| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
From BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd
by David Benjamin.
ok djm, jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
by Alejandro Cabrera <aldaya@gmail.com> to avoid the possibility of a
sidechannel timing attack during RSA private key generation.
Modify BN_gcd to become not visible under LIBRESSL_INTERNAL and force
the use of the _ct or _nonct versions of the function only within
the library.
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
|
| |
After calling BN_CTX_start(), there must be a BN_CTX_end() before
returning. There were missing BN_CTX_end() calls in error paths. One diff
chunk was simply removing redundant code related to this.
ok deraadt@
|
| |
|
|
|
|
| |
diff.
Spotted by miod@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are currently cases where the return from each call is checked,
the return from only the last call is checked and cases where it is not
checked at all (including code in bn, ec and engine).
Checking the last return value is valid as once the function fails it will
continue to return NULL. However, in order to be consistent check each
call with the same idiom. This makes it easy to verify.
Note there are still a handful of cases that do not follow the idiom -
these will be handled separately.
ok beck@ doug@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
