[gnutls-devel] GnuTLS | crypto: add API to retrieve the final IV for CFB ciphers (!988)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu May 2 17:07:39 CEST 2019
Hi Daiki,
> Is this internal IV subject to validation?
Yes, I need the IV after an encrypt or decrypt operation.
> Wouldn't it be feasible to do
> something like (not tested at all though):
> ```c
> gnutls_cipher_init(&ch, GNUTLS_CIPHER_AES_128_CFB8, &key, &iv);
> gnutls_cipher_encrypt(ch, data.data, data.size);
> block_size = gnutls_cipher_get_block_size(GNUTLS_CIPHER_AES_128_CFB8);
> if (data.size < block_size) {
> /* concatenate the initial IV and ciphertext */
> memcpy(next_iv, iv.data + block_size - (block_size - data.size),
> block_size - data.size); memcpy(next_iv + block_size - data.size,
> data.data, block_size - (block_size - data.size)); } else {
> /* use the last block of the ciphertext */
> memcpy(next_iv, data.data + (data.size - block_size), block_size);
> }
> ```
It seems that you are proposing to re-create the IV operation GnuTLS applies
in the calling code. This is not permissible. We need the IV that was left by
GnuTLS' operation.
Ciao
Stephan
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/988#note_166225271
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190502/d7608d37/attachment.html>
More information about the Gnutls-devel
mailing list