Re: [PATCH] crypto: don't raise alarm for no ctr(aes*) tests infips mode

From: Herbert Xu
Date: Mon May 04 2009 - 21:09:06 EST

Next message: Roland McGrath: "Re: [RFC, PATCH 0/2] utrace/ptrace: simplify/cleanup ptrace attach"
Previous message: Minchan Kim: "Re: [PATCH] alloc_vmap_area: fix memory leak"
In reply to: Jarod Wilson: "Re: [PATCH] crypto: don't raise alarm for no ctr(aes*) tests in fips mode"
Next in thread: Jarod Wilson: "Re: [PATCH] crypto: don't raise alarm for no ctr(aes*) tests in fipsmode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 04, 2009 at 02:56:58PM -0400, Jarod Wilson wrote:
>
> Ah... Now I think I see... We can provide an initial counter w/o a
> problem, but counter incrementation is implementation-specific, so

Not in Linux. If you're going to provide ctr you'd better increment
in the way the current implementation does it. Otherwise anything
that wraps around it, such as RFC3686 will fail.

Another way to put it, only the counter mode as used in RFC 3686,
CCM and GCM is what we call ctr.

Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Roland McGrath: "Re: [RFC, PATCH 0/2] utrace/ptrace: simplify/cleanup ptrace attach"
Previous message: Minchan Kim: "Re: [PATCH] alloc_vmap_area: fix memory leak"
In reply to: Jarod Wilson: "Re: [PATCH] crypto: don't raise alarm for no ctr(aes*) tests in fips mode"
Next in thread: Jarod Wilson: "Re: [PATCH] crypto: don't raise alarm for no ctr(aes*) tests in fipsmode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]