almost-passing test for decrypting a Tahoe-LAFS-encoded share
The trick is that we don't use the IV to initialize CTR mode, we only use it to derive the data encryption key and then use the zero IV to initialize CTR mode. (So is it an IV? Not really I guess.) The failure is due to incorrect handling of padding somewhere so we get extra bytes on the recovered ciphertext/plaintext.
parent
a501ffb0
Loading
Please register or sign in to comment