Commit Graph

10 Commits

Author SHA1 Message Date
David Benjamin
c9a202fee3 Add in missing curly braces part 1.
Everything before crypto/ec.

Change-Id: Icbfab8e4ffe5cc56bf465eb57d3fdad3959a085c
Reviewed-on: https://boringssl-review.googlesource.com/3401
Reviewed-by: Adam Langley <agl@google.com>
2015-02-11 19:31:01 +00:00
Adam Langley
2b2d66d409 Remove string.h from base.h.
Including string.h in base.h causes any file that includes a BoringSSL
header to include string.h. Generally this wouldn't be a problem,
although string.h might slow down the compile if it wasn't otherwise
needed. However, it also causes problems for ipsec-tools in Android
because OpenSSL didn't have this behaviour.

This change removes string.h from base.h and, instead, adds it to each
.c file that requires it.

Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37
Reviewed-on: https://boringssl-review.googlesource.com/3200
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:14:15 +00:00
David Benjamin
9ecafa5c78 Shush some dead assignments.
Appease clang scan-build a bit. I'm not sure it's actually worth silencing all
of them because some of them look like preserving invariants between local
variables, but some are clearly pointless or can be restructured slightly.

Change-Id: I0bc81e2589bb402ff3ef0182d7a8921e31b85052
Reviewed-on: https://boringssl-review.googlesource.com/2205
Reviewed-by: Adam Langley <agl@google.com>
2014-11-06 01:34:33 +00:00
David Benjamin
bf681a40d6 Fix out-of-bounds read in BN_mod_exp_mont_consttime.
bn_get_bits5 always reads two bytes, even when it doesn't need to. For some
sizes of |p|, this can result in reading just past the edge of the array.
Unroll the first iteration of the loop and avoid reading out of bounds.

Replace bn_get_bits5 altogether in C as it's not doing anything interesting.

Change-Id: Ibcc8cea7d9c644a2639445396455da47fe869a5c
Reviewed-on: https://boringssl-review.googlesource.com/1393
Reviewed-by: Adam Langley <agl@google.com>
2014-08-06 00:11:47 +00:00
David Benjamin
7bbeead507 A bunch of dead assignments.
Caught by clang scan-build.

Change-Id: I4f10c879dc137d4a14a7a395764d28e5caa033ff
Reviewed-on: https://boringssl-review.googlesource.com/1342
Reviewed-by: Adam Langley <agl@google.com>
2014-07-30 00:44:03 +00:00
Adam Langley
43dca4d8bb fix x86_64-specific crash with one-word modulus.
PR: #3397

(Imported from upstream's 47b9e06cfd3a4fa89a690309e5839ed57e93f0f8)

Change-Id: I92d46a3132233c179f4b708d506bfb7212c26a33
2014-07-28 17:05:13 -07:00
Adam Langley
25ba90e34a move check for AD*X to rsaz-avx2.pl.
This ensures high performance is situations when assembler supports
AVX2, but not AD*X.

(Imported from upstream's 82a9dafe32e1e39b5adff18f9061e43d8df3d3c5)

Change-Id: Ie67f49a1c5467807139b6a8a0d4e62162d8a974f
2014-07-28 17:05:12 -07:00
Adam Langley
eceb33d3af bignum: fix boundary condition in montgomery logic
It's not clear whether this inconsistency could lead to an actual
computation error, but it involved a BIGNUM being passed around the
montgomery logic in an inconsistent state. This was found using flags
-DBN_DEBUG -DBN_DEBUG_RAND, and working backwards from this assertion
in 'ectest';

ectest: bn_mul.c:960: BN_mul: Assertion `(_bnum2->top == 0) ||
(_bnum2->d[_bnum2->top - 1] != 0)' failed

(Imported from upstream's 3cc546a3bbcbf26cd14fc45fb133d36820ed0a75)
2014-06-20 13:17:40 -07:00
Adam Langley
61bb3ddfab Ensure that x**0 mod 1 = 0. 2014-06-20 13:17:34 -07:00
Adam Langley
95c29f3cd1 Inital import.
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)
2014-06-20 13:17:32 -07:00