mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 06:21:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
a011523706
openssl/providers/implementations/ciphers
History
slontis a011523706 ChaCha20-Poly1305 no longer supports truncated IV's. 
Fixes #20084

In the 3.0 provider implementation the generic code that handles IV's
only allows a 12 byte IV. Older code intentionally added the ability for
the IV to be truncated.
As this truncation is unsafe, the documentation has been updated to
state that this in no longer allowed. The code has been updated to
produce an error when the iv length is set to any value other than 12.

NOTE: It appears that this additional padding may have originated from the code
which uses a 12 byte IV, that is then passed to CHACHA which zero pads it to 16 bytes.

Note that legacy behaviour in e_chacha20_poly1305.c has not been
updated.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20151)
2023-01-30 09:48:50 +01:00
..
build.info aes: add AES-GCM-SIV modes to the FIPS provider 2022-11-30 07:50:33 +11:00
cipher_aes_cbc_hmac_sha1_hw.c
cipher_aes_cbc_hmac_sha256_hw.c
cipher_aes_cbc_hmac_sha.c
cipher_aes_cbc_hmac_sha.h
cipher_aes_ccm_hw_aesni.inc
cipher_aes_ccm_hw_rv32i_zknd_zkne.inc provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_ccm_hw_rv64i_zknd_zkne.inc providers: cipher: aes: add riscv64 zkn support 2022-06-10 11:45:48 +02:00
cipher_aes_ccm_hw_s390x.inc
cipher_aes_ccm_hw_t4.inc
cipher_aes_ccm_hw.c provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_ccm.c
cipher_aes_ccm.h
cipher_aes_cts.inc
cipher_aes_gcm_hw_aesni.inc Update copyright year 2022-05-03 13:34:51 +01:00
cipher_aes_gcm_hw_armv8.inc Update copyright year 2022-05-03 13:34:51 +01:00
cipher_aes_gcm_hw_ppc.inc Fix AES-GCM on Power 8 CPUs 2022-09-13 14:41:39 +02:00
cipher_aes_gcm_hw_rv32i_zknd_zkne.inc provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_gcm_hw_rv64i_zknd_zkne.inc providers: cipher: aes: add riscv64 zkn support 2022-06-10 11:45:48 +02:00
cipher_aes_gcm_hw_s390x.inc
cipher_aes_gcm_hw_t4.inc
cipher_aes_gcm_hw_vaes_avx512.inc Update copyright year 2022-05-03 13:34:51 +01:00
cipher_aes_gcm_hw.c provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_gcm_siv_hw.c Fix AES-GCM-SIV endian issues 2022-08-01 10:23:57 +02:00
cipher_aes_gcm_siv_polyval.c Fix AES-GCM-SIV endian issues 2022-08-01 10:23:57 +02:00
cipher_aes_gcm_siv.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_aes_gcm_siv.h Fix AES-GCM-SIV endian issues 2022-08-01 10:23:57 +02:00
cipher_aes_gcm.c
cipher_aes_gcm.h
cipher_aes_hw_aesni.inc
cipher_aes_hw_rv32i_zknd_zkne.inc provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_hw_rv64i_zknd_zkne.inc providers: cipher: aes: add riscv64 zkn support 2022-06-10 11:45:48 +02:00
cipher_aes_hw_s390x.inc
cipher_aes_hw_t4.inc
cipher_aes_hw.c provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_ocb_hw.c provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_ocb.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_aes_ocb.h
cipher_aes_siv_hw.c
cipher_aes_siv.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_aes_siv.h
cipher_aes_wrp.c
cipher_aes_xts_fips.c
cipher_aes_xts_hw.c provider: cipher: aes: add riscv32 zkn (zbkb) support 2022-09-05 10:20:30 +10:00
cipher_aes_xts.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_aes_xts.h
cipher_aes.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_aes.h
cipher_aria_ccm_hw.c
cipher_aria_ccm.c
cipher_aria_ccm.h
cipher_aria_gcm_hw.c
cipher_aria_gcm.c
cipher_aria_gcm.h
cipher_aria_hw.c
cipher_aria.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_aria.h
cipher_blowfish_hw.c
cipher_blowfish.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_blowfish.h
cipher_camellia_cts.inc
cipher_camellia_hw_t4.inc
cipher_camellia_hw.c
cipher_camellia.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_camellia.h
cipher_cast5_hw.c
cipher_cast5.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_cast.h
cipher_chacha20_hw.c
cipher_chacha20_poly1305_hw.c ChaCha20-Poly1305 no longer supports truncated IV's. 2023-01-30 09:48:50 +01:00
cipher_chacha20_poly1305.c ChaCha20-Poly1305 no longer supports truncated IV's. 2023-01-30 09:48:50 +01:00
cipher_chacha20_poly1305.h ChaCha20-Poly1305 no longer supports truncated IV's. 2023-01-30 09:48:50 +01:00
cipher_chacha20.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
cipher_chacha20.h
cipher_cts.c Update copyright year 2022-05-03 13:34:51 +01:00
cipher_cts.h
cipher_des_hw.c Fix Coverity 1498605 & 1498606: uninitialised value 2022-07-06 10:37:12 +10:00
cipher_des.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_des.h
cipher_desx_hw.c
cipher_desx.c
cipher_idea_hw.c
cipher_idea.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_idea.h
cipher_null.c
cipher_rc2_hw.c
cipher_rc2.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_rc2.h
cipher_rc4_hmac_md5_hw.c
cipher_rc4_hmac_md5.c Update copyright year 2022-05-03 13:34:51 +01:00
cipher_rc4_hmac_md5.h
cipher_rc4_hw.c
cipher_rc4.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_rc4.h
cipher_rc5_hw.c
cipher_rc5.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_rc5.h Fix PROV_RC5_CTX's original structure name 2022-09-12 08:38:48 +02:00
cipher_seed_hw.c
cipher_seed.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_seed.h
cipher_sm4_ccm_hw.c providers: Add SM4 GCM implementation 2021-09-28 19:27:58 +10:00
cipher_sm4_ccm.c providers: Add SM4 GCM implementation 2021-09-28 19:27:58 +10:00
cipher_sm4_ccm.h providers: Add SM4 GCM implementation 2021-09-28 19:27:58 +10:00
cipher_sm4_gcm_hw.c Update copyright year 2022-05-03 13:34:51 +01:00
cipher_sm4_gcm.c providers: Add SM4 GCM implementation 2021-09-28 19:27:58 +10:00
cipher_sm4_gcm.h providers: Add SM4 GCM implementation 2021-09-28 19:27:58 +10:00
cipher_sm4_hw.c Update copyright year 2022-05-03 13:34:51 +01:00
cipher_sm4_xts_hw.c providers: Add SM4 XTS implementation 2022-11-29 16:17:30 +01:00
cipher_sm4_xts.c providers: Add SM4 XTS implementation 2022-11-29 16:17:30 +01:00
cipher_sm4_xts.h providers: Add SM4 XTS implementation 2022-11-29 16:17:30 +01:00
cipher_sm4.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_sm4.h Update copyright year 2022-05-03 13:34:51 +01:00
cipher_tdes_common.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cipher_tdes_default_hw.c Fix Coverity 1498605 & 1498606: uninitialised value 2022-07-06 10:37:12 +10:00
cipher_tdes_default.c Update copyright year 2022-05-03 13:34:51 +01:00
cipher_tdes_default.h
cipher_tdes_hw.c
cipher_tdes_wrap_hw.c
cipher_tdes_wrap.c
cipher_tdes.c Update copyright year 2022-05-03 13:34:51 +01:00
cipher_tdes.h
ciphercommon_block.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
ciphercommon_ccm_hw.c
ciphercommon_ccm.c
ciphercommon_gcm_hw.c
ciphercommon_gcm.c GCM: record limit counter gets reset on AAD changes 2022-07-27 15:20:49 +02:00
ciphercommon_hw.c
ciphercommon_local.h
ciphercommon.c