lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ee73454b-32cc-4ab5-b499-2941aa496532@linaro.org>
Date:   Thu, 4 Feb 2021 19:24:12 -0500
From:   Thara Gopinath <thara.gopinath@...aro.org>
To:     Eric Biggers <ebiggers@...nel.org>
Cc:     herbert@...dor.apana.org.au, davem@...emloft.net,
        bjorn.andersson@...aro.org, ardb@...nel.org,
        sivaprak@...eaurora.org, linux-crypto@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 06/11] crypto: qce: skcipher: Return error for
 non-blocksize data(ECB/CBC algorithms)



On 2/4/21 5:50 PM, Eric Biggers wrote:
> On Thu, Feb 04, 2021 at 04:43:54PM -0500, Thara Gopinath wrote:
>> +	/*
>> +	 * ECB and CBC algorithms require message lengths to be
>> +	 * multiples of block size.
>> +	 * TODO: The spec says AES CBC mode for certain versions
>> +	 * of crypto engine can handle partial blocks as well.
>> +	 * Test and enable such messages.
>> +	 */
>> +	if (IS_ECB(rctx->flags) || IS_CBC(rctx->flags))
>> +		if (!IS_ALIGNED(req->cryptlen, blocksize))
>> +			return -EINVAL;
> 
> CBC by definition only operates on full blocks, so the TODO doesn't make sense.
> Is the partial block support really CTS-CBC?

Ya you are right. It should be CTS-CBC and not AES CBC. Though the spec 
is quite fuzzy about this part.

I can remove the comment and spin the next version or just leave it 
there for now and remove it later.

> 
> - Eric
> 

-- 
Warm Regards
Thara

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ