Make ctr mode behaviour consistent with other modes.

crypto/evp/e_aes.c

@@ -122,7 +122,7 @@ static int aes_counter (EVP_CIPHER_CTX *ctx, unsigned char *out,
 static const EVP_CIPHER aes_128_ctr_cipher=
 	{
 	NID_aes_128_ctr,1,16,16,
-	EVP_CIPH_CUSTOM_IV,
+	EVP_CIPH_CTR_MODE,
 	aes_init_key,
 	aes_counter,
 	NULL,
@@ -139,7 +139,7 @@ const EVP_CIPHER *EVP_aes_128_ctr (void)
 static const EVP_CIPHER aes_192_ctr_cipher=
 	{
 	NID_aes_192_ctr,1,24,16,
-	EVP_CIPH_CUSTOM_IV,
+	EVP_CIPH_CTR_MODE,
 	aes_init_key,
 	aes_counter,
 	NULL,
@@ -156,7 +156,7 @@ const EVP_CIPHER *EVP_aes_192_ctr (void)
 static const EVP_CIPHER aes_256_ctr_cipher=
 	{
 	NID_aes_256_ctr,1,32,16,
-	EVP_CIPH_CUSTOM_IV,
+	EVP_CIPH_CTR_MODE,
 	aes_init_key,
 	aes_counter,
 	NULL,
@@ -188,16 +188,6 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 		return 0;
 		}
 
-	if (ctx->cipher->flags&EVP_CIPH_CUSTOM_IV)
-		{
-		if (iv!=NULL)
-			memcpy (ctx->iv,iv,ctx->cipher->iv_len);
-		else	{
-			EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_IV_SETUP_FAILED);
-			return 0;
-			}
-		}
-
 	return 1;
 	}
 

crypto/evp/evp.h

@@ -326,6 +326,7 @@ struct evp_cipher_st
 #define		EVP_CIPH_CBC_MODE		0x2
 #define		EVP_CIPH_CFB_MODE		0x3
 #define		EVP_CIPH_OFB_MODE		0x4
+#define		EVP_CIPH_CTR_MODE		0x5
 #define 	EVP_CIPH_MODE			0xF0007
 /* Set if variable length cipher */
 #define 	EVP_CIPH_VARIABLE_LENGTH	0x8

crypto/evp/evp_enc.c

@@ -206,11 +206,14 @@ skip_to_init:
 			ctx->num = 0;
 
 			case EVP_CIPH_CBC_MODE:
+			case EVP_CIPH_CTR_MODE:
 
 			OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
 					(int)sizeof(ctx->iv));
 			if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-			memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+			/* Don't reuse IV for CTR mode */
+			if (EVP_CIPHER_CTX_mode(ctx) != EVP_CIPH_CTR_MODE)
+				memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
 			break;
 
 			default: