aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/dsa
Commit message (Collapse)AuthorAgeFilesLines
* Improve pubkey doxygen [ci skip]René Korthaus2016-10-191-0/+22
|
* Abstract out mutex type. Make threads optional.Jack Lloyd2016-10-121-1/+14
|
* Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-072-8/+10
| | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-072-6/+31
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* Fix leading zero bytes in DSA, ECDSA, ECGDSA and ECKCDSA signaturesRené Korthaus2016-08-171-4/+1
|
* Revamp entropy pollingJack Lloyd2016-07-171-0/+1
| | | | | Remove Entropy_Accumulator, instead have entropy sources directly add entropy to the RNG.
* Merge GH #504 Add ECKCDSAJack Lloyd2016-06-201-1/+2
|\
| * Add ECKCDSA signature algorithmRené Korthaus2016-06-141-1/+2
| |
* | fix test failures and seg faults when Botan is configured with ↵René Korthaus2016-06-172-1/+3
|/ | | | --module-policy bsi
* Add support probabilistic DSA & ECDSARené Korthaus2016-05-082-6/+12
| | | | | | | Adds support for probabilistic, aka the standard, DSA and ECDSA. Can be enabled by disabling the rfc6979 module. Includes test vectors from NIST CAVP. Adds rfc6979 to the list of prohibited modules in BSI policy.
* Remaining cppcheck fixes that are not covered by GH #444Daniel Neus2016-03-051-7/+4
|
* Mass-prefix member vars with m_René Korthaus2016-01-081-46/+46
|
* pubkey: Add missing overridesDaniel Seither2015-07-302-9/+9
|
* Move the signature padding schemes to the PK operation classes,lloyd2015-03-231-7/+9
| | | | | | | | | as was previously done with encrypt/decrypt ops. One feature dropped on the floor here is previously PK_Signer by default did verification of signatures before releasing them as an measure against fault attacks. However in addition to being expensive this turned out to be difficult to implement with the new scheme.
* Remove algo factory, engines, global RNG, global state, etc.lloyd2015-02-041-1/+0
| | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available).
* Convert PK operations to using Algo_Registry instead of Engine.lloyd2015-02-032-65/+69
| | | | Remove global PRNG.
* Ensure all files have copyright and license info.lloyd2015-01-102-2/+2
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* No need to reseed RNG in DSA sign as RNG is no longer usedlloyd2015-01-081-4/+2
|
* Implement RFC 6979 determinstic signatures for DSA and ECDSA.lloyd2014-12-103-20/+26
| | | | | Drop the GNU MP engine. Its implementations were potentially faster in some scenarios but not well protected against side channels.
* Fix various warnings from VC++ 2014 and add missing includelloyd2014-10-311-2/+0
|
* Move lib into srclloyd2014-01-103-0/+259