encrypt icon indicating copy to clipboard operation
encrypt copied to clipboard

Published 20 hours ago • verified publisher icon leocavalcante

AES-GCM encryption

Open na2axl opened this issue 6 years ago • 8 comments

Hi @leocavalcante, I want to know if it is (or if it will be) possible to encrypt/decrypt using AES and the Galois/Counter Mode (GCM) with your library.

Thanks by advance :smile:

na2axl avatar Mar 15 '19 12:03 na2axl

Hi @na2axl Since this lib is a wrapper around PointyCastle, I need this mode landed there first :/ https://github.com/PointyCastle/pointycastle/tree/master/lib/block/modes I'vent sufficient knowledge to implement one hehe

leocavalcante avatar Mar 15 '19 16:03 leocavalcante

I think this issue should be reopened. Since the start of this year PointyCastle does support AES GCM.

robindijkhof avatar Apr 05 '21 09:04 robindijkhof

Thanks for the headsup.

leocavalcante avatar Apr 05 '21 14:04 leocavalcante

The Safer Illinois application uses this library and received criticism for lacking AES/GCM. I am watching this issue in case I can assist in some way when this feature is ready to release.

edthedev avatar Sep 15 '21 17:09 edthedev

~~PointyCastle has also been archived by its developer. It's probably safe to say it's abandoned.~~ I was mistaken, see next comment.

soatok avatar Oct 30 '21 08:10 soatok

Correction: Their code lives in a different repository than what was linked.

I've submitted a security report to PointyCastle about a timing-leak in their AES-GCM implementation: https://github.com/bcgit/pc-dart/issues/140

soatok avatar Oct 30 '21 09:10 soatok

Also, their AES leaks keys via cache-timing. https://github.com/bcgit/pc-dart/issues/141

Probably worth keeping in mind for https://github.com/rokwire/safer-illinois-app/issues/687

soatok avatar Oct 30 '21 11:10 soatok

will this functionality be added in the future? I would like to use the same package for AES-GCM and RSA and signing, so this one looks good :)

Arcttyx avatar Jan 06 '22 01:01 Arcttyx