Project

General

Profile

Actions
Copy link

Feature #12864

open

Have pkcs11_softtoken's DES[3]_CBC_PAD mechanism use the cbc_pad mode

Added by Jason King over 3 years ago.

Status:
New
Priority:
Normal
Assignee:
Jason King
Category:
lib - userland libraries
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:

Description

Similar to #11825, it appears the DES_CBC_PAD and DES3_CBC_PAD mechanisms are broken in pkcs11_softtoken (as found by Google's pkcs11 test suite). While hopefully no one has to use these (and indeed, these appear to have been broken for years without any reports of issues, suggested they aren't), on the chance someone is forced to use these, we should provide correct implementations.

Related issues

Related to illumos gate - Feature #12863: Make cbc_pad its own modeNewJason King

Actions
Related to illumos gate - Bug #11825: PKCS#11 CKM_AES_CBC_PAD decryption can failClosedJason King

Actions
Actions
Copy link
 #1

Updated by Jason King over 3 years ago

Actions
Copy link
 #2

Updated by Jason King over 3 years ago

  • Related to Bug #11825: PKCS#11 CKM_AES_CBC_PAD decryption can fail added
Actions
Copy link

Also available in: Atom PDF