haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,213 Commits 15 Branches 30 Tags 2.5 MiB
7dfaf914e6
Commit Graph

7 Commits

Author SHA1 Message Date
Olivier Chéron
fc07a8b931 Fix counter wrapping in AES GCM 
The generic and AESNI implementations used different conventions
regarding counter wrapping in GCM.  The generic code was based on
function block128_inc_be, for which the counter is a 128-bit value.
Whereas the AESNI code used intrinsic function _mm_add_epi64, and
therefore wrapping at 2^64.

In NIST.SP.800-38d the GCM specification mandates to use incrementing
function inc32, wrapping after 2^32 blocks.  This commit changes both
generic and AESNI implementations to align to the specification and
adds a test vector specially crafted to start encryption with IV block
0xfffffffffffffffffffffffffffffffe.
 2019-08-20 10:34:40 +02:00
Olivier Chéron
4926cbb143 Improve types and indentation, fix typo 2018-02-03 19:05:20 +01:00
Baojun Wang
ccc7c3e7a6 kill unused imports 2018-02-03 09:34:57 +01:00
Baojun Wang
6fef094e90 Add KATCCM test file 2018-02-03 09:34:57 +01:00
Vincent Hanquez
b00a1a2553 [tests] expands tabs, and remove redundant binding 2015-08-30 07:49:30 +01:00
Vincent Hanquez
5ea8614999 [AES] tests: remove dead definitions 2015-04-18 07:59:15 +01:00
Vincent Hanquez
03fab98cd2 [AES] add KAT and properties tests for AES128,192,256 2015-04-18 07:33:34 +01:00