kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
b360eaf001
boringssl/crypto/bn
History
Adam Langley b360eaf001 crypto/bn/x86_64-mont5.pl: constant-time gather procedure. 
(Imported from upstream's 25d14c6c29b53907bf614b9964d43cd98401a7fc.)

At the same time remove miniscule bias in final subtraction. Performance
penalty varies from platform to platform, and even with key length. For
rsa2048 sign it was observed to be 4% for Sandy Bridge and 7% on
Broadwell.

(This is part of the fix for CVE-2016-0702.)

Change-Id: I43a13d592c4a589d04c17c33c0ca40c2d7375522
Reviewed-on: https://boringssl-review.googlesource.com/7244
Reviewed-by: Adam Langley <agl@google.com>
2016-03-01 18:04:15 +00:00
..
asm crypto/bn/x86_64-mont5.pl: constant-time gather procedure. 2016-03-01 18:04:15 +00:00
add.c Switch unrolled loop in BN_usub with memcpy. 2015-12-16 17:38:48 +00:00
bn_asn1.c Rename the BIGNUM ASN.1 functions. 2016-01-27 22:37:44 +00:00
bn_test.cc Update some comments in bn_test.c in light of acb24518. 2016-02-02 18:22:19 +00:00
bn.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
CMakeLists.txt Add AArch64 Montgomery assembly. 2015-11-10 19:13:46 +00:00
cmp.c
convert.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
ctx.c Remove the func parameter to OPENSSL_PUT_ERROR. 2015-07-16 02:02:37 +00:00
div.c Move |bn_div_words| to crypto/bn/div.c and make it static. 2016-02-25 16:16:14 +00:00
exponentiation.c crypto/bn/x86_64-mont5.pl: constant-time gather procedure. 2016-03-01 18:04:15 +00:00
gcd.c s/BN_BITS/BN_BITS2/ in |BN_mod_inverse_ex|; remove |BN_BITS| & |BN_MASK|. 2015-11-19 01:39:32 +00:00
generic.c Move |bn_div_words| to crypto/bn/div.c and make it static. 2016-02-25 16:16:14 +00:00
internal.h Move |bn_div_words| to crypto/bn/div.c and make it static. 2016-02-25 16:16:14 +00:00
kronecker.c
montgomery.c Fix trivial -Wcast-qual violations. 2016-01-21 21:06:02 +00:00
mul.c Minimize the scope of the |BN_*_SIZE_*| constants. 2016-02-08 18:28:31 +00:00
prime.c Avoid signed/unsigned comparison in crypto/bn's |probable_prime|. 2015-10-26 21:27:12 +00:00
random.c Remove the func parameter to OPENSSL_PUT_ERROR. 2015-07-16 02:02:37 +00:00
rsaz_exp.c Use |alignas| for alignment. 2016-01-25 23:05:04 +00:00
rsaz_exp.h Fix license on rsaz_exp.h. 2015-07-27 22:21:11 +00:00
shift.c Remove the func parameter to OPENSSL_PUT_ERROR. 2015-07-16 02:02:37 +00:00
sqrt.c Remove the func parameter to OPENSSL_PUT_ERROR. 2015-07-16 02:02:37 +00:00