Dear all, there is bad code in test/ideatest.c, line 205: It is not in effect, since the first part (17 Bytes) is larger than one block (line 202). This means the first two blocks (i.e., the whole message) are decrypted correctly. If the second part of CFB_TEST_SIZE-17 bytes is "decrypted" with the wrong key schedule afterwards (dks instead of eks, line 205), the key schedule is not needed any longer.
If you replace 17 by 13 (any number smaller than 16) in all occurrences around, the bug will be obvious when running the test. The attached patch will replace one character in the source code to fix this. Andreas -- Andreas Westfeld, 0432 01CC F511 9E2B 0B57 5993 0B22 98F8 4AD8 EEEA HTW Dresden, Fakultät Informatik/Mathematik Informatikrecht/Informationssicherheit, Zimmer Z337 Tel. +49-351-462-3372, http://www.htw-dresden.de/~westfeld
--- ideatest-old.c 2013-02-11 16:02:48.000000000 +0100
+++ ideatest.c 2013-11-18 18:24:28.000000000 +0100
@@ -202,7 +202,7 @@
idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
cfb_tmp,&n,IDEA_DECRYPT);
idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
- (long)CFB_TEST_SIZE-17,&dks,
+ (long)CFB_TEST_SIZE-17,&eks,
cfb_tmp,&n,IDEA_DECRYPT);
if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
{
smime.p7s
Description: S/MIME cryptographic signature
