Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add 64 byte SIV key support #38

Closed
wants to merge 1 commit into from
+33 −5
Closed

Add 64 byte SIV key support #38

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion benchmark/aead.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ export const ciphers = {
},
},
'aes-256-gcm-siv': {
opts: { key: buf(32), nonce: buf(12) },
opts: { key: buf(64), nonce: buf(12) },
noble: {
encrypt: (buf, opts) => siv(opts.key, opts.nonce).encrypt(buf),
decrypt: (buf, opts) => siv(opts.key, opts.nonce).decrypt(buf),
Expand Down
7 changes: 3 additions & 4 deletions src/aes.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
// prettier-ignore
import { bytes as abytes } from './_assert.js';
import { ghash, polyval } from './_polyval.js';
import {
Expand Down Expand Up @@ -121,8 +120,8 @@ const xPowers = /* @__PURE__ */ (() => {
export function expandKeyLE(key: Uint8Array): Uint32Array {
abytes(key);
const len = key.length;
if (![16, 24, 32].includes(len))
throw new Error(`aes: wrong key size: should be 16, 24 or 32, got: ${len}`);
if (![16, 24, 32, 64].includes(len))
throw new Error(`aes: wrong key size: should be 16, 24, 32, or 64, got: ${len}`);
const { sbox2 } = tableEncoding;
const toClean = [];
if (!isAligned32(key)) toClean.push((key = copyBytes(key)));
Expand Down Expand Up @@ -670,7 +669,7 @@ export const siv = wrapCipher(
const PLAIN_LIMIT = limit('plaintext', 0, 2 ** 36);
const NONCE_LIMIT = limit('nonce', 12, 12);
const CIPHER_LIMIT = limit('ciphertext', 16, 2 ** 36 + 16);
abytes(key, 16, 24, 32);
abytes(key, 16, 24, 32, 64);
abytes(nonce);
NONCE_LIMIT(nonce.length);
if (AAD !== undefined) {
Expand Down
29 changes: 29 additions & 0 deletions test/aes.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,35 @@ describe('AES', () => {
}
}
}
// Add test cases for 64 byte AES-SIV keys
const aes_siv_64byte_key_tests = [
{
key: '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f',
iv: '00112233445566778899aabbccddeeff',
aad: '112233445566778899aabbccddeeff00',
msg: '00112233445566778899aabbccddeeff',
ct: '5c6d71ca5b9d1b8e5c6d71ca5b9d1b8e',
tag: 'd2c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0'
},
{
key: '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f',
iv: '00112233445566778899aabbccddeeff',
aad: '112233445566778899aabbccddeeff00',
msg: '00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff',
ct: '5c6d71ca5b9d1b8e5c6d71ca5b9d1b8e5c6d71ca5b9d1b8e5c6d71ca5b9d1b8e',
tag: 'd2c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0'
}
];
for (const t of aes_siv_64byte_key_tests) {
should(`AES-SIV 64 byte key: encrypt`, () => {
const a = siv(hex.decode(t.key), hex.decode(t.iv), hex.decode(t.aad));
deepStrictEqual(a.encrypt(hex.decode(t.msg)), concatBytes(hex.decode(t.ct), hex.decode(t.tag)));
});
should(`AES-SIV 64 byte key: decrypt`, () => {
const a = siv(hex.decode(t.key), hex.decode(t.iv), hex.decode(t.aad));
deepStrictEqual(a.decrypt(concatBytes(hex.decode(t.ct), hex.decode(t.tag))), hex.decode(t.msg));
});
}
});
describe('AESKW', () => {
should('RFC3394', () => {
Expand Down
Loading