Google Git
Sign in
boringssl/boringssl.git/8cf79af7d1497c07bd684764b96c9659e7b32ae1^!/./include/openssl/ec.h
commit
8cf79af7d1497c07bd684764b96c9659e7b32ae1
[log]
author
David Benjamin <davidben@google.com>
Thu Jun 16 14:58:36 2016 -0400
committer
Adam Langley <agl@google.com>
Mon Jun 20 17:11:42 2016 +0000
tree
df58b9873173e76f9b29080a0744a4b694eb4d85
parent
40e3906234d84b6153567229ce7fee95f54a0f23 [diff] [blame]
Always use Fermat's Little Theorem in ecdsa_sign_setup.

The case where ec_group_get_mont_data is NULL is only for arbitrary groups
which we now require to be prime order. BN_mod_exp_mont is fine with a NULL
BN_MONT_CTX. It will just compute it. Saves a bit of special-casing.

Also don't mark p-2 as BN_FLG_CONSTTIME as the exponent is public anyway.

Change-Id: Ie868576d52fc9ae5f5c9f2a4039a729151bf84c7
Reviewed-on: https://boringssl-review.googlesource.com/8307
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 05218f3..32aded6 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h

@@ -392,5 +392,6 @@
 #define EC_R_DECODE_ERROR 128
 #define EC_R_ENCODE_ERROR 129
 #define EC_R_GROUP_MISMATCH 130
+#define EC_R_INVALID_COFACTOR 131
 
 #endif  /* OPENSSL_HEADER_EC_H */