Robert Hogan reported on gcrypt-devel:
I needed to use AES in CTR mode but found that libgcrypt's current
implementation does not allow for 'unaligned' blocks of plaintext, i.e.
where the plaintext is not a multiple of the context's blocksize.
Description
Description
Details
Details
- Version
- all
Event Timeline
Comment Actions
On further inspection I figured that it is not a unaligned problem, which would
clearly be a bug, but a restriction that the function works only onh full
blocks. This is the same as with CBC mode with the little difference that the
CBC mode detects this and returns an error. The most straightforward fix would
be to detect this usage error in CTR mode too.
The proposed change has no provisions to handle the case of left over input
data. We need to decide whether we want to add a general buffered mode to the
cipher layer to allow working with arbitrary sized data chunks.
Comment Actions
I have implemented the mentioned checks for CTR in libgcrypt trunk, rev 1414.
I have the buffering layer on my private TODO list. Feel free to add a new
report with a wish if that is important to you.