boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Adam Langley	adf27430ef	Be consistent about 𝑥_tests.txt Some files were named 𝑥_test.txt and some 𝑥_tests.txt. This change unifies around the latter. Change-Id: Id6f29bad8b998f3c3466655097ef593f7f18f82f Reviewed-on: https://boringssl-review.googlesource.com/8150 Reviewed-by: David Benjamin <davidben@google.com>	2016-06-06 15:57:46 +00:00
Brian Smith	bc41cdf327	Add tests from cipher_test.txt to the AEAD test suite. Change-Id: I819b5473e35e1f71192d3a336252ae4506c4230b Reviewed-on: https://boringssl-review.googlesource.com/6055 Reviewed-by: Adam Langley <agl@google.com>	2015-09-30 23:11:40 +00:00
David Benjamin	ea72bd0b60	Implement all TLS ciphers with stateful AEADs. The EVP_CIPHER codepath should no longer be used with TLS. It still exists for DTLS and SSLv3. The AEAD construction in TLS does not allow for variable-overhead AEADs, so stateful AEADs do not include the length in the ad parameter. Rather the AEADs internally append the unpadded length once it is known. EVP_aead_rc4_md5_tls is modified to account for this. Tests are added (and RC4-MD5's regenerated) for each of the new AEADs. The cipher tests are all moved into crypto/cipher/test because there's now a lot of them and they clutter the directory listing. In ssl/, the stateful AEAD logic is also modified to account for stateful AEADs with a fixed IV component, and for AEADs which use a random nonce (for the explicit-IV CBC mode ciphers). The new implementation fixes a bug/quirk in stateless CBC mode ciphers where the fixed IV portion of the keyblock was generated regardless. This is at the end, so it's only relevant for EAP-TLS which generates a MSK from the end of the key block. Change-Id: I2d8b8aa11deb43bde2fd733f4f90b5d5b8cb1334 Reviewed-on: https://boringssl-review.googlesource.com/2692 Reviewed-by: Adam Langley <agl@google.com>	2015-01-14 20:30:26 +00:00

Author

SHA1

Message

Date

Adam Langley

adf27430ef

Be consistent about 𝑥_tests.txt

Some files were named 𝑥_test.txt and some 𝑥_tests.txt. This change
unifies around the latter.

Change-Id: Id6f29bad8b998f3c3466655097ef593f7f18f82f
Reviewed-on: https://boringssl-review.googlesource.com/8150
Reviewed-by: David Benjamin <davidben@google.com>

2016-06-06 15:57:46 +00:00

Brian Smith

bc41cdf327

Add tests from cipher_test.txt to the AEAD test suite.

Change-Id: I819b5473e35e1f71192d3a336252ae4506c4230b
Reviewed-on: https://boringssl-review.googlesource.com/6055
Reviewed-by: Adam Langley <agl@google.com>

2015-09-30 23:11:40 +00:00

David Benjamin

ea72bd0b60

Implement all TLS ciphers with stateful AEADs.

The EVP_CIPHER codepath should no longer be used with TLS. It still exists for
DTLS and SSLv3. The AEAD construction in TLS does not allow for
variable-overhead AEADs, so stateful AEADs do not include the length in the ad
parameter. Rather the AEADs internally append the unpadded length once it is
known. EVP_aead_rc4_md5_tls is modified to account for this.

Tests are added (and RC4-MD5's regenerated) for each of the new AEADs. The
cipher tests are all moved into crypto/cipher/test because there's now a lot of
them and they clutter the directory listing.

In ssl/, the stateful AEAD logic is also modified to account for stateful AEADs
with a fixed IV component, and for AEADs which use a random nonce (for the
explicit-IV CBC mode ciphers).

The new implementation fixes a bug/quirk in stateless CBC mode ciphers where
the fixed IV portion of the keyblock was generated regardless. This is at the
end, so it's only relevant for EAP-TLS which generates a MSK from the end of
the key block.

Change-Id: I2d8b8aa11deb43bde2fd733f4f90b5d5b8cb1334
Reviewed-on: https://boringssl-review.googlesource.com/2692
Reviewed-by: Adam Langley <agl@google.com>

2015-01-14 20:30:26 +00:00

3 Commits