boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Adam Langley	7410689a30	Generate (EC)DSA nonces with truncate/test/reject. Previously we generated a number that was 8 bytes too large and used a modular reduction, which has a (tiny, tiny) bias towards zero. Out of an excess of caution, instead truncate the generated nonce and try again if it's out of range. Change-Id: Ia9a7a57dd6d3e5f13d0b881b3e9b2e986d46e4ca	2014-06-23 15:41:44 -07:00
Adam Langley	d4b4f085d9	Safe (EC)DSA nonces. This change causes (EC)DSA nonces be to calculated by hashing the message and private key along with entropy.	2014-06-20 13:17:33 -07:00
Adam Langley	95c29f3cd1	Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)	2014-06-20 13:17:32 -07:00

Author

SHA1

Message

Date

Adam Langley

7410689a30

Generate (EC)DSA nonces with truncate/test/reject.

Previously we generated a number that was 8 bytes too large and used a
modular reduction, which has a (tiny, tiny) bias towards zero.

Out of an excess of caution, instead truncate the generated nonce and
try again if it's out of range.

Change-Id: Ia9a7a57dd6d3e5f13d0b881b3e9b2e986d46e4ca

2014-06-23 15:41:44 -07:00

Adam Langley

d4b4f085d9

Safe (EC)DSA nonces.

This change causes (EC)DSA nonces be to calculated by hashing the
message and private key along with entropy.

2014-06-20 13:17:33 -07:00

Adam Langley

95c29f3cd1

Inital import.

Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)

2014-06-20 13:17:32 -07:00

3 Commits