aedad9a179
The existing implementation did not save all the fields in keySlot, which not
only caused a cache miss on every calcDataKeys() but also caused the rotate keys
functions to not find the MAC keys that should be revealed.
It also stops revealing the sending MAC keys. The finite-state analysis of the
otr v2 spec[1] revealed an attack on message integrity when sending MAC keys are
revealed. The spec had been updated accordingly [2].
1 - http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.7945&rep=rep1&type=pdf
2 -
|
||
|---|---|---|
| bcrypt | ||
| blowfish | ||
| bn256 | ||
| cast5 | ||
| curve25519 | ||
| hkdf | ||
| md4 | ||
| nacl | ||
| ocsp | ||
| openpgp | ||
| otr | ||
| pbkdf2 | ||
| poly1305 | ||
| ripemd160 | ||
| salsa20 | ||
| scrypt | ||
| sha3 | ||
| ssh | ||
| tea | ||
| twofish | ||
| xtea | ||
| xts | ||
| .gitattributes | ||
| .gitignore | ||
| AUTHORS | ||
| CONTRIBUTING.md | ||
| CONTRIBUTORS | ||
| LICENSE | ||
| PATENTS | ||
| README | ||
| codereview.cfg | ||
README
This repository holds supplementary Go cryptography libraries. To submit changes to this repository, see http://golang.org/doc/contribute.html.