the DFStart function may has two lines of code implementation that may be incorrect #103
Comments
magickli1
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi ,I feel that the DFStart function has two lines of code implementation that may be wrong, the following shows the code
ms-tpm-20-ref/TPMCmd/tpm/src/crypt/CryptRand.c
Line 191 in e9fc7b8
ms-tpm-20-ref/TPMCmd/tpm/src/crypt/CryptRand.c
Line 192 in e9fc7b8
I think the destination parameter of the memcpy function should be dfState->buf, not dfState->iv[0], because the init variable stores inputLength and seedsize. If you copy it to dfState->iv[0], the initial value of dfState->iv[0] will be overwritten. According to the description in step 4 in section 10.3.2 in SP800-90A, the value should be stored in dfState->buf and used as the input parameter of the BCC calculation. In addition, memcpy contains 8 bytes.,so I think dfState->content should be equal to 8, not equal to 4 in the source code.is it a historical error or the current implementation is designed in this way?
In addition, part 4 of the TPM library specification implements only part of Block_Cipher_df (I think steps 10-15 are missing). I would like to ask why the complete DF function is not implemented according to section 10.3.2 (Block_Cipher_df) in SP800-90A.
The text was updated successfully, but these errors were encountered: