Robert Relyea a écrit :
This code is a direct result of the definition of CBC. The IV is a random value used to initiate the CBC. Different IVs will generate completely different output stream
Indeed. The same IV is needed for encryption and decryption.
If I refer to the sample2 example : http://www.mozilla.org/projects/security/pki/nss/sample-code/sample2.html 2 contexts are created. The first one for encryption and the second one for decryption. Both contexts use the same IV.
In the case of encryption, I agree with you, for each round we use the last ciphered block (as the new temporary IV) to xor it with the plaintext. To this point, everything is clear.
But, I still don't understand why we need to do a memcpy after the last round to save the last ciphered block as the new IV into the context. In my opinion, it's useless, this context won't be used anymore.
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/freebl/camellia.c&rev=1.2&mark=1541 Grégory. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
