kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8c7c6356e6
boringssl/crypto/fipsmodule/bn
History
David Benjamin 53affef486 No negative moduli. 
https://boringssl-review.googlesource.com/31085 wasn't right. We already forbid
creating BN_MONT_CTX on negative numbers, which means almost all moduli already
don't work with BN_mod_exp_mont. Only -1 happened to not get rejected, but it
computed the wrong value. Reject it instead.

Update-Note: BN_mod_exp* will no longer work for negative moduli. It already
didn't work for all negative odd moduli other than -1, so rejecting -1 and
negative evens is unlikely to be noticed.

Bug: 71
Change-Id: I7c713d417e2e6512f3e78f402de88540809977e3
Reviewed-on: https://boringssl-review.googlesource.com/31484
Reviewed-by: Adam Langley <agl@google.com>
2018-09-04 22:26:53 +00:00
..
asm Enable ADX assembly. 2018-05-11 21:57:13 +00:00
add.c Name constant-time functions more consistently. 2018-03-29 23:30:55 +00:00
bn_test_to_fuzzer.go
bn_test.cc No negative moduli. 2018-09-04 22:26:53 +00:00
bn_tests.txt Fix bn_mod_exp_mont_small when exponentiating to zero. 2018-04-18 22:13:16 +00:00
bn.c
bytes.c
check_bn_tests.go Add new GCD and related primitives. 2018-03-30 19:53:36 +00:00
cmp.c
ctx.c
div_extra.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
div.c Clear r->neg in bn_mod_{add,sub}_consttime. 2018-07-20 23:45:06 +00:00
exponentiation.c No negative moduli. 2018-09-04 22:26:53 +00:00
gcd_extra.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
gcd.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
generic.c
internal.h Replace |alloca| in |BN_mod_exp_mont_consttime|. 2018-05-21 19:43:05 +00:00
jacobi.c
montgomery_inv.c Restore the BN_mod codepath for public Montgomery moduli. 2018-04-20 20:50:15 +00:00
montgomery.c Remove return values from bn_*_small. 2018-04-24 15:34:32 +00:00
mul.c Remove return values from bn_*_small. 2018-04-24 15:34:32 +00:00
prime.c Update Miller–Rabin check numbers. 2018-08-14 23:10:53 +00:00
random.c Rewrite BN_rand without an extra malloc. 2018-04-02 18:07:12 +00:00
rsaz_exp.c Include bn/internal.h for RSAZ code. 2018-06-04 17:26:29 +00:00
rsaz_exp.h Include bn/internal.h for RSAZ code. 2018-06-04 17:26:29 +00:00
shift.c Use bn_rshift_words for the ECDSA bit-shift. 2018-04-02 18:17:39 +00:00
sqrt.c Name constant-time functions more consistently. 2018-03-29 23:30:55 +00:00