2006-08-20 11:20:32

by Herbert Xu

[permalink] [raw]
Subject: Re: [PATCH] cit_encrypt_iv/cit_decrypt_iv for ECB mode

Willy Tarreau <[email protected]> wrote:
> That's what I thought after reading the code too. BTW, 2.6 does not
> initialize the pointers either.

This has been changed in the cryptodev-2.6 tree:


[CRYPTO] cipher: Removed special IV checks for ECB

This patch makes IV operations on ECB fail through nocrypt_iv rather than
calling BUG(). This is needed to generalise CBC/ECB using the template

In fact with the new block cipher type calling the IV-specific
functions on ECB will work in the same way as the IV-less functions.
This makes sense because the IV length is simply zero.

> I wonder whether we shouldn't consider that those functions must at
> least clear the memory area that was submitted to them, such as
> proposed below. It would also fix the problem for potential other
> users. I don't think we need to check whether dst is valid given
> the small amount of tests performed in crypt().

If the user is ignoring the error value here then you're in serious
trouble anyway since they've just lost all their data.

Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt