X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fopenssl%2Fcipher.c;h=b2edcc75d625908dd94fb1f56fc0bd4de9c91daf;hb=d917c8cb6b69475d568ccbe82389b9f2b3eb5e80;hp=9b9e3446a3d3cc98732b54d2ed2a2c74a9ed2fc9;hpb=8ac096b5bf9da1b3961a3ac4a03d083629222a63;p=tinc

diff --git a/src/openssl/cipher.c b/src/openssl/cipher.c
index 9b9e3446..b2edcc75 100644
--- a/src/openssl/cipher.c
+++ b/src/openssl/cipher.c
@@ -65,10 +65,8 @@ bool cipher_open_blowfish_ofb(cipher_t *cipher) {
 
 void cipher_close(cipher_t *cipher) {
 	EVP_CIPHER_CTX_cleanup(&cipher->ctx);
-	if(cipher->counter) {
-		free(cipher->counter);
-		cipher->counter = 0;
-	}
+	free(cipher->counter);
+	cipher->counter = NULL;
 }
 
 size_t cipher_keylength(const cipher_t *cipher) {
@@ -105,6 +103,19 @@ bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encry
 	return false;
 }
 
+bool cipher_set_counter(cipher_t *cipher, const void *counter, size_t len) {
+	if(len > cipher->cipher->block_size - 4) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Counter too long");
+		abort();
+	}
+
+	memcpy(cipher->counter->counter + cipher->cipher->block_size - len, counter, len);
+	memset(cipher->counter->counter, 0, 4);
+	cipher->counter->n = 0;
+
+	return true;
+}
+
 bool cipher_set_counter_key(cipher_t *cipher, void *key) {
 	int result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, NULL);
 	if(!result) {
@@ -132,7 +143,7 @@ bool cipher_counter_xor(cipher_t *cipher, const void *indata, size_t inlen, void
 	unsigned char *out = outdata;
 
 	while(inlen--) {
-		// Encrypt the new counter value if we need it 
+		// Encrypt the new counter value if we need it
 		if(!cipher->counter->n) {
 			int len;
 			if(!EVP_EncryptUpdate(&cipher->ctx, cipher->counter->block, &len, cipher->counter->counter, cipher->cipher->block_size)) {