Skip to content

Releases: bricke/Qt-AES

2.0 Release

11 Mar 05:24
@bricke bricke
v2.0.0
ec2a595

Choose a tag to compare

View all tags
2.0 Release Latest
Latest

This release is a significant overhaul covering new cipher modes, hardware acceleration, correctness fixes, and API cleanup. Consumers should review the breaking changes before upgrading.

Breaking changes

  • printArray() removed — this debug helper has been removed from the public API.
  • expandKey() instance method moved to private — use the static QAESEncryption::ExpandKey() for advanced key schedule inspection.
  • AES192::expandedKey corrected from 209 to 208 bytes ((Nr+1)×Nb×4 = 13×16 = 208). This was a latent bug in the AES-192 key schedule size.

New features

  • CTR mode — streaming cipher mode added for all key sizes (AES-128/192/256), with AES-NI hardware acceleration on x86/x86-64.
  • AES-NI acceleration for CFB and OFB — all five cipher modes (ECB, CBC, CFB, OFB, CTR) are now hardware-accelerated when QTAES_ENABLE_AESNI=ON.
  • bool *ok error reporting — encode(), decode(), and removePadding() (both instance and static variants) now accept an optional bool *ok = nullptr parameter that is set to false on
    invalid key/IV size or malformed PKCS7 padding. Existing code requires no changes.

Security fixes

  • PKCS7 padding validation — removePadding() now validates that all padding bytes match the padding length value. Previously, invalid padding could silently produce wrong output.
  • Secure memory zeroing — sensitive key material (expanded key schedules) is now zeroed with a volatile write to prevent dead-store elimination by the compiler.

Correctness fixes

  • Software CFB loop refactored — the previous implementation had a structurally incorrect pre-loop pattern. The loop now correctly feeds the ciphertext block back as the next IV
    (C[i] → feedback), matching NIST SP 800-38A §6.3.
  • Thread safety — m_state member removed; all mutable state during encode()/decode() is now stack-local, making instances safe to use concurrently from multiple threads without a
    mutex.

Testing & CI

  • NIST SP 800-38A known-answer vectors added for CFB128 (F.3.13/F.3.14), CTR (F.5.1–F.5.6), and AES-NI paths for all modes.
  • Sanitizer CI (QTAES_ENABLE_SANITIZERS=ON) — AddressSanitizer + UBSan workflow runs on every push.
  • libFuzzer fuzz target (QTAES_ENABLE_FUZZING=ON) — exercises all mode/key-size/padding combinations; checks crash-freedom and PKCS7/CTR round-trip correctness. Runs weekly on CI.
Assets 2
Loading

1.2 Release

16 Dec 15:37
@bricke bricke
1.2
845e3b4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
1.2 Release
  • New padding types
  • CMake support
  • Added new Modes
Loading

1.1 Release

30 Mar 16:31
@bricke bricke
1.1
a74a46e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
1.1 Release
  • Added padding types
  • Compatibility Qt5.5
  • Improved Performances
Loading

1.0 RC

11 Jul 16:44
@bricke bricke
v1.0
3350cf1

Choose a tag to compare

View all tags
1.0 RC
  • Added CFB mode
Loading

1.0 Beta

07 Jul 18:26
@bricke bricke
v1.0-beta
72bd2df

Choose a tag to compare

View all tags
1.0 Beta Pre-release
Pre-release
  • Support for 128-192-256 bit keys
  • Support for ECB and CBC mode encryption
  • Static access
  • Instance access
Loading