Long time ago, on the end of 2002, in the "Cryptoki" mail list at RSA Lab, in
the thread
"Do unpadded block ciphers allow odd length updates?", started on 20 Dec
2002 by Nelson Bolyard,
it was discussed how C_EncryptUpdate should behave when passed with odd input
length (not multiple of cipher block size).
I believe, the discussion was motivated by bug 183146 @ Mozilla bugzilla.
The discussion resulted in recommendation:
"mechanisms should allow odd length Updates" if implementation is able to
do buffering.
At the moment, NSS softoken still return CKR_DATA_LEN_RANGE when CBC/ECB
ciphers are updated with odd length.
I wonder, are any chances for this aspect of NSS softoken to be more PKCS#11
compliant in the near future ?
Best regards,
--
Konstantin Andreev.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
