aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/dlies
Commit message (Collapse)AuthorAgeFilesLines
* Further build/test fixes for restricted configurationsJack Lloyd2017-09-241-0/+1
|
* Apply final annotations to the library alsoJack Lloyd2017-09-221-2/+2
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-201-2/+2
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Add API stability annotations.Jack Lloyd2017-09-191-2/+2
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Use constant_time_compare instead of same_memJack Lloyd2017-09-161-1/+1
| | | | New name, same great operation
* Clean up use of <limits> headerJack Lloyd2017-09-031-0/+1
| | | | Don't include it where it is not needed, included it where it is used.
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-021-1/+3
|
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-182-20/+20
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Fix doxygen warnings [ci skip]René Korthaus2016-10-191-0/+4
|
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-072-4/+12
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* DLIES reworkDaniel Neus2016-07-133-100/+261
| | | | | | | | | | | | | | | | | | | | | | | | | With these fixes the implementation is now compatible with bouncycastle and it should operate as it is specified in "DHIES: An encryption scheme based on Diffie-Hellman Problem" or in BSI technical guideline TR-02102-1. In addition to the already present XOR-encrypion/decryption mode it's now possible to use DLIES with a block cipher. Previously the input to the KDF was the concatenation of the (ephemeral) public key and the secret value derived by the key agreement operation: ``` secure_vector<byte> vz(m_my_key.begin(), m_my_key.end()); vz += m_ka.derive_key(0, m_other_key).bits_of(); const size_t K_LENGTH = length + m_mac_keylen; secure_vector<byte> K = m_kdf->derive_key(K_LENGTH, vz); ``` I don't know why this was implemented like this. But now the input to the KDF is only the secret value obtained by the key agreement operation. Furthermore the order of the output was changed from {public key, tag, ciphertext} to {public key, ciphertext, tag}. Multiple test vectors added that were generated with bouncycastle and some with botan itself.
* Add PK_Decryptor::decrypt_or_randomJack Lloyd2016-03-202-4/+7
| | | | | Performs content checks on the value (expected length, expected bytes) and in constant time returns either the decrypted value or a random value.
* Add option --module-policyJack Lloyd2016-03-061-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | A module policy is a file specifying three types of modules: ones which are required, ones which are prohibited, and ones which should be used if otherwise available (this is mostly for platform specific modules). Finally there are whatever modules which exist in the library of which the policy makes no mention. These will be included if an explicit dependency of some other module pulls them in (so there is no reason to mention base, utils, ... in the file) but skipped otherwise. For example policy 'sane' does not mention 'utils' or 'twofish' either way. Since utils is a dependency of other modules which are included, but Twofish does not. However unlike an explicitly prohibited module, not mentioned can still be requested as part of the build (here with --enable-module=twofish) Also fixes some test bugs noticed by compiling in different build configs. DLIES test didn't check that the KDF and MAC existed. Adds a typedef for MessageAuthenticationCode because typing it twice in a single line in the DLIES test made me think it's way too long. :) Also fix some fuzzer build problems. Due to a copy and paste bug the PKCS certificate (it was not). Inspired by GH #439
* Mass-prefix member vars with m_René Korthaus2016-01-082-50/+50
|
* Internal header cleanupsJack Lloyd2015-09-191-1/+0
| | | | Only user-visible change is the removal of get_byte.h
* pubkey: Add missing overridesDaniel Seither2015-07-301-3/+3
|
* lib/pubkey: Convert &vec[0] to vec.data()Simon Warta2015-06-231-3/+3
|
* Modify interfaces of KDF and PBKDF to write output to an array, withlloyd2015-02-181-8/+8
| | | | higher level functions on interface handling returning a vector.
* Remove algo factory, engines, global RNG, global state, etc.lloyd2015-02-041-1/+0
| | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available).
* Ensure all files have copyright and license info.lloyd2015-01-102-2/+2
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Guess I won't be needing theselloyd2014-01-181-1/+0
|
* More unique_ptrlloyd2014-01-182-20/+5
|
* Move lib into srclloyd2014-01-103-0/+224
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 12:17:05 +0000