TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,193 Commits 1 Branch 0 Tags
Commit Graph

72 Commits

Author SHA1 Message Date
Steffen Jaeckel
b2448c593a ocb3: properly handle empty AAD 
* allow passing "no additional data" to ocb3_decrypt_verify_memory() and
  ocb3_encrypt_authenticate_memory()
* ensure that the caller didn't want to add AAD
 2017-08-01 14:44:37 +02:00
Steffen Jaeckel
24e69b2956 more printf() clean-up 
* remove last occurences in non-test code
* minimize in tests
 2017-07-11 15:29:45 +02:00
Karel Miko
0792e3701e GCM allow skipping gcm_add_aad and gcm_process 2017-07-10 22:35:42 +02:00
Steffen Jaeckel
1bf42ea99a update some of the static functions 2017-06-22 14:21:14 +02:00
Steffen Jaeckel
27b3ffc627 use compare_testvector() instead of XMEMCMP() in tests 2017-06-22 14:21:14 +02:00
Steffen Jaeckel
05e28d6cfa fix potential timing attacks in rsa, eax, ocb and ocb3 2017-06-22 14:21:14 +02:00
Steffen Jaeckel
4cd1355b8f more clean-up of headers/footers 2017-06-20 15:16:11 +02:00
Steffen Jaeckel
fe19dad623 replace SVN tags 2017-06-20 15:16:11 +02:00
Steffen Jaeckel
4dc211e19d clean-up headers 2017-06-20 15:16:11 +02:00
Steffen Jaeckel
4e971a8518 don't use print_hex() from library 2017-06-08 22:20:45 +02:00
Steffen Jaeckel
8c1d55f4c0 fix error when compiling w/ LTC_CLEAN_STACK but w/o LTC_FAST 2017-06-08 22:20:45 +02:00
Karel Miko
43e46a2efc fix clang static analyzer warnings/errors - see #217 2017-05-11 20:37:06 +02:00
Karel Miko
e2cf11da25 fix windows warnings - #212 and #213 2017-05-11 17:42:43 +02:00
Karel Miko
04262d3aec fix: local struct member 'poly_div' not referenced 2017-05-09 21:31:12 +02:00
Karel Miko
f6ea738fee fix: Loss of sign (initialization) (int to unsigned long long) 2017-05-09 21:30:44 +02:00
Karel Miko
87142382da lint fixes discussed in #199 2017-04-29 19:59:03 +02:00
Karel Miko
9c972c833d fix chacha20poly1305_test 2017-04-29 13:30:19 +02:00
Karel Miko
eb209aa2f9 more error checking in *_test 2017-04-28 19:24:58 +02:00
Karel Miko
1732ed8ce8 increase coverage 2017-04-28 19:24:58 +02:00
Francois Perrad
9941648125 remove suspicious ; 2017-04-07 00:17:43 +02:00
Karel Miko
3a05f0331d chachapoly_state > chacha20poly1305_state 2017-04-02 18:13:45 +02:00
Karel Miko
39028bbeed more tests in chacha20poly1305_test 2017-04-02 18:13:45 +02:00
Karel Miko
31b52a354d padlen in chacha20poly1305_decrypt 2017-04-02 18:13:45 +02:00
Karel Miko
c8cb714e08 added chacha_done 2017-04-02 18:13:45 +02:00
Karel Miko
ff6abc776c RFC 7539 - ChaCha20 and Poly1305 + chacha based PRNG 2017-04-02 18:13:45 +02:00
Steffen Jaeckel
8af93d1d0d Remove ccm_memory_ex() 2017-03-28 22:57:22 +02:00
Karel Miko
39425a94c5 improved source checks 2017-03-15 23:13:46 +01:00
Karel Miko
54a26525dc avoid C++ style comments 2017-03-15 15:22:06 +01:00
Karel Miko
52eaabefa9 msvc 2008 does not like { } initialization 2017-03-06 19:53:04 +01:00
Matt Kelly
e187f4cbf4 Fix all warnings from -Wcast-align 2017-02-26 10:12:16 -05:00
Francois Perrad
79d6e61aca use the variable 'err' 2017-02-24 19:00:32 +01:00
Francois Perrad
58353f51e2 remove trailing spaces 2017-02-24 16:29:54 +01:00
Francois Perrad
5d7036ebe2 remove hard tab 2017-02-24 16:26:48 +01:00
Francois Perrad
7b48f4d5f7 fix indentation 2017-02-24 16:23:10 +01:00
Steffen Jaeckel
7d418b34b3 Fix GCM counter reuse 
GCM should error out after processing (2^32)-1 blocks / (2^39)-256 bits
 2016-09-28 20:18:09 +02:00
Karel Miko
966496ea1a fixing GCM troubles at HP-UX/IA64 2016-01-23 18:09:03 +01:00
Steffen Jaeckel
460b8716c9 fix clang-analyzer warnings 
This fixes #80
 2015-12-05 14:31:01 +01:00
Sebastian Verschoor
75b114517a make sure no cache-based timing attack is possible 
instead of two different buffers, there is just one buffer. Based upon the verification result, a mask is applied to the buffer before it is written to the output buffer.
 2015-08-26 00:08:38 +02:00
Steffen Jaeckel
09e4b0ec9b don't reveal plaintext if authentication failed 
Create two buffers of the same size as the input data.
Copy the input data to the first one and work with that version to hold the
decrypted data, zeroize the second one.
Copy depending on the verification result, either the zero-buffer or the
real plaintext to the output buffer.
 2015-08-26 00:08:38 +02:00
Steffen Jaeckel
6c11ca771b fix compile error of tests 2015-08-26 00:08:38 +02:00
Sebastian Verschoor
25af184cd5 Quickfix for issue #73 
The API of the function is changed (for decryption, tag is now an input
parameter). With the old API it is impossible to confirm to the NIST
specification and a timing sidechannel leak is inevitable.
 2015-08-26 00:08:38 +02:00
Steffen Jaeckel
9585faca2b re-work debug output of some tests 2015-08-23 22:59:14 +02:00
Karel Miko
6a257e15cd cygwin related fix - variable name B0 changed to B_0 as it caused collision when compiling libtomcrypt as a perl module (for some reason only on cygwin) 2015-04-17 08:56:42 +02:00
Steffen Jaeckel
9782c09a3a use XMEM{CMP, CPY, SET} macros instead of standard versions 2015-01-20 22:36:06 +01:00
Steffen Jaeckel
f2f8342c43 ccm test: add missing AAD 2014-11-02 17:01:56 +01:00
Steffen Jaeckel
943a858d6c also run testvectors on new CCM API 
[skip ci]
 2014-10-31 19:41:14 +01:00
Steffen Jaeckel
4efa27ead1 add missing pointer checks 2014-10-31 19:39:03 +01:00
Steffen Jaeckel
53917750d8 trim trailing spaces 2014-10-31 19:38:47 +01:00
Pascal Brand
992506cb49 Add incremental CCM authentication processing 
CCM is only meant for packet mode where the length of the input is known in
advance. Since it is a packet mode function, CCM only had one function that
performs the protocol.

However, incremental authentication is usefull in some usecases. It also
ensure some kind of coherencies when processing with a given authentication
mode or another. To achieve this aim, this commit adds the following functions:
    ccm_init()
    ccm_add_aad()
    cm_add_nonce()
    ccm_process()
    ccm_done()
    ccm_reset()
as well as the data structure
    ccm_state

Change-Id: I5225a42bb098708c4af07518b561bb00f85bc243
 2014-10-17 09:00:19 +02:00
Steffen Jaeckel
155a54ba40 add LTC prefix to most macros 2014-07-17 10:50:36 +02:00