Hi, On Thu, Dec 30, 2021 at 07:16:25PM +0100, Steffan Karger wrote: > On 30-12-2021 18:28, Arne Schwabe wrote: > > That BF-CBC seems have an extra 8 bytes that I somehow missed. CBC is a > > odd since it always gives you a multiple of the blocksize (64 bit or 8 > > byte) and if you evenly divide by the blocksize you get an extra block > > just for the padding. I need to reinvestigate that code and send a fixup > > patch for it. > > You probably know this, but for clarity: this is how CBC padding works, > not just for BF. It is easier to trigger with BF though, because of the > smaller (64-bit) block, compared to AES (128-bit block).
The comment in the code acknowledges this :-) - but the math seems to
be not quite right.
We've tested with a few different --mssfix values and BF-CBC + AES-CBC
and packets (UDP payload) are consistently up to 8 bytes larger than
ordered...
18:34 <@plaisthos> I think I am missing the rounding up to blocksize step
18:35 <@plaisthos> I basically handle the corner that you do NOT round up and
get an extra block but I completely forgot the rounding up
for all other values
18:40 <@plaisthos> I will look into that CBC thing later, that needs more
testing than just writing a small quick fix
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
