On Tue, Jul 01, 2014 at 05:08:48PM +0200, Stephan Mueller wrote: > For the CTR DRBG, the drbg_state->scratchpad temp buffer (i.e. the > memory location immediately before the drbg_state->tfm variable > is the buffer that the BCC function operates on. BCC operates > blockwise. Making the temp buffer drbg_statelen(drbg) in size is > sufficient when the DRBG state length is a multiple of the block > size. For AES192 this is not the case and the length for temp is > insufficient (yes, that also means for such ciphers, the final > output of all BCC rounds are truncated before used to update the > state of the DRBG!!). > > The patch enlarges the temp buffer from drbg_statelen to > drbg_statelen + drbg_blocklen to have sufficient space. > > Reported-by: Fengguang Wu <fengguang.wu@xxxxxxxxx> > Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx> I have applied just this patch out of your series. You patches depend on the previous four patches which I have not yet applied since there are still outstanding issues with two of them. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
