Google Git
Sign in
boringssl / boringssl / b4e3e694e80bf59bbdc202c9a626e6ecb272c9b1
commitb4e3e694e80bf59bbdc202c9a626e6ecb272c9b1[log] [tgz]
authorBrian Smith <brian@briansmith.org>Wed Feb 24 09:58:18 2016 -1000
committerAdam Langley <agl@google.com>Fri Feb 26 01:02:40 2016 +0000
tree80ac855aaba36aca7121fb5d7848efb03a42984a
parent6234a7f3a706d2f863e949b4d360ff07faba9dbd [diff]
Use correct counter after invoking stitched AES-NI GCM code.

Commit a3d9528e9e212e0dcda30dcb561092c3b3a69010 has a bug that could
cause counters to be reused if |$avx=2| were set in the AES-NI AES-GCM
assembly code, if the EVP interface were used with certain coding
patterns, as demonstrated by the test cases added in
a5ee83f67e83d4065d1aa40137e8dd8b1c83b3e5.

This changes the encryption code in the same way the decryption code
was changed in a3d9528e9e212e0dcda30dcb561092c3b3a69010.

This doesn't have any effect currently since the AES-NI AES-GCM code
has |$avx=0| now, so |aesni_gcm_encrypt| doesn't change the counter.

Change-Id: Iba69cb4d2043d1ea57c6538b398246af28cba006
Reviewed-on: https://boringssl-review.googlesource.com/7193
Reviewed-by: Adam Langley <agl@google.com>
1 file changed
tree: 80ac855aaba36aca7121fb5d7848efb03a42984a
  1. crypto/
  2. decrepit/
  3. fuzz/
  4. include/
  5. ssl/
  6. tool/
  7. util/
  8. .clang-format
  9. .gitignore
  10. BUILDING.md
  11. CMakeLists.txt
  12. codereview.settings
  13. CONTRIBUTING.md
  14. FUZZING.md
  15. LICENSE
  16. PORTING.md
  17. README.md
  18. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful: