static bool encrypt_ctr(private_drbg_ctr_t *this, chunk_t out)
{
- chunk_t iv = chunk_alloca(this->value.len);
chunk_t bl = chunk_alloca(this->value.len);
chunk_t block;
size_t delta, pos = 0;
- /* Initialize IV to all zeroes for ECB mode */
- memset(iv.ptr, 0x00, iv.len);
-
if (!this->crypter->set_key(this->crypter, this->key))
{
return FALSE;
memcpy(block.ptr, this->value.ptr, this->value.len);
/* ECB encryption */
- if (!this->crypter->encrypt(this->crypter, block, iv, NULL))
+ if (!this->crypter->encrypt(this->crypter, block, chunk_empty, NULL))
{
return FALSE;
}
switch (type)
{
case DRBG_CTR_AES128:
- crypter_type = ENCR_AES_CBC;
+ crypter_type = ENCR_AES_ECB;
key_len = 16;
break;
case DRBG_CTR_AES192:
- crypter_type = ENCR_AES_CBC;
+ crypter_type = ENCR_AES_ECB;
key_len = 24;
break;
case DRBG_CTR_AES256:
- crypter_type = ENCR_AES_CBC;
+ crypter_type = ENCR_AES_ECB;
key_len = 32;
break;
default:
/* NIST CTR DRBG */
PLUGIN_REGISTER(DRBG, drbg_ctr_create),
PLUGIN_PROVIDE(DRBG, DRBG_CTR_AES128),
- PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 16),
+ PLUGIN_DEPENDS(CRYPTER, ENCR_AES_ECB, 16),
PLUGIN_PROVIDE(DRBG, DRBG_CTR_AES192),
- PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 24),
+ PLUGIN_DEPENDS(CRYPTER, ENCR_AES_ECB, 24),
PLUGIN_PROVIDE(DRBG, DRBG_CTR_AES256),
- PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 32),
+ PLUGIN_DEPENDS(CRYPTER, ENCR_AES_ECB, 32),
/* NIST HMAC DRBG */
PLUGIN_REGISTER(DRBG, drbg_hmac_create),
PLUGIN_PROVIDE(DRBG, DRBG_HMAC_SHA1),
projects / thirdparty / strongswan.git / commitdiff
