-
Most of the Python code is readable to anyone who know a C-like programming language. At a few places, however, Python constructs or idioms are used that are totally unknown to the non-Pythonian - I w…
-
The definition of the HMAC key derivation is unclear. We need to make it much simpler. Also, we want to incorporate the ICID.
-
`Scheme.DeriveKeyPair` panics if the length of the seed is different from `Scheme.SeedSize`. However, this is too strict: there are use-cases for passing a seed larger than the hash size, for instance…
-
According to the SP800-56 series, uPartyInfo and vPartyInfo is required, but there is no requirement about the size other than it must be non-NULL.
However, SP800-56A rev 3 section 5.8.2.1.1 it is …
-
Since the PAKE has ~128-bit security, it would be slightly cleaner to use SHA-256 for the HKDF construction rather than SHA-512, so that the strength of the hash function is balanced with the strength…
-
This is the first step of the implementation of the interface for key derivation drivers introduced in #5451.
A salient feature of this interface is that a key derivation operation undergoes two ph…
-
The ECDH deriveBits operation is defined as just returning the raw bits of the secret that is output from the ECDH primitive operation (converted to an octet string). It is not clear from the text whe…
-
It seems more systems start to move to SHA3, since the keccak family gives a more diverse crypto-toolkit (also protection against length-extension attacks), so some projects find themselves in the sit…
-
# memory
if I do (memory sanitizer needs clang):
```bash
export CC=/usr/bin/clang
export CXX=/usr/bin/clang++
rm -rf build
mkdir build
cd build
cmake .. -DCOSE_C_USE_SANITIZER=memory
make…
-
``` objc
+ (NSData *)secretBoxOpen:(NSData *)data key:(SecureData *)key {
if (!data || [data length] < crypto_secretbox_noncebytes() || !key || [key length] != crypto_secretbox_keybytes())
retur…