CFB Mode
Michael Halcrow
mike at halcrow.us
Mon Aug 30 20:57:13 CEST 2004
On Mon, Aug 30, 2004 at 12:41:41PM -0500, Michael Halcrow wrote:
> On Mon, Aug 30, 2004 at 02:36:27PM -0400, James Morris wrote:
> > On Mon, 30 Aug 2004, Michael Halcrow wrote:
> >
> > > recommended approach to dealing with this, or can I go ahead and make
> > > some invasive changes that will process data sizes that are not even
> > > multiple of the block size, given certain cipher modes?
> >
> > What do other crypto APIs do in this case? (e.g. Nettle, Gnu
> > Crypto, OpenSSL etc).
>
> I'll take a look at those as soon as I finish with my changes to the
> kernel crypto API. I've narrowed down the changes to these (so far -
> don't apply, this is just some playing around for now):
>
Okay, scratch all that about the size and what not. There is nothing
wrong with just passing in garbage for the remainder of the plaintext;
with CFB, the user can just ignore the corresponding ciphertext. In
order to replicate RFC 2440's CFB, I will have to start out the
process manually with ECB, and then pass the ``primed'' IV into the
cipher in CFB mode.
Mike
.___________________________________________________________________.
Michael A. Halcrow
Security Software Engineer, IBM Linux Technology Center
GnuPG Fingerprint: 05B5 08A8 713A 64C1 D35D 2371 2D3C FDDA 3EB6 601D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.logix.cz/pipermail/cryptoapi/attachments/20040830/a29cf3e1/attachment.bin
More information about the CryptoAPI
mailing list