-
Notifications
You must be signed in to change notification settings - Fork 2.2k
AES128-CTR replacement #3638
base: master
Are you sure you want to change the base?
AES128-CTR replacement #3638
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like a clean translation of typical crypto code. If you wanted an OO interface then state_t could be wrapped with an AES class with Cipher() and BlockCopy() as public methods and the rest private.
d3c0996
to
69f2e51
Compare
Codecov Report
@@ Coverage Diff @@
## develop #3638 +/- ##
===========================================
- Coverage 50.15% 49.37% -0.78%
===========================================
Files 356 355 -1
Lines 26950 25996 -954
Branches 3222 3226 +4
===========================================
- Hits 13517 12836 -681
+ Misses 12287 12104 -183
- Partials 1054 1056 +2
Continue to review full report at Codecov.
|
69f2e51
to
0dac6ca
Compare
namespace | ||
{ | ||
|
||
// This code is modified version of https://github.com/kokke/tiny-AES128-C. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please mention that it was released under the "unlicense", roughly equivalent to a release to the public domain.
{ | ||
for (int j = 0; j < 4; ++j) | ||
{ | ||
tempa[j] = roundKeys[(i-1) * 4 + j]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i
is bounded by Nb * (Nr + 1)
and j
is bounded by 4
- is there any easier way to (perhaps in an automated way) check that this does not go out of bounds with respect to roundKeys
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hoped I will not have to decrypt this indexing :D
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, but this just looks like dynamite to me. Buffers passed as plain pointers with sizes resulting from formulas including weird constants, it is just too easy to confuse two constants here, and we don't really know how much this library is used, tested, etc.
I agree with @chriseth now. We should spend some time to find good AES implementation for both 128 and 256 (presale wallet) size. |
@chfast what's the status here? |
No description provided.