On Wed, Dec 14, 2016 at 12:37 AM, David Howells <dhowells@xxxxxxxxxx> wrote: > Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote: > >> > - sg_set_buf(&sg_out[1], pad, sizeof pad); >> > + sg_set_buf(&sg_out[1], empty_zero_page, 16); >> >> My fix here is obviously bogus (I meant to use ZERO_PAGE(0)), but what >> exactly is the code trying to do? The old code makes no sense. It's >> setting the *output* buffer to zeroed padding. > > Padding goes into the encrypt function and is going to come out of the decrypt > function. Possibly derived_key_decrypt() should be checking that the padding > that comes out is actually a bunch of zeros. Maybe we don't actually need to > get the padding out, but I'm not sure whether the crypto layer will > malfunction if we don't give it a buffer for the padding. It was the memset that threw me for a loop. David, are these encrypted keys ever exported anywhere? If not, could the code use a mode that doesn't need padding? --Andy > > David -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html