Hi Stephan,
It seems now AEAD encryption operation also returns AAD to user space
in output buffer. Following comment in aead_recvmsg() needs updation:
/*
373 * AEAD memory structure: For encryption, the tag is appended to the
374 * ciphertext which implies that the memory allocated for
the ciphertext
375 * must be increased by the tag length. For decryption, the tag
376 * is expected to be concatenated to the ciphertext. The plaintext
377 * therefore has a memory size of the ciphertext minus the
tag length.
378 *
379 * The memory structure for cipher operation has the following
380 * structure:
381 * AEAD encryption input: assoc data || plaintext
382 * AEAD encryption output: cipherntext || auth tag
383 * AEAD decryption input: assoc data || ciphertext || auth tag
384 * AEAD decryption output: plaintext
385 */
Regards
Harsh Jain
Am Freitag, 24. Juni 2016, 17:24:02 schrieb Harsh Jain:
Hi Harsh,
> 379 * The memory structure for cipher operation has the following
> 380 * structure:
> 381 * AEAD encryption input: assoc data || plaintext
> 382 * AEAD encryption output: cipherntext || auth tag
> 383 * AEAD decryption input: assoc data || ciphertext || auth
> tag 384 * AEAD decryption output: plaintext
Right, it returns AAD prepended to the stated output. Do you want to provide a
patch?
Ciao
Stephan
Yes, I will share the patch.
regards
Harsh Jain
On Fri, Jun 24, 2016 at 5:31 PM, Stephan Mueller <[email protected]> wrote:
> Am Freitag, 24. Juni 2016, 17:24:02 schrieb Harsh Jain:
>
> Hi Harsh,
>
>
>> 379 * The memory structure for cipher operation has the following
>> 380 * structure:
>> 381 * AEAD encryption input: assoc data || plaintext
>> 382 * AEAD encryption output: cipherntext || auth tag
>> 383 * AEAD decryption input: assoc data || ciphertext || auth
>> tag 384 * AEAD decryption output: plaintext
>
> Right, it returns AAD prepended to the stated output. Do you want to provide a
> patch?
>
> Ciao
> Stephan
On 06/24/2016 07:01 AM, Stephan Mueller wrote:
> Am Freitag, 24. Juni 2016, 17:24:02 schrieb Harsh Jain:
>
> Hi Harsh,
>
>
>> 379 * The memory structure for cipher operation has the following
>> 380 * structure:
>> 381 * AEAD encryption input: assoc data || plaintext
>> 382 * AEAD encryption output: cipherntext || auth tag
>> 383 * AEAD decryption input: assoc data || ciphertext || auth
>> tag 384 * AEAD decryption output: plaintext
>
> Right, it returns AAD prepended to the stated output. Do you want to provide a
> patch?
If testmgr.c is any model, the caller is expected to populate the
destination
buffer with the AAD. Is my understanding correct? And should this
comment clarify
that point: i.e. the length of the destination is the sum of the lengths
of the
aad + ciphertext + tag?
Gary
Am Freitag, 24. Juni 2016, 07:44:49 schrieb Gary R Hook:
Hi Gary,
> On 06/24/2016 07:01 AM, Stephan Mueller wrote:
> > Am Freitag, 24. Juni 2016, 17:24:02 schrieb Harsh Jain:
> >
> > Hi Harsh,
> >
> >> 379 * The memory structure for cipher operation has the
> >> following
> >> 380 * structure:
> >> 381 * AEAD encryption input: assoc data || plaintext
> >> 382 * AEAD encryption output: cipherntext || auth tag
> >> 383 * AEAD decryption input: assoc data || ciphertext ||
> >> auth tag 384 * AEAD decryption output: plaintext
> >
> > Right, it returns AAD prepended to the stated output. Do you want to
> > provide a patch?
>
> If testmgr.c is any model, the caller is expected to populate the
> destination
> buffer with the AAD. Is my understanding correct? And should this
> comment clarify
> that point: i.e. the length of the destination is the sum of the lengths
> of the
> aad + ciphertext + tag?
It may make sense if you would look at libkcapi which handles the input/output
appropriately. Especially, the kcapi_aead_getdata() function sets up the right
pointers.
It is correct that the AAD data is taken from the input.
Ciao
Stephan