diff options
| author | lloyd <[email protected]> | 2010-03-04 22:09:07 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-03-04 22:09:07 +0000 |
| commit | 664e00a6d51cf7d6f3fefbbb3500a113d21288ab (patch) | |
| tree | 32db25ebf468a2c75ec4578d83f8c41e0197bfaf /checks/pk_bench.cpp | |
| parent | f5cfe2857acb30ece3f01fbc98a83e8b82e4907a (diff) | |
This checkin represents a pretty major change in how PK operations are
performed. Up until now, each key object (eg DSA_PublicKey or
ECDH_PrivateKey) had two jobs: contain the key material, and know how
to perform any operations on that key. However because of a desire to
support alternative implementations (GNU MP, hardware, whatever),
there was a notion of operations, with the key objects containing an
op that they got via engine rather than actually implementing the
underlying algorithms directly.
Now, represent the operation as an abstract interface (typically
mapping a byte string to a byte string), and pass a plain Public_Key&
or Private_Key& to the engine. The engine does any checks it wants (eg
based on name, typeid, key sizes, etc), and either returns nothing
(I'll pass) or a pointer to a new operation that represents signatures
or encryption or what-have-you using that key.
This means that plain key objects no longer contain operations. This
is a major break with the traditional interface. On the other hand,
using these 'bare' operations without padding, KDFs, etc is 99% of the
time a bad idea anyway (and if you really need them, there are options
so you get the bare op but via the pubkey.h interfaces).
Currently this change is only implemented for DH and ECDH (ie, key
agreement algorithms). Additionally the optional engines (gnump and
openssl) have not been updated. I'll probably wait to touch those
until after I can change them all in one go for all algos.
Diffstat (limited to 'checks/pk_bench.cpp')
| -rw-r--r-- | checks/pk_bench.cpp | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp index 395ddc3ce..56df89eb3 100644 --- a/checks/pk_bench.cpp +++ b/checks/pk_bench.cpp @@ -435,10 +435,10 @@ void benchmark_ecdh(RandomNumberGenerator& rng, ECDH_PrivateKey ecdh2(rng, params); keygen_timer.stop(); - ECDH_PublicKey pub1(ecdh1); - ECDH_PublicKey pub2(ecdh2); + std::auto_ptr<PK_Key_Agreement> ka1(get_pk_kas(ecdh1, "KDF2(SHA-1)")); + std::auto_ptr<PK_Key_Agreement> ka2(get_pk_kas(ecdh2, "KDF2(SHA-1)")); - SecureVector<byte> secret1, secret2; + SymmetricKey secret1, secret2; for(u32bit i = 0; i != 1000; ++i) { @@ -446,15 +446,15 @@ void benchmark_ecdh(RandomNumberGenerator& rng, break; kex_timer.start(); - secret1 = ecdh1.derive_key(pub2); + secret1 = ka1->derive_key(32, ecdh2.public_value()); kex_timer.stop(); kex_timer.start(); - secret2 = ecdh2.derive_key(pub1); + secret2 = ka2->derive_key(32, ecdh1.public_value()); kex_timer.stop(); if(secret1 != secret2) - std::cerr << "ECDH secrets did not match, bug in the library!?!\n"; + std::cerr << "ECDH secrets did not match\n"; } } @@ -567,7 +567,7 @@ void benchmark_dh(RandomNumberGenerator& rng, kex_timer.stop(); if(secret1 != secret2) - std::cerr << "DH secrets did not match, bug in the library!?!\n"; + std::cerr << "DH secrets did not match\n"; } } |