diff options
-rw-r--r-- | src/aead/aead.h | 2 | ||||
-rw-r--r-- | src/aead/gcm/gcm.cpp | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/aead/aead.h b/src/aead/aead.h index eb9e7ec7d..0aa50f348 100644 --- a/src/aead/aead.h +++ b/src/aead/aead.h @@ -48,7 +48,7 @@ class AEAD_Mode : public SymmetricAlgorithm /** * Set associated data that is not included in the ciphertext but * that should be authenticated. Must be called after set_key - * and before end_msg. + * and before finish. * * Unless reset by another call, the associated data is kept * between messages. Thus, if the AD does not change, calling diff --git a/src/aead/gcm/gcm.cpp b/src/aead/gcm/gcm.cpp index 665fc4472..7563fc924 100644 --- a/src/aead/gcm/gcm.cpp +++ b/src/aead/gcm/gcm.cpp @@ -95,11 +95,11 @@ void ghash_finalize(const secure_vector<byte>& H, GCM_Mode::GCM_Mode(BlockCipher* cipher, size_t tag_size) : m_tag_size(tag_size), m_cipher_name(cipher->name()), - m_H(16), m_H_ad(16), m_mac(16), + m_H(BS), m_H_ad(BS), m_mac(BS), m_enc_y0(BS), m_ad_len(0), m_text_len(0) { if(cipher->block_size() != BS) - throw std::invalid_argument("OCB requires a 128 bit cipher so cannot be used with " + + throw std::invalid_argument("GCM requires a 128 bit cipher so cannot be used with " + cipher->name()); m_ctr.reset(new CTR_BE(cipher)); // CTR_BE takes ownership of cipher @@ -173,7 +173,7 @@ secure_vector<byte> GCM_Mode::start(const byte nonce[], size_t nonce_len) m_ctr->set_iv(&y0[0], y0.size()); - m_enc_y0.resize(BS); + zeroise(m_enc_y0); m_ctr->encipher(m_enc_y0); m_text_len = 0; |