Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added aes-gcm #2165

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

added aes-gcm #2165

wants to merge 7 commits into from

Conversation

bmatusiak
Copy link

@bmatusiak bmatusiak commented Mar 4, 2022
edited
Loading

this need testing,

but here in a test scripts for espruino and browser
https://gist.github.com/bmatusiak/c4517056a93f96ea904e85b7f5c0ddb5

@bmatusiak
Copy link
Author

yea there still need work to be done

@gfwilliams
Copy link
Member

yea there still need work to be done

Thanks! So where are we at with this? Does it build and work ok for those test scripts?

@bmatusiak
Copy link
Author

the problem im running into is,

the encrypted data being generated from mbedtls is not verifyable (it can decrypt it, but the gcm tag is invalid causing a failed decryption )..

but encrypted data from webcrypt/browser is verifyable in mbed tls

@bmatusiak
Copy link
Author

SIDE note, so instead of hunting down the issue on that yesterday.. i coded up ECDH

https://gist.github.com/bmatusiak/a1ac4b31cf5fd4c2c4ac2a9b0fd377ff

@bmatusiak
Copy link
Author

ok i fixed gcm encrypt auth tag
all thats left is importing "additional data"

@bmatusiak
Copy link
Author

I changed IV to be a variable length, 16 = {0} is default(for all modes)

added additionalData and tagLength options

var opts = {
        iv: new Uint8Array(16),
        mode: 'GCM',
        additionalData: new Uint8Array( ), //GCM max length AddData is 18446744073709551615 
        tagLength:128, // in bit size (128=16bytes)
    };

gfwilliams
gfwilliams reviewed May 20, 2024
View reviewed changes
libs/crypto/jswrap_crypto.c
jsvIterateCallbackToBytes(ivVar, iv, sizeof(iv));
if (ivVar && !jsvIsUndefined(ivVar)) {
iv_size = (size_t)jsvGetLength(ivVar);
jsvIterateCallbackToBytes(ivVar, &iv_bytes, (unsigned int)iv_size);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry it's taken so long to look into this - but this one in particular looks broken.

iv_bytes is never set, so at this point jsvIterateCallbackToBytes will write into a random area of memory! It's possible that by using &iv_bytes you're just writing onto the stack, but there's definitely an issue here...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gfwilliams gfwilliams gfwilliams left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bmatusiak @gfwilliams