From afaee4cfb970f4df8a93611f68c0330b8c413ba7 Mon Sep 17 00:00:00 2001 From: Theophile BREZOT Date: Tue, 20 Sep 2022 12:40:44 +0200 Subject: [PATCH] Correct plaintext size limitation --- src/symmetric_crypto/aes_256_gcm_pure/mod.rs | 5 +++-- src/symmetric_crypto/mod.rs | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/symmetric_crypto/aes_256_gcm_pure/mod.rs b/src/symmetric_crypto/aes_256_gcm_pure/mod.rs index 2ab222b..258f447 100644 --- a/src/symmetric_crypto/aes_256_gcm_pure/mod.rs +++ b/src/symmetric_crypto/aes_256_gcm_pure/mod.rs @@ -24,8 +24,9 @@ const NONCE_LENGTH: usize = 12; /// Use a 128-bit MAC tag const MAC_LENGTH: usize = 16; -/// A 96-bit nonce restricts the plaintext size to 4096 bytes -const MAX_PLAINTEXT_LENGTH: usize = 4096; +/// Plaintext size restriction from the NIST +/// https://csrc.nist.gov/publications/detail/sp/800-38d/final +const MAX_PLAINTEXT_LENGTH: usize = (2_usize.pow(39) - 256) / 8; /// Structure implementing `SymmetricCrypto` and the `DEM` interfaces based on /// AES 256 GCM. diff --git a/src/symmetric_crypto/mod.rs b/src/symmetric_crypto/mod.rs index 41cf55d..70c5bda 100644 --- a/src/symmetric_crypto/mod.rs +++ b/src/symmetric_crypto/mod.rs @@ -54,7 +54,7 @@ pub trait Dem: Debug + PartialEq { /// /// - `rng` : secure random number generator /// - `secret_key` : secret symmetric key - /// - `plaintext` : plaintext message + /// - `plaintext` : plaintext message /// - `aad` : optional data to use in the authentication method, /// must use the same for decryption fn encrypt(