aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/math
Commit message (Expand)AuthorAgeFilesLines
* Fix some warnings from PVS-StudioJack Lloyd2019-01-171-2/+5
* Fix use of macroJack Lloyd2018-12-311-1/+1
* Simplifications in BigIntJack Lloyd2018-12-291-7/+1
* Make bigint_sub_abs const timeJack Lloyd2018-12-271-6/+3
* Fix Barrett reduction input boundJack Lloyd2018-12-262-5/+5
* Avoid size-based bypass of the comparison in Barrett reduction.Jack Lloyd2018-12-241-1/+1
* Avoid conditional branch in Barrett for negative inputsJack Lloyd2018-12-241-4/+27
* In NIST P-xxx reductions unpoison S before using itJack Lloyd2018-12-241-8/+10
* Unpoison result of high_bits_freeJack Lloyd2018-12-241-0/+1
* Make ctz and high_bit faster and const-time-ishJack Lloyd2018-12-221-5/+0
* Use consistent logic for OAEP and PKCS1v15 decodingJack Lloyd2018-12-212-6/+3
* Unroll const_time_lookup by 2Jack Lloyd2018-12-141-6/+10
* Merge GH #1780 Use constant time algorithm for monty_inverseJack Lloyd2018-12-092-39/+23
|\
| * Use a const time algorithm for monty_inverseJack Lloyd2018-12-092-39/+23
* | Fix typoJack Lloyd2018-12-091-1/+1
* | Avoid doing a variable time division during Montgomery setupJack Lloyd2018-12-093-4/+9
|/
* Move Miller-Rabin t param inside the blockJack Lloyd2018-12-091-2/+2
* Avoid repeated size checks when setting words in NIST reductionJack Lloyd2018-12-081-25/+33
* Merge GH #1774 Const time BigInt shiftsJack Lloyd2018-12-086-98/+83
|\
| * Avoid early exitJack Lloyd2018-12-071-4/+3
| * Fix bug and avoid allocations in left shiftJack Lloyd2018-12-075-22/+36
| * Const time the behavior of shifts [WIP]Jack Lloyd2018-12-063-87/+59
* | In calc_sig_words save the size of m_reg before the loopJack Lloyd2018-12-081-3/+4
* | Merge GH #1773 Add BigInt::ct_reduce_belowJack Lloyd2018-12-073-3/+39
|\ \ | |/ |/|
| * Add BigInt::ct_reduce_belowJack Lloyd2018-12-063-3/+39
* | Better logic in BigInt::bits wrt valgrind const time checksJack Lloyd2018-12-061-2/+3
|/
* Do swaps in PointGFp instead of copiesJack Lloyd2018-12-051-1/+1
* Avoid needless is_zero check in set_signJack Lloyd2018-12-051-4/+4
* Fix Doxygen errors [ci skip]Jack Lloyd2018-12-051-1/+0
* Make BigInt::cond_flip_sign constant timeJack Lloyd2018-12-051-3/+9
* Use BigInt::cond_flip_signJack Lloyd2018-12-053-7/+4
* Don't leak if x is zero eitherJack Lloyd2018-12-051-39/+37
* Remove some conditional branches from divisionJack Lloyd2018-12-053-22/+27
* Reduce the base in the fixed window exponentiatorJack Lloyd2018-12-041-1/+1
* Make binary extended Euclidean algorithm less branchyJack Lloyd2018-12-033-12/+62
* Extend ct_modulo to handle negative inputsJack Lloyd2018-12-031-8/+17
* Use const time reductions in Barrett and LCM computationsJack Lloyd2018-12-033-4/+23
* Fix shift operatorJack Lloyd2018-12-031-1/+1
* Add ct_modulo and BigInt::ct_cond_swapJack Lloyd2018-12-034-7/+62
* Merge GH #1759 Add constant time divide by uint8_tJack Lloyd2018-12-033-7/+59
|\
| * Add a constant time divide variant for dividing by uint8_tJack Lloyd2018-12-023-7/+59
* | Make variable time division less branchyJack Lloyd2018-12-021-53/+46
|/
* Add a const-time division algorithmJack Lloyd2018-12-024-8/+69
* Fix a bug in bigint_sub_absJack Lloyd2018-12-021-0/+7
* One variable per lineJack Lloyd2018-12-021-1/+2
* Correct a bug in BigInt::operator%(word)Jack Lloyd2018-12-012-21/+26
* Unroll mod_sub for 6 words also, helps P-384 quite a bitJack Lloyd2018-12-011-0/+2
* Avoid conditional operations in P-521 reductionJack Lloyd2018-12-011-30/+31
* Add BigInt::mod_mulJack Lloyd2018-12-016-29/+94
* Simplify BigInt addition and subtractionJack Lloyd2018-11-305-187/+151