15 Apr, 2009

1 commit

  • If crypto_ablkcipher_encrypt() returns synchronous,
    eseqiv_complete2() is called even if req->giv is already the
    pointer to the generated IV. The generated IV is overwritten
    with some random data in this case. This patch fixes this by
    calling eseqiv_complete2() just if the generated IV has to be
    copied to req->giv.

    Signed-off-by: Steffen Klassert
    Signed-off-by: Herbert Xu

    Steffen Klassert
     

29 Aug, 2008

2 commits


01 May, 2008

1 commit

  • After attaching the IV to the head during encryption, eseqiv does not
    increase the encryption length by that amount. As such the last block
    of the actual plain text will be left unencrypted.

    Fortunately the only user of this code hifn currently crashes so this
    shouldn't affect anyone :)

    Signed-off-by: Herbert Xu

    Herbert Xu
     

08 Mar, 2008

1 commit


23 Feb, 2008

1 commit


11 Jan, 2008

1 commit

  • This generator generates an IV based on a sequence number by xoring it
    with a salt and then encrypting it with the same key as used to encrypt
    the plain text. This algorithm requires that the block size be equal
    to the IV size. It is mainly useful for CBC.

    It has one noteworthy property that for IPsec the IV happens to lie
    just before the plain text so the IV generation simply increases the
    number of encrypted blocks by one. Therefore the cost of this generator
    is entirely dependent on the speed of the underlying cipher.

    Signed-off-by: Herbert Xu

    Herbert Xu