kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ed09f2d5cd
boringssl/crypto/fipsmodule
History
David Benjamin 20b6a4e2a1 Clear r->neg in bn_mod_{add,sub}_consttime. 
Otherwise, if the output BIGNUM was previously negative, we'd incorrectly give
a negative result. Thanks to Guide Vranken for reporting this issue!

Fortunately, this does not appear to come up in any existing caller. This isn't
all that surprising as negative numbers never really come up in cryptography.
Were it not for OpenSSL historically designing a calculator API, we'd just
delete the bit altogether. :-(

Bug: chromium:865924
Change-Id: I28fdc986dfaba3e38435b14ebf07453d537cc60a
Reviewed-on: https://boringssl-review.googlesource.com/29944
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-07-20 23:45:06 +00:00
..
aes Rename |asm_AES_*| to |aes_nohw_*|. 2018-05-15 23:02:52 +00:00
bn Clear r->neg in bn_mod_{add,sub}_consttime. 2018-07-20 23:45:06 +00:00
cipher Add special AES-GCM AEAD for TLS 1.3. 2018-06-25 10:23:22 +00:00
des Move OPENSSL_FALLTHROUGH to internal headers. 2018-01-29 18:17:57 +00:00
digest Match OpenSSL's EVP_MD_CTX_reset return value. 2018-05-29 17:07:16 +00:00
ec Zero-initialize tmp in ec_GFp_simple_mul_single. 2018-06-13 19:58:24 +00:00
ecdsa Align ECDSA sign/verify scalar inversions. 2018-04-24 16:00:12 +00:00
hmac Switch OPENSSL_VERSION_NUMBER to 1.1.0. 2017-09-29 04:51:27 +00:00
md4 Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
md5 Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
modes Revert "Revert "Revert "Revert "Make x86(-64) use the same aes_hw_* infrastructure as POWER and the ARMs."""" 2018-05-14 22:09:29 +00:00
policydocs Update FIPS documentation with pointer to the cert and security policy. 2017-07-20 03:32:08 +00:00
rand Use a pool of |rand_state| objects. 2018-07-06 21:25:37 +00:00
rsa Spell Falko Strenzke's name correctly. 2018-05-21 18:18:04 +00:00
self_check Write error messages in the FIPS module to stderr. 2018-06-25 10:30:42 +00:00
sha Add SHA256_TransformBlocks. 2018-04-25 17:51:50 +00:00
tls Fix include path. 2018-05-08 16:26:05 +00:00
bcm.c Move some RSA keygen support code into separate files. 2018-05-08 21:25:46 +00:00
CMakeLists.txt Convert example_mul to GTest. 2017-07-10 19:28:29 +00:00
delocate.h Use a pool of |rand_state| objects. 2018-07-06 21:25:37 +00:00
FIPS.md Update link to CMVP certificate. 2018-02-26 22:14:35 +00:00
intcheck1.png
intcheck2.png
intcheck3.png
is_fips.c Add some more compatibility functions. 2018-05-08 20:51:15 +00:00