Allow setting CTR width via string

Prohibit very small counter widths (under 4 bytes), since they lead to trivial keystream reuse. Add tests. Fix clone which always returned an object with a block-wide counter.
author: Jack Lloyd <[email protected]> 2017-10-20 20:15:16 -0400
committer: Jack Lloyd <[email protected]> 2017-10-20 20:15:16 -0400
commit: cba904d7a474ef4151654c762d110ffd19841b33 (patch)
tree: c49b12f2017607c43723465c2965b11a271e23e9 /news.rst
parent: a6e051bea6e7341f8f7b8ab40e042e1e099b9b8b (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/news.rst b/news.rst
index eac8422be..118c41d14 100644
--- a/news.rst
+++ b/news.rst
@@ -13,6 +13,13 @@ Version 2.4.0, Not Yet Released
   They have been changed to use the correct encoding, and a test added
   to ensure such errors do not recur.
 
+* Counter mode allows setting a configurable width of the counter.
+  Previously it was allowed for a counter of even 8 bits wide, which
+  would mean the keystream would repeat after just 256 blocks. Now it
+  requires the width be at least 32 bits. The only way this feature
+  could be used was by manually constructing a ``CTR_BE`` object and
+  setting the second parameter to something in the range of 1 to 3.
+
 * Add an OID for RIPEMD-160
 
 Version 2.3.0, 2017-10-02
author	Jack Lloyd <[email protected]>	2017-10-20 20:15:16 -0400
committer	Jack Lloyd <[email protected]>	2017-10-20 20:15:16 -0400
commit	cba904d7a474ef4151654c762d110ffd19841b33 (patch)
tree	c49b12f2017607c43723465c2965b11a271e23e9 /news.rst
parent	a6e051bea6e7341f8f7b8ab40e042e1e099b9b8b (diff)