On Wed, 2017-02-08 at 07:45 +0000, Ard Biesheuvel wrote:
> On 8 February 2017 at 07:00, Johannes Berg <johannes@xxxxxxxxxxxxxxxx
> > wrote:
> > This looks strange to me:
> >
> > > +static int aes_s2v(struct crypto_shash *tfm,
> > > size_t num_elem, const u8 *addr[], size_t len[],
> > > u8 *v)
> > > {
> > > - u8 d[AES_BLOCK_SIZE], tmp[AES_BLOCK_SIZE];
> > > + u8 d[AES_BLOCK_SIZE], tmp[AES_BLOCK_SIZE] = {};
> > > + SHASH_DESC_ON_STACK(desc, tfm);
> >
> > desc declared
> >
> > >
> > > + crypto_shash_digest(desc, tmp, AES_BLOCK_SIZE, d);
> >
> > used here
> >
>
> Each digest() call combines a init()/update()/final() sequence
>
> > > + crypto_shash_init(desc);
> >
> > but initialized now?
> >
>
> ... for the 6th time, or so. The final vector may require two
> update()s, so we cannot use digest() here. But we can use finup() for
> the last one, which combines update() and final().
>
> Hence,
>
> init()/finup()
>
> or
>
> init()/update()/finup()
>
> depending on the length of the last vector.
Great, thanks for the explanation :)
johannes
