctr[0];
-
-      SILC_PUT32_MSB(ctr[0], iv);
-      SILC_PUT32_MSB(ctr[1], iv + 4);
-      SILC_PUT32_MSB(ctr[2], iv + 8);
-      SILC_PUT32_MSB(ctr[3], iv + 12);
+      for (k = 15; k >= 0; k--)
+	if (++iv[k])
+	  break;
 
-      aes_encrypt(iv, iv, &aes->u.enc);
+      aes_encrypt(iv, aes->u.enc.pad, &aes->u.enc);
       i = 0;
     }
-    *dst++ = *src++ ^ iv[i++];
+    *dst++ = *src++ ^ aes->u.enc.pad[i++];
   }
   aes->u.enc.inf.b[2] = i;
 
-  SILC_PUT32_MSB(ctr[0], iv);
-  SILC_PUT32_MSB(ctr[1], iv + 4);
-  SILC_PUT32_MSB(ctr[2], iv + 8);
-  SILC_PUT32_MSB(ctr[3], iv + 12);
-
   return TRUE;
 }
 
diff --git a/lib/silccrypt/rijndael_internal.h b/lib/silccrypt/rijndael_internal.h
index e6dcb1c3..83a01f3c 100644
--- a/lib/silccrypt/rijndael_internal.h
+++ b/lib/silccrypt/rijndael_internal.h
@@ -44,6 +44,7 @@ typedef union {
 typedef struct {
   uint_32t ks[KS_LENGTH];
   aes_inf inf;
+  unsigned char pad[16];
 } aes_encrypt_ctx;
 
 typedef struct {
-- 
2.24.0