delta/go-git.git/src/crypto/ecdsa, branch dev.debug github.com: golang/go crypto/ecdsa: correct code comment. 2016-10-02T19:38:37+00:00 Adam Langley agl@golang.org 2016-09-30T21:48:11+00:00 998419575fb34dd5228cfdb353a73184e29db8da The code comment mixed up max and min. In this case, min is correct because this entropy is only used to make the signature scheme probabilistic. (I.e. if it were fixed then the scheme would still be secure except that key.Sign(foo) would always give the same result for a fixed key and foo.) For this purpose, 256-bits is plenty. Fixes #16819. Change-Id: I309bb312b775cf0c4b7463c980ba4b19ad412c36 Reviewed-on: https://go-review.googlesource.com/30153 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 
The code comment mixed up max and min. In this case, min is correct
because this entropy is only used to make the signature scheme
probabilistic. (I.e. if it were fixed then the scheme would still be
secure except that key.Sign(foo) would always give the same result for a
fixed key and foo.)

For this purpose, 256-bits is plenty.

Fixes #16819.

Change-Id: I309bb312b775cf0c4b7463c980ba4b19ad412c36
Reviewed-on: https://go-review.googlesource.com/30153
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
math/big: add assembly implementation of arith for ppc64{le} 2016-08-29T21:03:21+00:00 Ethan Miller eamiller@us.ibm.com 2016-08-12T18:45:50+00:00 4955147291812fd78049d47ef985095e6442264a The existing implementation used a pure go implementation, leading to slow cryptographic performance. Implemented mulWW, subVV, mulAddVWW, addMulVVW, and bitLen for ppc64{le}. Implemented divWW for ppc64le only, as the DIVDEU instruction is only available on Power8 or newer. benchcmp output: benchmark old ns/op new ns/op delta BenchmarkSignP384 28934360 10877330 -62.41% BenchmarkRSA2048Decrypt 41261033 5139930 -87.54% BenchmarkRSA2048Sign 45231300 7610985 -83.17% Benchmark3PrimeRSA2048Decrypt 20487300 2481408 -87.89% Fixes #16621 Change-Id: If8b68963bb49909bde832f2bda08a3791c4f5b7a Reviewed-on: https://go-review.googlesource.com/26951 Run-TryBot: Michael Munday <munday@ca.ibm.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Michael Munday <munday@ca.ibm.com> 
The existing implementation used a pure go implementation, leading to slow
cryptographic performance.

Implemented mulWW, subVV, mulAddVWW, addMulVVW, and bitLen for
ppc64{le}.
Implemented divWW for ppc64le only, as the DIVDEU instruction is only
available on Power8 or newer.

benchcmp output:

benchmark                         old ns/op     new ns/op     delta
BenchmarkSignP384                 28934360      10877330      -62.41%
BenchmarkRSA2048Decrypt           41261033      5139930       -87.54%
BenchmarkRSA2048Sign              45231300      7610985       -83.17%
Benchmark3PrimeRSA2048Decrypt     20487300      2481408       -87.89%

Fixes #16621

Change-Id: If8b68963bb49909bde832f2bda08a3791c4f5b7a
Reviewed-on: https://go-review.googlesource.com/26951
Run-TryBot: Michael Munday <munday@ca.ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Michael Munday <munday@ca.ibm.com>
crypto/ecdsa: Update documentation for Sign 2016-06-29T18:44:36+00:00 Nick Harper nharper@google.com 2016-06-29T18:18:01+00:00 cc6f5f6ce1daca51f475764a3e4fa9420cafcefa Change-Id: I2b7a81cb809d109f10d5f0db957c614f466d6bfd Reviewed-on: https://go-review.googlesource.com/24582 Reviewed-by: Adam Langley <agl@golang.org> 
Change-Id: I2b7a81cb809d109f10d5f0db957c614f466d6bfd
Reviewed-on: https://go-review.googlesource.com/24582
Reviewed-by: Adam Langley <agl@golang.org>
crypto/ecdsa: reject negative inputs. 2016-05-18T14:18:48+00:00 Adam Langley agl@golang.org 2016-04-14T20:52:56+00:00 b30fcbc9f59ca4bf1723eb6743b47fa89b3847a3 The fact that crypto/ecdsa.Verify didn't reject negative inputs was a mistake on my part: I had unsigned numbers on the brain. However, it doesn't generally cause problems. (ModInverse results in zero, which results in x being zero, which is rejected.) The amd64 P-256 code will crash when given a large, negative input. This fixes both crypto/ecdsa to reject these values and also the P-256 code to ignore the sign of inputs. Change-Id: I6370ed7ca8125e53225866f55b616a4022b818f8 Reviewed-on: https://go-review.googlesource.com/22093 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 
The fact that crypto/ecdsa.Verify didn't reject negative inputs was a
mistake on my part: I had unsigned numbers on the brain. However, it
doesn't generally cause problems. (ModInverse results in zero, which
results in x being zero, which is rejected.)

The amd64 P-256 code will crash when given a large, negative input.

This fixes both crypto/ecdsa to reject these values and also the P-256
code to ignore the sign of inputs.

Change-Id: I6370ed7ca8125e53225866f55b616a4022b818f8
Reviewed-on: https://go-review.googlesource.com/22093
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
crypto/rsa, crypto/ecdsa: fail earlier on zero parameters 2016-04-05T21:03:20+00:00 Brad Fitzpatrick bradfitz@golang.org 2016-04-05T20:40:40+00:00 d7c699d9935ce2f99419faf81909b36409171705 Change-Id: Ia6ed49d5ef3a256a55e6d4eaa1b4d9f0fc447013 Reviewed-on: https://go-review.googlesource.com/21560 Reviewed-by: Robert Griesemer <gri@golang.org> 
Change-Id: Ia6ed49d5ef3a256a55e6d4eaa1b4d9f0fc447013
Reviewed-on: https://go-review.googlesource.com/21560
Reviewed-by: Robert Griesemer <gri@golang.org>
all: remove public named return values when useless 2016-02-29T03:31:19+00:00 Brad Fitzpatrick bradfitz@golang.org 2016-02-28T23:52:49+00:00 351c15f1cee364a91ef606ef9114d55247a6a0c2 Named returned values should only be used on public funcs and methods when it contributes to the documentation. Named return values should not be used if they're only saving the programmer a few lines of code inside the body of the function, especially if that means there's stutter in the documentation or it was only there so the programmer could use a naked return statement. (Naked returns should not be used except in very small functions) This change is a manual audit & cleanup of public func signatures. Signatures were not changed if: * the func was private (wouldn't be in public godoc) * the documentation referenced it * the named return value was an interesting name. (i.e. it wasn't simply stutter, repeating the name of the type) There should be no changes in behavior. (At least: none intended) Change-Id: I3472ef49619678fe786e5e0994bdf2d9de76d109 Reviewed-on: https://go-review.googlesource.com/20024 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> 
Named returned values should only be used on public funcs and methods
when it contributes to the documentation.

Named return values should not be used if they're only saving the
programmer a few lines of code inside the body of the function,
especially if that means there's stutter in the documentation or it
was only there so the programmer could use a naked return
statement. (Naked returns should not be used except in very small
functions)

This change is a manual audit & cleanup of public func signatures.

Signatures were not changed if:

* the func was private (wouldn't be in public godoc)
* the documentation referenced it
* the named return value was an interesting name. (i.e. it wasn't
  simply stutter, repeating the name of the type)

There should be no changes in behavior. (At least: none intended)

Change-Id: I3472ef49619678fe786e5e0994bdf2d9de76d109
Reviewed-on: https://go-review.googlesource.com/20024
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
all: fix typos and spelling 2016-02-24T18:42:29+00:00 Martin Möhrmann martisch@uos.de 2016-02-24T10:55:20+00:00 fdd0179bb1fdd70d405929b78c7d2fb6b61369b0 Change-Id: Icd06d99c42b8299fd931c7da821e1f418684d913 Reviewed-on: https://go-review.googlesource.com/19829 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
Change-Id: Icd06d99c42b8299fd931c7da821e1f418684d913
Reviewed-on: https://go-review.googlesource.com/19829
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
crypto/elliptic,crypto/ecdsa: P256 amd64 assembly 2015-11-10T22:16:56+00:00 Vlad Krasnov vlad@cloudflare.com 2015-04-17T13:10:35+00:00 7bacfc640fba4fb2e50bbcc16a4c15fe4bf5b870 This is based on the implementation used in OpenSSL, from a submission by Shay Gueron and myself. Besides using assembly, this implementation employs several optimizations described in: S.Gueron and V.Krasnov, "Fast prime field elliptic-curve cryptography with 256-bit primes" In addition a new and improved modular inverse modulo N is implemented here. The performance measured on a Haswell based Macbook Pro shows 21X speedup for the sign and 9X for the verify operations. The operation BaseMult is 30X faster (and the Diffie-Hellman/ECDSA key generation that use it are sped up as well). The adaptation to Go with the help of Filippo Valsorda Updated the submission for faster verify/ecdh, fixed some asm syntax and API problems and added benchmarks. Change-Id: I86a33636747d5c92f15e0c8344caa2e7e07e0028 Reviewed-on: https://go-review.googlesource.com/8968 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> 
This is based on the implementation used in OpenSSL, from a
submission by Shay Gueron and myself. Besides using assembly,
this implementation employs several optimizations described in:

    S.Gueron and V.Krasnov, "Fast prime field elliptic-curve
                             cryptography with 256-bit primes"

In addition a new and improved modular inverse modulo N is
implemented here.

The performance measured on a Haswell based Macbook Pro shows 21X
speedup for the sign and 9X for the verify operations.
The operation BaseMult is 30X faster (and the Diffie-Hellman/ECDSA
key generation that use it are sped up as well).

The adaptation to Go with the help of Filippo Valsorda

Updated the submission for faster verify/ecdh, fixed some asm syntax
and API problems and added benchmarks.

Change-Id: I86a33636747d5c92f15e0c8344caa2e7e07e0028
Reviewed-on: https://go-review.googlesource.com/8968
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
all: fix some vet-caught formatting errors, mostly but not only in tests 2015-08-21T05:37:36+00:00 Rob Pike r@golang.org 2015-08-11T05:29:40+00:00 f62b749ae2b323653085f78f896f660ee461bb41 Could go in 1.5, although not critical. See also #12107 Change-Id: I7f1608b58581d21df4db58f0db654fef79e33a90 Reviewed-on: https://go-review.googlesource.com/13481 Reviewed-by: Dave Cheney <dave@cheney.net> 
Could go in 1.5, although not critical.
See also #12107

Change-Id: I7f1608b58581d21df4db58f0db654fef79e33a90
Reviewed-on: https://go-review.googlesource.com/13481
Reviewed-by: Dave Cheney <dave@cheney.net>
crypto/ecdsa, crypto/x509: update SEC1 ECC link in comments 2015-06-26T16:08:22+00:00 Dmitry Savintsev dsavints@gmail.com 2015-06-26T10:09:45+00:00 c248aaef7049c9c90af787d7fa91de378fa7e202 Updated the document URL in comments to avoid dead link Old: http://www.secg.org/download/aid-780/sec1-v2.pdf New: http://www.secg.org/sec1-v2.pdf Change-Id: If13d0da4c0e7831b2bd92c45116c2412a2a965f5 Reviewed-on: https://go-review.googlesource.com/11550 Reviewed-by: Russ Cox <rsc@golang.org> 
Updated the document URL in comments to avoid dead link
Old: http://www.secg.org/download/aid-780/sec1-v2.pdf
New: http://www.secg.org/sec1-v2.pdf

Change-Id: If13d0da4c0e7831b2bd92c45116c2412a2a965f5
Reviewed-on: https://go-review.googlesource.com/11550
Reviewed-by: Russ Cox <rsc@golang.org>