| commit | 5902657734e2a796a514731e0fd0e80081ae43dc | [log] [tgz] |
|---|---|---|
| author | David Benjamin <davidben@google.com> | Tue Apr 07 15:48:11 2020 -0400 |
| committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | Thu Apr 09 18:11:29 2020 +0000 |
| tree | 96c5e9d1014ea374c170f780c6a709b4b58a89e0 | |
| parent | d2c5b7da2ff9bb9ad3ad975445da71df89724173 [diff] |
Double-check secret EC point multiplications. Doing a Jacobian point-on-curve check has negligible cost compared to the point operations. We may as well perform one to add some defense against potential bugs and such. (We already double-check RSA operations.) Before: Did 40000 ECDH P-224 operations in 3014872us (13267.6 ops/sec) Did 55000 ECDH P-256 operations in 3026351us (18173.7 ops/sec) Did 3410 ECDH P-384 operations in 3053181us (1116.9 ops/sec) Did 1364 ECDH P-521 operations in 3079656us (442.9 ops/sec) Did 83000 ECDSA P-224 signing operations in 3013476us (27542.9 ops/sec) Did 41000 ECDSA P-224 verify operations in 3073530us (13339.7 ops/sec) Did 168000 ECDSA P-256 signing operations in 3008562us (55840.6 ops/sec) Did 60000 ECDSA P-256 verify operations in 3038517us (19746.5 ops/sec) Did 6169 ECDSA P-384 signing operations in 3066741us (2011.6 ops/sec) Did 6231 ECDSA P-384 verify operations in 3054468us (2040.0 ops/sec) Did 2418 ECDSA P-521 signing operations in 3058901us (790.5 ops/sec) Did 2418 ECDSA P-521 verify operations in 3048765us (793.1 ops/sec) After: Did 39600 ECDH P-224 operations in 3001966us (13191.4 ops/sec) Did 55000 ECDH P-256 operations in 3033098us (18133.3 ops/sec) Did 3441 ECDH P-384 operations in 3088436us (1114.2 ops/sec) Did 1364 ECDH P-521 operations in 3087711us (441.8 ops/sec) Did 83000 ECDSA P-224 signing operations in 3029486us (27397.4 ops/sec) Did 40000 ECDSA P-224 verify operations in 3005452us (13309.1 ops/sec) Did 168000 ECDSA P-256 signing operations in 3011387us (55788.2 ops/sec) Did 60000 ECDSA P-256 verify operations in 3030343us (19799.7 ops/sec) Did 6076 ECDSA P-384 signing operations in 3023469us (2009.6 ops/sec) Did 6231 ECDSA P-384 verify operations in 3056138us (2038.8 ops/sec) Did 2418 ECDSA P-521 signing operations in 3057375us (790.9 ops/sec) Did 2449 ECDSA P-521 verify operations in 3083418us (794.2 ops/sec) Change-Id: Icedc51e340c8f3a21f96a535395814575e0c89b2 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/40592 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
Project links:
There are other files in this directory which might be helpful: