Update edwards25519 code from BoringSSL

Bring the SPAKE edwards25519.c code up to date with BoringSSL, adding edwards25519_fiat.h to contain the Fiat-generated code which BoringSSL has split out. The relevant BoringSSL commits are: 302bb3964ad8cc4fb8540ee4783a936c5515605d 5590c715e26790d9b60384e1ac092529a19208af 32e59d2d3264e4e104b355ef73663b8b79ac4093 899835fad40f50f4c29bf7042b415eb72ad0e7d7 9847cdd785abae6313412fc5a824b938bef6ba98 The updated code avoids undefined signed left-shift behavior (not a problem in practice, so far) and compiles to faster code with gcc on platforms where the 64-bit code cannot be used.
krb5 · Jul 11, 2019 · 881b531 · 881b531
1 parent 27521a6
commit 881b531
Show file tree

Hide file tree

Showing 3 changed files with 1,470 additions and 1,073 deletions.
diff --git a/src/plugins/preauth/spake/deps b/src/plugins/preauth/spake/deps
@@ -45,7 +45,8 @@ edwards25519.so edwards25519.po $(OUTPRE)edwards25519.$(OBJEXT): \
   $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  edwards25519.c edwards25519_tables.h groups.h iana.h
+  edwards25519.c edwards25519_fiat.h edwards25519_tables.h \
+  groups.h iana.h
 spake_client.so spake_client.po $(OUTPRE)spake_client.$(OBJEXT): \
   $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
   $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \