Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide direct GMAC API #12153

Open
BrianSipos opened this issue Dec 16, 2024 · 2 comments
Open

Provide direct GMAC API #12153

BrianSipos opened this issue Dec 16, 2024 · 2 comments

Comments

@BrianSipos
Copy link
Contributor

Although the behavior of GMAC, defined in NIST SP 800-38D, can be produced using existing cryptography hazmat primitives, it would be convenient to have a GMAC interface alongside CMAC and HMAC ones that follow the same API patterns. For an initial implementation only AES-GMAC would need to be usable and tested, as that is the most common use of GMAC.

OpenSSL also has a dedicated GMAC API which might have better performance than re-using existing Python-side AESGCM interface for GMAC. I don't have any evidence that either would be a better option.

@alex
Copy link
Member

alex commented Dec 16, 2024 via email

@BrianSipos
Copy link
Contributor Author

As a high-speed, high-efficiency MAC in an environment where AES-GCM is already used for AEAD. I can work around this using existing AESGCM API so this can be labeled as more of a wishlist item than a needed addition.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants