[prev in list] [next in list] [prev in thread] [next in thread]
List: snap-users
Subject: (KAME-snap 9505) Re: AES-CTR: alignment of padding
From: Yukiyo Akisada <Yukiyo.Akisada () jp ! yokogawa ! com>
Date: 2007-03-09 8:51:49
Message-ID: 20070309175149.18074bc0.Yukiyo.Akisada () jp ! yokogawa ! com
[Download RAW message or body]
Hi, itojun.
No problem.
I can wait.
I hope you you'll get well soon.
Thanks,
On Fri, 9 Mar 2007 17:25:07 +0900 (JST)
itojun@itojun.org (Jun-ichiro itojun Hagino) wrote:
> > > I found a problem about AES-CTR in FreeBSD 6.1-RELEASE.
> > > And kame-20070301-freebsd54-snap.tgz also has the same problem.
> > >
> > > esp_aesctr_encrypt() function in sys/netinet6/esp_aesctr.c says,
> > >
> > > 352 if ((m->m_pkthdr.len - bodyoff) % blocklen) {
> > > 353 ipseclog((LOG_ERR, "esp_aesctr_encrypt %s: "
> > > 354 "payload length must be multiple of %lu\n",
> > > 355 algo->name, (unsigned long)algo->padbound));
> > > 356 m_freem(m);
> > > 357 return EINVAL;
> > > 358 }
> > >
> > > And the actual message of dmesg is
> > >
> > > esp_aesctr_decrypt aes-ctr: payload length must be multiple of 16
> > >
> > > Of course, block size of AES-CTR is 16 bytes,
> > > but alignment can be different from block size by RFC.
>
> yes, it is a bug. but to be honest it is not nice of AESCTR document
> to override ESP base document.
> at this moment i got my right hand injured so i cannot debug it.
> pls wait for 4 weeks or wait for someone else to come up with a patch.
>
> itojun
>
------------------------------------------------------------------------
Yukiyo Akisada <Yukiyo.Akisada@jp.yokogawa.com>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic