Skip to content

[aes] Upstream support for GCM - Part 20 #29267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vogelpi merged 1 commit into from
Feb 6, 2026
Merged

[aes] Upstream support for GCM - Part 20 #29267

vogelpi merged 1 commit into from
Feb 6, 2026

Conversation

@vogelpi
Copy link
Contributor

@vogelpi vogelpi commented Feb 5, 2026

This is the 20th PR of a series of PRs to upstream support for AES-GCM. The original PR can be found here: vogelpi#28

[aes,dv] Recalculate aad/ptx length when splitting message

When performing alert or FI tests, the try_recover() function in the base sequence splits up messages.
E.g.:
|AAD|AAD|PTX|PTX|TAG|
could be split up into
|AAD|PTX|PTX|TAG
when there is an error injected at the first AAD block.

This is problematic as now len(aad) || len(data), which is the data_in of the TAG block, does not match anymore. Hence, the tag comparison fails.

This commit now recomputes len(aad) || len(data) at puts it into the correct AES_GCM_TAG item.

@nasahlpa @vogelpi
[aes,dv] Recalculate aad/ptx length when splitting message
6ff5da7 
When performing alert or FI tests, the try_recover() function in
the base sequence splits up messages.
E.g.:
|AAD|AAD|PTX|PTX|TAG|
could be split up into
|AAD|PTX|PTX|TAG
when there is an error injected at the first AAD block.

This is problematic as now len(aad) || len(data), which is the
data_in of the TAG block, does not match anymore. Hence, the
tag comparison fails.

This commit now recomputes len(aad) || len(data) at puts it into
the correct AES_GCM_TAG item.

Signed-off-by: Pascal Nasahl <[email protected]>
@vogelpi vogelpi requested a review from a team as a code owner February 5, 2026 21:51
@vogelpi vogelpi requested review from andrea-caforio, eshapira and nasahlpa and removed request for a team and eshapira February 5, 2026 21:51
@vogelpi vogelpi added this pull request to the merge queue Feb 6, 2026
Merged via the queue into lowRISC:master with commit e17450e Feb 6, 2026
46 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nasahlpa nasahlpa nasahlpa approved these changes

@andrea-caforio andrea-caforio Awaiting requested review from andrea-caforio

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vogelpi @nasahlpa