)]}'
{
  "commit": "4a8c05ffe826c61d50fdf13483b35097168faa5c",
  "tree": "5ee35aace51c9e1a1ab5ec0c3a94b1b88b726a84",
  "parents": [
    "31ef16ac2d2f450a9816c861ce3d9d6f270e1be0"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Wed Apr 10 19:58:13 2019 -0500"
  },
  "committer": {
    "name": "Adam Langley",
    "email": "agl@google.com",
    "time": "Thu Apr 11 15:33:57 2019 +0000"
  },
  "message": "Check key sizes in AES_set_*_key.\n\nAES_set_*_key used to call directly into aes_nohw_set_*_key which\ngracefully handles some NULL parameters and invalid bit sizes. However,\nwe now enable optimized assembly implementations, not all of which\nperform these checks. (vpaes does not.)\n\nThis is fine for the internal assembly functions themselves. Such checks\nare better written in C than assembly, and the calling C code usually\nalready knows the key size. (Indeed aes_ctr_set_key already assumes the\nassembly functions are infallible.) AES_set_*_key are public APIs,\nhowever. The NULL check is silly, but we should handle length-like\nchecks in public APIs.\n\nChange-Id: I259ae6b9811ceaa9dc5bd7173d5754ca7079cff8\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35564\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8a1ca31db189bbee0046a0d318c3f5f95a4deff3",
      "old_mode": 33188,
      "old_path": "crypto/fipsmodule/aes/aes.c",
      "new_id": "48d60eeb648a274c62d841ae939130902784a716",
      "new_mode": 33188,
      "new_path": "crypto/fipsmodule/aes/aes.c"
    },
    {
      "type": "modify",
      "old_id": "2222b63d72fa2dd8878efbf8136ddaceede0f04d",
      "old_mode": 33188,
      "old_path": "crypto/fipsmodule/aes/aes_test.cc",
      "new_id": "1f9a49195224b03bb03bd487b404ffa2f9cf37e5",
      "new_mode": 33188,
      "new_path": "crypto/fipsmodule/aes/aes_test.cc"
    },
    {
      "type": "modify",
      "old_id": "115658542f42fdcf7aea8cf1b01402d10552a2f6",
      "old_mode": 33188,
      "old_path": "include/openssl/aes.h",
      "new_id": "3606bfc40c000a26e7c99bfad245be5cfb2777ce",
      "new_mode": 33188,
      "new_path": "include/openssl/aes.h"
    }
  ]
}
