#
05d1d15b |
|
16-Jun-2018 |
Adam Barth <abarth@chromium.org> |
[cprng] Update clients to zx_cprng_draw Test: cprng, chromeos-disk-setup Change-Id: I8fffa468ceec58a371c8eaa0c6bbdaa204e77df8
|
#
8f341f20 |
|
09-Jun-2018 |
Adam Barth <abarth@chromium.org> |
[cprng] Remove short reads from zx_cprng_draw We never actually generate short reads from zx_cprng_draw. This CL removes the |actual| out parameter. Now zx_cprng_draw either fails or succeeds in drawing the amount requested, simplifying clients and removing possible mistakes. This CL is phase 1 of the transition, which introduces the new version as zx_cprng_draw_new. Once all the clients are migrated, we'll change zx_cprng_draw itself, migrate all the clients back, and then remove zx_cprng_draw_new. Change-Id: I2219d0517f103fb999014de1e846fa8b8a5ca20c
|
#
5385b50e |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Split Bytes class This CL breaks out the Secret class from the Bytes class. A number of paranoid but expensive functions are only needed for security sensitve secrets, e.g. mandatory_memset in the destructor of keys. This split allows only the data that needs the paranoia to pay for it. Change-Id: Ib3fdc23ef7c0f86a6549c639353ac72bb35ebedf
|
#
7505ece5 |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto][zxcrypt] Remove Bytes::Increment This CL removes the method was being used for incrementing the IV used by AEAD and Cipher. As written, it was too general purpose and slow in order to be constant time. In its place, AEAD and Cipher now represent their IVs as an array of zx_off_ts, and only increment the first one. this is much quicker (and still safe) as it is only an add and a store. This limits both of them to 2^64 cryptographic operations, but in practice this likely won't be a concern. Change-Id: I9ed707a2aa71aae619906af5918f3d8e5451b3d5
|
#
379f22fa |
|
06-Jun-2018 |
Adam Barth <abarth@google.com> |
[fdio] Move headers into lib/fdio/... Change-Id: Ie8d74e716da913bf6e2672c4acf8cd67b4962b7f
|
#
6e917f03 |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto][zxcrypt] Remove Bytes::Split,Append This CL removes the Split and Append methods from Bytes. They were only used in a single place, zxcrypt::Volume, and werne't being test due to an oversight. The same behavior can be achieved with simple Copy()s. Change-Id: Ie73151122a27ec481a0cf38daf7bf3c37383f0fb
|
#
7612baee |
|
01-Mar-2018 |
Nick Kralevich <nnk@google.com> |
[crypto] more moving to compiler intrinsics See ZX-1747 Technically this introduces a change in behavior. Before the code would crash - now this error condition is handled gracefully. Change-Id: Ie9a0bb65d830df581e6401a70b555c8eaca3afe9
|
#
16e16ded |
|
19-Jan-2018 |
Aaron Green <aarongreen@google.com> |
[crypto][fdio][zxcrypt] Improve debug output This CL improves fdio/debug's xprintf with location info. Change-Id: Idd05c0439258ed3fe160086bcce05575eddbc38b
|
#
b28eb891 |
|
19-Jan-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Improve Bytes::Increment This CL modifies Bytes::Increment to be incremented by a set amount rather than just by 1. This is to enable better random access for Ciphers with a tweaked codebook mode (next CL). Change-Id: I62aec4c805f12c64b2df5f27bc8eb8346c4b99ec
|
#
23d453e5 |
|
21-Nov-2017 |
Aaron Green <aarongreen@google.com> |
[ulib/crypto] Bytes class improvements This CL adds a few more helper methods and tweaks to Bytes: - Copy(const Bytes &) copies from another Bytes object. - Resize(size_t) is a no-op if the size is unchanged. - Randomize(0) will skip the resizing step. - Merge(const Bytes &) copies another Bytes to the end of this one. - Split(Bytes*) copies to another Bytes from the end of this one. Change-Id: I9fced1b700285b51e8e8461472cf5ee6dccb5640
|
#
f97615d8 |
|
25-Oct-2017 |
Aaron Green <aarongreen@google.com> |
[crypto] Add Bytes::Increment. This CL adds a method to Bytes to treat its contents as an arbitrary precision unsigned integer to be incremented. Change-Id: Ief385c9fa930451036df6b208f6710406e893573
|
#
cb139aa3 |
|
17-Oct-2017 |
Aaron Green <aarongreen@google.com> |
[crypto] Add Bytes class This CL adds Bytes, which represents a byte buffer with methods to securely erase on destruction and compare in constant time. Change-Id: I2c970d02eb70c09c59c76d7c5640a14b02c23d68
|