Stowage/pycryptodome
2
0
Fork 0
mirror of https://github.com/Legrandin/pycryptodome.git synced 2025-10-19 07:53:49 +00:00
Code Issues Projects Releases Packages Wiki Activity

Reduce the minimum length of the EAX MAC tag to 2 bytes

Browse source
This commit is contained in:
Helder Eijs 2022-12-11 19:31:32 +01:00
parent c68e0f448c
commit 316d1fad8c
5 changed files with 14 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

1
AUTHORS.rst
View file

@ -48,3 +48,4 @@ Eric Young
Hannes van Niekerk Hannes van Niekerk
Stefan Seering Stefan Seering
Koki Takahashi Koki Takahashi
Lauro de Lima

4
Changelog.rst
View file

@ -4,6 +4,10 @@ Changelog
3.17.0 (under development) 3.17.0 (under development)
++++++++++++++++++++++++++ ++++++++++++++++++++++++++
New features
---------------
* Reduce the minimum tag length for the EAX cipher to 2 bytes.
Resolved issues Resolved issues
--------------- ---------------
* GH#526: improved typing for ``RSA.contruct``. * GH#526: improved typing for ``RSA.contruct``.

5
Doc/src/cipher/modern.rst
View file

@ -194,8 +194,9 @@ a new EAX cipher object for the relevant base algorithm.
:param bytes nonce: the value of the fixed nonce. :param bytes nonce: the value of the fixed nonce.
It must be unique for the combination message/key. It must be unique for the combination message/key.
If not present, the library creates a random nonce (16 bytes long for AES). If not present, the library creates a random nonce (16 bytes long for AES).
:param integer mac_len: the desired length of the :param integer mac_len: the length of the MAC tag, in bytes.
MAC tag (default if not present: the cipher's block size, 16 bytes for AES). At least 2, and not larger than the cipher's block size (default),
which is 16 bytes for AES.
:return: an EAX cipher object :return: an EAX cipher object
The cipher object has a read-only attribute :attr:`nonce`. The cipher object has a read-only attribute :attr:`nonce`.

4
lib/Crypto/Cipher/_mode_eax.py
View file

@ -94,8 +94,8 @@ class EaxMode(object):
"digest", "verify"] "digest", "verify"]
# MAC tag length # MAC tag length
if not (4 <= self._mac_len <= self.block_size): if not (2 <= self._mac_len <= self.block_size):
raise ValueError("Parameter 'mac_len' must not be larger than %d" raise ValueError("'mac_len' must be at least 2 and not larger than %d"
% self.block_size) % self.block_size)
# Nonce cannot be empty and must be a byte string # Nonce cannot be empty and must be a byte string

4
lib/Crypto/SelfTest/Cipher/test_EAX.py
View file

@ -151,12 +151,12 @@ class EaxTests(unittest.TestCase):
def test_mac_len(self): def test_mac_len(self):
# Invalid MAC length # Invalid MAC length
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_EAX, self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_EAX,
nonce=self.nonce_96, mac_len=3) nonce=self.nonce_96, mac_len=2-1)
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_EAX, self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_EAX,
nonce=self.nonce_96, mac_len=16+1) nonce=self.nonce_96, mac_len=16+1)
# Valid MAC length # Valid MAC length
for mac_len in range(5, 16 + 1): for mac_len in range(2, 16 + 1):
cipher = AES.new(self.key_128, AES.MODE_EAX, nonce=self.nonce_96, cipher = AES.new(self.key_128, AES.MODE_EAX, nonce=self.nonce_96,
mac_len=mac_len) mac_len=mac_len)
_, mac = cipher.encrypt_and_digest(self.data_128) _, mac = cipher.encrypt_and_digest(self.data_128)