possible rijndael bug
Lev Walkin
vlm at netli.com
Wed Sep 17 01:24:52 PDT 2003
Hajimu UMEMOTO wrote:
> Hi,
>
>
>>>>>>On Wed, 17 Sep 2003 01:09:24 -0700
>>>>>>vlm at netli.com (Lev Walkin) said:
>
>
>>I saw it during working on next KAME merge into 5-CURRENT.
>>KAME/NetBSD uses assert() here like:
>>
>> assert(padLen > 0 && padLen <= 16);
>>
>>Since FreeBSD doesn't have assert() in kernel, this line was changed
>>to:
>>
>> if (padLen > 0 && padLen <= 16)
>> return BAD_CIPHER_STATE;
>>
>>for KAME/FreeBSD. Since if expression is true, the assert() macro
>>does nothing, the expression seems wrong, and it should be:
>>
>> if (padLen <= 0 || padLen > 16)
>> return BAD_CIPHER_STATE;
>>
>>as you pointed out.
>
>
>
> vlm> Absolutely NOT.
>
> vlm> According to RFC1423 and FIPS81, the padding length may be somewhere
> vlm> in between 1 to 16 bytes, which translated into
>
> vlm> if(padLen < 0 || padLen >= 16)
>
> vlm> for this particular code.
>
> Ah, yes. Then, `assert(padLen > 0 && padLen <= 16)'; should be wrong.
Nope, you're completely right: the original assert() code is correct.
--
Lev Walkin
vlm at netli.com
More information about the freebsd-hackers
mailing list