Project

General

Profile

Feature #12864

Have pkcs11_softtoken's DES[3]_CBC_PAD mechanism use the cbc_pad mode

Added by Jason King 6 months ago.

Status:
New
Priority:
Normal
Assignee:
Category:
lib - userland libraries
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

Similar to #11825, it appears the DES_CBC_PAD and DES3_CBC_PAD mechanisms are broken in pkcs11_softtoken (as found by Google's pkcs11 test suite). While hopefully no one has to use these (and indeed, these appear to have been broken for years without any reports of issues, suggested they aren't), on the chance someone is forced to use these, we should provide correct implementations.


Related issues

Related to illumos gate - Feature #12863: Make cbc_pad its own modeNewJason King

Actions
Related to illumos gate - Bug #11825: PKCS#11 CKM_AES_CBC_PAD decryption can failClosedJason King

Actions
#1

Updated by Jason King 5 months ago

#2

Updated by Jason King 5 months ago

  • Related to Bug #11825: PKCS#11 CKM_AES_CBC_PAD decryption can fail added

Also available in: Atom PDF