2.16 - to rebase: New password-based authenticated encryption sample program pbcrypt #4216
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sample program for authenticated encryption using a key derived from a password. Signed-off-by: Gilles Peskine <[email protected]>
Test it in all.sh. Signed-off-by: Gilles Peskine <[email protected]>
The sample program aescrypt2 shows bad practice: hand-rolled CBC implementation, CBC+HMAC for AEAD, hand-rolled iterated SHA-2 for key stretching, no algorithm agility. The new sample program pbcrypt does the same thing, but better. So remove aescrypt2. Fix Mbed-TLS#1906 Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
This is a cast to a smaller type on 32-bit platforms. It's ok because the size was checked just above, but Visual Studio wants the cast to be explicit. Signed-off-by: Gilles Peskine <[email protected]>
This cast is needed because mbedtls_cipher_setkey uses int instead of size_t for the key size. It's safe because the key size fits in an int. Visual Studio wants the cast to be explicit. Signed-off-by: Gilles Peskine <[email protected]>
The metadata needs to be checked before it's used. Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
Prefer SHA-512 to SHA-256 and ChaChaPoly to AES-GCM. Signed-off-by: Gilles Peskine <[email protected]>
gilles-peskine-arm
added
bug
enhancement
mbed TLS team
needs-review
Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
mpg
changed the title
|
This needs to be rebased on one of the active branches now that 2.16 is EOL. |
tom-daubney-arm
added
the
historical-reviewing
|
This PR will now be closed. The aescrypt2 program has already been removed from the library and there is a PR currently in progress (#5064) that will add a good selection of example programs. |
|
The PSA crypto API example programs are not relevant. There's nothing else in the works that's like That being said, we've been putting no effort in example programs for years and I don't see thing changing any time soon. So ok, let's just forget about this one. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR introduces
programs/cipher/pbcrypt, a new sample program to demonstrate password-based authenticated encryption.This is meant to illustrate good practice (with the limitation of using PBKDF2 rather than something more modern like Argon2), so please review accordingly. A few caveats:
Provide a demo usage script and run it from
all.sh.Remove the badly designed
aescrypt2. Fix #1906.This PR is for 2.16. I'll forward-port it to other branches once it's approved.
#ifdefaboutmainand tocipher_is_aead.mbedtls_zeroizebymbedtls_platform_zeroize.