Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Rename PK_Encryptor_MR_with_EME and PK_Decryptor_MR_with_EME to | lloyd | 2010-03-08 | 10 | -55/+57 |
| | | | | | PK_Encryptor_EME and PK_Decryptor_EME; the message recovery is somewhat implicit in the recovery of the plaintext. | ||||
* | Modify pubkey classes to take names instead of object pointers. | lloyd | 2010-03-08 | 33 | -329/+313 |
| | | | | | Remove use of look_pk from the source and examples, instead instantiate classes directly. | ||||
* | Have the constructors in pubkey.h take all arguments look_pk does, and | lloyd | 2010-03-08 | 3 | -39/+51 |
| | | | | convert look_pk to simple forwarders. | ||||
* | Update DH example for PK changes | lloyd | 2010-03-08 | 1 | -14/+29 |
| | |||||
* | Remove the now no-op classes PK_Encrypting_Key, | lloyd | 2010-03-08 | 19 | -148/+38 |
| | | | | | PK_Decrypting_Key, PK_Signing_Key, PK_Verifying_with_MR_Key, and PK_Verifying_wo_MR_Key. | ||||
* | On GMP 5.0 and later, use mpz_powm_sec, which is a version of modular | lloyd | 2010-03-05 | 1 | -0/+6 |
| | | | | exponentiation that has countermeasures against side-channel attacks. | ||||
* | Update OpenSSL engine for new interface. Similiar to GMP engine, drop | lloyd | 2010-03-05 | 9 | -503/+356 |
| | | | | support for ElGamal and NR, leaving only RSA, DSA, and DH support. | ||||
* | Add GMP PK file | lloyd | 2010-03-05 | 1 | -0/+344 |
| | |||||
* | Clarify that Ajisai is only SSLv3 + TLS 1.0 currently | lloyd | 2010-03-05 | 1 | -1/+1 |
| | |||||
* | Remove unused variable | lloyd | 2010-03-05 | 1 | -1/+0 |
| | |||||
* | Update GMP engine with new PK operations interface. | lloyd | 2010-03-05 | 8 | -481/+11 |
| | | | | | Drop support for ElGamal and NR from GMP engine, leaving just DH, DSA, and RSA | ||||
* | Set domain_encoding enum in all EC key constructors | lloyd | 2010-03-05 | 1 | -10/+15 |
| | |||||
* | Inline Engine_Core::mod_exp into singler caller, and delete | lloyd | 2010-03-05 | 4 | -74/+19 |
| | |||||
* | Remove IF_Core | lloyd | 2010-03-05 | 16 | -366/+7 |
| | |||||
* | Add RSA encrypt/decrypt ops | lloyd | 2010-03-05 | 3 | -27/+66 |
| | |||||
* | Add ops for ElGamal encryption and decryption. | lloyd | 2010-03-05 | 15 | -399/+208 |
| | | | | | Note: blinding is not currently being used for RSA, RW, DH or ElGamal, which used to have them. This should be added back before release. | ||||
* | Constify sign and verify ops | lloyd | 2010-03-05 | 13 | -41/+50 |
| | |||||
* | Remove sign and verify ops from key types | lloyd | 2010-03-05 | 6 | -109/+0 |
| | |||||
* | Remove ECDSA_PublicKey::verify | lloyd | 2010-03-05 | 2 | -40/+0 |
| | |||||
* | Rename PK_Ops::Signature_Operation to PK_Ops::Signature | lloyd | 2010-03-05 | 13 | -20/+20 |
| | | | | Rename PK_Ops::KA_Operation to PK_Ops::Key_Agreement | ||||
* | Remove NR and DSA specific hooks | lloyd | 2010-03-05 | 18 | -626/+5 |
| | |||||
* | Add verification ops for all signature key types | lloyd | 2010-03-05 | 19 | -146/+409 |
| | |||||
* | Make the modulus visible in Modular_Reducer | lloyd | 2010-03-05 | 1 | -0/+2 |
| | |||||
* | Inline look_pk funcs | lloyd | 2010-03-05 | 3 | -102/+49 |
| | |||||
* | Remove the sign() operation from the public key objects, totally replaced | lloyd | 2010-03-05 | 17 | -358/+153 |
| | | | | | | by using the ops. Add real ECDSA test vectors (two found in ANSI X9.62) | ||||
* | Force high bit in random_prime as well (done by randomize currently, but ↵ | lloyd | 2010-03-05 | 1 | -0/+3 |
| | | | | might not be later) | ||||
* | Clarify exception text on get_affine when point is zero | lloyd | 2010-03-05 | 1 | -2/+2 |
| | |||||
* | Add -Werror to gcc maintainer flags | lloyd | 2010-03-05 | 1 | -1/+1 |
| | |||||
* | Add signature generation operation classes. Remove sign() from | lloyd | 2010-03-05 | 20 | -72/+474 |
| | | | | | | PK_Signing_Key, though for the moment the class remains because there are a few pieces of code that use it to detect if signatures are supported, or for passing to functions in look_pk | ||||
* | The operation can assume the key will continue to exist as long as it does, | lloyd | 2010-03-04 | 2 | -7/+6 |
| | | | | so keep the curve and cofactor in ECDH op by reference instead of value. | ||||
* | Remove some unnecessary usages of PK_Signing_Key | lloyd | 2010-03-04 | 3 | -54/+30 |
| | |||||
* | Nix PK_Signing_Key use from tutorial | lloyd | 2010-03-04 | 1 | -3/+1 |
| | |||||
* | Client_Key_Exchange needs modification for DH changes | lloyd | 2010-03-04 | 1 | -14/+14 |
| | |||||
* | This checkin represents a pretty major change in how PK operations are | lloyd | 2010-03-04 | 24 | -420/+265 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | performed. Up until now, each key object (eg DSA_PublicKey or ECDH_PrivateKey) had two jobs: contain the key material, and know how to perform any operations on that key. However because of a desire to support alternative implementations (GNU MP, hardware, whatever), there was a notion of operations, with the key objects containing an op that they got via engine rather than actually implementing the underlying algorithms directly. Now, represent the operation as an abstract interface (typically mapping a byte string to a byte string), and pass a plain Public_Key& or Private_Key& to the engine. The engine does any checks it wants (eg based on name, typeid, key sizes, etc), and either returns nothing (I'll pass) or a pointer to a new operation that represents signatures or encryption or what-have-you using that key. This means that plain key objects no longer contain operations. This is a major break with the traditional interface. On the other hand, using these 'bare' operations without padding, KDFs, etc is 99% of the time a bad idea anyway (and if you really need them, there are options so you get the bare op but via the pubkey.h interfaces). Currently this change is only implemented for DH and ECDH (ie, key agreement algorithms). Additionally the optional engines (gnump and openssl) have not been updated. I'll probably wait to touch those until after I can change them all in one go for all algos. | ||||
* | Use KDF2/PK_Key_Agreement in DH benchmark | lloyd | 2010-03-04 | 1 | -5/+5 |
| | |||||
* | Clean up PK_Key_Agreement slightly | lloyd | 2010-03-04 | 2 | -21/+32 |
| | |||||
* | Fix typos | lloyd | 2010-03-04 | 1 | -2/+2 |
| | |||||
* | Inline simple DSA funcs | lloyd | 2010-03-04 | 2 | -21/+6 |
| | |||||
* | Remove ElGamal load hook functions | lloyd | 2010-03-04 | 2 | -47/+23 |
| | |||||
* | Remove NR load hooks | lloyd | 2010-03-04 | 2 | -58/+34 |
| | |||||
* | Remove no-op DH_Public_Key::X509_load_hook | lloyd | 2010-03-04 | 2 | -12/+1 |
| | |||||
* | Remove DSA load hooks functions | lloyd | 2010-03-04 | 2 | -32/+17 |
| | |||||
* | Cleanups | lloyd | 2010-03-04 | 1 | -5/+4 |
| | |||||
* | Remove IF_Scheme_PrivateKey::PKCS8_load_hook | lloyd | 2010-03-04 | 6 | -35/+30 |
| | |||||
* | New IF constructors, simplifies RSA/RW | lloyd | 2010-03-04 | 6 | -72/+67 |
| | |||||
* | Remove DH_PrivateKey::PKCS8_load_hook | lloyd | 2010-03-04 | 2 | -15/+23 |
| | |||||
* | More keygen tests | lloyd | 2010-03-04 | 1 | -0/+8 |
| | |||||
* | Remove unnecessary virtual destructors from ECC key base types | lloyd | 2010-03-04 | 1 | -4/+0 |
| | | | | (already have them, via Public_Key's virtual destructor) | ||||
* | Add back the Integrity_Failure exception. For one, removing it causes | lloyd | 2010-03-04 | 1 | -0/+9 |
| | | | | | problems for Monotone, and anyway it is a reasonable exception to have around for signalling MAC validation errors, etc. | ||||
* | Test GOST with 521-bit prime field (was setting off bug before) | lloyd | 2010-03-04 | 1 | -1/+1 |
| |