From 607f2d29f268fbba169fc9cb26dc5b17def36522 Mon Sep 17 00:00:00 2001
From: orignal <romakoshelkin@yandex.ru>
Date: Fri, 18 Apr 2014 14:38:32 -0400
Subject: [PATCH] check for 16 bytes boundary before encryption

---
 NTCPSession.cpp | 2 +-
 SSU.cpp         | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/NTCPSession.cpp b/NTCPSession.cpp
index 7d53c541..712e8232 100644
--- a/NTCPSession.cpp
+++ b/NTCPSession.cpp
@@ -483,7 +483,7 @@ namespace ntcp
 			*((uint16_t *)sendBuffer) = 0;
 			*((uint32_t *)(sendBuffer + 2)) = htobe32 (time (0));
 		}	
-		int rem = (len + 6) % 16;
+		int rem = (len + 6) & 0x0F; // %16
 		int padding = 0;
 		if (rem > 0) padding = 16 - rem;
 		// TODO: fill padding 
diff --git a/SSU.cpp b/SSU.cpp
index b32bfddb..761d0e6b 100644
--- a/SSU.cpp
+++ b/SSU.cpp
@@ -506,6 +506,7 @@ namespace ssu
 		uint8_t * encrypted = &header->flag;
 		uint16_t encryptedLen = len - (encrypted - buf);
 		m_Encryption.SetKeyWithIV (aesKey, 32, iv);
+		encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary 
 		m_Encryption.ProcessData (encrypted, encrypted, encryptedLen);
 		// assume actual buffer size is 18 (16 + 2) bytes more
 		memcpy (buf + len, iv, 16);
@@ -524,7 +525,7 @@ namespace ssu
 		uint8_t * encrypted = &header->flag;
 		uint16_t encryptedLen = len - (encrypted - buf);	
 		m_Decryption.SetKeyWithIV (aesKey, 32, header->iv);
-		encryptedLen = (encryptedLen/16)*16; // make sure 16 bytes boundary
+		encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary 
 		m_Decryption.ProcessData (encrypted, encrypted, encryptedLen);
 	}
 
@@ -953,8 +954,8 @@ namespace ssu
 			memcpy (payload, msgBuf, size);
 			
 			size += payload - buf;
-			if (size % 16) // make sure 16 bytes boundary
-				size = (size/16 + 1)*16;
+			if (size & 0x0F) // make sure 16 bytes boundary
+				size = ((size >> 4) + 1) << 4; // (/16 + 1)*16
 			
 			CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator ();
 			rnd.GenerateBlock (iv, 16); // random iv