Re: Possible issue with new inauthentic AEAD in extended crypto tests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Feb 7, 2020 at 4:07 PM Van Leeuwen, Pascal
<pvanleeuwen@xxxxxxxxxx> wrote:

> The "problem" Gilad was referring to is that the _explicit_ part of the  IV appears to be
> available  from both req->iv and from the AAD scatterbuffer. Which one should you use?
> API wise I would assume req->iv but from a (our) hardware perspective, it would
> be more efficient to extract it from the datastream. But is it allowed to assume
> there is a valid IV stored there? (which implies that it has to match req->iv,
> otherwise behaviour would deviate from implementations using that)
>


No, it isn't.

The problem that I was referring to was that part of our test suites
passes different values in req->iv and as part of the AAD,
in contrast to what we document as the API requirements in the include
file, my understanding of the relevant standard and
the single users of this API in the kernel and that the driver I'm
maintaining fails these tests,

I'm all fine with getting my hands dirty and fixing the driver, I'm
just suspect fixing a driver to pass a test that misuses the API
may not actually improve the quality of the driver.

Gilad



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux