60f8380 - platform/external/conscrypt

commit: 60f83802801e224b51afac6c27c19e7c3d65ddc3
[log] [tgz]
author: Alex Klyubin <klyubin@google.com>
Mon Feb 03 15:21:56 2014 -0800
committer: Alex Klyubin <klyubin@google.com>
Fri Feb 21 15:08:51 2014 -0800
tree: a27bb29e95d8569f6b9da58df9b0e8069f192972
parent: 7c2b4ae9455185974ffe5ec1804c8980fe429635 [diff]

Harden (EC)DSA signatures against weak nonces.

Private key information is leaked by (EC)DSA signatures when nonces
are produced by a weak RNG. This CL enables a mitigation provided by
OpenSSL: mix in private key and message being signed into randomly
generated nonce. Provided private key was generated by strong RNG,
this should mitigate the weakness.

NOTE: This mitigation is not implemented for signatures which use
hardware-backed private keys (AndroidKeyStore).

Change-Id: I60dbf57bff3cfcdcbbeb18be5d9dfba523cc6bb8

src/main/java/org/conscrypt/NativeCrypto.java[diff]
src/main/java/org/conscrypt/OpenSSLSignature.java[diff]
src/main/native/org_conscrypt_NativeCrypto.cpp[diff]
src/test/java/org/conscrypt/NativeCryptoTest.java[diff]

4 files changed

tree: a27bb29e95d8569f6b9da58df9b0e8069f192972

src/
Android.mk
jarjar-rules.txt