Am Donnerstag, 23. April 2015, 10:55:58 schrieb Herbert Xu: Hi Herbert, > On Thu, Apr 23, 2015 at 04:51:56AM +0200, Stephan Mueller wrote: > > Encrypt input: IV, plaintext > > > > Encrypt output: processed IV, ciphertext > > > > Decrypt input: processed IV, ciphertext, IV to use for compare operation > > > > Decrypt output: plaintext > > Actually it is > > Decrypt input: processed IV, ciphertext > Decrypt output: IV, plaintext > > > How do you propose I send 2 IVs to blkcipher? > > As I suggested earlier, you can use the currently unused givdecrypt > interface for the fixed IV case as specified in the RFC. The giv > interfaces provide space for two IVs. > > If givdecrypt fails the comparison, then you can return EBADMSG > and zap the decrypted key. > > For the normal decrypt path, just return the IV and plaintet. The conversion to blkcipher is done and the math still works. As CBC or others it is a blkcipher and not an ablkcipher. Now, shall I kind of re-implement the chainiv ablkcipher wrapper into an IV handler that just helps my code? That will be a lot of code for a simple memcmp. -- Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
