search

intel / tinycrypt

tinycrypt is a library of cryptographic algorithms with a focus on small, simple implementation.
Other
436 stars 154 forks source link

tc_cbc_mode_decrypt doc inaccurate #50

Open yannroth opened 2 years ago

yannroth commented 2 years ago

The description of the in parameter of tc_cbc_mode_decrypt is misleading. All examples show that in should point on the cipher text offset by the size of the iv (which is a block): https://github.com/intel/tinycrypt/blob/master/tests/test_cbc_mode.c#L134 :

p = &encrypted[TC_AES_BLOCK_SIZE];
    length = ((unsigned int) sizeof(encrypted));

    if (tc_cbc_mode_decrypt(decrypted, length, p, length, encrypted, &a) == 0) {
...

But both the note and the description of the in param are suggesting that it should point on the cipher text including the IV: https://github.com/intel/tinycrypt/blob/master/lib/include/tinycrypt/cbc_mode.h#L128 : 

* @note Assumes:- in == iv + ciphertext, i.e. the iv and the ciphertext are
 *                contiguous. This allows for a very efficient decryption
 *                algorithm that would not otherwise be possible

* @param in IN -- ciphertext to decrypt, including IV

I'd propose to modify the doc to something like:

* @note Assumes:- the IV and the ciphertext need to be
 *                contiguous. This allows for a very efficient decryption
 *                algorithm that would not otherwise be possible

* @param in IN -- ciphertext to decrypt, not including IV * @param iv IN -- the IV for the encrypt/decrypt, must be followed by ciphertext