Skip to content
Snippets Groups Projects
Select Git revision
0 results
Search by author
  • Any Author
0 authors
  1. Sep 23, 2019
  3. Sep 17, 2019
  5. Sep 13, 2019
  7. Aug 29, 2019
  9. Aug 28, 2019
  11. Aug 27, 2019
  13. Aug 22, 2019
  15. Aug 21, 2019
  17. Aug 19, 2019
  19. Aug 16, 2019
  21. Aug 15, 2019
    • tholenst's avatar
      Add a function ResizeStringUninitialized to subtle util. · 52877193
      tholenst authored 
      This function has the contract that it doesn't need to initialize the string when resizing. At the moment, the only implementation we have is the one which does the additional work of actually resizing the string.

PiperOrigin-RevId: 263559220
      52877193
    • tholenst's avatar
      Replace the vector with a string in aes_ctr_boringssl. · a39f6148
      tholenst authored 
      We also replace some memcpy instances with string operations. Context on the string replacement: cl/263529237

PiperOrigin-RevId: 263557252
      a39f6148
    • tholenst's avatar
      Stop using string::replace. · 58fe4b13
      tholenst authored 
      In an earlier change I used string::replace, but looking at the string::replace API it feels that it is a little bit weird. Let's try to avoid it.

PiperOrigin-RevId: 263549047
      58fe4b13
    • tholenst's avatar
      Replace the vector with a string in aes_gcm_boringssl. · a5cb0e0d
      tholenst authored 
      This removes one string copy from both encryption and decryption. When doing this, we need to ensure that we can write in the buffer underlying the string. The C++11 standard states in the relevant section 21.4.5: Returns: *(begin() + pos) if pos < size(), otherwise a reference to an object of type T with value charT(); the referenced value shall not be modified."

This is somewhat unclear: should the referenced value only not be modified in case pos = size() -- which would be a natural restriction, or should the referenced value never be modified (which would mean that string a; a[1] = 'a'; is already UB).

The second interpretation seems outrageous, and C++14 clarifies it, apparently: "operator[]: returns *(begin() + pos) if pos < size(). Otherwise, returns a reference to an object of type charT with value charT(), where modifying the object leads to undefined behavior."

I think the intention of the standard is that this works, and furthermore, I don't believe that any compiler will break this in C++11.

PiperOrigin-RevId: 263529237
      a5cb0e0d
  23. Aug 12, 2019
  25. Aug 09, 2019
  27. Aug 08, 2019
    • tholenst's avatar
      Add the streaming_aead_test_util_test to CMake. · c72d510c
      tholenst authored 
      This was forgotten in a previous cl.

PiperOrigin-RevId: 262357462
      c72d510c
    • paulavidas's avatar
      Fix ciphertext segment size validation. · 9cdfccc3
      paulavidas authored 
      We changed the segment size validation in all Tink streaming keys such that the first block always needs to have room for at least 1 byte of ciphertext. Previously it was not consistent. The decision whether to allow empty ciphertexts in the first segment is somewhat arbitrary, but it should be consistent everywhere.

PiperOrigin-RevId: 262315914
      9cdfccc3
  29. Aug 07, 2019
    • tholenst's avatar
      Always use the Status result in Tink. · 0c98f2ed
      tholenst authored 
      These are the fixes in *non-test-code* needed in order to annotate our Status object with ABSL_MUST_USE_RESULT.

Note that most of these cannot trigger anyhow, so nothing bad is uncovered.

PiperOrigin-RevId: 262129168
      0c98f2ed
  31. Aug 06, 2019
  33. Aug 02, 2019
  35. Jul 23, 2019
  37. Jul 12, 2019
  39. Jul 11, 2019
    • tanujdhir's avatar
      Remove Apache 2.0 comments from build files. · 5c33dec2
      tanujdhir authored 
      To replicate:
find -name BUILD.bazel -exec sed -Ei 's/\s+# Apache 2.0$//' {} \;
find -name BUILD.bazel -exec sed -Ei 's/\s+# Apache 2.0 # keep$/  # keep/' {} \;

PiperOrigin-RevId: 257604221
      5c33dec2
  41. Jul 08, 2019
  43. Jul 02, 2019
  45. Jun 24, 2019
  47. May 02, 2019
  49. Mar 20, 2019