Lines Matching refs:CBC
167 padded records in case of CBC ciphersuites using Encrypt-then-MAC.
273 or CBC ciphersuites in (D)TLS versions 1.1 or higher. Fixes #1913, #1914.
295 * Fix a vulnerability in TLS ciphersuites based on CBC and using SHA-384,
303 or CCM instead of CBC, using hash sizes other than SHA-384, or using
308 * Fix a vulnerability in TLS ciphersuites based on CBC, in (D)TLS 1.0 to
316 instead of CBC or using Encrypt-then-Mac (RFC 7366) were not affected.
319 on CBC, in (D)TLS 1.0 to 1.2, that allowed a local attacker, able to
323 buffer. Connections using GCM or CCM instead of CBC or using
367 CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
503 * Return the plaintext data more quickly on unpadded CBC decryption, as
656 extension. When the truncated HMAC extension is enabled and CBC is used,
1862 use with some ciphersuites and versions (RC4 in all versions, CBC with
1865 rejected with CBC-based ciphersuites and TLS >= 1.1
1867 to 32 bytes with CBC-based ciphersuites and TLS >= 1.1
1908 * Fix false reject in padding check in ssl_decrypt_buf() for CBC
2746 (AES CTR, Camellia CTR, XTEA CBC) including the option to
3050 * Added test vectors for: AES-CBC, AES-CFB, DES-CBC and 3DES-CBC,
3144 * Fixed a bug in the CBC code, thanks to dowst; also,