)]}' { "commit": "b360eaf0018a0ed82b3713adc993ffff8270631e", "tree": "afa0bf51e7f63b3002adb68fbba5d3055db413ae", "parents": [ "1168fc72fc7f3d5b2954ff0cd41365f2a973ba1b" ], "author": { "name": "Adam Langley", "email": "agl@google.com", "time": "Tue Mar 01 08:16:30 2016 -0800" }, "committer": { "name": "Adam Langley", "email": "agl@google.com", "time": "Tue Mar 01 18:04:15 2016 +0000" }, "message": "crypto/bn/x86_64-mont5.pl: constant-time gather procedure.\n\n(Imported from upstream\u0027s 25d14c6c29b53907bf614b9964d43cd98401a7fc.)\n\nAt the same time remove miniscule bias in final subtraction. Performance\npenalty varies from platform to platform, and even with key length. For\nrsa2048 sign it was observed to be 4% for Sandy Bridge and 7% on\nBroadwell.\n\n(This is part of the fix for CVE-2016-0702.)\n\nChange-Id: I43a13d592c4a589d04c17c33c0ca40c2d7375522\nReviewed-on: https://boringssl-review.googlesource.com/7244\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "04c4beaf3cff46a2029af13d77e35a555b80688f", "old_mode": 33188, "old_path": "crypto/bn/asm/x86_64-mont.pl", "new_id": "91f7ed6f9e12172f5cb4b9033130e2429fa23ff7", "new_mode": 33261, "new_path": "crypto/bn/asm/x86_64-mont.pl" }, { "type": "modify", "old_id": "3c5a8fc97968c215cb34886b169f0af407e0e5e5", "old_mode": 33188, "old_path": "crypto/bn/asm/x86_64-mont5.pl", "new_id": "f1865b1b047ba9ae5eb3ac83d4c49dbb1a6b52d2", "new_mode": 33261, "new_path": "crypto/bn/asm/x86_64-mont5.pl" }, { "type": "modify", "old_id": "3ab574f4c55dd9e72184a9ec51a56dc6c4bf7ca4", "old_mode": 33188, "old_path": "crypto/bn/exponentiation.c", "new_id": "953fce1f6cfe5926c0126545f77a17b1c2b64d2d", "new_mode": 33188, "new_path": "crypto/bn/exponentiation.c" } ] }