kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
e768212e7d
boringssl/crypto/fipsmodule/bn
History
David Benjamin 378cca8016 Handle a modulus of -1 correctly. 
Historically, OpenSSL's modular exponentiation functions tolerated negative
moduli by ignoring the sign bit. The special case for a modulus of 1 should do
the same. That said, this is ridiculous and the only reason I'm importing this
is BN_abs_is_word(1) is marginally more efficient than BN_is_one() and we
haven't gotten around to enforcing positive moduli yet.

Thanks to Guido Vranken and OSSFuzz for finding this issue and reporting to
OpenSSL.

(Imported from upstream's 235119f015e46a74040b78b10fd6e954f7f07774.)

Change-Id: I526889dfbe2356753aa1e6ecfd3aa3dc3a8cd2b8
Reviewed-on: https://boringssl-review.googlesource.com/31085
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2018-08-16 15:57:10 +00:00
..
asm Enable ADX assembly. 2018-05-11 21:57:13 +00:00
add.c Name constant-time functions more consistently. 2018-03-29 23:30:55 +00:00
bn_test_to_fuzzer.go Generate bn_div and bn_mod_exp corpus from bn_tests.txt. 2017-10-27 18:57:48 +00:00
bn_test.cc Handle a modulus of -1 correctly. 2018-08-16 15:57:10 +00:00
bn_tests.txt Fix bn_mod_exp_mont_small when exponentiating to zero. 2018-04-18 22:13:16 +00:00
bn.c Don't leak |a| in the primality test. 2018-03-28 01:44:31 +00:00
bytes.c Simplify BN_bn2bin_padded. 2018-02-06 02:41:38 +00:00
check_bn_tests.go Add new GCD and related primitives. 2018-03-30 19:53:36 +00:00
cmp.c Make various BIGNUM comparisons constant-time. 2018-03-26 18:53:53 +00:00
ctx.c Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
div_extra.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
div.c Clear r->neg in bn_mod_{add,sub}_consttime. 2018-07-20 23:45:06 +00:00
exponentiation.c Handle a modulus of -1 correctly. 2018-08-16 15:57:10 +00:00
gcd_extra.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
gcd.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
generic.c Enable __asm__ and uint128_t code in clang-cl. 2017-12-11 22:46:26 +00:00
internal.h Replace |alloca| in |BN_mod_exp_mont_consttime|. 2018-05-21 19:43:05 +00:00
jacobi.c Rename bn->top to bn->width. 2018-02-05 23:44:24 +00:00
montgomery_inv.c Restore the BN_mod codepath for public Montgomery moduli. 2018-04-20 20:50:15 +00:00
montgomery.c Remove return values from bn_*_small. 2018-04-24 15:34:32 +00:00
mul.c Remove return values from bn_*_small. 2018-04-24 15:34:32 +00:00
prime.c Update Miller–Rabin check numbers. 2018-08-14 23:10:53 +00:00
random.c Rewrite BN_rand without an extra malloc. 2018-04-02 18:07:12 +00:00
rsaz_exp.c Include bn/internal.h for RSAZ code. 2018-06-04 17:26:29 +00:00
rsaz_exp.h Include bn/internal.h for RSAZ code. 2018-06-04 17:26:29 +00:00
shift.c Use bn_rshift_words for the ECDSA bit-shift. 2018-04-02 18:17:39 +00:00
sqrt.c Name constant-time functions more consistently. 2018-03-29 23:30:55 +00:00