)]}' { "commit": "6bc18a3bd49a6d672507987da07601807bdd6a9a", "tree": "3208df721c92bba8731a9b6f9d4bc6471638e212", "parents": [ "64619deaa381ad4d010a462aabfe27908e12646e" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Sun Nov 12 11:41:17 2017 +0800" }, "committer": { "name": "Adam Langley", "email": "agl@google.com", "time": "Mon Nov 20 16:22:30 2017 +0000" }, "message": "Add bn_mul_small and bn_sqr_small.\n\nAs part of excising BIGNUM from EC scalars, we will need a \"words\"\nversion of BN_mod_mul_montgomery. That, in turn, requires BN_sqr and\nBN_mul for cases where we don\u0027t have bn_mul_mont.\n\nBN_sqr and BN_mul have a lot of logic in there, with the most complex\ncases being not even remotely constant time. Fortunately, those only\napply to RSA-sized numbers, not EC-sized numbers. (With the exception, I\nbelieve, of 32-bit P-521 which just barely exceeds the cutoff.) Imposing\na limit also makes it easier to stack-allocate temporaries (BN_CTX\nserves a similar purpose in BIGNUM).\n\nExtract bn_mul_small and bn_sqr_small and test them as part of\nbn_tests.txt. Later changes will build on these.\n\nIf we end up reusing these functions for RSA in the future (though that\nwould require tending to the egregiously non-constant-time code in the\nno-asm build), we probably want to extract a version where there is an\nexplicit tmp parameter as in bn_sqr_normal rather than the stack bits.\n\nChange-Id: If414981eefe12d6664ab2f5e991a359534aa7532\nReviewed-on: https://boringssl-review.googlesource.com/23068\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "5725eaae5813bb29698d9274f5f31efa385563e6", "old_mode": 33188, "old_path": "crypto/fipsmodule/bn/bn_test.cc", "new_id": "73769898d53d80ddfe1822d00b1f85f7a7f85e43", "new_mode": 33188, "new_path": "crypto/fipsmodule/bn/bn_test.cc" }, { "type": "modify", "old_id": "f809e7e32a5788bdd7a15bd2c3bcba39d62b47ca", "old_mode": 33188, "old_path": "crypto/fipsmodule/bn/bn_tests.txt", "new_id": "eb447b5369adc71987aa209d53eb6bf167677209", "new_mode": 33188, "new_path": "crypto/fipsmodule/bn/bn_tests.txt" }, { "type": "modify", "old_id": "fa4b54e3e0c483b88da62c2fea7368c4ae15a061", "old_mode": 33188, "old_path": "crypto/fipsmodule/bn/internal.h", "new_id": "634435f9fc8823b8f19558d274fffabe1b0de954", "new_mode": 33188, "new_path": "crypto/fipsmodule/bn/internal.h" }, { "type": "modify", "old_id": "9f672260ecfe80a5246fec31db39c33123615d4c", "old_mode": 33188, "old_path": "crypto/fipsmodule/bn/mul.c", "new_id": "3234e22f94c3fdf74f5ae59ad2f37410df7725f1", "new_mode": 33188, "new_path": "crypto/fipsmodule/bn/mul.c" } ] }