Open pakal opened 1 month ago
dgarske
commented
1 month ago Hi @pakal ,
We support it in wolfCrypt, so adding it in the wrapper should be fairly easy.
Can you tell us more about your use case and need for AES-EAX in our python wrapper? I'm curious what is driving the need for EAX mode. If we can understand your use-case and need then we can prioritize getting it assigned.
Thanks, David Garske, wolfSSL
pakal
commented
1 month ago Hello David, thanks for your inputs,
our use case is a bit unusual, because we're investigating porting a flexible multi-cipher cryptosystem (https://github.com/WitnessAngel/witness-angel-cryptolib) to the embedded world ; the goal is to mix different types of algorithmes and modes, to make encrypted containers resistant even if one of these ciphers one day happens to have a serious flaw / misuse.
AES-EAX and CHACHA20-POLY1305 are just part of the ciphers we had cherry-picked, for their builtin Authentication feature compared to ex. AES-CBC (although CBC+MAC would also have done the job).
So it's not a "roadblock", but overall being able to play with ALL of Wolfcrypt from Python before C-integration is an awesome luxury, e.g. to ensure compatibility of ciphertexts with the existing Pycryptodome-based implementation of our cryptosystem. And if incompatibilities appear, it would allow us to switch all of the implementations to (wrapped) Wolfcrypt ones.
The title says it all, other AES modes and bare CHACHA20 are already supported by wolfcrypt-py, but not these (or AES-XTS either) B-)
Thanks for the nice crypto lib!