kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
89 Commits 12 Branches 0 Tags 38 MiB
eceb33d3af
Commit Graph

6 Commits

Author SHA1 Message Date
Adam Langley
6887edb917 Improvements in constant-time OAEP decoding. 
This change adds a new function, BN_bn2bin_padded, that attempts, as
much as possible, to serialise a BIGNUM in constant time.

This is used to avoid some timing leaks in RSA decryption.
 2014-06-20 13:17:37 -07:00
Adam Langley
409766d218 Add function to recover RSA CRT params. 
Some RSA private keys are specified with only n, e and d. Although we
can use these keys directly, it's nice to have a uniform representation
that includes the precomputed CRT values. This change adds a function
that can recover the primes from a minimal private key of that form.
 2014-06-20 13:17:35 -07:00
Adam Langley
27ae9ed774 Small prime generation. 
Ensure that, when generating small primes, the result is actually of the
requested size. Fixes OpenSSL #2701.

This change does not address the cases of generating safe primes, or
where the |add| parameter is non-NULL.
 2014-06-20 13:17:34 -07:00
Adam Langley
d4b4f085d9 Safe (EC)DSA nonces. 
This change causes (EC)DSA nonces be to calculated by hashing the
message and private key along with entropy.
 2014-06-20 13:17:33 -07:00
Adam Langley
b36a3156b6 Add another bn modexp test. 
Add a test based on multiplication optimizations from OpenSSL HEAD
(1.1.0-dev) Based on openssl-SNAP-20111003
 2014-06-20 13:17:33 -07:00
Adam Langley
95c29f3cd1 Inital import. 
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)
 2014-06-20 13:17:32 -07:00