in src/ecdh_support.c [245:290]
void AES_CBC_IV0_ENCRYPT(octet *k,const octet *m,octet *c)
{
/* AES CBC encryption, with Null IV and key k */
/* Input is from an octet string m, output is to an octet string c */
/* Input is padded as necessary to make up a full final block */
amcl_aes a;
int fin;
int i;
int ipt;
int opt;
char buff[16];
int padlen;
OCT_clear(c);
if (m->len==0) return;
AES_init(&a,CBC,k->len,k->val,NULL);
ipt=opt=0;
fin=0;
for(;;)
{
for (i=0; i<16; i++)
{
if (ipt<m->len) buff[i]=m->val[ipt++];
else
{
fin=1;
break;
}
}
if (fin) break;
AES_encrypt(&a,buff);
for (i=0; i<16; i++)
if (opt<c->max) c->val[opt++]=buff[i];
}
/* last block, filled up to i-th index */
padlen=16-i;
for (int j=i; j<16; j++) buff[j]=(char)padlen;
AES_encrypt(&a,buff);
for (i=0; i<16; i++)
if (opt<c->max) c->val[opt++]=buff[i];
AES_end(&a);
c->len=opt;
}