commit | eb9232f06ffae855a9b8c5dfaffcaaf256dfbaac | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@google.com> | Thu Nov 30 16:05:36 2017 -0500 |
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | Fri Dec 08 17:55:54 2017 +0000 |
tree | 9d5e1f8a41603996419a92b5f1ef0af18ca811d8 | |
parent | 2b63addf6ac2cc0f07f9542f33fe1361fa6fd6d5 [diff] |
Fully reduce scalars in EC_POINT_mul. Along the way, this allows us to tidy up the invariants associated with EC_SCALAR. They were fuzzy around ec_point_mul_scalar and some computations starting from the digest in ECDSA. The latter I've put into the type system with EC_LOOSE_SCALAR. As for the former, Andres points out that particular EC implementations are only good for scalars within a certain range, otherwise you may need extra work to avoid the doubling case. To simplify curve implementations, we reduce them fully rather than do the looser bit size check, so they can have the stronger precondition to work with. Change-Id: Iff9a0404f89adf8f7f914f8e8246c9f3136453f1 Reviewed-on: https://boringssl-review.googlesource.com/23664 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful: