From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id A629D4C664 for ; Tue, 9 Sep 2025 14:36:59 +0000 (UTC) Authentication-Results: ffbox; dkim=fail (body hash mismatch (got b'4PxuMjFyWIRrLWxq7aEkTa5ZRbBg6Diksap5zb49ytE=', expected b'dq4Zl6RDk/XhYgagH4q08K/zF8uK/ANAJUI4X/8dHWQ=')) header.d=ffmpeg.org header.i=@ffmpeg.org header.a=rsa-sha256 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org; i=@ffmpeg.org; q=dns/txt; s=mail; t=1757428612; h=mime-version : to : date : message-id : reply-to : subject : list-id : list-archive : list-archive : list-help : list-owner : list-post : list-subscribe : list-unsubscribe : from : cc : content-type : content-transfer-encoding : from; bh=4PxuMjFyWIRrLWxq7aEkTa5ZRbBg6Diksap5zb49ytE=; b=vsEWL22+c59HsKfYu9RUDtKdV3fdZCTjj4EcSginuujAdGy1Uv10IdmUzGayMIzv4//ye 5C7P7WeR/74chIemy8zhzbI4/mscgcjwwI9QQBFJ2QsZrRzA74Y2nHrqYvtTIJaAxGmvrp/ +in+IsWs6vgUrDA/qwLCAqchUWHkpmrpY5wzegofE7EhCYiQkQQdCaUS8PW+u9TKEWoYsYT Kvk+D3j5RZQCbuRCHGah1jy5xTMqdZYrJ+ffpV8+Aup8F9NJZF1oVQqCcCphNyz3VQBIP7z NmDXGnTN0iPBqL96aVx06KFvslLgTlM//yjkzGUhpN9KOcI21QRYjfLiLu0Q== Received: from [172.19.0.4] (unknown [172.19.0.4]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id AD93668E79B; Tue, 9 Sep 2025 17:36:52 +0300 (EEST) ARC-Seal: i=1; cv=none; a=rsa-sha256; d=ffmpeg.org; s=arc; t=1757428611; b=XcCkfKL40I8kz5g7smgYU3IM12EBqjkS4JjUSt5lRiJpuaIR/3PNEv4dVG2ea+aEIk7Ua 58ax/YWq9rOzoFAOsQ80Lhr+ApydxQMbHAmsh7lO01/AhSQOz11bjzbUZaWnfb+/PVTmtGZ ugtOVij3sYmdnqJFU2jy/FgR9o5SgomHzUoh0mimw8ouv/OEd+uPtCIxf74wa1J6+Swyufq M6MsaqZD/tAl/350A2oakX3qsr8wh5WMYR1Vq2IrqKq+XxAhlUhatkLSBCxttOtDRZpx8D+ 5XQs0eXgXabSaQ4fJE/5rqY1qXvYDMYtbdNW0S9UsohNZMGGduw4PWdThhMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=ffmpeg.org; s=arc; t=1757428611; h=from : sender : reply-to : subject : date : message-id : to : cc : mime-version : content-type : content-transfer-encoding : content-id : content-description : resent-date : resent-from : resent-sender : resent-to : resent-cc : resent-message-id : in-reply-to : references : list-id : list-help : list-unsubscribe : list-subscribe : list-post : list-owner : list-archive; bh=g3WzXlESCx+F4GdmrrCty+Srlyr41hDWeqfkXLYd9gQ=; b=pZZQk+OsTLXydL8DNrKfPXa63yD7RVhJbye/PvLaa66pyorm3NH48ddqvYREBPKuO8cRA SlbtuR0FFMqCzQVd/laucryY7pZdxOPFu379vQz2F0QEai4nw+gBdP3FZi6m6h/F4KyJtBA 9Vljl1HHyQWYHEU1O1ST7WxTEBwefEn6yOVvXi/wp3u3uuiIArMV9tBd+kXTZvWBLkPCpDC 0c5br41++P+zDRZJ84JFXu/UC6LRyVxhD6vWVizvWDrCvioefHsz8zDVtkbNxojURmssvbD RXRMvnh7laLp8N7PZbXlME7GEqvDUVDh5hmqA0SEs21RgF4DoU9/jggn10oA== ARC-Authentication-Results: i=1; ffmpeg.org; dkim=pass header.d=ffmpeg.org header.i=@ffmpeg.org; arc=none; dmarc=none Authentication-Results: ffmpeg.org; dkim=pass header.d=ffmpeg.org header.i=@ffmpeg.org; arc=none (Message is not ARC signed); dmarc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org; i=@ffmpeg.org; q=dns/txt; s=mail; t=1757428603; h=content-type : mime-version : content-transfer-encoding : from : to : reply-to : subject : date : from; bh=dq4Zl6RDk/XhYgagH4q08K/zF8uK/ANAJUI4X/8dHWQ=; b=SRumxjTeSkEs0dd52ijwB42uFkdAPjx+msTsi1Pcr7lqDSblUZOQFnU7XErpYG946czAf 6z/14GZwyPFTN2zanyQF8r0DeldaHxmbCsaacKymfJiE18ehqkZZ53pWkJ0u5bXaKi2W7k7 tkbhhw7/5XD01kQoy9M38fsiIyfOCn8UJUKPVab/tgCYmwMPDw4iRkWsejNlQGUcyN6VAID I1RGt0hKRIgizwIKaMiaC/PptArcTpmiU8viIJ+rGOGQGlB7Q7ifWbMG5RBLb2Q+TMr1wfK NO7bKtaaLln6C5ckCnkxL1GuOAhAwI5k+S6K2GjuPWNTWa4DN6tQMxZSfFrw== Received: from 3f9d35a0eedc (code.ffmpeg.org [188.245.149.3]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 59D4868CD6D for ; Tue, 9 Sep 2025 17:36:43 +0300 (EEST) MIME-Version: 1.0 To: ffmpeg-devel@ffmpeg.org Date: Tue, 09 Sep 2025 14:36:43 -0000 Message-ID: <175742860349.25.3680808407541766175@463a07221176> Message-ID-Hash: T3S4FA6MUYFOJ5RJLQTXW7KAZUM5AHO3 X-Message-ID-Hash: T3S4FA6MUYFOJ5RJLQTXW7KAZUM5AHO3 X-MailFrom: code@ffmpeg.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-ffmpeg-devel.ffmpeg.org-0; header-match-ffmpeg-devel.ffmpeg.org-1; header-match-ffmpeg-devel.ffmpeg.org-2; header-match-ffmpeg-devel.ffmpeg.org-3; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list Reply-To: FFmpeg development discussions and patches Subject: [FFmpeg-devel] [PATCH] avutil/aes_ctr: reintroduce the block offset state (PR #20479) List-Id: FFmpeg development discussions and patches Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: James Almer via ffmpeg-devel Cc: James Almer Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Archived-At: List-Archive: List-Post: PR #20479 opened by James Almer (jamrial) URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20479 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20479.patch Wrongly removed in fe73b84879a560d69affca88ce21e61108e7c38d, it's required for calls with a payload smaller than a full block. Fixes issue #20474. >>From a143034f66fa607e59580983ffc672ccafbcec51 Mon Sep 17 00:00:00 2001 From: James Almer Date: Tue, 9 Sep 2025 11:31:45 -0300 Subject: [PATCH 1/2] avutil/aes_ctr: reintroduce the block offset state Wrongly removed in fe73b84879a560d69affca88ce21e61108e7c38d, it's required for calls with a payload smaller than a full block. Fixes issue #20474. Signed-off-by: James Almer --- libavutil/aes_ctr.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/libavutil/aes_ctr.c b/libavutil/aes_ctr.c index 63dcb20d3a..23c06ddacb 100644 --- a/libavutil/aes_ctr.c +++ b/libavutil/aes_ctr.c @@ -34,6 +34,7 @@ typedef struct AVAESCTR { DECLARE_ALIGNED(8, uint8_t, counter)[AES_BLOCK_SIZE]; DECLARE_ALIGNED(8, uint8_t, encrypted_counter)[AES_BLOCK_SIZE]; + int block_offset; AVAES aes; } AVAESCTR; @@ -46,11 +47,13 @@ void av_aes_ctr_set_iv(struct AVAESCTR *a, const uint8_t* iv) { memcpy(a->counter, iv, AES_CTR_IV_SIZE); memset(a->counter + AES_CTR_IV_SIZE, 0, sizeof(a->counter) - AES_CTR_IV_SIZE); + a->block_offset = 0; } void av_aes_ctr_set_full_iv(struct AVAESCTR *a, const uint8_t* iv) { memcpy(a->counter, iv, sizeof(a->counter)); + a->block_offset = 0; } const uint8_t* av_aes_ctr_get_iv(struct AVAESCTR *a) @@ -73,6 +76,7 @@ int av_aes_ctr_init(struct AVAESCTR *a, const uint8_t *key) av_aes_init(&a->aes, key, 128, 0); memset(a->counter, 0, sizeof(a->counter)); + a->block_offset = 0; return 0; } @@ -92,10 +96,20 @@ void av_aes_ctr_increment_iv(struct AVAESCTR *a) { av_aes_ctr_increment_be64(a->counter); memset(a->counter + AES_CTR_IV_SIZE, 0, sizeof(a->counter) - AES_CTR_IV_SIZE); + a->block_offset = 0; } void av_aes_ctr_crypt(struct AVAESCTR *a, uint8_t *dst, const uint8_t *src, int count) { + if (a->block_offset) { + int left = FFMIN(count, AES_BLOCK_SIZE - a->block_offset); + for (int len = 0; len < left; len++) + dst[len] = src[len] ^ a->encrypted_counter[a->block_offset++]; + dst += left; + src += left; + count -= left; + a->block_offset = 0; + } while (count >= AES_BLOCK_SIZE) { av_aes_crypt(&a->aes, a->encrypted_counter, a->counter, 1, NULL, 0); av_aes_ctr_increment_be64(a->counter + 8); @@ -112,9 +126,11 @@ void av_aes_ctr_crypt(struct AVAESCTR *a, uint8_t *dst, const uint8_t *src, int } if (count > 0) { + int len; av_aes_crypt(&a->aes, a->encrypted_counter, a->counter, 1, NULL, 0); av_aes_ctr_increment_be64(a->counter + 8); - for (int len = 0; len < count; len++) + for (len = 0; len < count; len++) dst[len] = src[len] ^ a->encrypted_counter[len]; + a->block_offset = len; } } -- 2.49.1 >>From 535cae3b40683f7ef6fcb9da1eb77aa5ce28b5fa Mon Sep 17 00:00:00 2001 From: James Almer Date: Tue, 9 Sep 2025 11:32:17 -0300 Subject: [PATCH 2/2] avutil/tests/aes_ctr: extend the test to cover payloads smaller than a block Signed-off-by: James Almer --- libavutil/tests/aes_ctr.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/libavutil/tests/aes_ctr.c b/libavutil/tests/aes_ctr.c index 5af48428aa..765c049f93 100644 --- a/libavutil/tests/aes_ctr.c +++ b/libavutil/tests/aes_ctr.c @@ -46,6 +46,8 @@ static DECLARE_ALIGNED(8, uint32_t, key)[4]; static DECLARE_ALIGNED(8, uint8_t, tmp)[20]; +#define SIZE 12 + int main (void) { int ret = 1; @@ -85,14 +87,28 @@ int main (void) iv = av_aes_ctr_get_iv(ae); av_aes_ctr_set_full_iv(ad, iv); - av_aes_ctr_crypt(ae, tmp, plain, sizeof(tmp)); - if (i && memcmp(tmp, encrypted, sizeof(tmp)) != 0) { + // encrypt less than a full block in the first call to test the state + // preserving code of aes-ctr. + av_aes_ctr_crypt(ae, tmp, plain, SIZE); + if (i && memcmp(tmp, encrypted, SIZE) != 0) { + av_log(NULL, AV_LOG_ERROR, "test failed\n"); + goto ERROR; + } + // encrypt the rest + av_aes_ctr_crypt(ae, tmp + SIZE, plain + SIZE, sizeof(tmp) - SIZE); + if (i && memcmp(tmp + SIZE, encrypted + SIZE, sizeof(tmp) - SIZE) != 0) { av_log(NULL, AV_LOG_ERROR, "test failed\n"); goto ERROR; } - av_aes_ctr_crypt(ad, tmp, tmp, sizeof(tmp)); - if (memcmp(tmp, plain, sizeof(tmp)) != 0){ + // same as with encryption, test the state preserving code of aes-ctr. + av_aes_ctr_crypt(ad, tmp, tmp, SIZE); + if (memcmp(tmp, plain, SIZE) != 0) { + av_log(NULL, AV_LOG_ERROR, "test failed\n"); + goto ERROR; + } + av_aes_ctr_crypt(ad, tmp + SIZE, tmp + SIZE, sizeof(tmp) - SIZE); + if (memcmp(tmp + SIZE, plain + SIZE, sizeof(tmp) - SIZE) != 0) { av_log(NULL, AV_LOG_ERROR, "test failed\n"); goto ERROR; } -- 2.49.1 _______________________________________________ ffmpeg-devel mailing list -- ffmpeg-devel@ffmpeg.org To unsubscribe send an email to ffmpeg-devel-leave@ffmpeg.org