Medium severityNVD Advisory· Published Nov 27, 2024· Updated Apr 15, 2026
CVE-2024-11862
CVE-2024-11862
Description
Non constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption key obsolete via a timing attacks
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Devolutions.XTS.NETNuGet | < 2024.11.26 | 2024.11.26 |
Patches
1fb349d5bfb58Make GF operations constant-time (#2)
4 files changed · +14651 −1879
src/XTS.cs+13 −21 modified@@ -229,7 +229,7 @@ private static void ProcessXtsSector(ICryptoTransform alg, byte[] buffer, int bu if (decrypt && needsCiphertextStealing) { // We fast forward the multiplication here - bool carry = GaloisMultiplyByTwo(tweak); + byte carry = GaloisMultiplyByTwo(tweak); int blockStart = bufferOffset + (nFullBlocks - 1) * blockSize; TransformBlock(alg, buffer, blockStart, tweak); @@ -346,9 +346,7 @@ private static void SwapSpan(Span<byte> x, Span<byte> y) { for (int i = 0; i < x.Length; i++) { - byte tmp = x[i]; - x[i] = y[i]; - y[i] = tmp; + (x[i], y[i]) = (y[i], x[i]); } } @@ -357,16 +355,16 @@ private static void SwapSpan(Span<byte> x, Span<byte> y) /// </summary> /// <param name="tweak"></param> /// <returns></returns> - private static bool GaloisMultiplyByTwo(Span<byte> tweak) + private static byte GaloisMultiplyByTwo(Span<byte> tweak) { - bool carry = false; + byte carry = 0; for (int i = 0; i < tweak.Length; i++) { // Save carry from previous byte - byte oldCarry = (byte)(carry ? 1 : 0); + byte oldCarry = carry; // Check if there is a carry for this shift - carry = (tweak[i] & 0x80) > 0; + carry = (byte)(tweak[i] >> 7); // Shift left tweak[i] <<= 1; @@ -375,10 +373,8 @@ private static bool GaloisMultiplyByTwo(Span<byte> tweak) tweak[i] |= oldCarry; } - if (carry) - { - tweak[0] ^= GF_MOD; - } + // Binary logic, equivalent to XORing by GF_MOD if there's a carry, but constant-time + tweak[0] ^= (byte)((byte)-carry & GF_MOD); return carry; } @@ -389,12 +385,10 @@ private static bool GaloisMultiplyByTwo(Span<byte> tweak) /// <param name="tweak">The tweak to reverse</param> /// <param name="carry">The carry flag of the last multiplication</param> /// <returns></returns> - private static void GaloisUnmultiplyByTwo(Span<byte> tweak, bool carry) + private static void GaloisUnmultiplyByTwo(Span<byte> tweak, byte carry) { - if (carry) - { - tweak[0] ^= GF_MOD; - } + // Binary logic, equivalent to XORing by GF_MOD if there's a carry, but constant-time + tweak[0] ^= (byte)((byte)-carry & GF_MOD); int newCarry = 0; for (int i = tweak.Length - 1; i >= 0; i--) @@ -411,10 +405,8 @@ private static void GaloisUnmultiplyByTwo(Span<byte> tweak, bool carry) tweak[i] |= (byte)(oldCarry << 7); } - if (carry) - { - tweak[tweak.Length - 1] |= 0x80; - } + // Insert back the carry + tweak[^1] |= (byte)(carry << 7); } } }
tests/IeeeVectorsTests.cs+13414 −1698 modifiedtests/Tests.cs+161 −21 modified@@ -15,10 +15,38 @@ public void EncryptDecryptTest() // Text generated with ChatGPT byte[] expectedPlaintext = Encoding.UTF8.GetBytes("In the serene dawn of a hidden valley, golden sunlight began filtering through the mist, painting the landscape in hues of orange and pink. Each leaf sparkled with a delicate sheen of dew, reminiscent of a thousand scattered jewels upon the gentle sway of early autumn trees. A distant river whispered a soft, calming lullaby, threading its way through a bed of smooth stones. Birds, waking from their slumber, chirped a subtle yet beautiful symphony that harmonized with the flowing water, creating a tranquil yet powerful soundscape. Amidst this quiet paradise, a lone figure walked, footprints left on the soft earth, exploring with reverent curiosity.\r\n\r\nAs the figure ventured deeper into the valley, an old stone bridge appeared over the river, its stones worn by countless seasons, yet resilient, standing as a testament to the artisans of old. Crossing the bridge, they were greeted by a vibrant grove, filled with the earthy scent of damp soil and the faint fragrance of blooming wildflowers. In this magical solitude, time seemed to slow, each step a moment to breathe, to feel, and to simply exist in harmony with the world around.\r\n\r\nThis should provide around 520 bytes for a few blocks but not perfectly divisible by 520, as requested. Let me know if you'd like more text or a different style."); byte[] key = [ - 0xE1, 0x33, 0xCB, 0xCB, 0x9B, 0xA4, 0x9E, 0xCC, - 0x27, 0x40, 0xD6, 0xF9, 0x71, 0x22, 0xA9, 0x5A, - 0x0F, 0x70, 0x77, 0xAA, 0x20, 0x2E, 0xA9, 0xAE, - 0xB6, 0x4B, 0x3B, 0xDA, 0x87, 0xED, 0xE8, 0xC7 + 0xE1, + 0x33, + 0xCB, + 0xCB, + 0x9B, + 0xA4, + 0x9E, + 0xCC, + 0x27, + 0x40, + 0xD6, + 0xF9, + 0x71, + 0x22, + 0xA9, + 0x5A, + 0x0F, + 0x70, + 0x77, + 0xAA, + 0x20, + 0x2E, + 0xA9, + 0xAE, + 0xB6, + 0x4B, + 0x3B, + 0xDA, + 0x87, + 0xED, + 0xE8, + 0xC7 ]; Aes cipher = Aes.Create(); @@ -40,15 +68,71 @@ public void EncryptDecrypt256Test() // Text generated with ChatGPT byte[] expectedPlaintext = Encoding.UTF8.GetBytes("In the serene dawn of a hidden valley, golden sunlight began filtering through the mist, painting the landscape in hues of orange and pink. Each leaf sparkled with a delicate sheen of dew, reminiscent of a thousand scattered jewels upon the gentle sway of early autumn trees. A distant river whispered a soft, calming lullaby, threading its way through a bed of smooth stones. Birds, waking from their slumber, chirped a subtle yet beautiful symphony that harmonized with the flowing water, creating a tranquil yet powerful soundscape. Amidst this quiet paradise, a lone figure walked, footprints left on the soft earth, exploring with reverent curiosity.\r\n\r\nAs the figure ventured deeper into the valley, an old stone bridge appeared over the river, its stones worn by countless seasons, yet resilient, standing as a testament to the artisans of old. Crossing the bridge, they were greeted by a vibrant grove, filled with the earthy scent of damp soil and the faint fragrance of blooming wildflowers. In this magical solitude, time seemed to slow, each step a moment to breathe, to feel, and to simply exist in harmony with the world around.\r\n\r\nThis should provide around 520 bytes for a few blocks but not perfectly divisible by 520, as requested. Let me know if you'd like more text or a different style."); byte[] key = [ - 0xE1, 0x33, 0xCB, 0xCB, 0x9B, 0xA4, 0x9E, 0xCC, - 0x27, 0x40, 0xD6, 0xF9, 0x71, 0x22, 0xA9, 0x5A, - 0x0F, 0x70, 0x77, 0xAA, 0x20, 0x2E, 0xA9, 0xAE, - 0xB6, 0x4B, 0x3B, 0xDA, 0x87, 0xED, 0xE8, 0xC7, - 0xE9, 0xC2, 0x5D, 0xC4, 0x14, 0xF2, 0xB4, 0xAD, - 0xC0, 0xF5, 0x80, 0x41, 0xA0, 0xCA, 0x16, 0x6F, - 0xB4, 0x11, 0x66, 0x21, 0x61, 0x8F, 0x24, 0xF5, - 0xED, 0xD3, 0x95, 0xD1, 0xB1, 0xA6, 0x19, 0x39 - + 0xE1, + 0x33, + 0xCB, + 0xCB, + 0x9B, + 0xA4, + 0x9E, + 0xCC, + 0x27, + 0x40, + 0xD6, + 0xF9, + 0x71, + 0x22, + 0xA9, + 0x5A, + 0x0F, + 0x70, + 0x77, + 0xAA, + 0x20, + 0x2E, + 0xA9, + 0xAE, + 0xB6, + 0x4B, + 0x3B, + 0xDA, + 0x87, + 0xED, + 0xE8, + 0xC7, + 0xE9, + 0xC2, + 0x5D, + 0xC4, + 0x14, + 0xF2, + 0xB4, + 0xAD, + 0xC0, + 0xF5, + 0x80, + 0x41, + 0xA0, + 0xCA, + 0x16, + 0x6F, + 0xB4, + 0x11, + 0x66, + 0x21, + 0x61, + 0x8F, + 0x24, + 0xF5, + 0xED, + 0xD3, + 0x95, + 0xD1, + 0xB1, + 0xA6, + 0x19, + 0x39 + ]; Aes cipher = Aes.Create(); @@ -70,10 +154,38 @@ public void NoStealingTestCase() // Text generated with ChatGPT byte[] expectedPlaintext = Encoding.UTF8.GetBytes("ABCDEFGHIJKLMNOPQRSTUVWXYZ123456"); byte[] key = [ - 0xE1, 0x33, 0xCB, 0xCB, 0x9B, 0xA4, 0x9E, 0xCC, - 0x27, 0x40, 0xD6, 0xF9, 0x71, 0x22, 0xA9, 0x5A, - 0x0F, 0x70, 0x77, 0xAA, 0x20, 0x2E, 0xA9, 0xAE, - 0xB6, 0x4B, 0x3B, 0xDA, 0x87, 0xED, 0xE8, 0xC7 + 0xE1, + 0x33, + 0xCB, + 0xCB, + 0x9B, + 0xA4, + 0x9E, + 0xCC, + 0x27, + 0x40, + 0xD6, + 0xF9, + 0x71, + 0x22, + 0xA9, + 0x5A, + 0x0F, + 0x70, + 0x77, + 0xAA, + 0x20, + 0x2E, + 0xA9, + 0xAE, + 0xB6, + 0x4B, + 0x3B, + 0xDA, + 0x87, + 0xED, + 0xE8, + 0xC7 ]; Aes cipher = Aes.Create(); @@ -96,10 +208,38 @@ public void ExactSectorTestCase() // Text generated with ChatGPT byte[] expectedPlaintext = Encoding.UTF8.GetBytes("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); byte[] key = [ - 0xE1, 0x33, 0xCB, 0xCB, 0x9B, 0xA4, 0x9E, 0xCC, - 0x27, 0x40, 0xD6, 0xF9, 0x71, 0x22, 0xA9, 0x5A, - 0x0F, 0x70, 0x77, 0xAA, 0x20, 0x2E, 0xA9, 0xAE, - 0xB6, 0x4B, 0x3B, 0xDA, 0x87, 0xED, 0xE8, 0xC7 + 0xE1, + 0x33, + 0xCB, + 0xCB, + 0x9B, + 0xA4, + 0x9E, + 0xCC, + 0x27, + 0x40, + 0xD6, + 0xF9, + 0x71, + 0x22, + 0xA9, + 0x5A, + 0x0F, + 0x70, + 0x77, + 0xAA, + 0x20, + 0x2E, + 0xA9, + 0xAE, + 0xB6, + 0x4B, + 0x3B, + 0xDA, + 0x87, + 0xED, + 0xE8, + 0xC7 ]; Aes cipher = Aes.Create();
XTS.NET.Benchmarks/XTS.NET.Benchmark.cs+1063 −139 modified@@ -5,149 +5,1073 @@ namespace XTS.NET.Benchmark; public class XtsNetBenchmark { - byte[] key = [ - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, - 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, - 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf - ]; - - ulong sector = 0xa987654321; + byte[] key = [ + 0xe0, + 0xe1, + 0xe2, + 0xe3, + 0xe4, + 0xe5, + 0xe6, + 0xe7, + 0xe8, + 0xe9, + 0xea, + 0xeb, + 0xec, + 0xed, + 0xee, + 0xef, + 0xc0, + 0xc1, + 0xc2, + 0xc3, + 0xc4, + 0xc5, + 0xc6, + 0xc7, + 0xc8, + 0xc9, + 0xca, + 0xcb, + 0xcc, + 0xcd, + 0xce, + 0xcf + ]; - byte[] expectedPlaintext = [ - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, - 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, - 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, - 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, - 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, - 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, - 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, - 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, - 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, - 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, - 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, - 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, - 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, - 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, - 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, - 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, - 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, - 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, - 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, - 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, - 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, - 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, - 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, - 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, - 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, - 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, - 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, - 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, - 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, - 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, - 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, - 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, - 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, - 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff - ]; + ulong sector = 0xa987654321; - byte[] expectedCiphertext = [ - 0x38, 0xb4, 0x58, 0x12, 0xef, 0x43, 0xa0, 0x5b, - 0xd9, 0x57, 0xe5, 0x45, 0x90, 0x7e, 0x22, 0x3b, - 0x95, 0x4a, 0xb4, 0xaa, 0xf0, 0x88, 0x30, 0x3a, - 0xd9, 0x10, 0xea, 0xdf, 0x14, 0xb4, 0x2b, 0xe6, - 0x8b, 0x24, 0x61, 0x14, 0x9d, 0x8c, 0x8b, 0xa8, - 0x5f, 0x99, 0x2b, 0xe9, 0x70, 0xbc, 0x62, 0x1f, - 0x1b, 0x06, 0x57, 0x3f, 0x63, 0xe8, 0x67, 0xbf, - 0x58, 0x75, 0xac, 0xaf, 0xa0, 0x4e, 0x42, 0xcc, - 0xbd, 0x7b, 0xd3, 0xc2, 0xa0, 0xfb, 0x1f, 0xff, - 0x79, 0x1e, 0xc5, 0xec, 0x36, 0xc6, 0x6a, 0xe4, - 0xac, 0x1e, 0x80, 0x6d, 0x81, 0xfb, 0xf7, 0x09, - 0xdb, 0xe2, 0x9e, 0x47, 0x1f, 0xad, 0x38, 0x54, - 0x9c, 0x8e, 0x66, 0xf5, 0x34, 0x5d, 0x7c, 0x1e, - 0xb9, 0x4f, 0x40, 0x5d, 0x1e, 0xc7, 0x85, 0xcc, - 0x6f, 0x6a, 0x68, 0xf6, 0x25, 0x4d, 0xd8, 0x33, - 0x9f, 0x9d, 0x84, 0x05, 0x7e, 0x01, 0xa1, 0x77, - 0x41, 0x99, 0x04, 0x82, 0x99, 0x95, 0x16, 0xb5, - 0x61, 0x1a, 0x38, 0xf4, 0x1b, 0xb6, 0x47, 0x8e, - 0x6f, 0x17, 0x3f, 0x32, 0x08, 0x05, 0xdd, 0x71, - 0xb1, 0x93, 0x2f, 0xc3, 0x33, 0xcb, 0x9e, 0xe3, - 0x99, 0x36, 0xbe, 0xea, 0x9a, 0xd9, 0x6f, 0xa1, - 0x0f, 0xb4, 0x11, 0x2b, 0x90, 0x17, 0x34, 0xdd, - 0xad, 0x40, 0xbc, 0x18, 0x78, 0x99, 0x5f, 0x8e, - 0x11, 0xae, 0xe7, 0xd1, 0x41, 0xa2, 0xf5, 0xd4, - 0x8b, 0x7a, 0x4e, 0x1e, 0x7f, 0x0b, 0x2c, 0x04, - 0x83, 0x0e, 0x69, 0xa4, 0xfd, 0x13, 0x78, 0x41, - 0x1c, 0x2f, 0x28, 0x7e, 0xdf, 0x48, 0xc6, 0xc4, - 0xe5, 0xc2, 0x47, 0xa1, 0x96, 0x80, 0xf7, 0xfe, - 0x41, 0xce, 0xfb, 0xd4, 0x9b, 0x58, 0x21, 0x06, - 0xe3, 0x61, 0x6c, 0xbb, 0xe4, 0xdf, 0xb2, 0x34, - 0x4b, 0x2a, 0xe9, 0x51, 0x93, 0x91, 0xf3, 0xe0, - 0xfb, 0x49, 0x22, 0x25, 0x4b, 0x1d, 0x6d, 0x2d, - 0x19, 0xc6, 0xd4, 0xd5, 0x37, 0xb3, 0xa2, 0x6f, - 0x3b, 0xcc, 0x51, 0x58, 0x8b, 0x32, 0xf3, 0xec, - 0xa0, 0x82, 0x9b, 0x6a, 0x5a, 0xc7, 0x25, 0x78, - 0xfb, 0x81, 0x4f, 0xb4, 0x3c, 0xf8, 0x0d, 0x64, - 0xa2, 0x33, 0xe3, 0xf9, 0x97, 0xa3, 0xf0, 0x26, - 0x83, 0x34, 0x2f, 0x2b, 0x33, 0xd2, 0x5b, 0x49, - 0x25, 0x36, 0xb9, 0x3b, 0xec, 0xb2, 0xf5, 0xe1, - 0xa8, 0xb8, 0x2f, 0x5b, 0x88, 0x33, 0x42, 0x72, - 0x9e, 0x8a, 0xe0, 0x9d, 0x16, 0x93, 0x88, 0x41, - 0xa2, 0x1a, 0x97, 0xfb, 0x54, 0x3e, 0xea, 0x3b, - 0xbf, 0xf5, 0x9f, 0x13, 0xc1, 0xa1, 0x84, 0x49, - 0xe3, 0x98, 0x70, 0x1c, 0x1a, 0xd5, 0x16, 0x48, - 0x34, 0x6c, 0xbc, 0x04, 0xc2, 0x7b, 0xb2, 0xda, - 0x3b, 0x93, 0xa1, 0x37, 0x2c, 0xca, 0xe5, 0x48, - 0xfb, 0x53, 0xbe, 0xe4, 0x76, 0xf9, 0xe9, 0xc9, - 0x17, 0x73, 0xb1, 0xbb, 0x19, 0x82, 0x83, 0x94, - 0xd5, 0x5d, 0x3e, 0x1a, 0x20, 0xed, 0x69, 0x11, - 0x3a, 0x86, 0x0b, 0x68, 0x29, 0xff, 0xa8, 0x47, - 0x22, 0x46, 0x04, 0x43, 0x50, 0x70, 0x22, 0x1b, - 0x25, 0x7e, 0x8d, 0xff, 0x78, 0x36, 0x15, 0xd2, - 0xca, 0xe4, 0x80, 0x3a, 0x93, 0xaa, 0x43, 0x34, - 0xab, 0x48, 0x2a, 0x0a, 0xfa, 0xc9, 0xc0, 0xae, - 0xda, 0x70, 0xb4, 0x5a, 0x48, 0x1d, 0xf5, 0xde, - 0xc5, 0xdf, 0x8c, 0xc0, 0xf4, 0x23, 0xc7, 0x7a, - 0x5f, 0xd4, 0x6c, 0xd3, 0x12, 0x02, 0x1d, 0x4b, - 0x43, 0x88, 0x62, 0x41, 0x9a, 0x79, 0x1b, 0xe0, - 0x3b, 0xb4, 0xd9, 0x7c, 0x0e, 0x59, 0x57, 0x85, - 0x42, 0x53, 0x1b, 0xa4, 0x66, 0xa8, 0x3b, 0xaf, - 0x92, 0xce, 0xfc, 0x15, 0x1b, 0x5c, 0xc1, 0x61, - 0x1a, 0x16, 0x78, 0x93, 0x81, 0x9b, 0x63, 0xfb, - 0x8a, 0x6b, 0x18, 0xe8, 0x6d, 0xe6, 0x02, 0x90, - 0xfa, 0x72, 0xb7, 0x97, 0xb0, 0xce, 0x59, 0xf3 + byte[] expectedPlaintext = [ + 0x00, + 0x01, + 0x02, + 0x03, + 0x04, + 0x05, + 0x06, + 0x07, + 0x08, + 0x09, + 0x0a, + 0x0b, + 0x0c, + 0x0d, + 0x0e, + 0x0f, + 0x10, + 0x11, + 0x12, + 0x13, + 0x14, + 0x15, + 0x16, + 0x17, + 0x18, + 0x19, + 0x1a, + 0x1b, + 0x1c, + 0x1d, + 0x1e, + 0x1f, + 0x20, + 0x21, + 0x22, + 0x23, + 0x24, + 0x25, + 0x26, + 0x27, + 0x28, + 0x29, + 0x2a, + 0x2b, + 0x2c, + 0x2d, + 0x2e, + 0x2f, + 0x30, + 0x31, + 0x32, + 0x33, + 0x34, + 0x35, + 0x36, + 0x37, + 0x38, + 0x39, + 0x3a, + 0x3b, + 0x3c, + 0x3d, + 0x3e, + 0x3f, + 0x40, + 0x41, + 0x42, + 0x43, + 0x44, + 0x45, + 0x46, + 0x47, + 0x48, + 0x49, + 0x4a, + 0x4b, + 0x4c, + 0x4d, + 0x4e, + 0x4f, + 0x50, + 0x51, + 0x52, + 0x53, + 0x54, + 0x55, + 0x56, + 0x57, + 0x58, + 0x59, + 0x5a, + 0x5b, + 0x5c, + 0x5d, + 0x5e, + 0x5f, + 0x60, + 0x61, + 0x62, + 0x63, + 0x64, + 0x65, + 0x66, + 0x67, + 0x68, + 0x69, + 0x6a, + 0x6b, + 0x6c, + 0x6d, + 0x6e, + 0x6f, + 0x70, + 0x71, + 0x72, + 0x73, + 0x74, + 0x75, + 0x76, + 0x77, + 0x78, + 0x79, + 0x7a, + 0x7b, + 0x7c, + 0x7d, + 0x7e, + 0x7f, + 0x80, + 0x81, + 0x82, + 0x83, + 0x84, + 0x85, + 0x86, + 0x87, + 0x88, + 0x89, + 0x8a, + 0x8b, + 0x8c, + 0x8d, + 0x8e, + 0x8f, + 0x90, + 0x91, + 0x92, + 0x93, + 0x94, + 0x95, + 0x96, + 0x97, + 0x98, + 0x99, + 0x9a, + 0x9b, + 0x9c, + 0x9d, + 0x9e, + 0x9f, + 0xa0, + 0xa1, + 0xa2, + 0xa3, + 0xa4, + 0xa5, + 0xa6, + 0xa7, + 0xa8, + 0xa9, + 0xaa, + 0xab, + 0xac, + 0xad, + 0xae, + 0xaf, + 0xb0, + 0xb1, + 0xb2, + 0xb3, + 0xb4, + 0xb5, + 0xb6, + 0xb7, + 0xb8, + 0xb9, + 0xba, + 0xbb, + 0xbc, + 0xbd, + 0xbe, + 0xbf, + 0xc0, + 0xc1, + 0xc2, + 0xc3, + 0xc4, + 0xc5, + 0xc6, + 0xc7, + 0xc8, + 0xc9, + 0xca, + 0xcb, + 0xcc, + 0xcd, + 0xce, + 0xcf, + 0xd0, + 0xd1, + 0xd2, + 0xd3, + 0xd4, + 0xd5, + 0xd6, + 0xd7, + 0xd8, + 0xd9, + 0xda, + 0xdb, + 0xdc, + 0xdd, + 0xde, + 0xdf, + 0xe0, + 0xe1, + 0xe2, + 0xe3, + 0xe4, + 0xe5, + 0xe6, + 0xe7, + 0xe8, + 0xe9, + 0xea, + 0xeb, + 0xec, + 0xed, + 0xee, + 0xef, + 0xf0, + 0xf1, + 0xf2, + 0xf3, + 0xf4, + 0xf5, + 0xf6, + 0xf7, + 0xf8, + 0xf9, + 0xfa, + 0xfb, + 0xfc, + 0xfd, + 0xfe, + 0xff, + 0x00, + 0x01, + 0x02, + 0x03, + 0x04, + 0x05, + 0x06, + 0x07, + 0x08, + 0x09, + 0x0a, + 0x0b, + 0x0c, + 0x0d, + 0x0e, + 0x0f, + 0x10, + 0x11, + 0x12, + 0x13, + 0x14, + 0x15, + 0x16, + 0x17, + 0x18, + 0x19, + 0x1a, + 0x1b, + 0x1c, + 0x1d, + 0x1e, + 0x1f, + 0x20, + 0x21, + 0x22, + 0x23, + 0x24, + 0x25, + 0x26, + 0x27, + 0x28, + 0x29, + 0x2a, + 0x2b, + 0x2c, + 0x2d, + 0x2e, + 0x2f, + 0x30, + 0x31, + 0x32, + 0x33, + 0x34, + 0x35, + 0x36, + 0x37, + 0x38, + 0x39, + 0x3a, + 0x3b, + 0x3c, + 0x3d, + 0x3e, + 0x3f, + 0x40, + 0x41, + 0x42, + 0x43, + 0x44, + 0x45, + 0x46, + 0x47, + 0x48, + 0x49, + 0x4a, + 0x4b, + 0x4c, + 0x4d, + 0x4e, + 0x4f, + 0x50, + 0x51, + 0x52, + 0x53, + 0x54, + 0x55, + 0x56, + 0x57, + 0x58, + 0x59, + 0x5a, + 0x5b, + 0x5c, + 0x5d, + 0x5e, + 0x5f, + 0x60, + 0x61, + 0x62, + 0x63, + 0x64, + 0x65, + 0x66, + 0x67, + 0x68, + 0x69, + 0x6a, + 0x6b, + 0x6c, + 0x6d, + 0x6e, + 0x6f, + 0x70, + 0x71, + 0x72, + 0x73, + 0x74, + 0x75, + 0x76, + 0x77, + 0x78, + 0x79, + 0x7a, + 0x7b, + 0x7c, + 0x7d, + 0x7e, + 0x7f, + 0x80, + 0x81, + 0x82, + 0x83, + 0x84, + 0x85, + 0x86, + 0x87, + 0x88, + 0x89, + 0x8a, + 0x8b, + 0x8c, + 0x8d, + 0x8e, + 0x8f, + 0x90, + 0x91, + 0x92, + 0x93, + 0x94, + 0x95, + 0x96, + 0x97, + 0x98, + 0x99, + 0x9a, + 0x9b, + 0x9c, + 0x9d, + 0x9e, + 0x9f, + 0xa0, + 0xa1, + 0xa2, + 0xa3, + 0xa4, + 0xa5, + 0xa6, + 0xa7, + 0xa8, + 0xa9, + 0xaa, + 0xab, + 0xac, + 0xad, + 0xae, + 0xaf, + 0xb0, + 0xb1, + 0xb2, + 0xb3, + 0xb4, + 0xb5, + 0xb6, + 0xb7, + 0xb8, + 0xb9, + 0xba, + 0xbb, + 0xbc, + 0xbd, + 0xbe, + 0xbf, + 0xc0, + 0xc1, + 0xc2, + 0xc3, + 0xc4, + 0xc5, + 0xc6, + 0xc7, + 0xc8, + 0xc9, + 0xca, + 0xcb, + 0xcc, + 0xcd, + 0xce, + 0xcf, + 0xd0, + 0xd1, + 0xd2, + 0xd3, + 0xd4, + 0xd5, + 0xd6, + 0xd7, + 0xd8, + 0xd9, + 0xda, + 0xdb, + 0xdc, + 0xdd, + 0xde, + 0xdf, + 0xe0, + 0xe1, + 0xe2, + 0xe3, + 0xe4, + 0xe5, + 0xe6, + 0xe7, + 0xe8, + 0xe9, + 0xea, + 0xeb, + 0xec, + 0xed, + 0xee, + 0xef, + 0xf0, + 0xf1, + 0xf2, + 0xf3, + 0xf4, + 0xf5, + 0xf6, + 0xf7, + 0xf8, + 0xf9, + 0xfa, + 0xfb, + 0xfc, + 0xfd, + 0xfe, + 0xff ]; + byte[] expectedCiphertext = [ + 0x38, + 0xb4, + 0x58, + 0x12, + 0xef, + 0x43, + 0xa0, + 0x5b, + 0xd9, + 0x57, + 0xe5, + 0x45, + 0x90, + 0x7e, + 0x22, + 0x3b, + 0x95, + 0x4a, + 0xb4, + 0xaa, + 0xf0, + 0x88, + 0x30, + 0x3a, + 0xd9, + 0x10, + 0xea, + 0xdf, + 0x14, + 0xb4, + 0x2b, + 0xe6, + 0x8b, + 0x24, + 0x61, + 0x14, + 0x9d, + 0x8c, + 0x8b, + 0xa8, + 0x5f, + 0x99, + 0x2b, + 0xe9, + 0x70, + 0xbc, + 0x62, + 0x1f, + 0x1b, + 0x06, + 0x57, + 0x3f, + 0x63, + 0xe8, + 0x67, + 0xbf, + 0x58, + 0x75, + 0xac, + 0xaf, + 0xa0, + 0x4e, + 0x42, + 0xcc, + 0xbd, + 0x7b, + 0xd3, + 0xc2, + 0xa0, + 0xfb, + 0x1f, + 0xff, + 0x79, + 0x1e, + 0xc5, + 0xec, + 0x36, + 0xc6, + 0x6a, + 0xe4, + 0xac, + 0x1e, + 0x80, + 0x6d, + 0x81, + 0xfb, + 0xf7, + 0x09, + 0xdb, + 0xe2, + 0x9e, + 0x47, + 0x1f, + 0xad, + 0x38, + 0x54, + 0x9c, + 0x8e, + 0x66, + 0xf5, + 0x34, + 0x5d, + 0x7c, + 0x1e, + 0xb9, + 0x4f, + 0x40, + 0x5d, + 0x1e, + 0xc7, + 0x85, + 0xcc, + 0x6f, + 0x6a, + 0x68, + 0xf6, + 0x25, + 0x4d, + 0xd8, + 0x33, + 0x9f, + 0x9d, + 0x84, + 0x05, + 0x7e, + 0x01, + 0xa1, + 0x77, + 0x41, + 0x99, + 0x04, + 0x82, + 0x99, + 0x95, + 0x16, + 0xb5, + 0x61, + 0x1a, + 0x38, + 0xf4, + 0x1b, + 0xb6, + 0x47, + 0x8e, + 0x6f, + 0x17, + 0x3f, + 0x32, + 0x08, + 0x05, + 0xdd, + 0x71, + 0xb1, + 0x93, + 0x2f, + 0xc3, + 0x33, + 0xcb, + 0x9e, + 0xe3, + 0x99, + 0x36, + 0xbe, + 0xea, + 0x9a, + 0xd9, + 0x6f, + 0xa1, + 0x0f, + 0xb4, + 0x11, + 0x2b, + 0x90, + 0x17, + 0x34, + 0xdd, + 0xad, + 0x40, + 0xbc, + 0x18, + 0x78, + 0x99, + 0x5f, + 0x8e, + 0x11, + 0xae, + 0xe7, + 0xd1, + 0x41, + 0xa2, + 0xf5, + 0xd4, + 0x8b, + 0x7a, + 0x4e, + 0x1e, + 0x7f, + 0x0b, + 0x2c, + 0x04, + 0x83, + 0x0e, + 0x69, + 0xa4, + 0xfd, + 0x13, + 0x78, + 0x41, + 0x1c, + 0x2f, + 0x28, + 0x7e, + 0xdf, + 0x48, + 0xc6, + 0xc4, + 0xe5, + 0xc2, + 0x47, + 0xa1, + 0x96, + 0x80, + 0xf7, + 0xfe, + 0x41, + 0xce, + 0xfb, + 0xd4, + 0x9b, + 0x58, + 0x21, + 0x06, + 0xe3, + 0x61, + 0x6c, + 0xbb, + 0xe4, + 0xdf, + 0xb2, + 0x34, + 0x4b, + 0x2a, + 0xe9, + 0x51, + 0x93, + 0x91, + 0xf3, + 0xe0, + 0xfb, + 0x49, + 0x22, + 0x25, + 0x4b, + 0x1d, + 0x6d, + 0x2d, + 0x19, + 0xc6, + 0xd4, + 0xd5, + 0x37, + 0xb3, + 0xa2, + 0x6f, + 0x3b, + 0xcc, + 0x51, + 0x58, + 0x8b, + 0x32, + 0xf3, + 0xec, + 0xa0, + 0x82, + 0x9b, + 0x6a, + 0x5a, + 0xc7, + 0x25, + 0x78, + 0xfb, + 0x81, + 0x4f, + 0xb4, + 0x3c, + 0xf8, + 0x0d, + 0x64, + 0xa2, + 0x33, + 0xe3, + 0xf9, + 0x97, + 0xa3, + 0xf0, + 0x26, + 0x83, + 0x34, + 0x2f, + 0x2b, + 0x33, + 0xd2, + 0x5b, + 0x49, + 0x25, + 0x36, + 0xb9, + 0x3b, + 0xec, + 0xb2, + 0xf5, + 0xe1, + 0xa8, + 0xb8, + 0x2f, + 0x5b, + 0x88, + 0x33, + 0x42, + 0x72, + 0x9e, + 0x8a, + 0xe0, + 0x9d, + 0x16, + 0x93, + 0x88, + 0x41, + 0xa2, + 0x1a, + 0x97, + 0xfb, + 0x54, + 0x3e, + 0xea, + 0x3b, + 0xbf, + 0xf5, + 0x9f, + 0x13, + 0xc1, + 0xa1, + 0x84, + 0x49, + 0xe3, + 0x98, + 0x70, + 0x1c, + 0x1a, + 0xd5, + 0x16, + 0x48, + 0x34, + 0x6c, + 0xbc, + 0x04, + 0xc2, + 0x7b, + 0xb2, + 0xda, + 0x3b, + 0x93, + 0xa1, + 0x37, + 0x2c, + 0xca, + 0xe5, + 0x48, + 0xfb, + 0x53, + 0xbe, + 0xe4, + 0x76, + 0xf9, + 0xe9, + 0xc9, + 0x17, + 0x73, + 0xb1, + 0xbb, + 0x19, + 0x82, + 0x83, + 0x94, + 0xd5, + 0x5d, + 0x3e, + 0x1a, + 0x20, + 0xed, + 0x69, + 0x11, + 0x3a, + 0x86, + 0x0b, + 0x68, + 0x29, + 0xff, + 0xa8, + 0x47, + 0x22, + 0x46, + 0x04, + 0x43, + 0x50, + 0x70, + 0x22, + 0x1b, + 0x25, + 0x7e, + 0x8d, + 0xff, + 0x78, + 0x36, + 0x15, + 0xd2, + 0xca, + 0xe4, + 0x80, + 0x3a, + 0x93, + 0xaa, + 0x43, + 0x34, + 0xab, + 0x48, + 0x2a, + 0x0a, + 0xfa, + 0xc9, + 0xc0, + 0xae, + 0xda, + 0x70, + 0xb4, + 0x5a, + 0x48, + 0x1d, + 0xf5, + 0xde, + 0xc5, + 0xdf, + 0x8c, + 0xc0, + 0xf4, + 0x23, + 0xc7, + 0x7a, + 0x5f, + 0xd4, + 0x6c, + 0xd3, + 0x12, + 0x02, + 0x1d, + 0x4b, + 0x43, + 0x88, + 0x62, + 0x41, + 0x9a, + 0x79, + 0x1b, + 0xe0, + 0x3b, + 0xb4, + 0xd9, + 0x7c, + 0x0e, + 0x59, + 0x57, + 0x85, + 0x42, + 0x53, + 0x1b, + 0xa4, + 0x66, + 0xa8, + 0x3b, + 0xaf, + 0x92, + 0xce, + 0xfc, + 0x15, + 0x1b, + 0x5c, + 0xc1, + 0x61, + 0x1a, + 0x16, + 0x78, + 0x93, + 0x81, + 0x9b, + 0x63, + 0xfb, + 0x8a, + 0x6b, + 0x18, + 0xe8, + 0x6d, + 0xe6, + 0x02, + 0x90, + 0xfa, + 0x72, + 0xb7, + 0x97, + 0xb0, + 0xce, + 0x59, + 0xf3 +]; + [Benchmark] public void Encrypt() {
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.