aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Add back mul/sqr to CurveGFp [ci skip]Jack Lloyd2018-03-221-0/+10
| | | | | These were available in 2.4 and while users "shouldn't" be using CurveGFp, it is an exposed API.
* Revamp GOST-34.10 testsJack Lloyd2018-03-211-6/+1
| | | | | Use an official vector (from RFC 5832), support arbitrary curves since GOST likes those for testing.
* Add EC_Group::random_scalarJack Lloyd2018-03-218-6/+16
|
* Remove bogus -1 from DSA key generationJack Lloyd2018-03-211-1/+1
| | | | GH #222
* Merge GH #1504 Store DN entries in a vectorJack Lloyd2018-03-215-72/+78
|\
| * Avoid creating a map from a DN when not requiredJack Lloyd2018-03-215-14/+20
| |
| * Store elements of a DN as a vectorJack Lloyd2018-03-212-59/+59
| | | | | | | | | | | | | | This allows retreiving the original ordering which is required for DN string encoding as defined in RFC 4514 Fixes #336
* | Throw Lookup_Error here for benefit of testsJack Lloyd2018-03-211-2/+2
| |
* | Support "mixed" OAEP hashesJack Lloyd2018-03-211-2/+17
| | | | | | | | | | | | Test vectors from pyca/cryptography Fixes GH #109
* | Mixed mode OAEPJack Lloyd2018-03-213-10/+27
|/
* Change DSA behavior similarlyJack Lloyd2018-03-211-2/+2
|
* Shift ECDSA inputs to match OpenSSL behaviorJack Lloyd2018-03-214-4/+25
| | | | See also GH #986
* Remove unused variables [ci skip]Jack Lloyd2018-03-212-4/+0
|
* Simplify a common case BigInt constructorJack Lloyd2018-03-212-1/+13
|
* Add another Ed25519 helper to save a few hundred redundant linesJack Lloyd2018-03-203-301/+106
| | | | No impact on performance.
* Add some helpers for handling carries in Ed25519Jack Lloyd2018-03-204-893/+491
|
* Support Ed25519 certificate formatJack Lloyd2018-03-203-39/+74
| | | | Able to create certificate chain and verify it with OpenSSL 1.1.1
* Store base point multiplies in a single std::vectorJack Lloyd2018-03-208-30/+175
| | | | | | | | | | | Since the point is public all the values are also, so this reduces pressure on the mlock allocator and may (slightly) help perf through cache read-ahead. Downside is cache based side channels are slightly easier (vs the data being stored in discontigious vectors). But we shouldn't rely on that in any case. And having it be in an array makes a masked table lookup easier to arrange.
* Nudge users to EC_Group::OS2ECPJack Lloyd2018-03-201-4/+10
|
* Support multiple DNS names through the command line interfaceJack Lloyd2018-03-192-0/+5
|
* Remove use of ;; to end linesJack Lloyd2018-03-195-5/+5
|
* Add EC_Group::clear_registered_curve_dataJack Lloyd2018-03-192-0/+16
| | | | | | Needed for OSS-Fuzz (OOMing a lot) and maybe very occasionally useful in some weird application that has to deal with 100s of different curves.
* Cache additional values for PointGFp multi-exponentiationJack Lloyd2018-03-195-64/+103
| | | | Improves ECDSA verification by ~10%
* Avoid needless computation in base point multiplyJack Lloyd2018-03-193-33/+6
| | | | We computed twice as many values as were used.
* Use a better algorithm for base point multipliesJack Lloyd2018-03-192-10/+24
| | | | | | | Nothing very clever, just store P^i,2*P^i,3*P^i in a table so we can do two bits of the scalar at a time. Improves ECDSA sign by 20-30%
* Avoid code that triggers problems under GCC 8Jack Lloyd2018-03-181-1/+1
| | | | GH #1498
* Fix CPUID::has_cpuid_bitJack Lloyd2018-03-171-1/+3
| | | | | | It would return true if any bits were set instead of if all the bits were set. It is only currently called with a single bit but that might change in the future.
* Avoid creating stringstream unless needed in version checkJack Lloyd2018-03-171-3/+3
|
* Avoid unused arg warning in PowerPC CPUID codeJack Lloyd2018-03-171-0/+2
|
* Avoid a problematic construct for AltiVec byteswapJack Lloyd2018-03-161-3/+8
| | | | Seems to cause problems with GCC 8 on ppc64le. GH #1498
* Catch exceptions by reference not valueJack Lloyd2018-03-164-20/+14
| | | | Fixes a new warning in GCC 8
* Add basecase_sqr functionJack Lloyd2018-03-161-3/+29
| | | | | | Just a simple adaption of the n^2 multiply algorithm, so no performance impact. However makes the difference between squaring and multiply easier to see when profiling.
* Avoid using threads in DSA operationsJack Lloyd2018-03-151-25/+3
| | | | | | | | | For DSA signing using a thread turned out to be purely a pessimization. The single threaded code is faster even on a 4-core machine running Linux (which has very fast thread creation). It would likely be much worse on a single core machine or an OS with slower thread primitives. For DSA verification, use Montgomery multi-exponentiation instead.
* Add multiexponentation interface to DL_GroupJack Lloyd2018-03-152-3/+17
|
* Add Montgomery multiexponentiationJack Lloyd2018-03-154-0/+95
|
* Merge GH #1494 Use RtlGenRandom instead of CryptoAPI/CryptoNGJack Lloyd2018-03-143-80/+24
|\
| * Use RtlGenRandom instead of CryptoAPIJack Lloyd2018-03-143-80/+24
| |
* | Some additional operations on Montgomery_IntJack Lloyd2018-03-142-0/+45
|/ | | | Needed for #1432
* Merge GH #1492 Support custom DN entriesJack Lloyd2018-03-143-67/+61
|\
| * Address review commentsJack Lloyd2018-03-141-2/+2
| |
| * Support custom DN entriesJack Lloyd2018-03-143-67/+61
| | | | | | | | GH #1490
* | Allow the caller to specify the serial number of a generated certJack Lloyd2018-03-142-12/+96
|/ | | | GH #1489
* Add a facility for debug-mode assertionsJack Lloyd2018-03-145-11/+33
| | | | | When we want to check something but it is to expensive to do so in normal builds.
* Assume CurveGFp inputs are at most p words longJack Lloyd2018-03-141-13/+27
| | | | Lets us avoid calling sig_words much of the time. Improves ECDSA 5-7%
* Avoid creating a temp hereJack Lloyd2018-03-141-4/+4
|
* Improve memory handling for PointGFpJack Lloyd2018-03-148-69/+86
|
* Allow passing workspace to Montgomery_IntJack Lloyd2018-03-133-34/+140
| | | | | | | Improves DH and RSA by 5-15% depending on param sizes. At larger sizes (3072+) doesn't make much difference since the cost of allocation is relatively small compared to the work.
* Tweaks to force_all_affineJack Lloyd2018-03-121-7/+5
|
* Remove bogus commentJack Lloyd2018-03-111-3/+0
| | | | GH #500
* Fix error in FPE_FE1Jack Lloyd2018-03-102-18/+52
| | | | | | | | | An implementation mistake led to choosing a >= b when the original paper assumes a <= b. Add a boolean to control which version is used. Increase the default FE1 rounds to 5 for a safety factor. GH #500
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 13:49:18 +0000