Crypto API AEAD question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

While debugging some AEAD issues with the inside-secure driver, I couldn't
help but notice that the testmgr is NOT checking the AAD data section of
the result. And when I added that check myself, I saw a lot of implementations
failing on out-of-place vectors, with the poison data still present in that
location. So am I correct to assume that the implementation is NOT supposed to
write the AAD data, but skip over that part of the output buffer, even if the
in- and output buffers do not overlap?

I wonder, as the current inside-secure driver DOES write out the AAD data and
I guess for us this is the natural way to do the AEAD transform so no one ever
just thought twice about that. Also can't find anything specific in the docs.

Even so, for the in-place case, checking the AAD data would ensure the crypto
implementation didn't *accidentally* corrupt it ...


Pascal van Leeuwen
Silicon IP Architect, Multi-Protocol Engines @ Inside Secure





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux