2012-09-18 03:06:43

by David Miller

[permalink] [raw]
Subject: cbc(des)

I just noticed that none of the testmgr.h cbc(des) test cases
actually exercise doing more than one loop over the input data.

Therefore, the updating of the IV in the inner loop is never exercised
and if you get it wrong the crypto layer test cases will not catch it.

The cbc(des3_ede) test cases, on the other hand, have a 128 byte input
test for both encryption and decryption, so do not fail to cover this
aspect of the implementation.