2009/12/2 Gregory BELLIER <gregory.bell...@gmail.com>: > > Examples : > - For Camellia at the end of camellia_encryptCBC(CamelliaContext *cx, ...) : > > lastblock = output; > memcpy(cx->iv, lastblock, CAMELLIA_BLOCK_SIZE); > > return SECSuccess;
We save lastblock in cx->iv (at line 1541) so that it will become lastblock in the next invocation of camellia_encryptCBC (at line 1522): http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/freebl/camellia.c&rev=1.2&mark=1511,1522,1541#1511 > - For SEED at the end of the encryption part in SEED_cbc_encrypt(unsigned > char ivec[SEED_BLOCK_SIZE], ...) : > > iv = out; > memcpy(ivec, iv, SEED_BLOCK_SIZE); > (no return here because this function returns void) Same reason here: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/freebl/seed.c&rev=1.3&mark=466,472,497#466 ivec is equivalent to cx->iv for camellia_encryptCBC. iv is equivalent to lastblock for camellia_encryptCBC. > Do we use this last block somewhere else in NSS to justify this backup ? Yes, this last block needs to be saved for the next invocation of the CBC encryption function. > (off-topic: About the SEED cipher : why do they encrypt and decrypt in the > same function called encrypt ???) I don't know why. I think we can change that. The encryption and decryption code in SEED_cbc_encrypt is completely disjoint (the 'tmp' local variable is only used in decryption). Would you like to submit a patch to separate the encryption and decryption code in SEED_cbc_encrypt into two functions? And SEED_ecb_encrypt can simply be deleted and replaced by direct calls to SEED_encrypt and SEED_decrypt. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
