aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_cbc
Commit message (Collapse)AuthorAgeFilesLines
* Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
| | | | | | We poisoned the record before decrypting it, which caused failures with Camellia ciphersuites (or AES, on platforms that use T-tables). Instead poison it right after decrypting.
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-021-1/+3
|
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-182-51/+51
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* TLS CBC functionality now exposed to the library developer. Useful for ↵Juraj Somorovsky2016-11-191-1/+1
| | | | | | direct TLS CBC testing. CLI TLS server now catches an exception if an invalid connection is received (Otherwise, the server always stopped working)
* Cipher_Mode and AEAD_Mode improvementsDaniel Neus2016-11-082-2/+13
| | | | | | | | | | | | See PR #552 - Add Cipher_Mode::reset() which resets just the message specific state and allows encrypting again under the existing key - In Cipher_Mode::clear() (at some planes) use cipher->clear() instead of resetting the pointer which would make the cipher object unusable - EAX_Decryption::output_length() bugfix?! Now its possible to decrypt an empty ciphertext (just a tag) - Bugfix for GCM_Decryption::finish() - set tag length in GCM_Mode::name() - Cipher_Mode tests: add tests for reset()and process() - AEAD_Mode tests: add tests for reset(), clear(), update() and process()
* Simplify some code by using T::create_or_throwJack Lloyd2016-11-031-7/+2
|
* Merge GH #675 Lucky13 countermeasuresJack Lloyd2016-10-242-0/+82
|\
| * Final changes, now using the countermeasure from the Lucky 13 paper again ↵Juraj Somorovsky2016-10-231-36/+32
| | | | | | | | | | | | (or a countermeasure that is very similar to it). Timing differences in the test suite show at most 120 clock cycle difference (SHA-1/256/384).
| * SHA384 countermeasure (not perfect, but makes the attack harder)Juraj Somorovsky2016-10-221-19/+27
| |
| * Lucky 13 patch for SHA-1 and SHA-256Juraj Somorovsky2016-10-162-0/+78
| |
* | Maintainer mode fixesJack Lloyd2016-10-171-7/+3
|/
* Make TLS CBC optionalJack Lloyd2016-10-083-0/+576