Automatic 16 byte nonce for EAX

2025-12-08 05:19:46 +00:00 · 2015-12-19 22:47:07 +01:00 · 2015-12-19 22:47:07 +01:00 · 6fc0c734a2
commit 6fc0c734a2
parent 503d9ea116
2 changed files with 12 additions and 4 deletions
--- a/lib/Crypto/Cipher/_mode_eax.py
+++ b/lib/Crypto/Cipher/_mode_eax.py
@ -351,13 +351,15 @@ def _create_eax_cipher(factory, **kwargs):
        The secret key to use in the symmetric cipher.

      nonce : byte string
-        A mandatory value that must never be reused for any other encryption.
+        A value that must never be reused for any other encryption.
        There are no restrictions on its length, but it is recommended to use
        at least 16 bytes.

        The nonce shall never repeat for two different messages encrypted with
        the same key, but it does not need to be random.

+        If not specified, a 16 byte long random string is used.
+
      mac_len : integer
        Length of the MAC, in bytes. It must be no larger than the cipher
        block bytes (which is the default).
@ -365,7 +367,7 @@ def _create_eax_cipher(factory, **kwargs):

    try:
        key = kwargs.pop("key")
-        nonce = kwargs.pop("nonce")
+        nonce = kwargs.pop("nonce", get_random_bytes(16))
        mac_len = kwargs.pop("mac_len", factory.block_size)
    except KeyError, e:
        raise TypeError("Missing parameter: " + str(e))