aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/pk_algs.cpp
Commit message (Collapse)AuthorAgeFilesLines
* review changesDaniel Neus2017-10-211-2/+3
|
* X.509 RSA-PSS verificationDaniel Neus2017-10-201-1/+3
|
* Further build/test fixes for restricted configurationsJack Lloyd2017-09-241-0/+8
|
* Header file cleanupsJack Lloyd2017-09-211-0/+1
| | | | Some help from include-what-you-use
* Silence clang warning in create_private_key().Alexander Bluhm2017-08-131-1/+1
| | | | | | If compiled with OpenSSL, clang emitted the warning "using the result of an assignment as a condition without parentheses". Putting parentheses around the assignment fixes this.
* When creating an EC curve with default params, use algo-specific curveJack Lloyd2017-08-041-1/+17
| | | | | Eg previously ./botan keygen --algo=GOST-34.10 would create a GOST-34.10 curve over P-256, probably not useful in most cases.
* Add SM2 encryption to FFIJack Lloyd2017-08-041-0/+8
| | | | Also add hooks for keygen, etc
* Add SM2 signature schemeJack Lloyd2017-06-291-0/+20
| | | | | | From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 This is a contribution from Ribose Inc (@riboseinc).
* Add Ed25519 key type and testsJack Lloyd2017-06-071-0/+21
| | | | This work was sponsored by Ribose Inc
* Maintainer mode fixesJack Lloyd2017-05-181-0/+5
|
* Generate private RSA key with OpenSSL.Alexander Bluhm2017-04-301-1/+35
| | | | | Implement RSA private key generation with RSA_generate_key_ex(). Make PK_Key_Generation_Test iterate over all providers.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-2/+2
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Public_Key derived class ctors take an std::vector<byte>René Korthaus2016-12-111-2/+2
| | | | | | | Changes all the Public_Key derived classes ctors to take a std::vector instead of a secure_vector for the DER encoded public key bits. There is no point in transporting a public key in secure storage. (GH #768)
* Make XMSS more friendly about invalid params.Jack Lloyd2016-11-251-1/+1
| | | | | | Previously just throw an exception from map.at Add an XMSS keygen test, and add default params for create_private_key
* Added Extended Hash-Based Signatures (XMSS)Matthias Gierlings2016-11-111-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1 Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has been integrated into the Botan test bench, signature generation and verification can be tested independently by invoking "botan-test xmss_sign" and "botan-test xmss_verify" - Some headers that are not required to be exposed to users of the library have to be declared as public in `info.txt`. Declaring those headers private will cause the amalgamation build to fail. The following headers have been declared public inside `info.txt`, even though they are only intended for internal use: * atomic.h * xmss_hash.h * xmss_index_registry.h * xmss_address.h * xmss_common_ops.h * xmss_tools.h * xmss_wots_parameters.h * xmss_wots_privatekey.h * xmss_wots_publickey.h - XMSS_Verification_Operation Requires the "randomness" parameter out of the XMSS signature. "Randomness" is part of the prefix that is hashed *before* the message. Since the signature is unknown till sign() is called, all message content has to be buffered. For large messages this can be inconvenient or impossible. **Possible solution**: Change PK_Ops::Verification interface to take the signature as constructor argument, and provide a setter method to be able to update reuse the instance on multiple signatures. Make sign a parameterless member call. This solution requires interface changes in botan. **Suggested workaround** for signing large messages is to not sign the message itself, but to precompute the message hash manually using Botan::HashFunctio and sign the message hash instead of the message itself. - Some of the available test vectors for the XMSS signature verification have been commented out in order to reduce testbench runtime.
* Remove automatic self-testing of public and private keysJack Lloyd2016-11-031-7/+6
| | | | | | | | | | | | | Rarely expected and often causes performance problems, especially for private keys. Instead applications should call check_key explicitly to validate keys when necessary. Note this removal doesn't apply to tests like ECDH on-the-curve tests, where a check on the public key is required for security of our own key. Updates most APIs to remove RNG calls, where they are no longer required. Exception is PKCS8 interface, pending further work there (see GH #685) it just ignores the RNG argument now.
* Use correct macro for ECC in create_private_keyJack Lloyd2016-10-221-1/+1
|
* Add create_private_key, expose key loading functions in pk_algs.hJack Lloyd2016-10-201-56/+161
|
* Remove deprecated Nyberg-Rueppel and Rabin-Williams signaturesJack Lloyd2016-09-021-28/+0
|
* Add ECKCDSA signature algorithmRené Korthaus2016-06-141-0/+14
|
* Add ECGDSARené Korthaus2016-04-191-0/+14
|
* McEliece cleanupsJack Lloyd2015-09-291-0/+14
| | | | | | | | | | | | | | | | | | | | Remove and consolidate various headers Reduce memory usage of GF2m_Field by sharing the log and exponent tables across all instances of a particular word size. Remove McEliece_Public_Operation and McEliece_Private_Operation which were difficult to use safely. Instead only the KEM operations are exposed. Add McEliece_PublicKey::random_plaintext_element Add command line `mce` tool and some McEliece documentation Convert the speed program to check McEliece keys of the suggested size Add McEliece KATs for both key generation and KEM Fix HMAC_DRBG constructor which derefed a pointer before its time
* Remove algo factory, engines, global RNG, global state, etc.lloyd2015-02-041-2/+2
| | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available).
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Add Curve25519 based on curve25519-donna by Adam Langley.lloyd2014-12-271-0/+14
| | | | | | This uses only the c64 version from curve25519-donna; on systems that don't have a native uint128_t type, a donna128 type stands in for just enough 128-bit operations to satisfy donna.cpp
* Move lib into srclloyd2014-01-101-0/+160