On Thu, Apr 23, 2015 at 04:51:56AM +0200, Stephan Mueller wrote: > > Encrypt input: IV, plaintext > > Encrypt output: processed IV, ciphertext > > Decrypt input: processed IV, ciphertext, IV to use for compare operation > > Decrypt output: plaintext Actually it is Decrypt input: processed IV, ciphertext Decrypt output: IV, plaintext > How do you propose I send 2 IVs to blkcipher? As I suggested earlier, you can use the currently unused givdecrypt interface for the fixed IV case as specified in the RFC. The giv interfaces provide space for two IVs. If givdecrypt fails the comparison, then you can return EBADMSG and zap the decrypted key. For the normal decrypt path, just return the IV and plaintet. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
