On Fri, Sep 21, 2007 at 07:15:02PM -0500, Joy Latten wrote: > > > I suggest that you make these parameters to your CTR template. > > So instead of requesting for "ctr(aes)", you could request for > > "ctr(aes, 4, 8)" where 4 is the length of the nonce in the > > counter block and 8 is the length of the IV. The counter > > itself would then be calculated as block_size - 4 - 8. > > > Ok, pretty much had this coded up when it dawned on me > maybe I should include the nonce as parameter too. > Whenever you use ctr, it is a given you need the nonce. > Couldn't the user of the api, separate the nonce from > the key and pass it in the template? It would solve > my problem about sometimes the keylen is bigger than > max-key-length for the algorithm with the additional bytes > for nonce. So, I could pass in ctr(aes, nonce, noncesize, ivsize). > Let me know if this sounds ok or did I miss something important? It would be awkward to have the actual nonce as a parameter because for IPsec at least it's negotiated through the same process as the encryption key. More importantly, for the same "ctr(aes, 4, 8)" tuple, there are many users (each SA would need two) while for if you include the actual nonce then each tuple would be used by just one SA. > Ok, I get it. Thanks. :-) > I will try using the original IV as you first suggested. Sorry, my suggestion doesn't actually work because the IV's size is smaller than the block size :) Putting it on the stack should be fine though. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
