Use G_ELI_IVKEYLEN as the size of IV in the user test code.
ClosedPublic
Actions

Authored by jhb on Jan 13 2022, 9:28 PM.

Details

Reviewers

markj
allanjude
imp

Commits

rGd61effd38b51: Use G_ELI_IVKEYLEN as the size of IV in the user test code.

Summary

IVs are not the size of keys as a general case. Most often they are
the size of a single block.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Jan 13 2022, 9:28 PM

Herald added a subscriber: imp. · View Herald TranscriptJan 13 2022, 9:28 PM

jhb requested review of this revision.Jan 13 2022, 9:28 PM

Harbormaster completed remote builds in B43912: Diff 101428.Jan 13 2022, 9:28 PM

jhb added a parent revision: D33884: geliboot: Use the correct IV length for AES-XTS..Jan 13 2022, 9:28 PM

Do you need a kassert G_ELI_IVKEYLEN >= keysize?

This revision is now accepted and ready to land.Jan 13 2022, 9:51 PM

In D33885#766236, @imp wrote:

Do you need a kassert G_ELI_IVKEYLEN >= keysize?

No, the entire point is that IV sizes have no relation to key sizes. For the ciphers involved in fact, the key sizes are generally larger than the IVs (e.g. 8 byte IV for AES-XTS vs a 256/512 bit key).

Closed by commit rGd61effd38b51: Use G_ELI_IVKEYLEN as the size of IV in the user test code. (authored by jhb). · Explain WhyJan 14 2022, 1:22 AM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rGd61effd38b51: Use G_ELI_IVKEYLEN as the size of IV in the user test code..

Revision Contents
Changeset List

Path

Size

sys/

geom/

eli/

g_eli_crypto.c

2 lines

Diff 101443

View Options

sys/geom/eli/g_eli_crypto.c

Use G_ELI_IVKEYLEN as the size of IV in the user test code.ClosedPublicActions