aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/pubkey.cpp
Commit message (Collapse)AuthorAgeFilesLines
* This happening is actually a user error (eg, wrong key type)Jack Lloyd2016-10-091-7/+14
|
* Make pk_ops.h internalJack Lloyd2016-10-081-1/+28
| | | | Some fixes for missing system_rng in ECIES and tests.
* Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-071-2/+1
| | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-071-33/+25
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* Travis CI additions and cleanupJack Lloyd2016-08-281-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Convert Travis build configuration to a single var instead of 4 tuple. Makes it much easier to review the builds in the Travis web UI. Adds sanitizer builds for Clang on both Linux and OS X. Clang is a different compiler from GCC and its sanitizers may catch things GCC does not. I have no idea if Apple's Clang has some magic sanitizer sauce stock LLVM does not, so maybe sanitizer build on OS X can be skipped. Adds Linux cross compile targets for ARM32, ARM64, PPC64, and MinGW x86 using the cross compiler available in Trusty. All of them build and are set up to run through qemu/wine. All of the tests currently fail and so are marked as expected fail in the Travis matrix. The ARM test runs seem to have thread problems; ARM32 thread creation just fails with an exception, as if pthreads was disabled. All other tests pass ok for ARM32. On Aarch64, it looks like there is a hard crash the first time the library tries creating a thread. Both of these might be due to statically linking the binary? I have been unable to convince Ubuntu's qemu-ppc64 to execute binaries compiled by Ubuntu's ppc64 cross compiler. I'm downloading an Ubuntu ISO to try this in a VM. Running under Wine exposes several issues, both in Wine and Botan. Many functions are stubs and it appears that entropy collection fails as a result. This triggers a bug in the FFI tests which causes a crash there. A pox on time zones; _mkgmtime is a MSVC extension and is not available on MinGW GCC. Add a last resort call that just uses the localzone variant instead. Adds valgrind target, remove a bogus poison in pubkey.cpp (it was effectively asserting that all of RSA was const time which is sadly not true at all). Moves -Wshadow to maintainer mode for GCC - GCC 4.8 has a noisy variant of -Wshadow which warns if a parameter masks a function name, but this comes up all the time in constructors. Later GCCs no longer warn about this (even with -Wshadow), so the warnings are never fixed, but they cause noise in CI output and hide interesting warnings like warning: vec_lvsl is deprecated for little endian; use assignment for unaligned loads and stores [-Wdeprecated] __vector unsigned char perm = vec_lvsl(0, static_cast<u32bit*>(nullptr));
* Clean up PK decryption encoding.Jack Lloyd2016-03-201-2/+0
| | | | | | | Previously RSA and ElGamal stripped off leading zeros which were then assumed by the padding decoders. Instead have them produce ciphertexts with leading zeros. Changes EME_Raw to strip leading zeros to match existing behavior.
* Add PK_Decryptor::decrypt_or_randomJack Lloyd2016-03-201-3/+82
| | | | | Performs content checks on the value (expected length, expected bytes) and in constant time returns either the decrypted value or a random value.
* V816 It is more efficient to catch exception by reference rather than by ↵Daniel Neus2016-02-081-1/+1
| | | | value. asn1_time.cpp 159
* String comparision fixesDaniel Neus2016-01-041-1/+1
| | | | fix PVS-Studio perfomance warnings
* Add ECDH via OpenSSLJack Lloyd2016-01-041-2/+4
| | | | | | | | | | Expose provider param in PK_Key_Agreement API Handle multiple providers in key agreement tests Fix some funky formatting of P-521 EC points in ecdh.vec which was being rejected by OpenSSL; for whatever reason the CAVS file had the affine coords with far more leading zeros than necessary.
* Add generalized KEM interfaceJack Lloyd2015-12-261-0/+40
| | | | | | Convert McEliece KEM to use it Add RSA-KEM
* Expose providers for public key operationsJack Lloyd2015-10-141-13/+23
| | | | | | | | For PK_Encryptor and company they are requested via a new provider param to the constructors. The speed command gets a --provider option so you can see benchmark results with the different versions.
* lib/pubkey: Convert &vec[0] to vec.data()Simon Warta2015-06-231-1/+1
|
* Key agreement was missing the return check, add it to get_pk_op insteadlloyd2015-03-291-17/+11
|
* Move the signature padding schemes to the PK operation classes,lloyd2015-03-231-152/+58
| | | | | | | | | as was previously done with encrypt/decrypt ops. One feature dropped on the floor here is previously PK_Signer by default did verification of signatures before releasing them as an measure against fault attacks. However in addition to being expensive this turned out to be difficult to implement with the new scheme.
* In PK encrypt/decrypt move pad calls to the operation. This allows anlloyd2015-03-141-94/+29
| | | | | | | | | op to use a padding scheme outside of our knowledge or control, for instance an OpenSSL RSA op which uses OpenSSL's padding code. Similar change for key agreement and KDFs for the same reason. Add an EME_Raw type; previously this operation was implicit in the code in pubkey.cpp
* Add new module `ffi` which provides a plain C interface, plus a newlloyd2015-02-161-1/+1
| | | | | | | | | | | | ctypes Python wrapper that uses it. The API is intentionally designed to have a very simple ABI (extern "C", all structs are opaque, no memory ownership passing the FFI boundary, limited set of simple types as args) so the ctypes wrapper is quite simple. Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF, bcrypt, and most public key operations. Remove the old boost.python wrapper and all the build code for it.
* Remove algo factory, engines, global RNG, global state, etc.lloyd2015-02-041-1/+1
| | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available).
* Convert PK operations to using Algo_Registry instead of Engine.lloyd2015-02-031-61/+27
| | | | Remove global PRNG.
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Implement RFC 6979 determinstic signatures for DSA and ECDSA.lloyd2014-12-101-3/+3
| | | | | Drop the GNU MP engine. Its implementations were potentially faster in some scenarios but not well protected against side channels.
* Fix algo factory compilelloyd2014-01-181-1/+0
|
* Guess I won't be needing theselloyd2014-01-181-1/+0
|
* unique_ptr all the thingslloyd2014-01-181-71/+71
|
* Move lib into srclloyd2014-01-101-0/+386