| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
We poisoned the record before decrypting it, which caused failures
with Camellia ciphersuites (or AES, on platforms that use T-tables).
Instead poison it right after decrypting.
|
| |
|
|
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
|
|
|
|
|
| |
direct TLS CBC testing.
CLI TLS server now catches an exception if an invalid connection is received (Otherwise, the server always stopped working)
|
|
|
|
|
|
|
|
|
|
|
|
| |
See PR #552
- Add Cipher_Mode::reset() which resets just the message specific state and allows encrypting again under the existing key
- In Cipher_Mode::clear() (at some planes) use cipher->clear() instead of resetting the pointer which would make the cipher object unusable
- EAX_Decryption::output_length() bugfix?! Now its possible to decrypt an empty ciphertext (just a tag)
- Bugfix for GCM_Decryption::finish()
- set tag length in GCM_Mode::name()
- Cipher_Mode tests: add tests for reset()and process()
- AEAD_Mode tests: add tests for reset(), clear(), update() and process()
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
(or a countermeasure that is very similar to it).
Timing differences in the test suite show at most 120 clock cycle difference (SHA-1/256/384).
|
| | |
|
| | |
|
|/ |
|
|
|