Commit graph

14 commits

Author SHA1 Message Date
Dr. Stephen Henson
96a259e81e Merge FIPS low level algorithm blocking code. Give hard errors if non-FIPS
algorithms are use in FIPS mode using low level API. No effect in non-FIPS
mode.
2008-09-16 10:47:28 +00:00
Andy Polyakov
90cc40911b Don't zap AES CBC IV, when decrypting truncated content in place. 2005-01-18 00:26:52 +00:00
Richard Levitte
37b11ca78e iv needs to be const because it sometimes takes it's value from a
const.
2004-12-28 10:35:13 +00:00
Andy Polyakov
9850f7f6b2 Remove yet another redundant memcpy. Not at least performance critical,
essentially cosmetic modification...
2004-12-26 13:05:40 +00:00
Andy Polyakov
131e064e4a Eliminate redundant memcpy of IV material. Performance improvement varies
from platform to platform and can be as large as 20%.
2004-12-26 12:31:37 +00:00
Richard Levitte
4e952ae4fc Removing those memcpy()s also took away the possibility for in and out to
be the same.  Therefore, the removed memcpy()s need to be restored.
2003-10-29 06:21:22 +00:00
Richard Levitte
0b6956b474 Correct serious bug in AES-CBC decryption when the message length isn't
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().

The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
2003-10-15 09:00:14 +00:00
Richard Levitte
55b12f8641 The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting 2003-06-10 04:11:42 +00:00
Richard Levitte
c863201780 Remove warnings. 2002-11-14 15:57:38 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
b6fee5c2fb disable weird assert()s 2002-11-13 14:01:34 +00:00
Richard Levitte
69ce48c307 Make the CBC mode od AES accept lengths that aren't multiples of 16.
PR: 330
2002-11-12 11:00:25 +00:00
Richard Levitte
97879bcd57 Add the modes OFB128, CFB128 and CTR128 to AES.
Submitted by Stephen Sprunk <stephen@sprunk.org>
2002-02-16 12:20:34 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
2002-01-02 16:55:35 +00:00