#
5385b50e |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Split Bytes class This CL breaks out the Secret class from the Bytes class. A number of paranoid but expensive functions are only needed for security sensitve secrets, e.g. mandatory_memset in the destructor of keys. This split allows only the data that needs the paranoia to pay for it. Change-Id: Ib3fdc23ef7c0f86a6549c639353ac72bb35ebedf
|
#
965c2edb |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Don't publish error.h The interface for retrieving crypto implementation errors is only used by the library and shouldn't be under include/. Change-Id: Id131a086f3db734f72e460a576943ee088c3b36f
|
#
7505ece5 |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto][zxcrypt] Remove Bytes::Increment This CL removes the method was being used for incrementing the IV used by AEAD and Cipher. As written, it was too general purpose and slow in order to be constant time. In its place, AEAD and Cipher now represent their IVs as an array of zx_off_ts, and only increment the first one. this is much quicker (and still safe) as it is only an add and a store. This limits both of them to 2^64 cryptographic operations, but in practice this likely won't be a concern. Change-Id: I9ed707a2aa71aae619906af5918f3d8e5451b3d5
|
#
379f22fa |
|
06-Jun-2018 |
Adam Barth <abarth@google.com> |
[fdio] Move headers into lib/fdio/... Change-Id: Ie8d74e716da913bf6e2672c4acf8cd67b4962b7f
|
#
9a4b2f9c |
|
15-Mar-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Add AES128-CTR This CL adds AES128-CTR, which is MUCH faster than our current AES256-XTS implementation, but suffers from catastrophic nonce reuse and MUST be replaced. It's worth repeating: this is a TEMPORARY solution to unblock zxcrypt until we have a fast XTS implementation, or can substitute it with something else. ZX-1811 #comment Prerequisite to switching zxcrypt Change-Id: I63386bb2ece2348736b8fdd0e20556a84937258c
|
#
16e16ded |
|
19-Jan-2018 |
Aaron Green <aarongreen@google.com> |
[crypto][fdio][zxcrypt] Improve debug output This CL improves fdio/debug's xprintf with location info. Change-Id: Idd05c0439258ed3fe160086bcce05575eddbc38b
|
#
57578cde |
|
19-Jan-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Refactor tweaked codebook Ciphers This CL makes tweaked codebook Ciphers more explicit and simpler to use. Generic Init and Transform methods are exposed with an explicit direction and the InitEncrypt/InitDecrypt and Encrypt/Decrypt aliases have both random access and stream cipher versions. For random access mode, the "tweakable" mask has been replaced with an "alignment" field; allowing the tweak to be calculated automatically from the offset. Change-Id: Ifd1eef6dd194f0131da099da14962437486770b3
|
#
23d453e5 |
|
21-Nov-2017 |
Aaron Green <aarongreen@google.com> |
[ulib/crypto] Bytes class improvements This CL adds a few more helper methods and tweaks to Bytes: - Copy(const Bytes &) copies from another Bytes object. - Resize(size_t) is a no-op if the size is unchanged. - Randomize(0) will skip the resizing step. - Merge(const Bytes &) copies another Bytes to the end of this one. - Split(Bytes*) copies to another Bytes from the end of this one. Change-Id: I9fced1b700285b51e8e8461472cf5ee6dccb5640
|
#
5daf98de |
|
17-Oct-2017 |
Aaron Green <aarongreen@google.com> |
[crypto] Add Cipher class This CL adds Cipher, a secret key cipher that can be used to encrypt and decrypt data. Ciphers are distinguished from AEADs in that they require block-aligned lengths and do not ensure data integrity. Change-Id: I080237adfa3997a9f60903a37a8b377b81766e7f
|