kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
fbec517255
boringssl/crypto/fipsmodule
History
David Benjamin fbec517255 Better test boundary cases of ec_cmp_x_coordinate. 
This is done in preparation of generalizing the optimization to all our
EC_METHODs.

Wycheproof happily does cover the case where x needed a reduction, but
they don't appear to check x being just above or below n, only x = p - 1
(adjusted downwards). Also we can tailor the test vectors a bit to the
x == r*z^2 (mod p) strategy to make sure we don't mess that up.

Additionally, the scenario is different for n > p. There is also the
nuisance of EC_FELEM vs EC_SCALAR having different widths. All our
built-in curves are well-behaved (same width, and consistently p < n),
but secp160r1 is reachable from custom curves and violates both
properties. Generate some tests to cover it as well.

Change-Id: Iefa5ebfe689a81870be21f04f5962ab161d38dab
Reviewed-on: https://boringssl-review.googlesource.com/c/32985
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2018-11-08 23:52:07 +00:00
..
aes Fix undefined block128_f, etc., casts. 2018-10-01 17:35:02 +00:00
bn Fix div.c to divide BN_ULLONG only if BN_CAN_DIVIDE_ULLONG defined. 2018-10-10 15:33:35 +00:00
cipher Fix redefinition of AEAD asserts in e_aes.c. 2018-10-24 00:29:29 +00:00
des Move OPENSSL_FALLTHROUGH to internal headers. 2018-01-29 18:17:57 +00:00
digest Match OpenSSL's EVP_MD_CTX_reset return value. 2018-05-29 17:07:16 +00:00
ec Fix build when bcm.c is split up. 2018-11-08 22:35:51 +00:00
ecdh Add ECDH_compute_key_fips inside the module. 2018-07-30 22:40:31 +00:00
ecdsa Better test boundary cases of ec_cmp_x_coordinate. 2018-11-08 23:52:07 +00:00
hmac
md4
md5 Mark the C version of md5_block_data_order static. 2018-09-07 20:00:12 +00:00
modes Include aes.h in mode/internal.h 2018-10-03 17:36:04 +00:00
policydocs Include details about latest FIPS certification. 2018-11-05 19:03:25 +00:00
rand Don't overflow state->calls on 16TiB RAND_bytes calls. 2018-11-02 18:33:43 +00:00
rsa Clarify thread-safety of key objects. 2018-08-28 18:52:59 +00:00
self_check Always print some diagnostic information when POST fails. 2018-09-28 19:33:38 +00:00
sha [perlasm] Hide OPENSSL_armcap_P in assembly 2018-10-02 20:36:43 +00:00
tls Fix include path. 2018-05-08 16:26:05 +00:00
bcm.c Always print some diagnostic information when POST fails. 2018-09-28 19:33:38 +00:00
CMakeLists.txt Revert "Revert "Speed up ECDSA verify on x86-64."" 2018-11-07 23:57:22 +00:00
delocate.h Use a pool of |rand_state| objects. 2018-07-06 21:25:37 +00:00
FIPS.md Include details about latest FIPS certification. 2018-11-05 19:03:25 +00:00
intcheck1.png
intcheck2.png
intcheck3.png
is_fips.c Add some more compatibility functions. 2018-05-08 20:51:15 +00:00