Timeline for AES-GCM and AES-CBC-HMAC encryption methods
Current License: CC BY-SA 4.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 31, 2023 at 3:59 | comment | added | Maarten Bodewes | Split into three: programming errors (missing implementations of ciphers for instance), input errors such as password errors and errors validating the ciphertext. The first two can be "runtime" errors, but the user needs to be clear that they should handle the latter themselves- possibly at a higher level. That's the nice thing about exceptions: you can just leave them alone until you are ready to handle them. | |
| Oct 31, 2023 at 3:57 | history | edited | Maarten Bodewes | CC BY-SA 4.0 | added 120 characters in body |
| Oct 31, 2023 at 3:56 | comment | added | Bismofunyuns | What’s the best way of handling exceptions for this kind of code? | |
| Oct 31, 2023 at 3:55 | comment | added | Maarten Bodewes | It does work and do a time constant compare, so I guess it works fine that way. Otherwise the same remarks as for the rest of the code, and yeah, definitely don't shuffle the exceptions under the table for security relevant code. | |
| Oct 31, 2023 at 3:52 | comment | added | Bismofunyuns | Thanks for the feedback. I updated the cbc-hmac code with all the variables and values, and added the decrypt function. This works fine for me, when calling encrypt / decrypt multiple times. Could you look back over it? Thanks! | |
| Oct 31, 2023 at 3:06 | history | answered | Maarten Bodewes | CC BY-SA 4.0 |