aboutsummaryrefslogtreecommitdiffstats
path: root/src/engine/openssl/openssl_pk.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-03-09 02:39:31 +0000
committerlloyd <[email protected]>2010-03-09 02:39:31 +0000
commit4a9afbb99bb73e43bcb3a30379d6a2dd59dae76a (patch)
tree4f7a362be278ed63828afeae56444afcbf0b2dac /src/engine/openssl/openssl_pk.cpp
parenta4df64935b788e541206547d5d85665c191e2f5f (diff)
Deconstify PK_Ops. It's quite reasonable that some op will want to
precompute only as needed, or will want to access some other expensive resource or etc. Change how the secret for generating blinding is done in cases where a PRNG isn't available. Use the operations public op to hide the secret, for instance the seed for a DH blinding variable is 2^x mod p. Make use of being able to mutate internal structures in the RW signer, since that does have access to a PRNG, so use it to initialize the blinder on first call to sign().
Diffstat (limited to 'src/engine/openssl/openssl_pk.cpp')
-rw-r--r--src/engine/openssl/openssl_pk.cpp20
1 files changed, 10 insertions, 10 deletions
diff --git a/src/engine/openssl/openssl_pk.cpp b/src/engine/openssl/openssl_pk.cpp
index ebc2bdd82..8b8e83ebe 100644
--- a/src/engine/openssl/openssl_pk.cpp
+++ b/src/engine/openssl/openssl_pk.cpp
@@ -43,7 +43,7 @@ class OSSL_DH_KA_Operation : public PK_Ops::Key_Agreement
OSSL_DH_KA_Operation(const DH_PrivateKey& dh) :
x(dh.get_x()), p(dh.group_p()) {}
- SecureVector<byte> agree(const byte w[], u32bit w_len) const
+ SecureVector<byte> agree(const byte w[], u32bit w_len)
{
OSSL_BN i(w, w_len), r;
BN_mod_exp(r.value, i.value, x.value, p.value, ctx.value);
@@ -73,7 +73,7 @@ class OSSL_DSA_Signature_Operation : public PK_Ops::Signature
u32bit max_input_bits() const { return q_bits; }
SecureVector<byte> sign(const byte msg[], u32bit msg_len,
- RandomNumberGenerator& rng) const;
+ RandomNumberGenerator& rng);
private:
const OSSL_BN x, p, q, g;
const OSSL_BN_CTX ctx;
@@ -82,7 +82,7 @@ class OSSL_DSA_Signature_Operation : public PK_Ops::Signature
SecureVector<byte>
OSSL_DSA_Signature_Operation::sign(const byte msg[], u32bit msg_len,
- RandomNumberGenerator& rng) const
+ RandomNumberGenerator& rng)
{
const u32bit q_bytes = (q_bits + 7) / 8;
@@ -133,7 +133,7 @@ class OSSL_DSA_Verification_Operation : public PK_Ops::Verification
bool with_recovery() const { return false; }
bool verify(const byte msg[], u32bit msg_len,
- const byte sig[], u32bit sig_len) const;
+ const byte sig[], u32bit sig_len);
private:
const OSSL_BN y, p, q, g;
const OSSL_BN_CTX ctx;
@@ -141,7 +141,7 @@ class OSSL_DSA_Verification_Operation : public PK_Ops::Verification
};
bool OSSL_DSA_Verification_Operation::verify(const byte msg[], u32bit msg_len,
- const byte sig[], u32bit sig_len) const
+ const byte sig[], u32bit sig_len)
{
const u32bit q_bytes = q.bytes();
@@ -199,14 +199,14 @@ class OSSL_RSA_Private_Operation : public PK_Ops::Signature,
u32bit max_input_bits() const { return (n_bits - 1); }
SecureVector<byte> sign(const byte msg[], u32bit msg_len,
- RandomNumberGenerator& rng) const
+ RandomNumberGenerator& rng)
{
BigInt m(msg, msg_len);
BigInt x = private_op(m);
return BigInt::encode_1363(x, (n_bits + 7) / 8);
}
- SecureVector<byte> decrypt(const byte msg[], u32bit msg_len) const
+ SecureVector<byte> decrypt(const byte msg[], u32bit msg_len)
{
BigInt m(msg, msg_len);
return BigInt::encode(private_op(m));
@@ -234,7 +234,7 @@ BigInt OSSL_RSA_Private_Operation::private_op(const BigInt& m) const
}
class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
- public PK_Ops::Encryption
+ public PK_Ops::Encryption
{
public:
OSSL_RSA_Public_Operation(const RSA_PublicKey& rsa) :
@@ -245,13 +245,13 @@ class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
bool with_recovery() const { return true; }
SecureVector<byte> encrypt(const byte msg[], u32bit msg_len,
- RandomNumberGenerator&) const
+ RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
return BigInt::encode_1363(public_op(m), n.bytes());
}
- SecureVector<byte> verify_mr(const byte msg[], u32bit msg_len) const
+ SecureVector<byte> verify_mr(const byte msg[], u32bit msg_len)
{
BigInt m(msg, msg_len);
return BigInt::encode(public_op(m));