Rust 1.11.0 is required since some tests are using the form of
`assert!` that takes a custom error message, which is new in Rust
1.11.0.
Also fix includes in Cargo.toml. Also remove pregenerated/*, which
don't need to be in version control, but which can't be in .gitignore
(if they are, then `cargo package` and `cargo publish` don't work).
The X25519 code was assuming the ring::agreement code was doing it. The
ring::agreement code assumed the X25519 code was doing it.
Without this, if the peer's public key is too short, there would be an
out-of-bounds read.
It was already only used in tests, so only compile it in tests,
and remove now-unused modes.
I agree to license my contributions to each file under the terms
given at the top of each file I changed.
The random key generation code is adapted from that used for EC,
but temporarily duplicated, with the following changes:
- A Range struct wrapping Limb slices used as ranges
- Instead of converting bytes to limbs, generate random bytes directly
into the Limb slice, temporarily casting it to u8
- Add support for ranges with zero bits in the most significant limb
by masking those bits in the generated random bytes
Also remove the `min_inclusive` parameter from BN_rand_range_ex,
since in practice it is always 1.
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
Since |BN_MONT_CTX_set| is not protected against side channels,
encourage callers to call it explicitly, once, and reuse the
|BN_MONT_CTX|, instead of relying on |BN_mod_exp_mont_consttime|
to recreate it each time. All the existing callers already passed a
non-NULL |BN_MONT_CTX_set|, so this is just deleting dead (test-only)
code.
Cargo/rustc wasn't resolving "pregenerated" to an absolute path, so
while the previous scheme for finding the pregenerated libraries worked
for "sh mk/package.sh", it didn't work when building other libraries,
when the current working directory isn't the *ring* source directory.
Things currently work accidentally because MSBuild is generating the
intermediate directory before the GenerateAsm target. Create the
directory explicitly to avoid relying on this kind of happy accident.
