Daiki Ueno <u...@gnu.org> writes: > We realized that cfb8_decrypt doesn't update the IV correctly when the > input is shorter than AES block size. The attached patches should fix > it.
For testing, I think it would be good to take the testvectors for cfb8, and split into multiple calls to cfb8_*crypt, in several ways. And check they all give the same result. A bit like it's done in arcfour-test.c, or the test_cipher_stream (#if:ed out, not sure if it's worth reviving). What do you think? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs