Correct serious bug in AES-CBC decryption when the message length isn't (0b6956b4) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/aes/aes_cbc.c

+4 −5

Original line number	Diff line number	Diff line
		@@ -91,21 +91,20 @@ void AES_cbc_encrypt(const unsigned char in, unsigned char out,
		}
		} else {
		while (len >= AES_BLOCK_SIZE) {
		memcpy(tmp, in, AES_BLOCK_SIZE);
		AES_decrypt(in, out, key);
		for(n=0; n < AES_BLOCK_SIZE; ++n)
		out[n] ^= ivec[n];
		memcpy(ivec, tmp, AES_BLOCK_SIZE);
		memcpy(ivec, in, AES_BLOCK_SIZE);
		len -= AES_BLOCK_SIZE;
		in += AES_BLOCK_SIZE;
		out += AES_BLOCK_SIZE;
		}
		if (len) {
		memcpy(tmp, in, AES_BLOCK_SIZE);
		AES_decrypt(tmp, tmp, key);
		AES_decrypt(in, tmp, key);
		for(n=0; n < len; ++n)
		out[n] ^= ivec[n];
		memcpy(ivec, tmp, AES_BLOCK_SIZE);
		out[n] = tmp[n] ^ ivec[n];
		memcpy(ivec, in, AES_BLOCK_SIZE);
		}
		}
		}