From owner-freebsd-hackers@FreeBSD.ORG Wed Sep 17 01:20:40 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41F4416A4C0 for ; Wed, 17 Sep 2003 01:20:40 -0700 (PDT) Received: from hitpro.hitachi.co.jp (hitpro.hitachi.co.jp [133.145.224.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id B2E9D43FBD for ; Wed, 17 Sep 2003 01:20:36 -0700 (PDT) (envelope-from ume@FreeBSD.org) Received: from mc3.mcg.hitachi.co.jp by hitpro.hitachi.co.jp (8.12.9/eHI-hitpro) id h8H8KZYQ015422; Wed, 17 Sep 2003 17:20:35 +0900 (JST) Received: (from root@localhost) by mc3.mcg.hitachi.co.jp (8.11.6+Sun/8.11.6) id h8H8KYI26471 for ; Wed, 17 Sep 2003 17:20:34 +0900 (JST) Received: from unknown [192.168.2.1] by mc3.mcg.hitachi.co.jp with SMTP id TAA26470 ; Wed, 17 Sep 2003 17:20:34 +0900 Received: from navsg1.hitachi.co.jp by navsg1.hitachi.co.jp (8.9.3/3.7W-navsg1) id RAA20503; Wed, 17 Sep 2003 17:20:33 +0900 (JST) Received: from mlsv5.itg.hitachi.co.jp ([158.213.165.104]) by navsg1.hitachi.co.jp (NAVGW 2.5.2.17) with SMTP id M2003091717203109771 ; Wed, 17 Sep 2003 17:20:31 +0900 Received: from navgw14.itg.hitachi.co.jp by mlsv5.itg.hitachi.co.jp (8.12.6/8.12.6) id h8H8KPrV006616; Wed, 17 Sep 2003 17:20:31 +0900 Received: from bisdgw.bisd.hitachi.co.jp ([133.144.87.253]) M2003091717204705448 ; Wed, 17 Sep 2003 17:20:47 +0900 Received: from bisdmail.bisd.hitachi.co.jpRAA15756; Wed, 17 Sep 2003 17:20:31 +0900 (JST) (envelope-from ume@FreeBSD.org) Received: from plum.ssr.bisd.hitachi.co.jph8H8KUk21705; Wed, 17 Sep 2003 17:20:30 +0900 (JST) (envelope-from ume@FreeBSD.org) Date: Wed, 17 Sep 2003 17:20:30 +0900 Message-ID: From: Hajimu UMEMOTO To: Lev Walkin In-Reply-To: <3F6816B4.10607@netli.com> References: <3F680C78.000003.13537@tide.yandex.ru> <3F6816B4.10607@netli.com> User-Agent: xcite1.38> Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386--freebsd) MULE/5.0 (=?ISO-2022-JP?B?GyRCOC1MWhsoQg==?=) X-Operating-System: FreeBSD 4.8-RELEASE MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen") Content-Type: text/plain; charset=US-ASCII cc: hackers@FreeBSD.org cc: zevlg@yandex.ru cc: core@kame.net Subject: Re: possible rijndael bug X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Sep 2003 08:20:40 -0000 Hi, >>>>> On Wed, 17 Sep 2003 01:09:24 -0700 >>>>> vlm@netli.com (Lev Walkin) said: > I saw it during working on next KAME merge into 5-CURRENT. > KAME/NetBSD uses assert() here like: > > assert(padLen > 0 && padLen <= 16); > > Since FreeBSD doesn't have assert() in kernel, this line was changed > to: > > if (padLen > 0 && padLen <= 16) > return BAD_CIPHER_STATE; > > for KAME/FreeBSD. Since if expression is true, the assert() macro > does nothing, the expression seems wrong, and it should be: > > if (padLen <= 0 || padLen > 16) > return BAD_CIPHER_STATE; > > as you pointed out. vlm> Absolutely NOT. vlm> According to RFC1423 and FIPS81, the padding length may be somewhere vlm> in between 1 to 16 bytes, which translated into vlm> if(padLen < 0 || padLen >= 16) vlm> for this particular code. Ah, yes. Then, `assert(padLen > 0 && padLen <= 16)'; should be wrong. Sincerely, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/