From: Gilad Ben-Yossef <gilad@benyossef.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>,
Hadar Gat <hadar.gat@arm.com>, Ofir Drang <ofir.drang@arm.com>,
stable@vger.kernel.org,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
Linux kernel mailing list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] crypto: ccree: fix iv copying for small buffers
Date: Thu, 21 Jun 2018 16:35:44 +0300 [thread overview]
Message-ID: <CAOtvUMcChKswKBCOkN7DGvK3DcotJBh0y=-Xi8232uYK26-xQA@mail.gmail.com> (raw)
In-Reply-To: <20180619142713.dzipyarpb23a7qne@gondor.apana.org.au>
On Tue, Jun 19, 2018 at 5:27 PM, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> On Sun, Jun 17, 2018 at 01:06:42PM +0300, Gilad Ben-Yossef wrote:
>>
>> It was ctr(aes). I wrongly assumed that we are supposed to unconditionally
>> copy
>> the cipher-text block post operation and let the caller do with it what it
>> wants and so the
>> code now does that for all cipher operations unconditionally.
>
> For CTR it doesn't matter whether the last block is less than a
> block, you should still increment the counter.
OK. got it. Although I am not sure how does one use this to continue
encryption if the plaintext was not block aligned.
>
>> So what is a good description of what we are supposed to provide in that
>> field post operation?
>> The next IV? but as you stated, that is not necessarily useful for all
>> ciphers.
>
> When in doubt, please refer to the generic implementation. If
> that is still unclear or if it seems wrong, please post to the
> list.
Got it.
So as a sanity check if I understood correctly I need to:
- Increment counter in IV for CTS
- Copy last ciphertext block for CFB and CBC to output IV (partial
blocks not allowed)
What about OFB? unless I've missed something there is no generic
implementation... ?
Thanks again,
Gilad
--
Gilad Ben-Yossef
Chief Coffee Drinker
values of β will give rise to dom!
next prev parent reply other threads:[~2018-06-21 13:35 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-07 8:58 [PATCH] crypto: ccree: fix iv copying for small buffers Gilad Ben-Yossef
2018-06-07 9:02 ` Gilad Ben-Yossef
2018-06-08 7:30 ` Harsh Jain
2018-06-13 6:30 ` Herbert Xu
[not found] ` <CAOtvUMdtafGwXJFD0Tm1tx1q+TxRsB4nwEKxumE7=--_PMCZrQ@mail.gmail.com>
2018-06-19 14:27 ` Herbert Xu
2018-06-21 13:35 ` Gilad Ben-Yossef [this message]
2018-06-22 6:53 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOtvUMcChKswKBCOkN7DGvK3DcotJBh0y=-Xi8232uYK26-xQA@mail.gmail.com' \
--to=gilad@benyossef.com \
--cc=davem@davemloft.net \
--cc=hadar.gat@arm.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ofir.drang@arm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.