aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Store base point multiplies in a single std::vectorJack Lloyd2018-03-208-30/+175
| | | | | | | | | | | Since the point is public all the values are also, so this reduces pressure on the mlock allocator and may (slightly) help perf through cache read-ahead. Downside is cache based side channels are slightly easier (vs the data being stored in discontigious vectors). But we shouldn't rely on that in any case. And having it be in an array makes a masked table lookup easier to arrange.
* Nudge users to EC_Group::OS2ECPJack Lloyd2018-03-201-4/+10
|
* Support multiple DNS names through the command line interfaceJack Lloyd2018-03-192-0/+5
|
* Remove use of ;; to end linesJack Lloyd2018-03-195-5/+5
|
* Add EC_Group::clear_registered_curve_dataJack Lloyd2018-03-192-0/+16
| | | | | | Needed for OSS-Fuzz (OOMing a lot) and maybe very occasionally useful in some weird application that has to deal with 100s of different curves.
* Cache additional values for PointGFp multi-exponentiationJack Lloyd2018-03-195-64/+103
| | | | Improves ECDSA verification by ~10%
* Avoid needless computation in base point multiplyJack Lloyd2018-03-193-33/+6
| | | | We computed twice as many values as were used.
* Use a better algorithm for base point multipliesJack Lloyd2018-03-192-10/+24
| | | | | | | Nothing very clever, just store P^i,2*P^i,3*P^i in a table so we can do two bits of the scalar at a time. Improves ECDSA sign by 20-30%
* Avoid code that triggers problems under GCC 8Jack Lloyd2018-03-181-1/+1
| | | | GH #1498
* Fix CPUID::has_cpuid_bitJack Lloyd2018-03-171-1/+3
| | | | | | It would return true if any bits were set instead of if all the bits were set. It is only currently called with a single bit but that might change in the future.
* Avoid creating stringstream unless needed in version checkJack Lloyd2018-03-171-3/+3
|
* Avoid unused arg warning in PowerPC CPUID codeJack Lloyd2018-03-171-0/+2
|
* Avoid a problematic construct for AltiVec byteswapJack Lloyd2018-03-161-3/+8
| | | | Seems to cause problems with GCC 8 on ppc64le. GH #1498
* Catch exceptions by reference not valueJack Lloyd2018-03-164-20/+14
| | | | Fixes a new warning in GCC 8
* Add basecase_sqr functionJack Lloyd2018-03-161-3/+29
| | | | | | Just a simple adaption of the n^2 multiply algorithm, so no performance impact. However makes the difference between squaring and multiply easier to see when profiling.
* Avoid using threads in DSA operationsJack Lloyd2018-03-151-25/+3
| | | | | | | | | For DSA signing using a thread turned out to be purely a pessimization. The single threaded code is faster even on a 4-core machine running Linux (which has very fast thread creation). It would likely be much worse on a single core machine or an OS with slower thread primitives. For DSA verification, use Montgomery multi-exponentiation instead.
* Add multiexponentation interface to DL_GroupJack Lloyd2018-03-152-3/+17
|
* Add Montgomery multiexponentiationJack Lloyd2018-03-154-0/+95
|
* Merge GH #1494 Use RtlGenRandom instead of CryptoAPI/CryptoNGJack Lloyd2018-03-143-80/+24
|\
| * Use RtlGenRandom instead of CryptoAPIJack Lloyd2018-03-143-80/+24
| |
* | Some additional operations on Montgomery_IntJack Lloyd2018-03-142-0/+45
|/ | | | Needed for #1432
* Merge GH #1492 Support custom DN entriesJack Lloyd2018-03-143-67/+61
|\
| * Address review commentsJack Lloyd2018-03-141-2/+2
| |
| * Support custom DN entriesJack Lloyd2018-03-143-67/+61
| | | | | | | | GH #1490
* | Allow the caller to specify the serial number of a generated certJack Lloyd2018-03-142-12/+96
|/ | | | GH #1489
* Add a facility for debug-mode assertionsJack Lloyd2018-03-145-11/+33
| | | | | When we want to check something but it is to expensive to do so in normal builds.
* Assume CurveGFp inputs are at most p words longJack Lloyd2018-03-141-13/+27
| | | | Lets us avoid calling sig_words much of the time. Improves ECDSA 5-7%
* Avoid creating a temp hereJack Lloyd2018-03-141-4/+4
|
* Improve memory handling for PointGFpJack Lloyd2018-03-148-69/+86
|
* Allow passing workspace to Montgomery_IntJack Lloyd2018-03-133-34/+140
| | | | | | | Improves DH and RSA by 5-15% depending on param sizes. At larger sizes (3072+) doesn't make much difference since the cost of allocation is relatively small compared to the work.
* Tweaks to force_all_affineJack Lloyd2018-03-121-7/+5
|
* Remove bogus commentJack Lloyd2018-03-111-3/+0
| | | | GH #500
* Fix error in FPE_FE1Jack Lloyd2018-03-102-18/+52
| | | | | | | | | An implementation mistake led to choosing a >= b when the original paper assumes a <= b. Add a boolean to control which version is used. Increase the default FE1 rounds to 5 for a safety factor. GH #500
* Minor tweaks for coverageJack Lloyd2018-03-102-6/+6
|
* Reduce exponent size hereJack Lloyd2018-03-101-1/+1
| | | | Triggers for RSA exponents which improves RSA verify time by ~10%
* Merge GH #1483 Use uncompressed points for ECC by defaultJack Lloyd2018-03-1011-50/+78
|\
| * Rename point_format to point_encodingJack Lloyd2018-03-102-2/+2
| | | | | | | | Matches setter
| * Add PointGFp::encode as replacement for EC2OSPJack Lloyd2018-03-1010-51/+54
| | | | | | | | | | | | Literally every single call to EC2OSP is converting the returned secure_vector to a std::vector. Which makes sense since private points are not really a thing in any protocol I know of.
| * Default to encoding ECC public keys as uncompressed. GH #1480Jack Lloyd2018-03-102-1/+26
| |
* | Add some helper functions for checking for Comba sizesJack Lloyd2018-03-101-15/+27
| |
* | Revert "Use move to avoid needless some needless copies"Jack Lloyd2018-03-101-16/+16
| | | | | | | | | | | | | | | | This reverts commit 5185c2aaa8bf9556556e4507869042a71eaba6c0. Clang says warning: moving a temporary object prevents copy elision [-Wpessimizing-move]
* | Avoid warning in threefish.hJack Lloyd2018-03-101-6/+0
|/ | | | Causes a warning in amalgamation which is bad news
* Add missing overrides [ci skip]Jack Lloyd2018-03-101-2/+2
|
* Fix header for getentropy on macOSJack Lloyd2018-03-091-1/+5
| | | | Re #1481
* Split out the memory pool logicJack Lloyd2018-03-096-161/+282
| | | | | | Making a clear seperation between the OS specific code to get the pool, the singleton mlock allocator, and the general allocator logic.
* Add OS::system_page_sizeJack Lloyd2018-03-092-4/+25
|
* Use move to avoid needless some needless copiesJack Lloyd2018-03-091-16/+16
|
* Cleanup commentsJack Lloyd2018-03-091-10/+7
|
* Use blinded_base_point_multiply_x in the various signature schemesJack Lloyd2018-03-085-14/+17
|
* Small fiddly optimizations in locking_allocatorJack Lloyd2018-03-081-5/+6
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 14:23:44 +0000