aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pk_pad
Commit message (Collapse)AuthorAgeFilesLines
* Remove static from data in anonymous namespacesJack Lloyd2022-02-062-2/+2
|
* Fix clang-tidy readability-named-parameterJack Lloyd2022-02-066-11/+11
|
* Fix clang-tidy performance warningsJack Lloyd2022-02-065-8/+8
|
* Clarify some docstrings and commentsPhilippe Lieser2021-09-143-4/+4
|
* Fix a minor OAEP side channelJack Lloyd2021-09-141-3/+5
| | | | | | | OAEP had some logic to handle how RSA used to work, but this was already fixed way back in b8966d0f8. Thanks to @lieser for pointing out this issue.
* Small cleanups in EMSA1Jack Lloyd2021-06-071-10/+12
|
* Split EMSA_PKCS1v15_Raw constructorsJack Lloyd2021-05-292-14/+15
|
* Prevent using non-sensical padding schemesJack Lloyd2021-05-227-0/+24
| | | | | Most padding schemes require message recovery, which, now that NR and RW have both been removed, limits their usage to RSA.
* Fix EMSA_X931 use-after-moveJack Lloyd2021-04-061-2/+2
| | | | aka why I prefer Rust these days
* Modify EMSA code to avoid raw pointers as argsJack Lloyd2021-04-0611-43/+56
|
* EMEJack Lloyd2021-04-053-13/+15
|
* More raw pointer removalJack Lloyd2021-04-0513-47/+71
|
* Add some helpers for start_consJack Lloyd2021-01-131-4/+4
| | | | | Nothing in the library uses start_cons anymore but it is left exposed for applications which need to encode something unusual.
* Split ASN1 tags enum class into 2 enum classessledgehammer_9992021-01-111-4/+4
| | | | This should improve type safety even more.
* Convert ASN1_Tag to an enum classJack Lloyd2020-12-201-5/+5
|
* Make scan_name.h, cpuid.h and http_util.h internalJack Lloyd2020-11-282-2/+2
|
* Remove deprecated headers, make more headers internalJack Lloyd2020-11-0627-89/+58
| | | | | | | | | Now modules default to internal headers instead of defaulting to public; making a new public API should be a visible and intentional choice. Brings the public header count from over 300 to around 150. Also removes the deprecated tls_blocking interface
* Remove Tiger hash functionJack Lloyd2020-11-051-8/+0
|
* Merge some of the ASN.1 headersJack Lloyd2020-10-311-1/+1
| | | | | Deprecate asn1_str.h asn1_time.h asn1_oid.h and alg_id.h with all contents moved to existing asn1_obj.h
* Deprecation changesJack Lloyd2020-01-201-2/+0
|
* Deprecate many publically available headersJack Lloyd2019-09-0612-0/+24
|
* Reduce usage of oids.h with the addition of some helpers on OIDJack Lloyd2019-08-043-5/+2
|
* Avoid using deprecated public fields of AlgorithmIdentifierJack Lloyd2019-08-043-19/+12
|
* Deprecate and replace OIDS::lookupJack Lloyd2019-08-043-5/+3
|
* Update GOST to use 2012 OIDs/paramsJack Lloyd2019-08-032-2/+9
|
* Fix various MSVC warningsJack Lloyd2019-06-291-11/+14
|
* Fix feature macro checks.Jack Lloyd2019-04-262-2/+3
| | | | Add a checker script.
* Fixes for minimized buildsJack Lloyd2019-02-161-1/+6
| | | | Various configurations would fail build or test, fix that.
* Remove trailing whitespaceJack Lloyd2019-01-131-3/+1
|
* Use consistent logic for OAEP and PKCS1v15 decodingJack Lloyd2018-12-213-24/+27
| | | | | | | | | | | | The decoding leaked some information about the delimiter index due to copying only exactly input_len - delim_idx bytes. I can't articulate a specific attack that would work here, but it is easy enough to fix this to run in const time instead, where all bytes are accessed regardless of the length of the padding. CT::copy_out is O(n^2) and thus terrible, but in practice it is only used with RSA decryption, and multiplication is also O(n^2) with the modulus size, so a few extra cycles here doesn't matter much.
* Add CT::Mask typeJack Lloyd2018-11-283-37/+39
|
* Add some missing includesJack Lloyd2018-11-082-0/+2
| | | | This is not exhaustive. See GH #1733
* Add a fuzzer for OAEP unpaddingJack Lloyd2018-09-222-10/+33
| | | | This tests the delim scanning section which must be const time.
* Slight optimization for MGF1Jack Lloyd2018-09-201-2/+3
| | | | Avoid needless allocations during PSS and OAEP operations.
* Remove unneeded load_on autoJack Lloyd2018-09-041-2/+0
| | | | It is the default...
* Check PSS salt length during verificationJack Lloyd2018-08-303-36/+94
| | | | Fixes #1665
* Accept PKCS1v15 as an alias for EMSA3Jack Lloyd2018-08-021-2/+3
| | | | Not sure why it didn't have this already
* DER improvementsJack Lloyd2018-05-221-18/+10
| | | | | | | | | | | Let DER_Encoder write to a user specified vector instead of only to an internal vector. This allows encoding to a std::vector without having to first write to a locked vector and then copying out the result. Add ASN1_Object::BER_encode convenience method. Replaces X509_Object::BER_encode which had the same logic but was restricted to a subtype. This replaces many cases where DER_Encoder was just used to encode a single object (X509_DN, AlgorithmIdentifier, etc).
* Support passing an OAEP label in EME nameRené Korthaus2018-04-021-4/+5
| | | | | | | TPM 1.2 expects passing the owner and SRK secret encrypted with the public endorsement key. For asymmetric encryption, the TPM 1.2 uses OAEP with the label "TCPA".
* Support "mixed" OAEP hashesJack Lloyd2018-03-211-2/+17
| | | | | | Test vectors from pyca/cryptography Fixes GH #109
* Mixed mode OAEPJack Lloyd2018-03-213-10/+27
|
* Catch exceptions by reference not valueJack Lloyd2018-03-161-17/+11
| | | | Fixes a new warning in GCC 8
* Use API annotationsJack Lloyd2018-03-021-1/+1
|
* Fix crash in EMSA_PKCS1v15_Raw if the hash function was not enabled.Jack Lloyd2018-01-171-1/+1
| | | | GH #1416
* Add note on OAEP version implemented [ci skip]René Korthaus2018-01-041-0/+1
|
* Fix a couple Doxygen format errors [ci skip]Jack Lloyd2017-12-261-4/+4
|
* Deinline functions in EMSA, add pubkey as dependencyJack Lloyd2017-12-2312-22/+48
|
* EMSA has a build-time dependency on ASN.1 now [ci skip]Jack Lloyd2017-12-231-0/+1
|
* Avoid unused parameter warningsJack Lloyd2017-12-222-4/+9
|
* Enable signing X509 structures with rsa-pssFabian Weissberg2017-12-2214-0/+268
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 02:50:51 +0000