yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,265 Commits 2 Branches 0 Tags
Commit Graph

11265 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Barton
5d8dcf160c Typo in Readme 2021-09-21 13:09:47 -07:00
Brian Smith
4d71f100de RSA: Clarify that the elem_exp_vartime is only called for the public modulus. 2021-09-20 14:59:34 -07:00
Brian Smith
2c7e46bd7f RSA: Factor out common call to into_unencoded(). 
All the callers of `elem_exp_vartime` call `into_unencoded()` on the result,
so just do that within `elem_exp_vartime`.

The default value of the `Encoding` type parameter is `Unencoded`, so elide
it.
 2021-09-20 14:59:34 -07:00
Brian Smith
bdeea72ead Move bigint::PublicExponent to rsa::public::Exponent. 
The bounds checking that `bigint::PublicExponent`'s constructor is doing is
specific to RSA. The correctness of the exponentiation arithmetic doesn't
depend on those additional checks. Move all that bounds checking to RSA.
Soon, there will be `rsa::public::{Key, Modulus}` to complement `Exponent`.

Move `bigint::elem_exp_vartime` to `rsa`. The performance analysis is only
valid for RSA.
 2021-09-20 14:59:34 -07:00
Brian Smith
e4d06962db bigint: Use PublicExponent as the type of the minimum allowed exponent. 
Replace some dynamic checks with compile-time type safety + unit tests.

This makes it clearer that the assertions can never fail.
 2021-09-20 10:37:19 -07:00
Brian Smith
f974b8de29 bigint: GivePublicExponent::MAX type PublicExponent. 2021-09-20 10:37:19 -07:00
Brian Smith
8149edd790 bigint: Make PUBLIC_EXPONENT_MAX_VALUE an associated const. 2021-09-20 10:37:19 -07:00
ComplexSpaces
2896a014de Add open_in_place_separate_tag API to LessSafeKey 
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2021-09-16 13:24:26 -07:00
Brian Smith
d8378acc60 bigint: Remove unnecessary and misleading assertion in elem_exp_vartime_. 
The assertion made sense when the function was only for the exponentiation
in RSA public key operations. However, this assertion is nonsensical for
the other use of the function to construct the montgomery constant for the
modulus.

Add more documentation about the performance.

Rather than trying to "improve" the assertion, just remove it.
`PUBLIC_EXPONENT_MAX_VALUE` is just a bit smaller of bits smaller than
what the type naturally enforces.

The added documentation should help us reason about whether the assertion
could ever fail. Because we constrain the maximum modulus (bit) length,
the maximum value of the exponent is for the Montgomery setup case is
less than `PUBLIC_EXPONENT_MAX_VALUE`.
 2021-09-16 13:17:35 -07:00
Brian Smith
53ebaf7302 bigint: Move dynamic check of nonzero exponent out of elem_exp_vartime_(). 
Use `NonZerou64` to encode the fact that the exponent is nonzero, so that
we can remove an assertion that would never fail.

This is a non-functional change.
 2021-09-16 13:17:35 -07:00
Brian Smith
7c478c457b bigint: Clarify LG_BASE is a constant. 2021-09-16 13:17:35 -07:00
Brian Smith
a22977f421 bigint: Fix typo in comment about lg_base. 2021-09-16 13:17:35 -07:00
Brian Smith
6ae2dea1a8 bigint: Replace as conversion with u64_from_usize. 2021-09-16 13:17:35 -07:00
Brian Smith
022f4dbe8e Bump libc version requirement. 2021-08-23 20:14:17 -07:00
Brian Smith
bf3e8582d6 Bump wasm-bindgen-test to 0.3.26. 2021-08-23 20:14:17 -07:00
Brian Smith
d77d152546 Bump web-sys to 0.3.51. 2021-08-23 20:14:17 -07:00
Brian Smith
e33675400a Bump once_cell to 1.8.0. 2021-08-23 20:14:17 -07:00
Brian Smith
9e6ea77bf1 Bump Criterion.rs version. 2021-08-23 20:14:17 -07:00
Brian Smith
3b8ae3ab12 CI: Stop excluding Rust 1.47.0 builds since they are never attempted. 
This logic is a holdover from when Rust 1.47.0 was the MSRV.
 2021-08-23 16:48:03 -07:00
Brian Smith
5412ef9559
Merge pull request #1365 from briansmith/b/coverage-nightly 
CI: Use a slightly older Nightly Rust for coverage measurement.
 2021-08-23 16:44:00 -07:00
Brian Smith
83c204342e CI: Use a slightly older Nightly Rust for coverage measurement. 2021-08-23 14:38:38 -07:00
Brian Smith
8739fd1b5a
Merge pull request #1361 from briansmith/b/merge-boringssl 
Merge BoringSSL through 549e4e7995a90964e92f22af6229d92c1283693b.
 2021-08-18 14:45:15 -07:00
Brian Smith
0f91bc4e32 Merge BoringSSL 549e4e7: Align with upstream on 'close STDOUT' lines. 2021-08-18 13:38:21 -07:00
Brian Smith
9e96e83c31 Ignore BoringSSL b86dcfe..7e26597. 2021-08-18 13:37:13 -07:00
Brian Smith
61515f3ffd No-op merge of BoringSSL ecc301c: Add a pointer alignment helper function. 
Don't make this change *ring* handles the pointer alignment in a different,
safer, way.
 2021-08-18 13:33:58 -07:00
Brian Smith
626a49ef03
Merge pull request #1360 from briansmith/b/merge-boringssl 
Merge BoringSSL through 268a4a6ff3bd656ae65fe41ef1185daa85cfae21.
 2021-08-18 13:05:39 -07:00
Brian Smith
4483f8ee55 build.rs: Don't package the intermediate files in the Cargo crate. 
Don't package the inputs of the preassembly; just package the outputs.

Clarify how `mk/package.sh` interacts with `.gitignore`.

Eliminate unnecessary conditional logic in preassembly process.
 2021-08-18 12:37:57 -07:00
Brian Smith
03ef33fc3b build.rs: Clarify include_dir and out_file function arguments. 
Consistently use `out_file` as the argument name. Place all input arguments ahead of
output arguments.
 2021-08-18 12:37:57 -07:00
Brian Smith
043c423a49 build.rs: Don't generate the C header for symbol prefixing during package. 
The assembly headers used for Windows targets need to be generated during packaging so
that the assembly can be preassembled for those targets, but the C header isn't used
during packaging.
 2021-08-18 12:37:57 -07:00
Brian Smith
c6f6be99f8 build.rs: Inline generate_prefix_symbols_nasm into its one caller. 
Since there is only one caller, it doesn't need to be a separate function.
 2021-08-18 12:37:57 -07:00
Brian Smith
74bf655d83 build.rs: Remove misleading comment. 
On non-{x86,x86_64} Windows targets we also assume the C compiler
assembles. Remove the now-misleading comment.
 2021-08-18 12:37:57 -07:00
Brian Smith
6e3305b39b Ignore BoringSSL fb4d257..268a4a6. 2021-08-18 12:35:12 -07:00
Brian Smith
5f7632276d Ignore BoringSSL 4848294..9052286. 2021-08-18 12:31:19 -07:00
Brian Smith
e8ddfc4783 Merge BoringSSL 7a3e801: fix #415: Perl scripts fail when building from a path with spaces. 2021-08-18 12:28:42 -07:00
Brian Smith
fd9be67dc2 Ignore BoringSSL d4c3f2a..a1d3bfb. 2021-08-18 12:21:22 -07:00
Brian Smith
e78bd84958 Merge BoringSSL 92c6fbf: Fix array-parameter warnings. 2021-08-18 12:18:02 -07:00
Brian Smith
e6cae2cee8 Ignore BoringSSL 94a63a5..47cefed. 2021-08-18 12:16:28 -07:00
Brian Smith
5b7320f33d Take BoringSSL fe049e4: Document expected use of BTI and PAC macros. 2021-08-18 12:08:21 -07:00
Brian Smith
f54c77d42d Ignore BoringSSL 853ca1e. 2021-08-18 12:08:03 -07:00
Brian Smith
bcccb2522c
Merge pull request #1358 from briansmith/b/merge-boringssl 
Merge BoringSSL d4f877e: Reference the newer ChaCha20-Poly1305 RFC.
 2021-08-17 20:30:39 -07:00
Brian Smith
1ab2d161fc Merge BoringSSL d4f877e: Reference the newer ChaCha20-Poly1305 RFC. 2021-08-17 18:59:16 -07:00
Brian Smith
32561b0b4f
Merge pull request #1357 from briansmith/b/unfix-nightly 
Revert "CI: Use nightly-2021-08-13 to work around regression in latest Rust nightly."
 2021-08-17 16:22:30 -07:00
Brian Smith
415672e028
Merge pull request #1356 from briansmith/b/merge-boringssl 
Merge BoringSSL through commit 1cf78cd
 2021-08-17 16:08:39 -07:00
Brian Smith
8e2b42d470 Revert "CI: Use nightly-2021-08-13 to work around regression in latest Rust nightly." 
This reverts commit c8ca693ff7e6c619e1f2dd8ea915c335836af3a8 so we'll use the latest
nightly in CI. The rustc bug was fixed.
 2021-08-17 15:27:11 -07:00
Brian Smith
44faff6129 Ignore BoringSSL 8c31179..1cf78cd. 2021-08-17 15:25:40 -07:00
Jeremy Soller
cc908a734b Add redox to LINUX_ABI 2021-08-16 12:54:43 -07:00
Jeremy Soller
dae1918124 Use /dev/urandom for SecureRandom on Redox 2021-08-16 12:54:43 -07:00
Brian Smith
ace62da913 Require cc-rs 1.0.69 or later to improve aarch64-pc-windows-msvc compatibility. 
Alexander Ovchinnikov (@Alovchin91) wrote:
> [C]ould you please also upgrade cc to 1.0.69? This version contains fixes to
> find MSVC tools on Windows ARM.
 2021-08-16 12:53:56 -07:00
Alexander Ovchinnikov
ceb5b90f6e Enable building and running on Windows ARM64 
I agree to license my contributions to each file under the terms given at the top of each file I changed.

Co-authored-by: Marc-André Moreau <marcandre.moreau@gmail.com>
 2021-08-16 12:28:42 -07:00
Brian Smith
fb108ef041 rand: Get rid of warning about kSecRandomDefault case. 
This isn't actually a global so I'm surprised this lint bothers with it.
 2021-08-16 09:04:22 -07:00