aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/mce
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'master' into clang-analyzerDaniel Neus2016-03-063-4/+4
|\
| * cppcheck fixes: Class 'X' has a constructor with 1 argument that is not ↵Daniel Neus2016-03-053-4/+4
| | | | | | | | explicit.
* | fix dead assignment in mce/polyn_gf2m.cpp in polyn_gf2m() found by ↵Daniel Neus2016-03-021-3/+1
|/ | | | clang-analyzer
* Fix remaining Wshadow warnings and enable on gcc and clangRené Korthaus2016-02-181-6/+6
|
* Fix Coverity findings in McEliece codeJack Lloyd2016-02-093-14/+20
| | | | | | | | Initialize variables in constructor in gf2m_decomp_rootfind_state Add asserts on the degree where a positive value was assumed. How polyn_gf2m handles the degree needs some work but this should do for now.
* Don't leave member variables uninitialized. Found by Coverity scanner.Jack Lloyd2016-02-091-1/+1
|
* Avoid -Wmaybe-uninitialized warning under GCC 5.3Jack Lloyd2016-01-291-4/+6
| | | | | | As best I can tell it wasn't actually possible for the value to be used uninitialized, since it was initialized if m_outer_summands > 1 and only used if m_outer_summands was at least 2.
* Mass-prefix member vars with m_René Korthaus2016-01-081-0/+5
|
* Move McEliece KEM operation into the same file as the key type.Jack Lloyd2015-12-262-74/+65
| | | | | | | Otherwise we run into the old problem in the static non-amalgamation build of the operation not being loaded even though the key itself was referenced; since now the operation is loaded as a by-product of referencing the key type (as with other impls) everything works out.
* Add generalized KEM interfaceJack Lloyd2015-12-263-90/+57
| | | | | | Convert McEliece KEM to use it Add RSA-KEM
* Remove all remaining uses of throwing a std:: exception directlyJack Lloyd2015-12-191-1/+2
| | | | See GH #340 and 6b9a3a5 for background
* Missing addsJack Lloyd2015-12-112-2/+1
|
* Reroot the exception hierarchy into a toplevel Exception classJack Lloyd2015-12-112-3/+3
| | | | | | | | As the alternatives are unfortunate for applications trying to catch all library errors, and it seems deriving from std::runtime_error causes problems with MSVC DLLs (GH #340) Effectively reverts 2837e915d82e43
* Fix McEliece key gen endian dependency.Jack Lloyd2015-10-273-20/+27
| | | | | | | | | | | The tests which generate McEliece keys using a deterministic RNG and fixed seed failed on PowerPC (or other big endian systems) because the vectors assumed we were creating elements little endian, which is what happend with rng.randomize(&u16, 2) on x86 Fix it to always be little endian. No particular reason to prefer one vs the other here (we're just trying for compatability with ourselves) and choosing little endian avoids having to regen the vectors.
* Add missing includeJack Lloyd2015-10-261-0/+1
|
* Merge pull request #286 from randombit/mce-cleanupJack Lloyd2015-09-3022-1183/+953
|\ | | | | Cleanup and document McEliece implementation
| * McEliece cleanupsJack Lloyd2015-09-2922-1183/+953
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove and consolidate various headers Reduce memory usage of GF2m_Field by sharing the log and exponent tables across all instances of a particular word size. Remove McEliece_Public_Operation and McEliece_Private_Operation which were difficult to use safely. Instead only the KEM operations are exposed. Add McEliece_PublicKey::random_plaintext_element Add command line `mce` tool and some McEliece documentation Convert the speed program to check McEliece keys of the suggested size Add McEliece KATs for both key generation and KEM Fix HMAC_DRBG constructor which derefed a pointer before its time
* | Remove warning: assuming signed overflow does not occurSimon Warta2015-09-251-1/+1
|/ | | | | | warning: assuming signed overflow does not occur when reducing constant in comparison [-Wstrict-overflow] cond1 = r0.get_degree() <= break_deg - 1;
* Internal header cleanupsJack Lloyd2015-09-192-2/+0
| | | | Only user-visible change is the removal of get_byte.h
* pubkey: Add missing overridesDaniel Seither2015-07-302-13/+13
|
* Fix typosSimon Warta2015-07-241-1/+1
| | | | Thanks to @vlajos https://github.com/vlajos/misspell_fixer
* Silence some extra ';' warningsSimon Warta2015-07-222-2/+2
|
* The gf2m type is an unsigned 16-bit, so under C promotion rules aJack Lloyd2015-07-051-1/+1
| | | | | | shift promotes to signed int rather than an unsigned value. However here we wish to use a large shift, which can cause a signed overflow. Add static_cast to force to the desired (unsigned) type.
* lib/pubkey: Convert &vec[0] to vec.data()Simon Warta2015-06-238-27/+27
|
* Add missing headers fixing GCC 4.7 buildlloyd2015-06-171-0/+1
|
* Remove static castslloyd2015-02-066-34/+28
|
* Convert PK operations to using Algo_Registry instead of Engine.lloyd2015-02-032-102/+97
| | | | Remove global PRNG.
* Centralize where string.h/cstring is included to mem_ops.hlloyd2015-01-237-23/+18
| | | | See github 42 for background
* Amalgamation fixeslloyd2015-01-232-5/+3
|
* Ensure all files have copyright and license info.lloyd2015-01-1020-27/+29
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Cleanuplloyd2015-01-081-7/+5
|
* When encrypting McEliece or Curve25519 keys, default to GCM instead of CBC.lloyd2014-12-271-1/+1
| | | | Add OIDS for OCB mode with various ciphers.
* Fix header guards for amalgamation (github issue 35)lloyd2014-12-224-31/+31
|
* Implement a strength estimator for McEliece keys based on HyMES versionlloyd2014-12-093-1/+123
|
* Add a basic speed test for McEliecelloyd2014-12-081-0/+10
|
* Remove the Overbeck conversion at Dr. Strenzke's request.lloyd2014-12-063-229/+0
| | | | | | | | While a CCA2 proof of this scheme exists, it is written in German and for various reasons publishing a translation would be a complicated affair. Without a (well studied) English proof it is harder to understand the security of the overall scheme. Thus only KEM, which seems much easier to prove, will be offered.
* Add KEM scheme for McEliecefstrenzke2014-12-063-0/+111
|
* GCC 4.9 fixeslloyd2014-12-022-1/+3
|
* Move all PK workfactor esstimators to workfactors.*lloyd2014-11-292-4/+8
|
* Add an implementation of McEliece encryption based on HyMESfstrenzke2014-11-2620-0/+3310
(https://www.rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes). The original version is LGPL but cryptsource GmbH has secured permission to release it under a BSD license. Also includes the Overbeck CCA2 message encoding scheme.