blob: afd06f2900f73f7a5aed87005f81a1e8d4deef56 (
plain)
1
2
3
4
5
6
7
8
9
10
|
Here is an incomplete list of defects in cryptographic implementations. We
should make sure our verification rules out the possibility of similar mistakes
appearing in our code.
| Reference | Specification | Implementation | Defect |
| ------------------------------------------------------------------- | --------------------------- | --------------------------- | ------------- |
| [openssl#3607](https://rt.openssl.org/Ticket/Display.html?id=3607) | P256 field element squaring | 64-bit Montgomery form, asm | limb overflow |
| [go#13515](https://github.com/golang/go/issues/13515) | Modular exponentiation | uintptr-sized Montgomery form, Go | carry handling |
| | | | |
| | | | |
|
