Re: which one is broken: VIA padlock aes or aes_i586?
From: Herbert Xu
Date: Tue Feb 21 2006 - 20:29:27 EST
On Tue, Feb 21, 2006 at 01:27:50PM +0100, Michael Heyse wrote:
>
> after upgrading the kernel from 2.6.12.5 to 2.6.16-rc4, decryption of my disk fails. As I am using the Nehemia's Padlock and aes-cbc-essiv, I guess this is the reason:
>
> (from ChangeLog-2.6.13)
> commit 476df259cd577e20379b02a7f7ffd086ea925a83
> Author: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Date: Wed Jul 6 13:54:09 2005 -0700
>
> [CRYPTO] Update IV correctly for Padlock CBC encryption
>
> When the Padlock does CBC encryption, the memory pointed to by EAX is
> not updated at all. Instead, it updates the value of EAX by pointing
> it to the last block in the output. Therefore to maintain the correct
> semantics we need to copy the IV.
I don't think this patch is your problem since it's part of the multiblock
code which doesn't exist in 2.6.12 at all. Of course the multiblock code
itself could be buggy. I'll take a look.
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/