haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,181 Commits 15 Branches 30 Tags 2.5 MiB
d0ead79fed
Commit Graph

5 Commits

Author SHA1 Message Date
Olivier Chéron
908f979d44 Add AES-GCM-SIV 2019-08-25 16:38:01 +02:00
Olivier Chéron
0075b57f90 Add internal AES CTR variant with 32-bit counter 
This variant of CTR mode is used by AES-GCM-SIV.  The counter is in
little-endian format and uses the first four bytes of the IV only.
 2019-08-25 08:55:49 +02:00
Olivier Chéron
fc07a8b931 Fix counter wrapping in AES GCM 
The generic and AESNI implementations used different conventions
regarding counter wrapping in GCM.  The generic code was based on
function block128_inc_be, for which the counter is a 128-bit value.
Whereas the AESNI code used intrinsic function _mm_add_epi64, and
therefore wrapping at 2^64.

In NIST.SP.800-38d the GCM specification mandates to use incrementing
function inc32, wrapping after 2^32 blocks.  This commit changes both
generic and AESNI implementations to align to the specification and
adds a test vector specially crafted to start encryption with IV block
0xfffffffffffffffffffffffffffffffe.
 2019-08-20 10:34:40 +02:00
James Clarke
2b43be4d84 Fix many cases of unaligned accesses 2017-06-25 18:10:55 +01:00
Vincent Hanquez
6195bd40af merge cipher-aes C files in cryptonite 2015-01-15 04:58:25 -08:00