Implement RFC 6979 determinstic signatures for DSA and ECDSA.

Drop the GNU MP engine. Its implementations were potentially faster in some scenarios but not well protected against side channels.
author: lloyd <[email protected]> 2014-12-10 04:08:39 +0000
committer: lloyd <[email protected]> 2014-12-10 04:08:39 +0000
commit: 63215db88ae3bbb982966de37fe112c44f616a1d (patch)
tree: 7c73da7eaf981de4bfbeb15e137320940dcbcfd5 /src/lib/engine/openssl
parent: 10cfa8fd826e072a5cd76bf52f4ae80d34eba507 (diff)
2 files changed, 6 insertions, 5 deletions
diff --git a/src/lib/engine/openssl/openssl_engine.h b/src/lib/engine/openssl/openssl_engine.h
index 90f315c00..5c0d1511d 100644
--- a/src/lib/engine/openssl/openssl_engine.h
+++ b/src/lib/engine/openssl/openssl_engine.h
@@ -23,10 +23,11 @@ class OpenSSL_Engine : public Engine
       PK_Ops::Key_Agreement*
          get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
 
-      PK_Ops::Signature*
-         get_signature_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
+      PK_Ops::Signature* get_signature_op(const Private_Key& key, const std::string& emsa,
+                                          RandomNumberGenerator& rng) const override;
 
-      PK_Ops::Verification* get_verify_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
+      PK_Ops::Verification* get_verify_op(const Public_Key& key, const std::string& emsa,
+                                          RandomNumberGenerator& rng) const override;
 
       PK_Ops::Encryption* get_encryption_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
 
diff --git a/src/lib/engine/openssl/ossl_pk.cpp b/src/lib/engine/openssl/ossl_pk.cpp
index cbe03d7b3..b489ad454 100644
--- a/src/lib/engine/openssl/ossl_pk.cpp
+++ b/src/lib/engine/openssl/ossl_pk.cpp
@@ -282,7 +282,7 @@ OpenSSL_Engine::get_key_agreement_op(const Private_Key& key, RandomNumberGenerat
    }
 
 PK_Ops::Signature*
-OpenSSL_Engine::get_signature_op(const Private_Key& key, RandomNumberGenerator&) const
+OpenSSL_Engine::get_signature_op(const Private_Key& key, const std::string&, RandomNumberGenerator&) const
    {
 #if defined(BOTAN_HAS_RSA)
    if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
@@ -298,7 +298,7 @@ OpenSSL_Engine::get_signature_op(const Private_Key& key, RandomNumberGenerator&)
    }
 
 PK_Ops::Verification*
-OpenSSL_Engine::get_verify_op(const Public_Key& key, RandomNumberGenerator&) const
+OpenSSL_Engine::get_verify_op(const Public_Key& key, const std::string&, RandomNumberGenerator&) const
    {
 #if defined(BOTAN_HAS_RSA)
    if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
author	lloyd <[email protected]>	2014-12-10 04:08:39 +0000
committer	lloyd <[email protected]>	2014-12-10 04:08:39 +0000
commit	63215db88ae3bbb982966de37fe112c44f616a1d (patch)
tree	7c73da7eaf981de4bfbeb15e137320940dcbcfd5 /src/lib/engine/openssl
parent	10cfa8fd826e072a5cd76bf52f4ae80d34eba507 (diff)