boringssl/crypto/cipher_extra
David Benjamin 024f5df3c8 Avoid some divisions in Lucky 13 fix.
data_plus_mac_size is secret. Values derived from it cannot quite be
safely divided by md_block_size because SHA-384 ciphers prevent that
field from being constant. We know the value is a power of two, so do
the strength reduction by hand.

Change-Id: Id62ab9e646f4e21d507a7059cfe84d49bbb986e6
Reviewed-on: https://boringssl-review.googlesource.com/27505
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-04-17 15:13:55 +00:00
..
asm Enable extra_in with the ChaCha20-Poly1305 AEAD. 2017-07-14 22:13:25 +00:00
test Add M=8 L=2 AES-128-CCM as well. 2018-03-02 18:45:06 +00:00
aead_test.cc Add M=8 L=2 AES-128-CCM as well. 2018-03-02 18:45:06 +00:00
cipher_extra.c
cipher_test.cc
CMakeLists.txt Add AES_128_CCM AEAD. 2018-02-16 15:57:27 +00:00
derive_key.c
e_aesccm.c Add M=8 L=2 AES-128-CCM as well. 2018-03-02 18:45:06 +00:00
e_aesctrhmac.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
e_aesgcmsiv.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
e_chacha20poly1305.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
e_null.c
e_rc2.c Move OPENSSL_FALLTHROUGH to internal headers. 2018-01-29 18:17:57 +00:00
e_rc4.c
e_ssl3.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
e_tls.c Fix early_mac_len computation. 2017-12-21 21:41:39 +00:00
internal.h Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
tls_cbc.c Avoid some divisions in Lucky 13 fix. 2018-04-17 15:13:55 +00:00