In blowfish-ctr mode, increment the counter in the correct order. Thanks to

der Mouse for spotting the same error in my 3des-ctr implementation.

[originally from svn r5700]

diff --git a/sshblowf.c b/sshblowf.c
index 0ca81ebad1921e57de0355f2dddc5f860b0e3c05..0f00a77ba8c6d0ca168f3c237165674232f2c1dd 100644 (file)
--- a/sshblowf.c
+++ b/sshblowf.c
@@ -406,8 +406,8 @@ static void blowfish_msb_sdctr(unsigned char *blk, int len,
        PUT_32BIT_MSB_FIRST(blk, tmp ^ b[0]);
        tmp = GET_32BIT_MSB_FIRST(blk + 4);
        PUT_32BIT_MSB_FIRST(blk + 4, tmp ^ b[1]);
-       if ((iv0 = (iv0 + 1) & 0xffffffff) == 0)
-           iv1 = (iv1 + 1) & 0xffffffff;
+       if ((iv1 = (iv1 + 1) & 0xffffffff) == 0)
+           iv0 = (iv0 + 1) & 0xffffffff;
        blk += 8;
        len -= 8;
     }