Regardless, I agree that enforcing specified IV length would be a desirable property and a useful enhancement.
Sent from my test iPhone > On Jul 6, 2018, at 04:04, Weikeng Chen <w...@berkeley.edu> wrote: > > I think crypto libraries have to assume the developers to have some > familiarity with the cryptography and use it properly. > > For example, why do you use AES-CTR? It does not provide integrity guarantee. > > Today, AES-GCM is a commonly better option. > >> On Fri, Jul 6, 2018 at 1:02 AM, 许皓宇 <ocean920...@gmail.com> wrote: >> Thanks for your reply:) >> Maybe a warning or auto checker is better for someone who do not know >> details of AES-CTR like me >> >> >> 在 2018年7月6日星期五 UTC+8下午2:38:01,Weikeng Chen写道: >>> >>> The following code in modes.h >>> (https://github.com/weidai11/cryptopp/blob/master/modes.h#L300) shows >>> that IV will become BLOCKSIZE. >>> >>> CipherModeFinalTemplate_CipherHolder(const byte *key, size_t length, >>> const byte *iv) >>> { >>> this->m_cipher = &this->m_object; >>> this->SetKey(key, length, MakeParameters(Name::IV(), >>> ConstByteArrayParameter(iv, this->m_cipher->BlockSize()))); >>> } >>> >>>> On Thu, Jul 5, 2018 at 11:35 PM, Jeffrey Walton <nolo...@gmail.com> wrote: >>>> >>>> >>>>> On Friday, July 6, 2018 at 2:23:00 AM UTC-4, 许皓宇 wrote: >>>>> >>>>> I've used cryptopp in my project recently, i try to use AES-CTR model >>>>> encryption. >>>>> >>>>> CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption(const CryptoPP::byte* >>>>> key, >>>>> size_t length, const CryptoPP::byte* iv) >>>>> >>>>> This constructor provide a length check of key but do not check length >>>>> of >>>>> iv >>>> >>>> >>>> For that particular constructor the parameter iv must be BLOCKSIZE >>>> bytes. >>>> >>>> There are other constructors available that takes an ivLength, too. >>>> >>>> Looking at the manual it is not well documented. For example, >>>> >>>> https://www.cryptopp.com/docs/ref/class_cipher_mode_final_template___cipher_holder.html >>>> . >>>> >>>> Let me get some updates added. >>>> >>>> Jeff >>>> >>>> -- >>>> You received this message because you are subscribed to "Crypto++ >>>> Users". >>>> More information about Crypto++ and this group is available at >>>> http://www.cryptopp.com and >>>> http://groups.google.com/forum/#!forum/cryptopp-users. >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups >>>> "Crypto++ Users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an >>>> email to cryptopp-user...@googlegroups.com. >>>> For more options, visit https://groups.google.com/d/optout. >>> >>> >>> >>> -- >>> >>> Weikeng Chen @ 795 Soda Hall >> >> -- >> You received this message because you are subscribed to "Crypto++ Users". >> More information about Crypto++ and this group is available at >> http://www.cryptopp.com and >> http://groups.google.com/forum/#!forum/cryptopp-users. >> --- >> You received this message because you are subscribed to the Google Groups >> "Crypto++ Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cryptopp-users+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. > > > > -- > > Weikeng Chen @ 795 Soda Hall > > -- > You received this message because you are subscribed to "Crypto++ Users". > More information about Crypto++ and this group is available at > http://www.cryptopp.com and > http://groups.google.com/forum/#!forum/cryptopp-users. > --- > You received this message because you are subscribed to the Google Groups > "Crypto++ Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cryptopp-users+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
