Eureka!

Some time ago, I implemented AES along with SHA-256 as a practice and because it was needed in some other project of mine (namely KOPCS, which I still may decide to unleash on the world!) You may wonder why I didn't use one of the many free, gratis, fast and high-quality implementations out there. Well, that's me! I like to make my own wheels, and since I'm still in the learning phase, I need the practice. Anyway, I implemented the thing and expanded it into a useful package by adding CTR mode and one-shot file and buffer en/decryption. In short, all was well and good. A few weeks back, just before a trip, just out of nowhere it came to me to asses the performance of the library. In the process of this evaluation, I discovered something utterly strange. The library couldn't decipher what it encrypted! And only when doing multiple blocks in one go! Of course, I had tested the thing before, but those tests were done in CounTeR mode and as you know, in counter mode you only use one way of the algorithm, encryption or decryption, not both. Unfortunately, I had to leave on business when I encountered this bug. It almost ate me alive, the "why". Just now, I finally found the bug! It was a stupid pointer (mis)calculation. I had to advance some pointer 128 bits (the block size) while I did it 32 bits instead. The point of this story is never try to get clever in your code. You'll get too clever for your own good one of these days. And, always test your code thoroughly!