mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 10:53:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,272 Commits 34 Branches 385 Tags 454 MiB
7be6bc68c6
Commit Graph

16 Commits

Author SHA1 Message Date
Emilia Kasper
8b37e5c14f Fix undefined behaviour in shifts. 
Td4 and Te4 are arrays of u8. A u8 << int promotes the u8 to an int first then shifts.
If the mathematical result of a shift (as modelled by lhs * 2^{rhs}) is not representable
in an integer, behaviour is undefined. In other words, you can't shift into the sign bit
of a signed integer. Fix this by casting to u32 whenever we're shifting left by 24.

(For consistency, cast other shifts, too.)

Caught by -fsanitize=shift

Submitted by Nick Lewycky (Google)

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2015-03-13 21:10:13 -07:00
Matt Caswell
9d51824b3b Manually reformat aes_core.c 
Add aes_core.c to the list of files not processed by openssl-format-source

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:08 +00:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that 
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-30 22:10:26 +00:00
Dr. Stephen Henson
e4e5bc39f9 Remove fips_constseg references. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Andy Polyakov
03e389cf04 Allow for dynamic base in Win64 FIPS module. 2011-09-14 20:48:49 +00:00
Dr. Stephen Henson
d749e1080a Experimental symbol renaming to avoid clashes with regular OpenSSL. 
Make sure crypto.h is included first in any affected files.
 2011-02-16 14:40:06 +00:00
Andy Polyakov
82686bdcaa Minimize aes_core.c footprint when AES_[en|de]crypt is implemented in 
assembler.
 2007-01-25 20:47:00 +00:00
Andy Polyakov
ac8173515a Mitigate cache-collision timing attack on last round. 2006-06-28 08:39:06 +00:00
Andy Polyakov
20ab8b4b41 Revoke the option to share AES S-boxes between C and assembler. It wastes 
space, but gives total flexibility [back].
 2005-12-10 11:22:57 +00:00
Andy Polyakov
8359421d90 Default to AES u32 being unsinged int and not long. This improves cache 
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
 2005-01-24 14:22:05 +00:00
Andy Polyakov
25558bf743 Eliminate copies of TeN and TdN, use those found in assembler module. 2004-12-23 21:40:23 +00:00
Andy Polyakov
859ceeeb51 Anchor AES and SHA-256/-512 assembler from C. 2004-07-18 17:26:01 +00:00
Andy Polyakov
97e6bf6b22 Workaround for lame compiler bug introduced in "CPU pack" for MSVC6SP5. 2003-01-23 10:05:39 +00:00
Bodo Möller
b6fee5c2fb disable weird assert()s 2002-11-13 14:01:34 +00:00
Richard Levitte
97879bcd57 Add the modes OFB128, CFB128 and CTR128 to AES. 
Submitted by Stephen Sprunk <stephen@sprunk.org>
 2002-02-16 12:20:34 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of 
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
 2002-01-02 16:55:35 +00:00