kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
03c6fa4426
boringssl/crypto
History
David Benjamin 03c6fa4426 AES-GCM is not defined for empty nonces. 
It shouldn't have been defined for variable-length nonces at all, but so
it goes. EVP_CIPHER rejected this by way of EVP_CTRL_GCM_SET_IVLEN
comparing <= 0, but the EVP_AEAD API did not.

I've done the test in a separate file on the assumption that aead_test
will become GTest shortly, at which point it will be easy to stick extra
tests into the same file as the FileTest ones.

Thanks to Daniel Bleichenbacher and Thanh Bui of Project Wycheproof for
the report.

Change-Id: Ic4616b39a1d7fe74a1f14fb58cccec2ce7c4f2f3
Reviewed-on: https://boringssl-review.googlesource.com/16544
Reviewed-by: Adam Langley <agl@google.com>
2017-05-23 22:36:06 +00:00
..
asn1 Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
base64 Optimize constant-time base64 implementation slightly. 2017-05-17 23:11:47 +00:00
bio
bn_extra Move bn/ into crypto/fipsmodule/ 2017-05-01 22:51:25 +00:00
buf
bytestring Convert bytestring_test to GTest. 2017-04-17 14:19:47 +00:00
chacha Remove filename argument to x86 asm_init. 2017-05-12 14:58:27 +00:00
cipher_extra AES-GCM is not defined for empty nonces. 2017-05-23 22:36:06 +00:00
cmac Convert cmac_test to GTest. 2017-04-24 20:25:22 +00:00
conf
curve25519 Convert ed25519_test to GTest. 2017-05-23 22:33:55 +00:00
dh Move bn/ into crypto/fipsmodule/ 2017-05-01 22:51:25 +00:00
digest_extra Convert digest_test to GTest. 2017-05-18 14:50:06 +00:00
dsa Move bn/ into crypto/fipsmodule/ 2017-05-01 22:51:25 +00:00
ec_extra Tidy up FIPS module dependencies. 2017-05-05 23:10:24 +00:00
ecdh
ecdsa_extra Tidy up FIPS module dependencies. 2017-05-05 23:10:24 +00:00
engine Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
err Update BN_enhanced_miller_rabin_primality_test to enforce preconditions and accept BN_prime_checks. 2017-04-21 22:24:01 +00:00
evp Convert various tests to GTest. 2017-05-23 22:34:09 +00:00
fipsmodule AES-GCM is not defined for empty nonces. 2017-05-23 22:36:06 +00:00
hkdf Convert various tests to GTest. 2017-05-23 22:34:09 +00:00
hmac_extra
lhash Convert various tests to GTest. 2017-05-23 22:34:09 +00:00
obj
pem
perlasm Remove filename argument to x86 asm_init. 2017-05-12 14:58:27 +00:00
pkcs7 Add PKCS7_get_raw_certificates. 2017-04-19 17:30:31 +00:00
pkcs8
poly1305
pool Convert various tests to GTest. 2017-05-23 22:34:09 +00:00
rand_extra Fix fuzzer build. 2017-04-25 16:42:28 +00:00
rc4
rsa_extra Add FIPS-compliant key generation that calls check_fips for RSA and EC. 2017-05-17 16:30:48 +00:00
stack Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
test Convert aes_test to GTest. 2017-05-23 22:33:25 +00:00
x509 Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
x509v3 Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
CMakeLists.txt AES-GCM is not defined for empty nonces. 2017-05-23 22:36:06 +00:00
compiler_test.cc Fix build on android_aarch64. 2017-04-21 22:52:10 +00:00
constant_time_test.cc Switch constant-time functions to using |crypto_word_t|. 2017-04-21 22:06:05 +00:00
cpu-aarch64-linux.c
cpu-arm-linux.c
cpu-arm.c
cpu-intel.c
cpu-ppc64le.c
crypto.c Revise OPENSSL_ia32cap_P strategy to avoid TEXTRELs. 2017-04-27 21:07:33 +00:00
ex_data.c Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
internal.h Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
mem.c
refcount_c11.c
refcount_lock.c
refcount_test.cc Convert various tests to GTest. 2017-05-23 22:34:09 +00:00
thread_none.c
thread_pthread.c
thread_test.c Move ec/ and ecdsa/ into fipsmodule/ 2017-05-04 20:27:23 +00:00
thread_win.c
thread.c