Hello, I'm trying to implement a simple example kernel module that uses encryption. I'm having trouble in the fact that unless I decrypt a string immediately after I've encrypted it (meaning I can't encrypt two strings and then go back and decrypt the first string), the last (length % 16) bytes are not decrypted properly. An example is: This works: 1) Encrypt "abcdefghijklmnopqrstuvwxyz01234" -> encrypted string 2) Decrypt encrypted string -> "abcdefghijklmnopqrstuvwxyz01234" This doesn't work: 1) Encrypt "abcdefghijklmnopqrstuvwxyz01234" -> encrypted string 2) ... do some other encryptions of other strings ... 3) Decrypt encrypted string -> "abcdefghijklmnopqrstuvwx......." where "......." is a constant, but incorrect character string. I've checked byte for byte the encrypted strings, and in every case they are identical. I'm using aes-ecb to avoid any complications with IVs. I've tried ensuring that my input/output buffer to ci->encrypt/decrypt is a zero-padded buffer with length that is a multiple of 16. I've also ignored the 'memset(cx->iv, 0, cx->ci->ivsize)' since ivsize is zero for aes-ecb (at least I think so - someone correct me if I'm wrong?) Am I missing something, perhaps not clearing some state in the cipher_context or cipher_implementation structs? Or not setting a state? Will I need to use IV (which I have little clue on using :p)? Any suggestions would be appreciated. Thanks! -Brenton Rothchild - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
