Commits · 359f3cec5efce26fe0a56ec35965945936dbb104 · fuchsia-mirror / fuchsia.googlesource.com-third_party-tink

Jul 27, 2018

Update version references to 1.2.0-rc3. · 359f3cec
Charles Lee authored 6 years ago
```
PiperOrigin-RevId: 206342564
GitOrigin-RevId: 3e0e15cb40395fd6f9e5af917c23c84de081b532
```
v1.2.0-rc3

359f3cec

Make str2bn return a bssl::UniquePtr instead of a raw pointer, in order to... · 2561fc33

Rafael Lerm authored 6 years ago

Make str2bn return a bssl::UniquePtr instead of a raw pointer, in order to avoid easy to miss memory leaks.

This also should fix the existing potential leak in rsa_ssa_pss_verify_boringssl.cc.

PiperOrigin-RevId: 206331453
GitOrigin-RevId: 8fd6f92082c695ca6e390065ab689138cdbaf1a6

2561fc33

Adding C++ API to get public keys from private keys. · f8ebc9fe
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 206279840
GitOrigin-RevId: d77309c992f7328cb4ef4ad193e82d8d175003a4
```
f8ebc9fe

Enforce strong hash (SHA256, SHA512) for Java subtle's digital signature. · ee005226

Quan Nguyen authored 6 years ago

Modify constructor of EcdsaSignJce to throw GeneralSecurityException.

PiperOrigin-RevId: 206063228
GitOrigin-RevId: 6c7516734da5b49f4055718d87f1da47b24ba890

ee005226

Fix broken quoting by converting arguments string to array. · d6a29fb1
Charles Lee authored 6 years ago
```
PiperOrigin-RevId: 206051640
GitOrigin-RevId: c48ddf5fbdd7152044e20a21820849578980d60c
```
d6a29fb1

Verify required environment variables are set. · 1a9d6460

Charles Lee authored 6 years ago

Performing the checks in both release.sh (to fail early) and run_test.sh (where they're actually required).

Also, quoting cleanup in run_test.sh.

PiperOrigin-RevId: 206040628
GitOrigin-RevId: da6dc3b744001940260512cfbfd76b1943ffdb71

1a9d6460

Enforce strong hash (SHA256, SHA512) in subtle's digital signature. · f1d5f84d
Quan Nguyen authored 6 years ago
```
PiperOrigin-RevId: 206035572
GitOrigin-RevId: daf347df71221d2033fac1a6d624f3a7a7106c41
```
f1d5f84d
Enable EcdsaVerifyTest on Android. It's passing on all versions. · 65c07677
Thai Duong authored 6 years ago
```
PiperOrigin-RevId: 206028981
GitOrigin-RevId: 6d07e2ccb2f7c0b94a30d5d1be6f7169456253dc
```
65c07677

Modifying tink test for AES-GCM in go. · c80f9f2e

Daniel Bleichenbacher authored 6 years ago

The test now handles test vectors with invalid tags correctly.

PiperOrigin-RevId: 205958958
GitOrigin-RevId: 6c64ae5239ec65709a4aee69621e03f733de1774

c80f9f2e

RsaSsaPssVerifyBoringSSL · dd4f50ca

Quan Nguyen authored 6 years ago

PiperOrigin-RevId: 205833627
GitOrigin-RevId: e8e4149a655917a39dd45e4f4df1ba6fdcde240d

dd4f50ca

Rsa signature PKCS1 protocol buffer. · 9e41e90e

Quan Nguyen authored 6 years ago

Fix a typo name in go proto

PiperOrigin-RevId: 205828380
GitOrigin-RevId: 801c5b0d5d10cfc34857df93624ebbb23c89cb67

9e41e90e

Changing EllipticCurvesTest for the modified format of the test vectors. · 82975c41

Daniel Bleichenbacher authored 6 years ago

This allows to skip whole test groups and hence leads to less output
in the test logs.

PiperOrigin-RevId: 205820927
GitOrigin-RevId: 65390684270505d89a5446f86bcee5388c7942bb

82975c41

Automated g4 rollback of changelist 204232671. · b04afab9

Quan Nguyen authored 6 years ago

*** Reason for rollback ***

We split rsa PSS from PKCS1, this encoding is not needed.

*** Original change description ***

Add enum RsaSignatureEncoding

***

PiperOrigin-RevId: 205695849
GitOrigin-RevId: 6a207fb0de4aa24def3531e6f663b978099c67db

b04afab9

Add support for ECDSA's IEEE_P1363 signature format. · a9870f76
Quan Nguyen authored 6 years ago
```
PiperOrigin-RevId: 205657904
GitOrigin-RevId: 7523f0021d17b79ab9eb4f365dd17ac65bbb4711
```
a9870f76

Swift-friendly initializers for TinkRegistryConfig. It wasn't possible to call... · 949b4f2f

Tink Team authored 6 years ago

Swift-friendly initializers for TinkRegistryConfig. It wasn't possible to call the initializers due to a bug in Swift bridging of returned error argument to throwable.

Also, whitelist Voice iOS for cleartext.

PiperOrigin-RevId: 205459460
GitOrigin-RevId: 1cd4873c7fc77d10bd1b7baab7edd0ea10b2d97f

949b4f2f

Check nonce size when initializing AesEaxBoringSsl. · de9dba94
Haris Andrianakis authored 6 years ago
```
PiperOrigin-RevId: 205453513
GitOrigin-RevId: 7813e3d687b6c798fd476c28647d5deb26349ec3
```
de9dba94

Jul 20, 2018

Adding generation of new keys to C++ ECDSA signatures. · 7bbd63d0
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 205358501
GitOrigin-RevId: db2d087b424a0fcd1fb94e4d6fc6904d4c1d429d
```
7bbd63d0
Cleanup of C++ validation helpers for ECIES. · fa301df0
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 205358322
GitOrigin-RevId: 859f5844a331d5f5f232abce28c22eb0770fc71d
```
fa301df0

Add support for Crunchy's x || y point encoding. · a0a8f530

Thai Duong authored 6 years ago

Crunchy uses this format for ephemeral points in hybrid encryption.

PiperOrigin-RevId: 205294945
GitOrigin-RevId: 8e670c4bef2084717a8d149a646b4e4a3c790a0b

a0a8f530

Add transformation between IEEE_P1363 encoding and DER encoding to EllipticCurves · 46b0cddc
Quan Nguyen authored 6 years ago
```
PiperOrigin-RevId: 205230447
GitOrigin-RevId: 1dbfa6a5013fd35f356bd6f795801713de0dce61
```
46b0cddc
Adding support for InputStream and OutputStream to streaming encryption. · 8a48e968
Daniel Bleichenbacher authored 6 years ago
```
PiperOrigin-RevId: 205223825
GitOrigin-RevId: 5f0cda50bf3291e9ccef132729bb3e7a5400557b
```
8a48e968
Removing a check that causes a deadlock in Registry. · 6c8e4170
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 205110275
GitOrigin-RevId: ea401a11f7712928b5b997e160ca37c47e640995
```
6c8e4170

Adding generation of new keys to C++ EciesAeadHkdf hybrid encryption. · 13c08293

Bartosz Przydatek authored 6 years ago

Extending validation of key/format parameters.

PiperOrigin-RevId: 205088914
GitOrigin-RevId: 4d5e1e82a4b4bd7045b8c1de8798273d91c53934

13c08293

Protocol buffer for Rsa Signature with PSS encoding · 691490f1
Quan Nguyen authored 6 years ago
```
PiperOrigin-RevId: 205080507
GitOrigin-RevId: 350da8300cba50deca4f3e326a92ff6a12c42430
```
691490f1

Automated g4 rollback of changelist 205012951. · 86a7a2e9

Thai Duong authored 6 years ago

*** Reason for rollback ***

I fixed the broken builds in AdSpam.

*** Original change description ***

Automated g4 rollback of changelist 205009482.

*** Reason for rollback ***

TAP has detected that 10 or more targets failed to build at cl/205009482.
If this is an error, please file a bug at go/autorollback-bug.
TAP checked that the following target built at cl/205009481 but failed to build at cl/205009482.
 To see all broken targets, please visit http://test/205009482.
 You can also see the results on sponge for the broken targets:
  https://sponge.corp.google.com/invocations?searchFor=label%...

***

PiperOrigin-RevId: 205080258
GitOrigin-RevId: d6c88086f1e28f0b959954330f9301da0e048d93

86a7a2e9

Automated g4 rollback of changelist 205009482. · 3e50c2dc

Tink Team authored 6 years ago

*** Reason for rollback ***

TAP has detected that 10 or more targets failed to build at cl/205009482.
If this is an error, please file a bug at go/autorollback-bug.
TAP checked that the following target built at cl/205009481 but failed to build at cl/205009482.
 To see all broken targets, please visit http://test/205009482.
 You can also see the results on sponge for the broken targets:
  https://sponge.corp.google.com/invocations?searchFor=label%3Atap+label%3Apostsubmit+cl%3A205009482+target%3A%2F%2Fwireless%2Fandroid%2Fapps%2Fafma%2Fsignals%2Frestricted%2Ftesting%2Fsignalchecker%3AProtoCheckerTest+TAP_BUILD_FLAGS_SUFFIX%3ACAMQBVhe
and for for previously passing target:
  https://sponge.corp.google.com/invocations?searchFor=label%3Atap+label%3Apostsubmit+cl%3A205009481+target%3A%2F%2Fwireless%2Fandroid%2Fapps%2Fafma%2Fsignals%2Frestricted%2Ftesting%2Fsignalchecker%3AProtoCheckerTest+TAP_BUILD_FLAGS_SUFFIX%3ACAMQBVhe
Questions? Comments? See the URL: go/autorollback

*** Original change description ***

Implementations of KeysetReader should always return new KeysetReader instances.

***

PiperOrigin-RevId: 205012951
GitOrigin-RevId: 99e91f1bd905d93ab76a11e9e5e178dc8873d12c

3e50c2dc

C++: add support for Crunchy output prefix type. · 4bdcad3d

Thai Duong authored 6 years ago

It's similar to LEGACY, but it uses a randomly generated key id.

PiperOrigin-RevId: 205010378
GitOrigin-RevId: d2fa6b16b2e2fe7dd67aedef9adbb97819c24537

4bdcad3d

Implementations of KeysetReader should always return new KeysetReader instances. · 44ef5221
Thai Duong authored 6 years ago
```
PiperOrigin-RevId: 205009482
GitOrigin-RevId: cf0148128e3da07d9e0870475277383980ae0076
```
44ef5221

Jul 16, 2018
- Merge pull request #98 from vietlq:scratch/spelling-001 · cd6f4b09
  Charles Lee authored 6 years ago
```
GitOrigin-RevId: db4c55dc6c9a7daeb59b8decb8ee997e8781e6e0
```
  cd6f4b09
- Removing deprecated Obj-C Tink APIs. · 627d6212
  Haris Andrianakis authored 6 years ago
```
NoExternal

PiperOrigin-RevId: 204765216
GitOrigin-RevId: 7f20929c10b907bd272219a27d6ee55487654283
```
  627d6212
Jul 14, 2018
- fix spelling · f08ded79
  Viet Le authored 6 years ago
  
  f08ded79
Jul 13, 2018

Note that C++ and Obj-C are also ready for production, also adding Haris and... · e76fa741

Thai Duong authored 6 years ago

Note that C++ and Obj-C are also ready for production, also adding Haris and Charles to list of maintainers.

PiperOrigin-RevId: 204533189
GitOrigin-RevId: 9ae90e72ca30baa3e6efa9783ab8f3b7d14ec690

e76fa741

Update version references to 1.2.0-rc2. · e68edc7b

Charles Lee authored 6 years ago

Also, remove stale references to v1.1.0 in TinkConfig.register() documentation.

PiperOrigin-RevId: 204529434
GitOrigin-RevId: a99dbe6bb14b02c1411e7baa6ef017ec72d89baf

e68edc7b

Fixing Wycheproof ECDH tests. There's no bug, the tests are incorrect. · d9d164a2

Thai Duong authored 6 years ago

First, background and history:

In Java, an ECDH public key can be encoded as a SubjectPublicKeyInfo spec [1]. This spec contains the public point, and a named curve or curve parameters [2]. To test ECDH libraries, Wycheproof generates public key specs with modified curve parameters, and checks that the libraries must reject them [3].

Android M and N (and possibly other versions) do not reject said public keys specs. Given a spec Android just takes the field ID, and derives the rest of the parameters. This leads to a somewhat interesting situation: not only Android accepts Wycheproof's modified public key specs, but it also computes the shared secrets correctly and securely. So we changed Wycheproof to accept Android's behavior, and added to each test case the expected shared secret, had the public key spec not been modified.

What went wrong:

The expected shared secrets for "modified prime" and "public key of order 3" test are incorrect. I found that the public key specs (the "public" field in the ecdh_test.json) don't contain the same public point as in other tests. I'm not sure this is intentional, but because the public point is different the expected shared secret must be different too.

Let's look at test case #336. Its expected shared secret is the same as test case #335. Yet two test cases contain two different public points, as shown below (
the public point is the last BIT STRING, it starts with 04):

# Test case 335

  0 304: SEQUENCE {
  4 233:   SEQUENCE {
  7   7:     OBJECT IDENTIFIER '1 2 840 10045 2 1'
 16 221:     SEQUENCE {
 19   1:       INTEGER 1
 22  44:       SEQUENCE {
 24   7:         OBJECT IDENTIFIER '1 2 840 10045 1 1'
 33  33:         INTEGER
       :           00 FF FF FF FF 00 00 00 01 00 00 00 00 00 00 00
       :           00 00 00 00 00 FF FF FF FF FF FF FF FF FF FF FF
       :           FF
       :         }
 68  68:       SEQUENCE {
 70  32:         OCTET STRING
       :           FF FF FF FF 00 00 00 01 00 00 00 00 00 00 00 00
       :           00 00 00 00 FF FF FF FF FF FF FF FF FF FF FF FC
104  32:         OCTET STRING
       :           5A C6 35 D8 AA 3A 93 E7 B3 EB BD 55 76 98 86 BC
       :           65 1D 06 B0 CC 53 B0 F6 3B CE 3C 3E 27 D2 60 4B
       :         }
138  65:       OCTET STRING
       :         04 6B 17 D1 F2 E1 2C 42 47 F8 BC E6 E5 63 A4 40
       :         F2 77 03 7D 81 2D EB 33 A0 F4 A1 39 45 D8 98 C2
       :         96 4F E3 42 E2 FE 1A 7F 9B 8E E7 EB 4A 7C 0F 9E
       :         16 2B CE 33 57 6B 31 5E CE CB B6 40 68 37 BF 51
       :         F5
205  33:       INTEGER
       :         00 FF FF FF FF 00 00 00 00 FF FF FF FF FF FF FF
       :         FF BC E6 FA AD A7 17 9E 84 F3 B9 CA C2 FC 63 25
       :         51
       :       }
       :     }
240  66:   BIT STRING
       :     04 15 10 26 4C 18 9C 3D 52 3F F9 91 6A BD 70 69
       :     EF A6 96 8D 8D C7 DD B6 45 7D 78 69 B5 3E A6 0C
       :     DC FA FB 7E D4 78 6D A1 5D 29 EE 59 25 6F 53 6D
       :     A3 57 5A 48 88 C1 BB 0A 95 B2 56 F4 A7 E9 FD 76
       :     4A
       :   }

# Test case 336:

  0 307: SEQUENCE {
  4 236:   SEQUENCE {
  7   7:     OBJECT IDENTIFIER '1 2 840 10045 2 1'
 16 224:     SEQUENCE {
 19   1:       INTEGER 1
 22  44:       SEQUENCE {
 24   7:         OBJECT IDENTIFIER '1 2 840 10045 1 1'
 33  33:         INTEGER
       :           00 FD 09 10 59 A6 89 36 35 F9 00 E9 44 9D 63 F5
       :           72 B2 AE BC 4C FF 7B 4E 5E 33 F1 B2 00 E8 BB C1
       :           45
       :         }
 68  68:       SEQUENCE {
 70  32:         OCTET STRING
       :           02 F6 EF A5 59 76 C9 CB 06 FF 16 BB 62 9C 0A 8D
       :           4D 51 43 B4 00 84 B1 A1 CC 0E 4D FF 17 44 3E B7
104  32:         OCTET STRING
       :           5A C6 35 D8 AA 3A 93 E7 B3 EB BD 55 76 98 86 BC
       :           65 1D 06 B0 CC 53 B0 F6 3B CE 3C 3E 27 D2 60 4B
       :         }
138  65:       OCTET STRING
       :         04 00 00 00 00 00 00 00 00 00 00 06 59 7F A9 4B
       :         1F D9 00 00 00 00 00 00 00 00 00 00 00 00 00 00
       :         02 1B 8C 7D D7 7F 9A 95 62 79 22 EC EE FE A7 3F
       :         02 8F 1E C9 5B A9 B8 FA 95 A3 AD 24 BD F9 FF F4
       :         14
205  33:       INTEGER
       :         00 FF FF FF FF 00 00 00 00 FF FF FF FF FF FF FF
       :         FF BC E6 FA AD A7 17 9E 84 F3 B9 CA C2 FC 63 25
       :         51
240   1:       INTEGER 1
       :       }
       :     }
243  66:   BIT STRING
       :     04 00 00 00 00 00 00 00 00 00 00 06 59 7F A9 4B
       :     1F D9 00 00 00 00 00 00 00 00 00 00 00 00 00 00
       :     02 1B 8C 7D D7 7F 9A 95 62 79 22 EC EE FE A7 3F
       :     02 8F 1E C9 5B A9 B8 FA 95 A3 AD 24 BD F9 FF F4
       :     14
       :   }

[1] https://tools.ietf.org/html/rfc5280#section-4.1.2.7.
[2] https://tools.ietf.org/html/rfc3279#section-2.3.5
[3] Many libraries don't, and usually that leads to vulnerabilities that leak the private key.

PiperOrigin-RevId: 204515375
GitOrigin-RevId: 6a5a122b80d9664fa19f5497a2a5260f02c7ee5a

d9d164a2

Fixing a merge error in BUILD-file. · c0f8be5c
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 204478709
GitOrigin-RevId: 945a523d16fbe1b784174e2aedb488d7a89ba643
```
c0f8be5c
Reducing size of libtink.so by removing dead code. · 3fc5742b
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 204477406
GitOrigin-RevId: 46569424ee4847c93bd6f82c28611bc0b00a1834
```
3fc5742b

Update boringssl version to the latest on the master-with-bazel branch. · 0c0f60f4

Rafael Lerm authored 6 years ago

This is necessary to use some newer functions in the upcoming RsaSignBoringSsl class.

PiperOrigin-RevId: 204469656
GitOrigin-RevId: ad1183ca8adc93ce12d15e9eb655aeba5fa4b700

0c0f60f4

Removing deprecated C++ Tink APIs. · 809f78fa
Bartosz Przydatek authored 6 years ago
```
PiperOrigin-RevId: 204468964
GitOrigin-RevId: 0a4a28740dbdfd6b20872792de5adb78a2fbe676
```
809f78fa
objc: Upgrade protobuf, add ios_static_framework rule for Bazel, update docs. · e3521eaa
Haris Andrianakis authored 6 years ago
```
PiperOrigin-RevId: 204394015
GitOrigin-RevId: d0fa0c36798ffbed7b3381909d88631ef1743318
```
e3521eaa

Fixing typo. · 34b3c074

Thai Duong authored 6 years ago

PiperOrigin-RevId: 204391980
GitOrigin-RevId: ba9666fbf61c6a39d68c6fa323fed282d2a5a60f

34b3c074