boringssl

History

David Benjamin a63d0ad40d Require BN_mod_exp_mont* inputs be reduced. If the caller asked for the base to be treated as secret, we should provide that. Allowing unbounded inputs is not compatible with being constant-time. Additionally, this aligns with the guidance here: https://github.com/HACS-workshop/spectre-mitigations/blob/master/crypto_guidelines.md#1-do-not-conditionally-choose-between-constant-and-non-constant-time Update-Note: BN_mod_exp_mont_consttime and BN_mod_exp_mont now require inputs be fully reduced. I believe current callers tolerate this. Additionally, due to a quirk of how certain operations were ordered, using (publicly) zero exponent tolerated a NULL BN_CTX while other exponents required non-NULL BN_CTX. Non-NULL BN_CTX is now required uniformly. This is unlikely to cause problems. Any call site where the exponent is always zero should just be replaced with BN_value_one(). Change-Id: I7c941953ea05f36dc2754facb9f4cf83a6789c61 Reviewed-on: https://boringssl-review.googlesource.com/27665 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Steven Valdez <svaldez@google.com>		6 years ago
..
bn_div_corpus	Generate bn_div and bn_mod_exp corpus from bn_tests.txt.	7 years ago
bn_mod_exp_corpus	Generate bn_div and bn_mod_exp corpus from bn_tests.txt.	7 years ago
cert_corpus	Merge in upstream's certificate corpus.	7 years ago
client_corpus	Refresh fuzzer corpora.	6 years ago
client_corpus_no_fuzzer_mode	Refresh fuzzer corpora.	6 years ago
dtls_client_corpus	Refresh fuzzer corpora.	6 years ago
dtls_server_corpus	Refresh fuzzer corpora.	6 years ago
pkcs8_corpus	Add standalone PKCS#8 and SPKI fuzzers.	8 years ago
privkey_corpus	Update fuzzing corpuses.	8 years ago
read_pem_corpus	Replace base64 decoding.	8 years ago
server_corpus	Refresh fuzzer corpora.	6 years ago
server_corpus_no_fuzzer_mode	Refresh fuzzer corpora.	6 years ago
session_corpus	Adding a fuzzer for Sessions	8 years ago
spki_corpus	Add standalone PKCS#8 and SPKI fuzzers.	8 years ago
ssl_ctx_api_corpus	Add a fuzzer for the SSL_CTX API.	8 years ago
CMakeLists.txt	Add BN fuzzer.	7 years ago
bn_div.cc	Generate bn_div and bn_mod_exp corpus from bn_tests.txt.	7 years ago
bn_mod_exp.cc	Require BN_mod_exp_mont* inputs be reduced.	6 years ago
cert.cc	Run the comment converter on fuzz/ and tool/	7 years ago
client.cc	Add DTLS fuzzers.	7 years ago
dtls_client.cc	Add DTLS fuzzers.	7 years ago
dtls_server.cc	Add DTLS fuzzers.	7 years ago
minimise_corpuses.sh	Add licenses to fuzz tests.	8 years ago
pkcs8.cc	ERR_clear_error at the end of each fuzzer.	8 years ago
privkey.cc	ERR_clear_error at the end of each fuzzer.	8 years ago
read_pem.cc	ERR_clear_error at the end of each fuzzer.	8 years ago
refresh_ssl_corpora.sh	Add DTLS fuzzers.	7 years ago
server.cc	Add DTLS fuzzers.	7 years ago
session.cc	Remove \|X509\| things from SSL_SESSION.	7 years ago
spki.cc	ERR_clear_error at the end of each fuzzer.	8 years ago
ssl_ctx_api.cc	Bound ssl_ctx_api more aggressively.	7 years ago