kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
20b6a4e2a1
boringssl/crypto/fipsmodule/bn
History
David Benjamin 20b6a4e2a1 Clear r->neg in bn_mod_{add,sub}_consttime. 
Otherwise, if the output BIGNUM was previously negative, we'd incorrectly give
a negative result. Thanks to Guide Vranken for reporting this issue!

Fortunately, this does not appear to come up in any existing caller. This isn't
all that surprising as negative numbers never really come up in cryptography.
Were it not for OpenSSL historically designing a calculator API, we'd just
delete the bit altogether. :-(

Bug: chromium:865924
Change-Id: I28fdc986dfaba3e38435b14ebf07453d537cc60a
Reviewed-on: https://boringssl-review.googlesource.com/29944
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-07-20 23:45:06 +00:00
..
asm Enable ADX assembly. 2018-05-11 21:57:13 +00:00
add.c Name constant-time functions more consistently. 2018-03-29 23:30:55 +00:00
bn_test_to_fuzzer.go Generate bn_div and bn_mod_exp corpus from bn_tests.txt. 2017-10-27 18:57:48 +00:00
bn_test.cc Clear r->neg in bn_mod_{add,sub}_consttime. 2018-07-20 23:45:06 +00:00
bn_tests.txt Fix bn_mod_exp_mont_small when exponentiating to zero. 2018-04-18 22:13:16 +00:00
bn.c Don't leak |a| in the primality test. 2018-03-28 01:44:31 +00:00
bytes.c Simplify BN_bn2bin_padded. 2018-02-06 02:41:38 +00:00
check_bn_tests.go Add new GCD and related primitives. 2018-03-30 19:53:36 +00:00
cmp.c Make various BIGNUM comparisons constant-time. 2018-03-26 18:53:53 +00:00
ctx.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
div_extra.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
div.c Clear r->neg in bn_mod_{add,sub}_consttime. 2018-07-20 23:45:06 +00:00
exponentiation.c Replace |alloca| in |BN_mod_exp_mont_consttime|. 2018-05-21 19:43:05 +00:00
gcd_extra.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
gcd.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
generic.c Enable __asm__ and uint128_t code in clang-cl. 2017-12-11 22:46:26 +00:00
internal.h Replace |alloca| in |BN_mod_exp_mont_consttime|. 2018-05-21 19:43:05 +00:00
jacobi.c Rename bn->top to bn->width. 2018-02-05 23:44:24 +00:00
montgomery_inv.c Restore the BN_mod codepath for public Montgomery moduli. 2018-04-20 20:50:15 +00:00
montgomery.c Remove return values from bn_*_small. 2018-04-24 15:34:32 +00:00
mul.c Remove return values from bn_*_small. 2018-04-24 15:34:32 +00:00
prime.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
random.c Rewrite BN_rand without an extra malloc. 2018-04-02 18:07:12 +00:00
rsaz_exp.c Include bn/internal.h for RSAZ code. 2018-06-04 17:26:29 +00:00
rsaz_exp.h Include bn/internal.h for RSAZ code. 2018-06-04 17:26:29 +00:00
shift.c Use bn_rshift_words for the ECDSA bit-shift. 2018-04-02 18:17:39 +00:00
sqrt.c Name constant-time functions more consistently. 2018-03-29 23:30:55 +00:00