boringssl/crypto/rsa
David Benjamin 0a211dfe91 Remove BN_FLG_CONSTTIME.
BN_FLG_CONSTTIME is a ridiculous API and easy to mess up
(CVE-2016-2178). Instead, code that needs a particular algorithm which
preserves secrecy of some arguemnt should call into that algorithm
directly.

This is never set outside the library and is finally unused within the
library! Credit for all this goes almost entirely to Brian Smith. I just
took care of the last bits.

Note there was one BN_FLG_CONSTTIME check that was still reachable, the
BN_mod_inverse in RSA key generation. However, it used the same code in
both cases for even moduli and φ(n) is even if n is not a power of two.
Traditionally, RSA keys are not powers of two, even though it would make
the modular reductions a lot easier.

When reviewing, check that I didn't remove a BN_FLG_CONSTTIME that led
to a BN_mod_exp(_mont) or BN_mod_inverse call (with the exception of the
RSA one mentioned above). They should all go to functions for the
algorithms themselves like BN_mod_exp_mont_consttime.

This CL shows the checks are a no-op for all our tests:
https://boringssl-review.googlesource.com/c/12927/

BUG=125

Change-Id: I19cbb375cc75aac202bd76b51ca098841d84f337
Reviewed-on: https://boringssl-review.googlesource.com/12926
Reviewed-by: Adam Langley <alangley@gmail.com>
2017-01-12 02:00:44 +00:00
..
blinding.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
CMakeLists.txt Add a run_tests target to run all tests. 2015-10-26 20:33:44 +00:00
internal.h Require the public exponent to be available in RSA blinding. 2016-04-18 23:34:46 +00:00
padding.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
rsa_asn1.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
rsa_impl.c Remove BN_FLG_CONSTTIME. 2017-01-12 02:00:44 +00:00
rsa_test.cc Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
rsa.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00