1 Feb
2018
1 Feb
'18
10:21 a.m.
Nikos Mavrogiannopoulos nmav@redhat.com writes:
It seems that ctr_crypt16() would not handle the whole input and that was complicating things.
I was afraid of that. Doing the extra block would be something like
done = ctr_crypt16(cipher, f, gcm_fill, ctx->ctr.b, length, dst, src); if (done < length) { uint8_t block[16]; assert (done % 16 == 0); assert (length - done < 16); f(ctx, block, ctx->ctr.b, 16, 16); memxor3(dst + done, src + done, block, length - done); }
(if we skip updating the counter in this case; I don't think gcm promises anything about the counter after a partial block).
But I agree it makes sense to let ctr_crypt16 do that.
More detailed comments later.
Regards, /Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.