CBC Encryption/Decryption Bug when input Data length < 16

[Mick-P]

The loop that starts for(i = 0; i < length; i+=KEYLEN) will always executes once provided that the length is non zero. When the input data length is < KEYLEN and >0 then BOTH this loop and the block following it that handles the final partial block ("remainders") get executed. This is clearly incorrect.

I feel that logically the for loop should be looping through whole blocks and the loop count should not be a pointer! so something like for(u8 b = 0;b<NumCompleteBlocks;NumCompleteBlocks++)
u8 = uint_8

One then must then either pad out input data BEFORE the for loop if length is <KEYLEN, or add a check in the remainders block to ensure the IV is applied if NumCompleteBlocks=0 but not otherwise.

Apologies but I am new to GIT and not sure of the correct protocols!
Thanks

[kokke]

Hi Mick,

Excuses for the long response time. You are correct that I don't handle buffer sizes of unexpected lengths well, e.g. where len != multiple of 16.
I am pondering a better implementation, but I will not sacrifice code size for handling of incorrect inputs - that is a theme through-out the project. Code size is held in higher regard than solidity, because I feel that should be done ontop of this library, not inside it.
I use this code in places where code size is very sparse, so the libraries I use must be very frugal. I can often be sure that inputs will always meet expectations, so I can save the code space used for unnecessary error checking and input validation.

The correct Git protocol, I think, for you to share a solution you've crafted that solves this problem, would be to fork my repo, push the changes and send me a pull-request.

I am happy to receive constructive changes to the code :)