Skip to content

Refresh and simplify AES256 encryption's implementation #507

New issue
New issue
Open
Open
Refresh and simplify AES256 encryption's implementation#507
Assignees
oleiade
Labels
feature
Milestone
 
1.0.0
@oleiade

Description

@oleiade
oleiade
opened on Aug 17, 2021

While looking into a security alert raised by CodeQL: https://github.com/oleiade/trousseau/security/code-scanning/1?query=ref%3Arefs%2Fheads%2Fmaster. I noticed the AES encryption's implementation felt a bit old-style, and could be greatly simplified and refreshed.

The scope of this issue is to kill to birds with one stone by:

  • Addressing the potential overflow.
  • Replacing the implementation to use the Gallois/Counter Mode, bcrypt for the passphrase, and the now standard Seal/nonce based methods.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

feature

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions