| 1127c1965c2c0789b368062cfd7ba0b5c4031444 |
|
08-Jun-2015 |
Sergio Giro <sgiro@google.com> |
OpenSSLCipher: adjust expected length with padding in decrypt mode
- Consider the |final| buffer when computing the expected length
- Should not expect an extra block when using padding in decrypting
mode
Bug: 19186852
Change-Id: I8c51b309ca98030ab1eda5b2a0201a97a5758072
(cherry-pick from 8fa4acdcf1e47a2745940694179fa34e95825a24)
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| f6f6620ccbad41df84c2be96a9f6c61a0ac3dd53 |
|
08-May-2015 |
Kenny Root <kroot@google.com> |
OpenSSLCipher: add AEAD cipher
This allows us to provide an implementation of AES-GCM using the new
EVP_AEAD interface in BoringSSL. It simply buffers up the input until
doFinal(...) is called which makes it much safer than any streaming
interfaces, because the caller can't use the plaintext until it's
authenticated by the GHASH (or whatever other AEAD you happen to use).
Bug: 20636336
Change-Id: I6e4b063a8137a16102b1f6ac15687a38ddfe1691
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 110054e9931e167e32ec0f31bf00b58a8ad3882c |
|
08-May-2015 |
Kenny Root <kroot@google.com> |
OpenSSLCipher: refactor in preparation for AEAD
BoringSSL uses a different interface for AEAD that is much simplier
called EVP_AEAD. Separate out the EVP_CIPHER usage so that we can have
another subclass with the EVP_AEAD usage.
Bug: 20636336
Change-Id: I661d92bd449f2fcc3c4a6e511155490917ecef0c
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| d4cca77f58721f32082a06b4c16631a3730844ca |
|
30-Jan-2015 |
Kenny Root <kroot@google.com> |
OpenSSLCipher: exception when IV not specified
If you're decrypting with a mode that requires an IV, init should throw
an exception indicating as much. Add the checks to make sure this
happens.
Bug: 19201819
Change-Id: I2d3481da4f63bffb340dc1197f6b5cb29360fbff
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 34160c54880216d9efb43f37a5253be7b72f9882 |
|
22-Apr-2015 |
Adam Langley <agl@google.com> |
external/conscrypt: align registered modes with BoringSSL.
Some of the more obscure modes BoringSSL doesn't support anymore, so
just let Bouncycastle implement them.
Bug: 20451412
Change-Id: I966e08493b1df741ffc114d3189b301456011a4e
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 4757cdbe3c9e06f243a8cb07086ced5537d69af2 |
|
26-Nov-2014 |
Kenny Root <kroot@google.com> |
Switch EVP_CIPHER_CTX to new style
Bug: 16656908
Change-Id: Id519c20474a02c70e72d362bc84d26855a74fa33
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 084e3086be1d7a6b9280b64c7c8cdb7b41a13bea |
|
14-Jul-2014 |
Kenny Root <kroot@google.com> |
Keep enough state to completely reset cipher instances
OpenSSL's RC4 mutates the given key. AES/CTR mutates the IV. We must
store these values locally to enable "doFinal" to cause the Cipher
instance to be reset to what it was right after "init".
Note that resetting and encrypting with the same key or IV breaks
semantic security.
Bug: 16298401
Bug: https://code.google.com/p/android/issues/detail?id=73339
Change-Id: Ie7e4dcb6cf6cc33ddad31d6b47066dc1b34e6894
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 0ec06644b9846b4a80d62fd1adf46299cdbd6518 |
|
22-Nov-2013 |
Kenny Root <kroot@google.com> |
OpenSSLCipher: check for null params
The documentation says init with null should be handled.
Bug: https://code.google.com/p/android/issues/detail?id=62640
Change-Id: If640a1f62e6002191d552047ccbe5eba5badacc1
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 0a47f2ba654ef74f98a4aa263ac091979e88d6f5 |
|
30-Sep-2013 |
Kenny Root <kroot@google.com> |
Remove unsupported Cipher modes
OpenSSL silently ignores the padding modes when specified for stream
ciphers, but apparently Java does not.
Change-Id: Icd92122d63b3b8e99d704e8193414dda5057146d
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 3974cacc0af4d6c5e19bf290ea4cdbdc2887fe56 |
|
10-Sep-2013 |
Kenny Root <kroot@google.com> |
Return IvParameters in OpenSSLCipher#getParameters
The getParameters() call was unimplemented in the OpenSSLCipher as an
oversight. Add it so code relying on it will continue to work.
Additionally add tests for getIV() and getParameters() to make sure they
work correctly.
(cherry picked from commit 8d59a14a150738b8b3a2a8c31d1a48b8ae0a3d0c)
Bug: 10423926
Change-Id: I6bc7fc540509242dff9e5411f66f82be54691cb4
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| c875a50c6c5152f31de58d726c69b93835203511 |
|
06-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: pull in copy of EmptyArray
Pull in our own copy of EmptyArray so we don't depend on libcore's
version.
Change-Id: I9d90ac4f196a66a022241ed974a7dc78cb9babda
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|
| 860d2707ce126ef8f66e3eac7ceeab6d24218cd8 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Move JSSE to new package
To help with shipping the JSSE with apps that want to bundle it, move
it to a new package so that the tangles in other parts of the library
can be untangled.
Change-Id: I810b6861388635301e28aee5b9b47b8e6b35b430
/external/conscrypt/src/main/java/org/conscrypt/OpenSSLCipher.java
|