Extend AES minimal and rdseed examples#563
Conversation
tmael
left a comment
tmael
left a comment
There was a problem hiding this comment.
Don't split aesgcm-rdseed.c into a separate file. The original design in aesgcm-minimal.c with
#ifdef for RDSEED was cleaner. If a separate rdseed directory is desired (for the user_settings.h +
Makefile targeting LynxOS-178), just have rdseed/Makefile build ../aesgcm-minimal.c with
-DWOLFSSL_USER_SETTINGS -I. rather than duplicating ~150 lines of identical code.
| @@ -0,0 +1,206 @@ | |||
| /* aesgcm-file-encrypt-minimal.c | |||
There was a problem hiding this comment.
encrypt only, no decrypt: The file writes IV || TAG || ciphertext
but there's no corresponding decrypt function or example, which limits its usefulness. The existing
aesgcm-file-encrypt.c already handles both encrypt and decrypt for files. Why not update that file instead?
There was a problem hiding this comment.
Todd asked specifically for this
There was a problem hiding this comment.
I’m okay with having a standalone file if Todd asked for it. Did he also not ask for Decrypt function?
There was a problem hiding this comment.
Not specifically. I added Decrypt() to the example.
padelsbach
force-pushed
the
padelsbach/aesgcm-rdseed
branch
from
b1096e7 to
0490ec0
Compare
Todd specifically asked for a rdseed only example |
| /* I/O: redirect XPRINTF to stdio when available */ | ||
| /* ------------------------------------------------------------------------- */ | ||
| #ifndef XPRINTF | ||
| #include <stdio.h> |
There was a problem hiding this comment.
The second include (inside the XPRINTF fallback block) is redundant.
| int i; | ||
| printf("%s: ", label); | ||
| for (word32 i = 0; i < sz; i++) { | ||
| for (i = 0; i < sz; i++) { |
There was a problem hiding this comment.
word32 i to match the fix in
aesgcm-file-encrypt-minimal.c
| goto exit; | ||
| } | ||
|
|
||
| ret = Encrypt(key, iv, plaintext, (word32)plaintextSz, ciphertext, tag); |
There was a problem hiding this comment.
On a 64-bit system,
long is 8 bytes but word32 is 4 bytes. Files larger than ~4GB would silently truncate. Either document
the limitation or use word32 from the start with a size check - reject files that are too large or > (long) MAX_32BIT before calling Encrypt()
There was a problem hiding this comment.
Good catch, converted to word32
tmael
left a comment
tmael
left a comment
There was a problem hiding this comment.
Almost done. A couple of minor issues.
padelsbach
force-pushed
the
padelsbach/aesgcm-rdseed
branch
from
0490ec0 to
0728e03
Compare
2 participants
Uh oh!
There was an error while loading. Please reload this page.