• Eric Biggers's avatar
    crypto: cfb - add missing 'chunksize' property · 394a9e04
    Eric Biggers authored
    Like some other block cipher mode implementations, the CFB
    implementation assumes that while walking through the scatterlist, a
    partial block does not occur until the end.  But the walk is incorrectly
    being done with a blocksize of 1, as 'cra_blocksize' is set to 1 (since
    CFB is a stream cipher) but no 'chunksize' is set.  This bug causes
    incorrect encryption/decryption for some scatterlist layouts.
    
    Fix it by setting the 'chunksize'.  Also extend the CFB test vectors to
    cover this bug as well as cases where the message length is not a
    multiple of the block size.
    
    Fixes: a7d85e06 ("crypto: cfb - add support for Cipher FeedBack mode")
    Cc: <stable@vger.kernel.org> # v4.17+
    Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    394a9e04
cfb.c 8.86 KB