6887edb917ba9ecbed85f9d63ec36638b1d1dbb6 - boringssl.git

commit	6887edb917ba9ecbed85f9d63ec36638b1d1dbb6	[log] [tgz]
author	Adam Langley <agl@chromium.org>	Fri Jun 20 12:00:00 2014 -0700
committer	Adam Langley <agl@chromium.org>	Fri Jun 20 13:17:37 2014 -0700
tree	f7b5e79542b15d85b999a2351c3964c8e34a145f
parent	aacec17a630eacfb8023a4a3075f0ea51629eb98 [diff]

Improvements in constant-time OAEP decoding.

This change adds a new function, BN_bn2bin_padded, that attempts, as
much as possible, to serialise a BIGNUM in constant time.

This is used to avoid some timing leaks in RSA decryption.

crypto/bn/bn.h[diff]
crypto/bn/bn_test.c[diff]
crypto/bn/convert.c[diff]
crypto/evp/p_rsa.c[diff]
crypto/rsa/internal.h[diff]
crypto/rsa/padding.c[diff]
crypto/rsa/rsa_impl.c[diff]

7 files changed

tree: f7b5e79542b15d85b999a2351c3964c8e34a145f

crypto/
doc/
include/
ssl/
tool/
util/
.clang-format
.gitignore
BUGS
BUILDING
CMakeLists.txt