19 Jun
2018
19 Jun
'18
2:27 p.m.
On Sun, Jun 17, 2018 at 01:06:42PM +0300, Gilad Ben-Yossef wrote:
It was ctr(aes). I wrongly assumed that we are supposed to unconditionally copy the cipher-text block post operation and let the caller do with it what it wants and so the code now does that for all cipher operations unconditionally.
For CTR it doesn't matter whether the last block is less than a block, you should still increment the counter.
So what is a good description of what we are supposed to provide in that field post operation? The next IV? but as you stated, that is not necessarily useful for all ciphers.
When in doubt, please refer to the generic implementation. If that is still unclear or if it seems wrong, please post to the list.
Cheers,
--
Email: Herbert Xu herbert@gondor.apana.org.au
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt