anthony-mai / tinytls Goto Github PK
View Code? Open in Web Editor NEWA Light Weight TLS Cryptography Library in C/C++ with Support for RSA ECC AES GCM and Chacha20/Poly1305
A Light Weight TLS Cryptography Library in C/C++ with Support for RSA ECC AES GCM and Chacha20/Poly1305
Tinytls looks good.
But could we compile mariadb with tinytls?
Thanks
And
Best regards
Most cryptographic libraries are written to be resilient to timing and cache side channels. Looking at your big-num implementation, it appears to do lookups into arrays (leaks values via access patterns in any system with caches) and also to have a lot of loops that terminate early with data-dependent conditions (leaks values to attackers who can measure times, including those on the local network).
Please can you document what your threat model is with respect to key confidentiality?
Hi there, I'm really interested in your TinyTLS project. I wonder if it can be compiled on windows x64 system with Visual Studio 2019? If not, would it be supported in the later future?
Encrypt different data, there are very few records that cannot be decrypted
using RSA2048 to encrypt belown cod and decrypt always failed.
PubExp = 65537;
KeyBytes=256;
const uint8_t pubkey[256]= { \
0xE1,0x04,0x6A,0x5E,0xD8,0xF6,0x8E,0xB4,0xE7,0x43,0x43,0x98,0xFC,0x71,0x1B,0x94, \
0xE3,0x9E,0x21,0x7A,0xCD,0xF1,0x6C,0x7D,0x72,0x6C,0xBD,0xDD,0xBB,0x44,0x03,0x16, \
0x4F,0xC7,0x75,0xA4,0x49,0xCB,0x07,0x63,0x49,0x94,0x99,0xC0,0x19,0x46,0xA9,0x53, \
0x22,0x49,0xDC,0xE4,0x96,0x20,0x9D,0x43,0x87,0x93,0xA6,0x8A,0x15,0x80,0xEA,0xD0, \
0xD1,0xC5,0x2A,0xCE,0x81,0xD7,0x28,0x17,0x2C,0xFD,0x0E,0xD0,0x90,0x87,0x09,0xF5, \
0x11,0xBD,0x1A,0x52,0xE8,0x01,0x35,0x3F,0x36,0x9B,0xD5,0xB6,0x5E,0xA3,0x7A,0xDE, \
0x69,0x7C,0xD1,0x7D,0x97,0x70,0x7F,0xED,0x4F,0x6C,0xAD,0xF6,0x1F,0x86,0x6F,0xF0, \
0xF6,0x60,0x54,0x11,0xD7,0xE6,0x69,0xF8,0x66,0x08,0x95,0x82,0xFB,0x79,0xED,0xC1, \
0xD6,0xCF,0x70,0xA1,0xF4,0x9E,0xBA,0x5B,0xF6,0xB1,0xD7,0xC1,0xFA,0x3B,0x40,0xF5, \
0x2F,0x59,0x03,0x6C,0xE2,0x87,0x78,0x75,0xF6,0x75,0x4A,0x06,0x67,0xC0,0xD3,0xF3, \
0xF5,0xF7,0x83,0x94,0x58,0xD9,0x8A,0xBD,0x03,0xA0,0xBE,0x5E,0xDB,0x29,0xCE,0x57, \
0x1A,0xB5,0x9B,0xAC,0x27,0xEC,0x04,0xE8,0x7C,0x73,0x03,0x54,0x57,0x5A,0x04,0xF5, \
0xE8,0x64,0xE9,0x93,0x39,0xA2,0x1D,0xA2,0x1D,0x86,0xF5,0xC3,0xAB,0xF4,0x24,0x2E, \
0x35,0x53,0x07,0xD5,0xD4,0x68,0x72,0x5C,0xE5,0x7E,0x5B,0x97,0x0C,0x8B,0xF8,0x55, \
0x59,0xF6,0xE4,0xE5,0xD1,0x27,0xDD,0x2A,0x2F,0x0D,0x17,0x15,0x4E,0xCC,0xC3,0x51, \
0x62,0x8E,0x2D,0x4A,0xF0,0x1D,0xEE,0xA8,0xD4,0x1E,0xB8,0xBD,0xFD,0xD0,0x16,0x79 }
const uint8_t prikey[256]= {\
0x74,0x69,0x25,0x62,0xB6,0x5A,0x30,0x10,0x15,0x08,0xAE,0x83,0x0A,0x2E,0xB5,0xF7, \
0x3C,0x1E,0xC5,0xF1,0x53,0x74,0x10,0x0D,0x82,0x52,0x11,0x94,0x11,0xDA,0xA8,0xC2, \
0x35,0x39,0xDA,0x79,0xC9,0x17,0x79,0x55,0xFB,0x6E,0x1E,0x70,0xCC,0x62,0xCB,0x1C, \
0xD0,0x43,0x68,0x3C,0xF6,0x12,0x1F,0x6A,0x1D,0x4C,0xDC,0xBE,0xD9,0x4B,0x1D,0xB0, \
0x34,0xA6,0x0D,0x74,0x52,0xA5,0xED,0xFE,0xB7,0x6E,0x9F,0xE8,0x74,0xAC,0xF8,0x10, \
0xCA,0x41,0x8B,0xC9,0xD2,0x6F,0x35,0x8D,0xE3,0x81,0x91,0x79,0xCC,0xD2,0x44,0xB1, \
0xA5,0xDF,0x46,0x3D,0xF4,0x47,0xE6,0x56,0xEE,0x5D,0x2A,0x4E,0x87,0x96,0xB4,0x78, \
0xF3,0xED,0x77,0xF0,0xD7,0x42,0x44,0x16,0x97,0x2A,0xDF,0xB6,0xA8,0xC5,0x36,0xA3, \
0xB6,0x42,0x81,0x70,0x6C,0x3A,0x93,0x87,0x0A,0xAD,0xE1,0x9C,0xFB,0x85,0x6F,0x9E, \
0x8D,0x87,0xCF,0xB6,0x8C,0x32,0xBA,0x9C,0xFC,0x98,0xE1,0x8A,0x2F,0x42,0x43,0xA6, \
0xFB,0x31,0x73,0x41,0xD5,0xB0,0x2C,0xB9,0xED,0xD3,0x64,0x26,0x7D,0x82,0x70,0x97, \
0xEA,0x18,0x46,0x00,0x80,0x1A,0xE9,0x43,0x04,0xD6,0x3F,0x2C,0xB5,0x0C,0xC1,0xE2, \
0xAA,0xD4,0x5A,0x7E,0xE7,0xB4,0x3D,0x01,0x76,0x5E,0x63,0x45,0x6D,0xCB,0x5D,0x57, \
0xBC,0x94,0x0D,0x3A,0x05,0x3A,0xBD,0xFC,0x3C,0xEA,0x4F,0x69,0x5B,0x84,0xEA,0x88, \
0x74,0x6B,0xF8,0x13,0x2F,0xF2,0x6F,0x53,0x64,0x82,0x3A,0xC1,0x10,0x0E,0x7C,0x55, \
0x9A,0xA5,0x1C,0x03,0x0C,0x92,0xD8,0x2A,0xCB,0x1E,0x39,0x13,0x17,0xFA,0x23,0x91 }
const uint8_t src[256]={
0xF9,0x7B,0x24,0x93,0x81,0x85,0xB9,0x3D,0x00,0xF0,0x00,0x00,0x4F,0x49,0x4C,0x5F, \
0x30,0x30,0x30,0x00,0x67,0x6F,0x6E,0x62,0x6F,0x79,0x2E,0x00,0x32,0x30,0x32,0x30, \
0x31,0x32,0x30,0x32,0x5F,0x31,0x38,0x35,0x39,0x31,0x34,0x00,0xB2,0x45,0xA8,0xF2, \
0x18,0xA0,0x39,0xCE,0xA8,0x39,0x68,0x17,0xF3,0x97,0x3D,0x48,0x94,0x07,0x03,0xF0, \
0x25,0xFD,0x4F,0xF4,0x7A,0x70,0x04,0xF0,0x5B,0xFA,0x5F,0xF0,0x64,0x08,0xDF,0xF8, \
0x74,0xA4,0x00,0x20,0xCA,0xF8,0x48,0x00,0x44,0xE0,0x4F,0xF4,0x80,0x72,0xDF,0xF8, \
0x48,0x1B,0xDF,0xF8,0x78,0x07,0x04,0xF0,0x94,0xF8,0x5F,0xF0,0xFF,0x34,0x14,0xE0, \
0x00,0x22,0xB0,0xEE,0x48,0x0A,0xF0,0xEE,0x68,0x0A,0x31,0x00,0x89,0xB2,0xDF,0xF8, \
0x9C,0x0A,0x03,0xF0,0x03,0xFD,0x4F,0xF4,0x80,0x72,0xDF,0xF8,0x1C,0x1B,0xDF,0xF8, \
0x4C,0x07,0x04,0xF0,0x7A,0xF8,0x4F,0xF4,0xFA,0x78,0xCA,0xF8,0x4C,0x80,0xDA,0xF8, \
0x4C,0x00,0x00,0x28,0x1E,0xD1,0x5F,0xF0,0xFF,0x30,0xCA,0xF8,0x4C,0x00,0x00,0x23, \
0x3A,0x00,0xB0,0xEE,0x48,0x0A,0xF0,0xEE,0x68,0x0A,0x31,0x00,0x89,0xB2,0xDF,0xF8, \
0x24,0x07,0x03,0xF0,0x4A,0xFF,0xDF,0xF8,0x14,0x97,0x04,0x22,0x5F,0xF0,0x90,0x41, \
0x48,0x46,0x04,0xF0,0x5E,0xF8,0x4F,0xF4,0x80,0x72,0xDF,0xF8,0xCC,0x1A,0x48,0x46, \
0x04,0xF0,0x57,0xF8,0xDF,0xF8,0xD8,0xB6,0xFF,0xF7,0x06,0xFC,0x8B,0xF8,0x00,0x00, \
0x9B,0xF8,0x00,0x00,0x31,0x28,0x1D,0xD1,0x00,0x23,0x00,0x22,0xB0,0xEE,0x48,0x0A };
In https://github.com/Anthony-Mai/TinyTls/blob/master/src/aes/aes128.cpp#L162
variable j will increase to 8, this lead to j + j equals to 16. but the array br has only 16 elements. This will cause overflow. However in linux this fine, but in windows building with MSVC, this cause problem, Aes encryption and decryption will fail.
I don't know if my understanding is correct, if it is wrong, I hope you can correct me, thank you
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.