From 359e38b4d4e8201342aad876e4868acaf5b82936 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hans-J=C3=BCrgen=20Petrich?= <petrich@tronic-media.com>
Date: Fri, 4 Jan 2013 14:23:34 +0700
Subject: [PATCH] fixed corrupted decrypt() in CTR mode

$buffer['encrypted'] (which is always empty) should be $buffer['ciphertext'] or buffered stream will get corrupt...

Example:
define('CRYPT_AES_MODE',CRYPT_AES_MODE_INTERNAL);//in MODE_MCRYPT all is fine
$aes = new Crypt_AES(CRYPT_AES_MODE_CTR);
$aes->setKey(':-8');
$aes->enableContinuousBuffer();
$plaintext = ':-):-):-):-):-):-)';
for($i=0; $i<strlen($plaintext); $i++) {
 echo $aes->Decrypt($aes->Encrypt($plaintext[$i]));
}

Output:
:-):-):-):-):-):-(

Expected:
:-):-):-):-):-):-)


After Bugfix, output is:
:-):-):-):-):-):-)
---
 phpseclib/Crypt/Rijndael.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/phpseclib/Crypt/Rijndael.php b/phpseclib/Crypt/Rijndael.php
index dc22488b..48795d22 100644
--- a/phpseclib/Crypt/Rijndael.php
+++ b/phpseclib/Crypt/Rijndael.php
@@ -879,7 +879,7 @@ class Crypt_Rijndael {
                 if ($this->continuousBuffer) {
                     $this->decryptIV = $xor;
                     if ($start = strlen($ciphertext) % $block_size) {
-                        $buffer['ciphertext'] = substr($key, $start) . $buffer['encrypted'];
+                        $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext'];
                     }
                 }
                 break;
@@ -1493,4 +1493,4 @@ class Crypt_Rijndael {
 }
 
 // vim: ts=4:sw=4:et:
-// vim6: fdl=1:
\ No newline at end of file
+// vim6: fdl=1: