Commit df7223c7f2

Frank Denis <github@pureftpd.org>
2022-11-11 18:04:22
crypto.AesGcm: provision ghash for the final block
master
1 parent 4f285d4
Changed files (1)
lib
std
crypto
aes_gcm.zig
lib/std/crypto/aes_gcm.zig
@@ -35,7 +35,7 @@ fn AesGcm(comptime Aes: anytype) type {
             mem.writeIntBig(u32, j[nonce_length..][0..4], 1);
             aes.encrypt(&t, &j);
 
-            const block_count = (math.divCeil(usize, ad.len, Ghash.block_length) catch unreachable) + (math.divCeil(usize, c.len, Ghash.block_length) catch unreachable);
+            const block_count = (math.divCeil(usize, ad.len, Ghash.block_length) catch unreachable) + (math.divCeil(usize, c.len, Ghash.block_length) catch unreachable) + 1;
             var mac = Ghash.initForBlockCount(&h, block_count);
             mac.update(ad);
             mac.pad();