kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
76ce04bec8
boringssl/crypto/fipsmodule/bn
History
David Benjamin 76ce04bec8 Fix up BN_MONT_CTX_set with non-minimal values. 
Give a non-minimal modulus, there are two possible values of R we might
pick: 2^(BN_BITS2 * width) or 2^(BN_BITS2 * bn_minimal_width).
Potentially secret moduli would make the former attractive and things
might even work, but our only secret moduli (RSA) have public bit
widths. It's more cases to test and the usual BIGNUM invariant is that
widths do not affect numerical output.

Thus, settle on minimizing mont->N for now. With the top explicitly made
minimal, computing |lgBigR| is also a little simpler.

This CL also abstracts out the < R check in the RSA code, and implements
it in a width-agnostic way.

Bug: 232
Change-Id: I354643df30530db7866bb7820e34241d7614f3c2
Reviewed-on: https://boringssl-review.googlesource.com/25250
Reviewed-by: Adam Langley <agl@google.com>
2018-02-02 18:52:15 +00:00
..
asm Silence ARMv8 deprecated IT instruction warnings. 2017-12-14 01:56:22 +00:00
add.c Clear no-op BN_MASK2 masks. 2017-10-27 02:38:45 +00:00
bn_test_to_fuzzer.go Generate bn_div and bn_mod_exp corpus from bn_tests.txt. 2017-10-27 18:57:48 +00:00
bn_test.cc Fix up BN_MONT_CTX_set with non-minimal values. 2018-02-02 18:52:15 +00:00
bn_tests.txt bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2. 2017-12-07 16:54:32 +00:00
bn.c Fix up BN_MONT_CTX_set with non-minimal values. 2018-02-02 18:52:15 +00:00
bytes.c Add initial support for non-minimal BIGNUMs. 2018-02-02 18:03:46 +00:00
check_bn_tests.go
cmp.c Do RSA sqrt(2) business in BIGNUM. 2018-02-02 18:32:32 +00:00
ctx.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
div.c Enable __asm__ and uint128_t code in clang-cl. 2017-12-11 22:46:26 +00:00
exponentiation.c Factor out BN_to_montgomery(1) optimization. 2018-02-02 18:42:39 +00:00
gcd.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
generic.c Enable __asm__ and uint128_t code in clang-cl. 2017-12-11 22:46:26 +00:00
internal.h Fix up BN_MONT_CTX_set with non-minimal values. 2018-02-02 18:52:15 +00:00
jacobi.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
montgomery_inv.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
montgomery.c Fix up BN_MONT_CTX_set with non-minimal values. 2018-02-02 18:52:15 +00:00
mul.c Include a couple of missing header files. 2017-11-20 20:36:38 +00:00
prime.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
random.c Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
rsaz_exp.c Fix alignment-violating cast. 2017-12-01 22:32:17 +00:00
rsaz_exp.h
shift.c Add bn_mod_exp_mont_small and bn_mod_inverse_prime_mont_small. 2017-11-20 16:23:48 +00:00
sqrt.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00