boringssl

History

Adam Langley b360eaf001 crypto/bn/x86_64-mont5.pl: constant-time gather procedure. (Imported from upstream's 25d14c6c29b53907bf614b9964d43cd98401a7fc.) At the same time remove miniscule bias in final subtraction. Performance penalty varies from platform to platform, and even with key length. For rsa2048 sign it was observed to be 4% for Sandy Bridge and 7% on Broadwell. (This is part of the fix for CVE-2016-0702.) Change-Id: I43a13d592c4a589d04c17c33c0ca40c2d7375522 Reviewed-on: https://boringssl-review.googlesource.com/7244 Reviewed-by: Adam Langley <agl@google.com>		2016-03-01 18:04:15 +00:00
..
armv4-mont.pl	Consistently use named constants in ARM assembly files.	2016-02-23 17:18:18 +00:00
armv8-mont.pl	Add AArch64 Montgomery assembly.	2015-11-10 19:13:46 +00:00
bn-586.pl	Inital import.	2014-06-20 13:17:32 -07:00
co-586.pl	Inital import.	2014-06-20 13:17:32 -07:00
rsaz-avx2.pl	bn/asm/rsaz-avx2.pl: constant-time gather procedure.	2016-03-01 18:04:09 +00:00
rsaz-x86_64.pl	bn/asm/rsaz-avx2.pl: constant-time gather procedure.	2016-03-01 18:04:09 +00:00
x86_64-gcc.c	Simplify division-with-remainder calculations in crypto/bn/div.c.	2016-02-25 16:13:22 +00:00
x86_64-mont5.pl	crypto/bn/x86_64-mont5.pl: constant-time gather procedure.	2016-03-01 18:04:15 +00:00
x86_64-mont.pl	crypto/bn/x86_64-mont5.pl: constant-time gather procedure.	2016-03-01 18:04:15 +00:00
x86-mont.pl	OpenSSL: make final reduction in Montgomery multiplication constant-time.	2014-06-20 13:17:33 -07:00