kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cba958f406
boringssl/crypto/fipsmodule/rsa
History
David Benjamin cba958f406 Make RSA_check_key constant-time and more meaningful. 
Rather than recompute values the same as in key generation, where
possible, we check differently. In particular, most RSA values are
modular inverses of some value. Check each of them by multiplying and
using our naive constant-time division function.

Median of 29 RSA keygens: 0m0.218s -> 0m0.205s
(Accuracy beyond 0.1s is questionable.)

Bug: 238
Change-Id: Iaca19f12c045457013def844a17bf502ed09136e
Reviewed-on: https://boringssl-review.googlesource.com/26373
Reviewed-by: Adam Langley <alangley@gmail.com>
2018-03-30 19:54:00 +00:00
..
blinding.c Don't bother retrying in bn_blinding_create_param. 2018-03-05 20:48:41 +00:00
internal.h Replace rsa_greater_than_pow2 with BN_cmp. 2018-03-30 19:53:18 +00:00
padding.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
rsa_impl.c Make RSA key generation constant-time. 2018-03-30 19:53:52 +00:00
rsa.c Make RSA_check_key constant-time and more meaningful. 2018-03-30 19:54:00 +00:00