From 522bfd567b97caa1496044814e42cfd12fbc22d9 Mon Sep 17 00:00:00 2001
From: Andrey Rys <rys@lynxlynx.ru>
Date: Wed, 9 Nov 2022 20:01:14 +0100
Subject: [PATCH] tfcrypt: fix "-M mac -u" failing to decrypt data due to
 missing ctr.

The symptom is that, even if encrypted stream is signed with MAC, and
on decryption says "signature is good", decrypted content is unavailable
and only encrypted garbage is written back.

This is due to unitialized counter (IV). This affects only STREAM mode.

If anyone ran into trouble, simply don't use -u option with -M mac.
Verifying MAC alone or skipping it with -M drop shall be safe.
---
 VERSION   | 2 +-
 tfcrypt.c | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index b5489e5..2bbd69c 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-69
+70
diff --git a/tfcrypt.c b/tfcrypt.c
index 5182a34..9e0e629 100644
--- a/tfcrypt.c
+++ b/tfcrypt.c
@@ -1205,6 +1205,7 @@ _decrypt_again_vrfy2:
 		}
 		total_processed_src = rwd;
 		memcpy(ctr, svctr, TF_BLOCK_SIZE);
+		if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr);
 		memset(svctr, 0, TF_BLOCK_SIZE);
 	}
 
-- 
2.31.1