From 3b7597bef3c054a48d8980287ff334a4177cad9b Mon Sep 17 00:00:00 2001 From: RobertoLuzanilla Date: Sun, 3 May 2026 22:31:12 -0700 Subject: [PATCH 1/3] fix: correct AES-CTR counter byte mask from 0xf to 0xff in _parseBigEndian --- lib/src/impl_ffi/impl_ffi.aesctr.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/src/impl_ffi/impl_ffi.aesctr.dart b/lib/src/impl_ffi/impl_ffi.aesctr.dart index 563f54c9..d68044e3 100644 --- a/lib/src/impl_ffi/impl_ffi.aesctr.dart +++ b/lib/src/impl_ffi/impl_ffi.aesctr.dart @@ -44,7 +44,7 @@ BigInt _parseBigEndian(List data, [int? bitLength]) { // Parse BigInt as big-endian integer. var value = BigInt.from(0); for (var i = init; i < data.length; i++) { - value = (value << 8) | BigInt.from(data[i] & 0xf); + value = (value << 8) | BigInt.from(data[i] & 0xff); } return value; } From 278ce3c170845165f12cf13050bfb827d1d9dd47 Mon Sep 17 00:00:00 2001 From: RobertoLuzanilla Date: Sun, 3 May 2026 22:33:44 -0700 Subject: [PATCH 2/3] test: add regression test for AES-CTR 32-bit counter wrap boundary --- test/aes_ctr_counter_wrap_test.dart | 40 +++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 test/aes_ctr_counter_wrap_test.dart diff --git a/test/aes_ctr_counter_wrap_test.dart b/test/aes_ctr_counter_wrap_test.dart new file mode 100644 index 00000000..79d9f9f5 --- /dev/null +++ b/test/aes_ctr_counter_wrap_test.dart @@ -0,0 +1,40 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +import 'dart:typed_data'; + +import 'package:test/test.dart'; +import 'package:webcrypto/webcrypto.dart'; + +void main() { + test('AES-CTR 32-bit counter wrap does not carry into nonce', () async { + final key = await AesCtrSecretKey.importRawKey( + Uint8List.fromList(List.generate(16, (i) => i)), + ); + + final counterA = Uint8List(16); + counterA[12] = 0xff; + counterA[13] = 0xff; + counterA[14] = 0xff; + counterA[15] = 0xff; + + final counterB = Uint8List(16); + counterB[11] = 0x01; + + final ciphertextA = await key.encryptBytes(Uint8List(32), counterA, 32); + final ciphertextB = await key.encryptBytes(Uint8List(16), counterB, 32); + + expect(ciphertextA.sublist(16, 32), isNot(equals(ciphertextB))); + }); +} \ No newline at end of file From 10fc6bdd6e59afb415d545b209d139cd546f3bd7 Mon Sep 17 00:00:00 2001 From: Roberto Carlos Luzanilla Sanchez Date: Wed, 6 May 2026 01:20:46 -0700 Subject: [PATCH 3/3] style: format AES-CTR regression test --- test/aes_ctr_counter_wrap_test.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/aes_ctr_counter_wrap_test.dart b/test/aes_ctr_counter_wrap_test.dart index 79d9f9f5..207c1493 100644 --- a/test/aes_ctr_counter_wrap_test.dart +++ b/test/aes_ctr_counter_wrap_test.dart @@ -37,4 +37,4 @@ void main() { expect(ciphertextA.sublist(16, 32), isNot(equals(ciphertextB))); }); -} \ No newline at end of file +}