From 680248d1541d7cc0c0bbb2c0071bd8f1ba2fed37 Mon Sep 17 00:00:00 2001 From: Logan007 Date: Mon, 24 Aug 2020 02:37:06 +0545 Subject: [PATCH] changed aes transform to cipher text stealing mode --- include/aes.h | 4 ++-- src/aes.c | 6 ++++-- src/transform_aes.c | 2 +- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/include/aes.h b/include/aes.h index 49ccf2c..9725841 100644 --- a/include/aes.h +++ b/include/aes.h @@ -48,10 +48,10 @@ typedef struct aes_context_t { int aes_cbc_encrypt (unsigned char *out, const unsigned char *in, size_t in_len, - const unsigned char *iv, aes_context_t *ctx); + unsigned char *iv, aes_context_t *ctx); int aes_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len, - const unsigned char *iv, aes_context_t *ctx); + unsigned char *iv, aes_context_t *ctx); int aes_ecb_decrypt (unsigned char *out, const unsigned char *in, aes_context_t *ctx); diff --git a/src/aes.c b/src/aes.c index 456e399..62d1b4f 100644 --- a/src/aes.c +++ b/src/aes.c @@ -45,7 +45,7 @@ static char *openssl_err_as_string (void) { /* ****************************************************** */ int aes_cbc_encrypt (unsigned char *out, const unsigned char *in, size_t in_len, - const unsigned char *iv, aes_context_t *ctx) { + unsigned char *iv, aes_context_t *ctx) { #ifdef HAVE_OPENSSL_1_1 int evp_len; @@ -81,13 +81,14 @@ int aes_cbc_encrypt (unsigned char *out, const unsigned char *in, size_t in_len, &(ctx->enc_key), iv, AES_ENCRYPT); + memset(iv, 0, AES_BLOCK_SIZE); #endif } /* ****************************************************** */ int aes_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len, - const unsigned char *iv, aes_context_t *ctx) { + unsigned char *iv, aes_context_t *ctx) { #ifdef HAVE_OPENSSL_1_1 int evp_len; @@ -123,6 +124,7 @@ int aes_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len, &(ctx->dec_key), iv, AES_DECRYPT); + memset(iv, 0, AES_BLOCK_SIZE); #endif return 0; diff --git a/src/transform_aes.c b/src/transform_aes.c index aed40a6..0b9fb6a 100644 --- a/src/transform_aes.c +++ b/src/transform_aes.c @@ -35,7 +35,7 @@ // cbc mode is being used with random value prepended to plaintext // instead of iv so, actual iv is null_iv -const uint8_t null_iv[AES_IV_SIZE] = {0}; +uint8_t null_iv[AES_IV_SIZE] = {0}; typedef struct transop_aes { aes_context_t *ctx;