- 08 Jan, 2019 1 commit
-
-
Niels Möller authored
-
- 26 Dec, 2018 9 commits
-
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
Intended to silence warning from the clang static analyzer.
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
* rsa-sign-tr.c (sec_equal): Fix accidental use of C99 for loop. Reported by Andreas Gustafsson. * testsuite/rsa-sec-decrypt-test.c (test_main): Likewise.
-
- 04 Dec, 2018 1 commit
-
-
Niels Möller authored
-
- 28 Nov, 2018 5 commits
-
-
Niels Möller authored
Mention dependency on GMP-6, and RSA performance regression.
-
Niels Möller authored
-
Niels Möller authored
* testsuite/rsa-encrypt-test.c (test_main): Fix allocation of decrypted storage. Update test of rsa_decrypt, to allow clobbering of all of the passed in message area.
-
Niels Möller authored
Patch from Simo Sorce.
-
Niels Möller authored
-
- 27 Nov, 2018 2 commits
-
-
Niels Möller authored
-
Niels Möller authored
Use new local helper functions, with their own itch functions.
-
- 26 Nov, 2018 1 commit
-
-
Niels Möller authored
-
- 25 Nov, 2018 21 commits
-
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
-
Niels Möller authored
Also renamed with leading underscore, and updated all callers.
-
Simo Sorce authored
-
Niels Möller authored
-
Simo Sorce authored
Signed-off-by:
Simo Sorce <simo@redhat.com>
-
Niels Möller authored
-
Niels Möller authored
-
Simo Sorce authored
-
Niels Möller authored
-
Niels Möller authored
-
Simo Sorce authored
Signed-off-by:
Simo Sorce <simo@redhat.com>
-
Niels Möller authored
-
Simo Sorce authored
add a side-channel silent pkcs1 decoding function for use in older APIs. Signed-off-by:
Simo Sorce <simo@redhat.com>
-
Niels Möller authored
* testsuite/rsa-sec-decrypt-test.c (rsa_decrypt_for_test): Tweak valgrind marking, and document potential leakage of lowest and highest bits of p and q.
-
Niels Möller authored
* rsa-sec-compute-root.c (_rsa_sec_compute_root): Avoid calls to mpz_sizeinbase, since that potentially leaks most significant bits of private key parameters a and b.
-
Niels Möller authored
-
Simo Sorce authored
Signed-off-by:
Simo Sorce <simo@redhat.com>
-
Niels Möller authored
-
Simo Sorce authored
Use side-channel silent RSA root function as well as PKCS1 padding functions. This variant accepts only a fixed length message, and returns error if the pkcs1 padding returns a different length message. The buffer is always left unchanged on error so that a TLS implementation can pre-initialize it with a random key to use on decoding error. Signed-off-by:
Simo Sorce <simo@redhat.com>
-