kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4ca8d131d3
boringssl/crypto/fipsmodule
History
David Benjamin 4ca8d131d3 Rewrite BN_CTX. 
While allocating near INT_MAX BIGNUMs or stack frames would never happen, we
should properly handle overflow here. Rewrite it to just be a STACK_OF(BIGNUM)
plus a stack of indices. Also simplify the error-handling. If we make the
errors truly sticky (rather than just sticky per frame), we don't need to keep
track of err_stack and friends.

Thanks to mlbrown for reporting the integer overflows in the original
implementation.

Bug: chromium:942269
Change-Id: Ie9c9baea3eeb82d65d88b1cb1388861f5cd84fe5
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35328
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2019-03-18 19:18:31 +00:00
..
aes Patch out the aes_nohw fallback in bsaes_cbc_encrypt. 2019-03-14 21:38:28 +00:00
bn Rewrite BN_CTX. 2019-03-18 19:18:31 +00:00
cipher Drop some unused bsaes to aes_nohw dependencies. 2019-03-14 21:43:58 +00:00
des Move OPENSSL_FALLTHROUGH to internal headers. 2018-01-29 18:17:57 +00:00
digest Match OpenSSL's EVP_MD_CTX_reset return value. 2018-05-29 17:07:16 +00:00
ec Handle NULL public key in |EC_KEY_set_public_key|. 2019-03-04 19:45:29 +00:00
ecdh Clean up EC_POINT to byte conversions. 2018-11-13 17:27:59 +00:00
ecdsa Modernize OPENSSL_COMPILE_ASSERT, part 2. 2018-11-14 16:06:37 +00:00
hmac Switch OPENSSL_VERSION_NUMBER to 1.1.0. 2017-09-29 04:51:27 +00:00
md4 Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
md5 Add ABI tests for MD5. 2019-01-08 18:01:07 +00:00
modes Adapt gcm_*_neon to aarch64. 2019-03-14 21:43:27 +00:00
policydocs Include details about latest FIPS certification. 2018-11-05 19:03:25 +00:00
rand Clear out a bunch of -Wextra-semi warnings. 2019-02-21 19:12:39 +00:00
rsa Clear out a bunch of -Wextra-semi warnings. 2019-02-21 19:12:39 +00:00
self_check Always print some diagnostic information when POST fails. 2018-09-28 19:33:38 +00:00
sha Remove union from |SHA512_CTX|. 2019-01-22 23:36:46 +00:00
tls Fix include path. 2018-05-08 16:26:05 +00:00
bcm.c Always print some diagnostic information when POST fails. 2018-09-28 19:33:38 +00:00
CMakeLists.txt Adapt gcm_*_neon to aarch64. 2019-03-14 21:43:27 +00:00
delocate.h Use a pool of |rand_state| objects. 2018-07-06 21:25:37 +00:00
FIPS.md Include details about latest FIPS certification. 2018-11-05 19:03:25 +00:00
intcheck1.png
intcheck2.png Inject FIPS hash without running module. 2017-04-12 23:09:38 +00:00
intcheck3.png
is_fips.c Add some more compatibility functions. 2018-05-08 20:51:15 +00:00